static function getOrderPaymentResponse($payment_params, $order_number) { $xml = '<inquiry><orderInquiry orderCode="' . $order_number . '"/></inquiry>'; $xmlResult = self::sendXML($payment_params, $xml); if (!empty($xmlResult)) { $xmlElement = new SimpleXMLElement($xmlResult); $xmlArray = self::xml2phpArray($xmlElement); if (!empty($payment_params->showVars)) { self::showXMLReply($xmlArray); } if (!rbsglobalgateway_helper::validService($xmlArray, $payment_params)) { return null; } $orderStatus = $xmlArray['reply'][0]['orderStatus'][0]; if ($orderStatus['orderCode'] != $order_number) { rbsglobalgateway_helper::raiseError($payment_params->showVars, 'ERROR -> Order ID mismatch.'); return NULL; } } return $xmlResult; }
function onPaymentNotification(&$statuses) { $pluginsClass = hikashop_get('class.plugins'); $elements = $pluginsClass->getMethods('payment', 'bf_rbsglobalgateway'); if (empty($elements)) { return false; } $element = reset($elements); if (!$element->payment_params->notification) { return false; } $vars = array(); $data = array(); $filter = JFilterInput::getInstance(); foreach ($_REQUEST as $key => $value) { $key = $filter->clean($key); if (preg_match("#^[0-9a-z_-]{1,30}\$#i", $key) && !preg_match("#^cmd\$#i", $key)) { switch ($key) { case 'option': case 'ctrl': case 'task': case 'notif_payment': case 'tmpl': case 'lang': case 'status': case 'orderKey': case 'paymentStatus': case 'paymentAmount': case 'paymentCurrency': case 'orderAmount': case 'orderCurrency': case 'mac': case 'jlbz': case 'view': $value = JRequest::getString($key); $vars[$key] = $value; $data[] = $key . '=' . urlencode($value); break; } } } if (empty($vars['orderKey'])) { rbsglobalgateway_helper::raiseError($element->payment_params->showVars, 'Missing Order Key'); return false; } $orderKey = explode('^', @$vars['orderKey']); if ($orderKey[0] != @$element->payment_params->adminCode) { rbsglobalgateway_helper::raiseError($element->payment_params->showVars, 'Invalid admin code: ' . $orderKey[0]); } if (@$orderKey[1] != @$element->payment_params->merchantCode) { rbsglobalgateway_helper::raiseError($element->payment_params->showVars, 'Invalid merchant code: ' . $orderKey[1]); } $orderCode = @$orderKey[2]; if (empty($orderCode)) { rbsglobalgateway_helper::raiseError($element->payment_params->showVars, 'Missing Order Code'); return false; } if (empty($vars['paymentCurrency'])) { $vars['paymentCurrency'] = @$vars['orderCurrency']; if (empty($vars['paymentCurrency'])) { rbsglobalgateway_helper::raiseError($element->payment_params->showVars, 'Missing Payment Currency'); return false; } } if (empty($vars['paymentAmount'])) { $vars['paymentAmount'] = @$vars['orderAmount']; if (empty($vars['paymentAmount'])) { rbsglobalgateway_helper::raiseError($element->payment_params->showVars, 'Missing Payment Amount'); return false; } } if (!empty($element->payment_params->macSecret)) { $mac = rbsglobalgateway_helper::calculateMAC(@$vars['orderKey'], @$vars['paymentAmount'], @$vars['paymentCurrency'], @$vars['paymentStatus'], $element->payment_params->macSecret); if ($mac != @$vars['mac']) { rbsglobalgateway_helper::raiseError($element->payment_params->showVars, 'Invalid MAC'); } } if (empty($vars['paymentStatus'])) { $vars['paymentStatus'] = 'CANCELLED'; } if ($element->payment_params->debug) { echo print_r($vars, true) . "\n\n\n"; } $data = implode('&', $data) . '&cmd=_notify-validate'; $db = JFactory::getDBO(); $query = 'SELECT order_id FROM ' . hikashop_table('order') . ' WHERE order_number = ' . $db->Quote($orderCode) . ' LIMIT 1'; $db->setQuery($query); $order_id = $db->loadResult(); $orderClass = hikashop_get('class.order'); $dbOrder = $orderClass->get((int) $order_id); if (empty($dbOrder)) { rbsglobalgateway_helper::raiseError($method->payment_params->showVars, 'Could not load order : ' . $orderCode); return false; } $order = new stdClass(); $order->order_id = $dbOrder->order_id; $order->old_status->order_status = $dbOrder->order_status; $url = HIKASHOP_LIVE . 'administrator/index.php?option=com_hikashop&ctrl=order&task=edit&order_id=' . $order->order_id; $order_text = "\r\n" . JText::sprintf('NOTIFICATION_OF_ORDER_ON_WEBSITE', hikashop_encode($dbOrder), HIKASHOP_LIVE); $order_text .= "\r\n" . str_replace('<br/>', "\r\n", JText::sprintf('ACCESS_ORDER_WITH_LINK', $url)); if ($element->payment_params->debug) { echo print_r($dbOrder, true) . "\n\n\n"; } $mailer = JFactory::getMailer(); $config =& hikashop_config(); $sender = array($config->get('from_email'), $config->get('from_name')); $mailer->setSender($sender); $mailer->addRecipient(explode(',', $config->get('payment_notification_email'))); $currencyClass = hikashop_get('class.currency'); $currencies = null; $currencies = $currencyClass->getCurrencies($dbOrder->order_currency_id, $currencies); $currency = $currencies[$dbOrder->order_currency_id]; $fracDigits = (int) $currency->currency_locale['int_frac_digits']; $paymentAmount = (int) @$vars['paymentAmount'] / pow(10, $fracDigits); $order->history->history_reason = JText::sprintf('AUTOMATIC_PAYMENT_NOTIFICATION'); $order->history->history_notified = 0; $order->history->history_amount = $paymentAmount . @$vars['paymentCurrency']; $order->history->history_payment_id = $element->payment_id; $order->history->history_payment_method = $element->payment_type; $order->history->history_data = ob_get_clean(); $order->history->history_type = 'payment'; if (@$vars['paymentStatus'] != 'CANCELLED') { $price_check = round($dbOrder->order_full_price, $fracDigits); if ($price_check != $paymentAmount || $currency->currency_code != @$vars['paymentCurrency']) { $order->order_status = $element->payment_params->invalid_status; $orderClass->save($order); $mailer->setSubject(JText::sprintf('NOTIFICATION_REFUSED_FOR_THE_ORDER', 'Worldpay Global Gateway') . JText::_('INVALID_AMOUNT')); $body = str_replace('<br/>', "\r\n", JText::sprintf('AMOUNT_RECEIVED_DIFFERENT_FROM_ORDER', 'Worldpay Global Gateway', $order->history->history_amount, $price_check . $currency->currency_code)) . "\r\n\r\n" . $order_text; $mailer->setBody($body); $mailer->Send(); return false; } } switch ($vars['paymentStatus']) { case 'AUTHORISED': $payment_status = 'Authenticated'; $order_status = $element->payment_params->verified_status; $message = $element->payment_params->verifiedMessage; $url = $element->payment_params->verifiedURL; $order->history->history_notified = 1; break; case 'PENDING': $payment_status = 'Pending'; $order_status = $element->payment_params->pending_status; $message = $element->payment_params->pendingMessage; $url = $element->payment_params->pendingURL; break; case 'REFUSED': $payment_status = 'Refused'; $order_status = $element->payment_params->invalid_status; $message = $element->payment_params->invalidMessage; $url = $element->payment_params->invalidURL; break; case 'CANCELLED': $payment_status = 'Cancelled'; $order_status = $element->payment_params->cancelled_status; $message = $element->payment_params->cancelledMessage; $url = $element->payment_params->cancelledURL; break; default: $payment_status = 'Unknown'; $order_status = $element->payment_params->invalid_status; $message = $element->payment_params->invalidMessage; $url = $element->payment_params->invalidURL; break; } if (!empty($element->payment_params->responseRefField)) { $responseRefField = $element->payment_params->responseRefField; $response = rbsglobalgateway_helper::getOrderPaymentResponse($element->payment_params, $dbOrder->order_number); if (!empty($response)) { $order->{$responseRefField} = $response; } } if (!empty($order_status)) { $order->order_status = $order_status; } $order->mail_status = $statuses[$order->order_status]; $mailer->setSubject(JText::sprintf('PAYMENT_NOTIFICATION_FOR_ORDER', 'Worldpay Global Gateway', $payment_status, $dbOrder->order_number)); $body = str_replace('<br/>', "\r\n", JText::sprintf('PAYMENT_NOTIFICATION_STATUS', 'Worldpay Global Gateway', $vars['paymentStatus'])) . ' ' . JText::sprintf('ORDER_STATUS_CHANGED', $order->mail_status) . "\r\n\r\n" . $order_text; $mailer->setBody($body); $mailer->Send(); $orderClass->save($order); $dbg = null; if ($element->payment_params->debug) { $dbg = ob_get_clean(); } $app = JFactory::getApplication(); if (!empty($message)) { $app->set('_messageQueue', ''); JError::raiseNotice(100, $message); } if (!empty($url)) { if (empty($element->payment_params->showVars)) { $app->redirect($url); } else { echo '<a href="' . $url . '">Click here to continue...</a>'; echo '<pre>'; print_r($vars); echo '</pre>'; if (!empty($dbg)) { echo '<hr/><pre>' . $dbg . '</pre>'; } exit(0); } } if (!empty($dbg)) { ob_start(); echo $dbg; } return true; }