I wasn't looking to give this out on a pro bono basis, as it took me 4 hours to create and test. However, this issue has came up repeatedly on this forum and I figured I would go ahead and help everyone out. This applies to SIM/DPM responses with Accented Characters (aka Diacritics).
There is one small catch- I have deleted all the files from the remote server I was using to test this script. I had made many modifications to the script that have been stripped out for users here, as you will not need them. I have not retested since I made these changes. I do believe it should still work. I ask that the first few testers give a report on their results to help everyone else. If it doesn't work (note that hex2bin is not supported in earlier versions of php 5. Please do not post that it is not working if you are using of of those, unless you have substituted hex2bin with a pack or other substitute function that you know works elsewhere) I will test it when I have time.
The code below has an array that is used to modify the raw post data. The last key=>value pair should be removed in most cases. If your customers are likely to enter a period anywhere except the email field, it will break your validation. I did not find a way to distinguish between that character and a period.
//the below code goes on your relay response/silent post endpoint require 'validateResponse.php'; $signatureKey = "copy and paste your signature key here"; $anetResponse = file_get_contents('php://input'); if(validateResponse($anetResponse,$signatureKey)){ //here is where the updates for your responses go }; //the below is the code on the validateResponse.php file that is
//required on the endpoint function validateResponse($anetResponse,$signatureKey){ $binaryKey = hex2bin($signatureKey); $response = array( 'x_trans_id'=>'', 'x_test_request'=>'', 'x_response_code'=>'', 'x_auth_code'=>'', 'x_cvv2_resp_code'=>'', 'x_cavv_response'=>'', 'x_avs_code'=>'', 'x_method'=>'', 'x_account_number'=>'', 'x_amount'=>'', 'x_company'=>'', 'x_first_name'=>'', 'x_last_name'=>'', 'x_address'=>'', 'x_city'=>'', 'x_state'=>'', 'x_zip'=>'', 'x_country'=>'', 'x_phone'=>'', 'x_fax'=>'', 'x_email'=>'', 'x_ship_to_company'=>'', 'x_ship_to_first_name'=>'', 'x_ship_to_last_name'=>'', 'x_ship_to_address'=>'', 'x_ship_to_city'=>'', 'x_ship_to_state'=>'', 'x_ship_to_zip'=>'', 'x_ship_to_country'=>'', 'x_invoice_num'=>''); $responseCheck = urlencode($anetResponse); $verify = array (
'%25C1' => 'Á',
'%25C0' => 'À',
'%25C2' => 'Â',
'%25C3' => 'Ã',
'%25C4' => 'Ä',
'%2502' => 'Ă',
'%2500' => 'Ā',
'%25C5' => 'Å',
'%2504' => 'Ą',
'%25C6' => 'Æ',
'%25C9' => 'É',
'%25C8' => 'È',
'%25CA' => 'Ê',
'%25CB' => 'Ë',
'%251A' => 'Ě',
'%2512' => 'Ē',
'%2516' => 'Ė',
'%2518' => 'Ę',
'%25CD' => 'Í',
'%25CC' => 'Ì',
'%25CE' => 'Î',
'%25CF' => 'Ï',
'%252A' => 'Ī',
'%252F' => 'į',
'%25D3' => 'Ó',
'%25D2' => 'Ò',
'%25D4' => 'Ô',
'%25D5' => 'Õ',
'%25D6' => 'Ö',
