Siim/gist:1031082

## gistfile1.aw
<?php
/**
 * License: GPL3
 * (c) Siim Haugas 2011
 */
class Nordea{
  protected $fields = array();
  function __construct(){
    $stamp = time();
    $this->fields = array(
      'VERSION' => '0003',
      'STAMP' => $stamp,
      'RCV_ID' => '',
      'LANGUAGE' => 4,
      'AMOUNT' => '0.0',
      'REF' => $this->calcref($stamp),
      'DATE' => 'EXPRESS',
      'MSG' => '',
      'RETURN' => '',
      'CANCEL' => '',
      'REJECT' => '',
      'MAC' => '',
      'CONFIRM' => 'YES',
      'KEYVERS' => '0001',
      'CUR' => 'EUR'
    );
  }

  public function __set($key,$val){
    $keys = array_keys($this->fields);
    if(in_array(strtoupper($key), $keys)){
      $this->fields[strtoupper($key)] = $val;
    }else{
      $this->$key = $val;
    }
  }

  /** Generates field values for form */
  public function genfields(){
    $this->msg = 'payment nr. xxx';
    $this->amount = '99.5';
    $this->rcv_id = '12345678';
    $this->return = 'http://localhost:3000/?success';
    $this->cancel = 'http://localhost:3000/?cancel';
    $this->reject = 'http://localhost:3000/?reject';

    // must be last
    $this->mac = $this->calcmac();
    return $this->fields;
  }

  /** Reference number */
  public function calcref($number){
    $number = "$number";
    $len = strlen($number);
    $sum = 0;

    // reversed string
    $rnum = strrev($number);
    for($i=0; $i < $len; $i++){
      switch(($i + 1) % 3){
        case 0: $sum += $rnum[$i]; break;
        case 1: $sum += $rnum[$i] * 7; break;
        case 2; $sum += $rnum[$i] * 3; break;
      }
    }
    $last = (10 - ($sum % 10)) % 10;
    return "$number$last";
  }

  /** Calculates mac */
  public function calcmac(){
    $fields = $this->fields;
    return strtoupper(md5(array_reduce(array(
      'VERSION', 'STAMP','RCV_ID','AMOUNT','REF','DATE','CUR'
    ), function($a, $b) use ($fields){ return "$a$fields[$b]&"; }, '') . $this->getkey() . '&'));
  }

  /** Make sure that returned message is authentic */
  public function verify(){
    $mac = strtoupper(md5(array_reduce(array(
      'RETURN_VERSION',
      'RETURN_STAMP',
      'RETURN_REF',
      'RETURN_PAID'
    ), function($a, $b){ return "$a$_GET[$b]&"; }, '') . $this->getkey() . '&'));
    return $mac === $_GET['RETURN_MAC'];
  }

  /** Service provider's mac */
  private function getkey(){
    return 'LEHTI';
  }
}
?>

<?php /********** Example **********/ ?>

<?php $n = new Nordea() ?>

<?php if(isset($_GET['success'])): ?>
  <?php if($n->verify()): ?>
    verified!
  <?php else: ?>
    returned message is not authentic
  <?php endif ?>
<?php elseif(isset($_GET['cancel'])): ?>
 fail
<?php else: ?>
<form method="post" action="https://netbank.nordea.com/pnbepaytest/epayn.jsp">
  <?php foreach($n->genfields() as $key => $val): ?>
    <input type="hidden" name="<?php echo $key ?>" value="<?php echo $val ?>" />
  <?php endforeach ?>
  <input type="submit" />
</form>
<?php endif ?>
	<?php
	/**
	* License: GPL3
	* (c) Siim Haugas 2011
	*/
	class Nordea{
	protected $fields = array();
	function __construct(){
	$stamp = time();
	$this->fields = array(
	'VERSION' => '0003',
	'STAMP' => $stamp,
	'RCV_ID' => '',
	'LANGUAGE' => 4,
	'AMOUNT' => '0.0',
	'REF' => $this->calcref($stamp),
	'DATE' => 'EXPRESS',
	'MSG' => '',
	'RETURN' => '',
	'CANCEL' => '',
	'REJECT' => '',
	'MAC' => '',
	'CONFIRM' => 'YES',
	'KEYVERS' => '0001',
	'CUR' => 'EUR'
	);
	}

	public function __set($key,$val){
	$keys = array_keys($this->fields);
	if(in_array(strtoupper($key), $keys)){
	$this->fields[strtoupper($key)] = $val;
	}else{
	$this->$key = $val;
	}
	}

	/** Generates field values for form */
	public function genfields(){
	$this->msg = 'payment nr. xxx';
	$this->amount = '99.5';
	$this->rcv_id = '12345678';
	$this->return = 'http://localhost:3000/?success';
	$this->cancel = 'http://localhost:3000/?cancel';
	$this->reject = 'http://localhost:3000/?reject';

	// must be last
	$this->mac = $this->calcmac();
	return $this->fields;
	}

	/** Reference number */
	public function calcref($number){
	$number = "$number";
	$len = strlen($number);
	$sum = 0;

	// reversed string
	$rnum = strrev($number);
	for($i=0; $i < $len; $i++){
	switch(($i + 1) % 3){
	case 0: $sum += $rnum[$i]; break;
	case 1: $sum += $rnum[$i] * 7; break;
	case 2; $sum += $rnum[$i] * 3; break;
	}
	}
	$last = (10 - ($sum % 10)) % 10;
	return "$number$last";
	}

	/** Calculates mac */
	public function calcmac(){
	$fields = $this->fields;
	return strtoupper(md5(array_reduce(array(
	'VERSION', 'STAMP','RCV_ID','AMOUNT','REF','DATE','CUR'
	), function($a, $b) use ($fields){ return "$a$fields[$b]&"; }, '') . $this->getkey() . '&'));
	}

	/** Make sure that returned message is authentic */
	public function verify(){
	$mac = strtoupper(md5(array_reduce(array(
	'RETURN_VERSION',
	'RETURN_STAMP',
	'RETURN_REF',
	'RETURN_PAID'
	), function($a, $b){ return "$a$_GET[$b]&"; }, '') . $this->getkey() . '&'));
	return $mac === $_GET['RETURN_MAC'];
	}

	/** Service provider's mac */
	private function getkey(){
	return 'LEHTI';
	}
	}
	?>

	<?php /******** Example ********/ ?>

	<?php $n = new Nordea() ?>

	<?php if(isset($_GET['success'])): ?>
	<?php if($n->verify()): ?>
	verified!
	<?php else: ?>
	returned message is not authentic
	<?php endif ?>
	<?php elseif(isset($_GET['cancel'])): ?>
	fail
	<?php else: ?>
	<form method="post" action="https://netbank.nordea.com/pnbepaytest/epayn.jsp">
	<?php foreach($n->genfields() as $key => $val): ?>
	<input type="hidden" name="<?php echo $key ?>" value="<?php echo $val ?>" />
	<?php endforeach ?>
	<input type="submit" />
	</form>
	<?php endif ?>