protected function _toHtml()
{
try {
$form = new Varien_Data_Form();
$form->setAction($this->_getSageSession()->getAcsurl())->setId('sagepaydirectpro_3dsecure')->setName('sagepaydirectpro_3dsecure')->setMethod('POST')->setUseContainer(true);
$params = array('_secure' => true, 'storeid' => Mage::app()->getStore()->getId());
$_shipSessData = Mage::getSingleton('checkout/type_onepage')->getQuote()->getShippingAddress()->getShippingMethod();
if ($_shipSessData) {
$params['shipmethod'] = $_shipSessData;
}
$postUrl = Mage::getModel('core/url')->addSessionParam()->getUrl('sgps/directPayment/callback3d', $params);
$form->addField('PaReq', 'hidden', array('name' => 'PaReq', 'value' => $this->_getSageSession()->getPareq()));
$form->addField('MD', 'hidden', array('name' => 'MD', 'value' => $this->_getSageSession()->getEmede()));
#$form->addField('TermUrl', 'hidden', array('name'=>'TermUrl', 'value' => Mage::getUrl('sgps/directPayment/callback3d', array('_secure' => true))));
$form->addField('TermUrl', 'hidden', array('name' => 'TermUrl', 'value' => $postUrl));
$html = '<html><body>';
$html .= '<code>' . $this->__('Loading 3D secure form...') . '</code>';
$html .= $form->toHtml();
$html .= '<script type="text/javascript">document.getElementById("sagepaydirectpro_3dsecure").submit();</script>';
$html .= '</body></html>';
Sage_Log::log($html, null, 'SagePaySuite_REQUEST.log');
} catch (Exception $e) {
Ebizmarts_SagePaySuite_Log::we($e);
}
return $html;
}
/**
* Return all customer cards list for onepagecheckout use.
*/
public function getTokenCardsHtmlAction()
{
$html = '';
$_code = $this->getRequest()->getPost('payment_method', 'sagepaydirectpro');
try {
$html .= $this->getLayout()->createBlock('sagepaysuite/form_tokenList', 'token.cards.li')->setCanUseToken(true)->setPaymentMethodCode($_code)->toHtml();
} catch (Exception $e) {
Ebizmarts_SagePaySuite_Log::we($e);
}
return $this->getResponse()->setBody(str_replace(array('<div id="tokencards-payment-' . $_code . '">', '</div>'), array(), $html));
}
public function registerTokenAction()
{
$resultData = array();
try {
$resultData = $this->getDirectModel()->registerTransaction($this->getRequest()->getPost(), true);
} catch (Exception $e) {
Ebizmarts_SagePaySuite_Log::we($e);
$resultData['success'] = 'false';
$resultData['response_status'] = 'ERROR';
$resultData['response_status_detail'] = $e->getMessage();
}
return $this->getResponse()->setBody(Zend_Json::encode($resultData));
}
public function fraudCheckAction()
{
if ($this->getRequest()->isPost()) {
#Mass action
$orderIds = $this->getRequest()->getPost('order_ids', array());
foreach ($orderIds as $orderId) {
$_order = Mage::getModel('sales/order')->load($orderId);
$rs = $this->getFraud()->getTransactionDetails($_order->getVendorTxCode());
if ($rs[0] != '<') {
$this->_getSession()->addError($this->__('An error ocurred: %s %s', $_order->getVendorTxCode(), $rs));
continue;
}
$xml = new Varien_Simplexml_Element($rs);
if ((string) $xml->errorcode != '0000') {
$this->_getSession()->addError((string) $xml->error . ' ' . $_order->getVendorTxCode());
} else {
try {
$this->getFraud()->updateThirdMan($orderId, $xml);
$this->_getSession()->addSuccess($this->__('Updated: Order Id #%s', $_order->getIncrementId()));
