Verify_gateway_signature failing

(Charlie Heath) #1

We have a V1 api simple button payment acceptance which seems to be failing in our data-redirect verify_gateway_signature check PHP code. It seems to fail for all amounts over $1000.

I’m wondering if number_format is the correct function to use , as it adds commas to formatted numbers. Our verify call is below:

$amount = number_format($amount, 2);
$signature = hash_hmac("sha1", "{$checkoutId}&{$amount}", $secret);

Should the signature check be against a number formatted with commas and two decimals, or no commas?



(Charlie Heath) #2

I’ve verified the problem is the use of number_format as it was shown in examples, which adds commas.

You can use: number_format($amount,2,’.’,’’) to override the thousands separator.