function pre_confirmation_check() { if (MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local') { include 'includes/classes/cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['psigate_cc_number'], $_POST['psigate_cc_expires_month'], $_POST['psigate_cc_expires_year']); $error = ''; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($result == false || $result < 1) { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&psigate_cc_owner=' . urlencode($_POST['psigate_cc_owner']) . '&psigate_cc_expires_month=' . $_POST['psigate_cc_expires_month'] . '&psigate_cc_expires_year=' . $_POST['psigate_cc_expires_year']; tep_redirect(tep_href_link('checkout_payment.php', $payment_error_return, 'SSL', true, false)); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; } else { return false; } }
function pre_confirmation_check() { global $HTTP_POST_VARS; include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($HTTP_POST_VARS['ipayment_cc_number'], $HTTP_POST_VARS['ipayment_cc_expires_month'], $HTTP_POST_VARS['ipayment_cc_expires_year']); $error = ''; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($result == false || $result < 1) { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&ipayment_cc_owner=' . urlencode($HTTP_POST_VARS['ipayment_cc_owner']) . '&ipayment_cc_expires_month=' . $HTTP_POST_VARS['ipayment_cc_expires_month'] . '&ipayment_cc_expires_year=' . $HTTP_POST_VARS['ipayment_cc_expires_year'] . '&ipayment_cc_checkcode=' . $HTTP_POST_VARS['ipayment_cc_checkcode']; tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false)); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; }
public function pre_confirmation_check() { global $messageStack; include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['checkoutapipayment_cc_number'], $_POST['checkoutapipayment_cc_expires_month'], $_POST['checkoutapipayment_cc_expires_year']); $error = ''; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($result == false || $result < 1) { $messageStack->add_session('checkout_payment', $error . '<!-- [' . $this->code . '] -->', 'error'); zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false)); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; }
function pre_confirmation_check() { include_once DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['pm_2checkout_cc_number'], $_POST['pm_2checkout_cc_expires_month'], $_POST['pm_2checkout_cc_expires_year']); $error = EMPTY_STRING; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($result == false || $result < 1) { $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; if (USE_AJAX) { ajax_error($error); } else { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&pm_2checkout_cc_owner_firstname=' . urlencode($_POST['pm_2checkout_cc_owner_firstname']) . '&pm_2checkout_cc_owner_lastname=' . urlencode($_POST['pm_2checkout_cc_owner_lastname']) . '&pm_2checkout_cc_expires_month=' . $_POST['pm_2checkout_cc_expires_month'] . '&pm_2checkout_cc_expires_year=' . $_POST['pm_2checkout_cc_expires_year']; olc_redirect(olc_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, SSL, true, false)); } } }
function verifyPayment(&$pPaymentParameters, &$pOrder) { global $_POST; include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['authorizenet_aim_cc_number'], $_POST['authorizenet_aim_cc_expires_month'], $_POST['authorizenet_aim_cc_expires_year'], $_POST['authorizenet_aim_cc_cvv']); $error = ''; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($result == false || $result < 1) { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&authorizenet_aim_cc_owner=' . urlencode($_POST['authorizenet_aim_cc_owner']) . '&authorizenet_aim_cc_expires_month=' . $_POST['authorizenet_aim_cc_expires_month'] . '&authorizenet_aim_cc_expires_year=' . $_POST['authorizenet_aim_cc_expires_year']; zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false)); } $this->cc_type = $cc_validation->cc_type; $this->cc_number = $cc_validation->cc_number; $this->cc_expires_month = $cc_validation->cc_expires_month; $this->cc_expires_year = $cc_validation->cc_expires_year; }
function pre_confirmation_check() { global $db, $messageStack; include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['linkpoint_api_cc_number'], $_POST['linkpoint_api_cc_expires_month'], $_POST['linkpoint_api_cc_expires_year']); $error = ''; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } // save record of errors which occur during checkout_payment validation phase but haven't been sent to gateway yet if ($result == false || $result < 1) { $payment_error_return = 'payment_error=' . $this->code; $error_info2 = '&error=' . urlencode($error) . '&linkpoint_api_cc_owner=' . urlencode($_POST['linkpoint_api_cc_owner']) . '&linkpoint_api_cc_expires_month=' . $_POST['linkpoint_api_cc_expires_month'] . '&linkpoint_api_cc_expires_year=' . $_POST['linkpoint_api_cc_expires_year']; $messageStack->add_session('checkout_payment', $error . '<!-- [' . $this->code . '] -->', 'error'); if (MODULE_PAYMENT_LINKPOINT_API_STORE_DATA == 'True') { $cc_type = $cc_validation->cc_type; $cc_number_clean = $cc_validation->cc_number; $cc_expiry_month = $_POST['linkpoint_api_cc_expires_month']; $cc_expiry_year = $_POST['linkpoint_api_cc_expires_year']; $error_returned = $payment_error_return . $error_info2; $cc_number = strlen($cc_number_clean) > 8 ? substr($cc_number_clean, 0, 4) . str_repeat('X', strlen($cc_number_clean) - 8) . substr($cc_number_clean, -4) : substr($cc_number_clean, 0, 3) . '**short**'; while (strstr($error_returned, '%3A')) { $error_returned = str_replace('%3A', ' ', $error_returned); } while (strstr($error_returned, '%2C')) { $error_returned = str_replace('%2C', ' ', $error_returned); } while (strstr($error_returned, '+')) { $error_returned = str_replace('+', ' ', $error_returned); } $error_returned = str_replace('&', ' &', $error_returned); $cust_info = $error_returned; $message = addslashes($message); $cust_info = addslashes($cust_info); $all_response_info = addslashes($all_response_info); // Store Transaction history in Database $sql_data_array = array(array('fieldName' => 'lp_trans_num', 'value' => '', 'type' => 'string'), array('fieldName' => 'order_id', 'value' => 0, 'type' => 'integer'), array('fieldName' => 'approval_code', 'value' => 'N/A', 'type' => 'string'), array('fieldName' => 'transaction_response_time', 'value' => 'N/A', 'type' => 'string'), array('fieldName' => 'r_error', 'value' => '**CC Info Failed Validation during pre-processing**', 'type' => 'string'), array('fieldName' => 'customer_id', 'value' => $_SESSION['customer_id'], 'type' => 'integer'), array('fieldName' => 'avs_response', 'value' => '', 'type' => 'string'), array('fieldName' => 'transaction_result', 'value' => '*CUSTOMER ERROR*', 'type' => 'string'), array('fieldName' => 'message', 'value' => $message . ' -- ' . $all_response_info, 'type' => 'string'), array('fieldName' => 'transaction_time', 'value' => time(), 'type' => 'string'), array('fieldName' => 'transaction_reference_number', 'value' => '', 'type' => 'string'), array('fieldName' => 'fraud_score', 'value' => 0, 'type' => 'integer'), array('fieldName' => 'cc_number', 'value' => $cc_number, 'type' => 'string'), array('fieldName' => 'cust_info', 'value' => $cust_info, 'type' => 'string'), array('fieldName' => 'chargetotal', 'value' => 0, 'type' => 'string'), array('fieldName' => 'cc_expire', 'value' => $cc_month . '/' . $cc_year, 'type' => 'string'), array('fieldName' => 'ordertype', 'value' => 'N/A', 'type' => 'string'), array('fieldName' => 'date_added', 'value' => 'now()', 'type' => 'noquotestring')); $db->perform(TABLE_LINKPOINT_API, $sql_data_array); } zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false)); } // if no error, continue with validated data: $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; }
function pre_confirmation_check() { global $_POST, $cvv; if ((MODULE_PAYMENT_PLUGNPAY_PAYMETHOD == 'onlinecheck') && ($_POST['plugnpay_paytype'] != 'credit_card')) { $this->plugnpay_paytype = $_POST['plugnpay_paytype']; $this->echeck_accttype = $_POST['plugnpay_echeck_accttype']; $this->echeck_accountnum = $_POST['plugnpay_echeck_accountnum']; $this->echeck_routingnum = $_POST['plugnpay_echeck_routingnum']; $this->echeck_checknum = $_POST['plugnpay_echeck_checknum']; } else { # Note: section assumes the payment method is credit card include(dirname(__FILE__).'/../classes/cc_validation.php'); $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['plugnpay_cc_number'], $_POST['plugnpay_cc_expires_month'], $_POST['plugnpay_cc_expires_year'], $_POST['cvv'], $_POST['credit_card_type']); $error = ''; echo $result; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case -5: $error = TEXT_CCVAL_ERROR_CARD_TYPE_MISMATCH; break; case -6; $error = TEXT_CCVAL_ERROR_CVV_LENGTH; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ( ($result == false) || ($result < 1) ) { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&authorizenet_cc_owner=' . urlencode($_POST['authorizenet_cc_owner']) . '&authorizenet_cc_expires_month=' . $_POST['authorizenet_cc_expires_month'] . '&authorizenet_cc_expires_year=' . $_POST['authorizenet_cc_expires_year']; $payment_error_return .= '&amount=' . $_POST['amount'].'&item_name=' . $_POST['item_name'].'&item_number=' . $_POST['item_number']; $payment_error_return .= '&item_id='.$_POST['item_id'].'&item_type='.$_POST['item_type']; tep_redirect(tep_href_link("checkout_payment.php", $payment_error_return, 'SSL', true, false)); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; $card_cvv = $_POST['cvv']; } }
function pre_confirmation_check() { global $aLang; include 'includes/classes/class_cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['ipayment_cc_number'], $_POST['ipayment_cc_expires_month'], $_POST['ipayment_cc_expires_year']); $error = ''; switch ($result) { case -1: $error = sprintf($aLang['text_ccval_error_unknown_card'], substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = $aLang['text_ccval_error_invalid_date']; break; case false: $error = $aLang['text_ccval_error_invalid_number']; break; } if ( ($result == false) || ($result < 1) ) { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&ipayment_cc_owner=' . urlencode($_POST['ipayment_cc_owner']) . '&ipayment_cc_expires_month=' . $_POST['ipayment_cc_expires_month'] . '&ipayment_cc_expires_year=' . $_POST['ipayment_cc_expires_year'] . '&ipayment_cc_checkcode=' . $_POST['ipayment_cc_checkcode']; $aPages = oos_get_pages(); MyOOS_CoreApi::redirect(oos_href_link($aPages['checkout_payment'], $payment_error_return, 'SSL', true, false)); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; }
function pre_confirmation_check() { global $_POST, $paypal_ec_token, $paypal_ec_payer_id, $paypal_ec_payer_info; //If this is an EC checkout, do nuttin' if ($this->is_paypal_process()) { return false; } else { include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['paypalwpp_cc_number'], $_POST['paypalwpp_cc_expires_month'], $_POST['paypalwpp_cc_expires_year']); $error = EMPTY_STRING; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } $_POST['paypalwpp_cc_checkcode'] = preg_replace('/[^0-9]/i', EMPTY_STRING, $_POST['paypalwpp_cc_checkcode']); if ($result == false || $result < 1) { $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_CARD_ERROR . '<br/><br/>' . $error, false, FILENAME_CHECKOUT_PAYMENT); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; $this->cc_checkcode = $_POST['paypalwpp_cc_checkcode']; } }
