function register($category, $path) { if (parent::register($category, $path)) { $this->addLocaleData(); return true; } return false; }
/** * Handle incoming requests/notifications */ function handle($args) { $templateMgr =& TemplateManager::getManager(); $journal =& Request::getJournal(); if (!$journal) { return parent::handle($args); } // Just in case we need to contact someone import('classes.mail.MailTemplate'); $contactName = $journal->getSetting('contactName'); $contactEmail = $journal->getSetting('contactEmail'); $mail = new MailTemplate('PAYPAL_INVESTIGATE_PAYMENT'); $mail->setFrom($contactEmail, $contactName); $mail->addRecipient($contactEmail, $contactName); $paymentStatus = Request::getUserVar('payment_status'); switch (array_shift($args)) { case 'ipn': // Build a confirmation transaction. $req = 'cmd=_notify-validate'; if (get_magic_quotes_gpc()) { foreach ($_POST as $key => $value) { $req .= '&' . urlencode(stripslashes($key)) . '=' . urlencode(stripslashes($value)); } } else { foreach ($_POST as $key => $value) { $req .= '&' . urlencode($key) . '=' . urlencode($value); } } // Create POST response $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->getSetting($journal->getId(), 'paypalurl')); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded', 'Content-Length: ' . strlen($req))); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); $ret = curl_exec($ch); $curlError = curl_error($ch); curl_close($ch); // Check the confirmation response and handle as necessary. if (strcmp($ret, 'VERIFIED') == 0) { switch ($paymentStatus) { case 'Completed': $payPalDao =& DAORegistry::getDAO('PayPalDAO'); $transactionId = Request::getUserVar('txn_id'); if ($payPalDao->transactionExists($transactionId)) { // A duplicate transaction was received; notify someone. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Duplicate transaction ID: {$transactionId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } else { // New transaction succeeded. Record it. $payPalDao->insertTransaction($transactionId, Request::getUserVar('txn_type'), Request::getUserVar('payer_email'), Request::getUserVar('receiver_email'), Request::getUserVar('item_number'), Request::getUserVar('payment_date'), Request::getUserVar('payer_id'), Request::getUserVar('receiver_id')); $queuedPaymentId = Request::getUserVar('custom'); import('classes.payment.ojs.OJSPaymentManager'); $ojsPaymentManager =& OJSPaymentManager::getManager(); // Verify the cost and user details as per PayPal spec. $queuedPayment =& $ojsPaymentManager->getQueuedPayment($queuedPaymentId); if (!$queuedPayment) { // The queued payment entry is missing. Complain. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Missing queued payment ID: {$queuedPaymentId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } //NB: if/when paypal subscriptions are enabled, these checks will have to be adjusted // because subscription prices may change over time if (($queuedAmount = $queuedPayment->getAmount()) != ($grantedAmount = Request::getUserVar('mc_gross')) && $queuedAmount > 0 || ($queuedCurrency = $queuedPayment->getCurrencyCode()) != ($grantedCurrency = Request::getUserVar('mc_currency')) || ($grantedEmail = Request::getUserVar('receiver_email')) != ($queuedEmail = $this->getSetting($journal->getId(), 'selleraccount'))) { // The integrity checks for the transaction failed. Complain. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Granted amount: {$grantedAmount}\n" . "Queued amount: {$queuedAmount}\n" . "Granted currency: {$grantedCurrency}\n" . "Queued currency: {$queuedCurrency}\n" . "Granted to PayPal account: {$grantedEmail}\n" . "Configured PayPal account: {$queuedEmail}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } // Update queued amount if amount set by user (e.g. donation) if ($queuedAmount == 0 && $grantedAmount > 0) { $queuedPaymentDao =& DAORegistry::getDAO('QueuedPaymentDAO'); $queuedPayment->setAmount($grantedAmount); $queuedPayment->setCurrencyCode($grantedCurrency); $queuedPaymentDao->updateQueuedPayment($queuedPaymentId, $queuedPayment); } // Fulfill the queued payment. if ($ojsPaymentManager->fulfillQueuedPayment($queuedPayment, $this->getName())) { exit; } // If we're still here, it means the payment couldn't be fulfilled. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Queued payment ID {$queuedPaymentId} could not be fulfilled.", 'serverVars' => print_r($_SERVER, true))); $mail->send(); } exit; case 'Pending': // Ignore. exit; default: // An unhandled payment status was received; notify someone. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Payment status: {$paymentStatus}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } } else { // An unknown confirmation response was received; notify someone. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Confirmation return: {$ret}\nCURL error: {$curlError}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } break; case 'cancel': Handler::setupTemplate(); $templateMgr->assign(array('currentUrl' => Request::url(null, 'index'), 'pageTitle' => 'plugins.paymethod.paypal.purchase.cancelled.title', 'message' => 'plugins.paymethod.paypal.purchase.cancelled', 'backLink' => Request::getUserVar('ojsReturnUrl'), 'backLinkLabel' => 'common.continue')); $templateMgr->display('common/message.tpl'); exit; break; } parent::handle($args); // Don't know what to do with it }
