protected function _toHtml()
{
try {
$form = new Varien_Data_Form();
$form->setAction($this->_getSageSession()->getAcsurl())->setId('sagepaydirectpro_3dsecure')->setName('sagepaydirectpro_3dsecure')->setMethod('POST')->setUseContainer(true);
$params = array('_secure' => true, 'storeid' => Mage::app()->getStore()->getId());
$_shipSessData = Mage::getSingleton('checkout/type_onepage')->getQuote()->getShippingAddress()->getShippingMethod();
if ($_shipSessData) {
$params['shipmethod'] = $_shipSessData;
}
$postUrl = Mage::getModel('core/url')->addSessionParam()->getUrl('sgps/directPayment/callback3d', $params);
$form->addField('PaReq', 'hidden', array('name' => 'PaReq', 'value' => $this->_getSageSession()->getPareq()));
$form->addField('MD', 'hidden', array('name' => 'MD', 'value' => $this->_getSageSession()->getEmede()));
#$form->addField('TermUrl', 'hidden', array('name'=>'TermUrl', 'value' => Mage::getUrl('sgps/directPayment/callback3d', array('_secure' => true))));
$form->addField('TermUrl', 'hidden', array('name' => 'TermUrl', 'value' => $postUrl));
$html = '<html><body>';
$html .= '<code>' . $this->__('Loading 3D secure form...') . '</code>';
$html .= $form->toHtml();
$html .= '<script type="text/javascript">document.getElementById("sagepaydirectpro_3dsecure").submit();</script>';
$html .= '</body></html>';
Sage_Log::log($html, null, 'SagePaySuite_REQUEST.log');
} catch (Exception $e) {
Ebizmarts_SagePaySuite_Log::we($e);
}
return $html;
}
public function getThirdmanScores($cron)
{
$tblName = Mage::getSingleton('core/resource')->getTableName('sagepayreporting_fraud');
$sagepayOrders = Mage::getResourceModel('sales/order_grid_collection');
$sagepayOrders->getSelect()->joinLeft(array('pmnt' => $sagepayOrders->getTable('sales/order_payment')), 'main_table.entity_id = pmnt.parent_id', array())->joinLeft(array('sls' => $sagepayOrders->getTable('sales/order')), 'main_table.entity_id = sls.entity_id', array())->where("(pmnt.method = 'sagepaydirectpro' OR pmnt.method = 'sagepayserver' OR pmnt.method = 'sagepayserver_moto' OR pmnt.method = 'sagepaydirectpro_moto' OR pmnt.method = 'sagepayform' OR pmnt.method = 'sagepaypaypal') AND (main_table.entity_id NOT IN (SELECT order_id FROM " . $tblName . "))")->limit(10);
foreach ($sagepayOrders as $_order) {
$_order = Mage::getModel('sales/order')->load($_order->getId());
$rs = Mage::getModel('sagepayreporting/sagepayreporting')->getTransactionDetails($_order->getSagepayInfo()->getVendorTxCode());
if (!is_object($rs) or $rs->getError()) {
continue;
}
try {
/**
* Automatic fulfill
*/
if ((int) $rs->getT3mscore() && (string) $rs->getT3maction() != 'NORESULT') {
# Update Thirdman score on DB
Mage::getModel('sagepayreporting/fraud')->updateThirdMan($_order->getId(), $rs);
$dbtrn = Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->loadByVendorTxCode($_order->getSagepayInfo()->getVendorTxCode());
$canAuthorise = $dbtrn->getTxType() == 'AUTHENTICATE' && !$dbtrn->getAuthorised();
$canRelease = $dbtrn->getTxType() == 'DEFERRED' && !$dbtrn->getReleased();
$rank = $this->_getCanRank() && $this->_getRank() <= (int) $rs->getT3mscore();
if (($canAuthorise || $canRelease) && $rank) {
Mage::getModel('sagepaysuite/api_payment')->invoiceOrder($_order->getId(), Mage_Sales_Model_Order_Invoice::CAPTURE_ONLINE);
}
}
/**
* Automatic fulfill
*/
} catch (Exception $e) {
Sage_Log::logException($e);
}
}
}
public function send()
{
try {
$data = $this->grabData();
$url = 'https://ebizmarts.com/sagepaysuite_tracker.php';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($data));
$sslversion = Mage::getStoreConfig('payment/sagepaysuite/curl_ssl_version');
curl_setopt($curl, CURLOPT_SSLVERSION, $sslversion);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 4);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
if (Mage::getStoreConfigFlag('payment/sagepaysuite/curl_proxy') == 1) {
curl_setopt($curl, CURLOPT_PROXY, Mage::getStoreConfig('payment/sagepaysuite/curl_proxy_port'));
}
$response = curl_exec($curl);
if (!curl_error($curl)) {
return TRUE;
}
return FALSE;
} catch (Exception $e) {
Sage_Log::logException($e);
return FALSE;
}
}
/**
* Retrieve fraud score (3rd man) for transactions that do not have score.
* @param $cron Cron object
* @return Ebizmarts_SagePayReporting_Model_Cron
*/
public function getThirdmanScores($cron)
{
$logPrefix = "[CRON] ";
Sage_Log::log($logPrefix . "Starting fraud checks... ", null, 'SagePaySuite_Thirdman.log');
$fraudTblName = Mage::getSingleton('core/resource')->getTableName('sagepayreporting_fraud');
$transactions = Mage::getResourceModel('sagepaysuite2/sagepaysuite_transaction_collection');
$transactions->addFieldToSelect(array('order_id', 'vendor_tx_code', 'vps_tx_id'));
$transactions->getSelect()->where("`main_table`.`order_id` IS NOT NULL AND (`main_table`.`order_id` NOT IN (SELECT `order_id` FROM " . $fraudTblName . "))")->order("main_table.created_at DESC")->limit(15);
$now = strtotime("now");
foreach ($transactions as $_trn) {
$update = $_trn->updateFromApi();
if (!$update->getFraud()) {
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": NO RESULT", null, 'SagePaySuite_Thirdman.log');
continue;
}
try {
$rs = $update->getFraud();
$noresult = (string) $rs->getThirdmanAction() == 'NORESULT';
$orderPlusOneDay = strtotime("+1 day", strtotime($_trn->getCreatedAt()));
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": " . (string) $rs->getThirdmanAction(), null, 'SagePaySuite_Thirdman.log');
} catch (Exception $e) {
Sage_Log::logException($e);
}
}
}
protected function _getServiceCount()
{
$count = '?';
try {
$r = Mage::getModel('sagepayreporting/sagepayreporting')->getTokenCount();
$count = (int) $r->totalnumber;
} catch (Exception $e) {
Sage_Log::logException($e);
}
return $count;
}
/**
* Retrieve fraud score (3rd man) for transactions that do not have score.
* @param $cron Cron object
* @return Ebizmarts_SagePayReporting_Model_Cron
*/
public function getThirdmanScores($cron)
{
$logPrefix = "[CRON] ";
//Sage_Log::log($logPrefix . "Starting fraud checks... ", null, 'SagePaySuite_Thirdman.log');
$fraudTblName = Mage::getSingleton('core/resource')->getTableName('sagepayreporting_fraud');
$transactions = Mage::getResourceModel('sagepaysuite2/sagepaysuite_transaction_collection');
$transactions->addFieldToSelect(array('order_id', 'vendor_tx_code', 'vps_tx_id', 'tx_type'));
$transactions->getSelect()->where("`main_table`.`order_id` IS NOT NULL AND (`main_table`.`order_id` NOT IN (SELECT `order_id` FROM " . $fraudTblName . "))")->order("main_table.created_at DESC")->limit(20);
$now = strtotime("now");
foreach ($transactions as $_trn) {
$update = $_trn->updateFromApi();
if (!$update->getFraud()) {
//Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": NO RESULT", null, 'SagePaySuite_Thirdman.log');
continue;
}
try {
$rs = $update->getFraud();
$noresult = (string) $rs->getThirdmanAction() == 'NORESULT';
$orderPlusOneDay = strtotime("+1 day", strtotime($_trn->getCreatedAt()));
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": " . (string) $rs->getThirdmanAction(), null, 'SagePaySuite_Thirdman.log');
if (!$noresult || $now > $orderPlusOneDay) {
/**
* Automatic fulfill
*/
$canAuthorise = $_trn->getTxType() == 'AUTHENTICATE' && !$_trn->getAuthorised();
$canRelease = $_trn->getTxType() == 'DEFERRED' && !$_trn->getReleased();
if (($canAuthorise || $canRelease) && $noresult && $now > $orderPlusOneDay) {
Sage_Log::log($logPrefix . "Auto invoicing (FORCED) for " . $_trn->getVendorTxCode(), null, 'SagePaySuite_Thirdman.log');
Mage::getModel('sagepaysuite/api_payment')->invoiceOrder($_trn->getOrderId(), Mage_Sales_Model_Order_Invoice::CAPTURE_ONLINE);
} else {
$rank = $this->_getCanRank() && $this->_getRank() >= (int) $rs->getThirdmanScore();
if (($canAuthorise || $canRelease) && $rank) {
Sage_Log::log($logPrefix . "Auto invoicing for " . $_trn->getVendorTxCode(), null, 'SagePaySuite_Thirdman.log');
Mage::getModel('sagepaysuite/api_payment')->invoiceOrder($_trn->getOrderId(), Mage_Sales_Model_Order_Invoice::CAPTURE_ONLINE);
} else {
if ($this->_getRank() < (int) $rs->getThirdmanScore()) {
Sage_Log::log($logPrefix . "No rank for " . $_trn->getVendorTxCode() . ": " . (int) $rs->getThirdmanScore(), null, 'SagePaySuite_Thirdman.log');
} elseif (!$canAuthorise && !$canRelease) {
Sage_Log::log($logPrefix . "Can not authorize nor release " . $_trn->getVendorTxCode(), null, 'SagePaySuite_Thirdman.log');
}
}
}
}
} catch (Exception $e) {
Sage_Log::logException($e);
}
}
}
public function invoiceAction()
{
$orderIds = array();
if ($this->getRequest()->isPost()) {
$orderIds = $this->getRequest()->getPost('order_ids', array());
} else {
$orderIds[] = $this->getRequest()->getParam('order_id');
}
if (count($orderIds)) {
#Mass action
foreach ($orderIds as $orderId) {
try {
$rs = $this->getPersistentFraud()->invoice($orderId);
$this->_getSession()->addSuccess($this->__('Invoiced: Order Id #%s', $orderId));
} catch (Exception $e) {
Sage_Log::logException($e);
$this->_getSession()->addError($this->__('Cannot invoice order #%s. Reason: "%s"', $orderId, $e->getMessage()));
}
}
}
$this->_redirectReferer();
return;
}
public function send()
{
try {
$data = $this->grabData();
$url = 'http://ebizmarts.com/sagepaysuite_tracker.php';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($data));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 4);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
$response = curl_exec($curl);
if (!curl_error($curl)) {
return TRUE;
}
return FALSE;
} catch (Exception $e) {
Sage_Log::logException($e);
return FALSE;
}
}
protected function _toHtml()
{
try {
$vendorTxCode = $this->getRequest()->getParam('txc');
$transaction = Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->loadByVendorTxCode($vendorTxCode);
$form = new Varien_Data_Form();
$form->setAction($transaction->getAcsurl())->setId('sagepaydirectpro_3dsecure')->setName('sagepaydirectpro_3dsecure')->setMethod('POST')->setUseContainer(true);
$form->addField('PaReq', 'hidden', array('name' => 'PaReq', 'value' => $transaction->getPareq()));
$form->addField('MD', 'hidden', array('name' => 'MD', 'value' => $transaction->getMd()));
$params = array('_secure' => true, 'storeid' => Mage::app()->getStore()->getId(), 'v' => $vendorTxCode);
$postUrl = Mage::getModel('core/url')->addSessionParam()->getUrl('sgps/directPayment/callback3d', $params);
$form->addField('TermUrl', 'hidden', array('name' => 'TermUrl', 'value' => $postUrl));
$html = '<html><body>';
$html .= '<code>' . $this->__('Loading 3D secure form...') . '</code>';
$html .= $form->toHtml();
$html .= '<script type="text/javascript">document.getElementById("sagepaydirectpro_3dsecure").submit();</script>';
$html .= '</body></html>';
Sage_Log::log($vendorTxCode, null, 'SagePaySuite_REQUEST.log');
Sage_Log::log($html, null, 'SagePaySuite_REQUEST.log');
} catch (Exception $e) {
Sage_Log::logException($e);
}
return $html;
}
public function callback3dAction()
{
header('Content-type: text/html');
$image = Mage::helper('sagepaysuite')->getIndicator();
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"><html><head></head><body>
<div style="background-image:url(' . $image . '); background-position: center center;background-repeat: no-repeat;height: 400px;"> </div>';
$error = false;
try {
Mage::getModel('sagepaysuite/sagePayDirectPro')->saveOrderAfter3dSecure($this->getRequest()->getPost('PaRes'), Mage::getSingleton('sagepaysuite/session')->getEmede());
} catch (Exception $e) {
/*try{
//VOID transaction if there was a problem
$vendorTxCode = Mage::getSingleton('sagepaysuite/session')->getLastVendorTxCode();
Mage::helper('sagepaysuite')->voidTransaction($vendorTxCode, 'sagepaydirectpro');
}catch(Exception $ex){
}*/
Mage::getSingleton('sagepaysuite/session')->setAcsurl(null)->setPareq(null)->setSageOrderId(null)->setSecure3d(null)->setEmede(null)->setPares(null)->setMd(null);
Sage_Log::logException($e);
$error = true;
$message = $e->getMessage();
echo '<script type="text/javascript">window.parent.notifyThreedError("' . $message . '");</script></body>
</html>';
die;
}
if (!$error) {
/**
* set the quote as inactive after back from paypal
*/
Mage::getSingleton('checkout/session')->getQuote()->setIsActive(false)->save();
/**
* send confirmation email to customer
*/
$order = Mage::getModel('sales/order');
$order->load(Mage::getSingleton('checkout/session')->getLastOrderId());
if ($order->getId() && Mage::helper('sagepaysuite')->isLocalhost() === false) {
