//// Get data sent by PayFast
if (!$pfError) {
pflog('Get posted data');
// Posted variables from ITN
$pfData = pfGetData();
pflog('PayFast Data: ' . print_r($pfData, true));
if ($pfData === false) {
$pfError = true;
$pfNotes[] = PF_ERR_BAD_ACCESS;
}
}
//// Verify security signature
if (!$pfError) {
pflog('Verify security signature');
// If signature different, log for debugging
if (!pfValidSignature($pfData, $pfParamString)) {
$pfError = true;
$pfNotes[] = PF_ERR_INVALID_SIGNATURE;
}
}
//// Verify source IP (If not in debug mode)
if (!$pfError && !PF_DEBUG) {
pflog('Verify source IP');
if (!pfValidIP($_SERVER['REMOTE_ADDR'])) {
$pfError = true;
$pfNotes[] = PF_ERR_BAD_SOURCE_IP;
}
}
//// Retrieve order from CubeCart
if (!$pfError) {
pflog('Get order');
$pfHost = $pf->live ? 'https://www.payfast.co.za' : 'https://sandbox.payfast.co.za';
$error = false;
pflog('ITN received from payfast.co.za');
if (!pfValidIP($_SERVER['REMOTE_ADDR'])) {
pflog('REMOTE_IP mismatch: ');
$error = true;
return false;
}
$data = pfGetData();
pflog('POST received from payfast.co.za: ' . print_r($data, true));
if ($data === false) {
pflog('POST is empty: ' . print_r($data, true));
$error = true;
return false;
}
if (!pfValidSignature($data, $pf->extra3)) {
pflog('Signature mismatch on POST');
$error = true;
return false;
}
pflog('Signature OK');
$itnPostData = array();
$itnPostDataValuePairs = array();
foreach ($_POST as $key => $value) {
if ($key == 'signature') {
continue;
}
$value = urlencode(stripslashes($value));
$value = preg_replace('/(.*[^%^0^D])(%0A)(.*)/i', '${1}%0D%0A${3}', $value);
$itnPostDataValuePairs[] = "{$key}={$value}";
}
/**
* indexAction
*
* Instantiate ITN model and pass ITN request to it
*/
public function execute()
{
$pre = __METHOD__ . " : ";
$this->_logger->debug($pre . 'bof');
// Variable Initialization
$pfError = false;
$pfErrMsg = '';
$pfData = array();
$serverMode = $this->getConfigData('server');
$pfParamString = '';
$pfHost = $this->_paymentMethod->getPayfastHost($serverMode);
pflog(' PayFast ITN call received');
pflog('Server = ' . $pfHost);
//// Notify PayFast that information has been received
if (!$pfError) {
header('HTTP/1.0 200 OK');
flush();
}
//// Get data sent by PayFast
if (!$pfError) {
// Posted variables from ITN
$pfData = pfGetData();
if (empty($pfData)) {
$pfError = true;
$pfErrMsg = PF_ERR_BAD_ACCESS;
}
}
//// Verify security signature
if (!$pfError) {
pflog('Verify security signature');
// If signature different, log for debugging
if (!pfValidSignature($pfData, $pfParamString, $this->getConfigData('passphrase'), $this->getConfigData('server'))) {
$pfError = true;
$pfErrMsg = PF_ERR_INVALID_SIGNATURE;
}
}
//// Verify source IP (If not in debug mode)
if (!$pfError && !defined('PF_DEBUG')) {
pflog('Verify source IP');
if (!pfValidIP($_SERVER['REMOTE_ADDR'], $serverMode)) {
$pfError = true;
$pfErrMsg = PF_ERR_BAD_SOURCE_IP;
}
}
//// Get internal order and verify it hasn't already been processed
if (!$pfError) {
pflog("Check order hasn't been processed");
// Load order
$orderId = $pfData['m_payment_id'];
$this->_order = $this->_orderFactory->create()->loadByIncrementId($orderId);
$this->storeId = $this->_order->getStoreId();
pflog('order status is : ' . $this->_order->getStatus());
// Check order is in "pending payment" state
if ($this->_order->getStatus() !== \Magento\Sales\Model\Order::STATE_PENDING_PAYMENT) {
$pfError = true;
$pfErrMsg = PF_ERR_ORDER_PROCESSED;
}
}
//// Verify data received
if (!$pfError) {
pflog('Verify data received');
$pfValid = pfValidData($pfHost, $pfParamString);
if (!$pfValid) {
$pfError = true;
$pfErrMsg = PF_ERR_BAD_ACCESS;
}
}
//// Check status and update order
if (!$pfError) {
pflog('Check status and update order');
// Successful
if ($pfData['payment_status'] == "COMPLETE") {
pflog('Order complete');
// Update order additional payment information
$payment = $this->_order->getPayment();
$payment->setAdditionalInformation("payment_status", $pfData['payment_status']);
$payment->setAdditionalInformation("m_payment_id", $pfData['m_payment_id']);
$payment->setAdditionalInformation("pf_payment_id", $pfData['pf_payment_id']);
$payment->setAdditionalInformation("email_address", $pfData['email_address']);
$payment->setAdditionalInformation("amount_fee", $pfData['amount_fee']);
$payment->registerCaptureNotification($pfData['amount_gross'], true);
$payment->save();
// Save invoice
$this->saveInvoice();
}
}
// If an error occurred
if ($pfError) {
pflog('Error occurred: ' . $pfErrMsg);
$this->_logger->critical($pre . "Error occured : " . $pfErrMsg);
}
}
