/** * @param IsotopeProductCollection|Order $objOrder * @param \Module|\Isotope\Module\Checkout $objModule * * @return array */ protected function getOutboundParameters(IsotopeProductCollection $objOrder, \Module $objModule = null) { $objAddress = $objOrder->getBillingAddress(); $successUrl = ''; $failureUrl = ''; $transDate = new DateTime(); $transDate->setTimezone(new \DateTimeZone('UTC')); if (null !== $objModule) { $successUrl = \Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder); $failureUrl = \Environment::get('base') . $objModule->generateUrlForStep('failed'); } return array('vads_action_mode' => 'INTERACTIVE', 'vads_amount' => Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency), 'vads_contrib' => 'Isotope eCommerce ' . Isotope::VERSION, 'vads_ctx_mode' => $this->debug ? 'TEST' : 'PRODUCTION', 'vads_currency' => Currency::getIsoNumber($objOrder->currency), 'vads_cust_address' => $objAddress->street_1, 'vads_cust_city' => $objAddress->city, 'vads_cust_country' => $objAddress->country, 'vads_cust_email' => $objAddress->email, 'vads_cust_id' => $objOrder->member ?: '', 'vads_cust_name' => $objAddress->firstname . ' ' . $objAddress->lastname, 'vads_cust_phone' => $objAddress->phone, 'vads_cust_title' => $objAddress->salutation, 'vads_cust_zip' => $objAddress->postal, 'vads_language' => $objOrder->language, 'vads_order_id' => $objOrder->id, 'vads_page_action' => 'PAYMENT', 'vads_payment_config' => 'SINGLE', 'vads_return_mode' => 'NONE', 'vads_site_id' => $this->vads_site_id, 'vads_trans_date' => $transDate->format('YmdHis'), 'vads_trans_id' => str_pad($objOrder->id, 6, '0', STR_PAD_LEFT), 'vads_url_cancel' => $failureUrl, 'vads_url_check' => \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id, 'vads_url_error' => $failureUrl, 'vads_url_referral' => $failureUrl, 'vads_url_refused' => $failureUrl, 'vads_url_success' => $successUrl, 'vads_url_return' => $failureUrl, 'vads_version' => 'V2'); }
/** * Validate input parameters and hash * * @param IsotopeProductCollection|Order $objOrder * * @return bool */ protected function validatePayment(IsotopeProductCollection $objOrder) { $arrValues = $_GET; unset($arrValues['hash']); unset($arrValues['auto_item']); unset($arrValues['step']); $strHash = md5(implode('', $arrValues) . $this->epay_secretkey); $intAmount = Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency); if ($strHash != \Input::get('hash')) { \System::log('Invalid hash for ePay payment. See system/logs/isotope_epay.log for more details.', __METHOD__, TL_ERROR); log_message(sprintf("Invalid hash for ePay payment:\ngot %s, expected %s\nParameters: %s\n\n", \Input::get('hash'), $strHash, print_r($arrValues, true)), 'isotope_epay.log'); return false; } if (Currency::getIsoNumber($objOrder->currency) != \Input::get('currency') || $intAmount != \Input::get('amount')) { \System::log('Currency or amount does not match order. See system/logs/isotope_epay.log for more details.', __METHOD__, TL_ERROR); log_message(sprintf("Currency or amount does not match order:\nCurrency: got %s (%s), expected %s\nAmount: got %s, expected %s\n\n", \Input::get('currency'), Currency::getIsoNumber($objOrder->currency), $objOrder->currency, \Input::get('amount'), $intAmount), 'isotope_epay.log'); return false; } return true; }
/** * Validate input parameters and hash * * @param IsotopeProductCollection|Order $objOrder * * @return bool */ private function validatePayment(IsotopeProductCollection $objOrder) { $checksum = hash_hmac("sha256", file_get_contents("php://input"), $this->quickpay_privateKey); if ($checksum != $_SERVER['HTTP_QUICKPAY_CHECKSUM_SHA256']) { \System::log('Invalid hash for QuickPay payment. See system/logs/isotope_quickpay.log for more details.', __METHOD__, TL_ERROR); log_message(sprintf("Invalid hash for QuickPay payment:\ngot %s, expected %s\nInput: %s\n\n", $_SERVER['HTTP_QUICKPAY_CHECKSUM_SHA256'], $checksum, file_get_contents("php://input")), 'isotope_quickpay.log'); return false; } $data = $this->getRequestResource(); if (null === $data) { return false; } $amount = Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency); if ($objOrder->currency != $data['currency'] || $amount != $data['operations'][0]['amount'] || 0 != $data['balance'] || $data['test_mode'] != $this->debug) { \System::log('QuickPay data was not accepted. See system/logs/isotope_quickpay.log for more details.', __METHOD__, TL_ERROR); log_message(sprintf("QuickPay data was not accepted:\n" . "Currency: got \"%s\", expected \"%s\"\n" . "Amount: got \"%s\", expected \"%s\"\n" . "Balance: got \"%s\", expected \"0\"\n" . "Accepted: got \"%s\", expected \"yes\"\n\n" . "Test Mode: got \"%s\", expected \"%s\"\n\n", $data['currency'], $objOrder->currency, $data['operations'][0]['amount'], $amount, $data['balance'], $data['accepted'] ? 'yes' : 'no', $data['test_mode'] ? 'yes' : 'no', $this->debug ? 'yes' : 'no'), 'isotope_quickpay.log'); return false; } return true; }