-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpayment_complete.php
executable file
·45 lines (41 loc) · 1.4 KB
/
payment_complete.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<?php
require('connection.inc.php');
require('functions.inc.php');
echo '<b>Transaction In Process, Please do not reload</b>';
$payment_mode=$_POST['mode'];
$pay_id=$_POST['mihpayid'];
$status=$_POST["status"];
$firstname=$_POST["firstname"];
$amount=$_POST["amount"];
$txnid=$_POST["txnid"];
$posted_hash=$_POST["hash"];
$key=$_POST["key"];
$productinfo=$_POST["productinfo"];
$email=$_POST["email"];
$MERCHANT_KEY = "gtKFFx";
$SALT = "eCwWELxi";
$udf5='';
$keyString = $MERCHANT_KEY .'|'.$txnid.'|'.$amount.'|'.$productinfo.'|'.$firstname.'|'.$email.'|||||'.$udf5.'|||||';
$keyArray = explode("|",$keyString);
$reverseKeyArray = array_reverse($keyArray);
$reverseKeyString = implode("|",$reverseKeyArray);
$saltString = $SALT.'|'.$status.'|'.$reverseKeyString;
$sentHashString = strtolower(hash('sha512', $saltString));
if($sentHashString != $posted_hash){
mysqli_query($con,"update `order` set payment_status='$status', mihpayid='$pay_id' where txnid='$txnid'");
?>
<script>
window.location.href='payment_fail.php';
</script>
<?php
}else{
mysqli_query($con,"update `order` set payment_status='$status', mihpayid='$pay_id' where txnid='$txnid'");
$order_detail=mysqli_fetch_assoc(mysqli_query($con,"select id from `order` where txnid='$txnid'"));
sentInvoice($con,$order_detail['id']);
?>
<script>
window.location.href='thank_you.php';
</script>
<?php
}
?>