public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
list($action, $status, $id) = explode("-", $request->getActionName());
if ($action != 'status') {
if ($action != 'ipn' && $action != 'thanks' || $request->get('transaction_status') == 'SETTLED') {
parent::directAction($request, $response, $invokeArgs);
}
return;
}
if (!in_array($status, array('return', 'ok', 'fail'))) {
throw new Am_Exception_InternalError("Bad status-request {$status}");
}
if (!$id) {
throw new Am_Exception_InternalError("Invoice ID is absent");
}
if (!($this->invoice = $this->getDi()->invoiceTable->findFirstByPublicId($id))) {
throw new Am_Exception_InternalError("Invoice not found by id [{$id}]");
}
switch ($status) {
case 'return':
$url = $request->get('transactionStatus') == 'REJECTED' ? $this->getCancelUrl() : $this->getReturnUrl();
break;
case 'ok':
$url = $this->getReturnUrl();
break;
case 'fail':
$url = $this->getCancelUrl();
break;
}
$response->setRedirect($url);
}
/**
* Throws exception if no permissions added
* @param Am_Request $request
* @param array $record
*/
public function checkPermissions(Am_Request $request, $alias, $method)
{
if ($this->getDi()->config->get('api_debug_mode')) {
$this->getDi()->errorLogTable->log('REST API :' . var_export($request->getParams(), true));
}
$event = $this->getDi()->hook->call(Am_Event::API_CHECK_PERMISSIONS, array('request' => $request, 'alias' => $alias, 'method' => $method));
foreach ($event->getReturn() as $return) {
if ($return === true) {
return;
}
// skip checks if allowed by hook
}
$s = $request->getFiltered('_key');
if (empty($s) || strlen($s) < 10) {
throw new Am_Exception_InputError("API Error 10001 - no [key] specified or key is too short");
}
$apikey = $this->getDi()->apiKeyTable->findFirstByKey($s);
if (!$apikey || $apikey->is_disabled) {
throw new Am_Exception_InputError("API Error 10002 - [key] is not found or disabled");
}
$perms = $apikey->getPerms();
if (empty($perms[$alias][$method]) || !$perms[$alias][$method]) {
throw new Am_Exception_InputError("API Error 10003 - no permissions for {$alias}-{$method} API call");
}
}
function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->getActionName() == 'ipn') {
echo 'OK';
}
return parent::directAction($request, $response, $invokeArgs);
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->getActionName() == 'ipn' && ($request->getParam('monelib_meaning') == 'USEMULTISHOT' || $request->getParam('monelib_meaning') == 'USEEZSHOT')) {
return;
}
parent::directAction($request, $response, $invokeArgs);
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->getFiltered('INVNUM', $request->getFiltered('INVOICE')) == '') {
$response->setRedirect($this->getRootUrl() . '/thanks');
} else {
parent::directAction($request, $response, $invokeArgs);
}
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->getActionName() == 'thanks') {
return $this->thanksAction($request, $response, $invokeArgs);
} else {
return parent::directAction($request, $response, $invokeArgs);
}
}
public function createTransaction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->getActionName() == 'api') {
return new Am_Paysystem_Transaction_1shoppingcart_api($this, $request, $response, $invokeArgs);
} else {
return new Am_Paysystem_Transaction_1shoppingcart($this, $request, $response, $invokeArgs);
}
}
public function createTransaction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->get('ACK')) {
return new Am_Paysystem_WsoPro_Transaction_PRO($this, $request, $response, $invokeArgs);
} else {
return new Am_Paysystem_WsoPro_Transaction($this, $request, $response, $invokeArgs);
}
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
$user = $this->getDi()->user;
$id = $this->getDi()->app->reveal($request->getActionName());
//actualy it is notification_id
$notification = $this->getDi()->notificationTable->load($id);
