function check_ipn()
{
global $wpdb, $purchase_log, $wpsc_cart;
$wpcb_atos = get_option('wpcb_atos');
$wpcb_general = get_option('wpcb_general');
$wpcb_dev = get_option('wpcb_dev');
$purch_log_email = get_option('purch_log_email');
if (!$purch_log_email) {
$purch_log_email = get_bloginfo('admin_email');
}
// Automatic Response ATOS :
if ($_GET['ipn'] == 'atos') {
if (array_key_exists('mode_demo', $wpcb_dev) && $wpcb_dev['mode_demo']) {
// Ce Kit de demo a du vous etre envoyé par la banque
$pathfile = dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/cgi-bin/demo/pathfile";
$path_bin_response = dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/cgi-bin/demo/response";
$logfile = dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/cgi-bin/demo/logfile.txt";
} else {
$pathfile = $wpcb_atos['pathfile'];
$path_bin_response = $wpcb_atos['path_bin_response'];
$logfile = $wpcb_atos['logfile'];
}
// Initialisation du chemin du fichier de log :
if (isset($_POST['DATA'])) {
$data = escapeshellcmd($_POST['DATA']);
$message = "message={$data}";
$pathfile = "pathfile=" . $pathfile;
if (isset($_POST['sandbox'])) {
$result = $_POST['sandbox'];
} else {
$result = exec("{$path_bin_response} {$pathfile} {$message}");
}
$tableau = explode("!", $result);
$response = array('code' => $tableau[1], 'error' => $tableau[2], 'merchantid' => $tableau[3], 'merchantcountry' => $tableau[4], 'amount' => $tableau[5], 'transactionid' => $tableau[6], 'paymentmeans' => $tableau[7], 'transmissiondate' => $tableau[8], 'paymenttime' => $tableau[9], 'paymentdate' => $tableau[10], 'responsecode' => $tableau[11], 'paymentcertificate' => $tableau[12], 'authorisationid' => $tableau[13], 'currencycode' => $tableau[14], 'cardnumber' => $tableau[15], 'cvvflag' => $tableau[16], 'cvvresponsecode' => $tableau[17], 'bankresponsecode' => $tableau[18], 'complementarycode' => $tableau[19], 'complementaryinfo' => $tableau[20], 'returncontext' => $tableau[21], 'caddie' => $tableau[22], 'receiptcomplement' => $tableau[23], 'merchantlanguage' => $tableau[24], 'language' => $tableau[25], 'customerid' => $tableau[26], 'orderid' => $tableau[27], 'customeremail' => $tableau[28], 'customeripaddress' => $tableau[29], 'captureday' => $tableau[30], 'capturemode' => $tableau[31], 'data' => $tableau[32]);
//Session id used by wp ecommerce :
$sessionid = $response['orderid'];
// A venir : Ajout dans un google spreadsheet qui a toutes les entêtes précédentes (requis Zend)
// A coler dans la page admin pour tester
if (WP_ZEND_FRAMEWORK) {
$GoogleConnection = true;
$SpreadSheetConnection = true;
try {
$client = Zend_Gdata_ClientLogin::getHttpClient($wpcb_general['googleemail'], $wpcb_general['googlepassword']);
} catch (Zend_Gdata_App_AuthException $ae) {
echo $ae->exception();
$GoogleConnection = false;
}
if ($GoogleConnection) {
// Test
$service = Zend_Gdata_Spreadsheets::AUTH_SERVICE_NAME;
$client = Zend_Gdata_ClientLogin::getHttpClient($wpcb_general['googleemail'], $wpcb_general['googlepassword'], $service);
// On va chercher le numéro de la feuille :
$query_worksheet = new Zend_Gdata_Spreadsheets_DocumentQuery();
// todo pour pas de client ici ?
