<?php
define('API_BASE_URL', 'https://payment.allopass.com/api');

$site_id = '222616'; 	// votre site id
$doc_id = '879233';  	// votre doc id
$code = $_GET['code'];  // le code Allopass à valider

// STEP 1 Construction of query parameters
$queryParameters = array(
'site_id' => $site_id,
'product_id' => $doc_id,
'code[]' => $code
);

// STEP 2 : Generating URL
$url = API_BASE_URL . '/onetime/validate-codes.apu';

// STEP 3 : Validation
$sock = curl_init($url);
curl_setopt_array($sock, array(
	CURLOPT_HEADER => true,
	CURLOPT_RETURNTRANSFER => true,
	CURLOPT_FOLLOWLOCATION => false,
	CURLOPT_CONNECTTIMEOUT => 10,
	CURLOPT_LOW_SPEED_TIME => 10,
	CURLOPT_TIMEOUT => 10,
	CURLOPT_POST => 1,
	CURLOPT_POSTFIELDS => $queryParameters
));
$response = curl_exec($sock);
var_dump($response);

// Read the API response returned in the $response variable by the curl_exec () function
$httpStatusCode = curl_getinfo($sock, CURLINFO_HTTP_CODE);
$httpHeaderSize = curl_getinfo($sock, CURLINFO_HEADER_SIZE);
curl_close($sock);

$responseHeaders = array();
$rawHeaders = substr($response, 0, $httpHeaderSize - 4);
$responseBody = substr($response, $httpHeaderSize);

$xml = simplexml_load_string($responseBody);
if ($xml->status == "0" && $xml->status_description == "success") {
	echo 'OK';
}
else {
	echo 'NOK';
}

?>