$this->getDi()->notificationClickTable->log($user, $notification);
Am_Controller::redirectLocation($notification->url);
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ('reject' == $request->getActionName()) {
$invoice = $this->getDi()->invoiceTable->findFirstByPublicId($request->get("orderDescription"));
$url = $this->getRootUrl() . "/cancel?id=" . $invoice->getSecureId('CANCEL');
return Am_Controller::redirectLocation($url);
} else {
return parent::directAction($request, $response, $invokeArgs);
}
}
public function _process(Invoice $invoice, Am_Request $request, Am_Paysystem_Result $result)
{
$user = $invoice->getUser();
$a = new Am_Paysystem_Action_Redirect($this->host());
$vars = array('TransactionType' => 'SALE', 'ServiceID' => $this->getConfig('ServiceID'), 'PaymentID' => $invoice->public_id, 'OrderNumber' => $invoice->public_id, 'PaymentDesc' => $invoice->getLineDescription(), 'MerchantReturnURL' => $this->getPluginUrl('thanks'), 'Amount' => $invoice->first_total, 'CurrencyCode' => $invoice->currency, 'CustIP' => $request->getClientIp(), 'CustName' => $user->getName(), 'CustEmail' => $user->email, 'CustPhone' => $user->phone, 'MerchantName' => $this->getDi()->config->get('site_title'), 'PageTimeout' => '3600');
$a->HashValue = hash('sha256', $this->getConfig('password') . $vars['ServiceID'] . $vars['PaymentID'] . $vars['MerchantReturnURL'] . $vars['Amount'] . $vars['CurrencyCode'] . $vars['CustIP'] . $vars['PageTimeout']);
foreach ($vars as $k => $v) {
$a->{$k} = $v;
}
$result->setAction($a);
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->getActionName() == self::ACTION_IPN) {
return parent::directAction($request, $response, $invokeArgs);
} else {
$request->setActionName($request->getActionName());
$p = new Am_Controller_CreditCard($request, $response, $invokeArgs);
$p->setPlugin($this);
$p->run();
}
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->getActionName() == 'refund') {
echo "OK";
ob_flush();
return $this->refundAction($request, $response, $invokeArgs);
} else {
echo "<softshop></softshop>";
ob_flush();
parent::directAction($request, $response, $invokeArgs);
}
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
$actionName = $request->getActionName();
if ($actionName == 'fail') {
$invoice = $this->getDi()->invoiceTable->findFirstByPublicId($request->getParam('m_orderid'));
if (!$invoice) {
throw new Am_Exception_InputError();
}
return Am_Controller::redirectLocation($this->getRootUrl() . "/cancel?id=" . $invoice->getSecureId('CANCEL'));
} else {
return parent::directAction($request, $response, $invokeArgs);
}
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->getActionName() == 'ipn') {
try {
parent::directAction($request, $response, $invokeArgs);
} catch (Exception $ex) {
$this->getDi()->errorLogTable->logException($ex);
}
echo '45000';
} else {
parent::directAction($request, $response, $invokeArgs);
}
}
public function __construct(Am_Paysystem_Abstract $plugin, Am_Request $request, Zend_Controller_Response_Http $response, $invokeArgs)
{
$DR = preg_replace("/\\s/", "+", $request->get('DR', $_GET['DR']));
$rc4 = new Crypt_RC4($plugin->getConfig('secret', 'ebskey'));
$QueryString = base64_decode($DR);
$rc4->decrypt($QueryString);
$QueryString = split('&', $QueryString);
foreach ($QueryString as $param) {
$param = split('=', $param);
$request->setParam($param[0], $param[1]);
}
parent::__construct($plugin, $request, $request, $invokeArgs);
}
/** @return Am_Module|null */
public function getModule()
{
$module = $this->_request->getModuleName();
if ($module == 'default') {
return null;
}
return $this->getDi()->modules->get($module);
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
$invoice = $this->getDi()->invoiceTable->findBySecureId($request->getFiltered('id'), $this->getId());
if (!$invoice) {
throw new Am_Exception_InputError(___("Sorry, seems you have used wrong link"));
