function approve()
{
// Check for request forgeries
JRequest::checkToken() or jexit('Invalid Token');
// Get the selected items
$cid = JRequest::getVar('cid', array(0), 'post', 'array');
$total = count($cid);
$msg = JText::sprintf('RSM_TRANSACTIONS_APPROVED', $total);
// Force array elements to be integers
JArrayHelper::toInteger($cid, array(0));
$msg = '';
// No items are selected
if (!is_array($cid) || count($cid) < 1) {
JError::raiseWarning(500, JText::_('SELECT ITEM'));
} else {
$user =& JFactory::getUser();
$user_id = $user->get('username');
foreach ($cid as $id) {
RSMembership::saveTransactionLog('Manually approved by ' . $user_id, $id);
RSMembership::approve($id);
}
$total = count($cid);
$msg = JText::sprintf('RSM_TRANSACTIONS_APPROVED', $total);
// Clean the cache, if any
$cache =& JFactory::getCache('com_rsmembership');
$cache->clean();
}
$this->setRedirect('index.php?option=com_rsmembership&view=transactions', $msg);
}
public function approve()
{
// Check for request forgeries
JSession::checkToken() or jexit('Invalid Token');
// Get the selected items
$cid = JFactory::getApplication()->input->get('cid', array(), 'array');
// Force array elements to be integers
JArrayHelper::toInteger($cid, array(0));
$msg = '';
// No items are selected
if (!is_array($cid) || count($cid) < 1) {
JError::raiseWarning(500, JText::_('JERROR_NO_ITEMS_SELECTED'));
} else {
$user = JFactory::getUser();
$user_id = $user->get('username');
$total = 0;
foreach ($cid as $id) {
RSMembership::saveTransactionLog('Manually approved by ' . $user_id, $id);
if (RSMembership::approve($id)) {
$total++;
}
}
$msg = JText::sprintf('COM_RSMEMBERSHIP_TRANSACTIONS_APPROVED', $total);
// Clean the cache, if any
$cache = JFactory::getCache('com_rsmembership');
$cache->clean();
}
$this->setRedirect(JRoute::_('index.php?option=com_rsmembership&view=transactions', false), $msg);
}
function _execute()
{
$mainframe =& JFactory::getApplication();
$option = 'com_rsmembership';
$task = JRequest::getVar('task', '');
if ($task == 'subscribe') {
$this->_bindId();
$this->_bindExtras();
} else {
// get the already bound items
if ($task == 'validatesubscribe') {
$this->_bindData(false);
}
$this->_setId();
$this->_setExtras();
$this->_setData();
if ($task == 'payment') {
// empty session
$this->_emptySession();
$extras = $this->getExtras();
$membership = $this->getMembership();
$paymentplugin = JRequest::getCmd('payment', 'none');
// calculate the total price
$total = 0;
$total += $membership->price;
foreach ($extras as $extra) {
$total += $extra->price;
}
$user =& JFactory::getUser();
if (!$user->get('guest')) {
$user_id = $user->get('id');
RSMembership::createUserData($user_id, @$this->_data->fields);
} else {
if (RSMembershipHelper::getConfig('create_user_instantly')) {
$user_id = RSMembership::createUser($this->_data->email, $this->_data);
} else {
$user_id = 0;
}
}
$row =& JTable::getInstance('RSMembership_Transactions', 'Table');
$row->user_id = $user_id;
$row->user_email = $this->_data->email;
$data = new stdClass();
$data->name = $this->_data->name;
$data->username = isset($this->_data->username) ? $this->_data->username : '';
if (isset($this->_data->password)) {
$data->password = $this->_data->password;
}
$data->fields = $this->_data->fields;
$row->user_data = serialize($data);
$row->type = 'new';
$params = array();
$params[] = 'membership_id=' . $membership->id;
if (is_array($this->_extras) && !empty($this->_extras)) {
$params[] = 'extras=' . implode(',', $this->_extras);
}
$row->params = implode(';', $params);
// params, membership, extras etc
$date = JFactory::getDate();
$row->date = $date->toUnix();
$row->ip = $_SERVER['REMOTE_ADDR'];
$row->price = $total;
$row->coupon = $this->getCoupon();
$row->currency = RSMembershipHelper::getConfig('currency');
