Ejemplo n.º 1
0
 public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
 {
     if ($request->getFiltered('INVNUM', $request->getFiltered('INVOICE')) == '') {
         $response->setRedirect($this->getRootUrl() . '/thanks');
     } else {
         parent::directAction($request, $response, $invokeArgs);
     }
 }
Ejemplo n.º 2
0
 /**
  * Throws exception if no permissions added
  * @param Am_Request $request
  * @param array $record 
  */
 public function checkPermissions(Am_Request $request, $alias, $method)
 {
     if ($this->getDi()->config->get('api_debug_mode')) {
         $this->getDi()->errorLogTable->log('REST API :' . var_export($request->getParams(), true));
     }
     $event = $this->getDi()->hook->call(Am_Event::API_CHECK_PERMISSIONS, array('request' => $request, 'alias' => $alias, 'method' => $method));
     foreach ($event->getReturn() as $return) {
         if ($return === true) {
             return;
         }
         // skip checks if allowed by hook
     }
     $s = $request->getFiltered('_key');
     if (empty($s) || strlen($s) < 10) {
         throw new Am_Exception_InputError("API Error 10001 - no [key] specified or key is too short");
     }
     $apikey = $this->getDi()->apiKeyTable->findFirstByKey($s);
     if (!$apikey || $apikey->is_disabled) {
         throw new Am_Exception_InputError("API Error 10002 - [key] is not found or disabled");
     }
     $perms = $apikey->getPerms();
     if (empty($perms[$alias][$method]) || !$perms[$alias][$method]) {
         throw new Am_Exception_InputError("API Error 10003 - no permissions for {$alias}-{$method} API call");
     }
 }
Ejemplo n.º 3
0
 /**
  * Must return the same value for single rebill sequence
  * @see $_autoCreateMap
  * @return string unique id of invoice - so rebills can be added to the same invoice
  */
 function generateInvoiceExternalId()
 {
     $field = @$this->_autoCreateMap['invoice_external_id'];
     if (!empty($field)) {
         return $this->request->getFiltered($field);
     }
     throw new Am_Exception_Paysystem_NotImplemented("Not Implemented");
 }
Ejemplo n.º 4
0
 public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
 {
     if ($request->getActionName() == 'thanks') {
         if ($this->getConfig('debugLog')) {
             Am_Di::getInstance()->errorLogTable->log('NetBilling Form [response-thanks]:' . json_encode($request->getParams()));
         }
         $this->invoice = $this->getDi()->invoiceTable->findFirstByPublicId($request->getFiltered('Ecom_ConsumerOrderID'));
         $url = $request->get('Ecom_Ezic_Response_StatusCode') == 0 || $request->get('Ecom_Ezic_Response_StatusCode') == 'F' ? $this->getCancelUrl() : $this->getReturnUrl();
         $response->setRedirect($url);
     } else {
         parent::directAction($request, $response, $invokeArgs);
     }
 }
Ejemplo n.º 5
0
 public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
 {
     if ($request->getActionName() == 'cancelpaysafecart') {
         // SEE par.3
         @(list($id, $code) = explode('-', filterId($request->getFiltered('id')), 2));
         $invoice = Am_Di::getInstance()->InvoiceTable->findFirstByPublicId(filterId($id));
         if (!$invoice) {
             throw new Am_Exception_InputError("No invoice found [{$id}]");
         }
         $invoice->setCancelled(true);
         $a = new Am_Paysystem_Action_HtmlTemplate_Paysafecard($this->getDir(), 'payment-paysafecard-cancel.phtml');
         $a->process(new Am_Controller($request, $response, $invokeArgs));
         // see par.3
     } else {
         parent::directAction($request, $response, $invokeArgs);
     }
 }
Ejemplo n.º 6
0
 public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
 {
     $invoice = $this->getDi()->invoiceTable->findBySecureId($request->getFiltered('id'), $this->getId());
     if (!$invoice) {
         throw new Am_Exception_InputError(___("Sorry, seems you have used wrong link"));
     }
     $view = new Am_View();
     $html = $this->getConfig('html', 'SITE OWNER DID NOT PROVIDE INSTRUCTIONS FOR OFFLINE PAYMENT YET');
     $tpl = new Am_SimpleTemplate();
     $tpl->invoice = $invoice;
     $tpl->user = $this->getDi()->userTable->load($invoice->user_id);
     $tpl->invoice_id = $invoice->invoice_id;
     $tpl->cancel_url = REL_ROOT_URL . '/cancel?id=' . $invoice->getSecureId('CANCEL');
     $view->content = $tpl->render($html);
     $view->title = $this->getTitle();
     $response->setBody($view->render("layout.phtml"));
 }
Ejemplo n.º 7
0
 public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
 {
     if ($request->getActionName() == 'ipn') {
         $accessCode = $request->getFiltered('AccessCode');
         $result = new Am_Paysystem_Result();
         $transaction = new Am_Paysystem_Transaction_EwayRapid3($this, $accessCode);
         $transaction->run($result);
         if (!($invoice = $transaction->getInvoice())) {
             throw new Am_Exception_InputError();
         }
         $this->_setInvoice($invoice);
         if ($result->isSuccess()) {
             Am_Controller::redirectLocation($this->getReturnUrl($invoice));
         } else {
