Open nykopol opened 10 years ago
@cedric-g i had forgotten to filter the data in Response::initData
for url_ipn vaidation. So now pbx_retour
does not require to be an array as this parameter isn't used anymore in validation by url_ipn.
I think this PR can be merge now.
This PR fix the validation process to match specifications about the use of PBX_REPONDRE_A option or the use of the URL specified in paybox interface.
In concrete, if you use the PBX_REPONDRE_A option, the signature must be validated with data returned according to PBX_RETOUR option. While if you define the URL for IPN by the interface of Paybox, the signature must be validated with all the parameters, even those that can be external to PBX_RETOUR (for example a page parameter).