function handle_paypal_return()
{
// PayPal IPN handling code
if ((isset($_POST['payment_status']) || isset($_POST['txn_type'])) && isset($_POST['custom'])) {
if (get_option($this->gateway . "_paypal_status") == 'live') {
$domain = 'https://www.paypal.com';
} else {
$domain = 'https://www.sandbox.paypal.com';
}
$req = 'cmd=_notify-validate';
if (!isset($_POST)) {
$_POST = $HTTP_POST_VARS;
}
foreach ($_POST as $k => $v) {
if (get_magic_quotes_gpc()) {
$v = stripslashes($v);
}
$req .= '&' . $k . '=' . $v;
}
$header = 'POST /cgi-bin/webscr HTTP/1.0' . "\r\n" . 'Content-Type: application/x-www-form-urlencoded' . "\r\n" . 'Content-Length: ' . strlen($req) . "\r\n" . "\r\n";
@set_time_limit(60);
if ($conn = @fsockopen($domain, 80, $errno, $errstr, 30)) {
fputs($conn, $header . $req);
socket_set_timeout($conn, 30);
$response = '';
$close_connection = false;
while (true) {
if (feof($conn) || $close_connection) {
fclose($conn);
break;
}
$st = @fgets($conn, 4096);
if ($st === false) {
$close_connection = true;
continue;
}
$response .= $st;
}
$error = '';
$lines = explode("\n", str_replace("\r\n", "\n", $response));
// looking for: HTTP/1.1 200 OK
if (count($lines) == 0) {
$error = 'Response Error: Header not found';
} else {
if (substr($lines[0], -7) != ' 200 OK') {
$error = 'Response Error: Unexpected HTTP response';
} else {
// remove HTTP header
while (count($lines) > 0 && trim($lines[0]) != '') {
array_shift($lines);
}
// first line will be empty, second line will have the result
if (count($lines) < 2) {
$error = 'Response Error: No content found in transaction response';
} else {
if (strtoupper(trim($lines[1])) != 'VERIFIED') {
$error = 'Response Error: Unexpected transaction response';
}
}
}
}
if ($error != '') {
echo $error;
exit;
}
}
// handle cases that the system must ignore
//if ($_POST['payment_status'] == 'In-Progress' || $_POST['payment_status'] == 'Partially-Refunded') exit;
$new_status = false;
// process PayPal response
switch ($_POST['payment_status']) {
case 'Partially-Refunded':
break;
case 'In-Progress':
break;
case 'Completed':
case 'Processed':
// case: successful payment
$amount = $_POST['mc_gross'];
$currency = $_POST['mc_currency'];
list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']);
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], '');
// Added for affiliate system link
do_action('membership_payment_processed', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']);
break;
case 'Reversed':
// case: charge back
$note = 'Last transaction has been reversed. Reason: Payment has been reversed (charge back)';
$amount = $_POST['mc_gross'];
$currency = $_POST['mc_currency'];
list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']);
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note);
$member = new M_Membership($user_id);
if ($member) {
$member->expire_subscription($sub_id);
$member->deactivate();
}
do_action('membership_payment_reversed', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']);
break;
case 'Refunded':
// case: refund
$note = 'Last transaction has been reversed. Reason: Payment has been refunded';
$amount = $_POST['mc_gross'];
$currency = $_POST['mc_currency'];
list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']);
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note);
$member = new M_Membership($user_id);
if ($member) {
$member->expire_subscription($sub_id);
}
do_action('membership_payment_refunded', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']);
break;
case 'Denied':
// case: denied
$note = 'Last transaction has been reversed. Reason: Payment Denied';
$amount = $_POST['mc_gross'];
$currency = $_POST['mc_currency'];
list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']);
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note);
$member = new M_Membership($user_id);
if ($member) {
$member->expire_subscription($sub_id);
$member->deactivate();
}
do_action('membership_payment_denied', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']);
break;
case 'Pending':
// case: payment is pending
$pending_str = array('address' => 'Customer did not include a confirmed shipping address', 'authorization' => 'Funds not captured yet', 'echeck' => 'eCheck that has not cleared yet', 'intl' => 'Payment waiting for aproval by service provider', 'multi-currency' => 'Payment waiting for service provider to handle multi-currency process', 'unilateral' => 'Customer did not register or confirm his/her email yet', 'upgrade' => 'Waiting for service provider to upgrade the PayPal account', 'verify' => 'Waiting for service provider to verify his/her PayPal account', '*' => '');
