我被 Bendigo 银行告知需要将 md5 更改为 SHA256。我按照他们的指示操作,但出现了以下错误:
他们的示例代码如下:
HTTP Status - 400
E5000: Cannot form a matching secure hash based on the merchant's request using either of the two merchant's secrets
他们的示例代码如下:
。
<?php foreach($_POST as $key => $value) {
if (strlen($value) > 0) { ?>
<input type="hidden" name="<?php echo($key); ?>" value="<?php echo($value); ?>"/><br>
<?php
if ((strlen($value) > 0) && ((substr($key, 0,4)=="vpc_") || (substr($key,0,5) =="user_"))) {
$hashinput .= $key . "=" . $value . "&";
}
}
}
$hashinput = rtrim($hashinput,"&");
?>
<!-- attach SecureHash -->
<input type="hidden" name="vpc_SecureHash" value="<?php echo(strtoupper(hash_hmac('SHA256', $hashinput, pack('H*',$securesecret)))); ?>"/>
<input type="hidden" name="vpc_SecureHashType" value="SHA256">
这是我的帖子:
Array (
[AgainLink] => http://fallscreekcountryclub.com.au/make-a-booking/submit-booking.html
[b_terms] => 1
[chargetypeid] => 33
[deposit] => 580.00
[notes] => 4 Nights - 26/11/2016 to 30/11/2016
[propertyid] => 2
[total] => 580.00
[vpc_AccessCode] => 903876BC
[vpc_Amount] => 58000
[vpc_Command] => pay
[vpc_Locale] => en
[vpc_MerchTxnRef] => 1479746896
[vpc_Merchant] => BBL5800396
[vpc_OrderInfo] => Studio Deluxe
[vpc_ReturnURL] => http://fallscreekcountryclub.com.au/make-a-booking/booking-complete.html
[vpc_Version] => 1
)
这是我的代码:
$appendAmp = 0;
$isencoded = '';
$notencoded = '';
foreach($_POST as $key => $value) {
if (strlen($value) > 0) {
if ($appendAmp == 0) :
$notencoded .= $key . '=' . $value;
$isencoded .= urlencode($key) . '=' . urlencode($value);
$appendAmp = 1;
else :
$notencoded .= '&' . $key . '=' . $value;
$isencoded .= '&' . urlencode($key) . '=' . urlencode($value);
endif;
}
}
if (strlen($SECURE_SECRET) > 0) {
#$vpcURL .= "&vpc_SecureHash=" . strtoupper(md5($md5HashData));
$SecureHash = strtoupper(hash_hmac('SHA256',$notencoded,pack('H*',$SECURE_SECRET)));
$SecureHashType = 'SHA256';
}
$vpcURL .= $notencoded.'&vpc_SecureHash='.$SecureHash.'&vpc_SecureHashType='.$SecureHashType;
我已经看到有人建议在构建vpcURL之前不要对vpc_ReturnURL字符串进行urlencode,因此我分别尝试了“isencoded”和“notencoded”,但两者都无效。
vpcURL的urlencode版本如下:
https://migs.mastercard.com.au/vpcpay?AgainLink=http%3A%2F%2Ffallscreekcountryclub.com.au%2Fmake-a-booking%2Fsubmit-booking.html&b_terms=1&chargetypeid=33&deposit=580.00¬es=4+Nights+-+26%2F11%2F2016+to+30%2F11%2F2016&propertyid=2&total=580.00&vpc_AccessCode=903876BC&vpc_Amount=58000&vpc_Command=pay&vpc_Locale=en&vpc_MerchTxnRef=1479746896&vpc_Merchant=BBL5800396&vpc_OrderInfo=Studio+Deluxe&vpc_ReturnURL=http%3A%2F%2Ffallscreekcountryclub.com.au%2Fmake-a-booking%2Fbooking-complete.html&vpc_Version=1&vpc_SecureHash=A5BA6503FC7A169A90C9AAC7039878F45D761180D874789172EB5A58298022E4&vpc_SecureHashType=SHA256
非urlencode版本如下:
https://migs.mastercard.com.au/vpcpay?AgainLink=http://fallscreekcountryclub.com.au/make-a-booking/submit-booking.html&b_terms=1&chargetypeid=33&deposit=580.00¬es=4 Nights - 26/11/2016 to 30/11/2016&propertyid=2&total=580.00&vpc_AccessCode=903876BC&vpc_Amount=58000&vpc_Command=pay&vpc_Locale=en&vpc_MerchTxnRef=1479746896&vpc_Merchant=BBL5800396&vpc_OrderInfo=Studio Deluxe&vpc_ReturnURL=http://fallscreekcountryclub.com.au/make-a-booking/booking-complete.html&vpc_Version=1&vpc_SecureHash=A5BA6503FC7A169A90C9AAC7039878F45D761180D874789172EB5A58298022E4&vpc_SecureHashType=SHA256
有没有任何想法,我做错了什么?我打电话给银行,他们不能帮我,他们甚至不知道我在说什么。
我知道$SECURE_SECRET号码是正确的,因为它是我用于原始md5哈希的相同数字。所以问题出在sha256哈希上,我不确定为什么,也不知道如何解决。