Fulfill a queued payment.
public fulfillQueuedPayment ( $request, &$queuedPayment, $payMethodPluginName = null ) : mixed | ||
$request | PKPRequest | |
$queuedPayment | QueuedPayment | |
$payMethodPluginName | string Name of payment plugin. | |
Résultat | mixed | Dependent on payment type. |
/** * Handle incoming requests/notifications * @param $args array * @param $request PKPRequest */ function handle($args, $request) { $templateMgr = TemplateManager::getManager($request); $journal = $request->getJournal(); if (!$journal) { return parent::handle($args, $request); } // Just in case we need to contact someone import('lib.pkp.classes.mail.MailTemplate'); // Prefer technical support contact $contactName = $journal->getSetting('supportName'); $contactEmail = $journal->getSetting('supportEmail'); if (!$contactEmail) { // Fall back on primary contact $contactName = $journal->getSetting('contactName'); $contactEmail = $journal->getSetting('contactEmail'); } $mail = new MailTemplate('PAYPAL_INVESTIGATE_PAYMENT'); $mail->setReplyTo(null); $mail->addRecipient($contactEmail, $contactName); $paymentStatus = $request->getUserVar('payment_status'); switch (array_shift($args)) { case 'ipn': // Build a confirmation transaction. $req = 'cmd=_notify-validate'; if (get_magic_quotes_gpc()) { foreach ($_POST as $key => $value) { $req .= '&' . urlencode(stripslashes($key)) . '=' . urlencode(stripslashes($value)); } } else { foreach ($_POST as $key => $value) { $req .= '&' . urlencode($key) . '=' . urlencode($value); } } // Create POST response $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->getSetting($journal->getId(), 'paypalurl')); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, array('User-Agent: PKP PayPal Service', 'Content-Type: application/x-www-form-urlencoded', 'Content-Length: ' . strlen($req))); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); $ret = curl_exec($ch); $curlError = curl_error($ch); curl_close($ch); // Check the confirmation response and handle as necessary. if (strcmp($ret, 'VERIFIED') == 0) { switch ($paymentStatus) { case 'Completed': $payPalDao = DAORegistry::getDAO('PayPalDAO'); $transactionId = $request->getUserVar('txn_id'); if ($payPalDao->transactionExists($transactionId)) { // A duplicate transaction was received; notify someone. $mail->assignParams(array('journalName' => $journal->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Duplicate transaction ID: {$transactionId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } else { // New transaction succeeded. Record it. $payPalDao->insertTransaction($transactionId, $request->getUserVar('txn_type'), String::strtolower($request->getUserVar('payer_email')), String::strtolower($request->getUserVar('receiver_email')), $request->getUserVar('item_number'), $request->getUserVar('payment_date'), $request->getUserVar('payer_id'), $request->getUserVar('receiver_id')); $queuedPaymentId = $request->getUserVar('custom'); import('classes.payment.ojs.OJSPaymentManager'); $ojsPaymentManager = new OJSPaymentManager($request); // Verify the cost and user details as per PayPal spec. $queuedPayment =& $ojsPaymentManager->getQueuedPayment($queuedPaymentId); if (!$queuedPayment) { // The queued payment entry is missing. Complain. $mail->assignParams(array('journalName' => $journal->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Missing queued payment ID: {$queuedPaymentId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } //NB: if/when paypal subscriptions are enabled, these checks will have to be adjusted // because subscription prices may change over time $queuedAmount = $queuedPayment->getAmount(); $grantedAmount = $request->getUserVar('mc_gross'); $queuedCurrency = $queuedPayment->getCurrencyCode(); $grantedCurrency = $request->getUserVar('mc_currency'); $grantedEmail = String::strtolower($request->getUserVar('receiver_email')); $queuedEmail = String::strtolower($this->getSetting($journal->getId(), 'selleraccount')); if ($queuedAmount != $grantedAmount && $queuedAmount > 0 || $queuedCurrency != $grantedCurrency || $grantedEmail != $queuedEmail) { // The integrity checks for the transaction failed. Complain. $mail->assignParams(array('journalName' => $journal->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Granted amount: {$grantedAmount}\n" . "Queued amount: {$queuedAmount}\n" . "Granted currency: {$grantedCurrency}\n" . "Queued currency: {$queuedCurrency}\n" . "Granted to PayPal account: {$grantedEmail}\n" . "Configured PayPal account: {$queuedEmail}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } // Update queued amount if amount set by user (e.g. donation) if ($queuedAmount == 0 && $grantedAmount > 0) { $queuedPaymentDao = DAORegistry::getDAO('QueuedPaymentDAO'); $queuedPayment->setAmount($grantedAmount); $queuedPayment->setCurrencyCode($grantedCurrency); $queuedPaymentDao->updateQueuedPayment($queuedPaymentId, $queuedPayment); } // Fulfill the queued payment. if ($ojsPaymentManager->fulfillQueuedPayment($request, $queuedPayment, $this->getName())) { exit; } // If we're still here, it means the payment couldn't be fulfilled. $mail->assignParams(array('journalName' => $journal->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Queued payment ID {$queuedPaymentId} could not be fulfilled.", 'serverVars' => print_r($_SERVER, true))); $mail->send(); } exit; case 'Pending': // Ignore. exit; default: // An unhandled payment status was received; notify someone. $mail->assignParams(array('journalName' => $journal->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Payment status: {$paymentStatus}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } } else { // An unknown confirmation response was received; notify someone. $mail->assignParams(array('journalName' => $journal->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Confirmation return: {$ret}\nCURL error: {$curlError}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } case 'cancel': Handler::setupTemplate(); $templateMgr->assign(array('currentUrl' => $request->url(null, 'index'), 'pageTitle' => 'plugins.paymethod.paypal.purchase.cancelled.title', 'message' => 'plugins.paymethod.paypal.purchase.cancelled', 'backLink' => $request->getUserVar('ojsReturnUrl'), 'backLinkLabel' => 'common.continue')); $templateMgr->display('frontend/pages/message.tpl'); exit; } parent::handle($args, $request); // Don't know what to do with it }
/** * Save the metadata and store the catalog data for this published * monograph. */ function execute($request) { parent::execute($request); $submission = $this->getSubmission(); $context = $request->getContext(); $waivePublicationFee = $request->getUserVar('waivePublicationFee') ? true : false; if ($waivePublicationFee) { $markAsPaid = $request->getUserVar('markAsPaid'); import('classes.payment.ojs.OJSPaymentManager'); $paymentManager = new OJSPaymentManager($request); $user = $request->getUser(); // Get a list of author user IDs $authorUserIds = array(); $stageAssignmentDao = DAORegistry::getDAO('StageAssignmentDAO'); $submitterAssignments = $stageAssignmentDao->getBySubmissionAndRoleId($submission->getId(), ROLE_ID_AUTHOR); $submitterAssignment = $submitterAssignments->next(); assert($submitterAssignment); // At least one author should be assigned $queuedPayment =& $paymentManager->createQueuedPayment($context->getId(), PAYMENT_TYPE_PUBLICATION, $markAsPaid ? $submitterAssignment->getUserId() : $user->getId(), $submission->getId(), $markAsPaid ? $context->getSetting('publicationFee') : 0, $markAsPaid ? $context->getSetting('currency') : ''); $paymentManager->queuePayment($queuedPayment); // Since this is a waiver, fulfill the payment immediately $paymentManager->fulfillQueuedPayment($request, $queuedPayment, $markAsPaid ? 'ManualPayment' : 'Waiver'); } else { // Get the issue for publication. $issueDao = DAORegistry::getDAO('IssueDAO'); $issueId = $this->getData('issueId'); $issue = $issueDao->getById($issueId, $context->getId()); $sectionDao = DAORegistry::getDAO('SectionDAO'); $publishedArticleDao = DAORegistry::getDAO('PublishedArticleDAO'); $publishedArticle = $publishedArticleDao->getPublishedArticleByArticleId($submission->getId(), null, false); /* @var $publishedArticle PublishedArticle */ if ($publishedArticle) { if (!$issue || !