Documentation Menu
PHP Redirect Version 4
route.php
checkingout.php
successpage.php
failpage.php
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head><title>Cardlink shop demo</title>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

<link href="../css/vpos.css" rel="stylesheet" type="text/css" />
	
	<script type="text/javascript">

		function send_tran() {
			
			var frm = document.getElementById('shopform1');
			frm.style.visibility="hidden";
			frm.submit();
			
		}
		</script>
</head>
<body onload="send_tran();">

	<?php
	
	if (isset($_GET['act']) && $_GET['act'] == "send") {
		
		$form_data = "";
		$form_data_array = array();
		
		$form_version = "4";										$form_data_array[1] = $form_version;				//Required Parameter
		$form_mid = $_POST['mid'];									$form_data_array[2] = $form_mid;					//Required Parameter
		$form_lang = $_POST['lang'];								$form_data_array[3] = $form_lang;					//Optional Parameter
		$form_device_cate = ""; /*$_POST[''];*/						$form_data_array[4] = $form_device_cate;			//Optional Parameter
		$form_order_id = $_POST['orderid'];							$form_data_array[5] = $form_order_id;				//Required Parameter
		$form_order_desc = $_POST['orderDesc'];						$form_data_array[6] = $form_order_desc;				//Optional Parameter
		$form_order_amount = $_POST['orderAmount'];					$form_data_array[7] = $form_order_amount;			//Required Parameter
		$form_currency = $_POST['currency'];						$form_data_array[8] = $form_currency;				//Required Parameter
		$form_email = $_POST['payerEmail'];							$form_data_array[9] = $form_email;					//Required Parameter
		$form_phone = $_POST['payerPhone'];							$form_data_array[10] = $form_phone;					//Optional Parameter
		$form_bill_country = $_POST['billCountry'];					$form_data_array[11] = $form_bill_country;			//Optional Parameter
		$form_bill_state = $_POST['billState'];						$form_data_array[12] = $form_bill_state;			//Optional Parameter
		$form_bill_zip = $_POST['billZip'];							$form_data_array[13] = $form_bill_zip;				//Optional Parameter
		$form_bill_city = $_POST['billCity'];						$form_data_array[14] = $form_bill_city;				//Optional Parameter
		$form_bill_addr = $_POST['billAddress'];					$form_data_array[15] = $form_bill_addr;				//Optional Parameter
		$form_weight = $_POST['weight'];							$form_data_array[16] = $form_weight;				//Optional Parameter
		$form_dimension = $_POST['dimensions'];						$form_data_array[17] = $form_dimension;				//Optional Parameter
		$form_ship_counrty = $_POST['shipCountry'];					$form_data_array[18] = $form_ship_counrty;			//Optional Parameter
		$form_ship_state = $_POST['shipState'];						$form_data_array[19] = $form_ship_state;			//Optional Parameter
		$form_ship_zip = $_POST['shipZip'];							$form_data_array[20] = $form_ship_zip;				//Optional Parameter
		$form_ship_city = $_POST['shipCity'];						$form_data_array[21] = $form_ship_city;				//Optional Parameter
		$form_ship_addr = $_POST['shipAddress'];					$form_data_array[22] = $form_ship_addr;				//Optional Parameter
		$form_add_fraud_score = $_POST['addFraudScore'];			$form_data_array[23] = $form_add_fraud_score;		//Optional Parameter
		$form_max_pay_retries = $_POST['maxPayRetries'];			$form_data_array[24] = $form_max_pay_retries;		//Optional Parameter
		$form_reject3dsU = $_POST['reject3dsU'];					$form_data_array[25] = $form_reject3dsU;			//Optional Parameter
		$form_pay_method = $_POST['payMethod'];						$form_data_array[26] = $form_pay_method;			//Optional Parameter
		$form_trytpe = $_POST['trType'];							$form_data_array[27] = $form_trytpe;				//Optional Parameter
		$form_ext_install_offset = $_POST['extInstallmentoffset'];	$form_data_array[28] = $form_ext_install_offset;	//Optional Parameter
		$form_ext_install_period = $_POST['extInstallmentperiod'];	$form_data_array[29] = $form_ext_install_period;	//Optional Parameter
		$form_ext_reccuring_freq = $_POST['extRecurringfrequency'];	$form_data_array[30] = $form_ext_reccuring_freq;	//Optional Parameter
		$form_ext_reccuring_enddate = $_POST['extRecurringenddate'];$form_data_array[31] = $form_ext_reccuring_enddate;	//Optional Parameter
		$form_block_score = $_POST['blockScore'];					$form_data_array[32] = $form_block_score;			//Optional Parameter
		$form_cssurl = $_POST['cssUrl'];							$form_data_array[33] = $form_cssurl;				//Optional Parameter
		$form_confirm_url = $_POST['confirmUrl'];					$form_data_array[34] = $form_confirm_url;			//Required Parameter
		$form_cancel_url = $_POST['cancelUrl'];						$form_data_array[35] = $form_cancel_url;			//Required Parameter
		$form_extXOrderId = $_POST['extXOrderId'];					$form_data_array[36] = $form_extXOrderId;			//Optional Parameter
		$form_extTokenOptions = $_POST['extTokenOptions'];			$form_data_array[37] = $form_extTokenOptions;		//Optional Parameter
		$form_extToken = $_POST['extToken'];						$form_data_array[38] = $form_extToken;				//Optional Parameter
		$form_var1 = $_POST['var1'];								$form_data_array[39] = $form_var1;					//Optional Parameter
		$form_var2 = $_POST['var2'];								$form_data_array[40] = $form_var2;					//Optional Parameter	
		$form_var3 = $_POST['var3'];								$form_data_array[41] = $form_var3;					//Optional Parameter
		$form_var4 = $_POST['var4'];								$form_data_array[42] = $form_var4;					//Optional Parameter
		$form_var5 = $_POST['var5'];								$form_data_array[43] = $form_var5;					//Optional Parameter
		$form_var6 = $_POST['var6'];								$form_data_array[44] = $form_var6;					//Optional Parameter
		$form_var7 = $_POST['var7'];								$form_data_array[45] = $form_var7;					//Optional Parameter
		$form_var8 = $_POST['var8'];								$form_data_array[46] = $form_var8;					//Optional Parameter
		$form_var9 = $_POST['var9'];								$form_data_array[47] = $form_var9;					//Optional Parameter
		
		foreach ($form_data_array as &$value) {
			if($value!=""){
				$form_data=$form_data.$value.";";
			}
		}
		
// $private_key: Merchant's private key for the RSA with SHA2-256 calculation
		$private_key = <<<EOD
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDaX7Jd16os2Mti
cXHXGjanQ3fDSwwoRRhVWi12+SiFDMVBpBwZEGdmHopO5cpSGptFxeau7HqGfSaq
5NoI01pbf/OPFpstO4mSlIBj2OO9wzcW2yNeAQjzycEQmgNr1UQACUmXsNzBZZ2m
rcddkdRpxfHPaZx+GIYMdemFY7G0yBXsG0Dq+3hi9kqyGYlAN3PFsqCEdwD3H8qd
5UKz4wKEYhuqhKBZZoGBBUQZt7X9plwdMoZhtqbJIJTpda5Og/yNxkSjiTQrOMnt
vSl5dAQ8dGxoFaKAdvaE09eqt0F6RI76qyUU3B0PKBVB/kIYhvFSvJtef6a8fF4S
y56VOMptAgMBAAECggEBAM9tj1Qsg21OEQNVlzknoTqIj75mDwpBd7e7jOwyCBc5
5jVP2ZDFUDJkWCRRijkrJMrGDTWjU09kmdJCyAkSGgZIJ+aHJqd0ol0lyj8NymZ6
hF2lkpa8jPBleIp4gT9wuMMAD3OTgF4EVBf7giCTYR2H9QV74Da2vL4hUsxtwmNg
2jQjjHTsVA/ESjiyGveh1X6+GV6CsTZsoAWLlOhuDHiOMuOXDBmn9JjArFsl2W4X
yrtrDx68nVdPdIH2LzIrBzqRG6tB9RpNQNWGs/IxuEUG07fLMGzQiureOTUm/ybt
ZrO9Ab59tzWXCFXHljsGJu9SnZuPNOT0L8PuJIxKOIECgYEA9w6hdFaVr0HMnQtX
ndtZQfiqNnQMymV0mR9gtyw20/krOW5yt7WqhrzzTB72m4bsm27Yz3Dn0jfhQ1h5
zyihrT+FGeF6jS6+Hr3FXFyMizxH9AZPl13UmZo1fKxeoL+sE5PppFE9Qlsz0TBp
2phlVjzLI7i3KOu8Hyzt/rafZDkCgYEA4kdFMSHTQGLounpPauKaVi8v9TjyFdST
qSuQ0pMG4R9xuZ0x52L081goYmxo4jDo7P+m3iHDFdJqg+D7aAVay4Hv0PGKIq8G
vOAXm6mnXBaIMDVMnTRtqRynDoo2qKp9UU2Sv4D0L6Zbm9axDxMvqXCa8Lz5Kbnh
zJufUAwzn9UCgYEAkboGkDn2Zv8X81ZaYxmcZ6aGuEHxvXzkruFsSf+Bg71IusKk
ViqJIJrZo//rlMecTv6uUoYVp9EgRXott30PCMMb/q0afaahrD5h6N4KZKK1CoKi
dfV5zvTAMf72fjkxBgdMXIky6i4jvXOiLLeRprGLXVG6cB/EwlrdM06DbDkCgYBc
TdJt3mx8gVyKZUZsRY/LxGf90oL+YL7zbXAgVhWiU99iZjtrNjTR545hx/NpAaai
tw7s4jzgc/s7XNVxc228Qn7/buh4iYloFsnKmARLTm2zrKpaHn71U1jaV4tAdnu0
ZL6OHB6AKY6JHaUQjzUMG4E43v2NBeSUQI9WagPNGQKBgDj5qk4Jauy8zg/IBkXD
eJsgwGrMH7o1vj2Uhcd2K2NrxO3qRaJitNXH+cso836/Ez///kdepX3hQ3gKZS7i
aGhDFF3r0LU2OmskhoDSyhzVlCgsXbW1skFwL3Y161uYHwgpkFqrAODONXLu3PBd
S8jJbKkA3lQnmCCbET3NLfIV
-----END PRIVATE KEY-----
EOD;

$binary_signature = "";
$algo = "SHA256";
openssl_sign($form_data, $binary_signature, $private_key, $algo);

$signature=base64_encode($binary_signature);

		$send_it_2 = "...";
		
