/** * Generer le contexte pour le formulaire de requete de paiement * il faut avoir un id_transaction et un transaction_hash coherents * pour se premunir d'une tentative d'appel exterieur * * @param int $id_transaction * @param string $transaction_hash * @param $config * configuration du module * @return array */ function presta_cmcic_call_request_dist($id_transaction, $transaction_hash, $config) { if (!($row = sql_fetsel("*", "spip_transactions", "id_transaction=" . intval($id_transaction) . " AND transaction_hash=" . sql_quote($transaction_hash)))) { return array(); } include_spip('inc/filtres'); $contexte = array(); $oTpe = new CMCIC_Tpe($config, strtoupper($GLOBALS['spip_lang'])); if (!$oTpe->isOK) { return false; } $oHmac = new CMCIC_Hmac($oTpe); // Control String for support $CtlHmac = sprintf(_CMCIC_CTLHMAC, $oTpe->sVersion, $oTpe->sNumero, $oHmac->computeHmac(sprintf(_CMCIC_CTLHMACSTR, $oTpe->sVersion, $oTpe->sNumero))); // Currency : ISO 4217 compliant $devise = "EUR"; // Amount : format "xxxxx.yy" (no spaces) $montant = $row['montant']; $contexte['version'] = $oTpe->sVersion; $contexte['TPE'] = $oTpe->sNumero; // transaction date : format d/m/y:h:m:s $contexte['date'] = date("d/m/Y:H:i:s"); $contexte['montant'] = $montant . $devise; // Reference: unique, alphaNum (A-Z a-z 0-9), 12 characters max $contexte['reference'] = substr($transaction_hash, 0, 12); $contexte['lgue'] = $oTpe->sLangue; $contexte['societe'] = $oTpe->sCodeSociete; // on transmet dans le texte libre les données id_transaction & hash // pour les avoir dans le retour URL CGI2 qui est une url à donner à la banque // et qui n'a pas connaissance autrement de notre id_transaction et hash :( // URL CGI2 à donner à la banque : // http(s)://votresite.org/?action=bank_autoresponse&bankp=cmcic $contenu = array('id' => $id_transaction, 'hash' => $transaction_hash, 'lang' => $GLOBALS['spip_lang'], 'contenu' => $row['contenu']); // texte-libre doit etre protege car le formulaire est parfois reinjecte par Cmcic // dans une page de redirection pour les mobiles $contexte['texte-libre'] = urlencode(serialize($contenu)); $contexte['mail'] = bank_porteur_email($row); // Data to certify $PHP1_FIELDS = sprintf(_CMCIC_CGI1_FIELDS, $contexte['TPE'], $contexte['date'], $montant, $devise, $contexte['reference'], $contexte['texte-libre'], $oTpe->sVersion, $oTpe->sLangue, $oTpe->sCodeSociete, $contexte['mail'], "", "", "", "", "", "", "", "", "", ""); // MAC computation $contexte['MAC'] = $oHmac->computeHmac($PHP1_FIELDS); // Urls de retour. // La banque poste d'abord sur l'URL CGI2 (cf cmcic/config.php) qui doit traiter // le paiement positif et en attend une réponse (texte). // Puis, elle présente sur la banque au choix ces urls pour revenir sur le site // - retour OK si le paiement s'est bien déroulé $contexte['url_retour_ok'] = bank_url_api_retour($config, "response", "id={$id_transaction};{$transaction_hash}"); // - retour err si le paiement a été refusé $contexte['url_retour_err'] = bank_url_api_retour($config, "cancel", "id={$id_transaction};{$transaction_hash}"); // - retour (bouton Annuler) si le bonhomme décide d'abandonner le paiement $contexte['url_retour'] = $contexte['url_retour_ok']; $hidden = ""; foreach ($contexte as $k => $v) { $hidden .= "<input type='hidden' name='{$k}' value='" . str_replace("'", "'", $v) . "' />"; } include_spip('inc/filtres_mini'); $contexte = array('hidden' => $hidden, 'action' => cmcic_url_serveur($config), 'backurl' => url_absolue(self()), 'id_transaction' => $id_transaction, 'transaction_hash' => $transaction_hash); return $contexte; }
/** * Traitement de la réponse du serveur de paiement * Pas de paramètre, les données seront dans $_POST ou $_GET */ function call_response() { $CMCIC_bruteVars = getMethode(); $oTpe = new CMCIC_Tpe(); $oHmac = new CMCIC_Hmac($oTpe); $cgi2_fields = sprintf(CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars['date'], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], @$CMCIC_bruteVars['motifrefus'], @$CMCIC_bruteVars['originecb'], @$CMCIC_bruteVars['bincb'], @$CMCIC_bruteVars['hpancb'], @$CMCIC_bruteVars['ipclient'], @$CMCIC_bruteVars['originetr'], @$CMCIC_bruteVars['veres'], @$CMCIC_bruteVars['pares']); if ($oHmac->computeHmac($cgi2_fields) == strtolower($CMCIC_bruteVars['MAC'])) { $MAC_match = true; $receipt = CMCIC_CGI2_MACOK; } else { $MAC_match = false; $receipt = CMCIC_CGI2_MACNOTOK . $cgi2_fields; } $response = array('MAC_match' => $MAC_match, 'receipt' => $receipt); foreach ($CMCIC_bruteVars as $field => $value) { $response[$field] = $value; } return $response; }
/** * Retrouve la réponse de la banque CIC et vérifie sa sécurité * * @param array $config * @return bool|array * False si erreur ou clé de sécurité erronnée * array : tableau des données de la banque sinon **/ function cmcic_response($config) { $mode = $config['presta']; if (isset($config['mode_test']) and $config['mode_test']) { $mode .= "_test"; } // Begin Main : Retrieve Variables posted by CMCIC Payment Server $CMCIC_bruteVars = getMethode(); spip_log("call_response : réception des variables cmcic", $mode); // peu de chance d'être en erreur ici, mais sait-on jamais if (!$CMCIC_bruteVars) { spip_log("call_response : variables cmcic introuvables", $mode); #return presta_cmcic_notifier_banque_erreur(); return false; } // TPE init variables $oTpe = new CMCIC_Tpe($config); $oHmac = new CMCIC_Hmac($oTpe); // Message Authentication $cgi2_fields = sprintf(_CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars["date"], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], $CMCIC_bruteVars['motifrefus'], $CMCIC_bruteVars['originecb'], $CMCIC_bruteVars['bincb'], $CMCIC_bruteVars['hpancb'], $CMCIC_bruteVars['ipclient'], $CMCIC_bruteVars['originetr'], $CMCIC_bruteVars['veres'], $CMCIC_bruteVars['pares']); // uniquement si le code de sécurité correspond if ($oHmac->computeHmac($cgi2_fields) != strtolower($CMCIC_bruteVars['MAC'])) { spip_log("call_response : clé de sécurité falsifiée ou erronée", $mode); return false; #return presta_cmcic_notifier_banque_erreur(); } // clé correcte return $CMCIC_bruteVars; }
public function executeBack(HTTPRequest $request) { error_reporting(E_ALL ^ E_NOTICE); header("Pragma: no-cache"); header("Content-type: text/plain"); // TPE Settings // Warning !! CMCIC_Config contains the key, you have to protect this file with all the mechanism available in your development environment. // You may for instance put this file in another directory and/or change its name. If so, don't forget to adapt the include path below. require_once dirname(__FILE__) . '/../../../../lib/paiement/CMCIC_Config.php'; // --- PHP implementation of RFC2104 hmac sha1 --- require_once dirname(__FILE__) . '/../../../../lib/paiement/CMCIC_Tpe.inc.php'; // Begin Main : Retrieve Variables posted by CMCIC Payment Server $CMCIC_bruteVars = getMethode(); // TPE init variables $oTpe = new CMCIC_Tpe(); $oHmac = new CMCIC_Hmac($oTpe); // Message Authentication $cgi2_fields = sprintf(CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars["date"], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], $CMCIC_bruteVars['motifrefus'], $CMCIC_bruteVars['originecb'], $CMCIC_bruteVars['bincb'], $CMCIC_bruteVars['hpancb'], $CMCIC_bruteVars['ipclient'], $CMCIC_bruteVars['originetr'], $CMCIC_bruteVars['veres'], $CMCIC_bruteVars['pares']); if ($oHmac->computeHmac($cgi2_fields) == strtolower($CMCIC_bruteVars['MAC'])) { switch ($CMCIC_bruteVars['code-retour']) { case "Annulation": // Payment has been refused // put your code here (email sending / Database update) // Attention : an autorization may still be delivered for this payment break; case "payetest": // Payment has been accepeted on the test server // put your code here (email sending / Database update) $reservationId = $request->postData('reference'); $reservation = $this->_announcementReservationManager->get($reservationId); if (!is_null($reservation)) { $reservation->setStateId(PaiementStates::WAITING_VALIDATION); $reservation->setTransactionRef($reservation->id()); $this->_announcementReservationManager->save($reservation); $messageMail = new Mail(); $messageMail->sendReservationOwnerValidation($this->_usersManager->get($reservation->getUserOwnerId()), $this->_usersManager->get($reservation->getUserSubscriberId()), $this->_announcementManager->get($reservation->getAnnouncementId()), $reservation); $messageMail->sendReservationSubscriberRecap($this->_usersManager->get($reservation->getUserOwnerId()), $this->_usersManager->get($reservation->getUserSubscriberId()), $this->_announcementManager->get($reservation->getAnnouncementId())); } break; case "paiement": // Payment has been accepted on the productive server // put your code here (email sending / Database update) $reservationId = $request->postData('reference'); $reservation = $this->_announcementReservationManager->get($reservationId); if (!is_null($reservation)) { $reservation->setStateId(PaiementStates::WAITING_VALIDATION); $reservation->setTransactionRef($reservation->id()); $this->_announcementReservationManager->save($reservation); $messageMail = new Mail(); $messageMail->sendReservationOwnerValidation($this->_usersManager->get($reservation->getUserOwnerId()), $this->_usersManager->get($reservation->getUserSubscriberId()), $this->_announcementManager->get($reservation->getAnnouncementId()), $reservation); $messageMail->sendReservationSubscriberRecap($this->_usersManager->get($reservation->getUserOwnerId()), $this->_usersManager->get($reservation->getUserSubscriberId()), $this->_announcementManager->get($reservation->getAnnouncementId())); } break; /*** ONLY FOR MULTIPART PAYMENT ***/ /*** ONLY FOR MULTIPART PAYMENT ***/ case "paiement_pf2": case "paiement_pf3": case "paiement_pf4": // Payment has been accepted on the productive server for the part #N // return code is like paiement_pf[#N] // put your code here (email sending / Database update) // You have the amount of the payment part in $CMCIC_bruteVars['montantech'] break; case "Annulation_pf2": case "Annulation_pf3": case "Annulation_pf4": // Payment has been refused on the productive server for the part #N // return code is like Annulation_pf[#N] // put your code here (email sending / Database update) // You have the amount of the payment part in $CMCIC_bruteVars['montantech'] break; } $receipt = CMCIC_CGI2_MACOK; } else { // your code if the HMAC doesn't match $receipt = CMCIC_CGI2_MACNOTOK . $cgi2_fields; } //----------------------------------------------------------------------------- // Send receipt to CMCIC server //----------------------------------------------------------------------------- printf(CMCIC_CGI2_RECEIPT, $receipt); // Copyright (c) 2009 Euro-Information ( mailto:centrecom@e-i.com ) // All rights reserved. --- }
$sMontantEcheance2 = ""; // date echeance 3 - format dd/mm/yyyy $sDateEcheance3 = ""; // montant �ch�ance 3 - format "xxxxx.yy" (no spaces) //$sMontantEcheance3 = "0.25" . $sDevise; $sMontantEcheance3 = ""; // date echeance 4 - format dd/mm/yyyy $sDateEcheance4 = ""; // montant �ch�ance 4 - format "xxxxx.yy" (no spaces) //$sMontantEcheance4 = "0.25" . $sDevise; $sMontantEcheance4 = ""; // ---------------------------------------------------------------------------- $oTpe = new CMCIC_Tpe($sLangue); $oHmac = new CMCIC_Hmac($oTpe); // Control String for support $CtlHmac = sprintf(CMCIC_CTLHMAC, $oTpe->sVersion, $oTpe->sNumero, $oHmac->computeHmac(sprintf(CMCIC_CTLHMACSTR, $oTpe->sVersion, $oTpe->sNumero))); // Data to certify $PHP1_FIELDS = sprintf(CMCIC_CGI1_FIELDS, $oTpe->sNumero, $sDate, $sMontant, $sDevise, $sReference, $sTexteLibre, $oTpe->sVersion, $oTpe->sLangue, $oTpe->sCodeSociete, $sEmail, $sNbrEch, $sDateEcheance1, $sMontantEcheance1, $sDateEcheance2, $sMontantEcheance2, $sDateEcheance3, $sMontantEcheance3, $sDateEcheance4, $sMontantEcheance4, $sOptions); // MAC computation $sMAC = $oHmac->computeHmac($PHP1_FIELDS); // --------------------------------------------------- End Stub --------------- // ---------------------------------------------------------------------------- // Your Page displaying payment button to be customized // ---------------------------------------------------------------------------- ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr"> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" /> <meta http-equiv="cache-control" content="no-store, no-cache, must-revalidate, post-check=0, pre-check=0" />
public function payment_action($payment) { $this->debug(__FUNCTION__, 2, __LINE__); $sOptions = ""; $sReference = substr(md5(microtime()), 0, 12); $sMontant = $this->price; $sDevise = $this->currency; $sTexteLibre = $payment; $sDate = date("d/m/Y:H:i:s"); $sLangue = $this->lang; $sEmail = $this->customer_mail; $sNbrEch = ""; $sDateEcheance1 = ""; $sMontantEcheance1 = ""; $sDateEcheance2 = ""; $sMontantEcheance2 = ""; $sDateEcheance3 = ""; $sMontantEcheance3 = ""; $sDateEcheance4 = ""; $sMontantEcheance4 = ""; $oTpe = new CMCIC_Tpe($sLangue); $oHmac = new CMCIC_Hmac($oTpe); // Control String for support $CtlHmac = sprintf(CMCIC_CTLHMAC, $oTpe->sVersion, $oTpe->sNumero, $oHmac->computeHmac(sprintf(CMCIC_CTLHMACSTR, $oTpe->sVersion, $oTpe->sNumero))); // Data to certify $PHP1_FIELDS = sprintf(CMCIC_CGI1_FIELDS, $oTpe->sNumero, $sDate, $sMontant, $sDevise, $sReference, $sTexteLibre, $oTpe->sVersion, $oTpe->sLangue, $oTpe->sCodeSociete, $sEmail, $sNbrEch, $sDateEcheance1, $sMontantEcheance1, $sDateEcheance2, $sMontantEcheance2, $sDateEcheance3, $sMontantEcheance3, $sDateEcheance4, $sMontantEcheance4, $sOptions); // MAC computation $sMAC = $oHmac->computeHmac($PHP1_FIELDS); // Setting the parametters $successSession = $this->linker->payment->setCallPage(0, $this->bank_code, 'payment_success', $payment); $this->successUrl = $this->linker->path->getLink('payment/callPage/' . $successSession); $failureSession = $this->linker->payment->setCallPage(0, $this->bank_code, 'payment_failure', $payment); $this->failureUrl = $this->linker->path->getLink('payment/callPage/' . $failureSession); $autoresponseSession = $this->linker->payment->setCallPage(0, $this->bank_code, 'payment_autoresponse', $payment); $this->autoresponseUrl = $this->linker->path->getLink('payment/callPage/' . $autoresponseSession); $baseUri = $this->linker->path->getBaseUri(); $values['payment']['version'] = $oTpe->sVersion; $values['payment']['tpeVersion'] = $oTpe->sNumero; $values['payment']['date'] = $sDate; $values['payment']['amount'] = $sMontant; $values['payment']['currency'] = $sDevise; $values['payment']['reference'] = $sReference; $values['payment']['smac'] = $sMAC; $values['payment']['url_ko'] = $oTpe->sUrlKO; $values['payment']['url_ok'] = $oTpe->sUrlOK; $values['payment']['lang'] = $oTpe->sLangue; $values['payment']['companyCode'] = $oTpe->sCodeSociete; $values['payment']['freeText'] = HtmlEncode($sTexteLibre); $values['payment']['email'] = $sEmail; $rendered = $this->render('show', $values, false, false); echo $rendered; return true; }
