<?php

/*
  Payment Gateway Bankpass
  
  Copyright (c) 2004 Starfarm Internet Communications srl

  Released under the GNU General Public License

  Author: Marco Spizzichino
  <marco@starfarm.it>
  
*/

/*
  
  Questo script riceve una conferma da Bankpass per
  la transazione in corso. Serve per informare il
  merchant direttamente senza passare per il client. 
  
*/

	include('includes/application_top.php');
	set_time_limit(0);

	$str = 'NUMORD=' . $_GET['NUMORD'] . '&' .
		'IDNEGOZIO=' . $_GET['IDNEGOZIO'] . '&' .
		'AUT=' . $_GET['AUT'] . '&' .
		'IMPORTO=' . $_GET['IMPORTO'] . '&' .
		'VALUTA=' . $_GET['VALUTA'] . '&' .
		'IDTRANS=' . $_GET['IDTRANS'] . '&' .
		'TCONTAB=' . $_GET['TCONTAB'] . '&' .
		'TAUTOR=' . $_GET['TAUTOR'] . '&' .
		'ESITO=' . $_GET['ESITO'] . '&' .
		$this->chiave_esito;
	$checkMAC = md5($str);

	// Il MAC e' corretto, per cui processiamo il record
	if(strtolower($_GET['MAC']) == strtolower($checkMAC)) {
		$check_query = tep_db_query("select * FROM orders_bankpass WHERE bank_transaction_id = '" . $_GET['IDTRANS'] . "'");
		$check = tep_db_num_rows($check_query);
		if($check > 0) {
			tep_db_query("UPDATE orders_bankpass SET server_status = 1 WHERE bank_transaction_id = '" . $_GET['IDTRANS'] . "'");
		} else {
			tep_db_query("INSERT INTO orders_bankpass (bank_transaction_id, shop_transaction_id, authorization_code, amount, server_status, date) VALUES ('" . $_GET['IDTRANS'] . "', '" . $_GET['NUMORD'] . "','" . $_GET['AUT'] . "', " . $_GET['IMPORTO']/100 . ",1," . time() . ")");
		}
	}
?>