More completepaybox integration with HMAC

htdocs/langs/en_US/paybox.lang

@@ -37,3 +37,4 @@ PAYBOX_PAYONLINE_SENDEMAIL=Email notification after payment attempt (success or
 PAYBOX_PBX_SITE=Value for PBX SITE
 PAYBOX_PBX_RANG=Value for PBX Rang
 PAYBOX_PBX_IDENTIFIANT=Value for PBX ID
+PAYBOX_HMAC_KEY=HMAC key

htdocs/paybox/admin/paybox.php

@@ -73,7 +73,7 @@ if ($action == 'setvalue' && $user->admin)
 	if (! $result > 0) $error++;
         $result=dolibarr_set_const($db, "PAYBOX_HMAC_KEY", dol_encode(GETPOST('PAYBOX_HMAC_KEY', 'alpha')), 'chaine', 0, '', $conf->entity);
 	if (! $result > 0) $error++;
-        
+
 
     if (! $error)
   	{
@@ -151,7 +151,7 @@ print '</td></tr>';
 print '<tr class="oddeven"><td>';
 print '<span class="fieldrequired">'.$langs->trans("PAYBOX_HMAC_KEY").'</span></td><td>';
 print '<input size="100" type="text" name="PAYBOX_HMAC_KEY" value="'.dol_decode($conf->global->PAYBOX_HMAC_KEY).'">';
-print '<br>'.$langs->trans("Example").': 2 ('.$langs->trans("Test").')';
+print '<br>'.$langs->trans("Example").': 1A2B3C4D5E6F';
 print '</td></tr>';
 
 print '<tr class="liste_titre">';
@@ -181,7 +181,8 @@ print '</td></tr>';
 print '<tr class="oddeven"><td>';
 print '<span class="fieldrequired">'.$langs->trans("PAYBOX_CGI_URL_V2").'</span></td><td>';
 print '<input size="64" type="text" name="PAYBOX_CGI_URL_V2" value="'.$conf->global->PAYBOX_CGI_URL_V2.'">';
-print '<br>'.$langs->trans("Example").': http://mysite/cgi-bin/modulev2_redhat72.cgi';
+print '<br>'.$langs->trans("Example").' (preprod): https://preprod-tpeweb.paybox.com/php/';
+print '<br>'.$langs->trans("Example").' (prod): https://tpeweb.paybox.com/php/';
 print '</td></tr>';
 
 

htdocs/paybox/lib/paybox.lib.php

@@ -78,15 +78,15 @@ function print_paybox_redirect($PRICE, $CURRENCY, $EMAIL, $urlok, $urlko, $TAG)
 		return -1;
 	}
 
+	$conf->global->PAYBOX_HASH = 'sha512';
+
 	// Definition des parametres vente produit pour paybox
-    $IBS_CMD=$TAG;
+	$IBS_CMD=$TAG;
     $IBS_TOTAL=$PRICE*100;     	// En centimes
     $IBS_MODE=1;            	// Mode formulaire
     $IBS_PORTEUR=$EMAIL;
 	$IBS_RETOUR="montant:M;ref:R;auto:A;trans:T";   // Format des parametres du get de validation en reponse (url a definir sous paybox)
     $IBS_TXT=' ';	// Use a space
-    $IBS_BOUTPI=$langs->trans("Wait");
-    //$IBS_BOUTPI='';
     $IBS_EFFECTUE=$urlok;
     $IBS_ANNULE=$urlko;
     $IBS_REFUSE=$urlko;
@@ -102,7 +102,9 @@ function print_paybox_redirect($PRICE, $CURRENCY, $EMAIL, $urlok, $urlko, $TAG)
     $IBS_OUTPUT='E';
     $PBX_SOURCE='HTML';
     $PBX_TYPEPAIEMENT='CARTE';
-    
+    $PBX_HASH = $conf->global->PAYBOX_HASH;
+    $PBX_TIME = dol_print_date(dol_now(), 'dayhourrfc', 'gmt');
+
     $msg = "PBX_IDENTIFIANT=".$PBX_IDENTIFIANT.
            "&PBX_MODE=".$IBS_MODE.
            "&PBX_SITE=".$IBS_SITE.
@@ -122,11 +124,13 @@ function print_paybox_redirect($PRICE, $CURRENCY, $EMAIL, $urlok, $urlko, $TAG)
            "&PBX_OUTPUT=".$IBS_OUTPUT.
            "&PBX_SOURCE=".$PBX_SOURCE.
            "&PBX_TYPEPAIEMENT=".$PBX_TYPEPAIEMENT;
-    
+    	   "&PBX_HASH=".$PBX_HASH;
+    	   "&PBX_TIME=".$PBX_TIME;
+
     $binKey = pack("H*", dol_decode($conf->global->PAYBOX_HMAC_KEY));
-            
-    $hmac = strtoupper(hash_hmac('sha512', $msg, $binKey));
-           
+
+    $hmac = strtoupper(hash_hmac($PBX_HASH, $msg, $binKey));
+
 
