-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpgResponse.php
68 lines (50 loc) · 2.95 KB
/
pgResponse.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<?php
header("Pragma: no-cache");
header("Cache-Control: no-cache");
header("Expires: 0");
// following files need to be included
require_once("./lib/config_paytm.php");
require_once("./lib/encdec_paytm.php");
$paytmChecksum = "";
$paramList = array();
$isValidChecksum = "FALSE";
$paramList = $_POST;
$paytmChecksum = isset($_POST["CHECKSUMHASH"]) ? $_POST["CHECKSUMHASH"] : ""; //Sent by Paytm pg
//Verify all parameters received from Paytm pg to your application. Like MID received from paytm pg is same as your application�s MID, TXN_AMOUNT and ORDER_ID are same as what was sent by you to Paytm PG for initiating transaction etc.
$isValidChecksum = verifychecksum_e($paramList, PAYTM_MERCHANT_KEY, $paytmChecksum); //will return TRUE or FALSE string.
if ($isValidChecksum == "TRUE") {
echo "<b>Checksum matched and following are the transaction details:</b>" . "<br/>";
/* query insert*/
if ($_POST["STATUS"] == "TXN_SUCCESS") {
echo "<b>Transaction status is success</b>" . "<br/>";
if (isset($_POST['ORDERID'],$_POST['MID'],$_POST['TXNID'],$_POST['TXNAMOUNT'],$_POST['PAYMENTMODE'],$_POST['CURRENCY'],$_POST['TXNDATE'],$_POST['STATUS'],$_POST['RESPCODE'],$_POST['RESPMSG'],$_POST['GATEWAYNAME'],$_POST['BANKTXNID'],$_POST['BANKNAME'],$_POST['CHECKSUMHASH'])) {
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$qry = "INSERT INTO `users`(`FNAME`, `LNAME`, `ADDRESS`, `EMAIL`, `MOB`, `EVENTS`, `ORDERID`, `MID`, `TXNID`, `TXNAMOUNT`, `PAYMENTMODE`, `CURRENCY`, `TXNDATE`, `STATUS`, `RESPCODE`, `RESPMSG`, `GATEWAYNAME`, `BANKTXNID`, `BANKNAME`, `CHECKSUMHASH`) VALUES
('" . $_SESSION['FNAME'] . "','" . $_SESSION['LNAME'] . "','" . $_SESSION['ADDR'] . "','" . $_SESSION['EMAIL'] . "','" . $_SESSION['MOBILENO'] . "','" . $_SESSION['EVENTS'] . "','" . $_POST['ORDERID'] . "','" . $_POST['MID'] . "', '" . $_POST['TXNID'] . "','" . $_POST['TXNAMOUNT'] . "','" . $_POST['PAYMENTMODE'] . "','" . $_POST['CURRENCY'] . "','" . $_POST['TXNDATE'] . "','" . $_POST['STATUS'] . "','" . $_POST['RESPCODE'] . "','" . $_POST['RESPMSG'] . "','" . $_POST['GATEWAYNAME'] . "','" . $_POST['BANKTXNID'] . "','" . $_POST['BANKNAME'] . "','" . $_POST['CHECKSUMHASH'] . "')";
mysqli_query($conn, $qry);
header('Location: disp.php?id=' . $_POST['ORDERID']);
}
//Process your transaction here as success transaction.
//Verify amount & order id received from Payment gateway with your application's order id and amount.
} else {
echo "<b>Transaction status is failure</b>" . "<br/>";
}
if (isset($_POST) && count($_POST) > 0) {
foreach ($_POST as $paramName => $paramValue) {
echo "<br/>" . $paramName . " = " . $paramValue;
}
}
} else {
echo "<b>Checksum mismatched.</b>";
//Process transaction as suspicious.
}