/**
* Retrieve fraud score (3rd man) for transactions that do not have score.
* @param $cron Cron object
* @return Ebizmarts_SagePayReporting_Model_Cron
*/
public function getThirdmanScores($cron)
{
$logPrefix = "[CRON] ";
Sage_Log::log($logPrefix . "Starting fraud checks... ", null, 'SagePaySuite_Thirdman.log');
$fraudTblName = Mage::getSingleton('core/resource')->getTableName('sagepayreporting_fraud');
$transactions = Mage::getResourceModel('sagepaysuite2/sagepaysuite_transaction_collection');
$transactions->addFieldToSelect(array('order_id', 'vendor_tx_code', 'vps_tx_id'));
$transactions->getSelect()->where("`main_table`.`order_id` IS NOT NULL AND (`main_table`.`order_id` NOT IN (SELECT `order_id` FROM " . $fraudTblName . "))")->order("main_table.created_at DESC")->limit(15);
$now = strtotime("now");
foreach ($transactions as $_trn) {
$update = $_trn->updateFromApi();
if (!$update->getFraud()) {
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": NO RESULT", null, 'SagePaySuite_Thirdman.log');
continue;
}
try {
$rs = $update->getFraud();
$noresult = (string) $rs->getThirdmanAction() == 'NORESULT';
$orderPlusOneDay = strtotime("+1 day", strtotime($_trn->getCreatedAt()));
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": " . (string) $rs->getThirdmanAction(), null, 'SagePaySuite_Thirdman.log');
} catch (Exception $e) {
Sage_Log::logException($e);
}
}
}
public function send()
{
try {
$data = $this->grabData();
$url = 'https://ebizmarts.com/sagepaysuite_tracker.php';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($data));
$sslversion = Mage::getStoreConfig('payment/sagepaysuite/curl_ssl_version');
curl_setopt($curl, CURLOPT_SSLVERSION, $sslversion);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 4);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
if (Mage::getStoreConfigFlag('payment/sagepaysuite/curl_proxy') == 1) {
curl_setopt($curl, CURLOPT_PROXY, Mage::getStoreConfig('payment/sagepaysuite/curl_proxy_port'));
}
$response = curl_exec($curl);
if (!curl_error($curl)) {
return TRUE;
}
return FALSE;
} catch (Exception $e) {
Sage_Log::logException($e);
return FALSE;
}
}
public function getThirdmanScores($cron)
{
$tblName = Mage::getSingleton('core/resource')->getTableName('sagepayreporting_fraud');
$sagepayOrders = Mage::getResourceModel('sales/order_grid_collection');
$sagepayOrders->getSelect()->joinLeft(array('pmnt' => $sagepayOrders->getTable('sales/order_payment')), 'main_table.entity_id = pmnt.parent_id', array())->joinLeft(array('sls' => $sagepayOrders->getTable('sales/order')), 'main_table.entity_id = sls.entity_id', array())->where("(pmnt.method = 'sagepaydirectpro' OR pmnt.method = 'sagepayserver' OR pmnt.method = 'sagepayserver_moto' OR pmnt.method = 'sagepaydirectpro_moto' OR pmnt.method = 'sagepayform' OR pmnt.method = 'sagepaypaypal') AND (main_table.entity_id NOT IN (SELECT order_id FROM " . $tblName . "))")->limit(10);
foreach ($sagepayOrders as $_order) {
$_order = Mage::getModel('sales/order')->load($_order->getId());
$rs = Mage::getModel('sagepayreporting/sagepayreporting')->getTransactionDetails($_order->getSagepayInfo()->getVendorTxCode());
if (!is_object($rs) or $rs->getError()) {
continue;
}
try {
/**
* Automatic fulfill
*/
if ((int) $rs->getT3mscore() && (string) $rs->getT3maction() != 'NORESULT') {
# Update Thirdman score on DB
Mage::getModel('sagepayreporting/fraud')->updateThirdMan($_order->getId(), $rs);
$dbtrn = Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->loadByVendorTxCode($_order->getSagepayInfo()->getVendorTxCode());
$canAuthorise = $dbtrn->getTxType() == 'AUTHENTICATE' && !$dbtrn->getAuthorised();
$canRelease = $dbtrn->getTxType() == 'DEFERRED' && !$dbtrn->getReleased();
$rank = $this->_getCanRank() && $this->_getRank() <= (int) $rs->getT3mscore();
if (($canAuthorise || $canRelease) && $rank) {
Mage::getModel('sagepaysuite/api_payment')->invoiceOrder($_order->getId(), Mage_Sales_Model_Order_Invoice::CAPTURE_ONLINE);
}
}
/**
* Automatic fulfill
*/
} catch (Exception $e) {
Sage_Log::logException($e);
}
}
}
protected function _getServiceCount()
{
$count = '?';
try {
$r = Mage::getModel('sagepayreporting/sagepayreporting')->getTokenCount();
$count = (int) $r->totalnumber;
} catch (Exception $e) {
Sage_Log::logException($e);
}
return $count;
}
/**
* Retrieve fraud score (3rd man) for transactions that do not have score.
