function after_payment_php($orderID, $OutSum, $SignatureValue, $flag)
{
$res = '';
$order = ordGetOrder($orderID);
if ($this->_getSettingValue('CONF_ROBOXCHANGE_SHOPCURRENCY') > 0) {
$exhange_curr = currGetCurrencyByID($this->_getSettingValue('CONF_ROBOXCHANGE_SHOPCURRENCY'));
$exhange_rate = $exhange_curr["currency_value"];
$exhange_round = $exhange_curr["roundval"];
} else {
$exhange_rate = 1;
$exhange_round = 2;
}
if ((double) $exhange_rate == 0) {
$exhange_rate = 1;
}
$order_amount = _formatPrice(roundf($order["order_amount"] * $exhange_rate), $exhange_round, ".", "");
if ($flag == "result") {
$mrh_pass = $this->_getSettingValue('CONF_ROBOXCHANGE_MERCHANTPASS2');
} else {
$mrh_pass = $this->_getSettingValue('CONF_ROBOXCHANGE_MERCHANTPASS1');
}
$OutSum_x = _formatPrice($OutSum, $exhange_round, ".", "");
$my_crc = strtoupper(md5($OutSum . ":" . $orderID . ":" . $mrh_pass));
if ($order_amount > 0 && $my_crc == strtoupper($SignatureValue) && $OutSum_x == $order_amount) {
ostSetOrderStatusToOrder($order["orderID"], $this->_getSettingValue('CONF_ROBOXCHANGE_STATUS_AFTER_PAY'));
$res = "OK" . $orderID;
}
return $res;
}
function after_payment_php($orderID, $params)
{
$res = '';
$order = ordGetOrder($orderID);
$skey = $this->_getSettingValue('CONF_ZP_MERCHANT_KEY');
$merch_bd = strtoupper($this->_getSettingValue('CONF_ZP_LMI_PAYEE_PURSE'));
if ($this->_getSettingValue('CONF_ZP_SHOPCURRENCY') > 0) {
$exhange_curr = currGetCurrencyByID($this->_getSettingValue('CONF_ZP_SHOPCURRENCY'));
$exhange_rate = $exhange_curr["currency_value"];
$exhange_round = $exhange_curr["roundval"];
} else {
$exhange_rate = 1;
$exhange_round = 2;
}
if ((double) $exhange_rate == 0) {
$exhange_rate = 1;
}
$order_amount = _formatPrice(roundf($order["order_amount"] * $exhange_rate), $exhange_round, ".", "");
$OutSum_x = _formatPrice($params["LMI_PAYMENT_AMOUNT"], $exhange_round, ".", "");
$crc = strtoupper(md5($merch_bd . $params["LMI_PAYMENT_AMOUNT"] . $params["LMI_PAYMENT_NO"] . $params["LMI_MODE"] . $params["LMI_SYS_INVS_NO"] . $params["LMI_SYS_TRANS_NO"] . $params["LMI_SYS_TRANS_DATE"] . $skey . $params["LMI_PAYER_PURSE"] . $params["LMI_PAYER_WM"]));
if ($order_amount > 0 && $merch_bd == strtoupper($params["LMI_PAYEE_PURSE"]) && $OutSum_x == $order_amount && $crc == strtoupper($params["LMI_HASH"])) {
ostSetOrderStatusToOrder($order["orderID"], $this->_getSettingValue('CONF_ZP_STATUS_AFTER_PAY'));
$res = "YES";
}
return $res;
}
function transactionResultHandler($transaction_result = '', $message = '', $source = 'frontend')
{
$log = '';
if ($source == 'handler') {
$ID = $_POST['ID'];
$FUNCTION = $_POST['FUNCTION'];
$RRN = $_POST['RRN'];
$PAYER = $_POST['PAYER'];
$AMOUNT = $_POST['AMOUNT'];
$ACCOUNT = $_POST['ACCOUNT'];
$STATUS = $_POST['STATUS'];
$DATETIME = $_POST['DATETIME'];
$MERCH_TYPE = $_POST['MERCH_TYPE'];
$AMOUNT_FULL = $_POST['AMOUNT_FULL'];
