/** * Process Transaction URL notification * * @param IsotopeProductCollection|Order $objOrder */ public function processPostsale(IsotopeProductCollection $objOrder) { if (\Input::post('aid') != $this->payone_aid || \Input::post('portalid') != $this->payone_portalid || \Input::post('mode') == 'test' && !$this->debug || \Input::post('mode') == 'live' && $this->debug) { \System::log('PayOne configuration mismatch', __METHOD__, TL_ERROR); die('TSOK'); } // Ignore all except these actions if (\Input::post('txaction') != 'appointed' && \Input::post('txaction') != 'capture' && \Input::post('txaction') != 'paid') { die('TSOK'); } if (\Input::post('currency') != $objOrder->currency || $objOrder->getTotal() != \Input::post('price')) { \System::log('PayOne order data mismatch for Order ID "' . \Input::post('reference') . '"', __METHOD__, TL_ERROR); die('TSOK'); } if (!$objOrder->checkout()) { \System::log('Postsale checkout for Order ID "' . \Input::post('reference') . '" failed', __METHOD__, TL_ERROR); die('TSOK'); } if (\Input::post('txaction') == 'paid' && \Input::post('balance') == 0) { $objOrder->date_paid = time(); } $objOrder->updateOrderStatus($this->new_order_status); $objOrder->save(); // PayOne must get TSOK as return value, otherwise the request will be sent again die('TSOK'); }
/** * Return the checkout form. * @param IsotopeProductCollection The order being places * @param Module The checkout module instance * @return string */ public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule) { global $objPage; $objAddress = $objOrder->getBillingAddress(); $arrData['instId'] = $this->worldpay_instId; $arrData['cartId'] = $objOrder->id; $arrData['amount'] = number_format($objOrder->getTotal(), 2); $arrData['currency'] = $objOrder->currency; $arrData['description'] = Translation::get($this->worldpay_description); $arrData['name'] = substr($objAddress->firstname . ' ' . $objAddress->lastname, 0, 40); if ($objAddress->company != '') { $arrData['address1'] = substr($objAddress->company, 0, 84); $arrData['address2'] = substr($objAddress->street_1, 0, 84); $arrData['address3'] = substr($objAddress->street_2, 0, 84); } else { $arrData['address1'] = substr($objAddress->street_1, 0, 84); $arrData['address2'] = substr($objAddress->street_2, 0, 84); $arrData['address3'] = substr($objAddress->street_3, 0, 84); } $arrData['town'] = substr($objAddress->city, 0, 30); $arrData['region'] = substr($objAddress->subdivision, 0, 30); $arrData['postcode'] = substr($objAddress->postal, 0, 12); $arrData['country'] = strtoupper($objAddress->country); $arrData['tel'] = substr($objAddress->phone, 0, 30); $arrData['email'] = substr($objAddress->email, 0, 80); // Generate MD5 secret hash $arrData['signature'] = md5($this->worldpay_md5secret . ':' . implode(':', array_intersect_key($arrData, array_flip(trimsplit(':', $this->worldpay_signatureFields))))); $objTemplate = new \Isotope\Template('iso_payment_worldpay'); $objTemplate->setData($arrData); $objTemplate->id = $this->id; $objTemplate->pageId = $objPage->id; $objTemplate->debug = $this->debug; $objTemplate->action = $this->debug ? 'https://secure-test.worldpay.com/wcc/purchase' : 'https://secure.worldpay.com/wcc/purchase'; return $objTemplate->parse(); }
/** * Process PayPal Instant Payment Notifications (IPN) * @param IsotopeProductCollection */ public function processPostsale(IsotopeProductCollection $objOrder) { $objRequest = new \Request(); $objRequest->send('https://www.' . ($this->debug ? 'sandbox.' : '') . 'paypal.com/cgi-bin/webscr?cmd=_notify-validate', file_get_contents("php://input"), 'post'); if ($objRequest->hasError()) { \System::log('Request Error: ' . $objRequest->error, __METHOD__, TL_ERROR); exit; } elseif ($objRequest->response == 'VERIFIED' && (\Input::post('receiver_email', true) == $this->paypal_account || $this->debug)) { // Validate payment data (see #2221) if ($objOrder->currency != \Input::post('mc_currency') || $objOrder->getTotal() != \Input::post('mc_gross')) { \System::log('IPN manipulation in payment from "' . \Input::post('payer_email') . '" !', __METHOD__, TL_ERROR); return; } if (!