* @param $cron Cron object
* @return Ebizmarts_SagePayReporting_Model_Cron
*/
public function getThirdmanScores($cron)
{
$logPrefix = "[CRON] ";
//Sage_Log::log($logPrefix . "Starting fraud checks... ", null, 'SagePaySuite_Thirdman.log');
$fraudTblName = Mage::getSingleton('core/resource')->getTableName('sagepayreporting_fraud');
$transactions = Mage::getResourceModel('sagepaysuite2/sagepaysuite_transaction_collection');
$transactions->addFieldToSelect(array('order_id', 'vendor_tx_code', 'vps_tx_id', 'tx_type'));
$transactions->getSelect()->where("`main_table`.`order_id` IS NOT NULL AND (`main_table`.`order_id` NOT IN (SELECT `order_id` FROM " . $fraudTblName . "))")->order("main_table.created_at DESC")->limit(20);
$now = strtotime("now");
foreach ($transactions as $_trn) {
$update = $_trn->updateFromApi();
if (!$update->getFraud()) {
//Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": NO RESULT", null, 'SagePaySuite_Thirdman.log');
continue;
}
try {
$rs = $update->getFraud();
$noresult = (string) $rs->getThirdmanAction() == 'NORESULT';
$orderPlusOneDay = strtotime("+1 day", strtotime($_trn->getCreatedAt()));
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": " . (string) $rs->getThirdmanAction(), null, 'SagePaySuite_Thirdman.log');
if (!$noresult || $now > $orderPlusOneDay) {
/**
* Automatic fulfill
*/
$canAuthorise = $_trn->getTxType() == 'AUTHENTICATE' && !$_trn->getAuthorised();
$canRelease = $_trn->getTxType() == 'DEFERRED' && !$_trn->getReleased();
if (($canAuthorise || $canRelease) && $noresult && $now > $orderPlusOneDay) {
Sage_Log::log($logPrefix . "Auto invoicing (FORCED) for " . $_trn->getVendorTxCode(), null, 'SagePaySuite_Thirdman.log');
Mage::getModel('sagepaysuite/api_payment')->invoiceOrder($_trn->getOrderId(), Mage_Sales_Model_Order_Invoice::CAPTURE_ONLINE);
} else {
$rank = $this->_getCanRank() && $this->_getRank() >= (int) $rs->getThirdmanScore();
if (($canAuthorise || $canRelease) && $rank) {
Sage_Log::log($logPrefix . "Auto invoicing for " . $_trn->getVendorTxCode(), null, 'SagePaySuite_Thirdman.log');
Mage::getModel('sagepaysuite/api_payment')->invoiceOrder($_trn->getOrderId(), Mage_Sales_Model_Order_Invoice::CAPTURE_ONLINE);
} else {
if ($this->_getRank() < (int) $rs->getThirdmanScore()) {
Sage_Log::log($logPrefix . "No rank for " . $_trn->getVendorTxCode() . ": " . (int) $rs->getThirdmanScore(), null, 'SagePaySuite_Thirdman.log');
} elseif (!$canAuthorise && !$canRelease) {
Sage_Log::log($logPrefix . "Can not authorize nor release " . $_trn->getVendorTxCode(), null, 'SagePaySuite_Thirdman.log');
}
}
}
}
} catch (Exception $e) {
Sage_Log::logException($e);
}
}
}
public function invoiceAction()
{
$orderIds = array();
if ($this->getRequest()->isPost()) {
$orderIds = $this->getRequest()->getPost('order_ids', array());
} else {
$orderIds[] = $this->getRequest()->getParam('order_id');
}
if (count($orderIds)) {
#Mass action
foreach ($orderIds as $orderId) {
try {
$rs = $this->getPersistentFraud()->invoice($orderId);
$this->_getSession()->addSuccess($this->__('Invoiced: Order Id #%s', $orderId));
} catch (Exception $e) {
Sage_Log::logException($e);
$this->_getSession()->addError($this->__('Cannot invoice order #%s. Reason: "%s"', $orderId, $e->getMessage()));
}
}
}
$this->_redirectReferer();
return;
}
public function send()
{
try {
$data = $this->grabData();
$url = 'http://ebizmarts.com/sagepaysuite_tracker.php';
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($data));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 4);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
$response = curl_exec($curl);
if (!curl_error($curl)) {
return TRUE;
}
return FALSE;
} catch (Exception $e) {
Sage_Log::logException($e);
return FALSE;
}
}
protected function _toHtml()
{
try {
$vendorTxCode = $this->getRequest()->getParam('txc');
$transaction = Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->loadByVendorTxCode($vendorTxCode);
$form = new Varien_Data_Form();
$form->setAction($transaction->getAcsurl())->setId('sagepaydirectpro_3dsecure')->setName('sagepaydirectpro_3dsecure')->setMethod('POST')->setUseContainer(true);
$form->addField('PaReq', 'hidden', array('name' => 'PaReq', 'value' => $transaction->getPareq()));
$form->addField('MD', 'hidden', array('name' => 'MD', 'value' => $transaction->getMd()));
$params = array('_secure' => true, 'storeid' => Mage::app()->getStore()->getId(), 'v' => $vendorTxCode);
$postUrl = Mage::getModel('core/url')->addSessionParam()->getUrl('sgps/directPayment/callback3d', $params);
$form->addField('TermUrl', 'hidden', array('name' => 'TermUrl', 'value' => $postUrl));
$html = '<html><body>';
$html .= '<code>' . $this->__('Loading 3D secure form...') . '</code>';
$html .= $form->toHtml();
$html .= '<script type="text/javascript">document.getElementById("sagepaydirectpro_3dsecure").submit();</script>';
$html .= '</body></html>';
Sage_Log::log($vendorTxCode, null, 'SagePaySuite_REQUEST.log');
Sage_Log::log($html, null, 'SagePaySuite_REQUEST.log');
} catch (Exception $e) {
Sage_Log::logException($e);
}
return $html;
}
public function abortPayment($trn)
{
/**
* SecurityKey from the "Admin & Access API"
*/
if (!$trn->getSecurityKey() && strtoupper($trn->getIntegration()) == 'FORM') {
$this->_addSecurityKey($trn);
}
$data = array();
$data['VPSProtocol'] = $trn->getVpsProtocol();
$data['TxType'] = self::REQUEST_TYPE_ABORT;
$data['ReferrerID'] = $this->getConfigData('referrer_id');
$data['Vendor'] = $trn->getVendorname();
$data['VendorTxCode'] = $trn->getVendorTxCode();
$data['VPSTxId'] = $trn->getVpsTxId();
$data['SecurityKey'] = $trn->getSecurityKey();
$data['TxAuthNo'] = $trn->getTxAuthNo();
try {
$result = $this->requestPost($this->getUrl('abort', false, $this->_getIntegrationCode($trn->getIntegration()), $trn->getMode()), $data);
} catch (Exception $e) {
Sage_Log::logException($e);
Mage::throwException($this->_getHelper()->__('Transaction could not be aborted at SagePay. You may want to delete it from the local database and check the transaction at the SagePay admin panel.'));
}
if ($result['Status'] != 'OK') {
$statusDetail = $result['StatusDetail'];
Sage_Log::log($statusDetail);
//For expired DEFERRED transactions
if (1 === preg_match('/^4039/i', $statusDetail) || 1 === preg_match('/^4028/i', $statusDetail)) {
$this->_getAdminSession()->addError("Order canceled but an error occurred at SagePay: " . $statusDetail);
} else {
Mage::throwException(Mage::helper('sagepaysuite')->__($statusDetail));
}
} else {
$this->saveAction($trn->getOrderId(), $data, $result);
$trn->setAborted(1)->save();
}
}
protected function _oscSuscribeNewsletter($customerEmail)
{
try {
$model = Mage::getModel('newsletter/subscriber');
$result = $model->loadByEmail($customerEmail);
if ($result->getId() === NULL) {
// Not subscribed, OK to subscribe
Mage::getModel('newsletter/subscriber')->subscribe($customerEmail);
}
} catch (Exception $e) {
Sage_Log::logException($e);
}
}
public function sendPaymentFailedEmail($observer)
{
//Check if enabled in config.
