function decrypt_dps_response()
{
$PxAccess_Url = get_option('access_url');
$PxAccess_Userid = get_option('access_userid');
$PxAccess_Key = get_option('access_key');
$Mac_Key = get_option('mac_key');
$pxaccess = new PxAccess($PxAccess_Url, $PxAccess_Userid, $PxAccess_Key, $Mac_Key);
$curgateway = get_option('payment_gateway');
$_GET = array();
$params = explode('&', $_SERVER['QUERY_STRING']);
foreach ($params as $pair) {
list($key, $value) = explode('=', $pair);
$_GET[urldecode($key)] = urldecode($value);
}
$enc_hex = $_GET['result'];
if ($enc_hex != null) {
$rsp = $pxaccess->getResponse($enc_hex);
$siteurl = get_option('siteurl');
$total_weight = 0;
if ($rsp->getResponseText() == 'APPROVED') {
$sessionid = $rsp->getMerchantReference();
$purchase_log = new WPSC_Purchase_Log($sessionid, 'sessionid');
if (!$purchase_log->is_transaction_completed()) {
$purchase_log->set('processed', WPSC_Purchase_Log::ACCEPTED_PAYMENT);
$purchase_log->save();
}
}
}
return $sessionid;
}
function decrypt_dps_response()
{
global $wpdb;
$PxAccess_Url = get_option('access_url');
$PxAccess_Userid = get_option('access_userid');
$PxAccess_Key = get_option('access_key');
$Mac_Key = get_option('mac_key');
$pxaccess = new PxAccess($PxAccess_Url, $PxAccess_Userid, $PxAccess_Key, $Mac_Key);
$curgateway = get_option('payment_gateway');
$sessionid = $_GET['sessionid'];
$enc_hex = $_GET["result"];
if ($enc_hex != null) {
$rsp = $pxaccess->getResponse($enc_hex);
$siteurl = get_option('siteurl');
$total_weight = 0;
if ($rsp->ResponseText == 'APPROVED') {
$sessionid = $rsp->MerchantReference;
$processing_stage = $wpdb->get_var("SELECT `processed` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid` = " . $sessionid . " LIMIT 1");
if ($processing_stage < 2) {
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '2' WHERE `sessionid` = " . $sessionid . " LIMIT 1");
}
}
}
return $sessionid;
}
public function VerifyOrderPayment()
{
require_once "lib/pxaccess.php";
$pxaccess = new PxAccess('https://www.paymentexpress.com/pxpay/pxpay.aspx', $this->GetValue('userid'), $this->GetValue('key'), $this->GetValue('mackey'));
$rsp = $pxaccess->getResponse($_REQUEST["result"]);
if ($rsp->getStatusRequired() == "1" || $rsp->getSuccess() != 1) {
$GLOBALS['ISC_CLASS_LOG']->LogSystemError(array('payment', $this->GetName()), GetLang($this->_languagePrefix . 'ErrorInvalid'));
return false;
}
$AmountSettlement = $rsp->getAmountSettlement();
$TxnData1 = $rsp->getTxnData1();
$currencySettlement = $rsp->getCurrencySettlement();
$currency = GetDefaultCurrency();
if ($currencySettlement != $currency['currencycode']) {
$GLOBALS['ISC_CLASS_LOG']->LogSystemError(array('payment', $this->GetName()), GetLang($this->_languagePrefix . 'CurrencyMismatch'), sprintf("Sent %s. Returned %s", $currency['currencycode'], $currencySettlement));
return false;
}
if ($AmountSettlement != $this->GetGatewayAmount()) {
$GLOBALS['ISC_CLASS_LOG']->LogSystemError(array('payment', $this->GetName()), GetLang($this->_languagePrefix . 'PaymentMismatch'), sprintf("Sent %s. Returned %s", $this->GetGatewayAmount(), $AmountSettlement));
return false;
}
if ($TxnData1 != $this->GetCombinedOrderId()) {
$GLOBALS['ISC_CLASS_LOG']->LogSystemError(array('payment', $this->GetName()), GetLang($this->_languagePrefix . 'InvalidOrder'), sprintf("Sent %s. Returned %s", $this->GetCombinedOrderId(), $TxnData1));
return false;
}
$updatedOrder = array('ordpayproviderid' => $rsp->getMerchantTxnId(), 'ordpaymentstatus' => 'captured');
$this->UpdateOrders($updatedOrder);
$GLOBALS['ISC_CLASS_LOG']->LogSystemSuccess(array('payment', $this->GetName()), GetLang($this->_languagePrefix . 'Success'));
