Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Re: Reference files outside web root from TXP
Hi ruud, Sorry for the delay. Your script does reference the certificate files outside the web root!
However, there is a Paypal error on the Paypal cart page after clicking the encrypted button:
“The email address for the business is not present in the encrypted blob. Please contact your merchant.”
http://www.staceyirvin.com/buttontest?name=phototitlehere
Also, the cache files are being created, but not in the specified cache folder.
I sent you some login info so that you can take a look on my server if needed. Thanks so much for your help!
Last edited by photonomad (2015-01-20 22:36:01)
Offline
Re: Reference files outside web root from TXP
I tried, but couldn’t find the cause (yet).
I did find this page which has script that does something similar to what I wrote, but slightly different:
http://blog.scrobbld.com/paypal/protecting-your-payments-with-ewp/
Unfortunately, I can’t seem to make that work without getting a mysterious error message that nobody seems to be able to solve.
So, in the end I reverted to using the original script you had. It now works with ?name=something in the URL. It’s saved as ruudscript.php
Offline
Re: Reference files outside web root from TXP
Found it. ruudscript.php updated. Should work with caching now and ?name= param and without using shell commands.
Offline
Re: Reference files outside web root from TXP
- It contains a few bits of TXP specific code, mainly to get an image ID and ALT text (easy to remove if you want to use it elsewhere)
- encryption results are cached
- doesn’t use the
exec
command, but uses PHP built-in functions instead
<?php
paypal_encrypt();
function paypal_encrypt()
{
# private key file to use
$MY_KEY_FILE = "/path/to/test-prvkey.pem";
# public certificate file to use
$MY_CERT_FILE = "/path/to/test-pubcert.pem";
# Paypal's public certificate (or sandbox certificate, if you're testing)
$PAYPAL_CERT_FILE = "/path/to/sandbox_cert.pem";
# path to the openssl binary
$OPENSSL = "/usr/bin/openssl";
# path to cache directory for encrypted content
$CACHE = "/path/to/cache/";
# TXP specific call to get the id value from query string in the URL
$id = abs(intval(gps('image')));
# TXP specific call to get a nice name from the database based on image ID
$name = substr(safe_field('alt', 'txp_image', 'id='.$id), 0, 127);
# some basic checks. Abort on error.
$err = "";
if (false === $name) $err .= "ERROR: invalid image ID: $id\n";
if (!file_exists($MY_KEY_FILE)) $err .= "ERROR: MY_KEY_FILE $MY_KEY_FILE not found\n";
if (!file_exists($MY_CERT_FILE)) $err .= "ERROR: MY_CERT_FILE $MY_CERT_FILE not found\n";
if (!file_exists($PAYPAL_CERT_FILE)) $err .= "ERROR: PAYPAL_CERT_FILE $PAYPAL_CERT_FILE not found\n";
if ($err) {
echo $err;
return;
}
# all files we create are in the cache directory and have the same file name beginning.
$file = realpath($CACHE) . '/'. $id;
# use cached results if possible.
if (file_exists($file.'.paypal')) {
echo file_get_contents($file.'.paypal');
return;
}
# a complete list of possible variables for Paypal can be found here:
# https://developer.paypal.com/docs/classic/paypal-payments-standard/integration-guide/Appx_websitestandard_htmlvariables/
$hash = array(
'bn' => 'Company_Service_Product_Country',
'business' => 'your.email@example.com',
'cert_id' => 'D613BACFE54571',
'cmd' => '_cart',
'add' => '1',
'lc' => 'US',
'currency_code' => 'USD',
'no_shipping' => '0',
'item_name' => $name,
'amount' => '10',
);
# create Paypal input
$data = "";
foreach ($hash as $key => $value) {
if ($value != "") {
$data .= "$key=$value\n";
}
}
# store it in a file
file_put_contents($file.'.txt', $data);
# use that file to create a signed version, using my own certificates
openssl_pkcs7_sign($file.'.txt', $file.'.sign', file_get_contents($MY_CERT_FILE), file_get_contents($MY_KEY_FILE), array(), PKCS7_BINARY);
# now convert that file (smime format) into a binary file and store it again
$sign = explode("\n\n", file_get_contents($file.'.sign'));
$bin = base64_decode(str_replace("\n", '', $sign[1]));
file_put_contents($file.'.bin', $bin);
# and encrypt that file
openssl_pkcs7_encrypt($file.'.bin', $file.'.crypt', file_get_contents($PAYPAL_CERT_FILE), array(), PKCS7_BINARY, OPENSSL_CIPHER_3DES);
# and again, convert that smime format file into 'der' format.
$crypt = file_get_contents($file.'.crypt');
$crypt = explode("\n\n", $crypt);
$crypt = "-----BEGIN PKCS7-----\n".$crypt[1]."\n-----END PKCS7-----";
file_put_contents($file.'.paypal', $crypt);
# clean up the files we no longer need.
unlink($file.'.txt');
unlink($file.'.sign');
unlink($file.'.bin');
unlink($file.'.crypt');
# and we're done, so return the result.
echo $crypt;
}
<html>
<head>
<title>PHP Sample Donation using PayPal Encrypted Buttons</title>
</head>
<body>
<h1>Sample Donation Page</h1>
<p>This page uses encrypted PayPal buttons for your security.</p>
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post" target=_blank>
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="encrypted" value="<txp:php>require_once /path/to/paypalscript.php</txp:php>">
<input type="submit" value="Donate $10">
</form>
</body>
</html>
Creating certificates (private and public key respectively, valid 1 year):
openssl genrsa -out my-prvkey.pem 1024
openssl req -new -key my-prvkey.pem -x509 -days 365 -out my-pubcert.pem
All this based on the code of these scripts:
- http://blog.scrobbld.com/paypal/protecting-your-payments-with-ewp/
- http://www.stellarwebsolutions.com/en/articles/paypal_button_encryption_php.php
Offline