/** * Performs required validation to check and ensure that the * submitted form information appears correct before performming the * transaction through the confirmation screen. * * Uses the cc_validation.php class to check the CC Number, expiry date * and redirects an $error string containing the Friendly Error Message * to the Checkout Payment screen */ function pre_confirmation_check() { global $HTTP_POST_VARS; require_once DIR_WS_CLASSES . 'cc_validation.php'; $error = ''; // Perform validation through the cc_validation class $ccValidation = new cc_validation(); $result = $ccValidation->validate($HTTP_POST_VARS['exalt_cc_number'], $HTTP_POST_VARS['exalt_cc_expires_month'], $HTTP_POST_VARS['exalt_cc_expires_year']); // Validate the result switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($ccValidation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } // Redirect the user if the card data was deemed invalid if ($result === false || $result < 1) { // Build the return URL $paymentErrorReturn = 'payment_error=' . $this->code; $paymentErrorReturn .= '&error_message=' . urlencode($error); $paymentErrorReturn .= '&exalt_cc_owner=' . urlencode($HTTP_POST_VARS['exalt_cc_owner']); $paymentErrorReturn .= '&exalt_cc_expires_month=' . $HTTP_POST_VARS['exalt_cc_expires_month']; $paymentErrorReturn .= '&exalt_cc_expires_year=' . $HTTP_POST_VARS['exalt_cc_expires_year']; tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $paymentErrorReturn, 'SSL', true, false)); } // Treat the CC details to ensure they are ready to be sent to a payment gateway $this->cc_card_owner = $HTTP_POST_VARS['exalt_cc_owner']; $this->cc_card_type = $ccValidation->cc_type; $this->cc_card_number = $ccValidation->cc_number; $this->cc_expiry_month = $ccValidation->cc_expiry_month; $this->cc_expiry_year = $ccValidation->cc_expiry_year; $this->cc_cvv = $HTTP_POST_VARS['exalt_cc_cvv']; }
/** * Prepare and submit the final authorization to PayPal via the appropriate means as configured */ function before_process() { global $order, $doPayPal, $messageStack; $options = array(); $optionsShip = array(); $optionsNVP = array(); $options = $this->getLineItemDetails($this->selectCurrency($order->info['currency'])); //$this->zcLog('before_process - 1', 'Have line-item details:' . "\n" . print_r($options, true)); // Initializing DESC field: using for comments related to tax-included pricing, populated by getLineItemDetails() $options['DESC'] = ''; $doPayPal = $this->paypal_init(); /**************************************** * Do DP checkout ****************************************/ $this->zcLog('before_process - DP-1', 'Beginning DP mode'); // Set state fields depending on what PayPal wants to see for that country $this->setStateAndCountry($order->billing); if (zen_not_null($order->delivery['street_address'])) { $this->setStateAndCountry($order->delivery); } // Validate credit card data include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $response = $cc_validation->validate($_POST['wpp_cc_number'], $_POST['wpp_cc_expdate_month'], $_POST['wpp_cc_expdate_year'], $_POST['wpp_cc_issuedate_month'], $_POST['wpp_cc_issuedate_year']); $error = ''; switch ($response) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($response === false || $response < 1) { $this->zcLog('before_process - DP-2', 'CC validation results: ' . $error . '(' . $response . ')'); $messageStack->add_session('checkout_payment', $error . '<!-- [' . $this->code . '] -->' . '<!-- result: ' . $response . ' -->', 'error'); zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false)); } if (!in_array($cc_validation->cc_type, array('Visa', 'MasterCard', 'Switch', 'Solo', 'Discover', 'American Express', 'Maestro'))) { // $this->zcLog('before_process - DP-3', 'CC info: ' . $cc_validation->cc_type . ' ' . substr($cc_validation->cc_number, 0, 4) . str_repeat('X', (strlen($cc_validation->cc_number) - 8)) . substr($cc_validation->cc_number, -4) . ' ' . $error); $messageStack->add_session('checkout_payment', MODULE_PAYMENT_PAYPALDP_TEXT_BAD_CARD . '<!-- [' . $this->code . ' ' . $cc_validation->cc_type . '] -->', 'error'); zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false)); } // if CC validation passed, continue using the validated data $cc_type = $cc_validation->cc_type; $cc_number = $cc_validation->cc_number; $cc_first_name = $_POST['wpp_payer_firstname'] != '' ? $_POST['wpp_payer_firstname'] : $_SESSION['customer_first_name']; $cc_last_name = $_POST['wpp_payer_lastname'] != '' ? $_POST['wpp_payer_lastname'] : $_SESSION['customer_last_name']; $cc_checkcode = $_POST['wpp_cc_checkcode']; $cc_expdate_month = $cc_validation->cc_expiry_month; $cc_expdate_year = $cc_validation->cc_expiry_year; $cc_issuedate_month = $_POST['wpp_cc_issuedate_month']; $cc_issuedate_year = $_POST['wpp_cc_issuedate_year']; $cc_issuenumber = $_POST['wpp_cc_issuenumber']; $cc_owner_ip = current(explode(':', str_replace(',', ':', zen_get_ip_address()))); // If they're still here, set some of the order object's variables. $order->info['cc_type'] = $cc_type; $order->info['cc_number'] = substr($cc_number, 0, 4) . str_repeat('X', strlen($cc_number) - 8) . substr($cc_number, -4); $order->info['cc_owner'] = $cc_first_name . ' ' . $cc_last_name; $order->info['cc_expires'] = ''; //$cc_expdate_month . substr($cc_expdate_year, -2); $order->info['ip_address'] = $cc_owner_ip; // Set currency $my_currency = $this->selectCurrency($order->info['currency'], 'DP'); // if CC is switch or solo, must be GBP if (in_array($cc_type, array('Switch', 'Solo', 'Maestro'))) { $my_currency = 'GBP'; } // $order->info['total'] = zen_round($order->info['total'], 2); $order_amount = $this->calc_order_amount($order->info['total'], $my_currency); $display_order_amount = $this->calc_order_amount($order->info['total'], $my_currency, TRUE); // 3D-Secure if (MODULE_PAYMENT_PAYPALDP_MERCHANT_COUNTRY == 'UK') { // determine the card type and validate that authentication was attempted and completed if applicable if ($_SESSION['3Dsecure_requires_lookup'] || $this->requiresLookup($_POST['wpp_cc_number']) == true) { // authentication attempt required? // validate an acceptable lookup result if (isset($_SESSION['3Dsecure_enroll_lookup_attempted']) == false || strcasecmp($_SESSION['3Dsecure_enroll_lookup_attempted'], 'Y') != 0) { // lookup never attempted for required card, so need to redirect to payment-selection page $reason = 'Customer arrived on the order process page without attempting authentication lookup.'; $error = MODULE_PAYMENT_PAYPALDP_CANNOT_BE_COMPLETED; $messageStack->add_session('checkout_payment', $error . '<!-- [' . $this->code . '] -->' . '<!-- result: ' . $reason . ' -->', 'error'); $errorText = $reason . "\n\nProblem occurred while customer " . $_SESSION['customer_id'] . ' ' . $_SESSION['customer_first_name'] . ' ' . $_SESSION['customer_last_name'] . ' was attempting checkout with 3D-Secure authentication.'; $errorText .= $this->code; zen_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, MODULE_PAYMENT_PAYPALDP_TEXT_EMAIL_ERROR_SUBJECT, $errorText, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => nl2br($errorText)), 'paymentalert'); zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false)); } // if enrolled, validate an acceptable authentication result if (strcasecmp('Y', $_SESSION['3Dsecure_enrolled']) == 0) { if (isset($_SESSION['3Dsecure_authentication_attempted']) == false || strcasecmp($_SESSION['3Dsecure_authentication_attempted'], 'Y') != 0) { $reason = 'Customer arrived on the order process page without completing required authentication.'; $error = MODULE_PAYMENT_PAYPALDP_CANNOT_BE_COMPLETED; $messageStack->add_session('checkout_payment', $error . '<!-- [' . $this->code . '] -->' . '<!-- result: ' . $reason . ' -->', 'error'); $errorText = $reason . "\n\nProblem occurred while customer " . $_SESSION['customer_id'] . ' ' . $_SESSION['customer_first_name'] . ' ' . $_SESSION['customer_last_name'] . ' was attempting checkout with 3D-Secure authentication.'; $errorText .= $this->code; zen_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, MODULE_PAYMENT_PAYPALDP_TEXT_EMAIL_ERROR_SUBJECT, $errorText, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => nl2br($errorText)), 'paymentalert'); // remove the lookup/auth attempted status unset($_SESSION['3Dsecure_enroll_lookup_attempted']); unset($_SESSION['3Dsecure_authentication_attempted']); // authentication result was not acceptable, redirect zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL', true, false)); } } } if ($cc_type != 'Solo') { // PayPal doesn't support 3d-secure on Solo cards if (isset($_SESSION['3Dsecure_enrolled'])) { $options['MPIVENDOR3DS'] = $_SESSION['3Dsecure_enrolled']; } if ($_SESSION['3Dsecure_auth_eci'] != '') { $options['ECI'] = $_SESSION['3Dsecure_auth_eci']; } if (isset($_SESSION['3Dsecure_auth_xid']) and strlen($_SESSION['3Dsecure_auth_xid']) > 0) { $options['XID'] = $_SESSION['3Dsecure_auth_xid']; $options['CAVV'] = $_SESSION['3Dsecure_auth_cavv']; $options['AUTHSTATUS3DS'] = $_SESSION['3Dsecure_auth_status']; } } } /////////////////////////// // Initialize the paypal caller object. $doPayPal = $this->paypal_init(); $optionsAll = array_merge($options, array('STREET' => $order->billing['street_address'], 'ZIP' => $order->billing['postcode'], 'CITY' => $order->billing['city'], 'STATE' => $order->billing['state'], 'STREET2' => $order->billing['suburb'], 'COUNTRYCODE' => $order->billing['country']['iso_code_2'], 'EXPDATE' => $cc_expdate_month . $cc_expdate_year, 'EMAIL' => $order->customer['email_address'], 'PHONENUM' => $order->customer['telephone'])); $optionsShip = array(); if (isset($order->delivery) && $order->delivery['street_address'] != '') { $optionsShip = array('SHIPTONAME' => $order->delivery['name'] == '' ? $order->delivery['firstname'] . ' ' . $order->delivery['lastname'] : $order->delivery['name'], 'SHIPTOSTREET' => $order->delivery['street_address'], 'SHIPTOSTREET2' => $order->delivery['suburb'], 'SHIPTOCITY' => $order->delivery['city'], 'SHIPTOZIP' => $order->delivery['postcode'], 'SHIPTOSTATE' => $order->delivery['state'], 'SHIPTOCOUNTRYCODE' => $order->delivery['country']['iso_code_2']); } // if these optional parameters are blank, remove them from transaction if (isset($optionsShip['SHIPTOSTREET2']) && trim($optionsShip['SHIPTOSTREET2']) == '') { unset($optionsShip['SHIPTOSTREET2']); } if ($optionsAll['STREET2'] == '') { unset($optionsAll['STREET2']); } if (isset($optionsShip['SHIPTOPHONE']) && trim($optionsShip['SHIPTOPHONE']) == '') { unset($optionsShip['SHIPTOPHONE']); } // if State is not supplied, repeat the city so that it's not blank, otherwise PayPal croaks if ((!isset($optionsShip['SHIPTOSTATE']) || trim($optionsShip['SHIPTOSTATE']) == '') && isset($optionsShip['SHIPTOCITY'])) { $optionsShip['SHIPTOSTATE'] = $optionsShip['SHIPTOCITY']; } // Payment Transaction/Authorization