/** * Handle incoming requests/notifications * @param $args array * @param $request PKPRequest */ function handle($args, $request) { $press = $request->getPress(); $templateMgr = TemplateManager::getManager($request); $user = $request->getUser(); $op = isset($args[0]) ? $args[0] : null; $queuedPaymentId = isset($args[1]) ? (int) $args[1] : 0; import('classes.payment.omp.OMPPaymentManager'); $ompPaymentManager = new OMPPaymentManager($request); $queuedPayment =& $ompPaymentManager->getQueuedPayment($queuedPaymentId); // if the queued payment doesn't exist, redirect away from payments if (!$queuedPayment) { return $request->redirect(null, 'index'); } switch ($op) { case 'notify': import('lib.pkp.classes.mail.MailTemplate'); AppLocale::requireComponents(LOCALE_COMPONENT_APP_COMMON); $contactName = $press->getSetting('contactName'); $contactEmail = $press->getSetting('contactEmail'); $mail = new MailTemplate('MANUAL_PAYMENT_NOTIFICATION'); $mail->setReplyTo($contactEmail, $contactName); $mail->addRecipient($contactEmail, $contactName); $mail->assignParams(array('pressName' => $press->getLocalizedName(), 'userFullName' => $user ? $user->getFullName() : '(' . __('common.none') . ')', 'userName' => $user ? $user->getUsername() : '(' . __('common.none') . ')', 'itemName' => $queuedPayment->getName(), 'itemCost' => $queuedPayment->getAmount(), 'itemCurrencyCode' => $queuedPayment->getCurrencyCode())); $mail->send(); $templateMgr->assign(array('currentUrl' => $request->url(null, null, 'payment', 'plugin', array('notify', $queuedPaymentId)), 'pageTitle' => 'plugins.paymethod.manual.paymentNotification', 'message' => 'plugins.paymethod.manual.notificationSent', 'backLink' => $queuedPayment->getRequestUrl(), 'backLinkLabel' => 'common.continue')); return $templateMgr->display('frontend/pages/message.tpl'); } return parent::handle($args, $request); // Don't know what to do with it }
/** * Handle incoming requests/notifications */ function handle($args) { $conference =& Request::getConference(); $schedConf =& Request::getSchedConf(); $templateMgr =& TemplateManager::getManager(); $user =& Request::getUser(); $op = isset($args[0]) ? $args[0] : null; $queuedPaymentId = isset($args[1]) ? (int) $args[1] : 0; import('payment.ocs.OCSPaymentManager'); $ocsPaymentManager =& OCSPaymentManager::getManager(); $queuedPayment =& $ocsPaymentManager->getQueuedPayment($queuedPaymentId); // if the queued payment doesn't exist, redirect away from payments if (!$queuedPayment) { Request::redirect(null, null, null, 'index'); } switch ($op) { case 'notify': import('mail.MailTemplate'); Locale::requireComponents(array(LOCALE_COMPONENT_APPLICATION_COMMON)); $contactName = $schedConf->getSetting('registrationName'); $contactEmail = $schedConf->getSetting('registrationEmail'); $mail = new MailTemplate('MANUAL_PAYMENT_NOTIFICATION'); $mail->setFrom($contactEmail, $contactName); $mail->addRecipient($contactEmail, $contactName); $mail->assignParams(array('schedConfName' => $schedConf->getFullTitle(), 'userFullName' => $user ? $user->getFullName() : '(' . Locale::translate('common.none') . ')', 'userName' => $user ? $user->getUsername() : '(' . Locale::translate('common.none') . ')', 'itemName' => $queuedPayment->getName(), 'itemCost' => $queuedPayment->getAmount(), 'itemCurrencyCode' => $queuedPayment->getCurrencyCode())); $mail->send(); $templateMgr->assign(array('currentUrl' => Request::url(null, null, null, 'payment', 'plugin', array('notify', $queuedPaymentId)), 'pageTitle' => 'plugins.paymethod.manual.paymentNotification', 'message' => 'plugins.paymethod.manual.notificationSent', 'backLink' => $queuedPayment->getRequestUrl(), 'backLinkLabel' => 'common.continue')); $templateMgr->display('common/message.tpl'); exit; break; } parent::handle($args); // Don't know what to do with it }