		?>
		<form id="shopform1" name="demo" method="POST" action="<?php  echo $send_it_2 ?>" accept-charset="UTF-8" >
		<input type="hidden" name="version" value="4"/>
			<input type="hidden" name="mid" value="<?php  echo $form_mid ?>"/>
			<input type="hidden" name="lang" value="<?php echo $form_lang ?>"/>
			<input type="hidden" name="deviceCategory" value="<?php  echo $form_device_cate ?>"/>
			<input type="hidden" name="orderid" value="<?php  echo $form_order_id ?>"/>
			<input type="hidden" name="orderDesc" value="<?php  echo $form_order_desc ?>"/>
			<input type="hidden" name="orderAmount" value="<?php  echo $form_order_amount ?>"/>
			<input type="hidden" name="currency" value="<?php  echo $form_currency ?>"/>
			<input type="hidden" name="payerEmail" value="<?php  echo $form_email ?>"/>
			<input type="hidden" name="payerPhone" value="<?php  echo $form_phone ?>"/>
			<input type="hidden" name="billCountry" value="<?php  echo $form_bill_country ?>"/>
			<input type="hidden" name="billState" value="<?php  echo $form_bill_state ?>"/>
			<input type="hidden" name="billZip" value="<?php  echo $form_bill_zip ?>"/>
			<input type="hidden" name="billCity" value="<?php  echo $form_bill_city ?>"/>
			<input type="hidden" name="billAddress" value="<?php  echo $form_bill_addr ?>"/>
			<input type="hidden" name="weight" value="<?php  echo $form_weight ?>"/>
			<input type="hidden" name="dimensions" value="<?php  echo $form_dimension ?>"/>
			<input type="hidden" name="shipCountry" value="<?php  echo $form_ship_counrty ?>"/>
			<input type="hidden" name="shipState" value="<?php  echo $form_ship_state ?>"/>
			<input type="hidden" name="shipZip" value="<?php  echo $form_ship_zip ?>"/>
			<input type="hidden" name="shipCity" value="<?php  echo $form_ship_city ?>"/>
			<input type="hidden" name="shipAddress" value="<?php  echo $form_ship_addr ?>"/>
			<input type="hidden" name="addFraudScore" value="<?php  echo $form_add_fraud_score ?>"/>
			<input type="hidden" name="maxPayRetries" value="<?php  echo $form_max_pay_retries ?>"/>
			<input type="hidden" name="reject3dsU" value="<?php  echo $form_reject3dsU ?>"/>
			<input type="hidden" name="payMethod" value="<?php  echo $form_pay_method ?>"/>
			<input type="hidden" name="trType" value="<?php  echo $form_trytpe ?>"/>
			<input type="hidden" name="extInstallmentoffset" value="<?php  echo $form_ext_install_offset ?>"/>
			<input type="hidden" name="extInstallmentperiod" value="<?php  echo $form_ext_install_period ?>"/>
			<input type="hidden" name="extRecurringfrequency" value="<?php  echo $form_ext_reccuring_freq ?>"/>
			<input type="hidden" name="extRecurringenddate" value="<?php  echo $form_ext_reccuring_enddate ?>"/>
			<input type="hidden" name="blockScore" value="<?php  echo $form_block_score ?>"/>
			<input type="hidden" name="cssUrl" value="<?php  echo $form_cssurl ?>"/>
			<input type="hidden" name="confirmUrl" value="<?php  echo $form_confirm_url ?>"/>
			<input type="hidden" name="cancelUrl" value="<?php  echo $form_cancel_url ?>"/>
			<input type="hidden" name="extXOrderId" value="<?php  echo $form_extXOrderId ?>"/>
			<input type="hidden" name="extTokenOptions" value="<?php  echo $form_extTokenOptions ?>"/>
			<input type="hidden" name="extToken" value="<?php  echo $form_extToken ?>"/>
			<input type="hidden" name="var1" value="<?php  echo $form_var1 ?>"/>
			<input type="hidden" name="var2" value="<?php  echo $form_var2 ?>"/>
			<input type="hidden" name="var3" value="<?php  echo $form_var3 ?>"/>
			<input type="hidden" name="var4" value="<?php  echo $form_var4 ?>"/>
			<input type="hidden" name="var5" value="<?php  echo $form_var5 ?>"/>
			<input type="hidden" name="var6" value="<?php  echo $form_var6 ?>"/>
			<input type="hidden" name="var7" value="<?php  echo $form_var7 ?>"/>
			<input type="hidden" name="var8" value="<?php  echo $form_var8 ?>"/>
			<input type="hidden" name="var9" value="<?php  echo $form_var9 ?>"/>
			<input type="hidden" name="signature" value="<?php  echo $signature ?>"/>
		</form>		
		
		</body>
		</html>		
		
	<?php
	} 
	
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Cardlink Demo Shop</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link href="styles/style1.css" rel="stylesheet" type="text/css" />

	<script type="text/javascript">

		function acceptance() {
			var accept_btn = document.getElementById('accbtn').checked;
			var form_post = document.getElementById('demo');
			if (accept_btn) 
			{ 
				form_post.submit();
			} else {
				alert("Please accept the Terms of use (I Agree)");
			}
		}
		</script>

</head>
	<body>
	
</?php
        $amount_2_send = rand(1,5).".".rand(0,99);
        $prod_array = array("Prod 1","Prod 2","Prod 3","Prod 4","Prod 5","Prod 6","Prod 7","Prod 8","Prod 9","Prod 10","Prod 11","Prod 12","Prod 13","Prod 14","Prod 15","Prod 16","Prod 17","Prod 18","Prod 19");
		$prod_id = rand(0,count($prod_array));
		$prod_2_display = $prod_array[$prod_id];
		$order_id = rand(0,99).date("YmdHms")

?>


		<h2><img src="images/Caldlink logo.png" width="701" height="170" alt="cardlink logo"></h2>
		<form name="demo" id="demo" method="POST" action="./route.php?act=send" accept-charset="UTF-8" >
		<table align="center">
		

		<tr>
		
		<td> </td>
		</tr>
		<tr>

		<tr>
		<td>Language</td><td>
		<select name="lang">
		<option value="" selected="selected">None</option>
		<option value="el">Greek</option>
		<option value="en">English</option>
		</select>
		</tr>
		<tr>
		<tr>
		<td>Merchant id</td><td>
			<input type="text" name="mid" size="10" value=""/>
		</td>
		</tr>
		<tr>
		
		<td>Order id</td>lt;td><input type="text" name="orderid" size="60" value="<?php echo $order_id ?>"/></td>
		
		</tr>
		<tr>
		<td>Order description</td><td><input type="text" size="50" maxlength="128" name="orderDesc" value="<?php echo $prod_2_display; ?>"/><td>
		</tr>
		
		<tr>
		<td>Amount</td><td><input type="text" name="orderAmount" value="<?php echo $amount_2_send; ?>"/></td>
		</tr>
		<tr>
		<td>Currency</td><td>
		<select name="currency">
		<option value="EUR" selected="selected">EUR</option>
		<option value="USD">USD</option>
		<option value="GBP">GBP</option>
		</select>
		</td>
		</tr>
		<tr>
		<td>Payer Email </td><td><input type="text" name="payerEmail" size="35" maxlength="64" value="your@email.gr"/></td>
		</tr>
		<tr>
		<td>Payer phone</td><td><input type="text" name="payerPhone" size="25" maxlength="30" value=""/></td>
		</tr>
		<tr>
		<td>Payment Method</td><td>
		<select name="payMethod">
		<option value="">No pre selection</option>
		<option value="visa">Visa</option>
		<option value="visaElectron">Visa Electron</option>
		<option value="mastercard">Mastercard</option>
		<option value="maestro">Maestro</option>
		</select>
		</tr>
		<tr>
		<td>Transaction Type</td><td>
		<select name="trType">
		<option value="">Default</option>
		<option value="1">Payment</option>
		<option value="2">Pre authorization</option>
		</select>
		</tr>
		
		<tr>
		<td>Installment offset (Optional)</td><td>
		<input type="text" name="extInstallmentoffset" size="5" maxlength="5"/>
		</tr>
		<tr>
		<td>Installment period (Optional)</td><td>
		<input type="text" name="extInstallmentperiod" size="5" maxlength="5"/>
		</tr>
		
		<tr>
		<td>Recurring frequency (Optional)</td><td>
		
		<input type="text" name="extRecurringfrequency" size="5" maxlength="5"/>
		</tr>
		<tr>
		<td>Recurring end date YYYYMMDD (Optional)</td><td>
		<input type="text" name="extRecurringenddate" size="8" maxlength="8"/>
		</tr>
		
		<tr>
		<td>Billing address country code </td><td>
		<select name="billCountry">
		<option value="" selected="selected"></option>
		<option value="EL">Greece</option>
		<option value="UK">United Kingdom</option>
		<option value="US">USA</option>
		</select>
		</tr>
		<tr>
		<td>Billing address state</td><td><input type="text" name="billState" value=""/></td>
		</tr>
		
		<tr>
		<td>Billing address zip code</td><td><input type="text" name="billZip" value=""/></td>
		
		</tr>
		<tr>
		<td>Billing address city</td><td><input type="text" name="billCity" value=""/></td>
		</tr>
		<tr>
		<td>Billing address street</td><td><input type="text" name="billAddress" value=""/></td>
		</tr>
		
		<tr>
		<td>Order shipping weight</td><td><input type="text" name="weight" value=""/> </td>
		
		</tr>
		<tr>
		<td>Order shipping dimensions</td><td><input type="text" name="dimensions" value=""/> w:h:d (cm)</td>
		</tr>
		<tr>
		<td>Shipping address country code</td><td>
		<select name="shipCountry">
		<option value="" selected="selected"></option>
		<option value="EL">Greece</option>
		<option value="UK">United Kingdom</option>
		<option value="US">USA</option>
		</select>
		</tr>
		<tr>
		<td>Shipping address state</td><td><input type="text" name="shipState" value=""/></td>
		</tr>
		
		<tr>
		<td>Shipping address zip code</td><td><input type="text" name="shipZip" value=""/></td>
		</tr>
		
		<tr>
		<td>Shipping address city </td><td><input type="text" name="shipCity" value=""/></td>
		</tr>
		<tr>
		<td>Shipping address street</td><td><input type="text" name="shipAddress" value=""/></td>
		</tr>
		
		<tr>
		<td>Incoming starting risk score </td><td><input type="text" name="addFraudScore" size="5"
		value=""/></td>
		</tr>
		
		<tr>
		<td>Maximum payment retries </td><td><input type="text" name="maxPayRetries" size="5"
		value=""/></td>
		