$objOrder->checkout()) { \System::log('IPN checkout for Order ID "' . \Input::post('invoice') . '" failed', __METHOD__, TL_ERROR); return; } // Store request data in order for future references $arrPayment = deserialize($objOrder->payment_data, true); $arrPayment['POSTSALE'][] = $_POST; $objOrder->payment_data = $arrPayment; $objOrder->save(); // @see https://www.paypalobjects.com/webstatic/en_US/developer/docs/pdf/ipnguide.pdf switch (\Input::post('payment_status')) { case 'Completed': $objOrder->date_paid = time(); $objOrder->updateOrderStatus($this->new_order_status); break; case 'Canceled_Reversal': case 'Denied': case 'Expired': case 'Failed': case 'Voided': // PayPal will also send this notification if the order has not been placed. // What do we do here? // $objOrder->date_paid = ''; // $objOrder->updateOrderStatus(Isotope::getConfig()->orderstatus_error); break; case 'In-Progress': case 'Partially_Refunded': case 'Pending': case 'Processed': case 'Refunded': case 'Reversed': break; } $objOrder->payment_data = $arrPayment; $objOrder->save(); \System::log('PayPal IPN: data accepted', __METHOD__, TL_GENERAL); } else { \System::log('PayPal IPN: data rejected (' . $objRequest->response . ')', __METHOD__, TL_ERROR); } // 200 OK $objResponse = new Response(); $objResponse->send(); }
/** * Return the payment form * @param IsotopeProductCollection The order being places * @param Module The checkout module instance * @return string */ public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule) { $strCountry = in_array($objOrder->getBillingAddress()->country, array('de', 'ch', 'at')) ? $objOrder->getBillingAddress()->country : 'de'; $strUrl = 'https://www.sofortueberweisung.' . $strCountry . '/payment/start'; $arrParams = array('user_id' => $this->sofortueberweisung_user_id, 'project_id' => $this->sofortueberweisung_project_id, 'sender_holder' => '', 'sender_account_number' => '', 'sender_bank_code' => '', 'sender_country_id' => strtoupper($objOrder->getBillingAddress()->country), 'amount' => number_format($objOrder->getTotal(), 2, '.', ''), 'currency_id' => $objOrder->currency, 'reason_1' => \Environment::get('host'), 'reason_2' => '', 'user_variable_0' => $objOrder->id, 'user_variable_1' => $this->id, 'user_variable_2' => $objOrder->uniqid, 'user_variable_3' => '', 'user_variable_4' => '', 'user_variable_5' => '', 'project_password' => $this->sofortueberweisung_project_password); $arrParams['hash'] = sha1(implode('|', $arrParams)); $arrParams['language_id'] = $GLOBALS['TL_LANGUAGE']; $objTemplate = new \Isotope\Template('iso_payment_sofortueberweisung'); $objTemplate->setData($this->arrData); $objTemplate->action = $strUrl; $objTemplate->params = array_filter(array_diff_key($arrParams, array('project_password' => ''))); return $objTemplate->parse(); }
/** * Return the payment form * @param IsotopeProductCollection The order being places * @param Module The checkout module instance * @return string */ public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule) { // get current host and $strDescription = \Environment::get('host'); $objContact = \PageModel::findWithDetails($this->wirecard_contact); $arrParams = array('customerId' => $this->wirecard_customer_id, 'language' => $GLOBALS['TL_LANGUAGE'], 'paymentType' => 'SELECT', 'amount' => number_format($objOrder->getTotal(), 2, '.', ''), 'currency' => $objOrder->currency, 'orderDescription' => $strDescription, 'successUrl' => \Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder), 'cancelUrl' => \Environment::get('base') . $objModule->generateUrlForStep('process'), 'failureUrl' => \Environment::get('base') . $objModule->generateUrlForStep('failed'), 'serviceUrl' => \Environment::get('base') . \Controller::generateFrontendUrl($objContact->row()), 