/**
* Processes a payment POST from the CyberSource Hosted Order Page API.
*/
public static function post()
{
if (!uc_cybersource_hop_include()) {
\Drupal::logger('uc_cybersource_hop')->error('Unable to receive HOP POST due to missing or unreadable HOP.php file.');
drupal_add_http_header('Status', '503 Service unavailable');
print $this->t('The site was unable to receive a HOP post because of a missing or unreadble HOP.php');
exit;
}
$verify = VerifyTransactionSignature($_POST);
\Drupal::logger('uc_cybersource_hop')->notice('Receiving payment notification at URL for order @orderNumber', array('@orderNumber' => $_POST['orderNumber']));
if (!isset($_POST['orderNumber'])) {
\Drupal::logger('uc_cybersource_hop')->error('CS HOP attempted with invalid order number.');
return;
}
if (!$verify) {
\Drupal::logger('uc_cybersource_hop')->notice('Receiving invalid payment notification at URL for order @orderNumber. <pre>@debug</pre>', array('@orderNumber' => $_POST['orderNumber'], '@debug' => print_r($_POST, TRUE)));
return;
}
// Assign posted variables to local variables.
$decision = SafeMarkup::checkPlain($_POST['decision']);
$reason_code = SafeMarkup::checkPlain($_POST['reasonCode']);
$reason = _parse_cs_reason_code($reason_code);
$payment_amount = SafeMarkup::checkPlain($_POST['orderAmount']);
$payment_currency = SafeMarkup::checkPlain($_POST['paymentCurrency']);
$request_id = SafeMarkup::checkPlain($_POST['requestID']);
$request_token = SafeMarkup::checkPlain($_POST['orderPage_requestToken']);
$reconciliation_id = SafeMarkup::checkPlain($_POST['reconciliationID']);
$order_id = SafeMarkup::checkPlain($_POST['orderNumber']);
$payer_email = SafeMarkup::checkPlain($_POST['billTo_email']);
$order = Order::load($_POST['orderNumber']);
switch ($decision) {
case 'ACCEPT':
\Drupal::logger('uc_cybersource_hop')->notice('CyberSource verified successful payment.');
$duplicate = (bool) db_query_range('SELECT 1 FROM {uc_payment_cybersource_hop_post} WHERE order_id = :order_id AND decision = :decision', 0, 1, array(':order_id' => $order_id, ':decision' => 'ACCEPT'))->fetchField();
if ($duplicate) {
\Drupal::logger('uc_cybersource_hop')->notice('CS HOP transaction for order @order-id has been processed before.', array('@order_id' => $order_id));
return;
}
db_insert('uc_payment_cybersource_hop_post')->fields(array('order_id' => $order_id, 'request_id' => $request_id, 'request_token' => $request_token, 'reconciliation_id' => $reconciliation_id, 'gross' => $payment_amount, 'decision' => $decision, 'reason_code' => $reason_code, 'payer_email' => $payer_email, 'received' => REQUEST_TIME))->execute();
$comment = $this->t('CyberSource request ID: @txn_id', array('@txn_id' => $request_id));
uc_payment_enter($order_id, 'cybersource_hop', $payment_amount, $order->getUserId(), NULL, $comment);
uc_cart_complete_sale($order);
uc_order_comment_save($order_id, 0, $this->t('Payment of @amount @currency submitted through CyberSource with request ID @rid.', array('@amount' => $payment_amount, '@currency' => $payment_currency, '@rid' => $request_id)), 'order', 'payment_received');
break;
case 'ERROR':
uc_order_comment_save($order_id, 0, $this->t("Payment error:@reason with request ID @rid", array('@reason' => $reason, '@rid' => '@request_id')), 'admin');
break;
case 'REJECT':
uc_order_comment_save($order_id, 0, $this->t("Payment is rejected:@reason with request ID @rid", array('@reason' => $reason, '@rid' => '@request_id')), 'admin');
break;
case 'REVIEW':
$order->setStatusId('review')->save();
uc_order_comment_save($order_id, 0, $this->t('Payment is in review & not complete: @reason. Request ID @rid', array('@reason' => $reason, '@rid' => '@request_id')), 'admin');
break;
}
}
/**
* Finalizes 2checkout transaction.
