public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs) { if ($request->getFiltered('INVNUM', $request->getFiltered('INVOICE')) == '') { $response->setRedirect($this->getRootUrl() . '/thanks'); } else { parent::directAction($request, $response, $invokeArgs); } }
/** * Throws exception if no permissions added * @param Am_Request $request * @param array $record */ public function checkPermissions(Am_Request $request, $alias, $method) { if ($this->getDi()->config->get('api_debug_mode')) { $this->getDi()->errorLogTable->log('REST API :' . var_export($request->getParams(), true)); } $event = $this->getDi()->hook->call(Am_Event::API_CHECK_PERMISSIONS, array('request' => $request, 'alias' => $alias, 'method' => $method)); foreach ($event->getReturn() as $return) { if ($return === true) { return; } // skip checks if allowed by hook } $s = $request->getFiltered('_key'); if (empty($s) || strlen($s) < 10) { throw new Am_Exception_InputError("API Error 10001 - no [key] specified or key is too short"); } $apikey = $this->getDi()->apiKeyTable->findFirstByKey($s); if (!$apikey || $apikey->is_disabled) { throw new Am_Exception_InputError("API Error 10002 - [key] is not found or disabled"); } $perms = $apikey->getPerms(); if (empty($perms[$alias][$method]) || !$perms[$alias][$method]) { throw new Am_Exception_InputError("API Error 10003 - no permissions for {$alias}-{$method} API call"); } }
/** * Must return the same value for single rebill sequence * @see $_autoCreateMap * @return string unique id of invoice - so rebills can be added to the same invoice */ function generateInvoiceExternalId() { $field = @$this->_autoCreateMap['invoice_external_id']; if (!empty($field)) { return $this->request->getFiltered($field); } throw new Am_Exception_Paysystem_NotImplemented("Not Implemented"); }
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs) { if ($request->getActionName() == 'thanks') { if ($this->getConfig('debugLog')) { Am_Di::getInstance()->errorLogTable->log('NetBilling Form [response-thanks]:' . json_encode($request->getParams())); } $this->invoice = $this->getDi()->invoiceTable->findFirstByPublicId($request->getFiltered('Ecom_ConsumerOrderID')); $url = $request->get('Ecom_Ezic_Response_StatusCode') == 0 || $request->get('Ecom_Ezic_Response_StatusCode') == 'F' ? $this->getCancelUrl() : $this->getReturnUrl(); $response->setRedirect($url); } else { parent::directAction($request, $response, $invokeArgs); } }
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs) { if ($request->getActionName() == 'cancelpaysafecart') { // SEE par.3 @(list($id, $code) = explode('-', filterId($request->getFiltered('id')), 2)); $invoice = Am_Di::getInstance()->InvoiceTable->findFirstByPublicId(filterId($id)); if (!$invoice) { throw new Am_Exception_InputError("No invoice found [{$id}]"); } $invoice->setCancelled(true); $a = new Am_Paysystem_Action_HtmlTemplate_Paysafecard($this->getDir(), 'payment-paysafecard-cancel.phtml'); $a->process(new Am_Controller($request, $response, $invokeArgs)); // see par.3 } else { parent::directAction($request, $response, $invokeArgs); } }
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs) { $invoice = $this->getDi()->invoiceTable->findBySecureId($request->getFiltered('id'), $this->getId()); if (!$invoice) { throw new Am_Exception_InputError(___("Sorry, seems you have used wrong link")); } $view = new Am_View(); $html = $this->getConfig('html', 'SITE OWNER DID NOT PROVIDE INSTRUCTIONS FOR OFFLINE PAYMENT YET'); $tpl = new Am_SimpleTemplate(); $tpl->invoice = $invoice; $tpl->user = $this->getDi()->userTable->load($invoice->user_id); $tpl->invoice_id = $invoice->invoice_id; $tpl->cancel_url = REL_ROOT_URL . '/cancel?id=' . $invoice->getSecureId('CANCEL'); $view->content = $tpl->render($html); $view->title = $this->getTitle(); $response->setBody($view->render("layout.phtml")); }