$row->hash = '';
$row->gateway = $paymentplugin == 'none' ? 'No Gateway' : RSMembership::getPlugin($paymentplugin);
$row->status = 'pending';
$this->_html = '';
// trigger the payment plugin
$paymentpluginClass = $paymentplugin;
if (preg_match('#rsmembershipwire([0-9]+)#', $paymentplugin, $match)) {
$paymentpluginClass = 'rsmembershipwire';
}
$className = 'plgSystem' . $paymentpluginClass;
$delay = false;
if (class_exists($className)) {
$dispatcher =& JDispatcher::getInstance();
$plugin = new $className($dispatcher, array());
$args = array('plugin' => $paymentplugin, 'data' => &$this->_data, 'extras' => $extras, 'membership' => $membership, 'transaction' => &$row);
if (method_exists($plugin, 'onMembershipPayment')) {
$this->_html = call_user_func_array(array($plugin, 'onMembershipPayment'), $args);
}
if (method_exists($plugin, 'hasDelayTransactionStoring')) {
$delay = $plugin->hasDelayTransactionStoring();
if (method_exists($plugin, 'delayTransactionStoring')) {
$plugin->delayTransactionStoring($row->getProperties());
}
}
}
// plugin can delay the transaction storing
if (!$delay) {
// store the transaction
$row->store();
// store the transaction id
$this->transaction_id = $row->id;
// finalize the transaction (send emails)
RSMembership::finalize($this->transaction_id);
// approve the transaction
if ($row->status == 'completed' || $row->price == 0 && $membership->activation != 0) {
RSMembership::approve($this->transaction_id, true);
}
if ($row->price == 0) {
$mainframe->redirect(JRoute::_('index.php?option=com_rsmembership&task=thankyou', false));
}
}
}
}
}
protected function onPaymentNotification()
{
if (!$this->canRun()) {
return;
}
ob_end_clean();
$name = $this->getTranslation($this->params->get('payment_name', 'PayPal'));
require_once JPATH_ADMINISTRATOR . '/components/com_rsmembership/helpers/adapters/input.php';
$db = JFactory::getDBO();
$query = $db->getQuery(true);
$jinput = RSInput::create();
$log = array();
$req = $this->_buildPostData();
$this->addLog("IPN received: {$req}");
// post back to PayPal system to validate
$url = $this->params->get('mode') ? 'https://www.paypal.com/cgi-bin/webscr' : 'https://www.sandbox.paypal.com/cgi-bin/webscr';
$only_completed = (int) $this->params->get('only_completed', 0);
if (!extension_loaded('curl') || !function_exists('curl_exec') || !is_callable('curl_exec')) {
$this->addLog('[err] cURL is not installed or executable, cannot connect back to PayPal for validation!');
$this->finish();
}
$this->addLog("Connecting to {$url} to verify if PayPal response is valid.");
require_once JPATH_ADMINISTRATOR . '/components/com_rsmembership/helpers/version.php';
$version = (string) new RSMembershipVersion();
$website = JUri::root();
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Host: www.paypal.com'));
curl_setopt($ch, CURLOPT_USERAGENT, "RSMembership!/{$version} ({$website})");
$res = curl_exec($ch);
$errstr = curl_error($ch);
curl_close($ch);
if ($errstr) {
$this->addLog('[err] cURL reported error: ' . $errstr);
$this->finish();
}
// assign posted variables to local variables
$item_name = $jinput->get('item_name', '', 'none');
$item_number = $jinput->get('item_number', '', 'none');
$payment_status = $jinput->get('payment_status', '', 'none');
$payment_amount = $jinput->get('mc_gross', '', 'none');
$payment_currency = $jinput->get('mc_currency', '', 'none');
$txn_id = $jinput->get('txn_id', '', 'none');
$txn_type = $jinput->get('txn_type', '', 'none');
$receiver_email = $jinput->get('receiver_email', '', 'none');
$payer_email = $jinput->get('payer_email', '', 'none');
$custom = $jinput->get('custom', 0, 'none');
// try to get the transaction id based on the custom hash
$transaction_id = $this->getTransactionId($custom);
// Do not deny the transaction for now.