if (0 === (int) Mage::getStoreConfig('payment/sagepaysuite/send_payment_failed_emails')) {
return $this;
}
$quote = $observer->getEvent()->getQuote();
$message = $observer->getEvent()->getMessage();
try {
Mage::helper('sagepaysuite/checkout')->sendPaymentFailedEmail($quote, $message);
} catch (Exception $ex) {
Sage_Log::logException($ex);
}
return $this;
}
public function callback3dAction()
{
$vendorTxCode = $this->getRequest()->getParam('v');
$transaction = Mage::getModel('sagepaysuite2/sagepaysuite_transaction')->loadByVendorTxCode($vendorTxCode);
$emede = $transaction->getMd();
$pares = $this->getRequest()->getPost('PaRes');
$transaction->setPares($pares)->save();
header('Content-type: text/html; charset=utf-8');
$image = Mage::helper('sagepaysuite')->getIndicator();
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"><html><head></head><body>
<div style="background-image:url(' . $image . '); background-position: center center;background-repeat: no-repeat;height: 400px;"> </div>';
echo $this->__('<small>%s</small>', "Processing order, please stand by... ");
$error = false;
$quote = Mage::getSingleton('checkout/type_onepage')->getQuote();
try {
//Check cart health on callback.
if (1 === (int) Mage::getStoreConfig('payment/sagepaysuite/verify_cart_consistency')) {
if (Mage::helper('sagepaysuite/checkout')->cartExpire($quote)) {
Sage_Log::log("Transaction " . $transaction->getVendorTxCode() . " not completed, cart was modified while customer on 3D payment pages.", Zend_Log::CRIT, 'SagePaySuite_REQUEST.log');
Mage::throwException($this->__('Your order could not be completed, please try again. Thanks.'));
}
}
//Check cart health on callback.
if ($pares && $emede) {
Mage::getModel('sagepaysuite/sagePayDirectPro')->saveOrderAfter3dSecure($pares, $emede);
echo $this->__('<small>%s</small>', "Done. Redirecting...");
} else {
Mage::dispatchEvent('sagepay_payment_failed', array('quote' => $quote, 'message' => $this->__("3D callback error.")));
Mage::throwException($this->__("Invalid request. PARes and MD are empty."));
}
} catch (Exception $e) {
Mage::getSingleton('sagepaysuite/session')->setAcsurl(null)->setPareq(null)->setSageOrderId(null)->setSecure3d(null)->setEmede(null)->setPares(null)->setMd(null);
Sage_Log::logException($e);
Mage::dispatchEvent('sagepay_payment_failed', array('quote' => $quote, 'message' => $e->getMessage()));
$error = true;
$message = $e->getMessage();
$layout = Mage::getModel('sagepaysuite/sagePayDirectPro')->getConfigData('threed_layout');
if ($layout == 'redirect') {
Mage::getSingleton('checkout/session')->addError($message);
echo '<script type="text/javascript">window.location.href="' . Mage::getUrl('checkout/cart') . '"</script>';
} else {
echo '<script type="text/javascript">
if((typeof window.parent.restoreOscLoad) != "undefined"){
window.parent.restoreOscLoad();
window.parent.notifyThreedError("' . $message . '");
}
else {
alert("' . $message . '");
}
</script>';
}
echo '</body></html>';
}
if (!$error) {
Mage::getSingleton('checkout/type_onepage')->getQuote()->save();
$successUrl = Mage::getUrl('checkout/onepage/success', array('_secure' => true));
echo '<script type="text/javascript">
(parent.location == window.location)? window.location.href="' . $successUrl . '" : window.parent.setLocation("' . $successUrl . '");
</script>
</body></html>';
}
}
protected function _postRequest(Varien_Object $request, $callback3D = false)
{
$result = Mage::getModel('sagepaysuite/sagepaysuite_result');
$mode = $request->getMode() ? $request->getMode() : null;
$uri = $this->getUrl('post', $callback3D, null, $mode);
$requestData = $request->getData();
try {
$response = $this->requestPost($uri, $request->getData());
} catch (Exception $e) {
$result->setResponseCode(-1)->setResponseReasonCode($e->getCode())->setResponseReasonText($e->getMessage());
Mage::throwException($this->_SageHelper()->__('Gateway request error: %s', $e->getMessage()));
}
$r = $response;
$result->setRequest($request);
try {
if (empty($r) or !isset($r['Status'])) {
$msg = $this->_SageHelper()->__('Sage Pay is not available at this time. Please try again later.');
Sage_Log::log($msg, 1);
$result->setResponseStatus('ERROR')->setResponseStatusDetail($msg);
return $result;
}
if (isset($r['VPSTxId'])) {
$result->setVpsTxId($r['VPSTxId']);
}
if (isset($r['SecurityKey'])) {
$result->setSecurityKey($r['SecurityKey']);
}
switch ($r['Status']) {
case 'FAIL':
$params['order'] = Mage::getSingleton('checkout/session')->getQuote()->getReservedOrderId();