$KEY = $this->_getSettingValue('CONF_PAYMENTMODULE_ARSENALPAY_MK_SHARED_SECRET');
if (isset($_POST['SIGN']) && $_POST['SIGN'] == md5(md5($ID) . md5($FUNCTION) . md5($RRN) . md5($PAYER) . md5($AMOUNT) . md5($ACCOUNT) . md5($STATUS) . md5($KEY))) {
$function = isset($_POST['FUNCTION']) ? $_POST['FUNCTION'] : 0;
if ($function && $function == 'check') {
$orderID = isset($_POST['ACCOUNT']) ? $_POST['ACCOUNT'] : 0;
if ($orderID && ($order = _getOrderById($orderID))) {
$order_amount = $order['order_amount'];
if ($MERCH_NAME == 0 && $order_amount == $AMOUNT) {
$log = "Order with id {$orderID} check";
$transaction_result = 'YES';
} elseif ($MERCH_NAME == 1 && $order_amount >= $AMOUNT && $order_amount == $AMOUNT_FULL) {
$log = "Order with id {$orderID} and amount {$AMOUNT} check";
$transaction_result = 'YES';
} else {
$log = "Order {$orderID} amount mismatch with callback. {$AMOUNT} in callback vs {$order_amount} in db";
$orderID = false;
$transaction_result = 'NO';
}
} else {
$log = "Order with id {$orderID} not exists";
$orderID = false;
$transaction_result = 'NO';
}
} elseif ($function && $function == 'payment') {
$orderID = isset($_POST['ACCOUNT']) ? $_POST['ACCOUNT'] : 0;
if ($orderID && ($order = _getOrderById($orderID))) {
$order_amount = $order['order_amount'];
if ($MERCH_NAME == 0 && $order_amount == $AMOUNT) {
$log = "Order with id {$orderID} PAYMENT recieved";
$transaction_result = 'OK';
$statusID = $this->_getSettingValue('CONF_PAYMENTMODULE_ARSENALPAY_MK_ORDERSTATUS');
if ($statusID != -1) {
$comment = $sys_invs_no ? sprintf("Заказ оплачен по ArsenalPay%s. Номер счета — %s, номер платежа — %s.", $mode ? ' (тестовый режим)' : '', $sys_invs_no, $sys_trans_no) : 'Заказ оплачен по ArsenalPay';
ostSetOrderStatusToOrder($orderID, $statusID, $comment, 0, true);
}
} elseif ($MERCH_NAME == 1 && $order_amount >= $AMOUNT && $order_amount == $AMOUNT_FULL) {
$log = "Order with id {$orderID} and amount {$AMOUNT} PAYMENT recieved";
$transaction_result = 'OK';
$statusID = $this->_getSettingValue('CONF_PAYMENTMODULE_ARSENALPAY_MK_ORDERSTATUS');
if ($statusID != -1) {
$comment = $sys_invs_no ? sprintf("Заказ оплачен по ArsenalPay%s. Номер счета — %s, номер платежа — %s, сумма заказа — %s.", $mode ? ' (тестовый режим)' : '', $sys_invs_no, $sys_trans_no, $AMOUNT) : 'Заказ оплачен по ArsenalPay';
ostSetOrderStatusToOrder($orderID, $statusID, $comment, 0, true);
}
} else {
$log = "Order {$orderID} amount mismatch with callback. {$AMOUNT} in callback vs {$order_amount} in db";
$orderID = false;
$transaction_result = 'ERR';
}
} else {
$log = "Order with id {$orderID} not exists";
$orderID = false;
$transaction_result = 'ERR';
}
} else {
$log = "Failed ARSENAL PAY callback call";
$orderID = false;
$transaction_result = 'ERR';
}
} else {
$log = "ARSENAL PAY sign fail";
$orderID = false;
$transaction_result = 'ERR';
}
$responce = $transaction_result;
echo $responce;
