$_return .= '&aws-access-key-id=' . $aws_access_key;
}
echo $_return;
exit;
} elseif ($message_recognizer == 'NewOrderNotification') {
// Order was placed by Amazon checkout. We need to proceed the callback.
list($amazon_sess_id, $payment_id) = explode(';', base64_decode((string) $xml->ProcessedOrder->ProcessedOrderItems->ProcessedOrderItem->CartCustomData->ClientRequestId));
$processor_data = fn_get_payment_method_data($payment_id);
// If we use the signed cart, validate the request
if (!fn_amazon_validate_request($processor_data, $_POST)) {
die('Access denied');
}
// Restart session
if (!empty($amazon_sess_id)) {
Tygh::$app['session']->resetID($amazon_sess_id);
fn_payments_set_company_id(0, Tygh::$app['session']['settings']['company_id']['value']);
$cart =& Tygh::$app['session']['cart'];
$auth =& Tygh::$app['session']['auth'];
}
// Compare the cart data with the Amazon request
if (!fn_amazon_validate_cart_data($cart, $xml)) {
fn_set_notification('E', __('error'), 'text_amazon_incorrect_products_count');
exit;
}
$transaction_id = (string) $xml->ProcessedOrder->AmazonOrderID;
// Prevent the double notifications
$reference_id = (string) $xml->NotificationReferenceId;
if (!empty(Tygh::$app['session']['reference_id']) && Tygh::$app['session']['reference_id'] == $reference_id) {
exit;
} else {
Tygh::$app['session']['reference_id'] = $reference_id;
$_return .= '&aws-access-key-id=' . $aws_access_key;
}
echo $_return;
exit;
} elseif ($message_recognizer == 'NewOrderNotification') {
// Order was placed by Amazon checkout. We need to proceed the callback.
list($amazon_sess_id, $payment_id) = explode(';', base64_decode((string) $xml->ProcessedOrder->ProcessedOrderItems->ProcessedOrderItem->CartCustomData->ClientRequestId));
$processor_data = fn_get_payment_method_data($payment_id);
// If we use the signed cart, validate the request
if (!fn_amazon_validate_request($processor_data, $_POST)) {
die('Access denied');
}
// Restart session
if (!empty($amazon_sess_id)) {
Session::resetId($amazon_sess_id);
fn_payments_set_company_id(0, $_SESSION['settings']['company_id']['value']);
$cart =& $_SESSION['cart'];
$auth =& $_SESSION['auth'];
}
// Compare the cart data with the Amazon request
if (!fn_amazon_validate_cart_data($cart, $xml)) {
fn_set_notification('E', __('error'), 'text_amazon_incorrect_products_count');
exit;
}
$transaction_id = (string) $xml->ProcessedOrder->AmazonOrderID;
// Prevent the double notifications
$reference_id = (string) $xml->NotificationReferenceId;
if (!empty($_SESSION['reference_id']) && $_SESSION['reference_id'] == $reference_id) {
exit;
} else {
$_SESSION['reference_id'] = $reference_id;
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
$avs_res = array('0' => 'Not Supported', '1' => 'Not Checked', '2' => 'Matched', '4' => 'Not Matched', '8' => 'Partially Matched');
$mode_test_declined = 101;
$mode_test = 100;
$mode_live = 0;
$card_holder_for_declined_test = 'REFUSED';
if (defined('PAYMENT_NOTIFICATION')) {
if ($mode == 'notify') {
fn_order_placement_routines('route', $_REQUEST['order_id']);
}
} elseif (!empty($_REQUEST['cartId']) && !empty($_REQUEST['transStatus'])) {
require './init_payment.php';
$order_id = strpos($_REQUEST['cartId'], '_') ? substr($_REQUEST['cartId'], 0, strpos($_REQUEST['cartId'], '_')) : $_REQUEST['cartId'];
fn_payments_set_company_id($order_id);
$pp_response["reason_text"] = '';
$payment_id = db_get_field("SELECT ?:orders.payment_id FROM ?:orders WHERE ?:orders.order_id = ?i", $order_id);
$processor_data = fn_get_payment_method_data($payment_id);
$pp_response['order_status'] = $_REQUEST['transStatus'] == 'Y' && (!empty($processor_data['processor_params']['callback_password']) ? !empty($_REQUEST['callbackPW']) && $_REQUEST['callbackPW'] == $processor_data['processor_params']['callback_password'] : true) ? 'P' : 'F';
if ($_REQUEST['transStatus'] == 'Y') {
$pp_response['reason_text'] = $_REQUEST['rawAuthMessage'];
$pp_response['transaction_id'] = $_REQUEST['transId'];
$pp_response['descr_avs'] = 'CVV (Security Code): ' . $avs_res[substr($_REQUEST['AVS'], 0, 1)] . '; Postcode: ' . $avs_res[substr($_REQUEST['AVS'], 1, 1)] . '; Address: ' . $avs_res[substr($_REQUEST['AVS'], 2, 1)] . '; Country: ' . $avs_res[substr($_REQUEST['AVS'], 3)];
}
if (!empty($_REQUEST['testMode'])) {
$pp_response['reason_text'] .= '; This a TEST Transaction';
}
$area = db_get_field("SELECT data FROM ?:order_data WHERE order_id = ?i AND type = 'E'", $order_id);
$override = $area == 'A' ? true : false;
fn_finish_payment($order_id, $pp_response, false);
* (c) 2004 Vladimir V. Kalynyak, Alexey V. Vinokurov, Ilya M. Shalnev *
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
if (defined('PAYMENT_NOTIFICATION')) {
if (!empty($_REQUEST['order_id'])) {
fn_payments_set_company_id($_REQUEST['order_id']);
}
if (!empty($_REQUEST['key'])) {
$payment_id = db_get_field("SELECT payment_id FROM ?:orders WHERE order_id = ?i", $_REQUEST['order_id']);
$processor_data = fn_get_payment_method_data($payment_id);
$order_info = fn_get_order_info($_REQUEST['order_id']);
$order_number_id = $processor_data['processor_params']['mode'] == 'test' ? '1' : $_REQUEST['order_number'];
$pp_response = array();
if (strtoupper(md5($processor_data['processor_params']['secret_word'] . $processor_data['processor_params']['account_number'] . $order_number_id . $order_info['total'])) == $_REQUEST['key'] && $_REQUEST['credit_card_processed'] == 'Y') {
$pp_response['order_status'] = $processor_data['processor_params']['fraud_verification'] == 'Y' ? $processor_data['processor_params']['fraud_wait'] : 'P';
$pp_response['reason_text'] = __('order_id') . '-' . $_REQUEST['order_number'];
} else {
$pp_response['order_status'] = $_REQUEST['credit_card_processed'] == 'K' ? 'O' : 'F';
$pp_response['reason_text'] = $_REQUEST['credit_card_processed'] == 'Y' ? "MD5 Hash is invalid" : __('order_id') . '-' . $_REQUEST['order_number'];
}
$pp_response['transaction_id'] = !empty($_REQUEST['tcoid']) ? $_REQUEST['tcoid'] : '';
