Validating Modal Callback Data

Hash Verification

During the End to End Process, the transaction_logged and/or transaction_failed callbacks would have called with the transaction response passed to them. Should you wish to validate a response, you will need to obtain the values for id, status and total as well as the channel secret for the channel you are using.

From there, you can use the TmtAuthstring\Validate class on the TMT Github Page following the example shown.

Alternatively, you can write your own verification method based on the example below:

Example

$values = [
    'id'        => $id,
    'status'    => $status,
    'total'     => $total
];

$varString    = implode('&', $values);
$authString   = hash('sha256', $varString);
$validHash    = hash('sha256', $authString . $channel_secret);

if (hash_equals($hash, $validHash)) {
    // Valid hash.
};

API Verification

The "id" can be used to verify the transaction via a GET /transactions/id request to the TMTProtects API.

results matching ""

    No results matching ""