$params['error'] = Mage::helper('sagepaysuite')->__($r['StatusDetail']);
//$rc = $this->sendNotificationEmail('', '', $params);
$result->setResponseStatus($r['Status'])->setResponseStatusDetail(Mage::helper('sagepaysuite')->__($r['StatusDetail']))->setVPSTxID(1)->setSecurityKey(1)->setTxAuthNo(1)->setAVSCV2(1)->setAddressResult(1)->setPostCodeResult(1)->setCV2Result(1)->setTrnSecuritykey(1);
return $result;
break;
case 'FAIL_NOMAIL':
Mage::throwException($this->_SageHelper()->__($r['StatusDetail']));
break;
case parent::RESPONSE_CODE_INVALID:
Mage::throwException($this->_SageHelper()->__('INVALID. %s', Mage::helper('sagepaysuite')->__($r['StatusDetail'])));
break;
case parent::RESPONSE_CODE_MALFORMED:
Mage::throwException($this->_SageHelper()->__('MALFORMED. %s', Mage::helper('sagepaysuite')->__($r['StatusDetail'])));
break;
case parent::RESPONSE_CODE_ERROR:
Mage::throwException($this->_SageHelper()->__('ERROR. %s', Mage::helper('sagepaysuite')->__($r['StatusDetail'])));
break;
case parent::RESPONSE_CODE_REJECTED:
Mage::throwException($this->_SageHelper()->__('REJECTED. %s', Mage::helper('sagepaysuite')->__($r['StatusDetail'])));
break;
case parent::RESPONSE_CODE_3DAUTH:
$result->setResponseStatus($r['Status'])->setResponseStatusDetail(isset($r['StatusDetail']) ? $r['StatusDetail'] : '')->set3DSecureStatus($r['3DSecureStatus'])->setMD($r['MD'])->setACSURL($r['ACSURL'])->setPAReq($r['PAReq']);
break;
case parent::RESPONSE_CODE_PAYPAL_REDIRECT:
$result->setResponseStatus($r['Status'])->setResponseStatusDetail($r['StatusDetail'])->setVpsTxId($r['VPSTxId'])->setPayPalRedirectUrl($r['PayPalRedirectURL']);
break;
default:
$result->setResponseStatus($r['Status'])->setResponseStatusDetail($r['StatusDetail'])->setVpsTxId($r['VPSTxId'])->setSecurityKey($r['SecurityKey'])->setTrnSecuritykey($r['SecurityKey']);
if (isset($r['3DSecureStatus'])) {
$result->set3DSecureStatus($r['3DSecureStatus']);
}
if (isset($r['CAVV'])) {
$result->setCAVV($r['CAVV']);
}
if (isset($r['TxAuthNo'])) {
$result->setTxAuthNo($r['TxAuthNo']);
}
if (isset($r['AVSCV2'])) {
$result->setAvscv2($r['AVSCV2']);
}
if (isset($r['PostCodeResult'])) {
$result->setPostCodeResult($r['PostCodeResult']);
}
if (isset($r['CV2Result'])) {
$result->setCv2result($r['CV2Result']);
}
if (isset($r['AddressResult'])) {
$result->setAddressResult($r['AddressResult']);
}
$result->addData($r);
//Saving TOKEN.
if (!$callback3D && $result->getData('Token')) {
$tokenData = array('Token' => $result->getData('Token'), 'Status' => $result->getData('Status'), 'Vendor' => $request->getData('Vendor'), 'CardType' => $request->getData('CardType'), 'ExpiryDate' => $request->getData('ExpiryDate'), 'StatusDetail' => $result->getData('StatusDetail'), 'Protocol' => 'direct', 'CardNumber' => $request->getData('CardNumber'), 'Nickname' => $request->getData('Nickname'));
Mage::getModel('sagepaysuite/sagePayToken')->persistCard($tokenData);
}
break;
}
} catch (Exception $e) {
Sage_Log::logException($e);
$result->setResponseStatus('ERROR')->setResponseStatusDetail(Mage::helper('sagepaysuite')->__($e->getMessage()));
return $result;
}
return $result;
}
public function massThirdmanCheckAction()
{
$logPrefix = "[MANUAL] ";
//Sage_Log::log($logPrefix . "Starting fraud checks... ", null, 'SagePaySuite_Thirdman.log');
$fraudTblName = Mage::getSingleton('core/resource')->getTableName('sagepayreporting_fraud');
$transactions = Mage::getResourceModel('sagepaysuite2/sagepaysuite_transaction_collection');
$transactions->addFieldToSelect(array('order_id', 'vendor_tx_code', 'vps_tx_id', 'tx_type'));
$transactions->getSelect()->where("`main_table`.`order_id` IS NOT NULL AND (`main_table`.`order_id` NOT IN (SELECT `order_id` FROM " . $fraudTblName . "))")->order("main_table.created_at DESC")->limit(15);
$transactionsChecked = array();
$transactionsNOTChecked = array();
$transactionsAutoInvoiced = array();
foreach ($transactions as $_trn) {
$update = $_trn->updateFromApi();
if (!$update->getFraud()) {
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": UNABLE TO GET FRAUD SCORE", null, 'SagePaySuite_Thirdman.log');
$transactionsNOTChecked[] = $_trn->getVendorTxCode();
continue;
}
try {
$rs = $update->getFraud();
$noresult = (string) $rs->getThirdmanAction() == 'NORESULT';
$transactionsChecked[] = $_trn->getVendorTxCode();
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": " . (string) $rs->getThirdmanAction(), null, 'SagePaySuite_Thirdman.log');
if (!$noresult) {
//Automatic fulfill
$canAuthorise = $_trn->getTxType() == 'AUTHENTICATE' && !$_trn->getAuthorised();
