function pre_confirmation_check()
{
if (MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local') {
include 'includes/classes/cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['psigate_cc_number'], $_POST['psigate_cc_expires_month'], $_POST['psigate_cc_expires_year']);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&psigate_cc_owner=' . urlencode($_POST['psigate_cc_owner']) . '&psigate_cc_expires_month=' . $_POST['psigate_cc_expires_month'] . '&psigate_cc_expires_year=' . $_POST['psigate_cc_expires_year'];
tep_redirect(tep_href_link('checkout_payment.php', $payment_error_return, 'SSL', true, false));
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
} else {
return false;
}
}
function pre_confirmation_check()
{
global $HTTP_POST_VARS;
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($HTTP_POST_VARS['ipayment_cc_number'], $HTTP_POST_VARS['ipayment_cc_expires_month'], $HTTP_POST_VARS['ipayment_cc_expires_year']);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&ipayment_cc_owner=' . urlencode($HTTP_POST_VARS['ipayment_cc_owner']) . '&ipayment_cc_expires_month=' . $HTTP_POST_VARS['ipayment_cc_expires_month'] . '&ipayment_cc_expires_year=' . $HTTP_POST_VARS['ipayment_cc_expires_year'] . '&ipayment_cc_checkcode=' . $HTTP_POST_VARS['ipayment_cc_checkcode'];
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false));
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
}
public function pre_confirmation_check()
{
global $messageStack;
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['checkoutapipayment_cc_number'], $_POST['checkoutapipayment_cc_expires_month'], $_POST['checkoutapipayment_cc_expires_year']);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
$messageStack->add_session('checkout_payment', $error . '<!-- [' . $this->code . '] -->', 'error');
zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false));
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
}
function pre_confirmation_check()
{
include_once DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['pm_2checkout_cc_number'], $_POST['pm_2checkout_cc_expires_month'], $_POST['pm_2checkout_cc_expires_year']);
$error = EMPTY_STRING;
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
if (USE_AJAX) {
ajax_error($error);
} else {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&pm_2checkout_cc_owner_firstname=' . urlencode($_POST['pm_2checkout_cc_owner_firstname']) . '&pm_2checkout_cc_owner_lastname=' . urlencode($_POST['pm_2checkout_cc_owner_lastname']) . '&pm_2checkout_cc_expires_month=' . $_POST['pm_2checkout_cc_expires_month'] . '&pm_2checkout_cc_expires_year=' . $_POST['pm_2checkout_cc_expires_year'];
olc_redirect(olc_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, SSL, true, false));
}
}
}
function verifyPayment(&$pPaymentParameters, &$pOrder)
{
global $_POST;
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['authorizenet_aim_cc_number'], $_POST['authorizenet_aim_cc_expires_month'], $_POST['authorizenet_aim_cc_expires_year'], $_POST['authorizenet_aim_cc_cvv']);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&authorizenet_aim_cc_owner=' . urlencode($_POST['authorizenet_aim_cc_owner']) . '&authorizenet_aim_cc_expires_month=' . $_POST['authorizenet_aim_cc_expires_month'] . '&authorizenet_aim_cc_expires_year=' . $_POST['authorizenet_aim_cc_expires_year'];
zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false));
}
$this->cc_type = $cc_validation->cc_type;
$this->cc_number = $cc_validation->cc_number;
$this->cc_expires_month = $cc_validation->cc_expires_month;
$this->cc_expires_year = $cc_validation->cc_expires_year;
}
function pre_confirmation_check()
{
global $db, $messageStack;
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['linkpoint_api_cc_number'], $_POST['linkpoint_api_cc_expires_month'], $_POST['linkpoint_api_cc_expires_year']);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
// save record of errors which occur during checkout_payment validation phase but haven't been sent to gateway yet
if ($result == false || $result < 1) {
$payment_error_return = 'payment_error=' . $this->code;
$error_info2 = '&error=' . urlencode($error) . '&linkpoint_api_cc_owner=' . urlencode($_POST['linkpoint_api_cc_owner']) . '&linkpoint_api_cc_expires_month=' . $_POST['linkpoint_api_cc_expires_month'] . '&linkpoint_api_cc_expires_year=' . $_POST['linkpoint_api_cc_expires_year'];
$messageStack->add_session('checkout_payment', $error . '<!-- [' . $this->code . '] -->', 'error');
if (MODULE_PAYMENT_LINKPOINT_API_STORE_DATA == 'True') {
$cc_type = $cc_validation->cc_type;
$cc_number_clean = $cc_validation->cc_number;
$cc_expiry_month = $_POST['linkpoint_api_cc_expires_month'];
$cc_expiry_year = $_POST['linkpoint_api_cc_expires_year'];
$error_returned = $payment_error_return . $error_info2;
$cc_number = strlen($cc_number_clean) > 8 ? substr($cc_number_clean, 0, 4) . str_repeat('X', strlen($cc_number_clean) - 8) . substr($cc_number_clean, -4) : substr($cc_number_clean, 0, 3) . '**short**';
while (strstr($error_returned, '%3A')) {
$error_returned = str_replace('%3A', ' ', $error_returned);
}
while (strstr($error_returned, '%2C')) {
$error_returned = str_replace('%2C', ' ', $error_returned);
}
while (strstr($error_returned, '+')) {
$error_returned = str_replace('+', ' ', $error_returned);
}
$error_returned = str_replace('&', ' &', $error_returned);
$cust_info = $error_returned;
$message = addslashes($message);
$cust_info = addslashes($cust_info);
$all_response_info = addslashes($all_response_info);
// Store Transaction history in Database
$sql_data_array = array(array('fieldName' => 'lp_trans_num', 'value' => '', 'type' => 'string'), array('fieldName' => 'order_id', 'value' => 0, 'type' => 'integer'), array('fieldName' => 'approval_code', 'value' => 'N/A', 'type' => 'string'), array('fieldName' => 'transaction_response_time', 'value' => 'N/A', 'type' => 'string'), array('fieldName' => 'r_error', 'value' => '**CC Info Failed Validation during pre-processing**', 'type' => 'string'), array('fieldName' => 'customer_id', 'value' => $_SESSION['customer_id'], 'type' => 'integer'), array('fieldName' => 'avs_response', 'value' => '', 'type' => 'string'), array('fieldName' => 'transaction_result', 'value' => '*CUSTOMER ERROR*', 'type' => 'string'), array('fieldName' => 'message', 'value' => $message . ' -- ' . $all_response_info, 'type' => 'string'), array('fieldName' => 'transaction_time', 'value' => time(), 'type' => 'string'), array('fieldName' => 'transaction_reference_number', 'value' => '', 'type' => 'string'), array('fieldName' => 'fraud_score', 'value' => 0, 'type' => 'integer'), array('fieldName' => 'cc_number', 'value' => $cc_number, 'type' => 'string'), array('fieldName' => 'cust_info', 'value' => $cust_info, 'type' => 'string'), array('fieldName' => 'chargetotal', 'value' => 0, 'type' => 'string'), array('fieldName' => 'cc_expire', 'value' => $cc_month . '/' . $cc_year, 'type' => 'string'), array('fieldName' => 'ordertype', 'value' => 'N/A', 'type' => 'string'), array('fieldName' => 'date_added', 'value' => 'now()', 'type' => 'noquotestring'));
$db->perform(TABLE_LINKPOINT_API, $sql_data_array);
}
zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false));
}
// if no error, continue with validated data:
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
}
function pre_confirmation_check() {
global $_POST, $cvv;
if ((MODULE_PAYMENT_PLUGNPAY_PAYMETHOD == 'onlinecheck') && ($_POST['plugnpay_paytype'] != 'credit_card')) {
$this->plugnpay_paytype = $_POST['plugnpay_paytype'];
$this->echeck_accttype = $_POST['plugnpay_echeck_accttype'];
$this->echeck_accountnum = $_POST['plugnpay_echeck_accountnum'];
$this->echeck_routingnum = $_POST['plugnpay_echeck_routingnum'];
$this->echeck_checknum = $_POST['plugnpay_echeck_checknum'];
}
else {
# Note: section assumes the payment method is credit card
include(dirname(__FILE__).'/../classes/cc_validation.php');
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['plugnpay_cc_number'], $_POST['plugnpay_cc_expires_month'], $_POST['plugnpay_cc_expires_year'], $_POST['cvv'], $_POST['credit_card_type']);
$error = '';
echo $result;
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case -5:
$error = TEXT_CCVAL_ERROR_CARD_TYPE_MISMATCH;
break;
case -6;
$error = TEXT_CCVAL_ERROR_CVV_LENGTH;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ( ($result == false) || ($result < 1) ) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&authorizenet_cc_owner=' . urlencode($_POST['authorizenet_cc_owner']) . '&authorizenet_cc_expires_month=' . $_POST['authorizenet_cc_expires_month'] . '&authorizenet_cc_expires_year=' . $_POST['authorizenet_cc_expires_year'];
$payment_error_return .= '&amount=' . $_POST['amount'].'&item_name=' . $_POST['item_name'].'&item_number=' . $_POST['item_number'];
$payment_error_return .= '&item_id='.$_POST['item_id'].'&item_type='.$_POST['item_type'];
tep_redirect(tep_href_link("checkout_payment.php", $payment_error_return, 'SSL', true, false));
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
$card_cvv = $_POST['cvv'];
}
}
function pre_confirmation_check() {
global $aLang;
include 'includes/classes/class_cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['ipayment_cc_number'], $_POST['ipayment_cc_expires_month'], $_POST['ipayment_cc_expires_year']);
$error = '';
switch ($result) {
case -1:
$error = sprintf($aLang['text_ccval_error_unknown_card'], substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = $aLang['text_ccval_error_invalid_date'];
break;
case false:
$error = $aLang['text_ccval_error_invalid_number'];
break;
}
if ( ($result == false) || ($result < 1) ) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&ipayment_cc_owner=' . urlencode($_POST['ipayment_cc_owner']) . '&ipayment_cc_expires_month=' . $_POST['ipayment_cc_expires_month'] . '&ipayment_cc_expires_year=' . $_POST['ipayment_cc_expires_year'] . '&ipayment_cc_checkcode=' . $_POST['ipayment_cc_checkcode'];
$aPages = oos_get_pages();
MyOOS_CoreApi::redirect(oos_href_link($aPages['checkout_payment'], $payment_error_return, 'SSL', true, false));
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
}
function pre_confirmation_check()
{
global $_POST, $paypal_ec_token, $paypal_ec_payer_id, $paypal_ec_payer_info;
//If this is an EC checkout, do nuttin'
if ($this->is_paypal_process()) {
return false;
} else {
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['paypalwpp_cc_number'], $_POST['paypalwpp_cc_expires_month'], $_POST['paypalwpp_cc_expires_year']);
$error = EMPTY_STRING;
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
$_POST['paypalwpp_cc_checkcode'] = preg_replace('/[^0-9]/i', EMPTY_STRING, $_POST['paypalwpp_cc_checkcode']);
if ($result == false || $result < 1) {
$this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_CARD_ERROR . '<br/><br/>' . $error, false, FILENAME_CHECKOUT_PAYMENT);
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
$this->cc_checkcode = $_POST['paypalwpp_cc_checkcode'];
}
}
/**
* Performs required validation to check and ensure that the
* submitted form information appears correct before performming the
* transaction through the confirmation screen.
