function callback()
{
global $osC_Database, $osC_Currencies;
foreach ($_POST as $key => $value) {
$post_string .= $key . '=' . urlencode($value) . '&';
}
$post_string = substr($post_string, 0, -1);
$this->_transaction_response = $this->sendTransactionToGateway($this->apc_url, $post_string);
if (strstr($this->_transaction_response, 'AUTHORISED')) {
if (!isset($_POST["status"]) || strtolower($_POST["status"]) == "live") {
$comments = 'Nochex payment of ' . sprintf("%01.2f", $_POST["amount"]) . ' received at ' . $_POST['transaction_date'] . ' with transaction ID:' . $_POST['transaction_id'];
} else {
$comments = 'TEST PAYMENT of ' . sprintf("%01.2f", $_POST["amount"]) . ' received at ' . $_POST['transaction_date'] . ' with transaction ID:' . $_POST['transaction_id'];
}
osC_Order::process($_POST['order_id'], $this->order_status, $comments);
} else {
if (!isset($_POST["status"]) || strtolower($_POST["status"]) == "live") {
$comments = 'Nochex payment of ' . sprintf("%01.2f", $_POST["amount"]) . ' received at ' . $_POST['transaction_date'] . ' with transaction ID:' . $_POST['transaction_id'] . ' is invalid';
} else {
$comments = 'TEST PAYMENT of ' . sprintf("%01.2f", $_POST["amount"]) . ' received at ' . $_POST['transaction_date'] . ' with transaction ID:' . $_POST['transaction_id'] . ' is invalid';
}
osC_Order::insertOrderStatusHistory($_POST['order_id'], $this->order_status, $comments);
}
}
function process()
{
global $osC_Database, $osC_Currencies, $osC_ShoppingCart, $messageStack, $osC_Language;
if (MODULE_PAYMENT_PM2CHECKOUT_DEMO_MODE == 1) {
$order_number = 1;
} else {
$order_number = $_GET['order_number'];
}
$check_hash = strtoupper(md5(MODULE_PAYMENT_PM2CHECKOUT_SECRET_WORD . MODULE_PAYMENT_PM2CHECKOUT_SELLER_ID . $order_number . $osC_Currencies->formatRaw($osC_ShoppingCart->getTotal())));
if ($check_hash == $_GET['key']) {
if (isset($_GET['cart_order_id']) && is_numeric($_GET['cart_order_id']) && $_GET['cart_order_id'] > 0) {
$Qcheck = $osC_Database->query('select orders_status, currency, currency_value from :table_orders where orders_id = :orders_id and customers_id = :customers_id');
$Qcheck->bindTable(':table_orders', TABLE_ORDERS);
$Qcheck->bindInt(':orders_id', $_GET['cart_order_id']);
$Qcheck->bindInt(':customers_id', $_GET['customer_id']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() > 0) {
$Qtotal = $osC_Database->query('select value from :table_orders_total where orders_id = :orders_id and class = "total" limit 1');
$Qtotal->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
$Qtotal->bindInt(':orders_id', $_GET['cart_order_id']);
$Qtotal->execute();
$comments = '2Checkout Order Successful [' . $_GET['order_number'] . '; ' . $osC_Currencies->format($_GET['total']) . ')]';
osC_Order::process($_GET['cart_order_id'], $this->order_status, $comments);
}
}
} else {
$comments = "MD5 HASH MISMATCH, PLEASE CONTACT THE SELLER";
$messageStack->add_session('checkout', $comments);
osC_Order::insertOrderStatusHistory($_GET['cart_order_id'], ORDERS_STATUS_PENDING, $comments);
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=paymentInformationForm', 'SSL'));
}
}
function callback()
{
global $osC_Database, $osC_Currencies, $osC_Language;
$post_string = 'cmd=_notify-validate&';
foreach ($_POST as $key => $value) {
$post_string .= $key . '=' . urlencode($value) . '&';
}
$post_string = substr($post_string, 0, -1);
$this->_transaction_response = $this->sendTransactionToGateway($this->form_action_url, $post_string);
if (strtoupper(trim($this->_transaction_response)) == 'VERIFIED') {
if (isset($_POST['invoice']) && is_numeric($_POST['invoice']) && $_POST['invoice'] > 0) {
$Qcheck = $osC_Database->query('select orders_status, currency, currency_value from :table_orders where orders_id = :orders_id and customers_id = :customers_id');
