Example #1
0
 /**
  * @param IsotopeProductCollection|Order   $objOrder
  * @param \Module|\Isotope\Module\Checkout $objModule
  *
  * @return array
  */
 protected function getOutboundParameters(IsotopeProductCollection $objOrder, \Module $objModule = null)
 {
     $objAddress = $objOrder->getBillingAddress();
     $successUrl = '';
     $failureUrl = '';
     $transDate = new DateTime();
     $transDate->setTimezone(new \DateTimeZone('UTC'));
     if (null !== $objModule) {
         $successUrl = \Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder);
         $failureUrl = \Environment::get('base') . $objModule->generateUrlForStep('failed');
     }
     return array('vads_action_mode' => 'INTERACTIVE', 'vads_amount' => Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency), 'vads_contrib' => 'Isotope eCommerce ' . Isotope::VERSION, 'vads_ctx_mode' => $this->debug ? 'TEST' : 'PRODUCTION', 'vads_currency' => Currency::getIsoNumber($objOrder->currency), 'vads_cust_address' => $objAddress->street_1, 'vads_cust_city' => $objAddress->city, 'vads_cust_country' => $objAddress->country, 'vads_cust_email' => $objAddress->email, 'vads_cust_id' => $objOrder->member ?: '', 'vads_cust_name' => $objAddress->firstname . ' ' . $objAddress->lastname, 'vads_cust_phone' => $objAddress->phone, 'vads_cust_title' => $objAddress->salutation, 'vads_cust_zip' => $objAddress->postal, 'vads_language' => $objOrder->language, 'vads_order_id' => $objOrder->id, 'vads_page_action' => 'PAYMENT', 'vads_payment_config' => 'SINGLE', 'vads_return_mode' => 'NONE', 'vads_site_id' => $this->vads_site_id, 'vads_trans_date' => $transDate->format('YmdHis'), 'vads_trans_id' => str_pad($objOrder->id, 6, '0', STR_PAD_LEFT), 'vads_url_cancel' => $failureUrl, 'vads_url_check' => \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id, 'vads_url_error' => $failureUrl, 'vads_url_referral' => $failureUrl, 'vads_url_refused' => $failureUrl, 'vads_url_success' => $successUrl, 'vads_url_return' => $failureUrl, 'vads_version' => 'V2');
 }
Example #2
0
 /**
  * Validate input parameters and hash
  *
  * @param IsotopeProductCollection|Order $objOrder
  *
  * @return bool
  */
 protected function validatePayment(IsotopeProductCollection $objOrder)
 {
     $arrValues = $_GET;
     unset($arrValues['hash']);
     unset($arrValues['auto_item']);
     unset($arrValues['step']);
     $strHash = md5(implode('', $arrValues) . $this->epay_secretkey);
     $intAmount = Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency);
     if ($strHash != \Input::get('hash')) {
         \System::log('Invalid hash for ePay payment. See system/logs/isotope_epay.log for more details.', __METHOD__, TL_ERROR);
         log_message(sprintf("Invalid hash for ePay payment:\ngot %s, expected %s\nParameters: %s\n\n", \Input::get('hash'), $strHash, print_r($arrValues, true)), 'isotope_epay.log');
         return false;
     }
     if (Currency::getIsoNumber($objOrder->currency) != \Input::get('currency') || $intAmount != \Input::get('amount')) {
         \System::log('Currency or amount does not match order.  See system/logs/isotope_epay.log for more details.', __METHOD__, TL_ERROR);
         log_message(sprintf("Currency or amount does not match order:\nCurrency: got %s (%s), expected %s\nAmount: got %s, expected %s\n\n", \Input::get('currency'), Currency::getIsoNumber($objOrder->currency), $objOrder->currency, \Input::get('amount'), $intAmount), 'isotope_epay.log');
         return false;
     }
     return true;
 }
Example #3
0
 /**
  * Validate input parameters and hash
  *
  * @param IsotopeProductCollection|Order $objOrder
  *
  * @return bool
  */
 private function validatePayment(IsotopeProductCollection $objOrder)
 {
     $checksum = hash_hmac("sha256", file_get_contents("php://input"), $this->quickpay_privateKey);
     if ($checksum != $_SERVER['HTTP_QUICKPAY_CHECKSUM_SHA256']) {
         \System::log('Invalid hash for QuickPay payment. See system/logs/isotope_quickpay.log for more details.', __METHOD__, TL_ERROR);
         log_message(sprintf("Invalid hash for QuickPay payment:\ngot %s, expected %s\nInput: %s\n\n", $_SERVER['HTTP_QUICKPAY_CHECKSUM_SHA256'], $checksum, file_get_contents("php://input")), 'isotope_quickpay.log');
         return false;
     }
     $data = $this->getRequestResource();
     if (null === $data) {
         return false;
     }
     $amount = Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency);
     if ($objOrder->currency != $data['currency'] || $amount != $data['operations'][0]['amount'] || 0 != $data['balance'] || $data['test_mode'] != $this->debug) {
         \System::log('QuickPay data was not accepted. See system/logs/isotope_quickpay.log for more details.', __METHOD__, TL_ERROR);
         log_message(sprintf("QuickPay data was not accepted:\n" . "Currency: got \"%s\", expected \"%s\"\n" . "Amount: got \"%s\", expected \"%s\"\n" . "Balance: got \"%s\", expected \"0\"\n" . "Accepted: got \"%s\", expected \"yes\"\n\n" . "Test Mode: got \"%s\", expected \"%s\"\n\n", $data['currency'], $objOrder->currency, $data['operations'][0]['amount'], $amount, $data['balance'], $data['accepted'] ? 'yes' : 'no', $data['test_mode'] ? 'yes' : 'no', $this->debug ? 'yes' : 'no'), 'isotope_quickpay.log');
         return false;
     }
     return true;
 }