Mode $optionsNVP['PAYMENTACTION'] = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Sale'; if (MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only') { $this->order_status = $this->order_pending_status; } // if (in_array($cc_type, array('Switch', 'Solo'))) { // $optionsNVP['PAYMENTACTION'] = 'Authorization'; // } $optionsAll['BUTTONSOURCE'] = $this->buttonSource; $optionsAll['CURRENCY'] = $my_currency; if (strlen($cc_owner_ip) > 7) { $optionsAll['IPADDRESS'] = $cc_owner_ip; } if ($cc_issuedate_month && $cc_issuedate_year) { $optionsAll['CARDSTART'] = $cc_issuedate_month . substr($cc_issuedate_year, -2); } if (isset($_POST['wpp_cc_issuenumber'])) { $optionsAll['CARDISSUE'] = $_POST['wpp_cc_issuenumber']; } // Add note to track that this was an API WPP transaction: $optionsAll['CUSTOM'] = 'DP-' . (int) $_SESSION['customer_id'] . '-' . time(); // send the store name as transaction identifier, to help distinguish payments between multiple stores: $optionsAll['INVNUM'] = (int) $_SESSION['customer_id'] . '-' . time() . '-[' . substr(preg_replace('/[^a-zA-Z0-9_]/', '', STORE_NAME), 0, 30) . ']'; // (cannot send actual invoice number because it's not assigned until after payment is completed) if (MODULE_PAYMENT_PAYPALDP_MERCHANT_COUNTRY == 'UK' || MODULE_PAYMENT_PAYPALWPP_PFVENDOR != '' && MODULE_PAYMENT_PAYPALWPP_PFPASSWORD != '') { // Payflow params required if (isset($optionsAll['COUNTRYCODE'])) { $optionsAll['COUNTRY'] = $optionsAll['COUNTRYCODE']; unset($optionsAll['COUNTRYCODE']); } if (isset($optionsShip['SHIPTOCOUNTRYCODE'])) { $optionsShip['SHIPTOCOUNTRY'] = $optionsShip['SHIPTOCOUNTRYCODE']; unset($optionsShip['SHIPTOCOUNTRYCODE']); } if (isset($optionsShip['SHIPTOSTREET2'])) { unset($optionsShip['SHIPTOSTREET2']); } if (isset($optionsAll['STREET2'])) { unset($optionsAll['STREET2']); } } if (isset($optionsAll['DESC']) && $optionsAll['DESC'] == '') { unset($optionsAll['DESC']); } $this->zcLog('before_process - DP-4', 'options: ' . print_r(array_merge($optionsAll, $optionsNVP, $optionsShip), true) . "\n" . 'Rest of data: ' . "\n" . number_format($order_amount, 2) . ' ' . $cc_expdate_month . ' ' . substr($cc_expdate_year, -2) . ' ' . $cc_first_name . ' ' . $cc_last_name . ' ' . $cc_type); if (!isset($optionsAll['AMT'])) { $optionsAll['AMT'] = number_format($order_amount, 2, '.', ''); } $response = $doPayPal->DoDirectPayment($cc_number, $cc_checkcode, $cc_expdate_month . substr($cc_expdate_year, -2), $cc_first_name, $cc_last_name, $cc_type, $optionsAll, array_merge($optionsNVP, $optionsShip)); $this->zcLog('before_process - DP-5', 'resultset:' . "\n" . urldecode(print_r($response, true))); // CHECK RESPONSE $error = $this->_errorHandler($response, 'DoDirectPayment'); if ($this->fmfResponse != '') { $this->order_status = $this->order_pending_status; } $this->feeamt = ''; $this->taxamt = ''; $this->pendingreason = ''; $this->reasoncode = ''; $this->numitems = sizeof($order->products); $this->responsedata = $response; if ($response['PNREF']) { // PNREF only comes from payflow mode $this->payment_type = MODULE_PAYMENT_PAYPALDP_PF_TEXT_TYPE; $this->transaction_id = $response['PNREF']; $this->payment_status = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Completed'; $this->avs = 'AVSADDR: ' . $response['AVSADDR'] . ', AVSZIP: ' . $response['AVSZIP'] . ', IAVS: ' . $response['IAVS']; $this->cvv2 = $response['CVV2MATCH']; $this->amt = $display_order_amount . ' ' . $my_currency; $this->payment_time = date('Y-m-d h:i:s'); $this->responsedata['CURRENCYCODE'] = $my_currency; $this->responsedata['EXCHANGERATE'] = $order->info['currency_value']; $this->auth_code = $this->response['AUTHCODE']; } else { // here we're in NVP mode $this->transaction_id = $response['TRANSACTIONID']; $this->payment_type = MODULE_PAYMENT_PAYPALDP_DP_TEXT_TYPE; $this->payment_status = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Completed'; $this->pendingreason = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'authorization' : ''; $this->avs = $response['AVSCODE']; $this->cvv2 = $response['CVV2MATCH']; $this->correlationid = $response['CORRELATIONID']; $this->payment_time = urldecode($response['TIMESTAMP']); $this->amt = urldecode($response['AMT'] . ' ' . $response['CURRENCYCODE']); $this->auth_code = isset($this->response['AUTHCODE']) ? $this->response['AUTHCODE'] : $this->response['TOKEN']; $this->transactiontype = 'cart'; } }
function pre_confirmation_check() { global $aLang; if (MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local') { include 'includes/classes/class_cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['psigate_cc_number'], $_POST['psigate_cc_expires_month'], $_POST['psigate_cc_expires_year']); $error = ''; switch ($result) { case -1: $error = sprintf($aLang['text_ccval_error_unknown_card'], substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = $aLang['text_ccval_error_invalid_date']; break; case false: $error = $aLang['text_ccval_error_invalid_number']; break; } if ($result == false || $result < 1) { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&psigate_cc_owner=' . urlencode($_POST['psigate_cc_owner']) . '&psigate_cc_expires_month=' . $_POST['psigate_cc_expires_month'] . '&psigate_cc_expires_year=' . $_POST['psigate_cc_expires_year']; $aFilename = oos_get_filename(); $aModules = oos_get_modules(); MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], $payment_error_return, 'SSL', true, false)); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; } else { return false; } }
function pre_confirmation_check() { global $HTTP_POST_VARS, $paypal_ec_token, $paypal_ec_payer_id, $paypal_ec_payer_info; //If this is an EC checkout, do nuttin' if (tep_session_is_registered('paypal_ec_token') && tep_session_is_registered('paypal_ec_payer_id') && tep_session_is_registered('paypal_ec_payer_info')) { return false; } else { include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $ed = $this->get_exp_date($HTTP_POST_VARS['wpp_cc_expdate']); $result = $cc_validation->validate($HTTP_POST_VARS['wpp_cc_number'], (int) $ed[0], strlen($ed[1]) > 2 ? substr($ed[1], -2) : $ed[1]); $error = ''; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } $HTTP_POST_VARS['wpp_cc_checkcode'] = preg_replace('/[^0-9]/i', '', $HTTP_POST_VARS['wpp_cc_checkcode']); if ($result == false || $result < 1) { $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_CARD_ERROR . '<br><br>' . $error, false, FILENAME_CHECKOUT_SHIPPING); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; $this->cc_checkcode = $HTTP_POST_VARS['wpp_cc_checkcode']; } }
function pre_confirmation_check() { global $_POST; include '../lib/epayment/classes/cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['authorizenet_cc_number'], $_POST['authorizenet_cc_expires_month'], $_POST['authorizenet_cc_expires_year']); $error = ''; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($result == false || $result < 1) { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&authorizenet_cc_owner=' . urlencode($_POST['authorizenet_cc_owner']) . '&authorizenet_cc_expires_month=' . $_POST['authorizenet_cc_expires_month'] . '&authorizenet_cc_expires_year=' . $_POST['authorizenet_cc_expires_year']; tep_redirect(tep_href_link("checkout_payment.php", $payment_error_return, 'SSL', true, false)); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; }
function pre_confirmation_check() { include_once DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['cc_number'], $_POST['cc_expires_month'], $_POST['cc_expires_year']); $error = EMPTY_STRING; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case -5: $error = sprintf(TEXT_CCVAL_ERROR_NOT_ACCEPTED, substr($cc_validation->cc_type, 0, 10), substr($cc_validation->cc_type, 0, 10)); break; case -6: $error = TEXT_CCVAL_ERROR_SHORT; break; case -7: $error = TEXT_CCVAL_ERROR_BLACKLIST; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($result == false || $result < 1) { if (USE_AJAX) { ajax_error($error); } else { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&cc_owner=' . urlencode($_POST['cc_owner']) . '&cc_expires_month=' . $_POST['cc_expires_month'] . '&cc_expires_year=' . $_POST['cc_expires_year']; olc_redirect(olc_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, SSL, true, false)); } } if (strtolower(USE_CC_CVV) != TRUE_STRING_S) { $this->cc_cvv = '000'; } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; }
function before_process() { global $order; $cc_number = preg_replace('/[^0-9]/', '', $_POST['paypal_payflow_pro_number']); $cc_expires_month = preg_replace('/[^0-9]/', '', $_POST['paypal_payflow_pro_expires_month']); $cc_expires_year = preg_replace('/[^0-9]/', '', $_POST['paypal_payflow_pro_expires_year']); $cc_cvv2 = preg_replace('/[^0-9]/', '', $_POST['paypal_payflow_pro_cvv2']); include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($cc_number, $cc_expires_month, $cc_expires_year); $error = ''; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($result == false || $result < 1) { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode(stripslashes($error)); tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false)); } $this->cc_type = $cc_validation->cc_type; $this->cc_number = $cc_validation->cc_number; $this->cc_expires_month = $cc_expires_month; $this->cc_expires_year = $cc_expires_year; $this->cc_cvv2 = $cc_cvv2; $billing_state = ''; $delivery_state = ''; if ($order->billing['zone_id'] > 0) { $zone_query = tep_db_query("SELECT zone_code \n FROM " . TABLE_ZONES . " \n WHERE zone_id = " . (int) $order->billing['zone_id'] . " \n LIMIT 1"); $zone = tep_db_fetch_array($zone_query); $billing_state = $zone['zone_code']; } elseif (!is_null($order->billing['state'])) { $zone_query = tep_db_query("SELECT zone_code \n FROM " . TABLE_ZONES . " \n WHERE zone_name = '" . $order->billing['state'] . "' \n AND zone_country_id = " . (int) $order->billing['country']['id'] . " \n LIMIT 1"); if (tep_db_num_rows($zone_query) > 0) { $zone = tep_db_fetch_array($zone_query); $billing_state = $zone['zone_code']; } } if ($order->delivery['zone_id'] > 0) { $zone_query = tep_db_query("SELECT zone_code \n FROM " . TABLE_ZONES . " \n WHERE zone_id = " . (int) $order->delivery['zone_id'] . " \n LIMIT 1"); $zone = tep_db_fetch_array($zone_query); $delivery_state = $zone['zone_code']; } elseif (!is_null($order->delivery['state'])) { $zone_query = tep_db_query("SELECT zone_code \n FROM " . TABLE_ZONES . " \n WHERE zone_name = '" . $order->delivery['state'] . "' \n AND zone_country_id = " . (int) $order->delivery['country']['id'] . " \n LIMIT 1"); if (tep_db_num_rows($zone_query) > 0) { $zone = tep_db_fetch_array($zone_query); $delivery_state = $zone['zone_code']; } } $paypal_query_array = array('USER' => MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_USER, 'VENDOR' => MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_VENDOR, 'PARTNER' => MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_PARTNER, 'PWD' => MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_PASSWORD, 'TENDER' => 'C', 'TRXTYPE' => 'S', 'ACCT' => $this->cc_number, 'CVV2' => $this->cc_cvv2, 'EXPDATE' => $this->cc_expires_month . $this->cc_expires_year, 