protected function ping($url, $port = 80, $timeout = 6) { $host = parse_url($url, PHP_URL_HOST); $fsock = fsockopen($host, $port, $errno, $errstr, $timeout); if (!$fsock) { Log::log('Ping for ' . $host . ':' . $port . ' (timeout=' . $timeout . ') failed'); return false; } else { return true; } }
public function beforeInvoke($allowed = array()) { foreach ($this->_registerAclModels as $model) { Model::register($model); } if (!in_array($this->getAction(), array_merge($this->_allowedActions, $allowed)) && $this->hasAccess() === false) { Log::_('ACL firewall hit', Log::CHANNEL_SECURITY, Log::LEVEL_INFORMATIONAL, implode(PHP_EOL, Ajde_Acl::$log)); Ajde::app()->getRequest()->set('message', __('You may not have the required permission to view this page')); Ajde::app()->getResponse()->dieOnCode(Response::RESPONSE_TYPE_UNAUTHORIZED); } else { return true; } }
public function publish() { $tweet = $this->getTitle(); if ($url = $this->getUrl()) { $tweet = substr($tweet, 0, 140 - strlen($url) - 5) . '... ' . $url; } while ($curlength = iconv_strlen(htmlspecialchars($tweet, ENT_QUOTES, 'UTF-8'), 'UTF-8') >= 140) { $tweet = substr($tweet, 0, -1); } try { $response = $this->_twitter->post('statuses/update', array('status' => $tweet)); } catch (Exception $e) { AjdeLog::log($response); AjdeExceptionLog::logException($e); return false; } if ($response->user && $response->user->id && $response->id_str) { return sprintf("http://twitter.com/%s/status/%s", $response->user->id, $response->id_str); } else { return false; } }
public function updatePayment() { // PHP 4.1 // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&{$key}={$value}"; } // post back to PayPal system to validate $header = ''; $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen($this->isSandbox() ? 'ssl://www.sandbox.paypal.com' : 'ssl://www.paypal.com', 443, $errno, $errstr, 30); // assign posted variables to local variables $item_name = issetor($_POST['item_name']); $item_number = issetor($_POST['item_number']); $payment_status = issetor($_POST['payment_status']); $payment_amount = issetor($_POST['mc_gross']); $payment_currency = issetor($_POST['mc_currency']); $txn_id = issetor($_POST['txn_id']); $receiver_email = issetor($_POST['receiver_email']); $payer_email = issetor($_POST['payer_email']); Model::register('shop'); $secret = issetor($_POST['custom']); $transaction = new TransactionModel(); $changed = false; if (!$fp) { // HTTP ERROR } else { fputs($fp, $header . $req); while (!feof($fp)) { $res = fgets($fp, 1024); if (strcmp($res, "VERIFIED") == 0) { if (!$transaction->loadByField('secret', $secret)) { Log::log('Could not find transaction for PayPal payment with txn id ' . $txn_id . ' and transaction secret ' . $secret); return array('success' => false, 'transaction' => null); } // check the payment_status is Completed // accept Pending from PayPal (eChecks?) $acceptPending = true; if ($payment_status == 'Completed' || $acceptPending && $payment_status == 'Pending') { $details = 'AMOUNT: ' . $payment_amount . PHP_EOL . 'CURRENCY: ' . $payment_currency . PHP_EOL . 'PAYER_EMAIL: ' . $payer_email . PHP_EOL . 'RECEIVER_EMAIL: ' . $receiver_email . PHP_EOL . 'TXN_ID: ' . $txn_id . PHP_EOL; // update transaction only once if ($transaction->payment_status != 'completed') { $transaction->payment_details = $details; $transaction->payment_status = 'completed'; $transaction->save(); $changed = true; } // Write pending to Log if ($payment_status == 'Pending') { Log::log('Status is Pending but accepting now. PayPal payment with txn id ' . $txn_id . ' and transaction secret ' . $secret); } return array('success' => true, 'changed' => $changed, 'transaction' => $transaction); } else { if ($transaction->payment_status != 'refused') { $transaction->payment_status = 'refused'; $transaction->save(); $changed = true; } Log::log('Status is not Completed but ' . $payment_status . ' for PayPal payment with txn id ' . $txn_id . ' and transaction secret ' . $secret); } // check that txn_id has not been previously processed // check that receiver_email is your Primary PayPal email // check that payment_amount/payment_currency are correct // process payment } else { if (strcmp($res, "INVALID") == 0) { if (!$transaction->loadByField('secret', $secret)) { // secret not found anyway $transaction = null; Log::log('Could not find transaction for PayPal payment with txn id ' . $txn_id . ' and transaction secret ' . $secret); } else { // log for manual investigation if ($transaction->payment_status != 'refused') { $transaction->payment_status = 'refused'; $transaction->save(); $changed = true; } Log::log('Validation failed for PayPal payment with txn id ' . $txn_id); } } } } fclose($fp); } return array('success' => false, 'changed' => $changed, 'transaction' => $transaction); }