*
* Uses the cc_validation.php class to check the CC Number, expiry date
* and redirects an $error string containing the Friendly Error Message
* to the Checkout Payment screen
*/
function pre_confirmation_check()
{
global $HTTP_POST_VARS;
require_once DIR_WS_CLASSES . 'cc_validation.php';
$error = '';
// Perform validation through the cc_validation class
$ccValidation = new cc_validation();
$result = $ccValidation->validate($HTTP_POST_VARS['exalt_cc_number'], $HTTP_POST_VARS['exalt_cc_expires_month'], $HTTP_POST_VARS['exalt_cc_expires_year']);
// Validate the result
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($ccValidation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
// Redirect the user if the card data was deemed invalid
if ($result === false || $result < 1) {
// Build the return URL
$paymentErrorReturn = 'payment_error=' . $this->code;
$paymentErrorReturn .= '&error_message=' . urlencode($error);
$paymentErrorReturn .= '&exalt_cc_owner=' . urlencode($HTTP_POST_VARS['exalt_cc_owner']);
$paymentErrorReturn .= '&exalt_cc_expires_month=' . $HTTP_POST_VARS['exalt_cc_expires_month'];
$paymentErrorReturn .= '&exalt_cc_expires_year=' . $HTTP_POST_VARS['exalt_cc_expires_year'];
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $paymentErrorReturn, 'SSL', true, false));
}
// Treat the CC details to ensure they are ready to be sent to a payment gateway
$this->cc_card_owner = $HTTP_POST_VARS['exalt_cc_owner'];
$this->cc_card_type = $ccValidation->cc_type;
$this->cc_card_number = $ccValidation->cc_number;
$this->cc_expiry_month = $ccValidation->cc_expiry_month;
$this->cc_expiry_year = $ccValidation->cc_expiry_year;
$this->cc_cvv = $HTTP_POST_VARS['exalt_cc_cvv'];
}
/**
* Prepare and submit the final authorization to PayPal via the appropriate means as configured
*/
function before_process()
{
global $order, $doPayPal, $messageStack;
$options = array();
$optionsShip = array();
$optionsNVP = array();
$options = $this->getLineItemDetails($this->selectCurrency($order->info['currency']));
//$this->zcLog('before_process - 1', 'Have line-item details:' . "\n" . print_r($options, true));
// Initializing DESC field: using for comments related to tax-included pricing, populated by getLineItemDetails()
$options['DESC'] = '';
$doPayPal = $this->paypal_init();
/****************************************
* Do DP checkout
****************************************/
$this->zcLog('before_process - DP-1', 'Beginning DP mode');
// Set state fields depending on what PayPal wants to see for that country
$this->setStateAndCountry($order->billing);
if (zen_not_null($order->delivery['street_address'])) {
$this->setStateAndCountry($order->delivery);
}
// Validate credit card data
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$response = $cc_validation->validate($_POST['wpp_cc_number'], $_POST['wpp_cc_expdate_month'], $_POST['wpp_cc_expdate_year'], $_POST['wpp_cc_issuedate_month'], $_POST['wpp_cc_issuedate_year']);
$error = '';
switch ($response) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($response === false || $response < 1) {
$this->zcLog('before_process - DP-2', 'CC validation results: ' . $error . '(' . $response . ')');
$messageStack->add_session('checkout_payment', $error . '<!-- [' . $this->code . '] -->' . '<!-- result: ' . $response . ' -->', 'error');
zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false));
}
if (!in_array($cc_validation->cc_type, array('Visa', 'MasterCard', 'Switch', 'Solo', 'Discover', 'American Express', 'Maestro'))) {
// $this->zcLog('before_process - DP-3', 'CC info: ' . $cc_validation->cc_type . ' ' . substr($cc_validation->cc_number, 0, 4) . str_repeat('X', (strlen($cc_validation->cc_number) - 8)) . substr($cc_validation->cc_number, -4) . ' ' . $error);
$messageStack->add_session('checkout_payment', MODULE_PAYMENT_PAYPALDP_TEXT_BAD_CARD . '<!-- [' . $this->code . ' ' . $cc_validation->cc_type . '] -->', 'error');
zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false));
}
// if CC validation passed, continue using the validated data
$cc_type = $cc_validation->cc_type;
$cc_number = $cc_validation->cc_number;
$cc_first_name = $_POST['wpp_payer_firstname'] != '' ? $_POST['wpp_payer_firstname'] : $_SESSION['customer_first_name'];
$cc_last_name = $_POST['wpp_payer_lastname'] != '' ? $_POST['wpp_payer_lastname'] : $_SESSION['customer_last_name'];
$cc_checkcode = $_POST['wpp_cc_checkcode'];
$cc_expdate_month = $cc_validation->cc_expiry_month;
$cc_expdate_year = $cc_validation->cc_expiry_year;
$cc_issuedate_month = $_POST['wpp_cc_issuedate_month'];
$cc_issuedate_year = $_POST['wpp_cc_issuedate_year'];
$cc_issuenumber = $_POST['wpp_cc_issuenumber'];
$cc_owner_ip = current(explode(':', str_replace(',', ':', zen_get_ip_address())));
// If they're still here, set some of the order object's variables.
$order->info['cc_type'] = $cc_type;
$order->info['cc_number'] = substr($cc_number, 0, 4) . str_repeat('X', strlen($cc_number) - 8) . substr($cc_number, -4);
$order->info['cc_owner'] = $cc_first_name . ' ' . $cc_last_name;
$order->info['cc_expires'] = '';
//$cc_expdate_month . substr($cc_expdate_year, -2);
$order->info['ip_address'] = $cc_owner_ip;
// Set currency
$my_currency = $this->selectCurrency($order->info['currency'], 'DP');
// if CC is switch or solo, must be GBP
if (in_array($cc_type, array('Switch', 'Solo', 'Maestro'))) {
$my_currency = 'GBP';
}
// $order->info['total'] = zen_round($order->info['total'], 2);
$order_amount = $this->calc_order_amount($order->info['total'], $my_currency);
$display_order_amount = $this->calc_order_amount($order->info['total'], $my_currency, TRUE);
// 3D-Secure
if (MODULE_PAYMENT_PAYPALDP_MERCHANT_COUNTRY == 'UK') {
// determine the card type and validate that authentication was attempted and completed if applicable
if ($_SESSION['3Dsecure_requires_lookup'] || $this->requiresLookup($_POST['wpp_cc_number']) == true) {
// authentication attempt required?
// validate an acceptable lookup result
if (isset($_SESSION['3Dsecure_enroll_lookup_attempted']) == false || strcasecmp($_SESSION['3Dsecure_enroll_lookup_attempted'], 'Y') != 0) {
// lookup never attempted for required card, so need to redirect to payment-selection page
$reason = 'Customer arrived on the order process page without attempting authentication lookup.';
$error = MODULE_PAYMENT_PAYPALDP_CANNOT_BE_COMPLETED;
$messageStack->add_session('checkout_payment', $error . '<!-- [' . $this->code . '] -->' . '<!-- result: ' . $reason . ' -->', 'error');
$errorText = $reason . "\n\nProblem occurred while customer " . $_SESSION['customer_id'] . ' ' . $_SESSION['customer_first_name'] . ' ' . $_SESSION['customer_last_name'] . ' was attempting checkout with 3D-Secure authentication.';
$errorText .= $this->code;
zen_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, MODULE_PAYMENT_PAYPALDP_TEXT_EMAIL_ERROR_SUBJECT, $errorText, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => nl2br($errorText)), 'paymentalert');
zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false));
}
// if enrolled, validate an acceptable authentication result
if (strcasecmp('Y', $_SESSION['3Dsecure_enrolled']) == 0) {
if (isset($_SESSION['3Dsecure_authentication_attempted']) == false || strcasecmp($_SESSION['3Dsecure_authentication_attempted'], 'Y') != 0) {
$reason = 'Customer arrived on the order process page without completing required authentication.';
$error = MODULE_PAYMENT_PAYPALDP_CANNOT_BE_COMPLETED;
$messageStack->add_session('checkout_payment', $error . '<!-- [' . $this->code . '] -->' . '<!-- result: ' . $reason . ' -->', 'error');
$errorText = $reason . "\n\nProblem occurred while customer " . $_SESSION['customer_id'] . ' ' . $_SESSION['customer_first_name'] . ' ' . $_SESSION['customer_last_name'] . ' was attempting checkout with 3D-Secure authentication.';
$errorText .= $this->code;
zen_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, MODULE_PAYMENT_PAYPALDP_TEXT_EMAIL_ERROR_SUBJECT, $errorText, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => nl2br($errorText)), 'paymentalert');
// remove the lookup/auth attempted status
unset($_SESSION['3Dsecure_enroll_lookup_attempted']);
unset($_SESSION['3Dsecure_authentication_attempted']);
// authentication result was not acceptable, redirect
zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false));
}
}
}
if ($cc_type != 'Solo') {
// PayPal doesn't support 3d-secure on Solo cards
if (isset($_SESSION['3Dsecure_enrolled'])) {
$options['MPIVENDOR3DS'] = $_SESSION['3Dsecure_enrolled'];
}
if ($_SESSION['3Dsecure_auth_eci'] != '') {
$options['ECI'] = $_SESSION['3Dsecure_auth_eci'];
}
if (isset($_SESSION['3Dsecure_auth_xid']) and strlen($_SESSION['3Dsecure_auth_xid']) > 0) {
$options['XID'] = $_SESSION['3Dsecure_auth_xid'];
$options['CAVV'] = $_SESSION['3Dsecure_auth_cavv'];
$options['AUTHSTATUS3DS'] = $_SESSION['3Dsecure_auth_status'];
}
}
}
///////////////////////////
// Initialize the paypal caller object.
