function _commerce_robokassa_validate_post in Commerce robokassa 7.2
Helper to validate robokassa $_POST data.
Parameters
mixed $data: $_POST to be validated.
mixed $payment_method: Drupal commerce payment method instance passed via url param.
bool $is_interaction: Fallback call flag.
Return value
bool|mixed Transaction according to POST data or due.
1 call to _commerce_robokassa_validate_post()
- commerce_robokassa_result in ./
commerce_robokassa.module - Page callback: commerce_robokassa/%commerce_robokassa_pm/result.
File
- ./
commerce_robokassa.module, line 176 - Drupal Commerce Robokassa payment method.
Code
function _commerce_robokassa_validate_post($data, $payment_method = FALSE, $is_interaction = TRUE) {
// Exit now if the $_POST was empty.
if (empty($data)) {
watchdog('commerce_robokassa', 'Interaction URL accessed with no POST data submitted.', array(), WATCHDOG_WARNING);
print 'bad data';
drupal_exit();
}
// Exit now if any required keys are not exists in $_POST.
$required_keys = array(
'OutSum',
'InvId',
);
if ($is_interaction) {
$required_keys[] = 'SignatureValue';
}
$unavailable_required_keys = array_diff_key(array_flip($required_keys), $data);
if (!empty($unavailable_required_keys)) {
watchdog('commerce_robokassa', 'Missing POST keys. POST data: <pre>!data</pre>', array(
'!data' => print_r($unavailable_required_keys, TRUE),
), WATCHDOG_WARNING);
print "bad data";
drupal_exit();
}
$settings = isset($payment_method['settings']) ? $payment_method['settings'] : commerce_robokassa_default_settings();
// Exit now if missing Checkout ID.
if (empty($settings['MrchLogin'])) {
$info = array(
'!settings' => print_r($payment_method, 1),
'!data' => print_r($data, TRUE),
);
watchdog('commerce_robokassa !data', 'Missing merchant ID. POST data: <pre>!data</pre> <pre>!settings</pre>', $info, WATCHDOG_WARNING);
print 'bad data';
drupal_exit();
}
if ($is_interaction) {
if ($payment_method) {
// Robokassa Signature.
$robo_sign = $data['SignatureValue'];
// Create own Signature.
$signature_data = array(
$data['OutSum'],
$data['InvId'],
$settings['pass2'],
);
if (isset($data['shp_trx_id'])) {
$signature_data[] = 'shp_trx_id=' . $data['shp_trx_id'];
}
$sign = hash($settings['hash_type'], implode(':', $signature_data));
// Exit now if missing Signature.
if (drupal_strtoupper($robo_sign) != drupal_strtoupper($sign)) {
watchdog('commerce_robokassa', 'Missing Signature. POST data: !data', array(
'!data' => print_r($data, TRUE),
), WATCHDOG_WARNING);
print "bad sign";
drupal_exit();
}
}
}
// This parameter availability is flag for 7.x.2.x transactions.
$shp_trx_id = isset($data['shp_trx_id']) ? $data['shp_trx_id'] : FALSE;
$transaction = _commerce_robokassa_transaction_load($data['InvId'], $shp_trx_id, $data['OutSum'], $payment_method);
if (!$transaction) {
watchdog('commerce_robokassa', 'Missing transaction id. POST data: !data', array(
'!data' => print_r($data, TRUE),
), WATCHDOG_WARNING);
print 'bad data';
drupal_exit();
}
$amount = commerce_currency_amount_to_decimal($transaction->amount, $transaction->currency_code);
if ($amount != $data['OutSum']) {
watchdog('commerce_robokassa', 'Missing transaction id amount. POST data: !data', array(
'!data' => print_r($data, TRUE),
), WATCHDOG_WARNING);
print 'bad data';
drupal_exit();
}
return $transaction;
}