$deny = false;
$this->addLog("Transaction ID is '{$transaction_id}', based on '{$custom}'.");
if ($res) {
$this->addLog("Successfully connected to {$url}. Response is {$res}");
if (strcmp($res, "VERIFIED") == 0) {
$this->addLog("Response is VERIFIED.");
$log[] = "PayPal reported a valid transaction.";
$log[] = "Payment status is " . (!empty($payment_status) ? $payment_status : 'empty') . ".";
// check the payment_status is Completed
if (!$only_completed || $only_completed && $payment_status == 'Completed') {
// sign up - do nothing, we use our "custom" parameter to identify the transaction
if ($txn_type == 'subscr_signup') {
$log[] = "Subscription signup has been received.";
// If this is a free trial, we'll need to make sure that the transaction is accepted since "subscr_payment" will be received after the trial ends
$mc_amount1 = $jinput->get('mc_amount1', '', 'none');
$subscr_id = $jinput->get('subscr_id', '', 'none');
if ((double) $mc_amount1 == (double) $transaction->price && $mc_amount1 == '0.00') {
// Emulate the variables needed below to approve the transaction
// No txn_id here, let's just use subscr_id so we can use something for PayPal identification.
$txn_id = 'Subscription ID: ' . $subscr_id;
$payment_amount = $mc_amount1;
// Load the transaction so that it can be processed below
$transaction = $this->getTransaction($transaction_id, 'id');
}
} elseif ($txn_type == 'subscr_payment' || $txn_type == 'recurring_payment') {
$log[] = "Adding new payment...";
// check that txn_id has not been previously processed
// check custom_hash from db -> if custom_hash == txn_id
$query->clear();
$query->select($db->qn('id'))->from($db->qn('#__rsmembership_transactions'))->where($db->qn('hash') . ' = ' . $db->q($txn_id))->where($db->qn('gateway') . ' = ' . $db->q($name));
$db->setQuery($query);
if (!$db->loadResult()) {
$transaction = $this->getTransaction($custom);
// check if transaction exists
if (!empty($transaction)) {
// this transaction has already been processed
// we need to create a new "renewal" transaction
if ($transaction->status == 'completed') {
$log[] = "Identified this payment as recurring.";
$query->clear();
$query->select($db->qn('id'))->select($db->qn('user_id'))->select($db->qn('membership_id'))->from($db->qn('#__rsmembership_membership_subscribers'))->where($db->qn('from_transaction_id') . ' = ' . $db->q($transaction->id));
$db->setQuery($query);
$membership = $db->loadObject();
if (!empty($membership)) {
$user = JFactory::getUser($membership->user_id);
JTable::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_rsmembership/tables');
$transaction = JTable::getInstance('Transaction', 'RSMembershipTable');
$transaction->user_id = $user->get('id');
$transaction->user_email = $user->get('email');
$transaction->type = 'renew';
$params = array();
$params[] = 'id=' . $membership->id;
$params[] = 'membership_id=' . $membership->membership_id;
$transaction->params = implode(';', $params);
// params, membership, extras etc
$date = JFactory::getDate();
$transaction->date = $date->toSql();
$transaction->ip = $_SERVER['REMOTE_ADDR'];
$transaction->price = $payment_amount;
$transaction->currency = RSMembershipHelper::getConfig('currency');
$transaction->hash = '';
$transaction->gateway = $name;
$transaction->status = 'pending';
// store the transaction
$transaction->store();
RSMembership::finalize($transaction->id);
$log[] = "Successfully added the recurring transaction to the database.";
} else {
$log[] = "Could not identify the original transaction for this recurring payment.";
}
}
} else {
$log[] = "Could not identify transaction with custom hash {$custom}. Stopping.";
}
} else {
$log[] = "The transaction {$txn_id} has already been processed. Stopping.";
}
} else {
// check that txn_id has not been previously processed
// check custom_hash from db -> if custom_hash == txn_id
$query->clear();
$query->select($db->qn('id'))->from($db->qn('#__rsmembership_transactions'))->where($db->qn('hash') . ' = ' . $db->q($txn_id))->where($db->qn('gateway') . ' = ' . $db->q($name));
$db->setQuery($query);
if (!$db->loadResult()) {
$query->clear();
$query->select('*')->from($db->qn('#__rsmembership_transactions'))->where($db->qn('custom') . ' = ' . $db->q($custom))->where($db->qn('status') . ' != ' . $db->q('completed'));