$doPayPal = $this->paypal_init();
$optionsAll = array_merge($options, array('STREET' => $order->billing['street_address'], 'ZIP' => $order->billing['postcode'], 'CITY' => $order->billing['city'], 'STATE' => $order->billing['state'], 'STREET2' => $order->billing['suburb'], 'COUNTRYCODE' => $order->billing['country']['iso_code_2'], 'EXPDATE' => $cc_expdate_month . $cc_expdate_year, 'EMAIL' => $order->customer['email_address'], 'PHONENUM' => $order->customer['telephone']));
$optionsShip = array();
if (isset($order->delivery) && $order->delivery['street_address'] != '') {
$optionsShip = array('SHIPTONAME' => $order->delivery['name'] == '' ? $order->delivery['firstname'] . ' ' . $order->delivery['lastname'] : $order->delivery['name'], 'SHIPTOSTREET' => $order->delivery['street_address'], 'SHIPTOSTREET2' => $order->delivery['suburb'], 'SHIPTOCITY' => $order->delivery['city'], 'SHIPTOZIP' => $order->delivery['postcode'], 'SHIPTOSTATE' => $order->delivery['state'], 'SHIPTOCOUNTRYCODE' => $order->delivery['country']['iso_code_2']);
}
// if these optional parameters are blank, remove them from transaction
if (isset($optionsShip['SHIPTOSTREET2']) && trim($optionsShip['SHIPTOSTREET2']) == '') {
unset($optionsShip['SHIPTOSTREET2']);
}
if ($optionsAll['STREET2'] == '') {
unset($optionsAll['STREET2']);
}
if (isset($optionsShip['SHIPTOPHONE']) && trim($optionsShip['SHIPTOPHONE']) == '') {
unset($optionsShip['SHIPTOPHONE']);
}
// if State is not supplied, repeat the city so that it's not blank, otherwise PayPal croaks
if ((!isset($optionsShip['SHIPTOSTATE']) || trim($optionsShip['SHIPTOSTATE']) == '') && isset($optionsShip['SHIPTOCITY'])) {
$optionsShip['SHIPTOSTATE'] = $optionsShip['SHIPTOCITY'];
}
// Payment Transaction/Authorization Mode
$optionsNVP['PAYMENTACTION'] = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Sale';
if (MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only') {
$this->order_status = $this->order_pending_status;
}
// if (in_array($cc_type, array('Switch', 'Solo'))) {
// $optionsNVP['PAYMENTACTION'] = 'Authorization';
// }
$optionsAll['BUTTONSOURCE'] = $this->buttonSource;
$optionsAll['CURRENCY'] = $my_currency;
if (strlen($cc_owner_ip) > 7) {
$optionsAll['IPADDRESS'] = $cc_owner_ip;
}
if ($cc_issuedate_month && $cc_issuedate_year) {
$optionsAll['CARDSTART'] = $cc_issuedate_month . substr($cc_issuedate_year, -2);
}
if (isset($_POST['wpp_cc_issuenumber'])) {
$optionsAll['CARDISSUE'] = $_POST['wpp_cc_issuenumber'];
}
// Add note to track that this was an API WPP transaction:
$optionsAll['CUSTOM'] = 'DP-' . (int) $_SESSION['customer_id'] . '-' . time();
// send the store name as transaction identifier, to help distinguish payments between multiple stores:
$optionsAll['INVNUM'] = (int) $_SESSION['customer_id'] . '-' . time() . '-[' . substr(preg_replace('/[^a-zA-Z0-9_]/', '', STORE_NAME), 0, 30) . ']';
// (cannot send actual invoice number because it's not assigned until after payment is completed)
if (MODULE_PAYMENT_PAYPALDP_MERCHANT_COUNTRY == 'UK' || MODULE_PAYMENT_PAYPALWPP_PFVENDOR != '' && MODULE_PAYMENT_PAYPALWPP_PFPASSWORD != '') {
// Payflow params required
if (isset($optionsAll['COUNTRYCODE'])) {
$optionsAll['COUNTRY'] = $optionsAll['COUNTRYCODE'];
unset($optionsAll['COUNTRYCODE']);
}
if (isset($optionsShip['SHIPTOCOUNTRYCODE'])) {
$optionsShip['SHIPTOCOUNTRY'] = $optionsShip['SHIPTOCOUNTRYCODE'];
unset($optionsShip['SHIPTOCOUNTRYCODE']);
}
if (isset($optionsShip['SHIPTOSTREET2'])) {
unset($optionsShip['SHIPTOSTREET2']);
}
if (isset($optionsAll['STREET2'])) {
unset($optionsAll['STREET2']);
}
}
if (isset($optionsAll['DESC']) && $optionsAll['DESC'] == '') {
unset($optionsAll['DESC']);
}
$this->zcLog('before_process - DP-4', 'options: ' . print_r(array_merge($optionsAll, $optionsNVP, $optionsShip), true) . "\n" . 'Rest of data: ' . "\n" . number_format($order_amount, 2) . ' ' . $cc_expdate_month . ' ' . substr($cc_expdate_year, -2) . ' ' . $cc_first_name . ' ' . $cc_last_name . ' ' . $cc_type);
if (!isset($optionsAll['AMT'])) {
$optionsAll['AMT'] = number_format($order_amount, 2, '.', '');
}
$response = $doPayPal->DoDirectPayment($cc_number, $cc_checkcode, $cc_expdate_month . substr($cc_expdate_year, -2), $cc_first_name, $cc_last_name, $cc_type, $optionsAll, array_merge($optionsNVP, $optionsShip));
$this->zcLog('before_process - DP-5', 'resultset:' . "\n" . urldecode(print_r($response, true)));
// CHECK RESPONSE
$error = $this->_errorHandler($response, 'DoDirectPayment');
if ($this->fmfResponse != '') {
$this->order_status = $this->order_pending_status;
}
$this->feeamt = '';
$this->taxamt = '';
$this->pendingreason = '';
$this->reasoncode = '';
$this->numitems = sizeof($order->products);
$this->responsedata = $response;
if ($response['PNREF']) {
// PNREF only comes from payflow mode
$this->payment_type = MODULE_PAYMENT_PAYPALDP_PF_TEXT_TYPE;
$this->transaction_id = $response['PNREF'];
$this->payment_status = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Completed';
$this->avs = 'AVSADDR: ' . $response['AVSADDR'] . ', AVSZIP: ' . $response['AVSZIP'] . ', IAVS: ' . $response['IAVS'];
$this->cvv2 = $response['CVV2MATCH'];
$this->amt = $display_order_amount . ' ' . $my_currency;
$this->payment_time = date('Y-m-d h:i:s');
$this->responsedata['CURRENCYCODE'] = $my_currency;
$this->responsedata['EXCHANGERATE'] = $order->info['currency_value'];
$this->auth_code = $this->response['AUTHCODE'];
} else {
// here we're in NVP mode
$this->transaction_id = $response['TRANSACTIONID'];
$this->payment_type = MODULE_PAYMENT_PAYPALDP_DP_TEXT_TYPE;
$this->payment_status = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Completed';
$this->pendingreason = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'authorization' : '';
$this->avs = $response['AVSCODE'];
$this->cvv2 = $response['CVV2MATCH'];
$this->correlationid = $response['CORRELATIONID'];
$this->payment_time = urldecode($response['TIMESTAMP']);
$this->amt = urldecode($response['AMT'] . ' ' . $response['CURRENCYCODE']);
$this->auth_code = isset($this->response['AUTHCODE']) ? $this->response['AUTHCODE'] : $this->response['TOKEN'];
$this->transactiontype = 'cart';
}
}
function pre_confirmation_check()
{
global $aLang;
if (MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local') {
include 'includes/classes/class_cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['psigate_cc_number'], $_POST['psigate_cc_expires_month'], $_POST['psigate_cc_expires_year']);
$error = '';
switch ($result) {
case -1:
$error = sprintf($aLang['text_ccval_error_unknown_card'], substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = $aLang['text_ccval_error_invalid_date'];
break;
case false:
$error = $aLang['text_ccval_error_invalid_number'];
break;
}
if ($result == false || $result < 1) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&psigate_cc_owner=' . urlencode($_POST['psigate_cc_owner']) . '&psigate_cc_expires_month=' . $_POST['psigate_cc_expires_month'] . '&psigate_cc_expires_year=' . $_POST['psigate_cc_expires_year'];
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], $payment_error_return, 'SSL', true, false));
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
} else {
return false;
}
}
function pre_confirmation_check()
{
global $HTTP_POST_VARS, $paypal_ec_token, $paypal_ec_payer_id, $paypal_ec_payer_info;
//If this is an EC checkout, do nuttin'
if (tep_session_is_registered('paypal_ec_token') && tep_session_is_registered('paypal_ec_payer_id') && tep_session_is_registered('paypal_ec_payer_info')) {
return false;
} else {
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$ed = $this->get_exp_date($HTTP_POST_VARS['wpp_cc_expdate']);
$result = $cc_validation->validate($HTTP_POST_VARS['wpp_cc_number'], (int) $ed[0], strlen($ed[1]) > 2 ? substr($ed[1], -2) : $ed[1]);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
$HTTP_POST_VARS['wpp_cc_checkcode'] = preg_replace('/[^0-9]/i', '', $HTTP_POST_VARS['wpp_cc_checkcode']);
if ($result == false || $result < 1) {
$this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_CARD_ERROR . '<br><br>' . $error, false, FILENAME_CHECKOUT_SHIPPING);
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
$this->cc_checkcode = $HTTP_POST_VARS['wpp_cc_checkcode'];
}
}
function pre_confirmation_check()
{
global $_POST;
include '../lib/epayment/classes/cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['authorizenet_cc_number'], $_POST['authorizenet_cc_expires_month'], $_POST['authorizenet_cc_expires_year']);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&authorizenet_cc_owner=' . urlencode($_POST['authorizenet_cc_owner']) . '&authorizenet_cc_expires_month=' . $_POST['authorizenet_cc_expires_month'] . '&authorizenet_cc_expires_year=' . $_POST['authorizenet_cc_expires_year'];
tep_redirect(tep_href_link("checkout_payment.php", $payment_error_return, 'SSL', true, false));
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
}
function pre_confirmation_check()
{
include_once DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['cc_number'], $_POST['cc_expires_month'], $_POST['cc_expires_year']);
$error = EMPTY_STRING;
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case -5:
$error = sprintf(TEXT_CCVAL_ERROR_NOT_ACCEPTED, substr($cc_validation->cc_type, 0, 10), substr($cc_validation->cc_type, 0, 10));
break;
case -6:
$error = TEXT_CCVAL_ERROR_SHORT;
break;
case -7:
$error = TEXT_CCVAL_ERROR_BLACKLIST;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
if (USE_AJAX) {
ajax_error($error);
} else {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&cc_owner=' . urlencode($_POST['cc_owner']) . '&cc_expires_month=' . $_POST['cc_expires_month'] . '&cc_expires_year=' . $_POST['cc_expires_year'];
olc_redirect(olc_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, SSL, true, false));
}
}
if (strtolower(USE_CC_CVV) != TRUE_STRING_S) {
$this->cc_cvv = '000';
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
}
function before_process()
{
global $order;
$cc_number = preg_replace('/[^0-9]/', '', $_POST['paypal_payflow_pro_number']);
$cc_expires_month = preg_replace('/[^0-9]/', '', $_POST['paypal_payflow_pro_expires_month']);
$cc_expires_year = preg_replace('/[^0-9]/', '', $_POST['paypal_payflow_pro_expires_year']);
$cc_cvv2 = preg_replace('/[^0-9]/', '', $_POST['paypal_payflow_pro_cvv2']);
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($cc_number, $cc_expires_month, $cc_expires_year);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode(stripslashes($error));
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false));
}
$this->cc_type = $cc_validation->cc_type;
$this->cc_number = $cc_validation->cc_number;
$this->cc_expires_month = $cc_expires_month;
$this->cc_expires_year = $cc_expires_year;
$this->cc_cvv2 = $cc_cvv2;
$billing_state = '';
$delivery_state = '';
if ($order->billing['zone_id'] > 0) {
$zone_query = tep_db_query("SELECT zone_code \n FROM " . TABLE_ZONES . " \n WHERE zone_id = " . (int) $order->billing['zone_id'] . " \n LIMIT 1");
$zone = tep_db_fetch_array($zone_query);
$billing_state = $zone['zone_code'];
} elseif (!is_null($order->billing['state'])) {
$zone_query = tep_db_query("SELECT zone_code \n FROM " . TABLE_ZONES . " \n WHERE zone_name = '" . $order->billing['state'] . "' \n AND zone_country_id = " . (int) $order->billing['country']['id'] . " \n LIMIT 1");
if (tep_db_num_rows($zone_query) > 0) {
$zone = tep_db_fetch_array($zone_query);
$billing_state = $zone['zone_code'];
}
}
if ($order->delivery['zone_id'] > 0) {
$zone_query = tep_db_query("SELECT zone_code \n FROM " . TABLE_ZONES . " \n WHERE zone_id = " . (int) $order->delivery['zone_id'] . " \n LIMIT 1");
$zone = tep_db_fetch_array($zone_query);
$delivery_state = $zone['zone_code'];
} elseif (!is_null($order->delivery['state'])) {
$zone_query = tep_db_query("SELECT zone_code \n FROM " . TABLE_ZONES . " \n WHERE zone_name = '" . $order->delivery['state'] . "' \n AND zone_country_id = " . (int) $order->delivery['country']['id'] . " \n LIMIT 1");
if (tep_db_num_rows($zone_query) > 0) {
$zone = tep_db_fetch_array($zone_query);
$delivery_state = $zone['zone_code'];
}
}
$paypal_query_array = array('USER' => MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_USER, 'VENDOR' => MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_VENDOR, 'PARTNER' => MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_PARTNER, 'PWD' => MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_PASSWORD, 'TENDER' => 'C', 'TRXTYPE' => 'S', 'ACCT' => $this->cc_number, 'CVV2' => $this->cc_cvv2, 'EXPDATE' => $this->cc_expires_month . $this->cc_expires_year, 'FREIGHTAMT' => round($order->info['shipping_cost'], 2), 'TAXAMT' => round($order->info['tax'], 2), 'AMT' => round($order->info['total'], 2), 'CURRENCY' => $_SESSION['currency'], 'FIRSTNAME' => $order->billing['firstname'], 'LASTNAME' => $order->billing['lastname'], 'STREET' => $order->billing['street_address'], 'CITY' => $order->billing['city'], 'STATE' => $billing_state, 'ZIP' => $order->billing['postcode'], 'COUNTRY' => $order->billing['country']['iso_code_3'], 'SHIPTOFIRSTNAME' => $order->delivery['firstname'], 'SHIPTOLASTNAME' => $order->delivery['lastname'], 'SHIPTOSTREET' => $order->delivery['street_address'], 'SHIPTOCITY' => $order->delivery['city'], 'SHIPTOSTATE' => $delivery_state, 'SHIPTOZIP' => $order->delivery['postcode'], 'COUNTRY' => $order->delivery['country']['iso_code_3'], 'EMAIL' => $order->customer['email_address'], 'CUSTIP' => $_SERVER['REMOTE_ADDR'], 'COMMENT1' => '', 'INVNUM' => '', 'ORDERDESC' => '', 'VERBOSITY' => 'MEDIUM');
foreach ($paypal_query_array as $key => $value) {
$paypal_query[] = $key . '[' . strlen($value) . ']=' . $value;
}
$paypal_query = implode('&', $paypal_query);
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$headers[] = "Content-Type: text/namevalue";
$headers[] = "Content-Length : " . strlen($paypal_query);
$headers[] = "X-VPS-Timeout: 45";
$headers[] = "X-VPS-Request-ID:" . $unique_id;
if (MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_SERVER == 'Live') {
$submit_url = "https://payflowpro.paypal.com";
} else {
$submit_url = "https://pilot-payflowpro.paypal.com";
}
$ch = curl_init();
if (trim(MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_PROXY) != '') {
curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt($ch, CURLOPT_PROXY, MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_PROXY);
}
curl_setopt($ch, CURLOPT_URL, $submit_url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 90);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_POSTFIELDS, $paypal_query);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, TRUE);
curl_setopt($ch, CURLOPT_POST, 1);
$i = 1;
while ($i++ <= 3) {
$result = curl_exec($ch);
$headers = curl_getinfo($ch);
if ($headers['http_code'] != 200) {
sleep(5);
} else {
if ($headers['http_code'] == 200) {
break;
}
}
}
if ($headers['http_code'] != 200) {
curl_close($ch);
$payment_error_return = 'error_message=' . $this->code . '&error=' . urlencode(stripslashes(MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_TEXT_ERROR_BAD_RESPONSE));
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false));
exit;
}
curl_close($ch);
$result = strstr($result, "RESULT");
$proArray = array();
while (strlen($result)) {
$keypos = strpos($result, '=');
$keyval = substr($result, 0, $keypos);
$valuepos = strpos($result, '&') ? strpos($result, '&') : strlen($result);
$valval = substr($result, $keypos + 1, $valuepos - $keypos - 1);
$proArray[$keyval] = $valval;
$result = substr($result, $valuepos + 1, strlen($result));
}
$result_code = $proArray['RESULT'];
$error_message = '';
if ($result_code != 0 && defined('MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_TEXT_ERROR_' . $result_code)) {
$error_message = constant('MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_TEXT_ERROR_' . $result_code);
if (isset($proArray['AVSADDR']) && $proArray['AVSADDR'] != "Y") {
$error_message .= " " . MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_TEXT_ERROR_AVSADDR;
}
if (isset($proArray['AVSZIP']) && $proArray['AVSZIP'] != "Y") {
$error_message .= " " . MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_TEXT_ERROR_AVSZIP;
}
if (isset($proArray['CVV2MATCH']) && $proArray['CVV2MATCH'] != "Y") {
$error_message .= " " . MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_TEXT_ERROR_CVV2MATCH;
}
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urldecode($error_message);
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false));
exit;
}
$order->info['cc_type'] = $this->cc_type;
$order->info['cc_owner'] = $order->billing['firstname'] . ' ' . $order->billing['lastname'];
$order->info['cc_number'] = $this->cc_number;
$order->info['cc_expires'] = $this->cc_expires_month . substr($this->cc_expires_year, 2, 2);
}
function pre_confirmation_check()
{
global $_REQUEST;
// We don't confirm if CreLoaded is not collecting the CC#
if (!$this->quantum_gets_cc) {
$error = '';
if (trim($_REQUEST['quantumqgwdbe_cc_number']) == '') {
$error = MODULE_PAYMENT_QUANTUMQGWDBE_TEXT_MISSING_CC_NUMBER;
} else {
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_REQUEST['quantumqgwdbe_cc_number'], $_REQUEST['quantumqgwdbe_cc_expires_month'], $_REQUEST['quantumqgwdbe_cc_expires_year']);
switch ((int) $result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
}
if ($error != '') {
// For compatability with security modules that scrub most punctuation characters from the
// query string, use a $_SESSION var instead of a query string parameter to pass the error
// message to the next page.