		</tr>
		<tr>
		<td>reject3dsU</td><td><input type="text" name="reject3dsU" size="2" maxlength="1"
		value=""/> (Y/N)</td>
		</tr>
		<tr>
		<td>Block score</td><td><input type="text" name="blockScore" size="5" value=""/>
		</td>
		</tr>
		<tr>
		<td>CSS url</td><td><input type="text" name="cssUrl" size="70"
		value=""/></td>
		</tr>

		<tr>
		<td>Confirmation Url</td><td><input type="text" name="confirmUrl" size="70" value="http://www.merchatshop.gr/vp_test/successpage.php"/></td>
		</tr>
		<tr>
		<td>Cancel Url</td><td><input type="text" size="70" name="cancelUrl" value="http://www.merchatshop.gr/vp_test/failpage.php"/></td>
		</tr>
		<tr>
		<td>extXOrderId</td><td><input type="text" size="70" name="extXOrderId" value=""/></td>
		</tr>
		<tr>
		<td>extTokenOptions</td><td><input type="text" size="70" name="extTokenOptions" value=""/></td>
		</tr>
		<tr>
		<td>extToken</td><td><input type="text" size="70" name="extToken" value=""/></td>
		</tr>
		<tr>
		<td>Var 1</td><td><input type="text" size="20" name="var1" value=""/></td>
		</tr>
		<tr>
		<td>Var 2</td><td><input type="text" size="20" name="var2" value=""/></td>
		</tr>
		<tr>
		<td>Var 3</td><td><input type="text" size="20" name="var3" value=""/></td>
		</tr>
		<tr>
		<td>Var 4</td><td><input type="text" size="20" name="var4" value=""/></td>
		</tr>
		<tr>
		<td>Var 5</td><td><input type="text" size="20" name="var5" value=""/></td>
		</tr>
		<tr>
		<td>Var 6</td><td><input type="text" size="20" name="var6" value=""/></td>
		</tr>
		<tr>
		<td>Var 7</td><td><input type="text" size="20" name="var7" value=""/<>/td>
		</tr>
		<tr>
		<td>Var 8</td><td><input type="text" size="20" name="var8" value=""/<>/td>
		</tr>
		<tr>
		<td>Var 9</td><td><input type="text" size="20" name="var9" value=""/<>/td>
		</tr>
        <tr>
        <td></td>
        </tr>
        <tr>
        <td></td>
        </tr>
        
        <tr>
		<td>
			<input type="button" name="checkout" value="Submit" onclick="javascript:acceptance()" />
		</td>
		<td>
			<p>I Agree   
			  <input type="checkbox" id="accbtn">
		  </p>
		  <p>  </p></td>
		</tr>
        
		</table>
		</form>
		
	</body>
</html>
		

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head><title>Cardlink shop demo</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link href="styles/style2.css" rel="stylesheet" type="text/css" />
</head>

<body>
<p><img src="images/Caldlink logo.png" width="657" height="140" alt="cardlink"></p>
<h2>Transaction Completed.</h2>

<p><br>
  <img src="images/completed.png" width="318" height="207" alt="completed"><br>
  </p>
<p><br>
  <b>Returned Post Data: </b></p>
<p><br>
  <?php 

	$post_data_array = array();
	
	if (isset($_POST['version'])) {$post_data_array[0] = $_POST['version'];
	echo $post_data_array[0];
	echo " -> version_length=  ";
	echo strlen($post_data_array[0]);
	echo "<br/>";}
	
	if (isset($_POST['mid'])) {$post_data_array[1] = $_POST['mid'];
	echo $post_data_array[1];
	echo " -> mid_length=  ";
	echo strlen($post_data_array[1]);
	echo "<br/>";}
	
	if (isset($_POST['orderid'])) {$post_data_array[2] = $_POST['orderid'];
	echo $post_data_array[2];
	echo " -> orderid_length=  ";
	echo strlen($post_data_array[2]);
	echo "<br/>";}
	
	if (isset($_POST['status'])) {$post_data_array[3] = $_POST['status'];
	echo $post_data_array[3];
	echo " -> status_length=  ";
	echo strlen($post_data_array[3]);
	echo "<br/>";}
	
	if (isset($_POST['orderAmount'])) {$post_data_array[4] = $_POST['orderAmount'];
	echo $post_data_array[4];
	echo " -> orderamount_length=  ";
	echo strlen($post_data_array[4]);
	echo "<br/>";}
	
	if (isset($_POST['currency'])) {$post_data_array[5] = $_POST['currency'];
	echo $post_data_array[5];
	echo " -> currency_length=  ";
	echo strlen($post_data_array[5]);
	echo "<br/>";}
	
	if (isset($_POST['paymentTotal'])) {$post_data_array[6] = $_POST['paymentTotal'];
	echo $post_data_array[6];
	echo " -> paymentTotal_length=  ";
	echo strlen($post_data_array[6]);
	echo "<br/>";}
	
	if (isset($_POST['message'])) {$post_data_array[7] = $_POST['message'];
	echo $post_data_array[7];
	echo " -> message_length=  ";
	echo strlen($post_data_array[7]);
	echo "<br/>";}
	
	if (isset($_POST['riskScore'])) {$post_data_array[8] = $_POST['riskScore'];
	echo $post_data_array[8];
	echo " -> riskScore_length=  ";
	echo strlen($post_data_array[8]);
	echo "<br/>";}
	
	if (isset($_POST['payMethod'])) {$post_data_array[9] = $_POST['payMethod'];
	echo $post_data_array[9];
	echo " -> payMethod_length=  ";
	echo strlen($post_data_array[9]);
	echo "<br/>";}
	
	if (isset($_POST['txId'])) {$post_data_array[10] = $_POST['txId'];
	echo $post_data_array[10];
	echo " -> txId_length=  ";
	echo strlen($post_data_array[10]);
	echo "<br/>";}
	
	if (isset($_POST['paymentRef'])) {$post_data_array[11] = $_POST['paymentRef'];
	echo " -> PaymentRef_length=  ";
	echo strlen($post_data_array[11]);
	echo "<br/>";}
	
	if (isset($_POST['shipCountry'])) {$post_data_array[12] = $_POST['shipCountry'];
	echo $post_data_array[12];
	echo " -> shipCountry_length=  ";
	echo strlen($post_data_array[12]);
	echo "<br/>";}
	
	if (isset($_POST['shipState'])) {$post_data_array[13] = $_POST['shipState'];
	echo $post_data_array[13];
	echo " -> shipState_length=  ";
	echo strlen($post_data_array[13]);
	echo "<br/>";}
	
	if (isset($_POST['shipZip'])) {$post_data_array[14] = $_POST['shipZip'];
	echo $post_data_array[14];
	echo " -> shipZip_length=  ";
	echo strlen($post_data_array[14]);
	echo "<br/>";}
	
	if (isset($_POST['shipCity'])) {$post_data_array[15] = $_POST['shipCity'];
	echo $post_data_array[15];
	echo " -> shipCity_length=  ";
	echo strlen($post_data_array[15]);
	echo "<br/>";}
	
	if (isset($_POST['shipAddress'])) {$post_data_array[16] = $_POST['shipAddress'];
	echo $post_data_array[16];
	echo " -> shipAddress_length=  ";
	echo strlen($post_data_array[16]);
	echo "<br/>";}
	
	if (isset($_POST['shipRecipientName'])) {$post_data_array[17] = $_POST['shipRecipientName'];
	echo $post_data_array[17];
	echo " -> shipRecipientName_length=  ";
	echo strlen($post_data_array[17]);
	echo "<br/>";}
	
	if (isset($_POST['shipRecipientPhone'])) {$post_data_array[18] = $_POST['shipRecipientPhone'];
	echo $post_data_array[18];
	echo " -> shipRecipientPhone_length=  ";
	echo strlen($post_data_array[18]);
	echo "<br/>";}
	
	if (isset($_POST['extToken'])) {$post_data_array[19] = $_POST['extToken'];
	echo $post_data_array[19];
	echo " -> extToken_length=  ";
	echo strlen($post_data_array[19]);
	echo "<br/>";}
	
	if (isset($_POST['extTokenPanEnd'])) {$post_data_array[20] = $_POST['extTokenPanEnd'];
	echo $post_data_array[20];
	echo " -> extTokenPanEnd_length=  ";
	echo strlen($post_data_array[20]);
	echo "<br/>";}
	
	if (isset($_POST['extTokenExp'])) {$post_data_array[21] = $_POST['extTokenExp'];
	echo $post_data_array[21];
	echo " -> extTokenExp_length=  ";
	echo strlen($post_data_array[21]);
	echo "<br/>";}
	
	if (isset($_POST['extData'])) {$post_data_array[22] = $_POST['extData'];
	echo $post_data_array[22];
	echo " -> extData_length=  ";
	echo strlen($post_data_array[22]);
	echo "<br/>";}
	
	if (isset($_POST['var1'])) {$post_data_array[23] = $_POST['var1'];
	echo $post_data_array[23];
	echo " -> var1_length=  ";
	echo strlen($post_data_array[23]);
	echo "<br/>";}
	
	if (isset($_POST['var2'])) {$post_data_array[24] = $_POST['var2'];
	echo $post_data_array[24];
	echo " -> var2_length=  ";
	echo strlen($post_data_array[24]);
	echo "<br/>";}

	if (isset($_POST['var3'])) {$post_data_array[25] = $_POST['var3'];
	echo $post_data_array[25];
	echo " -> var3_length=  ";
	echo strlen($post_data_array[25]);
	echo "<br/>";}

	if (isset($_POST['var4'])) {$post_data_array[26] = $_POST['var4'];
	echo $post_data_array[26];
	echo " -> var4_length=  ";
	echo strlen($post_data_array[26]);
	echo "<br/>";}

	if (isset($_POST['var5'])) {$post_data_array[27] = $_POST['var5'];
	echo $post_data_array[27];
	echo " -> var5_length=  ";
	echo strlen($post_data_array[27]);
	echo "<br/>";}

	if (isset($_POST['var6'])) {$post_data_array[28] = $_POST['var6'];
	echo $post_data_array[28];
	echo " -> var6_length=  ";
	echo strlen($post_data_array[28]);
	echo "<br/>";}

	if (isset($_POST['var7'])) {$post_data_array[29] = $_POST['var7'];
	echo $post_data_array[29];
	echo " -> var7_length=  ";
	echo strlen($post_data_array[29]);
	echo "<br/>";}

	if (isset($_POST['var8'])) {$post_data_array[30] = $_POST['var8'];
	echo $post_data_array[30];
	echo " -> var8_length=  ";
	echo strlen($post_data_array[30]);
	echo "<br/>";}

	if (isset($_POST['var9'])) {$post_data_array[31] = $_POST['var9'];
	echo $post_data_array[31];
	echo " -> var9_length=  ";
	echo strlen($post_data_array[31]);
	echo "<br/>";}