$query_worksheet->setSpreadsheetKey($wpcb_general['spreadsheetKey']);
$spreadsheetService = new Zend_Gdata_Spreadsheets($client);
try {
$feed = $spreadsheetService->getWorksheetFeed($query_worksheet);
} catch (Zend_Gdata_App_HttpException $ae) {
echo $ae->exception();
$SpreadSheetConnection = false;
}
if ($SpreadSheetConnection) {
// Tout bon on ajoute :
foreach ($feed->entries as $entry) {
if ($entry->title->text == 'CB') {
$worksheetId_CB = basename($entry->id);
} elseif ($entry->title->text == 'Paypal') {
$worksheetId_Paypal = basename($entry->id);
}
}
$spreadsheetService = new Zend_Gdata_Spreadsheets($client);
// Insert row in google spreadsheet :
$insertedListEntry = $spreadsheetService->insertRow($response, $wpcb_general['spreadsheetKey'], $worksheetId_CB);
} else {
wp_mail($purch_log_email, 'Email envoyé depuis le auto_response', 'Mauvais Numero de Spreadsheet dans les options du plugin wpcb');
}
} else {
if (WP_DEBUG) {
wp_mail($purch_log_email, 'Email envoyé depuis le auto_response', 'Mauvais login/mot de pass google dans les options du plugin wpcb');
}
}
} else {
wp_mail($purch_log_email, 'Email envoyé depuis le auto_response', 'Installer Zend pour ajouter automatiquement les ventes à google drive !');
}
// analyse du code retour
if (isset($_POST['sandbox'])) {
$message = "-----------SANDBOX-------------------------\n";
foreach ($response as $k => $v) {
$message .= $k . " = " . $v . "\n";
}
$message .= "-------------------------------------------\n";
if ($logfile) {
$fp = fopen($logfile, "a");
fwrite($fp, $message);
fclose($fp);
}
echo $message;
wp_mail($purch_log_email, 'Email pour vous dire qu\'un paiement SANDBOX est arrivé !', $message);
} else {
//Vrai achat !
if ($response['code'] == "" && $response['error'] == "") {
$message = "erreur appel response\n executable response non trouve {$path_bin_response}\n Session Id : {$sessionid}";
if ($logfile) {
$fp = fopen($logfile, "a");
// Ouverture du fichier de log en append
fwrite($fp, $message);
fclose($fp);
}
if (WP_DEBUG) {
wp_mail($purch_log_email, 'Email envoyé depuis le auto_response car il y a une erreur avec un paiement Atos', $message);
}
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid);
$wpsc_cart->empty_cart();
} elseif ($response['code'] != 0) {
$message = " API call error.\n Error message : {$error}\n Session Id : {$sessionid}";
if ($logfile) {
// Ouverture du fichier de log en append
$fp = fopen($logfile, "a");
fwrite($fp, $message);
fclose($fp);
}
if (WP_DEBUG) {
wp_mail($purch_log_email, 'Email envoyé depuis le auto_response car il y a une erreur avec un paiement Atos', $message);
}
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid);
$wpsc_cart->empty_cart();
} else {
// Ok, Sauvegarde dans la base de donnée du shop.
if ($response_code == 00) {
$message = "-----------SALES----------------------------\n";
foreach ($response as $k => $v) {
$message .= $k . " = " . $v . "\n";
}
$message .= "-------------------------------------------\n";
if ($logfile) {
$fp = fopen($logfile, "a");
fwrite($fp, $message);
fclose($fp);
}
if (WP_DEBUG) {
wp_mail($purch_log_email, 'Email pour vous dire qu\'un paiement est arrivé !', $message);
}
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid);
$purchase_log = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1", ARRAY_A);
// Ne pas enlever car global !
$wpsc_cart->empty_cart();
// Peut-être faut-il ici decrease stock ???
// redirect ->
transaction_results($sessionid, false);
// false -> no echo ! // The cart is emptied in this function a condition d'avoir la global $wpsc_cart !
}
}
}
// Fin du vrai achat
} else {
if (WP_DEBUG) {
wp_mail($purch_log_email, 'Qqn a accéder à cette page sans utiliser le module de CB', 'Rien de grave, c\'est peut-etre un robot google !');
}
}
} elseif ($_GET['ipn'] == 'systempaycyberplus') {
$message = '';
foreach ($_POST as $key => $value) {
$message .= $key . '->' . $value . "\n";
}
mail($purch_log_email, 'ipn systempay cyberplus', $message);
$wpcb_systempaycyberplus = get_option('wpcb_systempaycyberplus');
$control = Check_Signature(uncharm($_POST), $wpcb_systempaycyberplus['certificat']);
if ($control == 'true') {
$sessionid = $_POST['vads_order_id'];
if ($_POST['vads_result'] == "00") {
switch ($_POST['vads_auth_mode']) {
case "FULL":
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid);
$purchase_log = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1", ARRAY_A);
// Ne pas enlever car global !
$wpsc_cart->empty_cart();
// Peut-être faut-il ici decrease stock ???
