OMG, I see what the xxx did. Oh my. Not intended.
Another question.
Is there a way to pass variable to the template.
ie. Product code, inventory, price.
It doesn't seem like much value if these values are hardcoded
in the template.
Thanks
-
Hey bcaviary, I'm glad you figured out the issue; I had a similar problem with whitelisting functions myself.
Regarding the link that you shared, I suspect it was an example of what you were using in the code with the domain replaced with "xxx". I would assume you had issue with your avian products store but replacing the domain with the placeholder of "xxx" still made a clickable link here in the forums - a link to a site that would go against Miva's policies.
Just a heads-up for the future, either give the full link or replace the domain with "mydomain" or "domain", not "xxx".
Leave a comment:
-
Need help with JSON Product_Update
I am trying to update product inventory with a template call.
the template called JSON_Push looks like this with codes redacted:
<mvt:comment>
Replace Access token and signature
</mvt:comment>
<mvt:assign name="g.endpoint" value ="'https://redacted.com/mm5/json.mvc'" />
<mvt:assign name="g.access_token" value ="'redacetd'" />
<mvt:assign name="g.signature" value ="crypto_base64_decode('redacted')" />
<mvt:assign name="g.timestamp" value="' "Miva_Request_Timestamp" : ' $ '"' $ s.time_t $ '",' " />
<mvt:assign name="g.json_data" value="'{' $ g.timestamp $ '
"Store_Code": "foryourbird",
"Function": "Product_Update",
"Product_Code": "suncoc3",
"Product_Inventory": "50"
}
'"/>
<mvt:assign name="g.ok" value="crypto_hmac_sha256(g.json_data,g.signature, 'binary',g.hmac_response)" />
<mvt:assign name="l.ok" value="crypto_hmac_sha256(g.json_data,g.signature, 'binary',g.hmac_response)" />
<mvt:assign name="g.b64encoded_hmac_response" value="crypto_base64_encode(g.hmac_response)" />
<mvt:assign name="g.headers" value="'X-Miva-API-Authorization: MIVA-HMAC-SHA256 ' $ g.access_token $ ':' $ g.b64encoded_hmac_response $ asciichar( 13 ) $ asciichar( 10 )" />
<mvt:call action="g.endpoint" method="'raw'" headers="g.headers" content-type="'application/json'" fields="'g.json_data'">
<mvt:assign name="g.response" value="g.response $ s.callvalue" />
</mvt:call>
Product_Update: <br>
<textarea>
&mvt:global:response;
&mvt:global:headers;
&mvt:global:json_data;
</textarea>
I submit https://www.xxx.com/mm5/merchant.mvc?Screen=json_push to the browser
The result when submitting to browser:
Product_Update: <br>
<textarea>
{
"success": 0,
"error_code": "access_denied",
"error_message": "Access denied"
}
X-Miva-API-Authorization: MIVA-HMAC-SHA256 bc883edcfb286790b0696d5f90c719f3:Et7DoUsYxhkIY/QC6ojRua1FiVBSvcfRJvCYduUkI1w=
{ "Miva_Request_Timestamp" : "1655487956",
"Store_Code": "redacted",
"Function": "Product_Update",
"Product_Code": "suncoc3",
"Product_Inventory": "50"
}
</textarea>;
The X-Miva-API-Authorization line above down to the } is the header being passed
Should the header be stringified with JSO
I cannot figure out why the Access Denied
The token and signature is pulled from the API Token
Leave a comment: