Beispiel #1
function decrypt_dps_response()
    $PxAccess_Url = get_option('access_url');
    $PxAccess_Userid = get_option('access_userid');
    $PxAccess_Key = get_option('access_key');
    $Mac_Key = get_option('mac_key');
    $pxaccess = new PxAccess($PxAccess_Url, $PxAccess_Userid, $PxAccess_Key, $Mac_Key);
    $curgateway = get_option('payment_gateway');
    $_GET = array();
    $params = explode('&', $_SERVER['QUERY_STRING']);
    foreach ($params as $pair) {
        list($key, $value) = explode('=', $pair);
        $_GET[urldecode($key)] = urldecode($value);
    $enc_hex = $_GET['result'];
    if ($enc_hex != null) {
        $rsp = $pxaccess->getResponse($enc_hex);
        $siteurl = get_option('siteurl');
        $total_weight = 0;
        if ($rsp->getResponseText() == 'APPROVED') {
            $sessionid = $rsp->getMerchantReference();
            $purchase_log = new WPSC_Purchase_Log($sessionid, 'sessionid');
            if (!$purchase_log->is_transaction_completed()) {
                $purchase_log->set('processed', WPSC_Purchase_Log::ACCEPTED_PAYMENT);
    return $sessionid;
Beispiel #2
 private function submit_payment_method()
     global $wpsc_cart;
     if (!$this->verify_nonce('wpsc-checkout-form-payment-method')) {
     if (empty($_POST['wpsc_payment_method']) && !wpsc_is_free_cart()) {
         $this->message_collection->add(__('Please select a payment method', 'wpsc'), 'validation');
     $valid = apply_filters('_wpsc_merchant_v2_validate_payment_method', true, $this);
     if (!$valid) {
     $submitted_gateway = $_POST['wpsc_payment_method'];
     $purchase_log_id = wpsc_get_customer_meta('current_purchase_log_id');
     $purchase_log = new WPSC_Purchase_Log($purchase_log_id);
     $purchase_log->set('gateway', $submitted_gateway);
     $purchase_log->set(array('gateway' => $submitted_gateway, 'base_shipping' => $wpsc_cart->calculate_base_shipping(), 'totalprice' => $wpsc_cart->calculate_total_price()));
     $wpsc_cart->log_id = $purchase_log_id;
     do_action('wpsc_submit_checkout', array("purchase_log_id" => $purchase_log_id, "our_user_id" => get_current_user_id()));
     do_action('wpsc_submit_checkout_gateway', $submitted_gateway, $purchase_log);
 * submit checkout function, used through ajax and in normal page loading.
 * No parameters, returns nothing
function wpsc_submit_checkout($collected_data = true)
    global $wpdb, $wpsc_cart, $user_ID, $nzshpcrt_gateways, $wpsc_shipping_modules, $wpsc_gateways;
    $num_items = 0;
    $use_shipping = 0;
    $disregard_shipping = 0;
    $error_messages = wpsc_get_customer_meta('checkout_misc_error_messages');
    if (!is_array($error_messages)) {
        $error_messages = array();
    $wpsc_checkout = new wpsc_checkout();
    $selected_gateways = get_option('custom_gateway_options');
    $submitted_gateway = isset($_POST['custom_gateway']) ? $_POST['custom_gateway'] : '';
    $options = get_option('custom_shipping_options');
    if ($collected_data) {
        $form_validity = $wpsc_checkout->validate_forms();
        // extracts $is_valid and $error_messages
        if (wpsc_has_tnc() && (!isset($_POST['agree']) || $_POST['agree'] != 'yes')) {
            $error_messages[] = __('Please agree to the terms and conditions, otherwise we cannot process your order.', 'wpsc');
            $is_valid = false;
    } else {
        $is_valid = true;
        $error_messages = array();
    $selectedCountry = $wpdb->get_results($wpdb->prepare("SELECT id, country FROM `" . WPSC_TABLE_CURRENCY_LIST . "` WHERE isocode = '%s' ", wpsc_get_customer_meta('shipping_country')), ARRAY_A);
    foreach ($wpsc_cart->cart_items as $cartitem) {
        if (!empty($cartitem->meta[0]['no_shipping'])) {
        $categoriesIDs = $cartitem->category_id_list;
        foreach ((array) $categoriesIDs as $catid) {
            if (is_array($catid)) {
                $countries = wpsc_get_meta($catid[0], 'target_market', 'wpsc_category');
            } else {
                $countries = wpsc_get_meta($catid, 'target_market', 'wpsc_category');
            if (!empty($countries) && !in_array($selectedCountry[0]['id'], (array) $countries)) {
                $errormessage = sprintf(__('%s cannot be shipped to %s. To continue with your transaction please remove this product from the list below.', 'wpsc'), $cartitem->get_title(), $selectedCountry[0]['country']);
                wpsc_update_customer_meta('category_shipping_conflict', $errormessage);
                $is_valid = false;
        //count number of items, and number of items using shipping
        if ($cartitem->uses_shipping != 1) {
        } else {
    if (array_search($submitted_gateway, $selected_gateways) !== false) {
        wpsc_update_customer_meta('selected_gateway', $submitted_gateway);
    } else {
        $is_valid = false;
    if ($collected_data) {
        if (get_option('do_not_use_shipping') == 0 && ($wpsc_cart->selected_shipping_method == null || $wpsc_cart->selected_shipping_option == null) && $num_items != $disregard_shipping) {
            $error_messages[] = __('You must select a shipping method, otherwise we cannot process your order.', 'wpsc');
            $is_valid = false;
        if (get_option('do_not_use_shipping') != 1 && in_array('ups', (array) $options) && !wpsc_get_customer_meta('shipping_zip') && $num_items != $disregard_shipping) {
            wpsc_update_customer_meta('category_shipping_conflict', __('Please enter a Zipcode and click calculate to proceed', 'wpsc'));
            $is_valid = false;
    wpsc_update_customer_meta('checkout_misc_error_messages', $error_messages);
    if ($is_valid == true) {
        // check that the submitted gateway is in the list of selected ones
        $sessionid = mt_rand(100, 999) . time();
        wpsc_update_customer_meta('checkout_session_id', $sessionid);
        $subtotal = $wpsc_cart->calculate_subtotal();
        if ($wpsc_cart->has_total_shipping_discount() == false) {
            $base_shipping = $wpsc_cart->calculate_base_shipping();
        } else {
            $base_shipping = 0;
        $delivery_country = $wpsc_cart->delivery_country;
        $delivery_region = $wpsc_cart->delivery_region;
        if (wpsc_uses_shipping()) {
            $shipping_method = $wpsc_cart->selected_shipping_method;
            $shipping_option = $wpsc_cart->selected_shipping_option;
        } else {
            $shipping_method = '';
            $shipping_option = '';
        if (isset($_POST['how_find_us'])) {
            $find_us = $_POST['how_find_us'];
        } else {
            $find_us = '';
        //keep track of tax if taxes are exclusive
        $wpec_taxes_controller = new wpec_taxes_controller();
        if (!$wpec_taxes_controller->wpec_taxes_isincluded()) {
            $tax = $wpsc_cart->calculate_total_tax();
            $tax_percentage = $wpsc_cart->tax_percentage;
        } else {
            $tax = 0.0;
            $tax_percentage = 0.0;
        $total = $wpsc_cart->calculate_total_price();
        $args = array('totalprice' => $total, 'statusno' => '0', 'sessionid' => $sessionid, 'user_ID' => (int) $user_ID, 'date' => time(), 'gateway' => $submitted_gateway, 'billing_country' => $wpsc_cart->selected_country, 'shipping_country' => $delivery_country, 'billing_region' => $wpsc_cart->selected_region, 'shipping_region' => $delivery_region, 'base_shipping' => $base_shipping, 'shipping_method' => $shipping_method, 'shipping_option' => $shipping_option, 'plugin_version' => WPSC_VERSION, 'discount_value' => $wpsc_cart->coupons_amount, 'discount_data' => $wpsc_cart->coupons_name, 'find_us' => $find_us, 'wpec_taxes_total' => $tax, 'wpec_taxes_rate' => $tax_percentage);
        $purchase_log = new WPSC_Purchase_Log($args);
        $purchase_log_id = $purchase_log->get('id');
        if ($collected_data) {
        if (get_option('wpsc_also_bought') == 1) {
        if (!isset($our_user_id) && isset($user_ID)) {
            $our_user_id = $user_ID;
        $wpsc_cart->log_id = $purchase_log_id;
        do_action('wpsc_submit_checkout', array("purchase_log_id" => $purchase_log_id, "our_user_id" => $our_user_id));
        if (get_option('permalink_structure') != '') {
            $separator = "?";
        } else {
            $separator = "&";
        // submit to gateway
        $current_gateway_data =& $wpsc_gateways[$submitted_gateway];