/** * Handle incoming requests/notifications */ function handle($args) { $templateMgr =& TemplateManager::getManager(); $schedConf =& Request::getSchedConf(); if (!$schedConf) { return parent::handle($args); } // Just in case we need to contact someone import('mail.MailTemplate'); $contactName = $schedConf->getSetting('contactName'); $contactEmail = $schedConf->getSetting('contactEmail'); $mail =& new MailTemplate('CREDIT_INVESTIGATE_PAYMENT'); $mail->setFrom($contactEmail, $contactName); $mail->addRecipient($contactEmail, $contactName); $paymentStatus = Request::getUserVar('payment_status'); switch (array_shift($args)) { case 'ipn': // Build a confirmation transaction. $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $req .= '&' . urlencode($key) . '=' . urlencode($value); } // Create POST response $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->getSetting($schedConf->getConferenceId(), $schedConf->getSchedConfId(), 'crediturl')); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded', 'Content-Length: ' . strlen($req))); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); $ret = curl_exec($ch); curl_close($ch); // Check the confirmation response and handle as necessary. if (strcmp($ret, 'VERIFIED') == 0) { switch ($paymentStatus) { case 'Completed': $CreditDao =& DAORegistry::getDAO('CreditDAO'); $transactionId = Request::getUserVar('txn_id'); if ($CreditDao->transactionExists($transactionId)) { // A duplicate transaction was received; notify someone. $mail->assignParams(array('schedConfName' => $schedConf->getFullTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Duplicate transaction ID: {$transactionId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } else { // New transaction succeeded. Record it. $CreditDao->insertTransaction($transactionId, Request::getUserVar('txn_type'), Request::getUserVar('payer_email'), Request::getUserVar('item_number'), Request::getUserVar('payment_date'), Request::getUserVar('payer_id'), Request::getUserVar('receiver_id')); $queuedPaymentId = Request::getUserVar('custom'); import('payment.ocs.OCSPaymentManager'); $ocsPaymentManager =& OCSPaymentManager::getManager(); // Verify the cost and user details as per PayPal spec. $queuedPayment =& $ocsPaymentManager->getQueuedPayment($queuedPaymentId); if (!$queuedPayment) { // The queued payment entry is missing. Complain. $mail->assignParams(array('schedConfName' => $schedConf->getFullTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Missing queued payment ID: {$queuedPaymentId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } if (($queuedAmount = $queuedPayment->getAmount()) != ($grantedAmount = Request::getUserVar('mc_gross')) || ($queuedCurrency = $queuedPayment->getCurrencyCode()) != ($grantedCurrency = Request::getUserVar('mc_currency'))) { // The integrity checks for the transaction failed. Complain. $mail->assignParams(array('schedConfName' => $schedConf->getFullTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Granted amount: {$grantedAmount}\n" . "Queued amount: {$queuedAmount}\n" . "Granted currency: {$grantedCurrency}\n" . "Queued currency: {$queuedCurrency}\n" . "Granted to Credit account: {$grantedEmail}\n" . "Configured Credit account: {$queuedEmail}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } // Fulfill the queued payment. if ($ocsPaymentManager->fulfillQueuedPayment($queuedPaymentId, $queuedPayment)) { exit; } // If we're still here, it means the payment couldn't be fulfilled. $mail->assignParams(array('schedConfName' => $schedConf->getFullTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Queued payment ID {$queuedPaymentId} could not be fulfilled.", 'serverVars' => print_r($_SERVER, true))); $mail->send(); } exit; case 'Pending': // Ignore. exit; default: // An unhandled payment status was received; notify someone. $mail->assignParams(array('schedConfName' => $schedConf->getFullTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Payment status: {$paymentStatus}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } } else { // An unknown confirmation response was received; notify someone. $mail->assignParams(array('schedConfName' => $schedConf->getFullTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Confirmation return: {$ret}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } break; case 'cancel': $templateMgr->assign(array('currentUrl' => Request::url(null, null, 'index'), 'pageTitle' => 'plugins.paymethod.pagseguro.purchase.cancelled.title', 'message' => 'plugins.paymethod.pagseguro.purchase.cancelled')); $templateMgr->display('common/message.tpl'); exit; break; case 'return': Request::redirect(null, null, 'index'); break; } parent::handle($args); // Don't know what to do with it }