$reason = @$_POST['pending_reason'];
$note = 'Last transaction is pending. Reason: ' . (isset($pending_str[$reason]) ? $pending_str[$reason] : $pending_str['*']);
$amount = $_POST['mc_gross'];
$currency = $_POST['mc_currency'];
list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']);
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note);
do_action('membership_payment_pending', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']);
break;
default:
// case: various error cases
}
//check for subscription details
switch ($_POST['txn_type']) {
case 'subscr_signup':
// start the subscription
list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']);
// create_subscription
$member = new M_Membership($user_id);
if ($member) {
$member->create_subscription($sub_id, $this->gateway);
}
do_action('membership_payment_subscr_signup', $user_id, $sub_id);
break;
case 'subscr_modify':
// modify the subscription
list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']);
// create_subscription
$member = new M_Membership($user_id);
if ($member) {
// Remove the old subscription
$member->drop_subscription($sub_id);
// Join the new subscription
$member->create_subscription((int) $_POST['item_number'], $this->gateway);
// Timestamp the update
update_user_meta($user_id, '_membership_last_upgraded', time());
}
do_action('membership_payment_subscr_signup', $user_id, $sub_id);
break;
case 'subscr_cancel':
// mark for removal
list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']);
$member = new M_Membership($user_id);
if ($member) {
$member->mark_for_expire($sub_id);
}
do_action('membership_payment_subscr_cancel', $user_id, $sub_id);
break;
case 'new_case':
// a dispute
if ($_POST['case_type'] == 'dispute') {
// immediately suspend the account
$member = new M_Membership($user_id);
if ($member) {
$member->deactivate();
}
}
do_action('membership_payment_new_case', $user_id, $sub_id, $_POST['case_type']);
break;
}
} else {
// Did not find expected POST variables. Possible access attempt from a non PayPal site.
header('Status: 404 Not Found');
echo 'Error: Missing POST variables. Identification is not possible.';
exit;
}
}
function handle_bitpay_return()
{
try {
$post = file_get_contents("php://input");
if (!$post) {
return 'No post data';
}
$response = json_decode($post, true);
if (is_string($response)) {
return $response;
}
// error
if (!array_key_exists('posData', $response)) {
return 'No posData';
}
$posData = json_decode($response['posData'], true);
if ($bpOptions['verifyPos'] and $posData['hash'] != bpHash(serialize($posData['posData']), $bpOptions['apiKey'])) {
return 'Authentication failed (bad hash)';
}
$response['posData'] = $posData['posData'];
} catch (Exception $e) {
if ($bpOptions['useLogging']) {
bpLog('Error: ' . $e->getMessage());
}
return array('error' => $e->getMessage());
}
if (isset($response['status'])) {
switch ($response['status']) {
case 'new':
// invoice just created, skip
break;
case 'paid':
case 'complete':
case 'confirmed':
// payment has been paid, confirmed or marked complete
$note = 'Payment ' . $response['status'] . '! BitPay Invoice ID: ' . $response['id'];
$amount = $response['price'];
$currency = $response['currency'];
list($timestamp, $user_id, $sub_id, $key) = explode(':', $response['posData']);
// // Update to work with latest 3.5.x Membership version
// // and keep backward compatibility with older versions as well
// if (!class_exists('Membership_Gateway'))
// $isDuplicate = $this->duplicate_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $response['id'], $response['status'], $note);
// else
// $isDuplicate = $this->_check_duplicate_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $response['id'], $response['status'], $note);
// if(!$isDuplicate) {
// Update to work with latest 3.5.x Membership version
// and keep backward compatibility with older versions as well
if (!class_exists('Membership_Gateway')) {
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $response['id'], $response['status'], $note);
} else {
$this->_record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $response['id'], $response['status'], $note);
}
do_action('membership_payment_processed', $user_id, $sub_id, $amount, $currency, $response['id']);
// create_subscription
$member = new M_Membership($user_id);
if ($member) {
$member->create_subscription($sub_id, $this->gateway);
}
do_action('membership_payment_subscr_signup', $user_id, $sub_id);
// }
break;
case 'invalid':
// payment has been deemed invalid. bad transaction!
