Programming

  • 4 {{ upvoteCount | shortNum }}

    Clickbank instant notification version 6

    behnampmdg3 in Programming

    Hi; I am using Clickbanks Instant notification. I have set this and it works fine if I don't call "ipn_verification()". It returns false no matter what PHP Code: <?php class Welcome extends CI_Controller {       public function index()        {            if($this->ipn_verification())                {                    $this->update();                    }            else                {                    echo "Unverified";                }            }                        private function ipn_verification()        {                    $secretKey="FFF";            $pop = "";            $ipnFields = array();            foreach ($_POST as $key => $value)                 {                    if ($key == "cverify")                         {                            continue;                        }                    $ipnFields[] = $key;                }            sort($ipnFields);            foreach ($ipnFields as $field)                 {                    // if Magic Quotes are enabled $_POST[$field] will need to be                    // un-escaped before being appended to $pop                    $pop = $pop . $_POST[$field] . "|";                }            $pop = $pop . $secretKey;            $calcedVerify = sha1(mb_convert_encoding($pop, "UTF-8"));            $calcedVerify = strtoupper(substr($calcedVerify,0,8));            return $calcedVerify == $_POST["cverify"];        }    private function update()        {            $secretKey = "FFF"; // secret key from your ClickBank account             // get JSON from raw body...            $message = json_decode(file_get_contents('php://input'));            // Pull out the encrypted notification and the initialization vector for            // AES/CBC/PKCS5Padding decryption            $encrypted = $message->{'notification'};            $iv = $message->{'iv'};            error_log("IV: $iv");            // decrypt the body...            $decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,substr(sha1($secretKey), 0, 32),base64_decode($encrypted),MCRYPT_MODE_CBC,base64_decode($iv)), "\0..\32");            error_log("Decrypted: $decrypted");            // convert the decrypted string to a JSON object...            $order = json_decode($decrypted);                        // Ready to rock and roll - If the decoding of the JSON string wasn't successful,            // then you can assume the notification wasn't encrypted with your secret key.            }    } Here ... [read more]