DIBS module – “Md5key mismatch!” error problem (bug resolved).

I found one more bug in Prestashop’s DIBS payment module v.1.0 – current version at the moment. This module is integrated in Prestashop 1.4 but it is not integrated in Prestashop 1.4.1 so you have to install it manually. You can download it from here. This payment module can be configured in “Modules->Payments & Gateways->DIBS” back office area.

DIBS module requires three main parameters:

Configure DIBS module
Configure DIBS module
  1. Merchant ID
  2. Secure Key #1
  3. Secure Key #2

I entered all three parameters but something was wrong – got this error (“Md5key mismatch!“):

Md5key mismatch!
Md5key mismatch!

After struggling for a few ours and reading DIBS documentation I found out that Secure Key #2 was used shorter in PHP code then I entered in to back office panel. I entered Secure Key #2 like xxx&#37xxx but xxx%xxx was used in PHP code. Browsers automatically converted &#37 part to % so the key was incorrect. This happened because HTML input values were not encoded with htmlentities() function. For example if input value is not encoded with htmlentities() then HTML  looks like this:

<input type="text" value="xxx&#037xxx" />

Input looks like this:

Input value not encoded with htmlentities() function
Input value not encoded with htmlentities() function

Firebug shows:

Firebug view - not encoded with htmlentities() function.
Firebug view - not encoded with htmlentities() function.

You may get confused while seeing this. Explanation is easy. If you enter &#037 by hand and submit this field to the server then correct value is sent. If you assign field value in your PHP code or Smarty template then browser loads (reads) your HTML and converts &#037 to % symbol. &#037 is an ascii code. You can find ascii codes here. So if you submit fields which have assigned values in a PHP or Smarty template and those values are with ascii codes like &#037 then browser will converts all ascii codes to some characters – you will loose information.

The solution is simple. Encode your fields values like:

In PHP template file:

<input type="text" value="
<?php echo htmlentities("xxx&#037xxx")?> "/>

 

View in browser:

Value encoded with htmlentities() function.
Value encoded with htmlentities() function.

View in Firebug:

Firebug view - value encoded with htmlentities() function.
Firebug view - value encoded with htmlentities() function.

OK back to DIPS module. Solution is also simple. Find file /modules/dibs/dibs.php. Find function “public function getContent()”. Find lines:

<input type="text" size="20" name="k1"
value="'.self::$MORE_SETTINGS['k1'].'" />

<input type="text" size="20" name="k2"
value="'.self::$MORE_SETTINGS['k2'].'" />

Replace with:

<input type="text" size="20" name="k1"
value="'.htmlentities(self::$MORE_SETTINGS['k1'], ENT_COMPAT, 'UTF-8').'" />

<input type="text" size="20" name="k2"
value="'.htmlentities(self::$MORE_SETTINGS['k2'], ENT_COMPAT, 'UTF-8').'" />

Find file /modules/dibs/dibs.tpl. Find lines:

{foreach from=$p key=k item=v}
 <input type="hidden" name="{$k}"  value="{$v}" />
{/foreach}

Replace with:

{foreach from=$p key=k item=v}
 <input type="hidden" name="{$k}"  value="{$v|escape:html:'UTF-8'}" />
{/foreach}

Save your keys one more time in back office DIBS module area.

And the result should look like:

DIBS - success.
DIBS - success.

That’s it. It solved the problem form me. You can read more about PHP and Smarty htmlentities encoding function here:

  1. For php.
  2. For Smarty.

I submitted this issue to Prestashop issue tracker here. Bug is resolved by Prestashop.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>