/**
* Generer le contexte pour le formulaire de requete de paiement
* il faut avoir un id_transaction et un transaction_hash coherents
* pour se premunir d'une tentative d'appel exterieur
*
* @param int $id_transaction
* @param string $transaction_hash
* @param $config
* configuration du module
* @return array
*/
function presta_cmcic_call_request_dist($id_transaction, $transaction_hash, $config)
{
if (!($row = sql_fetsel("*", "spip_transactions", "id_transaction=" . intval($id_transaction) . " AND transaction_hash=" . sql_quote($transaction_hash)))) {
return array();
}
include_spip('inc/filtres');
$contexte = array();
$oTpe = new CMCIC_Tpe($config, strtoupper($GLOBALS['spip_lang']));
if (!$oTpe->isOK) {
return false;
}
$oHmac = new CMCIC_Hmac($oTpe);
// Control String for support
$CtlHmac = sprintf(_CMCIC_CTLHMAC, $oTpe->sVersion, $oTpe->sNumero, $oHmac->computeHmac(sprintf(_CMCIC_CTLHMACSTR, $oTpe->sVersion, $oTpe->sNumero)));
// Currency : ISO 4217 compliant
$devise = "EUR";
// Amount : format "xxxxx.yy" (no spaces)
$montant = $row['montant'];
$contexte['version'] = $oTpe->sVersion;
$contexte['TPE'] = $oTpe->sNumero;
// transaction date : format d/m/y:h:m:s
$contexte['date'] = date("d/m/Y:H:i:s");
$contexte['montant'] = $montant . $devise;
// Reference: unique, alphaNum (A-Z a-z 0-9), 12 characters max
$contexte['reference'] = substr($transaction_hash, 0, 12);
$contexte['lgue'] = $oTpe->sLangue;
$contexte['societe'] = $oTpe->sCodeSociete;
// on transmet dans le texte libre les données id_transaction & hash
// pour les avoir dans le retour URL CGI2 qui est une url à donner à la banque
// et qui n'a pas connaissance autrement de notre id_transaction et hash :(
// URL CGI2 à donner à la banque :
// http(s)://votresite.org/?action=bank_autoresponse&bankp=cmcic
$contenu = array('id' => $id_transaction, 'hash' => $transaction_hash, 'lang' => $GLOBALS['spip_lang'], 'contenu' => $row['contenu']);
// texte-libre doit etre protege car le formulaire est parfois reinjecte par Cmcic
// dans une page de redirection pour les mobiles
$contexte['texte-libre'] = urlencode(serialize($contenu));
$contexte['mail'] = bank_porteur_email($row);
// Data to certify
$PHP1_FIELDS = sprintf(_CMCIC_CGI1_FIELDS, $contexte['TPE'], $contexte['date'], $montant, $devise, $contexte['reference'], $contexte['texte-libre'], $oTpe->sVersion, $oTpe->sLangue, $oTpe->sCodeSociete, $contexte['mail'], "", "", "", "", "", "", "", "", "", "");
// MAC computation
$contexte['MAC'] = $oHmac->computeHmac($PHP1_FIELDS);
// Urls de retour.
// La banque poste d'abord sur l'URL CGI2 (cf cmcic/config.php) qui doit traiter
// le paiement positif et en attend une réponse (texte).