return parent::transactionResultHandler($transaction_result, $message . $log, $source);
}
}
function deactivate_order($actlink, &$smarty_mail)
{
$q = db_query('select orderID FROM ' . ORDERS_TABLE . ' WHERE custlink="' . xEscSQL($actlink) . '"');
if ($pql = db_fetch_row($q)) {
$order = _getOrderById($pql['orderID']);
ostSetOrderStatusToOrder($pql['orderID'], ostGetCanceledStatusId(), '', '');
$smarty_mail->assign('orderID', $pql['orderID']);
$smarty_mail->assign('polidesk', ADMIN_SEND_INACT_DESK1);
$html = $smarty_mail->fetch('active_deactive_order.tpl');
xMailTxtHTMLDATA(CONF_ORDERS_EMAIL, ADMIN_SEND_DEACT_ORDER . ' #' . $pql['orderID'] . ' - ' . CONF_SHOP_NAME, $html);
xMailTxtHTMLDATA($order['customer_email'], STRING_ORDER . ' #' . $pql['orderID'] . ' - ' . ADMIN_SEND_INACT_TITLE . ' - ' . CONF_SHOP_NAME, $html);
$succes = 1;
} else {
$succes = 0;
}
return $succes;
}
$smarty->assign("customerInfo", $customerInfo);
}
if ($_GET["customer_details"] == "address_book") {
$log1 = regGetLoginById($_GET["customerID"]);
$addresses = regGetAllAddressesByLogin($log1);
for ($i = 0; $i < count($addresses); $i++) {
$addresses[$i]["addressStr"] = regGetAddressStr($addresses[$i]["addressID"]);
}
$defaultAddressID = regGetDefaultAddressIDByLogin($log1);
$smarty->assign("addresses", $addresses);
$smarty->assign("defaultAddressID", $defaultAddressID);
}
if ($_GET["customer_details"] == "order_history") {
$data = ScanPostVariableWithId(array("set_order_status"));
foreach ($data as $orderID => $value) {
ostSetOrderStatusToOrder($orderID, $_POST["order_status_in_table_" . $orderID]);
}
$orders = array();
$callBackParam = array();
$callBackParam["customerID"] = $_GET["customerID"];
if (isset($_GET["sort"])) {
$callBackParam["sort"] = $_GET["sort"];
}
if (isset($_GET["direction"])) {
$callBackParam["direction"] = $_GET["direction"];
}
$count = 0;
$navigatorHtml = GetNavigatorHtml(_getUrlToNavigate_ORDER_HISTORY(), 20, 'ordGetOrders', $callBackParam, $orders, $offset, $count);
$smarty->hassign("urlToSubmit", _getUrlToSubmit_ORDER_HISTORY());
$smarty->hassign("urlToSort", _getUrlToSort_ORDER_HISTORY());
$smarty->assign("navigator", $navigatorHtml);
function after_payment_php($orderID, $_params)
{
$res = '';
// Извлечение всех параметров POST-запроса, кроме WMI_SIGNATURE
foreach ($_params as $name => $value) {
if ($name !== "WMI_SIGNATURE") {
$params[$name] = $value;
}
}
// Сортировка массива по именам ключей в порядке возрастания
// и формирование сообщения, путем объединения значений формы
uksort($params, "strcasecmp");
$values = "";
foreach ($params as $name => $value) {
$values .= $params[$name];
}
// Формирование подписи для сравнения ее с параметром WMI_SIGNATURE
if ($this->_getSettingValue('CONF_PAYMENTMODULE_WMI_HASH_METOD') == 2) {
$signature = base64_encode(pack("H*", md5($values . $this->_getSettingValue('CONF_PAYMENTMODULE_WMI_SECRET_KEY'))));
} elseif ($this->_getSettingValue('CONF_PAYMENTMODULE_WMI_HASH_METOD') == 3) {
$signature = base64_encode(pack("H*", sha1($values . $this->_getSettingValue('CONF_PAYMENTMODULE_WMI_SECRET_KEY'))));
}
//Сравнение полученной подписи с подписью W1
if ($signature == $_params["WMI_SIGNATURE"]) {
if (strtoupper($_params["WMI_ORDER_STATE"]) == "ACCEPTED") {
ostSetOrderStatusToOrder($_params["WMI_PAYMENT_NO"], $this->_getSettingValue('CONF_PAYMENTMODULE_WMI_STATUS_AFTER_PAY'));
$res = 'WMI_RESULT=Ok&WMI_DESCRIPTION=Заказ #' . $_params["WMI_PAYMENT_NO"] . ' оплачен!';
} else {
if (strtoupper($_params["WMI_ORDER_STATE"]) == "PROCESSING") {
ostSetOrderStatusToOrder($_params["WMI_PAYMENT_NO"], $this->_getSettingValue('CONF_PAYMENTMODULE_WMI_STATUS_AFTER_PAY'));
$res = 'WMI_RESULT=Ok&WMI_DESCRIPTION=Заказ #' . $_params["WMI_PAYMENT_NO"] . ' оплачен!';
} else {
if (strtoupper($_arams["WMI_ORDER_STATE"]) == "REJECTED") {
$res = 'WMI_RESULT=Ok&WMI_DESCRIPTION=Заказ #' . $_params["WMI_PAYMENT_NO"] . ' отменен!';
} else {
// Случилось что-то странное, пришло неизвестное состояние заказа
$res = 'WMI_RESULT=Retry&WMI_DESCRIPTION=Неверное состояние заказа: ' . $_params["WMI_ORDER_STATE"];
}
}
}
} else {
// Подпись не совпадает, возможно вы поменяли настройки интернет-магазина
$res = 'WMI_RESULT=Retry&WMI_DESCRIPTION=Неверная подпись заказа';
}
return $res;
}
} else {
if (isset($_GET["delete"])) {
if (CONF_BACKEND_SAFEMODE) {
//this action is forbidden when SAFE MODE is ON
Redirect(ADMIN_FILE . "?dpt=custord&sub=new_orders&orders_detailed=yes&orderID=" . (int) $_GET["orderID"] . "&urlToReturn=" . $_GET["urlToReturn"] . "&safemode=yes");
}
ordDeleteOrder((int) $_GET["orderID"]);
Redirect(base64_decode($_GET["urlToReturn"]));
}
if (isset($_POST["set_status"])) {
if (CONF_BACKEND_SAFEMODE) {
//this action is forbidden when SAFE MODE is ON
Redirect(ADMIN_FILE . "?dpt=custord&sub=new_orders&orders_detailed=yes&orderID=" . $_GET["orderID"] . "&urlToReturn=" . $_GET["urlToReturn"] . "&safemode=yes");
}
if ((int) $_POST["status"] != -1) {
ostSetOrderStatusToOrder((int) $_GET["orderID"], $_POST["status"], isset($_POST['status_comment']) ? $_POST['status_comment'] : '', isset($_POST['notify_customer']) ? $_POST['notify_customer'] : '');
}
Redirect(ADMIN_FILE . "?dpt=custord&sub=new_orders&orders_detailed=yes&orderID=" . (int) $_GET["orderID"] . "&urlToReturn=" . $_GET["urlToReturn"]);
}
if (isset($_GET["urlToReturn"])) {
$smarty->assign("encodedUrlToReturn", $_GET["urlToReturn"]);
}
if (isset($_GET["urlToReturn"])) {
$smarty->hassign("urlToReturn", base64_decode($_GET["urlToReturn"]));
}
$order = ordGetOrder((int) $_GET["orderID"]);
$orderContent = ordGetOrderContent((int) $_GET["orderID"]);
$order_status_report = xNl2Br(stGetOrderStatusReport((int) $_GET["orderID"]));
$order_statuses = ostGetOrderStatues();
$smarty->assign("cancledOrderStatus", ostGetCanceledStatusId());
$smarty->assign("orderContent", $orderContent);