/** * Handle incoming requests/notifications * @param $args array * @param $request PKPRequest */ function handle($args, &$request) { $user =& $request->getUser(); $templateMgr =& TemplateManager::getManager(); $journal =& $request->getJournal(); if (!$journal) { return parent::handle($args, $request); } // Just in case we need to contact someone import('classes.mail.MailTemplate'); // Prefer technical support contact $contactName = $journal->getSetting('supportName'); $contactEmail = $journal->getSetting('supportEmail'); if (!$contactEmail) { // Fall back on primary contact $contactName = $journal->getSetting('contactName'); $contactEmail = $journal->getSetting('contactEmail'); } $mail = new MailTemplate('DPS_INVESTIGATE_PAYMENT'); $mail->setReplyTo(null); $mail->addRecipient($contactEmail, $contactName); $paymentStatus = $request->getUserVar('payment_status'); @session_start(); switch (array_shift($args)) { case 'purchase': error_log("Forming XML for transaction API call"); try { # get access to queuedPayment $orderId = $_SESSION['dps_plugin_payment_id']; import('classes.payment.ojs.OJSPaymentManager'); $ojsPaymentManager = new OJSPaymentManager($request); $queuedPayment =& $ojsPaymentManager->getQueuedPayment($orderId); if (!$queuedPayment) { throw new Exception("OJS: DPS: No order for this transaction or transaction ID lost from session. See DPS statement for OJS order number: TxnData1."); } $amount = sprintf("%01.2f", $queuedPayment->amount); $domDoc = new DOMDocument('1.0', 'UTF-8'); $rootElt = $domDoc->createElement('GenerateRequest'); $rootNode = $domDoc->appendChild($rootElt); $rootNode->appendChild($domDoc->createElement('PxPayUserId', $this->getSetting($journal->getId(), 'dpsuser'))); $rootNode->appendChild($domDoc->createElement('PxPayKey', $this->getSetting($journal->getId(), 'dpskey'))); $rootNode->appendChild($domDoc->createElement('MerchantReference', $this->getSetting($journal->getId(), 'dpsmerchant'))); $rootNode->appendChild($domDoc->createElement('AmountInput', $amount)); $rootNode->appendChild($domDoc->createElement('CurrencyInput', 'NZD')); $rootNode->appendChild($domDoc->createElement('TxnType', 'Purchase')); $rootNode->appendChild($domDoc->createElement('TxnData1', $orderId)); $rootNode->appendChild($domDoc->createElement('TxnData2', $user->getUserName())); $rootNode->appendChild($domDoc->createElement('EmailAddress', $user->getEmail())); $rootNode->appendChild($domDoc->createElement('UrlSuccess', $request->url(null, 'payment', 'plugin', array($this->getName(), 'success')))); $rootNode->appendChild($domDoc->createElement('UrlFail', $request->url(null, 'payment', 'plugin', array($this->getName(), 'failure')))); $xmlRequest = $domDoc->saveXML(); if (!$xmlRequest) { throw new Exception("DPS: Generating XML API call failed ", "119"); } error_log("xmlrequest: " . print_r($xmlRequest, true)); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->getSetting($journal->getId(), 'dpsurl')); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $domDoc->saveXML()); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_CAINFO, $this->getSetting($journal->getId(), 'dpscertpath')); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 10); $result = curl_exec($ch); $curlError = curl_error($ch); $curlErrorNo = curl_errno($ch); curl_close($ch); # check that we got a response if ($result == false) { error_log("DPS error: {$curlError} ({$curlErrorNo})"); throw new Exception("DPS error: {$curlError}", $curlErrorNo); } # make sure response is valid. error_log("Parsing response XML"); libxml_use_internal_errors(true); $rexml = simplexml_load_string($result); error_log("XML response: " . print_r($rexml, true)); if (!$rexml) { error_log("Invalid XML response from DPS"); throw new Exception("Invalid XML response from DPS"); } # check URL exists in response if (!isset($rexml->URI[0])) { throw new Exception("URI not returned: " . $rexml->ResponseText[0]); } $payment_url = (string) $rexml->URI[0]; # redirect to that URL header("Location: {$payment_url}"); exit; } catch (exception $e) { @curl_close($ch); error_log("Fatal error with credit card entry stage: " . $e->getCode() . ": " . $e->getMessage()); # create a notification about this error $params = array('contents' => "Fatal error with DPS response stage: " . $e->getMessage() . ". User:"******". Email:" . $user->getEmail() . "."); if (!$this->sendNotifications($params, $request)) { error_log("Failed to send notifications to journal managers"); } AppLocale::requireComponents(LOCALE_COMPONENT_APPLICATION_COMMON); $templateMgr =& TemplateManager::getManager(); $templateMgr->assign(array('pageTitle' => 'plugins.paymethod.dps.purchase.failure.title', 'detail' => $e->getMessage(), 'backLink' => $request->url(null, 'user', 'subscriptions'))); $templateMgr->display($this->getTemplatePath() . 'failure.tpl'); exit; } break; case 'success': try { error_log("Forming XML ProcessResponse"); $domDoc = new DOMDocument('1.0', 'UTF-8'); $rootElt = $domDoc->createElement('ProcessResponse'); $rootNode = $domDoc->appendChild($rootElt); $rootNode->appendChild($domDoc->createElement('PxPayUserId', $this->getSetting($journal->getId(), 'dpsuser'))); $rootNode->appendChild($domDoc->createElement('PxPayKey', $this->getSetting($journal->getId(), 'dpskey'))); $rootNode->appendChild($domDoc->createElement('Response', $request->getUserVar('result'))); $xmlRequest = $domDoc->saveXML(); if (!$xmlRequest) { throw new Exception("Failed to generate XML transaction response"); } # send confirmation to DPS error_log("Forming curl API request"); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->getSetting($journal->getId(), 'dpsurl')); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $domDoc->saveXML()); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_CAINFO, $this->getSetting($journal->getId(), 'dpscertpath')); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 10); # check response is OK $result = curl_exec($ch); $curlError = curl_error($ch); $curlErrorNo = curl_errno($ch); curl_close($ch); if ($result == false) { error_log("Transaction response call failed: {$curlError} ({$curlErrorNo})"); throw new Exception("Transaction response call failed: {$curlError}", $curlErrorNo); } error_log("Processing response"); libxml_use_internal_errors(true); $rexml = simplexml_load_string($result); # check xml is valid if (!$rexml) { throw new Exception('Response from DPS not valid XML ', '130'); } # check for success value if ($rexml->Success[0] == null) { throw new Exception('Response code not returned by DPS', '130'); } # check for failed transaction $code = (int) $rexml->Success[0]; if ($code != 1) { throw new Exception('Transaction failed: ' . $rexml->ResponseText[0]); } if ($rexml->ResponseText[0] == null) { throw new Exception('OJS: DPS: Response text not returned from transaction confirmation'); } if ($rexml->TxnId[0] == null) { throw new Exception('OJS: DPS: Reference number (txnId) not returned from transaction confirmation'); } if ($rexml->MerchantReference[0] == null) { throw new Exception('OJS: DPS: Merchant reference not returned from transaction confirmation'); } # sanity / double checks # get access to queuedPayment to check that details match $queuedPaymentId = $_SESSION['dps_plugin_payment_id']; import('classes.payment.ojs.OJSPaymentManager'); $ojsPaymentManager = new OJSPaymentManager($request); $queuedPayment =& $ojsPaymentManager->getQueuedPayment($queuedPaymentId); if (!$queuedPayment) { throw new Exception("OJS: DPS: No order for this transaction or transaction ID lost from session. See DPS statement for OJS order number: TxnData1."); } $amount = $queuedPayment->amount; $paidAmount = (string) $rexml->AmountSettlement[0]; $pattern = "/[0-9]+(\\.[0-9]{2})?/"; if ($paidAmount == null) { throw new Exception('Paid amount not returned by DPS', '160'); } if (!preg_match($pattern, $paidAmount)) { # check format whether correct for paid amount, etc: no negative throw new Exception('Paid amount format error: negative? badly formed decimal: ' . $paidAmount, '170'); } # check userid returned by DPS if ($rexml->TxnData2[0] == null) { throw new Exception('Validation failure due to user id is not returned by DPS', '180'); } # check user id and amount match if (number_format($paidAmount, 2, '.', '') != $amount) { throw new Exception('Payment amount mismatch on transaction. Expected: ' . $amount . ' got: ' . $paidAmount); } $userId = (string) $rexml->TxnData2[0]; if ($user->getUserName() != $userId) { throw new Exception('User identity mismatch on transaction. Expected: ' . $user->getUserName() . ' got: ' . $userId); } # clear session vars - avoid replay unset($_SESSION['dps_plugin_payment_id']); # tick off queued payment as paid if (!$ojsPaymentManager->fulfillQueuedPayment($queuedPayment, $this->getName())) { throw new Exception('Could not fulill the queued payment in OJS'); } error_log("All validation tests pass. Transaction is OK."); # show success page with details AppLocale::requireComponents(LOCALE_COMPONENT_PKP_COMMON, LOCALE_COMPONENT_PKP_USER, LOCALE_COMPONENT_APPLICATION_COMMON); $templateMgr->assign(array('pageTitle' => 'plugins.paymethod.dps.purchase.success.title', 'message' => 'plugins.paymethod.dps.purchase.success', 'backLink' => $request->url(null, 'index'), 'backLinkLabel' => 'common.continue')); $templateMgr->display($this->getTemplatePath() . 'success.tpl'); exit; break; } catch (exception $e) { @curl_close($ch); error_log("Fatal error with payment processing stage: " . $e->getCode() . ": " . $e->getMessage()); # make notification $params = array('contents' => "Fatal error with DPS response stage: " . $e->getMessage() . ". User:"******". Email:" . $user->getEmail() . "."); if (!