function webPayment()
{
if (!isset($this->payment) || !$this->payment->payment_id) {
$this->payment = new Payment();
if (!$this->payment->fillFromDbPk($this->order->payment_id)) {
$this->apiError('Invalid Payment Request');
} else {
// if this is an SS upsell order and BLS type payment, set the cc_encrypt fields from the DB values
if ($this->wsType == 'u' && $this->payment->method_id == 14) {
$this->payment->cc_number_encrypt = $this->payment->txt3;
$this->payment->cc_cvv_encrypt = $this->payment->txt4;
}
}
}
// remove salvage flag if needed
if ($this->order->isFlag('salvage')) {
$this->order->removeFlags('salvage');
$this->order->save();
}
// Is this a real payment profile? check to make sure the gateway is still current. if not, switch to cur
// IGNORE FOR ATTACHMENT/CHARITY/1Click CAMPS. gateway_id used will be what's already in the order->gateway_id
if ($this->campaign->profile_id && $this->wsType != 'c') {
$gid = ProfileGateways::getCurrentGatewayByIds($this->campaign->profile_id, $this->payment->method_id, $this->post['ps']);
// ,$this->order->gateway->system_code
if ($gid && $gid != $this->order->gateway_id) {
$this->order->gateway_id = $gid;
} else {
if (!$gid && !$this->order->gateway_id) {
$gid = 5;
}
}
// set to DEFAULT gateway_id so at least the card can be charged. Do we want to error out here?
unset($gid);
}
$paymentAPI = new PaymentAPI();
$paymentAPI->setModel($this->payment);
$total = $this->order->amount_product + $this->order->amount_shipping;
$externalRedirect = false;
if (!$this->test) {
$paymentResponse = $paymentAPI->payOrder($this->order->order_id, $total);
if ($this->wsType != 'x1') {
fb($paymentAPI);
fb($paymentResponse);
}
}
// what happened?
// ($this->order->isFlag('test') && $this->payment->cc_number == Config::get()->payments->pacnet['testCC']) ||
if ($this->test || $paymentResponse->getstatus() != 'error') {
// ACCEPTED
if ($this->test || !isset($paymentResponse->redirectUrl)) {
// || (!isset($paymentResponse->redirectUrl) && $this->payment->method_id != 14)
$this->order->status = 'ok';
}
if ($this->test || $paymentResponse->attemptStatus == Attempt::SUCCESS_STATUS) {
//(stripos($this->payment->method->method_ref,'cc_') !== false && $this->payment->method_id != 14)) {
// APPROVED / PAID
// was the payment actually processed, like a cc_debit? set order total
// set the paid flag and payment_total if an attempt status = success
$this->order->addFlags('paid');
$this->order->payment_total = $total;
} else {
// was the payment accepted by the gateway, but not actually processed?
//$this->order->addFlags('paid');
if (isset($paymentResponse->redirectUrl)) {
$externalRedirect = true;
}
}
$this->order->updated = 'NOW():sql';
//date("Y-m-d H:i:s");
if (!$this->order->save()) {
//this should never happen. just log the error, email the team and assume its all good for the customer
fb($this->order->getErrors());
$msg = 'POST PAYMENT ORDER SAVE ERROR ' . print_r($this->order->getErrors(), 1);
$ord = json_encode($this->order);
$pst = isset($this->post) ? json_encode($this->post) : json_encode($_POST);
$dump = $msg . PHP_EOL . PHP_EOL . $ord . PHP_EOL . $pst . PHP_EOL;
error_log($dump, 3, getcwd() . "/api_error_log.log");
}
// is this a prospect salvage order? DON'T NEED THIS ANYMORE SINCE PROSPECT EMAILS ARE HANDLED BY SILVERPOP
// ProspectEmail::setProspectSale($this->order->campaign_id,$this->order->customer_id);
// If this is a gc order, don't finalize the order until payment confirmation comes through
if (!$externalRedirect && ($this->order->status == 'ok' && $this->order->isFlag('paid'))) {
$this->finalizeOrder();
}
// GATEWAY ROUTING UPDATE - DISABLED FOR NOW
// using try/catch here in case something happens the user will still be taken back to the thankyou page
try {
// NEED TO UPDATE THE GATEWAY LIMITS AND STATUS. WOULD BE BENEFICIAL IS THIS WERE SOMEHOW AN ASYNCHRONOUS FUNCTION CALL
// REENABLE!!!!!
