Php 为与android的pay u集成生成哈希时,哈希无效
我在将pay u支付网关与我的android应用程序集成时遇到问题。我在自己的服务器上生成哈希,当我为给定参数生成哈希并在我的应用程序中使用它时,api说无效哈希请帮助我生成哈希 我的php代码是:Php 为与android的pay u集成生成哈希时,哈希无效,php,android,payment-gateway,payu,payumoney,Php,Android,Payment Gateway,Payu,Payumoney,我在将pay u支付网关与我的android应用程序集成时遇到问题。我在自己的服务器上生成哈希,当我为给定参数生成哈希并在我的应用程序中使用它时,api说无效哈希请帮助我生成哈希 我的php代码是: <?php // Merchant key here as provided by Payu $MERCHANT_KEY = "0MQaQP"; // Merchant Salt as provided by Payu $SALT = "13p0PXZk"; // End point -
<?php
// Merchant key here as provided by Payu
$MERCHANT_KEY = "0MQaQP";
// Merchant Salt as provided by Payu
$SALT = "13p0PXZk";
// End point - change to https://secure.payu.in for LIVE mode
$PAYU_BASE_URL = "https://test.payu.in";
$action = '';
$make_op=array();
$posted = array();
if(!empty($_POST)) {
//print_r($_POST);
foreach($_POST as $key => $value) {
//echo " key-".$key." value-".$value."\n";
$posted[$key] = $value;
}
}
$formError = 0;
if(empty($posted['txnid'])) {
// Generate random transaction id
$txnid = substr(hash('sha256', mt_rand() . microtime()), 0, 20);
} else {
$txnid = $posted['txnid'];
}
$hash = '';
// Hash Sequence
$hashSequence = "key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5|udf6|udf7|udf8|udf9|udf10";
if(empty($posted['hash']) && sizeof($posted) > 0)
{
if(
empty($posted['key'])
|| empty($posted['txnid'])
|| empty($posted['amount'])
|| empty($posted['firstname'])
|| empty($posted['email'])
|| empty($posted['productinfo'])
|| empty($posted['surl'])
|| empty($posted['furl'])
) {
$formError = 1;
echo "in if block";
}
else {
//$posted['productinfo'] = json_encode(json_decode('[{"name":"tutionfee","description":"","value":"500","isRequired":"false"},{"name":"developmentfee","description":"monthly tution fee","value":"1500","isRequired":"false"}]'));
$hashVarsSeq = explode('|', $hashSequence);
$hash_string = '';
foreach($hashVarsSeq as $hash_var)
{
//echo $hash_var;
$hash_string .= isset($posted[$hash_var]) ? $posted[$hash_var] : '';
$hash_string .= '|';
}
$hash_string .= $SALT;
$hash = strtolower(hash('sha512', $hash_string));
//echo "hash string==".$hash_string;
//echo $hash;
$action = $PAYU_BASE_URL . '/_payment';
}
$make_op['payment_related_details_for_mobile_sdk_hash']=$hash;
$make_op['message']="successfully generated hash";
$make_op['status']=0;
echo json_encode($make_op);
} elseif(!empty($posted['hash']))
{
echo "Hash is present";
echo $posted['hash'];
$hash = $posted['hash'];
$action = $PAYU_BASE_URL . '/_payment';
$make_op['payment_related_details_for_mobile_sdk_hash']=$hash;
$make_op['message']="successfully generated hashs";
$make_op['status']=0;
echo json_encode($make_op);
}
?>
嘿,伙计,看起来你在使用你自己的服务器,但你需要在php端使用你的live salt和商户密钥,看看这个解决方案吧你不是在使用你的salt和key从服务器生成散列
要在服务器端生成哈希的示例代码:
<?php
function getHashes($txnid, $amount, $productinfo, $firstname, $email, $user_credentials, $udf1, $udf2, $udf3, $udf4, $udf5,$offerKey,$cardBin)
{
// $firstname, $email can be "", i.e empty string if needed. Same should be sent to PayU server (in request params) also.
