function eme_sagepay_form($event, $payment, $price, $lang, $multi_booking = 0)
{
global $post;
$charge = eme_payment_provider_extra_charge($price, 'fdgg');
$price += $charge;
$events_page_link = eme_get_events_page(true, false);
$payment_id = $payment['id'];
if ($multi_booking) {
$success_link = get_permalink($post->ID);
$fail_link = $success_link;
$name = __("Multiple booking request", "eme");
} else {
$success_link = eme_payment_return_url($event, $payment, 1);
$fail_link = eme_payment_return_url($event, $payment, 2);
$name = eme_sanitize_html(sprintf(__("Booking for '%s'", "eme"), $event['event_name']));
}
// sagepay doesn't use a notification url, but sends the status along as part of the return url
// so we add the notification info to it too, so we can process payed info as usual
$success_link = add_query_arg(array('eme_eventAction' => 'sagepay_notification'), $success_link);
$fail_link = add_query_arg(array('eme_eventAction' => 'sagepay_notification'), $fail_link);
$vendor_name = get_option('eme_sagepay_vendor_name');
// the live or sandbox url
$sagepay_demo = get_option('eme_sagepay_demo');
if ($sagepay_demo == 1) {
$sagepay_pwd = get_option('eme_sagepay_test_pwd');
$url = SAGEPAY_SANDBOX_URL;
} else {
$sagepay_pwd = get_option('eme_sagepay_live_pwd');
$url = SAGEPAY_LIVE_URL;
}
$cur = $event['currency'];
$button_above = eme_replace_payment_provider_placeholders(get_option('eme_sagepay_button_above'), $charge, $event['currency'], $lang);
$button_label = eme_replace_payment_provider_placeholders(get_option('eme_sagepay_button_label'), $charge, $event['currency'], $lang);
$button_below = eme_replace_payment_provider_placeholders(get_option('eme_sagepay_button_below'), $charge, $event['currency'], $lang);
$button_img_url = get_option('eme_sagepay_button_img_url');
$query = array('VendorTxCode' => $payment_id, 'Amount' => number_format($price, 2, '.', ''), 'Currency' => $cur, 'Description' => $name, 'SuccessURL' => $success_link, 'FailureURL' => $fail_link);
require_once 'payment_gateways/sagepay/eme-sagepay-util.php';
$crypt = SagepayUtil::encryptAes(SagepayUtil::arrayToQueryString($query), $sagepay_pwd);
$form_html = $button_above;
$form_html .= "<form action='{$url}' method='post'>";
$form_html .= "<input type='hidden' name='VPSProtocol' value='3.00' />";
$form_html .= "<input type='hidden' name='TxType' value='PAYMENT' />";
$form_html .= "<input type='hidden' name='Vendor' value='{$vendor_name}' />";
$form_html .= "<input type='hidden' name='Crypt' value='{$crypt}' />";
$button_label = htmlentities($button_label);
if (!empty($button_img_url)) {
$form_html .= "<input type='image' src='{$button_img_url}' alt='{$button_label}' title='{$button_label}' />";
} else {
$form_html .= "<input type='submit' value='{$button_label}' />";
}
$form_html .= "</form>";
$form_html .= $button_below;
return $form_html;
}
/**
* Encrypt the order details ready to send to SagePay Server.
*
* @param SagepayAbstractApi $request The request instance.
* @throws SagepayApiException
*
* @return array|string Returns a String for Form integration method or an array for Server / Direct.
*/
public static function encryptedOrder(SagepayAbstractApi $request)
{
$settings = $request->getConfig();
$basket = $request->getBasket();
$address = $request->getAddressList();
$integrationMethod = $request->getIntegrationMethod();
$paneValues = $request->getPaneValues();
// Determine the transaction type based on the payment gateway settings.