'confirmUrl' => \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id, 'customerStatement' => $strDescription, 'order_id' => $objOrder->id, 'order_uniqid' => $objOrder->uniqid, 'secret' => $this->wirecard_secret, 'REQUEST_TOKEN' => REQUEST_TOKEN); $arrParams['requestFingerprintOrder'] = implode(',', array_keys($arrParams)) . ',requestFingerprintOrder'; $arrParams['requestFingerprint'] = $this->calcHashArray($arrParams); $objTemplate = new \Isotope\Template('iso_payment_wirecard'); $objTemplate->setData($this->arrData); $objTemplate->action = 'https://checkout.wirecard.com/page/init.php'; $objTemplate->params = array_filter(array_diff_key($arrParams, array('secret' => ''))); return $objTemplate->parse(); }
/** * Generate the submit form for datatrans and if javascript is enabled redirect automaticly * @param IsotopeProductCollection The order being places * @param Module The checkout module instance * @return string */ public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule) { $objAddress = $objOrder->getBillingAddress(); $arrParams = array('merchantId' => $this->datatrans_id, 'amount' => round($objOrder->getTotal() * 100), 'currency' => $objOrder->currency, 'refno' => $objOrder->id, 'language' => $objOrder->language, 'reqtype' => $this->trans_type == 'auth' ? 'NOA' : 'CAA', 'uppCustomerDetails' => 'yes', 'uppCustomerTitle' => $objAddress->salutation, 'uppCustomerFirstName' => $objAddress->firstname, 'uppCustomerLastName' => $objAddress->lastname, 'uppCustomerStreet' => $objAddress->street_1, 'uppCustomerStreet2' => $objAddress->street_2, 'uppCustomerCity' => $objAddress->city, 'uppCustomerCountry' => $objAddress->country, 'uppCustomerZipCode' => $objAddress->postal, 'uppCustomerPhone' => $objAddress->phone, 'uppCustomerEmail' => $objAddress->email, 'successUrl' => ampersand(\Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder)), 'errorUrl' => ampersand(\Environment::get('base') . $objModule->generateUrlForStep('failed')), 'cancelUrl' => ampersand(\Environment::get('base') . $objModule->generateUrlForStep('failed')), 'mod' => 'pay', 'id' => $this->id); // Security signature (see Security Level 2) $arrParams['sign'] = hash_hmac('md5', $arrParams['merchantId'] . $arrParams['amount'] . $arrParams['currency'] . $arrParams['refno'], $this->datatrans_sign); $objTemplate = new \Isotope\Template('iso_payment_datatrans'); $objTemplate->id = $this->id; $objTemplate->action = 'https://' . ($this->debug ? 'pilot' : 'payment') . '.datatrans.biz/upp/jsp/upStart.jsp'; $objTemplate->params = $arrParams; $objTemplate->headline = $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][0]; $objTemplate->message = $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][1]; $objTemplate->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][2]); return $objTemplate->parse(); }
/** * HTML form for checkout * @param object * @param object * @return string */ public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule) { $strPrice = number_format(round($objOrder->getTotal(), 2), 2, '.', ''); $objTemplate = new \Isotope\Template('iso_payment_transferujpl'); $objTemplate->setData($this->arrData); $objTemplate->id = $this->id; $objTemplate->order_id = $objOrder->id; $objTemplate->amount = $strPrice; $objTemplate->products = specialchars(sprintf($GLOBALS['TL_LANG']['MSC']['transferujpl_order'], $objOrder->uniqid)); $objTemplate->hash = md5($this->transferujpl_id . $strPrice . $objOrder->id . $this->transferujpl_code); $objTemplate->postsaleUrl = \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id; $objTemplate->successUrl = \Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder); $objTemplate->errorUrl = \Environment::get('base') . $objModule->generateUrlForStep('failed'); $objTemplate->language = $GLOBALS['TL_LANGUAGE']; $objTemplate->address = $objOrder->getBillingAddress(); $objTemplate->headline = $GLOBALS['TL_LANG']['MSC']['pay_with_transferujpl'][0]; $objTemplate->message = $GLOBALS['TL_LANG']['MSC']['pay_with_transferujpl'][1]; $objTemplate->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_transferujpl'][2]); return $objTemplate->parse(); }