$db->setQuery($query);
$transaction = $db->loadObject();
// check if transaction exists
if (empty($transaction)) {
$log[] = "Could not identify transaction with custom hash {$custom}. Stopping.";
}
} else {
$log[] = "The transaction {$txn_id} has already been processed. Stopping.";
}
}
if (!empty($transaction)) {
$plugin_email = $this->normalize($this->params->get('email'));
$primary_email = $this->normalize($this->params->get('primary_email'));
$receiver_email = $this->normalize($receiver_email);
if (!$primary_email) {
$primary_email = $plugin_email;
}
// check that receiver_email is your Primary PayPal email
if ($receiver_email == $plugin_email || $receiver_email == $primary_email) {
// check that payment_amount/payment_currency are correct
// check $payment_amount == $price from $subscription_id && $payment_currency == $price from $subscription_id
$price = $this->_convertNumber($transaction->price);
$currency = $this->normalize(RSMembershipHelper::getConfig('currency'));
$payment_currency = $this->normalize($payment_currency);
if ((double) $payment_amount >= (double) $price) {
if ($currency == $payment_currency) {
// set the hash
$this->setTransactionHash($transaction->id, $txn_id);
// process payment unless manual activation selected
$membership_id = $this->getMembershipId($transaction->params, $transaction->type);
if ($membership_id) {
$query->clear()->select('activation')->from($db->qn('#__rsmembership_memberships'))->where($db->qn('id') . ' = ' . $db->q((int) $membership_id));
$db->setQuery($query);
$activation = $db->loadResult();
if ($activation != MEMBERSHIP_ACTIVATION_MANUAL) {
RSMembership::approve($transaction->id);
}
$activationText = 'missing';
if ($activation == MEMBERSHIP_ACTIVATION_MANUAL) {
$activationText = 'manual';
} elseif ($activation == MEMBERSHIP_ACTIVATION_AUTO) {
$activationText = 'auto';
} elseif ($activation == MEMBERSHIP_ACTIVATION_INSTANT) {
$activationText = 'instant';
}
$log[] = "Activation is {$activationText}.";
$log[] = "Successfully added the payment to the database.";
} else {
$log[] = "The membership could not be found in the database.";
}
} else {
$log[] = "Expected a currency of {$currency}. PayPal reports this payment is made in {$payment_currency}. Stopping.";
$deny = true;
}
} else {
$log[] = "Expected an amount of {$price} {$currency}. PayPal reports this payment is {$payment_amount} {$payment_currency}. Stopping.";
$deny = true;
}
} else {
$log[] = "Expected payment to be made to {$plugin_email}" . ($primary_email ? " or {$primary_email}" : "") . ". PayPal reports this payment is made for {$receiver_email}. Stopping.";
$deny = true;
}
}
} else {
$log[] = "Payment status is {$payment_status}. Stopping.";
}
} elseif (strcmp($res, "INVALID") == 0) {
$this->addLog("[err] Response is INVALID.");
$log[] = "Could not verify transaction authencity. PayPal said it's invalid.";
$log[] = "String sent to PayPal is {$req}";
$deny = true;
// log for manual investigation
} else {
$this->addLog("[err] PayPal response returned invalid data. Data is presented below:");
$this->addLog($res);
$this->addLog("End of data.");
$log[] = 'PayPal response is not valid! Should be either VERIFIED or INVALID, received "' . strip_tags($res) . '"';
}
} else {
$log[] = "Could not open {$url} in order to verify this transaction. Error reported is: {$errstr}";
}
if ($transaction_id) {
$log[] = "String sent by PayPal is {$req}";
RSMembership::saveTransactionLog($log, $transaction_id);
if ($deny) {
RSMembership::deny($transaction_id);
}
}
$this->finish();
}
function onAfterRoute()
{
$app =& JFactory::getApplication();
if ($app->isAdmin()) {
return;
}
if (JRequest::getVar('authorizepayment')) {
return $this->onPaymentNotification();
}
$option = JRequest::getVar('option');
$task = JRequest::getCmd('plugin_task');
$membership_id = JRequest::getInt('membership_id');
if ($option == 'com_rsmembership' && $task == 'authorize') {
@ob_end_clean();
$db =& JFactory::getDBO();
$db->setQuery("SELECT * FROM #__rsmembership_memberships WHERE `id`='" . $membership_id . "'");
$membership = $db->loadObject();
JTable::addIncludePath(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_rsmembership' . DS . 'tables');
$row =& JTable::getInstance('RSMembership_Transactions', 'Table');