//if(!$this->order->isFlag('test')) {
$pg = new ProfileGateways('ProfileGateway');
$o = clone $this->order;
$pg->processGatewayRoutingByOrder($o);
unset($o);
//}
} catch (Exception $e) {
$msg = 'GATEWAY ROUTING UPDATE ERROR';
$ord = json_encode($this->order->getDataArray());
$pst = isset($this->post) ? json_encode($this->post) : json_encode($_POST);
$dump = $msg . PHP_EOL . $ord . PHP_EOL . $pst . PHP_EOL;
error_log($dump, 3, getcwd() . "/api_error_log.log");
}
// If this is a gc order, don't process the attached orders
if (!$externalRedirect) {
// direct to return_url if not CRM order
if ($this->wsType != 'x1') {
$this->thankYou();
}
} else {
// GC Payment redirect
$this->apiSuccess($paymentResponse->redirectUrl);
}
} else {
// DECLINED
$msg = $this->declinedOrder($paymentResponse);
$this->apiError($msg);
}
}
function ajaxAction()
{
if (!isset($_POST['ajax'])) {
throw new AFHttpException(404, 'page_not_found');
}
if ($this->access->actionAccess('update')) {
/*
DEPRECATED BECAUSE ITS UPDATED ON SPECIFIC PAGES
if(isset($_POST['update_customer_information']))
{
if(isset($_POST['CustomerModel']))
{
$customerModel=new Customer();
$customerModel->fillFromArray($_POST['CustomerModel'], false);
$customerModel->model_uset_id = $this->user->user_id;
$customerModel->save(false);
}
if(isset($_POST['ShippingAddress']))
{
$sAddressModel=new Address();
$sAddressModel->fillFromArray($_POST['ShippingAddress'], false);
$sAddressModel->model_uset_id = $this->user->user_id;
$sAddressModel->save(false);
}
if(isset($_POST['BillingAddress']) && $_POST['ShippingAddress']['address_id']!=$_POST['BillingAddress']['address_id'])
{
$bAddressModel=new Address();
$bAddressModel->fillFromArray($_POST['BillingAddress'], false);
$bAddressModel->model_uset_id = $this->user->user_id;
$bAddressModel->save(false);
}
OrderLog::createLog($this->user->user_id, $_POST['order_id'], 2);
Message::echoJsonSuccess(__('customer_information_updated'));
}
*/
if (isset($_POST['order_set_chargeback_amount'])) {
$orderID = (int) AF::get($_POST, 'order_id', 0);
$amount = AF::get($_POST, 'amount', 0);
$type = (int) AF::get($_POST, 'type', 0);
$modelOrder = Order::model()->findByPk($orderID);
$new_amount = $modelOrder->chargeBackSet($amount, $type, $this->user->user_id);
if ($new_amount) {
Message::echoJsonSuccess(array('answer' => __('order_chargeback_amount_updated'), 'new_amount' => $new_amount));
} else {
$msg = $amount > $modelOrder->maxAmountChargeback ? __('order_chargeback_amount_exceeded') : __('order_chargeback_amount_no_updated');
Message::echoJsonError($msg);
}
die;
/*// we need to make sure the chargeback flag is set. if not, set flag and log it
if(!$modelOrder->isFlag('chargeback')) {
$modelOrder->addFlags('chargeback');
$modelOrder->save(false);
$orderProducts=OrderProducts::getProductsByOrderID($orderID);
foreach($orderProducts as $orderProduct) {
$orderProduct->removeFlags('recurring');
$orderProduct->save();
}
OrderLog::createLog($this->user->user_id, $orderID, 11, 'chargeback');
}
if( $modelOrder && in_array($type, array(29, 30)) && $amount <= $modelOrder->maxAmountChargeback && $orderID)
{
$notes = ($amount) ? $amount : null;
OrderLog::createLog($this->user->user_id, $orderID, $type, $notes, $amount);