        if (isset($current_gateway_data['api_version']) && $current_gateway_data['api_version'] >= 2.0) {
            $merchant_instance = new $current_gateway_data['class_name']($purchase_log_id);
            do_action_ref_array('wpsc_pre_submit_gateway', array(&$merchant_instance));
        } elseif ($current_gateway_data['internalname'] == $submitted_gateway && $current_gateway_data['internalname'] != 'google') {
            $gateway_used = $current_gateway_data['internalname'];
            $purchase_log->set('gateway', $gateway_used);
            $current_gateway_data['function']($separator, $sessionid);
        } elseif ($current_gateway_data['internalname'] == 'google' && $current_gateway_data['internalname'] == $submitted_gateway) {
            $gateway_used = $current_gateway_data['internalname'];
            $purchase_log->set('gateway', $gateway_used);
            wpsc_update_customer_meta('google_checkout', 'google');
function wpsc_send_admin_email($purchase_log, $force = false)
    if (!is_object($purchase_log)) {
        $purchase_log = new WPSC_Purchase_Log($purchase_log);
    if ($purchase_log->get('email_sent') && !$force) {
    $email = new WPSC_Purchase_Log_Admin_Notification($purchase_log);
    $email_sent = $email->send();
    if ($email_sent) {
        $purchase_log->set('email_sent', 1);
    do_action('wpsc_transaction_send_email_to_admin', $email, $email_sent);
    return $email_sent;
function wpsc_update_purchase_log_details($unique_id, $details, $by = 'id')
    $purchase_log = new WPSC_Purchase_Log($unique_id, $by);
    return $purchase_log->save();
Beispiel #6
 * Update Purchase Log Notes
 * @param  int     $purchlog_id     Purchase log ID.
 * @param  string  $purchlog_notes  Notes.
function wpsc_purchlogs_update_notes($purchlog_id = 0, $purchlog_notes = '')
    if (isset($_POST['wpsc_purchlogs_update_notes_nonce']) && wp_verify_nonce($_POST['wpsc_purchlogs_update_notes_nonce'], 'wpsc_purchlogs_update_notes')) {
        if (0 == $purchlog_id && isset($_POST['purchlog_id']) && '' == $purchlog_notes) {
            $purchlog_id = absint($_POST['purchlog_id']);
            $purchlog_notes = stripslashes($_POST['purchlog_notes']);
        if ($purchlog_id > 0) {
            $purchase_log = new WPSC_Purchase_Log($purchlog_id);
            $purchase_log->set('notes', $purchlog_notes);
Beispiel #7
 function submit()
     require_once 'eWay/lib.php';
     //Send card data
     $this->credit_card_details = array('card_number' => $_POST['eway_card_number'], 'expiry_month' => $_POST['eway_expiry_month'], 'expiry_year' => $_POST['eway_expiry_year'], 'card_code' => $_POST['eway_card_code']);
     $request = new eWAY\CreateDirectPaymentRequest();
     //Send vars to eWay
     $request->Customer->FirstName = $this->cart_data['billing_address']['first_name'];
     $request->Customer->LastName = $this->cart_data['billing_address']['last_name'];
     $request->Customer->Reference = $this->cart_data['session_id'];
     $request->Customer->City = $this->cart_data['billing_address']['city'];
     $request->Customer->State = $this->cart_data['billing_address']['state'];
     $request->Customer->PostalCode = $this->cart_data['billing_address']['post_code'];
     $request->Customer->Email = $this->cart_data['email_address'];
     //Card info
     $request->Customer->CardDetails->Name = $request->Customer->FirstName . ' ' . $request->Customer->LastName;
     $request->Customer->CardDetails->Number = $this->credit_card_details['card_number'];
     $request->Customer->CardDetails->ExpiryMonth = $this->credit_card_details['expiry_month'];
     $request->Customer->CardDetails->ExpiryYear = $this->credit_card_details['expiry_year'];
     $request->Customer->CardDetails->CVN = $this->credit_card_details['card_code'];
     //Populate values for LineItems
     $i = 0;
     foreach ($this->cart_items as $cart_row) {
         $item[$i] = new eWAY\LineItem();
         $item[$i]->Description = $cart_row['name'];
         $item[$i]->Quantity = $cart_row['quantity'];
         $item[$i]->UnitCost = $cart_row['price'] * 100;
         $item[$i]->Total = $cart_row['price'] * 100 * $cart_row['quantity'];
         $request->Items->LineItem[$i] = $item[$i];
     $opt = new eWAY\Option();
     $opt->Value = $this->cart_data['session_id'];
     $request->Options->Option[0] = $opt;
     //Populate values for Payment Object
     $request->Payment->TotalAmount = number_format($this->cart_data['total_price'], 2, '.', '') * 100;
     $request->Payment->CurrencyCode = $this->cart_data['store_currency'];
     $request->Payment->InvoiceReference = $this->cart_data['session_id'];
     //Misc data
     $request->Method = 'ProcessPayment';
     $request->TransactionType = 'Purchase';
     $eway_params = array();
     if (get_option('eway_testmode') == 'test') {
         $eway_params['sandbox'] = true;
     $service = new eWAY\RapidAPI(get_option('eway_apikey'), get_option('eway_apipassword'), $eway_params);
     $result = $service->DirectPayment($request);
     if (isset($result->Errors)) {
         // Get Error Messages from Error Code. Error Code Mappings are in the Config.ini file
         $ErrorArray = explode(",", $result->Errors);
         $lblError = "";
         foreach ($ErrorArray as $error) {
             $error = $service->getMessage($error);
             $lblError .= $error . "<br />\n";
     if (isset($lblError)) {
         $error_messages = wpsc_get_customer_meta('checkout_misc_error_messages');
         if (!is_array($error_messages)) {
             $error_messages = array();
         $error_messages[] = '<strong style="color:red">' . $lblError . ' </strong>';
         wpsc_update_customer_meta('checkout_misc_error_messages', $error_messages);
     if (isset($result->TransactionStatus) && $result->TransactionStatus && (is_bool($result->TransactionStatus) || $result->TransactionStatus != "false")) {
         $sessionid = $result->Payment->InvoiceReference;
         $purchase_log = new WPSC_Purchase_Log($sessionid, 'sessionid');
         $purchase_log->set(array('processed' => WPSC_Purchase_Log::ACCEPTED_PAYMENT, 'transactid' => $result->TransactionID, 'notes' => 'eWay Auth Code : "' . $result->AuthorisationCode . '"'));
     } else {
         $error_messages = wpsc_get_customer_meta('checkout_misc_error_messages');
         if (!is_array($error_messages)) {
             $error_messages = array();
         $error_messages[] = '<strong style="color:red">' . parse_error_message_eway($result->ResponseMessage) . ' </strong>';
         wpsc_update_customer_meta('checkout_misc_error_messages', $error_messages);
         $checkout_page_url = get_option('shopping_cart_url');
         if ($checkout_page_url) {
             header('Location: ' . $checkout_page_url);
function response_handler($nvpArray, $fraud, $sessionid, $data = null, $recurring = null)
    global $wpdb;
    $result_code = $nvpArray['RESULT'];
    //$RespMsg = 'General Error.  Please contact Customer Support.';
    //    echo ($result_code);
    if ($result_code == 1 || $result_code == 26) {
        wpsc_update_customer_meta('payflow_message', __('Account configuration issue.  Please verify your login credentials.', 'wpsc_gold_cart'));
    } else {
        if ($result_code == '0') {
            $purchase_log = new WPSC_Purchase_Log($sessionid, 'sessionid');
            $purchase_log->set('processed', WPSC_Purchase_Log::ACCEPTED_PAYMENT);
            $log_id = $purchase_log->get('id');
            if (isset($nvpArray['CVV2MATCH'])) {
                if ($nvpArray['CVV2MATCH'] != "Y") {
                    $RespMsg = __('Your billing (cvv2) information does not match. Please re-enter.', 'wpsc_gold_cart');
        } else {
            if ($result_code == 12) {
                $log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`='{$sessionid}' LIMIT 1");
                $delete_log_form_sql = "SELECT * FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$log_id}'";
                $cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
                foreach((array)$cart_content as $cart_item) {
                         $cart_item_variations = $wpdb->query("DELETE FROM `".$wpdb->prefix."cart_item_variations` WHERE `cart_id` = '".$cart_item['id']."'", ARRAY_A);
                $wpdb->query("DELETE FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'");
                $wpdb->query("DELETE FROM `" . WPSC_TABLE_SUBMITED_FORM_DATA . "` WHERE `log_id` IN ('{$log_id}')");
