/**
* Traitement de la réponse du serveur de paiement
* Pas de paramètre, les données seront dans $_POST ou $_GET
*/
function call_response()
{
$CMCIC_bruteVars = getMethode();
$oTpe = new CMCIC_Tpe();
$oHmac = new CMCIC_Hmac($oTpe);
$cgi2_fields = sprintf(CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars['date'], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], @$CMCIC_bruteVars['motifrefus'], @$CMCIC_bruteVars['originecb'], @$CMCIC_bruteVars['bincb'], @$CMCIC_bruteVars['hpancb'], @$CMCIC_bruteVars['ipclient'], @$CMCIC_bruteVars['originetr'], @$CMCIC_bruteVars['veres'], @$CMCIC_bruteVars['pares']);
if ($oHmac->computeHmac($cgi2_fields) == strtolower($CMCIC_bruteVars['MAC'])) {
$MAC_match = true;
$receipt = CMCIC_CGI2_MACOK;
} else {
$MAC_match = false;
$receipt = CMCIC_CGI2_MACNOTOK . $cgi2_fields;
}
$response = array('MAC_match' => $MAC_match, 'receipt' => $receipt);
foreach ($CMCIC_bruteVars as $field => $value) {
$response[$field] = $value;
}
return $response;
}
/**
* Retrouve la réponse de la banque CIC et vérifie sa sécurité
*
* @param array $config
* @return bool|array
* False si erreur ou clé de sécurité erronnée
* array : tableau des données de la banque sinon
**/
function cmcic_response($config)
{
$mode = $config['presta'];
if (isset($config['mode_test']) and $config['mode_test']) {
$mode .= "_test";
}
// Begin Main : Retrieve Variables posted by CMCIC Payment Server
$CMCIC_bruteVars = getMethode();
spip_log("call_response : réception des variables cmcic", $mode);
// peu de chance d'être en erreur ici, mais sait-on jamais
if (!$CMCIC_bruteVars) {
spip_log("call_response : variables cmcic introuvables", $mode);
#return presta_cmcic_notifier_banque_erreur();
return false;
}
// TPE init variables
$oTpe = new CMCIC_Tpe($config);
$oHmac = new CMCIC_Hmac($oTpe);
// Message Authentication
$cgi2_fields = sprintf(_CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars["date"], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], $CMCIC_bruteVars['motifrefus'], $CMCIC_bruteVars['originecb'], $CMCIC_bruteVars['bincb'], $CMCIC_bruteVars['hpancb'], $CMCIC_bruteVars['ipclient'], $CMCIC_bruteVars['originetr'], $CMCIC_bruteVars['veres'], $CMCIC_bruteVars['pares']);
// uniquement si le code de sécurité correspond
if ($oHmac->computeHmac($cgi2_fields) != strtolower($CMCIC_bruteVars['MAC'])) {
spip_log("call_response : clé de sécurité falsifiée ou erronée", $mode);
return false;
#return presta_cmcic_notifier_banque_erreur();
}
// clé correcte
return $CMCIC_bruteVars;
}
public function processServerReturn()
{
$this->orderData = getMethode();
$configTpe = app()['config']['cmcic']['TPE'];
$this->oTpe = new CMCIC_Tpe($configTpe);
$this->oHmac = new CMCIC_Hmac($this->oTpe);
if (isset($this->orderData['MAC']) && isset($this->orderData['date']) && isset($this->orderData['montant']) && isset($this->orderData['reference']) && isset($this->orderData['texte-libre']) && isset($this->orderData['code-retour']) && isset($this->orderData['cvx']) && isset($this->orderData['vld']) && isset($this->orderData['brand']) && isset($this->orderData['status3ds']) && isset($this->orderData['numauto']) && isset($this->orderData['originecb']) && isset($this->orderData['bincb']) && isset($this->orderData['hpancb']) && isset($this->orderData['ipclient']) && isset($this->orderData['originetr']) && isset($this->orderData['veres']) && isset($this->orderData['pares'])) {
if (!isset($this->orderData['motifrefus'])) {
$this->orderData['motifrefus'] = '';
}
$cgi2_fields = sprintf($this->cmcicCgi2Fields, $this->oTpe->sNumero, $this->orderData['date'], $this->orderData['montant'], $this->orderData['reference'], $this->orderData['texte-libre'], $this->oTpe->sVersion, $this->orderData['code-retour'], $this->orderData['cvx'], $this->orderData['vld'], $this->orderData['brand'], $this->orderData['status3ds'], $this->orderData['numauto'], $this->orderData['motifrefus'], $this->orderData['originecb'], $this->orderData['bincb'], $this->orderData['hpancb'], $this->orderData['ipclient'], $this->orderData['originetr'], $this->orderData['veres'], $this->orderData['pares']);
if ($this->oHmac->computeHmac($cgi2_fields) == strtolower($this->orderData['MAC'])) {
$dataValid = true;
$receipt = $this->cmcicCgi2MacOk;
} else {
$dataValid = false;
$receipt = $this->cmcicCgi2MacNotOk;
}
$toPrint = sprintf($this->cmcicCgi2Receipt, $receipt);
} else {
$dataValid = false;
$toPrint = 'Error data not received';
}
return ['dataValid' => $dataValid, 'toPrint' => $toPrint];
}
public function executeBack(HTTPRequest $request)
{
error_reporting(E_ALL ^ E_NOTICE);
header("Pragma: no-cache");
header("Content-type: text/plain");
// TPE Settings
// Warning !! CMCIC_Config contains the key, you have to protect this file with all the mechanism available in your development environment.