/** * * @param string $url * @param bool|string $toFile * @param bool|array $header * @return string * @throws Exception */ public static function get($url, $toFile = false, $header = false) { $output = false; $debug = false; if ($debug) { Log::_('cURL URL', Log::CHANNEL_INFO, Log::LEVEL_INFORMATIONAL, $url); } try { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); // The URL to fetch. This can also be set when initializing a session with curl_init(). curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // TRUE to return the transfer as a string of the return value of curl_exec() instead of outputting it out directly. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); // The number of seconds to wait while trying to connect. Use 0 to wait indefinitely. curl_setopt($ch, CURLOPT_TIMEOUT, 5); // The maximum number of seconds to allow cURL functions to execute. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36"); // The contents of the "User-Agent: " header to be used in a HTTP request. curl_setopt($ch, CURLOPT_ENCODING, ""); // The contents of the "Accept-Encoding: " header. This enables decoding of the response. Supported encodings are "identity", "deflate", and "gzip". If an empty string, "", is set, a header containing all supported encoding types is sent. curl_setopt($ch, CURLOPT_AUTOREFERER, true); // TRUE to automatically set the Referer: field in requests where it follows a Location: redirect. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); // FALSE to stop cURL from verifying the peer's certificate. Alternate certificates to verify against can be specified with the CURLOPT_CAINFO option or a certificate directory can be specified with the CURLOPT_CAPATH option. CURLOPT_SSL_VERIFYHOST may also need to be TRUE or FALSE if CURLOPT_SSL_VERIFYPEER is disabled (it defaults to 2). curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_COOKIEFILE, ""); if ($toFile !== false) { // @TODO We need SAFE_MODE to be off if (ini_get('safe_mode')) { throw new AjdeException('SAFE_MODE must be off when downloading files'); } $fp = fopen($toFile, 'w+'); //This is the file where we save the information curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_MAXREDIRS, 20); // The maximum amount of HTTP redirections to follow. Use this option alongside CURLOPT_FOLLOWLOCATION. curl_setopt($ch, CURLOPT_TIMEOUT, 300); curl_setopt($ch, CURLOPT_FILE, $fp); // write curl response to file curl_setopt($ch, CURLINFO_HEADER_OUT, true); if ($header) { curl_setopt($ch, CURLOPT_HTTPHEADER, $header); } curl_exec($ch); fclose($fp); $output = true; $http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE); if ($debug) { $verbose = curl_getinfo($ch); } if ($debug) { Log::_('cURL result', Log::CHANNEL_INFO, Log::LEVEL_INFORMATIONAL, var_export($verbose, true)); } curl_close($ch); if (substr($http_status, 0, 1 == '4')) { return false; } } else { // Not possible in SAFE_MODE // curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); // TRUE to follow any "Location: " header that the server sends as part of the HTTP header (note this is recursive, PHP will follow as many "Location: " headers that it is sent, unless CURLOPT_MAXREDIRS is set). // curl_setopt($ch, CURLOPT_HEADER, false); // TRUE to include the header in the output. // curl_setopt($ch, CURLOPT_MAXREDIRS, 10); // The maximum amount of HTTP redirections to follow. Use this option alongside CURLOPT_FOLLOWLOCATION. $output = self::_curl_exec_follow($ch, 10, false); if ($debug) { $verbose = curl_getinfo($ch); } if ($debug) { Log::_('cURL result', Log::CHANNEL_INFO, Log::LEVEL_INFORMATIONAL, var_export($verbose, true)); } curl_close($ch); } } catch (Exception $e) { throw $e; } return $output; }