}
$view = new Am_View();
$html = $this->getConfig('html', 'SITE OWNER DID NOT PROVIDE INSTRUCTIONS FOR OFFLINE PAYMENT YET');
$tpl = new Am_SimpleTemplate();
$tpl->invoice = $invoice;
$tpl->user = $this->getDi()->userTable->load($invoice->user_id);
$tpl->invoice_id = $invoice->invoice_id;
$tpl->cancel_url = REL_ROOT_URL . '/cancel?id=' . $invoice->getSecureId('CANCEL');
$view->content = $tpl->render($html);
$view->title = $this->getTitle();
$response->setBody($view->render("layout.phtml"));
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->getActionName() == 'cancelpaysafecart') {
// SEE par.3
@(list($id, $code) = explode('-', filterId($request->getFiltered('id')), 2));
$invoice = Am_Di::getInstance()->InvoiceTable->findFirstByPublicId(filterId($id));
if (!$invoice) {
throw new Am_Exception_InputError("No invoice found [{$id}]");
}
$invoice->setCancelled(true);
$a = new Am_Paysystem_Action_HtmlTemplate_Paysafecard($this->getDir(), 'payment-paysafecard-cancel.phtml');
$a->process(new Am_Controller($request, $response, $invokeArgs));
// see par.3
} else {
parent::directAction($request, $response, $invokeArgs);
}
}
public function run()
{
$record = $this->grid->getRecord();
$record->generateCode();
$vars = $record->toRow();
unset($vars['saved_form_id']);
unset($vars['default_for']);
$vars['title'] = ___('Copy of') . ' ' . $record->title;
$back = @$_SERVER['HTTP_X_REQUESTED_WITH'];
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest';
$request = new Am_Request($vars + array($this->grid->getId() . '_a' => 'insert-' . $record->type, $this->grid->getId() . '_b' => $this->grid->getBackUrl()), Am_Request::METHOD_POST);
$controller = new AdminSavedFormController($request, new Zend_Controller_Response_Http(), array('di' => Am_Di::getInstance()));
$request->setModuleName('default')->setControllerName('admin-saved-form')->setActionName('index')->setDispatched(true);
$controller->dispatch('indexAction');
$response = $controller->getResponse();
$response->sendResponse();
$_SERVER['HTTP_X_REQUESTED_WITH'] = $back;
}
public function createTransaction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
switch ($request->get("transactionType")) {
case Am_Paysystem_Transaction_Plimus::CHARGE:
case Am_Paysystem_Transaction_Plimus::RECURRING:
case Am_Paysystem_Transaction_Plimus::AUTH_ONLY:
return new Am_Paysystem_Transaction_Plimus_Charge($this, $request, $response, $invokeArgs);
case Am_Paysystem_Transaction_Plimus::CANCELLATION:
return new Am_Paysystem_Transaction_Plimus_Cancellation($this, $request, $response, $invokeArgs);
case Am_Paysystem_Transaction_Plimus::REFUND:
return new Am_Paysystem_Transaction_Plimus_Refund($this, $request, $response, $invokeArgs);
case Am_Paysystem_Transaction_Plimus::CANCELLATION_REFUND:
return new Am_Paysystem_Transaction_Plimus_Cancellation_Refund($this, $request, $response, $invokeArgs);
case Am_Paysystem_Transaction_Plimus::CONTRACT_CHANGE:
return new Am_Paysystem_Transaction_Plimus_Contract_Change($this, $request, $response, $invokeArgs);
default:
return null;
}
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->getActionName() == 'ipn') {
$accessCode = $request->getFiltered('AccessCode');
$result = new Am_Paysystem_Result();
$transaction = new Am_Paysystem_Transaction_EwayRapid3($this, $accessCode);
$transaction->run($result);
if (!($invoice = $transaction->getInvoice())) {
throw new Am_Exception_InputError();
}
$this->_setInvoice($invoice);
if ($result->isSuccess()) {
Am_Controller::redirectLocation($this->getReturnUrl($invoice));
} else {
Am_Controller::redirectLocation($this->getCancelUrl($invoice));
}
} else {
parent::directAction($request, $response, $invokeArgs);
}
}
public function setRequest(Am_Request $request)
{
$this->completeRequest = $request;
$arr = array();
foreach ($request->toArray() as $k => $v) {