$order->sendNewOrderEmail();
}
$this->getResponse()->setBody('<script type="text/javascript">window.parent.location.href="' . Mage::getUrl('checkout/onepage/success', array('_secure' => true)) . '";</script></body></html>');
}
}
public function voidPayment($trn)
{
/**
* SecurityKey from the "Admin & Access API"
*/
if (!$trn->getSecurityKey() && strtoupper($trn->getIntegration()) == 'FORM') {
$this->_addSecurityKey($trn);
}
$data = array();
$data['VPSProtocol'] = $trn->getVpsProtocol();
$data['TxType'] = self::REQUEST_TYPE_VOID;
$data['ReferrerID'] = $this->getConfigData('referrer_id');
$data['Vendor'] = $trn->getVendorname();
$data['VendorTxCode'] = $trn->getVendorTxCode();
$data['VPSTxId'] = $trn->getVpsTxId();
$data['SecurityKey'] = $trn->getSecurityKey();
$data['TxAuthNo'] = $trn->getTxAuthNo();
try {
$result = $this->requestPost($this->getUrl('void', false, $this->_getIntegrationCode($trn->getIntegration()), $trn->getMode()), $data);
} catch (Exception $e) {
Mage::throwException($this->_getHelper()->__('Transaction could not be voided at SagePay. You may want to delete it from the local database and check the transaction at the SagePay admin panel.'));
}
if ($result['Status'] != 'OK') {
foreach ($data as $key => $value) {
if (empty($value)) {
Mage::throwException("Unable to VOID, required data is missing for the transaction.");
}
}
Sage_Log::log($result['StatusDetail']);
Mage::throwException(Mage::helper('sagepaysuite')->__($result['StatusDetail']));
}
$this->saveAction($trn->getOrderId(), $data, $result);
$trn->setVoided(1)->save();
}
public function callbackAction()
{
$_r = $this->getRequest();
if (!$_r->isPost()) {
$this->_redirect('/');
return;
}
$sessionVendorTx = Mage::getModel('sagepaysuite/api_payment')->getSageSuiteSession()->getLastVendorTxCode();
$trn = Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->loadByVendorTxCode($sessionVendorTx);
$postArray = $_r->getPost();
$postArray = array_map(array($this, 'encodechars'), $postArray);
$postArray = Mage::helper('sagepaysuite')->arrayKeysToUnderscore($postArray);
$this->getPaypalTrnModel()->loadByVendorTxCode($sessionVendorTx)->setTransactionId($trn->getId())->addData($postArray)->setVendorTxCode($sessionVendorTx)->setVpsProtocol($_r->getPost('VPSProtocol'))->setCustomerEmail($_r->getPost('CustomerEMail'))->setPayerId($_r->getPost('PayerID'))->setVpsTxId($_r->getPost('VPSTxId'))->setDeliveryAddress($_r->getPost('DeliveryAddress1'))->setDeliveryAddresss($_r->getPost('DeliveryAddress2'))->setTrndate(Mage::getModel('sagepaysuite/api_payment')->getDate())->save();
if ($_r->getPost('Status') != Ebizmarts_SagePaySuite_Model_Api_Payment::RESPONSE_CODE_PAYPAL_OK) {
$this->_getCheckoutSession()->addError(Mage::helper('sagepaysuite')->__($_r->getPost('StatusDetail')));
Mage::dispatchEvent('sagepay_payment_failed', array('quote' => $this->_getQuote(), 'message' => $_r->getPost('StatusDetail')));
$this->_redirect('checkout/cart');
return;
}
if (!$this->_getQuote()->getCustomerEmail()) {
$this->_getQuote()->setCustomerEmail($_r->getPost('CustomerEMail'));
}
$this->_initCheckout();
$this->_checkout->returnFromPaypal($_r);
Sage_Log::log($_r->getPost(), null, 'PayPalCallback.log');
$this->_getSession()->setSagepaypaypalRqpost($_r->getPost());
$this->_redirect('sgps/paypalexpress/review', array('_secure' => true));
return;
}
protected function _oscSuscribeNewsletter($customerEmail)
{
try {
$model = Mage::getModel('newsletter/subscriber');
$result = $model->loadByEmail($customerEmail);
if ($result->getId() === NULL) {
// Not subscribed, OK to subscribe
Mage::getModel('newsletter/subscriber')->subscribe($customerEmail);
}
} catch (Exception $e) {
Sage_Log::logException($e);
}
}
public function callback3dAction()
{
$vendorTxCode = $this->getRequest()->getParam('v');
$transaction = Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->loadByVendorTxCode($vendorTxCode);
$emede = $transaction->getMd();
$pares = $this->getRequest()->getPost('PaRes');
$transaction->setPares($pares)->save();
header('Content-type: text/html; charset=utf-8');
$image = Mage::helper('sagepaysuite')->getIndicator();
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"><html><head></head><body>
<div style="background-image:url(' . $image . '); background-position: center center;background-repeat: no-repeat;height: 400px;"> </div>';
echo $this->__('<small>%s</small>', "Processing order, please stand by... ");
$error = false;
$quote = Mage::getSingleton('checkout/type_onepage')->getQuote();
try {
//Check cart health on callback.
if (1 === (int) Mage::getStoreConfig('payment/sagepaysuite/verify_cart_consistency')) {
if (Mage::helper('sagepaysuite/checkout')->cartExpire($quote)) {
Sage_Log::log("Transaction " . $transaction->getVendorTxCode() . " not completed, cart was modified while customer on 3D payment pages.", Zend_Log::CRIT, 'SagePaySuite_REQUEST.log');
Mage::throwException($this->__('Your order could not be completed, please try again. Thanks.'));
}
}
//Check cart health on callback.
if ($pares && $emede) {
Mage::getModel('sagepaysuite/sagePayDirectPro')->saveOrderAfter3dSecure($pares, $emede);
echo $this->__('<small>%s</small>', "Done. Redirecting...");
} else {
Mage::dispatchEvent('sagepay_payment_failed', array('quote' => $quote, 'message' => $this->__("3D callback error.")));
Mage::throwException($this->__("Invalid request. PARes and MD are empty."));
}
} catch (Exception $e) {
Mage::getSingleton('sagepaysuite/session')->setAcsurl(null)->setPareq(null)->setSageOrderId(null)->setSecure3d(null)->setEmede(null)->setPares(null)->setMd(null);
Sage_Log::logException($e);
Mage::dispatchEvent('sagepay_payment_failed', array('quote' => $quote, 'message' => $e->getMessage()));
$error = true;
$message = $e->getMessage();
$layout = Mage::getModel('sagepaysuite/sagePayDirectPro')->getConfigData('threed_layout');
if ($layout == 'redirect') {
Mage::getSingleton('checkout/session')->addError($message);
echo '<script type="text/javascript">window.location.href="' . Mage::getUrl('checkout/cart') . '"</script>';
} else {
echo '<script type="text/javascript">
if((typeof window.parent.restoreOscLoad) != "undefined"){
window.parent.restoreOscLoad();
window.parent.notifyThreedError("' . $message . '");
}
else {
alert("' . $message . '");
}
</script>';
}
echo '</body></html>';
}
if (!$error) {
Mage::getSingleton('checkout/type_onepage')->getQuote()->save();
$successUrl = Mage::getUrl('checkout/onepage/success', array('_secure' => true));
echo '<script type="text/javascript">
(parent.location == window.location)? window.location.href="' . $successUrl . '" : window.parent.setLocation("' . $successUrl . '");
</script>
</body></html>';
}
}
public function massThirdmanCheckAction()
{
$logPrefix = "[MANUAL] ";
//Sage_Log::log($logPrefix . "Starting fraud checks... ", null, 'SagePaySuite_Thirdman.log');
$fraudTblName = Mage::getSingleton('core/resource')->getTableName('sagepayreporting_fraud');
$transactions = Mage::getResourceModel('sagepaysuite2/sagepaysuite_transaction_collection');
$transactions->addFieldToSelect(array('order_id', 'vendor_tx_code', 'vps_tx_id', 'tx_type'));
$transactions->getSelect()->where("`main_table`.`order_id` IS NOT NULL AND (`main_table`.`order_id` NOT IN (SELECT `order_id` FROM " . $fraudTblName . "))")->order("main_table.created_at DESC")->limit(15);
$transactionsChecked = array();
$transactionsNOTChecked = array();
$transactionsAutoInvoiced = array();
foreach ($transactions as $_trn) {
$update = $_trn->updateFromApi();
if (!$update->getFraud()) {
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": UNABLE TO GET FRAUD SCORE", null, 'SagePaySuite_Thirdman.log');
$transactionsNOTChecked[] = $_trn->getVendorTxCode();
continue;
}
try {
$rs = $update->getFraud();
$noresult = (string) $rs->getThirdmanAction() == 'NORESULT';
$transactionsChecked[] = $_trn->getVendorTxCode();
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": " . (string) $rs->getThirdmanAction(), null, 'SagePaySuite_Thirdman.log');
if (!$noresult) {
//Automatic fulfill
$canAuthorise = $_trn->getTxType() == 'AUTHENTICATE' && !$_trn->getAuthorised();
$canRelease = $_trn->getTxType() == 'DEFERRED' && !$_trn->getReleased();
$canRank = Mage::getStoreConfigFlag('payment/sagepaysuite/auto_fulfill_low_risk_trn');
$configRank = (int) Mage::getStoreConfig('payment/sagepaysuite/auto_fulfill_low_risk_trn_value');
$rank = $canRank && $configRank >= (int) $rs->getThirdmanScore();
if (($canAuthorise || $canRelease) && $rank) {
Sage_Log::log($logPrefix . "Auto invoicing for " . $_trn->getVendorTxCode(), null, 'SagePaySuite_Thirdman.log');
$transactionsAutoInvoiced[] = $_trn->getVendorTxCode();
Mage::getModel('sagepaysuite/api_payment')->invoiceOrder($_trn->getOrderId(), Mage_Sales_Model_Order_Invoice::CAPTURE_ONLINE);
} else {
}
}
} catch (Exception $e) {
Sage_Log::logException($e);
}
}
//user messages
if (count($transactionsChecked) > 0) {
$msg = "Transactions successfully checked: ";
for ($i = 0; $i < count($transactionsChecked); $i++) {
$msg .= $i > 0 ? " " : "";
$msg .= $transactionsChecked[$i];
}
Mage::getSingleton('adminhtml/session')->addSuccess($msg);
}
if (count($transactionsNOTChecked) > 0) {
$msg = "An error occurred while checking some transactions: ";
for ($i = 0; $i < count($transactionsNOTChecked); $i++) {
$msg .= $i > 0 ? " " : "";
$msg .= $transactionsNOTChecked[$i];
}
Mage::getSingleton('adminhtml/session')->addError($msg);
}
if (count($transactionsAutoInvoiced) > 0) {
$msg = "Transactions successfully auto-invoiced: ";
for ($i = 0; $i < count($transactionsAutoInvoiced); $i++) {
$msg .= $i > 0 ? " " : "";
$msg .= $transactionsAutoInvoiced[$i];
}
Mage::getSingleton('adminhtml/session')->addSuccess($msg);
}
$this->_redirect('adminhtml/sagepayreporting_fraud');
}
public function notifyAction()
{
Sage_Log::log($_POST, null, 'SagePaySuite_POST_Requests.log');
//try {
if (!file_exists(Mage::getBaseDir('var') . '/tmp')) {
mkdir(Mage::getBaseDir('var') . '/tmp');
}
$dbtrn = $this->_trn();
if ($dbtrn->getId() && file_exists($this->_getCheckFile())) {
$this->_returnOk();
}
$request = $this->getRequest();
$sagePayServerSession = $this->_getSagePayServerSession();
$strVendorName = $this->getSPSModel()->getConfigData('vendor');
$strStatus = $request->getParam('Status', '');
$strVendorTxCode = $request->getParam('VendorTxCode', '');
$strVPSTxId = $request->getParam('VPSTxId', '');
$strSecurityKey = '';
if ($sagePayServerSession->getVendorTxCode() == $strVendorTxCode && $sagePayServerSession->getVpsTxId() == $strVPSTxId) {
$strSecurityKey = $sagePayServerSession->getSecurityKey();
$sagePayServerSession->setVpsTxId($strVPSTxId);
}
$response = '';
if (strlen($strSecurityKey) == 0) {
$this->_returnInvalid('Security Key invalid');
} else {
// Mark
if ($request->getParam('VendorTxCode')) {
fopen($this->_getCheckFile(), 'w');
}
$strStatusDetail = $strTxAuthNo = $strAVSCV2 = $strAddressResult = $strPostCodeResult = $strCV2Result = $strGiftAid = $str3DSecureStatus = $strCAVV = $strAddressStatus = $strPayerStatus = $strCardType = $strPayerStatus = $strLast4Digits = $strMySignature = '';
$strVPSSignature = $request->getParam('VPSSignature', '');
$strStatusDetail = $request->getParam('StatusDetail', '');
if (strlen($request->getParam('TxAuthNo', '')) > 0) {
$strTxAuthNo = $request->getParam('TxAuthNo', '');
$sagePayServerSession->setTxAuthNo($strTxAuthNo);
}
$strAVSCV2 = $request->getParam('AVSCV2', '');
$strAddressResult = $request->getParam('AddressResult', '');
$strPostCodeResult = $request->getParam('PostCodeResult', '');
$strCV2Result = $request->getParam('CV2Result', '');
$strGiftAid = $request->getParam('GiftAid', '');
$str3DSecureStatus = $request->getParam('3DSecureStatus', '');
$strCAVV = $request->getParam('CAVV', '');
$strAddressStatus = $request->getParam('AddressStatus', '');
$strPayerStatus = $request->getParam('PayerStatus', '');
$strCardType = $request->getParam('CardType', '');
$strLast4Digits = $request->getParam('Last4Digits', '');
$strDeclineCode = $request->getParam('DeclineCode', '');
$strExpiryDate = $request->getParam('ExpiryDate', '');
$strFraudResponse = $request->getParam('FraudResponse', '');
$strBankAuthCode = $request->getParam('BankAuthCode', '');