'FREIGHTAMT' => round($order->info['shipping_cost'], 2), 'TAXAMT' => round($order->info['tax'], 2), 'AMT' => round($order->info['total'], 2), 'CURRENCY' => $_SESSION['currency'], 'FIRSTNAME' => $order->billing['firstname'], 'LASTNAME' => $order->billing['lastname'], 'STREET' => $order->billing['street_address'], 'CITY' => $order->billing['city'], 'STATE' => $billing_state, 'ZIP' => $order->billing['postcode'], 'COUNTRY' => $order->billing['country']['iso_code_3'], 'SHIPTOFIRSTNAME' => $order->delivery['firstname'], 'SHIPTOLASTNAME' => $order->delivery['lastname'], 'SHIPTOSTREET' => $order->delivery['street_address'], 'SHIPTOCITY' => $order->delivery['city'], 'SHIPTOSTATE' => $delivery_state, 'SHIPTOZIP' => $order->delivery['postcode'], 'COUNTRY' => $order->delivery['country']['iso_code_3'], 'EMAIL' => $order->customer['email_address'], 'CUSTIP' => $_SERVER['REMOTE_ADDR'], 'COMMENT1' => '', 'INVNUM' => '', 'ORDERDESC' => '', 'VERBOSITY' => 'MEDIUM'); foreach ($paypal_query_array as $key => $value) { $paypal_query[] = $key . '[' . strlen($value) . ']=' . $value; } $paypal_query = implode('&', $paypal_query); $user_agent = $_SERVER['HTTP_USER_AGENT']; $headers[] = "Content-Type: text/namevalue"; $headers[] = "Content-Length : " . strlen($paypal_query); $headers[] = "X-VPS-Timeout: 45"; $headers[] = "X-VPS-Request-ID:" . $unique_id; if (MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_SERVER == 'Live') { $submit_url = "https://payflowpro.paypal.com"; } else { $submit_url = "https://pilot-payflowpro.paypal.com"; } $ch = curl_init(); if (trim(MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_PROXY) != '') { curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); curl_setopt($ch, CURLOPT_PROXY, MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_PROXY); } curl_setopt($ch, CURLOPT_URL, $submit_url); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 90); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_POSTFIELDS, $paypal_query); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_FORBID_REUSE, TRUE); curl_setopt($ch, CURLOPT_POST, 1); $i = 1; while ($i++ <= 3) { $result = curl_exec($ch); $headers = curl_getinfo($ch); if ($headers['http_code'] != 200) { sleep(5); } else { if ($headers['http_code'] == 200) { break; } } } if ($headers['http_code'] != 200) { curl_close($ch); $payment_error_return = 'error_message=' . $this->code . '&error=' . urlencode(stripslashes(MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_TEXT_ERROR_BAD_RESPONSE)); tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false)); exit; } curl_close($ch); $result = strstr($result, "RESULT"); $proArray = array(); while (strlen($result)) { $keypos = strpos($result, '='); $keyval = substr($result, 0, $keypos); $valuepos = strpos($result, '&') ? strpos($result, '&') : strlen($result); $valval = substr($result, $keypos + 1, $valuepos - $keypos - 1); $proArray[$keyval] = $valval; $result = substr($result, $valuepos + 1, strlen($result)); } $result_code = $proArray['RESULT']; $error_message = ''; if ($result_code != 0 && defined('MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_TEXT_ERROR_' . $result_code)) { $error_message = constant('MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_TEXT_ERROR_' . $result_code); if (isset($proArray['AVSADDR']) && $proArray['AVSADDR'] != "Y") { $error_message .= " " . MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_TEXT_ERROR_AVSADDR; } if (isset($proArray['AVSZIP']) && $proArray['AVSZIP'] != "Y") { $error_message .= " " . MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_TEXT_ERROR_AVSZIP; } if (isset($proArray['CVV2MATCH']) && $proArray['CVV2MATCH'] != "Y") { $error_message .= " " . MODULE_PAYMENT_PAYPAL_PAYFLOW_PRO_TEXT_ERROR_CVV2MATCH; } $payment_error_return = 'payment_error=' . $this->code . '&error=' . urldecode($error_message); tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false)); exit; } $order->info['cc_type'] = $this->cc_type; $order->info['cc_owner'] = $order->billing['firstname'] . ' ' . $order->billing['lastname']; $order->info['cc_number'] = $this->cc_number; $order->info['cc_expires'] = $this->cc_expires_month . substr($this->cc_expires_year, 2, 2); }
function pre_confirmation_check() { global $_REQUEST; // We don't confirm if CreLoaded is not collecting the CC# if (!$this->quantum_gets_cc) { $error = ''; if (trim($_REQUEST['quantumqgwdbe_cc_number']) == '') { $error = MODULE_PAYMENT_QUANTUMQGWDBE_TEXT_MISSING_CC_NUMBER; } else { include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_REQUEST['quantumqgwdbe_cc_number'], $_REQUEST['quantumqgwdbe_cc_expires_month'], $_REQUEST['quantumqgwdbe_cc_expires_year']); switch ((int) $result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } } if ($error != '') { // For compatability with security modules that scrub most punctuation characters from the // query string, use a $_SESSION var instead of a query string parameter to pass the error // message to the next page. $payment_error_return = 'payment_error=' . $this->code . '&quantumqgwdbe_cc_owner=' . urlencode($_REQUEST['quantumqgwdbe_cc_owner']) . '&quantumqgwdbe_cc_expires_month=' . urlencode($_REQUEST['quantumqgwdbe_cc_expires_month']) . '&quantumqgwdbe_cc_expires_year=' . urlencode($_REQUEST['quantumqgwdbe_cc_expires_year']); tep_session_register($this->code . '_payment_error'); $GLOBALS[$this->code . '_payment_error'] = $error; tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false)); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; $x_Card_Code = $_REQUEST['quantumqgwdbe_cvv']; } }
function pre_confirmation_check() { global $aLang; include 'includes/classes/class_cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['cc_number'], $_POST['cc_expires_month'], $_POST['cc_expires_year'], $_POST['cc_start_month'], $_POST['cc_start_year'], $_POST['cc_cvv'], $_POST['cc_issue']); $error = ''; switch ($result) { case -1 : $error = sprintf($aLang['text_ccval_error_unknown_card'], substr($cc_validation->cc_number, 0, 4)); break ; case -2 : case -3 : case -4 : $error = $aLang['text_ccval_error_invalid_date']; break; case -5 : $cards = ''; if (MODULE_PAYMENT_CC_ACCEPT_VISA == '1') $cards .= ' Visa,'; if (MODULE_PAYMENT_CC_ACCEPT_MASTERCARD == '1') $cards .= ' Master Card,'; if (MODULE_PAYMENT_CC_ACCEPT_AMERICANEXPRESS == '1') $cards .= ' American Express,'; if (MODULE_PAYMENT_CC_ACCEPT_DINERSCLUB == '1') $cards .= ' Diners Club,'; if (MODULE_PAYMENT_CC_ACCEPT_DISCOVERNOVUS == '1') $cards .= ' Discover,'; if (MODULE_PAYMENT_CC_ACCEPT_JCB == '1') $cards .= ' JCB,'; if (MODULE_PAYMENT_CC_ACCEPT_OZBANKCARD == '1') $cards .= ' Australian BankCard,'; $error = sprintf($aLang['text_card_not_aczepted'], $cc_validation->cc_type).$cards; break; case false: $error = $aLang['text_ccval_error_invalid_number']; break; } if ( ($result == false) || ($result < 1) ) { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&cc_owner=' . urlencode($_POST['cc_owner']) . '&cc_expires_month=' . $_POST['cc_expires_month'] . '&cc_expires_year=' . $_POST['cc_expires_year']; $aPages = oos_get_pages(); MyOOS_CoreApi::redirect(oos_href_link($aPages['checkout_payment'], $payment_error_return, 'SSL', true, false)); } if (USE_CC_CVV != '1') { $this->cc_cvv = '000'; } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; }
function before_process() { global $order, $order_totals, $currencies; require_once DIR_FS_CATALOG . DIR_WS_CLASSES . 'cc_validation.php'; //////////////////////////////////////////////////////////////////////////// /////// Process Common Order Information ///////// //////////////////////////////////////////////////////////////////////////// $this->trans_type = 'CHARGE'; if (count($order_totals) < 1) { $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_BUG_1629); } //Get order_total values $order_total = array(); foreach ($order_totals as $ot) { $order_total[$ot['code']] += $ot['value']; } $order_info = array(); //If the merchant has a different currency selected for this module //than they do as a default for the store, all prices will be converted $currency_value = $currencies->get_value($this->wpp_get_currency()); if ($currency_value <= 0) { $currency_value = 1; } $order_info['PAYPAL_ORDER_TOTAL'] = number_format($order_total['ot_total'] * $currency_value, 2, '.', ''); $this->total_amount = $order_info['PAYPAL_ORDER_TOTAL']; $order_info['PAYPAL_ORDER_DESCRIPTION'] = 'Order placed on ' . date("F j, Y, g:i a") . ' by ' . $order->customer['firstname'] . ' ' . $order->customer['lastname'] . ' (ID: ' . $_SESSION['customer_id'] . ')'; $order_info['PAYPAL_CUSTOM'] = 'Phone: ' . $order->customer['telephone'] . ' -- Email: ' . $order->customer['email_address']; //The shipping total must be under $10,000. I've removed the check that would //set the shipping total at $10,000 if it was over, but that didn't make any sense //as the totals would be off, causing other errors. Just don't ship anything that'll cost more than $10k $order_info['PAYPAL_SHIPPING_TOTAL'] = round($order_total['ot_shipping'] * $currency_value, 2); $order_info['PAYPAL_HANDLING_TOTAL'] = ''; if (DISPLAY_PRICE_WITH_TAX == 'true') { $order_info['PAYPAL_TAX_TOTAL'] = ''; } else { $order_info['PAYPAL_TAX_TOTAL'] = round($order_total['ot_tax'] * $currency_value, 2); } $order_total_check = $order_info['PAYPAL_ORDER_TOTAL'] - $order_info['PAYPAL_SHIPPING_TOTAL'] - $order_info['PAYPAL_HANDLING_TOTAL']; if (!(DISPLAY_PRICE_WITH_TAX == 'true')) { $order_total_check -= $order_info['PAYPAL_TAX_TOTAL']; } $pdi = $this->wpp_generate_PDI($order_total_check); $order_info['PAYPAL_ITEM_TOTAL'] = $pdi[0]; $order_info['PAYMENT_DETAILS_ITEM'] = $pdi[1]; /* * Kludge to avoid error if person is purchasing a product with no price * but still getting charged shipping. */ if ($order_info['PAYPAL_ITEM_TOTAL'] <= 0 && $order_total['ot_shipping'] > 0) { $order_info['PAYMENT_DETAILS_ITEM'] .