Hi Jacques1, many thanks
When you say "your service", is it web service which I use, isn't it ?
So this web service provided us by our supplier.
So I can not any control this web service : I must ask to change to our provider ?
Or I must add something in my script ?
What is a nonce ? It means a token ?
Where can I put this token ?
I can create a unique/single token with "microtime" + order number, is it right ?
Before "curl_close" line 84?
Here is my code :
include 'includes/info.php';
include 'includes/functions.php';
$micro_date = microtime();
$date_array = explode(" ",$micro_date);
$nowDate = date("Y_m_d__H_i_s__",$date_array[1]);
define('KEY_SECRET', $key_shared_secret);
function verify_webHk($dataIn, $hmac_header)
{
$calculated_hmac = base64_encode(hash_hmac('sha256', $dataIn, KEY_SECRET, true));
return ($hmac_header == $calculated_hmac);
}
$hmac_header = $_SERVER['HTTP_X_HMAC_SHA256'];
$dataIn;
$dataIn = file_get_contents('php://input');
$verified = verify_webHk($dataIn, $hmac_header);
$dataInDecode = json_decode($dataIn);
$dataInDecodeArray = json_decode($dataIn, true);
$nowDateFile = date("Ymd");
$orderNumber = $dataInDecodeArray['orderNumberJsn'];
$logFileName = '\sent_response_' . $orderNumber . '_' . $nowDateFile. '.txt';
$logFileNameConnexion = '\error_connexion_' . $orderNumber . '_' . $nowDateFile. '.txt';
$orderNumber = $dataInDecode->orderNumberJsn;
foreach ($dataInDecode->lineItems as $objProd)
{
switch($objProd->trader)
{
case 'TraderPeekABoo' :
$errorNumberCurl = NULL;
$errorTitleCurl = NULL;
$searchID = funcFind(array("*-","--","=="),$objProd->nsm);
$productID = $searchID[0];
$priceItems = $objProd->priceItems;
$pricesTaxs = (array)$objProd->taxLines;
$tax1st = !empty($pricesTaxs[0]) ? $pricesTaxs[0]->priceItems : 0.00;
$tax2nd = !empty($pricesTaxs[1]) ? $pricesTaxs[1]->priceItems : 0.00;
$total = $priceItems + $tax1st + $tax2nd ;
$commandXML = '<?xml version="1.0" encoding="utf-8"?>
<command>
<traderId>' . $orderNumber . '</traderId>';
$commandXML .= '<commandItem>
<faceValue>' . number_format($total, 2, '.', '')*100 . '</faceValue> ';
$commandXML .= '</commandItem></command>';
$urlWS = $url . $productID. '?account=' . $account . '&key=' . $key ;
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $urlWS);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query(array('xml' => $commandXML)));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$dataOut = curl_exec($curl);
$infoOut = curl_getinfo($curl);
$logData = "\r\n" .'Information transfer :'. "\r\n" . serialize($infoOut) . "\r\n" .'result :'."\n". $dataOut. "\r\n";
if(curl_errno($curl))
{
$errorNumberCurl = curl_errno($curl);
$errorTitleCurl = curl_error($curl);
}
curl_close($curl);
if($errorNumberCurl)
{
$dataLogError = "\r\n" .'CURL\'S Error number: "' . $errorNumberCurl . '" and Error info: "'. $errorTitleCurl. '"'."\r\n";
file_put_contents($logDirectory.$logFileNameConnexion, $dataLogError, FILE_APPEND | LOCK_EX);
}
file_put_contents($logDirectory.$logFileName, $logData, FILE_APPEND | LOCK_EX);
break;
default:
// echo '<p>NOTHING</p>';
break;
}
}
exit();