$key = 'gtKFFx';
$salt = 'eCwWELxi';
$payhash_str = $key . '|' . checkNull($txnid) . '|' .checkNull($amount) . '|' .checkNull($productinfo) . '|' . checkNull($firstname) . '|' . checkNull($email) . '|' . checkNull($udf1) . '|' . checkNull($udf2) . '|' . checkNull($udf3) . '|' . checkNull($udf4) . '|' . checkNull($udf5) . '||||||' . $salt;
$paymentHash = strtolower(hash('sha512', $payhash_str));
$arr['payment_hash'] = $paymentHash;
$cmnNameMerchantCodes = 'get_merchant_ibibo_codes';
$merchantCodesHash_str = $key . '|' . $cmnNameMerchantCodes . '|default|' . $salt ;
$merchantCodesHash = strtolower(hash('sha512', $merchantCodesHash_str));
$arr['get_merchant_ibibo_codes_hash'] = $merchantCodesHash;
$cmnMobileSdk = 'vas_for_mobile_sdk';
$mobileSdk_str = $key . '|' . $cmnMobileSdk . '|default|' . $salt;
$mobileSdk = strtolower(hash('sha512', $mobileSdk_str));
$arr['vas_for_mobile_sdk_hash'] = $mobileSdk;
$cmnPaymentRelatedDetailsForMobileSdk1 = 'payment_related_details_for_mobile_sdk';
$detailsForMobileSdk_str1 = $key . '|' . $cmnPaymentRelatedDetailsForMobileSdk1 . '|default|' . $salt ;
$detailsForMobileSdk1 = strtolower(hash('sha512', $detailsForMobileSdk_str1));
$arr['payment_related_details_for_mobile_sdk_hash'] = $detailsForMobileSdk1;
//used for verifying payment(optional)
$cmnVerifyPayment = 'verify_payment';
$verifyPayment_str = $key . '|' . $cmnVerifyPayment . '|'.$txnid .'|' . $salt;
$verifyPayment = strtolower(hash('sha512', $verifyPayment_str));
$arr['verify_payment_hash'] = $verifyPayment;
if($user_credentials != NULL && $user_credentials != '')
{
$cmnNameDeleteCard = 'delete_user_card';
$deleteHash_str = $key . '|' . $cmnNameDeleteCard . '|' . $user_credentials . '|' . $salt ;
$deleteHash = strtolower(hash('sha512', $deleteHash_str));
$arr['delete_user_card_hash'] = $deleteHash;
$cmnNameGetUserCard = 'get_user_cards';
$getUserCardHash_str = $key . '|' . $cmnNameGetUserCard . '|' . $user_credentials . '|' . $salt ;
$getUserCardHash = strtolower(hash('sha512', $getUserCardHash_str));
$arr['get_user_cards_hash'] = $getUserCardHash;
$cmnNameEditUserCard = 'edit_user_card';
$editUserCardHash_str = $key . '|' . $cmnNameEditUserCard . '|' . $user_credentials . '|' . $salt ;
$editUserCardHash = strtolower(hash('sha512', $editUserCardHash_str));
$arr['edit_user_card_hash'] = $editUserCardHash;
$cmnNameSaveUserCard = 'save_user_card';
