public function notifications($param)
{
global $wpdb, $prefix;
$prefix = $wpdb->prefix . 'pwa_';
try {
$uuid = urldecode($param['UUID']);
$timestamp = urldecode($param['Timestamp']);
$Signature = str_replace(' ', '+', urldecode($param['Signature']));
$AWSAccessKeyId = urldecode($param['AWSAccessKeyId']);
$NotificationType = urldecode($param['NotificationType']);
$NotificationData = stripslashes(urldecode($param['NotificationData']));
$wpdb->insert($prefix . 'iopn_records', array('uuid' => $uuid, 'timestamp' => $timestamp, 'notification_type' => $NotificationType));
$iopn_record_id = $wpdb->insert_id;
// Verify that the notification request is valid by verifying the Signature
$concatenate = $uuid . $timestamp;
$pwacheckkout = new Pwacheckout();
$secretKeyID = $pwacheckkout->get_option('secret_key');
$calculator = new SignatureCalculator();
$generatedSignature = $calculator->calculateRFC2104HMAC($concatenate, $secretKeyID);
if ($Signature == $generatedSignature) {
// Verify the Timestamp
//$this->time_difference($timestamp) > 15
if (1) {
if ($NotificationType == 'NewOrderNotification') {
$new_order = new NewOrderNotification();
$new_order->update_order($NotificationData, $iopn_record_id);
}
if ($NotificationType == 'OrderReadyToShipNotification') {
$confirm_order = new OrderReadyToShipNotification();
$confirm_order->update_order_status($NotificationData, $iopn_record_id);
}
if ($NotificationType == 'OrderCancelledNotification') {
$cancel_order = new OrderCancelledNotification();
$cancel_order->cancel_order($NotificationData, $iopn_record_id);
}
} else {
$param['message'] = 'IOPN Notifications : ' . $NotificationType . ' : IOPN function called and with wrong timestamp.';
$this->generate_log($param);
// Respond to the Request
header('HTTP/1.1 403 PERMISSION_DENIED');
}
} else {
$param['message'] = 'IOPN Notifications : ' . $NotificationType . ' : IOPN function called and with wrong signature.';
$this->generate_log($param);
// Respond to the Request
header('HTTP/1.1 403 PERMISSION_DENIED');
}
} catch (Exception $e) {
$param['message'] = 'IOPN Notifications : Caught exception : ' . $e->getMessage() . '.';
$this->generate_log($param);
}
}
public function notifications($param)
{
$prefix = _DB_PREFIX_;
try {
if (isset($param['UUID']) && $param['UUID'] != '') {
$uuid = urldecode($param['UUID']);
} else {
$uuid = '';
}
if (isset($param['Timestamp']) && $param['Timestamp'] != '') {
$timestamp = urldecode($param['Timestamp']);
} else {
$timestamp = '';
}
if (isset($param['Signature']) && $param['Signature'] != '') {
$Signature = str_replace(' ', '+', urldecode($param['Signature']));
} else {
$Signature = '';
}
if (isset($param['AWSAccessKeyId']) && $param['AWSAccessKeyId'] != '') {
$AWSAccessKeyId = urldecode($param['AWSAccessKeyId']);
} else {
$AWSAccessKeyId = '';
}
$NotificationType = urldecode($param['NotificationType']);
$NotificationData = stripslashes(urldecode($param['NotificationData']));
if ($uuid != '') {
$sql = 'INSERT into `' . $prefix . 'pwa_iopn_records` (`uuid`,`timestamp`,`notification_type`) VALUES("' . $uuid . '" , "' . $timestamp . '" , "' . $NotificationType . '") ';
Db::getInstance()->Execute($sql);
$iopn_record_id = Db::getInstance()->Insert_ID();
}
// Verify that the notification request is valid by verifying the Signature
$concatenate = $uuid . $timestamp;
$secretKeyID = Configuration::get('PWAPRESTA_PWAPRESTA_SECRET_KEY');
$calculator = new SignatureCalculator();
$generatedSignature = $calculator->calculateRFC2104HMAC($concatenate, $secretKeyID);
if ($Signature != '' && $Signature == $generatedSignature || $Signature == '') {
// Verify the Timestamp
//$this->time_difference($timestamp) > 15
if (1) {
if ($NotificationType == 'NewOrderNotification') {
$new_order = new NewOrderNotification();
$new_order->update_order($NotificationData, $iopn_record_id);
}
if ($NotificationType == 'OrderReadyToShipNotification') {
if ($Signature == '') {
$xml = simplexml_load_string($NotificationData);
$AmazonOrderID = (string) $xml->ProcessedOrder->AmazonOrderID;
$obj = new Pwapresta();
if ($obj->pwa_order_exist($AmazonOrderID)) {
$confirm_order = new OrderReadyToShipNotification();
$confirm_order->update_order_status($NotificationData, $iopn_record_id);
header('HTTP/1.1 200 OK');
} else {
echo 'Sorry! it seems that this order is a fake order.';
}
} else {
$confirm_order = new OrderReadyToShipNotification();
$confirm_order->update_order_status($NotificationData, $iopn_record_id);
header('HTTP/1.1 200 OK');
}
}
if ($NotificationType == 'OrderCancelledNotification') {
$cancel_order = new OrderCancelledNotification();
$cancel_order->cancel_order($NotificationData, $iopn_record_id);
header('HTTP/1.1 200 OK');
}
} else {
$param['message'] = 'IOPN Notifications : ' . $NotificationType . ' : IOPN function called and with wrong timestamp.';
$obj = new Pwapresta();
$obj->generate_log($param);
// Respond to the Request
header('HTTP/1.1 403 PERMISSION_DENIED');
}
} else {
$param['message'] = 'IOPN Notifications : ' . $NotificationType . ' : IOPN function called and with wrong signature.';
$obj = new Pwapresta();
$obj->generate_log($param);
// Respond to the Request
header('HTTP/1.1 403 PERMISSION_DENIED');
}
} catch (Exception $e) {
$param['message'] = 'IOPN Notifications : Caught exception : ' . $e->getMessage() . '.';
$obj = new Pwapresta();
$obj->generate_log($param);
}
}