= $this->wpp_add_PDI(array('name' => 'Shipping', 'currency' => $this->wpp_get_currency(), 'amount' => $order_info['PAYPAL_SHIPPING_TOTAL'], 'model' => '', 'qty' => '1')); $order_info['PAYPAL_ITEM_TOTAL'] += $order_info['PAYPAL_SHIPPING_TOTAL']; $order_info['PAYPAL_SHIPPING_TOTAL'] = 0; } if (strpos($order->content_type, 'virtual') === false) { $order_info['PAYPAL_SHIPPING_NAME'] = trim($order->delivery['firstname'] . ' ' . $order->delivery['lastname']); $order_info['PAYPAL_SHIPPING_ADDRESS1'] = $order->delivery['street_address']; $order_info['PAYPAL_SHIPPING_ADDRESS2'] = $order->delivery['suburb']; $order_info['PAYPAL_SHIPPING_CITY'] = $order->delivery['city']; $order_info['PAYPAL_SHIPPING_STATE'] = $this->wpp_fix_state_for_paypal($order->delivery['country']['iso_code_2'], $order->delivery['state']); $order_info['PAYPAL_SHIPPING_ZIP'] = $order->delivery['postcode']; $order_info['PAYPAL_SHIPPING_COUNTRY'] = $order->delivery['country']['iso_code_2']; } else { $order_info['PAYPAL_SHIPPING_NAME'] = trim($order->billing['firstname'] . ' ' . $order->billing['lastname']); $order_info['PAYPAL_SHIPPING_ADDRESS1'] = $order->billing['street_address']; $order_info['PAYPAL_SHIPPING_ADDRESS2'] = $order->billing['suburb']; $order_info['PAYPAL_SHIPPING_CITY'] = $order->billing['city']; $order_info['PAYPAL_SHIPPING_STATE'] = $this->wpp_fix_state_for_paypal($order->billing['country']['iso_code_2'], $order->billing['state']); $order_info['PAYPAL_SHIPPING_ZIP'] = $order->billing['postcode']; $order_info['PAYPAL_SHIPPING_COUNTRY'] = $order->billing['country']['iso_code_2']; } $order_info['PAYPAL_NOTIFY_URL'] = ''; //MODULE_PAYMENT_PAYPAL_EC_IPN_URL; $order_info['PAYPAL_INVOICE_ID'] = ''; //////////////////////////////////////////////////////////////////////////// /////// Express Checkout Processing Portion ///////// //////////////////////////////////////////////////////////////////////////// if (tep_session_is_registered('paypal_ec_token') && tep_session_is_registered('paypal_ec_payer_id') && tep_session_is_registered('paypal_ec_payer_info')) { /* * The reason for this kludge is because of a conflict where the store owner * wants to use the address from the store, but a customer is checking out without logging in. * We don't know ahead of time if the user is an existing user or new user, so the address_override * variable doesn't get set because if they're a new customer, we need that address. * The only effect of this is that the address in the paypal receipt email is different than the order * email. */ if (MODULE_PAYMENT_PAYPAL_EC_ADDRESS_OVERRIDE == 'Store' && $order->shipping['street_address'] != $_SESSION['paypal_ec_payer_info']['ship_street_1']) { $order_info['PAYPAL_SHIPPING_ADDRESS1'] = $_SESSION['paypal_ec_payer_info']['ship_street_1']; $order_info['PAYPAL_SHIPPING_ADDRESS2'] = $_SESSION['paypal_ec_payer_info']['ship_street_2']; $order_info['PAYPAL_SHIPPING_CITY'] = $_SESSION['paypal_ec_payer_info']['ship_city']; $order_info['PAYPAL_SHIPPING_STATE'] = $_SESSION['paypal_ec_payer_info']['ship_state']; $order_info['PAYPAL_SHIPPING_ZIP'] = $_SESSION['paypal_ec_payer_info']['ship_postal_code']; $order_info['PAYPAL_SHIPPING_COUNTRY'] = $_SESSION['paypal_ec_payer_info']['ship_country']; } $order_info['PAYPAL_TOKEN'] = $_SESSION['paypal_ec_token']; $order_info['PAYPAL_PAYER_ID'] = $_SESSION['paypal_ec_payer_id']; $response = $this->wpp_execute_transaction('doExpressCheckout', $order_info); //Response processing if (!is_array($response) || $response['DoExpressCheckoutPaymentResponse'][0]['Ack'] != 'Success' && $response['DoExpressCheckoutPaymentResponse'][0]['Ack'] != 'SuccessWithWarning') { if ($this->enableDebugging == '1') { //Send the store owner a complete dump of the transaction $spacer = "---------------------------------------------------------------------\r\n"; $dp_dump_title = "-------------------------------EC_DUMP-------------------------------\r\n"; $dp_dump_title .= "------------This is the information that was sent to PayPal----------\r\n"; $final_req_title = "-------------------------------FINAL_REQ-----------------------------\r\n"; $final_req_title .= "-------------------This is the response from PayPal------------------\r\n"; $final_req_dump = print_r($response, true); tep_mail(STORE_OWNER, $this->debug_email, 'PayPal Error Dump', "In function: before_process() - Express Checkout\r\n" . "Did first contact attempt return error? " . ($error_occurred ? "Yes" : "Nope") . " \r\n" . $spacer . $dp_dump_title . $spacer . $this->last_data . "\r\n\r\n", $spacer . $final_req_title . $spacer . $final_req_dump . "\r\n\r\n", STORE_OWNER, $this->debug_email); } if ($response['DoExpressCheckoutPaymentResponse'][0]['Errors'][0]['ErrorCode'] == '') { $this->away_with_you(MODULE_PAYMENT_PAYPAL_EC_TEXT_DECLINED . 'No response from PayPal<br>No response was received from PayPal. Please contact the store owner for assistance.', true); } else { //Bug Fix #871 changed to not kill session vars on errors. $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_ERROR . $this->return_transaction_errors($response['DoExpressCheckoutPaymentResponse'][0]['Errors']), ONEPAGE_CHECKOUT_ENABLED != 'True'); } } else { $details = $response['DoExpressCheckoutPaymentResponse'][0]['DoExpressCheckoutPaymentResponseDetails'][0]['PaymentInfo'][0]; $this->transaction_log['payment_type'] = $details['PaymentType']; $this->transaction_log['transaction_id'] = $details['TransactionID']; $this->transaction_log['payment_status'] = $details['PaymentStatus']; $this->transaction_log['avs'] = ''; $this->transaction_log['cvv2'] = ''; if ($details['PaymentStatus'] == 'Pending') { $this->transaction_log['transaction_msgs'] = $details['PendingReason']; $order->info['order_status'] = 1; } if (strtoupper($this->transaction_log['payment_status']) == 'PENDING') { if (MODULE_PAYMENT_PAYPAL_DP_PENDING_ORDER_STATUS_ID > 0) { $order->info['order_status'] = MODULE_PAYMENT_PAYPAL_DP_PENDING_ORDER_STATUS_ID; } } elseif (strtoupper($this->transaction_log['payment_status']) == 'COMPLETED') { if (MODULE_PAYMENT_PAYPAL_DP_COMPLETED_ORDER_STATUS_ID > 0) { $order->info['order_status'] = MODULE_PAYMENT_PAYPAL_DP_COMPLETED_ORDER_STATUS_ID; } } } //////////////////////////////////////////////////////////////////////////// /////// Direct Payment Processing Portion ///////// //////////////////////////////////////////////////////////////////////////// } else { $cc_type = $_POST['paypalwpp_cc_type']; $cc_number = preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_number']); $cc_checkcode = preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_checkcode']); $cc_first_name = $_POST['paypalwpp_cc_firstname']; $cc_last_name = $_POST['paypalwpp_cc_lastname']; $cc_owner_ip = $_SERVER['REMOTE_ADDR']; $cc_expdate_month = preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_expires_month']); $cc_expdate_year = preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_expires_year']); $cc_validation = new cc_validation(); $result = $cc_validation->validate($cc_number, $cc_expdate_month, $cc_expdate_year); $error = ''; if ($result === -1) { $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); } elseif ($result > -5 && $result < -1) { $error = TEXT_CCVAL_ERROR_INVALID_DATE; } elseif ($result < 1) { $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; } if ($error != '') { $this->away_with_you($error, false, FILENAME_CHECKOUT_PAYMENT); return false; } if (strlen($cc_expdate_year) < 4) { $cc_expdate_year = '20' . $cc_expdate_year; } /* * If the cc type sent in the post var isn't any one of the * accepted cards, send them back to the payment page * This error should never come up unless the visitor is * playing with the post vars or they didn't get passed to * checkout_confirmation.php */ if (!in_array($cc_type, array('Visa', 'MasterCard', 'Discover', 'Amex', 'Maestro', 'Solo'))) { $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_BAD_CARD, false, FILENAME_CHECKOUT_PAYMENT); return false; } //If they're still here, and awake, set some of the order object's variables //Storage of expiry date commented out for PCI DSS compliance $order->info['cc_type'] = $cc_type; $order->info['cc_number'] = str_repeat('X', strlen($cc_number) - 4) . substr($cc_number, -4); $order->info['cc_owner'] = $cc_first_name . ' ' . $cc_last_name; // $order->info['cc_expires'] = $cc_expdate_month . substr($cc_expdate_year, -2); //These have to be set to empty values so that the placeholders in the XML will get replaced $order_info['PAYPAL_CC_UK_DATA'] = ''; //Maestro/Solo specific fields if (MODULE_PAYMENT_PAYPAL_DP_UK_ENABLED == 'Yes') { $order_info['PAYPAL_CC_UK_DATA'] = '<StartMonth>' . substr(preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_start_month']), 0, 2) . '</StartMonth>'; $order_info['PAYPAL_CC_UK_DATA'] .= '<StartYear>' . substr(preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_start_year']), 0, 4) . '</StartYear>'; if ($_POST['paypalwpp_cc_issue_number'] != '') { $order_info['PAYPAL_CC_UK_DATA'] .= '<IssueNumber>' . substr(preg_replace('/[^0-9]/i', '', $_POST['paypalwpp_cc_issue_number']), 0, 2) . '</IssueNumber>'; } } /* Begin optional, unused data fields */ $order_info['PAYPAL_BUTTON_SOURCE'] = ''; /* End optional, unused data fields */ //Billing information $order_info['PAYPAL_FIRST_NAME'] = $cc_first_name; $order_info['PAYPAL_LAST_NAME'] = $cc_last_name; $order_info['PAYPAL_ADDRESS1'] = $order->billing['street_address']; $order_info['PAYPAL_ADDRESS2'] = $order->billing['suburb']; $order_info['PAYPAL_CITY'] = $order->billing['city']; $order_info['PAYPAL_STATE'] = $this->wpp_fix_state_for_paypal($order->billing['country']['iso_code_2'], $order->billing['state']); $order_info['PAYPAL_ZIP'] = $order->billing['postcode']; $order_info['PAYPAL_COUNTRY'] = $order->billing['country']['iso_code_2']; $order_info['PAYPAL_BUYER_EMAIL'] = $order->customer['email_address']; //Credit card details if ($cc_type == 'Maestro') { $order_info['PAYPAL_CC_TYPE'] = 'Switch'; } else { $order_info['PAYPAL_CC_TYPE'] = $cc_type; } $order_info['PAYPAL_CC_NUMBER'] = $cc_number; $order_info['PAYPAL_CC_EXP_MONTH'] = $cc_expdate_month; $order_info['PAYPAL_CC_EXP_YEAR'] = $cc_expdate_year; $order_info['PAYPAL_CC_CVV2'] = $cc_checkcode; $this->cardinal_centinel_before_process($order_info); //Make the call and (hopefully) return an array of information $final_req = $this->wpp_execute_transaction('doDirectPayment', $order_info); //If the transaction wasn't a success, start the error checking if (strpos($final_req['DoDirectPaymentResponse'][0]['Ack'], 'Success') === false) { $error_occurred = false; $ts_result = false; //If an error or failure occurred, don't do a transaction check //The transaction search is only for if we didn't receive a understandable response //and don't want to charge the customer multiple times if (strpos($final_req['DoDirectPaymentResponse'][0]['Ack'], 'Error') !== false || strpos($final_req['DoDirectPaymentResponse'][0]['Ack'], 'Failure') !== false) { //If PayPal said to retry (code 10207), try again if ($final_req['DoDirectPaymentResponse'][0]['Errors'][0]['ErrorCode'] == '10207' && $this->max_retries > 0) { $this->max_retries--; $this->before_process(); return false; } else { $error_occurred = true; $error_log = $this->return_transaction_errors($final_req['DoDirectPaymentResponse'][0]['Errors']); } } elseif ($final_req['faultcode'] != '') { //There was an error in our request syntax //This should never occur in production $error_occurred = true; $error_log = $this->return_transaction_errors($final_req['faultstring']); } else { //Do a transaction search to make sure the connection didn't just timeout //It searches by email of payer and amount. That should be accurate enough $transaction_info = array(); //Set to one day ago to avoid any time zone issues. This does introduce a possible bug, but //the chance of the same person having the exact same total and paypal non responding within one day is pretty unlikely $transaction_info['PAYPAL_START_DATE'] = date('Y-m-d', mktime(0, 0, 0, date("m"), date("d") - 1, date("Y"))) . 'T00:00:00-0700'; $transaction_info['PAYPAL_PAYER'] = $order->customer['email_address']; $transaction_info['PAYPAL_AMOUNT'] = number_format($order->info['total'], 2, '.', ''); $ts_req = $this->wpp_execute_transaction('transactionSearch', $transaction_info); //If a matching transaction was found, tell us if (is_array($ts_req['TransactionSearchResponse'][0]['PaymentTransactions'])) { $ts_result = true; } else { $error_log = $this->return_transaction_errors($ts_req['TransactionSearchResponse'][0]['Errors']); $ts_result = false; } } if (!