i am working with angular5 , i need to integrate PayUMoney payment gateway in my application , for that i added following form and test with "https://test.payu.in/_payment" domain.
Error :
Error Reason Transaction failed due to incorrectly calculated hash
parameter.
Corrective Action Please ensure that the hash used in transaction
request is calculated using the correct formula. Please note the
correct formula for calculating the value of hash:
sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||SALT)
Based on above formula and applying for this transaction, hash should
be calculated as mentioned below : hash =
sha512(gtKFFx|ba7816bf8f01cfea414140de5da|500|merit application
fees|bhagvat lande|landebm#gmail.com|||||||||||eCwWELxi) = Array
As seen above, correct hash value should have been - Array
But the hash posted in the transaction request from your end was -
e95bd46ce3cf4b3c32a63ba5f51934ef8506e0e47027512f41bff125be02cd14
My Component with Form
<form #f method="post" id="payu-payment-form" action="https://test.payu.in/_payment">
<input type="hidden" name="hash" value="e95bd46ce3cf4b3c32a63ba5f51934ef8506e0e47027512f41bff125be02cd14"/>
<input type="hidden" name="key" value="gtKFFx" />
<input type="hidden" name="txnid" value="ba7816bf8f01cfea414140de5da" />
<input type="hidden" name="amount" value="500" />
<input type="hidden" name="productinfo" value="merit application fees" />
<input type="hidden" name="firstname" value="bhagvat lande" />
<input type="hidden" name="email" value="******#gmail.com" />
<input type="hidden" name="phone" value="+91**********" />
<input type="hidden" name="surl" value="http://localhost:4200/#/payment/payment-success" />
<input type="hidden" name="furl" value="http://localhost:4200/#/payment/payment-error" />
<input type="hidden" name="service_provider" value="" />
<button class="btn btn-info" type="submit" (click)="f.submit()" value="submit" formtarget="_blank"> <i class="fa fa-money"></i> Proceed To Pay</button>
</form>
in above form i just generate one dummy hash key(SHA-256) and put their.
Questions :
how to integrate PayUmoney payment gateway in ANgular2/4/5 ?
they provided formula on their documentation for generation hash key , it tooks all other forms fields and generate hash key (SHA-256) , is their any way to create hash key at client side and how to use that ?
thanks
Related
I'm playing around with htmx and hyperscript, and I want all input fields in the form below to be cleared on submit:
<form hx-post="/example" hx-target="#table tbody" hx-swap="beforeend"
_="<what should I write here??>">
<label class="control-label" for="firstNameInput">First Name</label>
<input id="firstNameInput" name="firstName" class="form-control" type="text" required placeholder="John"/>
<label class="control-label" for="lastNameInput">Last Name</label>
<input id="lastNameInput" name="lastName" class="form-control" type="text" required placeholder="Doe"/>
<button class="btn btn-primary">Add User</button>
</div>
</form>
I've tried replacing <what should I write here??> with e.g. on submit put '' into <input/> and on submit put '' into <input[value]/> and lots of other combinations but I fail to get this work.
Q: How can I clear all input fields when the form is submitted?
Try with on htmx:afterRequest reset() me
I am trying to generate a recurring payment using our test accounts and I am getting response on status url as well which is mentioned below.
Implemented as per Instructions which are mentioned on page number: 12 & 35
Here is the code which we are posting to Skrill:
<form action="https://pay.skrill.com" target="_blank" class="skrill-form">
<input type="hidden" name="pay_to_email" value="email#gmail.com">
<input type="hidden" name="currency" value="EUR">
<input type="hidden" name="return_url" value="http://domain/dev-test-page-2/">
<input type="hidden" name="return_url_text" value="Return to main website">
<input type="hidden" name="return_url_target" value="4">
<input type="hidden" name="cancel_url" value="http://domain/dev-test-page-2/">
<input type="hidden" name="cancel_url_target" value="4">
<input type="hidden" name="status_url"
value="http://domain/wp-admin/admin-ajax.php?action=skrill_response">
<input type="hidden" name="status_url2" value="mailto:email#gamil.com">
<input type="hidden" name="logo_url" value="https://domain/wp-content/uploads/2018/07/logo.png">
<input type="hidden" name="rec_amount" value="2">
<input type="hidden" name="rec_start_date" value="17/01/2019">
<input type="hidden" name="rec_end_date" value="27/01/2019">
<input type="hidden" name="rec_period" value="2">
<input type="hidden" name="rec_cycle" value="day">
<input type="hidden" name="rec_grace_period" value="2">
<input type="hidden" name="rec_status_url"
value="http://domain/wp-admin/admin-ajax.php?action=skrill_rec_status_url">
<input type="hidden" name="rec_status_url2"
value="http://domain/wp-admin/admin-ajax.php?action=skrill_rec_status_url">
<input type="text" name="amount" value="1">
<input type="submit" value="Pay" class="btn">
</form>
Response:
[action] => skrill_response
[transaction_id] => 2605308006
[mb_amount] => 39
[amount] => 39
[md5sig] => 72EE69AA174B377A6E488129CA4F5063
[merchant_id] => 111682769
[payment_type] => WLT
[mb_transaction_id] => 2605308006
[mb_currency] => EUR
[pay_from_email] => email#gmail.com
[pay_to_email] => email#gmail.com
[currency] => EUR
[customer_id] => 111683528
[status] => 2
We are not getting any response on rec_status_url. Further, we have also tried to access the recurring transaction status of above test transaction as per mentioned instructions in PDF in return I received an email that my account temporarily locked.
Am I skipping some of essential parameters?
Query string as per instructions to access the status of a recursion:
https://www.skrill.com/app/query.pl?action=status_rec&email=email#gmail.com&password=123456&trn_id=2605308006
Response:
401 Your account is currently locked. Please contact our Merchant Team at:merchantservices#skrill.com
Implemented as per Instructions which are mentioned on page number: 30
Have you solved your issue?
Most probably you merchant account is not enabled from Skrill's side to receive recurring payments. Please ask their support to enable it for you.
Also i would highly recommend you to user server-to-server request to generate 'session' for your payments, not leaving your payment parameters/data on the user's front-end(html form).
As far as i am aware about rec_status_url, it should be called only in when customer was subscribed and there was at least one sub/recurring payment, then if he cancels the plan, you should receive correct http post message.
About query.pl?action=status_rec - all MQI/API queries should contain your MQI/API password as md5 hash value - not plain text password.
Make sure that "MQI" service is enabled for your account(My Account->Settings->Developer Settings)
Cheers,
I am working on an old application using Struts 1. We are using nested tags. For below code:
<nested:form action="/save.do?method=save">
<h2>Indexed Property Example</h2>
<nested:iterate property="lines" indexId="idx">
Name: <nested:text property="name" indexed="true"/>
Town: <nested:text property="town" indexed="true"/>
<nested:iterate property="inches" indexId="j">
Inch: <nested:text property="length" indexed="true"></nested:text>
</nested:iterate>
</nested:iterate>
<nested:submit value="save" />
</nested:form>
I am getting below html:
<h2>Indexed Property Example</h2>
Name: <input name="nestedForm[0].lines[0].name" value="" type="text">
Town: <input name="nestedForm[0].lines[0].town" value="" type="text">
Inch: <input name="nestedForm[0].lines[0].inches[0].length" value="0" type="text">
Inch: <input name="nestedForm[1].lines[0].inches[1].length" value="0" type="text">
<input name="" value="save" type="submit">
If you see in second Inch label we have nestedForm[1] it should be 0. I have to change to this data and submit back to server. If I change it directly in html struts populate all objects automatically. Can anyone suggest me if I am doing anything wrong here.
I have a problem invoking a submit method in web page
This is my code
Webbrowser.document.forms(0).invokemember("submit")
It does nothing.
Here is the html
<form name="myWebForm" action="myServerSideScript.php" method="post">
<input type="checkbox" /> Checkbox 1<br />
<input type="text" /> Text Field 1<br />
<input type="submit" value="SUBMIT" />
</form>
You must set .AllowNavigation property to "TRUE"
Webbrowser.AllowNavigation = True
And call submit method like this
Webbrowser.Document.Forms(0).InvokeMember("submit")
Or
Webbrowser.Document.Forms.GetElementsByName("myWebForm").Item(0).InvokeMember("submit")
im trying out paypals html api where you specify price, item_name, customer information and so on in the html:
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" id="payPalForm">
<input type="hidden" name="cmd" value="_cart" />
<input type="hidden" name="upload" value="1" />
<input type="hidden" name="no_note" value="1" />
<input type="hidden" name="business" value="your#paypalaccount.com" />
<input type="hidden" name="currency_code" value="SEK" />
<input type="hidden" name="return" value="http://freelanceswitch.com/payment-complete/" />
<input type="hidden" name="tax_rate" value="25" />
<input type="hidden" name="item_name_1" value="Apple Macpro" />
<input type="hidden" name="item_number_1" value="01 - Product 1" />
<input type="hidden" name="amount_1" value="25000" />
<input type="hidden" name="item_name_2" value="Apple Macbook" />
<input type="hidden" name="item_number_2" value="02 - Product 2" />
<input type="hidden" name="amount_2" value="12500" />
<input type="hidden" name="item_name_3" value="Apple Macbook Air" />
<input type="hidden" name="item_number_3" value="03 - Product 3" />
<input type="hidden" name="amount_3" value="12500" />
<input type="submit" name="Submit" value="Submit" />
</form>
when the user clicks submit it takes him/her to paypals payment page.
but doesn't this mean that a hacker could change the order by manipulating the html code?
i canĀ“t figure out how paypal prevents this security problem.
Of course, it does appear as if someone could just change the HTML and re-submit the form.
I'm not sure about PayPal, but Google Checkout handles this by instead of setting HTML, it gets you to create XML, encrypt it using your merchant key, and use the encrypted string in your HTML to pass across to Google. Google then decrypts it using your merchant key and voila - tamper-free.
Have a look in PayPal's documentation for something along the lines of "cart signing" or "request encryption." They may also do a callback to your server, telling you what was sent and you can compare it to your database to see if the prices are still correct.
If this is anything like other html integrations, there should be a callback directly from Paypal to your server with all the fields that were entered. You can compare these to see if any have changed. There are usually various security mechanisms such as a shared hidden key so that you can validate that the callback is genuine.
It doesn't seem like it is safe by itself. On Paypal's Securing Your Website Payments Standard Buttons page, they talk about being able to create protected payment buttons. However further on they indicate that it doesn't work if Javascript is disabled which makes the protection useless! Then they talk about other manual processes that can be performed including reconciliation and instant notifications which should occur in any sound accounting process anyway.
Encrypted website payments really seems like the only secure option to me.