Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

concatenating and hashing input values in CMS (integrating Foxycart)


Reply


502 Views

Avatar
prawnstar

Community Member, 127 Posts

5 October 2011 at 7:44am

Edited: 05/10/2011 8:10am

I'm trying to integrate a 3rd party shopping cart (and so far have done so with great success). As a final step, I'm trying to make the whole thing a bit more secure and am trying to integrate safety measures by adding a hash value to my products "add to cart" form elements.

What I'm trying to do is hash the value of one field with the name and value of another using hash_hmac(), but I don't know how to go about this in SilversStripe.
This is Foxycart's quick to understand example:
[url]http://wiki.foxycart.com/v/0.7.1/advanced/hmac_validation#an_example[/url]

This is a simplified version of my current form:

public function getCMSFields() {
   $fields = parent::getCMSFields();
   $fields->addFieldToTab('Root.Content.ProductExtras', new TextField('Code','Code'));
   $fields->addFieldToTab('Root.Content.ProductExtras', new TextField('Price','Price'));
   return $fields;
}

What I want to do is something like this:

public function getCMSFields() {
   $fields = parent::getCMSFields();
   $fields->addFieldToTab('Root.Content.ProductExtras', new TextField('Code','Code'));
   $fields->addFieldToTab('Root.Content.ProductExtras', new TextField('Price','Price'));
   
   $fields->addFieldToTab('Root.Content.ProductExtras', new HiddenField('CodeHash','SomeTitle','$value'));
   $fields->addFieldToTab('Root.Content.ProductExtras', new HiddenField('PriceHash','SomeTitle','$value'));
   return $fields;
}

Where $value is calculated by:

$secretKey = "my_secret_key";

// Hash for "Code"
$catCodeValue = $value-of-Code-input."code".$value-of-Code-input;
hash_hmac('sha256', $catCodeValue, $secretKey);

// Hash for "Price"
$catPriceValue = $value-of-Code-input."price".$value-of-Price-input;
hash_hmac('sha256', $catPriceValue, $secretKey);

In short, the value is a concatenation of "Code Value" "Element Name" and "Element Value"

Does anybody have any experience with Foxycart? Or can anyone give me a push as to how to go about this? Maybe the question isn't so much how do I do it this way, but how do I concatenate values and hash them in general?

Thanks!
Chris