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs) { if ($request->getActionName() == 'ipn') { $accessCode = $request->getFiltered('AccessCode'); $result = new Am_Paysystem_Result(); $transaction = new Am_Paysystem_Transaction_EwayRapid3($this, $accessCode); $transaction->run($result); if (!($invoice = $transaction->getInvoice())) { throw new Am_Exception_InputError(); } $this->_setInvoice($invoice); if ($result->isSuccess()) { Am_Controller::redirectLocation($this->getReturnUrl($invoice)); } else { Am_Controller::redirectLocation($this->getCancelUrl($invoice)); } } else { parent::directAction($request, $response, $invokeArgs); } }
protected function ccActionValidateSetInvoice(Am_Request $request, array $invokeArgs) { $invoiceId = $request->getFiltered('cc_id'); if (!$invoiceId) { throw new Am_Exception_InputError("invoice_id is empty - seems you have followed wrong url, please return back to continue"); } $invoice = $this->getDi()->invoiceTable->findBySecureId($invoiceId, $this->getId()); if (!$invoice) { throw new Am_Exception_InputError('You have used wrong link for payment page, please return back and try again'); } if ($invoice->isCompleted()) { throw new Am_Exception_InputError(sprintf(___('Payment is already processed, please go to %sMembership page%s'), "<a href='" . htmlentities($this->getDi()->config->get('root_url')) . "/member'>", "</a>")); } if ($invoice->paysys_id != $this->getId()) { throw new Am_Exception_InputError("You have used wrong link for payment page, please return back and try again"); } if ($invoice->tm_added < sqlTime('-30 days')) { throw new Am_Exception_InputError("Invoice expired - you cannot open invoice after 30 days elapsed"); } $this->invoice = $invoice; // set for reference }
/** * Process "cancel recurring" request * @param Am_Request $request * @param Zend_Controller_Response_Http $response * @param array $invokeArgs */ public function doCancelAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs) { $id = $request->getFiltered('id'); $invoice = $this->getDi()->invoiceTable->findBySecureId($id, 'STOP' . $this->getId()); if (!$invoice) { throw new Am_Exception_InputError("No invoice found [{$id}]"); } if ($invoice->user_id != $this->getDi()->auth->getUserId()) { throw new Am_Exception_InternalError("User tried to access foreign invoice: [{$id}]"); } if (method_exists($this, 'cancelInvoice')) { $this->cancelInvoice($invoice); } $invoice->setCancelled(); $response->setRedirect(ROOT_SURL . '/member/payment-history'); }
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs) { $user = $this->getDi()->user; switch ($request->getActionName()) { case 'c': $id = $this->getDi()->app->reveal($request->getFiltered('id')); //actualy it is notification_id $notification = $this->getDi()->notificationTable->load($id); $this->getDi()->notificationClickTable->log($user, $notification); Am_Controller::redirectLocation($notification->url); break; case 'get': if (!$user) { Am_Controller::ajaxResponse(array()); } else { $items = $this->getDi()->notificationTable->getNotificationsForUser($this->getDi()->auth->getUser()); $dismiss = $user->data()->getBlob('notification.dismiss'); if (!$dismiss) { $dismiss = array(); } else { $dismiss = unserialize($dismiss); } $out = array(); foreach ($items as $item) { $display = $user->data()->get('notification.display.' . $item->pk()); if ($item->limit && $display >= $item->limit) { continue; } if (in_array($item->notification_id, $dismiss)) { continue; } $user->data()->set('notification.display.' . $item->pk(), ++$display); $n = new stdClass(); $n->id = $this->getDi()->app->obfuscate($item->notification_id); $n->content = $item->content; $n->is_custom = $item->is_custom ? true : false; $n->is_blank = $item->is_blank ? true : false; $n->link = $item->url; $out[] = $n; } $user->save(); Am_Controller::ajaxResponse($out); } break; case 'js': $response->setHeader('Content-Type', 'application/x-javascript; charset=utf-8'); echo $this->getJs(); break; case 'd': $id = $this->getDi()->app->reveal($request->getFiltered('id')); if ($user && $id) { $dismiss = $user->data()->getBlob('notification.dismiss'); if (!$dismiss) { $dismiss = array(); } else { $dismiss = unserialize($dismiss); } $dismiss[] = $id; $user->data()->setBlob('notification.dismiss', serialize($dismiss)); $user->data()->update(); } break; default: throw new Am_Exception_InternalError('Unknown Action'); } }
