From 396b638e93e0d12e8d4b9a33fa364b6a4df98fa2 Mon Sep 17 00:00:00 2001
From: "Namhyeon, Go" <gnh1201@gmail.com>
Date: Mon, 3 Sep 2018 02:31:48 +0900
Subject: [PATCH] Create ordercomplete.pgkcp.php

---
 route/ordercomplete.pgkcp.php | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 route/ordercomplete.pgkcp.php

diff --git a/route/ordercomplete.pgkcp.php b/route/ordercomplete.pgkcp.php
new file mode 100644
index 0000000..83204cf
--- /dev/null
+++ b/route/ordercomplete.pgkcp.php
@@ -0,0 +1,22 @@
+<?php
+/**
+ * @file ordercomplete.pgkcp.php
+ * @date 2018-09-03
+ * @author Go Namhyeon <gnh1201@gmail.com>
+ * @brief KCP PG(Payment Gateway) contoller when complete
+ */
+
+// detect CSRF attack
+if(check_token_abuse_by_requests("_token", "_POST")) {
+	set_error("Access denied. (Expired session or Website attacker)");
+	show_errors();
+}
+
+// process redirect url
+$redirect_url = get_requested_value("redirect_url");
+$order_idxx = get_requested_value("order_idxx");
+redirect_uri(get_final_link($redirect_url, array(
+	"action" => "ordercomplete",
+	"order_idxx" => $order_idxx,
+	"good_mny" => $good_mny
+), false));