/**
* @param IsotopeProductCollection|Order $objOrder
* @param \Module|\Isotope\Module\Checkout $objModule
*
* @return array
*/
protected function getOutboundParameters(IsotopeProductCollection $objOrder, \Module $objModule = null)
{
$objAddress = $objOrder->getBillingAddress();
$successUrl = '';
$failureUrl = '';
$transDate = new DateTime();
$transDate->setTimezone(new \DateTimeZone('UTC'));
if (null !== $objModule) {
$successUrl = \Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder);
$failureUrl = \Environment::get('base') . $objModule->generateUrlForStep('failed');
}
return array('vads_action_mode' => 'INTERACTIVE', 'vads_amount' => Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency), 'vads_contrib' => 'Isotope eCommerce ' . Isotope::VERSION, 'vads_ctx_mode' => $this->debug ? 'TEST' : 'PRODUCTION', 'vads_currency' => Currency::getIsoNumber($objOrder->currency), 'vads_cust_address' => $objAddress->street_1, 'vads_cust_city' => $objAddress->city, 'vads_cust_country' => $objAddress->country, 'vads_cust_email' => $objAddress->email, 'vads_cust_id' => $objOrder->member ?: '', 'vads_cust_name' => $objAddress->firstname . ' ' . $objAddress->lastname, 'vads_cust_phone' => $objAddress->phone, 'vads_cust_title' => $objAddress->salutation, 'vads_cust_zip' => $objAddress->postal, 'vads_language' => $objOrder->language, 'vads_order_id' => $objOrder->id, 'vads_page_action' => 'PAYMENT', 'vads_payment_config' => 'SINGLE', 'vads_return_mode' => 'NONE', 'vads_site_id' => $this->vads_site_id, 'vads_trans_date' => $transDate->format('YmdHis'), 'vads_trans_id' => str_pad($objOrder->id, 6, '0', STR_PAD_LEFT), 'vads_url_cancel' => $failureUrl, 'vads_url_check' => \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id, 'vads_url_error' => $failureUrl, 'vads_url_referral' => $failureUrl, 'vads_url_refused' => $failureUrl, 'vads_url_success' => $successUrl, 'vads_url_return' => $failureUrl, 'vads_version' => 'V2');
}
/**
* Validate input parameters and hash
*
* @param IsotopeProductCollection|Order $objOrder
*
* @return bool
*/
protected function validatePayment(IsotopeProductCollection $objOrder)
{
$arrValues = $_GET;
unset($arrValues['hash']);
unset($arrValues['auto_item']);
unset($arrValues['step']);
$strHash = md5(implode('', $arrValues) . $this->epay_secretkey);
$intAmount = Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency);
if ($strHash != \Input::get('hash')) {
\System::log('Invalid hash for ePay payment. See system/logs/isotope_epay.log for more details.', __METHOD__, TL_ERROR);
log_message(sprintf("Invalid hash for ePay payment:\ngot %s, expected %s\nParameters: %s\n\n", \Input::get('hash'), $strHash, print_r($arrValues, true)), 'isotope_epay.log');
return false;
}
if (Currency::getIsoNumber($objOrder->currency) != \Input::get('currency') || $intAmount != \Input::get('amount')) {
\System::log('Currency or amount does not match order. See system/logs/isotope_epay.log for more details.', __METHOD__, TL_ERROR);
log_message(sprintf("Currency or amount does not match order:\nCurrency: got %s (%s), expected %s\nAmount: got %s, expected %s\n\n", \Input::get('currency'), Currency::getIsoNumber($objOrder->currency), $objOrder->currency, \Input::get('amount'), $intAmount), 'isotope_epay.log');
return false;
}
return true;
}
/**
* Validate input parameters and hash
*
* @param IsotopeProductCollection|Order $objOrder
*
* @return bool
*/
private function validatePayment(IsotopeProductCollection $objOrder)
{
$checksum = hash_hmac("sha256", file_get_contents("php://input"), $this->quickpay_privateKey);
if ($checksum != $_SERVER['HTTP_QUICKPAY_CHECKSUM_SHA256']) {
\System::log('Invalid hash for QuickPay payment. See system/logs/isotope_quickpay.log for more details.', __METHOD__, TL_ERROR);
log_message(sprintf("Invalid hash for QuickPay payment:\ngot %s, expected %s\nInput: %s\n\n", $_SERVER['HTTP_QUICKPAY_CHECKSUM_SHA256'], $checksum, file_get_contents("php://input")), 'isotope_quickpay.log');
return false;
}
$data = $this->getRequestResource();
if (null === $data) {
return false;
}
$amount = Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency);
if ($objOrder->currency != $data['currency'] || $amount != $data['operations'][0]['amount'] || 0 != $data['balance'] || $data['test_mode'] != $this->debug) {
\System::log('QuickPay data was not accepted. See system/logs/isotope_quickpay.log for more details.', __METHOD__, TL_ERROR);
log_message(sprintf("QuickPay data was not accepted:\n" . "Currency: got \"%s\", expected \"%s\"\n" . "Amount: got \"%s\", expected \"%s\"\n" . "Balance: got \"%s\", expected \"0\"\n" . "Accepted: got \"%s\", expected \"yes\"\n\n" . "Test Mode: got \"%s\", expected \"%s\"\n\n", $data['currency'], $objOrder->currency, $data['operations'][0]['amount'], $amount, $data['balance'], $data['accepted'] ? 'yes' : 'no', $data['test_mode'] ? 'yes' : 'no', $this->debug ? 'yes' : 'no'), 'isotope_quickpay.log');
return false;
}
return true;
}