// Puis, elle présente sur la banque au choix ces urls pour revenir sur le site
// - retour OK si le paiement s'est bien déroulé
$contexte['url_retour_ok'] = bank_url_api_retour($config, "response", "id={$id_transaction};{$transaction_hash}");
// - retour err si le paiement a été refusé
$contexte['url_retour_err'] = bank_url_api_retour($config, "cancel", "id={$id_transaction};{$transaction_hash}");
// - retour (bouton Annuler) si le bonhomme décide d'abandonner le paiement
$contexte['url_retour'] = $contexte['url_retour_ok'];
$hidden = "";
foreach ($contexte as $k => $v) {
$hidden .= "<input type='hidden' name='{$k}' value='" . str_replace("'", "'", $v) . "' />";
}
include_spip('inc/filtres_mini');
$contexte = array('hidden' => $hidden, 'action' => cmcic_url_serveur($config), 'backurl' => url_absolue(self()), 'id_transaction' => $id_transaction, 'transaction_hash' => $transaction_hash);
return $contexte;
}
/**
* Traitement de la réponse du serveur de paiement
* Pas de paramètre, les données seront dans $_POST ou $_GET
*/
function call_response()
{
$CMCIC_bruteVars = getMethode();
$oTpe = new CMCIC_Tpe();
$oHmac = new CMCIC_Hmac($oTpe);
$cgi2_fields = sprintf(CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars['date'], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], @$CMCIC_bruteVars['motifrefus'], @$CMCIC_bruteVars['originecb'], @$CMCIC_bruteVars['bincb'], @$CMCIC_bruteVars['hpancb'], @$CMCIC_bruteVars['ipclient'], @$CMCIC_bruteVars['originetr'], @$CMCIC_bruteVars['veres'], @$CMCIC_bruteVars['pares']);
if ($oHmac->computeHmac($cgi2_fields) == strtolower($CMCIC_bruteVars['MAC'])) {
$MAC_match = true;
$receipt = CMCIC_CGI2_MACOK;
} else {
$MAC_match = false;
$receipt = CMCIC_CGI2_MACNOTOK . $cgi2_fields;
}
$response = array('MAC_match' => $MAC_match, 'receipt' => $receipt);
foreach ($CMCIC_bruteVars as $field => $value) {
$response[$field] = $value;
}
return $response;
}
/**
* Retrouve la réponse de la banque CIC et vérifie sa sécurité
*
* @param array $config
* @return bool|array
* False si erreur ou clé de sécurité erronnée
* array : tableau des données de la banque sinon
**/
function cmcic_response($config)
{
$mode = $config['presta'];
if (isset($config['mode_test']) and $config['mode_test']) {
$mode .= "_test";
}
// Begin Main : Retrieve Variables posted by CMCIC Payment Server
$CMCIC_bruteVars = getMethode();
spip_log("call_response : réception des variables cmcic", $mode);
// peu de chance d'être en erreur ici, mais sait-on jamais
if (!$CMCIC_bruteVars) {
spip_log("call_response : variables cmcic introuvables", $mode);
#return presta_cmcic_notifier_banque_erreur();
return false;
}
// TPE init variables
$oTpe = new CMCIC_Tpe($config);
$oHmac = new CMCIC_Hmac($oTpe);
// Message Authentication
$cgi2_fields = sprintf(_CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars["date"], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], $CMCIC_bruteVars['motifrefus'], $CMCIC_bruteVars['originecb'], $CMCIC_bruteVars['bincb'], $CMCIC_bruteVars['hpancb'], $CMCIC_bruteVars['ipclient'], $CMCIC_bruteVars['originetr'], $CMCIC_bruteVars['veres'], $CMCIC_bruteVars['pares']);
// uniquement si le code de sécurité correspond
if ($oHmac->computeHmac($cgi2_fields) != strtolower($CMCIC_bruteVars['MAC'])) {
spip_log("call_response : clé de sécurité falsifiée ou erronée", $mode);
return false;
#return presta_cmcic_notifier_banque_erreur();
}
// clé correcte
return $CMCIC_bruteVars;
}
public function executeBack(HTTPRequest $request)
{
error_reporting(E_ALL ^ E_NOTICE);
header("Pragma: no-cache");
header("Content-type: text/plain");
// TPE Settings
// Warning !! CMCIC_Config contains the key, you have to protect this file with all the mechanism available in your development environment.
// You may for instance put this file in another directory and/or change its name. If so, don't forget to adapt the include path below.