$issue->getPublished()) { $fromIssue = $issueDao->getById($publishedArticle->getIssueId(), $context->getId()); if ($fromIssue->getPublished()) { // Insert article tombstone import('classes.article.ArticleTombstoneManager'); $articleTombstoneManager = new ArticleTombstoneManager(); $articleTombstoneManager->insertArticleTombstone($submission, $context); } } } import('classes.search.ArticleSearchIndex'); $articleSearchIndex = new ArticleSearchIndex(); // define the access status for the article if none is set. $accessStatus = $this->getData('accessStatus') != '' ? $this->getData('accessStatus') : ARTICLE_ACCESS_ISSUE_DEFAULT; $articleDao = DAORegistry::getDAO('ArticleDAO'); if (!is_null($this->getData('pages'))) { $submission->setPages($this->getData('pages')); } if ($issue) { // Schedule against an issue. if ($publishedArticle) { $publishedArticle->setIssueId($issueId); $publishedArticle->setSequence(REALLY_BIG_NUMBER); $publishedArticle->setDatePublished($this->getData('datePublished')); $publishedArticle->setAccessStatus($accessStatus); $publishedArticleDao->updatePublishedArticle($publishedArticle); // Re-index the published article metadata. $articleSearchIndex->articleMetadataChanged($publishedArticle); } else { $publishedArticle = $publishedArticleDao->newDataObject(); $publishedArticle->setId($submission->getId()); $publishedArticle->setIssueId($issueId); $publishedArticle->setDatePublished(Core::getCurrentDate()); $publishedArticle->setSequence(REALLY_BIG_NUMBER); $publishedArticle->setAccessStatus($accessStatus); $publishedArticleDao->insertObject($publishedArticle); // If we're using custom section ordering, and if this is the first // article published in a section, make sure we enter a custom ordering // for it. (Default at the end of the list.) if ($sectionDao->customSectionOrderingExists($issueId)) { if ($sectionDao->getCustomSectionOrder($issueId, $submission->getSectionId()) === null) { $sectionDao->insertCustomSectionOrder($issueId, $submission->getSectionId(), REALLY_BIG_NUMBER); $sectionDao->resequenceCustomSectionOrders($issueId); } } // Index the published article metadata and files for the first time. $articleSearchIndex->articleMetadataChanged($publishedArticle); $articleSearchIndex->submissionFilesChanged($publishedArticle); } } else { if ($publishedArticle) { // This was published elsewhere; make sure we don't // mess up sequencing information. $issueId = $publishedArticle->getIssueId(); $publishedArticleDao->deletePublishedArticleByArticleId($submission->getId()); // Delete the article from the search index. $articleSearchIndex->submissionFileDeleted($submission->getId()); } } if ($this->getData('attachPermissions')) { $submission->setCopyrightYear($this->getData('copyrightYear')); $submission->setCopyrightHolder($this->getData('copyrightHolder'), null); // Localized $submission->setLicenseURL($this->getData('licenseURL')); } else { $submission->setCopyrightYear(null); $submission->setCopyrightHolder(null, null); $submission->setLicenseURL(null); } // Resequence the articles. $publishedArticleDao->resequencePublishedArticles($submission->getSectionId(), $issueId); $submission->stampStatusModified(); if ($issue && $issue->getPublished()) { $submission->setStatus(STATUS_PUBLISHED); // delete article tombstone $tombstoneDao = DAORegistry::getDAO('DataObjectTombstoneDAO'); $tombstoneDao->deleteByDataObjectId($submission->getId()); } else { $submission->setStatus(STATUS_QUEUED); } $articleDao->updateObject($submission); $articleSearchIndex->articleChangesFinished(); } }
/** * Handle incoming requests/notifications * @param $args array * @param $request PKPRequest */ function handle($args, &$request) { $user =& $request->getUser(); $templateMgr =& TemplateManager::getManager(); $journal =& $request->getJournal(); if (!$journal) { return parent::handle($args, $request); } // Just in case we need to contact someone import('classes.mail.MailTemplate'); // Prefer technical support contact $contactName = $journal->getSetting('supportName'); $contactEmail = $journal->getSetting('supportEmail'); if (!$contactEmail) { // Fall back on primary contact $contactName = $journal->getSetting('contactName'); $contactEmail = $journal->getSetting('contactEmail'); } $mail = new MailTemplate('DPS_INVESTIGATE_PAYMENT'); $mail->setReplyTo(null); $mail->addRecipient($contactEmail, $contactName); $paymentStatus = $request->getUserVar('payment_status'); @session_start(); switch (array_shift($args)) { case 'purchase': error_log("Forming XML for transaction API call"); try { # get access to queuedPayment $orderId = $_SESSION['dps_plugin_payment_id']; import('classes.payment.ojs.OJSPaymentManager'); $ojsPaymentManager = new OJSPaymentManager($request); $queuedPayment =& $ojsPaymentManager->getQueuedPayment($orderId); if (!