$transaction = $this->getDelayedTransaction();
if (empty($transaction)) {
$app->enqueueMessage('RSM_SESSION_EXPIRED', 'error');
echo 'RSM_SESSION_END';
die;
}
$row->bind($transaction);
$row->store();
$row->price += $this->_getTax($row->price);
$row->price = $this->_convertNumber($row->price);
$transaction['id'] = $row->id;
$this->delayTransactionStoring($transaction);
$description = $this->_params->get('message_type') ? $membership->name : JText::sprintf('RSM_MEMBERSHIP_PURCHASE_ON', date(RSMembershipHelper::getConfig('date_format'), $row->date));
$post_url = $this->_params->get('mode') ? "https://secure.authorize.net/gateway/transact.dll" : "https://test.authorize.net/gateway/transact.dll";
$is_recurring = $membership->recurring && $membership->period > 0 && $row->type == 'new';
$cc_number = JRequest::getCmd('cc_number', '', 'post');
$cc_expiration = substr(JRequest::getCmd('cc_exp_mm', '', 'post'), 0, 2) . '-' . JRequest::getInt('cc_exp_yy', 0, 'post');
$cc_fname = JRequest::getVar('cc_fname', '', 'post');
$cc_lname = JRequest::getVar('cc_lname', '', 'post');
$post_values = array("x_login" => $this->_params->get('x_login'), "x_tran_key" => $this->_params->get('x_tran_key'), "x_version" => "3.1", "x_delim_data" => "TRUE", "x_delim_char" => "|", "x_relay_response" => "FALSE", "x_type" => "AUTH_CAPTURE", "x_method" => "CC", "x_card_num" => $cc_number, "x_exp_date" => $cc_expiration, "x_card_code" => JRequest::getVar('csc_number', '', 'post'), "x_amount" => $row->price, "x_currency_code" => RSMembershipHelper::getConfig('currency'), "x_invoice_num" => md5($row->id . ' ' . $this->_params->get('x_login') . ' ' . $this->_params->get('x_tran_key')), "x_description" => $description, "x_first_name" => $cc_fname, "x_last_name" => $cc_lname, "x_email" => $row->get('user_email'), "x_address" => '', "x_state" => '', "x_zip" => '');
$string = '';
foreach ($post_values as $key => $value) {
$string .= "{$key}=" . urlencode($value) . "&";
}
$string = rtrim($string, "& ");
unset($post_values);
if (!function_exists('curl_init')) {
echo JHTML::image('plugins/system/' . $this->joomla16prefix . 'rsmembershipauthorize/images/error.png', 'Error', array('id' => 'rsm_warning')) . ' ' . JText::_('RSM_AUTHORIZE_CURL_ERROR');
} else {
$request = curl_init($post_url);
curl_setopt($request, CURLOPT_HEADER, 0);
curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($request, CURLOPT_POSTFIELDS, $string);
curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE);
$response = curl_exec($request);
curl_close($request);
// close curl object
// This line takes the response and breaks it into an array using the specified delimiting character
$response = explode('|', $response);
if ($response[0] == 1) {
if (!$is_recurring) {
$this->emptyDelayedTransaction();
$row->hash = $response[6];
$row->store();
RSMembership::finalize($row->get('id'));
RSMembership::approve($row->get('id'));
} else {
list($length, $unit) = $this->_getAuthorizeLength($membership);
$date =& JFactory::getDate();
$startDate = date('Y-m-d', strtotime("+{$length} {$unit}", $date->toUnix()));
$extra_total = 0;
$params = RSMembershipHelper::parseParams($row->params);
if (!empty($params['extras'])) {
$db->setQuery("SELECT SUM(`price`) FROM #__rsmembership_extra_values WHERE `id` IN (" . implode(',', $params['extras']) . ")");
$extra_total = $db->loadResult();
}
$amount = $membership->use_renewal_price ? $membership->renewal_price : $membership->price;
$amount += $extra_total;
$amount += $this->_getTax($amount);
$trialOccurrences = $membership->use_trial_period ? 1 : 0;
$trialAmount = $membership->use_trial_period ? $membership->trial_price : 0;
$trialAmount += $extra_total;
$trialAmount += $this->_getTax($trialAmount);