$Qcheck->bindTable(':table_orders', TABLE_ORDERS);
$Qcheck->bindInt(':orders_id', $_POST['invoice']);
$Qcheck->bindInt(':customers_id', $_POST['custom']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() > 0) {
$order = $Qcheck->toArray();
$Qtotal = $osC_Database->query('select value from :table_orders_total where orders_id = :orders_id and class = "total" limit 1');
$Qtotal->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
$Qtotal->bindInt(':orders_id', $_POST['invoice']);
$Qtotal->execute();
$total = $Qtotal->toArray();
$comment_status = $_POST['payment_status'] . ' (' . ucfirst($_POST['payer_status']) . '; ' . $osC_Currencies->format($_POST['mc_gross'], false, $_POST['mc_currency']) . ')';
if ($_POST['payment_status'] == 'Pending') {
$comment_status .= '; ' . $_POST['pending_reason'];
} elseif ($_POST['payment_status'] == 'Reversed' || $_POST['payment_status'] == 'Refunded') {
$comment_status .= '; ' . $_POST['reason_code'];
}
if ($_POST['mc_gross'] != number_format($total['value'] * $order['currency_value'], $osC_Currencies->getDecimalPlaces($order['currency']))) {
$comment_status .= '; PayPal transaction value (' . osc_output_string_protected($_POST['mc_gross']) . ') does not match order value (' . number_format($total['value'] * $order['currency_value'], $osC_Currencies->getDecimalPlaces($order['currency'])) . ')';
}
$comments = 'PayPal IPN Verified [' . $comment_status . ']';
osC_Order::process($_POST['invoice'], $this->order_status, $comments);
$Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
$Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
$Qtransaction->bindInt(':orders_id', $_POST['invoice']);
$Qtransaction->bindInt(':transaction_code', 1);
$Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response);
$Qtransaction->bindInt(':transaction_return_status', 1);
$Qtransaction->execute();
$Qtransaction->freeResult();
}
}
} else {
if (defined('MODULE_PAYMENT_PAYPAL_STANDARD_DEBUG_EMAIL')) {
$email_body = 'PAYPAL_STANDARD_DEBUG_POST_DATA:' . "\n\n";
reset($_POST);
foreach ($_POST as $key => $value) {
$email_body .= $key . '=' . $value . "\n";
}
$email_body .= "\n" . 'PAYPAL_STANDARD_DEBUG_GET_DATA:' . "\n\n";
reset($_GET);
foreach ($_GET as $key => $value) {
$email_body .= $key . '=' . $value . "\n";
}
osc_email('', MODULE_PAYMENT_PAYPAL_STANDARD_DEBUG_EMAIL, 'PayPal IPN Invalid Process', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}
if (isset($_POST['invoice']) && is_numeric($_POST['invoice']) && $_POST['invoice'] > 0) {
$Qcheck = $osC_Database->query('select orders_id from :table_orders where orders_id=:orders_id and customers_id=:customers_id');
$Qcheck->bindTable(':table_orders', TABLE_ORDERS);
$Qcheck->bindInt('orders_id', $_POST['invoice']);
$Qcheck->bindInt('customers_id', $_POST['custom']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() > 0) {
$comment_status = $_POST['payment_status'];
if ($_POST['payment_status'] == 'Pending') {
$comment_status .= '; ' . $_POST['pending_reason'];
} elseif ($_POST['payment_status'] == 'Reversed' || $_POST['payment_status'] == 'Refunded') {
$comment_status .= '; ' . $_POST['reason_code'];
}
$comments = 'PayPal IPN Invalid [' . $comment_status . ']';
osC_Order::insertOrderStatusHistory($_POST['invoice'], $this->order_status, $comments);
}
}
//process the transaction history
$Qtransaction_status = $osC_Database->query('select count(*) as total from :table_orders_transactions_status where status_name = :status_name');
$Qtransaction_status->bindTable(':table_orders_transactions_status', TABLE_ORDERS_TRANSACTIONS_STATUS);
$Qtransaction_status->bindValue(':status_name', $_POST['payment_status']);
$Qtransaction_status->execute();