*/
public function complete($cart_id = 0)
{
$cart_config = \Drupal::config('uc_cart.settings');
$module_config = \Drupal::config('uc_2checkout.settings');
\Drupal::logger('2Checkout')->notice('Receiving new order notification for order !order_id.', array('!order_id' => SafeMarkup::checkPlain($_REQUEST['merchant_order_id'])));
$order = Order::load($_REQUEST['merchant_order_id']);
if (!$order || $order->getStateId() != 'in_checkout') {
return t('An error has occurred during payment. Please contact us to ensure your order has submitted.');
}
$key = $_REQUEST['key'];
$order_number = $module_config->get('demo') ? 1 : $_REQUEST['order_number'];
$valid = md5($module_config->get('secret_word') . $_REQUEST['sid'] . $order_number . $_REQUEST['total']);
if (Unicode::strtolower($key) != Unicode::strtolower($valid)) {
uc_order_comment_save($order->id(), 0, t('Attempted unverified 2Checkout completion for this order.'), 'admin');
throw new AccessDeniedHttpException();
}
if ($_REQUEST['demo'] == 'Y' xor $module_config->get('demo')) {
\Drupal::logger('uc_2checkout')->error('The 2checkout payment for order <a href="@order_url">@order_id</a> demo flag was set to %flag, but the module is set to %mode mode.', array('@order_url' => url('admin/store/orders/' . $order->id()), '@order_id' => $order->id(), '%flag' => $_REQUEST['demo'] == 'Y' ? 'Y' : 'N', '%mode' => $module_config->get('demo') ? 'Y' : 'N'));
if (!$module_config->get('demo')) {
throw new AccessDeniedHttpException();
}
}
$order->billing_street1 = $_REQUEST['street_address'];
$order->billing_street2 = $_REQUEST['street_address2'];
$order->billing_city = $_REQUEST['city'];
$order->billing_postal_code = $_REQUEST['zip'];
$order->billing_phone = $_REQUEST['phone'];
$order->billing_zone = $_REQUEST['state'];
$order->billing_country = $_REQUEST['country'];
$order->save();
if (Unicode::strtolower($_REQUEST['email']) !== Unicode::strtolower($order->getEmail())) {
uc_order_comment_save($order->id(), 0, t('Customer used a different e-mail address during payment: !email', array('!email' => SafeMarkup::checkPlain($_REQUEST['email']))), 'admin');
}
if ($_REQUEST['credit_card_processed'] == 'Y' && is_numeric($_REQUEST['total'])) {
$comment = t('Paid by !type, 2Checkout.com order #!order.', array('!type' => $_REQUEST['pay_method'] == 'CC' ? t('credit card') : t('echeck'), '!order' => SafeMarkup::checkPlain($_REQUEST['order_number'])));
uc_payment_enter($order->id(), '2checkout', $_REQUEST['total'], 0, NULL, $comment);
} else {
drupal_set_message(t('Your order will be processed as soon as your payment clears at 2Checkout.com.'));
uc_order_comment_save($order->id(), 0, t('!type payment is pending approval at 2Checkout.com.', array('!type' => $_REQUEST['pay_method'] == 'CC' ? t('Credit card') : t('eCheck'))), 'admin');
}
// Empty that cart...
uc_cart_empty($cart_id);
// Add a comment to let sales team know this came in through the site.
uc_order_comment_save($order->id(), 0, t('Order created through website.'), 'admin');
$build = uc_cart_complete_sale($order, $cart_config->get('new_customer_login'));
return $build;
}
<?php
define('DRUPAL_ROOT', dirname(__FILE__) . '/../../../../../../');
chdir(DRUPAL_ROOT);
require './includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
if (isset($_POST['SIGN'])) {
$sign = strtoupper(md5(md5($_POST['SHOP_ID']) . '&' . md5($_POST["ORDER_ID"]) . '&' . md5($_POST['STATE'])));
if ($_POST['SIGN'] == $sign) {
switch ($_POST['STATE']) {
case 'paid':
$order = uc_order_load($_POST["ORDER_ID"]);
uc_payment_enter($_POST["ORDER_ID"], 'uc_ubrir', $order->order_total, 0, NULL, $_POST["ORDER_ID"]);
uc_cart_complete_sale($order, variable_get('uc_new_customer_login', FALSE));
break;
}
}
}
