/** * Make a XML-RPC call * If the global variable $errorStatus is not zero, the XML-RPC call is not * done, and this function returns nothing. * * @param $method name of the method * @param $params array with param * @return the XML-RPC call result */ function xmlCall($method, $params = null) { global $errorStatus; global $errorDesc; global $conf; if (isXMLRPCError()) { // Don't do a XML-RPC call if a previous one failed return; } /* Set defaut login/pass if not set. The credentials are used to authenticate the web interface to the XML-RPC server. */ if (!isset($conf["global"]["login"])) { $conf["global"]["login"] = "******"; $conf["global"]["password"] = "******"; } $output_options = array("output_type" => "xml", "verbosity" => "pretty", "escaping" => array("markup"), "version" => "xmlrpc", "encoding" => "UTF-8"); $request = xmlrpc_encode_request($method, $params, $output_options); /* We build the HTTP POST that will be sent */ $host = $_SESSION["XMLRPC_agent"]["host"] . ":" . $_SESSION["XMLRPC_agent"]["port"]; $url = "/"; $httpQuery = "POST " . $url . " HTTP/1.0\r\n"; $httpQuery .= "User-Agent: MMC web interface\r\n"; $httpQuery .= "Host: " . $host . "\r\n"; $httpQuery .= "Content-Type: text/xml\r\n"; $httpQuery .= "Content-Length: " . strlen($request) . "\r\n"; /* Don't set the RPC session cookie if the user is on the login page */ if ($method == "base.ldapAuth" || $method == "base.tokenAuthenticate") { unset($_SESSION["RPCSESSION"]); $httpQuery .= "X-Browser-IP: " . $_SERVER["REMOTE_ADDR"] . "\r\n"; $httpQuery .= "X-Browser-HOSTNAME: " . gethostbyaddr($_SERVER["REMOTE_ADDR"]) . "\r\n"; } else { $httpQuery .= "Cookie: " . $_SESSION["RPCSESSION"] . "\r\n"; } $httpQuery .= "Authorization: Basic " . base64_encode($conf["global"]["login"] . ":" . $conf["global"]["password"]) . "\r\n\r\n"; $httpQuery .= $request; $sock = null; /* Connect to the XML-RPC server */ if ($_SESSION["XMLRPC_agent"]["scheme"] == "https") { $prot = "ssl://"; } else { $prot = ""; } list($sock, $errNo, $errString) = openSocket($prot, $conf); if (!$sock) { /* Connection failure */ $errObj = new ErrorHandlingItem(''); $errObj->setMsg(_("Can't connect to MMC agent")); $errObj->setAdvice(_("MMC agent seems to be down or not correctly configured.") . '<br/> Error: ' . $errNo . ' - ' . $errString); $errObj->setTraceBackDisplay(false); $errObj->setSize(400); $errObj->process(''); $errorStatus = 1; return FALSE; } /* Send the HTTP POST */ if (!fwrite($sock, $httpQuery, strlen($httpQuery))) { /* Failure */ $errObj = new ErrorHandlingItem(''); $errObj->setMsg(_("Can't send XML-RPC request to MMC agent")); $errObj->setAdvice(_("MMC agent seems to be not correctly configured.")); $errObj->setTraceBackDisplay(false); $errObj->setSize(400); $errObj->process(''); $errorStatus = 1; return FALSE; } fflush($sock); /* Get the response from the server */ $xmlResponse = ''; while (!feof($sock)) { $ret = fread($sock, 8192); $info = stream_get_meta_data($sock); if ($info['timed_out']) { $errObj = new ErrorHandlingItem(''); $errObj->setMsg(_('MMC agent communication problem')); $errObj->setAdvice(_('Timeout when reading data from the MMC agent. Please check network connectivity and server load.')); $errObj->setTraceBackDisplay(false); $errObj->setSize(400); $errObj->process(''); $errorStatus = 1; return FALSE; } if ($ret === False) { $errObj = new ErrorHandlingItem(''); $errObj->setMsg(_("Error while reading MMC agent XML-RPC response.")); $errObj->setAdvice(_("Please check network connectivity.")); $errObj->setTraceBackDisplay(false); $errObj->setSize(400); $errObj->process(''); $errorStatus = 1; return FALSE; } $xmlResponse .