	$post_SIGNATURE = $_POST['signature'];
	echo $post_SIGNATURE;
	
	//Concatenate returned values separated by ;
	$post_data="";
	foreach ($post_data_array as &$value) {
			if($value!=""){
				$post_data=$post_data.$value.";";
			}
		}
	
	// $public_key: Service provider's public key for signature verification
		$public_key = <<<EOD
-----BEGIN CERTIFICATE-----
MIIEXjCCAsYCAQEwDQYJKoZIhvcNAQELBQAwdTElMCMGA1UEAxMcQ2FyZGxpbmsgVUFUIFNpZ25p
bmcgYW5kIENTRTENMAsGA1UECxMERUNPTTERMA8GA1UEChMIQ2FyZGxpbmsxDzANBgNVBAcTBkF0
aGVuczEMMAoGA1UECBMDQVRIMQswCQYDVQQGEwJHUjAeFw0xODA2MjEyMTAwMDBaFw0yNTA2MjIy
MDU5NTlaMHUxJTAjBgNVBAMTHENhcmRsaW5rIFVBVCBTaWduaW5nIGFuZCBDU0UxDTALBgNVBAsT
BEVDT00xETAPBgNVBAoTCENhcmRsaW5rMQ8wDQYDVQQHEwZBdGhlbnMxDDAKBgNVBAgTA0FUSDEL
MAkGA1UEBhMCR1IwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDlZIj4eMY2hU7ot4kk
gB1e7xJniAe07ntRVwPZdJ1cxevLvSoQMvgd8070RrT7cPDXp6iJIl0RKBnCwZspwoO5evUngdfo
AleyLSVUXljKp2G/e6Kt22RMCLtYsqNv4qFW5nW8XwB88wvqziSMPu9Mo1gGhOxWpS4Viy3NvrtE
VOWXvssx+ZLPolb3AW93w7BOfzEpt7LM3GwrSYZuPoPHcwdkBs0nF+htIEOq/2T7GDcZPNIUmllu
4nQt6u7T1SJ0/TpdHta/p55xptE7QLZlNdphIxvu4Zc9U7mwvlCN8MqMNQnQSFlqnBdOgtQ5gxfE
8x/cSWOVLzTh6dWOc2o7aiAhk8sVopl7N4jeL4U4Nvp0GyDodoWgUJeweDookIb9DL2fgQeBLKn8
ZFDPOyoBQSNr8AAm3p0bgTDY4XkTuav919LGgCjR5k389CW256zXCgsj5Dnn8gcTrf0mwziUbjlG
t/UIy7CA7kmpELwna4NNo7Lt6laILqletJi1rlECAwEAATANBgkqhkiG9w0BAQsFAAOCAYEAVkOF
bVwxj/pbnTH8Z2y/17P1yzv4H6vKB2RdG60CMSou0X/WNybBgaMSf6qJJs3osUC68qx27Q3pYp4i
7onsTlNedhSsUVZVabRHXkjLxGLx9saZNiZ9turIyxzfC7VdeGaogvmcFPZAFgkGSFy4tAZz8fIk
L7XI9pp5NTrjP9AL1ETVgwoHFKoeEKU1ewgQGRXpsM2sQnanMrTOgfVWz+qmaMmCcgeuQnYDPkZX
X3jo456N0IDcGhJRmzkO8x0ge3DGyTc2mdS+38c61VEDd2TQHDHJuGsjCSVMjYh83JF7Ut3imFYh
v3jgmHNkEDsp7XU81UMaV1nD0WzwNTbuMlyuvUQltLtQ0lciDl+yT7zciHZr3JkL3am9lCtny/DR
Oyw7pZnDCbWHaUKl4pV5UtwCIT/o5v7yo3av1z5o6Ufial+kemeyhcU7PtMXZ6mgW9Hcq4htX1BT
l/LsTN/42XxvrdzystkmvJeSlrNLPbeASi8MC3j/xQdUjc6mWQ/t
-----END CERTIFICATE-----
EOD;
	
	
	//Verify returned signature
	$binary_signature = base64_decode($post_SIGNATURE,false);
	
	$result = openssl_verify($post_data, $binary_signature, $public_key, "sha256WithRSAEncryption");
	
	if($result==1)
	{
		echo "<BR/>Returned Signature = OK<BR/>";
	}
	else
	{
		echo "<BR/>Returned Signature = Mismatch<BR/>";
	}
	
?>
  <br>
  <br>
</p>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>
<head><title>Cardlink Demo Shop</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link href="styles/style2.css" rel="stylesheet" type="text/css" />
</head>

<body>
<h1><img src="images/Caldlink logo.png" width="585" height="108" alt="cardlink"></h1>
<p> </p>
<under>
<h2>Transaction failed</h2>
<p><img src="images/fail.png" width="211" height="155" alt="failed"><br>
  <br>
  <b>Returned Post Data: </b></p>
<p><br>
</p>

<php_tag>
<?php 

	$post_data_array = array();
	
	if (isset($_POST['version'])) {$post_data_array[0] = $_POST['version'];
	echo $post_data_array[0];
	echo " -> version_length=  ";
	echo strlen($post_data_array[0]);
	echo "<br/>";}
	
	if (isset($_POST['mid'])) {$post_data_array[1] = $_POST['mid'];
	echo $post_data_array[1];
	echo " -> mid_length=  ";
	echo strlen($post_data_array[1]);
	echo "<br/>";}
	
	if (isset($_POST['orderid'])) {$post_data_array[2] = $_POST['orderid'];
	echo $post_data_array[2];
	echo " -> orderid_length=  ";
	echo strlen($post_data_array[2]);
	echo "<br/>";}
	
	if (isset($_POST['status'])) {$post_data_array[3] = $_POST['status'];
	echo $post_data_array[3];
	echo " -> status_length=  ";
	echo strlen($post_data_array[3]);
	echo "<br/>";}
	
	if (isset($_POST['orderAmount'])) {$post_data_array[4] = $_POST['orderAmount'];
	echo $post_data_array[4];
	echo " -> orderamount_length=  ";
	echo strlen($post_data_array[4]);
	echo "<br/>";}
	
	if (isset($_POST['currency'])) {$post_data_array[5] = $_POST['currency'];
	echo $post_data_array[5];
	echo " -> currency_length=  ";
	echo strlen($post_data_array[5]);
	echo "<br/>";}
	
	if (isset($_POST['paymentTotal'])) {$post_data_array[6] = $_POST['paymentTotal'];
	echo $post_data_array[6];
	echo " -> paymentTotal_length=  ";
	echo strlen($post_data_array[6]);
	echo "<br/>";}
	
	if (isset($_POST['message'])) {$post_data_array[7] = $_POST['message'];
	echo $post_data_array[7];
	echo " -> message_length=  ";
	echo strlen($post_data_array[7]);
	echo "<br/>";}
	
	if (isset($_POST['riskScore'])) {$post_data_array[8] = $_POST['riskScore'];
	echo $post_data_array[8];
	echo " -> riskScore_length=  ";
	echo strlen($post_data_array[8]);
	echo "<br/>";}
	
	if (isset($_POST['payMethod'])) {$post_data_array[9] = $_POST['payMethod'];
	echo $post_data_array[9];
	echo " -> payMethod_length=  ";
	echo strlen($post_data_array[9]);
	echo "<br/>";}
	
	if (isset($_POST['txId'])) {$post_data_array[10] = $_POST['txId'];
	echo $post_data_array[10];
	echo " -> txId_length=  ";
	echo strlen($post_data_array[10]);
	echo "<br/>";}
	
	if (isset($_POST['paymentRef'])) {$post_data_array[11] = $_POST['paymentRef'];
	echo " -> PaymentRef_length=  ";
	echo strlen($post_data_array[11]);
	echo "<br/>";}
	
	if (isset($_POST['shipCountry'])) {$post_data_array[12] = $_POST['shipCountry'];
	echo $post_data_array[12];
	echo " -> shipCountry_length=  ";
	echo strlen($post_data_array[12]);
	echo "<br/>";}
	
	if (isset($_POST['shipState'])) {$post_data_array[13] = $_POST['shipState'];
	echo $post_data_array[13];
	echo " -> shipState_length=  ";
	echo strlen($post_data_array[13]);
	echo "<br/>";}
	
	if (isset($_POST['shipZip'])) {$post_data_array[14] = $_POST['shipZip'];
	echo $post_data_array[14];
	echo " -> shipZip_length=  ";
	echo strlen($post_data_array[14]);
	echo "<br/>";}
	
	if (isset($_POST['shipCity'])) {$post_data_array[15] = $_POST['shipCity'];
	echo $post_data_array[15];
	echo " -> shipCity_length=  ";
	echo strlen($post_data_array[15]);
	echo "<br/>";}
	
	if (isset($_POST['shipAddress'])) {$post_data_array[16] = $_POST['shipAddress'];
	echo $post_data_array[16];
	echo " -> shipAddress_length=  ";
	echo strlen($post_data_array[16]);
	echo "<br/>";}
	
	if (isset($_POST['shipRecipientName'])) {$post_data_array[17] = $_POST['shipRecipientName'];
	echo $post_data_array[17];
	echo " -> shipRecipientName_length=  ";
	echo strlen($post_data_array[17]);
	echo "<br/>";}
	
	if (isset($_POST['shipRecipientPhone'])) {$post_data_array[18] = $_POST['shipRecipientPhone'];
	echo $post_data_array[18];
	echo " -> shipRecipientPhone_length=  ";
	echo strlen($post_data_array[18]);
	echo "<br/>";}
	
	if (isset($_POST['extToken'])) {$post_data_array[19] = $_POST['extToken'];
	echo $post_data_array[19];
	echo " -> extToken_length=  ";
	echo strlen($post_data_array[19]);
	echo "<br/>";}
	
	if (isset($_POST['extTokenPanEnd'])) {$post_data_array[20] = $_POST['extTokenPanEnd'];
	echo $post_data_array[20];
	echo " -> extTokenPanEnd_length=  ";
	echo strlen($post_data_array[20]);
	echo "<br/>";}
	
	if (isset($_POST['extTokenExp'])) {$post_data_array[21] = $_POST['extTokenExp'];
	echo $post_data_array[21];
	echo " -> extTokenExp_length=  ";
	echo strlen($post_data_array[21]);
	echo "<br/>";}
	
