Showing results for 
Search instead for 
Did you mean: 

PHP Updating MD5 SIM

well... let me start by saying I am rusty... I built my wifes website MANY years ago and have not been using PHP for anything since..


basically this is what I currently have to handle the response...



require_once 'anet_php_sdk/AuthorizeNet.php'; // The SDK
$redirect_url = ""; // Where the user will end up.
$api_login_id = 'api_login_code';
$md5_setting = 'api_login_code';

$response = new AuthorizeNetSIM($api_login_id, $md5_setting);

if ($response->isAuthorizeNet())
$cust_name = "customer_name='" . $response->first_name . ' ' . $response->last_name . "'";
$cust_phn = "customer_phone='" . $response->phone . "'";
$cust_email = "customer_email='" . $response->email . "'";
$pay_status = "pay_status=" . $response->response_code;
$trans_id = "transaction_id='" . $response->transaction_id . "'";
$reason_cd = "response_code=" .$response->response_reason_code;
$reason_desc = "response_desc='" . $response->response_reason_text . "'";
$card_num = "card_num='" . $_POST['x_account_number'] . "'";
$card_type = "card_type='" . $_POST['x_card_type'] . "'";


and the database is updated with the response data...



I see the code sample for compute_trans_hashSHA2.php


but im so cunfused as to where I am using that?

would it be...?


$newHash = generateSH512($textToHash, $signatureKey);

$response = new AuthorizeNetSIM($api_login_id, $newHash);


ooorr...? thanks for the help!!



I don't think the old sdk supports SHA.  I think you just leave md5_setting blank or unset and it will skip the MD5 check.

Regular Contributor



I will be back on later tonight or tomorrow. I have code that is tested and works. The file you posted uses a class that I am not familiar with. If you opt to use my code you may have to write a new script. I do not use DPM/SIM but have helped several here that do. I finally decided to test it myself last night and set up a SIM form. DPM uses the same hashing method.


For now, I can get you a head start. See my post "Working php hash verfication". The 2nd code example I posted there will work for the SIM/DPM fingerprint, except the string has an extra ^ at the beginning. The fingerprint is more important than the verification.  Also see the post called something like "No sha512 in silent post response" that I recently commented on.   It has the correct string and the correct 30 fields to use.  I'll see where you are next time I'm on. 


Do you use a separate file for your silent post url, separate from the file that pulls up the hosted form? 

All Star

@kabutotx ... so just

$response = new AuthorizeNetSIM($api_login_id);


$response = new AuthorizeNetSIM($api_login_id, '');




I think my fingerprint file is fine as its not actually using the md5 anywhere...


$fp = AuthorizeNetDPM::getFingerprint($api_login_id, $transaction_key, $total, $fp_sequence, $time);



the timing is the worst.. my wife is acutally closing her business about mid April lol.. could they have waited 1 more month!!


I think from examples you need the second one.

The Hash isn't a requirement, so I would just leave off if you are about to close the website.

Regular Contributor

shoot.. doesnt work. Errors in the response