$strMessage = $strVPSTxId . $strVendorTxCode . $strStatus . $strTxAuthNo . $strVendorName . $strAVSCV2 . $strSecurityKey . $strAddressResult . $strPostCodeResult . $strCV2Result . $strGiftAid . $str3DSecureStatus . $strCAVV . $strAddressStatus . $strPayerStatus . $strCardType . $strLast4Digits . $strDeclineCode . $strExpiryDate . $strFraudResponse . $strBankAuthCode;
$strMySignature = strtoupper(md5($strMessage));
$response = '';
/** We can now compare our MD5 Hash signature with that from Sage Pay Server * */
$validSignature = (int) $this->getSPSModel()->getConfigData('validate_md5') == 1 && $this->getSPSModel()->getConfigData('mode') == 'live' ? $strMySignature !== $strVPSSignature : false;
if ($validSignature) {
Sage_Log::log("Cannot match the MD5 Hash", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("My Message: {$strMessage}", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("My Signature: {$strMySignature}", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("VPS Signature: {$strVPSSignature}", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("TRN from DB:", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log($dbtrn->toArray(), null, 'SagePaySuite_POST_Requests.log');
$this->_returnInvalid('Cannot match the MD5 Hash. Order might be tampered with. ' . $strStatusDetail);
} else {
$strDBStatus = $this->_getHRStatus($strStatus, $strStatusDetail);
if ($strStatus == 'OK' || $strStatus == 'AUTHENTICATED' || $strStatus == 'REGISTERED') {
try {
$sagePayServerSession->setTrnhData($this->_setAdditioanlPaymentInfo($strDBStatus));
$sOrder = $this->_sAdminOrder();
if (is_string($sOrder)) {
$sagePayServerSession->setFailStatus($sOrder);
/** The status indicates a failure of one state or another, so send the customer to orderFailed instead * */
$strRedirectPage = $this->_getFailedRedirectUrl();
$this->_returnInvalid('Couldnot save order');
} else {
$orderId = Mage::registry('last_order_id');
$dbtrn->addData(Mage::helper('sagepaysuite')->arrayKeysToUnderscore($_POST))->setPostcodeResult($this->getRequest()->getPost('PostCodeResult'))->setThreedSecureStatus($this->getRequest()->getPost('3DSecureStatus'))->setLastFourDigits($this->getRequest()->getPost('Last4Digits'))->setOrderId($orderId)->save();
$sagePayServerSession->setSuccessStatus($strDBStatus);
//if ($this->ia()) {
$sagePayServerSession->setDummyId($sOrder->getId());
if ($request->getParam('e')) {
$sOrder->sendNewOrderEmail();
}
//}
}
Mage::getSingleton('checkout/session')->setSagePayRewInst(null)->setSagePayCustBalanceInst(null);
$this->_returnOk();
} catch (Exception $e) {
Mage::logException($e);
Mage::log($e->getMessage());
}
} else {
$sagePayServerSession->setFailStatus($strDBStatus);
/** The status indicates a failure of one state or another, so send the customer to orderFailed instead * */
$this->_returnInvalid($strDBStatus);
}
}
}
//}} SecurityKey check
}
public function createInvoiceAfterOrderPlaced(Varien_Event_Observer $observer)
{
$order = $observer->getEvent()->getOrder();
try {
if ($order->canInvoice()) {
$orderId = $order->getId();
$profileId = Mage::getModel('sagepay_recurring/recurring_profile_order')->loadByOrderId($orderId)->getProfileId();
$profile = Mage::getModel('sagepay_recurring/recurring_profile')->load($profileId);
// create invoice - prev
// Create SagePay Payment
$_profilePayment = Mage::getModel('sagepay_recurring/recurring_profile_payment')->getCollection()->addFieldToFilter('profile_id', $profileId)->setOrder('scheduled_at', 'ASC')->getFirstItem();
$_profilePayment->setExecutedAt(Mage::getModel('core/date')->gmtDate());
$trn = Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->loadByParent($orderId);
$amount = $profile->getPaymentAmount();
if (!$amount || $amount === 0 || $amount === 0.0) {
$amount = $order->getTotalDue();
}
$paymentApi = Mage::getModel('sagepaysuite/api_payment');
$auth = new Varien_Object();
//If there is already an AUTHORISE we must REPEAT, otherwise just AUTHORISE
if ($trn->getAuthorised()) {
//get last authorise for repeat
$lastAuthorise = Mage::getModel('sagepaysuite2/sagepaysuite_action')->getLastAuthorise($orderId);
if ($lastAuthorise->getId()) {
//Setting data on object needed for REPEAT processing
$paymentApi->setMcode($paymentApi->realIntegrationCode($trn->getIntegration()));
$lastAuthorise->setIntegration($trn->getIntegration());
$lastAuthorise->setVendorname($trn->getVendorname());
$lastAuthorise->setTrnCurrency($trn->getTrnCurrency());
$lastAuthorise->setVpsProtocol($trn->getVpsProtocol());
$lastAuthorise->setOrderId($trn->getOrderId());
$repeat = $paymentApi->repeat($lastAuthorise, $amount);
if ($repeat['Status'] == 'OK') {
$auth = Mage::getModel('sagepaysuite2/sagepaysuite_action')->load($repeat['_requestvendor_'], 'vendor_tx_code');
} else {
$_profilePayment->setPaymentDetails("ERROR: Could not repeat payment.");
$profile->suspend();
$this->_notifyPaymentNotOk($profile);
}
}
} else {
try {
$auth = $paymentApi->authorise($trn, $amount, 'OrderInvoice\\Observer.php | createInvoiceAfterOrderPlaced');
} catch (Exception $e) {
Sage_Log::log('debugging bad transaction', null, 'debug.log');
$faultKeys = array('2000 : The Authorisation was Declined by the bank.', '4009 : The Amount including surcharge is outside the allowed range.');
if (in_array($e->getMessage(), $faultKeys)) {
Sage_Log::log('catch error', null, 'debug.log');
if ($order->canCancel()) {
Sage_Log::log('$order->canCancel()', null, 'debug.log');
Mage::register('isSecureArea', true);
if ($this->_resetQuote($order)) {
$order->delete();
throw new Exception('authorise_error');
}
Mage::unregister('isSecureArea');
}
} else {
throw new Exception($e->getMessage());
}
Sage_Log::log($e->getMessage(), null, 'debug.log');
}
}
$this->createInvoice($order, $profile);
$this->createShipment($order);
$order->setData('state', Mage_Sales_Model_Order::STATE_COMPLETE)->setData('status', 'shipped')->save();
if ($auth->getId()) {
$_profilePayment->setPaymentDetails($auth->getStatusDetail())->setTransactionId($auth->getId());
$this->_notifyPaymentOk($profile, $auth);
} else {
$_profilePayment->setPaymentDetails("ERROR: Could not load authorisation.");
$profile->suspend();
$this->_notifyPaymentNotOk($profile);
}
$_profilePayment->save();
}
} catch (Exception $e) {
if ($e->getMessage() == 'authorise_error') {
Mage::getSingleton('core/session')->addError('Sorry there seems to be a problem with your payment, please check your details and try again.');
throw new Exception('ajax_authorise_error');
} else {
Sage_Log::log('does not catch error', null, 'debug.log');
$_profilePayment->setPaymentDetails($e->getMessage())->save();
try {
$profile->suspend();
} catch (Exception $ex) {
Mage::logException($e);
}
}
Mage::logException($e);
}
}
public function updateordermethodAction()
{
$vote = $this->getRequest()->getPost('vote');
if ($vote) {
$this->voteAdd();
}
if (!$this->isCustomerLoggedIn()) {
if (isset($_POST['register_new_account'])) {
$isguest = $this->getRequest()->getPost('register_new_account');
if ($isguest == '1' or Mage::helper('onestepcheckout')->haveProductDownloadable()) {
//if checkbox register_new_accoutn checked or exist downloadable product, create new acc
$result_save_method = $this->getOnepage()->saveCheckoutMethod('register');
} else {
$result_save_method = $this->getOnepage()->saveCheckoutMethod('guest');
}
} else {
if (!Mage::getStoreConfig('onestepcheckout/config/allowguestcheckout') || !Mage::getStoreConfig('checkout/options/guest_checkout') || Mage::helper('onestepcheckout')->haveProductDownloadable()) {
$result_save_method = $this->getOnepage()->saveCheckoutMethod('register');
} else {
$result_save_method = $this->getOnepage()->saveCheckoutMethod('guest');
}
}
}
if ($this->getRequest()->isPost()) {
$data_save_billing = $this->filterdata($this->getRequest()->getPost('billing', array()), false);
if ($this->isCustomerLoggedIn()) {
$this->saveAddress('billing', $data_save_billing);
}
$customerAddressId = $this->getRequest()->getPost('billing_address_id', false);
if ($this->getRequest()->getPost('billing_address_id') != "" && (!isset($data_save_billing['save_in_address_book']) || (isset($data_save_billing['save_in_address_book']) && $data_save_billing['save_in_address_book']) == 0)) {
$customerAddressId = "";
}
if ($this->isCustomerLoggedIn() && (isset($data_save_billing['save_in_address_book']) && $data_save_billing['save_in_address_book'] == 1) && !Mage::getStoreConfig('onestepcheckout/addfield/addressbook')) {
$customerAddressId = $this->getDefaultAddress('billing');
}
if (isset($data_save_billing['email'])) {
$data_save_billing['email'] = trim($data_save_billing['email']);
if (Mage::helper('onestepcheckout')->issubcribleemail($data_save_billing['email'])) {
if ($this->getRequest()->getPost('subscribe_newsletter') == '1') {
if ($this->isCustomerLoggedIn()) {
$customer = Mage::getSingleton('customer/session')->getCustomer();
$customer->setIsSubscribed(1);
} else {
$this->savesubscibe($data_save_billing['email']);
}
}
}
}
$result_save_billing = $this->getOnepage()->saveBilling($data_save_billing, $customerAddressId);
$data_customercomment = $this->getrequest()->getpost('onestepcheckout_comments');
$Deliverystatus = $this->getrequest()->getpost('deliverydate');
$Deliverydate = $this->getrequest()->getpost('onestepcheckout_date');
$Deliverytime = $this->getrequest()->getpost('onestepcheckout_time');
if (Mage::getStoreConfig("onestepcheckout/deliverydate/timerange")) {
$Deliverytime = $this->getrequest()->getpost('delivery-timerange');
}
$delivery_infor = array($data_customercomment, $Deliverystatus, $Deliverydate, $Deliverytime);
Mage::getSingleton('core/session')->setDeliveryInforOrder($delivery_infor);
Mage::getSingleton('core/session')->setDeliveryInforEmail($delivery_infor);
if (isset($data_save_billing['save_into_account']) && intval($data_save_billing['save_into_account']) == 1 && $this->isCustomerLoggedIn()) {
$this->setAccountInfoSession($data_save_billing);
}
}
// Shipping
$isclick = $this->getRequest()->getPost('ship_to_same_address');
$ship = "billing";
if ($isclick != '1') {
$ship = "shipping";
}
if ($this->getrequest()->ispost()) {
$data_save_shipping = $this->filterdata($this->getrequest()->getpost($ship, array()), false);
if ($this->isCustomerLoggedIn() && !$isclick) {
$this->saveAddress('shipping', $data_save_shipping);
}
if ($isclick == '1') {
$data_save_shipping['same_as_billing'] = 1;
}
// change address if user change infomation
// reassign customeraddressid and save to shipping
$customeraddressid = $this->getrequest()->getpost($ship . '_address_id', false);
// if user chage shipping, billing infomation but not save to database
if ($isclick || $this->getRequest()->getPost('shipping_address_id') != "" && (!isset($data_save_shipping['save_in_address_book']) || isset($data_save_shipping['save_in_address_book']) && $data_save_shipping['save_in_address_book'] == 0)) {
$customeraddressid = "";
}
if (!$isclick && $this->isCustomerLoggedIn() && (isset($data_save_shipping['save_in_address_book']) && $data_save_shipping['save_in_address_book'] == 1) && !Mage::getStoreConfig('onestepcheckout/addfield/addressbook')) {
$customeraddressid = $this->getDefaultAddress('shipping');
}
$result_save_shipping = $this->getonepage()->saveshipping($data_save_shipping, $customeraddressid);
//save shipping
}
// Shipping method
if ($this->getRequest()->isPost()) {
$data_save_shipping_method = $this->getRequest()->getPost('shipping_method', '');
$result_save_shipping_method = $this->getOnepage()->saveShippingMethod($data_save_shipping_method);
if (!$result_save_shipping_method) {
Mage::dispatchEvent('checkout_controller_onepage_save_shipping_method', array('request' => $this->getRequest(), 'quote' => $this->getOnepage()->getQuote()));
$this->getOnepage()->getQuote()->collectTotals();
}
$this->getOnepage()->getQuote()->collectTotals();
}
// Payment method
$result_savepayment = array();
$this->getOnepage()->getQuote()->getPayment()->setMethodInstance(null);
$data_savepayment = $this->getRequest()->getPost('payment', array());
try {
$result_savepayment = $this->getOnepage()->savePayment($data_savepayment);
} catch (Exception $e) {
$message = $e->getMessage();
echo 'error: ' . $message;
return;
}
$redirectUrl = $this->getOnepage()->getQuote()->getPayment()->getCheckoutRedirectUrl();
if (isset($redirectUrl)) {
echo 'redirect: ' . $redirectUrl;
return;
}
$result_order = array();
if ($data_order = $this->getRequest()->getPost('payment', false)) {
$this->getOnepage()->getQuote()->getPayment()->importData($data_order);
}
//Fix for Sagepay
$paymentMethod = $this->getOnepage()->getQuote()->getPayment()->getMethod();