} catch (Exception $e) {
Ebizmarts_SagePaySuite_Log::we($e);
$this->_getSession()->addError($_order->getVendorTxCode() . ' ' . $e->getMessage);
}
}
}
} else {
$orderId = $this->getRequest()->getParam('order_id');
$_order = Mage::getModel('sales/order')->load($orderId);
$rs = $this->getFraud()->getTransactionDetails($_order->getVendorTxCode());
if ($rs[0] != '<') {
$this->_getSession()->addError($this->__('An error ocurred: %s', $rs));
$this->_redirectReferer();
return;
} else {
$xml = new Varien_Simplexml_Element($rs);
if ((string) $xml->errorcode != '0000') {
$this->_getSession()->addError((string) $xml->error . ' ' . $_order->getVendorTxCode());
} else {
try {
$this->getFraud()->updateThirdMan($orderId, $xml);
$this->_getSession()->addSuccess($this->__('Updated: Order Id #%s', $_order->getIncrementId()));
} catch (Exception $e) {
Ebizmarts_SagePaySuite_Log::we($e);
$this->_getSession()->addError($_order->getVendorTxCode() . ' ' . $e->getMessage());
}
}
}
}
$this->_redirectReferer();
return;
}
public function getTransactionDetail($vendorTxCode)
{
$pwd = Mage::helper('core')->decrypt($this->_getCdata('api_password'));
$xml_command = "<command>getTransactionDetail</command>";
$xml_command .= "<vendor>{$this->_getCdata('vendor')}</vendor>";
$xml_command .= "<user>{$this->_getCdata('api_username')}</user>";
$xml_command .= "<vendortxcode>{$vendorTxCode}</vendortxcode>";
$xml = "<vspaccess>";
$xml .= $xml_command;
$xml .= "<signature>" . md5($xml_command . '<password>' . $pwd . '</password>') . "</signature>";
$xml .= "</vspaccess>";
Ebizmarts_SagePaySuite_Log::w($xml);
// Initialise output variable
$output = array();
// Open the cURL session
$curlSession = curl_init();
//ssl version from config
$sslversion = Mage::getStoreConfig('payment/sagepaysuite/curl_ssl_version');
curl_setopt($curlSession, CURLOPT_SSLVERSION, $sslversion);
// Set the URL
curl_setopt($curlSession, CURLOPT_URL, $this->_getAccessUrl());
// No headers, please
curl_setopt($curlSession, CURLOPT_HEADER, 0);
// It's a POST request
curl_setopt($curlSession, CURLOPT_POST, 1);
// Set the fields for the POST
curl_setopt($curlSession, CURLOPT_POSTFIELDS, 'XML=' . $xml);
// Return it direct, don't print it out
curl_setopt($curlSession, CURLOPT_RETURNTRANSFER, 1);
// This connection will timeout in 30 seconds
curl_setopt($curlSession, CURLOPT_TIMEOUT, 90);
//The next two lines must be present for the kit to work with newer version of cURL
//You should remove them if you have any problems in earlier versions of cURL
curl_setopt($curlSession, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curlSession, CURLOPT_SSL_VERIFYHOST, 2);
if (Mage::getStoreConfigFlag('payment/sagepaysuite/curl_proxy') == 1) {
curl_setopt($curlSession, CURLOPT_PROXY, Mage::getStoreConfig('payment/sagepaysuite/curl_proxy_port'));
}
//Send the request and store the result in an array
$rawresponse = curl_exec($curlSession);
Ebizmarts_SagePaySuite_Log::w($rawresponse);
// Check that a connection was made
if (curl_error($curlSession)) {
return curl_error($curlSession);
}
// Close the cURL session
curl_close($curlSession);
return trim($rawresponse);
}
public function fraudCheckAction()
{
if ($this->getRequest()->isPost()) {
