Hi.
I successfully implemented a Silent Post callback url that checks the md5 signiture this way:
For Silent Post, these values are used for creating the MD5 Hash, in this exact order:
- The MD5 Hash Value, which is assigned by the merchant in the account's Settings.
- The transaction ID number we assigned to the transaction (x_trans_id).
- The amount of the charge (x_amount).
The resulting string is then used to generate the MD5 hash.
For ARB transactions all works great.
But when I have a post request for Refund transaction(x_type=credit) the signiture does not match. :(
Am I missing something or the signiture is formed differently for refund posts.
Here is an example of real call:
x_response_code=1&x_response_reason_code=1&x_response_reason_text=This+transaction+has+been+approved%2E&x_avs_code=P&x_auth_code=&x_trans_id=60008074763&x_method=CC&x_card_type=Visa&x_account_number=XXXX9915&x_first_name=Ivan&x_last_name=Ivanov&x_company=&x_address=Lake+Street+41&x_city=Sofia&x_state=&x_zip=1000&x_country=BG&x_phone=&x_fax=&x_email=qatest041%40kiril%2Eendavomedia%2Ecom&x_invoice_num=&x_description=test95&x_type=credit&x_cust_id=3489&x_ship_to_first_name=&x_ship_to_last_name=&x_ship_to_company=&x_ship_to_address=&x_ship_to_city=&x_ship_to_state=&x_ship_to_zip=&x_ship_to_country=&x_amount=3%2E99&x_tax=0%2E00&x_duty=0%2E00&x_freight=0%2E00&x_tax_exempt=FALSE&x_po_num=&x_MD5_Hash=4E5F83E3FCF2A2772377134D1FB5F919&x_SHA2_Hash=&x_cvv2_resp_code=&x_cavv_response=&x_test_request=false
This is how I made the checksum with Md5 Hash Value=brum12345
message: brum12345600080747633.99
md5(message): 80ba1e2cc9c03f342ef731eaa768c596
x_MD5_Hash: 4e5f83e3fcf2a2772377134d1fb5f919
