When ordering more than 9 products the SHASIGN becomes invalid and payment through Ogone returns an error. The error shown in the Ogone dashboard is "unknown order/1/s" which (according to the support departments) is due to an issue with the SHASIGN calculated by the Ogone module.

After some investigation i found out the problem lies in the order of signature parameters handled in the signData method. The issue is fixed rather easily by adding a sorting_flag parameter to the ksort function so sorting is done in a natural order.

Current order:
..
..
ITEMNAME1=Product1
ITEMNAME10=Product10
ITEMNAME2=Product2
..
..
..

Correct order:
..
..
ITEMNAME1=PRODUCT1
ITEMNAME2=PRODUCT2
ITEMNAME3=PRODUCT3
..
..
ITEMNAME10=PRODUCT10

Attached path should fix this issue.

CommentFileSizeAuthor
#8 hash_issue_when-2475173-8.patch817 bytesericmulder1980
#5 hash_issue_when-2475173-5.patch740 bytesericmulder1980
ogone-fix_sha_parameter_sorting.patch752 bytesericmulder1980
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

ericmulder1980’s picture

ericmulder1980 CreditAttribution: ericmulder1980 commented

Some background information from the Ogone implementation guide.

Ascending order of line item details for SHA calculation
Please take into account that as from 10 line item details the order of the parameters for the SHA calculation may differ from what is expected on your system's side.

Where for the calculation of the SHA we normally stress that all parameters should be sorted alphabetically, a "logical" ascending order is put in place for the line item details:

- Ascending order: 1, 2, 3, 4, 5, 6, 7, etc.
- Alphabetical order: 1, 10, 11, 2, 3, 4, etc. (NOT applied)

Xano’s picture

Xano
he/they
Primary language English
Location Southampton
CreditAttribution: Xano commented
Status: Active » Needs review
Xano’s picture

Xano
he/they
Primary language English
Location Southampton
CreditAttribution: Xano commented

Also fix this for Ingenico.

Status: Needs review » Needs work

The last submitted patch, ogone-fix_sha_parameter_sorting.patch, failed testing.

ericmulder1980’s picture

ericmulder1980 CreditAttribution: ericmulder1980 commented
FileSize
hash_issue_when-2475173-5.patch740 bytes

It seemd SORT_NATURAL was added in PHP 5.4 and will not work in previous versions.

replaced ksort function with natsort.

Xano’s picture

Xano
he/they
Primary language English
Location Southampton
CreditAttribution: Xano commented
Status: Needs work » Needs review
Xano’s picture

Xano
he/they
Primary language English
Location Southampton
CreditAttribution: Xano commented
Priority: Major » Normal

That sorts the values, not the keys. We either have to go with the first solution and require PHP 5.4 (which is the lowest supported PHP version nowadays anyway) or split keys and values, the order the keys (which are values in the new array), then combine them in the order of the array that contains the sorted keys. Using uksort() is possible too, but that needs a callback. Using a separate function makes the code harder to read as well and even using a closure would require us to increase the PHP requirement to 5.3

ericmulder1980’s picture

ericmulder1980 CreditAttribution: ericmulder1980 commented
FileSize
hash_issue_when-2475173-8.patch817 bytes

Ah, my newborn daughter seems to be affecting my skills ;)

Using PHP's built-in strnatcmp would prevent having another callback function in code.

uksort( $data, 'strnatcmp');

Xano’s picture

Xano
he/they
Primary language English
Location Southampton
CreditAttribution: Xano commented

Thanks! Did you test this manually and does it work?

ericmulder1980’s picture

ericmulder1980 CreditAttribution: ericmulder1980 commented

Yes, tested in devel/php with following code

$items = array(10 => 'ten', 1 => 'one', 0 => 'zero', 4 => 'four', 3 => 'three', 2 => 'two');
uksort( $items, 'strnatcmp');
dpm($items);

returns exactly what we need.

Xano’s picture

Xano
he/they
Primary language English
Location Southampton
CreditAttribution: Xano commented

And any Ogone redirects with more than 9 items works too?

ericmulder1980’s picture

ericmulder1980 CreditAttribution: ericmulder1980 commented

Well since assumption is the mother of all f#ck ups i will deploy this to our staging environment (which is hooked up to Ogone test environment) and give it a go.

The previous ksort($data, SORT_NATURAL) fix was already running on production without any issues.

Will report back after testing.

Xano’s picture

Xano
he/they
Primary language English
Location Southampton
CreditAttribution: Xano commented

@ericmulder1980: Did you manage to test this yet?

ericmulder1980’s picture

ericmulder1980 CreditAttribution: ericmulder1980 as a volunteer commented
Status: Needs review » Reviewed & tested by the community

Hi Xano, sorry for the delay.

Works great over here so i guess this means we can check the box "tested by community" :)

Xano’s picture

Xano
he/they
Primary language English
Location Southampton
CreditAttribution: Xano commented
Status: Reviewed & tested by the community » Fixed
Xano’s picture

Xano
he/they
Primary language English
Location Southampton
CreditAttribution: Xano commented
Status: Fixed » Reviewed & tested by the community

Meh. Can't make a connection to the Git repo from here. Will have to push at home.

  • Xano committed e809f09 on 7.x-2.x authored by ericmulder1980 
    Issue #2475173 by ericmulder1980: Hash issue when ordering more than 9...
Xano’s picture

Xano
he/they
Primary language English
Location Southampton
CreditAttribution: Xano commented
Status: Reviewed & tested by the community » Fixed

Thanks again!

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.