$transaction_status = $Qtransaction_status->toArray();
$Qtransaction_status->freeResult();
//verify whether there is already the specific transactions status
if ($transaction_status['total'] == 0) {
//get the max status id
$Qtransaction_status_max = $osC_Database->query('select max(id) as max_id from :table_orders_transactions_status');
$Qtransaction_status_max->bindTable(':table_orders_transactions_status', TABLE_ORDERS_TRANSACTIONS_STATUS);
$Qtransaction_status_max->execute();
$transaction_status_max = $Qtransaction_status_max->toArray();
$Qtransaction_status_max->freeResult();
//insert the specific transaction status for this module
foreach ($osC_Language->getAll() as $l) {
$Qinsert_transaction_status = $osC_Database->query('insert into :table_orders_transactions_status values (:id, :language_id, :status_name)');
$Qinsert_transaction_status->bindTable(':table_orders_transactions_status', TABLE_ORDERS_TRANSACTIONS_STATUS);
$Qinsert_transaction_status->bindInt(':id', $transaction_status_max['max_id'] + 1);
$Qinsert_transaction_status->bindInt(':language_id', $l['id']);
$Qinsert_transaction_status->bindValue(':status_name', $_POST['payment_status']);
$Qinsert_transaction_status->execute();
}
}
//get the transaction status id
$Qtransaction_satus_id = $osC_Database->query('select id from :table_orders_transactions_status where language_id = :language_id and status_name = :status_name limit 1');
$Qtransaction_satus_id->bindTable(':table_orders_transactions_status', TABLE_ORDERS_TRANSACTIONS_STATUS);
$Qtransaction_satus_id->bindInt(':language_id', $osC_Language->getID());
$Qtransaction_satus_id->bindValue(':status_name', $_POST['payment_status']);
$Qtransaction_satus_id->execute();
$transaction_satus_id = $Qtransaction_satus_id->toArray();
$Qtransaction_satus_id->freeResult();
//insert the order transactions history
$Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
$Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
$Qtransaction->bindInt(':orders_id', $_POST['invoice']);
$Qtransaction->bindInt(':transaction_code', $transaction_satus_id['id']);
$Qtransaction->bindValue(':transaction_return_value', $this->_transaction_response);
$Qtransaction->bindInt(':transaction_return_status', 1);
$Qtransaction->execute();
$Qtransaction->freeResult();
}
}
function callback()
{
global $osC_Database, $osC_Currencies;
$result = "VERIFIED";
$check = true;
// Validate request
if (!isset($_POST['order_id']) || !is_numeric($_POST['order_id']) || $_POST['order_id'] <= 0) {
$check = false;
$result = 'bad order id';
}
if ($check) {
if (!isset($_POST['invoice_amount'])) {
$check = false;
$result = 'bad amount';
}
}
if ($check) {
if (!isset($_POST['invoice_currency'])) {
$check = false;
$result = 'bad currency';
}
}
if ($check) {
if (!isset($_POST['checksum']) || !isset($_POST['invoice_reference']) || !isset($_POST['invoice_created_at']) || !isset($_POST['invoice_status'])) {
$check = false;
$result = 'missing vatiables';
}
}
if ($check) {
//calc checksum
$sum = http_build_query(array('order_id' => $_POST['order_id'], 'invoice_reference' => $_POST['invoice_reference'], 'invoice_amount' => $_POST['invoice_amount'], 'invoice_currency' => $_POST['invoice_currency'], 'invoice_created_at' => $_POST['invoice_created_at'], 'invoice_status' => $_POST['invoice_status'], 'secret_key' => MODULE_PAYMENT_INPAY_SECRET_KEY), '', "&");
$md5v = md5($sum);
if ($md5v != $_POST['checksum']) {
$check = false;
$result = 'bad checksum';
}
}
if ($check) {
if (!osC_Order::exists($_POST['order_id'])) {
$check = false;
$result = 'order not found';
}
}
if ($check) {
$Qcheck = $osC_Database->query('select orders_status, currency, currency_value from :table_orders where orders_id = :orders_id');
$Qcheck->bindTable(':table_orders', TABLE_ORDERS);