// You may for instance put this file in another directory and/or change its name. If so, don't forget to adapt the include path below.
require_once dirname(__FILE__) . '/../../../../lib/paiement/CMCIC_Config.php';
// --- PHP implementation of RFC2104 hmac sha1 ---
require_once dirname(__FILE__) . '/../../../../lib/paiement/CMCIC_Tpe.inc.php';
// Begin Main : Retrieve Variables posted by CMCIC Payment Server
$CMCIC_bruteVars = getMethode();
// TPE init variables
$oTpe = new CMCIC_Tpe();
$oHmac = new CMCIC_Hmac($oTpe);
// Message Authentication
$cgi2_fields = sprintf(CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars["date"], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], $CMCIC_bruteVars['motifrefus'], $CMCIC_bruteVars['originecb'], $CMCIC_bruteVars['bincb'], $CMCIC_bruteVars['hpancb'], $CMCIC_bruteVars['ipclient'], $CMCIC_bruteVars['originetr'], $CMCIC_bruteVars['veres'], $CMCIC_bruteVars['pares']);
if ($oHmac->computeHmac($cgi2_fields) == strtolower($CMCIC_bruteVars['MAC'])) {
switch ($CMCIC_bruteVars['code-retour']) {
case "Annulation":
// Payment has been refused
// put your code here (email sending / Database update)
// Attention : an autorization may still be delivered for this payment
break;
case "payetest":
// Payment has been accepeted on the test server
// put your code here (email sending / Database update)
$reservationId = $request->postData('reference');
$reservation = $this->_announcementReservationManager->get($reservationId);
if (!is_null($reservation)) {
$reservation->setStateId(PaiementStates::WAITING_VALIDATION);
$reservation->setTransactionRef($reservation->id());
$this->_announcementReservationManager->save($reservation);
$messageMail = new Mail();
$messageMail->sendReservationOwnerValidation($this->_usersManager->get($reservation->getUserOwnerId()), $this->_usersManager->get($reservation->getUserSubscriberId()), $this->_announcementManager->get($reservation->getAnnouncementId()), $reservation);
$messageMail->sendReservationSubscriberRecap($this->_usersManager->get($reservation->getUserOwnerId()), $this->_usersManager->get($reservation->getUserSubscriberId()), $this->_announcementManager->get($reservation->getAnnouncementId()));
}
break;
case "paiement":
// Payment has been accepted on the productive server
// put your code here (email sending / Database update)
$reservationId = $request->postData('reference');
$reservation = $this->_announcementReservationManager->get($reservationId);
if (!is_null($reservation)) {
$reservation->setStateId(PaiementStates::WAITING_VALIDATION);
$reservation->setTransactionRef($reservation->id());
$this->_announcementReservationManager->save($reservation);
$messageMail = new Mail();
$messageMail->sendReservationOwnerValidation($this->_usersManager->get($reservation->getUserOwnerId()), $this->_usersManager->get($reservation->getUserSubscriberId()), $this->_announcementManager->get($reservation->getAnnouncementId()), $reservation);
$messageMail->sendReservationSubscriberRecap($this->_usersManager->get($reservation->getUserOwnerId()), $this->_usersManager->get($reservation->getUserSubscriberId()), $this->_announcementManager->get($reservation->getAnnouncementId()));
}
break;
/*** ONLY FOR MULTIPART PAYMENT ***/
/*** ONLY FOR MULTIPART PAYMENT ***/
case "paiement_pf2":
case "paiement_pf3":
case "paiement_pf4":
// Payment has been accepted on the productive server for the part #N
// return code is like paiement_pf[#N]
// put your code here (email sending / Database update)
// You have the amount of the payment part in $CMCIC_bruteVars['montantech']
break;
case "Annulation_pf2":
case "Annulation_pf3":
case "Annulation_pf4":
// Payment has been refused on the productive server for the part #N
// return code is like Annulation_pf[#N]
