/** * Save registration. */ function execute() { $schedConf =& $this->request->getSchedConf(); $user =& $this->request->getUser(); $registrationOptionIds = (array) $this->getData('registrationOptionId'); if (!$user) { // New user $user = new User(); $user->setUsername($this->getData('username')); $user->setSalutation($this->getData('salutation')); $user->setFirstName($this->getData('firstName')); $user->setMiddleName($this->getData('middleName')); $user->setInitials($this->getData('initials')); $user->setLastName($this->getData('lastName')); $user->setGender($this->getData('gender')); $user->setAffiliation($this->getData('affiliation'), null); // Localized $user->setSignature($this->getData('signature'), null); // Localized $user->setEmail($this->getData('email')); $user->setUrl($this->getData('userUrl')); $user->setPhone($this->getData('phone')); $user->setFax($this->getData('fax')); $user->setMailingAddress($this->getData('mailingAddress')); $user->setBillingAddress($this->getData('billingAddress')); $user->setBiography($this->getData('biography'), null); // Localized $user->setDateRegistered(Core::getCurrentDate()); $user->setCountry($this->getData('country')); $user->setPassword(Validation::encryptCredentials($this->getData('username'), $this->getData('password'))); $userDao = DAORegistry::getDAO('UserDAO'); $userId = $userDao->insertObject($user); if (!$userId) { return REGISTRATION_FAILED; } $conference =& $this->request->getConference(); $roleDao = DAORegistry::getDAO('RoleDAO'); $role = new Role(); $role->setRoleId(ROLE_ID_READER); $role->setSchedConfId($schedConf->getId()); $role->setConferenceId($conference->getId()); $role->setUserId($user->getId()); $roleDao->insertRole($role); $sessionManager =& SessionManager::getManager(); $session =& $sessionManager->getUserSession(); $session->setSessionVar('username', $user->getUsername()); // Make sure subsequent requests to Request::getUser work Validation::login($this->getData('username'), $this->getData('password'), $reason); import('classes.user.form.CreateAccountForm'); CreateAccountForm::sendConfirmationEmail($user, $this->getData('password'), true); } // Get the registration type $registrationDao = DAORegistry::getDAO('RegistrationDAO'); $registrationTypeDao = DAORegistry::getDAO('RegistrationTypeDAO'); $registrationType =& $registrationTypeDao->getRegistrationType($this->getData('registrationTypeId')); if (!$registrationType || $registrationType->getSchedConfId() != $schedConf->getId()) { $this->request->redirect('index'); } import('classes.payment.ocs.OCSPaymentManager'); $paymentManager = new OCSPaymentManager($this->request); if (!$paymentManager->isConfigured()) { return REGISTRATION_NO_PAYMENT; } if ($this->_registration) { // An existing registration was already in place. Compare and notify someone. $oldRegistration =& $this->_registration; $oldRegistrationType =& $registrationTypeDao->getRegistrationType($oldRegistration->getTypeId()); unset($this->_registration); import('mail.MailTemplate'); $mail = new MailTemplate('USER_REGISTRATION_CHANGE'); $mail->setFrom($schedConf->getSetting('registrationEmail'), $schedConf->getSetting('registrationName')); $mail->addRecipient($schedConf->getSetting('registrationEmail'), $schedConf->getSetting('registrationName')); $optionsDiffer = ''; $registrationOptionDao = DAORegistry::getDAO('RegistrationOptionDAO'); $registrationOptionIterator =& $registrationOptionDao->getRegistrationOptionsBySchedConfId($schedConf->getId()); $oldRegistrationOptionIds = $registrationOptionDao->getRegistrationOptions($oldRegistration->getRegistrationId()); while ($registrationOption =& $registrationOptionIterator->next()) { $optionId = $registrationOption->getOptionId(); $previouslyChosen = in_array($optionId, $oldRegistrationOptionIds); $newlyChosen = in_array($optionId, $registrationOptionIds); if ($previouslyChosen && !$newlyChosen) { $optionsDiffer .= __('schedConf.registrationOptions.removed', array('option' => $registrationOption->getRegistrationOptionName())) . "\n"; } elseif (!$previouslyChosen && $newlyChosen) { $optionsDiffer .