	if (isset($_POST['extData'])) {$post_data_array[22] = $_POST['extData'];
	echo $post_data_array[22];
	echo " -> extData_length=  ";
	echo strlen($post_data_array[22]);
	echo "<br/>";}
	
	if (isset($_POST['var1'])) {$post_data_array[23] = $_POST['var1'];
	echo $post_data_array[23];
	echo " -> var1_length=  ";
	echo strlen($post_data_array[23]);
	echo "<br/>";}
	
	if (isset($_POST['var2'])) {$post_data_array[24] = $_POST['var2'];
	echo $post_data_array[24];
	echo " -> var2_length=  ";
	echo strlen($post_data_array[24]);
	echo "<br/>";}

	if (isset($_POST['var3'])) {$post_data_array[25] = $_POST['var3'];
	echo $post_data_array[25];
	echo " -> var3_length=  ";
	echo strlen($post_data_array[25]);
	echo "<br/>";}

	if (isset($_POST['var4'])) {$post_data_array[26] = $_POST['var4'];
	echo $post_data_array[26];
	echo " -> var4_length=  ";
	echo strlen($post_data_array[26]);
	echo "<br/>";}

	if (isset($_POST['var5'])) {$post_data_array[27] = $_POST['var5'];
	echo $post_data_array[27];
	echo " -> var5_length=  ";
	echo strlen($post_data_array[27]);
	echo "<br/>";}

	if (isset($_POST['var6'])) {$post_data_array[28] = $_POST['var6'];
	echo $post_data_array[28];
	echo " -> var6_length=  ";
	echo strlen($post_data_array[28]);
	echo "<br/>";}

	if (isset($_POST['var7'])) {$post_data_array[29] = $_POST['var7'];
	echo $post_data_array[29];
	echo " -> var7_length=  ";
	echo strlen($post_data_array[29]);
	echo "<br/>";}

	if (isset($_POST['var8'])) {$post_data_array[30] = $_POST['var8'];
	echo $post_data_array[30];
	echo " -> var8_length=  ";
	echo strlen($post_data_array[30]);
	echo "<br/>";}

	if (isset($_POST['var9'])) {$post_data_array[31] = $_POST['var9'];
	echo $post_data_array[31];
	echo " -> var9_length=  ";
	echo strlen($post_data_array[31]);
	echo "<br/>";}

	$post_SIGNATURE = $_POST['signature'];
	echo $post_SIGNATURE;
	
	//Concatenate returned values separated by ;
	$post_data="";
	foreach ($post_data_array as &$value) {
			if($value!=""){
				$post_data=$post_data.$value.";";
			}
		}
	
	// $public_key: Service provider's public key for signature verification
		$public_key = <<<EOD
-----BEGIN CERTIFICATE-----
MIIEXjCCAsYCAQEwDQYJKoZIhvcNAQELBQAwdTElMCMGA1UEAxMcQ2FyZGxpbmsgVUFUIFNpZ25p
bmcgYW5kIENTRTENMAsGA1UECxMERUNPTTERMA8GA1UEChMIQ2FyZGxpbmsxDzANBgNVBAcTBkF0
aGVuczEMMAoGA1UECBMDQVRIMQswCQYDVQQGEwJHUjAeFw0xODA2MjEyMTAwMDBaFw0yNTA2MjIy
MDU5NTlaMHUxJTAjBgNVBAMTHENhcmRsaW5rIFVBVCBTaWduaW5nIGFuZCBDU0UxDTALBgNVBAsT
BEVDT00xETAPBgNVBAoTCENhcmRsaW5rMQ8wDQYDVQQHEwZBdGhlbnMxDDAKBgNVBAgTA0FUSDEL
MAkGA1UEBhMCR1IwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDlZIj4eMY2hU7ot4kk
gB1e7xJniAe07ntRVwPZdJ1cxevLvSoQMvgd8070RrT7cPDXp6iJIl0RKBnCwZspwoO5evUngdfo
AleyLSVUXljKp2G/e6Kt22RMCLtYsqNv4qFW5nW8XwB88wvqziSMPu9Mo1gGhOxWpS4Viy3NvrtE
VOWXvssx+ZLPolb3AW93w7BOfzEpt7LM3GwrSYZuPoPHcwdkBs0nF+htIEOq/2T7GDcZPNIUmllu
4nQt6u7T1SJ0/TpdHta/p55xptE7QLZlNdphIxvu4Zc9U7mwvlCN8MqMNQnQSFlqnBdOgtQ5gxfE
8x/cSWOVLzTh6dWOc2o7aiAhk8sVopl7N4jeL4U4Nvp0GyDodoWgUJeweDookIb9DL2fgQeBLKn8
ZFDPOyoBQSNr8AAm3p0bgTDY4XkTuav919LGgCjR5k389CW256zXCgsj5Dnn8gcTrf0mwziUbjlG
t/UIy7CA7kmpELwna4NNo7Lt6laILqletJi1rlECAwEAATANBgkqhkiG9w0BAQsFAAOCAYEAVkOF
bVwxj/pbnTH8Z2y/17P1yzv4H6vKB2RdG60CMSou0X/WNybBgaMSf6qJJs3osUC68qx27Q3pYp4i
7onsTlNedhSsUVZVabRHXkjLxGLx9saZNiZ9turIyxzfC7VdeGaogvmcFPZAFgkGSFy4tAZz8fIk
L7XI9pp5NTrjP9AL1ETVgwoHFKoeEKU1ewgQGRXpsM2sQnanMrTOgfVWz+qmaMmCcgeuQnYDPkZX
X3jo456N0IDcGhJRmzkO8x0ge3DGyTc2mdS+38c61VEDd2TQHDHJuGsjCSVMjYh83JF7Ut3imFYh
v3jgmHNkEDsp7XU81UMaV1nD0WzwNTbuMlyuvUQltLtQ0lciDl+yT7zciHZr3JkL3am9lCtny/DR
Oyw7pZnDCbWHaUKl4pV5UtwCIT/o5v7yo3av1z5o6Ufial+kemeyhcU7PtMXZ6mgW9Hcq4htX1BT
l/LsTN/42XxvrdzystkmvJeSlrNLPbeASi8MC3j/xQdUjc6mWQ/t
-----END CERTIFICATE-----
EOD;
	
	
	//Verify returned signature
	$binary_signature = base64_decode($post_SIGNATURE,false);
	
	$result = openssl_verify($post_data, $binary_signature, $public_key, "sha256WithRSAEncryption");
	
	if($result==1)
	{
		echo "<BR/>Returned Signature = OK<BR/>";
	}
	else
	{
		echo "<BR/>Returned Signature = Mismatch<BR/>";
	}
	
?>
</php_tag>
</under>

</body>
</html>
JSP Redirect Version 4
shopdemo.jsp
<%@ page language="java" session="true" import="java.util.*"%>
<%@ page language="java" session="true" import="java.io.*"%>
<%@ page language="java" session="true" import="java.security.cert.*"%>
<%@ page language="java" session="true" import="java.security.spec.*"%>
<%@ page language="java" session="true" import="java.security.*"%>
<%@ page language="java" session="true" import="org.apache.xml.security.exceptions.*"%>
<%@ page language="java" session="true"
	import="org.apache.xml.security.*"%>
<% request.setCharacterEncoding("UTF-8"); 
   response.setCharacterEncoding("UTF-8");	
%>
<html>
<head><title>Cardlink shop demo</title>
<link href="../css/vpos.css" rel="stylesheet" type="text/css" />
</head>

<body>
<h2>Cardlink shop demo</h2>
<%!static String[] fieldNamesResp = new String[]{"version", "mid", "orderid", "status", "orderAmount", "currency",
			"paymentTotal", "message", "riskScore", "payMethod", "txId", "paymentRef", "shipCountry", "shipState",
			"shipZip", "shipCity", "shipAddress", "shipRecipientName", "shipRecipientPhone", "extToken",
			"extTokenPanEnd", "extTokenExp", "extData", "var1", "var2", "var3", "var4", "var5", "var6", "var7", "var8",
			"var9"};
%>
<%		
String procCert="MIIEXjCCAsYCAQEwDQYJKoZIhvcNAQELBQAwdTElMCMGA1UEAxMcQ2FyZGxpbmsgVUFUIFNpZ25pbmcgYW5kIENTRTENMAsGA1UECxMERUNPTTERMA8GA1UEChMIQ2FyZGxpbmsxDzANBgNVBAcTBkF0aGVuczEMMAoGA1UECBMDQVRIMQswCQYDVQQGEwJHUjAeFw0xODA2MjEyMTAwMDBaFw0yNTA2MjIyMDU5NTlaMHUxJTAjBgNVBAMTHENhcmRsaW5rIFVBVCBTaWduaW5nIGFuZCBDU0UxDTALBgNVBAsTBEVDT00xETAPBgNVBAoTCENhcmRsaW5rMQ8wDQYDVQQHEwZBdGhlbnMxDDAKBgNVBAgTA0FUSDELMAkGA1UEBhMCR1IwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDlZIj4eMY2hU7ot4kkgB1e7xJniAe07ntRVwPZdJ1cxevLvSoQMvgd8070RrT7cPDXp6iJIl0RKBnCwZspwoO5evUngdfoAleyLSVUXljKp2G/e6Kt22RMCLtYsqNv4qFW5nW8XwB88wvqziSMPu9Mo1gGhOxWpS4Viy3NvrtEVOWXvssx+ZLPolb3AW93w7BOfzEpt7LM3GwrSYZuPoPHcwdkBs0nF+htIEOq/2T7GDcZPNIUmllu4nQt6u7T1SJ0/TpdHta/p55xptE7QLZlNdphIxvu4Zc9U7mwvlCN8MqMNQnQSFlqnBdOgtQ5gxfE8x/cSWOVLzTh6dWOc2o7aiAhk8sVopl7N4jeL4U4Nvp0GyDodoWgUJeweDookIb9DL2fgQeBLKn8ZFDPOyoBQSNr8AAm3p0bgTDY4XkTuav919LGgCjR5k389CW256zXCgsj5Dnn8gcTrf0mwziUbjlGt/UIy7CA7kmpELwna4NNo7Lt6laILqletJi1rlECAwEAATANBgkqhkiG9w0BAQsFAAOCAYEAVkOFbVwxj/pbnTH8Z2y/17P1yzv4H6vKB2RdG60CMSou0X/WNybBgaMSf6qJJs3osUC68qx27Q3pYp4i7onsTlNedhSsUVZVabRHXkjLxGLx9saZNiZ9turIyxzfC7VdeGaogvmcFPZAFgkGSFy4tAZz8fIkL7XI9pp5NTrjP9AL1ETVgwoHFKoeEKU1ewgQGRXpsM2sQnanMrTOgfVWz+qmaMmCcgeuQnYDPkZXX3jo456N0IDcGhJRmzkO8x0ge3DGyTc2mdS+38c61VEDd2TQHDHJuGsjCSVMjYh83JF7Ut3imFYhv3jgmHNkEDsp7XU81UMaV1nD0WzwNTbuMlyuvUQltLtQ0lciDl+yT7zciHZr3JkL3am9lCtny/DROyw7pZnDCbWHaUKl4pV5UtwCIT/o5v7yo3av1z5o6Ufial+kemeyhcU7PtMXZ6mgW9Hcq4htX1BTl/LsTN/42XxvrdzystkmvJeSlrNLPbeASi8MC3j/xQdUjc6mWQ/t";
				
