static function cleanPOST($post, $safe = true)
{
$badparams = array('option', 'task');
foreach ($badparams as $param) {
if (isset($post[$param])) {
unset($post[$param]);
}
}
if ($safe) {
return aecPostParamClear($post);
} else {
return $post;
}
}
/**
* @param InvoiceFactory $InvoiceFactory
*/
public function processorResponse($InvoiceFactory, $response, $resp = '', $altvalidation = false)
{
global $aecConfig;
if (!is_array($response)) {
$response = array('original_response' => $response);
}
$this->computeAmount($InvoiceFactory);
$objUsage = $this->getObjUsage();
if (is_a($objUsage, 'SubscriptionPlan')) {
$plan = $objUsage;
} else {
$plan = $objUsage->getTopPlan();
}
$response['planparams'] = $plan->getProcessorParameters($InvoiceFactory->pp);
$post = aecPostParamClear($_POST);
$response['userid'] = $this->userid;
$InvoiceFactory->pp->exchangeSettingsByPlan($plan, $plan->params);
if ($altvalidation) {
$response = $InvoiceFactory->pp->instantvalidateNotification($response, $post, $this);
} else {
$response = $InvoiceFactory->pp->validateNotification($response, $post, $this);
}
if (!empty($aecConfig->cfg['invoice_cushion']) && $this->transaction_date !== '0000-00-00 00:00:00') {
if (strtotime($this->transaction_date) + $aecConfig->cfg['invoice_cushion'] * 60 > (int) gmdate('U')) {
if ($InvoiceFactory->pp->processor_name == 'desjardins') {
// Desjardins is the only exception so far... bad bad bad
} elseif ($response['valid']) {
// The last notification has not been too long ago - skipping this one
// But only skip actual payment notifications - errors are OK
$short = JText::_('AEC_MSG_PROC_INVOICE_ACTION_SH');
$event = JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_DUPLICATE') . "\n";
$tags = 'invoice,processor,duplicate';
$level = 2;
$params = array('invoice_number' => $this->invoice_number);
$eventlog = new eventLog();
$eventlog->issue($short, $tags, $event, $level, $params);
return $response;
}
}
}
if (isset($response['userid'])) {
unset($response['userid']);
}
if (isset($response['planparams'])) {
unset($response['planparams']);
}
if (isset($response['secondary_ident'])) {
$this->secondary_ident = $response['secondary_ident'];
$this->storeload();
unset($response['secondary_ident']);
}
if (isset($response['invoiceparams'])) {
$this->addParams($response['invoiceparams']);
$this->storeload();
unset($response['invoiceparams']);
}
if (isset($response['multiplicator'])) {
$multiplicator = $response['multiplicator'];
unset($response['multiplicator']);
} else {
$multiplicator = 1;
}
if (isset($response['fullresponse'])) {
$resp = $response['fullresponse'];
unset($response['fullresponse']);
}
if (empty($resp) && !empty($response['raw'])) {
$resp = $response['raw'];
}
if (isset($response['break_processing'])) {
unset($response['break_processing']);
return $response;
}
$metaUser = new metaUser($this->userid);
$mi_event = null;
// Create history entry
$history = new logHistory();
$history->entryFromInvoice($this, $resp, $InvoiceFactory->pp);
$short = JText::_('AEC_MSG_PROC_INVOICE_ACTION_SH');
$event = JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV') . "\n";
if (!empty($response)) {
foreach ($response as $key => $value) {
$event .= $key . "=" . $value . "\n";
}
}
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_STATUS');
$tags = 'invoice,processor';
$level = 2;
$params = array('invoice_number' => $this->invoice_number);
$forcedisplay = false;
$event .= ' ';
$notificationerror = null;
if ($response['valid']) {
$break = 0;
// If not in Testmode, check for amount and currency
if (empty($InvoiceFactory->pp->settings['testmode'])) {
if (isset($response['amount_paid'])) {
// In some cases, a straight up != can still come out as an error, so forcing INT
$ampaid = (int) ($response['amount_paid'] * 100);
$amasked = (int) ($this->amount * 100);
if ($ampaid != $amasked) {
// Amount Fraud, cancel payment and create error log addition