require_once dirname(__FILE__) . '/../../../../lib/paiement/CMCIC_Config.php';
// --- PHP implementation of RFC2104 hmac sha1 ---
require_once dirname(__FILE__) . '/../../../../lib/paiement/CMCIC_Tpe.inc.php';
// Begin Main : Retrieve Variables posted by CMCIC Payment Server
$CMCIC_bruteVars = getMethode();
// TPE init variables
$oTpe = new CMCIC_Tpe();
$oHmac = new CMCIC_Hmac($oTpe);
// Message Authentication
$cgi2_fields = sprintf(CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars["date"], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], $CMCIC_bruteVars['motifrefus'], $CMCIC_bruteVars['originecb'], $CMCIC_bruteVars['bincb'], $CMCIC_bruteVars['hpancb'], $CMCIC_bruteVars['ipclient'], $CMCIC_bruteVars['originetr'], $CMCIC_bruteVars['veres'], $CMCIC_bruteVars['pares']);
if ($oHmac->computeHmac($cgi2_fields) == strtolower($CMCIC_bruteVars['MAC'])) {
switch ($CMCIC_bruteVars['code-retour']) {
case "Annulation":
// Payment has been refused
// put your code here (email sending / Database update)
// Attention : an autorization may still be delivered for this payment
break;
case "payetest":
// Payment has been accepeted on the test server
// put your code here (email sending / Database update)
$reservationId = $request->postData('reference');
$reservation = $this->_announcementReservationManager->get($reservationId);
if (!is_null($reservation)) {
$reservation->setStateId(PaiementStates::WAITING_VALIDATION);
$reservation->setTransactionRef($reservation->id());
$this->_announcementReservationManager->save($reservation);
$messageMail = new Mail();
$messageMail->sendReservationOwnerValidation($this->_usersManager->get($reservation->getUserOwnerId()), $this->_usersManager->get($reservation->getUserSubscriberId()), $this->_announcementManager->get($reservation->getAnnouncementId()), $reservation);
$messageMail->sendReservationSubscriberRecap($this->_usersManager->get($reservation->getUserOwnerId()), $this->_usersManager->get($reservation->getUserSubscriberId()), $this->_announcementManager->get($reservation->getAnnouncementId()));
}
break;
case "paiement":
// Payment has been accepted on the productive server
// put your code here (email sending / Database update)
$reservationId = $request->postData('reference');
$reservation = $this->_announcementReservationManager->get($reservationId);
if (!is_null($reservation)) {
$reservation->setStateId(PaiementStates::WAITING_VALIDATION);
$reservation->setTransactionRef($reservation->id());
$this->_announcementReservationManager->save($reservation);
$messageMail = new Mail();
$messageMail->sendReservationOwnerValidation($this->_usersManager->get($reservation->getUserOwnerId()), $this->_usersManager->get($reservation->getUserSubscriberId()), $this->_announcementManager->get($reservation->getAnnouncementId()), $reservation);
$messageMail->sendReservationSubscriberRecap($this->_usersManager->get($reservation->getUserOwnerId()), $this->_usersManager->get($reservation->getUserSubscriberId()), $this->_announcementManager->get($reservation->getAnnouncementId()));
}
break;
/*** ONLY FOR MULTIPART PAYMENT ***/
/*** ONLY FOR MULTIPART PAYMENT ***/
case "paiement_pf2":
case "paiement_pf3":
case "paiement_pf4":
// Payment has been accepted on the productive server for the part #N
// return code is like paiement_pf[#N]
// put your code here (email sending / Database update)
// You have the amount of the payment part in $CMCIC_bruteVars['montantech']
break;
case "Annulation_pf2":
case "Annulation_pf3":
case "Annulation_pf4":
// Payment has been refused on the productive server for the part #N
// return code is like Annulation_pf[#N]
// put your code here (email sending / Database update)
// You have the amount of the payment part in $CMCIC_bruteVars['montantech']
break;
}
$receipt = CMCIC_CGI2_MACOK;
} else {
// your code if the HMAC doesn't match
$receipt = CMCIC_CGI2_MACNOTOK . $cgi2_fields;
}
//-----------------------------------------------------------------------------
// Send receipt to CMCIC server
//-----------------------------------------------------------------------------
printf(CMCIC_CGI2_RECEIPT, $receipt);
// Copyright (c) 2009 Euro-Information ( mailto:centrecom@e-i.com )
// All rights reserved. ---