/** * Process PayPal Instant Payment Notifications (IPN) * * @param IsotopeProductCollection|Order $objOrder */ public function processPostsale(IsotopeProductCollection $objOrder) { if (\Input::post('payment_status') != 'Completed') { \System::log('PayPal IPN: payment status "' . \Input::post('payment_status') . '" not implemented', __METHOD__, TL_GENERAL); return; } $objRequest = new \Request(); $objRequest->send('https://www.' . ($this->debug ? 'sandbox.' : '') . 'paypal.com/cgi-bin/webscr?cmd=_notify-validate', file_get_contents("php://input"), 'post'); if ($objRequest->hasError()) { \System::log('PayPal IPN: Request Error (' . $objRequest->error . ')', __METHOD__, TL_ERROR); $response = new Response('', 500); $response->send(); } if ($objRequest->response != 'VERIFIED') { \System::log('PayPal IPN: data rejected (' . $objRequest->response . ')', __METHOD__, TL_ERROR); return; } if (\Input::post('receiver_email', true) != $this->paypal_account && !$this->debug) { \System::log('PayPal IPN: Account email does not match (got ' . \Input::post('receiver_email', true) . ', expected ' . $this->paypal_account . ')', __METHOD__, TL_ERROR); return; } // Validate payment data (see #2221) if ($objOrder->currency != \Input::post('mc_currency') || $objOrder->getTotal() != \Input::post('mc_gross')) { \System::log('PayPal IPN: manipulation in payment from "' . \Input::post('payer_email') . '" !', __METHOD__, TL_ERROR); return; } if (!$objOrder->checkout()) { \System::log('PayPal IPN: checkout for Order ID "' . \Input::post('invoice') . '" failed', __METHOD__, TL_ERROR); return; } // Store request data in order for future references $arrPayment = deserialize($objOrder->payment_data, true); $arrPayment['POSTSALE'][] = $_POST; $objOrder->payment_data = $arrPayment; $objOrder->date_paid = time(); $objOrder->updateOrderStatus($this->new_order_status); $objOrder->save(); \System::log('PayPal IPN: data accepted', __METHOD__, TL_GENERAL); }
/** * Return the redirect form. * @param IsotopeProductCollection The order being places * @param Module The checkout module instance * @return string */ public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule) { $objTemplate = new \Isotope\Template('iso_payment_paybyway'); $objTemplate->action = 'https://www.paybyway.com/e-payments/pay'; $objTemplate->headline = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][0]); $objTemplate->message = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][1]); $objTemplate->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][2]); $objTemplate->noscript = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][3]); $objTemplate->merchant_id = (int) $this->paybyway_merchant_id; $objTemplate->amount = round($objOrder->getTotal() * 100); $objTemplate->currency = 'EUR'; $objTemplate->order_number = $objOrder->id; $objTemplate->lang = $GLOBALS['TL_LANGUAGE'] == 'fi' ? 'FI' : 'EN'; $objTemplate->return_address = \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id; $objTemplate->cancel_address = \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id; if ($this->debug) { $objTemplate->action = 'https://www.paybyway.com/e-payments/test_pay'; $this->paybyway_private_key = 'private_key'; } $objTemplate->authcode = strtoupper(md5($this->paybyway_private_key . '|' . $objTemplate->merchant_id . '|' . $objTemplate->amount . '|' . $objTemplate->currency . '|' . $objTemplate->order_number . '|' . $objTemplate->lang . '|' . $objTemplate->return_address . '|' . $objTemplate->cancel_address)); return $objTemplate->parse(); }