#Mass action
$orderIds = $this->getRequest()->getPost('order_ids', array());
foreach ($orderIds as $orderId) {
$_order = Mage::getModel('sales/order')->load($orderId);
Mage::register('reporting_store_id', $_order->getStoreId());
$rs = $this->getFraud()->getTransactionDetails($_order->getSagepayInfo()->getVendorTxCode());
if ($rs->getError()) {
Mage::unregister('reporting_store_id');
$this->_getSession()->addError($this->__('An error ocurred: %s %s', $_order->getVendorTxCode(), $rs));
continue;
}
if ($rs->getError()) {
$this->_getSession()->addError((string) $xml->error . ' ' . $_order->getVendorTxCode());
} else {
try {
$this->getPersistentFraud()->updateThirdMan($orderId, $rs);
$this->_getSession()->addSuccess($this->__('Updated: Order Id #%s', $_order->getIncrementId()));
} catch (Exception $e) {
Ebizmarts_SagePaySuite_Log::we($e);
$this->_getSession()->addError($_order->getVendorTxCode() . ' ' . $e->getMessage);
}
}
Mage::unregister('reporting_store_id');
}
} else {
$orderId = $this->getRequest()->getParam('order_id');
$_order = Mage::getModel('sales/order')->load($orderId);
Mage::register('reporting_store_id', $_order->getStoreId());
$rs = $this->getFraud()->getTransactionDetails($_order->getSagepayInfo()->getVendorTxCode());
if ($rs->getError()) {
$this->_getSession()->addError($this->__('An error ocurred: %s', htmlentities($rs->getError())));
$this->_redirectReferer();
return;
} else {
try {
$this->getPersistentFraud()->updateThirdMan($orderId, $rs);
$this->_getSession()->addSuccess($this->__('Updated: Order Id #%s', $_order->getIncrementId()));
} catch (Exception $e) {
Ebizmarts_SagePaySuite_Log::we($e);
$this->_getSession()->addError($_order->getVendorTxCode() . ' ' . htmlentities($e->getMessage()));
}
}
}
$this->_redirectReferer();
return;
}
public function getIpAddress()
{
try {
/*$xml = file_get_contents('http://ip-address.domaintools.com/myip.xml');
$xml = new Varien_Simplexml_Element($xml);
$ip = (string)$xml->ip_address;*/
$ip = explode('.', file_get_contents('https://ebizmarts.com/magento/ipcheck.php'));
$ip = array_map(array($this, 'pad'), $ip);
return implode('.', $ip);
} catch (Exception $e) {
Ebizmarts_SagePaySuite_Log::we($e);
return '';
}
}
/**
* Retrieve feed data as XML element
*
* @return SimpleXMLElement
*/
public function getFeedData()
{
$curl = new Varien_Http_Adapter_Curl();
$curl->setConfig(array('timeout' => 60));
$curl->write(Zend_Http_Client::GET, $this->getFeedUrl(), '1.0');
$data = $curl->read();
if ($data === false) {
return false;
}
$data = preg_split('/^\\r?$/m', $data, 2);
$data = trim($data[1]);
$curl->close();
try {
$xml = new SimpleXMLElement($data);
} catch (Exception $e) {
Ebizmarts_SagePaySuite_Log::we($e);
return false;
}
return $xml;
}
protected function _getUpdates()
{
$feedData = array();
try {
$node = $this->getFeedData();
if (!$node) {
return false;
}
foreach ($node->children() as $item) {
$feedData[] = array('severity' => (string) $item->severity, 'date_added' => (string) $item->date_added, 'title' => (string) $item->title, 'description' => (string) $item->description, 'url' => (string) $item->url);
}
if ($feedData) {
Mage::getModel('adminnotification/inbox')->parse($feedData);
}