                $wpdb->query("DELETE FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id`='{$log_id}' LIMIT 1");
                wpsc_update_customer_meta('payflow_message', __('Your credit card has been declined.  You may press the back button in your browser and check that you\'ve entered your card information correctly, otherwise please contact your credit card issuer.', 'wpsc_gold_cart'));
                header("Location:" . get_option('transact_url') . $seperator . "payflow=1&message=1");
            } else {
                if ($result_code == 13) {
                    $log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`='{$sessionid}' LIMIT 1");
                    $delete_log_form_sql = "SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'";
                    $cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
                    foreach((array)$cart_content as $cart_item) {
                       $cart_item_variations = $wpdb->query("DELETE FROM `".WPSC_TABLE_CART_ITEM_VARIATIONS."` WHERE `cart_id` = '".$cart_item['id']."'", ARRAY_A);
                    $RespMsg = __('Invalid credit card information. Please use the back button in your browser and re-enter if you feel that you have received this message in error', 'wpsc_gold_cart');
                    //die before deleting cart information
                    $wpdb->query("DELETE FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'");
                    $wpdb->query("DELETE FROM `" . WPSC_TABLE_SUBMITED_FORM_DATA . "` WHERE `log_id` IN ('{$log_id}')");
                    $wpdb->query("DELETE FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id`='{$log_id}' LIMIT 1");
                } else {
                    if ($result_code == 23 || $result_code == 24) {
                        $log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`='{$sessionid}' LIMIT 1");
                        $delete_log_form_sql = "SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'";
                        $cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
                              foreach((array)$cart_content as $cart_item) {
                                 $cart_item_variations = $wpdb->query("DELETE FROM `".$wpdb->prefix."cart_item_variations` WHERE `cart_id` = '".$cart_item['id']."'", ARRAY_A);
                        $RespMsg = __('Invalid credit card information. Please use the back button in your browser and re-enter if you feel that you have received this message in error', 'wpsc_gold_cart');
                        //die before deleting cart information
                        $wpdb->query("DELETE FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'");
                        $wpdb->query("DELETE FROM `" . WPSC_TABLE_SUBMITED_FORM_DATA . "` WHERE `log_id` IN ('{$log_id}')");
                        $wpdb->query("DELETE FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id`='{$log_id}' LIMIT 1");
                        $RespMsg = __('Invalid credit card information. Please use the back button in your browser and re-enter. If you feel that you received this message in error.', 'wpsc_gold_cart');
                    } else {
                        $log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`='{$sessionid}' LIMIT 1");
                        $delete_log_form_sql = "SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'";
                        $cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
                              foreach((array)$cart_content as $cart_item) {
                                 $cart_item_variations = $wpdb->query("DELETE FROM `".$wpdb->prefix."cart_item_variations` WHERE `cart_id` = '".$cart_item['id']."'", ARRAY_A);
                        $wpdb->query("DELETE FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'");
                        $wpdb->query("DELETE FROM `" . WPSC_TABLE_SUBMITED_FORM_DATA . "` WHERE `log_id` IN ('{$log_id}')");
                        $wpdb->query("DELETE FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id`='{$log_id}' LIMIT 1");
                        $RespMsg = __('Invalid credit card information. Please use the back button in your browser and re-enter. If you feel that you received this message in error.', 'wpsc_gold_cart');
    if ($fraud == 'YES') {
        if ($result_code == 125) {
            $log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`='{$sessionid}' LIMIT 1");
            $delete_log_form_sql = "SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'";
            $cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
            foreach((array)$cart_content as $cart_item) {
                        $cart_item_variations = $wpdb->query("DELETE FROM `".$wpdb->prefix."cart_item_variations` WHERE `cart_id` = '".$cart_item['id']."'", ARRAY_A);
            $wpdb->query("DELETE FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'");
            $wpdb->query("DELETE FROM `" . WPSC_TABLE_SUBMITED_FORM_DATA . "` WHERE `log_id` IN ('{$log_id}')");
            $wpdb->query("DELETE FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id`='{$log_id}' LIMIT 1");
        } else {
            if ($result_code == 126) {
                $RespMsg = __('Your Transaction is Under Review. We will notify you via e-mail if accepted.', 'wpsc_gold_cart');
            } else {
                if ($result_code == 127) {
                    $RespMsg = __('Your Transaction is Under Review. We will notify you via e-mail if accepted.', 'wpsc_gold_cart');
    if (get_option('permalink_structure') != '') {
        $seperator = '?';
    } else {
        $seperator = '&';
    if ($result_code != 0) {
        wpsc_update_customer_meta('payflow_message', $RespMsg);
        header("Location:" . get_option('transact_url') . $seperator . "payflow=1&&sessionid=" . $sessionid . "result=" . $result_code . "&message=1");
    header("Location:" . get_option('transact_url') . $seperator . "payflow=1&sessionid=" . $sessionid . "&result=" . $result_code . "&message=1");
function _wpsc_buy_now_transaction_results()
    if (!isset($_REQUEST['sessionid'])) {
    $purchase_log = new WPSC_Purchase_Log($_REQUEST['sessionid'], 'sessionid');
    if (!$purchase_log->exists() || $purchase_log->is_transaction_completed()) {
    $purchase_log->set('processed', WPSC_Purchase_Log::ORDER_RECEIVED);
Beispiel #10
function sagepay_process_gateway_info()
    global $sessionid;
    if (get_option('permalink_structure') != '') {
        $separator = "?";
    } else {
        $separator = "&";
    // first set up all the vars that we are going to need later
    $sagepay_options = get_option('wpec_sagepay');
    $crypt = filter_input(INPUT_GET, 'crypt');
    $uncrypt = Sagepay_merchant::decryptAes($crypt, $sagepay_options['encrypt_key']);
    $decryptArr = Sagepay_merchant::queryStringToArray($uncrypt);
    if (!$uncrypt || empty($decryptArr)) {
    parse_str($uncrypt, $unencrypted_values);
    $success = '';
    switch ($unencrypted_values['Status']) {
        case 'NOTAUTHED':
        case 'REJECTED':
            $success = 'Failed';
        case 'MALFORMED':
        case 'INVALID':
            $success = 'Failed';
        case 'ERROR':
            $success = 'Failed';
        case 'ABORT':
            $success = 'Failed';
        case 'AUTHENTICATED':
            // Only returned if TxType is AUTHENTICATE
            if (isset($sagepay_options['payment_type']) && 'AUTHENTICATE' == $sagepay_options['payment_type']) {
                $success = 'Authenticated';
            } else {
                $success = 'Pending';
        case 'REGISTERED':
            // Only returned if TxType is AUTHENTICATE
            $success = 'Failed';
        case 'OK':
            $success = 'Completed';
    switch ($success) {
        case 'Completed':
            $purchase_log = new WPSC_Purchase_Log($unencrypted_values['VendorTxCode'], 'sessionid');
            $purchase_log->set(array('processed' => WPSC_Purchase_Log::ACCEPTED_PAYMENT, 'transactid' => $unencrypted_values['VPSTxId']));
            // set this global, wonder if this is ok
            $sessionid = $unencrypted_values['VendorTxCode'];
            header("Location: " . get_option('transact_url') . $separator . "sessionid=" . $sessionid);
        case 'Failed':
            // if it fails...