$saveUserCardHash_str = $key . '|' . $cmnNameSaveUserCard . '|' . $user_credentials . '|' . $salt ;
$saveUserCardHash = strtolower(hash('sha512', $saveUserCardHash_str));
$arr['save_user_card_hash'] = $saveUserCardHash;
$cmnPaymentRelatedDetailsForMobileSdk = 'payment_related_details_for_mobile_sdk';
$detailsForMobileSdk_str = $key . '|' . $cmnPaymentRelatedDetailsForMobileSdk . '|' . $user_credentials . '|' . $salt ;
$detailsForMobileSdk = strtolower(hash('sha512', $detailsForMobileSdk_str));
$arr['payment_related_details_for_mobile_sdk_hash'] = $detailsForMobileSdk;
}
// if($udf3!=NULL && !empty($udf3)){
$cmnSend_Sms='send_sms';
$sendsms_str=$key . '|' . $cmnSend_Sms . '|' . $udf3 . '|' . $salt;
$send_sms = strtolower(hash('sha512',$sendsms_str));
$arr['send_sms_hash']=$send_sms;
// }
if ($offerKey!=NULL && !empty($offerKey)) {
$cmnCheckOfferStatus = 'check_offer_status';
$checkOfferStatus_str = $key . '|' . $cmnCheckOfferStatus . '|' . $offerKey . '|' . $salt ;
$checkOfferStatus = strtolower(hash('sha512', $checkOfferStatus_str));
$arr['check_offer_status_hash']=$checkOfferStatus;
}
if ($cardBin!=NULL && !empty($cardBin)) {
$cmnCheckIsDomestic = 'check_isDomestic';
$checkIsDomestic_str = $key . '|' . $cmnCheckIsDomestic . '|' . $cardBin . '|' . $salt ;
$checkIsDomestic = strtolower(hash('sha512', $checkIsDomestic_str));
$arr['check_isDomestic_hash']=$checkIsDomestic;
}
return $arr;
}
function checkNull($value) {
if ($value == null) {
return '';
} else {
return $value;
}
}
$output=getHashes($_POST["txnid"], $_POST["amount"], $_POST["productinfo"], $_POST["firstname"], $_POST["email"], $_POST["user_credentials"], $_POST["udf1"], $_POST["udf2"], $_POST["udf3"], $_POST["udf4"], $_POST["udf5"],$_POST["offerKey"],$_POST["cardBin"]);
echo json_encode($output);
?>
您可以从url中找到更多详细信息:
以下是java中pay u集成的哈希生成:
方法:getHashes()
publicstringgethash(字符串键、字符串txnid、字符串金额、字符串产品信息、字符串名字、字符串电子邮件、,
字符串用户\凭证、字符串udf1、字符串udf2、字符串udf3、字符串udf4、字符串udf5、字符串offerKey、,
线绳(桶、线绳盐){
JSONObject响应=新建JSONObject();
试一试{
//sha512(关键字| txnid |金额|产品信息|名字|电子邮件| udf1 | udf2 | udf3 | udf4 | udf5 |盐)
//hiESPS | 7174761030002574230 | 12 |产品|信息|名字|xyz@gmail.com|udf1 | udf2 | udf3 | udf4 | udf5 | UDF | xXZAKUi8
字符串ph=checkNull(key)+“|”+checkNull(txnid)+“|”+checkNull(amount)+“|”+checkNull(productInfo)
+“|”+checkNull(名字)+“|”+checkNull(电子邮件)+“|”+checkNull(udf1)+“|”+checkNull(udf2)