$error_occurred && $ts_result) { $return_codes = array($ts_req['TransactionSearchResponse'][0]['TransactionID'], 'No AVS Code Returned', 'No CVV2 Code Returned'); } else { if ($this->enableDebugging == '1') { //Send the store owner a complete dump of the transaction $spacer = "---------------------------------------------------------------------\r\n"; $dp_dump_title = "-------------------------------DP_DUMP-------------------------------\r\n"; $dp_dump_title .= "------------This is the information that was sent to PayPal----------\r\n"; $final_req_title = "-------------------------------FINAL_REQ-----------------------------\r\n"; $final_req_title .= "-------------------This is the response from PayPal------------------\r\n"; $final_req_dump = print_r($final_req, true); //Remove sensitive information $this->last_data = str_replace(MODULE_PAYMENT_PAYPAL_DP_API_USERNAME, str_repeat('X', strlen(MODULE_PAYMENT_PAYPAL_DP_API_USERNAME)), $this->last_data); $this->last_data = str_replace(MODULE_PAYMENT_PAYPAL_DP_API_PASSWORD, str_repeat('X', strlen(MODULE_PAYMENT_PAYPAL_DP_API_PASSWORD)), $this->last_data); $this->last_data = str_replace($order_info['PAYPAL_CC_NUMBER'], str_repeat('X', strlen($order_info['PAYPAL_CC_NUMBER'])), $this->last_data); $this->last_data = str_replace($order_info['PAYPAL_CC_CVV2'], str_repeat('X', strlen($order_info['PAYPAL_CC_CVV2'])), $this->last_data); $final_req_dump = str_replace(MODULE_PAYMENT_PAYPAL_DP_API_USERNAME, str_repeat('X', strlen(MODULE_PAYMENT_PAYPAL_DP_API_USERNAME)), $final_req_dump); $final_req_dump = str_replace(MODULE_PAYMENT_PAYPAL_DP_API_PASSWORD, str_repeat('X', strlen(MODULE_PAYMENT_PAYPAL_DP_API_PASSWORD)), $final_req_dump); $final_req_dump = str_replace($order_info['PAYPAL_CC_NUMBER'], str_repeat('X', strlen($order_info['PAYPAL_CC_NUMBER'])), $final_req_dump); $final_req_dump = str_replace($order_info['PAYPAL_CC_CVV2'], str_repeat('X', strlen($order_info['PAYPAL_CC_CVV2'])), $final_req_dump); $ts_req_title = "---------------------------------TS_REQ------------------------------\r\n"; $ts_req_title .= "--------Results of the transaction search if it was executed---------\r\n"; $ts_req_dump = print_r($ts_req, true); //Remove sensitive information $ts_req_dump = str_replace(MODULE_PAYMENT_PAYPAL_DP_API_USERNAME, str_repeat('X', strlen(MODULE_PAYMENT_PAYPAL_DP_API_USERNAME)), $ts_req_dump); $ts_req_dump = str_replace(MODULE_PAYMENT_PAYPAL_DP_API_PASSWORD, str_repeat('X', strlen(MODULE_PAYMENT_PAYPAL_DP_API_PASSWORD)), $ts_req_dump); $this->last_data = strtr($this->last_data, '<>', '[]'); tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'PayPal Error Dump', "In function: before_process() - Direct Payment\r\n" . "Did first contact attempt return error? " . ($error_occurred ? "Yes" : "Nope") . "\r\n" . $spacer . $dp_dump_title . $spacer . $this->last_data . $spacer . "\r\n\r\n" . $final_req_title . $spacer . $final_req_dump . "\r\n\r\n" . $spacer . $ts_req_title . $spacer . $ts_req_dump, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } //If the return is empty if (!tep_not_null($error_log)) { $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_DECLINED . 'No response from the payment processor<br>No response was received from the payment processor. Please contact the store owner for assistance.', false, FILENAME_CHECKOUT_PAYMENT); } else { $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_DECLINED . $error_log, false, FILENAME_CHECKOUT_PAYMENT); } } } else { $return_codes = array($final_req['DoDirectPaymentResponse'][0]['TransactionID'], $final_req['DoDirectPaymentResponse'][0]['AVSCode'], $final_req['DoDirectPaymentResponse'][0]['CVV2Code']); } $this->transaction_log['transaction_id'] = $return_codes[0]; $this->transaction_log['payment_status'] = $details['PaymentStatus']; $ret_avs = $return_codes[1]; $ret_cvv2 = $return_codes[2]; /* * Get transaction status details from PayPal. Unlike Express Checkout, * this requires another transaction to get the details. This is used * for the Authorization/Capture mode of operation * Addition by Glen Hoag (Steve Dallas) */ $transaction_info['PAYPAL_TRANSACTION_ID'] = $this->transaction_log['transaction_id']; $response = $this->wpp_execute_transaction('getTransactionDetails', $transaction_info); if (is_array($response)) { $transaction_node = $response['GetTransactionDetailsResponse'][0]['PaymentTransactionDetails'][0]['PaymentInfo'][0]; $this->transaction_log['payment_status'] = $transaction_node['PaymentStatus']; $this->transaction_log['payment_type'] = $transaction_node['PaymentType']; if ($this->transaction_log['payment_status'] == 'Pending') { $this->transaction_log['transaction_msgs'] = $transaction_node['PendingReason']; $order->info['order_status'] = 1; } } else { $this->transaction_log['payment_status'] == 'UNKNOWN'; $this->transaction_log['payment_type'] = 'UNKNOWN'; } if (strtoupper($this->transaction_log['payment_status']) == 'PENDING' || strtoupper($this->transaction_log['payment_status']) == 'UNKNOWN') { if (MODULE_PAYMENT_PAYPAL_DP_PENDING_ORDER_STATUS_ID > 0) { $order->info['order_status'] = MODULE_PAYMENT_PAYPAL_DP_PENDING_ORDER_STATUS_ID; } } elseif (strtoupper($this->transaction_log['payment_status']) == 'COMPLETED') { if (MODULE_PAYMENT_PAYPAL_DP_COMPLETED_ORDER_STATUS_ID > 0) { $order->info['order_status'] = MODULE_PAYMENT_PAYPAL_DP_COMPLETED_ORDER_STATUS_ID; } } switch ($ret_avs) { case 'A': $ret_avs_msg = 'Address Address only (no ZIP)'; break; case 'B': $ret_avs_msg = 'International “A” Address only (no ZIP)'; break; case 'C': $ret_avs_msg = 'International “N” None'; break; case 'D': $ret_avs_msg = 'International “X” Address and Postal Code'; break; case 'E': $ret_avs_msg = 'Not allowed for MOTO (Internet/Phone)'; break; case 'F': $ret_avs_msg = 'UK-specific “X” Address and Postal Code'; break; case 'G': $ret_avs_msg = 'Global Unavailable Not applicable'; break; case 'I': $ret_avs_msg = 'International Unavailable Not applicable'; break; case 'N': $ret_avs_msg = 'No None'; break; case 'P': $ret_avs_msg = 'Postal (International “Z”) Postal Code only (no Address)'; break; case 'R': $ret_avs_msg = 'Retry Not applicable'; break; case 'S': $ret_avs_msg = 'Service not Supported Not applicable'; break; case 'U': $ret_avs_msg = 'Unavailable Not applicable'; break; case 'W': $ret_avs_msg = 'Whole ZIP Nine-digit ZIP code (no Address)'; break; case 'X': $ret_avs_msg = 'Exact match Address and nine-digit ZIP code'; break; case 'Y': $ret_avs_msg = 'Yes Address and five-digit ZIP'; break; case 'Z': $ret_avs_msg = 'ZIP Five-digit ZIP code (no Address)'; break; default: $ret_avs_msg = 'Error'; } switch ($ret_cvv2) { case 'M': $ret_cvv2_msg = 'Match CVV2'; break; case 'N': $ret_cvv2_msg = 'No match None'; break; case 'P': $ret_cvv2_msg = 'Not Processed Not applicable'; break; case 'S': $ret_cvv2_msg = 'Service not Supported Not applicable'; break; case 'U': $ret_cvv2_msg = 'Unavailable Not applicable'; break; case 'X': $ret_cvv2_msg = 'No response Not applicable'; break; default: $ret_cvv2_msg = 'Error'; break; } $this->transaction_log['avs'] = $ret_avs_msg; $this->transaction_log['cvv2'] = $ret_cvv2_msg; return true; } }
/** * Evaluates the Credit Card Type for acceptance and the validity of the Credit Card Number & Expiration Date * */ function pre_confirmation_check() { global $_POST, $messageStack; // if the card number has the blanked out middle number fields, it has been processed, show message that // the charges were not processed through the merchant gateway and continue posting payment. if (strpos($_POST['paymentech_field_1'], '*') !== false) { $messageStack->add(MODULE_PAYMENT_PAYMENTECH_NO_DUPS, 'caution'); return false; } include DIR_FS_MODULES . 'general/classes/cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['paymentech_field_1'], $_POST['paymentech_field_2'], $_POST['paymentech_field_3'], $_POST['paymentech_field_4']); $error = ''; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($result == false || $result < 1) { $messageStack->add($error . '<!-- [' . $this->code . '] -->', 'error'); return true; } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_cvv2 = $_POST['paymentech_field_4']; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; return false; }
function before_process() { global $HTTP_POST_VARS, $order; include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($HTTP_POST_VARS['cc_number_nh-dns'], $HTTP_POST_VARS['cc_expires_month'], $HTTP_POST_VARS['cc_expires_year']); $error = ''; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($result == false || $result < 1) { $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&cc_owner=' . urlencode($HTTP_POST_VARS['cc_owner']) . '&cc_expires_month=' . $HTTP_POST_VARS['cc_expires_month'] . '&cc_expires_year=' . $HTTP_POST_VARS['cc_expires_year']; tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false)); } $order->info['cc_owner'] = $HTTP_POST_VARS['cc_owner']; $order->info['cc_type'] = $cc_validation->cc_type; $order->info['cc_number'] = $HTTP_POST_VARS['cc_number_nh-dns']; $order->info['cc_expires'] = $HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year']; if (defined('MODULE_PAYMENT_CC_EMAIL') && tep_validate_email(MODULE_PAYMENT_CC_EMAIL)) { $len = strlen($HTTP_POST_VARS['cc_number_nh-dns']); $this->cc_middle = substr($HTTP_POST_VARS['cc_number_nh-dns'], 4, $len - 8); $order->info['cc_number'] = substr($HTTP_POST_VARS['cc_number_nh-dns'], 0, 4) . str_repeat('X', strlen($HTTP_POST_VARS['cc_number_nh-dns']) - 8) . substr($HTTP_POST_VARS['cc_number_nh-dns'], -4); } }
