function decrypt_dps_response() { $PxAccess_Url = get_option('access_url'); $PxAccess_Userid = get_option('access_userid'); $PxAccess_Key = get_option('access_key'); $Mac_Key = get_option('mac_key'); $pxaccess = new PxAccess($PxAccess_Url, $PxAccess_Userid, $PxAccess_Key, $Mac_Key); $curgateway = get_option('payment_gateway'); $_GET = array(); $params = explode('&', $_SERVER['QUERY_STRING']); foreach ($params as $pair) { list($key, $value) = explode('=', $pair); $_GET[urldecode($key)] = urldecode($value); } $enc_hex = $_GET['result']; if ($enc_hex != null) { $rsp = $pxaccess->getResponse($enc_hex); $siteurl = get_option('siteurl'); $total_weight = 0; if ($rsp->getResponseText() == 'APPROVED') { $sessionid = $rsp->getMerchantReference(); $purchase_log = new WPSC_Purchase_Log($sessionid, 'sessionid'); if (!$purchase_log->is_transaction_completed()) { $purchase_log->set('processed', WPSC_Purchase_Log::ACCEPTED_PAYMENT); $purchase_log->save(); } } } return $sessionid; }
function decrypt_dps_response() { global $wpdb; $PxAccess_Url = get_option('access_url'); $PxAccess_Userid = get_option('access_userid'); $PxAccess_Key = get_option('access_key'); $Mac_Key = get_option('mac_key'); $pxaccess = new PxAccess($PxAccess_Url, $PxAccess_Userid, $PxAccess_Key, $Mac_Key); $curgateway = get_option('payment_gateway'); $sessionid = $_GET['sessionid']; $enc_hex = $_GET["result"]; if ($enc_hex != null) { $rsp = $pxaccess->getResponse($enc_hex); $siteurl = get_option('siteurl'); $total_weight = 0; if ($rsp->ResponseText == 'APPROVED') { $sessionid = $rsp->MerchantReference; $processing_stage = $wpdb->get_var("SELECT `processed` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid` = " . $sessionid . " LIMIT 1"); if ($processing_stage < 2) { $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '2' WHERE `sessionid` = " . $sessionid . " LIMIT 1"); } } } return $sessionid; }
public function VerifyOrderPayment() { require_once "lib/pxaccess.php"; $pxaccess = new PxAccess('https://www.paymentexpress.com/pxpay/pxpay.aspx', $this->GetValue('userid'), $this->GetValue('key'), $this->GetValue('mackey')); $rsp = $pxaccess->getResponse($_REQUEST["result"]); if ($rsp->getStatusRequired() == "1" || $rsp->getSuccess() != 1) { $GLOBALS['ISC_CLASS_LOG']->LogSystemError(array('payment', $this->GetName()), GetLang($this->_languagePrefix . 'ErrorInvalid')); return false; } $AmountSettlement = $rsp->getAmountSettlement(); $TxnData1 = $rsp->getTxnData1(); $currencySettlement = $rsp->getCurrencySettlement(); $currency = GetDefaultCurrency(); if ($currencySettlement != $currency['currencycode']) { $GLOBALS['ISC_CLASS_LOG']->LogSystemError(array('payment', $this->GetName()), GetLang($this->_languagePrefix . 'CurrencyMismatch'), sprintf("Sent %s. Returned %s", $currency['currencycode'], $currencySettlement)); return false; } if ($AmountSettlement != $this->GetGatewayAmount()) { $GLOBALS['ISC_CLASS_LOG']->LogSystemError(array('payment', $this->GetName()), GetLang($this->_languagePrefix . 'PaymentMismatch'), sprintf("Sent %s. Returned %s", $this->GetGatewayAmount(), $AmountSettlement)); return false; } if ($TxnData1 != $this->GetCombinedOrderId()) { $GLOBALS['ISC_CLASS_LOG']->LogSystemError(array('payment', $this->GetName()), GetLang($this->_languagePrefix . 'InvalidOrder'), sprintf("Sent %s. Returned %s", $this->GetCombinedOrderId(), $TxnData1)); return false; } $updatedOrder = array('ordpayproviderid' => $rsp->getMerchantTxnId(), 'ordpaymentstatus' => 'captured'); $this->UpdateOrders($updatedOrder); $GLOBALS['ISC_CLASS_LOG']->LogSystemSuccess(array('payment', $this->GetName()), GetLang($this->_languagePrefix . 'Success')); $this->SetPaymentStatus(PAYMENT_STATUS_PAID); return true; }