$payment_error_return = 'payment_error=' . $this->code . '&quantumqgwdbe_cc_owner=' . urlencode($_REQUEST['quantumqgwdbe_cc_owner']) . '&quantumqgwdbe_cc_expires_month=' . urlencode($_REQUEST['quantumqgwdbe_cc_expires_month']) . '&quantumqgwdbe_cc_expires_year=' . urlencode($_REQUEST['quantumqgwdbe_cc_expires_year']);
tep_session_register($this->code . '_payment_error');
$GLOBALS[$this->code . '_payment_error'] = $error;
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false));
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
$x_Card_Code = $_REQUEST['quantumqgwdbe_cvv'];
}
}
function pre_confirmation_check() {
global $aLang;
include 'includes/classes/class_cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['cc_number'], $_POST['cc_expires_month'], $_POST['cc_expires_year'], $_POST['cc_start_month'], $_POST['cc_start_year'], $_POST['cc_cvv'], $_POST['cc_issue']);
$error = '';
switch ($result) {
case -1 :
$error = sprintf($aLang['text_ccval_error_unknown_card'], substr($cc_validation->cc_number, 0, 4));
break ;
case -2 :
case -3 :
case -4 :
$error = $aLang['text_ccval_error_invalid_date'];
break;
case -5 :
$cards = '';
if (MODULE_PAYMENT_CC_ACCEPT_VISA == '1')
$cards .= ' Visa,';
if (MODULE_PAYMENT_CC_ACCEPT_MASTERCARD == '1')
$cards .= ' Master Card,';
if (MODULE_PAYMENT_CC_ACCEPT_AMERICANEXPRESS == '1')
$cards .= ' American Express,';
if (MODULE_PAYMENT_CC_ACCEPT_DINERSCLUB == '1')
$cards .= ' Diners Club,';
if (MODULE_PAYMENT_CC_ACCEPT_DISCOVERNOVUS == '1')
$cards .= ' Discover,';
if (MODULE_PAYMENT_CC_ACCEPT_JCB == '1')
$cards .= ' JCB,';
if (MODULE_PAYMENT_CC_ACCEPT_OZBANKCARD == '1')
$cards .= ' Australian BankCard,';
$error = sprintf($aLang['text_card_not_aczepted'], $cc_validation->cc_type).$cards;
break;
case false:
$error = $aLang['text_ccval_error_invalid_number'];
break;
}
if ( ($result == false) || ($result < 1) ) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&cc_owner=' . urlencode($_POST['cc_owner']) . '&cc_expires_month=' . $_POST['cc_expires_month'] . '&cc_expires_year=' . $_POST['cc_expires_year'];
$aPages = oos_get_pages();
MyOOS_CoreApi::redirect(oos_href_link($aPages['checkout_payment'], $payment_error_return, 'SSL', true, false));
}
if (USE_CC_CVV != '1') {
$this->cc_cvv = '000';
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
}
function before_process()
{
global $order, $order_totals, $currencies;
require_once DIR_FS_CATALOG . DIR_WS_CLASSES . 'cc_validation.php';
////////////////////////////////////////////////////////////////////////////
/////// Process Common Order Information /////////
////////////////////////////////////////////////////////////////////////////
$this->trans_type = 'CHARGE';
if (count($order_totals) < 1) {
$this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_BUG_1629);
}
//Get order_total values
$order_total = array();
foreach ($order_totals as $ot) {
$order_total[$ot['code']] += $ot['value'];
}
$order_info = array();
//If the merchant has a different currency selected for this module
//than they do as a default for the store, all prices will be converted
$currency_value = $currencies->get_value($this->wpp_get_currency());
if ($currency_value <= 0) {
$currency_value = 1;
}
$order_info['PAYPAL_ORDER_TOTAL'] = number_format($order_total['ot_total'] * $currency_value, 2, '.', '');
$this->total_amount = $order_info['PAYPAL_ORDER_TOTAL'];
$order_info['PAYPAL_ORDER_DESCRIPTION'] = 'Order placed on ' . date("F j, Y, g:i a") . ' by ' . $order->customer['firstname'] . ' ' . $order->customer['lastname'] . ' (ID: ' . $_SESSION['customer_id'] . ')';
$order_info['PAYPAL_CUSTOM'] = 'Phone: ' . $order->customer['telephone'] . ' -- Email: ' . $order->customer['email_address'];
//The shipping total must be under $10,000. I've removed the check that would
//set the shipping total at $10,000 if it was over, but that didn't make any sense
//as the totals would be off, causing other errors. Just don't ship anything that'll cost more than $10k
$order_info['PAYPAL_SHIPPING_TOTAL'] = round($order_total['ot_shipping'] * $currency_value, 2);
$order_info['PAYPAL_HANDLING_TOTAL'] = '';
if (DISPLAY_PRICE_WITH_TAX == 'true') {
$order_info['PAYPAL_TAX_TOTAL'] = '';
} else {
$order_info['PAYPAL_TAX_TOTAL'] = round($order_total['ot_tax'] * $currency_value, 2);
}
$order_total_check = $order_info['PAYPAL_ORDER_TOTAL'] - $order_info['PAYPAL_SHIPPING_TOTAL'] - $order_info['PAYPAL_HANDLING_TOTAL'];
if (!(DISPLAY_PRICE_WITH_TAX == 'true')) {
$order_total_check -= $order_info['PAYPAL_TAX_TOTAL'];
}
$pdi = $this->wpp_generate_PDI($order_total_check);
$order_info['PAYPAL_ITEM_TOTAL'] = $pdi[0];
$order_info['PAYMENT_DETAILS_ITEM'] = $pdi[1];
/*
* Kludge to avoid error if person is purchasing a product with no price
* but still getting charged shipping.
*/
if ($order_info['PAYPAL_ITEM_TOTAL'] <= 0 && $order_total['ot_shipping'] > 0) {
$order_info['PAYMENT_DETAILS_ITEM'] .= $this->wpp_add_PDI(array('name' => 'Shipping', 'currency' => $this->wpp_get_currency(), 'amount' => $order_info['PAYPAL_SHIPPING_TOTAL'], 'model' => '', 'qty' => '1'));
$order_info['PAYPAL_ITEM_TOTAL'] += $order_info['PAYPAL_SHIPPING_TOTAL'];
$order_info['PAYPAL_SHIPPING_TOTAL'] = 0;
}
if (strpos($order->content_type, 'virtual') === false) {
$order_info['PAYPAL_SHIPPING_NAME'] = trim($order->delivery['firstname'] . ' ' . $order->delivery['lastname']);
$order_info['PAYPAL_SHIPPING_ADDRESS1'] = $order->delivery['street_address'];
$order_info['PAYPAL_SHIPPING_ADDRESS2'] = $order->delivery['suburb'];
$order_info['PAYPAL_SHIPPING_CITY'] = $order->delivery['city'];
$order_info['PAYPAL_SHIPPING_STATE'] = $this->wpp_fix_state_for_paypal($order->delivery['country']['iso_code_2'], $order->delivery['state']);
$order_info['PAYPAL_SHIPPING_ZIP'] = $order->delivery['postcode'];
$order_info['PAYPAL_SHIPPING_COUNTRY'] = $order->delivery['country']['iso_code_2'];
} else {
$order_info['PAYPAL_SHIPPING_NAME'] = trim($order->billing['firstname'] . ' ' . $order->billing['lastname']);
$order_info['PAYPAL_SHIPPING_ADDRESS1'] = $order->billing['street_address'];
$order_info['PAYPAL_SHIPPING_ADDRESS2'] = $order->billing['suburb'];
$order_info['PAYPAL_SHIPPING_CITY'] = $order->billing['city'];
$order_info['PAYPAL_SHIPPING_STATE'] = $this->wpp_fix_state_for_paypal($order->billing['country']['iso_code_2'], $order->billing['state']);
$order_info['PAYPAL_SHIPPING_ZIP'] = $order->billing['postcode'];
$order_info['PAYPAL_SHIPPING_COUNTRY'] = $order->billing['country']['iso_code_2'];
}
$order_info['PAYPAL_NOTIFY_URL'] = '';
//MODULE_PAYMENT_PAYPAL_EC_IPN_URL;
$order_info['PAYPAL_INVOICE_ID'] = '';
////////////////////////////////////////////////////////////////////////////
/////// Express Checkout Processing Portion /////////
////////////////////////////////////////////////////////////////////////////
if (tep_session_is_registered('paypal_ec_token') && tep_session_is_registered('paypal_ec_payer_id') && tep_session_is_registered('paypal_ec_payer_info')) {
/*
* The reason for this kludge is because of a conflict where the store owner
* wants to use the address from the store, but a customer is checking out without logging in.
* We don't know ahead of time if the user is an existing user or new user, so the address_override
* variable doesn't get set because if they're a new customer, we need that address.
* The only effect of this is that the address in the paypal receipt email is different than the order
* email.