$canRelease = $_trn->getTxType() == 'DEFERRED' && !$_trn->getReleased();
$canRank = Mage::getStoreConfigFlag('payment/sagepaysuite/auto_fulfill_low_risk_trn');
$configRank = (int) Mage::getStoreConfig('payment/sagepaysuite/auto_fulfill_low_risk_trn_value');
$rank = $canRank && $configRank >= (int) $rs->getThirdmanScore();
if (($canAuthorise || $canRelease) && $rank) {
Sage_Log::log($logPrefix . "Auto invoicing for " . $_trn->getVendorTxCode(), null, 'SagePaySuite_Thirdman.log');
$transactionsAutoInvoiced[] = $_trn->getVendorTxCode();
Mage::getModel('sagepaysuite/api_payment')->invoiceOrder($_trn->getOrderId(), Mage_Sales_Model_Order_Invoice::CAPTURE_ONLINE);
} else {
}
}
} catch (Exception $e) {
Sage_Log::logException($e);
}
}
//user messages
if (count($transactionsChecked) > 0) {
$msg = "Transactions successfully checked: ";
for ($i = 0; $i < count($transactionsChecked); $i++) {
$msg .= $i > 0 ? " " : "";
$msg .= $transactionsChecked[$i];
}
Mage::getSingleton('adminhtml/session')->addSuccess($msg);
}
if (count($transactionsNOTChecked) > 0) {
$msg = "An error occurred while checking some transactions: ";
for ($i = 0; $i < count($transactionsNOTChecked); $i++) {
$msg .= $i > 0 ? " " : "";
$msg .= $transactionsNOTChecked[$i];
}
Mage::getSingleton('adminhtml/session')->addError($msg);
}
if (count($transactionsAutoInvoiced) > 0) {
$msg = "Transactions successfully auto-invoiced: ";
for ($i = 0; $i < count($transactionsAutoInvoiced); $i++) {
$msg .= $i > 0 ? " " : "";
$msg .= $transactionsAutoInvoiced[$i];
}
Mage::getSingleton('adminhtml/session')->addSuccess($msg);
}
$this->_redirect('adminhtml/sagepayreporting_fraud');
}
public function callback3dAction()
{
header('Content-type: text/html');
$image = Mage::helper('sagepaysuite')->getIndicator();
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"><html><head></head><body>
<div style="background-image:url(' . $image . '); background-position: center center;background-repeat: no-repeat;height: 400px;"> </div>';
$error = false;
try {
Mage::getModel('sagepaysuite/sagePayDirectPro')->saveOrderAfter3dSecure($this->getRequest()->getPost('PaRes'), Mage::getSingleton('sagepaysuite/session')->getEmede());
} catch (Exception $e) {
/*try{
//VOID transaction if there was a problem
$vendorTxCode = Mage::getSingleton('sagepaysuite/session')->getLastVendorTxCode();
Mage::helper('sagepaysuite')->voidTransaction($vendorTxCode, 'sagepaydirectpro');
}catch(Exception $ex){
}*/
Mage::getSingleton('sagepaysuite/session')->setAcsurl(null)->setPareq(null)->setSageOrderId(null)->setSecure3d(null)->setEmede(null)->setPares(null)->setMd(null);
Sage_Log::logException($e);
$error = true;
$message = $e->getMessage();
echo '<script type="text/javascript">window.parent.notifyThreedError("' . $message . '");</script></body>
</html>';
die;
}
if (!$error) {
/**
* set the quote as inactive after back from paypal
*/
Mage::getSingleton('checkout/session')->getQuote()->setIsActive(false)->save();
/**
* send confirmation email to customer
*/
$order = Mage::getModel('sales/order');
$order->load(Mage::getSingleton('checkout/session')->getLastOrderId());
if ($order->getId() && Mage::helper('sagepaysuite')->isLocalhost() === false) {
$order->sendNewOrderEmail();
}
$this->getResponse()->setBody('<script type="text/javascript">window.parent.location.href="' . Mage::getUrl('checkout/onepage/success', array('_secure' => true)) . '";</script></body></html>');
}
}
public function successAction()
{
$_r = $this->getRequest();
Sage_Log::log($_r->getPost(), null, 'SagePaySuite_FORM_Callback.log');
if ($_r->getParam('crypt') && $_r->getParam('vtxc')) {
$strDecoded = $this->getFormModel()->decrypt($_r->getParam('crypt'));
$token = Mage::helper('sagepaysuite/form')->getToken($strDecoded);
Sage_Log::log($token, null, 'SagePaySuite_FORM_Callback.log');
$db = Mage::helper('sagepaysuite')->arrayKeysToUnderscore($token);
# Add data to DB transaction
$trn = $this->_getTransaction()->loadByVendorTxCode($_r->getParam('vtxc'));
$trn->addData($db);
if (isset($db['post_code_result'])) {
$trn->setPostcodeResult($db['post_code_result']);
}
if (isset($db['cv2_result'])) {
$trn->setCv2result($db['cv2_result']);
}
if (isset($db['3_d_secure_status'])) {
$trn->setThreedSecureStatus($db['3_d_secure_status']);
}
if (isset($db['last4_digits'])) {
$trn->setLastFourDigits($db['last4_digits']);
}
if (isset($db['gift_aid'])) {
$trn->setGiftAid($db['gift_aid']);
}
if (isset($db['fraud_response'])) {
$trn->setRedFraudResponse($db['fraud_response']);
}
$trn->save();
//Check cart health on callback.