$note = 'This payment has been marked as invalid. Do not process membership! BitPay Invoice ID: ' . $response['id'];
$amount = $response['price'];
$currency = $response['currency'];
list($timestamp, $user_id, $sub_id, $key) = explode(':', $response['posData']);
// Update to work with latest 3.5.x Membership version
// and keep backward compatibility with older versions as well
if (!class_exists('Membership_Gateway')) {
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $response['id'], $response['status'], $note);
} else {
$this->_record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $response['id'], $response['status'], $note);
}
$member = new M_Membership($user_id);
if ($member) {
$member->expire_subscription($sub_id);
$member->deactivate();
}
do_action('membership_payment_denied', $user_id, $sub_id, $amount, $currency, $response['id']);
break;
// Since we want instant membership activation, the paid status is combined with the confirmed
// and completed statuses above. In the future if you want to change that, remove the paid: switch
// above and uncomment this code:
/*case 'paid':
// payment has been made but confirmation pending
$pending_str = 'BitPay payment received. Awaiting confirmation. BitPay Invoice ID: ' . $response['id'];
$reason = 'paid';
$note = $pending_str;
$amount = $response['price'];
$currency = $response['currency'];
$timestamp = $response['currentTime'];
// Update to work with latest 3.5.x Membership version
// and keep backward compatibility with older versions as well
if (!class_exists('Membership_Gateway'))
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $response['id'], $response['status'], $note);
else
$this->_record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $response['id'], $response['status'], $note);
do_action('membership_payment_pending', $user_id, $sub_id, $amount, $currency, $response['id']);
break;
*/
// Since we want instant membership activation, the paid status is combined with the confirmed
// and completed statuses above. In the future if you want to change that, remove the paid: switch
// above and uncomment this code:
/*case 'paid':
// payment has been made but confirmation pending
$pending_str = 'BitPay payment received. Awaiting confirmation. BitPay Invoice ID: ' . $response['id'];
$reason = 'paid';
$note = $pending_str;
$amount = $response['price'];
$currency = $response['currency'];
$timestamp = $response['currentTime'];
// Update to work with latest 3.5.x Membership version
// and keep backward compatibility with older versions as well
if (!class_exists('Membership_Gateway'))
$this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $response['id'], $response['status'], $note);
else
$this->_record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $response['id'], $response['status'], $note);
do_action('membership_payment_pending', $user_id, $sub_id, $amount, $currency, $response['id']);
break;
*/
default:
// case: various error cases
break;
}
} else {
// Did not find expected POST variables. Possible access attempt from a non BitPay site.