/** * Prepare and submit the final authorization to PayPal via the appropriate means as configured */ function before_process() { global $order, $doPayPal, $messageStack; $options = array(); $optionsShip = array(); $optionsNVP = array(); $options = $this->getLineItemDetails(); //$this->zcLog('before_process - 1', 'Have line-item details:' . "\n" . print_r($options, true)); $doPayPal = $this->paypal_init(); /**************************************** * Do DP checkout ****************************************/ $this->zcLog('before_process - DP-1', 'Beginning DP mode'); // Set state fields depending on what PayPal wants to see for that country $this->setStateAndCountry($order->billing); if (zen_not_null($order->delivery['street_address'])) { $this->setStateAndCountry($order->delivery); } // Validate credit card data include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $response = $cc_validation->validate($_POST['wpp_cc_number'], $_POST['wpp_cc_expdate_month'], $_POST['wpp_cc_expdate_year'], $_POST['wpp_cc_issuedate_month'], $_POST['wpp_cc_issuedate_year']); $error = ''; switch ($response) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($response === false || $response < 1) { $this->zcLog('before_process - DP-2', 'CC validation results: ' . $error . '(' . $response . ')'); $messageStack->add_session('checkout_payment', $error . '<!-- [' . $this->code . '] -->' . '<!-- result: ' . $response . ' -->', 'error'); zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, $error, 'SSL', true, false)); $this->zcLog('before_process - DP-3', 'CC info: ' . $cc_validation->cc_type . ' ' . substr($cc_validation->cc_number, 0, 4) . str_repeat('X', strlen($cc_validation->cc_number) - 8) . substr($cc_validation->cc_number, -4) . ' ' . $error); } if (!in_array($cc_validation->cc_type, array('Visa', 'MasterCard', 'Switch', 'Solo', 'Discover', 'American Express', 'Maestro'))) { $messageStack->add_session('checkout_payment', MODULE_PAYMENT_PAYPALDP_TEXT_BAD_CARD . '<!-- [' . $this->code . ' ' . $cc_validation->cc_type . '] -->', 'error'); zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, MODULE_PAYMENT_PAYPALDP_TEXT_BAD_CARD, 'SSL', true, false)); } // if CC validation passed, continue using the validated data $cc_type = $cc_validation->cc_type; $cc_number = $cc_validation->cc_number; $cc_first_name = $_POST['wpp_payer_firstname']; $cc_last_name = $_POST['wpp_payer_lastname']; $cc_checkcode = $_POST['wpp_cc_checkcode']; $cc_expdate_month = $cc_validation->cc_expiry_month; $cc_expdate_year = $cc_validation->cc_expiry_year; $cc_issuedate_month = $_POST['wpp_cc_issuedate_month']; $cc_issuedate_year = $_POST['wpp_cc_issuedate_year']; $cc_issuenumber = $_POST['wpp_cc_issuenumber']; $cc_owner_ip = zen_get_ip_address(); // If they're still here, set some of the order object's variables. $order->info['cc_type'] = $cc_type; $order->info['cc_number'] = substr($cc_number, 0, 4) . str_repeat('X', strlen($cc_number) - 8) . substr($cc_number, -4); $order->info['cc_owner'] = $cc_first_name . ' ' . $cc_last_name; $order->info['cc_expires'] = $cc_expdate_month . substr($cc_expdate_year, -2); $order->info['ip_address'] = $cc_owner_ip; // Set currency $my_currency = $this->selectCurrency($order->info['currency'], 'DP'); /* // if CC is switch or solo, must be GBP if (in_array($cc_type, array('Switch', 'Solo', 'Maestro'))) { $my_currency = 'GBP'; } */ $order_amount = $this->calc_order_amount($order->info['total'], $my_currency); // Initialize the paypal caller object. $doPayPal = $this->paypal_init(); $optionsAll = array_merge($options, array('STREET' => $order->billing['street_address'], 'ZIP' => $order->billing['postcode'], 'CITY' => $order->billing['city'], 'STATE' => $order->billing['state'], 'STREET2' => $order->billing['suburb'], 'COUNTRYCODE' => $order->billing['country']['iso_code_2'], 'EXPDATE' => $cc_expdate_month . $cc_expdate_year, 'EMAIL' => $order->customer['email_address'], 'PHONENUM' => $order->customer['telephone'])); $optionsShip = array(); if (isset($order->delivery) && $order->delivery['street_address'] != '') { $optionsShip = array('SHIPTONAME' => $order->delivery['name'] == '' ? $order->delivery['firstname'] . ' ' . $order->delivery['lastname'] : $order->delivery['name'], 'SHIPTOSTREET' => $order->delivery['street_address'], 'SHIPTOSTREET2' => $order->delivery['suburb'], 'SHIPTOCITY' => $order->delivery['city'], 'SHIPTOZIP' => $order->delivery['postcode'], 'SHIPTOSTATE' => $order->delivery['state'], 'SHIPTOCOUNTRYCODE' => $order->delivery['country']['iso_code_2']); } // if State is not supplied, repeat the city so that it's not blank, otherwise PayPal croaks if (!isset($optionsShip['SHIPTOSTATE']) || trim($optionsShip['SHIPTOSTATE']) == '') { $optionsShip['SHIPTOSTATE'] = $optionsShip['SHIPTOCITY']; } if ($optionsAll['STREET2'] == '') { unset($optionsAll['STREET2']); } if ($optionsShip['SHIPTOSTREET2'] == '') { unset($optionsShip['SHIPTOSTREET2']); } // Payment Transaction/Authorization Mode $optionsNVP['PAYMENTACTION'] = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Sale'; if (MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only') { $this->order_status = MODULE_PAYMENT_PAYPALDP_ORDER_PENDING_STATUS_ID; } // if (in_array($cc_type, array('Switch', 'Solo'))) { // $optionsNVP['PAYMENTACTION'] = 'Authorization'; // } $optionsAll['BUTTONSOURCE'] = $this->buttonSource; $optionsAll['CURRENCY'] = $my_currency; $optionsAll['IPADDRESS'] = $cc_owner_ip; if ($cc_issuedate_month && $cc_issuedate_year) { $optionsAll['CARDSTART'] = $cc_issuedate_month . substr($cc_issuedate_year, -2); } if (isset($_POST['wpp_cc_issuenumber'])) { $optionsAll['CARDISSUE'] = $_POST['wpp_cc_issuenumber']; } // unused at present: // $options['CUSTOM'] = ''; // $options['INVNUM'] = ''; // $options['DESC'] = ''; if (substr(MODULE_PAYMENT_PAYPALDP_MODULE_MODE, 0, 7) == 'Payflow') { if (isset($optionsAll['COUNTRYCODE'])) { $optionsAll['COUNTRY'] = $optionsAll['COUNTRYCODE']; unset($optionsAll['COUNTRYCODE']); } if (isset($optionsShip['SHIPTOCOUNTRYCODE'])) { $optionsShip['SHIPTOCOUNTRY'] = $optionsShip['SHIPTOCOUNTRYCODE']; unset($optionsShip['SHIPTOCOUNTRYCODE']); } if (isset($optionsShip['SHIPTOSTREET2'])) { unset($optionsShip['SHIPTOSTREET2']); } if (isset($optionsAll['STREET2'])) { unset($optionsAll['STREET2']); } } $this->zcLog('before_process - DP-4', 'optionsAll: ' . print_r($optionsAll, true) . "\n" . 'optionsNVP: ' . print_r($optionsNVP, true) . "\n" . 'optionsShip' . print_r($optionsShip, true) . "\n" . 'Rest of data: ' . "\n" . number_format($order_amount, 2) . ' ' . $cc_expdate_month . ' ' . substr($cc_expdate_year, -2) . ' ' . $cc_first_name . ' ' . $cc_last_name . ' ' . $cc_type); $response = $doPayPal->DoDirectPayment(number_format($order_amount, 2), $cc_number, $cc_checkcode, $cc_expdate_month . substr($cc_expdate_year, -2), $cc_first_name, $cc_last_name, $cc_type, $optionsAll, array_merge($optionsNVP, $optionsShip)); $this->zcLog('before_process - DP-5', 'resultset:' . "\n" . urldecode(print_r($response, true))); // CHECK RESPONSE $error = $this->_errorHandler($response, 'DoDirectPayment'); $this->feeamt = ''; $this->taxamt = ''; $this->pendingreason = ''; $this->reasoncode = ''; $this->numitems = sizeof($order->products); $this->responsedata = $response; if ($response['PNREF']) { // PNREF only comes from payflow mode $this->payment_type = MODULE_PAYMENT_PAYPALDP_PF_TEXT_TYPE; $this->transaction_id = $response['PNREF']; $this->payment_status = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Completed'; $this->avs = 'AVSADDR: ' . $response['AVSADDR'] . ', AVSZIP: ' . $response['AVSZIP'] . ', IAVS: ' . $response['IAVS']; $this->cvv2 = $response['CVV2MATCH']; $this->amt = $order_amount . ' ' . $my_currency; $this->payment_time = date('Y-m-d h:i:s'); $this->responsedata['CURRENCYCODE'] = $my_currency; $this->responsedata['EXCHANGERATE'] = $order->info['currency_value']; $this->auth_code = $this->response['AUTHCODE']; } else { // here we're in NVP mode $this->transaction_id = $response['TRANSACTIONID']; $this->payment_type = MODULE_PAYMENT_PAYPALDP_DP_TEXT_TYPE; $this->payment_status = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Completed'; $this->pendingreason = MODULE_PAYMENT_PAYPALDP_TRANSACTION_MODE == 'Auth Only' ? 'authorization' : ''; $this->avs = $response['AVSCODE']; $this->cvv2 = $response['CVV2MATCH']; $this->correlationid = $response['CORRELATIONID']; $this->payment_time = urldecode($response['TIMESTAMP']); $this->amt = urldecode($response['AMT'] . ' ' . $response['CURRENCYCODE']); $this->auth_code = isset($this->response['AUTHCODE']) ? $this->response['AUTHCODE'] : $this->response['TOKEN']; $this->transactiontype = 'cart'; } }
function pre_confirmation_check() { global $messageStack; if (isset($_POST['velocity_cc_number'])) { include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['velocity_cc_number'], $_POST['velocity_cc_expires_month'], $_POST['velocity_cc_expires_year']); $error = ''; switch ($result) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } if ($result == false || $result < 1) { tep_session_register('payment_error'); tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=' . $error)); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; } }
/** * Prepare and submit the final authorization to PayPal via the appropriate means as configured */ function before_process() { global $order, $doPayPal; $options = array(); $optionsShip = array(); $optionsNVP = array(); $options = $this->getLineItemDetails(); //$this->zcLog('before_process - 1', 'Have line-item details:' . "\n" . print_r($options, true)); $doPayPal = $this->paypal_init(); if ($this->in_special_checkout() || $this->enableDirectPayment == false) { $this->zcLog('before_process - EC-1', 'Beginning EC mode'); /**************************************** * Do EC checkout ****************************************/ // do not allow blank address to be sent to PayPal if ($_SESSION['paypal_ec_payer_info']['ship_street_1'] != '' && $_SESSION['paypal_ec_payer_info']['ship_address_status'] != 'None') { $options = array_merge($options, array('SHIPTONAME' => $_SESSION['paypal_ec_payer_info']['ship_name'], 'SHIPTOSTREET' => $_SESSION['paypal_ec_payer_info']['ship_street_1'], 'SHIPTOSTREET2' => $_SESSION['paypal_ec_payer_info']['ship_street_2'], 'SHIPTOCITY' => $_SESSION['paypal_ec_payer_info']['ship_city'], 'SHIPTOSTATE' => $_SESSION['paypal_ec_payer_info']['ship_state'], 'SHIPTOZIP' => $_SESSION['paypal_ec_payer_info']['ship_postal_code'], 'SHIPTOCOUNTRYCODE' => $_SESSION['paypal_ec_payer_info']['ship_country_code'])); $this->zcLog('before_process - EC-2', 'address overrides added:' . "\n" . print_r($options, true)); } $this->zcLog('before_process - EC-3', 'address info added:' . "\n" . print_r($options, true)); // If the customer has changed their shipping address, // override the shipping address in PayPal with the shipping // address that is selected in Zen Cart. if ($order->delivery['street_address'] != $_SESSION['paypal_ec_payer_info']['ship_street_1'] && $_SESSION['paypal_ec_payer_info']['ship_street_1'] != '') { $_GET['markflow'] = 2; if (($address_arr = $this->getOverrideAddress()) !== false) { // set the override var $options['ADDROVERRIDE'] = 1; // set the address info $options['SHIPTONAME'] = $address_arr['entry_firstname'] . ' ' . $address_arr['entry_lastname']; $options['SHIPTOSTREET'] = $address_arr['entry_street_address']; if ($address_arr['entry_suburb'] != '') { $options['SHIPTOSTREET2'] = $address_arr['entry_suburb']; } $options['SHIPTOCITY'] = $address_arr['entry_city']; $options['SHIPTOZIP'] = $address_arr['entry_postcode']; $options['SHIPTOSTATE'] = $address_arr['zone_code']; $options['SHIPTOCOUNTRYCODE'] = $address_arr['countries_iso_code_2']; } } // if these optional parameters are blank, remove them from transaction if (isset($options['SHIPTOSTREET2']) && trim($options['SHIPTOSTREET2']) == '') { unset($options['SHIPTOSTREET2']); } if (isset($options['SHIPTOPHONE']) && trim($options['SHIPTOPHONE']) == '') { unset($options['SHIPTOPHONE']); } // if State is not supplied, repeat the city so that it's not blank, otherwise PayPal croaks if ((!isset($options['SHIPTOSTATE']) || trim($options['SHIPTOSTATE']) == '') && $options['SHIPTOCITY'] != '') { $options['SHIPTOSTATE'] = $options['SHIPTOCITY']; } $options['BUTTONSOURCE'] = $this->buttonSourceEC; $options['CURRENCY'] = $this->selectCurrency($order->info['currency']); $order_amount = $this->calc_order_amount($order->info['total'], $options['CURRENCY']); // unused at present: // $options['CUSTOM'] = ''; // $options['INVNUM'] = ''; // $options['DESC'] = ''; // debug output $this->zcLog('before_process - EC-4', 'info being submitted:' . "\n" . $_SESSION['paypal_ec_token'] . ' ' . $_SESSION['paypal_ec_payer_id'] . ' ' . number_format($order_amount, 2) . "\n" . print_r($options, true)); $response = $doPayPal->DoExpressCheckoutPayment($_SESSION['paypal_ec_token'], $_SESSION['paypal_ec_payer_id'], number_format(isset($options['AMT']) ? $options['AMT'] : $order_amount, 2), $options); $this->zcLog('before_process - EC-5', 'resultset:' . "\n" . urldecode(print_r($response, true))); // CHECK RESPONSE -- if error, actions are taken in the errorHandler $error = $this->_errorHandler($response, 'DoExpressCheckoutPayment'); // SUCCESS $this->payment_type = MODULE_PAYMENT_PAYPALWPP_EC_TEXT_TYPE; $this->responsedata = $response; if ($response['PAYMENTTYPE'] != '') { $this->payment_type .