if (1 === (int) Mage::getStoreConfig('payment/sagepaysuite/verify_cart_consistency')) {
if (Mage::helper('sagepaysuite/checkout')->cartExpire($this->getOnepage()->getQuote())) {
try {
Mage::helper('sagepaysuite')->voidTransaction($trn->getVendorTxCode(), 'sagepayform');
Sage_Log::log("Transaction " . $trn->getVendorTxCode() . " cancelled, cart was modified while customer on payment pages.", Zend_Log::CRIT, 'SagePaySuite_FORM_Callback.log');
Mage::getSingleton('checkout/session')->addError($this->__('Your order could not be completed, please try again. Thanks.'));
} catch (Exception $ex) {
Sage_Log::log("Transaction " . $trn->getVendorTxCode() . " could not be cancelled and order was not created, cart was modified while customer on payment pages.", Zend_Log::CRIT, 'SagePaySuite_FORM_Callback.log');
Mage::getSingleton('checkout/session')->addError($this->__('Your order could not be completed but we could not cancel the payment, please contact us and mention this transaction reference number: %s. Thanks.', $db['vendor_tx_code']));
}
$this->_redirect('checkout/cart');
return;
}
}
//Check cart health on callback.
Mage::register('sageserverpost', new Varien_Object($token));
Mage::getSingleton('sagepaysuite/session')->setInvoicePayment(true);
try {
$this->getOnepage()->getQuote()->collectTotals();
$this->getOnepage()->saveOrder();
} catch (Exception $e) {
$trn->setStatus('MAGE_ERROR')->setStatusDetail($e->getMessage() . $trn->getStatusDetail())->save();
Sage_Log::logException($e);
Mage::dispatchEvent('sagepay_payment_failed', array('quote' => $this->getOnepage()->getQuote(), 'message' => $e->getMessage()));
$this->_getSession()->addError('<strong>' . $this->__('The payment was made with success however an error occurred, your credit card has been charged. Please contact our support team.') . '</strong>');
Mage::helper('sagepaysuite/checkout')->deleteQuote();
$this->_redirect('checkout/cart');
return;
}
Mage::helper('sagepaysuite/checkout')->deleteQuote();
$this->_redirect('checkout/onepage/success');
return;
}
$this->_redirect('/');
return;
}
public function massThirdmanCheckAction()
{
$logPrefix = "[MANUAL] ";
Sage_Log::log($logPrefix . "Starting fraud checks... ", null, 'SagePaySuite_Thirdman.log');
$fraudTblName = Mage::getSingleton('core/resource')->getTableName('sagepayreporting_fraud');
$transactions = Mage::getResourceModel('sagepaysuite2/sagepaysuite_transaction_collection');
$transactions->addFieldToSelect(array('order_id', 'vendor_tx_code', 'vps_tx_id', 'tx_type'));
$transactions->getSelect()->where("`main_table`.`order_id` IS NOT NULL AND (`main_table`.`order_id` NOT IN (SELECT `order_id` FROM " . $fraudTblName . "))")->order("main_table.created_at DESC")->limit(15);
$transactionsChecked = array();
$transactionsNOTChecked = array();
foreach ($transactions as $_trn) {
$update = $_trn->updateFromApi();
if (!$update->getFraud()) {
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": UNABLE TO GET FRAUD SCORE", null, 'SagePaySuite_Thirdman.log');
$transactionsNOTChecked[] = $_trn->getVendorTxCode();
continue;
}
try {
$rs = $update->getFraud();
$noresult = (string) $rs->getThirdmanAction() == 'NORESULT';
$transactionsChecked[] = $_trn->getVendorTxCode();
Sage_Log::log($logPrefix . "3rd man check for " . $_trn->getVendorTxCode() . ": " . (string) $rs->getThirdmanAction(), null, 'SagePaySuite_Thirdman.log');
} catch (Exception $e) {
Sage_Log::logException($e);
}
}
//user messages
if (count($transactionsChecked) > 0) {
$msg = "Transactions successfully checked: ";
for ($i = 0; $i < count($transactionsChecked); $i++) {
$msg .= $i > 0 ? " " : "";
$msg .= $transactionsChecked[$i];
}
Mage::getSingleton('adminhtml/session')->addSuccess($msg);
}
if (count($transactionsNOTChecked) > 0) {
$msg = "An error occurred while checking some transactions: ";
for ($i = 0; $i < count($transactionsNOTChecked); $i++) {
$msg .= $i > 0 ? " " : "";
$msg .= $transactionsNOTChecked[$i];
}
Mage::getSingleton('adminhtml/session')->addError($msg);
}
$this->_redirect('adminhtml/sagepayreporting_fraud');
}
/**
* Invoice existing order
*
* @param int $id Order id
* @param string $captureMode Mode capture, OFFLINE-ONLINE-NOTCAPTURE
*/
public function invoiceOrder($id = null, $captureMode = Mage_Sales_Model_Order_Invoice::CAPTURE_OFFLINE, $silent = true)
{
if (is_object($id)) {
$order = $id;
} else {
$order = Mage::getModel('sales/order')->load($id);
}
try {
if (!$order->canInvoice()) {
$emessage = $this->_getCoreHelper()->__('Cannot create an invoice.');
if (!$silent) {
Mage::throwException($emessage);
}
Sage_Log::log($emessage);
return false;
}
$invoice = Mage::getModel('sales/service_order', $order)->prepareInvoice();
if (!$invoice->getTotalQty()) {
$emessage = $this->_getCoreHelper()->__('Cannot create an invoice without products.');
if (!$silent) {
Mage::throwException($emessage);
}
Sage_Log::log($emessage);
return false;
}
$invoice->setRequestedCaptureCase($captureMode);
# New in 1.4.2.0, if there is not such value, only REFUND OFFLINE shows up
# TODO: @see Mage_Sales_Model_Order_Payment::registerCaptureNotification
//$invoice->setTransactionId($order->getSagepayInfo()->getId());
