Vendo

Vendo's OneClick Tool

Feb 25th, 2015
135
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. /*
  3. CONFIGURATION:
  4. Edit line 28: replace XXX with your shared secret. If you don't know what your shared secret is then
  5. please get in touch with Vendo's Client Services team: clientservices[AT]vendoservices.com
  6.  
  7. USAGE:
  8. //php code:
  9. include dirname(__FILE__) . '/VendoOneclick.php';//VendoOneclick.php is this file.
  10. $oneclickSignedUrl = VendoOneclick::getUrl(61580186, 16850, 'http://example-site.com/members', 'http://example-site.com/oneclick_failed.php', 'ABC1234_customdata');
  11.  
  12. //PARAMETERS DETAILS:
  13. // 61580186 is the existing Vendo's subscription ID
  14. // 16850 is the OneClick offer ID
  15. // http://example-site.com/members is the success URL. We'll link to this URL in our confirmation page. It's optional. You can pass NULL.
  16. // http://example-site.com/oneclick_failed.php is the decline URL. We'll redirect the user to this URL if the payment fails. It's optional. You can pass NULL.
  17. // ABC1234_customdata is your custom data, for example you can pass an internal reference to the member or membership. We'll post it  back to your affiliate system. If you don't use NATS then this is optional.
  18. //If you use NATS then you *MUST* pass the offer's refcode.
  19.                
  20. //you can use the the URL everywhere in your template now:
  21. <a href="<?php echo $oneClickSignedUrl ?>">Click here to get access to example-site.com</a>
  22.  
  23.  
  24. */
  25.  
  26. class VendoOneclick
  27. {
  28.  
  29.  
  30.     protected $_sharedSecret = 'XXX';
  31.  
  32.  
  33.     public static function getUrl($subscriptionId, $offerId, $successUrl = null, $declineUrl=null, $customData = null)
  34.     {
  35.  
  36.         $uri  = 'https://secure.vend-o.com/v/oneclick?' .
  37.                 'subscription=' . $subscriptionId .
  38.                 '&offer=' . $offerId;
  39.  
  40.         if ($customData) {
  41.             $uri .= '&ref=' . $customData;
  42.         }
  43.  
  44.         if ($successUrl) {
  45.             $uri .= '&success_url=' . urlencode($successUrl);
  46.         }
  47.  
  48.         if ($declineUrl) {
  49.             $uri .= '&decline_url=' . urlencode($declineUrl);
  50.         }
  51.  
  52.         $instance = new VendoOneclick();
  53.         return $instance->sign($uri);
  54.     }
  55.  
  56.  
  57.     /**
  58.      * Signs Vendo's oneclick URL
  59.      *
  60.      * @param string $uri
  61.      * @return string
  62.      */
  63.     public function sign($uri)
  64.     {
  65.         $u = null;
  66.         // If this is a full URL, take it apart
  67.         if (preg_match('/^https?:/', $uri)) {
  68.             $u = parse_url($uri);
  69.             $uri = $u['path'] . '?' . $u['query'];
  70.         }
  71.  
  72.         $signature = $this->_hmacSha1($uri, $this->_sharedSecret);
  73.         $uri = $uri . '&signature=' . $signature;
  74.  
  75.         if ($u) {
  76.             $uri = $u['scheme'] . '://' .
  77.                 (isset($u['user']) ? $u['user'] . (isset($u['pass']) ? ':' . $u['pass'] : '') .
  78.                     '@' : '') . $u['host'] . (isset($u['port']) ? ':' . $u['port'] :
  79.                     '') . $uri;
  80.         }
  81.  
  82.         return $uri;
  83.     }
  84.  
  85.     /**
  86.      * Creates a HMAC-SHA1 signature of the request URI, signed with the shared
  87.      * secret and returns it as a base-64 encoded string with '=' characters
  88.      * removed.
  89.      *
  90.      * @param string $data
  91.      * @param string $key
  92.      * @return string
  93.      */
  94.     protected function _hmacSha1($data, $key) {
  95.         if (strlen($key) > 64) {
  96.             $key = sha1($key, true);
  97.         } else {
  98.             $key = str_pad($key, 64, chr(0));
  99.         }
  100.         $ipad = (substr($key, 0, 64) ^ str_repeat(chr(0x36), 64));
  101.         $opad = (substr($key, 0, 64) ^ str_repeat(chr(0x5C), 64));
  102.         $hash = sha1($opad . sha1($ipad . $data, true), true);
  103.         $hash = $this->_base64UrlEncode($hash);
  104.         return $hash;
  105.     }
  106.  
  107.     /**
  108.      * Encodes the given data in a URL-compatible Base64 string.  Compared to
  109.      * normal Base64, the URL version removes any = characters and replaces +
  110.      * with - and / with _.
  111.      *
  112.      * Based on description given in http://en.wikipedia.org/wiki/Base64
  113.      *
  114.      * @param string $data  the data to encode
  115.      * @return string
  116.      */
  117.     private function _base64UrlEncode($data) {
  118.         $data = base64_encode($data);
  119.  
  120.         $data = str_replace('=', '', $data);
  121.         $data = str_replace('+', '-', $data);
  122.         $data = str_replace('/', '_', $data);
  123.  
  124.         return $data;
  125.     }
  126. }
RAW Paste Data