$this->sendNotifications($params, $request)) { error_log("Failed to send notifications to journal managers"); } # render failure page to user AppLocale::requireComponents(LOCALE_COMPONENT_APPLICATION_COMMON); $templateMgr =& TemplateManager::getManager(); $templateMgr->assign(array('pageTitle' => 'plugins.paymethod.dps.purchase.failure.title', 'detail' => $e->getMessage(), 'backLink' => $request->url(null, 'user', 'subscriptions'))); $templateMgr->display($this->getTemplatePath() . 'failure.tpl'); exit; } break; # DPS requested our failure URL - eg user canceled form # DPS requested our failure URL - eg user canceled form case 'failure': AppLocale::requireComponents(LOCALE_COMPONENT_APPLICATION_COMMON); $templateMgr =& TemplateManager::getManager(); $templateMgr->assign(array('pageTitle' => 'plugins.paymethod.dps.purchase.failure.title', 'backLink' => $request->url(null, 'user', 'subscriptions'))); $templateMgr->display($this->getTemplatePath() . 'cancel.tpl'); break; } parent::handle($args, $request); // Don't know what to do with it }
/** * Handle incoming requests/notifications * @param $request PKPRequest */ function handle($args, &$request) { $templateMgr =& TemplateManager::getManager(); $schedConf =& $request->getSchedConf(); if (!$schedConf) { return parent::handle($args); } // Just in case we need to contact someone import('classes.mail.MailTemplate'); // Prefer technical support contact $contactName = $schedConf->getSetting('supportName'); $contactEmail = $schedConf->getSetting('supportEmail'); if (!$contactEmail) { // Fall back on primary contact $contactName = $schedConf->getSetting('contactName'); $contactEmail = $schedConf->getSetting('contactEmail'); } $mail = new MailTemplate('PAYPAL_INVESTIGATE_PAYMENT'); $mail->setFrom($contactEmail, $contactName); $mail->addRecipient($contactEmail, $contactName); $paymentStatus = $request->getUserVar('payment_status'); switch (array_shift($args)) { case 'ipn': // Build a confirmation transaction. $req = 'cmd=_notify-validate'; if (get_magic_quotes_gpc()) { foreach ($_POST as $key => $value) { $req .= '&' . urlencode(stripslashes($key)) . '=' . urlencode(stripslashes($value)); } } else { foreach ($_POST as $key => $value) { $req .= '&' . urlencode($key) . '=' . urlencode($value); } } // Create POST response $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->getSetting($schedConf->getConferenceId(), $schedConf->getId(), 'paypalurl')); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded', 'Content-Length: ' . strlen($req))); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); $ret = curl_exec($ch); $curlError = curl_error($ch); curl_close($ch); // Check the confirmation response and handle as necessary. if (strcmp($ret, 'VERIFIED') == 0) { switch ($paymentStatus) { case 'Completed': $payPalDao = DAORegistry::getDAO('PayPalDAO'); $transactionId = $request->getUserVar('txn_id'); if ($payPalDao->transactionExists($transactionId)) { // A duplicate transaction was received; notify someone. $mail->assignParams(array('schedConfName' => $schedConf->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Duplicate transaction ID: {$transactionId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } else { // New transaction succeeded. Record it. $payPalDao->insertTransaction($transactionId, $request->getUserVar('txn_type'), $request->getUserVar('payer_email'), $request->getUserVar('receiver_email'), $request->getUserVar('item_number'), $request->getUserVar('payment_date'), $request->getUserVar('payer_id'), $request->getUserVar('receiver_id')); $queuedPaymentId = $request->getUserVar('custom'); import('classes.payment.ocs.OCSPaymentManager'); $ocsPaymentManager = new OCSPaymentManager($request); // Verify the cost and user details as per PayPal spec. $queuedPayment =& $ocsPaymentManager->getQueuedPayment($queuedPaymentId); if (!$queuedPayment) { // The queued payment entry is missing. Complain. $mail->assignParams(array('schedConfName' => $schedConf->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Missing queued payment ID: {$queuedPaymentId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } if (($queuedAmount = $queuedPayment->getAmount()) != ($grantedAmount = $request->getUserVar('mc_gross')) || ($queuedCurrency = $queuedPayment->getCurrencyCode()) != ($grantedCurrency = $request->getUserVar('mc_currency')) || ($grantedEmail = $request->getUserVar('receiver_email')) != ($queuedEmail = $this->getSetting($schedConf->getConferenceId(), $schedConf->getId(), 'selleraccount'))) { // The integrity checks for the transaction failed. Complain. $mail->assignParams(array('schedConfName' => $schedConf->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Granted amount: {$grantedAmount}\n" . "Queued amount: {$queuedAmount}\n" . "Granted currency: {$grantedCurrency}\n" . "Queued currency: {$queuedCurrency}\n" . "Granted to PayPal account: {$grantedEmail}\n" . "Configured PayPal