// put your code here (email sending / Database update)
// You have the amount of the payment part in $CMCIC_bruteVars['montantech']
break;
}
$receipt = CMCIC_CGI2_MACOK;
} else {
// your code if the HMAC doesn't match
$receipt = CMCIC_CGI2_MACNOTOK . $cgi2_fields;
}
//-----------------------------------------------------------------------------
// Send receipt to CMCIC server
//-----------------------------------------------------------------------------
printf(CMCIC_CGI2_RECEIPT, $receipt);
// Copyright (c) 2009 Euro-Information ( mailto:centrecom@e-i.com )
// All rights reserved. ---
}
require_once("MoneticoPaiement_Ept.inc.php");
// =============================================================================================================================================================
// FIN SECTION INCLUDE
//
// END INCLUDE SECTION
// =============================================================================================================================================================
// =============================================================================================================================================================
// SECTION CODE : Cette section ne doit pas être modifiée
//
// CODE SECTION : This section must not be modified
// =============================================================================================================================================================
// Begin Main : Retrieve Variables posted by Monetico Paiement Server
$MoneticoPaiement_bruteVars = getMethode();
// TPE init variables
$oEpt = new MoneticoPaiement_Ept();
$oHmac = new MoneticoPaiement_Hmac($oEpt);
// Message Authentication
$phase2back_fields = sprintf(MONETICOPAIEMENT_PHASE2BACK_FIELDS, $oEpt->sNumero,
$MoneticoPaiement_bruteVars["date"],
$MoneticoPaiement_bruteVars['montant'],
$MoneticoPaiement_bruteVars['reference'],
$MoneticoPaiement_bruteVars['texte-libre'],
$oEpt->sVersion,
$MoneticoPaiement_bruteVars['code-retour'],
$MoneticoPaiement_bruteVars['cvx'],
$MoneticoPaiement_bruteVars['vld'],
* Date : 01/01/2009
*
* Copyright: (c) 2009 Euro-Information. All rights reserved.
* License : see attached document "Licence.txt".
*
*****************************************************************************/
header("Pragma: no-cache");
header("Content-type: text/plain");
// TPE Settings
// Warning !! CMCIC_Config contains the key, you have to protect this file with all the mechanism available in your development environment.
// You may for instance put this file in another directory and/or change its name. If so, don't forget to adapt the include path below.
require_once "CMCIC_Config.php";
// --- PHP implementation of RFC2104 hmac sha1 ---
require_once "CMCIC_Tpe.inc.php";
// Begin Main : Retrieve Variables posted by CMCIC Payment Server
$CMCIC_bruteVars = getMethode();
// TPE init variables
$oTpe = new CMCIC_Tpe();
$oHmac = new CMCIC_Hmac($oTpe);
// Message Authentication
$cgi2_fields = sprintf(CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars["date"], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], $CMCIC_bruteVars['motifrefus'], $CMCIC_bruteVars['originecb'], $CMCIC_bruteVars['bincb'], $CMCIC_bruteVars['hpancb'], $CMCIC_bruteVars['ipclient'], $CMCIC_bruteVars['originetr'], $CMCIC_bruteVars['veres'], $CMCIC_bruteVars['pares']);
if ($oHmac->computeHmac($cgi2_fields) == strtolower($CMCIC_bruteVars['MAC'])) {
switch ($CMCIC_bruteVars['code-retour']) {
case "Annulation":
// Payment has been refused
// put your code here (email sending / Database update)
// Attention : an autorization may still be delivered for this payment
break;
case "payetest":
// Payment has been accepeted on the test server
// put your code here (email sending / Database update)