String merchantId="1234567890";
String cmd=request.getParameter("cmd");
if ("cancel".equals(cmd) ) 
 { 
	String data=
		(request.getParameter("mid")!=null ? request.getParameter("mid") : "")+
		(request.getParameter("orderid")!=null ? request.getParameter("orderid") : "")+
		(request.getParameter("status")!=null ? request.getParameter("status") : "")+
		(request.getParameter("orderAmount")!=null ? request.getParameter("orderAmount") : "")+
		(request.getParameter("currency")!=null ? request.getParameter("currency") : "")+
		(request.getParameter("paymentTotal")!=null ? request.getParameter("paymentTotal") : "")+
		(request.getParameter("message")!=null ? request.getParameter("message") : "")+
		(request.getParameter("riskScore")!=null ? request.getParameter("riskScore") : "")+
		(request.getParameter("payMethod")!=null ? request.getParameter("payMethod") : "")+
		(request.getParameter("txId")!=null ? request.getParameter("txId") : "")+
		(request.getParameter("paymentRef")!=null ? request.getParameter("paymentRef") : "");
		
		boolean ok = false;
					try {
						ok = this.validateSignature(fieldNamesResp, request, procCert);
					} catch (Exception e) {
						System.out.println("Signature verification error" + e);
	%>Signature validation error:
	<%=e%><br />
	<%
		}
 %>
  	Payment canceled/failed<br/>
 Order id: <%=request.getParameter("orderid") %><br/>
 Status: <%=request.getParameter("status") %><br/>
 Order amount: <%=request.getParameter("orderAmount")+" "+request.getParameter("currency") %><br/>
 Payment total: <%=request.getParameter("paymentTotal")+" "+request.getParameter("currency") %><br/>
 Message: <%=request.getParameter("message") %><br/>
 Risk score: <%=request.getParameter("riskScore") %><br/>
 Payment method: <%=request.getParameter("payMethod") %><br/>
 Tx Id: <%=request.getParameter("txId") %><br/>
 Payment ref: <%=request.getParameter("paymentRef") %><br/>
 Signature ok: <%=(ok ? "Yes" : "No") %>
   <br/><br/>
  	<a href="shopdemo.jsp">Start over</a>
  	
<% }
else if ("confirm".equals(cmd))
{
	String data=
		(request.getParameter("mid")!=null ? request.getParameter("mid") : "")+
		(request.getParameter("orderid")!=null ? request.getParameter("orderid") : "")+
		(request.getParameter("status")!=null ? request.getParameter("status") : "")+
		(request.getParameter("orderAmount")!=null ? request.getParameter("orderAmount") : "")+
		(request.getParameter("currency")!=null ? request.getParameter("currency") : "")+
		(request.getParameter("paymentTotal")!=null ? request.getParameter("paymentTotal") : "")+
		(request.getParameter("message")!=null ? request.getParameter("message") : "")+
		(request.getParameter("riskScore")!=null ? request.getParameter("riskScore") : "")+
		(request.getParameter("payMethod")!=null ? request.getParameter("payMethod") : "")+
		(request.getParameter("txId")!=null ? request.getParameter("txId") : "")+
		(request.getParameter("paymentRef")!=null ? request.getParameter("paymentRef") : "");
	
		boolean sigValid = false;
				try {
					sigValid = this.validateSignature(fieldNamesResp, request, procCert);
				} catch (Exception e) {
					System.out.println("Signature verification error" + e);
	%>Signature validation error :
	<%=e%><br />
	<%
		}
 
 %>
 Payment completed OK<br/>
 Order id: <%=request.getParameter("orderid") %><br/>
 Status: <%=request.getParameter("status") %><br/>
 Order amount: <%=request.getParameter("orderAmount")+" "+request.getParameter("currency") %><br/>
 Payment total: <%=request.getParameter("paymentTotal")+" "+request.getParameter("currency") %><br/>
 Message: <%=request.getParameter("message") %><br/>
 Risk score: <%=request.getParameter("riskScore") %><br/>
 Payment method: <%=request.getParameter("payMethod") %><br/>
 Tx Id: <%=request.getParameter("txId") %><br/>
 Payment ref: <%=request.getParameter("paymentRef") %><br/>
 Signature ok: <%=(sigValid ? "Yes" : "No") %>
  <br/><br/>
  <a href="shopdemo.jsp">Start over</a>
 <%	
}
else if ("makeShopForm".equals(cmd)){ %>
<script type="text/javascript">

function hideAndSubmitTimed(formid)
{
var timer=setTimeout("hideAndSubmit('"+formid+"');",5);
}
	
function hideAndSubmit(formid)
{
var formx=document.getElementById(formid);
		if (formx!=null)
		{	formx.style.visibility="hidden";
			formx.submit();
		}

}
</script>

	<form id="shopform1" name="demo" method="POST" action="..."
		accept-charset="UTF-8" >
		