= __('schedConf.registrationOptions.added', array('option' => $registrationOption->getRegistrationOptionName())) . "\n"; } unset($registrationOption); } $mail->assignParams(array('managerName' => $schedConf->getSetting('registrationName'), 'registrationId' => $oldRegistration->getRegistrationId(), 'registrantName' => $user->getFullName(), 'oldRegistrationType' => $oldRegistrationType->getSummaryString(), 'newRegistrationType' => $registrationType->getSummaryString(), 'differingOptions' => $optionsDiffer, 'username' => $user->getUsername(), 'registrationContactSignature' => $schedConf->getSetting('registrationName'))); $mail->send(); $registrationDao->deleteRegistrationById($oldRegistration->getRegistrationId()); } import('classes.registration.Registration'); $registration = new Registration(); $registration->setSchedConfId($schedConf->getId()); $registration->setUserId($user->getId()); $registration->setTypeId($this->getData('registrationTypeId')); $registration->setSpecialRequests($this->getData('specialRequests') ? $this->getData('specialRequests') : null); $registration->setDateRegistered(time()); $registrationId = $registrationDao->insertRegistration($registration); $registrationOptionDao = DAORegistry::getDAO('RegistrationOptionDAO'); $registrationOptions =& $registrationOptionDao->getRegistrationOptionsBySchedConfId($schedConf->getId()); $cost = $registrationType->getCost(); $registrationOptionCosts = $registrationTypeDao->getRegistrationOptionCosts($this->getData('registrationTypeId')); while ($registrationOption =& $registrationOptions->next()) { if (in_array($registrationOption->getOptionId(), $registrationOptionIds) && strtotime($registrationOption->getOpeningDate()) < time() && strtotime($registrationOption->getClosingDate()) > time() && $registrationOption->getPublic()) { $registrationOptionDao->insertRegistrationOptionAssoc($registrationId, $registrationOption->getOptionId()); $cost += $registrationOptionCosts[$registrationOption->getOptionId()]; } unset($registrationOption); } $queuedPayment =& $paymentManager->createQueuedPayment($schedConf->getConferenceId(), $schedConf->getId(), QUEUED_PAYMENT_TYPE_REGISTRATION, $user->getId(), $registrationId, $cost, $registrationType->getCurrencyCodeAlpha()); $queuedPaymentId = $paymentManager->queuePayment($queuedPayment, time() + 60 * 60 * 24 * 30); // 30 days to complete if ($cost == 0) { $paymentManager->fulfillQueuedPayment($this->request, $queuedPaymentId, $queuedPayment); return REGISTRATION_FREE; } else { $paymentManager->displayPaymentForm($queuedPaymentId, $queuedPayment); } $this->_registration =& $registration; $this->_queuedPayment =& $queuedPayment; return REGISTRATION_SUCCESSFUL; }
/** * Handle incoming requests/notifications * @param $request PKPRequest */ function handle($args, &$request) { $templateMgr =& TemplateManager::getManager(); $schedConf =& $request->getSchedConf(); if (!$schedConf) { return parent::handle($args); } // Just in case we need to contact someone import('classes.mail.MailTemplate'); // Prefer technical support contact $contactName = $schedConf->getSetting('supportName'); $contactEmail = $schedConf->getSetting('supportEmail'); if (!$contactEmail) { // Fall back on primary contact $contactName = $schedConf->getSetting('contactName'); $contactEmail = $schedConf->getSetting('contactEmail'); } $mail = new MailTemplate('PAYPAL_INVESTIGATE_PAYMENT'); $mail->setFrom($contactEmail, $contactName); $mail->addRecipient($contactEmail, $contactName); $paymentStatus = $request->getUserVar('payment_status'); switch (array_shift($args)) { case 'ipn': // Build a confirmation transaction. $req = 'cmd=_notify-validate'; if (get_magic_quotes_gpc()) { foreach ($_POST as $key => $value) { $req .= '&' . urlencode(stripslashes($key)) . '=' . urlencode(stripslashes($value)); } } else { foreach ($_POST as $key => $value) { $req .= '&' . urlencode($key) . '=' . urlencode($value); } } // Create POST response $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->getSetting($schedConf->getConferenceId(), $schedConf->getId(), 'paypalurl')); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded', 'Content-Length: ' . strlen($req))); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); $ret = curl_exec($ch); $curlError = curl_error($ch); curl_close($ch); // Check the confirmation response and handle as necessary. if (strcmp($ret, 'VERIFIED') == 0) { switch ($paymentStatus) { case 'Completed': $payPalDao = DAORegistry::getDAO('PayPalDAO'); $transactionId = $request->getUserVar('txn_id'); if ($payPalDao->transactionExists($transactionId)) { // A duplicate transaction was received; notify someone. $mail->assignParams(array('schedConfName' => $schedConf->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Duplicate transaction ID: {$transactionId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } else { // New transaction succeeded. Record it. $payPalDao->insertTransaction($transactionId, $request->getUserVar('txn_type'), $request->getUserVar('payer_email'), $request->getUserVar('receiver_email'), $request->getUserVar('item_number'), $request->getUserVar('payment_date'), $request->getUserVar('payer_id'), $request->getUserVar('receiver_id')); $queuedPaymentId = $request->getUserVar('custom'); import('classes.payment.ocs.OCSPaymentManager'); $ocsPaymentManager = new OCSPaymentManager($request); // Verify the cost and user details as per PayPal spec. $queuedPayment =& $ocsPaymentManager->getQueuedPayment($queuedPaymentId); if (!