function process()
{
global $osC_Customer, $osC_Language, $osC_Currencies, $osC_ShoppingCart, $_POST, $_GET, $osC_Database, $messageStack;
// get data from pasargad
$tref = $_GET['tref'];
//TransactionReferenceID
$iNumber = $_GET['iN'];
//invoiceNumber
$iDate = $_GET['iD'];
//invoiceDate
$this->_order_id = osC_Order::insert(ORDERS_STATUS_PREPARING);
$order = $this->_order_id;
if (MODULE_PAYMENT_BPI_CURRENCY == 'Selected Currency') {
$currency = $osC_Currencies->getCode();
} else {
$currency = MODULE_PAYMENT_BPI_CURRENCY;
}
$amount = round($osC_Currencies->formatRaw($osC_ShoppingCart->getTotal(), $currency), 2);
require_once 'ext/bpiclass/parser.php';
$result = post2https($tref, 'https://pep.shaparak.ir/CheckTransactionResult.aspx');
$array = makeXMLTree($result);
$state = strtolower($array["resultObj"]["result"]);
$action = $array["resultObj"]["action"];
$invoiceNumber = $array["resultObj"]["invoiceNumber"];
$invoiceDate = $array["resultObj"]["invoiceDate"];
$merchantCode = $array["resultObj"]["merchantCode"];
$terminalCode = $array["resultObj"]["terminalCode"];
$traceNumber = $array["resultObj"]["traceNumber"];
$referenceNumber = $array["resultObj"]["referenceNumber"];
$transactionDate = $array["resultObj"]["transactionDate"];
if ($state == "true" and $action == "1003" and $merchantCode == MODULE_PAYMENT_BPI_MERCHANT_CODE and $terminalCode == MODULE_PAYMENT_BPI_TERMINAL_CODE and $invoiceDate == $iDate and $invoiceNumber == $order) {
// here we update our order state
$this->_order_id = osC_Order::insert();
$comments = $osC_Language->get('payment_bpi_transaction_id') . '[' . $tref . ']' . $osC_Language->get('payment_bpi_reference_id') . '[' . $referenceNumber . ']';
osC_Order::process($this->_order_id, $this->order_status, $comments);
// here we save our database
$osC_Database->simpleQuery("insert into `" . DB_TABLE_PREFIX . "online_transactions`\n\t\t\t\t\t \t\t(orders_id,receipt_id,transaction_method,transaction_date,transaction_amount,transaction_id) values\n\t\t ('{$order}','{$referenceNumber}','bpi','{$transactionDate}','{$amount}','{$tref}')\n\t\t\t\t\t ");
//
$Qtransaction = $osC_Database->query('insert into :table_orders_transactions_history (orders_id, transaction_code, transaction_return_value, transaction_return_status, date_added) values (:orders_id, :transaction_code, :transaction_return_value, :transaction_return_status, now())');
$Qtransaction->bindTable(':table_orders_transactions_history', TABLE_ORDERS_TRANSACTIONS_HISTORY);
$Qtransaction->bindInt(':orders_id', $order);
$Qtransaction->bindInt(':transaction_code', 1);
$Qtransaction->bindValue(':transaction_return_value', $referenceNumber);
$Qtransaction->bindInt(':transaction_return_status', 1);
$Qtransaction->execute();
} else {
osC_Order::remove($this->_order_id);
if ($state == "false" and $merchantCode == MODULE_PAYMENT_BPI_MERCHANT_CODE and $terminalCode == MODULE_PAYMENT_BPI_TERMINAL_CODE and $invoiceDate == $iDate and $invoiceNumber == $order) {
$messageStack->add_session('checkout', $osC_Language->get('payment_bpi_unsuccessful_payment'), 'error');
} elseif ($state == "false" and ($merchantCode != MODULE_PAYMENT_BPI_MERCHANT_CODE or $terminalCode != MODULE_PAYMENT_BPI_TERMINAL_CODE or $invoiceDate != $iDate or $invoiceNumber != $order)) {
$messageStack->add_session('checkout', $osC_Language->get('payment_bpi_contradictory_in_information'), 'error');
} else {
$messageStack->add_session('checkout', $osC_Language->get('payment_bpi_payment_not_confirmed'), 'error');
}
osc_redirect(osc_href_link(FILENAME_CHECKOUT, 'checkout&view=paymentInformationForm', 'SSL', null, null, true));
}
}
$host = "www.securepay.com.au/xmlapi/payment";
}
} else {
if ($_POST["payment_type"] == 15 || $_POST["payment_type"] == 17) {