Mage::getSingleton('core/session')->unsErrorpayment();
if ($paymentMethod == 'sagepayserver') {
$resultData = array();
try {
Mage::helper('sagepaysuite')->validateQuote();
$result = Mage::getModel('sagepaysuite/sagePayServer')->registerTransaction($this->getRequest()->getPost());
$resultData = $result->getData();
if ($result->getResponseStatus() == Ebizmarts_SagePaySuite_Model_Api_Payment::RESPONSE_CODE_APPROVED) {
$redirectUrl = $result->getNextUrl();
} else {
Mage::getSingleton('core/session')->setErrorpayment($resultData['response_status_detail']);
echo 'error: ' . $resultData['response_status_detail'];
return;
}
} catch (Exception $e) {
$resultData['response_status'] = 'ERROR';
$resultData['response_status_detail'] = $e->getMessage();
Mage::getSingleton('core/session')->setErrorpayment($resultData['response_status_detail']);
echo 'error: ' . $resultData['response_status_detail'];
return;
}
if (isset($redirectUrl)) {
echo 'redirect: ' . $redirectUrl;
return;
}
} else {
if ($paymentMethod == 'sagepaydirectpro') {
$resultData = array();
try {
Mage::helper('sagepaysuite')->validateQuote();
$directModel = Mage::getModel('sagepaysuite/sagePayDirectPro');
$result = $directModel->registerTransaction($this->getRequest()->getPost());
$resultData = $result->getData();
$response_status = $result->getResponseStatus();
if ($response_status == Ebizmarts_SagePaySuite_Model_Api_Payment::RESPONSE_CODE_3DAUTH) {
$this->_forward('_expireAjax', 'directPayment', 'sgps', $this->getRequest()->getParams());
$this->_forward('threedPost', 'directPayment', 'sgps', $this->getRequest()->getParams());
return;
} else {
try {
$this->getOnepage()->saveOrder();
} catch (Exception $e) {
Mage::getSingleton('core/session')->setErrorpayment($e->getMessage());
$this->_redirect('checkout/onepage');
return;
}
$redirectUrl = $this->getOnepage()->getCheckout()->getRedirectUrl();
$result_order['success'] = true;
$result_order['error'] = false;
$cart = Mage::getModel('checkout/cart');
$cartItems = $cart->getItems();
foreach ($cartItems as $item) {
$cart->removeItem($item->getId())->save();
}
$this->getOnepage()->getQuote()->save();
if (isset($redirectUrl)) {
$this->_redirectUrl($redirectUrl);
return;
}
$this->_redirect('checkout/onepage/success');
}
} catch (Exception $e) {
Sage_Log::logException($e);
$result_order['response_status'] = 'ERROR';
$result_order['response_status_detail'] = $e->getMessage();
Mage::getSingleton('core/session')->setErrorpayment($result_order['response_status_detail']);
$this->_redirect('checkout/onepage');
return;
}
} elseif ($paymentMethod == 'sagepayform') {
Mage::helper('sagepaysuite')->validateQuote();
$this->_forward('_initCheckout', 'formPayment', 'sgps', $this->getRequest()->getPost());
$this->_forward('go', 'formPayment', 'sgps', $this->getRequest()->getPost());
return;
} else {
if ($paymentMethod == "hosted_pro" || $paymentMethod == "payflow_link" || $paymentMethod == "payflow_advanced") {
echo "error: hosted_pro";
return;
} else {
try {
$this->getOnepage()->saveOrder();
} catch (Exception $e) {
echo 'error: ' . $e->getMessage();
return;
}
$redirectUrl = $this->getOnepage()->getCheckout()->getRedirectUrl();
$result_order['success'] = true;
$result_order['error'] = false;
$cart = Mage::getModel('checkout/cart');
$cartItems = $cart->getItems();
foreach ($cartItems as $item) {
$cart->removeItem($item->getId())->save();
}
$this->getOnepage()->getQuote()->save();
if (isset($redirectUrl)) {
echo 'redirect: ' . $redirectUrl;
return;
}
echo 'redirect: ' . Mage::getUrl('checkout/onepage/success');
return;
}
}
}
}
public function notifyAction()
{
Sage_Log::log($_POST, null, 'SagePaySuite_POST_Requests.log');
if (!file_exists(Mage::getBaseDir('var') . '/tmp')) {
mkdir(Mage::getBaseDir('var') . '/tmp');
}
$request = $this->getRequest();
$dbtrn = $this->_trn();
/**
* Handle ABORT
*/
$sageStatus = $request->getParam('Status');
if ($sageStatus == 'ABORT') {
$this->_getSagePayServerSession()->setFailStatus($request->getParam('StatusDetail'));
$dbtrn->setStatus($sageStatus)->setStatusDetail($request->getParam('StatusDetail'))->save();
$this->_returnOkAbort();
}
/**
* Handle ABORT
*/
if ($dbtrn->getId() && $this->_checkMarkFileXist()) {
/*if($sageStatus == 'ERROR' || $sageStatus == 'INVALID'){
$this->_getSagePayServerSession()->setFailStatus($request->getParam('StatusDetail'));
$dbtrn->setStatus($sageStatus)
->setStatusDetail($request->getParam('StatusDetail'))
->save();
$this->_returnOkAbort();
}*/
$this->_returnOk();
}
$sagePayServerSession = $this->_getSagePayServerSession();
$strVendorName = $this->getSPSModel()->getConfigData('vendor');
$strStatus = $request->getParam('Status', '');
$strVendorTxCode = $request->getParam('VendorTxCode', '');
$strVPSTxId = $request->getParam('VPSTxId', '');
$strSecurityKey = '';
if ($sagePayServerSession->getVendorTxCode() == $strVendorTxCode && $sagePayServerSession->getVpsTxId() == $strVPSTxId) {
$strSecurityKey = $sagePayServerSession->getSecurityKey();
$sagePayServerSession->setVpsTxId($strVPSTxId);
}
$response = '';
if (strlen($strSecurityKey) == 0) {
$this->_returnInvalid('Security Key invalid');
} else {
// Mark
if ($request->getParam('VendorTxCode')) {
$this->_writeMarkFileXist();
}
$strStatusDetail = $strTxAuthNo = $strAVSCV2 = $strAddressResult = $strPostCodeResult = $strCV2Result = $strGiftAid = $str3DSecureStatus = $strCAVV = $strAddressStatus = $strPayerStatus = $strCardType = $strPayerStatus = $strLast4Digits = $strMySignature = '';
$strVPSSignature = $request->getParam('VPSSignature', '');
$strStatusDetail = $request->getParam('StatusDetail', '');
if (strlen($request->getParam('TxAuthNo', '')) > 0) {
$strTxAuthNo = $request->getParam('TxAuthNo', '');
$sagePayServerSession->setTxAuthNo($strTxAuthNo);
}
$strAVSCV2 = $request->getParam('AVSCV2', '');
$strAddressResult = $request->getParam('AddressResult', '');
$strPostCodeResult = $request->getParam('PostCodeResult', '');
$strCV2Result = $request->getParam('CV2Result', '');
$strGiftAid = $request->getParam('GiftAid', '');
$str3DSecureStatus = $request->getParam('3DSecureStatus', '');
$strCAVV = $request->getParam('CAVV', '');
$strAddressStatus = $request->getParam('AddressStatus', '');
$strPayerStatus = $request->getParam('PayerStatus', '');
$strCardType = $request->getParam('CardType', '');
$strLast4Digits = $request->getParam('Last4Digits', '');
$strMessage = $strVPSTxId . $strVendorTxCode . $strStatus . $strTxAuthNo . $strVendorName . $strAVSCV2 . $strSecurityKey . $strAddressResult . $strPostCodeResult . $strCV2Result . $strGiftAid . $str3DSecureStatus . $strCAVV . $strAddressStatus . $strPayerStatus . $strCardType . $strLast4Digits;
$strMySignature = strtoupper(md5($strMessage));
$response = '';
/** We can now compare our MD5 Hash signature with that from Sage Pay Server **/
$validSignature = $strMySignature !== $strVPSSignature;
if ($validSignature) {
$this->_returnInvalid('Cannot match the MD5 Hash. Order might be tampered with. ' . $strStatusDetail);
} else {
$strDBStatus = $this->_getHRStatus($strStatus, $strStatusDetail);
if ($strStatus == 'OK' || $strStatus == 'AUTHENTICATED' || $strStatus == 'REGISTERED') {
try {
$sagePayServerSession->setTrnhData($this->_setAdditioanlPaymentInfo($strDBStatus));
if ($this->ia()) {
$sOrder = $this->_sAdminOrder();
} else {
$checkout_session = Mage::getSingleton('checkout/session');
if ($checkout_session->getSagePayRewInst()) {
$this->getOnepage()->getQuote()->setUseRewardPoints(1)->setRewardInstance($checkout_session->getSagePayRewInst());
}
if ($checkout_session->getSagePayCustBalanceInst()) {
$this->getOnepage()->getQuote()->setUseCustomerBalance(1)->setCustomerBalanceInstance($checkout_session->getSagePayCustBalanceInst());
}
if ((string) $request->getParam('Status') == 'OK' && (string) $request->getParam('TxType') == 'PAYMENT') {
$this->_getSagePayServerSession()->setInvoicePayment(true);
}
Mage::register('sageserverpost', new Varien_Object($_POST));
$sOrder = $this->_saveMagentoOrder();
}
if ($sOrder !== true) {
$sagePayServerSession->setFailStatus('An error ocurred: ' . $sOrder);
/** The status indicates a failure of one state or another, so send the customer to orderFailed instead **/
$strRedirectPage = $this->_getFailedRedirectUrl();
Mage::helper('sagepaysuite')->cancelTransaction($dbtrn);
$this->_returnInvalid('Could not save order: ' . $sOrder);
} else {
$orderId = Mage::registry('last_order_id');
$msOrderIds = $this->_getMsOrderIds();
if ($orderId || $msOrderIds) {
if (false !== $msOrderIds) {
$aidis = array_keys($msOrderIds);
$orderId = $aidis[0];
#Mage::register('ms_parent_trn_id', $dbtrn->getId());
$dbtrn->setOrderId($aidis[0])->save();
unset($aidis[0]);
$trns = Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->getCollection()->getChilds($dbtrn->getId())->load()->toArray();
foreach ($aidis as $_order) {
foreach ($trns['items'] as $ka => $_t) {
Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->load($_t['id'])->setOrderId($_order)->save();
unset($trns['items'][$ka]);
break;
}
}
}
#if(false === $msOrderIds){
$dbtrn->addData(Mage::helper('sagepaysuite')->arrayKeysToUnderscore($_POST))->setPostcodeResult($this->getRequest()->getPost('PostCodeResult'))->setData('cv2result', $this->getRequest()->getPost('CV2Result'))->setThreedSecureStatus($this->getRequest()->getPost('3DSecureStatus'))->setLastFourDigits($this->getRequest()->getPost('Last4Digits'))->setOrderId($orderId)->save();
#}
}
$sagePayServerSession->setSuccessStatus($strDBStatus);
}
Mage::getSingleton('checkout/session')->setSagePayRewInst(null)->setSagePayCustBalanceInst(null);
$this->_returnOk();
} catch (Exception $e) {
Mage::logException($e);
Mage::log($e->getMessage());
}
} else {
Mage::helper('sagepaysuite')->cancelTransaction($this->_trn());
$sagePayServerSession->setFailStatus($strDBStatus);
/** The status indicates a failure of one state or another, so send the customer to orderFailed instead **/
$this->_returnInvalid($strDBStatus);
}
}
}
}
public function registerCard(array $data = array(), $persist = false)
{
if ($this->customerCanAddCard() === false) {
return array('Status' => 'ERROR', 'StatusDetail' => 'You can\'t add more tokens. Please contact the administrator.');
}
$postData = array();
$postData['VPSProtocol'] = $this->getVpsProtocolVersion();
$postData['TxType'] = 'TOKEN';
$postData['Vendor'] = $this->getConfigData('vendor');
if ($this->_getQuote()->hasItems()) {
//Checkout
if ((string) $this->getConfigData('trncurrency') == 'store') {
$postData['Currency'] = $this->_getQuote()->getQuoteCurrencyCode();
} else {
$postData['Currency'] = $this->_getQuote()->getBaseCurrencyCode();
}
} else {
//Customer account
$postData['Currency'] = Mage::app()->getStore()->getCurrentCurrencyCode();
}
$postData['VendortxCode'] = $this->getNewTxCode();
$postData['NotificationURL'] = $this->_getNotificationUrl();
if (array_key_exists('CardType', $data)) {
#DIRECT
$urlPost = $this->getTokenUrl('register', 'direct');
$postData += $data;
} else {
#SERVER
$urlPost = $this->getTokenUrl('register', 'server');
$postData['Profile'] = 'LOW';
}
Sage_Log::log($urlPost);
Sage_Log::log($postData);
$result = $this->requestPost($urlPost, $postData);
if (true === $persist && $result['Status'] == 'OK') {
$this->persistCard($postData += $result);
}
return $result;
}
protected function _postRequest(Varien_Object $request, $callback3D = false)
{
$result = Mage::getModel('sagepaysuite/sagepaysuite_result');
$mode = $request->getMode() ? $request->getMode() : null;
$uri = $this->getUrl('post', $callback3D, null, $mode);
$requestData = $request->getData();
try {
$response = $this->requestPost($uri, $request->getData());
} catch (Exception $e) {
$result->setResponseCode(-1)->setResponseReasonCode($e->getCode())->setResponseReasonText($e->getMessage());
Mage::throwException($this->_SageHelper()->__('Gateway request error: %s', $e->getMessage()));
}
$r = $response;
$result->setRequest($request);
try {
if (empty($r) or !isset($r['Status'])) {
$msg = $this->_SageHelper()->__('Sage Pay is not available at this time. Please try again later.');
Sage_Log::log($msg, 1);
$result->setResponseStatus('ERROR')->setResponseStatusDetail($msg);
return $result;
}
if (isset($r['VPSTxId'])) {
$result->setVpsTxId($r['VPSTxId']);
}
if (isset($r['SecurityKey'])) {
$result->setSecurityKey($r['SecurityKey']);
}
switch ($r['Status']) {
case 'FAIL':
$params['order'] = Mage::getSingleton('checkout/session')->getQuote()->getReservedOrderId();
