Add these php files in your server either local host or live server i…

…n the folder called "paytm"

README.md

@@ -1,2 +1,11 @@
-# JECRC-Pay
-JECRC Payment App
+# Prerequisite
+ 1. Provide the value for PAYTM_MERCHANT_KEY in /lib/config_paytm.php file. (The value for MERCHANT_KEY will be provided after the onboarding process is completed).
+
+# Installation steps
+ 1. The generateChecksum.php file uses the /lib/encdec_paytm.php file and provides the module to generate the checksum. Copy these files to the location on your server which will be used for the Checksum Generation URL.
+ 2. The verifyChecksum.php file uses the /lib/encdec_paytm.php file and provides the module to verify the checksum. Copy these files to the location on your server which will be used for the Checksum Verify URL.
+ 3. Copy the /lib folder into the same directory as the generateChecksum.php and verifyChecksum.php.
+
+# For Offline(Wallet Api) Checksum Utility below are the methods:
+  1. getChecksumFromString : For generating the checksum
+  2. verifychecksum_eFromStr : For verifing the checksum

config_paytm.php

@@ -0,0 +1,4 @@
+<?php
+//Change the value of PAYTM_MERCHANT_KEY constant with details received from Paytm.
+define('PAYTM_MERCHANT_KEY','r7ZJ%lVIM475hz4u'); 
+?>

encdec_paytm.php

@@ -0,0 +1,155 @@
+<?php
+
+
+function encrypt_e_openssl($input, $ky){
+	$iv = "@@@@&&&&####$$$$";
+	$data = openssl_encrypt ( $input , "AES-128-CBC" , $ky, 0, $iv );
+	return $data;
+}
+
+function decrypt_e_openssl($crypt, $ky){
+	$iv = "@@@@&&&&####$$$$";
+	$data = openssl_decrypt ( $crypt , "AES-128-CBC" , $ky, 0, $iv );
+	return $data;
+}
+
+function generateSalt_e($length) {
+	$random = "";
+	srand((double) microtime() * 1000000);
+
+	$data = "AbcDE123IJKLMN67QRSTUVWXYZ";
+	$data .= "aBCdefghijklmn123opq45rs67tuv89wxyz";
+	$data .= "0FGH45OP89";
+
+	for ($i = 0; $i < $length; $i++) {
+		$random .= substr($data, (rand() % (strlen($data))), 1);
+	}
+
+	return $random;
+}
+
+function checkString_e($value) {
+	$myvalue = ltrim($value);
+	$myvalue = rtrim($myvalue);
+	if ($myvalue == 'null')
+		$myvalue = '';
+	return $myvalue;
+}
+
+function getChecksumFromArray($arrayList, $key, $sort=1) {
+	if ($sort != 0) {
+		ksort($arrayList);
+	}
+	$str = getArray2Str($arrayList);
+	$salt = generateSalt_e(4);
+	$finalString = $str . "|" . $salt;
+	$hash = hash("sha256", $finalString);
+	$hashString = $hash . $salt;
+	$checksum = encrypt_e_openssl($hashString, $key);
+
+	return $checksum;
+}
+function getChecksumFromString($str, $key) {
+
+	$salt = generateSalt_e(4);
+	$finalString = $str . "|" . $salt;
+	$hash = hash("sha256", $finalString);
+	$hashString = $hash . $salt;
+	$checksum = encrypt_e_openssl($hashString, $key);
+	return $checksum;
+}
+
+function verifychecksum_e($arrayList, $key, $checksumvalue) {
+	$arrayList = removeCheckSumParam($arrayList);
+	ksort($arrayList);
+	$str = getArray2Str($arrayList);
+	$paytm_hash = decrypt_e_openssl($checksumvalue, $key);
+	$salt = substr($paytm_hash, -4);
+
+	$finalString = $str . "|" . $salt;
+
+	$website_hash = hash("sha256", $finalString);
+	$website_hash .= $salt;
+
+	$validFlag = "FALSE";
+	if ($website_hash == $paytm_hash) {
+		$validFlag = "TRUE";
+	} else {
+		$validFlag = "FALSE";
+	}
+	return $validFlag;
+}
+
+function verifychecksum_eFromStr($str, $key, $checksumvalue) {
+	$paytm_hash = decrypt_e_openssl($checksumvalue, $key);
+	$salt = substr($paytm_hash, -4);
+
+	$finalString = $str . "|" . $salt;
+
+	$website_hash = hash("sha256", $finalString);
+	$website_hash .= $salt;
+
+	$validFlag = "FALSE";
+	if ($website_hash == $paytm_hash) {
+		$validFlag = "TRUE";
+	} else {
+		$validFlag = "FALSE";
+	}
+	return $validFlag;
+}
+
+function getArray2Str($arrayList) {
+	$paramStr = "";
+	$flag = 1;
+	foreach ($arrayList as $key => $value) {
+		if ($flag) {
+			$paramStr .= checkString_e($value);
+			$flag = 0;
+		} else {
+			$paramStr .= "|" . checkString_e($value);
+		}
+	}
+	return $paramStr;
+}
+
+function redirect2PG($paramList, $key) {
+	$hashString = getchecksumFromArray($paramList);
+	$checksum = encrypt_e_openssl($hashString, $key);
+}
+
+function removeCheckSumParam($arrayList) {
+	if (isset($arrayList["CHECKSUMHASH"])) {
+		unset($arrayList["CHECKSUMHASH"]);
+	}
+	return $arrayList;
+}
+
+function getTxnStatus($requestParamList) {
+	return callAPI(PAYTM_STATUS_QUERY_URL, $requestParamList);
+}
+
+function initiateTxnRefund($requestParamList) {
+	$CHECKSUM = getChecksumFromArray($requestParamList,PAYTM_MERCHANT_KEY,0);
+	$requestParamList["CHECKSUM"] = $CHECKSUM;
+	return callAPI(PAYTM_REFUND_URL, $requestParamList);
+}
+
+function callAPI($apiURL, $requestParamList) {
+	$jsonResponse = "";
+	$responseParamList = array();
+	$JsonData =json_encode($requestParamList);
+	$postData = 'JsonData='.urlencode($JsonData);
+	$ch = curl_init($apiURL);
+	curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");                                                                     
+	curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);                                                                  
+	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
+	curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
+	curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
+	curl_setopt($ch, CURLOPT_HTTPHEADER, array(                                                                         
+	'Content-Type: application/json', 
+	'Content-Length: ' . strlen($postData))                                                                       
+	);  
+	$jsonResponse = curl_exec($ch);   
+	$responseParamList = json_decode($jsonResponse,true);
+	return $responseParamList;
+}