'%2550' => 'Ő',
'%25D8' => 'Ø',
'%2552' => 'Œ',
'%25DA' => 'Ú',
'%25D9' => 'Ù',
'%25DB' => 'Û',
'%25DC' => 'Ü',
'%2570' => 'Ű',
'%256A' => 'Ū',
'%256F' => 'ů',
'%25DD' => 'Ý',
'%2506' => 'Ć',
'%250C' => 'Č',
'%25E7' => 'ç',
'%250E' => 'Ď',
'%2510' => 'Đ',
'%2522' => 'Ģ',
'%251E' => 'Ğ',
'%2536' => 'Ķ',
'%2541' => 'Ł',
'%253B' => 'Ļ',
'%2543' => 'Ń',
'%25D1' => 'Ñ',
'%2547' => 'Ň',
'%2545' => 'Ņ',
'%254A' => 'Ŋ',
'%2558' => 'Ř',
'%255A' => 'Ś',
'%2560' => 'Š',
'%255E' => 'Ş',
'%25DF' => 'ß',
'%2564' => 'Ť',
'%2566' => 'Ŧ',
'%25DE' => 'Þ',
'%2562' => 'Ţ',
'%257B' => 'Ż',
'%2579' => 'Ź',
'%257D' => 'Ž',
'%25E1' => 'á',
'%25E0' => 'à',
'%25E2' => 'â',
'%25E3' => 'ã',
'%25E4' => 'ä',
'%2503' => 'ă',
'%2501' => 'ā',
'%25E5' => 'å',
'%2505' => 'ą',
'%25E6' => 'æ',
'%25E9' => 'é',
'%25E8' => 'è',
'%25EA' => 'ê',
'%25EB' => 'ë',
'%251B' => 'ě',
'%2513' => 'ē',
'%2517' => 'ė',
'%2519' => 'ę',
'%25ED' => 'í',
'%25EC' => 'ì',
'%25EE' => 'î',
'%25EF' => 'ï',
'%252B' => 'ī',
'%2531' => 'ı',
'%25F3' => 'ó',
'%25F2' => 'ò',
'%25F4' => 'ô',
'%25F5' => 'õ',
'%25F6' => 'ö',
'%2551' => 'ő',
'%25F8' => 'ø',
'%2553' => 'œ',
'%25FA' => 'ú',
'%25F9' => 'ù',
'%25FB' => 'û',
'%25FC' => 'ü',
'%2571' => 'ű',
'%256B' => 'ū',
'%2507' => 'ć',
'%250D' => 'č',
'%250F' => 'ď',
'%2511' => 'đ',
'%25F0' => 'Ðð',
'%2523' => 'ģ',
'%251F' => 'ğ',
'%2537' => 'ķ',
'%2542' => 'ł',
'%253C' => 'ļ',
'%2544' => 'ń',
'%25F1' => 'ñ',
'%2548' => 'ň',
'%2546' => 'ņ',
'%254B' => 'ŋ',
'%2559' => 'ř',
'%255B' => 'ś',
'%2561' => 'š',
'%255F' => 'ş',
'%2565' => 'ť',
'%2567' => 'ŧ',
'%25FE' => 'þ',
'%2563' => 'ţ',
'%257C' => 'ż',
'%257E' => 'ž',
'%257Ad' => 'ź',
'%25FD' => 'd',
'%25D0' => 'ý',
'%2573' => 'ų',
'%252E'=>'Į'); //^^^^the key %252E and its value (an uppercase Lithuanian I)
//are recommended to be removed, as it will break validation
//if your customer uses a period on the payment form (function
//catches period entered as a necessary part of email address) foreach($verify as $key=>$value){ $responseCheck = str_replace($key,$value,$responseCheck); } $responseCheck = explode('%26',$responseCheck); foreach($responseCheck as $key=> $value){ $newKey = strstr($value,'%3D',true); $newVal = strstr($value,'%3D'); $newVal = str_replace('%3D','',$newVal); $newVal = str_replace('%2540','@',$newVal); $newVal = urldecode($newVal); $newVal = urldecode($newVal); if($newKey == 'x_email') $newVal = str_replace('Įcom','.com',$newVal); if( $newKey == 'x_amount') $newVal = str_replace('Į','.',$newVal); if(array_key_exists($newKey,$response)) $response[$newKey]= $newVal; if($newKey=="x_SHA2_Hash") $hash = $newVal; } $string = '^'; foreach($response as $key => $value){ $string .= $value .='^'; } $validation = strtoupper(HASH_HMAC('sha512',$string,$binaryKey)); if(!hash_equals($hash,$validation)) return false; return true; }
Solved! Go to Solution.
09-01-2019 05:23 PM - edited 09-01-2019 05:32 PM
09-01-2019 05:31 PM
09-01-2019 05:31 PM