$params['error'] = Mage::helper('sagepaysuite')->__($r['StatusDetail']);
//$rc = $this->sendNotificationEmail('', '', $params);
$result->setResponseStatus($r['Status'])->setResponseStatusDetail(Mage::helper('sagepaysuite')->__($r['StatusDetail']))->setVPSTxID(1)->setSecurityKey(1)->setTxAuthNo(1)->setAVSCV2(1)->setAddressResult(1)->setPostCodeResult(1)->setCV2Result(1)->setTrnSecuritykey(1);
return $result;
break;
case 'FAIL_NOMAIL':
Mage::throwException($this->_SageHelper()->__($r['StatusDetail']));
break;
case parent::RESPONSE_CODE_INVALID:
Mage::throwException($this->_SageHelper()->__('INVALID. %s', Mage::helper('sagepaysuite')->__($r['StatusDetail'])));
break;
case parent::RESPONSE_CODE_MALFORMED:
Mage::throwException($this->_SageHelper()->__('MALFORMED. %s', Mage::helper('sagepaysuite')->__($r['StatusDetail'])));
break;
case parent::RESPONSE_CODE_ERROR:
Mage::throwException($this->_SageHelper()->__('ERROR. %s', Mage::helper('sagepaysuite')->__($r['StatusDetail'])));
break;
case parent::RESPONSE_CODE_REJECTED:
Mage::throwException($this->_SageHelper()->__('REJECTED. %s', Mage::helper('sagepaysuite')->__($r['StatusDetail'])));
break;
case parent::RESPONSE_CODE_3DAUTH:
$result->setResponseStatus($r['Status'])->setResponseStatusDetail(isset($r['StatusDetail']) ? $r['StatusDetail'] : '')->set3DSecureStatus($r['3DSecureStatus'])->setMD($r['MD'])->setACSURL($r['ACSURL'])->setPAReq($r['PAReq']);
break;
case parent::RESPONSE_CODE_PAYPAL_REDIRECT:
$result->setResponseStatus($r['Status'])->setResponseStatusDetail($r['StatusDetail'])->setVpsTxId($r['VPSTxId'])->setPayPalRedirectUrl($r['PayPalRedirectURL']);
break;
default:
$result->setResponseStatus($r['Status'])->setResponseStatusDetail($r['StatusDetail'])->setVpsTxId($r['VPSTxId'])->setSecurityKey($r['SecurityKey'])->setTrnSecuritykey($r['SecurityKey']);
if (isset($r['3DSecureStatus'])) {
$result->set3DSecureStatus($r['3DSecureStatus']);
}
if (isset($r['CAVV'])) {
$result->setCAVV($r['CAVV']);
}
if (isset($r['TxAuthNo'])) {
$result->setTxAuthNo($r['TxAuthNo']);
}
if (isset($r['AVSCV2'])) {
$result->setAvscv2($r['AVSCV2']);
}
if (isset($r['PostCodeResult'])) {
$result->setPostCodeResult($r['PostCodeResult']);
}
if (isset($r['CV2Result'])) {
$result->setCv2result($r['CV2Result']);
}
if (isset($r['AddressResult'])) {
$result->setAddressResult($r['AddressResult']);
}
$result->addData($r);
//Saving TOKEN.
if (!$callback3D && $result->getData('Token')) {
$tokenData = array('Token' => $result->getData('Token'), 'Status' => $result->getData('Status'), 'Vendor' => $request->getData('Vendor'), 'CardType' => $request->getData('CardType'), 'ExpiryDate' => $request->getData('ExpiryDate'), 'StatusDetail' => $result->getData('StatusDetail'), 'Protocol' => 'direct', 'CardNumber' => $request->getData('CardNumber'), 'Nickname' => $request->getData('Nickname'));
Mage::getModel('sagepaysuite/sagePayToken')->persistCard($tokenData);
}
break;
}
} catch (Exception $e) {
Sage_Log::logException($e);
$result->setResponseStatus('ERROR')->setResponseStatusDetail(Mage::helper('sagepaysuite')->__($e->getMessage()));
return $result;
}
return $result;
}
public function notifyAction()
{
Sage_Log::log($_POST, null, 'SagePaySuite_POST_Requests.log');
$request = $this->getRequest();
$dbtrn = $this->_trn();
$dbtrn->addData(Mage::helper('sagepaysuite')->arrayKeysToUnderscore($_POST))->setPostcodeResult($this->getRequest()->getPost('PostCodeResult'))->setData('cv2result', $this->getRequest()->getPost('CV2Result'))->setThreedSecureStatus($this->getRequest()->getPost('3DSecureStatus'))->setLastFourDigits($this->getRequest()->getPost('Last4Digits'))->setRedFraudResponse($this->getRequest()->getPost('FraudResponse'))->setBankAuthCode($this->getRequest()->getPost('BankAuthCode'))->setDeclineCode($this->getRequest()->getPost('DeclineCode'))->save();
//Saving TOKEN.
$this->_saveToken($dbtrn);
/**
* Handle ABORT
*/
$sageStatus = $request->getParam('Status');
if ($sageStatus == 'ABORT') {
$this->_getSagePayServerSession()->setFailStatus($request->getParam('StatusDetail'));
$dbtrn->setStatus($sageStatus)->setStatusDetail($request->getParam('StatusDetail'))->save();
$this->_returnOkAbort();
return;
}
/**
* Handle ABORT
*/
if ($dbtrn->getId() && $dbtrn->getOrderId()) {
$dbtrn->setStatusDetail("Sage Pay Retry. " . $dbtrn->getStatusDetail())->save();
$this->_returnOk();
return;
}
//Check cart health on callback.
if (1 === (int) Mage::getStoreConfig('payment/sagepaysuite/verify_cart_consistency')) {
if (Mage::helper('sagepaysuite/checkout')->cartExpire($this->getOnepage()->getQuote())) {
try {
Mage::helper('sagepaysuite')->voidTransaction($dbtrn->getVendorTxCode(), 'sagepayserver');
Sage_Log::log("Transaction " . $dbtrn->getVendorTxCode() . " cancelled, cart was modified while customer on payment pages.", Zend_Log::CRIT, 'SagePaySuite_POST_Requests.log');
} catch (Exception $ex) {
Sage_Log::log("Transaction " . $dbtrn->getVendorTxCode() . " could not be cancelled and order was not created, cart was modified while customer on payment pages.", Zend_Log::CRIT, 'SagePaySuite_POST_Requests.log');
}
$this->_returnInvalid('Your order could not be completed, please try again. Thanks.');
return;
}
}
//Check cart health on callback.
$sagePayServerSession = $this->_getSagePayServerSession();
$strVendorName = strtolower($this->getSPSModel()->getConfigData('vendor'));
$strStatus = $request->getParam('Status', '');
$strVendorTxCode = $request->getParam('VendorTxCode', '');
$strVPSTxId = $request->getParam('VPSTxId', '');
$strSecurityKey = '';
/*if ($sagePayServerSession->getVendorTxCode() == $strVendorTxCode && $sagePayServerSession->getVpsTxId() == $strVPSTxId) {
$strSecurityKey = $sagePayServerSession->getSecurityKey();
$sagePayServerSession->setVpsTxId($strVPSTxId);
}*/
if ($dbtrn->getVendorTxCode() == $strVendorTxCode && $dbtrn->getVpsTxId() == $strVPSTxId) {
$strSecurityKey = $dbtrn->getSecurityKey();
$sagePayServerSession->setVpsTxId($strVPSTxId);
}
$response = '';
if (strlen($strSecurityKey) == 0) {
Sage_Log::log("Security Key invalid", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("TRN from DB:", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log($dbtrn->toArray(), null, 'SagePaySuite_POST_Requests.log');
$dbtrn->setStatus('MAGE_ERROR')->setStatusDetail("Security Key invalid. " . $dbtrn->getStatusDetail())->save();
$this->_returnInvalid('Security Key invalid');
} else {
$strStatusDetail = $strTxAuthNo = $strAVSCV2 = $strAddressResult = $strPostCodeResult = $strCV2Result = $strGiftAid = $str3DSecureStatus = $strCAVV = $strAddressStatus = $strPayerStatus = $strCardType = $strPayerStatus = $strLast4Digits = $strMySignature = '';
$strVPSSignature = $request->getParam('VPSSignature', '');
$strStatusDetail = $request->getParam('StatusDetail', '');
if (strlen($request->getParam('TxAuthNo', '')) > 0) {
$strTxAuthNo = $request->getParam('TxAuthNo', '');
$sagePayServerSession->setTxAuthNo($strTxAuthNo);
}
$strAVSCV2 = $request->getParam('AVSCV2', '');
$strAddressResult = $request->getParam('AddressResult', '');
$strPostCodeResult = $request->getParam('PostCodeResult', '');
$strCV2Result = $request->getParam('CV2Result', '');
$strGiftAid = $request->getParam('GiftAid', '');
$str3DSecureStatus = $request->getParam('3DSecureStatus', '');
$strCAVV = $request->getParam('CAVV', '');
$strAddressStatus = $request->getParam('AddressStatus', '');
$strPayerStatus = $request->getParam('PayerStatus', '');
$strCardType = $request->getParam('CardType', '');
$strLast4Digits = $request->getParam('Last4Digits', '');
$strDeclineCode = $request->getParam('DeclineCode', '');
$strExpiryDate = $request->getParam('ExpiryDate', '');
$strFraudResponse = $request->getParam('FraudResponse', '');
$strBankAuthCode = $request->getParam('BankAuthCode', '');
$strMessage = $strVPSTxId . $strVendorTxCode . $strStatus . $strTxAuthNo . $strVendorName . $strAVSCV2 . $strSecurityKey . $strAddressResult . $strPostCodeResult . $strCV2Result . $strGiftAid . $str3DSecureStatus . $strCAVV . $strAddressStatus . $strPayerStatus . $strCardType . $strLast4Digits . $strDeclineCode . $strExpiryDate . $strFraudResponse . $strBankAuthCode;
$strMySignature = strtoupper(md5($strMessage));
$response = '';
/** We can now compare our MD5 Hash signature with that from Sage Pay Server * */
$validSignature = $strMySignature !== $strVPSSignature;
if ($validSignature) {
Sage_Log::log("Cannot match the MD5 Hash", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("My Message: {$strMessage}", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("My Signature: {$strMySignature}", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("VPS Signature: {$strVPSSignature}", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("TRN from DB:", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log($dbtrn->toArray(), null, 'SagePaySuite_POST_Requests.log');
$dbtrn->setStatus('MAGE_ERROR')->setStatusDetail("Cannot match the MD5 Hash. " . $dbtrn->getStatusDetail())->save();
$this->_returnInvalid('Cannot match the MD5 Hash. Order might be tampered with. ' . $strStatusDetail);
return;
} else {
$strDBStatus = $this->_getHRStatus($strStatus, $strStatusDetail);
if ($strStatus == 'OK' || $strStatus == 'AUTHENTICATED' || $strStatus == 'REGISTERED') {
try {
$sagePayServerSession->setTrnhData($this->_setAdditioanlPaymentInfo($strDBStatus));
$checkout_session = Mage::getSingleton('checkout/session');
if ($checkout_session->getSagePayRewInst()) {
$this->getOnepage()->getQuote()->setUseRewardPoints(1)->setRewardInstance($checkout_session->getSagePayRewInst());
}
if ($checkout_session->getSagePayCustBalanceInst()) {
$this->getOnepage()->getQuote()->setUseCustomerBalance(1)->setCustomerBalanceInstance($checkout_session->getSagePayCustBalanceInst());
}
$this->_getSagePayServerSession()->setInvoicePayment(true);
Mage::register('sageserverpost', new Varien_Object($_POST));
$sOrder = $this->_saveMagentoOrder();
if ($sOrder !== true) {
$sagePayServerSession->setFailStatus('An error occurred: ' . $sOrder);
/** The status indicates a failure of one state or another, so send the customer to orderFailed instead * */
$strRedirectPage = $this->_getFailedRedirectUrl();
//Mage::helper('sagepaysuite')->cancelTransaction($dbtrn);
$dbtrn->setStatus('MAGE_ERROR')->setStatusDetail('Could not save order: ' . $sOrder . $dbtrn->getStatusDetail())->save();
$this->_returnInvalid('Could not save order: ' . $sOrder);
return;
} else {
$orderId = Mage::registry('last_order_id');
$msOrderIds = $this->_getMsOrderIds();
if ($orderId || $msOrderIds) {
if (false !== $msOrderIds) {
$aidis = array_keys($msOrderIds);
$orderId = $aidis[0];
#Mage::register('ms_parent_trn_id', $dbtrn->getId());
$dbtrn->setOrderId($aidis[0])->save();
unset($aidis[0]);
$trns = Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->getCollection()->getChilds($dbtrn->getId())->load()->toArray();
foreach ($aidis as $_order) {
foreach ($trns['items'] as $ka => $_t) {
Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->load($_t['id'])->setOrderId($_order)->save();
unset($trns['items'][$ka]);
break;
}
}
}
}
$dbtrn->setOrderId($orderId)->save();
$sagePayServerSession->setSuccessStatus($strDBStatus);
}
Mage::getSingleton('checkout/session')->setSagePayRewInst(null)->setSagePayCustBalanceInst(null);
if (Mage::registry('sagepay_last_quote_id')) {
$this->_returnOk(array('cusid' => Mage::registry('sagepay_customer_id'), 'qide' => Mage::registry('sagepay_last_quote_id'), 'incide' => Mage::registry('sagepay_last_real_order_id'), 'oide' => Mage::registry('sagepay_last_order_id')));
} else {
$this->_returnOk();
}
return;
} catch (Exception $e) {
$dbtrn->setStatus('MAGE_ERROR')->setStatusDetail($e->getMessage() . $dbtrn->getStatusDetail())->save();
Mage::logException($e);
Mage::log($e->getMessage());
Mage::dispatchEvent('sagepay_payment_failed', array('quote' => $this->getOnepage()->getQuote(), 'message' => $e->getMessage()));
}
} else {
//Mage::helper('sagepaysuite')->cancelTransaction($this->_trn());
$dbtrn->setStatus('MAGE_ERROR')->setStatusDetail($strDBStatus . $dbtrn->getStatusDetail())->save();
$sagePayServerSession->setFailStatus($strDBStatus);
/** The status indicates a failure of one state or another, so send the customer to orderFailed instead * */
$this->_returnInvalid($strDBStatus);
return;
}
}
}
}
public function sendPaymentFailedEmail($observer)
{
//Check if enabled in config.