generateChecksum.php

@@ -0,0 +1,44 @@
+<?php
+header("Pragma: no-cache");
+header("Cache-Control: no-cache");
+header("Expires: 0");
+// following files need to be included
+require_once("./lib/config_paytm.php");
+require_once("./lib/encdec_paytm.php");
+$checkSum = "";
+
+// below code snippet is mandatory, so that no one can use your checksumgeneration url for other purpose .
+$findme   = 'REFUND';
+$findmepipe = '|';
+
+$paramList = array();
+
+$paramList["MID"] = '';
+$paramList["ORDER_ID"] = '';
+$paramList["CUST_ID"] = '';
+$paramList["INDUSTRY_TYPE_ID"] = '';
+$paramList["CHANNEL_ID"] = '';
+$paramList["TXN_AMOUNT"] = '';
+$paramList["WEBSITE"] = '';
+
+foreach($_POST as $key=>$value)
+{  
+  $pos = strpos($value, $findme);
+  $pospipe = strpos($value, $findmepipe);
+  if ($pos === false || $pospipe === false) 
+    {
+        $paramList[$key] = $value;
+    }
+}
+
+
+
+//Here checksum string will return by getChecksumFromArray() function.
+$checkSum = getChecksumFromArray($paramList,PAYTM_MERCHANT_KEY);
+//print_r($_POST);
+ echo json_encode(array("CHECKSUMHASH" => $checkSum,"ORDER_ID" =>$_POST["ORDER_ID"], "payt_STATUS" => "1"));
+  //Sample response return to SDK
+
+//  {"CHECKSUMHASH":"GhAJV057opOCD3KJuVWesQ9pUxMtyUGLPAiIRtkEQXBeSws2hYvxaj7jRn33rTYGRLx2TosFkgReyCslu4OUj\/A85AvNC6E4wUP+CZnrBGM=","ORDER_ID":"asgasfgasfsdfhl7","payt_STATUS":"1"} 
+
+?>

verifyChecksum.php

@@ -0,0 +1,52 @@
+<?php
+header("Pragma: no-cache");
+header("Cache-Control: no-cache");
+header("Expires: 0");
+
+// following files need to be included
+require_once("./lib/config_paytm.php");
+require_once("./lib/encdec_paytm.php");
+
+$paytmChecksum = "";
+$paramList = array();
+$isValidChecksum = FALSE;
+
+$paramList = $_POST;
+$return_array = $_POST;
+$paytmChecksum = isset($_POST["CHECKSUMHASH"]) ? $_POST["CHECKSUMHASH"] : ""; //Sent by Paytm pg
+
+//Verify all parameters received from Paytm pg to your application. Like MID received from paytm pg is same as your application’s MID, TXN_AMOUNT and ORDER_ID are same as what was sent by you to Paytm PG for initiating transaction etc.
+$isValidChecksum = verifychecksum_e($paramList, PAYTM_MERCHANT_KEY, $paytmChecksum); //will return TRUE or FALSE string.
+
+// if ($isValidChecksum===TRUE)
+// 	$return_array["IS_CHECKSUM_VALID"] = "Y";
+// else
+// 	$return_array["IS_CHECKSUM_VALID"] = "N";
+
+$return_array["IS_CHECKSUM_VALID"] = $isValidChecksum ? "Y" : "N";
+//$return_array["TXNTYPE"] = "";
+//$return_array["REFUNDAMT"] = "";
+unset($return_array["CHECKSUMHASH"]);
+
+$encoded_json = htmlentities(json_encode($return_array));
+
+?>
+
+<html>
+<head>
+	<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-I">
+	<title>Paytm</title>
+	<script type="text/javascript">
+		function response(){
+			return document.getElementById('response').value;
+		}
+	</script>
+</head>
+<body>
+  Redirect back to the app<br>
+
+  <form name="frm" method="post">
+    <input type="hidden" id="response" name="responseField" value='<?php echo $encoded_json?>'>
+  </form>
+</body>
+</html>