Ok the original module is attached (added .txt to the extension to allow it to pass the upload filters). The only difference between it and the one I am currently using is the addition of 1/2 dozen lines of debug.
Here's the troublesome fragment right from the top of the file (without the includes showing:
Code:$payment_modules = new payment($payment); reset($_POST); $post_2 = array(); //echo ("<p>DEBUG</p>\n"); //echo ("<p>CPI POST Return Values</p><ul>\n"); while( list( $k, $v ) = each( $_POST ) ) { if ($k != 'OrderHash') { $post_2[$k] = $v; //echo ("<li>$k = $v</li>\n"); } } //echo ("</ul>\n"); //die("Script stopped for debugging"); $order_hash=$_POST['OrderHash']; $hsbc=$GLOBALS['hsbc']; $hash=$hsbc->getHash($post_2); if ($order_hash!=$hash) die ("Hacking attempt!");
Bookmarks