function callback()
{
global $osC_Database, $osC_Currencies;
$result = "VERIFIED";
$check = true;
// Validate request
if (!isset($_POST['order_id']) || !is_numeric($_POST['order_id']) || $_POST['order_id'] <= 0) {
$check = false;
$result = 'bad order id';
}
if ($check) {
if (!isset($_POST['invoice_amount'])) {
$check = false;
$result = 'bad amount';
}
}
if ($check) {
if (!isset($_POST['invoice_currency'])) {
$check = false;
$result = 'bad currency';
}
}
if ($check) {
if (!isset($_POST['checksum']) || !isset($_POST['invoice_reference']) || !isset($_POST['invoice_created_at']) || !isset($_POST['invoice_status'])) {
$check = false;
$result = 'missing vatiables';
}
}
if ($check) {
//calc checksum
$sum = http_build_query(array('order_id' => $_POST['order_id'], 'invoice_reference' => $_POST['invoice_reference'], 'invoice_amount' => $_POST['invoice_amount'], 'invoice_currency' => $_POST['invoice_currency'], 'invoice_created_at' => $_POST['invoice_created_at'], 'invoice_status' => $_POST['invoice_status'], 'secret_key' => MODULE_PAYMENT_INPAY_SECRET_KEY), '', "&");
$md5v = md5($sum);
if ($md5v != $_POST['checksum']) {
$check = false;
$result = 'bad checksum';
}
}
if ($check) {
if (!osC_Order::exists($_POST['order_id'])) {
$check = false;
$result = 'order not found';
}
}
if ($check) {
$Qcheck = $osC_Database->query('select orders_status, currency, currency_value from :table_orders where orders_id = :orders_id');
$Qcheck->bindTable(':table_orders', TABLE_ORDERS);
$Qcheck->bindInt(':orders_id', $_POST['invoice']);
$Qcheck->bindInt(':customers_id', $_POST['custom']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() > 0) {
$order = $Qcheck->toArray();
$Qtotal = $osC_Database->query('select value from :table_orders_total where orders_id = :orders_id and class = "total" limit 1');
$Qtotal->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
$Qtotal->bindInt(':orders_id', $_POST['invoice']);
$Qtotal->execute();
$total = $Qtotal->toArray();
if (number_format($_POST['invoice_amount'], $osC_Currencies->getDecimalPlaces($order['currency'])) != number_format($total['value'] * $order['currency_value'], $osC_Currencies->getDecimalPlaces($order['currency']))) {
$check = false;
$result = 'Inpay transaction value (' . osc_output_string_protected($_POST['invoice_amount']) . ') does not match order value (' . number_format($total['value'] * $order['currency_value'], $osC_Currencies->get_decimal_places($order['currency'])) . ')';
}
}
}
if ($check) {
// check status
$delivered_status = 7;
if ($order['orders_status'] == MODULE_PAYMENT_INPAY_COMP_ORDER_STATUS_ID || $order['orders_status'] == $delivered_status) {
$check = false;
$result = 'Status already in level' . $order['orders_status'];
}
}
if ($check) {
$invoice_status = $this->get_invoice_status($_POST);
$check = false;
if (($invoice_status == "pending" || $invoice_status == "created") && ($_POST["invoice_status"] == "pending" || $POST["invoice_status"] == "created")) {
$check = true;
} else {
if ($invoice_status == "approved" && $_POST["invoice_status"] == "approved") {
$check = true;
} else {
if ($invoice_status == "sum_too_low" && $_POST["invoice_status"] == "sum_too_low") {
$check = true;
}
}
}
if (!$check) {
$result = 'Bad invoice status:' . $invoice_status;
}
}
// Validate request end
if ($result == 'VERIFIED') {
$invoice_approved = false;
$invoice_created = false;
$invoice_partial = false;
switch ($_POST['invoice_status']) {
case 'created':
case 'pending':
$msg = "customer has been asked to pay " . $_POST['invoice_amount'] . ' ' . $_POST['invoice_currency'] . ' with reference: ' . $_POST['invoice_reference'] . ' via his online bank';
$order_status_id = MODULE_PAYMENT_INPAY_CREATE_ORDER_STATUS_ID;
$invoice_created = true;
break;
case "approved":
$msg = "Inpay has confirmed that the payment of " . $_POST['invoice_amount'] . " " . $_POST['invoice_currency'] . " has been received";
$order_status_id = MODULE_PAYMENT_INPAY_COMP_ORDER_STATUS_ID;
$invoice_approved = true;
break;
case "sum_too_low":
$msg = "Partial payment received by inpay. Reference: " . $_POST['invoice_reference'];
$order_status_id = MODULE_PAYMENT_INPAY_SUM_TOO_LOW_ORDER_STATUS_ID;
$invoice_partial = true;
break;
}
$comments = 'Inpay ' . ucfirst($_POST['invoice_status']) . '[' . $msg . ']';
if ($invoice_approved || $invoice_created || $invoice_partial) {
osC_Order::process($_POST['order_id'], $order_status_id, $comments);
osC_Order::insertOrderStatusHistory($_POST['order_id'], $order_status_id, $comments);
} else {
if (defined('MODULE_PAYMENT_INPAY_DEBUG_EMAIL')) {
$email_body = 'INPAY_DEBUG_POST_DATA:' . "\n\n";
reset($_POST);
foreach ($_POST as $key => $value) {
