yanyu/v2board
1
0
Fork 0
mirror of https://github.com/v2board/v2board.git synced 2024-09-20 12:54:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

Payments: fix CoinPayments IPN Notification

Browse Source
This commit is contained in:
Alpha Kane 2022-04-01 19:25:45 +08:00
parent 5b293f4cb0
commit 24e896d301
No known key found for this signature in database
GPG Key ID: 180A31AB98D5C156
1 changed files with 10 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
app/Payments/CoinPayments.php
View File

@ -28,7 +28,8 @@ class CoinPayments {
]; ];
} }
public function pay($order) { public function pay($order)
{
// IPN notifications are slow, when the transaction is successful, we should return to the user center to avoid user confusion // IPN notifications are slow, when the transaction is successful, we should return to the user center to avoid user confusion
$parseUrl = parse_url($order['return_url']); $parseUrl = parse_url($order['return_url']);
@ -53,12 +54,12 @@ class CoinPayments {
return [ return [
'type' => 1, // Redirect to url 'type' => 1, // Redirect to url
'data' => 'https://www.coinpayments.net/index.php?' . $params_string, 'data' => 'https://www.coinpayments.net/index.php?' . $params_string
'custom_result' => 'IPN OK'
]; ];
} }
public function notify($params) { public function notify($params)
{
if (!isset($params['merchant']) || $params['merchant'] != trim($this->config['coinpayments_merchant_id'])) { if (!isset($params['merchant']) || $params['merchant'] != trim($this->config['coinpayments_merchant_id'])) {
abort(500, 'No or incorrect Merchant ID passed'); abort(500, 'No or incorrect Merchant ID passed');
@ -75,24 +76,22 @@ class CoinPayments {
$hmac = hash_hmac("sha512", $request, trim($this->config['coinpayments_ipn_secret'])); $hmac = hash_hmac("sha512", $request, trim($this->config['coinpayments_ipn_secret']));
// if (!hash_equals($hmac, $signHeader)) { // if ($hmac != $signHeader) { <-- Use this if you are running a version of PHP below 5.6.0 without the hash_equals function
// if ($hmac != $_SERVER['HTTP_HMAC']) { <-- Use this if you are running a version of PHP below 5.6.0 without the hash_equals function // abort(400, 'HMAC signature does not match');
// $this->dieSendMessage(400, 'HMAC signature does not match');
// } // }
if ($hmac != $signHeader) { if (!hash_equals($hmac, $signHeader)) {
abort(400, 'HMAC signature does not match'); abort(400, 'HMAC signature does not match');
} }
// HMAC Signature verified at this point, load some variables. // HMAC Signature verified at this point, load some variables.
$status = $params['status']; $status = $params['status'];
if ($status >= 100 || $status == 2) { if ($status >= 100 || $status == 2) {
// payment is complete or queued for nightly payout, success // payment is complete or queued for nightly payout, success
return [ return [
'trade_no' => $params['item_number'], 'trade_no' => $params['item_number'],
'callback_no' => $params['txn_id'] 'callback_no' => $params['txn_id'],
'custom_result' => 'IPN OK'
]; ];
} else if ($status < 0) { } else if ($status < 0) {
//payment error, this is usually final but payments will sometimes be reopened if there was no exchange rate conversion or with seller consent //payment error, this is usually final but payments will sometimes be reopened if there was no exchange rate conversion or with seller consent
@ -101,7 +100,5 @@ class CoinPayments {
//payment is pending, you can optionally add a note to the order page //payment is pending, you can optionally add a note to the order page
die('IPN OK: pending'); die('IPN OK: pending');
} }
} }
} }