*/
if (MODULE_PAYMENT_PAYPAL_EC_ADDRESS_OVERRIDE == 'Store' && $order->shipping['street_address'] != $_SESSION['paypal_ec_payer_info']['ship_street_1']) {
$order_info['PAYPAL_SHIPPING_ADDRESS1'] = $_SESSION['paypal_ec_payer_info']['ship_street_1'];
$order_info['PAYPAL_SHIPPING_ADDRESS2'] = $_SESSION['paypal_ec_payer_info']['ship_street_2'];
$order_info['PAYPAL_SHIPPING_CITY'] = $_SESSION['paypal_ec_payer_info']['ship_city'];
$order_info['PAYPAL_SHIPPING_STATE'] = $_SESSION['paypal_ec_payer_info']['ship_state'];
$order_info['PAYPAL_SHIPPING_ZIP'] = $_SESSION['paypal_ec_payer_info']['ship_postal_code'];
$order_info['PAYPAL_SHIPPING_COUNTRY'] = $_SESSION['paypal_ec_payer_info']['ship_country'];
}
$order_info['PAYPAL_TOKEN'] = $_SESSION['paypal_ec_token'];
$order_info['PAYPAL_PAYER_ID'] = $_SESSION['paypal_ec_payer_id'];
$response = $this->wpp_execute_transaction('doExpressCheckout', $order_info);
//Response processing
if (!is_array($response) || $response['DoExpressCheckoutPaymentResponse'][0]['Ack'] != 'Success' && $response['DoExpressCheckoutPaymentResponse'][0]['Ack'] != 'SuccessWithWarning') {
if ($this->enableDebugging == '1') {
//Send the store owner a complete dump of the transaction
$spacer = "---------------------------------------------------------------------\r\n";
$dp_dump_title = "-------------------------------EC_DUMP-------------------------------\r\n";
$dp_dump_title .= "------------This is the information that was sent to PayPal----------\r\n";
$final_req_title = "-------------------------------FINAL_REQ-----------------------------\r\n";
$final_req_title .= "-------------------This is the response from PayPal------------------\r\n";
$final_req_dump = print_r($response, true);
tep_mail(STORE_OWNER, $this->debug_email, 'PayPal Error Dump', "In function: before_process() - Express Checkout\r\n" . "Did first contact attempt return error? " . ($error_occurred ? "Yes" : "Nope") . " \r\n" . $spacer . $dp_dump_title . $spacer . $this->last_data . "\r\n\r\n", $spacer . $final_req_title . $spacer . $final_req_dump . "\r\n\r\n", STORE_OWNER, $this->debug_email);
}
if ($response['DoExpressCheckoutPaymentResponse'][0]['Errors'][0]['ErrorCode'] == '') {
$this->away_with_you(MODULE_PAYMENT_PAYPAL_EC_TEXT_DECLINED . 'No response from PayPal<br>No response was received from PayPal. Please contact the store owner for assistance.', true);
} else {
//Bug Fix #871 changed to not kill session vars on errors.
$this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_ERROR . $this->return_transaction_errors($response['DoExpressCheckoutPaymentResponse'][0]['Errors']), ONEPAGE_CHECKOUT_ENABLED != 'True');
}
} else {
$details = $response['DoExpressCheckoutPaymentResponse'][0]['DoExpressCheckoutPaymentResponseDetails'][0]['PaymentInfo'][0];
$this->transaction_log['payment_type'] = $details['PaymentType'];
$this->transaction_log['transaction_id'] = $details['TransactionID'];
$this->transaction_log['payment_status'] = $details['PaymentStatus'];
$this->transaction_log['avs'] = '';
$this->transaction_log['cvv2'] = '';
if ($details['PaymentStatus'] == 'Pending') {
$this->transaction_log['transaction_msgs'] = $details['PendingReason'];
$order->info['order_status'] = 1;
}
if (strtoupper($this->transaction_log['payment_status']) == 'PENDING') {
if (MODULE_PAYMENT_PAYPAL_DP_PENDING_ORDER_STATUS_ID > 0) {
$order->info['order_status'] = MODULE_PAYMENT_PAYPAL_DP_PENDING_ORDER_STATUS_ID;
}
} elseif (strtoupper($this->transaction_log['payment_status']) == 'COMPLETED') {
if (MODULE_PAYMENT_PAYPAL_DP_COMPLETED_ORDER_STATUS_ID > 0) {
$order->info['order_status'] = MODULE_PAYMENT_PAYPAL_DP_COMPLETED_ORDER_STATUS_ID;
}
}
}
////////////////////////////////////////////////////////////////////////////
/////// Direct Payment Processing Portion /////////
////////////////////////////////////////////////////////////////////////////
} else {
$cc_type = $_POST['paypalwpp_cc_type'];
$cc_number = preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_number']);
$cc_checkcode = preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_checkcode']);
$cc_first_name = $_POST['paypalwpp_cc_firstname'];
$cc_last_name = $_POST['paypalwpp_cc_lastname'];
$cc_owner_ip = $_SERVER['REMOTE_ADDR'];
$cc_expdate_month = preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_expires_month']);
$cc_expdate_year = preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_expires_year']);
$cc_validation = new cc_validation();
$result = $cc_validation->validate($cc_number, $cc_expdate_month, $cc_expdate_year);
$error = '';
if ($result === -1) {
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
} elseif ($result > -5 && $result < -1) {
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
} elseif ($result < 1) {
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
}
if ($error != '') {
$this->away_with_you($error, false, FILENAME_CHECKOUT_PAYMENT);
return false;
}
if (strlen($cc_expdate_year) < 4) {
$cc_expdate_year = '20' . $cc_expdate_year;
}
/*
* If the cc type sent in the post var isn't any one of the
* accepted cards, send them back to the payment page
* This error should never come up unless the visitor is
* playing with the post vars or they didn't get passed to
* checkout_confirmation.php
*/
if (!in_array($cc_type, array('Visa', 'MasterCard', 'Discover', 'Amex', 'Maestro', 'Solo'))) {
$this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_BAD_CARD, false, FILENAME_CHECKOUT_PAYMENT);
return false;
}
//If they're still here, and awake, set some of the order object's variables
//Storage of expiry date commented out for PCI DSS compliance
$order->info['cc_type'] = $cc_type;
$order->info['cc_number'] = str_repeat('X', strlen($cc_number) - 4) . substr($cc_number, -4);
$order->info['cc_owner'] = $cc_first_name . ' ' . $cc_last_name;
// $order->info['cc_expires'] = $cc_expdate_month . substr($cc_expdate_year, -2);
//These have to be set to empty values so that the placeholders in the XML will get replaced
$order_info['PAYPAL_CC_UK_DATA'] = '';
//Maestro/Solo specific fields
if (MODULE_PAYMENT_PAYPAL_DP_UK_ENABLED == 'Yes') {
$order_info['PAYPAL_CC_UK_DATA'] = '<StartMonth>' . substr(preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_start_month']), 0, 2) . '</StartMonth>';
$order_info['PAYPAL_CC_UK_DATA'] .= '<StartYear>' . substr(preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_start_year']), 0, 4) . '</StartYear>';
if ($_POST['paypalwpp_cc_issue_number'] != '') {
$order_info['PAYPAL_CC_UK_DATA'] .= '<IssueNumber>' . substr(preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_issue_number']), 0, 2) . '</IssueNumber>';
}
}
/* Begin optional, unused data fields */
$order_info['PAYPAL_BUTTON_SOURCE'] = '';
/* End optional, unused data fields */
//Billing information
$order_info['PAYPAL_FIRST_NAME'] = $cc_first_name;
$order_info['PAYPAL_LAST_NAME'] = $cc_last_name;
$order_info['PAYPAL_ADDRESS1'] = $order->billing['street_address'];
$order_info['PAYPAL_ADDRESS2'] = $order->billing['suburb'];
$order_info['PAYPAL_CITY'] = $order->billing['city'];
$order_info['PAYPAL_STATE'] = $this->wpp_fix_state_for_paypal($order->billing['country']['iso_code_2'], $order->billing['state']);
$order_info['PAYPAL_ZIP'] = $order->billing['postcode'];
$order_info['PAYPAL_COUNTRY'] = $order->billing['country']['iso_code_2'];
$order_info['PAYPAL_BUYER_EMAIL'] = $order->customer['email_address'];
//Credit card details
if ($cc_type == 'Maestro') {
$order_info['PAYPAL_CC_TYPE'] = 'Switch';
} else {
$order_info['PAYPAL_CC_TYPE'] = $cc_type;
}
$order_info['PAYPAL_CC_NUMBER'] = $cc_number;
$order_info['PAYPAL_CC_EXP_MONTH'] = $cc_expdate_month;
$order_info['PAYPAL_CC_EXP_YEAR'] = $cc_expdate_year;
$order_info['PAYPAL_CC_CVV2'] = $cc_checkcode;
$this->cardinal_centinel_before_process($order_info);
//Make the call and (hopefully) return an array of information
$final_req = $this->wpp_execute_transaction('doDirectPayment', $order_info);
//If the transaction wasn't a success, start the error checking
if (strpos($final_req['DoDirectPaymentResponse'][0]['Ack'], 'Success') === false) {
$error_occurred = false;
$ts_result = false;
//If an error or failure occurred, don't do a transaction check
//The transaction search is only for if we didn't receive a understandable response
//and don't want to charge the customer multiple times
if (strpos($final_req['DoDirectPaymentResponse'][0]['Ack'], 'Error') !== false || strpos($final_req['DoDirectPaymentResponse'][0]['Ack'], 'Failure') !== false) {
//If PayPal said to retry (code 10207), try again
if ($final_req['DoDirectPaymentResponse'][0]['Errors'][0]['ErrorCode'] == '10207' && $this->max_retries > 0) {
$this->max_retries--;
$this->before_process();
return false;
} else {
$error_occurred = true;
$error_log = $this->return_transaction_errors($final_req['DoDirectPaymentResponse'][0]['Errors']);
}
} elseif ($final_req['faultcode'] != '') {
//There was an error in our request syntax
//This should never occur in production
$error_occurred = true;
$error_log = $this->return_transaction_errors($final_req['faultstring']);
} else {
//Do a transaction search to make sure the connection didn't just timeout
//It searches by email of payer and amount. That should be accurate enough
$transaction_info = array();
//Set to one day ago to avoid any time zone issues. This does introduce a possible bug, but
//the chance of the same person having the exact same total and paypal non responding within one day is pretty unlikely
$transaction_info['PAYPAL_START_DATE'] = date('Y-m-d', mktime(0, 0, 0, date("m"), date("d") - 1, date("Y"))) . 'T00:00:00-0700';
$transaction_info['PAYPAL_PAYER'] = $order->customer['email_address'];
$transaction_info['PAYPAL_AMOUNT'] = number_format($order->info['total'], 2, '.', '');
$ts_req = $this->wpp_execute_transaction('transactionSearch', $transaction_info);
//If a matching transaction was found, tell us
if (is_array($ts_req['TransactionSearchResponse'][0]['PaymentTransactions'])) {
$ts_result = true;
} else {
$error_log = $this->return_transaction_errors($ts_req['TransactionSearchResponse'][0]['Errors']);
$ts_result = false;
}
}
if (!$error_occurred && $ts_result) {
$return_codes = array($ts_req['TransactionSearchResponse'][0]['TransactionID'], 'No AVS Code Returned', 'No CVV2 Code Returned');
} else {
if ($this->enableDebugging == '1') {
//Send the store owner a complete dump of the transaction
$spacer = "---------------------------------------------------------------------\r\n";
$dp_dump_title = "-------------------------------DP_DUMP-------------------------------\r\n";
$dp_dump_title .= "------------This is the information that was sent to PayPal----------\r\n";
$final_req_title = "-------------------------------FINAL_REQ-----------------------------\r\n";
$final_req_title .= "-------------------This is the response from PayPal------------------\r\n";
$final_req_dump = print_r($final_req, true);
//Remove sensitive information
$this->last_data = str_replace(MODULE_PAYMENT_PAYPAL_DP_API_USERNAME, str_repeat('X', strlen(MODULE_PAYMENT_PAYPAL_DP_API_USERNAME)), $this->last_data);
$this->last_data = str_replace(MODULE_PAYMENT_PAYPAL_DP_API_PASSWORD, str_repeat('X', strlen(MODULE_PAYMENT_PAYPAL_DP_API_PASSWORD)), $this->last_data);