$event .= sprintf(JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_FRAUD'), $response['amount_paid'], $this->amount);
$tags .= ',fraud_attempt,amount_fraud';
$break = 1;
$notificationerror = 'Wrong amount for invoice. Amount provided: "' . $response['amount_paid'] . '"';
}
}
if (isset($response['amount_currency'])) {
if ($response['amount_currency'] != $this->currency) {
// Amount Fraud, cancel payment and create error log addition
$event .= sprintf(JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_CURR'), $response['amount_currency'], $this->currency);
$tags .= ',fraud_attempt,currency_fraud';
$break = 1;
$notificationerror = 'Wrong currency for invoice. Currency provided: "' . $response['amount_currency'] . '"';
}
}
}
if (!$break) {
if ($this->pay($multiplicator) === false) {
$notificationerror = 'Item Application failed. Please contact the System Administrator';
// Something went wrong
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_VALID_APPFAIL');
$tags .= ',payment,action_failed';
} else {
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_VALID');
$tags .= ',payment,action';
}
} else {
$level = 128;
}
} else {
if (isset($response['pending'])) {
if (strcmp($response['pending_reason'], 'signup') === 0) {
if ($plan->params['trial_free'] || $this->amount == '0.00') {
$this->pay($multiplicator);
$this->addParams(array('free_trial' => $response['pending_reason']), 'params', true);
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_TRIAL');
$tags .= ',payment,action,trial';
}
} else {
$this->addParams(array('pending_reason' => $response['pending_reason']), 'params', true);
$event .= sprintf(JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_PEND'), $response['pending_reason']);
$tags .= ',payment,pending' . $response['pending_reason'];
$mi_event = '_payment_pending';
}
$this->storeload();
} elseif (isset($response['cancel'])) {
$mi_event = '_payment_cancel';
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_CANCEL');
$tags .= ',cancel';
if ($metaUser->hasSubscription) {
if (!empty($this->subscr_id)) {
$metaUser->moveFocus($this->subscr_id);
}
if (isset($response['cancel_expire'])) {
$mi_event = '_payment_cancel_expire';
$metaUser->focusSubscription->expire();
$tags .= ',expire';
} else {
$metaUser->focusSubscription->cancel($this);
}
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_USTATUS');
}
} elseif (isset($response['chargeback'])) {
$mi_event = '_payment_chargeback';
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_CHARGEBACK');
$tags .= ',chargeback';
$level = 128;
if ($metaUser->hasSubscription) {
if (!empty($this->subscr_id)) {
$metaUser->moveFocus($this->subscr_id);
}
$metaUser->focusSubscription->hold($this);
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_USTATUS_HOLD');
}
} elseif (isset($response['chargeback_settle'])) {
$mi_event = '_payment_chargeback_settle';
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_CHARGEBACK_SETTLE');
$tags .= ',chargeback_settle';
$level = 8;
$forcedisplay = true;
if ($metaUser->hasSubscription) {
if (!empty($this->subscr_id)) {
$metaUser->moveFocus($this->subscr_id);
}
$metaUser->focusSubscription->hold_settle($this);
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_USTATUS_ACTIVE');
}
} elseif (isset($response['delete'])) {
$mi_event = '_payment_refund';
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_REFUND');
$tags .= ',refund';
if ($metaUser->hasSubscription) {
if (!empty($this->subscr_id)) {
$metaUser->moveFocus($this->subscr_id);
}
$usage = $this->getObjUsage();
if (is_a($usage, 'SubscriptionPlan')) {
// Check whether we're really expiring the right membership,
// Maybe the user was already switched to a different plan
if ($metaUser->focusSubscription->plan == $usage->id) {
$metaUser->focusSubscription->expire(false, 'refund');
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_EXPIRED');
}