public function updatePayment() { $payment = false; $mollie = new Client(); $mollie->setApiKey($this->getApiKey()); $transaction = new TransactionModel(); $changed = false; // see if we are here for the webhook or user return url $mollie_id = Ajde::app()->getRequest()->getPostParam('id', false); // from webhook $order_id = Ajde::app()->getRequest()->getParam('order_id', false); // from user request if (!$mollie_id && $order_id) { // load from order_id $transaction->loadByField('secret', $order_id); $mollie_id = $transaction->payment_providerid; try { $payment = $mollie->payments->get($mollie_id); } catch (Exception $e) { AjdeExceptionLog::logException($e); $payment = false; } } else { if ($mollie_id) { // laod from mollie transaction id try { $payment = $mollie->payments->get($mollie_id); $order_id = $payment->metadata->order_id; $transaction->loadByField('secret', $order_id); } catch (Exception $e) { AjdeExceptionLog::logException($e); $payment = false; } } } if (!$payment || !$mollie_id || !$order_id || !$transaction->hasLoaded()) { AjdeLog::log('Could not find transaction for Mollie payment for mollie id ' . $mollie_id . ' and transaction secret ' . $order_id); return array('success' => false, 'changed' => $changed, 'transaction' => $transaction); } // what to return? $paid = false; $payment_details = $payment->details; if (is_object($payment_details) || is_array($payment_details)) { $payment_details = json_encode($payment_details); } // save details $details = 'PAYMENT STATUS: ' . (string) $payment->status . PHP_EOL . 'PAYMENT AMOUNT: ' . (string) $payment->amount . PHP_EOL . 'PAYMENT AT: ' . (string) $payment->paidDatetime . PHP_EOL . 'CANCELLED AT: ' . (string) $payment->cancelledDatetime . PHP_EOL . 'EXPIRED AT: ' . (string) $payment->expiredDatetime . PHP_EOL . 'PAYER DETAILS: ' . (string) $payment_details; $transaction->payment_details = $details; switch ($payment->status) { case "open": if ($transaction->payment_status != 'requested') { $transaction->payment_status = 'requested'; $transaction->save(); $changed = true; } break; case "paidout": case "paid": $paid = true; // update transaction only once if ($transaction->payment_status != 'completed') { $transaction->paid(); $changed = true; } break; case "cancelled": // update transaction only once if ($transaction->payment_status != 'cancelled') { $transaction->payment_status = 'cancelled'; $transaction->save(); $changed = true; } break; case "expired": // update transaction only once if ($transaction->payment_status != 'refused') { $transaction->payment_status = 'refused'; $transaction->save(); $changed = true; } break; } return array('success' => $paid, 'changed' => $changed, 'transaction' => $transaction); }
private function validationErrorRedirect() { Log::_('ACL firewall hit', Log::CHANNEL_SECURITY, Log::LEVEL_INFORMATIONAL, implode(PHP_EOL, Ajde_Acl::$log)); Ajde::app()->getRequest()->set('message', __('You may not have the required permission to view this resource')); Ajde::app()->getResponse()->dieOnCode(Response::RESPONSE_TYPE_UNAUTHORIZED); }
private function sendRequest($request, $asRaw = false) { if (self::$_debug) { Log::log("INPUT DATA: " . var_export($request, true)); } $xml = self::buildXML($request); $url = fsockopen("ssl://" . self::$_api_url, 443); if ($url === false) { return array('success' => false, 'response' => 'iDeal foutmelding: Kan niet verbinden'); } $data = $xml->saveXML(); $length = strlen($data); if (self::$_debug) { Log::log("REQUEST XML: " . var_export($data, true)); } $post = "GET " . self::$_api_path . " HTTP/1.0\n"; $post .= "Content-Length: {$length}\n"; $post .= "Content-Type: text/xml\n"; $post .= "Connection: Close\n\n"; $post .= "{$data}\n\n"; fputs($url, $post); $response = ''; while (!feof($url)) { $response .= fgets($url, 1024); } fclose($url); if (self::$_debug) { Log::log("RESPONSE DATA: " . var_export($response, true)); } if ($asRaw) { $contentLenght = strpos($response, PHP_EOL . 'Content-Length:') + 1; $nextLine = strpos($response, PHP_EOL, $contentLenght); $result = trim(substr($response, $nextLine)); } else { if (strpos($response, "<?xml") === false) { return array('success' => false, 'response' => "iDeal foutmelding: Ongeldig antwoord"); } $start = strpos($response, '<?xml'); $response = substr($response, $start); $xml = new DOMDocument(); $xml->loadXML($response); $result = simplexml_import_dom($xml); if (self::$_debug) { Log::log("OUTPUT XML: " . var_export($result, true)); } if ($result->error) { return array('success' => false, 'response' => "iDeal foutmelding ({$result->error}): " . self::getError($result->error)); } } return array('success' => true, 'response' => $result); }