if (0 === (int) Mage::getStoreConfig('payment/sagepaysuite/send_payment_failed_emails')) {
return $this;
}
$quote = $observer->getEvent()->getQuote();
$message = $observer->getEvent()->getMessage();
try {
Mage::helper('sagepaysuite/checkout')->sendPaymentFailedEmail($quote, $message);
} catch (Exception $ex) {
Sage_Log::logException($ex);
}
return $this;
}
public function saveAfter($o)
{
$order = $o->getEvent()->getOrder();
try {
//remove postcode with value = '.'
$billingmodel = Mage::getModel('sales/order_address');
$billing = $order->getBillingAddress()->getData();
if (!Mage::helper('onestepcheckout')->onlyProductDownloadable()) {
$shipping = $order->getShippingAddress()->getData();
$billingmodel->load($shipping['entity_id']);
if ($billingmodel->getPostcode() == ".") {
$billingmodel->setPostcode('')->setId($shipping['entity_id']);
$billingmodel->save();
}
}
$billingmodel->load($billing['entity_id']);
if ($billingmodel->getPostcode() == ".") {
$billingmodel->setPostcode('')->setId($billing['entity_id']);
$billingmodel->save();
}
if (Mage::getSingleton('core/session')->getDeliveryInforOrder()) {
$deliveryinfor = Mage::getSingleton('core/session')->getDeliveryInforOrder();
//Mage::log(Zend_Debug::dump($deliveryinfor));
$customercomment = $deliveryinfor[0];
// comment
$deliverystatus = $deliveryinfor[1];
// deliverydate
$deliverydate = $deliveryinfor[2];
// checkoutdate
$deliverytime = $deliveryinfor[3];
//checkouttime
$orderonestep = Mage::getModel('onestepcheckout/onestepcheckout');
$orderonestep->setSalesOrderId($order->getId());
$orderonestep->setMwCustomercommentInfo($customercomment);
if ($deliverystatus == "late") {
$orderonestep->setMwDeliverydateDate($deliverydate);
$orderonestep->setMwDeliverydateTime($deliverytime);
}
$orderonestep->save();
Mage::getSingleton('core/session')->unsDeliveryInforOrder();
}
$islogin = Mage::getSingleton('customer/session')->isLoggedIn();
if ($islogin && Mage::getSingleton('core/session')->getAccountInfor()) {
$accountinformation = Mage::getSingleton('core/session')->getAccountInfor();
// save account information
$customerId = Mage::getSingleton('customer/session')->getCustomerId();
$customer = Mage::getSingleton('customer/customer')->load($customerId);
if ($accountinformation[0] != "") {
$dateofbirth = date("Y-m-d H:m:i", strtotime($accountinformation[0]));
$customer->setDob($dateofbirth);
}
if ($accountinformation[1] != "") {
// gender
$customer->setGender($accountinformation[1]);
}
if ($accountinformation[2] != "") {
// taxvat
$customer->setTaxvat($accountinformation[2]);
}
if ($accountinformation[3] != "") {
// suffix
$customer->setSuffix($accountinformation[3]);
}
if ($accountinformation[4] != "") {
// prefix
$customer->setPrefix($accountinformation[4]);
}
if ($accountinformation[5] != "") {
// middlename
$customer->setMiddlename($accountinformation[5]);
}
if ($accountinformation[6] != "") {
// middlename
$customer->setFirstname($accountinformation[6]);
}
if ($accountinformation[7] != "") {
// middlename
$customer->setLastname($accountinformation[7]);
}
$customer->setEntityId($customerId);
$customer->save();
Mage::getSingleton('customer/session')->setCustomer($customer);
//unset sessiong account
Mage::getSingleton('customer/session')->unsAccountInfor();
}
} catch (Exception $e) {
Mage::log('save account infomation: ' . $e);
}
if ($order->getPayment()->getMethod() == "sagepayform" || $order->getPayment()->getMethod() == "sagepaydirectpro") {
$isSage = Mage::helper('sagepaysuite')->isSagePayMethod($order->getPayment()->getMethod());
if ($isSage === false) {
return $o;
}
$transation = Mage::getModel('sagepaysuite2/sagepaysuite_transaction');
if ($transation->loadByParent($order->getId())->getId()) {
return $o;
}
if ((int) Mage::getStoreConfig('payment/sagepaysuite/order_error_save', Mage::app()->getStore()->getId()) === 1) {
Mage::throwException(Mage::getStoreConfig('payment/sagepaysuite/order_error_save_message', Mage::app()->getStore()->getId()));
}
$session = Mage::getSingleton('sagepaysuite/session');
$rqVendorTxCode = Mage::app()->getRequest()->getParam('vtxc');
$sessionVendor = $rqVendorTxCode ? $rqVendorTxCode : $session->getLastVendorTxCode();
/**
* Multishipping vendors
*/
$multiShippingTxCodes = Mage::registry('sagepaysuite_ms_txcodes');
if ($multiShippingTxCodes) {
Mage::unregister('sagepaysuite_ms_txcodes');
$sessionVendor = current($multiShippingTxCodes);
array_shift($multiShippingTxCodes);
reset($multiShippingTxCodes);
Mage::register('sagepaysuite_ms_txcodes', $multiShippingTxCodes);
}
/**
* Multishipping vendors
*/
$reg = Mage::registry('Ebizmarts_SagePaySuite_Model_Api_Payment::recoverTransaction');
if (!is_null($reg)) {
$sessionVendor = $reg;
}
if (is_null($sessionVendor)) {
$dbtrn = $transation->loadByParent($order->getId());
if (!$dbtrn->getId()) {
#For empty payments or old orders (standalone payment methods).
if (Mage::app()->getRequest()->getControllerModule() == 'Mage_Api' || Mage::registry('current_shipment') || Mage::registry('sales_order') || Mage::registry('current_creditmemo') || Mage::registry('current_invoice')) {
return $o;
}
$logfileName = $order->getIncrementId() . '-' . time() . '_Payment_Failed.log';
$request_data = $_REQUEST;
if (isset($request_data['payment'])) {
$request_data['payment']['cc_number'] = 'XXXXXXXXXXXXX';
$request_data['payment']['cc_cid'] = 'XXX';
}
Sage_Log::log($order->getIncrementId(), null, $logfileName);
Sage_Log::log(Mage::helper('core/http')->getHttpUserAgent(false), null, $logfileName);
Sage_Log::log(print_r($request_data, true), null, $logfileName);
Sage_Log::log('--------------------', null, $logfileName);
Mage::throwException('Payment has failed, please reload checkout page and try again. Your card has not been charged.');
}
return $o;
}
$tran = $transation->loadByVendorTxCode($sessionVendor)->setOrderId($order->getId());
if ($tran->getId()) {
if ($tran->getToken()) {
$token = Mage::getModel('sagepaysuite2/sagepaysuite_tokencard')->loadByToken($tran->getToken());
if ($token->getId()) {
$tran->setCardType($token->getCardType())->setLastFourDigits($token->getLastFour());
}
}
$tran->save();
}
// Ip address for SERVER method
if ($session->getRemoteAddr()) {
$order->setRemoteIp($this->getSession()->getRemoteAddr());
}
# Invoice automatically PAYMENT transactions
if ($session->getInvoicePayment() || !is_null($reg) && $tran->getTxType() == 'PAYMENT') {
$session->unsetData('invoice_payment');
Mage::getModel('sagepaysuite/api_payment')->invoiceOrder($order);
}
}
}
public function makeCrypt()
{
$cryptPass = $this->getEncryptionPass();
if (Zend_Validate::is($cryptPass, 'NotEmpty') === false) {
Mage::throwException('Encryption Pass is empty.');
}
$quoteObj = $this->_getQuote();
//@TODO: Dont collect totals if Amasty_Promo is present
$quoteObj->setTotalsCollectedFlag(false)->collectTotals();
$billing = $quoteObj->getBillingAddress();
$shipping = $quoteObj->getShippingAddress();
$customerEmail = $this->getCustomerEmail();
$data = array();
$data['CustomerEMail'] = $customerEmail == null ? $billing->getEmail() : $customerEmail;
$data['CustomerName'] = $billing->getFirstname() . ' ' . $billing->getLastname();
$data['VendorTxCode'] = $this->_getTrnVendorTxCode();
if ((string) $this->getConfigData('trncurrency') == 'store') {
$data['Amount'] = $this->formatAmount($quoteObj->getGrandTotal(), $quoteObj->getQuoteCurrencyCode());
$data['Currency'] = $quoteObj->getQuoteCurrencyCode();
} else {
if ((string) $this->getConfigData('trncurrency') == 'switcher') {
$data['Amount'] = $this->formatAmount($quoteObj->getGrandTotal(), Mage::app()->getStore()->getCurrentCurrencyCode());
$data['Currency'] = Mage::app()->getStore()->getCurrentCurrencyCode();
} else {
$data['Amount'] = $this->formatAmount($quoteObj->getBaseGrandTotal(), $quoteObj->getBaseCurrencyCode());
$data['Currency'] = $quoteObj->getBaseCurrencyCode();
}
}
$data['Description'] = $this->cleanInput('product purchase', 'Text');
$data['SuccessURL'] = Mage::getUrl('sgps/formPayment/success', array('_secure' => true, '_nosid' => true, 'vtxc' => $data['VendorTxCode'], 'utm_nooverride' => 1));
$data['FailureURL'] = Mage::getUrl('sgps/formPayment/failure', array('_secure' => true, '_nosid' => true, 'vtxc' => $data['VendorTxCode'], 'utm_nooverride' => 1));
$data['BillingSurname'] = $this->ss($billing->getLastname(), 20);
$data['ReferrerID'] = $this->getConfigData('referrer_id');
$data['BillingFirstnames'] = $this->ss($billing->getFirstname(), 20);
$data['BillingAddress1'] = $this->getConfigData('mode') == 'test' ? 88 : $this->ss($billing->getStreet(1), 100);
$data['BillingAddress2'] = $this->getConfigData('mode') == 'test' ? 88 : $this->ss($billing->getStreet(2), 100);
$data['BillingPostCode'] = $this->getConfigData('mode') == 'test' ? 412 : $this->sanitizePostcode($this->ss($billing->getPostcode(), 10));
$data['BillingCity'] = $this->ss($billing->getCity(), 40);
$data['BillingCountry'] = $billing->getCountry();
$data['BillingPhone'] = $this->ss($this->_cphone($billing->getTelephone()), 20);
// Set delivery information for virtual products ONLY orders
if ($quoteObj->getIsVirtual()) {
$data['DeliverySurname'] = $this->ss($billing->getLastname(), 20);
$data['DeliveryFirstnames'] = $this->ss($billing->getFirstname(), 20);
$data['DeliveryAddress1'] = $this->ss($billing->getStreet(1), 100);
$data['DeliveryAddress2'] = $this->ss($billing->getStreet(2), 100);
$data['DeliveryCity'] = $this->ss($billing->getCity(), 40);
$data['DeliveryPostCode'] = $this->sanitizePostcode($this->ss($billing->getPostcode(), 10));
$data['DeliveryCountry'] = $billing->getCountry();
$data['DeliveryPhone'] = $this->ss($this->_cphone($billing->getTelephone()), 20);
} else {
$data['DeliveryPhone'] = $this->ss($this->_cphone($shipping->getTelephone()), 20);
$data['DeliverySurname'] = $this->ss($shipping->getLastname(), 20);
$data['DeliveryFirstnames'] = $this->ss($shipping->getFirstname(), 20);
$data['DeliveryAddress1'] = $this->ss($shipping->getStreet(1), 100);
$data['DeliveryAddress2'] = $this->ss($shipping->getStreet(2), 100);
$data['DeliveryCity'] = $this->ss($shipping->getCity(), 40);
$data['DeliveryPostCode'] = $this->sanitizePostcode($this->ss($shipping->getPostcode(), 10));
$data['DeliveryCountry'] = $shipping->getCountry();
}
if ($data['DeliveryCountry'] == 'US') {
if ($quoteObj->getIsVirtual()) {
$data['DeliveryState'] = $billing->getRegionCode();
} else {
$data['DeliveryState'] = $shipping->getRegionCode();
}
}
if ($data['BillingCountry'] == 'US') {
$data['BillingState'] = $billing->getRegionCode();
}
$basket = Mage::helper('sagepaysuite')->getSagePayBasket($this->_getQuote());
if (!empty($basket)) {
if ($basket[0] == "<") {
$data['BasketXML'] = $basket;
} else {
$data['Basket'] = $basket;
}
}
$data['AllowGiftAid'] = (int) $this->getConfigData('allow_gift_aid');
$data['ApplyAVSCV2'] = $this->getConfigData('avscv2');
$data['SendEMail'] = (int) $this->getConfigData('send_email');
$vendorEmail = (string) $this->getConfigData('vendor_email');
if ($vendorEmail) {
$data['VendorEMail'] = $vendorEmail;
}
$data['Website'] = substr(Mage::app()->getStore()->getWebsite()->getName(), 0, 100);
$eMessage = $this->getConfigData('email_message');
if ($eMessage) {
$data['eMailMessage'] = substr($eMessage, 0, 7500);
}
$customerXML = $this->getCustomerXml($quoteObj);
if (!is_null($customerXML)) {
