Php Sagepay错误5068:不支持加密方法(从2.22升级到3.00)
我已经看过了关于Sagepay协议从2.22升级到3.00的其他问题的答案,包括我自己先前问题的答案 我正在尝试将加密方法从Xor更新为AES,以便3.00协议能够正常工作,但到目前为止,Sagepay错误5068仍然存在:该协议不支持加密方法。我公司需要更新的三个网站都是基于JShop电子商务平台的,该平台已经非常过时,不再提供支持 我已经实现了两个作为答案给出的解决方案,其中一个来自他们网站上可用的Sagepay php文档,但仍然收到这个错误 如果你能告诉我哪里出了问题,我将不胜感激 已经联系了Sagepay,但他们没有太多帮助,之前曾将我引向此处或他们的合作伙伴页面 Protx(Sagepay)文件:Php Sagepay错误5068:不支持加密方法(从2.22升级到3.00),php,encryption,upgrade,opayo,Php,Encryption,Upgrade,Opayo,我已经看过了关于Sagepay协议从2.22升级到3.00的其他问题的答案,包括我自己先前问题的答案 我正在尝试将加密方法从Xor更新为AES,以便3.00协议能够正常工作,但到目前为止,Sagepay错误5068仍然存在:该协议不支持加密方法。我公司需要更新的三个网站都是基于JShop电子商务平台的,该平台已经非常过时,不再提供支持 我已经实现了两个作为答案给出的解决方案,其中一个来自他们网站上可用的Sagepay php文档,但仍然收到这个错误 如果你能告诉我哪里出了问题,我将不胜感激 已经
响应文件:
<?php
define("IN_JSHOP", TRUE);
include("../../static/config.php");
include("../../routines/dbAccess_".$databaseType.".php");
include("../../routines/tSys.php");
include("../../routines/general.php");
include("../../routines/stockControl.php");
include("../../routines/emailOutput.php");
require_once 'SagepayUtil.php';
dbConnect($dbA);
$orderID = makeSafe(getFORM("xOid"));
$newOrderID = $orderID;
$randID = makeSafe(getFORM("xRn"));
$crypt = makeSafe(getFORM("crypt"));
$gatewayOptions = retrieveGatewayOptions("PROTX");
$orderID = makeInteger($orderID) - retrieveOption("orderNumberOffset");
$result = $dbA->query("select * from $tableOrdersHeaders where orderID=$orderID and randID='$randID'");
if ($dbA->count($result) == 0 || $crypt=="") {
doRedirect_JavaScript($jssStoreWebDirHTTP."index.php");
exit;
}
$orderArray = $dbA->fetch($result);
$ccResult = $dbA->query("select * from $tablePaymentOptions where paymentID=".$orderArray["paymentID"]);
$poRecord = $dbA->fetch($ccResult);
$paidStatus = $poRecord["statusID"];
$crypt = str_replace(" ","+",$crypt);
//$crypt = protx_simpleXor(base64_decode($crypt),$gatewayOptions["encryptionPassword"]);
$crypt = decryptAes(base64_decode($crypt), $gatewayOptions["encryptionPassword"]);
$nameValues = explode("&",$crypt);
$resultCode = "";
for ($f = 0; $f < count($nameValues); $f++) {
$thisCode = explode("=",$nameValues[$f]);
$resultCode[$thisCode[0]] = $thisCode[1];
}
if ($resultCode["VendorTxCode"] != $newOrderID) {
doRedirect_JavaScript($jssStoreWebDirHTTP."index.php");
exit;
}
$authResponse = "&Status Result=".$resultCode["Status"]."&AVS/CV2 Check=".@$resultCode["AVSCV2"]."&Address Result=".@$resultCode["AddressResult"]."&Postcode Result=".@$resultCode["PostCodeResult"]."&CV2 Result=".@$resultCode["CV2Result"]."&3d Secure Status=".@$resultCode["3DSecureStatus"];
$randID = $orderArray["randID"];
if ($orderArray["status"] != $paidStatus) {
$dt=date("YmdHis",createOffsetTime());
switch ($resultCode["Status"]) {
case "OK":
case "AUTHENTICATED":
case "REGISTERED":
$authResponse="Gateway=Sage Pay&Authorisation Code=".$resultCode["TxAuthNo"]."&Sage Pay Transaction ID=".$resultCode["VPSTxId"]."&Status=Payment Confirmed".$authResponse;
$dbA->query("update $tableOrdersHeaders set status=$paidStatus, authInfo=\"$authResponse\", paymentDate=\"$dt\" where orderID=$orderID");
$orderArray["status"] = $paidStatus;
//ok, this is where we should do the stock control then.