+“|”+checkNull(udf3)+“|”+checkNull(udf4)+“|”+checkNull(udf5)+“||||”+盐;
字符串paymentHash=getSHA(ph);
响应。put(“payment_hash”,paymentHash);
response.put(“get_merchant_ibibo_codes_hash”、generateHashString(“get_merchant_ibibo_codes”、用户凭证、密钥、salt”);
response.put(“vas_for_mobile_sdk_hash”,generateHashString(“vas_for_mobile_sdk,user_凭证,密钥,salt));
response.put(“与支付相关的\u详细信息\u用于移动\u sdk\u散列”,
generateHashString(“移动sdk的支付相关详细信息”,用户凭证、密钥、salt));
//用于验证付款(可选)
如果(!checkNull(txnid).isEmpty()){
响应.put(“验证付款\u散列”,
生成hashString(“验证付款”,txnid,key,salt));
}
如果(!checkNull(用户凭据).isEmpty()){
response.put(“delete_user_card_hash”,generateHashString(“delete_user_card”,user_凭证,密钥,salt));
put(“get_user_cards_hash”,generateHashString(“get_user_cards”,user_凭证,密钥,salt));
response.put(“编辑用户卡”散列),generateHashString(“编辑用户卡”,用户凭证,密钥,salt));
response.put(“save_user_card_hash”,generateHashString(“save_user_card”,user_凭证,密钥,salt));
response.put(“与支付相关的\u详细信息\u用于移动\u sdk\u散列”,
generateHashString(“移动sdk的支付相关详细信息”,用户凭证、密钥、salt));
}
//检查\u报价\u状态
if(!checkNull(offerKey).isEmpty()){
put(“check_offer_status_hash”,generateHashString(“check_offer_status”,offerKey,salt));
}
//支票是国内的
如果(!checkNull(cardBin).isEmpty()){
put(“check_isDomestic_hash”,generateHashString(“check_isDomestic”,cardBin,key,salt));
}
}捕获(例外e){
}
返回response.toString();
}
私有字符串generateHashString(字符串命令、字符串var1、字符串键、字符串salt){
返回getSHA(key+“|”+command+“|”+var1+“|”+salt);
}
私有字符串checkNull(字符串值){
如果(值==null){
返回“”;
}否则{
返回值;
}
}
私有字符串getSHA(字符串str){
信息文摘md;
串出“”;
试一试{
md=MessageDigest.getInstance(“SHA-512”);
md.update(str.getBytes());
字节[]mb=md.digest();
对于(int i=0;i
请分享您正在使用的演示url这是我服务器上的url:-hashSequence=“key | txnid | amount | productinfo | firstname | email | udf1 | udf2 | udf3 | udf4 | udf5 | udf6 | udf7 | udf8 | udf9 | udf10”代码>字符串将包含您的$txnid
,您的电子邮件,金额,而不是默认的txnid,金额,…
是的,但服务器端和客户端的数据都是相同的…我试图将其用于演示数据…因此,如果它对该数据有效,则我将此代码用于我的数据此解决方案在安全立场方面不起作用…你不能像这样将盐放入应用程序中…他们已经在演示应用程序中对其进行了测量…那个东西是为了测试其他人,任何人都可以反编译应用程序来获取SALT。你的密钥应该放在php端编码中,而不是放在android appintent.putExtra(PayuConstants.SALT,SALT)中;在这里,他们正在向Nextractive传递盐
<?php
function getHashes($txnid, $amount, $productinfo, $firstname, $email, $user_credentials, $udf1, $udf2, $udf3, $udf4, $udf5,$offerKey,$cardBin)
{
// $firstname, $email can be "", i.e empty string if needed. Same should be sent to PayU server (in request params) also.
