'%C5%BC' (6 chars) * replacing removing double or more special characters that appear side by side by space from: firstname, lastname, city, street, p_info... */ function encoded_substrParams($string, $from, $to, $special = 0) { $string2 = preg_replace('/(\s{2,}|\.{2,}|@{2,}|\-{2,}|\/{3,} | \'{2,}|\"{2,}|_{2,})/', ' ', $string); $s = html_entity_decode($string2, ENT_QUOTES, 'UTF-8'); $sub = mb_substr($s, $from, $to, 'UTF-8'); $sum = strlen(urlencode($sub)); if ($sum > $to) { $newsize = $to - $special; $sub = mb_substr($s, $from, $newsize, 'UTF-8'); } return trim($sub); } /** * check, remove unnecessary characters and return customer firstname * @return string */ function CheckFirstname($firstName) { //allowed only: letters, digits, spaces, symbols _-.,' $firstName = preg_replace('/[^\w _-]/u', '', $firstName); $firstName1 = html_entity_decode($firstName, ENT_QUOTES, 'UTF-8'); $NewPersonName1 = preg_replace('/[^\p{L}0-9\s\-_]/u', ' ', $firstName1); return encoded_substrParams($NewPersonName1, 0, 49, 24); } /** * check, remove unnecessary characters and return customer lastname * @return string */ function CheckLastname($lastName) { //allowed only: letters, digits, spaces, symbols _-.,' $lastName = preg_replace('/[^\w _-]/u', '', $lastName); $lastName1 = html_entity_decode($lastName, ENT_QUOTES, 'UTF-8'); $NewPersonName2 = preg_replace('/[^\p{L}0-9\s\-_]/u', ' ', $lastName1); return encoded_substrParams($NewPersonName2, 0, 49, 24); } /** * check, remove unnecessary characters and return customer phone * @return string */ function CheckPhone($phone) { $phone = str_replace(' ', '', $phone); $phone = str_replace('+', '', $phone); $NewPhone1 = preg_replace('/[^\+\s0-9\-_]/', '', $phone); return encoded_substrParams($NewPhone1, 0, 19, 6); } /** * check, remove unnecessary characters and return customer city * @return string */ function CheckCity($city) { //allowed only: letters, digits, spaces, symbols _-.,' $city = preg_replace('/[^.\w \'_-]/u', '', $city); $city1 = html_entity_decode($city, ENT_QUOTES, 'UTF-8'); return encoded_substrParams($city1, 0, 49, 24); } /** * check, remove unnecessary characters and return customer postcode * @return string */ function CheckPostcode($postcode, $country = null) { if (empty($postcode)) { return $postcode; } if (preg_match('/^\d{2}\-\d{3}$/', $postcode) == 0 && strtolower($country == 'pl')) { $postcode = str_replace('-', '', $postcode); $postcode = substr($postcode, 0, 2) . '-' . substr($postcode, 2, 3); } $NewPostcode1 = preg_replace('/[^\d\w\s\-]/', '', $postcode); return encoded_substrParams($NewPostcode1, 0, 19, 6); } /** * check, remove unnecessary characters and return customer country * @return string */ function CheckCountry($country) { if (preg_match('/^[a-zA-Z]{2,3}$/', trim($country)) == 0) { $country_check = null; } else { $country_check = trim($country); } return strtoupper($country_check); } /** * check, remove unnecessary characters and return customer street * @return string */ function CheckStreet($street) { //allowed only: letters, digits, spaces, symbols _-.,' $street = preg_replace('/[^.\w \'_-]/u', '', $street); $street1 = html_entity_decode($street, ENT_QUOTES, 'UTF-8'); return encoded_substrParams($street1, 0, 99, 50); } /** * check, remove unnecessary characters and return customer street_n1 - building number * @return string */ function CheckStreetN1($street_n1) { //allowed only: letters, digits, spaces, symbols _-.,' $street_n1 = preg_replace('/[^\p{L}0-9\s\-_\/]/u', '', $street_n1); $street1_n1 = html_entity_decode($street_n1, ENT_QUOTES, 'UTF-8'); return encoded_substrParams($street1_n1, 0, 29, 24); } /** * check, remove unnecessary characters and return customer street_n2 - flat number. * @return string */ function CheckStreetN2($street_n2) { //allowed only: letters, digits, spaces, symbols _-.,' $street_n2 = preg_replace('/[^\p{L}0-9\s\-_]/u', '', $street_n2); $street1_n2 = html_entity_decode($street_n2, ENT_QUOTES, 'UTF-8'); return encoded_substrParams($street1_n2, 0, 29, 24); } /** * Return array of languages that are accepted by Dotpay * @return array */ function getAcceptLang() { return array( 'pl', 'en', 'de', 'it', 'fr', 'es', 'cz', 'cs', 'ru', 'hu', 'ro', 'uk', 'lt', 'lv', 'sk' ); } /** * Return array of Curriences that are accepted by Dotpay * @return array */ function getAcceptCurrency() { return array( 'EUR', 'USD', 'GBP', 'JPY', 'CZK', 'SEK', 'UAH', 'RON', 'PLN', 'NOK', 'BGN', 'CHF', 'HRK', 'HUF', 'RUB' ); } /** * Return payment language name * @return string */ function CheckPaymentLang($language) { $f_dotpay_lang = ''; if (is_string($language)) { $languageArray = explode('-', $language); if (isset($languageArray[0])) { $languageLower = strtolower($languageArray[0]); $f_dotpay_lang = $languageLower; } } if ($f_dotpay_lang == 'pl') { $dotpay_lang = 'pl'; } elseif (!in_array($languageLower, getAcceptLang())) { $dotpay_lang = 'en'; } else { $dotpay_lang = $languageLower; } return $dotpay_lang; } /** * Check a currency code by comparing allowed ( getAcceptCurrency() function) * @param string $currency Currency code * return false when the given currency code is incorrect */ function CheckPaymentCurrency($currency) { $currency = strtoupper($currency); if (!in_array($currency, getAcceptCurrency())) { $dotpay_currency = false; } else { $dotpay_currency = (string) $currency; } return $dotpay_currency; } /** * Convert original amount using a dot as a decimal place regardless of the locale. * @param float $amount * @return string * */ function normalizeDecimalAmount($val) { $input = str_replace(' ', '', $val); $number = str_replace(',', '.', $input); if (strpos($number, '.')) { $groups = explode('.', str_replace(',', '.', $number)); $lastGroup = array_pop($groups); $number = implode('', $groups) . '.' . $lastGroup; } return bcadd($number, 0, 2); } // ** ----------------------- SAMPLE DATA ------------------------- **/ /* ## SAMPLE PAYMENT DATA IN ## Note! You can use more parameters if You need. Case sensitive in parameter names is important ! You must give at least: 'amount', 'currency', 'description' (and of course ID and PIN in the configuration of this script) see more: https://www.dotpay.pl/developer/doc/api_payment/en/index.html#tabela-1-podstawowe-parametry-przesylane-do-serwisu-dotpay and: https://www.dotpay.pl/developer/doc/api_payment/en/index.html#tabela-2-dodatkowe-parametry-przesylane-do-serwisu-dotpay Filters were used to remove forbidden characters entered e.g. in the address by the payer from specific parameters. */ /* Important! All values should be string. If you use a variable here, put a declaration (string) before the value. Other values should be enclosed in quotation marks, especially numerical ones. */ $ParametersArray = array( "id" => (string) $DotpayId, "api_version" => "next", // !important "amount" => (string) normalizeDecimalAmount($order_amount), "currency" => (string) CheckPaymentCurrency($order_currency), "description" => (string) $dp_description, "url" => (string) $dp_url, "type" => (string) $dp_type, "urlc" => (string) $dp_urlc, "control" => (string) $dp_control, "firstname" => (string) CheckFirstname($payer_firstname), "lastname" => (string) CheckLastname($payer_lastname), "email" => (string) $payer_email, "street" => (string) CheckStreet($payer_street), "street_n1" => (string) CheckStreetN1($payer_street_n1), "street_n2" => (string) CheckStreetN2($payer_street_n2), "city" => (string) CheckCity($payer_city), "postcode" => (string) CheckPostcode($payer_postcode, strtolower($payer_lang)), "phone" => (string) CheckPhone($payer_phone), "country" => (string) CheckCountry($payer_country), "lang" => (string) CheckPaymentLang($payer_lang), "ignore_last_payment_channel" => (string) $dp_last_channel ); /* ### SAMPLE CUSTOMER DATA IN with delivery address (optional) ### You can remove it if You don't need it */ // ------ $customer = array( "payer" => array( "first_name" => CheckFirstname($payer_first_name), "last_name" => CheckLastname($payer_last_name), "email" => $payer_email ), "order" => array( "delivery_address" => array( "city" => CheckCity($customer_city), "street" => (string) CheckStreet($customer_street), "building_number" => (string) CheckStreetN1($customer_building), "postcode" => (string) CheckPostcode($customer_postcode) ) ) ); if (empty($customer) || !isset($customer['payer']['first_name']) || !isset($customer['payer']['last_name']) || !isset($customer['payer']['email']) || !isset($customer['order']['delivery_address']['city']) || !isset($customer['order']['delivery_address']['street']) || !isset($customer['order']['delivery_address']['building_number']) || !isset($customer['order']['delivery_address']['postcode'])) { $customer_base64 = null; } else { $customer_base64 = base64_encode(json_encode($customer, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES)); } if ($customer_base64 != null) { $ParametersArray["customer"] = $customer_base64; } // ** ----------------------- SAMPLE DATA end ------------------------- **/ // if you do not know what configuration is on your account, add this parameter safely if(!(isset($ParametersArray['api_version']) && $ParametersArray['api_version'] == "next")){ $ParametersArray['api_version'] = "next"; } ## function: counts the checksum from the defined array of all parameters function GenerateChk($DotpayPin, $ParametersArray) { //sorting the parameter list ksort($ParametersArray); // Display the semicolon separated list $paramList = implode(';', array_keys($ParametersArray)); //adding the parameter 'paramList' with sorted list of parameters to the array $ParametersArray['paramsList'] = $paramList; //re-sorting the parameter list ksort($ParametersArray); //json encoding $json = json_encode($ParametersArray, JSON_UNESCAPED_SLASHES); return hash_hmac('sha256', $json, $DotpayPin, false); } ## Function: Generate simple FORM to DOTPAY function GenerateChkDotpayRedirection($DotpayPin, $Environment, $RedirectionMethod, $ParametersArray, $next_chk, $autosubmit) { //$ParametersArray = array_change_key_case($ParametersArray, CASE_LOWER); if ($Environment == 'production') { $EnvironmentAddress = 'https://ssl.dotpay.pl/t2/'; } elseif ($Environment == 'test') { $EnvironmentAddress = 'https://ssl.dotpay.pl/test_payment/'; } if ($RedirectionMethod == 'POST') { $RedirectionCode = '
' . PHP_EOL; foreach ($ParametersArray as $key => $value) { $RedirectionCode .= "\t" . '' . PHP_EOL; } $RedirectionCode .= "\t" . '' . PHP_EOL; $RedirectionCode .= '
' . PHP_EOL . '' . PHP_EOL; //auto submit form if ($autosubmit == true) { $RedirectionCode .= ""; } return $RedirectionCode; } elseif ($RedirectionMethod == 'GET') { $RedirectionCode = $EnvironmentAddress . '?'; foreach ($ParametersArray as $key => $value) { $RedirectionCode .= $key . '=' . rawurlencode($value) . '&'; } $RedirectionCode .= 'chk=' . $next_chk; return 'Link to Pay'; } else { return 'configuration error'; } } #### // Calculate checksum for 'chk' parameter: $next_chk = GenerateChk($DotpayPin, $ParametersArray); /* Print the form according to the settings: get form (POST method) or payment link (GET method) ("account PIN","[test|production]","[POST|GET]","payment data","chk_value","[true|false]") */ if (CheckPaymentCurrency($order_currency) != false) { echo GenerateChkDotpayRedirection($DotpayPin, $Environment, $RedirectionMethod, $ParametersArray, $next_chk, $autosubmit); } else { echo "The currency of the payment you want to use (" . $order_currency . ") is not allowed in the Dotpay system!"; } ?>