I'm using 2co sandbox to test sale like this.
<form method="post" action="https://sandbox.2checkout.com/checkout/purchase">
<input type="hidden" value="myAccountNumber" name="sid">
<input type="hidden" value="2CO" name="mode">
<input type="hidden" value="product" name="li_0_type">
<input type="hidden" value="Subscription" name="li_0_name">
<input type="hidden" value="50.00" name="li_0_price">
<input type="hidden" value="N" name="li_0_tangible">
<input type="hidden" value="USD" name="currency_code">
<input type="submit" value="Checkout" name="submit">
</form>
And I have this code to process the retun code
$hashSecretWord = 'testsecretword'; //copied from sandbox account
$hashSid = 'myAccountNumber';
$hashTotal = '50.00';
$hashOrder = $_REQUEST['order_number'];
echo $_REQUEST['key']."<br>";
echo $StringToHash = strtoupper(md5($hashSecretWord . $hashSid . $hashOrder . $hashTotal));
the url
http://www.domain.com/ipn.php?middle_initial=&li_0_name=Subscription&sid=mySameAccountNumber
&key=CBB0C2CA27FDAC5E3316161D829BAF66&state=test&email=test@test.com&li_0_type=product
&order_number=9093725652885¤cy_code=USD&lang=en&invoice_id=9093725652894&li_0_price=50.00
&total=50.00&credit_card_processed=Y&zip=0000&li_0_quantity=1&cart_weight=0&fixed=Y
&submit=Checkout //then other buyer information
But they are totally different and I get hash mismatch error
in sandbox you should use '1' instead of $hashOrder like this:
$StringToHash = strtoupper(md5($hashSecretWord . $hashSid . 1 . $hashTotal));