/** @return string request parameter with removed chars except the a-zA-Z0-9-_ */ function getFiltered($key, $default = null) { return $this->_request->getFiltered($key, $default); }
function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs) { $actionName = $request->getActionName(); if ($actionName == 'cancel') { $invoice = $this->getDi()->invoiceTable->findFirstBy(array('public_id' => $request->getFiltered('merchant_unique_id'))); if (!$invoice) { throw new Am_Exception_InputError("No invoice found [{$id}]"); } Am_Controller::redirectLocation($this->getRootUrl() . "/cancel?id=" . $invoice->getSecureId('CANCEL')); } else { parent::directAction($request, $response, $invokeArgs); } }
public function cancelPaymentAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs) { $id = $request->getFiltered('id'); if (!$id && isset($_GET['id'])) { $id = filterId($_GET['id']); } $invoice = $this->getDi()->invoiceTable->findFirstByPublicId($id); if (!$invoice) { throw new Am_Exception_InputError("No invoice found [{$id}]"); } if ($invoice->user_id != $this->getDi()->auth->getUserId()) { throw new Am_Exception_InternalError("User tried to access foreign invoice: [{$id}]"); } $this->invoice = $invoice; // find invoice and redirect to default "cancel" page $response->setRedirect($this->getCancelUrl()); }
public function expressCheckoutAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs) { $token = $request->getFiltered('token'); if (!$token) { throw new Am_Exception_InputError("No required [token] provided, internal error"); } $log = $this->getDi()->invoiceLogRecord; $log->title = ""; $log->paysys_id = $this->getId(); if ($request->getInt('do')) { $invoice = current($this->getDi()->invoiceTable->findByData(self::PAYPAL_EXPRESS_TOKEN, $token)); if (!$invoice) { throw new Am_Exception_InternalError("Could not find invoice by token [{$token}]"); } $this->_setInvoice($invoice); $log->setInvoice($invoice); if ($invoice->first_total > 0) { // bill initial amount @todo free trial $log->title .= " doExpressCheckout"; $apireq = new Am_Paysystem_PaypalApiRequest($this); $apireq->doExpressCheckout($invoice, $token, $request->getFiltered('PayerID')); $vars = $apireq->sendRequest($log); $transaction = new Am_Paysystem_Transaction_PayPalExpress_DoExpressCheckout($this, $vars); $transaction->setInvoice($invoice); $transaction->process(); } if ($invoice->rebill_times) { $log->title .= " createRecurringPaymentProfile"; $apireq = new Am_Paysystem_PaypalApiRequest($this); $apireq->createRecurringPaymentProfile($invoice, null, $token, $request->getFiltered('PayerID')); $vars = $apireq->sendRequest($log); if ($vars['ACK'] != 'Success') { $this->logError("Not Success response to CreateRecurringPaymentProfile request", $vars); } else { $invoice->data()->set(self::PAYPAL_PROFILE_ID, $vars['PROFILEID'])->update(); if ($invoice->first_total <= 0) { $transaction = new Am_Paysystem_Transaction_PayPalExpress_CreateRecurringPaymentProfile($this, $vars); $transaction->setInvoice($invoice); $transaction->process(); } } } return Am_Controller::redirectLocation($this->getReturnUrl()); } else { $log->title .= " getExpressCheckoutDetails"; $apireq = new Am_Paysystem_PaypalApiRequest($this); $apireq->getExpressCheckoutDetails($token); $vars = $apireq->sendRequest($log); $invoiceId = filterId(get_first(@$vars['INVNUM'], @$vars['L_PAYMENTREQUEST_0_INVNUM'], $this->getDi()->session->paypal_invoice_id)); if (!$invoiceId || !($invoice = $this->getDi()->invoiceTable->findBySecureId($invoiceId, 'paypal'))) { throw new Am_Exception_InputError("Could not find invoice related to given payment. Internal error. Your account was not billed, please try again"); } $log->setInvoice($invoice); $log->update(); $this->_setInvoice($invoice); /* @var $invoice Invoice */ if ($invoice->isPaid()) { return Am_Controller::redirectLocation($this->getReturnUrl()); } $invoice->data()->set(self::PAYPAL_EXPRESS_TOKEN, $token)->update(); $view = new Am_View(); $view->invoice = $invoice; $view->url = $this->getPluginUrl(self::PAYPAL_EXPRESS_CHECKOUT); $view->hidden = array('do' => '1', 'token' => $request->getFiltered('token'), 'PayerID' => $request->getFiltered('PayerID')); $view->display("payment-confirm.phtml"); } }