if (isset($_REQUEST['result'])) { require './init_payment.php'; $result = $_REQUEST['result']; include Registry::get('config.dir.payments') . 'dps_files/pxaccess.inc'; $payment_id = db_get_field("SELECT ?:payments.payment_id FROM ?:payments LEFT JOIN ?:payment_processors ON ?:payment_processors.processor_id = ?:payments.processor_id WHERE ?:payment_processors.processor_script = 'dps_access.php'"); $processor_data = fn_get_payment_method_data($payment_id); $PxAccess_Url = "https://sec.paymentexpress.com/pxpay/pxpay.aspx"; $PxAccess_Userid = $processor_data["processor_params"]["user_id"]; //Change to your user ID $PxAccess_Key = $processor_data["processor_params"]["key"]; //Your DES Key from DPS $Mac_Key = $processor_data["processor_params"]["mac_key"]; //Your MAC key from DPS $pxaccess = new PxAccess($PxAccess_Url, $PxAccess_Userid, $PxAccess_Key, $Mac_Key); $enc_hex = $result; $rsp = $pxaccess->getResponse($enc_hex); $order_alias = $rsp->getMerchantReference(); $_order_id = !empty($order_alias) ? $order_alias : Tygh::$app['session']['dps_access']['order_id']; $order_id = strpos($_order_id, '_') ? substr($_order_id, 0, strpos($_order_id, '_')) : $_order_id; $pp_response = array(); $pp_response['order_status'] = $rsp->getSuccess() == "1" ? 'P' : 'F'; $pp_response['reason_text'] = $rsp->getResponseText(); if ($pp_response['order_status'] == 'P') { $pp_response['reason_text'] .= "; Auth code: " . $rsp->getAuthCode(); // from bank } $pp_response['transaction_id'] = $rsp->getDpsTxnRef(); //This payment send two absolutely identical response, so, to avoid double email notifications we should check session data if (!isset(Tygh::$app['session']['dps_access']) && fn_check_payment_script('dps_access.php', $order_id)) { fn_finish_payment($order_id, $pp_response, false); } else {
/** * This method is handles the response that will be invoked by the * notification or request sent by the payment processor. * hex string from paymentexpress is passed to this function as hex string. Code based on googleIPN * mac_key is only passed if the processor is pxaccess as it is used for decryption * $dps_method is either pxaccess or pxpay */ public static function main($dps_method, $rawPostData, $dps_url, $dps_user, $dps_key, $mac_key) { $config = CRM_Core_Config::singleton(); define('RESPONSE_HANDLER_LOG_FILE', $config->uploadDir . 'CiviCRM.PaymentExpress.log'); //Setup the log file if (!($message_log = fopen(RESPONSE_HANDLER_LOG_FILE, "a"))) { error_func("Cannot open " . RESPONSE_HANDLER_LOG_FILE . " file.\n", 0); exit(1); } if ($dps_method == "pxpay") { $processResponse = CRM_Core_Payment_PaymentExpressUtils::_valueXml(array('PxPayUserId' => $dps_user, 'PxPayKey' => $dps_key, 'Response' => $_GET['result'])); $processResponse = CRM_Core_Payment_PaymentExpressUtils::_valueXml('ProcessResponse', $processResponse); fwrite($message_log, sprintf("\n\r%s:- %s\n", date("D M j G:i:s T Y"), $processResponse)); // Send the XML-formatted validation request to DPS so that we can receive a decrypted XML response which contains the transaction results $curl = CRM_Core_Payment_PaymentExpressUtils::_initCURL($processResponse, $dps_url); fwrite($message_log, sprintf("\n\r%s:- %s\n", date("D M j G:i:s T Y"), $curl)); $success = FALSE; if ($response = curl_exec($curl)) { fwrite($message_log, sprintf("\n\r%s:- %s\n", date("D M j G:i:s T Y"), $response)); curl_close($curl); // Assign the returned XML values to variables $valid = CRM_Core_Payment_PaymentExpressUtils::_xmlAttribute($response, 'valid'); $success = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, 'Success'); $txnId = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, 'TxnId'); $responseText = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, 'ResponseText'); $authCode = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, 'AuthCode'); $DPStxnRef = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, 'DpsTxnRef'); $qfKey = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, "TxnData1"); $privateData = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, "TxnData2"); list($component, $paymentProcessorID, ) = explode(',', CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, "TxnData3")); $amount = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, "AmountSettlement"); $merchantReference = CRM_Core_Payment_PaymentExpressUtils::_xmlElement($response, "MerchantReference"); } else { // calling DPS failed CRM_Core_Error::fatal(ts('Unable to establish connection to the payment gateway to verify transaction response.')); exit; } } elseif ($dps_method == "pxaccess") { require_once 'PaymentExpress/pxaccess.inc.php'; global $pxaccess; $pxaccess = new PxAccess($dps_url, $dps_user, $dps_key, $mac_key); #getResponse method in PxAccess object returns PxPayResponse object #which encapsulates all the response data $rsp = $pxaccess->getResponse($rawPostData); $qfKey = $rsp->getTxnData1(); $privateData = $rsp->getTxnData2(); list($component, $paymentProcessorID) = explode(',', $rsp->getTxnData3()); $success = $rsp->getSuccess(); $authCode = $rsp->getAuthCode(); $DPStxnRef = $rsp->getDpsTxnRef(); $amount = $rsp->getAmountSettlement(); $MerchantReference = $rsp->getMerchantReference(); } $privateData = $privateData ? self::stringToArray($privateData) : ''; // Record the current count in array, before we start adding things (for later checks) $countPrivateData = count($privateData); // Private Data consists of : a=contactID, b=contributionID,c=contributionTypeID,d=invoiceID,e=membershipID,f=participantID,g=eventID $privateData['contactID'] = $privateData['a']; $privateData['contributionID'] = $privateData['b']; $privateData['contributionTypeID'] = $privateData['c']; $privateData['invoiceID'] = $privateData['d']; if ($component == "event") { $privateData['participantID'] = $privateData['f']; $privateData['eventID'] = $privateData['g']; } elseif ($component == "contribute") { if ($countPrivateData == 5) { $privateData["membershipID"] = $privateData['e']; } } $transactionReference = $authCode . "-" . $DPStxnRef; list($mode, $component, $duplicateTransaction) = self::getContext($privateData, $transactionReference); $mode = $mode ? 'test' : 'live'; $paymentProcessor = CRM_Financial_BAO_PaymentProcessor::getPayment($paymentProcessorID, $mode); $ipn = self::singleton($mode, $component, $paymentProcessor); //Check status and take appropriate action if ($success == 1) { if ($duplicateTransaction == 0) { $ipn->newOrderNotify($success, $privateData, $component, $amount, $transactionReference); } if ($component == "event") { $finalURL = CRM_Utils_System::url('civicrm/event/register', "_qf_ThankYou_display=1&qfKey={$qfKey}", FALSE, NULL, FALSE); } elseif ($component == "contribute") { $finalURL = CRM_Utils_System::url('civicrm/contribute/transact', "_qf_ThankYou_display=1&qfKey={$qfKey}", FALSE, NULL, FALSE); } CRM_Utils_System::redirect($finalURL); } else { if ($component == "event") { $finalURL = CRM_Utils_System::url('civicrm/event/confirm', "reset=1&cc=fail&participantId={$privateData['participantID']}", FALSE, NULL, FALSE); } elseif ($component == "contribute") { $finalURL = CRM_Utils_System::url('civicrm/contribute/transact', "_qf_Main_display=1&cancel=1&qfKey={$qfKey}", FALSE, NULL, FALSE); } CRM_Utils_System::redirect($finalURL); } }