header('Status: 404 Not Found');
echo 'Error: Missing POST variables. Identification is not possible.';
exit;
}
}
function handle_2checkout_return()
{
// Return handling code
$timestamp = time();
if (isset($_REQUEST['key'])) {
$total = $_REQUEST['total'];
$sub_id = false;
$user_id = false;
list($sub_id, $user_id) = explode(':', $_REQUEST['merchant_order_id']);
if (esc_attr(get_option($this->gateway . "_twocheckout_status")) == 'test') {
$hash = strtoupper(md5(esc_attr(get_option($this->gateway . "_twocheckout_secret_word")) . esc_attr(get_option($this->gateway . "_twocheckout_sid")) . 1 . $total));
} else {
$hash = strtoupper(md5(esc_attr(get_option($this->gateway . "_twocheckout_secret_word")) . esc_attr(get_option($this->gateway . "_twocheckout_sid")) . $_REQUEST['order_number'] . $total));
}
if ($sub_id && $user_id && $_REQUEST['key'] == $hash && $_REQUEST['credit_card_processed'] == 'Y') {
$this->record_transaction($user_id, $sub_id, $_REQUEST['total'], $_REQUEST['currency'], $timestamp, $_REQUEST['order_number'], 'Processed', '');
// Added for affiliate system link
do_action('membership_payment_processed', $user_id, $sub_id, $_REQUEST['total'], $_REQUEST['currency'], $_REQUEST['order_number']);
$member = new M_Membership($user_id);
if ($member) {
$member->create_subscription($sub_id, $this->gateway);
}
do_action('membership_payment_subscr_signup', $user_id, $sub_id);
wp_redirect(get_option('home'));
exit;
}
} else {
if (isset($_REQUEST['message_type'])) {
$md5_hash = strtoupper(md5("{$_REQUEST['sale_id']}" . esc_attr(get_option($this->gateway . "_twocheckout_sid")) . "{$_REQUEST['invoice_id']}" . esc_attr(get_option($this->gateway . "_twocheckout_secret_word"))));
$sub_id = false;
$user_id = false;
//$product_id = $_REQUEST['item_id_1'];
list($sub_id, $user_id) = explode(':', $_REQUEST['vendor_order_id']);
if ($md5_hash == $_REQUEST['md5_hash']) {
switch ($_REQUEST['message_type']) {
case 'RECURRING_INSTALLMENT_SUCCESS':
if (!$this->duplicate_transaction($user_id, $sub_id, $_REQUEST['item_rec_list_amount_1'], $_REQUEST['list_currency'], $timestamp, $_POST['invoice_id'], 'Processed', '')) {
$this->record_transaction($user_id, $sub_id, $_REQUEST['item_rec_list_amount_1'], $_REQUEST['list_currency'], $timestamp, $_POST['invoice_id'], 'Processed', '');
$member = new M_Membership($user_id);
if ($member) {
remove_action('membership_expire_subscription', 'membership_record_user_expire', 10, 2);
remove_action('membership_add_subscription', 'membership_record_user_subscribe', 10, 4);
$member->expire_subscription($sub_id);
$member->create_subscription($sub_id, $this->gateway);
}
// Added for affiliate system link
do_action('membership_payment_processed', $user_id, $sub_id, $_REQUEST['item_rec_list_amount_1'], $_REQUEST['list_currency'], $_POST['invoice_id']);
}
break;
case 'FRAUD_STATUS_CHANGED':
case 'INVOICE_STATUS_CHANGED':
// We don't really want to do anything here without pulling out more information
break;
case 'ORDER_CREATED':
case 'RECURRING_RESTARTED':
$this->record_transaction($user_id, $sub_id, $_REQUEST['item_rec_list_amount_1'], $_REQUEST['list_currency'], $timestamp, $_POST['invoice_id'], 'Processed', '');
$member = new M_Membership($user_id);
if ($member) {
$member->create_subscription($sub_id, $this->gateway);
}
break;
case 'RECURRING_STOPPED':
case 'RECURRING_COMPLETE':
case 'RECURRING_INSTALLMENT_FAILED':
default:
$member = new M_Membership($user_id);
if ($member) {
$member->mark_for_expire($sub_id);
}
do_action('membership_payment_subscr_cancel', $user_id, $sub_id);
break;
}
} else {
// MD5 Hash Failed
header('Status: 403 Forbidden');
echo 'Error: Unexpected Security Value. Verification is not possible.';
exit;
}
echo "OK";
exit;
} else {
// Did not find expected POST variables. Possible access attempt from a non PayPal site.