= $ret; } fclose($sock); /* Process the response */ if (!strlen($xmlResponse)) { $errObj = new ErrorHandlingItem(''); $errObj->setMsg(_("MMC agent communication problem")); $errObj->setAdvice(_("Can't communicate with MMC agent. Please check you're using the right TCP port and the right protocol.")); $errObj->setTraceBackDisplay(false); $errObj->setSize(400); $errObj->process(''); $errorStatus = 1; return FALSE; } /* Process the received HTTP header */ $pos = strpos($xmlResponse, "\r\n\r\n"); $httpHeader = substr($xmlResponse, 0, $pos); if ($method == "base.ldapAuth" || $method == "base.tokenAuthenticate") { if ($method == "base.tokenAuthenticate") { $_SESSION["AUTH_METHOD"] = "token"; } else { $_SESSION["AUTH_METHOD"] = "login"; } /* The RPC server must send us a session cookie */ if (preg_match("/(TWISTED_SESSION=[0-9a-f]+);/", $httpHeader, $match) > 0) { $_SESSION["RPCSESSION"] = $match[1]; } else { /* Can't get a session from the Twisted XML-RPC server */ $errObj = new ErrorHandlingItem(''); $errObj->setMsg(_("MMC agent communication problem")); $errObj->setAdvice(_("The MMC agent didn't give us a session number. Please check the MMC agent version.")); $errObj->setTraceBackDisplay(false); $errObj->setSize(400); $errObj->process(''); $errorStatus = 1; return False; } } /* Process the XML response */ $xmlResponse = substr($xmlResponse, $pos + 4); /* Test if the XMLRPC result is a boolean value set to False. If it is the case, xmlrpc_decode will return an empty string. So we need to test this special case. Looks like this bug is fixed in latest PHP version. At least it works with PHP 5.2.0. */ $booleanFalse = "<?xml version='1.0' ?>\n<methodResponse>\n<params>\n<param>\n<value><boolean>0</boolean></value>\n</param>\n</params>\n</methodResponse>\n"; if ($xmlResponse == $booleanFalse) { $xmlResponse = False; } else { $xmlResponseTmp = xmlrpc_decode($xmlResponse, "UTF-8"); /* if we cannot decode in UTF-8 */ if (!$xmlResponseTmp) { /* Maybe we received data encoded in ISO latin 1, so convert them to UTF8 first*/ $xmlResponse = iconv("ISO-8859-1", "UTF-8", $xmlResponse); $xmlResponse = xmlrpc_decode($xmlResponse, "UTF-8"); } else { $xmlResponse = $xmlResponseTmp; } } /* If debug is on, print the XML-RPC call and result */ if ($conf["debug"]["level"] != 0) { $str = '<div class="alert alert-info">'; $str .= "XML RPC CALL FUNCTION: {$method}("; if (!$params) { $params = "null"; } else { if (is_array($params)) { $str .= var_export($params, True); } else { $str .= $params; } } $str .= ')'; if (is_array($xmlResponse)) { $str .= "<pre>"; $str .= "result : "; $str .= var_export($xmlResponse, True); $str .= "</pre>"; } else { $str .= "result : " . $xmlResponse; } $str .= '</div>'; echo $str; } /* If the XML-RPC server sent a fault, display an error */ if (is_array($xmlResponse) && isset($xmlResponse["faultCode"])) { if ($xmlResponse["faultCode"] == "8003") { /* Fault 8003 means the session with the XML-RPC server has expired. So we make the current PHP session expire, so that the user is redirected to the login page. */ require_once 'modules/base/includes/users-xmlrpc.inc.php'; // Create a template array to store important session vars $temp = array(); // Session keys to keep $keys = array('ip_addr', 'XMLRPC_agent', 'agent', 'XMLRPC_server_description', 'AUTH_METHOD', 'login', 'pass', 'expire', 'lang', 'RPCSESSION', 'aclattr', 'acltab', 'acl', 'supportModList', 'modListVersion', 'doeffect', 'modulesList'); // Saving session params foreach ($keys as $key) { if (isset($_SESSION[$key])) { $temp[$key] = $_SESSION[$key]; } } // Destroy and recreate session to eliminate // modules session params session_destroy(); session_start(); // Restoring session params foreach ($keys as $key) { if (isset($temp[$key])) { $_SESSION[$key] = $temp[$key]; } } if (auth_user($temp['login'], $temp['pass'])) { // If login succeed, retry call after relogin return xmlCall($method, $params); } else { // Logout and request a new login unset($_SESSION["expire"]); $_SESSION["agentsessionexpired"] = 1; $root = $conf["global"]["root"]; header("Location: {$root}" . "main.php"); exit; } } /* Try to find an error handler */ $result = findErrorHandling($xmlResponse["faultCode"]); if (!is_object($result) and $result == -1) { /* We didn't find one */ $result = new ErrorHandlingItem(''); $result->setMsg(_("unknown error")); $result->setAdvice(_("This exception is unknown. Please contact us to add an error handling on this error.")); } $result->process($xmlResponse); $errorStatus = 1; $errorDesc = $xmlResponse["faultCode"]; return False; } /* Return the result of the remote procedure call */ return $xmlResponse; }
$host = "www.securepay.com.au/xmlapi/directentry"; } else { $host = "www.securepay.com.au/xmlapi/payment"; } } else { if ($_POST["payment_type"] == 15 || $_POST["payment_type"] == 17) { $host = "www.securepay.com.au/test/directentry"; } else { //$host = "test.securepay.com.au/xmlapi/payment"; //Or if using SSL: $host = "www.securepay.com.au/test/payment"; } } $timestamp = getGMTtimestamp(); $vars = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" . "<SecurePayMessage>" . "<MessageInfo>" . "<messageID>8af793f9af34bea0cf40f5fb5c630c</messageID>" . "<messageTimestamp>" . urlencode($timestamp) . "</messageTimestamp>" . "<timeoutValue>60</timeoutValue>" . "<apiVersion>xml-4.2</apiVersion>" . "</MessageInfo>" . "<MerchantInfo>" . "<merchantID>" . urlencode($_POST["merchant_id"]) . "</merchantID>" . "<password>" . urlencode($_POST["transaction_password"]) . "</password>" . "</MerchantInfo>" . "<RequestType>" . urlencode($_POST["request_type"]) . "</RequestType>" . "<Payment>" . "<TxnList count=\"1\">" . "<Txn ID=\"1\">" . "<txnType>" . urlencode($_POST["payment_type"]) . "</txnType>" . "<txnSource>23</txnSource>" . "<amount>" . str_replace(".", "", urlencode($_POST["payment_amount"])) . "</amount>" . "<purchaseOrderNo>" . urlencode($_POST["payment_reference"]) . "</purchaseOrderNo>" . "<currency>" . urlencode($_POST["currency"]) . "</currency>" . "<preauthID>" . urlencode($_POST["preauthid"]) . "</preauthID>" . "<txnID>" . urlencode($_POST["txnid"]) . "</txnID>" . "<CreditCardInfo>" . "<cardNumber>" . urlencode($_POST["card_number"]) . "</cardNumber>" . "<cvv>" . urlencode($_POST["card_cvv"]) . "</cvv>" . "<expiryDate>" . urlencode($_POST["card_expiry_month"]) . "/" . urlencode($_POST["card_expiry_year"]) . "</expiryDate>" . "</CreditCardInfo>" . "<DirectEntryInfo>" . "<bsbNumber>" . urlencode($_POST["bsb_number"]) . "</bsbNumber>" . "<accountNumber>" . urlencode($_POST["account_number"]) . "</accountNumber>" . "<accountName>" . urlencode($_POST["account_name"]) . "</accountName>" . "</DirectEntryInfo>" . "</Txn>" . "</TxnList>" . "</Payment>" . "</SecurePayMessage>"; $response = openSocket($host, $vars); $xmlres = array(); $xmlres = makeXMLTree($response); /* // Display Array contents. echo "<pre>"; print_r($xmlres); echo "</pre>"; */ echo "<h3>Transaction Details</h3>"; //fetch current date in MONTH/YEAR(eg. 01/12) format for checking expiry date $currentDate = date("m/y"); $expiryDate = trim($xmlres[SecurePayMessage][Payment][TxnList][Txn][CreditCardInfo][expiryDate]); //explode current date $cur = explode("/", $currentDate); //explode expiry date