$data['CustomerXML'] = $customerXML;
}
if (empty($data['DeliveryPostCode'])) {
$data['DeliveryPostCode'] = '000';
}
if (empty($data['BillingPostCode'])) {
$data['BillingPostCode'] = '000';
}
$dataToSend = '';
foreach ($data as $field => $value) {
if ($value != '') {
$dataToSend .= $dataToSend == '' ? "{$field}={$value}" : "&{$field}={$value}";
}
}
ksort($data);
Sage_Log::log("User-Agent: " . Mage::helper('core/http')->getHttpUserAgent(false), null, 'SagePaySuite_REQUEST.log');
Sage_Log::log(Mage::helper('sagepaysuite')->getUserAgent(), null, 'SagePaySuite_REQUEST.log');
Sage_Log::log($data, null, 'SagePaySuite_REQUEST.log');
Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->loadByVendorTxCode($data['VendorTxCode'])->setVendorTxCode($data['VendorTxCode'])->setVpsProtocol($this->getVpsProtocolVersion())->setVendorname($this->getConfigData('vendor'))->setMode($this->getConfigData('mode'))->setTxType(strtoupper($this->getConfigData('payment_action')))->setTrnCurrency($data['Currency'])->setIntegration('form')->setTrndate($this->getDate())->setTrnAmount($data['Amount'])->save();
Mage::getSingleton('sagepaysuite/session')->setLastVendorTxCode($data['VendorTxCode']);
//** add PKCS5 padding to the text to be encypted
$pkcs5Data = $this->addPKCS5Padding($dataToSend);
$strCrypt = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $cryptPass, $pkcs5Data, MCRYPT_MODE_CBC, $cryptPass);
return "@" . bin2hex($strCrypt);
}
public function notifyAction()
{
Sage_Log::log($_POST, null, 'SagePaySuite_POST_Requests.log');
$request = $this->getRequest();
$dbtrn = $this->_trn();
//set euro payments status
$euro_payment_status = (string) $request->getPost("Status") == "PENDING" ? "PENDING" : (string) $dbtrn->getEuroPaymentsStatus();
$returning_from_euro_payment = false;
//if it was already 'PENDING' I update it
if ((string) $dbtrn->getStatus() == "PENDING") {
$euro_payment_status = $request->getPost("Status");
$returning_from_euro_payment = true;
}
//reset session flag
$this->_getSagePayServerSession()->setEuroPaymentIsPending(false);
$dbtrn->addData(Mage::helper('sagepaysuite')->arrayKeysToUnderscore($_POST))->setPostcodeResult($this->getRequest()->getPost('PostCodeResult'))->setData('cv2result', $this->getRequest()->getPost('CV2Result'))->setThreedSecureStatus($this->getRequest()->getPost('3DSecureStatus'))->setLastFourDigits($this->getRequest()->getPost('Last4Digits'))->setRedFraudResponse($this->getRequest()->getPost('FraudResponse'))->setBankAuthCode($this->getRequest()->getPost('BankAuthCode'))->setDeclineCode($this->getRequest()->getPost('DeclineCode'))->setEuroPaymentsStatus($euro_payment_status)->save();
//Saving TOKEN.
$this->_saveToken($dbtrn);
/**
* Handle ABORT
*/
$sageStatus = $request->getParam('Status');
if ($sageStatus == 'ABORT') {
$this->_getSagePayServerSession()->setFailStatus($request->getParam('StatusDetail'));
$dbtrn->setStatus($sageStatus)->setStatusDetail($request->getParam('StatusDetail'))->save();
$this->_returnOkAbort();
return;
}
/**
* Handle ABORT
*/
if ($dbtrn->getId() && $dbtrn->getOrderId()) {
if ($returning_from_euro_payment == true) {
//EURO Payment PENDING doing 2nd POST
if ($euro_payment_status == "OK") {
//invoice it
$order = Mage::getModel('sales/order')->load($dbtrn->getOrderId());
$invoiced = Mage::getModel('sagepaysuite/api_payment')->invoiceOrder($order);
if ($invoiced == true) {
$dbtrn->setStatusDetail($request->getParam('StatusDetail'))->save();
$order->setStatus("processing")->save();
}
} else {
//transaction was failed, cancel it
Mage::helper('sagepaysuite')->cancelTransaction($dbtrn);
Sage_Log::log("Transaction " . $dbtrn->getVendorTxCode() . " cancelled due to error " . $request->getParam('StatusDetail'), '', '');
}
$this->_returnOk();
return;
} else {
if ($euro_payment_status !== null) {
//Euro Payment RETRY
//do nothing for now
$this->_returnOk();
return;
} else {
//General RETRY
$dbtrn->setStatusDetail("Sage Pay Retry. " . $dbtrn->getStatusDetail())->save();
$this->_returnOk();
return;
}
}
}
//Check cart health on callback.
if (1 === (int) Mage::getStoreConfig('payment/sagepaysuite/verify_cart_consistency')) {
if (Mage::helper('sagepaysuite/checkout')->cartExpire($this->getOnepage()->getQuote())) {
try {
Mage::helper('sagepaysuite')->voidTransaction($dbtrn->getVendorTxCode(), 'sagepayserver');
Sage_Log::log("Transaction " . $dbtrn->getVendorTxCode() . " cancelled, cart was modified while customer on payment pages.", Zend_Log::CRIT, 'SagePaySuite_POST_Requests.log');
} catch (Exception $ex) {
Sage_Log::log("Transaction " . $dbtrn->getVendorTxCode() . " could not be cancelled and order was not created, cart was modified while customer on payment pages.", Zend_Log::CRIT, 'SagePaySuite_POST_Requests.log');
}
$this->_returnInvalid('Your order could not be completed, please try again. Thanks.');
return;
}
}
//Check cart health on callback.
$sagePayServerSession = $this->_getSagePayServerSession();
$strVendorName = strtolower($this->getSPSModel()->getConfigData('vendor'));
$strStatus = $request->getParam('Status', '');
$strVendorTxCode = $request->getParam('VendorTxCode', '');
$strVPSTxId = $request->getParam('VPSTxId', '');
$strSecurityKey = '';
/*if ($sagePayServerSession->getVendorTxCode() == $strVendorTxCode && $sagePayServerSession->getVpsTxId() == $strVPSTxId) {
$strSecurityKey = $sagePayServerSession->getSecurityKey();
$sagePayServerSession->setVpsTxId($strVPSTxId);
}*/
if ($dbtrn->getVendorTxCode() == $strVendorTxCode && $dbtrn->getVpsTxId() == $strVPSTxId) {
$strSecurityKey = $dbtrn->getSecurityKey();
$sagePayServerSession->setVpsTxId($strVPSTxId);
}
$response = '';
if (strlen($strSecurityKey) == 0) {
Sage_Log::log("Security Key invalid", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("TRN from DB:", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log($dbtrn->toArray(), null, 'SagePaySuite_POST_Requests.log');
$dbtrn->setStatus('MAGE_ERROR')->setStatusDetail("Security Key invalid. " . $dbtrn->getStatusDetail())->save();
$this->_returnInvalid('Security Key invalid');
} else {
$strStatusDetail = $strTxAuthNo = $strAVSCV2 = $strAddressResult = $strPostCodeResult = $strCV2Result = $strGiftAid = $str3DSecureStatus = $strCAVV = $strAddressStatus = $strPayerStatus = $strCardType = $strPayerStatus = $strLast4Digits = $strMySignature = '';
$strVPSSignature = $request->getParam('VPSSignature', '');
$strStatusDetail = $request->getParam('StatusDetail', '');
if (strlen($request->getParam('TxAuthNo', '')) > 0) {
$strTxAuthNo = $request->getParam('TxAuthNo', '');
$sagePayServerSession->setTxAuthNo($strTxAuthNo);
}
$strAVSCV2 = $request->getParam('AVSCV2', '');
$strAddressResult = $request->getParam('AddressResult', '');
$strPostCodeResult = $request->getParam('PostCodeResult', '');
$strCV2Result = $request->getParam('CV2Result', '');
$strGiftAid = $request->getParam('GiftAid', '');
$str3DSecureStatus = $request->getParam('3DSecureStatus', '');
$strCAVV = $request->getParam('CAVV', '');
$strAddressStatus = $request->getParam('AddressStatus', '');
$strPayerStatus = $request->getParam('PayerStatus', '');
$strCardType = $request->getParam('CardType', '');
$strLast4Digits = $request->getParam('Last4Digits', '');
$strDeclineCode = $request->getParam('DeclineCode', '');
$strExpiryDate = $request->getParam('ExpiryDate', '');
$strFraudResponse = $request->getParam('FraudResponse', '');
$strBankAuthCode = $request->getParam('BankAuthCode', '');
$strMessage = $strVPSTxId . $strVendorTxCode . $strStatus . $strTxAuthNo . $strVendorName . $strAVSCV2 . $strSecurityKey . $strAddressResult . $strPostCodeResult . $strCV2Result . $strGiftAid . $str3DSecureStatus . $strCAVV . $strAddressStatus . $strPayerStatus . $strCardType . $strLast4Digits . $strDeclineCode . $strExpiryDate . $strFraudResponse . $strBankAuthCode;
$strMySignature = strtoupper(md5($strMessage));
$response = '';
/** We can now compare our MD5 Hash signature with that from Sage Pay Server * */
$validSignature = $strMySignature !== $strVPSSignature;
if ($validSignature) {
Sage_Log::log("Cannot match the MD5 Hash", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("My Message: {$strMessage}", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("My Signature: {$strMySignature}", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("VPS Signature: {$strVPSSignature}", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log("TRN from DB:", null, 'SagePaySuite_POST_Requests.log');
Sage_Log::log($dbtrn->toArray(), null, 'SagePaySuite_POST_Requests.log');
$dbtrn->setStatus('MAGE_ERROR')->setStatusDetail("Cannot match the MD5 Hash. " . $dbtrn->getStatusDetail())->save();
$this->_returnInvalid('Cannot match the MD5 Hash. Order might be tampered with. ' . $strStatusDetail);
return;
} else {
$strDBStatus = $this->_getHRStatus($strStatus, $strStatusDetail);
if ($strStatus == 'OK' || $strStatus == 'AUTHENTICATED' || $strStatus == 'REGISTERED') {
try {
$sagePayServerSession->setTrnhData($this->_setAdditioanlPaymentInfo($strDBStatus));
$checkout_session = Mage::getSingleton('checkout/session');
if ($checkout_session->getSagePayRewInst()) {
$this->getOnepage()->getQuote()->setUseRewardPoints(1)->setRewardInstance($checkout_session->getSagePayRewInst());
}
if ($checkout_session->getSagePayCustBalanceInst()) {
$this->getOnepage()->getQuote()->setUseCustomerBalance(1)->setCustomerBalanceInstance($checkout_session->getSagePayCustBalanceInst());
}
if ((string) $request->getParam('Status') == 'OK' && (string) $request->getParam('TxType') == 'PAYMENT') {
$this->_getSagePayServerSession()->setInvoicePayment(true);
Mage::register('sagepay_create_invoice', 1, true);
//For Magento 1.9+ when customer is Checkout=Register
}
$sageserverpost = new Varien_Object($_POST);
Mage::register('sageserverpost', $sageserverpost);
//1.9.1 ssl fix
$customer_id = null;
if ($this->getOnepage()->getQuote()->getId() == null) {
$rqQuoteId = Mage::app()->getRequest()->getParam('qid');
$this->getOnepage()->setQuote(Mage::getModel('sales/quote')->loadActive($rqQuoteId));
$customer_id = $this->getOnepage()->getQuote()->getData('customer_id');
if (!is_null($customer_id)) {
$customer = Mage::getModel('customer/customer')->load($customer_id);
if (!is_null($customer)) {
Mage::getSingleton('customer/session')->setCustomerAsLoggedIn($customer);
}
}
}
//sweet tooth fix
if (class_exists('rewards/session', FALSE)) {
Mage::getSingleton('rewards/session')->getQuote()->setData('checkout_method', $this->getOnepage()->getQuote()->getData('checkout_method'));
}
//saving order
$sOrder = $this->_saveMagentoOrder();
if ($sOrder !== true) {
$sagePayServerSession->setFailStatus('An error occurred: ' . $sOrder);
/** The status indicates a failure of one state or another, so send the customer to orderFailed instead * */
$strRedirectPage = $this->_getFailedRedirectUrl();
//Mage::helper('sagepaysuite')->cancelTransaction($dbtrn);
$dbtrn->setStatus('MAGE_ERROR')->setStatusDetail('Could not save order: ' . $sOrder . $dbtrn->getStatusDetail())->save();
$this->_returnInvalid('Could not save order: ' . $sOrder);
return;
} else {
$orderId = Mage::registry('last_order_id');
$msOrderIds = $this->_getMsOrderIds();
if ($orderId || $msOrderIds) {
if (false !== $msOrderIds) {
$aidis = array_keys($msOrderIds);
$orderId = $aidis[0];
#Mage::register('ms_parent_trn_id', $dbtrn->getId());