Message::echoJsonSuccess(array('answer'=>__('order_chargeback_amount_updated'), 'new_amount'=>$modelOrder->maxAmountChargeback));
}
else {
$msg = ($amount > $modelOrder->maxAmountChargeback) ? __('order_chargeback_amount_exceeded') :__('order_chargeback_amount_no_updated') ;
Message::echoJsonError($msg);
}
die;*/
}
if (isset($_POST['rma_code'])) {
$orderModel = new Order();
$orderModel->order_id = (int) AF::get($_POST, 'order_id', 0);
$orderModel->rma_code = (int) AF::get($_POST, 'rma_code', 0);
$orderModel->setRMA($this->user->user_id);
Message::echoJsonSuccess($orderModel->rma_number);
die;
}
if (isset($_POST['order_refund']) && $this->access->actionAccess('order_refund')) {
$orderID = AF::get($_POST, 'order_id');
$amountRefunded = AF::get($_POST, 'amount_refunded', 0);
$model = Order::model()->findByPk($orderID);
$model->refunded($amountRefunded);
if (!$model->errors) {
$paymentAPI = new PaymentAPI();
$response = $paymentAPI->refundOrder($model, $amountRefunded);
if ($response->status == 'success') {
if ($amountRefunded == $model->max_refund) {
$op = OrderProduct::model();
//new OrderProducts('OrderProduct');
$op->cancelRecurring($model->order_id);
unset($op);
$model->status = 'void';
}
$model->amount_refunded = number_format($amountRefunded + $model->amount_refunded, 2);
$model->payment_total = number_format($model->payment_total - $amountRefunded, 2);
if (!$model->save()) {
fb($model->getErrors());
}
OrderLog::createLog($this->user->user_id, $model->order_id, 13, $amountRefunded);
Event::setEvents($model->order_id, 7);
Message::echoJsonSuccess(__('order_is_refunded'));
} else {
Message::echoJsonError(__('order_not_refunded') . ' ' . $response->alerts2string . ' ' . $response->errors2string);
}
} else {
Message::echoJson('error', array('errors' => $model->errors, 'message' => $model->errors2string));
}
}
if (isset($_POST['order_void']) && $this->access->actionAccess('order_refund')) {
$orderLogsModel = new OrderLog();
$orderLogsModel->user_id = $this->user->user_id;
$orderLogsModel->action = 3;
if (!$orderLogsModel->canVoid()) {
Message::echoJsonSuccess(__('you_cant_do_void'));
}
$orderID = AF::get($_POST, 'order_id');
$model = Order::model()->findByPk($orderID);
if ($model->status == 'void') {
Message::echoJsonSuccess(__('order_is_voided'));
}
$paymentAPI = new PaymentAPI();
$response = $paymentAPI->voidOrder($model);
if ($response->status == 'success') {
// unset recurring products
$orderProducts = new OrderProducts('OrderProduct');
$orderProducts->cancelRecurring($model->order_id);
unset($orderProducts);
$model->status = 'void';
$model->amount_refunded = $model->payment_total;
$model->payment_total = '0';
$model->save();
OrderLog::createLog($this->user->user_id, $model->order_id, 3, __('success') . ' ' . $model->amount_refunded);
Event::setEvents($this->order->order_id, 6);
Message::echoJsonSuccess(__('order_is_voided'));
} else {
OrderLog::createLog($this->user->user_id, $model->order_id, 3, __('failed') . ' ' . $model->max_refund);
Message::echoJsonError(__('order_not_void') . ' ' . $response->alerts2string . ' ' . $response->errors2string);
}
}
if (isset($_POST['rebill_now']) && $this->access->actionAccess('order_rebill_now')) {
$orderID = AF::get($_POST, 'order_id');
