You're in luck. This is what I use (for the SIM gateway):
include("../../simdata.php");
...
<!--form action="https://test.authorize.net/gateway/transact.dll" method="POST"-->
<FORM action="https://secure.authorize.net/gateway/transact.dll" method="POST">
<?
$x_description = "website.com";
$currency = "";
$tstamp = time();
// Seed random number for security and better randomness.
srand(time());
$sequence = rand(1, 1000);
$data = "$x_loginid^$sequence^$tstamp^$total^$currency";
#echo "data = $data\n";
#echo $x_tran_key;
$fingerprint = bin2hex(mhash(MHASH_MD5, $data, $x_tran_key));
# php 5 only $fingerprint = hash_hmac("md5", $data, $x_tran_key);
echo ("<input type='hidden' name='x_fp_sequence' value='" . $sequence . "'>\n" );
echo ("<input type='hidden' name='x_fp_timestamp' value='" . $tstamp . "'>\n" );
echo ("<input type='hidden' name='x_fp_hash' value='" . $fingerprint . "'>\n" );
echo ("<input type=\"hidden\" name=\"x_description\" value=\"" . $x_description . "\">\n" );
echo ("<input type=\"hidden\" name=\"x_login\" value=\"$x_loginid\">\n");
echo ("<input type=\"hidden\" name=\"x_amount\" value=\"$total\">\n");
?>
<input type="hidden" name="x_first_name" value="<?=firstName($_SESSION['user']['name'])?>">
<input type="hidden" name="x_last_name" value="<?=lastName($_SESSION['user']['name'])?>">
<input type="hidden" name="x_company" value="<?=$_SESSION['user']['company']?>">
<input type="hidden" name="x_address" value="<?=$_SESSION['user']['address']?>">
<input type="hidden" name="x_city" value="<?=$_SESSION['user']['city']?>">
<input type="hidden" name="x_state" value="<?=$_SESSION['user']['state']?>">
<input type="hidden" name="x_zip" value="<?=$_SESSION['user']['zip']?>">
<input type="hidden" name="x_phone" value="<?=$_SESSION['user']['phone']?>">
<input type="hidden" name="x_email" value="<?=$_SESSION['user']['email']?>">
<input type="hidden" name="x_cust_id" value="<?=$_SESSION['user']['username']?>">
<INPUT TYPE="HIDDEN" name="x_logo_url" VALUE= "https://secure.authorize.net/mgraphics/logo_99999.gif">
<INPUT type="hidden" name="x_show_form" value="PAYMENT_FORM">
<!--INPUT type="hidden" name="x_test_request" value="TRUE"-->
<!--input type="hidden" name="x_receipt_link_method" value="POST">
<input type="hidden" name="x_receipt_link_text" value="Click for listings">
<input type="hidden" name="x_receipt_link_url" value="http://website.com/confirmation.php"-->
<input type="hidden" name="x_relay_response" value="TRUE">
<input type="hidden" name="x_relay_url" value="http://website.com/confirmation.php">
<input type="hidden" name="<?=session_name()?>" value="<?=session_id()?>">
<input type="hidden" name="" value="">
<input type="hidden" name="" value="">
<input type="hidden" name="" value="">
<? if ($total==0) { ?>
<a href="account.php">Your Account</a>
<? } else { ?>
<INPUT type="submit" value="Accept Order">
<? } ?>
</form>
And this is what I use for the confirmation.php
include("../../simdata.php");
#print_r($_POST);
// verify transaction comes from authorize.net and save user details
$responseCode = $_POST['x_response_code'];
if ( $responseCode == 1) { // approved
$md5 = $_POST['x_MD5_Hash'];
$transId = $_POST['x_trans_id'];
$amount = $_POST['x_amount'];
$myMD5 = strtoupper(md5("$x_tran_key$x_loginid$transId$amount"));
#echo $myMD5;
#print_r ($_POST);
#print_r ($_SESSION['user']);
if ($myMD5 == $md5) { // authenticated response from authorize.net
...
} else {
$error = "Unauthenticated response.";
}
} else if (isset($_POST['x_response_code'])) { // error
$error = $_POST['x_response_reason_text'].", #".$_POST['x_response_code'].'.'.$_POST['x_response_subcode'].
'.'.$_POST['x_response_reason_code'];
}