diff --git a/modules/gcheckout/.htaccess b/modules/gcheckout/.htaccess index a382585ab..2526a6412 100644 --- a/modules/gcheckout/.htaccess +++ b/modules/gcheckout/.htaccess @@ -2,4 +2,8 @@ RewriteEngine on RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1] + + RewriteBase /modules/gcheckout/library + RewriteCond %{HTTP:Authorization} !^$ + RewriteRule validation.php validation.php?HTTP_AUTHORIZATION=%{HTTP:Authorization} [QSA,L] diff --git a/modules/gcheckout/library/googleitem.php b/modules/gcheckout/library/googleitem.php index 8ab6ce8a6..1fd8a1b24 100644 --- a/modules/gcheckout/library/googleitem.php +++ b/modules/gcheckout/library/googleitem.php @@ -63,8 +63,8 @@ function GoogleItem($name, $desc, $qty, $price, $item_weight='', $numeric_weight='') { $this->item_name = $name; $this->item_description= $desc; - $this->unit_price = $price; - $this->quantity = $qty; + $this->unit_price = (float)$price; + $this->quantity = (int)$qty; if($item_weight != '' && $numeric_weight !== '') { switch(strtoupper($item_weight)){ diff --git a/modules/gcheckout/library/googleresponse.php b/modules/gcheckout/library/googleresponse.php index ba564d67d..6d55641b0 100644 --- a/modules/gcheckout/library/googleresponse.php +++ b/modules/gcheckout/library/googleresponse.php @@ -71,12 +71,17 @@ * @param string $headers the headers from the request */ function HttpAuthentication($headers=null, $die=true) { - if(!is_null($headers)) { + if (!is_null($headers)) $_SERVER = $headers; - } - if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { + + list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode(substr($_GET['HTTP_AUTHORIZATIOIZATION'], 6))); + + if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) { $compare_mer_id = $_SERVER['PHP_AUTH_USER']; $compare_mer_key = $_SERVER['PHP_AUTH_PW']; + + unset($_SERVER['PHP_AUTH_USER']); + unset($_SERVER['PHP_AUTH_PW']); } // IIS Note:: For HTTP Authentication to work with IIS, // the PHP directive cgi.rfc2616_headers must be set to 0 (the default value).