/** * Return the PayPal form. * * @param IsotopeProductCollection The order being places * @param Module The checkout module instance * @return string */ public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule) { $arrData = array('popupId' => $this->expercash_popupId, 'jobId' => microtime(), 'functionId' => $objOrder->member ?: $objOrder->uniqid, 'transactionId' => $objOrder->id, 'amount' => round($objOrder->getTotal(), 2) * 100, 'currency' => $objOrder->currency, 'paymentMethod' => $this->expercash_paymentMethod, 'returnUrl' => \Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder), 'errorUrl' => \Environment::get('base') . $objModule->generateUrlForStep('failed'), 'notifyUrl' => \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id, 'profile' => $this->expercash_profile); $strKey = ''; $strUrl = 'https://epi.expercash.net/epi_popup2.php?'; foreach ($arrData as $k => $v) { $strKey .= $v; $strUrl .= $k . '=' . urlencode($v) . '&'; } if (is_file(TL_ROOT . '/' . $this->expercash_css)) { $strUrl .= 'cssUrl=' . urlencode(\Environment::get('base') . $this->expercash_css) . '&'; } $strUrl .= 'language=' . strtoupper($GLOBALS['TL_LANGUAGE']) . '&popupKey=' . md5($strKey . $this->expercash_popupKey); $strBuffer = ' <h2>' . $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][0] . '</h2> <p class="message">' . $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][1] . '</p> <iframe src="' . $strUrl . '" width="100%" height="500"> <p>Ihr Browser kann leider keine eingebetteten Frames anzeigen: Sie können die eingebettete Seite über den folgenden Verweis aufrufen: <a href="' . $strUrl . '">ExperCash</a></p> </iframe>'; return $strBuffer; }
/** * Validate input parameters and hash * * @param IsotopeProductCollection|Order $objOrder * * @return bool */ protected function validatePayment(IsotopeProductCollection $objOrder) { $arrValues = $_GET; unset($arrValues['hash']); unset($arrValues['auto_item']); unset($arrValues['step']); $strHash = md5(implode('', $arrValues) . $this->epay_secretkey); $intAmount = Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency); if ($strHash != \Input::get('hash')) { \System::log('Invalid hash for ePay payment. See system/logs/isotope_epay.log for more details.', __METHOD__, TL_ERROR); log_message(sprintf("Invalid hash for ePay payment:\ngot %s, expected %s\nParameters: %s\n\n", \Input::get('hash'), $strHash, print_r($arrValues, true)), 'isotope_epay.log'); return false; } if (Currency::getIsoNumber($objOrder->currency) != \Input::get('currency') || $intAmount != \Input::get('amount')) { \System::log('Currency or amount does not match order. See system/logs/isotope_epay.log for more details.', __METHOD__, TL_ERROR); log_message(sprintf("Currency or amount does not match order:\nCurrency: got %s (%s), expected %s\nAmount: got %s, expected %s\n\n", \Input::get('currency'), Currency::getIsoNumber($objOrder->currency), $objOrder->currency, \Input::get('amount'), $intAmount), 'isotope_epay.log'); return false; } return true; }
/** * Validate input parameters and hash * * @param IsotopeProductCollection|Order $objOrder * * @return bool */ private function validatePayment(IsotopeProductCollection $objOrder) { $checksum = hash_hmac("sha256", file_get_contents("php://input"), $this->quickpay_privateKey); if ($checksum != $_SERVER['HTTP_QUICKPAY_CHECKSUM_SHA256']) { \System::log('Invalid hash for QuickPay payment. See system/logs/isotope_quickpay.log for more details.', __METHOD__, TL_ERROR); log_message(sprintf("Invalid hash for QuickPay payment:\ngot %s, expected %s\nInput: %s\n\n", $_SERVER['HTTP_QUICKPAY_CHECKSUM_SHA256'], $checksum, file_get_contents("php://input")), 'isotope_quickpay.log'); return false; } $data = $this->getRequestResource(); if (null === $data) { return false; } $amount = Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency); if ($objOrder->currency != $data['currency'] || $amount != $data['operations'][0]['amount'] || 0 != $data['balance'] || $data['test_mode'] != $this->debug) { \System::log('QuickPay data was not accepted. See system/logs/isotope_quickpay.log for more details.', __METHOD__, TL_ERROR); log_message(sprintf("QuickPay data was not accepted:\n" . "Currency: got \"%s\", expected \"%s\"\n" . "Amount: got \"%s\", expected \"%s\"\n" . "Balance: got \"%s\", expected \"0\"\n" . "Accepted: got \"%s\", expected \"yes\"\n\n" . "Test Mode: got \"%s\", expected \"%s\"\n\n", $data['currency'], $objOrder->currency, $data['operations'][0]['amount'], $amount, $data['balance'], $data['accepted'] ? 'yes' : 'no', $data['test_mode'] ? 'yes' : 'no', $this->debug ? 'yes' : 'no'), 'isotope_quickpay.log'); return false; } return true; }
