I have investigated one of the pages where we allow online payment. The section of code below is responsible for creating the transaction. It is referencing an included file named AuthorizeNet.php which appears to have been obtained from Authorize.Net. I am nearly certain we are not using a hard coded IP address, because the AuthorizeNet.php includes AuthorizeNetAIM.php which contains the URLs for testing and production, and I don't see a hard coded IP address in our php. Can anyone tell me how I can find out if we need to obtain a new version of the Authorize.Net API files?
I have removed the API Login ID number and Transaction key number in the next line
$transaction = new AuthorizeNetAIM('', '');
$transaction->amount = $_SESSION['PaymentAmount']; // New feature to prevent sneaky people from overriding our rates in the future.
$transaction->card_num = $_SESSION['CardNumber'];
$exp_year = substr($_SESSION['ExpirationYear'], -2);
$exp_month = $_SESSION['ExpirationMonth'];
$transaction->exp_date = $exp_month.'/'.$exp_year;
$transaction->card_code = $_SESSION['SecurityCode'];
$transaction->first_name = $_SESSION['CardholderFirstName'];
$transaction->last_name = $_SESSION['CardholderLastName'];
$transaction->address = $_SESSION['CardholderStreetAddress'];
$transaction->city = $_SESSION['CardholderCity'];
$transaction->state = $_SESSION['CardholderState'];
$transaction->zip = $_SESSION['CardholderPostalCode'];
$transaction->country = 'US';
$transaction->phone = $_SESSION['HomePhone'];
//$transaction->invoice_num = $_SESSION['ConsumerCourseID']['CC'];
//$transaction->invoice_num = $_SESSION['ConsumerCourseID']['CC'];
//$transaction->cust_id = $_SESSION['ConsumerID'];
$transaction->description = 'DMP PAYMENT';
$transaction->customer_ip = $_SERVER['REMOTE_ADDR'];
$transaction->email = $_SESSION['Email'];
$transaction->customer_tax_id = '00000'.$_SESSION['SSNLastFour'];
//$transaction->ship_to_first_name = $_SESSION['FirstName'];
//$transaction->ship_to_last_name = $_SESSION['LastName'];
$response = $transaction->authorizeAndCapture();
// Figure out the response from the processor, set a message, and decide what to do next.