$Qcheck->bindInt(':orders_id', $_POST['invoice']);
$Qcheck->bindInt(':customers_id', $_POST['custom']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() > 0) {
$order = $Qcheck->toArray();
$Qtotal = $osC_Database->query('select value from :table_orders_total where orders_id = :orders_id and class = "total" limit 1');
$Qtotal->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
$Qtotal->bindInt(':orders_id', $_POST['invoice']);
$Qtotal->execute();
$total = $Qtotal->toArray();
if (number_format($_POST['invoice_amount'], $osC_Currencies->getDecimalPlaces($order['currency'])) != number_format($total['value'] * $order['currency_value'], $osC_Currencies->getDecimalPlaces($order['currency']))) {
$check = false;
$result = 'Inpay transaction value (' . osc_output_string_protected($_POST['invoice_amount']) . ') does not match order value (' . number_format($total['value'] * $order['currency_value'], $osC_Currencies->get_decimal_places($order['currency'])) . ')';
}
}
}
if ($check) {
// check status
$delivered_status = 7;
if ($order['orders_status'] == MODULE_PAYMENT_INPAY_COMP_ORDER_STATUS_ID || $order['orders_status'] == $delivered_status) {
$check = false;
$result = 'Status already in level' . $order['orders_status'];
}
}
if ($check) {
$invoice_status = $this->get_invoice_status($_POST);
$check = false;
if (($invoice_status == "pending" || $invoice_status == "created") && ($_POST["invoice_status"] == "pending" || $POST["invoice_status"] == "created")) {
$check = true;
} else {
if ($invoice_status == "approved" && $_POST["invoice_status"] == "approved") {
$check = true;
} else {
if ($invoice_status == "sum_too_low" && $_POST["invoice_status"] == "sum_too_low") {
$check = true;
}
}
}
if (!$check) {
$result = 'Bad invoice status:' . $invoice_status;
}
}
// Validate request end
if ($result == 'VERIFIED') {
$invoice_approved = false;
$invoice_created = false;
$invoice_partial = false;
switch ($_POST['invoice_status']) {
case 'created':
case 'pending':
$msg = "customer has been asked to pay " . $_POST['invoice_amount'] . ' ' . $_POST['invoice_currency'] . ' with reference: ' . $_POST['invoice_reference'] . ' via his online bank';
$order_status_id = MODULE_PAYMENT_INPAY_CREATE_ORDER_STATUS_ID;
$invoice_created = true;
break;
case "approved":
$msg = "Inpay has confirmed that the payment of " . $_POST['invoice_amount'] . " " . $_POST['invoice_currency'] . " has been received";
$order_status_id = MODULE_PAYMENT_INPAY_COMP_ORDER_STATUS_ID;
$invoice_approved = true;
break;
case "sum_too_low":
$msg = "Partial payment received by inpay. Reference: " . $_POST['invoice_reference'];
$order_status_id = MODULE_PAYMENT_INPAY_SUM_TOO_LOW_ORDER_STATUS_ID;
$invoice_partial = true;
break;
}
$comments = 'Inpay ' . ucfirst($_POST['invoice_status']) . '[' . $msg . ']';
if ($invoice_approved || $invoice_created || $invoice_partial) {
osC_Order::process($_POST['order_id'], $order_status_id, $comments);
osC_Order::insertOrderStatusHistory($_POST['order_id'], $order_status_id, $comments);
} else {
if (defined('MODULE_PAYMENT_INPAY_DEBUG_EMAIL')) {
$email_body = 'INPAY_DEBUG_POST_DATA:' . "\n\n";
reset($_POST);
foreach ($_POST as $key => $value) {
$email_body .= $key . '=' . $value . "\n";
}
$email_body .= "\n" . 'INPAY_DEBUG_GET_DATA:' . "\n\n";
reset($_GET);
foreach ($_GET as $key => $value) {
$email_body .= $key . '=' . $value . "\n";
}
osc_email('', MODULE_PAYMENT_INPAY_DEBUG_EMAIL, 'Inpay Invalid Process', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}
if (isset($_POST['order_id']) && is_numeric($_POST['order_id']) && $_POST['order_id'] > 0) {
$Qcheck = $osC_Database->query('select orders_id from :table_orders where orders_id=:orders_id');
$Qcheck->bindTable(':table_orders', TABLE_ORDERS);