            switch ($unencrypted_values['Status']) {
                case 'NOTAUTHED':
                case 'REJECTED':
                case 'MALFORMED':
                case 'INVALID':
                case 'ABORT':
                case 'ERROR':
                    $purchase_log = new WPSC_Purchase_Log($unencrypted_values['VendorTxCode'], 'sessionid');
                    $purchase_log->set(array('processed' => WPSC_Purchase_Log::INCOMPLETE_SALE, 'notes' => 'SagePay Status: ' . $unencrypted_values['Status']));
                    // if it fails redirect to the shopping cart page with the error
                    // redirect to checkout page with an error
                    $error_messages = wpsc_get_customer_meta('checkout_misc_error_messages');
                    if (!is_array($error_messages)) {
                        $error_messages = array();
                    $error_messages[] = '<strong style="color:red">' . $unencrypted_values['StatusDetail'] . ' </strong>';
                    wpsc_update_customer_meta('checkout_misc_error_messages', $error_messages);
                    $checkout_page_url = get_option('shopping_cart_url');
                    if ($checkout_page_url) {
                        header('Location: ' . $checkout_page_url);
        case 'Authenticated':
            // Like "Completed" but only flag as order received
            $purchase_log = new WPSC_Purchase_Log($unencrypted_values['VendorTxCode'], 'sessionid');
            $purchase_log->set(array('processed' => WPSC_Purchase_Log::ORDER_RECEIVED, 'transactid' => $unencrypted_values['VPSTxId'], 'date' => time(), 'notes' => 'SagePay Status: ' . $unencrypted_values['Status']));
            // Redirect to reponse page
            $sessionid = $unencrypted_values['VendorTxCode'];
            header("Location: " . get_option('transact_url') . $separator . "sessionid=" . $sessionid);
        case 'Pending':
            // need to wait for "Completed" before processing
            $purchase_log = new WPSC_Purchase_Log($unencrypted_values['VendorTxCode'], 'sessionid');
            $purchase_log->set(array('processed' => WPSC_Purchase_Log::ORDER_RECEIVED, 'transactid' => $unencrypted_values['VPSTxId'], 'date' => time(), 'notes' => 'SagePay Status: ' . $unencrypted_values['Status']));
            // redirect to checkout page with an error
            $error_messages = wpsc_get_customer_meta('checkout_misc_error_messages');
            if (!is_array($error_messages)) {
                $error_messages = array();
            $error_messages[] = '<strong style="color:red">' . $unencrypted_values['StatusDetail'] . ' </strong>';
            wpsc_update_customer_meta('checkout_misc_error_messages', $error_messages);
            $checkout_page_url = get_option('shopping_cart_url');
            if ($checkout_page_url) {
                header('Location: ' . $checkout_page_url);
Beispiel #11
function wpec_vmerchant_return()
    global $sessionid, $wpdb;
    $sessionid = $_GET['ssl_invoice_number'];
    if ($_GET['ssl_result_message'] == 'APPROVED' || $_GET['ssl_result_message'] == 'APPROVAL') {
        // success
        $purchase_log = new WPSC_Purchase_Log($sessionid, 'sessionid');
        $purchase_log->set(array('processed' => WPSC_Purchase_Log::ACCEPTED_PAYMENT, 'transactid' => $_GET['ssl_txn_id'], 'notes' => 'Virtual Merchant time : "' . $_GET['ssl_txn_time'] . '"'));
        // set this global, wonder if this is ok
        transaction_results($sessionid, true);
    } else {
        // success
        $purchase_log = new WPSC_Purchase_Log($sessionid, 'sessionid');
        $purchase_log->set(array('processed' => WPSC_Purchase_Log::INCOMPLETE_SALE, 'transactid' => $_GET['ssl_txn_id'], 'notes' => 'Virtual Merchant time : "' . $_GET['ssl_txn_time'] . '"'));
        $error_messages = wpsc_get_customer_meta('checkout_misc_error_messages');
        if (!is_array($error_messages)) {
            $error_messages = array();
        $error_messages[] = '<strong style="color:red">' . urldecode($_GET['ssl_result_message']) . ' </strong>';
        wpsc_update_customer_meta('checkout_misc_error_messages', $error_messages);
        $checkout_page_url = get_option('shopping_cart_url');
        if ($checkout_page_url) {
            header('Location: ' . $checkout_page_url);
 public static function sales_data_postback()
     if (!isset($_REQUEST['sales_data'])) {
     $data = json_decode(stripslashes($_POST['data']));
     $cart_contents = json_decode(stripslashes($_POST['cart_contents']));
     //Unset purchase log ID, since we're inserting a new one.
     $data = (array) $data;
     $purchase_log = new WPSC_Purchase_Log($data);
     $purchase_log_id = $purchase_log->get('id');
     global $wpdb;
     //We need to update the proper product ID, name and purchase ID
     foreach ($cart_contents as $cart_item) {
         $product = new WP_Query(array('post_type' => 'wpsc-product', 'pagename' => $cart_item->slug));
         $product = $product->get_posts();
         $product = $product[0];
         $cart_item = (array) $cart_item;
         $cart_item['prodid'] = $product->ID;
         $cart_item['name'] = $product->post_title;
         $cart_item['purchaseid'] = $purchase_log_id;
         $wpdb->insert(WPSC_TABLE_CART_CONTENTS, $cart_item);
function _wpsc_oklink_return()
    if (!isset($_REQUEST['wpsc_oklink_return'])) {
    // oklink order param interferes with wordpress
    if (!isset($_REQUEST['sessionid'])) {
    global $sessionid;
    $purchase_log = new WPSC_Purchase_Log($_REQUEST['sessionid'], 'sessionid');
    if (!$purchase_log->exists() || $purchase_log->is_transaction_completed()) {
    $status = 1;
    if (isset($_REQUEST['cancelled'])) {
        # Unsetting sessionid to show error
        $sessionid = false;
    } else {
        $status = WPSC_Purchase_Log::ORDER_RECEIVED;
        $purchase_log->set('processed', $status);
Beispiel #14
 public function submit()
     $this->credit_card_details = array('card_number' => $_POST['card_number'], 'expiry_month' => $_POST['expiry_month'], 'expiry_year' => $_POST['expiry_year'], 'card_code' => $_POST['card_code']);
     $x_Login = urlencode(get_option('bluepay_login'));
     // Replace LOGIN with your login
     $x_Password = urlencode(get_option("bluepay_password"));
     // Replace PASS with your password
     $x_Delim_Data = urlencode("TRUE");
     $x_Delim_Char = urlencode(",");
     $x_Encap_Char = urlencode("");
     $x_Type = urlencode("AUTH_CAPTURE");
     $x_ADC_Relay_Response = urlencode("FALSE");
     if (get_option('bluepay_testmode') == 1) {
         $x_Test_Request = urlencode("TRUE");
         // Remove this line of code when you are ready to go live
     # Customer Information
     $x_Method = urlencode("CC");
     $x_Amount = urlencode(nzshpcrt_overall_total_price(wpsc_get_customer_meta('shipping_country')));