private function getCollectionTotalAsXML(IsotopeProductCollection $objCollection) { $intRebate = 0; $intRebateGross = 0; $strShippingName = ''; $intShippingPrice = 0; $intShippingPriceGross = 0; foreach ($objCollection->getSurcharges() as $objSurcharge) { if ($objSurcharge->total_price < 0) { $intRebate += round($objSurcharge->tax_free_total_price * 100); $intRebateGross += round($objSurcharge->total_price * 100); } elseif ($objSurcharge instanceof Shipping) { $strShippingName = $objSurcharge->label; $intShippingPrice += round($objSurcharge->tax_free_total_price * 100); $intShippingPriceGross += round($objSurcharge->total_price * 100); } } $xml = new \DOMDocument(); $total = $xml->createElement('total'); if ($intShippingPrice != 0 || $intShippingPriceGross != 0) { $shippingName = $xml->createAttribute('shippingname'); $shippingName->value = $strShippingName; $total->appendChild($shippingName); $shippingPrice = $xml->createAttribute('shippingprice'); $shippingPrice->value = $intShippingPrice; $total->appendChild($shippingPrice); $shippingPriceGross = $xml->createAttribute('shippingpricegross'); $shippingPriceGross->value = $intShippingPriceGross; $total->appendChild($shippingPriceGross); } if ($intRebate != 0 || $intRebateGross != 0) { $rebate = $xml->createAttribute('rebate'); $rebate->value = $intRebate; $total->appendChild($rebate); $rebateGross = $xml->createAttribute('rebategross'); $rebateGross->value = $intRebateGross; $total->appendChild($rebateGross); } $cartTotalPrice = $xml->createAttribute('carttotalprice'); $cartTotalPrice->value = round($objCollection->getTaxFreeTotal() * 100); $total->appendChild($cartTotalPrice); $cartTotalPriceGross = $xml->createAttribute('carttotalpricegross'); $cartTotalPriceGross->value = round($objCollection->getTotal() * 100); $total->appendChild($cartTotalPriceGross); $currency = $xml->createAttribute('currency'); $currency->value = $objCollection->currency; $total->appendChild($currency); $xml->appendChild($total); return $xml->saveXML($xml->documentElement); }
/** * Return the payment form. * @param IsotopeProductCollection The order being places * @param Module The checkout module instance * @return string */ public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule) { global $objPage; $arrUrl = array(); $strUrl = 'https://' . ($this->debug ? 'test' : '') . 'system.sparkassen-internetkasse.de/vbv/mpi_legacy?'; $arrParam = array('amount' => number_format($objOrder->getTotal(), 2, ',', ''), 'basketid' => $objOrder->source_collection_id, 'command' => 'sslform', 'currency' => $objOrder->currency, 'locale' => $objOrder->language, 'orderid' => $objOrder->id, 'paymentmethod' => $this->sparkasse_paymentmethod, 'sessionid' => $objPage->id, 'sslmerchant' => $this->sparkasse_sslmerchant, 'transactiontype' => $this->trans_type == 'auth' ? 'preauthorization' : 'authorization', 'version' => '1.5'); if ($this->sparkasse_merchantref != '') { $arrParam['merchantref'] = substr($this->replaceInsertTags($this->sparkasse_merchantref), 0, 30); } $arrParam['mac'] = $this->calculateHash($arrParam); foreach ($arrParam as $k => $v) { $arrUrl[] = $k . '=' . $v; } $strUrl .= implode('&', $arrUrl); return "\n<script>\nwindow.location.href = '" . $strUrl . "';\n</script>\n<h3>" . $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][0] . "</h3>\n<p>" . $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][1] . "</p>\n<p><a href=\"" . $strUrl . "\">" . $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][2] . "</a>"; }