$productID = AF::get($_POST, 'product_id');
if (!$orderID || !$productID) {
Message::echoJsonSuccess(__('invalid_request'));
}
$newOrderID = Order::rebillNow($orderID, $productID);
if ($newOrderID) {
$orderModel = Order::model()->findByPk($newOrderID);
$paymentAPI = new PaymentAPI();
$response = $paymentAPI->payOrder($orderModel, $orderModel->amount);
if ($response->status == 'success') {
$orderModel->status = 'ok';
$orderModel->removeFlags('pay');
$orderModel->addFlags('paid');
$orderModel->payment_total = $response->attemptModel->amount;
$orderModel->save();
//update recurring_next
$msql = SafeMySQL::getInstance();
$sql = "UPDATE `orders_products`\n JOIN `products` USING(`product_id`)\n SET `orders_products`.`recurring_next` = DATE_ADD(NOW(), INTERVAL `products`.`subscription_days` DAY)\n WHERE FIND_IN_SET('recurring', `orders_products`.`flags`)>0\n AND `orders_products`.`order_id`=?i";
$msql->query($sql, $orderModel->order_id);
// log action on parent order for visibility
OrderLog::createLog($this->user->user_id, $orderID, 27, __('success') . ' ' . $orderModel->payment_total . ' - Child Order ' . $orderID);
OrderLog::createLog($this->user->user_id, $orderModel->order_id, 27, __('success') . ' ' . $orderModel->payment_total);
Event::setEvents($orderModel->order_id, 6);
Message::echoJsonSuccess(__('order_is_rebill'));
} else {
$orderModel->status = 'error';
//delete the pay flag
$orderModel->removeFlags('pay');
if ($orderModel->billing_cycle > 0) {
$orderModel->addFlags('retry');
}
$orderModel->save();
// log failed attempt on parent order
OrderLog::createLog($this->user->user_id, $orderID, 27, __('failed') . ' ' . $orderModel->amount . ' - Child Order ' . $orderID);
OrderLog::createLog($this->user->user_id, $orderModel->order_id, 27, __('failed') . ' ' . $orderModel->amount);
Message::echoJsonError(__('order_not_rebill') . ' ' . $response->alerts2string . ' ' . $response->errors2string);
}
} else {
Message::echoJsonSuccess(__('order_rebill_now_error'));
}
//$orderLogsModel=new OrderLog();
//$orderLogsModel->user_id=$this->user->user_id;
//$orderLogsModel->action=27;
/*
$orderLogsModel=new OrderLog();
$orderLogsModel->user_id=$this->user->user_id;
$orderLogsModel->action=3;
if(!$orderLogsModel->canVoid())
Message::echoJsonSuccess(__('you_cant_do_void'));
$orderID = AF::get($_POST, 'order_id');
$model=Order::model()->findByPk($orderID);
if($model->status=='void')
Message::echoJsonSuccess(__('order_is_voided'));
$paymentAPI=new PaymentAPI();
$response=$paymentAPI->voidOrder($model);
if($response->status=='success')
{
// unset recurring products
$orderProducts = new OrderProducts('OrderProduct');
$orderProducts->cancelRecurring($model->order_id);
unset($orderProducts);
$model->status = 'void';
$model->amount_refunded = $response->attemptModel->amount;
$model->save();
OrderLog::createLog($this->user->user_id, $model->order_id, 3, __('success').' '.$model->amount_refunded);
Event::setEvents($this->order->order_id, 6);
Message::echoJsonSuccess(__('order_is_voided'));
}
else
{
OrderLog::createLog($this->user->user_id, $model->order_id, 3, __('failed').' '.$model->max_refund);
Message::echoJsonError(__('order_not_void').' '.$response->alerts2string.' '.$response->errors2string);
}
*/
}
}
die;
}