header('Status: 400 Bad Request');
echo 'Error: Missing POST variables. Identification is not possible.';
exit;
}
}
}
function handle_payment_return()
{
global $M_options, $M_membership_url;
$return = array();
if ($_SERVER['HTTPS'] != 'on') {
wp_die(__('You must use HTTPS in order to do this', 'membership'));
exit;
}
$coupon_code = isset($_REQUEST['remove_coupon']) ? '' : $_REQUEST['coupon_code'];
if (empty($M_options['paymentcurrency'])) {
$M_options['paymentcurrency'] = 'USD';
}
$subscription = new M_Subscription($_POST['subscription_id']);
$pricing = $subscription->get_pricingarray();
if (!empty($coupon_code)) {
$pricing = $subscription->apply_coupon_pricing($coupon_code, $pricing);
}
$user_id = is_user_logged_in() ? get_current_user_id() : $_POST['user_id'];
$user = get_userdata($user_id);
$sub_id = $subscription->id;
// A basic price or a single subscription
if ($pricing) {
$timestamp = time();
if (get_option($this->gateway . "_mode", 'sandbox') == 'sandbox') {
$endpoint = "https://test.authorize.net/gateway/transact.dll";
} else {
$endpoint = "https://secure.authorize.net/gateway/transact.dll";
}
$payment = new M_Gateway_Worker_AuthorizeNet_AIM($endpoint, get_option($this->gateway . "_delim_data", 'yes'), get_option($this->gateway . "_delim_char", ','), get_option($this->gateway . "_encap_char", ''), get_option($this->gateway . "_api_user", ''), get_option($this->gateway . "_api_key", ''), get_option($this->gateway . "_mode", 'sandbox') == 'sandbox');
$payment->transaction($_POST['card_num']);
$amount = number_format($pricing[0]['amount'], 2);
// Billing Info
$payment->setParameter("x_card_code", $_POST['card_code']);
$payment->setParameter("x_exp_date ", $_POST['exp_month'] . $_POST['exp_year']);
$payment->setParameter("x_amount", $amount);
// Payment billing information passed to authorize, thanks to Kevin L. for spotting this.
$payment->setParameter("x_first_name", $_POST['first_name']);
$payment->setParameter("x_last_name", $_POST['last_name']);
$payment->setParameter("x_address", $_POST['address']);
$payment->setParameter("x_zip", $_POST['zip']);
$payment->setParameter("x_email", is_email($user->user_email) != false ? is_email($user->user_email) : '');
// Order Info
$payment->setParameter("x_description", $subscription->sub_name());
$payment->setParameter("x_duplicate_window", 30);
// E-mail
$payment->setParameter("x_header_email_receipt", get_option($this->gateway . "_header_email_receipt", ''));
$payment->setParameter("x_footer_email_receipt", get_option($this->gateway . "_footer_email_receipt", ''));
$payment->setParameter("x_email_customer", strtoupper(get_option($this->gateway . "_email_customer", '')));
$payment->setParameter("x_customer_ip", $_SERVER['REMOTE_ADDR']);
$payment->process();
if ($payment->isApproved()) {
$status = __('Processed', 'membership');
$note = '';
$member = new M_Membership($user_id);
if ($member) {
if ($member->has_subscription() && $member->on_sub($sub_id)) {
remove_action('membership_expire_subscription', 'membership_record_user_expire', 10, 2);
remove_action('membership_add_subscription', 'membership_record_user_subscribe', 10, 4);
$member->expire_subscription($sub_id);
$member->create_subscription($sub_id, $this->gateway);
} else {
$member->create_subscription($sub_id, $this->gateway);
}
}
// TODO: create switch for handling different authorize aim respone codes
$this->record_transaction($user_id, $sub_id, $amount, $M_options['paymentcurrency'], time(), $payment->results[6] == 0 ? 'TESTMODE' : $payment->results[6], $status, $note);
do_action('membership_payment_subscr_signup', $user_id, $sub_id);
$return['status'] = 'success';
$return['redirect'] = !strpos(home_url, 'https:') ? str_replace('https:', 'http:', M_get_registrationcompleted_permalink()) : M_get_registrationcompleted_permalink();
} else {
$return['status'] = 'error';
$return['errors'][] = __('Your payment was declined. Please check all your details or use a different card.', 'membership');
}
} else {
$return['status'] = 'error';
$return['errors'][] = __('There was an issue determining the price.', 'membership');
}
echo json_encode($return);
exit;
}