             Am_Controller::redirectLocation($this->getCancelUrl($invoice));
         }
     } else {
         parent::directAction($request, $response, $invokeArgs);
     }
 }
Ejemplo n.º 8
0
 protected function ccActionValidateSetInvoice(Am_Request $request, array $invokeArgs)
 {
     $invoiceId = $request->getFiltered('cc_id');
     if (!$invoiceId) {
         throw new Am_Exception_InputError("invoice_id is empty - seems you have followed wrong url, please return back to continue");
     }
     $invoice = $this->getDi()->invoiceTable->findBySecureId($invoiceId, $this->getId());
     if (!$invoice) {
         throw new Am_Exception_InputError('You have used wrong link for payment page, please return back and try again');
     }
     if ($invoice->isCompleted()) {
         throw new Am_Exception_InputError(sprintf(___('Payment is already processed, please go to %sMembership page%s'), "<a href='" . htmlentities($this->getDi()->config->get('root_url')) . "/member'>", "</a>"));
     }
     if ($invoice->paysys_id != $this->getId()) {
         throw new Am_Exception_InputError("You have used wrong link for payment page, please return back and try again");
     }
     if ($invoice->tm_added < sqlTime('-30 days')) {
         throw new Am_Exception_InputError("Invoice expired - you cannot open invoice after 30 days elapsed");
     }
     $this->invoice = $invoice;
     // set for reference
 }
Ejemplo n.º 9
0
 /**
  * Process "cancel recurring" request
  * @param Am_Request $request
  * @param Zend_Controller_Response_Http $response
  * @param array $invokeArgs
  */
 public function doCancelAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
 {
     $id = $request->getFiltered('id');
     $invoice = $this->getDi()->invoiceTable->findBySecureId($id, 'STOP' . $this->getId());
     if (!$invoice) {
         throw new Am_Exception_InputError("No invoice found [{$id}]");
     }
     if ($invoice->user_id != $this->getDi()->auth->getUserId()) {
         throw new Am_Exception_InternalError("User tried to access foreign invoice: [{$id}]");
     }
     if (method_exists($this, 'cancelInvoice')) {
         $this->cancelInvoice($invoice);
     }
     $invoice->setCancelled();
     $response->setRedirect(ROOT_SURL . '/member/payment-history');
 }
Ejemplo n.º 10
0
 public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
 {
     $user = $this->getDi()->user;
     switch ($request->getActionName()) {
         case 'c':
             $id = $this->getDi()->app->reveal($request->getFiltered('id'));
             //actualy it is notification_id
             $notification = $this->getDi()->notificationTable->load($id);
             $this->getDi()->notificationClickTable->log($user, $notification);
             Am_Controller::redirectLocation($notification->url);
             break;
         case 'get':
             if (!$user) {
                 Am_Controller::ajaxResponse(array());
             } else {
                 $items = $this->getDi()->notificationTable->getNotificationsForUser($this->getDi()->auth->getUser());
                 $dismiss = $user->data()->getBlob('notification.dismiss');
                 if (!$dismiss) {
                     $dismiss = array();
                 } else {
                     $dismiss = unserialize($dismiss);
                 }
                 $out = array();
                 foreach ($items as $item) {
                     $display = $user->data()->get('notification.display.' . $item->pk());
                     if ($item->limit && $display >= $item->limit) {
                         continue;
                     }
                     if (in_array($item->notification_id, $dismiss)) {
                         continue;
                     }
                     $user->data()->set('notification.display.' . $item->pk(), ++$display);
                     $n = new stdClass();
                     $n->id = $this->getDi()->app->obfuscate($item->notification_id);
                     $n->content = $item->content;
                     $n->is_custom = $item->is_custom ? true : false;
                     $n->is_blank = $item->is_blank ? true : false;
                     $n->link = $item->url;
                     $out[] = $n;
                 }
                 $user->save();
                 Am_Controller::ajaxResponse($out);
             }
             break;
         case 'js':
             $response->setHeader('Content-Type', 'application/x-javascript; charset=utf-8');
             echo $this->getJs();
             break;
         case 'd':
             $id = $this->getDi()->app->reveal($request->getFiltered('id'));
             if ($user && $id) {
                 $dismiss = $user->data()->getBlob('notification.dismiss');
                 if (!$dismiss) {
                     $dismiss = array();
                 } else {
                     $dismiss = unserialize($dismiss);
                 }
                 $dismiss[] = $id;
                 $user->data()->setBlob('notification.dismiss', serialize($dismiss));
                 $user->data()->update();
             }
             break;
         default:
             throw new Am_Exception_InternalError('Unknown Action');