     $x_First_Name = urlencode($this->cart_data['billing_address']['first_name']);
     $x_Last_Name = urlencode($this->cart_data['billing_address']['last_name']);
     $x_Card_Num = urlencode($this->credit_card_details['card_number']);
     $x_Exp_Date = urlencode($this->credit_card_details['expiry_month'] . $this->credit_card_details['expiry_year']);
     $x_Address = urlencode($this->cart_data['billing_address']['address']);
     $x_City = urlencode($this->cart_data['billing_address']['city']);
     $x_State = urlencode($this->cart_data['billing_address']['state']);
     //gets the state from the input box not the usa ddl
     //if (empty($State)){ // check if the state is there from the input box if not get it from the ddl
     //$State_id= $_POST['collected_data'][get_option('bluepay_form_country')][1];
     //$x_State = urlencode(wpsc_get_state_by_id($State_id, 'name'));
     //$x_State = $State;
     $x_description = '';
     foreach ($this->cart_items as $cart_row) {
         $x_description .= $cart_row['name'] . ' / ';
     $x_Zip = urlencode($this->cart_data['billing_address']['post_code']);
     $x_Email = urlencode($this->cart_data['email_address']);
     $x_Email_Customer = urlencode("TRUE");
     $x_Merchant_Email = urlencode(get_option('purch_log_email'));
     //  Replace MERCHANT_EMAIL with the merchant email address
     $x_Card_Code = urlencode($this->credit_card_details['card_code']);
     # Build fields string to post
     $fields = "x_Version=3.1&x_Login={$x_Login}&x_Delim_Data={$x_Delim_Data}&x_Delim_Char={$x_Delim_Char}&x_Encap_Char={$x_Encap_Char}";
     $fields .= "&x_Type={$x_Type}&x_Test_Request={$x_Test_Request}&x_Method={$x_Method}&x_Amount={$x_Amount}&x_First_Name={$x_First_Name}";
     $fields .= "&x_Last_Name={$x_Last_Name}&x_Card_Num={$x_Card_Num}&x_Exp_Date={$x_Exp_Date}&x_Card_Code={$x_Card_Code}&x_Address={$x_Address}&x_City={$x_City}&x_State={$x_State}&x_Zip={$x_Zip}&x_Email={$x_Email}&x_Email_Customer={$x_Email_Customer}&x_Merchant_Email={$x_Merchant_Email}&x_ADC_Relay_Response={$x_ADC_Relay_Response}&x_description={$x_description}";
     if ($x_Password != '') {
         $fields .= "&x_Password={$x_Password}";
     # Start CURL session
     $agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)";
     $ref = get_option('transact_url');
     // Replace this URL with the URL of this script
     $ch = curl_init();
     curl_setopt($ch, CURLOPT_URL, "");
     curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
     curl_setopt($ch, CURLOPT_NOPROGRESS, 1);
     curl_setopt($ch, CURLOPT_VERBOSE, 1);
     curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
     curl_setopt($ch, CURLOPT_POST, 1);
     curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
     curl_setopt($ch, CURLOPT_TIMEOUT, 120);
     curl_setopt($ch, CURLOPT_USERAGENT, $agent);
     curl_setopt($ch, CURLOPT_REFERER, $ref);
     curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
     $buffer = curl_exec($ch);
     // This section of the code is the change from Version 1.
     // This allows this script to process all information provided by
     // and not just whether if the transaction was successful or not
     // Provided in the true spirit of giving by Chuck Carpenter (
     // Be sure to email him and tell him how much you appreciate his efforts for PHP coders everywhere
     $return = preg_split("/[,]+/", "{$buffer}");
     // Splits out the buffer return into an array so . . .
     $details = $return[0];
     // This can grab the Transaction ID at position 1 in the array
     // echo "Location: ".$transact_url.$seperator."sessionid=".$sessionid;
     // exit("<pre>".print_r($return,true)."</pre>");
     // Change the number to grab additional information.  Consult the AIM guidelines to see what information is provided in each position.
     // For instance, to get the Transaction ID from the returned information (in position 7)..
     // Simply add the following:
     // $x_trans_id = $return[6];
     // You may then use the switch statement (or other process) to process the information provided
     // Example below is to see if the transaction was charged successfully
     if (get_option('permalink_structure') != '') {
         $seperator = "?";
     } else {
         $seperator = "&";
     switch ($details) {
         case 1:
             // Credit Card Successfully Charged
             $purchase_log = new WPSC_Purchase_Log($this->cart_data['session_id'], 'sessionid');
             $purchase_log->set('processed', WPSC_Purchase_Log::ACCEPTED_PAYMENT);
             header("Location: " . get_option('transact_url') . $seperator . "sessionid=" . $this->cart_data['session_id']);
             // Credit Card Not Successfully Charged
             $errors = wpsc_get_customer_meta('checkout_misc_error_messages');
             if (!is_array($errors)) {
                 $errors = array();
             $errors[] = "Credit Card Processing Error: " . $return[3];
             wpsc_update_customer_meta('checkout_misc_error_messages', $errors);
             $checkout_page_url = get_option('shopping_cart_url');
             if ($checkout_page_url) {
                 header('Location: ' . $checkout_page_url);
 private function submit_payment_method()
     global $wpsc_cart;
     if (!$this->verify_nonce('wpsc-checkout-form-payment-method')) {
     if (empty($_POST['wpsc_payment_method']) && !wpsc_is_free_cart()) {
         $this->message_collection->add(__('Please select a payment method', 'wp-e-commerce'), 'validation');
     $valid = apply_filters('_wpsc_merchant_v2_validate_payment_method', true, $this);
     if (!$valid) {
     $purchase_log_id = wpsc_get_customer_meta('current_purchase_log_id');
     $purchase_log = new WPSC_Purchase_Log($purchase_log_id);
     $submitted_gateway = $_POST['wpsc_payment_method'];
     $purchase_log->set(array('gateway' => $submitted_gateway, 'base_shipping' => $wpsc_cart->calculate_base_shipping(), 'totalprice' => $wpsc_cart->calculate_total_price()));
     if ($this->maybe_add_guest_account() && isset($_POST['wpsc_create_account'])) {
         $email = wpsc_get_customer_meta('billingemail');
         $user_id = wpsc_register_customer($email, $email, false);
         $purchase_log->set('user_ID', $user_id);
         wpsc_update_customer_meta('checkout_details', wpsc_get_customer_meta('checkout_details'), $user_id);
         update_user_meta($user_id, '_wpsc_visitor_id', wpsc_get_current_customer_id());
     $wpsc_cart->log_id = $purchase_log_id;
     do_action('wpsc_submit_checkout', array('purchase_log_id' => $purchase_log_id, 'our_user_id' => isset($user_id) ? $user_id : get_current_user_id()));
     do_action('wpsc_submit_checkout_gateway', $submitted_gateway, $purchase_log);
Beispiel #16
 * submit checkout function, used through ajax and in normal page loading.