} else {
$metaUser->focusSubscription->expire(false, 'refund');
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_EXPIRED');
}
}
} elseif (isset($response['eot'])) {
$mi_event = '_payment_eot';
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_EOT');
$tags .= ',eot';
} elseif (isset($response['duplicate'])) {
$mi_event = '_payment_duplicate';
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_DUPLICATE');
$tags .= ',duplicate';
} elseif (isset($response['null'])) {
$mi_event = '_payment_null';
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_NULL');
$tags .= ',null';
} elseif (isset($response['error']) && isset($response['errormsg'])) {
$mi_event = '_payment_error';
$event .= 'Error:' . $response['errormsg'];
$tags .= ',error';
$level = 128;
$notificationerror = $response['errormsg'];
} else {
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_U_ERROR');
$tags .= ',general_error';
$level = 128;
$notificationerror = 'General Error. Please contact the System Administrator.';
}
}
if (!empty($mi_event) && !empty($this->usage)) {
$objUsage = new SubscriptionPlan();
$objUsage->load($this->usage);
$exchange = $silent = null;
$objUsage->triggerMIs($mi_event, $metaUser, $exchange, $this, $response, $silent);
}
if (isset($response['explanation'])) {
$event .= " (" . $response['explanation'] . ")";
}
$eventlog = new eventLog();
$eventlog->issue($short, $tags, $event, $level, $params, $forcedisplay);
if (!empty($notificationerror)) {
$InvoiceFactory->pp->notificationError($response, $notificationerror);
} else {
$InvoiceFactory->pp->notificationSuccess($response);
}
return $response;
}
function processNotification($option, $processor)
{
global $aecConfig;
// Legacy naming support
switch ($processor) {
case 'vklix':
$processor = 'viaklix';
break;
case 'auth':
$processor = 'authorize';
break;
case '2co':
$processor = '2checkout';
break;
case 'eps':
$processor = 'epsnetpay';
break;
}
if (!empty($aecConfig->cfg['debug_processor_notifications'])) {
aecDebug("ResponseFunction:processNotification");
aecDebug($_GET);
aecDebug($_POST);
aecDebug($_REQUEST);
aecDebug(file_get_contents("php://input"));
}
$response = array();
$response['fullresponse'] = aecPostParamClear($_POST);
// parse processor notification
$pp = new PaymentProcessor();
if ($pp->loadName($processor)) {
$pp->init();
$response = array_merge($response, $pp->parseNotification($response['fullresponse']));
} else {
$eventlog = new eventLog();
$eventlog->issue('processor loading failure', 'processor,loading,error', 'When receiving payment notification, tried to load processor: ' . $processor, 128);
return;
}
// Get Invoice record
if (!empty($response['invoice'])) {
$id = aecInvoiceHelper::InvoiceIDfromNumber($response['invoice']);
} else {
$id = false;
$response['invoice'] = 'empty';
}
if (!$id) {
$short = JText::_('AEC_MSG_PROC_INVOICE_FAILED_SH');
$event = '';
$tags = '';
if (isset($response['null'])) {
if (isset($response['explanation'])) {
$short = JText::_('AEC_MSG_PROC_INVOICE_ACTION_SH');
$event .= $response['explanation'];
} else {
$event .= JText::_('AEC_MSG_PROC_INVOICE_ACTION_EV_NULL');
}
$tags .= 'invoice,processor,payment,null';
} else {
$event = sprintf(JText::_('AEC_MSG_PROC_INVOICE_FAILED_EV'), $processor, $response['invoice']);
$tags = 'invoice,processor,payment,error';
}
$params = array();
$eventlog = new eventLog();
if (isset($response['null'])) {
if (isset($response['error'])) {
$eventlog->issue($short, $tags, $response['error'], 128, $params);
} else {
$eventlog->issue($short, $tags, $event, 8, $params);
}
} else {
$eventlog->issue($short, $tags, $event, 128, $params);
$error = 'Invoice Number not found. Invoice number provided: "' . $response['invoice'] . '"';
$pp->notificationError($response, $error);
}
return;
} else {
$iFactory = new InvoiceFactory(null, null, null, null, $response['invoice']);
$iFactory->processorResponse($response);
}
}
