The CMS currently has support for AVS support by requiring verification on purchase.
As of right now, the system has inline integration of VerifyMy and BlueCheck AVS services.
The software also supports adding any AVS service of your choosing via a customization API.
Information and instructions for API based implementation:
Make sure AVS is turned on and set to the custom API
Within the admin panel, under global settings, check the AVS section and make sure that AVS detection is on and the provider is set to a custom API.
In cmsinclude.ini.php, add a link to the file that will contain your functions
At the top of cmsinclude.ini.php, you'll want to make sure you include an extra file that will contain your API handling:
;<?php exit;?>
[requires]
require[] = "$_SERVER[DOCUMENT_ROOT]/cms_admin/includes/alwaysexec.php"
require[] = "$_SERVER[DOCUMENT_ROOT]/cms_admin/includes/membersMain.class.php"
require[] = "custom_avs.php"
In this example, the custom_avs.php will include your functions.
Implement custom_avs_redirect() and custom_avs_confirm()
Here is an example implementation that implements VerifyMyAge via the custom API.
custom_avs_redirect() determines the URL to redirect endusers to for verification.
custom_avs_confirm() is the URL that endusers direct back to that checks this information. Returning 1 in this function will flag the user as verified within the CMS.
function custom_avs_redirect($redirect_page = 0){ $client_id = "[CLIENT_KEY]"; $client_secret = "[CLIENT_SECRET]"; $rurl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') ? "https://" : "http://"; $rurl .= $_SERVER['HTTP_HOST']; // Append the requested resource location to the URL $rurl .= dirname($_SERVER['REQUEST_URI']) . "/avs_confirm.php"; $env_url = "https://sandbox.verifymyage.com"; // $env_url = "https://oauth.verifymyage.com"; // live URL $url = $env_url . "/oauth/authorize" . "?client_id=$client_id&scope=adult&country=us&redirect_uri=" . urlencode($rurl); return $url;}
function custom_avs_confirm(){ $client_id = "[CLIENT_KEY]";
$client_secret = "[CLIENT_SECRET]"; if (empty($_GET["code"])) { // no code, so start the process again. $url = custom_avs_redirect($redirect_page = 1); header("Location: $url"); flush(); exit; } $env_url = "https://sandbox.verifymyage.com"; // $env_url = "https://oauth.verifymyage.com"; // live URL $code = $_GET["code"]; $headers = [ 'Content-Type: application/json', 'Authorization: Basic ' . base64_encode($client_id . ':' . $client_secret) ]; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $env_url . "/oauth/token"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode( ["code" => $_GET["code"]] ) ); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); $result = curl_exec($ch); $result = json_decode($result); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $env_url . "/users/me?access_token=" . $result->access_token); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $rss = curl_exec($ch); $rss = json_decode($rss); if ($rss->age_verified) return 1; return 0;}
