function check_ipn() { global $wpdb, $purchase_log, $wpsc_cart; $wpcb_atos = get_option('wpcb_atos'); $wpcb_general = get_option('wpcb_general'); $wpcb_dev = get_option('wpcb_dev'); $purch_log_email = get_option('purch_log_email'); if (!$purch_log_email) { $purch_log_email = get_bloginfo('admin_email'); } // Automatic Response ATOS : if ($_GET['ipn'] == 'atos') { if (array_key_exists('mode_demo', $wpcb_dev) && $wpcb_dev['mode_demo']) { // Ce Kit de demo a du vous etre envoyé par la banque $pathfile = dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/cgi-bin/demo/pathfile"; $path_bin_response = dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/cgi-bin/demo/response"; $logfile = dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/cgi-bin/demo/logfile.txt"; } else { $pathfile = $wpcb_atos['pathfile']; $path_bin_response = $wpcb_atos['path_bin_response']; $logfile = $wpcb_atos['logfile']; } // Initialisation du chemin du fichier de log : if (isset($_POST['DATA'])) { $data = escapeshellcmd($_POST['DATA']); $message = "message={$data}"; $pathfile = "pathfile=" . $pathfile; if (isset($_POST['sandbox'])) { $result = $_POST['sandbox']; } else { $result = exec("{$path_bin_response} {$pathfile} {$message}"); } $tableau = explode("!", $result); $response = array('code' => $tableau[1], 'error' => $tableau[2], 'merchantid' => $tableau[3], 'merchantcountry' => $tableau[4], 'amount' => $tableau[5], 'transactionid' => $tableau[6], 'paymentmeans' => $tableau[7], 'transmissiondate' => $tableau[8], 'paymenttime' => $tableau[9], 'paymentdate' => $tableau[10], 'responsecode' => $tableau[11], 'paymentcertificate' => $tableau[12], 'authorisationid' => $tableau[13], 'currencycode' => $tableau[14], 'cardnumber' => $tableau[15], 'cvvflag' => $tableau[16], 'cvvresponsecode' => $tableau[17], 'bankresponsecode' => $tableau[18], 'complementarycode' => $tableau[19], 'complementaryinfo' => $tableau[20], 'returncontext' => $tableau[21], 'caddie' => $tableau[22], 'receiptcomplement' => $tableau[23], 'merchantlanguage' => $tableau[24], 'language' => $tableau[25], 'customerid' => $tableau[26], 'orderid' => $tableau[27], 'customeremail' => $tableau[28], 'customeripaddress' => $tableau[29], 'captureday' => $tableau[30], 'capturemode' => $tableau[31], 'data' => $tableau[32]); //Session id used by wp ecommerce : $sessionid = $response['orderid']; // A venir : Ajout dans un google spreadsheet qui a toutes les entêtes précédentes (requis Zend) // A coler dans la page admin pour tester if (WP_ZEND_FRAMEWORK) { $GoogleConnection = true; $SpreadSheetConnection = true; try { $client = Zend_Gdata_ClientLogin::getHttpClient($wpcb_general['googleemail'], $wpcb_general['googlepassword']); } catch (Zend_Gdata_App_AuthException $ae) { echo $ae->exception(); $GoogleConnection = false; } if ($GoogleConnection) { // Test $service = Zend_Gdata_Spreadsheets::AUTH_SERVICE_NAME; $client = Zend_Gdata_ClientLogin::getHttpClient($wpcb_general['googleemail'], $wpcb_general['googlepassword'], $service); // On va chercher le numéro de la feuille : $query_worksheet = new Zend_Gdata_Spreadsheets_DocumentQuery(); // todo pour pas de client ici ? $query_worksheet->setSpreadsheetKey($wpcb_general['spreadsheetKey']); $spreadsheetService = new Zend_Gdata_Spreadsheets($client); try { $feed = $spreadsheetService->getWorksheetFeed($query_worksheet); } catch (Zend_Gdata_App_HttpException $ae) { echo $ae->exception(); $SpreadSheetConnection = false; } if ($SpreadSheetConnection) { // Tout bon on ajoute : foreach ($feed->entries as $entry) { if ($entry->title->text == 'CB') { $worksheetId_CB = basename($entry->id); } elseif ($entry->title->text == 'Paypal') { $worksheetId_Paypal = basename($entry->id); } } $spreadsheetService = new Zend_Gdata_Spreadsheets($client); // Insert row in google spreadsheet : $insertedListEntry = $spreadsheetService->insertRow($response, $wpcb_general['spreadsheetKey'], $worksheetId_CB); } else { wp_mail($purch_log_email, 'Email envoyé depuis le auto_response', 'Mauvais Numero de Spreadsheet dans les options du plugin wpcb'); } } else { if (WP_DEBUG) { wp_mail($purch_log_email, 'Email envoyé depuis le auto_response', 'Mauvais login/mot de pass google dans les options du plugin wpcb'); } } } else { wp_mail($purch_log_email, 'Email envoyé depuis le auto_response', 'Installer Zend pour ajouter automatiquement les ventes à google drive !'); } // analyse du code retour if (isset($_POST['sandbox'])) { $message = "-----------SANDBOX-------------------------\n"; foreach ($response as $k => $v) { $message .= $k . " = " . $v . "\n"; } $message .= "-------------------------------------------\n"; if ($logfile) { $fp = fopen($logfile, "a"); fwrite($fp, $message); fclose($fp); } echo $message; wp_mail($purch_log_email, 'Email pour vous dire qu\'un paiement SANDBOX est arrivé !', $message); } else { //Vrai achat ! if ($response['code'] == "" && $response['error'] == "") { $message = "erreur appel response\n executable response non trouve {$path_bin_response}\n Session Id : {$sessionid}"; if ($logfile) { $fp = fopen($logfile, "a"); // Ouverture du fichier de log en append fwrite($fp, $message); fclose($fp); } if (WP_DEBUG) { wp_mail($purch_log_email, 'Email envoyé depuis le auto_response car il y a une erreur avec un paiement Atos', $message); } $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid); $wpsc_cart->empty_cart(); } elseif ($response['code'] != 0) { $message = " API call error.\n Error message : {$error}\n Session Id : {$sessionid}"; if ($logfile) { // Ouverture du fichier de log en append $fp = fopen($logfile, "a"); fwrite($fp, $message); fclose($fp); } if (WP_DEBUG) { wp_mail($purch_log_email, 'Email envoyé depuis le auto_response car il y a une erreur avec un paiement Atos', $message); } $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid); $wpsc_cart->empty_cart(); } else { // Ok, Sauvegarde dans la base de donnée du shop. if ($response_code == 00) { $message = "-----------SALES----------------------------\n"; foreach ($response as $k => $v) { $message .= $k . " = " . $v . "\n"; } $message .= "-------------------------------------------\n"; if ($logfile) { $fp = fopen($logfile, "a"); fwrite($fp, $message); fclose($fp); } if (WP_DEBUG) { wp_mail($purch_log_email, 'Email pour vous dire qu\'un paiement est arrivé !', $message); } $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid); $purchase_log = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1", ARRAY_A); // Ne pas enlever car global ! $wpsc_cart->empty_cart(); // Peut-être faut-il ici decrease stock ??? // redirect -> transaction_results($sessionid, false); // false -> no echo ! // The cart is emptied in this function a condition d'avoir la global $wpsc_cart ! } } } // Fin du vrai achat } else { if (WP_DEBUG) { wp_mail($purch_log_email, 'Qqn a accéder à cette page sans utiliser le module de CB', 'Rien de grave, c\'est peut-etre un robot google !'); } } } elseif ($_GET['ipn'] == 'systempaycyberplus') { $message = ''; foreach ($_POST as $key => $value) { $message .= $key . '->' . $value . "\n"; } mail($purch_log_email, 'ipn systempay cyberplus', $message); $wpcb_systempaycyberplus = get_option('wpcb_systempaycyberplus'); $control = Check_Signature(uncharm($_POST), $wpcb_systempaycyberplus['certificat']); if ($control == 'true') { $sessionid = $_POST['vads_order_id']; if ($_POST['vads_result'] == "00") { switch ($_POST['vads_auth_mode']) { case "FULL": $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid); $purchase_log = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1", ARRAY_A); // Ne pas enlever car global ! $wpsc_cart->empty_cart(); // Peut-être faut-il ici decrease stock ??? // redirect -> transaction_results($sessionid, false); break; case "MARK": break; } } else { //failed $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid); $wpsc_cart->empty_cart(); //http://matale.fr/?cbListener=systempay_cyberplus&mode=test } } else { mail($purch_log_email, 'ipn systempay cyberplus signature non valide', $message); } if ($transauthorised == false) { } } elseif ($_GET['ipn'] == 'paypal') { $wpcb_paypal = get_option('wpcb_paypal'); // Initialisation du chemin du fichier de log : error_reporting(E_ALL ^ E_NOTICE); $header = ""; $emailtext = ""; // Read the post from PayPal and add 'cmd' $req = 'cmd=_notify-validate'; if (function_exists('get_magic_quotes_gpc')) { $get_magic_quotes_exits = true; } foreach ($_POST as $key => $value) { // Handle escape characters, which depends on setting of magic quotes if ($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) { $value = urlencode(stripslashes($value)); } else { $value = urlencode($value); } $req .= "&{$key}={$value}"; } // Post back to PayPal to validate $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; if ($wpcb_paypal['sandbox_paypal']) { $fp = fsockopen('ssl://sandbox.paypal.com', 443, $errno, $errstr, 30); } else { $fp = fsockopen('ssl://www.paypal.com', 443, $errno, $errstr, 30); } // Process validation from PayPal if (!$fp) { // HTTP ERROR } else { // NO HTTP ERROR fputs($fp, $header . $req); while (!feof($fp)) { $res = fgets($fp, 1024); if (strcmp($res, "VERIFIED") == 0) { if ($_POST['payment_status'] == 'Completed') { if (WP_DEBUG) { wp_mail($purch_log_email, "IPN Completed Payement", $req); } $sessionid = $_POST['item_number']; $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid); $purchase_log = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1", ARRAY_A); transaction_results($sessionid, false); // false -> no echo ! } //End if completed } elseif (strcmp($res, "INVALID") == 0) { // If 'INVALID', send an email. TODO: Log for manual investigation. if (WP_DEBUG) { wp_mail($purch_log_email, "Live-INVALID IPN", $req); } $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid); } } fclose($fp); } } // fin du ipn=paypal }
// Load iPhoneActivation Certificate & It's Public/Private Keys. $TokenCertificate = file_get_contents($iPhoneActivationFile); $TokenCertificatePrivateKey = file_get_contents($iPhoneActivation_privateFile); $iPhoneActivationVect = openssl_pkey_get_details(openssl_pkey_get_public($TokenCertificate)); $iPhoneActivationPublicKey = $iPhoneActivationVect['key']; file_put_contents($iPhoneActivation_publicFile, $iPhoneActivationPublicKey); $iPhoneActivationPrivateKey = openssl_pkey_get_private($TokenCertificatePrivateKey); // Sign the AccountTocken & Get $AccountTokenSignature. $TokenSignature = ""; openssl_sign($Token, $TokenSignature, $iPhoneActivationPrivateKey); // Re-Encode the Tokens to the Correct Base64 Format. $AccountTokenCertificate = base64_encode($TokenCertificate); $AccountTokenSignature = base64_encode($TokenSignature); $AccountToken = base64_encode($Token); // Check if Token Signature is Okay. $AccountTokenSignatureCheck = Check_Signature($FakeAccountTokenCertificate, $AccountTokenSignature, $AccountToken); $Message .= $AccountTokenSignatureCheck . "\n"; // Load iPhoneDeviceCA Certificate & It's Private Key. $iPhoneDeviceCA_private = file_get_contents($iPhoneDeviceCA_privateFile); $CA_Key = new Crypt_RSA(); $CA_Key->loadKey($iPhoneDeviceCA_private); $iPhoneDeviceCA = file_get_contents($iPhoneDeviceCAFile); $CA_Certificate = new File_X509(); $CA_Certificate->setPrivateKey($CA_Key); $CA_Certificate->loadX509($iPhoneDeviceCA); // $CA_Certificate->setExtension( 'id-ce-authorityKeyIdentifier', // $CA_Certificate->setKeyIdentifier ( base64_decode ( // 'sv4hI0SGlWp51YEmjnMQ2KdMjnQ=' ) ), false ); // Get And Store DeviceCertRequest Public Key. $DeviceCertRequest = base64_decode($DeviceCertRequest); $iPhoneDeviceVect = openssl_pkey_get_details(openssl_csr_get_public_key($DeviceCertRequest));