0 && $_GET[“vpc_TxnResponseCode”] != “7” && $_GET[“vpc_TxnResponseCode”] != “No Value Returned”) {

$md5HashData = $SECURE_SECRET;

// sort all the incoming vpc response fields and leave out any with no value
foreach($_GET as $key => $value) {
if ($key != “vpc_SecureHash” or strlen($value) > 0) {
$md5HashData .= $value;
}
}

// Validate the Secure Hash (remember MD5 hashes are not case sensitive)
// This is just one way of displaying the result of checking the hash.
// In production, you would work out your own way of presenting the result.
// The hash check is all about detecting if the data has changed in transit.
if (strtoupper($vpc_Txn_Secure_Hash) == strtoupper(md5($md5HashData))) {
// Secure Hash validation succeeded, add a data field to be displayed
// later.
$hashValidated = “CORRECT“;
} else {
// Secure Hash validation failed, add a data field to be displayed
// later.
$hashValidated = “INVALID HASH“;
$errorExists = true;
}
} else {
// Secure Hash was not validated, add a data field to be displayed later.
$hashValidated = “Not Calculated – No ‘SECURE_SECRET’ present.“;
}

// Define Variables
// —————-
// Extract the available receipt fields from the VPC Response
// If not present then let the value be equal to ‘No Value Returned’

// Standard Receipt Data
$amount = null2unknown($_GET[“vpc_Amount”]);
$locale = null2unknown($_GET[“vpc_Locale”]);
$batchNo = null2unknown($_GET[“vpc_BatchNo”]);
$command = null2unknown($_GET[“vpc_Command”]);
$message = null2unknown($_GET[“vpc_Message”]);
$version = null2unknown($_GET[“vpc_Version”]);
$cardType = null2unknown($_GET[“vpc_Card”]);
$orderInfo = null2unknown($_GET[“vpc_OrderInfo”]);
$receiptNo = null2unknown($_GET[“vpc_ReceiptNo”]);
$merchantID = null2unknown($_GET[“vpc_Merchant”]);
$authorizeID = null2unknown($_GET[“vpc_AuthorizeId”]);
$merchTxnRef = null2unknown($_GET[“vpc_MerchTxnRef”]);
$transactionNo = null2unknown($_GET[“vpc_TransactionNo”]);
$acqResponseCode = null2unknown($_GET[“vpc_AcqResponseCode”]);
$txnResponseCode = null2unknown($_GET[“vpc_TxnResponseCode”]);

// 3-D Secure Data
$verType = array_key_exists(“vpc_VerType”, $_GET) ? $_GET[“vpc_VerType”] : “No Value Returned”;
$verStatus = array_key_exists(“vpc_VerStatus”, $_GET) ? $_GET[“vpc_VerStatus”] : “No Value Returned”;
$token = array_key_exists(“vpc_VerToken”, $_GET) ? $_GET[“vpc_VerToken”] : “No Value Returned”;
$verSecurLevel = array_key_exists(“vpc_VerSecurityLevel”, $_GET) ? $_GET[“vpc_VerSecurityLevel”] : “No Value Returned”;
$enrolled = array_key_exists(“vpc_3DSenrolled”, $_GET) ? $_GET[“vpc_3DSenrolled”] : “No Value Returned”;
$xid = array_key_exists(“vpc_3DSXID”, $_GET) ? $_GET[“vpc_3DSXID”] : “No Value Returned”;
$acqECI = array_key_exists(“vpc_3DSECI”, $_GET) ? $_GET[“vpc_3DSECI”] : “No Value Returned”;
$authStatus = array_key_exists(“vpc_3DSstatus”, $_GET) ? $_GET[“vpc_3DSstatus”] : “No Value Returned”;

// *******************
// END OF MAIN PROGRAM
// *******************

// FINISH TRANSACTION – Process the VPC Response Data
// =====================================================
// For the purposes of demonstration, we simply display the Result fields on a
// web page.

// Show ‘Error’ in title if an error condition
$errorTxt = “”;

// Show this page as an error page if vpc_TxnResponseCode equals ‘7’
if ($txnResponseCode == “7” || $txnResponseCode == “No Value Returned” || $errorExists) {
$errorTxt = “Error “;
}

// This is the display title for ‘Receipt’ page
$title = $_GET[“Title”];

// The URL link for the receipt to do another transaction.
// Note: This is ONLY used for this example and is not required for
// production code. You would hard code your own URL into your application
// to allow customers to try another transaction.
//TK//$againLink = URLDecode($_GET[“AgainLink”]);

?>


<?=$title?> – <?=$errorTxt?>Response Page





Response Page

Command:
Merchant Transaction Reference:
Merchant ID:
Order Information:
Purchase Amount:
Fields above are the request values returned.


Fields below are the response fields for a Standard Transaction.
VPC Transaction Response Code:
Transaction Response Code Description:
Message:
Receipt Number:
Transaction Number:
Acquirer Response Code:
Bank Authorization ID:
Batch Number:
Card Type:

 Hash Validation

Hash Validated Correctly: