private function submission($crudId, $id)
{
$session = new Ajde_Session('AC.Crud');
/* @var $crud Ajde_Crud */
$crud = $session->getModel($crudId);
// verify that we have a valid crud model
if (!$crud) {
return ['success' => false];
}
/* @var $model FormModel */
$model = $crud->getModel();
$model->setOptions($crud->getOptions('model'));
// Get POST params
$post = Ajde_Http_Request::globalPost();
$id = issetor($post['id']);
// verify that we have a valid form model
if (!$id) {
return ['success' => false];
}
// load form
$model->loadByPK($id);
$model->populate($post);
// validate form
Ajde_Event::trigger($model, 'beforeCrudSave', [$crud]);
if (!$model->validate($crud->getOptions('fields'))) {
return ['operation' => 'save', 'success' => false, 'errors' => $model->getValidationErrors()];
}
// prepare submission
$values = [];
foreach ($post as $key => $value) {
if (substr($key, 0, 5) === 'meta_') {
$metaId = str_replace('meta_', '', $key);
$metaName = MetaModel::getNameFromId($metaId);
$values[$metaName] = $value;
}
}
$entryText = '';
foreach ($values as $k => $v) {
$entryText .= $k . ': ' . $v . PHP_EOL;
}
$submission = new SubmissionModel();
$submission->form = $id;
$submission->ip = $_SERVER['REMOTE_ADDR'];
$submission->user = Ajde_User::getLoggedIn();
$submission->entry = json_encode($values);
$submission->entry_text = $entryText;
$success = $submission->insert();
if ($success === true) {
// Destroy reference to crud instance
$session->destroy($crudId);
// set message for next page
Ajde_Session_Flash::alert(trans('Form submitted successfully'));
$mailer = new Ajde_Mailer();
// send email to administrator
$body = 'Form: ' . $model->displayField() . '<br/><br/>' . nl2br($entryText);
$mailer->SendQuickMail(config('app.email'), config('app.email'), config('app.title'), 'New form submission', $body);
// send email to user
$email = $model->getEmail();
/* @var $email EmailModel */
$email_to = $model->getEmailTo();
/* @var $email MetaModel */
$email_address = issetor($post['meta_' . $email_to->getPK()]);
if ($email->hasLoaded() && $email_to->hasLoaded() && $email_address) {
$mailer->sendUsingModel($email->getIdentifier(), $email_address, $email_address, ['entry' => nl2br($entryText)]);
}
}
return ['operation' => 'save', 'id' => $model->getPK(), 'displayField' => $model->get($model->getDisplayField()), 'success' => $success];
}
public function updatePayment()
{
// PHP 4.1
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
$post = Ajde_Http_Request::globalPost();
foreach ($post as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&{$key}={$value}";
}
// post back to PayPal system to validate
$header = '';
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= 'Content-Length: ' . strlen($req) . "\r\n\r\n";
$fp = fsockopen($this->isSandbox() ? 'ssl://www.sandbox.paypal.com' : 'ssl://www.paypal.com', 443, $errno, $errstr, 30);
// assign posted variables to local variables
$item_name = issetor($post['item_name']);
$item_number = issetor($post['item_number']);
$payment_status = issetor($post['payment_status']);
$payment_amount = issetor($post['mc_gross']);
$payment_currency = issetor($post['mc_currency']);
$txn_id = issetor($post['txn_id']);
$receiver_email = issetor($post['receiver_email']);
$payer_email = issetor($post['payer_email']);
$secret = issetor($post['custom']);
$transaction = new TransactionModel();
$changed = false;
if (!$fp) {
// HTTP ERROR
} else {
fwrite($fp, $header . $req);
while (!feof($fp)) {
$res = fgets($fp, 1024);
if (strcmp($res, 'VERIFIED') == 0) {
if (!$transaction->loadByField('secret', $secret)) {
Ajde_Log::log('Could not find transaction for PayPal payment with txn id ' . $txn_id . ' and transaction secret ' . $secret);
return ['success' => false, 'transaction' => null];
}
// check the payment_status is Completed
// accept Pending from PayPal (eChecks?)
$acceptPending = true;
if ($payment_status == 'Completed' || $acceptPending && $payment_status == 'Pending') {
$details = 'AMOUNT: ' . $payment_amount . PHP_EOL . 'CURRENCY: ' . $payment_currency . PHP_EOL . 'PAYER_EMAIL: ' . $payer_email . PHP_EOL . 'RECEIVER_EMAIL: ' . $receiver_email . PHP_EOL . 'TXN_ID: ' . $txn_id . PHP_EOL;
// update transaction only once
if ($transaction->payment_status != 'completed') {
$transaction->payment_details = $details;
$transaction->payment_status = 'completed';
$transaction->save();
$changed = true;
}
// Write pending to Log
if ($payment_status == 'Pending') {
Ajde_Log::log('Status is Pending but accepting now. PayPal payment with txn id ' . $txn_id . ' and transaction secret ' . $secret);
}
return ['success' => true, 'changed' => $changed, 'transaction' => $transaction];
} else {
if ($transaction->payment_status != 'refused') {
$transaction->payment_status = 'refused';
$transaction->save();
$changed = true;
}
Ajde_Log::log('Status is not Completed but ' . $payment_status . ' for PayPal payment with txn id ' . $txn_id . ' and transaction secret ' . $secret);
}
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment
} else {
if (strcmp($res, 'INVALID') == 0) {
if (!$transaction->loadByField('secret', $secret)) {
// secret not found anyway
$transaction = null;
Ajde_Log::log('Could not find transaction for PayPal payment with txn id ' . $txn_id . ' and transaction secret ' . $secret);
} else {
// log for manual investigation
if ($transaction->payment_status != 'refused') {
$transaction->payment_status = 'refused';
$transaction->save();
$changed = true;
}
Ajde_Log::log('Validation failed for PayPal payment with txn id ' . $txn_id);
}
}
}
}
fclose($fp);
}
return ['success' => false, 'changed' => $changed, 'transaction' => $transaction];
}