$Qcheck->bindInt('orders_id', $_POST['order_id']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() > 0) {
$comments = 'Inpay Invalid [' . $result . ']';
osC_Order::insertOrderStatusHistory($_POST['order_id'], $order_status_id, $comments);
}
}
}
}
}
function callback()
{
global $osC_Database, $osC_Currencies;
$post_string = 'cmd=_notify-validate&';
foreach ($_POST as $key => $value) {
$post_string .= $key . '=' . urlencode($value) . '&';
}
$post_string = substr($post_string, 0, -1);
$this->_transaction_response = $this->sendTransactionToGateway($this->form_action_url, $post_string);
if (strtoupper(trim($this->_transaction_response)) == 'VERIFIED') {
if (isset($_POST['invoice']) && is_numeric($_POST['invoice']) && $_POST['invoice'] > 0) {
$Qcheck = $osC_Database->query('select orders_status, currency, currency_value from :table_orders where orders_id = :orders_id and customers_id = :customers_id');
$Qcheck->bindTable(':table_orders', TABLE_ORDERS);
$Qcheck->bindInt(':orders_id', $_POST['invoice']);
$Qcheck->bindInt(':customers_id', $_POST['custom']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() > 0) {
$order = $Qcheck->toArray();
$Qtotal = $osC_Database->query('select value from :table_orders_total where orders_id = :orders_id and class = "total" limit 1');
$Qtotal->bindTable(':table_orders_total', TABLE_ORDERS_TOTAL);
$Qtotal->bindInt(':orders_id', $_POST['invoice']);
$Qtotal->execute();
$total = $Qtotal->toArray();
$comment = $_POST['payment_status'] . ' (' . ucfirst($_POST['payer_status']) . '; ' . $osC_Currencies->format($_POST['mc_gross'], false, $_POST['mc_currency']) . ')';
if ($_POST['payment_status'] == 'Pending') {
$comment .= '; ' . $_POST['pending_reason'];
} elseif ($_POST['payment_status'] == 'Reversed' || $_POST['payment_status'] == 'Refunded') {
$comment .= '; ' . $_POST['reason_code'];
}
if ($_POST['mc_gross'] != number_format($total['value'] * $order['currency_value'], $osC_Currencies->getDecimalPlaces($order['currency']))) {
$comment .= '; PayPal transaction value (' . osc_output_string_protected($_POST['mc_gross']) . ') does not match order value (' . number_format($total['value'] * $order['currency_value'], $osC_Currencies->getDecimalPlaces($order['currency'])) . ')';
}
$comments = 'PayPal IPN Verified [' . $comment . ']';
osC_Order::process($_POST['invoice'], $this->order_status, $comments);
}
}
} else {
if (defined('MODULE_PAYMENT_PAYPAL_STANDARD_DEBUG_EMAIL')) {
$email_body = 'PAYPAL_STANDARD_DEBUG_POST_DATA:' . "\n\n";
reset($_POST);
foreach ($_POST as $key => $value) {
$email_body .= $key . '=' . $value . "\n";
}
$email_body .= "\n" . 'PAYPAL_STANDARD_DEBUG_GET_DATA:' . "\n\n";
reset($_GET);
foreach ($_GET as $key => $value) {
$email_body .= $key . '=' . $value . "\n";
}
osc_email('', MODULE_PAYMENT_PAYPAL_STANDARD_DEBUG_EMAIL, 'PayPal IPN Invalid Process', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}
if (isset($_POST['invoice']) && is_numeric($_POST['invoice']) && $_POST['invoice'] > 0) {
$Qcheck = $osC_Database->query('select orders_id from :table_orders where orders_id=:orders_id and customers_id=:customers_id');
$Qcheck->bindTable(':table_orders', TABLE_ORDERS);
$Qcheck->bindInt('orders_id', $_POST['invoice']);
$Qcheck->bindInt('customers_id', $_POST['custom']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() > 0) {
$comment = $_POST['payment_status'];
if ($_POST['payment_status'] == 'Pending') {
$comment .= '; ' . $_POST['pending_reason'];
} elseif ($_POST['payment_status'] == 'Reversed' || $_POST['payment_status'] == 'Refunded') {
$comment .= '; ' . $_POST['reason_code'];
}
$comments = 'PayPal IPN Invalid [' . $comment . ']';
osC_Order::insertOrderStatusHistory($_POST['invoice'], $this->order_status, $comments);
}
}
}
}