$queuedPayment) { throw new Exception("OJS: DPS: No order for this transaction or transaction ID lost from session. See DPS statement for OJS order number: TxnData1."); } $amount = sprintf("%01.2f", $queuedPayment->amount); $domDoc = new DOMDocument('1.0', 'UTF-8'); $rootElt = $domDoc->createElement('GenerateRequest'); $rootNode = $domDoc->appendChild($rootElt); $rootNode->appendChild($domDoc->createElement('PxPayUserId', $this->getSetting($journal->getId(), 'dpsuser'))); $rootNode->appendChild($domDoc->createElement('PxPayKey', $this->getSetting($journal->getId(), 'dpskey'))); $rootNode->appendChild($domDoc->createElement('MerchantReference', $this->getSetting($journal->getId(), 'dpsmerchant'))); $rootNode->appendChild($domDoc->createElement('AmountInput', $amount)); $rootNode->appendChild($domDoc->createElement('CurrencyInput', 'NZD')); $rootNode->appendChild($domDoc->createElement('TxnType', 'Purchase')); $rootNode->appendChild($domDoc->createElement('TxnData1', $orderId)); $rootNode->appendChild($domDoc->createElement('TxnData2', $user->getUserName())); $rootNode->appendChild($domDoc->createElement('EmailAddress', $user->getEmail())); $rootNode->appendChild($domDoc->createElement('UrlSuccess', $request->url(null, 'payment', 'plugin', array($this->getName(), 'success')))); $rootNode->appendChild($domDoc->createElement('UrlFail', $request->url(null, 'payment', 'plugin', array($this->getName(), 'failure')))); $xmlRequest = $domDoc->saveXML(); if (!$xmlRequest) { throw new Exception("DPS: Generating XML API call failed ", "119"); } error_log("xmlrequest: " . print_r($xmlRequest, true)); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->getSetting($journal->getId(), 'dpsurl')); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $domDoc->saveXML()); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_CAINFO, $this->getSetting($journal->getId(), 'dpscertpath')); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 10); $result = curl_exec($ch); $curlError = curl_error($ch); $curlErrorNo = curl_errno($ch); curl_close($ch); # check that we got a response if ($result == false) { error_log("DPS error: {$curlError} ({$curlErrorNo})"); throw new Exception("DPS error: {$curlError}", $curlErrorNo); } # make sure response is valid. error_log("Parsing response XML"); libxml_use_internal_errors(true); $rexml = simplexml_load_string($result); error_log("XML response: " . print_r($rexml, true)); if (!$rexml) { error_log("Invalid XML response from DPS"); throw new Exception("Invalid XML response from DPS"); } # check URL exists in response if (!isset($rexml->URI[0])) { throw new Exception("URI not returned: " . $rexml->ResponseText[0]); } $payment_url = (string) $rexml->URI[0]; # redirect to that URL header("Location: {$payment_url}"); exit; } catch (exception $e) { @curl_close($ch); error_log("Fatal error with credit card entry stage: " . $e->getCode() . ": " . $e->getMessage()); # create a notification about this error $params = array('contents' => "Fatal error with DPS response stage: " . $e->getMessage() . ". User:"******". Email:" . $user->getEmail() . "."); if (!$this->sendNotifications($params, $request)) { error_log("Failed to send notifications to journal managers"); } AppLocale::requireComponents(LOCALE_COMPONENT_APPLICATION_COMMON); $templateMgr =& TemplateManager::getManager(); $templateMgr->assign(array('pageTitle' => 'plugins.paymethod.dps.purchase.failure.title', 'detail' => $e->getMessage(), 'backLink' => $request->url(null, 'user', 'subscriptions'))); $templateMgr->display($this->getTemplatePath() . 'failure.tpl'); exit; } break; case 'success': try { error_log("Forming XML ProcessResponse"); $domDoc = new DOMDocument('1.0', 'UTF-8'); $rootElt = $domDoc->createElement('ProcessResponse'); $rootNode = $domDoc->appendChild($rootElt); $rootNode->appendChild($domDoc->createElement('PxPayUserId', $this->getSetting($journal->getId(), 'dpsuser'))); $rootNode->appendChild($domDoc->createElement('PxPayKey', $this->getSetting($journal->getId(), 'dpskey'))); $rootNode->appendChild($domDoc->createElement('Response', $request->getUserVar('result'))); $xmlRequest = $domDoc->saveXML(); if (!