Exemple #1
0
/**
 * Verifies that a pending order is actually valid and has been paid for.
 * If the pending order is valid, it will return the order status that the
 * order should be set to. Returns false if the order is invalid.
 *
 * @param string The token for the pending order.
 * @return mixed Integer for the order status if the order is valid, false if invalid.
 */
function VerifyPendingOrder($pendingOrderToken)
{
	$status = false;
	$orderData = LoadPendingOrdersByToken($pendingOrderToken);
	if($orderData === false) {
		return false;
	}
	// This order was paid for entirely using a gift certificate, it's automatically valid
	if($orderData['paymentmethod'] == "giftcertificate") {
		$status = ORDER_STATUS_AWAITING_FULFILLMENT;
	}
	// This order was paid for entirely using store credit, it's automatically valid
	else if($orderData['paymentmethod'] == "storecredit") {
		$status = ORDER_STATUS_AWAITING_FULFILLMENT;
	}
	// Don't have to pay for this order because the total is $0.00
	else if($orderData['total'] == 0 && $orderData['paymentmethod'] == '') {
		$status = ORDER_STATUS_AWAITING_FULFILLMENT;
	}
	// Otherwise we went through a payment gateway
	else {
		// Invalid payment module - this is an invalid order
		if(!GetModuleById('checkout', $provider, $orderData['paymentmodule'])) {
			return false;
		}

		// If we have a payment provider that needs to validate the payment
		// do so.
		if($provider->GetPaymentType() != PAYMENT_PROVIDER_OFFLINE) {
			$provider->SetOrderData($orderData);
			// This module doesn't support the new VerifyOrderPayment method (kept for backwards compat.)
			if(method_exists($provider, 'VerifyOrder')) {
				// Grab the first order
				$order = current($orderData['orders']);

				// Order is invalid
				if(!$provider->VerifyOrder($order)) {
					return false;
				}

				if(isset($order['paymentstatus'])) {
					$paymentStatus = $order['paymentstatus'];
				}
			}
			// Otherwise, use the VerifyOrderPayment method to validate the entire order
			else {
				// Order is invalid
				if(!$provider->VerifyOrderPayment()) {
					return false;
				}

				// Get the payment status for this order
				if($provider->GetPaymentStatus() !== false) {
					$paymentStatus = $provider->GetPaymentStatus();
				}
			}

			// Did we have a payment status?
			if(isset($paymentStatus)) {
				$status = GetOrderStatusFromPaymentStatus($paymentStatus);
			}
		}

		// Offline provider, so the payment is valid
		else {
			$status = ORDER_STATUS_AWAITING_PAYMENT;
		}
	}
	return $status;
}
Exemple #2
0
	/**
	*	Process details for a particular payment gateway inline.
	*/
	private function ProcessOrderPayment()
	{
		// ensure products are in stock
		$this->CheckStockLevels();

		$order_token = "";
		if(isset($_COOKIE['SHOP_ORDER_TOKEN'])) {
			$order_token = $_COOKIE['SHOP_ORDER_TOKEN'];
		}

		// If the order token is empty then something has gone wrong.
		if($order_token == '') {
			@ob_end_clean();
			header("Location: ".$GLOBALS['ShopPathSSL']."/checkout.php?action=confirm_order");
			die();
		}

		// Load the pending order
		$orders = LoadPendingOrdersByToken($order_token);

		if(!is_array($orders)) {
			@ob_end_clean();
			header("Location: ".$GLOBALS['ShopPathSSL']."/checkout.php?action=confirm_order");
			die();
		}

		if ($orders['status'] != ORDER_STATUS_INCOMPLETE) {
			// has this order already been completed? redirect to finish order
			@ob_end_clean();
			header("Location: ".$GLOBALS['ShopPathSSL']."/finishorder.php");
			die();
		}

		// Get the payment module
		if(!GetModuleById('checkout', $provider, $orders['paymentmodule'])) {
			@ob_end_clean();
			header("Location: ".$GLOBALS['ShopPathSSL']."/checkout.php?action=confirm_order");
			die();
		}

		$provider->SetOrderData($orders);

		if(isset($_SESSION['CHECKOUT']['ProviderListHTML']) && method_exists($provider, 'DoExpressCheckoutPayment')) {
			$provider->DoExpressCheckoutPayment();
			die();
		}

		// Does this method have it's own processing method?
		if(method_exists($provider, "ProcessPaymentForm")) {
			$result = $provider->ProcessPaymentForm();
			if($result) {
				$paymentStatus = $provider->GetPaymentStatus();
				$orderStatus = GetOrderStatusFromPaymentStatus($paymentStatus);
				if(CompletePendingOrder($order_token, $orderStatus)) {
					// Everything is fine, send the customer to the thank you page.
					redirect(getConfig('ShopPathSSL').'/finishorder.php');
				}
			}

			// Otherwise there was an error
			$this->ShowPaymentForm($provider);
		}

		// If we're still here then something from the above has gone wrong. Show the confirm page again
		redirect(getConfig('ShopPathSSL').'/checkout.php?action=confirm_order');
	}