$this->last_data = str_replace($order_info['PAYPAL_CC_NUMBER'], str_repeat('X', strlen($order_info['PAYPAL_CC_NUMBER'])), $this->last_data);
$this->last_data = str_replace($order_info['PAYPAL_CC_CVV2'], str_repeat('X', strlen($order_info['PAYPAL_CC_CVV2'])), $this->last_data);
$final_req_dump = str_replace(MODULE_PAYMENT_PAYPAL_DP_API_USERNAME, str_repeat('X', strlen(MODULE_PAYMENT_PAYPAL_DP_API_USERNAME)), $final_req_dump);
$final_req_dump = str_replace(MODULE_PAYMENT_PAYPAL_DP_API_PASSWORD, str_repeat('X', strlen(MODULE_PAYMENT_PAYPAL_DP_API_PASSWORD)), $final_req_dump);
$final_req_dump = str_replace($order_info['PAYPAL_CC_NUMBER'], str_repeat('X', strlen($order_info['PAYPAL_CC_NUMBER'])), $final_req_dump);
$final_req_dump = str_replace($order_info['PAYPAL_CC_CVV2'], str_repeat('X', strlen($order_info['PAYPAL_CC_CVV2'])), $final_req_dump);
$ts_req_title = "---------------------------------TS_REQ------------------------------\r\n";
$ts_req_title .= "--------Results of the transaction search if it was executed---------\r\n";
$ts_req_dump = print_r($ts_req, true);
//Remove sensitive information
$ts_req_dump = str_replace(MODULE_PAYMENT_PAYPAL_DP_API_USERNAME, str_repeat('X', strlen(MODULE_PAYMENT_PAYPAL_DP_API_USERNAME)), $ts_req_dump);
$ts_req_dump = str_replace(MODULE_PAYMENT_PAYPAL_DP_API_PASSWORD, str_repeat('X', strlen(MODULE_PAYMENT_PAYPAL_DP_API_PASSWORD)), $ts_req_dump);
$this->last_data = strtr($this->last_data, '<>', '[]');
tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'PayPal Error Dump', "In function: before_process() - Direct Payment\r\n" . "Did first contact attempt return error? " . ($error_occurred ? "Yes" : "Nope") . "\r\n" . $spacer . $dp_dump_title . $spacer . $this->last_data . $spacer . "\r\n\r\n" . $final_req_title . $spacer . $final_req_dump . "\r\n\r\n" . $spacer . $ts_req_title . $spacer . $ts_req_dump, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}
//If the return is empty
if (!tep_not_null($error_log)) {
$this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_DECLINED . 'No response from the payment processor<br>No response was received from the payment processor. Please contact the store owner for assistance.', false, FILENAME_CHECKOUT_PAYMENT);
} else {
$this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_DECLINED . $error_log, false, FILENAME_CHECKOUT_PAYMENT);
}
}
} else {
$return_codes = array($final_req['DoDirectPaymentResponse'][0]['TransactionID'], $final_req['DoDirectPaymentResponse'][0]['AVSCode'], $final_req['DoDirectPaymentResponse'][0]['CVV2Code']);
}
$this->transaction_log['transaction_id'] = $return_codes[0];
$this->transaction_log['payment_status'] = $details['PaymentStatus'];
$ret_avs = $return_codes[1];
$ret_cvv2 = $return_codes[2];
/*
* Get transaction status details from PayPal. Unlike Express Checkout,
* this requires another transaction to get the details. This is used
* for the Authorization/Capture mode of operation
* Addition by Glen Hoag (Steve Dallas)
*/
$transaction_info['PAYPAL_TRANSACTION_ID'] = $this->transaction_log['transaction_id'];
$response = $this->wpp_execute_transaction('getTransactionDetails', $transaction_info);
if (is_array($response)) {
$transaction_node = $response['GetTransactionDetailsResponse'][0]['PaymentTransactionDetails'][0]['PaymentInfo'][0];
$this->transaction_log['payment_status'] = $transaction_node['PaymentStatus'];
$this->transaction_log['payment_type'] = $transaction_node['PaymentType'];
if ($this->transaction_log['payment_status'] == 'Pending') {
$this->transaction_log['transaction_msgs'] = $transaction_node['PendingReason'];
$order->info['order_status'] = 1;
}
} else {
$this->transaction_log['payment_status'] == 'UNKNOWN';
$this->transaction_log['payment_type'] = 'UNKNOWN';
}
if (strtoupper($this->transaction_log['payment_status']) == 'PENDING' || strtoupper($this->transaction_log['payment_status']) == 'UNKNOWN') {
if (MODULE_PAYMENT_PAYPAL_DP_PENDING_ORDER_STATUS_ID > 0) {
$order->info['order_status'] = MODULE_PAYMENT_PAYPAL_DP_PENDING_ORDER_STATUS_ID;
}
} elseif (strtoupper($this->transaction_log['payment_status']) == 'COMPLETED') {
if (MODULE_PAYMENT_PAYPAL_DP_COMPLETED_ORDER_STATUS_ID > 0) {
$order->info['order_status'] = MODULE_PAYMENT_PAYPAL_DP_COMPLETED_ORDER_STATUS_ID;
}
}
switch ($ret_avs) {
case 'A':
$ret_avs_msg = 'Address Address only (no ZIP)';
break;
case 'B':
$ret_avs_msg = 'International “A” Address only (no ZIP)';
break;
case 'C':
$ret_avs_msg = 'International “N” None';
break;
case 'D':
$ret_avs_msg = 'International “X” Address and Postal Code';
break;
case 'E':
$ret_avs_msg = 'Not allowed for MOTO (Internet/Phone)';
break;
case 'F':
$ret_avs_msg = 'UK-specific “X” Address and Postal Code';
break;
case 'G':
$ret_avs_msg = 'Global Unavailable Not applicable';
break;
case 'I':
$ret_avs_msg = 'International Unavailable Not applicable';
break;
case 'N':
$ret_avs_msg = 'No None';
break;
case 'P':
$ret_avs_msg = 'Postal (International “Z”) Postal Code only (no Address)';
break;
case 'R':
$ret_avs_msg = 'Retry Not applicable';
break;
case 'S':
$ret_avs_msg = 'Service not Supported Not applicable';
break;
case 'U':
$ret_avs_msg = 'Unavailable Not applicable';
break;
case 'W':
$ret_avs_msg = 'Whole ZIP Nine-digit ZIP code (no Address)';
break;
case 'X':
$ret_avs_msg = 'Exact match Address and nine-digit ZIP code';
break;
case 'Y':
$ret_avs_msg = 'Yes Address and five-digit ZIP';
break;
case 'Z':
$ret_avs_msg = 'ZIP Five-digit ZIP code (no Address)';
break;
default:
$ret_avs_msg = 'Error';
}
switch ($ret_cvv2) {
case 'M':
$ret_cvv2_msg = 'Match CVV2';
break;
case 'N':
$ret_cvv2_msg = 'No match None';
break;
case 'P':
$ret_cvv2_msg = 'Not Processed Not applicable';
break;
case 'S':
$ret_cvv2_msg = 'Service not Supported Not applicable';
break;
case 'U':
$ret_cvv2_msg = 'Unavailable Not applicable';
break;
case 'X':
$ret_cvv2_msg = 'No response Not applicable';
break;
default:
$ret_cvv2_msg = 'Error';
break;
}
$this->transaction_log['avs'] = $ret_avs_msg;
$this->transaction_log['cvv2'] = $ret_cvv2_msg;
return true;
}
}
/**
* Evaluates the Credit Card Type for acceptance and the validity of the Credit Card Number & Expiration Date
*
*/
function pre_confirmation_check()
{
global $_POST, $messageStack;
// if the card number has the blanked out middle number fields, it has been processed, show message that
// the charges were not processed through the merchant gateway and continue posting payment.
if (strpos($_POST['paymentech_field_1'], '*') !== false) {
$messageStack->add(MODULE_PAYMENT_PAYMENTECH_NO_DUPS, 'caution');
return false;
}
include DIR_FS_MODULES . 'general/classes/cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['paymentech_field_1'], $_POST['paymentech_field_2'], $_POST['paymentech_field_3'], $_POST['paymentech_field_4']);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
$messageStack->add($error . '<!-- [' . $this->code . '] -->', 'error');
return true;
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_cvv2 = $_POST['paymentech_field_4'];
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
return false;
}
function before_process()
{
global $HTTP_POST_VARS, $order;
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($HTTP_POST_VARS['cc_number_nh-dns'], $HTTP_POST_VARS['cc_expires_month'], $HTTP_POST_VARS['cc_expires_year']);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&cc_owner=' . urlencode($HTTP_POST_VARS['cc_owner']) . '&cc_expires_month=' . $HTTP_POST_VARS['cc_expires_month'] . '&cc_expires_year=' . $HTTP_POST_VARS['cc_expires_year'];
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false));
}
$order->info['cc_owner'] = $HTTP_POST_VARS['cc_owner'];
$order->info['cc_type'] = $cc_validation->cc_type;
$order->info['cc_number'] = $HTTP_POST_VARS['cc_number_nh-dns'];
$order->info['cc_expires'] = $HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'];
if (defined('MODULE_PAYMENT_CC_EMAIL') && tep_validate_email(MODULE_PAYMENT_CC_EMAIL)) {
$len = strlen($HTTP_POST_VARS['cc_number_nh-dns']);
$this->cc_middle = substr($HTTP_POST_VARS['cc_number_nh-dns'], 4, $len - 8);
$order->info['cc_number'] = substr($HTTP_POST_VARS['cc_number_nh-dns'], 0, 4) . str_repeat('X', strlen($HTTP_POST_VARS['cc_number_nh-dns']) - 8) . substr($HTTP_POST_VARS['cc_number_nh-dns'], -4);
}
}
/**
* Prepare and submit the final authorization to PayPal via the appropriate means as configured
*/
function before_process()
{
global $order, $doPayPal, $messageStack;
$options = array();
$optionsShip = array();
$optionsNVP = array();
$options = $this->getLineItemDetails();
//$this->zcLog('before_process - 1', 'Have line-item details:' . "\n" . print_r($options, true));
$doPayPal = $this->paypal_init();
/****************************************
* Do DP checkout
****************************************/
$this->zcLog('before_process - DP-1', 'Beginning DP mode');
// Set state fields depending on what PayPal wants to see for that country
$this->setStateAndCountry($order->billing);
if (zen_not_null($order->delivery['street_address'])) {
$this->setStateAndCountry($order->delivery);
}
// Validate credit card data
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$response = $cc_validation->validate($_POST['wpp_cc_number'], $_POST['wpp_cc_expdate_month'], $_POST['wpp_cc_expdate_year'], $_POST['wpp_cc_issuedate_month'], $_POST['wpp_cc_issuedate_year']);
$error = '';
switch ($response) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($response === false || $response < 1) {
$this->zcLog('before_process - DP-2', 'CC validation results: ' . $error . '(' . $response . ')');
$messageStack->add_session('checkout_payment', $error . '<!-- [' . $this->code . '] -->' . '<!-- result: ' . $response . ' -->', 'error');
zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, $error, 'SSL', true, false));
$this->zcLog('before_process - DP-3', 'CC info: ' . $cc_validation->cc_type . ' ' . substr($cc_validation->cc_number, 0, 4) . str_repeat('X', strlen($cc_validation->cc_number) - 8) . substr($cc_validation->cc_number, -4) . ' ' . $error);
}
if (!in_array($cc_validation->cc_type, array('Visa', 'MasterCard', 'Switch', 'Solo', 'Discover', 'American Express', 'Maestro'))) {
$messageStack->add_session('checkout_payment', MODULE_PAYMENT_PAYPALDP_TEXT_BAD_CARD . '<!-- [' . $this->code . ' ' . $cc_validation->cc_type . '] -->', 'error');
zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, MODULE_PAYMENT_PAYPALDP_TEXT_BAD_CARD, 'SSL', true, false));
}
// if CC validation passed, continue using the validated data
$cc_type = $cc_validation->cc_type;
$cc_number = $cc_validation->cc_number;
$cc_first_name = $_POST['wpp_payer_firstname'];
$cc_last_name = $_POST['wpp_payer_lastname'];
$cc_checkcode = $_POST['wpp_cc_checkcode'];
$cc_expdate_month = $cc_validation->cc_expiry_month;
$cc_expdate_year = $cc_validation->cc_expiry_year;
$cc_issuedate_month = $_POST['wpp_cc_issuedate_month'];
$cc_issuedate_year = $_POST['wpp_cc_issuedate_year'];
$cc_issuenumber = $_POST['wpp_cc_issuenumber'];
$cc_owner_ip = zen_get_ip_address();
// If they're still here, set some of the order object's variables.