$xmlRequest) { throw new Exception("Failed to generate XML transaction response"); } # send confirmation to DPS error_log("Forming curl API request"); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->getSetting($journal->getId(), 'dpsurl')); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $domDoc->saveXML()); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_CAINFO, $this->getSetting($journal->getId(), 'dpscertpath')); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 10); # check response is OK $result = curl_exec($ch); $curlError = curl_error($ch); $curlErrorNo = curl_errno($ch); curl_close($ch); if ($result == false) { error_log("Transaction response call failed: {$curlError} ({$curlErrorNo})"); throw new Exception("Transaction response call failed: {$curlError}", $curlErrorNo); } error_log("Processing response"); libxml_use_internal_errors(true); $rexml = simplexml_load_string($result); # check xml is valid if (!$rexml) { throw new Exception('Response from DPS not valid XML ', '130'); } # check for success value if ($rexml->Success[0] == null) { throw new Exception('Response code not returned by DPS', '130'); } # check for failed transaction $code = (int) $rexml->Success[0]; if ($code != 1) { throw new Exception('Transaction failed: ' . $rexml->ResponseText[0]); } if ($rexml->ResponseText[0] == null) { throw new Exception('OJS: DPS: Response text not returned from transaction confirmation'); } if ($rexml->TxnId[0] == null) { throw new Exception('OJS: DPS: Reference number (txnId) not returned from transaction confirmation'); } if ($rexml->MerchantReference[0] == null) { throw new Exception('OJS: DPS: Merchant reference not returned from transaction confirmation'); } # sanity / double checks # get access to queuedPayment to check that details match $queuedPaymentId = $_SESSION['dps_plugin_payment_id']; import('classes.payment.ojs.OJSPaymentManager'); $ojsPaymentManager = new OJSPaymentManager($request); $queuedPayment =& $ojsPaymentManager->getQueuedPayment($queuedPaymentId); if (!$queuedPayment) { throw new Exception("OJS: DPS: No order for this transaction or transaction ID lost from session. See DPS statement for OJS order number: TxnData1."); } $amount = $queuedPayment->amount; $paidAmount = (string) $rexml->AmountSettlement[0]; $pattern = "/[0-9]+(\\.[0-9]{2})?/"; if ($paidAmount == null) { throw new Exception('Paid amount not returned by DPS', '160'); } if (!preg_match($pattern, $paidAmount)) { # check format whether correct for paid amount, etc: no negative throw new Exception('Paid amount format error: negative? badly formed decimal: ' . $paidAmount, '170'); } # check userid returned by DPS if ($rexml->TxnData2[0] == null) { throw new Exception('Validation failure due to user id is not returned by DPS', '180'); } # check user id and amount match if (number_format($paidAmount, 2, '.', '') != $amount) { throw new Exception('Payment amount mismatch on transaction. Expected: ' . $amount . ' got: ' . $paidAmount); } $userId = (string) $rexml->TxnData2[0]; if ($user->getUserName() != $userId) { throw new Exception('User identity mismatch on transaction. Expected: ' . $user->getUserName() . ' got: ' . $userId); } # clear session vars - avoid replay unset($_SESSION['dps_plugin_payment_id']); # tick off queued payment as paid if (!$ojsPaymentManager->fulfillQueuedPayment($queuedPayment, $this->getName())) { throw new Exception('Could not fulill the queued payment in OJS'); } error_log("All validation tests pass. Transaction is OK."); # show success page with details AppLocale::requireComponents(LOCALE_COMPONENT_PKP_COMMON, LOCALE_COMPONENT_PKP_USER, LOCALE_COMPONENT_APPLICATION_COMMON); $templateMgr->assign(array('pageTitle' => 'plugins.paymethod.dps.purchase.success.title', 'message' => 'plugins.paymethod.dps.purchase.success', 'backLink' => $request->url(null, 'index'), 'backLinkLabel' => 'common.continue')); $templateMgr->display($this->getTemplatePath() . 'success.tpl'); exit; break; } catch (exception $e) { @curl_close($ch); error_log("Fatal error with payment processing stage: " . $e->getCode() . ": " . $e->getMessage()); # make notification $params = array('contents' => "Fatal error with DPS response stage: " . $e->getMessage() . ". User:"******". Email:" . $user->getEmail() . "."); if (!