$invoice->setTransactionId(time());
$invoice->register();
//Send email
$sendemail = (bool) $this->getConfigData('email_on_invoice');
$invoice->setEmailSent($sendemail);
$invoice->getOrder()->setCustomerNoteNotify($sendemail);
$transactionSave = Mage::getModel('core/resource_transaction')->addObject($invoice)->addObject($invoice->getOrder());
$transactionSave->save();
if ($sendemail) {
try {
$invoice->sendEmail(TRUE, '');
} catch (Exception $em) {
Mage::logException($em);
}
}
return true;
} catch (Mage_Core_Exception $e) {
if (!$silent) {
Mage::throwException($e->getMessage());
}
Sage_Log::logException($e);
return false;
}
}
public function updateordermethodAction()
{
$vote = $this->getRequest()->getPost('vote');
if ($vote) {
$this->voteAdd();
}
if (!$this->isCustomerLoggedIn()) {
if (isset($_POST['register_new_account'])) {
$isguest = $this->getRequest()->getPost('register_new_account');
if ($isguest == '1' or Mage::helper('onestepcheckout')->haveProductDownloadable()) {
//if checkbox register_new_accoutn checked or exist downloadable product, create new acc
$result_save_method = $this->getOnepage()->saveCheckoutMethod('register');
} else {
$result_save_method = $this->getOnepage()->saveCheckoutMethod('guest');
}
} else {
if (!Mage::getStoreConfig('onestepcheckout/config/allowguestcheckout') || !Mage::getStoreConfig('checkout/options/guest_checkout') || Mage::helper('onestepcheckout')->haveProductDownloadable()) {
$result_save_method = $this->getOnepage()->saveCheckoutMethod('register');
} else {
$result_save_method = $this->getOnepage()->saveCheckoutMethod('guest');
}
}
}
if ($this->getRequest()->isPost()) {
$data_save_billing = $this->filterdata($this->getRequest()->getPost('billing', array()), false);
if ($this->isCustomerLoggedIn()) {
$this->saveAddress('billing', $data_save_billing);
}
$customerAddressId = $this->getRequest()->getPost('billing_address_id', false);
if ($this->getRequest()->getPost('billing_address_id') != "" && (!isset($data_save_billing['save_in_address_book']) || (isset($data_save_billing['save_in_address_book']) && $data_save_billing['save_in_address_book']) == 0)) {
$customerAddressId = "";
}
if ($this->isCustomerLoggedIn() && (isset($data_save_billing['save_in_address_book']) && $data_save_billing['save_in_address_book'] == 1) && !Mage::getStoreConfig('onestepcheckout/addfield/addressbook')) {
$customerAddressId = $this->getDefaultAddress('billing');
}
if (isset($data_save_billing['email'])) {
$data_save_billing['email'] = trim($data_save_billing['email']);
if (Mage::helper('onestepcheckout')->issubcribleemail($data_save_billing['email'])) {
if ($this->getRequest()->getPost('subscribe_newsletter') == '1') {
if ($this->isCustomerLoggedIn()) {
$customer = Mage::getSingleton('customer/session')->getCustomer();
$customer->setIsSubscribed(1);
} else {
$this->savesubscibe($data_save_billing['email']);
}
}
}
}
$result_save_billing = $this->getOnepage()->saveBilling($data_save_billing, $customerAddressId);
$data_customercomment = $this->getrequest()->getpost('onestepcheckout_comments');
$Deliverystatus = $this->getrequest()->getpost('deliverydate');
$Deliverydate = $this->getrequest()->getpost('onestepcheckout_date');
$Deliverytime = $this->getrequest()->getpost('onestepcheckout_time');
if (Mage::getStoreConfig("onestepcheckout/deliverydate/timerange")) {
$Deliverytime = $this->getrequest()->getpost('delivery-timerange');
}
$delivery_infor = array($data_customercomment, $Deliverystatus, $Deliverydate, $Deliverytime);
Mage::getSingleton('core/session')->setDeliveryInforOrder($delivery_infor);
Mage::getSingleton('core/session')->setDeliveryInforEmail($delivery_infor);
if (isset($data_save_billing['save_into_account']) && intval($data_save_billing['save_into_account']) == 1 && $this->isCustomerLoggedIn()) {
$this->setAccountInfoSession($data_save_billing);
}
}
// Shipping
$isclick = $this->getRequest()->getPost('ship_to_same_address');
$ship = "billing";
if ($isclick != '1') {
$ship = "shipping";
}
if ($this->getrequest()->ispost()) {
$data_save_shipping = $this->filterdata($this->getrequest()->getpost($ship, array()), false);
if ($this->isCustomerLoggedIn() && !$isclick) {
$this->saveAddress('shipping', $data_save_shipping);
}
if ($isclick == '1') {
$data_save_shipping['same_as_billing'] = 1;
}
// change address if user change infomation
// reassign customeraddressid and save to shipping
$customeraddressid = $this->getrequest()->getpost($ship . '_address_id', false);
// if user chage shipping, billing infomation but not save to database
if ($isclick || $this->getRequest()->getPost('shipping_address_id') != "" && (!isset($data_save_shipping['save_in_address_book']) || isset($data_save_shipping['save_in_address_book']) && $data_save_shipping['save_in_address_book'] == 0)) {
$customeraddressid = "";
}
if (!$isclick && $this->isCustomerLoggedIn() && (isset($data_save_shipping['save_in_address_book']) && $data_save_shipping['save_in_address_book'] == 1) && !Mage::getStoreConfig('onestepcheckout/addfield/addressbook')) {