$email_body .= $key . '=' . $value . "\n";
}
$email_body .= "\n" . 'INPAY_DEBUG_GET_DATA:' . "\n\n";
reset($_GET);
foreach ($_GET as $key => $value) {
$email_body .= $key . '=' . $value . "\n";
}
osc_email('', MODULE_PAYMENT_INPAY_DEBUG_EMAIL, 'Inpay Invalid Process', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}
if (isset($_POST['order_id']) && is_numeric($_POST['order_id']) && $_POST['order_id'] > 0) {
$Qcheck = $osC_Database->query('select orders_id from :table_orders where orders_id=:orders_id');
$Qcheck->bindTable(':table_orders', TABLE_ORDERS);
$Qcheck->bindInt('orders_id', $_POST['order_id']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() > 0) {
$comments = 'Inpay Invalid [' . $result . ']';
osC_Order::insertOrderStatusHistory($_POST['order_id'], $order_status_id, $comments);
}
}
}
}
}
function callback()
{
global $osC_Database, $osC_ShoppingCart;
if (empty($_GET['order_id']) || empty($_GET['order_code'])) {
// Invalid request
} else {
$sOrderId = $_GET['order_id'];
$sOrderCode = $_GET['order_code'];
$sql = "SELECT `transaction_status`, `transaction_url` FROM `" . DB_TABLE_PREFIX . "transactions` WHERE (`order_id` = '" . addslashes($sOrderId) . "') AND (`order_code` = '" . addslashes($sOrderCode) . "') ORDER BY `id` DESC LIMIT 1;";
$oQuery = $osC_Database->query($sql);
$oRecordset = $oQuery->execute();
if (mysql_num_rows($oRecordset)) {
$oRecord = mysql_fetch_assoc($oRecordset);
$iOrderId = (int) $sOrderId;
$sTransactionStatus = $oRecord['transaction_status'];
$sTransactionUrl = $oRecord['transaction_url'];
if (osC_Order::exists($iOrderId)) {
if (strcmp($sTransactionStatus, 'SUCCESS') === 0) {
// Update order status
osC_Order::process($iOrderId, MODULE_PAYMENT_IDEAL_SUCCESS_ORDER_STATUS_ID);
$osC_ShoppingCart->reset(true);
// Redirect
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'success', 'SSL'));
} elseif (strcmp($sTransactionStatus, 'PENDING') === 0) {
// Update order status
osC_Order::process($iOrderId, MODULE_PAYMENT_IDEAL_PENDING_ORDER_STATUS_ID);
$osC_ShoppingCart->reset(true);
// Redirect
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'success', 'SSL'));
} elseif (strcmp($sTransactionStatus, 'OPEN') === 0) {
// Update order status
osC_Order::process($iOrderId, MODULE_PAYMENT_IDEAL_OPEN_ORDER_STATUS_ID);
if ($sTransactionUrl) {
// Redirect
osc_redirect($sTransactionUrl);
}
} elseif (strcmp($sTransactionStatus, 'CANCELLED') === 0) {
if (MODULE_PAYMENT_IDEAL_REMOVE_ORDER_ON_CANCELLED) {
// Remove Order
osC_Order::remove($iOrderId);
} else {
// Update order status
osC_Order::process($iOrderId, MODULE_PAYMENT_IDEAL_CANCELLED_ORDER_STATUS_ID);
}
// Redirect
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'payment', 'SSL'));
} elseif (strcmp($sTransactionStatus, 'EXPIRED') === 0) {
// Update order status
osC_Order::process($iOrderId, MODULE_PAYMENT_IDEAL_EXPIRED_ORDER_STATUS_ID);
} elseif (strcmp($sTransactionStatus, 'FAILURE') === 0) {
// Update order status
osC_Order::process($iOrderId, MODULE_PAYMENT_IDEAL_FAILURE_ORDER_STATUS_ID);
}
// Redirect
osc_redirect(HTTPS_SERVER . DIR_WS_HTTPS_CATALOG . '/ext/payments/ideal/setup.php?order_id=' . $sOrderId . '&order_code=' . $sOrderCode);
}
}
}
echo 'Cannot verify your order and/or payment. Please contact the webmaster.';
exit;
}
function callback()
{
global $osC_Database;
$ip_address = osc_get_ip_address();
if ($ip_address == '69.20.58.35' || $ip_address == '207.97.201.192') {
if (isset($_POST['cs1']) && is_numeric($_POST['cs1']) && isset($_POST['cs2']) && is_numeric($_POST['cs2']) && isset($_POST['cs3']) && empty($_POST['cs3']) === false && isset($_POST['product_id']) && $_POST['product_id'] == MODULE_PAYMENT_CHRONOPAY_PRODUCT_ID && isset($_POST['total']) && empty($_POST['total']) === false && isset($_POST['transaction_type']) && empty($_POST['transaction_type']) === false) {
if (osC_Order::exists($_POST['cs2'], $_POST['cs1'])) {
$pass = false;
$post_array = array('root' => $_POST);
$osC_XML = new osC_XML($post_array);
if ($_POST['cs3'] == md5(MODULE_PAYMENT_CHRONOPAY_PRODUCT_ID . $_POST['cs2'] . $_POST['cs1'] . $_POST['total'] . MODULE_PAYMENT_CHRONOPAY_MD5_HASH)) {
if (osC_Order::getStatusID($_POST['cs2']) === 4) {
$pass = true;
osC_Order::process($_POST['cs2'], $this->order_status);
}
}
$Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
$Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
$Qtransaction->bindInt(':orders_id', $_POST['cs2']);
$Qtransaction->bindInt(':transaction_code', 1);
$Qtransaction->bindValue(':transaction_return_value', $osC_XML->toXML());
$Qtransaction->bindInt(':transaction_return_status', $pass === true ? 1 : 0);
$Qtransaction->execute();
}
}
}
}