$this->SetPaymentStatus(PAYMENT_STATUS_PAID);
return true;
}
if (isset($_REQUEST['result'])) {
require './init_payment.php';
$result = $_REQUEST['result'];
include Registry::get('config.dir.payments') . 'dps_files/pxaccess.inc';
$payment_id = db_get_field("SELECT ?:payments.payment_id FROM ?:payments LEFT JOIN ?:payment_processors ON ?:payment_processors.processor_id = ?:payments.processor_id WHERE ?:payment_processors.processor_script = 'dps_access.php'");
$processor_data = fn_get_payment_method_data($payment_id);
$PxAccess_Url = "https://sec.paymentexpress.com/pxpay/pxpay.aspx";
$PxAccess_Userid = $processor_data["processor_params"]["user_id"];
//Change to your user ID
$PxAccess_Key = $processor_data["processor_params"]["key"];
//Your DES Key from DPS
$Mac_Key = $processor_data["processor_params"]["mac_key"];
//Your MAC key from DPS
$pxaccess = new PxAccess($PxAccess_Url, $PxAccess_Userid, $PxAccess_Key, $Mac_Key);
$enc_hex = $result;
$rsp = $pxaccess->getResponse($enc_hex);
$order_alias = $rsp->getMerchantReference();
$_order_id = !empty($order_alias) ? $order_alias : Tygh::$app['session']['dps_access']['order_id'];
$order_id = strpos($_order_id, '_') ? substr($_order_id, 0, strpos($_order_id, '_')) : $_order_id;
$pp_response = array();
$pp_response['order_status'] = $rsp->getSuccess() == "1" ? 'P' : 'F';
$pp_response['reason_text'] = $rsp->getResponseText();
if ($pp_response['order_status'] == 'P') {
$pp_response['reason_text'] .= "; Auth code: " . $rsp->getAuthCode();
// from bank
}
$pp_response['transaction_id'] = $rsp->getDpsTxnRef();
//This payment send two absolutely identical response, so, to avoid double email notifications we should check session data
if (!isset(Tygh::$app['session']['dps_access']) && fn_check_payment_script('dps_access.php', $order_id)) {
fn_finish_payment($order_id, $pp_response, false);
} else {
/**
* This method is handles the response that will be invoked by the
* notification or request sent by the payment processor.
* hex string from paymentexpress is passed to this function as hex string. Code based on googleIPN
* mac_key is only passed if the processor is pxaccess as it is used for decryption
* $dps_method is either pxaccess or pxpay
*/
public static function main($dps_method, $rawPostData, $dps_url, $dps_user, $dps_key, $mac_key)
{
$config = CRM_Core_Config::singleton();
define('RESPONSE_HANDLER_LOG_FILE', $config->uploadDir . 'CiviCRM.PaymentExpress.log');
//Setup the log file
if (!($message_log = fopen(RESPONSE_HANDLER_LOG_FILE, "a"))) {
error_func("Cannot open " . RESPONSE_HANDLER_LOG_FILE . " file.\n", 0);
exit(1);
}
if ($dps_method == "pxpay") {
$processResponse = CRM_Core_Payment_PaymentExpressUtils::_valueXml(array('PxPayUserId' => $dps_user, 'PxPayKey' => $dps_key, 'Response' => $_GET['result']));
$processResponse = CRM_Core_Payment_PaymentExpressUtils::_valueXml('ProcessResponse', $processResponse);
fwrite($message_log, sprintf("\n\r%s:- %s\n", date("D M j G:i:s T Y"), $processResponse));
// Send the XML-formatted validation request to DPS so that we can receive a decrypted XML response which contains the transaction results
$curl = CRM_Core_Payment_PaymentExpressUtils::_initCURL($processResponse, $dps_url);
fwrite($message_log, sprintf("\n\r%s:- %s\n", date("D M j G:i:s T Y"), $curl));
$success = FALSE;
if ($response = curl_exec($curl)) {
fwrite($message_log, sprintf("\n\r%s:- %s\n", date("D M j G:i:s T Y"), $response));
curl_close($curl);
// Assign the returned XML values to variables
$valid = CRM_Core_Payment_PaymentExpressUtils::_xmlAttribute($response, 'valid');
$success = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, 'Success');
