function sagepaytokens_capture($params)
{
global $remote_ip;
$subdomain = $params['testmode'] ? "test" : "live";
if ($params['cardnum']) {
$url = "https://" . $subdomain . ".sagepay.com/gateway/service/directtoken.vsp";
$fields = array();
$fields['VPSProtocol'] = "2.23";
$fields['TxType'] = "TOKEN";
$fields['Vendor'] = $params['vendorid'];
$fields['Currency'] = $params['currency'];
$fields['CardHolder'] = $params['clientdetails']['firstname'] . " " . $params['clientdetails']['lastname'];
$fields['CardNumber'] = $params['cardnum'];
if ($params['cardstart']) {
$fields['StartDate'] = $params['cardstart'];
}
$fields['ExpiryDate'] = $params['cardexp'];
if ($params['cardissuenum']) {
$fields['IssueNumber'] = $params['cardissuenum'];
}
if ($_REQUEST['cccvv']) {
$fields['CV2'] = $params['cccvv'];
}
$fields['CardType'] = sagepaytokens_getcardtype($params['cardtype']);
$results = sagepaytokens_call($url, $fields);
if ($results['Status'] == "OK") {
$params['gatewayid'] = $results['Token'];
update_query("tblclients", array("gatewayid" => $results['Token'], "cardnum" => ""), array("id" => $params['clientdetails']['userid']));
}
}
$url = "https://" . $subdomain . ".sagepay.com/gateway/service/vspdirect-register.vsp";
$fields = array();
$fields['VPSProtocol'] = "2.23";
$fields['TxType'] = "PAYMENT";
$fields['Vendor'] = $params['vendorid'];
$fields['VendorTxCode'] = $params['invoiceid'] . "-" . date("YmdHis");
$fields['Amount'] = $params['amount'];
$fields['Currency'] = $params['currency'];
$fields['Description'] = $params['companyname'] . " - Invoice #" . $params['invoiceid'];
$fields['Token'] = $params['gatewayid'];
$fields['StoreToken'] = "1";
if ($params['cccvv']) {
$fields['CV2'] = $params['cccvv'];
}
$fields['BillingSurname'] = $params['clientdetails']['lastname'];
$fields['BillingFirstnames'] = $params['clientdetails']['firstname'];
$fields['BillingAddress1'] = $params['clientdetails']['address1'];
$fields['BillingAddress2'] = $params['clientdetails']['address2'];
$fields['BillingCity'] = $params['clientdetails']['city'];
if ($params['clientdetails']['country'] == "US") {
$fields['BillingState'] = $params['clientdetails']['state'];
}
$fields['BillingPostCode'] = $params['clientdetails']['postcode'];
$fields['BillingCountry'] = $params['clientdetails']['country'];
$fields['BillingPhone'] = $params['clientdetails']['phonenumber'];
$fields['ClientIPAddress'] = $remote_ip;
$fields['CardType'] = sagepaytokens_getcardtype($params['cardtype']);
$fields['ApplyAVSCV2'] = "2";
$fields['Apply3DSecure'] = "2";
$fields['AccountType'] = "C";
if ($params['cardtype'] == "Maestro" || $params['cardtype'] == "Solo") {
$fields['AccountType'] = "M";
}
if ($params['cardtype'] == "American Express" || $params['cardtype'] == "Laser") {
$fields['AccountType'] = "E";
}
$results = sagepaytokens_call($url, $fields);
if ($results['Status'] == "OK") {
return array("status" => "success", "rawdata" => $results, "transid" => $results['VPSTxId']);
}
return array("status" => "error", "rawdata" => $results);
}
$whmcs->load_function("gateway");
$whmcs->load_function("invoice");
$GATEWAY = getGatewayVariables("sagepaytokens");
if (!$GATEWAY['type']) {
exit("Module Not Activated");
}
if ($protxsimmode) {
$url = "https://test.sagepay.com/simulator/VSPDirectCallback.asp";
} else {
if ($GATEWAY['testmode']) {
$url = "https://test.sagepay.com/gateway/service/direct3dcallback.vsp";
} else {
$url = "https://live.sagepay.com/gateway/service/direct3dcallback.vsp";
}
}
$response = sagepaytokens_call($url, $_POST);
$baseStatus = $response['Status'];
$invoiceid = $_REQUEST['invoiceid'];
if (!$invoiceid && isset($_SESSION['sagepaytokensinvoiceid'])) {
$invoiceid = $_SESSION['sagepaytokensinvoiceid'];
}
$invoiceid = checkCbInvoiceID($invoiceid, "SagePay Tokens 3DAuth");
$callbacksuccess = false;
switch ($response['Status']) {
case "OK":
checkCbTransID($response['VPSTxId']);
addInvoicePayment($invoiceid, $response['VPSTxId'], "", "", "sagepaytokens", "on");
logTransaction("SagePay Tokens 3DAuth", $response, "Successful");
sendMessage("Credit Card Payment Confirmation", $invoiceid);
$callbacksuccess = true;
break;