}
// montant �ch�ance 2 - format "xxxxx.yy" (no spaces) //$sMontantEcheance2 = "0.25" . $sDevise; $sMontantEcheance2 = ""; // date echeance 3 - format dd/mm/yyyy $sDateEcheance3 = ""; // montant �ch�ance 3 - format "xxxxx.yy" (no spaces) //$sMontantEcheance3 = "0.25" . $sDevise; $sMontantEcheance3 = ""; // date echeance 4 - format dd/mm/yyyy $sDateEcheance4 = ""; // montant �ch�ance 4 - format "xxxxx.yy" (no spaces) //$sMontantEcheance4 = "0.25" . $sDevise; $sMontantEcheance4 = ""; // ---------------------------------------------------------------------------- $oTpe = new CMCIC_Tpe($sLangue); $oHmac = new CMCIC_Hmac($oTpe); // Control String for support $CtlHmac = sprintf(CMCIC_CTLHMAC, $oTpe->sVersion, $oTpe->sNumero, $oHmac->computeHmac(sprintf(CMCIC_CTLHMACSTR, $oTpe->sVersion, $oTpe->sNumero))); // Data to certify $PHP1_FIELDS = sprintf(CMCIC_CGI1_FIELDS, $oTpe->sNumero, $sDate, $sMontant, $sDevise, $sReference, $sTexteLibre, $oTpe->sVersion, $oTpe->sLangue, $oTpe->sCodeSociete, $sEmail, $sNbrEch, $sDateEcheance1, $sMontantEcheance1, $sDateEcheance2, $sMontantEcheance2, $sDateEcheance3, $sMontantEcheance3, $sDateEcheance4, $sMontantEcheance4, $sOptions); // MAC computation $sMAC = $oHmac->computeHmac($PHP1_FIELDS); // --------------------------------------------------- End Stub --------------- // ---------------------------------------------------------------------------- // Your Page displaying payment button to be customized // ---------------------------------------------------------------------------- ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr"> <head>
public function payment_action($payment)
{
$this->debug(__FUNCTION__, 2, __LINE__);
$sOptions = "";
$sReference = substr(md5(microtime()), 0, 12);
$sMontant = $this->price;
$sDevise = $this->currency;
$sTexteLibre = $payment;
$sDate = date("d/m/Y:H:i:s");
$sLangue = $this->lang;
$sEmail = $this->customer_mail;
$sNbrEch = "";
$sDateEcheance1 = "";
$sMontantEcheance1 = "";
$sDateEcheance2 = "";
$sMontantEcheance2 = "";
$sDateEcheance3 = "";
$sMontantEcheance3 = "";
$sDateEcheance4 = "";
$sMontantEcheance4 = "";
$oTpe = new CMCIC_Tpe($sLangue);
$oHmac = new CMCIC_Hmac($oTpe);
// Control String for support
$CtlHmac = sprintf(CMCIC_CTLHMAC, $oTpe->sVersion, $oTpe->sNumero, $oHmac->computeHmac(sprintf(CMCIC_CTLHMACSTR, $oTpe->sVersion, $oTpe->sNumero)));
// Data to certify
$PHP1_FIELDS = sprintf(CMCIC_CGI1_FIELDS, $oTpe->sNumero, $sDate, $sMontant, $sDevise, $sReference, $sTexteLibre, $oTpe->sVersion, $oTpe->sLangue, $oTpe->sCodeSociete, $sEmail, $sNbrEch, $sDateEcheance1, $sMontantEcheance1, $sDateEcheance2, $sMontantEcheance2, $sDateEcheance3, $sMontantEcheance3, $sDateEcheance4, $sMontantEcheance4, $sOptions);
// MAC computation
$sMAC = $oHmac->computeHmac($PHP1_FIELDS);
// Setting the parametters
$successSession = $this->linker->payment->setCallPage(0, $this->bank_code, 'payment_success', $payment);
$this->successUrl = $this->linker->path->getLink('payment/callPage/' . $successSession);
$failureSession = $this->linker->payment->setCallPage(0, $this->bank_code, 'payment_failure', $payment);
$this->failureUrl = $this->linker->path->getLink('payment/callPage/' . $failureSession);
$autoresponseSession = $this->linker->payment->setCallPage(0, $this->bank_code, 'payment_autoresponse', $payment);
$this->autoresponseUrl = $this->linker->path->getLink('payment/callPage/' . $autoresponseSession);
$baseUri = $this->linker->path->getBaseUri();
$values['payment']['version'] = $oTpe->sVersion;
$values['payment']['tpeVersion'] = $oTpe->sNumero;
$values['payment']['date'] = $sDate;
$values['payment']['amount'] = $sMontant;
$values['payment']['currency'] = $sDevise;
$values['payment']['reference'] = $sReference;
$values['payment']['smac'] = $sMAC;
$values['payment']['url_ko'] = $oTpe->sUrlKO;
$values['payment']['url_ok'] = $oTpe->sUrlOK;
$values['payment']['lang'] = $oTpe->sLangue;
$values['payment']['companyCode'] = $oTpe->sCodeSociete;
$values['payment']['freeText'] = HtmlEncode($sTexteLibre);
$values['payment']['email'] = $sEmail;
$rendered = $this->render('show', $values, false, false);
echo $rendered;
return true;
}
* License : see attached document "Licence.txt".