$content = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" . "<ARBCreateSubscriptionRequest xmlns=\"AnetApi/xml/v1/schema/AnetApiSchema.xsd\">" . "<merchantAuthentication>" . "<name>" . $this->_params->get('x_login') . "</name>" . "<transactionKey>" . $this->_params->get('x_tran_key') . "</transactionKey>" . "</merchantAuthentication>" . "<refId>" . $row->id . "</refId>" . "<subscription>" . "<name>" . htmlentities($description, ENT_COMPAT, 'UTF-8') . "</name>" . "<paymentSchedule>" . "<interval>" . "<length>" . $length . "</length>" . "<unit>" . $unit . "</unit>" . "</interval>" . "<startDate>" . $startDate . "</startDate>" . "<totalOccurrences>9999</totalOccurrences>" . "<trialOccurrences>" . $trialOccurrences . "</trialOccurrences>" . "</paymentSchedule>" . "<amount>" . $amount . "</amount>" . "<trialAmount>" . $trialAmount . "</trialAmount>" . "<payment>" . "<creditCard>" . "<cardNumber>" . $cc_number . "</cardNumber>" . "<expirationDate>" . $cc_expiration . "</expirationDate>" . "</creditCard>" . "</payment>" . "<billTo>" . "<firstName>" . $cc_fname . "</firstName>" . "<lastName>" . $cc_lname . "</lastName>" . "</billTo>" . "</subscription>" . "</ARBCreateSubscriptionRequest>";
$post_url = $this->_params->get('mode') ? "https://api.authorize.net/xml/v1/request.api" : "https://apitest.authorize.net/xml/v1/request.api";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $post_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $content);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$response = curl_exec($ch);
if ($response) {
list($refId, $resultCode, $code, $text, $subscriptionId) = $this->_parseReturn($response);
if ($resultCode == 1) {
$this->emptyDelayedTransaction();
$row->custom = $subscriptionId;
$row->store();
RSMembership::finalize($row->get('id'));
RSMembership::approve($row->get('id'));
} else {
$image = $resultCode == 4 ? 'warning' : 'error';
if (!$text) {
$text = explode("\r\n\r\n", $response, 2);
$text = strip_tags($text[1]);
}
echo JHTML::image('plugins/system/' . $this->joomla16prefix . 'rsmembershipauthorize/images/' . $image . '.png', 'Information', array('id' => 'rsm_warning')) . ' ' . htmlentities($text, ENT_COMPAT, 'UTF-8');
die;
}
} else {
echo JHTML::image('plugins/system/' . $this->joomla16prefix . 'rsmembershipauthorize/images/error.png', 'Error') . ' ' . JText::_('RSM_AUTHORIZE_GENERAL_ERROR');
die;
}
}
echo 'RSM_AUTHORIZE_OK';
} else {
$image = $response[0] == 4 ? 'warning' : 'error';
echo JHTML::image('plugins/system/' . $this->joomla16prefix . 'rsmembershipauthorize/images/' . $image . '.png', 'Information', array('id' => 'rsm_warning')) . ' ' . htmlentities($response[3], ENT_COMPAT, 'UTF-8');
}
}
die;
}
}
function _execute()
{
$app = JFactory::getApplication();
$task = $app->input->get('task', '', 'cmd');
if ($task == 'upgrade') {
$this->_bindId();
} else {
$this->_setId();
if ($task == 'upgradepayment') {
// empty session
$this->_emptySession();
$extras = array();
$upgrade = $this->getUpgrade();
$membership = $this->getMembership($upgrade->membership_to_id);
$paymentplugin = $app->input->get('payment', 'none', 'cmd');
// calculate the total price
$total = $upgrade->price;
$user = JFactory::getUser();
$user_id = $user->get('id');
$row = JTable::getInstance('Transaction', 'RSMembershipTable');
$row->user_id = $user_id;
$row->user_email = $user->get('email');
$this->_data = new stdClass();
$this->_data->username = $user->get('username');
$this->_data->name = $user->get('name');
$this->_data->email = $user->get('email');
$membership_data = $this->getSentData();
if (isset($membership_data['custom_fields'])) {
$this->_data->fields = $membership_data['custom_fields'];
}
if ($membership_data['to_id'] == $upgrade->membership_to_id) {
if (isset($membership_data['custom_fields'])) {
$this->_data->membership_fields = $membership_data['membership_fields'];
}
}
$row->user_data = serialize($this->_data);
$row->type = 'upgrade';
$params = array();
$params[] = 'id=' . $this->_id;
$params[] = 'from_id=' . $upgrade->membership_from_id;
$params[] = 'to_id=' . $upgrade->membership_to_id;
$row->params = implode(';', $params);
// params, membership, extras etc
$row->date = JFactory::getDate()->toSql();
$row->ip = $_SERVER['REMOTE_ADDR'];
$row->price = $total;
$row->currency = RSMembershipHelper::getConfig('currency');
$row->hash = '';
$row->gateway = $paymentplugin == 'none' ? 'No Gateway' : RSMembership::getPlugin($paymentplugin);
$row->status = 'pending';
$this->_html = '';
// trigger the payment plugin
$delay = false;
$args = array('plugin' => $paymentplugin, 'data' => &$this->_data, 'extras' => $extras, 'membership' => $membership, 'transaction' => &$row, 'html' => &$this->_html);
$returns = $app->triggerEvent('onMembershipPayment', $args);
// PHP 5.4 fix...