header("Pragma: no-cache"); header("Content-type: text/plain"); // TPE Settings // Warning !! CMCIC_Config contains the key, you have to protect this file with all the mechanism available in your development environment. // You may for instance put this file in another directory and/or change its name. If so, don't forget to adapt the include path below. require_once "CMCIC_Config.php"; // --- PHP implementation of RFC2104 hmac sha1 --- require_once "CMCIC_Tpe.inc.php"; // Begin Main : Retrieve Variables posted by CMCIC Payment Server $CMCIC_bruteVars = getMethode(); // TPE init variables $oTpe = new CMCIC_Tpe(); $oHmac = new CMCIC_Hmac($oTpe); // Message Authentication $cgi2_fields = sprintf(CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars["date"], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], $CMCIC_bruteVars['motifrefus'], $CMCIC_bruteVars['originecb'], $CMCIC_bruteVars['bincb'], $CMCIC_bruteVars['hpancb'], $CMCIC_bruteVars['ipclient'], $CMCIC_bruteVars['originetr'], $CMCIC_bruteVars['veres'], $CMCIC_bruteVars['pares']); if ($oHmac->computeHmac($cgi2_fields) == strtolower($CMCIC_bruteVars['MAC'])) { switch ($CMCIC_bruteVars['code-retour']) { case "Annulation": // Payment has been refused // put your code here (email sending / Database update) // Attention : an autorization may still be delivered for this payment break; case "payetest": // Payment has been accepeted on the test server // put your code here (email sending / Database update) break; case "paiement": // Payment has been accepted on the productive server // put your code here (email sending / Database update) break; /*** ONLY FOR MULTIPART PAYMENT ***/
public static function display_form($oid) { global $wpdb; $output = ''; $order = get_post_meta($oid, '_order_postmeta', true); $order_customer_info = get_post_meta($oid, '_order_info', true); //$currency_code = wpshop_tools::wpshop_get_currency($code=true); $current_currency = get_option('wpshop_shop_default_currency'); $query = $wpdb->prepare('SELECT code_iso FROM ' . WPSHOP_DBT_ATTRIBUTE_UNIT . ' WHERE id =%d ', $current_currency); $currency_code = $wpdb->get_var($query); if (!empty($order) && !empty($currency_code)) { $sOptions = ""; // ---------------------------------------------------------------------------- // CheckOut Stub setting fictious Merchant and Order datas. // That's your job to set actual order fields. Here is a stub. // ----------------------------------------------------------------------------- $sReference = $oid; // Reference: unique, alphaNum (A-Z a-z 0-9), 12 characters max $sMontant = number_format($order['order_grand_total'], 2, '.', ''); // Amount : format "xxxxx.yy" (no spaces) $sDevise = $currency_code; // Currency : ISO 4217 compliant $sTexteLibre = ""; // free texte : a bigger reference, session context for the return on the merchant website $sDate = date("d/m/Y:H:i:s"); // transaction date : format d/m/y:h:m:s $sLangue = "FR"; // Language of the company code $sEmail = $order_customer_info['billing']['address']['address_user_email']; //"*****@*****.**"; // customer email /////////////////////////////////////////////////////////////////////////////////////////// $sNbrEch = ""; //$sNbrEch = "4"; // between 2 and 4 $sDateEcheance1 = ""; // date echeance 1 - format dd/mm/yyyy //$sDateEcheance1 = date("d/m/Y"); $sMontantEcheance1 = ""; // montant �ch�ance 1 - format "xxxxx.yy" (no spaces) //$sMontantEcheance1 = "0.26" . $sDevise; $sDateEcheance2 = ""; // date echeance 2 - format dd/mm/yyyy $sMontantEcheance2 = ""; // montant �ch�ance 2 - format "xxxxx.yy" (no spaces) //$sMontantEcheance2 = "0.25" . $sDevise; $sDateEcheance3 = ""; // date echeance 3 - format dd/mm/yyyy $sMontantEcheance3 = ""; // montant �ch�ance 3 - format "xxxxx.yy" (no spaces) //$sMontantEcheance3 = "0.25" . $sDevise; $sDateEcheance4 = ""; // date echeance 4 - format dd/mm/yyyy $sMontantEcheance4 = ""; // montant �ch�ance 4 - format "xxxxx.yy" (no spaces) //$sMontantEcheance4 = "0.25" . $sDevise; // ---------------------------------------------------------------------------- $oTpe = new CMCIC_Tpe($sLangue); $oHmac = new CMCIC_Hmac($oTpe); // Control String for support $CtlHmac = sprintf(CMCIC_CTLHMAC, $oTpe->sVersion, $oTpe->sNumero, $oHmac->computeHmac(sprintf(CMCIC_CTLHMACSTR, $oTpe->sVersion, $oTpe->sNumero))); // Data to certify $PHP1_FIELDS = sprintf(CMCIC_CGI1_FIELDS, $oTpe->sNumero, $sDate, $sMontant, $sDevise, $sReference, $sTexteLibre, $oTpe->sVersion, $oTpe->sLangue, $oTpe->sCodeSociete, $sEmail, $sNbrEch, $sDateEcheance1, $sMontantEcheance1, $sDateEcheance2, $sMontantEcheance2, $sDateEcheance3, $sMontantEcheance3, $sDateEcheance4, $sMontantEcheance4, $sOptions); // MAC computation $sMAC = $oHmac->computeHmac($PHP1_FIELDS); ob_start(); ?> <script type="text/javascript">jQuery(document).ready(function(){ jQuery('#PaymentRequest_cic').submit(); });</script> <div class="paypalPaymentLoading"><span><?php _e('Redirect to the CIC site in progress, please wait...', 'wpshop'); ?> </span></div> <form action="<?php echo $oTpe->sUrlPaiement; ?> " method="post" id="PaymentRequest_cic"> <input type="hidden" name="version" id="version" value="<?php echo $oTpe->sVersion; ?> " /> <input type="hidden" name="TPE" id="TPE" value="<?php echo $oTpe->sNumero; ?> " /> <input type="hidden" name="date" id="date" value="<?php echo $sDate; ?> " /> <input type="hidden" name="montant" id="montant" value="<?php echo $sMontant . $sDevise; ?> " /> <input type="hidden" name="reference" id="reference" value="<?php echo $sReference; ?> " /> <input type="hidden" name="MAC" id="MAC" value="<?php echo $sMAC; ?> " /> <input type="hidden" name="url_retour" id="url_retour" value="<?php echo $oTpe->sUrlKO; ?> " /> <input type="hidden" name="url_retour_ok" id="url_retour_ok" value="<?php echo $oTpe->sUrlOK; ?> " /> <input type="hidden" name="url_retour_err" id="url_retour_err" value="<?php echo $oTpe->sUrlKO; ?> " /> <input type="hidden" name="lgue" id="lgue" value="<?php echo $oTpe->sLangue; ?> " /> <input type="hidden" name="societe" id="societe" value="<?php echo $oTpe->sCodeSociete; ?> " /> <input type="hidden" name="texte-libre" id="texte-libre" value="<?php echo HtmlEncode($sTexteLibre); ?> " /> <input type="hidden" name="mail" id="mail" value="<?php echo $sEmail; ?> " /> <!-- Uniquement pour le Paiement fractionn� --> <input type="hidden" name="nbrech" id="nbrech" value="<?php echo $sNbrEch; ?> " /> <input type="hidden" name="dateech1" id="dateech1" value="<?php echo $sDateEcheance1; ?> " /> <input type="hidden" name="montantech1" id="montantech1" value="<?php echo $sMontantEcheance1; ?> " /> <input type="hidden" name="dateech2" id="dateech2" value="<?php echo $sDateEcheance2; ?> " /> <input type="hidden" name="montantech2" id="montantech2" value="<?php echo $sMontantEcheance2; ?> " /> <input type="hidden" name="dateech3" id="dateech3" value="<?php echo $sDateEcheance3; ?> " /> <input type="hidden" name="montantech3" id="montantech3" value="<?php echo $sMontantEcheance3; ?> " /> <input type="hidden" name="dateech4" id="dateech4" value="<?php echo $sDateEcheance4; ?> " /> <input type="hidden" name="montantech4" id="montantech4" value="<?php echo $sMontantEcheance4; ?> " /> <!-- --> <noscript><input type="submit" name="bouton" id="bouton" value="Connexion / Connection" /></noscript> </form> <?php $output = ob_get_contents(); ob_end_clean(); } return $output; }