$txnId = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, 'TxnId');
$responseText = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, 'ResponseText');
$authCode = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, 'AuthCode');
$DPStxnRef = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, 'DpsTxnRef');
$qfKey = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, "TxnData1");
$privateData = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, "TxnData2");
list($component, $paymentProcessorID, ) = explode(',', CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, "TxnData3"));
$amount = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, "AmountSettlement");
$merchantReference = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, "MerchantReference");
} else {
// calling DPS failed
CRM_Core_Error::fatal(ts('Unable to establish connection to the payment gateway to verify transaction response.'));
exit;
}
} elseif ($dps_method == "pxaccess") {
require_once 'PaymentExpress/pxaccess.inc.php';
global $pxaccess;
$pxaccess = new PxAccess($dps_url, $dps_user, $dps_key, $mac_key);
#getResponse method in PxAccess object returns PxPayResponse object
#which encapsulates all the response data
$rsp = $pxaccess->getResponse($rawPostData);
$qfKey = $rsp->getTxnData1();
$privateData = $rsp->getTxnData2();
list($component, $paymentProcessorID) = explode(',', $rsp->getTxnData3());
$success = $rsp->getSuccess();
$authCode = $rsp->getAuthCode();
$DPStxnRef = $rsp->getDpsTxnRef();
$amount = $rsp->getAmountSettlement();
$MerchantReference = $rsp->getMerchantReference();
}
$privateData = $privateData ? self::stringToArray($privateData) : '';
// Record the current count in array, before we start adding things (for later checks)
$countPrivateData = count($privateData);
// Private Data consists of : a=contactID, b=contributionID,c=contributionTypeID,d=invoiceID,e=membershipID,f=participantID,g=eventID
$privateData['contactID'] = $privateData['a'];
$privateData['contributionID'] = $privateData['b'];
$privateData['contributionTypeID'] = $privateData['c'];
$privateData['invoiceID'] = $privateData['d'];
if ($component == "event") {
$privateData['participantID'] = $privateData['f'];
$privateData['eventID'] = $privateData['g'];
} elseif ($component == "contribute") {
if ($countPrivateData == 5) {
$privateData["membershipID"] = $privateData['e'];
}
}
$transactionReference = $authCode . "-" . $DPStxnRef;
list($mode, $component, $duplicateTransaction) = self::getContext($privateData, $transactionReference);
$mode = $mode ? 'test' : 'live';
$paymentProcessor = CRM_Financial_BAO_PaymentProcessor::getPayment($paymentProcessorID, $mode);
$ipn = self::singleton($mode, $component, $paymentProcessor);
//Check status and take appropriate action
if ($success == 1) {
if ($duplicateTransaction == 0) {
$ipn->newOrderNotify($success, $privateData, $component, $amount, $transactionReference);
}
if ($component == "event") {
$finalURL = CRM_Utils_System::url('civicrm/event/register', "_qf_ThankYou_display=1&qfKey={$qfKey}", FALSE, NULL, FALSE);
} elseif ($component == "contribute") {
$finalURL = CRM_Utils_System::url('civicrm/contribute/transact', "_qf_ThankYou_display=1&qfKey={$qfKey}", FALSE, NULL, FALSE);
}
CRM_Utils_System::redirect($finalURL);
} else {
if ($component == "event") {
$finalURL = CRM_Utils_System::url('civicrm/event/confirm', "reset=1&cc=fail&participantId={$privateData['participantID']}", FALSE, NULL, FALSE);
} elseif ($component == "contribute") {
$finalURL = CRM_Utils_System::url('civicrm/contribute/transact', "_qf_Main_display=1&cancel=1&qfKey={$qfKey}", FALSE, NULL, FALSE);
}
CRM_Utils_System::redirect($finalURL);
}
}