/** * Replace insert tag for a product collection. * * @param IsotopeProductCollection $collection * @param array $tokens * * @return string */ private function getValueForCollectionTag(IsotopeProductCollection $collection, array $tokens) { switch ($tokens[1]) { case 'items': return $collection->countItems(); case 'quantity': return $collection->sumItemsQuantity(); case 'items_label': $intCount = $collection->countItems(); if (!$intCount) { return ''; } if ($intCount == 1) { return '(' . $GLOBALS['TL_LANG']['MSC']['productSingle'] . ')'; } else { return sprintf('(' . $GLOBALS['TL_LANG']['MSC']['productMultiple'] . ')', $intCount); } break; case 'quantity_label': $intCount = $collection->sumItemsQuantity(); if (!$intCount) { return ''; } if ($intCount == 1) { return '(' . $GLOBALS['TL_LANG']['MSC']['productSingle'] . ')'; } else { return sprintf('(' . $GLOBALS['TL_LANG']['MSC']['productMultiple'] . ')', $intCount); } break; case 'subtotal': return Isotope::formatPriceWithCurrency($collection->getSubtotal()); case 'taxfree_subtotal': return Isotope::formatPriceWithCurrency($collection->getTaxFreeSubtotal()); case 'total': return Isotope::formatPriceWithCurrency($collection->getTotal()); case 'taxfree_total': return Isotope::formatPriceWithCurrency($collection->getTaxFreeTotal()); case 'billing_address': if (!$collection instanceof IsotopeOrderableCollection || ($address = $collection->getBillingAddress()) === null) { return ''; } return $this->getValueForAddressTag($address, $tokens[2]); case 'shipping_address': if (!$collection instanceof IsotopeOrderableCollection || !$collection->hasShipping() || ($address = $collection->getShippingAddress()) === null) { return ''; } return $this->getValueForAddressTag($address, $tokens[2]); default: return $collection->{$tokens[1]}; } }
/** * Process post-sale requestion from the PSP payment server. * @param IsotopeProductCollection */ public function processPostsale(IsotopeProductCollection $objOrder) { if (!$this->validateSHASign()) { \System::log('Received invalid postsale data for order ID "' . $objOrder->id . '"', __METHOD__, TL_ERROR); return false; } // Validate payment data if ($objOrder->currency != $this->getRequestData('currency') || $objOrder->getTotal() != $this->getRequestData('amount')) { \System::log('Postsale checkout manipulation in payment for Order ID ' . $objOrder->id . '!', __METHOD__, TL_ERROR); return false; } // Validate payment status switch ($this->getRequestData('STATUS')) { case 9: // Zahlung beantragt (Authorize & Capture) $objOrder->date_paid = time(); // no break // no break case 5: // Genehmigt (Authorize ohne Capture) $intStatus = $this->new_order_status; break; case 41: // Unbekannter Wartezustand // Unbekannter Wartezustand case 51: // Genehmigung im Wartezustand // Genehmigung im Wartezustand case 91: // Zahlung im Wartezustand // Zahlung im Wartezustand case 52: // Genehmigung nicht bekannt // Genehmigung nicht bekannt case 92: // Zahlung unsicher if (($objConfig = $objOrder->getRelated('config_id')) === null) { $this->log('Config for Order ID ' . $objOrder->id . ' not found', __METHOD__, TL_ERROR); return false; } $intStatus = $objConfig->orderstatus_error; break; case 0: // Ungültig / Unvollständig // Ungültig / Unvollständig case 1: // Zahlungsvorgang abgebrochen // Zahlungsvorgang abgebrochen case 2: // Genehmigung verweigert // Genehmigung verweigert case 4: // Gespeichert // Gespeichert case 93: // Bezahlung verweigert // Bezahlung verweigert default: return false; } if (!$objOrder->checkout()) { \System::log('Post-Sale checkout for Order ID "' . $objOrder->id . '" failed', __METHOD__, TL_ERROR); return false; } $objOrder->updateOrderStatus($intStatus); $objOrder->save(); return true; }