 * No parameters, returns nothing
function wpsc_submit_checkout($collected_data = true)
    global $wpdb, $wpsc_cart, $user_ID, $nzshpcrt_gateways, $wpsc_shipping_modules, $wpsc_gateways;
    if ($collected_data && isset($_POST['collected_data']) && is_array($_POST['collected_data'])) {
    // initialize our checkout status variab;e, we start be assuming
    // checkout is falid, until we find a reason otherwise
    $is_valid = true;
    $num_items = 0;
    $use_shipping = 0;
    $disregard_shipping = 0;
    $error_messages = wpsc_get_customer_meta('checkout_misc_error_messages');
    if (!is_array($error_messages)) {
        $error_messages = array();
    $wpsc_checkout = new wpsc_checkout();
    $selected_gateways = get_option('custom_gateway_options');
    $submitted_gateway = isset($_POST['custom_gateway']) ? $_POST['custom_gateway'] : '';
    if ($collected_data) {
        $form_validity = $wpsc_checkout->validate_forms();
        // extracts $is_valid and $error_messages
        if (wpsc_has_tnc() && (!isset($_POST['agree']) || $_POST['agree'] != 'yes')) {
            $error_messages[] = __('Please agree to the terms and conditions, otherwise we cannot process your order.', 'wpsc');
            $is_valid = false;
    } else {
        $is_valid = true;
        $error_messages = array();
    $wpsc_country = new WPSC_Country(wpsc_get_customer_meta('shippingcountry'));
    $country_id = $wpsc_country->get_id();
    $country_name = $wpsc_country->get_name();
    foreach ($wpsc_cart->cart_items as $cartitem) {
        if (!empty($cartitem->meta[0]['no_shipping'])) {
        $categoriesIDs = $cartitem->category_id_list;
        foreach ((array) $categoriesIDs as $catid) {
            if (is_array($catid)) {
                $countries = wpsc_get_meta($catid[0], 'target_market', 'wpsc_category');
            } else {
                $countries = wpsc_get_meta($catid, 'target_market', 'wpsc_category');
            if (!empty($countries) && !in_array($country_id, (array) $countries)) {
                $errormessage = sprintf(__('%s cannot be shipped to %s. To continue with your transaction please remove this product from the list below.', 'wpsc'), $cartitem->get_title(), $country_name);
                wpsc_update_customer_meta('category_shipping_conflict', $errormessage);
                $is_valid = false;
        //count number of items, and number of items using shipping
        if ($cartitem->uses_shipping != 1) {
        } else {
    // check to see if the current gateway is in the list of available gateways
    if (array_search($submitted_gateway, $selected_gateways) !== false) {
        wpsc_update_customer_meta('selected_gateway', $submitted_gateway);
    } else {
        $is_valid = false;
    if ($collected_data) {
        // Test for required shipping information
        if (wpsc_core_shipping_enabled() && $num_items != $disregard_shipping) {
            // for shipping to work we need a method, option and a quote
            if (!$wpsc_cart->shipping_method_selected() || !$wpsc_cart->shipping_quote_selected()) {
                $error_messages[] = __('Please select one of the available shipping options, then we can process your order.', 'wpsc');
                $is_valid = false;
            // if we don't have a valid zip code ( the function also checks if we need it ) we have an error
            if (!wpsc_have_valid_shipping_zipcode()) {
                wpsc_update_customer_meta('category_shipping_conflict', __('Please enter a Zipcode and click calculate to proceed', 'wpsc'));
                $is_valid = false;
    wpsc_update_customer_meta('checkout_misc_error_messages', $error_messages);
    if ($is_valid == true) {
        // check that the submitted gateway is in the list of selected ones
        $sessionid = mt_rand(100, 999) . time();
        wpsc_update_customer_meta('checkout_session_id', $sessionid);
        $subtotal = $wpsc_cart->calculate_subtotal();
        if ($wpsc_cart->has_total_shipping_discount() == false) {
            $base_shipping = $wpsc_cart->calculate_base_shipping();
        } else {
            $base_shipping = 0;
        $delivery_country = $wpsc_cart->delivery_country;
        $delivery_region = $wpsc_cart->delivery_region;
        if (wpsc_uses_shipping()) {
            $shipping_method = $wpsc_cart->selected_shipping_method;
            $shipping_option = $wpsc_cart->selected_shipping_option;
        } else {
            $shipping_method = '';
            $shipping_option = '';
        if (isset($_POST['how_find_us'])) {
            $find_us = $_POST['how_find_us'];
        } else {
            $find_us = '';
        //keep track of tax if taxes are exclusive
        $wpec_taxes_controller = new wpec_taxes_controller();
        if (!$wpec_taxes_controller->wpec_taxes_isincluded()) {
            $tax = $wpsc_cart->calculate_total_tax();
            $tax_percentage = $wpsc_cart->tax_percentage;
        } else {
            $tax = 0.0;
            $tax_percentage = 0.0;
        $total = $wpsc_cart->calculate_total_price();
        $args = array('totalprice' => $total, 'statusno' => '0', 'sessionid' => $sessionid, 'user_ID' => (int) $user_ID, 'date' => time(), 'gateway' => $submitted_gateway, 'billing_country' => $wpsc_cart->selected_country, 'shipping_country' => $delivery_country, 'billing_region' => $wpsc_cart->selected_region, 'shipping_region' => $delivery_region, 'base_shipping' => $base_shipping, 'shipping_method' => $shipping_method, 'shipping_option' => $shipping_option, 'plugin_version' => WPSC_VERSION, 'discount_value' => $wpsc_cart->coupons_amount, 'discount_data' => $wpsc_cart->coupons_name, 'find_us' => $find_us, 'wpec_taxes_total' => $tax, 'wpec_taxes_rate' => $tax_percentage);
        $purchase_log = new WPSC_Purchase_Log($args);
        $purchase_log_id = $purchase_log->get('id');
        if ($collected_data) {
        if (!isset($our_user_id) && isset($user_ID)) {
            $our_user_id = $user_ID;
        $wpsc_cart->log_id = $purchase_log_id;
        do_action('wpsc_submit_checkout', array('purchase_log_id' => $purchase_log_id, 'our_user_id' => $our_user_id));
        do_action('wpsc_submit_checkout_gateway', $submitted_gateway, $purchase_log);
  * ExpressCheckout Shortcut Callback
  * @return int
 public function callback_shortcut_process()
     if (!isset($_GET['payment_gateway'])) {
     $payment_gateway = $_GET['payment_gateway'];
     global $wpsc_cart;
     //	Create a new PurchaseLog Object
     $purchase_log = new WPSC_Purchase_Log();
     // Create a Sessionid
     $sessionid = mt_rand(100, 999) . time();
     wpsc_update_customer_meta('checkout_session_id', $sessionid);
     $purchase_log->set(array('user_ID' => get_current_user_id(), 'date' => time(), 'plugin_version' => WPSC_VERSION, 'statusno' => '0', 'sessionid' => $sessionid));
     if (wpsc_is_tax_included()) {
         $tax = $wpsc_cart->calculate_total_tax();
         $tax_percentage = $wpsc_cart->tax_percentage;
     } else {
         $tax = 0;
         $tax_percentage = 0;
     $purchase_log->set(array('wpec_taxes_total' => $tax, 'wpec_taxes_rate' => $tax_percentage));
     // Save the purchase_log object to generate it's id
     $purchase_log_id = $purchase_log->get('id');
     $wpsc_cart->log_id = $purchase_log_id;
     wpsc_update_customer_meta('current_purchase_log_id', $purchase_log_id);
     $purchase_log->set(array('gateway' => $payment_gateway, 'base_shipping' => $wpsc_cart->calculate_base_shipping(), 'totalprice' => $wpsc_cart->calculate_total_price()));
     // Save an empty Form
     $form = WPSC_Checkout_Form::get();
     $fields = $form->get_fields();
     WPSC_Checkout_Form_Data::save_form($purchase_log, $fields);
     // Return Customer to Review Order Page if there is Shipping
     add_filter('wpsc_paypal_express_checkout_transact_url', array(&$this, 'review_order_url'));
     add_filter('wpsc_paypal_express_checkout_return_url', array(&$this, 'review_order_callback'));
     // Set a Temporary Option for EC Shortcut
     wpsc_update_customer_meta('esc-' . $sessionid, true);
     // Apply Checkout Actions
     do_action('wpsc_submit_checkout', array('purchase_log_id' => $purchase_log_id, 'our_user_id' => get_current_user_id()));
     do_action('wpsc_submit_checkout_gateway', $payment_gateway, $purchase_log);
     return $sessionid;
Beispiel #18
 * Handle Response from DIBS server
function dibspayment_paywin_process()
    global $wpdb;
    if (isset($_GET['dibspw_result']) && isset($_POST['s_pid'])) {
        array_walk($_POST, create_function('&$val', '$val = stripslashes($val);'));
        $hamc_key = get_option('dibspw_hmac');
        $order_id = $_POST['orderid'];
        switch ($_GET['dibspw_result']) {
            case 'callback':
                if ($hamc_key && !isset($_POST['MAC'])) {
                    die("HMAC error!");
                if (isset($_POST['MAC']) && $_POST['MAC'] != dibspayment_paywin_calc_mac($_POST, $hamc_key, $bUrlDecode = FALSE)) {
                    die("Mac is incorrect, fraud attempt!!");
                $dibsInvoiceFields = array("acquirerLastName", "acquirerFirstName", "acquirerDeliveryAddress", "acquirerDeliveryPostalCode", "acquirerDeliveryPostalPlace");
                $dibsInvoiceFieldsString = "";
                foreach ($_POST as $key => $value) {
                    if (in_array($key, $dibsInvoiceFields)) {
                        $dibsInvoiceFieldsString .= "{$key}={$value}\n";
                // Email is not send automatically on a success transactio page
                // from version '3.8.9 so we send email on callback from this version
                if (version_compare(get_option('wpsc_version'), '3.8.9', '>=')) {
                    if ($_POST['status'] == "ACCEPTED") {
                        $purchaselog = new WPSC_Purchase_Log($order_id);
                        $purchaselog->set('processed', get_option('dibspw_status'));
                        $purchaselog->set('notes', $dibsInvoiceFieldsString);
                        $wpscmerch = new wpsc_merchant($order_id, false);
                } else {
                    if ($_POST['status'] == "ACCEPTED") {
                        $purchase_log = $wpdb->get_results("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $_POST['s_pid'] . " LIMIT 1", ARRAY_A);
                        $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '" . get_option('dibspw_status') . "', `notes`='" . $dibsInvoiceFieldsString . "'  WHERE `id` = '" . $purchase_log[0]['id'] . "' LIMIT 1;");
                        // If it is the second callback with status ACCEPTED
                        // we want to send an email to customer.