if (version_compare(PHP_VERSION, '5.4.0', '>=')) {
foreach ($returns as $value) {
if ($value) {
$this->_html = $value;
}
}
}
$properties = $row->getProperties();
$returns = $app->triggerEvent('delayTransactionStoring', array(array('plugin' => $paymentplugin, 'properties' => &$properties, 'delay' => &$delay)));
// PHP 5.4 fix...
if (version_compare(PHP_VERSION, '5.4.0', '>=')) {
foreach ($returns as $value) {
if ($value) {
$delay = true;
}
}
}
// trigger the payment plugin
// plugin can delay the transaction storing
if (!$delay) {
// store the transaction
$row->store();
// store the transaction id
$this->transaction_id = $row->id;
// finalize the transaction (send emails)
RSMembership::finalize($this->transaction_id);
// approve the transaction
if ($row->status == 'completed' || $row->price == 0 && $membership->activation != 0) {
RSMembership::approve($this->transaction_id, true);
}
if ($row->price == 0) {
$app->redirect(JRoute::_('index.php?option=com_rsmembership&task=thankyou', false));
}
}
}
}
}
public function saveTransaction($paymentPlugin)
{
// Empty the session, no point in keeping it.
$this->clearData();
// Empty the HTML variable.
$this->html = '';
// Get some data.
$extras = $this->getExtras();
$membership = $this->getMembership();
$total = $this->getTotal();
$user = JFactory::getUser();
$app = JFactory::getApplication();
// Asign the user.
$userId = 0;
if ($user->guest) {
// Create the user instantly if this option is enabled.
if (RSMembershipHelper::getConfig('create_user_instantly')) {
$userId = RSMembership::createUser($this->data->email, $this->data);
}
} else {
// Grab logged in user's ID.
$userId = $user->id;
// Update user's custom fields.
RSMembership::createUserData($userId, $this->data->fields);
}
// Create user data object.
$newData = (object) array('name' => $this->data->name, 'username' => isset($this->data->username) ? $this->data->username : '', 'fields' => $this->data->fields, 'membership_fields' => $this->data->membership_fields);
if (!empty($this->data->password)) {
$newData->password = $this->data->password;
}
// Create transaction params array.
$params = array('membership_id=' . $membership->id);
if ($this->extras) {
$params[] = 'extras=' . implode(',', $this->extras);
}
$params = implode(';', $params);
// Create the JTable object.
$row = JTable::getInstance('Transaction', 'RSMembershipTable');
$row->bind(array('user_id' => $userId, 'user_email' => $this->data->email, 'user_data' => serialize($newData), 'type' => 'new', 'params' => $params, 'date' => JFactory::getDate()->toSql(), 'ip' => isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '', 'price' => $total, 'coupon' => $this->data->coupon, 'currency' => RSMembershipHelper::getConfig('currency'), 'gateway' => $paymentPlugin == 'none' ? 'No Gateway' : RSMembership::getPlugin($paymentPlugin), 'status' => 'pending'));
// Trigger the payment plugin
$delay = false;
$args = array('plugin' => $paymentPlugin, 'data' => &$this->data, 'extras' => $extras, 'membership' => $membership, 'transaction' => &$row, 'html' => &$this->html);
$returns = $app->triggerEvent('onMembershipPayment', $args);
// PHP 5.4 fix...
if (version_compare(PHP_VERSION, '5.4.0', '>=')) {
foreach ($returns as $value) {
if ($value) {
$this->html = $value;
}
}
}
$properties = $row->getProperties();
$returns = $app->triggerEvent('delayTransactionStoring', array(array('plugin' => $paymentPlugin, 'properties' => &$properties, 'delay' => &$delay)));
// PHP 5.4 fix...