/** * Generate POST data to initialize payment * * @param IsotopeProductCollection $objOrder * @param \Module $objModule * * @return array */ protected function generatePaymentPostData(IsotopeProductCollection $objOrder, \Module $objModule) { $arrData = array(); $arrData['ACCOUNTID'] = $this->saferpay_accountid; $arrData['AMOUNT'] = round($objOrder->getTotal() * 100, 0); $arrData['CURRENCY'] = $objOrder->currency; $arrData['SUCCESSLINK'] = \Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder); $arrData['FAILLINK'] = \Environment::get('base') . $objModule->generateUrlForStep('failed'); $arrData['BACKLINK'] = $arrData['FAILLINK']; $arrData['NOTIFYURL'] = \Environment::get('base') . '/system/modules/isotope/postsale.php?mod=pay&id=' . $this->id; $arrData['DESCRIPTION'] = $this->saferpay_description; $arrData['ORDERID'] = $objOrder->id; // order id // Additional attributes if ($this->saferpay_vtconfig) { $arrData['VTCONFIG'] = $this->saferpay_vtconfig; } if ($this->saferpay_paymentmethods != '') { $arrData['PAYMENTMETHODS'] = $this->saferpay_paymentmethods; } return $arrData; }
/** * HTML form for checkout * @param object * @param object * @return string */ public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule) { $time = time(); $strSessionId = $objOrder->id . '_' . uniqid(); $objAddress = $objOrder->getBillingAddress(); $intPrice = round($objOrder->getTotal(), 2) * 100; $strDescription = sprintf($GLOBALS['TL_LANG']['MSC']['payu_order'], $objOrder->uniqid); $objTemplate = new \Isotope\Template('iso_payment_payu'); $objTemplate->setData($this->arrData); $objTemplate->id = $this->id; $objTemplate->order_id = $objOrder->uniqid; $objTemplate->ts = $time; $objTemplate->amount = $intPrice; $objTemplate->session_id = $strSessionId; $objTemplate->desc = specialchars($strDescription); $objTemplate->sig = md5($this->payu_id . ($this->debug ? 't' : '') . $strSessionId . $this->payu_authKey . $intPrice . $strDescription . $objOrder->uniqid . $objAddress->firstname . $objAddress->lastname . $objAddress->street_1 . $objAddress->city . $objAddress->postal . $objAddress->country . $objAddress->email . $objAddress->phone . $GLOBALS['TL_LANGUAGE'] . \Environment::get('ip') . $time . $this->payu_key1); $objTemplate->ip = \Environment::get('ip'); $objTemplate->language = $GLOBALS['TL_LANGUAGE']; $objTemplate->address = $objAddress; $objTemplate->headline = $GLOBALS['TL_LANG']['MSC']['pay_with_payu'][0]; $objTemplate->message = $GLOBALS['TL_LANG']['MSC']['pay_with_payu'][1]; $objTemplate->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_payu'][2]); return $objTemplate->parse(); }
/** * Return the payment form. * @param IsotopeProductCollection The order being places * @param Module The checkout module instance * @return string */ public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule) { global $objPage; $objTemplate = new Template('iso_payment_sparkasse'); $objTemplate->amount = number_format($objOrder->getTotal(), 2, ',', ''); $objTemplate->basketid = $objOrder->source_collection_id; $objTemplate->currency = $objOrder->currency; $objTemplate->locale = $objOrder->language; $objTemplate->orderid = $objOrder->id; $objTemplate->sessionid = $objPage->id; $objTemplate->transactiontype = $this->trans_type == 'auth' ? 'preauthorization' : 'authorization'; $objTemplate->merchantref = ''; if ($this->sparkasse_merchantref != '') { $objTemplate->merchantref = substr($this->replaceInsertTags($this->sparkasse_merchantref), 0, 30); } $objTemplate->headline = $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][0]; $objTemplate->message = $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][1]; $objTemplate->link = $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][2]; // Unfortunately we can't use the class method for this // @todo change when PHP 5.4 is compulsory $objTemplate->calculateHash = function ($arrData) { ksort($arrData); return hash_hmac('sha1', implode('', $arrData), $this->sparkasse_sslpassword); }; return $objTemplate->parse(); }