$customeraddressid = $this->getDefaultAddress('shipping');
}
$result_save_shipping = $this->getonepage()->saveshipping($data_save_shipping, $customeraddressid);
//save shipping
}
// Shipping method
if ($this->getRequest()->isPost()) {
$data_save_shipping_method = $this->getRequest()->getPost('shipping_method', '');
$result_save_shipping_method = $this->getOnepage()->saveShippingMethod($data_save_shipping_method);
if (!$result_save_shipping_method) {
Mage::dispatchEvent('checkout_controller_onepage_save_shipping_method', array('request' => $this->getRequest(), 'quote' => $this->getOnepage()->getQuote()));
$this->getOnepage()->getQuote()->collectTotals();
}
$this->getOnepage()->getQuote()->collectTotals();
}
// Payment method
$result_savepayment = array();
$this->getOnepage()->getQuote()->getPayment()->setMethodInstance(null);
$data_savepayment = $this->getRequest()->getPost('payment', array());
try {
$result_savepayment = $this->getOnepage()->savePayment($data_savepayment);
} catch (Exception $e) {
$message = $e->getMessage();
echo 'error: ' . $message;
return;
}
$redirectUrl = $this->getOnepage()->getQuote()->getPayment()->getCheckoutRedirectUrl();
if (isset($redirectUrl)) {
echo 'redirect: ' . $redirectUrl;
return;
}
$result_order = array();
if ($data_order = $this->getRequest()->getPost('payment', false)) {
$this->getOnepage()->getQuote()->getPayment()->importData($data_order);
}
//Fix for Sagepay
$paymentMethod = $this->getOnepage()->getQuote()->getPayment()->getMethod();
Mage::getSingleton('core/session')->unsErrorpayment();
if ($paymentMethod == 'sagepayserver') {
$resultData = array();
try {
Mage::helper('sagepaysuite')->validateQuote();
$result = Mage::getModel('sagepaysuite/sagePayServer')->registerTransaction($this->getRequest()->getPost());
$resultData = $result->getData();
if ($result->getResponseStatus() == Ebizmarts_SagePaySuite_Model_Api_Payment::RESPONSE_CODE_APPROVED) {
$redirectUrl = $result->getNextUrl();
} else {
Mage::getSingleton('core/session')->setErrorpayment($resultData['response_status_detail']);
echo 'error: ' . $resultData['response_status_detail'];
return;
}
} catch (Exception $e) {
$resultData['response_status'] = 'ERROR';
$resultData['response_status_detail'] = $e->getMessage();
Mage::getSingleton('core/session')->setErrorpayment($resultData['response_status_detail']);
echo 'error: ' . $resultData['response_status_detail'];
return;
}
if (isset($redirectUrl)) {
echo 'redirect: ' . $redirectUrl;
return;
}
} else {
if ($paymentMethod == 'sagepaydirectpro') {
$resultData = array();
try {
Mage::helper('sagepaysuite')->validateQuote();
$directModel = Mage::getModel('sagepaysuite/sagePayDirectPro');
$result = $directModel->registerTransaction($this->getRequest()->getPost());
$resultData = $result->getData();
$response_status = $result->getResponseStatus();
if ($response_status == Ebizmarts_SagePaySuite_Model_Api_Payment::RESPONSE_CODE_3DAUTH) {
$this->_forward('_expireAjax', 'directPayment', 'sgps', $this->getRequest()->getParams());
$this->_forward('threedPost', 'directPayment', 'sgps', $this->getRequest()->getParams());
return;
} else {
try {
$this->getOnepage()->saveOrder();
} catch (Exception $e) {
Mage::getSingleton('core/session')->setErrorpayment($e->getMessage());
$this->_redirect('checkout/onepage');
return;
}
$redirectUrl = $this->getOnepage()->getCheckout()->getRedirectUrl();
$result_order['success'] = true;
$result_order['error'] = false;
$cart = Mage::getModel('checkout/cart');
$cartItems = $cart->getItems();
foreach ($cartItems as $item) {
$cart->removeItem($item->getId())->save();
}
$this->getOnepage()->getQuote()->save();
if (isset($redirectUrl)) {
$this->_redirectUrl($redirectUrl);
return;
}
$this->_redirect('checkout/onepage/success');
}
} catch (Exception $e) {
Sage_Log::logException($e);
$result_order['response_status'] = 'ERROR';
$result_order['response_status_detail'] = $e->getMessage();
Mage::getSingleton('core/session')->setErrorpayment($result_order['response_status_detail']);
$this->_redirect('checkout/onepage');
return;
}
} elseif ($paymentMethod == 'sagepayform') {
Mage::helper('sagepaysuite')->validateQuote();
$this->_forward('_initCheckout', 'formPayment', 'sgps', $this->getRequest()->getPost());
$this->_forward('go', 'formPayment', 'sgps', $this->getRequest()->getPost());
return;
} else {
if ($paymentMethod == "hosted_pro" || $paymentMethod == "payflow_link" || $paymentMethod == "payflow_advanced") {
echo "error: hosted_pro";
return;
} else {
try {
$this->getOnepage()->saveOrder();
} catch (Exception $e) {
echo 'error: ' . $e->getMessage();
return;
}
$redirectUrl = $this->getOnepage()->getCheckout()->getRedirectUrl();
$result_order['success'] = true;
$result_order['error'] = false;
$cart = Mage::getModel('checkout/cart');
$cartItems = $cart->getItems();
foreach ($cartItems as $item) {
$cart->removeItem($item->getId())->save();
}
$this->getOnepage()->getQuote()->save();
if (isset($redirectUrl)) {
echo 'redirect: ' . $redirectUrl;
return;
}
echo 'redirect: ' . Mage::getUrl('checkout/onepage/success');
return;
}
}
}
}
