Community Forums 

Main Content

Return link hash verification

    May 22 2009 13:14:28



    Join date : 2009-05-22      Posts : 8

    I'm having a lot of trouble getting the variables that are returned by the cart to validate after a successful purchase.

    The instructions say:

    "The form button includes the same variables as in the Remote Call option plus a hash which you can use to check the data has not been tampered with:

    md5( Username . Shopper ID . Order Total . Secret Key)

    Where the Secret key is the same one as you use with Link verification."

    I did a test purchase and captured all the variables.

    I formed the hash using the username ($userid = "A1234567"), the shopper ID ($id = "123456) and order total ($total = "14.95") returned in the POST.

    The secret key I got from the Verifying Links page using the "Hash secret on its own" setting, which opens a new window with a hash string in it. This, I presume, is the secret key.

    Problem is, the hash I generated in PHP:

    $hash = md5( $userid . $id . $total . $secret );

    wasn't the same as the one that that got POSTed back from the cart.

    Has anyone who's had this working before got any wisdom they could pass on?

    Thanks all

    Castlegate IT