$key = 'gtKFFx';
$salt = 'eCwWELxi';
$payhash_str = $key . '|' . checkNull($txnid) . '|' .checkNull($amount) . '|' .checkNull($productinfo) . '|' . checkNull($firstname) . '|' . checkNull($email) . '|' . checkNull($udf1) . '|' . checkNull($udf2) . '|' . checkNull($udf3) . '|' . checkNull($udf4) . '|' . checkNull($udf5) . '||||||' . $salt;
$paymentHash = strtolower(hash('sha512', $payhash_str));
$arr['payment_hash'] = $paymentHash;
$cmnNameMerchantCodes = 'get_merchant_ibibo_codes';
$merchantCodesHash_str = $key . '|' . $cmnNameMerchantCodes . '|default|' . $salt ;
$merchantCodesHash = strtolower(hash('sha512', $merchantCodesHash_str));
$arr['get_merchant_ibibo_codes_hash'] = $merchantCodesHash;
$cmnMobileSdk = 'vas_for_mobile_sdk';
$mobileSdk_str = $key . '|' . $cmnMobileSdk . '|default|' . $salt;
$mobileSdk = strtolower(hash('sha512', $mobileSdk_str));
$arr['vas_for_mobile_sdk_hash'] = $mobileSdk;
$cmnPaymentRelatedDetailsForMobileSdk1 = 'payment_related_details_for_mobile_sdk';
$detailsForMobileSdk_str1 = $key . '|' . $cmnPaymentRelatedDetailsForMobileSdk1 . '|default|' . $salt ;
$detailsForMobileSdk1 = strtolower(hash('sha512', $detailsForMobileSdk_str1));
$arr['payment_related_details_for_mobile_sdk_hash'] = $detailsForMobileSdk1;
//used for verifying payment(optional)
$cmnVerifyPayment = 'verify_payment';
$verifyPayment_str = $key . '|' . $cmnVerifyPayment . '|'.$txnid .'|' . $salt;
$verifyPayment = strtolower(hash('sha512', $verifyPayment_str));
$arr['verify_payment_hash'] = $verifyPayment;
if($user_credentials != NULL && $user_credentials != '')
{
$cmnNameDeleteCard = 'delete_user_card';
$deleteHash_str = $key . '|' . $cmnNameDeleteCard . '|' . $user_credentials . '|' . $salt ;
$deleteHash = strtolower(hash('sha512', $deleteHash_str));
$arr['delete_user_card_hash'] = $deleteHash;
$cmnNameGetUserCard = 'get_user_cards';
$getUserCardHash_str = $key . '|' . $cmnNameGetUserCard . '|' . $user_credentials . '|' . $salt ;
$getUserCardHash = strtolower(hash('sha512', $getUserCardHash_str));
$arr['get_user_cards_hash'] = $getUserCardHash;
$cmnNameEditUserCard = 'edit_user_card';
$editUserCardHash_str = $key . '|' . $cmnNameEditUserCard . '|' . $user_credentials . '|' . $salt ;
$editUserCardHash = strtolower(hash('sha512', $editUserCardHash_str));
$arr['edit_user_card_hash'] = $editUserCardHash;
$cmnNameSaveUserCard = 'save_user_card';
$saveUserCardHash_str = $key . '|' . $cmnNameSaveUserCard . '|' . $user_credentials . '|' . $salt ;
$saveUserCardHash = strtolower(hash('sha512', $saveUserCardHash_str));
$arr['save_user_card_hash'] = $saveUserCardHash;
$cmnPaymentRelatedDetailsForMobileSdk = 'payment_related_details_for_mobile_sdk';
$detailsForMobileSdk_str = $key . '|' . $cmnPaymentRelatedDetailsForMobileSdk . '|' . $user_credentials . '|' . $salt ;
$detailsForMobileSdk = strtolower(hash('sha512', $detailsForMobileSdk_str));
$arr['payment_related_details_for_mobile_sdk_hash'] = $detailsForMobileSdk;
}
// if($udf3!=NULL && !empty($udf3)){
$cmnSend_Sms='send_sms';
$sendsms_str=$key . '|' . $cmnSend_Sms . '|' . $udf3 . '|' . $salt;
$send_sms = strtolower(hash('sha512',$sendsms_str));
$arr['send_sms_hash']=$send_sms;
// }
if ($offerKey!=NULL && !empty($offerKey)) {
$cmnCheckOfferStatus = 'check_offer_status';
$checkOfferStatus_str = $key . '|' . $cmnCheckOfferStatus . '|' . $offerKey . '|' . $salt ;
$checkOfferStatus = strtolower(hash('sha512', $checkOfferStatus_str));
$arr['check_offer_status_hash']=$checkOfferStatus;
}
if ($cardBin!=NULL && !empty($cardBin)) {
$cmnCheckIsDomestic = 'check_isDomestic';
$checkIsDomestic_str = $key . '|' . $cmnCheckIsDomestic . '|' . $cardBin . '|' . $salt ;