/** * * @return HTML */ function _process() { // Begin Main : Retrieve Variables posted by CMCIC Payment Server $CMCIC_bruteVars = $this->_getMethode(); // TPE init variables $oTpe = new CMCIC_Tpe($vars->CMCICVersion, $vars->key, $vars->tpe, $vars->serverUrl, $vars->societe, $vars->langue, $this->_getUrlOk(), $this->_getUrlKo()); $oHmac = new CMCIC_Hmac($oTpe); // Message Authentication $cgi2_fields = sprintf(CMCIC_CGI2_FIELDS, $oTpe->sNumero, $CMCIC_bruteVars["date"], $CMCIC_bruteVars['montant'], $CMCIC_bruteVars['reference'], $CMCIC_bruteVars['texte-libre'], $oTpe->sVersion, $CMCIC_bruteVars['code-retour'], $CMCIC_bruteVars['cvx'], $CMCIC_bruteVars['vld'], $CMCIC_bruteVars['brand'], $CMCIC_bruteVars['status3ds'], $CMCIC_bruteVars['numauto'], $CMCIC_bruteVars['motifrefus'], $CMCIC_bruteVars['originecb'], $CMCIC_bruteVars['bincb'], $CMCIC_bruteVars['hpancb'], $CMCIC_bruteVars['ipclient'], $CMCIC_bruteVars['originetr'], $CMCIC_bruteVars['veres'], $CMCIC_bruteVars['pares']); // 1 . check answer if ($oHmac->computeHmac($cgi2_fields) == strtolower($CMCIC_bruteVars['MAC'])) { // 2 . check order_id $order_id = $CMCIC_bruteVars['reference']; // load the orderpayment record and set some values JTable::addIncludePath(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_tienda' . DS . 'tables'); $orderpayment = JTable::getInstance('OrderPayments', 'TiendaTable'); $orderpayment->load($orderpayment_id); if (empty($orderpayment_id) || empty($orderpayment->orderpayment_id)) { $errors[] = JText::_('TIENDA_SIPS_INVALID ORDERID'); $this->_sendErrorEmail($errors, $sips_response_array); return false; } // 3 . check bank return code // set the order's new status and update quantities if necessary Tienda::load('TiendaHelperOrder', 'helpers.order'); Tienda::load('TiendaHelperCarts', 'helpers.carts'); $order = JTable::getInstance('Orders', 'TiendaTable'); $order->load($orderpayment->order_id); $retour = $CMCIC_bruteVars['code-retour']; switch ($retour) { case "Annulation": // Payment has been refused $order->order_state_id = $this->params->get('failed_order_state', '10'); $orderpayment->transaction_details = JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_ANNULATION'); if (!$order->save()) { $errors[] = $order->getError(); } break; case "payetest": if ($this->params->get('payment_server') != 'test') { break; } case "paiement": // Payment has been accepted $orderpayment->transaction_details = JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_CVX') . $CMCIC_bruteVars['cvx'] . "\n" . JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_VLD') . " : " . $CMCIC_bruteVars['vld'] . "\n" . JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_BRAND') . " : " . $this->_getCreditCardBrand($CMCIC_bruteVars['brand']) . "\n" . JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_STATUS3D') . " : " . $this->_getStatus3D($CMCIC_bruteVars['status3d']) . "\n" . JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_ORIGINECB') . " : " . $CMCIC_bruteVars['originecb'] . "\n" . JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_BINCB') . " : " . $CMCIC_bruteVars['bincb'] . "\n" . JText::_('TIENDA_CMCIC_RESPONSE_PAYMENT_ORIGINTR') . " : " . $CMCIC_bruteVars['originetr']; $orderpayment->transaction_id = $CMCIC_bruteVars['numauto']; //$orderpayment->transaction_status = $retour; // ??? $order->order_state_id = $this->params->get('payment_received_order_state', '17'); // save the order if (!$order->save()) { $errors[] = $order->getError(); } // PAYMENT RECEIVED $this->setOrderPaymentReceived($orderpayment->order_id); // send email $send_email = true; break; } $receipt = CMCIC_CGI2_MACOK; } else { $receipt = CMCIC_CGI2_MACNOTOK . $cgi2_fields; // HMAC doesn't match -- tell admin $errors[] = JText::_('TIENDA_CMCIC_CGI2_MACNOTOK') . $cgi2_fields; } printf(CMCIC_CGI2_RECEIPT, $receipt); return count($errors) ? implode("\n", $errors) : 'processed'; }