$this->sendNotifications($params, $request)) { error_log("Failed to send notifications to journal managers"); } # render failure page to user AppLocale::requireComponents(LOCALE_COMPONENT_APPLICATION_COMMON); $templateMgr =& TemplateManager::getManager(); $templateMgr->assign(array('pageTitle' => 'plugins.paymethod.dps.purchase.failure.title', 'detail' => $e->getMessage(), 'backLink' => $request->url(null, 'user', 'subscriptions'))); $templateMgr->display($this->getTemplatePath() . 'failure.tpl'); exit; } break; # DPS requested our failure URL - eg user canceled form # DPS requested our failure URL - eg user canceled form case 'failure': AppLocale::requireComponents(LOCALE_COMPONENT_APPLICATION_COMMON); $templateMgr =& TemplateManager::getManager(); $templateMgr->assign(array('pageTitle' => 'plugins.paymethod.dps.purchase.failure.title', 'backLink' => $request->url(null, 'user', 'subscriptions'))); $templateMgr->display($this->getTemplatePath() . 'cancel.tpl'); break; } parent::handle($args, $request); // Don't know what to do with it }
/** * Waive the publication fee. * @param $args array * @param $request PKPRequest */ function waivePublicationFee($args, $request) { $articleId = (int) array_shift($args); $markAsPaid = $request->getUserVar('markAsPaid'); $sendToScheduling = $request->getUserVar('sendToScheduling') ? true : false; $this->validate($articleId, SECTION_EDITOR_ACCESS_EDIT); $journal =& Request::getJournal(); $submission =& $this->submission; import('classes.payment.ojs.OJSPaymentManager'); $paymentManager = new OJSPaymentManager($request); $user =& $request->getUser(); $queuedPayment =& $paymentManager->createQueuedPayment($journal->getId(), PAYMENT_TYPE_PUBLICATION, $markAsPaid ? $submission->getUserId() : $user->getId(), $articleId, $markAsPaid ? $journal->getSetting('publicationFee') : 0, $markAsPaid ? $journal->getSetting('currency') : ''); $queuedPaymentId = $paymentManager->queuePayment($queuedPayment); // Since this is a waiver, fulfill the payment immediately $paymentManager->fulfillQueuedPayment($queuedPayment, $markAsPaid ? 'ManualPayment' : 'Waiver'); if ($sendToScheduling) { $request->redirect(null, null, 'submissionEditing', array($articleId), null, 'scheduling'); } else { $request->redirect(null, null, 'submission', array($articleId)); } }
/** * Handle incoming requests/notifications * @param $args array * @param $request PKPRequest */ function handle($args, &$request) { file_put_contents("outputfile2.txt", file_get_contents("php://input")); $liqPayDao = DAORegistry::getDAO('LiqPayDAO'); // $templateMgr =& TemplateManager::getManager(); $journal =& $request->getJournal(); // $liqPayDao->transactionExists('3333333'); // var_dump( $this->getSetting($journal->getId(), 'liqpaydebug')); // // if ($this->getSetting($journal->getId(), 'liqpaydebug')){ // die('wwww'); // } // die('222ee'); if (!$journal) { return parent::handle($args, $request); } // Just in case we need to contact someone import('classes.mail.MailTemplate'); // Prefer technical support contact $contactName = $journal->getSetting('supportName'); $contactEmail = $journal->getSetting('supportEmail'); if (!$contactEmail) { // Fall back on primary contact $contactName = $journal->getSetting('contactName'); $contactEmail = $journal->getSetting('contactEmail'); } $mail = new MailTemplate('LIQPAY_INVESTIGATE_PAYMENT'); $mail->setReplyTo(null); $mail->addRecipient($contactEmail, $contactName); $liqpay = new LiqPay($this->getSetting($journal->getId(), 'liqpaypubkey'), $this->getSetting($journal->getId(), 'liqpayprivatkey')); switch (array_shift($args)) { case 'notification': // data - результат функции base64_encode( $json_string ) //signature - результат функции base64_encode( sha1( $private_key . $data . $private_key ) ) $sign = base64_encode(sha1($this->getSetting($journal->getId(), 'liqpayprivatkey') . $request->getUserVar('data') . $this->getSetting($journal->getId(), 'liqpayprivatkey'), 1)); $this->log->info('Start transaction ' . $sign); //var_dump($sign, $request->getUserVar('signature'), $_REQUEST); // $params = json_decode (base64_decode($request->getUserVar('data')), true); // var_dump($params); // // die; // Check signature if ((string) $sign == (string) $request->getUserVar('signature')) { $params = json_decode(base64_decode($request->getUserVar('data')), true); $this->log->info('Input parameters ' . var_export($params, true)); // Check transactions exist $transactionId = $params['transaction_id']; $this->log->info('Transaction ID ' . var_export($transactionId, true)); if ($liqPayDao->transactionExists($transactionId . rand(0, 100))) { $this->log->info('Transaction is exists ' . var_export($transactionId, true)); // A duplicate transaction was received; notify someone. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'data' => print_r($params, true), 'additionalInfo' => "Duplicate transaction ID: {$transactionId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } else { $this->log->info('Payment status ' . var_export($params['status'], true)); // New transaction succeeded. Record it. // $liqPayDao->insertTransaction( // $transactionId, // $params['type'], // String::strtolower($params['sender_phone']), // $params['status'], // $params['liqpay_order_id'], // date('Y-m-d H:i:s') // ); //if debug mode turn on the all payments is success if ($this->getSetting($journal->getId(), 'liqpaydebug')) { $params['status'] = 'success'; } switch ($params['status']) { case 'success': $params['description']; preg_match('/\\/(\\d+$)/', $params['description'], $matches); $this->log->info('Input queuedPaymentId ' . var_export($matches[1], true)); $queuedPaymentId = $matches[1]; import('classes.payment.ojs.OJSPaymentManager'); $ojsPaymentManager = new OJSPaymentManager($request); // Verify the cost and user details as per PayPal spec. $queuedPayment = $ojsPaymentManager->getQueuedPayment($queuedPaymentId); if (!$queuedPayment) { $this->log->info('Not found queued payment for ' . var_export($queuedPaymentId, true)); // The queued payment entry is missing. Complain. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Missing queued payment ID: {$queuedPaymentId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } //NB: if/when paypal subscriptions are enabled, these checks will have to be adjusted // because subscription prices may change over time $queuedAmount = $queuedPayment->getAmount(); var_dump($queuedPayment->getCurrencyCode()); die; if ($queuedAmount || ($queuedCurrency = $queuedPayment->getCurrencyCode()) != ($grantedCurrency = $request->getUserVar('mc_currency')) || ($grantedEmail = String::strtolower($request->getUserVar('receiver_email'))) != ($queuedEmail = String::strtolower($this->getSetting($journal->getId(), 'selleraccount')))) { // The integrity checks for the transaction failed. Complain. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Granted amount: {$grantedAmount}\n" . "Queued amount: {$queuedAmount}\n" . "Granted currency: {$grantedCurrency}\n" . "Queued currency: {$queuedCurrency}\n" . "Granted to PayPal account: {$grantedEmail}\n" . "Configured PayPal account: {$queuedEmail}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } // Update queued amount if amount set by user (e.g. donation) if ($queuedAmount == 0 && $grantedAmount > 0) { $queuedPaymentDao =& DAORegistry::getDAO('QueuedPaymentDAO'); $queuedPayment->setAmount($grantedAmount); $queuedPayment->setCurrencyCode($grantedCurrency); $queuedPaymentDao->updateQueuedPayment($queuedPaymentId, $queuedPayment); } // Fulfill the queued payment. if ($ojsPaymentManager->fulfillQueuedPayment($queuedPayment, $this->getName())) { exit; } // If we're still here, it means the payment couldn't be fulfilled. $mail->assignParams(array('journalName' => $journal->getLocalizedTitle(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Queued payment ID {$queuedPaymentId} could not be fulfilled.", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; case 'cancel': AppLocale::requireComponents(LOCALE_COMPONENT_PKP_COMMON, LOCALE_COMPONENT_PKP_USER, LOCALE_COMPONENT_APPLICATION_COMMON); $templateMgr->assign(array('currentUrl' => $request->url(null, 'index'), 'pageTitle' => 'plugins.paymethod.paypal.purchase.cancelled.title', 'message' => 'plugins.paymethod.paypal.purchase.cancelled', 'backLink' => $request->getUserVar('ojsReturnUrl'), 'backLinkLabel' => 'common.continue')); $templateMgr->display('common/message.tpl'); exit; break; } } } } parent::handle($args, $request); // Don't know what to do with it }