$txType = $settings->getTxType();
$billingAddress = $address[0];
$deliveryAddress = isset($address[1]) ? $address[1] : null;
$query = array('VPSProtocol' => $settings->getProtocolVersion(), 'Vendor' => $settings->getVendorName(), 'VendorTxCode' => self::vendorTxCode($basket->getId(), $txType, $settings->getVendorName()), 'Amount' => number_format($basket->getAmount(), 2, '.', ''), 'Currency' => $settings->getCurrency(), 'Description' => $basket->getDescription(), 'CustomerName' => $billingAddress->firstname . ' ' . $billingAddress->lastname, 'CustomerEMail' => $billingAddress->email, 'VendorEMail' => $settings->getVendorEmail(), 'SendEMail' => $settings->getSendEmail(), 'eMailMessage' => $settings->getEmailMessage(), 'BillingSurname' => $billingAddress->lastname, 'BillingFirstnames' => $billingAddress->firstname, 'BillingAddress1' => $billingAddress->address1, 'BillingAddress2' => $billingAddress->address2, 'BillingCity' => $billingAddress->city, 'BillingPostCode' => $billingAddress->getPostCode(), 'BillingCountry' => $billingAddress->country, 'BillingPhone' => $billingAddress->phone, 'ApplyAVSCV2' => $settings->getApplyAvsCv2(), 'Apply3DSecure' => $settings->getApply3dSecure(), 'AllowGiftAid' => $settings->getAllowGiftAid(), 'BillingAgreement' => $settings->getBillingAgreement());
$query += $request->getData();
$customer = $request->getCustomer();
if ($customer instanceof SagepayCustomer) {
$query += self::_setAuxValue($query, 'CustomerXML', $customer->export());
}
$query += self::_setAuxValue($query, 'VendorData', $settings->getVendorData());
$query += self::_setAuxValue($query, 'ReferrerID', $settings->getPartnerId());
$query += self::_setAuxValue($query, 'Language', $settings->getLanguage());
// Add check for state for US addresses only.
if ($billingAddress->country == 'US') {
$query['BillingState'] = $billingAddress->state;
}
//Override with supplied delivery address if we have one .
$query += self::_populateDeliveryDetails($billingAddress, $deliveryAddress);
if (isset($paneValues['cardType']) && empty($paneValues['cardType'])) {
$integrationMethod = SAGEPAY_TOKEN;
}
// Check if we need to encode cart.
if (!$settings->basketAsXmlDisabled()) {
$query['BasketXML'] = $basket->exportAsXml();
} else {
$query['Basket'] = $basket->exportAsXml(false);
}
if (count($settings->getSurcharges()) > 0) {
$surcharges = new SagepaySurcharge();
$surcharges->setSurcharges($settings->getSurcharges());
$query['SurchargeXML'] = $surcharges->export();
}
switch ($integrationMethod) {
case SAGEPAY_FORM:
// Unset unused values
unset($query['VPSProtocol']);
unset($query['Vendor']);
unset($query['TxType']);
$env = $settings->getEnv();
$query['SuccessURL'] = $settings->getFullFormSuccessUrl();
$query['FailureURL'] = $settings->getFullFormFailureUrl();
$request->setData($query);
$queryStr = SagepayUtil::arrayToQueryString($query);
$formValues = array();
$formValues['Vendor'] = $settings->getVendorName();
$formValues['VPSProtocol'] = $settings->getProtocolVersion();
$formValues['TxType'] = $txType;
$formValues['Crypt'] = SagepayUtil::encryptAes($queryStr, $settings->getFormEncryptionPassword($env));
// Encrypt order details using base64 and the secret key from the settings.
return $formValues;
case SAGEPAY_SERVER:
$query['NotificationURL'] = $settings->getFullServerNotificationUrl();
$query['TxType'] = $txType;
$query['Profile'] = $settings->getServerProfile();
$query['StoreToken'] = 1;
$query += self::_setAuxValue($query, 'AccountType', $settings->getAccountType());
return $query;
case SAGEPAY_DIRECT:
$query = array_merge($query, self::_getCardDetails($paneValues));
$query['TxType'] = $txType;
$query['CardHolder'] = $billingAddress->firstname . ' ' . $billingAddress->lastname;
// Add 3D Secure flag only if the 3d Secure module is enabled for DIRECT.
$query['Apply3DSecure'] = $settings->getApply3dSecure();
$query += self::_setAuxValue($query, 'AccountType', $settings->getAccountType());
return $query;
case SAGEPAY_PAYPAL:
$query['TxType'] = $txType;
$query['CardType'] = 'PAYPAL';
$query['PayPalCallbackURL'] = $settings->getPaypalCallbackUrl() . '?vtx=' . $query['VendorTxCode'];
return $query;
case SAGEPAY_TOKEN:
$query['TxType'] = $txType;
$query['Token'] = $paneValues['token'];
$query['CV2'] = $paneValues['cv2'];
$query['AllowGiftAid'] = $paneValues['giftAid'] ? 1 : 0;
$query += self::_setAuxValue($query, 'AccountType', $settings->getAccountType());
$query['StoreToken'] = 1;
$query['ApplyAVSCV2'] = 2;
return $query;
default:
throw new SagepayApiException('Invalid integration type');
}
}