*
*****************************************************************************/
header("Pragma: no-cache");
header("Content-type: text/plain");
// TPE Settings
// Warning !! CMCIC_Config contains the key, you have to protect this file with all the mechanism available in your development environment.
// You may for instance put this file in another directory and/or change its name. If so, don't forget to adapt the include path below.
require_once "CMCIC_Config.php";
// --- PHP implementation of RFC2104 hmac sha1 ---
require_once "CMCIC_Tpe.inc.php";
// Begin Main : Retrieve Variables posted by CMCIC Payment Server
$CMCIC_bruteVars = getMethode();
// TPE init variables
$oTpe = new CMCIC_Tpe();
$oHmac = new CMCIC_Hmac($oTpe);
// Message Authentication
$cgi2_fields = sprintf(CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars["date"], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], $CMCIC_bruteVars['motifrefus'], $CMCIC_bruteVars['originecb'], $CMCIC_bruteVars['bincb'], $CMCIC_bruteVars['hpancb'], $CMCIC_bruteVars['ipclient'], $CMCIC_bruteVars['originetr'], $CMCIC_bruteVars['veres'], $CMCIC_bruteVars['pares']);
if ($oHmac->computeHmac($cgi2_fields) == strtolower($CMCIC_bruteVars['MAC'])) {
switch ($CMCIC_bruteVars['code-retour']) {
case "Annulation":
// Payment has been refused
// put your code here (email sending / Database update)
// Attention : an autorization may still be delivered for this payment
break;
case "payetest":
// Payment has been accepeted on the test server
// put your code here (email sending / Database update)
break;
case "paiement":
// Payment has been accepted on the productive server
public static function display_form($oid)
{
global $wpdb;
$output = '';
$order = get_post_meta($oid, '_order_postmeta', true);
$order_customer_info = get_post_meta($oid, '_order_info', true);
//$currency_code = wpshop_tools::wpshop_get_currency($code=true);
$current_currency = get_option('wpshop_shop_default_currency');
$query = $wpdb->prepare('SELECT code_iso FROM ' . WPSHOP_DBT_ATTRIBUTE_UNIT . ' WHERE id =%d ', $current_currency);
$currency_code = $wpdb->get_var($query);
if (!empty($order) && !empty($currency_code)) {
$sOptions = "";
// ----------------------------------------------------------------------------
// CheckOut Stub setting fictious Merchant and Order datas.
// That's your job to set actual order fields. Here is a stub.
// -----------------------------------------------------------------------------
$sReference = $oid;
// Reference: unique, alphaNum (A-Z a-z 0-9), 12 characters max
$sMontant = number_format($order['order_grand_total'], 2, '.', '');
// Amount : format "xxxxx.yy" (no spaces)
$sDevise = $currency_code;
// Currency : ISO 4217 compliant
$sTexteLibre = "";
// free texte : a bigger reference, session context for the return on the merchant website
$sDate = date("d/m/Y:H:i:s");
// transaction date : format d/m/y:h:m:s
$sLangue = "FR";
// Language of the company code
$sEmail = $order_customer_info['billing']['address']['address_user_email'];
//"*****@*****.**"; // customer email
///////////////////////////////////////////////////////////////////////////////////////////
$sNbrEch = "";
//$sNbrEch = "4"; // between 2 and 4
$sDateEcheance1 = "";
// date echeance 1 - format dd/mm/yyyy //$sDateEcheance1 = date("d/m/Y");
$sMontantEcheance1 = "";
// montant �ch�ance 1 - format "xxxxx.yy" (no spaces) //$sMontantEcheance1 = "0.26" . $sDevise;
$sDateEcheance2 = "";
// date echeance 2 - format dd/mm/yyyy
$sMontantEcheance2 = "";
// montant �ch�ance 2 - format "xxxxx.yy" (no spaces) //$sMontantEcheance2 = "0.25" . $sDevise;
$sDateEcheance3 = "";
// date echeance 3 - format dd/mm/yyyy
$sMontantEcheance3 = "";