account: {$queuedEmail}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } // Fulfill the queued payment. if ($ocsPaymentManager->fulfillQueuedPayment($request, $queuedPaymentId, $queuedPayment)) { // Send the registrant a notification that their payment was received $schedConfSettingsDao = DAORegistry::getDAO('SchedConfSettingsDAO'); // Get registrant name and email $userDao = DAORegistry::getDAO('UserDAO'); $user =& $userDao->getById($queuedPayment->getUserId()); $registrantName = $user->getFullName(); $registrantEmail = $user->getEmail(); // Get conference contact details $schedConfId = $schedConf->getId(); $registrationName = $schedConfSettingsDao->getSetting($schedConfId, 'registrationName'); $registrationEmail = $schedConfSettingsDao->getSetting($schedConfId, 'registrationEmail'); $registrationPhone = $schedConfSettingsDao->getSetting($schedConfId, 'registrationPhone'); $registrationFax = $schedConfSettingsDao->getSetting($schedConfId, 'registrationFax'); $registrationMailingAddress = $schedConfSettingsDao->getSetting($schedConfId, 'registrationMailingAddress'); $registrationContactSignature = $registrationName; if ($registrationMailingAddress != '') { $registrationContactSignature .= "\n" . $registrationMailingAddress; } if ($registrationPhone != '') { $registrationContactSignature .= "\n" . AppLocale::Translate('user.phone') . ': ' . $registrationPhone; } if ($registrationFax != '') { $registrationContactSignature .= "\n" . AppLocale::Translate('user.fax') . ': ' . $registrationFax; } $registrationContactSignature .= "\n" . AppLocale::Translate('user.email') . ': ' . $registrationEmail; $paramArray = array('registrantName' => $registrantName, 'conferenceName' => $schedConf->getLocalizedName(), 'invoiceId' => $queuedPayment->getInvoiceId(), 'registrationContactSignature' => $registrationContactSignature); import('classes.mail.MailTemplate'); $mail = new MailTemplate('PAYPAL_PAYMENT_RECEIVED'); $mail->setFrom($registrationEmail, $registrationName); $mail->assignParams($paramArray); $mail->addRecipient($registrantEmail, $registrantName); $mail->send(); exit; } // If we're still here, it means the payment couldn't be fulfilled. $mail->assignParams(array('schedConfName' => $schedConf->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Queued payment ID {$queuedPaymentId} could not be fulfilled.", 'serverVars' => print_r($_SERVER, true))); $mail->send(); } exit; case 'Pending': // Ignore. exit; default: // An unhandled payment status was received; notify someone. $mail->assignParams(array('schedConfName' => $schedConf->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Payment status: {$paymentStatus}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } } else { // An unknown confirmation response was received; notify someone. $mail->assignParams(array('schedConfName' => $schedConf->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Confirmation return: {$ret}\nCURL error: {$curlError}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } break; case 'cancel': Handler::setupTemplate($request); $templateMgr->assign(array('currentUrl' => $request->url(null, null, 'index'), 'pageTitle' => 'plugins.paymethod.paypal.purchase.cancelled.title', 'message' => 'plugins.paymethod.paypal.purchase.cancelled')); $templateMgr->display('common/message.tpl'); exit; } parent::handle($args, $request); // Don't know what to do with it }
/** * Handle incoming requests/notifications * @param $args array * @param $request PKPRequest */ function handle($args, &$request) { file_put_contents("outputfile2.txt", file_get_contents("php://input")); $liqPayDao = DAORegistry::getDAO('LiqPayDAO'); // $templateMgr =& TemplateManager::getManager(); $journal =& $request->getJournal(); // $liqPayDao->transactionExists('3333333'); // var_dump( $this->getSetting($journal->getId(), 'liqpaydebug')); // // if ($this->getSetting($journal->getId(), 'liqpaydebug')){ // die('wwww'); // } // die('222ee'); if (!$journal) { return parent::handle($args, $request); } // Just in case we need to contact someone import('classes.mail.MailTemplate'); // Prefer technical support contact $contactName = $journal->getSetting('supportName'); $contactEmail = $journal->getSetting('supportEmail'); if (!