if (version_compare(PHP_VERSION, '5.4.0', '>=')) {
foreach ($returns as $value) {
if ($value) {
$delay = true;
}
}
}
// Plugin can delay the transaction storing
if (!$delay) {
// Store the transaction
$row->store();
// Finalize the transaction (send emails)
RSMembership::finalize($row->id);
// Approve the transaction
if ($row->status == 'completed' || !$this->showPaymentOptions() && $membership->activation != MEMBERSHIP_ACTIVATION_MANUAL || $membership->activation == MEMBERSHIP_ACTIVATION_INSTANT) {
RSMembership::approve($row->id, true);
}
}
return $row;
}
protected function onOldPaymentNotification()
{
if (!$this->canRun()) {
return;
}
$log = array();
$deny = false;
$app = JFactory::getApplication();
$jinput = $app->input;
$db = JFactory::getDBO();
$query = $db->getQuery(true);
$recurring = $jinput->get('recurring', 0, 'int');
$custom = $jinput->get('custom', '', 'string');
$ordernumber = $this->params->get('mode') ? $jinput->get('order_number', '', 'string') : 1;
$total = $jinput->get('total', '', 'string');
$key = $jinput->get('key', '', 'string');
$processed = $jinput->get('credit_card_processed', '', 'string');
$timestamp = $jinput->get('timestamp', '', 'string');
$payment_amount = $jinput->get('payment_amount', '', 'string');
$query->select('*')->from($db->qn('#__rsmembership_transactions'))->where($db->qn('custom') . ' = ' . $db->q($custom));
$db->setQuery($query);
$db->execute();
$transaction = $db->loadObject();
$secret_word = $this->params->get('secret_word');
$sid = $this->params->get('id');
// calculate the hash
$hash = strtoupper(md5($secret_word . $sid . $ordernumber . $total));
if ($hash != $key) {
$log[] = JText::sprintf("PLG_SYSTEM_RSMEMBERSHIP2CO_VERIFICATION_ERROR", $key, $hash);
$deny = true;
} else {
if ($recurring) {
// recurring payment
$log[] = "Identified this payment as recurring.";
$query->clear();
$query->select($db->qn('id'))->select($db->qn('user_id'))->select($db->qn('membership_id'))->from($db->qn('#__rsmembership_membership_subscribers'))->where($db->qn('from_transaction_id') . ' = ' . $db->q($transaction->id));
$db->setQuery($query);
$membership = $db->loadObject();
if (!empty($membership)) {
$user = JFactory::getUser($membership->user_id);
// get the serialized user_data from previous transaction
$user_data = $transaction->user_data;
// load new transaction object
JTable::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_rsmembership/tables');
$transaction = JTable::getInstance('Transaction', 'RSMembershipTable');
$transaction->user_id = $user->get('id');
$transaction->user_email = $user->get('email');
$transaction->user_data = $user_data;
$transaction->type = 'renew';
$params = array();
$params[] = 'id=' . $membership->id;
$params[] = 'membership_id=' . $membership->membership_id;
$transaction->params = implode(';', $params);
// params, membership, extras etc
$transaction->ip = $_SERVER['REMOTE_ADDR'];
$transaction->date = $timestamp;
$transaction->price = $payment_amount;
$transaction->currency = RSMembershipHelper::getConfig('currency');
$transaction->hash = '';
$transaction->gateway = $this->getTranslation($this->params->get('payment_name', '2Checkout'));
$transaction->status = 'completed';
// store the transaction
$transaction->store();
RSMembership::finalize($transaction->id);
$log[] = "Successfully added the recurring transaction to the database.";
} else {
$log[] = "Could not identify the original transaction for this recurring payment.";
}
} else {
// transaction exists
if (empty($transaction) || $transaction->status == 'completed') {
return;
}
// check if the amount is correct
$price = $this->_convertNumber($transaction->price);
$currency = strtolower(trim(RSMembershipHelper::getConfig('currency')));
if ($price <= $total) {
// process payment
if ($processed == 'Y') {
// update order number
$query->clear();
$query->update($db->qn('#__rsmembership_transactions'))->set($db->qn('hash') . ' = ' . $db->q($ordernumber))->where($db->qn('id') . ' = ' . $db->q($transaction->id));
$db->setQuery($query);
$db->execute();
// approve
RSMembership::approve($transaction->id);
$log[] = JText::sprintf('PLG_SYSTEM_RSMEMBERSHIP2CO_PAYMENT_SUCCESS', $ordernumber);
} else {
$log[] = JText::_("PLG_SYSTEM_RSMEMBERSHIP2CO_CC_NOT_PROCESSED");
$deny = true;
}
} else {
$log[] = JText::sprintf("PLG_SYSTEM_RSMEMBERSHIP2CO_EXPECTED_AMOUNT", $price, $currency, $total, $currency);
$deny = true;
}
}
}
RSMembership::saveTransactionLog($log, $transaction->id);
if ($deny) {
RSMembership::deny($transaction->id);
}
$app->redirect('index.php?option=com_rsmembership&task=thankyou');
}