// montant �ch�ance 3 - format "xxxxx.yy" (no spaces) //$sMontantEcheance3 = "0.25" . $sDevise;
$sDateEcheance4 = "";
// date echeance 4 - format dd/mm/yyyy
$sMontantEcheance4 = "";
// montant �ch�ance 4 - format "xxxxx.yy" (no spaces) //$sMontantEcheance4 = "0.25" . $sDevise;
// ----------------------------------------------------------------------------
$oTpe = new CMCIC_Tpe($sLangue);
$oHmac = new CMCIC_Hmac($oTpe);
// Control String for support
$CtlHmac = sprintf(CMCIC_CTLHMAC, $oTpe->sVersion, $oTpe->sNumero, $oHmac->computeHmac(sprintf(CMCIC_CTLHMACSTR, $oTpe->sVersion, $oTpe->sNumero)));
// Data to certify
$PHP1_FIELDS = sprintf(CMCIC_CGI1_FIELDS, $oTpe->sNumero, $sDate, $sMontant, $sDevise, $sReference, $sTexteLibre, $oTpe->sVersion, $oTpe->sLangue, $oTpe->sCodeSociete, $sEmail, $sNbrEch, $sDateEcheance1, $sMontantEcheance1, $sDateEcheance2, $sMontantEcheance2, $sDateEcheance3, $sMontantEcheance3, $sDateEcheance4, $sMontantEcheance4, $sOptions);
// MAC computation
$sMAC = $oHmac->computeHmac($PHP1_FIELDS);
ob_start();
?>
<script type="text/javascript">jQuery(document).ready(function(){ jQuery('#PaymentRequest_cic').submit(); });</script>
<div class="paypalPaymentLoading"><span><?php
_e('Redirect to the CIC site in progress, please wait...', 'wpshop');
?>
</span></div>
<form action="<?php
echo $oTpe->sUrlPaiement;
?>
" method="post" id="PaymentRequest_cic">
<input type="hidden" name="version" id="version" value="<?php
echo $oTpe->sVersion;
?>
" />
<input type="hidden" name="TPE" id="TPE" value="<?php
echo $oTpe->sNumero;
?>
" />
<input type="hidden" name="date" id="date" value="<?php
echo $sDate;
?>
" />
<input type="hidden" name="montant" id="montant" value="<?php
echo $sMontant . $sDevise;
?>
" />
<input type="hidden" name="reference" id="reference" value="<?php
echo $sReference;
?>
" />
<input type="hidden" name="MAC" id="MAC" value="<?php
echo $sMAC;
?>
" />
<input type="hidden" name="url_retour" id="url_retour" value="<?php
echo $oTpe->sUrlKO;
?>
" />
<input type="hidden" name="url_retour_ok" id="url_retour_ok" value="<?php
echo $oTpe->sUrlOK;
?>
" />
<input type="hidden" name="url_retour_err" id="url_retour_err" value="<?php
echo $oTpe->sUrlKO;
?>
" />
<input type="hidden" name="lgue" id="lgue" value="<?php
echo $oTpe->sLangue;
?>
" />
<input type="hidden" name="societe" id="societe" value="<?php
echo $oTpe->sCodeSociete;
?>
" />
<input type="hidden" name="texte-libre" id="texte-libre" value="<?php
echo HtmlEncode($sTexteLibre);
?>
" />
<input type="hidden" name="mail" id="mail" value="<?php
echo $sEmail;
?>
" />
<!-- Uniquement pour le Paiement fractionn� -->
<input type="hidden" name="nbrech" id="nbrech" value="<?php
echo $sNbrEch;
?>
" />
<input type="hidden" name="dateech1" id="dateech1" value="<?php
echo $sDateEcheance1;
?>
" />
<input type="hidden" name="montantech1" id="montantech1" value="<?php
echo $sMontantEcheance1;
?>
" />
<input type="hidden" name="dateech2" id="dateech2" value="<?php
echo $sDateEcheance2;
?>
" />
<input type="hidden" name="montantech2" id="montantech2" value="<?php
echo $sMontantEcheance2;
?>
" />
<input type="hidden" name="dateech3" id="dateech3" value="<?php
echo $sDateEcheance3;
?>
" />
<input type="hidden" name="montantech3" id="montantech3" value="<?php
echo $sMontantEcheance3;
?>
" />
<input type="hidden" name="dateech4" id="dateech4" value="<?php
echo $sDateEcheance4;
?>
" />
<input type="hidden" name="montantech4" id="montantech4" value="<?php
echo $sMontantEcheance4;
?>
" />
<!-- -->
<noscript><input type="submit" name="bouton" id="bouton" value="Connexion / Connection" /></noscript>
</form>
<?php
$output = ob_get_contents();
ob_end_clean();
}
return $output;
}