$contactEmail) { // Fall back on primary contact $contactName = $journal->getSetting('contactName'); $contactEmail = $journal->getSetting('contactEmail'); } $mail = new MailTemplate('LIQPAY_INVESTIGATE_PAYMENT'); $mail->setReplyTo(null); $mail->addRecipient($contactEmail, $contactName); $liqpay = new LiqPay($this->getSetting($journal->getId(), 'liqpaypubkey'), $this->getSetting($journal->getId(), 'liqpayprivatkey')); switch (array_shift($args)) { case 'notification': // data - результат функции base64_encode( $json_string ) //signature - результат функции base64_encode( sha1( $private_key . $data . $private_key ) ) $sign = base64_encode(sha1($this->getSetting($journal->getId(), 'liqpayprivatkey') . $request->getUserVar('data') . $this->getSetting($journal->getId(), 'liqpayprivatkey'), 1)); $this->log->info('Start transaction ' . $sign); //var_dump($sign, $request->getUserVar('signature'), $_REQUEST); // $params = json_decode (base64_decode($request->getUserVar('data')), true); // var_dump($params); // // die; // Check signature if ((string) $sign == (string) $request->getUserVar('signature')) { $params = json_decode(base64_decode($request->getUserVar('data')), true); $this->log->info('Input parameters ' . var_export($params, true)); // Check transactions exist $transactionId = $params['transaction_id']; $this->log->info('Transaction ID ' . var_export($transactionId, true)); if ($liqPayDao->transactionExists($transactionId . rand(0, 100))) { $this->log->info('Transaction is exists ' . var_export($transactionId, true)); // A duplicate transaction was received; notify someone. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'data' => print_r($params, true), 'additionalInfo' => "Duplicate transaction ID: {$transactionId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } else { $this->log->info('Payment status ' . var_export($params['status'], true)); // New transaction succeeded. Record it. // $liqPayDao->insertTransaction( // $transactionId, // $params['type'], // String::strtolower($params['sender_phone']), // $params['status'], // $params['liqpay_order_id'], // date('Y-m-d H:i:s') // ); //if debug mode turn on the all payments is success if ($this->getSetting($journal->getId(), 'liqpaydebug')) { $params['status'] = 'success'; } switch ($params['status']) { case 'success': $params['description']; preg_match('/\\/(\\d+$)/', $params['description'], $matches); $this->log->info('Input queuedPaymentId ' . var_export($matches[1], true)); $queuedPaymentId = $matches[1]; import('classes.payment.ojs.OJSPaymentManager'); $ojsPaymentManager = new OJSPaymentManager($request); // Verify the cost and user details as per PayPal spec. $queuedPayment = $ojsPaymentManager->getQueuedPayment($queuedPaymentId); if (!$queuedPayment) { $this->log->info('Not found queued payment for ' . var_export($queuedPaymentId, true)); // The queued payment entry is missing. Complain. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Missing queued payment ID: {$queuedPaymentId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } //NB: if/when paypal subscriptions are enabled, these checks will have to be adjusted // because subscription prices may change over time $queuedAmount = $queuedPayment->getAmount(); var_dump($queuedPayment->getCurrencyCode()); die; if ($queuedAmount || ($queuedCurrency = $queuedPayment->getCurrencyCode()) != ($grantedCurrency = $request->getUserVar('mc_currency')) || ($grantedEmail = String::strtolower($request->getUserVar('receiver_email'))) != ($queuedEmail = String::strtolower($this->getSetting($journal->getId(), 'selleraccount')))) { // The integrity checks for the transaction failed. Complain. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Granted amount: {$grantedAmount}\n" . "Queued amount: {$queuedAmount}\n" . "Granted currency: {$grantedCurrency}\n" . "Queued currency: {$queuedCurrency}\n" . "Granted to PayPal account: {$grantedEmail}\n" . "Configured PayPal account: {$queuedEmail}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } // Update queued amount if amount set by user (e.g. donation) if ($queuedAmount == 0 && $grantedAmount > 0) { $queuedPaymentDao =& DAORegistry::getDAO('QueuedPaymentDAO'); $queuedPayment->setAmount($grantedAmount); $queuedPayment->setCurrencyCode($grantedCurrency); $queuedPaymentDao->updateQueuedPayment($queuedPaymentId, $queuedPayment); } // Fulfill the queued payment. if ($ojsPaymentManager->fulfillQueuedPayment($queuedPayment, $this->getName())) { exit; } // If we're still here, it means the payment couldn't be fulfilled. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Queued payment ID {$queuedPaymentId} could not be fulfilled.", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; case 'cancel': AppLocale::requireComponents(LOCALE_COMPONENT_PKP_COMMON, LOCALE_COMPONENT_PKP_USER, LOCALE_COMPONENT_APPLICATION_COMMON); $templateMgr->assign(array('currentUrl' => $request->url(null, 'index'), 'pageTitle' => 'plugins.paymethod.paypal.purchase.cancelled.title', 'message' => 'plugins.paymethod.paypal.purchase.cancelled', 'backLink' => $request->getUserVar('ojsReturnUrl'), 'backLinkLabel' => 'common.continue')); $templateMgr->display('common/message.tpl'); exit; break; } } } } parent::handle($args, $request); // Don't know what to do with it }