// redirect ->
transaction_results($sessionid, false);
break;
case "MARK":
break;
}
} else {
//failed
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid);
$wpsc_cart->empty_cart();
//http://matale.fr/?cbListener=systempay_cyberplus&mode=test
}
} else {
mail($purch_log_email, 'ipn systempay cyberplus signature non valide', $message);
}
if ($transauthorised == false) {
}
} elseif ($_GET['ipn'] == 'paypal') {
$wpcb_paypal = get_option('wpcb_paypal');
// Initialisation du chemin du fichier de log :
error_reporting(E_ALL ^ E_NOTICE);
$header = "";
$emailtext = "";
// Read the post from PayPal and add 'cmd'
$req = 'cmd=_notify-validate';
if (function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exits = true;
}
foreach ($_POST as $key => $value) {
// Handle escape characters, which depends on setting of magic quotes
if ($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&{$key}={$value}";
}
// Post back to PayPal to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
if ($wpcb_paypal['sandbox_paypal']) {
$fp = fsockopen('ssl://sandbox.paypal.com', 443, $errno, $errstr, 30);
} else {
$fp = fsockopen('ssl://www.paypal.com', 443, $errno, $errstr, 30);
}
// Process validation from PayPal
if (!$fp) {
// HTTP ERROR
} else {
// NO HTTP ERROR
fputs($fp, $header . $req);
while (!feof($fp)) {
$res = fgets($fp, 1024);
if (strcmp($res, "VERIFIED") == 0) {
if ($_POST['payment_status'] == 'Completed') {
if (WP_DEBUG) {
wp_mail($purch_log_email, "IPN Completed Payement", $req);
}
$sessionid = $_POST['item_number'];
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid);
$purchase_log = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1", ARRAY_A);
transaction_results($sessionid, false);
// false -> no echo !
}
//End if completed
} elseif (strcmp($res, "INVALID") == 0) {
// If 'INVALID', send an email. TODO: Log for manual investigation.
if (WP_DEBUG) {
wp_mail($purch_log_email, "Live-INVALID IPN", $req);
}
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid);
}
}
fclose($fp);
}
}
// fin du ipn=paypal
}
// Load iPhoneActivation Certificate & It's Public/Private Keys. $TokenCertificate = file_get_contents($iPhoneActivationFile); $TokenCertificatePrivateKey = file_get_contents($iPhoneActivation_privateFile); $iPhoneActivationVect = openssl_pkey_get_details(openssl_pkey_get_public($TokenCertificate)); $iPhoneActivationPublicKey = $iPhoneActivationVect['key']; file_put_contents($iPhoneActivation_publicFile, $iPhoneActivationPublicKey); $iPhoneActivationPrivateKey = openssl_pkey_get_private($TokenCertificatePrivateKey); // Sign the AccountTocken & Get $AccountTokenSignature. $TokenSignature = ""; openssl_sign($Token, $TokenSignature, $iPhoneActivationPrivateKey); // Re-Encode the Tokens to the Correct Base64 Format. $AccountTokenCertificate = base64_encode($TokenCertificate); $AccountTokenSignature = base64_encode($TokenSignature); $AccountToken = base64_encode($Token); // Check if Token Signature is Okay. $AccountTokenSignatureCheck = Check_Signature($FakeAccountTokenCertificate, $AccountTokenSignature, $AccountToken); $Message .= $AccountTokenSignatureCheck . "\n"; // Load iPhoneDeviceCA Certificate & It's Private Key. $iPhoneDeviceCA_private = file_get_contents($iPhoneDeviceCA_privateFile); $CA_Key = new Crypt_RSA(); $CA_Key->loadKey($iPhoneDeviceCA_private); $iPhoneDeviceCA = file_get_contents($iPhoneDeviceCAFile); $CA_Certificate = new File_X509(); $CA_Certificate->setPrivateKey($CA_Key); $CA_Certificate->loadX509($iPhoneDeviceCA); // $CA_Certificate->setExtension( 'id-ce-authorityKeyIdentifier', // $CA_Certificate->setKeyIdentifier ( base64_decode ( // 'sv4hI0SGlWp51YEmjnMQ2KdMjnQ=' ) ), false ); // Get And Store DeviceCertRequest Public Key. $DeviceCertRequest = base64_decode($DeviceCertRequest); $iPhoneDeviceVect = openssl_pkey_get_details(openssl_csr_get_public_key($DeviceCertRequest));
