public function reportPayment() { if (isset($_POST['p24_session_id']) && $_POST['p24_session_id'] != '') { $sessionid = base64_decode($_POST['p24_session_id']); $sql = 'SELECT * FROM `order` WHERE sessionid = :crc'; $stmt = Db::getInstance()->prepare($sql); $stmt->bindValue('crc', base64_decode($_POST['p24_session_id'])); $stmt->execute(); $rs = $stmt->fetch(); if ($rs) { $settings = $this->registry->core->loadModuleSettings('przelewy24', $rs['viewid']); $p24_session_id = $_POST["p24_session_id"]; $p24_order_id = $_POST["p24_order_id"]; $p24_kwota = number_format($rs['globalprice'] * 100, 0, '', ''); $P = array(); $RET = array(); $url = "https://secure.przelewy24.pl/transakcja.php"; $P[] = "p24_id_sprzedawcy=" . $settings['idsprzedawcy']; $P[] = "p24_session_id=" . $p24_session_id; $P[] = "p24_order_id=" . $p24_order_id; $P[] = "p24_kwota=" . $p24_kwota; $user_agent = "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"; $ch = curl_init(); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, join("&", $P)); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); $result = curl_exec($ch); curl_close($ch); $T = explode(chr(13) . chr(10), $result); $res = false; foreach ($T as $line) { $line = ereg_replace("[\n\r]", "", $line); if ($line != "RESULT" and !$res) { continue; } if ($res) { $RET[] = $line; } else { $res = true; } } if ($RET[0] == 'TRUE') { $status = $settings['positiveorderstatusid']; $comment = 'Płatność zakończona sukcesem'; $url = $this->registry->router->generate('frontend.payment', true, array('action' => 'confirm', 'param' => 'przelewy24')); } else { $status = $settings['negativeorderstatusid']; $comment = 'Płatność zakończona niepowodzeniem'; $url = $this->registry->router->generate('frontend.payment', true, array('action' => 'cancel', 'param' => 'przelewy24')); } $sql = "UPDATE `order` SET orderstatusid = :status WHERE idorder = :idorder"; $stmt = Db::getInstance()->prepare($sql); $stmt->bindValue('status', $status); $stmt->bindValue('idorder', $rs['idorder']); $stmt->execute(); $sql = 'INSERT INTO orderhistory SET content = :content, orderstatusid = :status, orderid = :idorder, inform = 0'; $stmt = Db::getInstance()->prepare($sql); $stmt->bindValue('content', $comment); $stmt->bindValue('idorder', $rs['idorder']); $stmt->bindValue('status', $status); $stmt->execute(); if (Session::getActivePaymentData() != NULL) { App::redirectUrl($url); } } } }
public function getPaymentData() { $clientorder = Session::getActivePaymentData(); $Data = array(); $Data['rm'] = 2; $Data['cmd'] = '_xclick'; $Data['business'] = $this->business; $Data['currency_code'] = Session::getActiveCurrencySymbol(); $Data['gateway'] = $this->gatewayurl; $Data['return'] = $this->returnurl; $Data['cancel_return'] = $this->cancelurl; $Data['notify_url'] = $this->notifyurl; $Data['item_name'] = _('TXT_ORDERS_NR') . ' ' . $clientorder['orderId']; $Data['amount'] = $clientorder['orderData']['priceWithDispatchMethod']; $Data['item_number'] = $clientorder['orderId']; $signature = base64_encode(session_id() . '-' . $clientorder['orderId']); $Data['session_id'] = $signature; return $Data; }