		<input type="hidden" name="version" value="<%=request.getParameter("version") %>"/>
		<input type="hidden" name="lang" value="<%=request.getParameter("lang") %>"/>
		<input type="hidden" name="mid" value="<%=request.getParameter("mid") %>"/>
		<input type="hidden" name="orderid" value="<%=request.getParameter("orderid") %>"/>
		<input type="hidden" name="orderDesc" value="<%=request.getParameter("orderDesc") %>"/>
		<input type="hidden" name="orderAmount" value="<%=request.getParameter("orderAmount") %>"/>
		<input type="hidden" name="currency" value="<%=request.getParameter("currency") %>"/>
		<input type="hidden" name="payerEmail" value="<%=request.getParameter("payerEmail") %>"/>
		<input type="hidden" name="payerPhone" value="<%=request.getParameter("payerPhone") %>"/>
		<input type="hidden" name="billCountry" value="<%=request.getParameter("billCountry") %>"/>
		<input type="hidden" name="billState" value="<%=request.getParameter("billState") %>"/>
		<input type="hidden" name="billZip" value="<%=request.getParameter("billZip") %>"/>
		<input type="hidden" name="billCity" value="<%=request.getParameter("billCity") %>"/>
		<input type="hidden" name="billAddress" value="<%=request.getParameter("billAddress") %>"/>
		<input type="hidden" name="weight" value="<%=request.getParameter("weight") %>"/>
		<input type="hidden" name="dimensions" value="<%=request.getParameter("dimensions") %>"/>
		<input type="hidden" name="shipCountry" value="<%=request.getParameter("shipCountry") %>"/>
		<input type="hidden" name="shipState" value="<%=request.getParameter("shipState") %>"/>
		<input type="hidden" name="shipZip" value="<%=request.getParameter("shipZip") %>"/>
		<input type="hidden" name="shipCity" value="<%=request.getParameter("shipCity") %>"/>
		<input type="hidden" name="shipAddress" value="<%=request.getParameter("shipAddress") %>"/>
		<input type="hidden" name="addFraudScore" value="<%=request.getParameter("addFraudScore") %>"/>
		<input type="hidden" name="maxPayRetries" value="<%=request.getParameter("maxPayRetries") %>"/>
		<input type="hidden" name="reject3dsU" value="<%=request.getParameter("reject3dsU") %>"/>
		<input type="hidden" name="payMethod" value="<%=request.getParameter("payMethod") %>"/>
		<input type="hidden" name="trType" value="<%=request.getParameter("trType") %>"/>
		<input type="hidden" name="extInstallmentoffset" value="<%=request.getParameter("extInstallmentoffset") %>"/>
		<input type="hidden" name="extInstallmentperiod" value="<%=request.getParameter("extInstallmentperiod") %>"/>
		<input type="hidden" name="extRecurringfrequency" value="<%=request.getParameter("extRecurringfrequency") %>"/>
		<input type="hidden" name="extRecurringenddate" value="<%=request.getParameter("extRecurringenddate") %>"/>
		<input type="hidden" name="blockScore" value="<%=request.getParameter("blockScore") %>"/>
		<input type="hidden" name="cssUrl" value="<%=request.getParameter("cssUrl") %>"/>
		<input type="hidden" name="confirmUrl" value="<%=request.getParameter("confirmUrl") %>"/>
		<input type="hidden" name="cancelUrl" value="<%=request.getParameter("cancelUrl") %>"/>
		<input type="hidden" name="extXOrderId" value="<%=request.getParameter("extXOrderId") %>"/>
		<input type="hidden" name="extTokenOptions" value="<%=request.getParameter("extTokenOptions") %>"/>
		<input type="hidden" name="extToken" value="<%=request.getParameter("extToken") %>"/>
		<input type="hidden" name="var1" value="<%=request.getParameter("var1").replaceAll("\"", """) %>"/>
		<input type="hidden" name="var2" value="<%=request.getParameter("var2").replaceAll("\"", """) %>"/>
		<input type="hidden" name="var3" value="<%=request.getParameter("var3").replaceAll("\"", """) %>"/>
		<input type="hidden" name="var4" value="<%=request.getParameter("var4").replaceAll("\"", """) %>"/>
		<input type="hidden" name="var5" value="<%=request.getParameter("var5").replaceAll("\"", """) %>"/>
		<input type="hidden" name="var6" value="<%=request.getParameter("var6").replaceAll("\"", """) %>"/>
		<input type="hidden" name="var7" value="<%=request.getParameter("var7").replaceAll("\"", """) %>"/>
		<input type="hidden" name="var8" value="<%=request.getParameter("var8").replaceAll("\"", """) %>"/>
		<input type="hidden" name="var9" value="<%=request.getParameter("var9").replaceAll("\"", """) %>"/>
		<%
		// note order of preparing data should follow the documentation field order		
		String data=
			((request.getParameter("version") != null && !request.getParameter("version").trim().isEmpty()) ? request.getParameter("version")+";" : "")+
			((request.getParameter("mid")!=null && !request.getParameter("mid").trim().isEmpty()) ? request.getParameter("mid")+";" : "")+
			((request.getParameter("lang")!=null && !request.getParameter("lang").trim().isEmpty()) ? request.getParameter("lang")+";" : "")+
			((request.getParameter("orderid")!=null && !request.getParameter("orderid").trim().isEmpty()) ? request.getParameter("orderid")+";" : "")+
			((request.getParameter("orderDesc")!=null && !request.getParameter("orderDesc").trim().isEmpty()) ? request.getParameter("orderDesc")+";" : "")+
			((request.getParameter("orderAmount")!=null && !request.getParameter("orderAmount").trim().isEmpty()) ? request.getParameter("orderAmount")+";" : "")+
			((request.getParameter("currency")!=null && !request.getParameter("currency").trim().isEmpty()) ? request.getParameter("currency")+";" : "")+
			((request.getParameter("payerEmail")!=null && !request.getParameter("payerEmail").trim().isEmpty()) ? request.getParameter("payerEmail")+";" : "")+
			((request.getParameter("payerPhone")!=null && !request.getParameter("payerPhone").trim().isEmpty()) ? request.getParameter("payerPhone")+";" : "")+
			((request.getParameter("billCountry")!=null && !request.getParameter("billCountry").trim().isEmpty()) ? request.getParameter("billCountry")+";" : "")+
			((request.getParameter("billState")!=null && !request.getParameter("billState").trim().isEmpty()) ? request.getParameter("billState")+";" : "")+
			((request.getParameter("billZip")!=null && !request.getParameter("billZip").trim().isEmpty()) ? request.getParameter("billZip")+";" : "")+
			((request.getParameter("billCity")!=null && !request.getParameter("billCity").trim().isEmpty()) ? request.getParameter("billCity")+";" : "")+
			((request.getParameter("billAddress")!=null && !request.getParameter("billAddress").trim().isEmpty()) ? request.getParameter("billAddress")+";" : "")+
			((request.getParameter("weight")!=null && !request.getParameter("weight").trim().isEmpty()) ? request.getParameter("weight")+";" : "")+
			((request.getParameter("dimensions")!=null && !request.getParameter("dimensions").trim().isEmpty()) ? request.getParameter("dimensions")+";" : "")+
			((request.getParameter("shipCountry")!=null && !request.getParameter("shipCountry").trim().isEmpty()) ? request.getParameter("shipCountry")+";" : "")+
			((request.getParameter("shipState")!=null && !request.getParameter("shipState").trim().isEmpty()) ? request.getParameter("shipState")+";" : "")+
			((request.getParameter("shipZip")!=null && !request.getParameter("shipZip").trim().isEmpty()) ? request.getParameter("shipZip")+";" : "")+
			((request.getParameter("shipCity")!=null && !request.getParameter("shipCity").trim().isEmpty()) ? request.getParameter("shipCity")+";" : "")+
			((request.getParameter("shipAddress")!=null && !request.getParameter("shipAddress").trim().isEmpty()) ? request.getParameter("shipAddress")+";" : "")+
			((request.getParameter("addFraudScore")!=null && !request.getParameter("addFraudScore").trim().isEmpty()) ? request.getParameter("addFraudScore")+";" : "")+
			((request.getParameter("maxPayRetries")!=null && !request.getParameter("maxPayRetries").trim().isEmpty()) ? request.getParameter("maxPayRetries")+";" : "")+
			((request.getParameter("reject3dsU")!=null && !request.getParameter("reject3dsU").trim().isEmpty()) ? request.getParameter("reject3dsU")+";" : "")+
			((request.getParameter("payMethod")!=null && !request.getParameter("payMethod").trim().isEmpty()) ? request.getParameter("payMethod")+";" : "")+
			((request.getParameter("trType")!=null && !request.getParameter("trType").trim().isEmpty()) ? request.getParameter("trType")+";" : "")+
			((request.getParameter("extInstallmentoffset")!=null && !request.getParameter("extInstallmentoffset").trim().isEmpty()) ? request.getParameter("extInstallmentoffset")+";" : "")+
			((request.getParameter("extInstallmentperiod")!=null && !request.getParameter("extInstallmentperiod").trim().isEmpty()) ? request.getParameter("extInstallmentperiod")+";" : "")+
			((request.getParameter("extRecurringfrequency")!=null && !request.getParameter("extRecurringfrequency").trim().isEmpty()) ? request.getParameter("extRecurringfrequency")+";" : "")+
			((request.getParameter("extRecurringenddate")!=null && !request.getParameter("extRecurringenddate").trim().isEmpty()) ? request.getParameter("extRecurringenddate")+";" : "")+
			((request.getParameter("blockScore")!=null && !request.getParameter("blockScore").trim().isEmpty()) ? request.getParameter("blockScore")+";" : "")+
			((request.getParameter("cssUrl")!=null && !request.getParameter("cssUrl").trim().isEmpty()) ? request.getParameter("cssUrl")+";" : "")+
			((request.getParameter("confirmUrl")!=null && !request.getParameter("confirmUrl").trim().isEmpty()) ? request.getParameter("confirmUrl")+";" : "")+
			((request.getParameter("cancelUrl")!=null && !request.getParameter("cancelUrl").trim().isEmpty()) ? request.getParameter("cancelUrl")+";" : "")+
			((request.getParameter("extXOrderId")!=null && !request.getParameter("extXOrderId").trim().isEmpty()) ? request.getParameter("extXOrderId")+";" : "")+
			((request.getParameter("extTokenOptions")!=null && !request.getParameter("extTokenOptions").trim().isEmpty()) ? request.getParameter("extTokenOptions")+";" : "")+
			((request.getParameter("extToken")!=null && !request.getParameter("extToken").trim().isEmpty()) ? request.getParameter("extToken")+";" : "")+
			((request.getParameter("var1")!=null && !request.getParameter("var1").trim().isEmpty()) ? request.getParameter("var1")+";" : "")+
			((request.getParameter("var2")!=null && !request.getParameter("var2").trim().isEmpty()) ? request.getParameter("var2")+";" : "")+
			((request.getParameter("var3")!=null && !request.getParameter("var3").trim().isEmpty()) ? request.getParameter("var3")+";" : "")+
			((request.getParameter("var4")!=null && !request.getParameter("var4").trim().isEmpty()) ? request.getParameter("var4")+";" : "")+
			((request.getParameter("var5")!=null && !request.getParameter("var5").trim().isEmpty()) ? request.getParameter("var5")+";" : "")+
			((request.getParameter("var6")!=null && !request.getParameter("var6").trim().isEmpty()) ? request.getParameter("var6")+";" : "")+
			((request.getParameter("var7")!=null && !request.getParameter("var7").trim().isEmpty()) ? request.getParameter("var7")+";" : "")+
			((request.getParameter("var8")!=null && !request.getParameter("var8").trim().isEmpty()) ? request.getParameter("var8")+";" : "")+
			((request.getParameter("var9")!=null && !request.getParameter("var9").trim().isEmpty()) ? request.getParameter("var9")+";" : "");

			String prik="MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDaX7Jd16os2MticXHXGjanQ3fDSwwoRRhVWi12+SiFDMVBpBwZEGdmHopO5cpSGptFxeau7HqGfSaq5NoI01pbf/OPFpstO4mSlIBj2OO9wzcW2yNeAQjzycEQmgNr1UQACUmXsNzBZZ2mrcddkdRpxfHPaZx+GIYMdemFY7G0yBXsG0Dq+3hi9kqyGYlAN3PFsqCEdwD3H8qd5UKz4wKEYhuqhKBZZoGBBUQZt7X9plwdMoZhtqbJIJTpda5Og/yNxkSjiTQrOMntvSl5dAQ8dGxoFaKAdvaE09eqt0F6RI76qyUU3B0PKBVB/kIYhvFSvJtef6a8fF4Sy56VOMptAgMBAAECggEBAM9tj1Qsg21OEQNVlzknoTqIj75mDwpBd7e7jOwyCBc55jVP2ZDFUDJkWCRRijkrJMrGDTWjU09kmdJCyAkSGgZIJ+aHJqd0ol0lyj8NymZ6hF2lkpa8jPBleIp4gT9wuMMAD3OTgF4EVBf7giCTYR2H9QV74Da2vL4hUsxtwmNg2jQjjHTsVA/ESjiyGveh1X6+GV6CsTZsoAWLlOhuDHiOMuOXDBmn9JjArFsl2W4XyrtrDx68nVdPdIH2LzIrBzqRG6tB9RpNQNWGs/IxuEUG07fLMGzQiureOTUm/ybtZrO9Ab59tzWXCFXHljsGJu9SnZuPNOT0L8PuJIxKOIECgYEA9w6hdFaVr0HMnQtXndtZQfiqNnQMymV0mR9gtyw20/krOW5yt7WqhrzzTB72m4bsm27Yz3Dn0jfhQ1h5zyihrT+FGeF6jS6+Hr3FXFyMizxH9AZPl13UmZo1fKxeoL+sE5PppFE9Qlsz0TBp2phlVjzLI7i3KOu8Hyzt/rafZDkCgYEA4kdFMSHTQGLounpPauKaVi8v9TjyFdSTqSuQ0pMG4R9xuZ0x52L081goYmxo4jDo7P+m3iHDFdJqg+D7aAVay4Hv0PGKIq8GvOAXm6mnXBaIMDVMnTRtqRynDoo2qKp9UU2Sv4D0L6Zbm9axDxMvqXCa8Lz5KbnhzJufUAwzn9UCgYEAkboGkDn2Zv8X81ZaYxmcZ6aGuEHxvXzkruFsSf+Bg71IusKkViqJIJrZo//rlMecTv6uUoYVp9EgRXott30PCMMb/q0afaahrD5h6N4KZKK1CoKidfV5zvTAMf72fjkxBgdMXIky6i4jvXOiLLeRprGLXVG6cB/EwlrdM06DbDkCgYBcTdJt3mx8gVyKZUZsRY/LxGf90oL+YL7zbXAgVhWiU99iZjtrNjTR545hx/NpAaaitw7s4jzgc/s7XNVxc228Qn7/buh4iYloFsnKmARLTm2zrKpaHn71U1jaV4tAdnu0ZL6OHB6AKY6JHaUQjzUMG4E43v2NBeSUQI9WagPNGQKBgDj5qk4Jauy8zg/IBkXDeJsgwGrMH7o1vj2Uhcd2K2NrxO3qRaJitNXH+cso836/Ez///kdepX3hQ3gKZS7iaGhDFF3r0LU2OmskhoDSyhzVlCgsXbW1skFwL3Y161uYHwgpkFqrAODONXLu3PBdS8jJbKkA3lQnmCCbET3NLfIV";
				
      		java.security.Signature sg = java.security.Signature.getInstance("SHA256withRSA");
					
					byte[] privateKeyInfo = Base64.getDecoder().decode(prik.getBytes(java.nio.charset.StandardCharsets.ISO_8859_1));
					EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privateKeyInfo);
					KeyFactory keyFactory = KeyFactory.getInstance("RSA");
					PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
					sg.initSign(privateKey);
					sg.update(data.toString().getBytes("UTF-8"));
					byte[] sigBytes = sg.sign();
					String signature = new String(Base64.getEncoder().encode(sigBytes)); 
			