Mage::app()->saveCache(time(), 'sagepaysuite_updates_feed_lastcheck');
return true;
} catch (Exception $e) {
Ebizmarts_SagePaySuite_Log::we($e);
return false;
}
}
/**
* Register new token card for customer before new transaction
* @see Ebizmarts_SagePaySuite_Model_SagePayDirectPro::_postRequest
*/
public function registerOnPayment($o)
{
$request = $o->getEvent()->getRequest();
$customerSession = Mage::helper('customer')->getCustomer();
$customerId = (int) $customerSession->getId();
Ebizmarts_SagePaySuite_Log::w($customerId, null, 'Token.log');
if (!$customerId) {
return $o;
}
$_data = $request->getData();
$_pdata = array('Vendor' => '', 'Currency' => '', 'CardHolder' => '', 'CardType' => '', 'CardNumber' => '', 'StartYear' => '', 'StartMonth' => '', 'ExpiryMonth' => '', 'ExpiryYear' => '', 'CV2' => '', 'IssueNumber' => '', 'ExpiryDate' => '', 'StartDate' => '');
$rs = Mage::getModel('sagepaysuite/sagePayToken')->registerCard(array_intersect_key($_data, $_pdata));
if (empty($rs)) {
return $o;
}
Ebizmarts_SagePaySuite_Log::w($_data, null, 'SagePayToken.log');
Ebizmarts_SagePaySuite_Log::w($rs, null, 'SagePayToken.log');
if ($rs['Status'] == 'OK') {
$save = Mage::getModel('sagepaysuite2/sagepaysuite_tokencard')->setToken($rs['Token'])->setStatus($rs['Status'])->setCardType($_data['CardType'])->setExpiryDate($_data['ExpiryDate'])->setStatusDetail($rs['StatusDetail'])->setProtocol('direct')->setCustomerId($customerId)->setLastFour(substr($_data['CardNumber'], -4))->save();
} else {
Ebizmarts_SagePaySuite_Log::w($rs, null, 'SagePayToken_Errors.log');
#$customerSession->addError(Mage::helper('sagepaysuite')->__('Could not save credit card token: %s', $rs['StatusDetail']));
}
}
public function successAction()
{
$_r = $this->getRequest();
Sage_Log::log($_r->getPost(), null, 'SagePaySuite_FORM_Callback.log');
if ($_r->getParam('crypt') && $_r->getParam('vtxc')) {
$strDecoded = $this->getFormModel()->decrypt($_r->getParam('crypt'));
$token = Mage::helper('sagepaysuite/form')->getToken($strDecoded);
Ebizmarts_SagePaySuite_Log::w($token, null, 'SagePaySuite_FORM_Callback.log');
$db = Mage::helper('sagepaysuite')->arrayKeysToUnderscore($token);
# Add data to DB transaction
$trn = $this->_getTransaction()->loadByVendorTxCode($_r->getParam('vtxc'));
$trn->addData($db);
if (isset($db['post_code_result'])) {
$trn->setPostcodeResult($db['post_code_result']);
}
if (isset($db['cv2_result'])) {
$trn->setCv2result($db['cv2_result']);
}
if (isset($db['3_d_secure_status'])) {
$trn->setThreedSecureStatus($db['3_d_secure_status']);
}
if (isset($db['last4_digits'])) {
$trn->setLastFourDigits($db['last4_digits']);
}
if (isset($db['gift_aid'])) {
$trn->setGiftAid($db['gift_aid']);
}
$trn->save();
Mage::register('sageserverpost', new Varien_Object($token));
if (strtoupper($trn->getTxType()) == 'PAYMENT') {
Mage::getSingleton('sagepaysuite/session')->setInvoicePayment(true);
}
$this->getOnepage()->getQuote()->collectTotals();
$this->getOnepage()->saveOrder();
Mage::helper('sagepaysuite/checkout')->deleteQuote();
$this->_redirect('checkout/onepage/success');
return;
}
$this->_redirect('/');
return;
}
public function getOrderPlaceRedirectUrl()
{
$tmp = $this->getSageSuiteSession();