include("process/paidProcessList.php");
doRedirect_JavaScript($jssStoreWebDirHTTPS."process.php?xOid=$newOrderID&xRn=$randID");
break;
case "REJECTED":
$authResponse="Gateway=Sage Pay&Status=Payment Rejected Due To Rules".$authResponse;
$dbA->query("update $tableOrdersHeaders set status=3, authInfo=\"$authResponse\", paymentDate=\"$dt\" where orderID=$orderID");
include("process/failProcessList.php");
doRedirect_JavaScript($jssStoreWebDirHTTPS."process.php?xOid=$newOrderID&xRn=$randID");
break;
default:
if ($orderArray["status"] == 1) {
$authResponse="Gateway=Sage Pay&Status=Payment Failed".$authResponse;
$dbA->query("update $tableOrdersHeaders set status=3, authInfo=\"$authResponse\", paymentDate=\"$dt\" where orderID=$orderID");
include("process/failProcessList.php");
}
doRedirect_JavaScript($jssStoreWebDirHTTPS."process.php?xOid=$newOrderID&xRn=$randID");
break;
}
} else {
doRedirect_JavaScript($jssStoreWebDirHTTPS."process.php?xOid=$newOrderID&xRn=$randID");
}
function addPKCS5Padding($input)
{
$blockSize = 16;
$padd = "";
$length = $blockSize - (strlen($input) % $blockSize);
for ($i = 1; $i <= $length; $i++)
{
$padd .= chr($length);
}
return $input . $padd;
}
function removePKCS5Padding($input)
{
$blockSize = 16;
$padChar = ord($input[strlen($input) - 1]);
$unpadded = substr($input, 0, (-1) * $padChar);
return $unpadded;
}
function encryptAes($string, $key)
{
$string = addPKCS5Padding($string);
$crypt = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $string, MCRYPT_MODE_CBC, $key);
return strtoupper(bin2hex($crypt));
}
function decryptAes($strIn, $myEncryptionPassword)
{
#Sagepay specific - remove the '@'
$strIn = substr($strIn,1);
$strInitVector = $myEncryptionPassword;
$strIn = pack('H*', $hex);
$string = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $myEncryptionPassword, $strIn, MCRYPT_MODE_CBC,$strInitVector);
return removePKCS5Padding($string);
}
?>
在不使用base64加密的情况下试一试,并确保在编码时将“@”添加到密码的开头(并在解密事务结果时将其从密码中删除)。确保先备份文件,然后更改此行:
$crypt =base64_encode(encryptAes($crypt, $myEncryptionPassword));
到
以及:
致:
查看了解密位后,已经删除了@。我不是一个PHP的家伙,所以这可能不是完美的 恐怕我不知道怎么做这两件事,它们看起来很简单!如何删除base64加密?它是否像删除这段文字一样简单?我如何将“@”添加到加密中并在解密中删除它?我想这样做了Rik,谢谢。加密错误不再出现,但已被一个关于计费国家的错误所取代,我必须立即进行修复!!:-)@Lauren我不知道这是否有帮助,但我在某个地方读到,有时账单国家的sagepay错误可能是由于账单状态不好或缺失造成的。您可能需要将其设置为GB的空字符串addresses@Phil_1984_谢谢你的提示-我发现该网站只是以名称的形式发送账单国家,而不是Sagepay要求的ISO代码-我现在设法找到了绕过它的方法!
$crypt =base64_encode(encryptAes($crypt, $myEncryptionPassword));
$crypt = "@".encryptAes($crypt, $myEncryptionPassword);
$crypt = decryptAes(base64_decode($crypt), $gatewayOptions["encryptionPassword"]);
$crypt = decryptAes($crypt, $gatewayOptions["encryptionPassword"]);