     dol_syslog("Soumission Paybox", LOG_DEBUG);
     dol_syslog("IBS_MODE: $IBS_MODE", LOG_DEBUG);
@@ -147,10 +151,12 @@ function print_paybox_redirect($PRICE, $CURRENCY, $EMAIL, $urlok, $urlko, $TAG)
     dol_syslog("PBX_IDENTIFIANT: $PBX_IDENTIFIANT", LOG_DEBUG);
     dol_syslog("PBX_SOURCE: $PBX_SOURCE", LOG_DEBUG);
     dol_syslog("PBX_TYPEPAIEMENT: $PBX_TYPEPAIEMENT", LOG_DEBUG);
+    dol_syslog("PBX_HASH: $PBX_HASH", LOG_DEBUG);
+    dol_syslog("PBX_TIME: $PBX_TIME", LOG_DEBUG);
 
     header("Content-type: text/html; charset=".$conf->file->character_set_client);
     header("X-Content-Type-Options: nosniff");
-    
+
     print '<html>'."\n";
     print '<head>'."\n";
     print "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=".$conf->file->character_set_client."\">\n";
@@ -182,6 +188,9 @@ function print_paybox_redirect($PRICE, $CURRENCY, $EMAIL, $urlok, $urlko, $TAG)
     print '<input type="hidden" name="PBX_OUTPUT" value="'.$IBS_OUTPUT.'">'."\n";
     print '<input type="hidden" name="PBX_SOURCE" value="'.$PBX_SOURCE.'">'."\n";
     print '<input type="hidden" name="PBX_TYPEPAIEMENT" value="'.$PBX_TYPEPAIEMENT.'">'."\n";
+    print '<input type="hidden" name="PBX_HASH" value="'.$PBX_HASH.'">'."\n";
+    print '<input type="hidden" name="PBX_TIME" value="'.$PBX_TIME.'">'."\n";
+    // Footprint of parameters
     print '<input type="hidden" name="PBX_HMAC" value="'.$hmac.'">'."\n";
     print '</form>'."\n";
 

htdocs/public/payment/newpayment.php

@@ -355,7 +355,7 @@ if ($action == 'dopayment')
 	if ($paymentmethod == 'paybox')
 	{
 		$PRICE=price2num(GETPOST("newamount"), 'MT');
-		$email=GETPOST("email", 'alpha');
+		$email=$conf->global->ONLINE_PAYMENT_SENDEMAIL;
 		$thirdparty_id=GETPOST('thirdparty_id', 'int');
 
 		$origfulltag=GETPOST("fulltag", 'alpha');
@@ -754,7 +754,7 @@ if (! empty($conf->paypal->enabled))
 }
 if (! empty($conf->paybox->enabled))
 {
-
+	print '<!-- PAYBOX_CGI_URL = '.$conf->global->PAYBOX_CGI_URL_V2.' -->'."\n";
 }
 if (! empty($conf->stripe->enabled))
 {