     }
 }
Ejemplo n.º 11
0
 /** @return string request parameter with removed chars except the a-zA-Z0-9-_ */
 function getFiltered($key, $default = null)
 {
     return $this->_request->getFiltered($key, $default);
 }
Ejemplo n.º 12
0
 function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
 {
     $actionName = $request->getActionName();
     if ($actionName == 'cancel') {
         $invoice = $this->getDi()->invoiceTable->findFirstBy(array('public_id' => $request->getFiltered('merchant_unique_id')));
         if (!$invoice) {
             throw new Am_Exception_InputError("No invoice found [{$id}]");
         }
         Am_Controller::redirectLocation($this->getRootUrl() . "/cancel?id=" . $invoice->getSecureId('CANCEL'));
     } else {
         parent::directAction($request, $response, $invokeArgs);
     }
 }
Ejemplo n.º 13
0
 public function cancelPaymentAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
 {
     $id = $request->getFiltered('id');
     if (!$id && isset($_GET['id'])) {
         $id = filterId($_GET['id']);
     }
     $invoice = $this->getDi()->invoiceTable->findFirstByPublicId($id);
     if (!$invoice) {
         throw new Am_Exception_InputError("No invoice found [{$id}]");
     }
     if ($invoice->user_id != $this->getDi()->auth->getUserId()) {
         throw new Am_Exception_InternalError("User tried to access foreign invoice: [{$id}]");
     }
     $this->invoice = $invoice;
     // find invoice and redirect to default "cancel" page
     $response->setRedirect($this->getCancelUrl());
 }
Ejemplo n.º 14
0
 public function expressCheckoutAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
 {
     $token = $request->getFiltered('token');
     if (!$token) {
         throw new Am_Exception_InputError("No required [token] provided, internal error");
     }
     $log = $this->getDi()->invoiceLogRecord;
     $log->title = "";
     $log->paysys_id = $this->getId();
     if ($request->getInt('do')) {
         $invoice = current($this->getDi()->invoiceTable->findByData(self::PAYPAL_EXPRESS_TOKEN, $token));
         if (!$invoice) {
             throw new Am_Exception_InternalError("Could not find invoice by token [{$token}]");
         }
         $this->_setInvoice($invoice);
         $log->setInvoice($invoice);
         if ($invoice->first_total > 0) {
             // bill initial amount @todo free trial
             $log->title .= " doExpressCheckout";
             $apireq = new Am_Paysystem_PaypalApiRequest($this);
             $apireq->doExpressCheckout($invoice, $token, $request->getFiltered('PayerID'));
             $vars = $apireq->sendRequest($log);
             $transaction = new Am_Paysystem_Transaction_PayPalExpress_DoExpressCheckout($this, $vars);
             $transaction->setInvoice($invoice);
             $transaction->process();
         }
         if ($invoice->rebill_times) {
             $log->title .= " createRecurringPaymentProfile";
             $apireq = new Am_Paysystem_PaypalApiRequest($this);
             $apireq->createRecurringPaymentProfile($invoice, null, $token, $request->getFiltered('PayerID'));
             $vars = $apireq->sendRequest($log);
             if ($vars['ACK'] != 'Success') {
                 $this->logError("Not Success response to CreateRecurringPaymentProfile request", $vars);
             } else {
                 $invoice->data()->set(self::PAYPAL_PROFILE_ID, $vars['PROFILEID'])->update();
                 if ($invoice->first_total <= 0) {
                     $transaction = new Am_Paysystem_Transaction_PayPalExpress_CreateRecurringPaymentProfile($this, $vars);
                     $transaction->setInvoice($invoice);
                     $transaction->process();
                 }
             }
         }
         return Am_Controller::redirectLocation($this->getReturnUrl());
     } else {
         $log->title .= " getExpressCheckoutDetails";
         $apireq = new Am_Paysystem_PaypalApiRequest($this);
         $apireq->getExpressCheckoutDetails($token);
         $vars = $apireq->sendRequest($log);
         $invoiceId = filterId(get_first(@$vars['INVNUM'], @$vars['L_PAYMENTREQUEST_0_INVNUM'], $this->getDi()->session->paypal_invoice_id));
         if (!$invoiceId || !($invoice = $this->getDi()->invoiceTable->findBySecureId($invoiceId, 'paypal'))) {
             throw new Am_Exception_InputError("Could not find invoice related to given payment. Internal error. Your account was not billed, please try again");
         }
         $log->setInvoice($invoice);
         $log->update();
         $this->_setInvoice($invoice);
         /* @var $invoice Invoice */
         if ($invoice->isPaid()) {
             return Am_Controller::redirectLocation($this->getReturnUrl());
         }
         $invoice->data()->set(self::PAYPAL_EXPRESS_TOKEN, $token)->update();
         $view = new Am_View();
         $view->invoice = $invoice;
         $view->url = $this->getPluginUrl(self::PAYPAL_EXPRESS_CHECKOUT);
         $view->hidden = array('do' => '1', 'token' => $request->getFiltered('token'), 'PayerID' => $request->getFiltered('PayerID'));
         $view->display("payment-confirm.phtml");
     }
 }