$order->info['cc_type'] = $cc_type;
$order->info['cc_number'] = substr($cc_number, 0, 4) . str_repeat('X', strlen($cc_number) - 8) . substr($cc_number, -4);
$order->info['cc_owner'] = $cc_first_name . ' ' . $cc_last_name;
$order->info['cc_expires'] = $cc_expdate_month . substr($cc_expdate_year, -2);
$order->info['ip_address'] = $cc_owner_ip;
// Set currency
$my_currency = $this->selectCurrency($order->info['currency'], 'DP');
/*
// if CC is switch or solo, must be GBP
if (in_array($cc_type, array('Switch', 'Solo', 'Maestro'))) {
$my_currency = 'GBP';
}
*/
$order_amount = $this->calc_order_amount($order->info['total'], $my_currency);
// Initialize the paypal caller object.
$doPayPal = $this->paypal_init();
$optionsAll = array_merge($options, array('STREET' => $order->billing['street_address'], 'ZIP' => $order->billing['postcode'], 'CITY' => $order->billing['city'], 'STATE' => $order->billing['state'], 'STREET2' => $order->billing['suburb'], 'COUNTRYCODE' => $order->billing['country']['iso_code_2'], 'EXPDATE' => $cc_expdate_month . $cc_expdate_year, 'EMAIL' => $order->customer['email_address'], 'PHONENUM' => $order->customer['telephone']));
$optionsShip = array();
if (isset($order->delivery) && $order->delivery['street_address'] != '') {
$optionsShip = array('SHIPTONAME' => $order->delivery['name'] == '' ? $order->delivery['firstname'] . ' ' . $order->delivery['lastname'] : $order->delivery['name'], 'SHIPTOSTREET' => $order->delivery['street_address'], 'SHIPTOSTREET2' => $order->delivery['suburb'], 'SHIPTOCITY' => $order->delivery['city'], 'SHIPTOZIP' => $order->delivery['postcode'], 'SHIPTOSTATE' => $order->delivery['state'], 'SHIPTOCOUNTRYCODE' => $order->delivery['country']['iso_code_2']);
}
// if State is not supplied, repeat the city so that it's not blank, otherwise PayPal croaks
if (!isset($optionsShip['SHIPTOSTATE']) || trim($optionsShip['SHIPTOSTATE']) == '') {
$optionsShip['SHIPTOSTATE'] = $optionsShip['SHIPTOCITY'];
}
if ($optionsAll['STREET2'] == '') {
unset($optionsAll['STREET2']);
}
if ($optionsShip['SHIPTOSTREET2'] == '') {
unset($optionsShip['SHIPTOSTREET2']);
}
// Payment Transaction/Authorization Mode
$optionsNVP['PAYMENTACTION'] = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Sale';
if (MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only') {
$this->order_status = MODULE_PAYMENT_PAYPALDP_ORDER_PENDING_STATUS_ID;
}
// if (in_array($cc_type, array('Switch', 'Solo'))) {
// $optionsNVP['PAYMENTACTION'] = 'Authorization';
// }
$optionsAll['BUTTONSOURCE'] = $this->buttonSource;
$optionsAll['CURRENCY'] = $my_currency;
$optionsAll['IPADDRESS'] = $cc_owner_ip;
if ($cc_issuedate_month && $cc_issuedate_year) {
$optionsAll['CARDSTART'] = $cc_issuedate_month . substr($cc_issuedate_year, -2);
}
if (isset($_POST['wpp_cc_issuenumber'])) {
$optionsAll['CARDISSUE'] = $_POST['wpp_cc_issuenumber'];
}
// unused at present:
// $options['CUSTOM'] = '';
// $options['INVNUM'] = '';
// $options['DESC'] = '';
if (substr(MODULE_PAYMENT_PAYPALDP_MODULE_MODE, 0, 7) == 'Payflow') {
if (isset($optionsAll['COUNTRYCODE'])) {
$optionsAll['COUNTRY'] = $optionsAll['COUNTRYCODE'];
unset($optionsAll['COUNTRYCODE']);
}
if (isset($optionsShip['SHIPTOCOUNTRYCODE'])) {
$optionsShip['SHIPTOCOUNTRY'] = $optionsShip['SHIPTOCOUNTRYCODE'];
unset($optionsShip['SHIPTOCOUNTRYCODE']);
}
if (isset($optionsShip['SHIPTOSTREET2'])) {
unset($optionsShip['SHIPTOSTREET2']);
}
if (isset($optionsAll['STREET2'])) {
unset($optionsAll['STREET2']);
}
}
$this->zcLog('before_process - DP-4', 'optionsAll: ' . print_r($optionsAll, true) . "\n" . 'optionsNVP: ' . print_r($optionsNVP, true) . "\n" . 'optionsShip' . print_r($optionsShip, true) . "\n" . 'Rest of data: ' . "\n" . number_format($order_amount, 2) . ' ' . $cc_expdate_month . ' ' . substr($cc_expdate_year, -2) . ' ' . $cc_first_name . ' ' . $cc_last_name . ' ' . $cc_type);
$response = $doPayPal->DoDirectPayment(number_format($order_amount, 2), $cc_number, $cc_checkcode, $cc_expdate_month . substr($cc_expdate_year, -2), $cc_first_name, $cc_last_name, $cc_type, $optionsAll, array_merge($optionsNVP, $optionsShip));
$this->zcLog('before_process - DP-5', 'resultset:' . "\n" . urldecode(print_r($response, true)));
// CHECK RESPONSE
$error = $this->_errorHandler($response, 'DoDirectPayment');
$this->feeamt = '';
$this->taxamt = '';
$this->pendingreason = '';
$this->reasoncode = '';
$this->numitems = sizeof($order->products);
$this->responsedata = $response;
if ($response['PNREF']) {
// PNREF only comes from payflow mode
$this->payment_type = MODULE_PAYMENT_PAYPALDP_PF_TEXT_TYPE;
$this->transaction_id = $response['PNREF'];
$this->payment_status = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Completed';
$this->avs = 'AVSADDR: ' . $response['AVSADDR'] . ', AVSZIP: ' . $response['AVSZIP'] . ', IAVS: ' . $response['IAVS'];
$this->cvv2 = $response['CVV2MATCH'];
$this->amt = $order_amount . ' ' . $my_currency;
$this->payment_time = date('Y-m-d h:i:s');
$this->responsedata['CURRENCYCODE'] = $my_currency;
$this->responsedata['EXCHANGERATE'] = $order->info['currency_value'];
$this->auth_code = $this->response['AUTHCODE'];
} else {
// here we're in NVP mode
$this->transaction_id = $response['TRANSACTIONID'];
$this->payment_type = MODULE_PAYMENT_PAYPALDP_DP_TEXT_TYPE;
$this->payment_status = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Completed';
$this->pendingreason = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'authorization' : '';
$this->avs = $response['AVSCODE'];
$this->cvv2 = $response['CVV2MATCH'];
$this->correlationid = $response['CORRELATIONID'];
$this->payment_time = urldecode($response['TIMESTAMP']);
$this->amt = urldecode($response['AMT'] . ' ' . $response['CURRENCYCODE']);
$this->auth_code = isset($this->response['AUTHCODE']) ? $this->response['AUTHCODE'] : $this->response['TOKEN'];
$this->transactiontype = 'cart';
}
}
function pre_confirmation_check()
{
global $messageStack;
if (isset($_POST['velocity_cc_number'])) {
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['velocity_cc_number'], $_POST['velocity_cc_expires_month'], $_POST['velocity_cc_expires_year']);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
tep_session_register('payment_error');
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . $error));
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
}
}
/**
* Prepare and submit the final authorization to PayPal via the appropriate means as configured
*/
function before_process()
{
global $order, $doPayPal;
$options = array();
$optionsShip = array();
$optionsNVP = array();
$options = $this->getLineItemDetails();
//$this->zcLog('before_process - 1', 'Have line-item details:' . "\n" . print_r($options, true));
$doPayPal = $this->paypal_init();
if ($this->in_special_checkout() || $this->enableDirectPayment == false) {
$this->zcLog('before_process - EC-1', 'Beginning EC mode');
/****************************************
* Do EC checkout
****************************************/
// do not allow blank address to be sent to PayPal
if ($_SESSION['paypal_ec_payer_info']['ship_street_1'] != '' && $_SESSION['paypal_ec_payer_info']['ship_address_status'] != 'None') {
$options = array_merge($options, array('SHIPTONAME' => $_SESSION['paypal_ec_payer_info']['ship_name'], 'SHIPTOSTREET' => $_SESSION['paypal_ec_payer_info']['ship_street_1'], 'SHIPTOSTREET2' => $_SESSION['paypal_ec_payer_info']['ship_street_2'], 'SHIPTOCITY' => $_SESSION['paypal_ec_payer_info']['ship_city'], 'SHIPTOSTATE' => $_SESSION['paypal_ec_payer_info']['ship_state'], 'SHIPTOZIP' => $_SESSION['paypal_ec_payer_info']['ship_postal_code'], 'SHIPTOCOUNTRYCODE' => $_SESSION['paypal_ec_payer_info']['ship_country_code']));
$this->zcLog('before_process - EC-2', 'address overrides added:' . "\n" . print_r($options, true));
}
$this->zcLog('before_process - EC-3', 'address info added:' . "\n" . print_r($options, true));
// If the customer has changed their shipping address,
// override the shipping address in PayPal with the shipping
// address that is selected in Zen Cart.
