1. Don't change the PHP code to use $_POST until AFTER you've found out how to get the gateway to send POST responses. (That means you have to talk to their tech staff, to determine if they offer that, and then find out how to enable it.)
This change to POST is only a recommendation for things being more secure. If the gateway doesn't support it, then it's moot and you'll have to live with it.
2. The response you posted above shows a field "mac=YKfmtHTfrjI2MjPgtRDjaPHjYWQxODgtMNGpekk4MjA%253D" ... which is longer than the 43 characters I mentioned that application_top is protecting against.
So,edit /includes/application_top.php by adding the highlighted change:
Code:
$len = (in_array($key, array('zenid', 'error_message', 'mac', 'payment_error'))) ? 255 : 43;
Bookmarks