$host = "www.securepay.com.au/test/directentry";
} else {
//$host = "test.securepay.com.au/xmlapi/payment";
//Or if using SSL:
$host = "www.securepay.com.au/test/payment";
}
}
$timestamp = getGMTtimestamp();
$vars = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" . "<SecurePayMessage>" . "<MessageInfo>" . "<messageID>8af793f9af34bea0cf40f5fb5c630c</messageID>" . "<messageTimestamp>" . urlencode($timestamp) . "</messageTimestamp>" . "<timeoutValue>60</timeoutValue>" . "<apiVersion>xml-4.2</apiVersion>" . "</MessageInfo>" . "<MerchantInfo>" . "<merchantID>" . urlencode($_POST["merchant_id"]) . "</merchantID>" . "<password>" . urlencode($_POST["transaction_password"]) . "</password>" . "</MerchantInfo>" . "<RequestType>" . urlencode($_POST["request_type"]) . "</RequestType>" . "<Payment>" . "<TxnList count=\"1\">" . "<Txn ID=\"1\">" . "<txnType>" . urlencode($_POST["payment_type"]) . "</txnType>" . "<txnSource>23</txnSource>" . "<amount>" . str_replace(".", "", urlencode($_POST["payment_amount"])) . "</amount>" . "<purchaseOrderNo>" . urlencode($_POST["payment_reference"]) . "</purchaseOrderNo>" . "<currency>" . urlencode($_POST["currency"]) . "</currency>" . "<preauthID>" . urlencode($_POST["preauthid"]) . "</preauthID>" . "<txnID>" . urlencode($_POST["txnid"]) . "</txnID>" . "<CreditCardInfo>" . "<cardNumber>" . urlencode($_POST["card_number"]) . "</cardNumber>" . "<cvv>" . urlencode($_POST["card_cvv"]) . "</cvv>" . "<expiryDate>" . urlencode($_POST["card_expiry_month"]) . "/" . urlencode($_POST["card_expiry_year"]) . "</expiryDate>" . "</CreditCardInfo>" . "<DirectEntryInfo>" . "<bsbNumber>" . urlencode($_POST["bsb_number"]) . "</bsbNumber>" . "<accountNumber>" . urlencode($_POST["account_number"]) . "</accountNumber>" . "<accountName>" . urlencode($_POST["account_name"]) . "</accountName>" . "</DirectEntryInfo>" . "</Txn>" . "</TxnList>" . "</Payment>" . "</SecurePayMessage>";
$response = openSocket($host, $vars);
$xmlres = array();
$xmlres = makeXMLTree($response);
/*
// Display Array contents.
echo "<pre>";
print_r($xmlres);
echo "</pre>";
*/
echo "<h3>Transaction Details</h3>";
//fetch current date in MONTH/YEAR(eg. 01/12) format for checking expiry date
$currentDate = date("m/y");
$expiryDate = trim($xmlres[SecurePayMessage][Payment][TxnList][Txn][CreditCardInfo][expiryDate]);
//explode current date
$cur = explode("/", $currentDate);
//explode expiry date
$exp = explode("/", $expiryDate);
//fetch credit card error message using reg ex, if 'Invalid'
$SESSION = new session_class();
register_shutdown_function('session_write_close');
session_start();
if (!isset($_SESSION[$conf->app . '_user_id'])) {
die('error');
}
include_once '../class/parser.php';
//var_dump($array);
//echo("<br /><br /><h1>");
//echo $array["resultObj"]["result"];
//echo("</h1>")
if (isset($_GET['tref']) && isset($_GET['iN']) && isset($_GET['iD'])) {
$iN = (int) $_GET['iN'];
$iD = trim($_GET['iD']);
$result = post2https($_GET['tref'], 'https://epayment.bankpasargad.com/CheckTransactionResult.aspx');
$bank_out = makeXMLTree($result);
//var_dump($bank_out);
if ($bank_out["resultObj"]["result"] == "True" && $iN == (int) $bank_out["resultObj"]['invoiceNumber'] && $iD == trim($bank_out['resultObj']['invoiceDate'])) {
$pardakht = new pardakht_class((int) $bank_out['resultObj']['invoiceNumber']);
$pardakht->bank_out = serialize($bank_out);
$sanad_record_id = sanad_class::getLastSanad_record_id();
$sanad_record_id_ticket = $sanad_record_id;
//-------------ticket ----------
$res_tmp = explode(',', $pardakht->sanad_record_id);
$ghimat_kharid = 0;
$ticket_ids = array();
$ticket_error = FALSE;
$ticket_ids = array();
$shenavar = array();
$tedad = 0;
for ($i = 0; $i < count($res_tmp); $i++) {
