Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- <title>Authorization request</title>
- <link rel="stylesheet" href="/ow/ow.css" type="text/css">
- </head><body bgcolor="#f0f0f0" text="#000000" leftMargin=0 topMargin=0 marginheight=0 marginwidth=0>
- <table width="100%" border="0" cellspacing="0" cellpadding="0" class="maintxt">
- <center><table border="0" cellpadding="5" cellspacing="5" width="590">
- <form ACTION="https://213.172.75.248/cgi-bin/cgi_link" METHOD="POST">
- <tbody>
- <tr>
- <td colspan="3" valign="top"><center><font size="4">Order form.</font></center></td>
- </tr>
- <tr>
- <td colspan="3" valign="top"><font size="3"></font></td>
- </tr>
- <tr bgcolor="#808080">
- <td colspan="3" class="copybd" valign="top">Order Details</td>
- </tr>
- <?php
- function hextTwoBin($hexdata) {
- $bindata="";
- for ($i=0;$i<strlen($hexdata);$i+=2) {
- $bindata.=chr(hexdec(substr($hexdata,$i,2)));
- }
- return $bindata;
- }
- // Getting required fields
- // These fields can change in every request
- $db_row['AMOUNT'] = '2.5';
- $db_row['CURRENCY'] = 'AZN';
- $db_row['ORDER'] = '000001';
- // These fields will be always static
- $db_row['DESC'] = 'Description of the sale';
- $db_row['MERCH_NAME'] = 'Some Shop';
- $db_row['MERCH_URL'] = 'Some shop\'s URL';
- $db_row['TERMINAL'] = '77777777'; // That is your personal ID in payment system
- $db_row['EMAIL'] = 'Some shop\'s E-mail';
- $db_row['TRTYPE'] = '1'; // That is the type of operation, 1 - Authorization and checkout
- $db_row['COUNTRY'] = 'AZ';
- $db_row['MERCH_GMT'] = '+4';
- $db_row['BACKREF'] = '<URL of script, reding callback information>';
- //These fields are generated automaticaly every request
- $oper_time=gmdate("YmdHis"); // Date and time UTC
- $nonce=substr(md5(rand()),0,16); // Random data
- // ------------------------------
- foreach($db_row as $key => $value){
- echo "<tr><td>$key"." = "."$value</td></tr>\n";
- #echo "<input name=\"$key\" value=\"$value\" type=\"hidden\">";
- }
- // Creating form hidden fields
- echo "
- <input name=\"AMOUNT\" value=\"{$db_row['AMOUNT']}\" type=\"hidden\">
- <input name=\"CURRENCY\" value=\"{$db_row['CURRENCY']}\" type=\"hidden\">
- <input name=\"ORDER\" value=\"{$db_row['ORDER']}\" type=\"hidden\">
- <input name=\"DESC\" value=\"{$db_row['DESC']}\" type=\"hidden\">
- <input name=\"MERCH_NAME\" value=\"{$db_row['MERCH_NAME']}\" type=\"hidden\">
- <input name=\"MERCH_URL\" value=\"{$db_row['MERCH_URL']}\" type=\"hidden\">
- <input name=\"TERMINAL\" value=\"{$db_row['TERMINAL']}\" type=\"hidden\">
- <input name=\"EMAIL\" value=\"{$db_row['EMAIL']}\" type=\"hidden\">
- <input name=\"TRTYPE\" value=\"{$db_row['TRTYPE']}\" type=\"hidden\">
- <input name=\"COUNTRY\" value=\"{$db_row['COUNTRY']}\" type=\"hidden\">
- <input name=\"MERCH_GMT\" value=\"{$db_row['MERCH_GMT']}\" type=\"hidden\">
- <input name=\"TIMESTAMP\" value=\"{$oper_time}\" type=\"hidden\">
- <input name=\"NONCE\" value=\"{$nonce}\" type=\"hidden\">
- <input name=\"BACKREF\" value=\"{$db_row['BACKREF']}\" type=\"hidden\">
- ";
- // ------------------------------------------------
- // Making P_SIGN (MAC) - Checksum of request
- // All following fields must be equal with hidden fields above
- $to_sign = "".strlen($db_row['AMOUNT']).$db_row['AMOUNT']
- .strlen($db_row['CURRENCY']).$db_row['CURRENCY']
- .strlen($db_row['ORDER']).$db_row['ORDER']
- .strlen($db_row['DESC']).$db_row['DESC']
- .strlen($db_row['MERCH_NAME']).$db_row['MERCH_NAME']
- .strlen($db_row['MERCH_URL']).$db_row['MERCH_URL']."-"
- .strlen($db_row['TERMINAL']).$db_row['TERMINAL']
- .strlen($db_row['EMAIL']).$db_row['EMAIL']
- .strlen($db_row['TRTYPE']).$db_row['TRTYPE']
- .strlen($db_row['COUNTRY']).$db_row['COUNTRY']
- .strlen($db_row['MERCH_GMT']).$db_row['MERCH_GMT']
- .strlen($oper_time).$oper_time
- .strlen($nonce).$nonce
- .strlen($db_row['BACKREF']).$db_row['BACKREF'];
- $key_for_sign="AZC#2018091710037399"; // Key for sign will change in production system
- $p_sign=hash_hmac('sha1',$to_sign, hextTwoBin($key_for_sign));
- echo "<input name=\"P_SIGN\" value=\"$p_sign\" type=\"hidden\">";
- // ----------------------------------------------------
- ?>
- <table border="0" cellpadding="5" cellspacing="5" width="590" align="center">
- <input alt="Submit" type="submit">
- </tbody>
- </table>
- </form>
- </table>
- <br><center><hr WIDTH="100%"></center></body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement