问题
i am getting verify checksum error in paytm to android app i have created check sum in php and sending from server to android app.once app received check sum again parameters will go to server to verify check sum
app code
public void onStartTransaction (View view){
String orderId = pref.getoId();
String uid = pref.getuid();
String email = pref.getemail();
String mobile = pref.getMobileNumber();
String checksum = pref.getchecksum();
PaytmPGService Service = PaytmPGService.getProductionService();
Map<String, String> paramMap = new HashMap<String, String>();
paramMap.put("MID", "Goa3038161");
paramMap.put("ORDER_ID", orderId);
paramMap.put("CUST_ID", uid);
paramMap.put("INDUSTRY_TYPE_ID", "Retail109");
paramMap.put("CHANNEL_ID", "WAP");
paramMap.put("TXN_AMOUNT", "99");
paramMap.put("WEBSITE", "GWEB");
paramMap.put("CALLBACK_URL", "https://goalert.in/verifyChecksum.php ");
paramMap.put("EMAIL", email);
paramMap.put("MOBILE_NO", mobile);
paramMap.put("CHECKSUMHASH", checksum);
PaytmOrder Order = new PaytmOrder(paramMap);
Service.initialize(Order, null);
server code
generateChecksum.php
this function generates check sum and return to app with checksum value
<?php
header("Pragma: no-cache");
header("Cache-Control: no-cache");
header("Expires: 0");
require_once("./lib/config_paytm.php");
require_once("./lib/encdec_paytm.php");
require_once 'include/DB_Functions.php';
$db = new DB_Functions();
if (isset($_POST['email']) && isset($_POST['mobile']) && isset($_POST['uid']) && isset($_POST['orderId'])){
$email = $_POST['email'];
$mobile = $_POST['mobile'];
$uid = $_POST['uid'];
$orderId = $_POST['orderId'];
}else {
// required post params is missing
$response["error"] = TRUE;
$response["error_msg"] = "Unknown error";
echo json_encode($response);
}
$checkSum = "";
// below code snippet is mandatory, so that no one can use your checksumgeneration url for other purpose .
$findme = 'REFUND';
$findmepipe = '|';
$paramList = array();
$paramList["MID"] = 'Goa8161';
$paramList["ORDER_ID"] = $orderId;
$paramList["CUST_ID"] = $uid;
$paramList["INDUSTRY_TYPE_ID"] = 'Retail109';
$paramList["CHANNEL_ID"] = 'WAP';
$paramList["TXN_AMOUNT"] = '99';
$paramList["WEBSITE"] = 'GoB';
foreach($_POST as $key=>$value)
{
$pos = strpos($value, $findme);
$pospipe = strpos($value, $findmepipe);
if ($pos === false || $pospipe === false)
{
$paramList[$key] = $value;
}
}
//Here checksum string will return by getChecksumFromArray() function.
$checkSum= getChecksumFromArray($paramList,"gPFC");
//print_r($_POST);
$response["user"]= array("CHECKSUMHASH" => $checkSum,"orderId" => $_POST["orderId"], "payt_STATUS" => "1");
echo json_encode($response);
verifyChecksum.php
this function will verify check sum with paytm server
Note:kindly ignore value of parameters of key mid they are given wrong
<?php
header("Pragma: no-cache");
header("Cache-Control: no-cache");
header("Expires: 0");
// following files need to be included
require_once("./lib/config_paytm.php");
require_once("./lib/encdec_paytm.php");
$paytmChecksum = "";
$paramList = array();
$isValidChecksum = FALSE;
$paramList = $_POST;
$return_array = $_POST;
$paytmChecksum = isset($_POST["CHECKSUMHASH"]) ? $_POST["CHECKSUMHASH"] : ""; //Sent by Paytm pg
//Verify all parameters received from Paytm pg to your application. Like MID received from paytm pg is same as your application’s MID, TXN_AMOUNT and ORDER_ID are same as what was sent by you to Paytm PG for initiating transaction etc.
$isValidChecksum = verifychecksum_e($paramList, "gPFZSi", $paytmChecksum); //will return TRUE or FALSE string.
if ($isValidChecksum===TRUE){
$return_array["IS_CHECKSUM_VALID"] = "Y";
else
$return_array["IS_CHECKSUM_VALID"] = "N";
}
$return_array["IS_CHECKSUM_VALID"] = $isValidChecksum ? "Y" : "N";
$return_array["TXNTYPE"] = "";
$return_array["REFUNDAMT"] = "";
unset($return_array["CHECKSUMHASH"]);
$encoded_json = htmlentities(json_encode($return_array));
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-I">
<title>Paytm</title>
<script type="text/javascript">
function response(){
return document.getElementById('response').value;
}
</script>
</head>
<body>
Redirect back to the app<br>
<form name="frm" method="post">
<input type="hidden" id="response" name="responseField" value='<?php echo $encoded_json?>'>
</form>
</body>
</html>
when transaction is processing it gives error from pay session closed due to inactivity.when i checked on paytm for the order it says checksum error
pls help to solve the issue
回答1:
There can be few things that may have gone wrong.
Let me briefly state step by step process first, so if you find something that is different than what you have done, we can pin point error quickly.
1) App usually triggers payment and with that sends all data with which checkSum needs to be generated.
2) Only server must generate checksum(purely for security reason)
3) Checksum generation method for payment and refund is different. At least in Java and Python.(This is really silly from Paytm and it is bit of a mess but that's a story for another day)
4) App must call Paytm API(with or without SDK), and once response is received must ask server to verify checksum send within response.
Cautions :-
1) Parameters that are send to Paytm must be same to those used in checkSum generation. Not less not more and Needless to say, white space, enter, dash all counts and will fail your checkSum verification.
2)If you are processing Refund, don't sent REFID in checkSum generation but send it when calling Paytm API.
回答2:
I don't see you generating anywhere checksum, checksum should be done for all the params you are planning to send.
It seems you: String checksum = pref.getchecksum(); where is the implementation of getchecksum? keep it out of the main object and then try again.
来源:https://stackoverflow.com/questions/48285347/paytm-verifychecksum-error