$queuedPayment) { // The queued payment entry is missing. Complain. $mail->assignParams(array('schedConfName' => $schedConf->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Missing queued payment ID: {$queuedPaymentId}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } if (($queuedAmount = $queuedPayment->getAmount()) != ($grantedAmount = $request->getUserVar('mc_gross')) || ($queuedCurrency = $queuedPayment->getCurrencyCode()) != ($grantedCurrency = $request->getUserVar('mc_currency')) || ($grantedEmail = $request->getUserVar('receiver_email')) != ($queuedEmail = $this->getSetting($schedConf->getConferenceId(), $schedConf->getId(), 'selleraccount'))) { // The integrity checks for the transaction failed. Complain. $mail->assignParams(array('schedConfName' => $schedConf->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Granted amount: {$grantedAmount}\n" . "Queued amount: {$queuedAmount}\n" . "Granted currency: {$grantedCurrency}\n" . "Queued currency: {$queuedCurrency}\n" . "Granted to PayPal account: {$grantedEmail}\n" . "Configured PayPal account: {$queuedEmail}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } // Fulfill the queued payment. if ($ocsPaymentManager->fulfillQueuedPayment($request, $queuedPaymentId, $queuedPayment)) { // Send the registrant a notification that their payment was received $schedConfSettingsDao = DAORegistry::getDAO('SchedConfSettingsDAO'); // Get registrant name and email $userDao = DAORegistry::getDAO('UserDAO'); $user =& $userDao->getById($queuedPayment->getUserId()); $registrantName = $user->getFullName(); $registrantEmail = $user->getEmail(); // Get conference contact details $schedConfId = $schedConf->getId(); $registrationName = $schedConfSettingsDao->getSetting($schedConfId, 'registrationName'); $registrationEmail = $schedConfSettingsDao->getSetting($schedConfId, 'registrationEmail'); $registrationPhone = $schedConfSettingsDao->getSetting($schedConfId, 'registrationPhone'); $registrationFax = $schedConfSettingsDao->getSetting($schedConfId, 'registrationFax'); $registrationMailingAddress = $schedConfSettingsDao->getSetting($schedConfId, 'registrationMailingAddress'); $registrationContactSignature = $registrationName; if ($registrationMailingAddress != '') { $registrationContactSignature .= "\n" . $registrationMailingAddress; } if ($registrationPhone != '') { $registrationContactSignature .= "\n" . AppLocale::Translate('user.phone') . ': ' . $registrationPhone; } if ($registrationFax != '') { $registrationContactSignature .= "\n" . AppLocale::Translate('user.fax') . ': ' . $registrationFax; } $registrationContactSignature .= "\n" . AppLocale::Translate('user.email') . ': ' . $registrationEmail; $paramArray = array('registrantName' => $registrantName, 'conferenceName' => $schedConf->getLocalizedName(), 'invoiceId' => $queuedPayment->getInvoiceId(), 'registrationContactSignature' => $registrationContactSignature); import('classes.mail.MailTemplate'); $mail = new MailTemplate('PAYPAL_PAYMENT_RECEIVED'); $mail->setFrom($registrationEmail, $registrationName); $mail->assignParams($paramArray); $mail->addRecipient($registrantEmail, $registrantName); $mail->send(); exit; } // If we're still here, it means the payment couldn't be fulfilled. $mail->assignParams(array('schedConfName' => $schedConf->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Queued payment ID {$queuedPaymentId} could not be fulfilled.", 'serverVars' => print_r($_SERVER, true))); $mail->send(); } exit; case 'Pending': // Ignore. exit; default: // An unhandled payment status was received; notify someone. $mail->assignParams(array('schedConfName' => $schedConf->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Payment status: {$paymentStatus}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } } else { // An unknown confirmation response was received; notify someone. $mail->assignParams(array('schedConfName' => $schedConf->getLocalizedName(), 'postInfo' => print_r($_POST, true), 'additionalInfo' => "Confirmation return: {$ret}\nCURL error: {$curlError}", 'serverVars' => print_r($_SERVER, true))); $mail->send(); exit; } break; case 'cancel': Handler::setupTemplate($request); $templateMgr->assign(array('currentUrl' => $request->url(null, null, 'index'), 'pageTitle' => 'plugins.paymethod.paypal.purchase.cancelled.title', 'message' => 'plugins.paymethod.paypal.purchase.cancelled')); $templateMgr->display('common/message.tpl'); exit; } parent::handle($args, $request); // Don't know what to do with it }