                        if ($purchase_log[0]['authcode'] == "PENDING") {
                            transaction_results($_POST['s_pid'], false);
                    } else {
                        // we save not successed statuses it can be PENDING status..
                        $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '1' , `authcode` = '" . $_POST['status'] . "'  WHERE `id` = '" . $purchase_log[0]['id'] . "' LIMIT 1;");
            case 'success':
                if (!isset($_GET['page_id']) || get_permalink($_GET['page_id']) != get_option('transact_url')) {
                    $location = add_query_arg('sessionid', $_POST['s_pid'], get_option('transact_url'));
                    if ($_POST['status'] == "ACCEPTED") {
                        if ($hamc_key && !isset($_POST['MAC'])) {
                            die("HMAC error!");
                        if (isset($_POST['MAC']) && $_POST['MAC'] != dibspayment_paywin_calc_mac($_POST, $hamc_key, $bUrlDecode = FALSE)) {
                            die("HMAC is incorrect, fraud attempt!");
                    } else {
                        // Declined or PENDING
                        $purchase_log = $wpdb->get_results("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $_POST['s_pid'] . " LIMIT 1", ARRAY_A);
                        $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '1' , `authcode` = '" . $_POST['status'] . "'  WHERE `id` = '" . $purchase_log[0]['id'] . "' LIMIT 1;");
            case 'cancel':
                if (isset($_POST['orderid'])) {
                    $purchase_log = $wpdb->get_results("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $_POST['s_pid'] . " LIMIT 1", ARRAY_A);
                    $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '" . get_option('dibspw_statusc') . "' WHERE `id` = '" . $purchase_log[0]['id'] . "' LIMIT 1;");
Beispiel #19
function gateway_linkpoint($seperator, $sessionid)
    global $wpdb;
    $transact_url = get_option('transact_url');
    $purchase_log_sql = "SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= '" . $sessionid . "' LIMIT 1";
    $purchase_log = $wpdb->get_results($purchase_log_sql, ARRAY_A);
    $purchase_log = $purchase_log[0];
    //Get provided user info
    //Here starts most of the changes implemented into linkpoint for passing userinfo
    $usersql = "SELECT\n\t\t`" . WPSC_TABLE_SUBMITED_FORM_DATA . "`.value,\n\t\t`" . WPSC_TABLE_CHECKOUT_FORMS . "`.`name`,\n\t\t`" . WPSC_TABLE_CHECKOUT_FORMS . "`.`unique_name` FROM\n\t\t`" . WPSC_TABLE_CHECKOUT_FORMS . "` LEFT JOIN\n\t\t`" . WPSC_TABLE_SUBMITED_FORM_DATA . "` ON\n\t\t`" . WPSC_TABLE_CHECKOUT_FORMS . "`.id =\n\t\t`" . WPSC_TABLE_SUBMITED_FORM_DATA . "`.`form_id` WHERE\n\t\t`" . WPSC_TABLE_SUBMITED_FORM_DATA . "`.`log_id`=" . $purchase_log['id'] . " ORDER BY `" . WPSC_TABLE_CHECKOUT_FORMS . "`.`checkout_order`";
    $userinfo = $wpdb->get_results($usersql, ARRAY_A);
    foreach ((array) $userinfo as $key => $value) {
        if ($value['unique_name'] == 'billingfirstname' && $value['value'] != '') {
            $myorder1['FIRSTNAME'] = $value['value'];
        if ($value['unique_name'] == 'billinglastname' && $value['value'] != '') {
            $myorder1['LASTNAME'] = $value['value'];
        if ($value['unique_name'] == 'billingemail' && $value['value'] != '') {
            $myorder1['EMAIL'] = $value['value'];
        if ($value['unique_name'] == 'billingphone' && $value['value'] != '') {
            $myorder1['PHONENUM'] = $value['value'];
        if ($value['unique_name'] == 'billingaddress' && $value['value'] != '') {
            $myorder1['STREET'] = $value['value'];
        if ($value['unique_name'] == 'billingcity' && $value['value'] != '') {
            $myorder1['CITY'] = $value['value'];
        if ($value['unique_name'] == 'billingstate' && $value['value'] != '') {
            $sql = "SELECT `code` FROM `" . WPSC_TABLE_REGION_TAX . "` WHERE `id` ='" . $value['value'] . "' LIMIT 1";
            $myorder1['STATE'] = $wpdb->get_var($sql);
        } else {
            //	$data['STATE']='CA';
        if ($value['unique_name'] == 'billingcountry' && $value['value'] != '') {
            $value['value'] = maybe_unserialize($value['value']);
            if ($value['value'][0] == 'UK') {
                $myorder1['COUNTRYCODE'] = 'GB';
            } else {
                $myorder1['COUNTRYCODE'] = $value['value'][0];
            if (is_numeric($value['value'][1])) {
                $sql = "SELECT `code` FROM `" . WPSC_TABLE_REGION_TAX . "` WHERE `id` ='" . $value['value'][1] . "' LIMIT 1";
                $myorder1['STATE'] = $wpdb->get_var($sql);
        if ($value['unique_name'] == 'billingpostcode' && $value['value'] != '') {
            $myorder1['ZIP'] = $value['value'];
        if ($value['unique_name'] == 'shippingfirstname' && $value['value'] != '') {
            $myorder1['SHIPTONAME1'] = $value['value'];
        } else {
            //	$myorder1['SHIPTONAME1']	= '';
        if ($value['unique_name'] == 'shippinglastname' && $value['value'] != '') {
            $myorder1['SHIPTONAME2'] = $value['value'];
        } else {
            //	$myorder1['SHIPTONAME2']	= '';
        if ($value['unique_name'] == 'shippingaddress' && $value['value'] != '') {
            $myorder1['SHIPTOSTREET'] = $value['value'];
        if ($value['unique_name'] == 'shippingcity' && $value['value'] != '') {
            $myorder1['SHIPTOCITY'] = $value['value'];
        //$data['SHIPTOCITY'] = 'CA';
        if ($value['unique_name'] == 'shippingstate' && $value['value'] != '') {
            //	$data['SHIPTOSTATE'] = $value['value'];
            $sql = "SELECT `code` FROM `" . WPSC_TABLE_REGION_TAX . "` WHERE `id` ='" . $value['value'] . "' LIMIT 1";
            $myorder1['SHIPTOSTATE'] = $wpdb->get_var($sql);
        } else {
        if ($value['unique_name'] == 'shippingcountry' && $value['value'] != '') {
            $value['value'] = maybe_unserialize($value['value']);
            if (is_array($value['value'])) {
                if ($value['value'][0] == 'UK') {
                    $myorder1['SHIPTOCOUNTRY'] = 'GB';
                } else {
                    $myorder1['SHIPTOCOUNTRY'] = $value['value'][0];
                if (is_numeric($value['value'][1])) {
                    $sql = "SELECT `code` FROM `" . WPSC_TABLE_REGION_TAX . "` WHERE `id` ='" . $value['value'][1] . "' LIMIT 1";
                    $myorder1['SHIPTOSTATE'] = $wpdb->get_var($sql);
            } else {
                $myorder1['SHIPTOCOUNTRY'] = $value['value'];
        if ($value['unique_name'] == 'shippingpostcode' && $value['value'] != '') {
            $myorder1['SHIPTOZIP'] = $value['value'];
    //Here ends most of the changes implemented into linkpoint
    $store = get_option('linkpoint_store_number');
    $linkpoint = new lphp();
    $myorder["host"] = "";