= ' (' . urldecode($response['PAYMENTTYPE']) . ')'; } $this->transaction_id = trim($response['PNREF'] . ' ' . $response['TRANSACTIONID']); if (empty($response['PENDINGREASON']) || $response['PENDINGREASON'] == 'none' || $response['PENDINGREASON'] == 'completed' || $response['PAYMENTSTATUS'] == 'Completed') { $this->payment_status = 'Completed'; if ($this->order_status > 0) { $order->info['order_status'] = $this->order_status; } } else { $this->payment_status = 'Pending (' . $response['PENDINGREASON'] . ')'; $order->info['order_status'] = $this->order_pending_status; } $this->avs = 'N/A'; $this->cvv2 = 'N/A'; $this->correlationid = $response['CORRELATIONID']; $this->transactiontype = $response['TRANSACTIONTYPE']; $this->payment_time = urldecode($response['ORDERTIME']); $this->feeamt = urldecode($response['FEEAMT']); $this->taxamt = urldecode($response['TAXAMT']); $this->pendingreason = $response['PENDINGREASON']; $this->reasoncode = $response['REASONCODE']; // $this->numitems = $_SESSION['cart']->count_contents(); $this->numitems = sizeof($order->products); $this->amt = urldecode($response['AMT'] . ' ' . $response['CURRENCYCODE']); $this->auth_code = isset($this->response['AUTHCODE']) ? $this->response['AUTHCODE'] : $this->response['TOKEN']; } else { /**************************************** * Do DP checkout ****************************************/ $this->zcLog('before_process - DP-1', 'Beginning DP mode'); // Set state fields depending on what PayPal wants to see for that country $this->setStateAndCountry($order->billing); if (zen_not_null($order->delivery['street_address'])) { $this->setStateAndCountry($order->delivery); } // Validate credit card data include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $response = $cc_validation->validate($_POST['ec_cc_number'], $_POST['ec_cc_expdate_month'], $_POST['ec_cc_expdate_year'], $_POST['ec_cc_issuedate_month'], $_POST['ec_cc_issuedate_year']); $error = ''; switch ($response) { case -1: $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = TEXT_CCVAL_ERROR_INVALID_DATE; break; case false: $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; break; } $this->zcLog('before_process - DP-2', 'CC validation results: ' . $error . '(' . $response . ')'); if ($response == false || $response < 1) { $this->terminateEC($error, false, FILENAME_CHECKOUT_PAYMENT); } if (!in_array($cc_validation->cc_type, array('Visa', 'MasterCard', 'Switch', 'Solo', 'Discover', 'American Express', 'Maestro'))) { $this->terminateEC(MODULE_PAYMENT_PAYPALWPP_TEXT_BAD_CARD, false, FILENAME_CHECKOUT_PAYMENT); } $this->zcLog('before_process - DP-3', 'CC info: ' . $cc_validation->cc_type . ' ' . substr($cc_validation->cc_number, 0, 4) . str_repeat('X', strlen($cc_validation->cc_number) - 8) . substr($cc_validation->cc_number, -4)); // if CC validation passed, continue using the validated data $cc_type = $cc_validation->cc_type; $cc_number = $cc_validation->cc_number; $cc_first_name = $_POST['ec_payer_firstname']; $cc_last_name = $_POST['ec_payer_lastname']; $cc_checkcode = $_POST['ec_cc_checkcode']; $cc_expdate_month = $cc_validation->cc_expiry_month; $cc_expdate_year = $cc_validation->cc_expiry_year; $cc_issuedate_month = $_POST['ec_cc_issuedate_month']; $cc_issuedate_year = $_POST['ec_cc_issuedate_year']; $cc_owner_ip = zen_get_ip_address(); // If they're still here, set some of the order object's variables. $order->info['cc_type'] = $cc_type; $order->info['cc_number'] = substr($cc_number, 0, 4) . str_repeat('X', strlen($cc_number) - 8) . substr($cc_number, -4); $order->info['cc_owner'] = $cc_first_name . ' ' . $cc_last_name; $order->info['cc_expires'] = $cc_expdate_month . substr($cc_expdate_year, -2); $order->info['ip_address'] = $cc_owner_ip; // Set currency $my_currency = $this->selectCurrency($order->info['currency'], 'DP'); /* // if CC is switch or solo, must be GBP if (in_array($cc_type, array('Switch', 'Solo', 'Maestro'))) { $my_currency = 'GBP'; } */ $order_amount = $this->calc_order_amount($order->info['total'], $my_currency); // Initialize the paypal caller object. $doPayPal = $this->paypal_init(); $optionsAll = array_merge($options, array('STREET' => $order->billing['street_address'], 'ZIP' => $order->billing['postcode'])); $optionsNVP = array('CITY' => $order->billing['city'], 'STATE' => $order->billing['state'], 'COUNTRYCODE' => $order->billing['country']['iso_code_2'], 'EXPDATE' => $cc_expdate_month . $cc_expdate_year); $optionsShip = array(); if (isset($order->delivery) && $order->delivery['street_address'] != '') { $optionsShip = array('SHIPTONAME' => $order->delivery['name'] == '' ? $order->delivery['firstname'] . ' ' . $order->delivery['lastname'] : $order->delivery['name'], 'SHIPTOSTREET' => $order->delivery['street_address'], 'SHIPTOSTREET2' => $order->delivery['suburb'], 'SHIPTOCITY' => $order->delivery['city'], 'SHIPTOZIP' => $order->delivery['postcode'], 'SHIPTOSTATE' => $order->delivery['state'], 'SHIPTOCOUNTRYCODE' => $order->delivery['country']['iso_code_2']); } // if these optional parameters are blank, remove them from transaction if (isset($optionsShip['SHIPTOSTREET2']) && trim($optionsShip['SHIPTOSTREET2']) == '') { unset($optionsShip['SHIPTOSTREET2']); } if (isset($optionsShip['SHIPTOPHONE']) && trim($optionsShip['SHIPTOPHONE']) == '') { unset($optionsShip['SHIPTOPHONE']); } // if State is not supplied, repeat the city so that it's not blank, otherwise PayPal croaks if (!isset($optionsShip['SHIPTOSTATE']) || trim($optionsShip['SHIPTOSTATE']) == '') { $optionsShip['SHIPTOSTATE'] = $optionsShip['SHIPTOCITY']; } // Payment Transaction/Authorization Mode $optionsNVP['PAYMENTACTION'] = MODULE_PAYMENT_PAYPALWPP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Sale'; // if (in_array($cc_type, array('Switch', 'Solo'))) { // $optionsNVP['PAYMENTACTION'] = 'Authorization'; // } $optionsAll['BUTTONSOURCE'] = $this->buttonSourceDP; $optionsAll['CURRENCY'] = $my_currency; $optionsAll['IPADDRESS'] = $cc_owner_ip; if ($cc_issuedate_month && $cc_issuedate_year) { $optionsAll['CARDSTART'] = $cc_issuedate_month . substr($cc_issuedate_year, -2); } // unused at present: // $options['CUSTOM'] = ''; // $options['INVNUM'] = ''; // $options['DESC'] = ''; $this->zcLog('before_process - DP-4', 'optionsAll: ' . print_r($optionsAll, true) . "\n" . 'optionsNVP: ' . print_r($optionsNVP, true) . "\n" . 'optionsShip' . print_r($optionsShip, true) . "\n" . 'Rest of data: ' . "\n" . number_format($order_amount, 2) . ' ' . $cc_expdate_month . ' ' . substr($cc_expdate_year, -2) . ' ' . $cc_first_name . ' ' . $cc_last_name . ' ' . $cc_type); $response = $doPayPal->DoDirectPayment(number_format($order_amount, 2), $cc_number, $cc_checkcode, $cc_expdate_month . substr($cc_expdate_year, -2), $cc_first_name, $cc_last_name, $cc_type, $optionsAll, array_merge($optionsNVP, $optionsShip)); $this->zcLog('before_process - DP-5', 'resultset:' . "\n" . print_r($response, true)); // CHECK RESPONSE $error = $this->_errorHandler($response, 'DoDirectPayment'); $this->feeamt = ''; $this->taxamt = ''; $this->pendingreason = ''; $this->reasoncode = ''; $this->numitems = sizeof($order->products); $this->responsedata = $response; if ($response['PNREF']) { // PNREF only comes from payflow mode $this->payment_type = MODULE_PAYMENT_PAYPALWPP_PF_TEXT_TYPE; $this->transaction_id = $response['PNREF']; $this->payment_status = MODULE_PAYMENT_PAYPALWPP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Completed'; $this->avs = 'AVSADDR: ' . $response['AVSADDR'] . ', AVSZIP: ' . $response['AVSZIP'] . ', IAVS: ' . $response['IAVS']; $this->cvv2 = $response['CVV2MATCH']; $this->amt = $order_amount . ' ' . $my_currency; $this->payment_time = date('Y-m-d h:i:s'); $this->responsedata['CURRENCYCODE'] = $my_currency; $this->responsedata['EXCHANGERATE'] = $order->info['currency_value']; $this->auth_code = $this->response['AUTHCODE']; } else { // here we're in NVP mode $this->transaction_id = $response['TRANSACTIONID']; $this->payment_type = MODULE_PAYMENT_PAYPALWPP_DP_TEXT_TYPE; $this->payment_status = MODULE_PAYMENT_PAYPALWPP_TRANSACTION_MODE == 'Auth Only' ? 'Authorization' : 'Completed'; $this->pendingreason = MODULE_PAYMENT_PAYPALWPP_TRANSACTION_MODE == 'Auth Only' ? 'authorization' : ''; $this->avs = $response['AVSCODE']; $this->cvv2 = $response['CVV2MATCH']; $this->correlationid = $response['CORRELATIONID']; $this->payment_time = urldecode($response['TIMESTAMP']); $this->amt = urldecode($response['AMT'] . ' ' . $response['CURRENCYCODE']); $this->auth_code = isset($this->response['AUTHCODE']) ? $this->response['AUTHCODE'] : $this->response['TOKEN']; $this->transactiontype = 'cart'; } } }
function pre_confirmation_check() { if (MODULE_PAYMENT_REMISE_INPUT_MODE == 'Local') { if (MODULE_PAYMENT_REMISE_CARD_CHECK == 'ON') { include DIR_WS_CLASSES . 'cc_validation.php'; $cc_validation = new cc_validation(); $result = $cc_validation->validate($_POST['remise_cc_number'], $_POST['remise_cc_expires_month'], $_POST['remise_cc_expires_year']); $error = ''; switch ($result) { case -1: $error = sprintf(MODULE_PAYMENT_REMISE_TEXT_CC_INVALID_NUMBER, substr($cc_validation->cc_number, 0, 4)); break; case -2: case -3: case -4: $error = MODULE_PAYMENT_REMISE_TEXT_CC_INVALID_DATE; break; case false: $error = MODULE_PAYMENT_REMISE_TEXT_CC_INVALID_NUMBER; break; } $this->cc_card_name = mb_convert_kana($_POST['remise_cc_name'], "a"); if (strlen($this->cc_card_name) < 3 || ereg("[^0-9a-zA-Z ]", $this->cc_card_name)) { if ($result == false || $result < 1) { $error .= MODULE_PAYMENT_REMISE_TEXT_CC_NAME; } else { $error = MODULE_PAYMENT_REMISE_TEXT_CC_NAME; } $result = false; } if ($result == false || $result < 1) { $encode = mb_http_input(); if ($encode == 'ASCII') { $encode = 'UTF-8'; } $error = mb_convert_encoding($error, $encode); $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error); zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false)); } $this->cc_card_type = $cc_validation->cc_type; $this->cc_card_number = $cc_validation->cc_number; $this->cc_expiry_month = $cc_validation->cc_expiry_month; $this->cc_expiry_year = $cc_validation->cc_expiry_year; } else { $this->cc_card_name = mb_convert_kana($_POST['remise_cc_name'], "a"); $this->cc_card_number = $_POST['remise_cc_number']; $this->cc_expiry_month = $_POST['remise_cc_expires_month']; $this->cc_expiry_year = $_POST['remise_cc_expires_year']; } } return false; }