protected void Page_Load(object sender, EventArgs e) { if (Session["LoggedInId"] == null) { Response.Redirect("Login.aspx"); } else { String cartCount = Session["cartCount"].ToString(); this.Master.CartText = cartCount; String userName = Session["UserName"].ToString(); Master.UserNameHeader = userName; Master.FindControl("signOut").Visible = true; String AppId = ConfigurationManager.AppSettings["CreditAppId"]; String SharedKey = ConfigurationManager.AppSettings["CreditAppSharedKey"]; String AppTransId = Request.QueryString["TransId"].ToString(); //To be safe, you should check the value from the DB as well. String AppTransAmount = Request.QueryString["TransAmount"].ToString(); String status = Request.QueryString["StatusCode"].ToString(); String hash = Request.QueryString["AppHash"].ToString(); if (CreditAuthorizationClient.VerifyServerResponseHash(hash, SharedKey, AppId, AppTransId, AppTransAmount, status)) { switch (status) { case ("A"): lblStatus.Text = "Thank You For Your Purchase!"; break; case ("C"): lblStatus.Text = "Transaction Denied!"; break; ; } } else { lblStatus.Text = "Hash Verification failed... something went wrong."; } } }
protected void RedirectUser(String orderID, String cost) { //Assign the values for the properties we need to pass to the service String AppId = ConfigurationManager.AppSettings["CreditAppId"]; String SharedKey = ConfigurationManager.AppSettings["CreditAppSharedKey"]; String AppTransId = orderID; String AppTransAmount = cost; // Hash the values so the server can verify the values are original String hash = HttpUtility.UrlEncode(CreditAuthorizationClient.GenerateClientRequestHash(SharedKey, AppId, AppTransId, AppTransAmount)); //Create the URL and concatenate the Query String values String url = "http://ectweb2.cs.depaul.edu/ECTCreditGateway/Authorize.aspx"; url = url + "?AppId=" + AppId; url = url + "&TransId=" + AppTransId; url = url + "&AppTransAmount=" + AppTransAmount; url = url + "&AppHash=" + hash; //Redirect the User to the Service Response.Redirect(url); }