if ($order->delivery['street_address'] != $_SESSION['paypal_ec_payer_info']['ship_street_1'] && $_SESSION['paypal_ec_payer_info']['ship_street_1'] != '') {
$_GET['markflow'] = 2;
if (($address_arr = $this->getOverrideAddress()) !== false) {
// set the override var
$options['ADDROVERRIDE'] = 1;
// set the address info
$options['SHIPTONAME'] = $address_arr['entry_firstname'] . ' ' . $address_arr['entry_lastname'];
$options['SHIPTOSTREET'] = $address_arr['entry_street_address'];
if ($address_arr['entry_suburb'] != '') {
$options['SHIPTOSTREET2'] = $address_arr['entry_suburb'];
}
$options['SHIPTOCITY'] = $address_arr['entry_city'];
$options['SHIPTOZIP'] = $address_arr['entry_postcode'];
$options['SHIPTOSTATE'] = $address_arr['zone_code'];
$options['SHIPTOCOUNTRYCODE'] = $address_arr['countries_iso_code_2'];
}
}
// if these optional parameters are blank, remove them from transaction
if (isset($options['SHIPTOSTREET2']) && trim($options['SHIPTOSTREET2']) == '') {
unset($options['SHIPTOSTREET2']);
}
if (isset($options['SHIPTOPHONE']) && trim($options['SHIPTOPHONE']) == '') {
unset($options['SHIPTOPHONE']);
}
// if State is not supplied, repeat the city so that it's not blank, otherwise PayPal croaks
if ((!isset($options['SHIPTOSTATE']) || trim($options['SHIPTOSTATE']) == '') && $options['SHIPTOCITY'] != '') {
$options['SHIPTOSTATE'] = $options['SHIPTOCITY'];
}
$options['BUTTONSOURCE'] = $this->buttonSourceEC;
$options['CURRENCY'] = $this->selectCurrency($order->info['currency']);
$order_amount = $this->calc_order_amount($order->info['total'], $options['CURRENCY']);
// unused at present:
// $options['CUSTOM'] = '';
// $options['INVNUM'] = '';
// $options['DESC'] = '';
// debug output
$this->zcLog('before_process - EC-4', 'info being submitted:' . "\n" . $_SESSION['paypal_ec_token'] . ' ' . $_SESSION['paypal_ec_payer_id'] . ' ' . number_format($order_amount, 2) . "\n" . print_r($options, true));
$response = $doPayPal->DoExpressCheckoutPayment($_SESSION['paypal_ec_token'], $_SESSION['paypal_ec_payer_id'], number_format(isset($options['AMT']) ? $options['AMT'] : $order_amount, 2), $options);
$this->zcLog('before_process - EC-5', 'resultset:' . "\n" . urldecode(print_r($response, true)));
// CHECK RESPONSE -- if error, actions are taken in the errorHandler
$error = $this->_errorHandler($response, 'DoExpressCheckoutPayment');
// SUCCESS
$this->payment_type = MODULE_PAYMENT_PAYPALWPP_EC_TEXT_TYPE;
$this->responsedata = $response;
if ($response['PAYMENTTYPE'] != '') {
$this->payment_type .= ' (' . urldecode($response['PAYMENTTYPE']) . ')';
}
$this->transaction_id = trim($response['PNREF'] . ' ' . $response['TRANSACTIONID']);
if (empty($response['PENDINGREASON']) || $response['PENDINGREASON'] == 'none' || $response['PENDINGREASON'] == 'completed' || $response['PAYMENTSTATUS'] == 'Completed') {
$this->payment_status = 'Completed';
if ($this->order_status > 0) {
$order->info['order_status'] = $this->order_status;
}
} else {
$this->payment_status = 'Pending (' . $response['PENDINGREASON'] . ')';
$order->info['order_status'] = $this->order_pending_status;
}
$this->avs = 'N/A';
$this->cvv2 = 'N/A';
$this->correlationid = $response['CORRELATIONID'];
$this->transactiontype = $response['TRANSACTIONTYPE'];
$this->payment_time = urldecode($response['ORDERTIME']);
$this->feeamt = urldecode($response['FEEAMT']);
$this->taxamt = urldecode($response['TAXAMT']);
$this->pendingreason = $response['PENDINGREASON'];
$this->reasoncode = $response['REASONCODE'];
// $this->numitems = $_SESSION['cart']->count_contents();
$this->numitems = sizeof($order->products);
$this->amt = urldecode($response['AMT'] . ' ' . $response['CURRENCYCODE']);
$this->auth_code = isset($this->response['AUTHCODE']) ? $this->response['AUTHCODE'] : $this->response['TOKEN'];
} else {
/****************************************
* Do DP checkout
****************************************/
$this->zcLog('before_process - DP-1', 'Beginning DP mode');
// Set state fields depending on what PayPal wants to see for that country
$this->setStateAndCountry($order->billing);
if (zen_not_null($order->delivery['street_address'])) {
$this->setStateAndCountry($order->delivery);
}
// Validate credit card data
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$response = $cc_validation->validate($_POST['ec_cc_number'], $_POST['ec_cc_expdate_month'], $_POST['ec_cc_expdate_year'], $_POST['ec_cc_issuedate_month'], $_POST['ec_cc_issuedate_year']);
$error = '';
switch ($response) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
$this->zcLog('before_process - DP-2', 'CC validation results: ' . $error . '(' . $response . ')');
if ($response == false || $response < 1) {
$this->terminateEC($error, false, FILENAME_CHECKOUT_PAYMENT);
}
if (!in_array($cc_validation->cc_type, array('Visa', 'MasterCard', 'Switch', 'Solo', 'Discover', 'American Express', 'Maestro'))) {
$this->terminateEC(MODULE_PAYMENT_PAYPALWPP_TEXT_BAD_CARD, false, FILENAME_CHECKOUT_PAYMENT);
}
$this->zcLog('before_process - DP-3', 'CC info: ' . $cc_validation->cc_type . ' ' . substr($cc_validation->cc_number, 0, 4) . str_repeat('X', strlen($cc_validation->cc_number) - 8) . substr($cc_validation->cc_number, -4));
// if CC validation passed, continue using the validated data
$cc_type = $cc_validation->cc_type;
$cc_number = $cc_validation->cc_number;
$cc_first_name = $_POST['ec_payer_firstname'];
$cc_last_name = $_POST['ec_payer_lastname'];
$cc_checkcode = $_POST['ec_cc_checkcode'];
$cc_expdate_month = $cc_validation->cc_expiry_month;
$cc_expdate_year = $cc_validation->cc_expiry_year;
$cc_issuedate_month = $_POST['ec_cc_issuedate_month'];
$cc_issuedate_year = $_POST['ec_cc_issuedate_year'];
$cc_owner_ip = zen_get_ip_address();
// If they're still here, set some of the order object's variables.
$order->info['cc_type'] = $cc_type;
$order->info['cc_number'] = substr($cc_number, 0, 4) . str_repeat('X', strlen($cc_number) - 8) . substr($cc_number, -4);
$order->info['cc_owner'] = $cc_first_name . ' ' . $cc_last_name;
$order->info['cc_expires'] = $cc_expdate_month . substr($cc_expdate_year, -2);
$order->info['ip_address'] = $cc_owner_ip;
// Set currency
$my_currency = $this->selectCurrency($order->info['currency'], 'DP');
/*
// if CC is switch or solo, must be GBP
if (in_array($cc_type, array('Switch', 'Solo', 'Maestro'))) {
$my_currency = 'GBP';
}
*/
$order_amount = $this->calc_order_amount($order->info['total'], $my_currency);
// Initialize the paypal caller object.
$doPayPal = $this->paypal_init();
$optionsAll = array_merge($options, array('STREET' => $order->billing['street_address'], 'ZIP' => $order->billing['postcode']));
$optionsNVP = array('CITY' => $order->billing['city'], 'STATE' => $order->billing['state'], 'COUNTRYCODE' => $order->billing['country']['iso_code_2'], 'EXPDATE' => $cc_expdate_month . $cc_expdate_year);
$optionsShip = array();
if (isset($order->delivery) && $order->delivery['street_address'] != '') {
$optionsShip = array('SHIPTONAME' => $order->delivery['name'] == '' ? $order->delivery['firstname'] . ' ' . $order->delivery['lastname'] : $order->delivery['name'], 'SHIPTOSTREET' => $order->delivery['street_address'], 'SHIPTOSTREET2' => $order->delivery['suburb'], 'SHIPTOCITY' => $order->delivery['city'], 'SHIPTOZIP' => $order->delivery['postcode'], 'SHIPTOSTATE' => $order->delivery['state'], 'SHIPTOCOUNTRYCODE' => $order->delivery['country']['iso_code_2']);
}
// if these optional parameters are blank, remove them from transaction
if (isset($optionsShip['SHIPTOSTREET2']) && trim($optionsShip['SHIPTOSTREET2']) == '') {
unset($optionsShip['SHIPTOSTREET2']);
}
if (isset($optionsShip['SHIPTOPHONE']) && trim($optionsShip['SHIPTOPHONE']) == '') {
unset($optionsShip['SHIPTOPHONE']);
}
// if State is not supplied, repeat the city so that it's not blank, otherwise PayPal croaks
if (!isset($optionsShip['SHIPTOSTATE']) || trim($optionsShip['SHIPTOSTATE']) == '') {
$optionsShip['SHIPTOSTATE'] = $optionsShip['SHIPTOCITY'];
}
// Payment Transaction/Authorization Mode
$optionsNVP['PAYMENTACTION'] = MODULE_PAYMENT_PAYPALWPP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Sale';
// if (in_array($cc_type, array('Switch', 'Solo'))) {
// $optionsNVP['PAYMENTACTION'] = 'Authorization';
// }
$optionsAll['BUTTONSOURCE'] = $this->buttonSourceDP;
$optionsAll['CURRENCY'] = $my_currency;
$optionsAll['IPADDRESS'] = $cc_owner_ip;
if ($cc_issuedate_month && $cc_issuedate_year) {
$optionsAll['CARDSTART'] = $cc_issuedate_month . substr($cc_issuedate_year, -2);
}
// unused at present:
// $options['CUSTOM'] = '';
// $options['INVNUM'] = '';
// $options['DESC'] = '';
$this->zcLog('before_process - DP-4', 'optionsAll: ' . print_r($optionsAll, true) . "\n" . 'optionsNVP: ' . print_r($optionsNVP, true) . "\n" . 'optionsShip' . print_r($optionsShip, true) . "\n" . 'Rest of data: ' . "\n" . number_format($order_amount, 2) . ' ' . $cc_expdate_month . ' ' . substr($cc_expdate_year, -2) . ' ' . $cc_first_name . ' ' . $cc_last_name . ' ' . $cc_type);
$response = $doPayPal->DoDirectPayment(number_format($order_amount, 2), $cc_number, $cc_checkcode, $cc_expdate_month . substr($cc_expdate_year, -2), $cc_first_name, $cc_last_name, $cc_type, $optionsAll, array_merge($optionsNVP, $optionsShip));
$this->zcLog('before_process - DP-5', 'resultset:' . "\n" . print_r($response, true));
// CHECK RESPONSE
$error = $this->_errorHandler($response, 'DoDirectPayment');
$this->feeamt = '';
$this->taxamt = '';
$this->pendingreason = '';
$this->reasoncode = '';
$this->numitems = sizeof($order->products);
$this->responsedata = $response;
if ($response['PNREF']) {
// PNREF only comes from payflow mode
$this->payment_type = MODULE_PAYMENT_PAYPALWPP_PF_TEXT_TYPE;
$this->transaction_id = $response['PNREF'];
$this->payment_status = MODULE_PAYMENT_PAYPALWPP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Completed';
$this->avs = 'AVSADDR: ' . $response['AVSADDR'] . ', AVSZIP: ' . $response['AVSZIP'] . ', IAVS: ' . $response['IAVS'];
$this->cvv2 = $response['CVV2MATCH'];
$this->amt = $order_amount . ' ' . $my_currency;
$this->payment_time = date('Y-m-d h:i:s');
$this->responsedata['CURRENCYCODE'] = $my_currency;
$this->responsedata['EXCHANGERATE'] = $order->info['currency_value'];
$this->auth_code = $this->response['AUTHCODE'];
} else {
// here we're in NVP mode
$this->transaction_id = $response['TRANSACTIONID'];
$this->payment_type = MODULE_PAYMENT_PAYPALWPP_DP_TEXT_TYPE;
$this->payment_status = MODULE_PAYMENT_PAYPALWPP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Completed';
$this->pendingreason = MODULE_PAYMENT_PAYPALWPP_TRANSACTION_MODE == 'Auth Only' ? 'authorization' : '';
$this->avs = $response['AVSCODE'];
$this->cvv2 = $response['CVV2MATCH'];
$this->correlationid = $response['CORRELATIONID'];
$this->payment_time = urldecode($response['TIMESTAMP']);
$this->amt = urldecode($response['AMT'] . ' ' . $response['CURRENCYCODE']);
$this->auth_code = isset($this->response['AUTHCODE']) ? $this->response['AUTHCODE'] : $this->response['TOKEN'];
$this->transactiontype = 'cart';
}
}
}
function pre_confirmation_check()
{
if (MODULE_PAYMENT_REMISE_INPUT_MODE == 'Local') {
if (MODULE_PAYMENT_REMISE_CARD_CHECK == 'ON') {
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['remise_cc_number'], $_POST['remise_cc_expires_month'], $_POST['remise_cc_expires_year']);
$error = '';
switch ($result) {
case -1:
$error = sprintf(MODULE_PAYMENT_REMISE_TEXT_CC_INVALID_NUMBER, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = MODULE_PAYMENT_REMISE_TEXT_CC_INVALID_DATE;
break;
case false:
$error = MODULE_PAYMENT_REMISE_TEXT_CC_INVALID_NUMBER;
break;
}
$this->cc_card_name = mb_convert_kana($_POST['remise_cc_name'], "a");
if (strlen($this->cc_card_name) < 3 || ereg("[^0-9a-zA-Z ]", $this->cc_card_name)) {
if ($result == false || $result < 1) {
$error .= MODULE_PAYMENT_REMISE_TEXT_CC_NAME;
} else {
$error = MODULE_PAYMENT_REMISE_TEXT_CC_NAME;
}
$result = false;
}
if ($result == false || $result < 1) {
$encode = mb_http_input();
if ($encode == 'ASCII') {
$encode = 'UTF-8';
}
$error = mb_convert_encoding($error, $encode);
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error);
zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false));
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
} else {
$this->cc_card_name = mb_convert_kana($_POST['remise_cc_name'], "a");
$this->cc_card_number = $_POST['remise_cc_number'];
$this->cc_expiry_month = $_POST['remise_cc_expires_month'];
$this->cc_expiry_year = $_POST['remise_cc_expires_year'];
}
}
return false;
}
