/** * Process callback * * @param \XLite\Model\Payment\Transaction $transaction Callback-owner transaction * * @return void */ public function processCallback(\XLite\Model\Payment\Transaction $transaction) { parent::processCallback($transaction); $request = \XLite\Core\Request::getInstance(); if (!$request->isPost()) { // Callback request must be POST $this->markCallbackRequestAsInvalid(static::t('Request type must be POST')); } elseif (!isset($request->RESULT)) { if (Paypal\Model\Payment\Processor\PaypalIPN::getInstance()->isCallbackIPN()) { // If callback is IPN request from Paypal Paypal\Model\Payment\Processor\PaypalIPN::getInstance()->processCallbackIPN($transaction, $this); $transaction->registerTransactionInOrderHistory('callback, IPN'); $transaction->getOrder()->setPaymentStatusByTransaction($transaction); \XLite\Core\Database::getEM()->flush(); } else { // RESULT parameter must be presented in all callback requests $this->markCallbackRequestAsInvalid(static::t('\'RESULT\' argument not found')); } } else { $this->setDetail('status', isset($request->RESPMSG) ? $request->RESPMSG : 'Unknown', 'Status'); $this->saveDataFromRequest(); if ('0' === $request->RESULT) { // Transaction successful if RESULT == '0' $status = $transaction::STATUS_SUCCESS; } elseif ('126' === $request->RESULT) { // This RESULT returned if merchant enabled fraud filters in thier PayPal account $status = $transaction::STATUS_PENDING; } else { $status = $transaction::STATUS_FAILED; } // Amount checking if (isset($request->AMT) && !$this->checkTotal($request->AMT)) { $status = $transaction::STATUS_FAILED; } Paypal\Main::addLog('processCallback', array('request' => $request, 'status' => $status)); $transaction->setStatus($status); $this->updateInitialBackendTransaction($transaction, $status); $transaction->registerTransactionInOrderHistory('callback'); } }
/** * Process callback * * @param \XLite\Model\Payment\Transaction $transaction Callback-owner transaction * * @return void */ public function processCallback(\XLite\Model\Payment\Transaction $transaction) { parent::processCallback($transaction); $request = \XLite\Core\Request::getInstance(); if (!$request->isPost()) { $this->markCallbackRequestAsInvalid(static::t('Request type must be POST')); } elseif (!isset($request->status)) { $this->markCallbackRequestAsInvalid(static::t('\'status\' request argument can not found')); } else { $this->setDetail('status', isset($this->statuses[$request->status]) ? $this->statuses[$request->status] : 'Failed', 'Status'); $this->saveDataFromRequest(); switch ($request->status) { case 0: $status = $transaction::STATUS_PENDING; break; case 2: $status = $transaction::STATUS_SUCCESS; break; default: $status = $transaction::STATUS_FAILED; } // Amount checking if (isset($request->amount) && !$this->checkTotal($request->amount)) { $status = $transaction::STATUS_FAILED; } // Currency checking if (isset($request->currency) && !$this->checkCurrency($request->currency)) { $status = $transaction::STATUS_FAILED; } // Check MD5 hash if ($status == $transaction::STATUS_SUCCESS && $request->md5sig && \XLite\Core\Config::getInstance()->CDev->Moneybookers->secret_word) { $base = $request->merchant_id . $request->transaction_id . strtoupper(md5(\XLite\Core\Config::getInstance()->CDev->Moneybookers->secret_word)) . $request->mb_amount . $request->mb_currency . $request->status; if (strtoupper(md5($base)) != strtoupper($request->md5sig)) { $this->setDetail('signature_error', 'Payment transaction\'s secure signature is corrupted' . PHP_EOL . 'Signature from request: ' . strtoupper($request->md5sig) . PHP_EOL . 'Calculated signature: ' . strtoupper(md5($base)), 'Hacking attempt'); $status = $transaction::STATUS_FAILED; } } if ($request->payment_type && isset($this->paymentTypes[$request->payment_type])) { $this->setDetail('payment_type', $this->paymentTypes[$request->payment_type] . ' (' . $request->payment_type . ')', 'Payment type'); } if ($request->failed_reason_code && isset($this->failedReasons[$request->failed_reason_code])) { $this->setDetail('failed_reason', $this->failedReasons[$request->failed_reason_code], 'Failed reason'); } $this->transaction->setStatus($status); } }