/**
*
* @return HTML
*/
function _process()
{
// Begin Main : Retrieve Variables posted by CMCIC Payment Server
$CMCIC_bruteVars = $this->_getMethode();
// TPE init variables
$oTpe = new CMCIC_Tpe($vars->CMCICVersion, $vars->key, $vars->tpe, $vars->serverUrl, $vars->societe, $vars->langue, $this->_getUrlOk(), $this->_getUrlKo());
$oHmac = new CMCIC_Hmac($oTpe);
// Message Authentication
$cgi2_fields = sprintf(CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars["date"], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], $CMCIC_bruteVars['motifrefus'], $CMCIC_bruteVars['originecb'], $CMCIC_bruteVars['bincb'], $CMCIC_bruteVars['hpancb'], $CMCIC_bruteVars['ipclient'], $CMCIC_bruteVars['originetr'], $CMCIC_bruteVars['veres'], $CMCIC_bruteVars['pares']);
// 1 . check answer
if ($oHmac->computeHmac($cgi2_fields) == strtolower($CMCIC_bruteVars['MAC'])) {
// 2 . check order_id
$order_id = $CMCIC_bruteVars['reference'];
// load the orderpayment record and set some values
JTable::addIncludePath(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_tienda' . DS . 'tables');
$orderpayment = JTable::getInstance('OrderPayments', 'TiendaTable');
$orderpayment->load($orderpayment_id);
if (empty($orderpayment_id) || empty($orderpayment->orderpayment_id)) {
$errors[] = JText::_('TIENDA_SIPS_INVALID ORDERID');
$this->_sendErrorEmail($errors, $sips_response_array);
return false;
}
// 3 . check bank return code
// set the order's new status and update quantities if necessary
Tienda::load('TiendaHelperOrder', 'helpers.order');
Tienda::load('TiendaHelperCarts', 'helpers.carts');
$order = JTable::getInstance('Orders', 'TiendaTable');
$order->load($orderpayment->order_id);
$retour = $CMCIC_bruteVars['code-retour'];
switch ($retour) {
case "Annulation":
// Payment has been refused
$order->order_state_id = $this->params->get('failed_order_state', '10');
$orderpayment->transaction_details = JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_ANNULATION');
if (!$order->save()) {
$errors[] = $order->getError();
}
break;
case "payetest":
if ($this->params->get('payment_server') != 'test') {
break;
}
case "paiement":
// Payment has been accepted
$orderpayment->transaction_details = JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_CVX') . $CMCIC_bruteVars['cvx'] . "\n" . JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_VLD') . " : " . $CMCIC_bruteVars['vld'] . "\n" . JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_BRAND') . " : " . $this->_getCreditCardBrand($CMCIC_bruteVars['brand']) . "\n" . JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_STATUS3D') . " : " . $this->_getStatus3D($CMCIC_bruteVars['status3d']) . "\n" . JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_ORIGINECB') . " : " . $CMCIC_bruteVars['originecb'] . "\n" . JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_BINCB') . " : " . $CMCIC_bruteVars['bincb'] . "\n" . JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_ORIGINTR') . " : " . $CMCIC_bruteVars['originetr'];
$orderpayment->transaction_id = $CMCIC_bruteVars['numauto'];
//$orderpayment->transaction_status = $retour; // ???
$order->order_state_id = $this->params->get('payment_received_order_state', '17');
// save the order
if (!$order->save()) {
$errors[] = $order->getError();
}
// PAYMENT RECEIVED
$this->setOrderPaymentReceived($orderpayment->order_id);
// send email
$send_email = true;
break;
}
$receipt = CMCIC_CGI2_MACOK;
} else {
$receipt = CMCIC_CGI2_MACNOTOK . $cgi2_fields;
// HMAC doesn't match -- tell admin
$errors[] = JText::_('TIENDA_CMCIC_CGI2_MACNOTOK') . $cgi2_fields;
}
printf(CMCIC_CGI2_RECEIPT, $receipt);
return count($errors) ? implode("\n", $errors) : 'processed';
}