$checkIsDomestic = strtolower(hash('sha512', $checkIsDomestic_str));
$arr['check_isDomestic_hash']=$checkIsDomestic;
}
return $arr;
}
function checkNull($value) {
if ($value == null) {
return '';
} else {
return $value;
}
}
$output=getHashes($_POST["txnid"], $_POST["amount"], $_POST["productinfo"], $_POST["firstname"], $_POST["email"], $_POST["user_credentials"], $_POST["udf1"], $_POST["udf2"], $_POST["udf3"], $_POST["udf4"], $_POST["udf5"],$_POST["offerKey"],$_POST["cardBin"]);
echo json_encode($output);
?>
public String getHashes(String key,String txnid, String amount, String productInfo, String firstname, String email,
String user_credentials, String udf1, String udf2, String udf3, String udf4, String udf5, String offerKey,
String cardBin,String salt) {
JSONObject response = new JSONObject();
try {
// sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||SALT)
// hiESPS|7174761030002574230|12|product_info|firstname|xyz@gmail.com|udf1|udf2|udf3|udf4|udf5||||||xXZAKUi8
String ph = checkNull(key) + "|" + checkNull(txnid) + "|" + checkNull(amount) + "|" + checkNull(productInfo)
+ "|" + checkNull(firstname) + "|" + checkNull(email) + "|" + checkNull(udf1) + "|" + checkNull(udf2)
+ "|" + checkNull(udf3) + "|" + checkNull(udf4) + "|" + checkNull(udf5) + "||||||" + salt;
String paymentHash = getSHA(ph);
response.put("payment_hash", paymentHash);
response.put("get_merchant_ibibo_codes_hash", generateHashString("get_merchant_ibibo_codes", user_credentials,key,salt));
response.put("vas_for_mobile_sdk_hash", generateHashString("vas_for_mobile_sdk", user_credentials,key,salt));
response.put("payment_related_details_for_mobile_sdk_hash",
generateHashString("payment_related_details_for_mobile_sdk", user_credentials,key,salt));
//for verify payment (optional)
if (!checkNull(txnid).isEmpty()) {
response.put("verify_payment_hash",
generateHashString("verify_payment", txnid,key,salt));
}
if (!checkNull(user_credentials).isEmpty()) {
response.put("delete_user_card_hash", generateHashString("delete_user_card", user_credentials,key,salt));
response.put("get_user_cards_hash", generateHashString("get_user_cards", user_credentials,key,salt));
response.put("edit_user_card_hash", generateHashString("edit_user_card", user_credentials,key,salt));
response.put("save_user_card_hash", generateHashString("save_user_card", user_credentials,key,salt));
response.put("payment_related_details_for_mobile_sdk_hash",
generateHashString("payment_related_details_for_mobile_sdk", user_credentials,key,salt));
}
// check_offer_status
if (!checkNull(offerKey).isEmpty()) {
response.put("check_offer_status_hash", generateHashString("check_offer_status", offerKey,key,salt));
}
// check_isDomestic
if (!checkNull(cardBin).isEmpty()) {
response.put("check_isDomestic_hash", generateHashString("check_isDomestic", cardBin,key,salt));
}
}catch (Exception e){
}
return response.toString();
}
private String generateHashString(String command, String var1,String key,String salt) {
return getSHA(key + "|" + command + "|" + var1 + "|" + salt);
}
private String checkNull(String value) {
if (value == null) {
return "";
} else {
return value;
}
}
private String getSHA(String str) {
MessageDigest md;
String out = "";
try {
md = MessageDigest.getInstance("SHA-512");
md.update(str.getBytes());
byte[] mb = md.digest();
for (int i = 0; i < mb.length; i++) {
byte temp = mb[i];
String s = Integer.toHexString(new Byte(temp));
while (s.length() < 2) {
s = "0" + s;
}
s = s.substring(s.length() - 2);
out += s;
}
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return out;
}