$dbtrn->setOrderId($aidis[0])->save();
unset($aidis[0]);
$trns = Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->getCollection()->getChilds($dbtrn->getId())->load()->toArray();
foreach ($aidis as $_order) {
foreach ($trns['items'] as $ka => $_t) {
Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->load($_t['id'])->setOrderId($_order)->save();
unset($trns['items'][$ka]);
break;
}
}
}
}
$dbtrn->setOrderId($orderId)->save();
$sagePayServerSession->setSuccessStatus($strDBStatus);
}
//save server session data on db as it gets lost sometimes
$server_session = array();
$messages = Mage::getSingleton('core/session')->getMessages();
$successes = $messages->getItemsByType("success");
$errors = $messages->getItemsByType("error");
if (!is_null($successes) && count($successes) > 0) {
$server_session["core_messages"] = array();
$server_session["core_messages"]["success"] = array();
foreach ($successes as $msg) {
$server_session["core_messages"]["success"][] = $msg->getCode();
}
}
if (!is_null($errors) && count($errors) > 0) {
if (!array_key_exists("core_messages", $server_session)) {
$server_session["core_messages"] = array();
}
$server_session["core_messages"]["error"] = array();
foreach ($errors as $msg) {
$server_session["core_messages"]["error"][] = $msg->getCode();
}
}
if (count(array_keys($server_session)) > 0) {
try {
$server_session_json = json_encode($server_session);
$dbtrn->setData("server_session", $server_session_json)->save();
} catch (Exception $e) {
//unable to save server session data for later :/
}
}
Mage::getSingleton('checkout/session')->setSagePayRewInst(null)->setSagePayCustBalanceInst(null);
if (Mage::registry('sagepay_last_quote_id')) {
$this->_returnOk(array('inv' => (int) Mage::registry('sagepay_create_invoice'), 'cusid' => is_null($customer_id) ? Mage::registry('sagepay_customer_id') : $customer_id, 'qide' => Mage::registry('sagepay_last_quote_id'), 'incide' => Mage::registry('sagepay_last_real_order_id'), 'oide' => Mage::registry('sagepay_last_order_id')));
} else {
$this->_returnOk();
}
return;
} catch (Exception $e) {
$dbtrn->setStatus('MAGE_ERROR')->setStatusDetail($e->getMessage() . $dbtrn->getStatusDetail())->save();
Mage::logException($e);
Mage::log($e->getMessage());
Mage::dispatchEvent('sagepay_payment_failed', array('quote' => $this->getOnepage()->getQuote(), 'message' => $e->getMessage()));
}
} else {
if ($strStatus == 'PENDING') {
//handle EURO payments
//set flag
$this->_getSagePayServerSession()->setEuroPaymentIsPending(true);
try {
$sagePayServerSession->setTrnhData($this->_setAdditioanlPaymentInfo($strDBStatus));
$checkout_session = Mage::getSingleton('checkout/session');
if ($checkout_session->getSagePayRewInst()) {
$this->getOnepage()->getQuote()->setUseRewardPoints(1)->setRewardInstance($checkout_session->getSagePayRewInst());
}
if ($checkout_session->getSagePayCustBalanceInst()) {
$this->getOnepage()->getQuote()->setUseCustomerBalance(1)->setCustomerBalanceInstance($checkout_session->getSagePayCustBalanceInst());
}
//no invoice since it's PENDING
$this->_getSagePayServerSession()->setInvoicePayment(false);
Mage::register('sagepay_create_invoice', 0, true);
$sageserverpost = new Varien_Object($_POST);
Mage::register('sageserverpost', $sageserverpost);
//1.9.1 ssl fix
$customer_id = null;
if ($this->getOnepage()->getQuote()->getId() == null) {
$rqQuoteId = Mage::app()->getRequest()->getParam('qid');
$this->getOnepage()->setQuote(Mage::getModel('sales/quote')->loadActive($rqQuoteId));
$customer_id = $this->getOnepage()->getQuote()->getData('customer_id');
if (!is_null($customer_id)) {
$customer = Mage::getModel('customer/customer')->load($customer_id);
if (!is_null($customer)) {
Mage::getSingleton('customer/session')->setCustomerAsLoggedIn($customer);
}
}
}
//save order
$sOrder = $this->_saveMagentoOrder();
if ($sOrder !== true) {
$sagePayServerSession->setFailStatus('An error occurred: ' . $sOrder);
/** The status indicates a failure of one state or another, so send the customer to orderFailed instead * */
$strRedirectPage = $this->_getFailedRedirectUrl();
//Mage::helper('sagepaysuite')->cancelTransaction($dbtrn);
$dbtrn->setStatus('MAGE_ERROR')->setStatusDetail('Could not save order: ' . $sOrder . $dbtrn->getStatusDetail())->save();
$this->_returnInvalid('Could not save order: ' . $sOrder);
return;
} else {
$orderId = Mage::registry('last_order_id');
$msOrderIds = $this->_getMsOrderIds();
if ($orderId || $msOrderIds) {
if (false !== $msOrderIds) {
$aidis = array_keys($msOrderIds);
$orderId = $aidis[0];
#Mage::register('ms_parent_trn_id', $dbtrn->getId());
$dbtrn->setOrderId($aidis[0])->save();
unset($aidis[0]);
$trns = Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->getCollection()->getChilds($dbtrn->getId())->load()->toArray();
foreach ($aidis as $_order) {
foreach ($trns['items'] as $ka => $_t) {
Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->load($_t['id'])->setOrderId($_order)->save();
unset($trns['items'][$ka]);
break;
}
}
}
}
$dbtrn->setOrderId($orderId)->save();
//set PENDING status
//$order = Mage::getModel('sales/order')->load($orderId);
//$order->setStatus("pending")->save();
$sagePayServerSession->setSuccessStatus($strDBStatus);
}
Mage::getSingleton('checkout/session')->setSagePayRewInst(null)->setSagePayCustBalanceInst(null);
if (Mage::registry('sagepay_last_quote_id')) {
$this->_returnOk(array('inv' => (int) Mage::registry('sagepay_create_invoice'), 'cusid' => is_null($customer_id) ? Mage::registry('sagepay_customer_id') : $customer_id, 'qide' => Mage::registry('sagepay_last_quote_id'), 'incide' => Mage::registry('sagepay_last_real_order_id'), 'oide' => Mage::registry('sagepay_last_order_id')));
} else {
$this->_returnOk();
}
return;
} catch (Exception $e) {
$dbtrn->setStatus('MAGE_ERROR')->setStatusDetail($e->getMessage() . $dbtrn->getStatusDetail())->save();
Mage::logException($e);
Mage::log($e->getMessage());
Mage::dispatchEvent('sagepay_payment_failed', array('quote' => $this->getOnepage()->getQuote(), 'message' => $e->getMessage()));
}
} else {
//Mage::helper('sagepaysuite')->cancelTransaction($this->_trn());
$dbtrn->setStatus('MAGE_ERROR')->setStatusDetail($strDBStatus . $dbtrn->getStatusDetail())->save();
$sagePayServerSession->setFailStatus($strDBStatus);
/** The status indicates a failure of one state or another, so send the customer to orderFailed instead * */
$this->_returnInvalid($strDBStatus);
return;
}
}
}
}
}
public function successAction()
{
$_r = $this->getRequest();
Sage_Log::log($_r->getPost(), null, 'SagePaySuite_FORM_Callback.log');
if ($_r->getParam('crypt') && $_r->getParam('vtxc')) {
$strDecoded = $this->getFormModel()->decrypt($_r->getParam('crypt'));
$token = Mage::helper('sagepaysuite/form')->getToken($strDecoded);
Ebizmarts_SagePaySuite_Log::w($token, null, 'SagePaySuite_FORM_Callback.log');
$db = Mage::helper('sagepaysuite')->arrayKeysToUnderscore($token);
# Add data to DB transaction
$trn = $this->_getTransaction()->loadByVendorTxCode($_r->getParam('vtxc'));
$trn->addData($db);
if (isset($db['post_code_result'])) {
$trn->setPostcodeResult($db['post_code_result']);
}
if (isset($db['cv2_result'])) {
$trn->setCv2result($db['cv2_result']);
}
if (isset($db['3_d_secure_status'])) {
$trn->setThreedSecureStatus($db['3_d_secure_status']);
}
if (isset($db['last4_digits'])) {
$trn->setLastFourDigits($db['last4_digits']);
}
if (isset($db['gift_aid'])) {
$trn->setGiftAid($db['gift_aid']);
}
$trn->save();
Mage::register('sageserverpost', new Varien_Object($token));
if (strtoupper($trn->getTxType()) == 'PAYMENT') {
Mage::getSingleton('sagepaysuite/session')->setInvoicePayment(true);
}
$this->getOnepage()->getQuote()->collectTotals();
$this->getOnepage()->saveOrder();
Mage::helper('sagepaysuite/checkout')->deleteQuote();
$this->_redirect('checkout/onepage/success');
return;
}
$this->_redirect('/');
return;
}
public function massThirdmanCheckAction()
{
$logPrefix = "[MANUAL] ";
Sage_Log::log($logPrefix . "Starting fraud checks... ", null, 'SagePaySuite_Thirdman.log');
$fraudTblName = Mage::getSingleton('core/resource')->getTableName('sagepayreporting_fraud');
$transactions = Mage::getResourceModel('sagepaysuite2/sagepaysuite_transaction_collection');
$transactions->addFieldToSelect(array('order_id', 'vendor_tx_code', 'vps_tx_id', 'tx_type'));
$transactions->getSelect()->where("`main_table`.`order_id` IS NOT NULL AND (`main_table`.`order_id` NOT IN (SELECT `order_id` FROM " . $fraudTblName . "))")->order("main_table.created_at DESC")->limit(15);
$transactionsChecked = array();
$transactionsNOTChecked = array();
foreach ($transactions as $_trn) {
$update = $_trn->updateFromApi();
if (!$update->getFraud()) {
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": UNABLE TO GET FRAUD SCORE", null, 'SagePaySuite_Thirdman.log');
$transactionsNOTChecked[] = $_trn->getVendorTxCode();
continue;
}
try {
$rs = $update->getFraud();
$noresult = (string) $rs->getThirdmanAction() == 'NORESULT';
$transactionsChecked[] = $_trn->getVendorTxCode();
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": " . (string) $rs->getThirdmanAction(), null, 'SagePaySuite_Thirdman.log');
} catch (Exception $e) {
Sage_Log::logException($e);
}
}
//user messages
if (count($transactionsChecked) > 0) {
$msg = "Transactions successfully checked: ";
for ($i = 0; $i < count($transactionsChecked); $i++) {
$msg .= $i > 0 ? " " : "";
$msg .= $transactionsChecked[$i];
}
Mage::getSingleton('adminhtml/session')->addSuccess($msg);
}
if (count($transactionsNOTChecked) > 0) {
$msg = "An error occurred while checking some transactions: ";
for ($i = 0; $i < count($transactionsNOTChecked); $i++) {
$msg .= $i > 0 ? " " : "";
$msg .= $transactionsNOTChecked[$i];
}
Mage::getSingleton('adminhtml/session')->addError($msg);
}
$this->_redirect('adminhtml/sagepayreporting_fraud');
}
private function _cancel($trn)
{
/**
* SecurityKey from the "Admin & Access API"
*/
if (!$trn->getSecurityKey() && strtoupper($trn->getIntegration()) == 'FORM') {
$this->_addSecurityKey($trn);
}
$data = array();
$data['VPSProtocol'] = $trn->getVpsProtocol();
$data['TxType'] = self::REQUEST_TYPE_CANCEL;
$data['ReferrerID'] = $this->getConfigData('referrer_id');
$data['Vendor'] = $trn->getVendorname();
$data['VendorTxCode'] = $trn->getVendorTxCode();
$data['VPSTxId'] = $trn->getVpsTxId();
$data['SecurityKey'] = $trn->getSecurityKey();
$result = $this->requestPost($this->getUrl('cancel', false, $this->_getIntegrationCode($trn->getIntegration()), $trn->getMode()), $data);
if ($result['Status'] != 'OK') {
Sage_Log::log($result['StatusDetail']);
Mage::throwException(Mage::helper('sagepaysuite')->__($result['StatusDetail']));
}
$this->saveAction($trn->getOrderId(), $data, $result);
$trn->setCanceled(1)->save();
}
private function _returnInvalid($message = 'Unable to find the transaction in our database.')
{
header('Content-type: text/plain');
$response = 'Status=INVALID' . $this->eoln;
$response .= 'RedirectURL=' . $this->_getFailedRedirectUrl() . '?SID=' . $this->getRequest()->getParam('SID', '') . $this->eoln;
$response .= 'StatusDetail=' . $message . $this->eoln;
#$sagePayServerSession->setFailStatus('StatusDetail=' . $message);
Sage_Log::log($message);
Sage_Log::log($this->getRequest()->getPost());
Sage_log::log($this->_getSagePayServerSession()->getData());
echo $response;
exit;
}
