<?php
include dirname(__FILE__) . '/../../config/config.inc.php';
include dirname(__FILE__) . '/dibs.php';
$posted_values = array();
$errors = array();
$obj_dibs = new dibs();
$required_fields = array('orderid', 'paytype', 'transact', 'merchant', 'uniqueoid', 'amount', 'currency', 'authkey');
$valid_order = true;
if (count($_POST)) {
$posted_values = $_POST;
foreach ($required_fields as $field) {
if (!isset($posted_values[$field])) {
$errors[] = 'Missing field ' . $field;
}
}
$secure_cart = explode('_', $posted_values['uniqueoid']);
$arr_order_id = explode('_', $posted_values['orderid']);
$posted_values['orderid'] = $arr_order_id[0];
if ((string) $posted_values['merchant'] !== (string) dibs::$ID_MERCHANT) {
$errors[] = Tools::displayError('You did not use the correct merchant ID.');
}
$md5_key = md5(dibs::$MORE_SETTINGS['k2'] . md5(dibs::$MORE_SETTINGS['k1'] . 'transact=' . $posted_values['transact'] . '&amount=' . $posted_values['amount'] . '¤cy=' . $posted_values['currency']));
if ((string) $posted_values['authkey'] !== $md5_key) {
$errors[] = Tools::displayError('Your are not allowed to validate the command for security reasons.');
}
$message = '';
foreach ($posted_values as $key => $value) {
if (is_string($value) and in_array($key, $required_fields) and $key !== 'HTTP_COOKIE') {
$message .= $key . ': ' . $value . "\n";
}
private function preProcess()
{
if (Tools::isSubmit('submitModule')) {
self::$ID_MERCHANT = Tools::getValue('idMerchant') !== '' ? Tools::getValue('idMerchant') : self::$ID_MERCHANT;
self::$ACCEPTED_URL = Validate::isUrl(Tools::getValue('acceptedUrl')) ? Tools::getValue('acceptedUrl') : self::$ACCEPTED_URL;
self::$CANCELLED_URL = Validate::isUrl(Tools::getValue('cancelledUrl')) ? Tools::getValue('cancelledUrl') : self::$CANCELLED_URL;
self::$TESTING = (int) isset($_POST['testing']);
self::$MORE_SETTINGS['flexwin_color'] = Tools::getValue('flexwin_color');
self::$MORE_SETTINGS['logo_color'] = Tools::getValue('logo_color');
self::$MORE_SETTINGS['k1'] = Tools::getValue('k1');
self::$MORE_SETTINGS['k2'] = Tools::getValue('k2');
Configuration::updateValue('DIBS_ID_MERCHANT', self::$ID_MERCHANT);
Configuration::updateValue('DIBS_ACCEPTED_URL', self::$ACCEPTED_URL);
Configuration::updateValue('DIBS_CANCELLED_URL', self::$CANCELLED_URL);
Configuration::updateValue('DIBS_TESTING', self::$TESTING);
Configuration::updateValue('DIBS_MORE_SETTINGS', Tools::htmlentitiesUTF8(serialize(self::$MORE_SETTINGS)));
$data_sync = '';
if (self::$ID_MERCHANT !== '' and self::$TESTING !== 1 and self::$MORE_SETTINGS['k1'] !== '' and self::$MORE_SETTINGS['k2'] !== '') {
$data_sync = '<img src="http://api.prestashop.com/modules/dibs.png?site_id=' . urlencode(self::$ID_MERCHANT) . '" style="float:right" />';
}
return '<div class="conf confirm"><img src="../img/admin/ok.gif"/>' . $this->l('Configuration updated') . $data_sync . '</div>';
}
return '';
}