    $myorder["port"] = "1129";
    $myorder["keyfile"] = WPSC_GOLD_FILE_PATH . "/merchants/linkpointpem/" . $store . ".pem";
    $myorder["configfile"] = $store;
    //if (get_option('linkpoint_test')=='0') {
    $myorder["ordertype"] = "SALE";
    $myorder["cardnumber"] = $_POST['card_number'];
    /* see note below ( submit_linkpoint() )on using the linkpoint test account this way
    	} else {
    		$myorder["result"] = "GOOD";
    		$myorder["cardnumber"] = "4111-1111-1111-1111";
    		$myorder["cardexpmonth"] = "01";
    		$myorder["cardexpyear"] = "11";
    		$myorder["cvmvalue"] = "111";
    $myorder["cardexpmonth"] = $_POST['ExpiryMonth'];
    $myorder["cardexpyear"] = $_POST['ExpiryYear'];
    $myorder["cvmvalue"] = $_POST['cvmvalue'];
    $myorder["name"] = $myorder1['FIRSTNAME'] . ' ' . $myorder1['LASTNAME'];
    //	$myorder["billingcompany"]  = $_POST["company"];
    $myorder["address"] = $myorder1['STREET'];
    //	$myorder["address2"] = ' ';//$_POST["address2"];
    $myorder["city"] = $myorder1['CITY'];
    $myorder["state"] = $myorder1['STATE'];
    $myorder["country"] = $myorder1['COUNTRYCODE'];
    $myorder["phone"] = $myorder1['PHONENUM'];
    $myorder["email"] = $myorder1['EMAIL'];
    //	$myorder["addrnum"]  = $_POST["addrnum"];
    $myorder["zip"] = $myorder1['ZIP'];
    $myorder["sname"] = $myorder1['SHIPTONAME1'] . ' ' . $myorder1['SHIPTONAME2'];
    $myorder["saddress1"] = $myorder1['SHIPTOSTREET'];
    $myorder["saddress2"] = ' ';
    $myorder["scity"] = $myorder1['SHIPTOCITY'];
    $myorder["sstate"] = $myorder1['SHIPTOSTATE'];
    $myorder["szip"] = $myorder1['SHIPTOZIP'];
    $myorder["scountry"] = $myorder1['SHIPTOCOUNTRY'];
    //	# ORDER INFO
    $myorder["chargetotal"] = $purchase_log['totalprice'];
    //	exit('<pre>'.print_r($myorder,true).'</pre>');
    $responce = $linkpoint->curl_process($myorder);
    //	exit('<pre>'.print_r($responce,true).'</pre>');
    if ($responce["r_approved"] != "APPROVED") {
        $message .= "<h3>" . __('Please Check the Payment Results', 'wpsc_gold_cart') . "</h3>";
        $message .= __('Your transaction was not successful.', 'wpsc_gold_cart') . "<br /><br />";
        $errors = wpsc_get_customer_meta('checkout_misc_error_messages');
        if (!is_array($errors)) {
            $errors[] = $message;
        wpsc_update_customer_meta('checkout_misc_error_messages', $errors);
    } else {
        $purchase_log = new WPSC_Purchase_Log($sessionid, 'sessionid');
        $purchase_log->set('processed', WPSC_Purchase_Log::ACCEPTED_PAYMENT);
        header("Location: " . $transact_url . $seperator . "sessionid=" . $sessionid);
        //transaction_results($sessionid, true);
Beispiel #20
    public function submit()
        $pxf = new PxFusion($this->options['username'], $this->options['password']);
        $returnUrl = $this->cart_data['transaction_results_url'];
        // Set some transaction details
        $pxf->set_txn_detail('txnType', 'Purchase');
        # required
        $pxf->set_txn_detail('currency', $this->cart_data['store_currency']);
        # required
        $pxf->set_txn_detail('returnUrl', $returnUrl);
        # required
        $pxf->set_txn_detail('amount', number_format($this->cart_data['total_price'], 2));
        # required
        $pxf->set_txn_detail('merchantReference', get_bloginfo('name'));
        // Some of the many optional settings that could be specified:
        $pxf->set_txn_detail('enableAddBillCard', 0);
        $pxf->set_txn_detail('txnRef', substr(uniqid() . rand(1000, 9999), 0, 16));
        # random 16 digit reference);
        // Make the request for a transaction id
        $response = $pxf->get_transaction_id();
        if (!$response->GetTransactionIdResult->success) {
            wp_die(__('Error! There was a problem getting a transaction id from DPS, please contact the server administrator.', 'wpsc_gold_cart'));
        // You should store these values in a database
        // ... they are needed to query the transaction's outcome
        // tran and seeion id seem to be the same
        $result = $response->GetTransactionIdResult;
        $transaction_id = $result->transactionId;
        $PXsession_id = trim($result->sessionId);
        $errorMsg = "";
        //get the credit card info from POST, will like to do better verafication in a future version
        if (isset($_POST['CardNumber']) && strlen($_POST['CardNumber']) > 0) {
            $CardNumber = $_POST['CardNumber'];
        } else {
            $errorMsg .= __('Credit Card Number Required', 'wpsc_gold_cart') . '<br/>';
        if (isset($_POST['ExpiryMonth']) && strlen($_POST['ExpiryMonth']) > 0) {
            $ExpiryMonth = $_POST['ExpiryMonth'];
        } else {
            $errorMsg .= __('Credit Card Expiry Month Required', 'wpsc_gold_cart') . '<br/>';
        if (isset($_POST['ExpiryYear']) && strlen($_POST['ExpiryYear']) > 0) {
            $ExpiryYear = $_POST['ExpiryYear'];
        } else {
            $errorMsg .= __('Credit Card Expiry Year Required', 'wpsc_gold_cart') . '<br/>';
        if (isset($_POST['Cvc2']) && strlen($_POST['Cvc2']) > 0) {
            $Cvc2 = $_POST['Cvc2'];
        } else {
            $errorMsg .= __('Credit Card Cvc2 code Required', 'wpsc_gold_cart') . '<br/>';
        if (isset($_POST['CardHolderName']) && strlen($_POST['CardHolderName']) > 0) {
            $CardHolderName = $_POST['CardHolderName'];
        } else {
            $errorMsg .= __('Credit Card Name Required', 'wpsc_gold_cart') . '<br/>';
        if (strlen($errorMsg) > 0) {
            header('Location: ' . $this->cart_data['shopping_cart_url']);
        $this->set_transaction_details($transaction_id, 2);
        // ok Im going to save the PX fusion session id in the Auth Code field, then check for this in the
        // wpsc_transaction_theme() function
        global $wpdb;
        $purchase_log = new WPSC_Purchase_Log($this->purchase_id);
        $purchase_log->set('authcode', $PXsession_id);
        $html = '
        <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" ""><html lang="en"><head><title></title></head><body>
        <div STYLE="display:none;">
        	<form id="px_form" enctype="multipart/form-data" action="" method="post">
				<input type="hidden" name="SessionId" value="' . $PXsession_id . '" />
				<input type="hidden" name="Action" value="Add" />
				<input type="hidden" name="Object" value="DpsPxPay" />
				<input name="CardNumber" value="' . $CardNumber . '"  />
				<input name="ExpiryMonth" value="' . $ExpiryMonth . '"  />
				<input  name="ExpiryYear" value="' . $ExpiryYear . '"  />
				<input  name="Cvc2" value="' . $Cvc2 . '"  />
				<input  name="CardHolderName" value="' . $CardHolderName . '" />
				<script language="javascript" type="text/javascript">document.getElementById(\'px_form\').submit();</script>

        echo $html;