			%>
		<input type="hidden" name="signature" value="<%=signature %>"/>
<script type="text/javascript">
	hideAndSubmitTimed('shopform1');
</script>
<div align="center">
<noscript>
	<b>Javascript is turned off or not supported!</b><br/> 
</noscript>	
	<input type="submit" name="submitBtn" value="Please click here to continue"/>
</div>	
		</form>
<%	
}	
else {
%>
<form name="demo" method="POST" action="shopdemo.jsp"
accept-charset="UTF-8" >
<input type="hidden" name="cmd" value="makeShopForm"/>
<table>
<tr>
<td>Optional language</td><td>
<select name="lang">
<option value="en">English</option>
<option value="el">Greek</option>
</select>
</tr>

<tr>
<td>Version</td><td><!--  <input type="text" name="currency" value="EUR"/>  -->
<select name="version">
<option value="4">4</option>
</select>
</td>
</tr>
<tr>
<td>Merchant id</td><td><input type="text" name="mid" value="<%=merchantId %>"/></td>
</tr>
<tr>
<%
java.text.SimpleDateFormat sdfo=new java.text.SimpleDateFormat("yyMMddHHmm"); 
String orderId="O"+sdfo.format(new java.util.Date());
%>

<td>Order id</td><td><input type="text" name="orderid" value="<%=orderId %>"/></td>
</tr>
<tr>
<td>Order description</td><td><input type="text" size="100" maxlength="100" name="orderDesc" value="Test Product"/></td>
</tr>

<tr>
<td>Amount to pay</td><td><input type="text" name="orderAmount" value="0.01"/></td>
</tr>
<tr>
<td>Currency</td><td><!--  <input type="text" name="currency" value="EUR"/>  -->
<select name="currency">
<option value="EUR">EUR</option>
<option value="CHF">CHF</option>
<option value="USD">USD</option>
<option value="GBP">GBP</option>
<option value="JPY">JPY</option>
<option value="CAD">CAD</option>
</select>
</td>
</tr>
<tr>
<td>Payer email</td><td><input type="text" name="payerEmail" size="35" maxlength="64" value="payer@demo.com"/></td>
</tr>
<tr>
<td>Payer phone</td><td><input type="text" name="payerPhone" size="25" maxlength="30" value="+302106464644"/></td>
</tr>
<tr>
<td>Optional pay method pre selection</td><td>
<select name="payMethod">
<option value="">No pre selection</option>
<option value="visa">Visa</option>
<option value="visaElectron">Visa Electron</option>
<option value="mastercard">Mastercard</option>
<option value="maestro">Maestro</option>
<option value="amex">American Express</option>
</select>
</tr>
<tr>
<td>Optional transaction type selection</td><td>
<select name="trType">
<option value="">Default</option>
<option value="1">Payment</option>
<option value="2">Pre authorization</option>
</select>
</tr>

<tr>
<td>Optional extInstallmentoffset</td><td>
<input type="text" name="extInstallmentoffset" size="5" maxlength="5"/>
</tr>
<tr>
<td>Optional extInstallmentperiod</td><td>
<input type="text" name="extInstallmentperiod" size="5" maxlength="5"/>
</tr>

<tr>
<td>Optional extRecurringfrequency</td><td>
<input type="text" name="extRecurringfrequency" size="5" maxlength="5"/>
</tr>
<tr>
<td>Optional extRecurringenddate YYYYMMDD</td><td>
<input type="text" name="extRecurringenddate" size="8" maxlength="8"/>
</tr>

<tr>
<td>Bill to country</td><td>
<select name="billCountry">
<option value="GR">Greece</option>
<option value="FR">France</option>
<option value="EE">Estonia</option>
<option value="DE">Germany</option>
<option value="UK">United Kingdom</option>
<option value="US">USA</option>
</select>
</tr>
<tr>
<td>Bill to state</td><td><input type="text" name="billState" value=""/></td>
</tr>

<tr>
<td>Bill ship to zip</td><td><input type="text" name="billZip" value=""/></td>
</tr>
<tr>
<td>Bill to city</td><td><input type="text" name="billCity" value=""/></td>
</tr>
<tr>
<td>Bill to address</td><td><input type="text" name="billAddress" value=""/></td>
</tr>

<tr>
<td>Optional weight</td><td><input type="text" name="weight" value=""/> kg</td>
</tr>
<tr>
<td>Optional dimensions</td><td><input type="text" name="dimensions" value=""/> w:h:d (cm)</td>
</tr>
<tr>
<td>Optional ship to country</td><td>
<select name="shipCountry">
<option value="EL">Greece</option>
<option value="FR">France</option>
<option value="EE">Estonia</option>
<option value="DE">Germany</option>
<option value="UK">United Kingdom</option>
<option value="US">USA</option>
</select>
</tr>
<tr>
<td>Optional ship to state</td><td><input type="text" name="shipState" value=""/></td>
</tr>

<tr>
<td>Optional ship to zip</td><td><input type="text" name="shipZip" value=""/></td>
</tr>
<tr>
<td>Optional ship to city</td><td><input type="text" name="shipCity" value=""/></td>
</tr>
<tr>
<td>Optional ship to address</td><td><input type="text" name="shipAddress" value=""/></td>
</tr>

<tr>
<td>addFraudScore</td><td><input type="text" name="addFraudScore" size="5" 
	value=""/></td>
</tr>

<tr>
<td>maxPayRetries</td><td><input type="text" name="maxPayRetries" size="5" 
	value=""/></td>
</tr>
<tr>
<td>reject3dsU</td><td><input type="text" name="reject3dsU" size="2" maxlength="1" 
	value=""/> (Y/N)</td>
</tr>
<tr>
<td>Block score</td><td><input type="text" name="blockScore" size="5" value=""/>
</td>
</tr>
<tr>
<td>CSS url</td><td><input type="text" name="cssUrl" size="70" 
	value="css/vpos3.css"/>Full or relative url (css/vpos.css css/vpos1.css css/vpos3.css, css/vpos4.css)</td>
</tr>
<tr>
<td>Confirm url</td><td><input type="text" name="confirmUrl" size="70" 
	value="<%=request.getRequestURL()+"?cmd=confirm"%>"/></td>
</tr>
<tr>
<td>extXOrderId</td><td><input type="text" name="extXOrderId" size="70" 
	value=""/></td>
</tr>
<tr>
<td>extTokenOptions</td><td><input type="text" name="extTokenOptions" size="70" 
	value=""/></td>
</tr>
<tr>
<td>extToken</td><td><input type="text" name="extToken" size="70" 
	value=""/></td>
</tr>
<tr>
<td>Cancel url</td><td><input type="text" size="70" name="cancelUrl" value="<%=request.getRequestURL()+"?cmd=cancel" %>"/></td>
</tr>
<tr><td>Var1</td><td><input type="text" size="50" name="var1" value=""/></td></tr>
<tr><td>Var2</td><td><input type="text" size="50" name="var2" value=""/></td></tr>
<tr><td>Var3</td><td><input type="text" size="50" name="var3" value=""/></td></tr>
<tr><td>Var4</td><td><input type="text" size="50" name="var4" value=""/></td></tr>
<tr><td>Var5</td><td><input type="text" size="50" name="var5" value=""/></td></tr>
<tr><td>Var6</td><td><input type="text" size="50" name="var6" value=""/></td></tr>
<tr><td>Var7</td><td><input type="text" size="50" name="var7" value=""/></td></tr>
<tr><td>Var8</td><td><input type="text" size="50" name="var8" value=""/></td></tr>
<tr><td>Var9</td><td><input type="text" size="50" name="var9" value=""/></td></tr>

<tr>
<td colspan="2"><input type="submit" name="checkout" value="checkout"/></td>
</tr>
</table>
</form>
<% } %>
<%!boolean validateSignature(String[] fieldNames, HttpServletRequest request, String procCert) throws Exception {
		StringBuilder data = new StringBuilder();
		for (String fn : fieldNames) {
			appendIfFirst(data, request.getParameter(fn), ';');
		}

		String sig = request.getParameter("signature");
		java.security.Signature sg = java.security.Signature.getInstance("SHA256withRSA");
		java.security.cert.X509Certificate[] certs = getX509Certificate(procCert.getBytes("UTF-8"));
		java.security.PublicKey key = certs[0].getPublicKey();
		sg.initVerify(key);
		sg.update(data.toString().getBytes(java.nio.charset.StandardCharsets.UTF_8));
		boolean ok = sg.verify(Base64.getDecoder().decode(sig));
		if (ok) {
			System.out.println("Signature verified successfully with cert: " + certs[0].getSubjectDN());
		} else {
			System.out.println("Signature verification failed/mismatch with cert: " + certs[0].getSubjectDN()
					+ " base='" + data.toString() + "'");
		}
		return ok;
	}%>
<%!X509Certificate[] getX509Certificate(byte[] certInfo)
			throws Base64DecodingException, CertificateException, IOException {
		Init.init();
		byte[] xcertData = Base64.getDecoder().decode(certInfo);
		CertificateFactory cf = CertificateFactory.getInstance("X509");
		ByteArrayInputStream bis = new java.io.ByteArrayInputStream(xcertData);
		java.security.cert.Certificate cc = cf.generateCertificate(bis);
		bis.close();
		List<X509Certificate> _clX509 = new LinkedList<X509Certificate>();
		_clX509.add((X509Certificate) cc);

		return _clX509.toArray(new X509Certificate[_clX509.size()]);
	}%>
	<%!void appendIfFirst(StringBuilder sb, String a, Character b) {
		if (a != null && !a.isEmpty()) {
			sb.append(a);
			if (b != null) {
				sb.append(b);
			}
		}

	}%>
<%--
<%=request.getRequestURL() %>
<%=request.getScheme() %>
<%=request.getServerName() %>
 --%>
</body>
</html>

Still looking for help?

Send us e-mail

We’re here to help. Get in touch and we’ll get back to you as soon as we can.