Ebizmarts_SagePaySuite_Log::w($tmp->getAcsurl() . '-' . $tmp->getEmede() . '-' . $tmp->getPareq());
if ($tmp->getAcsurl() && $tmp->getEmede() && $tmp->getPareq()) {
#return Mage::getUrl('sagepaydirectpro/payment/redirect', array('_secure' => true));
return Mage::getUrl('sagepaydirectpro-3dsecure', array('_secure' => true));
} else {
return false;
}
}
public function notifyAction()
{
Ebizmarts_SagePaySuite_Log::w($_POST, null, 'SagePaySuite_POST_Requests.log');
//try {
if (!file_exists(Mage::getBaseDir('var') . '/tmp')) {
mkdir(Mage::getBaseDir('var') . '/tmp');
}
$dbtrn = $this->_trn();
if ($dbtrn->getId() && file_exists($this->_getCheckFile())) {
$this->_returnOk();
}
$request = $this->getRequest();
$sagePayServerSession = $this->_getSagePayServerSession();
$strVendorName = $this->getSPSModel()->getConfigData('vendor');
$strStatus = $request->getParam('Status', '');
$strVendorTxCode = $request->getParam('VendorTxCode', '');
$strVPSTxId = $request->getParam('VPSTxId', '');
$strSecurityKey = '';
if ($sagePayServerSession->getVendorTxCode() == $strVendorTxCode && $sagePayServerSession->getVpsTxId() == $strVPSTxId) {
$strSecurityKey = $sagePayServerSession->getSecurityKey();
$sagePayServerSession->setVpsTxId($strVPSTxId);
}
$response = '';
if (strlen($strSecurityKey) == 0) {
$this->_returnInvalid('Security Key invalid');
} else {
// Mark
if ($request->getParam('VendorTxCode')) {
fopen($this->_getCheckFile(), 'w');
}
$strStatusDetail = $strTxAuthNo = $strAVSCV2 = $strAddressResult = $strPostCodeResult = $strCV2Result = $strGiftAid = $str3DSecureStatus = $strCAVV = $strAddressStatus = $strPayerStatus = $strCardType = $strPayerStatus = $strLast4Digits = $strMySignature = '';
$strVPSSignature = $request->getParam('VPSSignature', '');
$strStatusDetail = $request->getParam('StatusDetail', '');
if (strlen($request->getParam('TxAuthNo', '')) > 0) {
$strTxAuthNo = $request->getParam('TxAuthNo', '');
$sagePayServerSession->setTxAuthNo($strTxAuthNo);
}
$strAVSCV2 = $request->getParam('AVSCV2', '');
$strAddressResult = $request->getParam('AddressResult', '');
$strPostCodeResult = $request->getParam('PostCodeResult', '');
$strCV2Result = $request->getParam('CV2Result', '');
$strGiftAid = $request->getParam('GiftAid', '');
$str3DSecureStatus = $request->getParam('3DSecureStatus', '');
$strCAVV = $request->getParam('CAVV', '');
$strAddressStatus = $request->getParam('AddressStatus', '');
$strPayerStatus = $request->getParam('PayerStatus', '');
$strCardType = $request->getParam('CardType', '');
$strLast4Digits = $request->getParam('Last4Digits', '');
$strMessage = $strVPSTxId . $strVendorTxCode . $strStatus . $strTxAuthNo . $strVendorName . $strAVSCV2 . $strSecurityKey . $strAddressResult . $strPostCodeResult . $strCV2Result . $strGiftAid . $str3DSecureStatus . $strCAVV . $strAddressStatus . $strPayerStatus . $strCardType . $strLast4Digits;
$strMySignature = strtoupper(md5($strMessage));
$response = '';
/** We can now compare our MD5 Hash signature with that from Sage Pay Server **/
$validSignature = (int) $this->getSPSModel()->getConfigData('validate_md5') == 1 && $this->getSPSModel()->getConfigData('mode') == 'live' ? $strMySignature !== $strVPSSignature : false;
if ($validSignature) {
