//// Get data sent by PayFast if (!$pfError) { pflog('Get posted data'); // Posted variables from ITN $pfData = pfGetData(); pflog('PayFast Data: ' . print_r($pfData, true)); if ($pfData === false) { $pfError = true; $pfNotes[] = PF_ERR_BAD_ACCESS; } } //// Verify security signature if (!$pfError) { pflog('Verify security signature'); // If signature different, log for debugging if (!pfValidSignature($pfData, $pfParamString)) { $pfError = true; $pfNotes[] = PF_ERR_INVALID_SIGNATURE; } } //// Verify source IP (If not in debug mode) if (!$pfError && !PF_DEBUG) { pflog('Verify source IP'); if (!pfValidIP($_SERVER['REMOTE_ADDR'])) { $pfError = true; $pfNotes[] = PF_ERR_BAD_SOURCE_IP; } } //// Retrieve order from CubeCart if (!$pfError) { pflog('Get order');
$pfHost = $pf->live ? 'https://www.payfast.co.za' : 'https://sandbox.payfast.co.za'; $error = false; pflog('ITN received from payfast.co.za'); if (!pfValidIP($_SERVER['REMOTE_ADDR'])) { pflog('REMOTE_IP mismatch: '); $error = true; return false; } $data = pfGetData(); pflog('POST received from payfast.co.za: ' . print_r($data, true)); if ($data === false) { pflog('POST is empty: ' . print_r($data, true)); $error = true; return false; } if (!pfValidSignature($data, $pf->extra3)) { pflog('Signature mismatch on POST'); $error = true; return false; } pflog('Signature OK'); $itnPostData = array(); $itnPostDataValuePairs = array(); foreach ($_POST as $key => $value) { if ($key == 'signature') { continue; } $value = urlencode(stripslashes($value)); $value = preg_replace('/(.*[^%^0^D])(%0A)(.*)/i', '${1}%0D%0A${3}', $value); $itnPostDataValuePairs[] = "{$key}={$value}"; }
/** * indexAction * * Instantiate ITN model and pass ITN request to it */ public function execute() { $pre = __METHOD__ . " : "; $this->_logger->debug($pre . 'bof'); // Variable Initialization $pfError = false; $pfErrMsg = ''; $pfData = array(); $serverMode = $this->getConfigData('server'); $pfParamString = ''; $pfHost = $this->_paymentMethod->getPayfastHost($serverMode); pflog(' PayFast ITN call received'); pflog('Server = ' . $pfHost); //// Notify PayFast that information has been received if (!$pfError) { header('HTTP/1.0 200 OK'); flush(); } //// Get data sent by PayFast if (!$pfError) { // Posted variables from ITN $pfData = pfGetData(); if (empty($pfData)) { $pfError = true; $pfErrMsg = PF_ERR_BAD_ACCESS; } } //// Verify security signature if (!$pfError) { pflog('Verify security signature'); // If signature different, log for debugging if (!pfValidSignature($pfData, $pfParamString, $this->getConfigData('passphrase'), $this->getConfigData('server'))) { $pfError = true; $pfErrMsg = PF_ERR_INVALID_SIGNATURE; } } //// Verify source IP (If not in debug mode) if (!$pfError && !defined('PF_DEBUG')) { pflog('Verify source IP'); if (!pfValidIP($_SERVER['REMOTE_ADDR'], $serverMode)) { $pfError = true; $pfErrMsg = PF_ERR_BAD_SOURCE_IP; } } //// Get internal order and verify it hasn't already been processed if (!$pfError) { pflog("Check order hasn't been processed"); // Load order $orderId = $pfData['m_payment_id']; $this->_order = $this->_orderFactory->create()->loadByIncrementId($orderId); $this->storeId = $this->_order->getStoreId(); pflog('order status is : ' . $this->_order->getStatus()); // Check order is in "pending payment" state if ($this->_order->getStatus() !== \Magento\Sales\Model\Order::STATE_PENDING_PAYMENT) { $pfError = true; $pfErrMsg = PF_ERR_ORDER_PROCESSED; } } //// Verify data received if (!$pfError) { pflog('Verify data received'); $pfValid = pfValidData($pfHost, $pfParamString); if (!$pfValid) { $pfError = true; $pfErrMsg = PF_ERR_BAD_ACCESS; } } //// Check status and update order if (!$pfError) { pflog('Check status and update order'); // Successful if ($pfData['payment_status'] == "COMPLETE") { pflog('Order complete'); // Update order additional payment information $payment = $this->_order->getPayment(); $payment->setAdditionalInformation("payment_status", $pfData['payment_status']); $payment->setAdditionalInformation("m_payment_id", $pfData['m_payment_id']); $payment->setAdditionalInformation("pf_payment_id", $pfData['pf_payment_id']); $payment->setAdditionalInformation("email_address", $pfData['email_address']); $payment->setAdditionalInformation("amount_fee", $pfData['amount_fee']); $payment->registerCaptureNotification($pfData['amount_gross'], true); $payment->save(); // Save invoice $this->saveInvoice(); } } // If an error occurred if ($pfError) { pflog('Error occurred: ' . $pfErrMsg); $this->_logger->critical($pre . "Error occured : " . $pfErrMsg); } }