$this->_returnInvalid('Cannot match the MD5 Hash. Order might be tampered with. ' . $strStatusDetail);
} else {
$strDBStatus = $this->_getHRStatus($strStatus, $strStatusDetail);
if ($strStatus == 'OK' || $strStatus == 'AUTHENTICATED' || $strStatus == 'REGISTERED') {
try {
$sagePayServerSession->setTrnhData($this->_setAdditioanlPaymentInfo($strDBStatus));
$sOrder = $this->_sAdminOrder();
if (FALSE === $sOrder || !$sOrder->getId()) {
$sagePayServerSession->setFailStatus($strDBStatus);
/** The status indicates a failure of one state or another, so send the customer to orderFailed instead **/
$strRedirectPage = $this->_getFailedRedirectUrl();
$this->_returnInvalid('Couldnot save order');
} else {
$orderId = Mage::registry('last_order_id');
$dbtrn->addData(Mage::helper('sagepaysuite')->arrayKeysToUnderscore($_POST))->setPostcodeResult($this->getRequest()->getPost('PostCodeResult'))->setThreedSecureStatus($this->getRequest()->getPost('3DSecureStatus'))->setLastFourDigits($this->getRequest()->getPost('Last4Digits'))->setOrderId($orderId)->save();
$sagePayServerSession->setSuccessStatus($strDBStatus);
//if ($this->ia()) {
$sagePayServerSession->setDummyId($sOrder->getId());
if ($request->getParam('e')) {
$sOrder->sendNewOrderEmail();
}
//}
}
Mage::getSingleton('checkout/session')->setSagePayRewInst(null)->setSagePayCustBalanceInst(null);
$this->_returnOk();
} catch (Exception $e) {
Mage::logException($e);
Mage::log($e->getMessage());
}
} else {
$sagePayServerSession->setFailStatus($strDBStatus);
/** The status indicates a failure of one state or another, so send the customer to orderFailed instead **/
$this->_returnInvalid($strDBStatus);
}
}
}
//}} SecurityKey check
}
/**
* Post transaction to SagePay - PayPal
*/
public function goAction()
{
try {
$this->_initCheckout();
$customer = Mage::getSingleton('customer/session')->getCustomer();
if (!$this->_quote->getCustomerId() && $customer && $customer->getId()) {
$this->_checkout->setCustomer($customer);
}
$rs = $this->_checkout->start();
if (is_string($rs)) {
$this->_redirectUrl($rs);
return;
}
} catch (Exception $e) {
$this->_getCheckoutSession()->addError($e->getMessage());
Ebizmarts_SagePaySuite_Log::we($e);
}
$this->_redirect('checkout/cart', array('_secure' => true));
return;
}
public static function logException(Exception $e)
{
Ebizmarts_SagePaySuite_Log::we($e);
}
private function _cancel($trn)
{
/**
* SecurityKey from the "Admin & Access API"
*/
if (!$trn->getSecurityKey() && strtoupper($trn->getIntegration()) == 'FORM') {
$this->_addSecurityKey($trn);
}
$data = array();
$data['VPSProtocol'] = $trn->getVpsProtocol();
$data['TxType'] = self::REQUEST_TYPE_CANCEL;
$data['ReferrerID'] = $this->getConfigData('referrer_id');
$data['Vendor'] = $trn->getVendorname();
$data['VendorTxCode'] = $trn->getVendorTxCode();
$data['VPSTxId'] = $trn->getVpsTxId();
$data['SecurityKey'] = $trn->getSecurityKey();
$result = $this->requestPost($this->getUrl('cancel', false, $this->_getIntegrationCode($trn->getIntegration()), $trn->getMode()), $data);
if ($result['Status'] != 'OK') {
Ebizmarts_SagePaySuite_Log::w($result['StatusDetail']);
Mage::throwException($result['StatusDetail']);
}
$this->saveAction($trn->getOrderId(), $data, $result);
$trn->setCanceled(1)->save();
}