if (strpos($k, $this->id . '_') === 0) {
$k = substr($k, strlen($this->id) + 1);
if (!strlen($k)) {
continue;
}
$arr[$k] = $v;
}
}
$this->request = new Am_Request($arr);
$sort = $this->request->get('sort');
if (!empty($sort)) {
$sort = explode(' ', $sort, 2);
$this->getDataSource()->setOrder(filterId($sort[0]), !empty($sort[1]));
}
}
protected function ccActionValidateSetInvoice(Am_Request $request, array $invokeArgs)
{
$invoiceId = $request->getFiltered('cc_id');
if (!$invoiceId) {
throw new Am_Exception_InputError("invoice_id is empty - seems you have followed wrong url, please return back to continue");
}
$invoice = $this->getDi()->invoiceTable->findBySecureId($invoiceId, $this->getId());
if (!$invoice) {
throw new Am_Exception_InputError('You have used wrong link for payment page, please return back and try again');
}
if ($invoice->isCompleted()) {
throw new Am_Exception_InputError(sprintf(___('Payment is already processed, please go to %sMembership page%s'), "<a href='" . htmlentities($this->getDi()->config->get('root_url')) . "/member'>", "</a>"));
}
if ($invoice->paysys_id != $this->getId()) {
throw new Am_Exception_InputError("You have used wrong link for payment page, please return back and try again");
}
if ($invoice->tm_added < sqlTime('-30 days')) {
throw new Am_Exception_InputError("Invoice expired - you cannot open invoice after 30 days elapsed");
}
$this->invoice = $invoice;
// set for reference
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->getActionName() == 'thanks') {
if ($this->getConfig('debugLog')) {
Am_Di::getInstance()->errorLogTable->log('NetBilling Form [response-thanks]:' . json_encode($request->getParams()));
}
$this->invoice = $this->getDi()->invoiceTable->findFirstByPublicId($request->getFiltered('Ecom_ConsumerOrderID'));
$url = $request->get('Ecom_Ezic_Response_StatusCode') == 0 || $request->get('Ecom_Ezic_Response_StatusCode') == 'F' ? $this->getCancelUrl() : $this->getReturnUrl();
$response->setRedirect($url);
} else {
parent::directAction($request, $response, $invokeArgs);
}
}
public function _process(Invoice $invoice, Am_Request $request, Am_Paysystem_Result $result)
{
$xml = new SimpleXMLElement('<request/>');
$transactiondetails = $xml->addChild('transactiondetails');
$transactiondetails->addChild('merchantcode', $this->getConfig('merchantid'));
$transactiondetails->addChild('merchantpwd', $this->getConfig('merchantpwd'));
$transactiondetails->addChild('trackid', $invoice->public_id);
$transactiondetails->addChild('customerip', $request->getClientIp());
$transactiondetails->addChild('udf1', $invoice->public_id);
$transactiondetails->addChild('customerid', $invoice->getLogin());
$paymentdetails = $xml->addChild('paymentdetails');
$paymentdetails->addChild('paysource', 'enets');
$paymentdetails->addChild('amount', $invoice->first_total);
$paymentdetails->addChild('currency', $invoice->currency);
$paymentdetails->addChild('actioncode', 1);
$notificationurls = $xml->addChild('notificationurls');
$notificationurls->addChild('successurl', $this->getReturnUrl());
$notificationurls->addChild('failurl', $this->getCancelUrl());
$shippingdetails = $xml->addChild('shippingdetails');
foreach (array('ship_address' => $invoice->getStreet(), 'ship_email' => $invoice->getEmail(), 'ship_postal' => $invoice->getZip(), 'ship_address2' => $invoice->getStreet1(), 'ship_city' => $invoice->getCity(), 'ship_state' => $invoice->getState(), 'ship_phone' => $invoice->getPhone(), 'ship_country' => $invoice->getCountry()) as $k => $v) {
$shippingdetails->addChild($k, $v);
}
$req = new Am_HttpRequest($this->getConfig('gatewayurl'), Am_HttpRequest::METHOD_POST);
$req->setHeader('Content-type: text/xml; charset=utf-8')->setHeader('Connection:close')->setBody($xml->asXML());
$response = $req->send();
$resxml = @simplexml_load_string($response->getBody());
if (!$resxml instanceof SimpleXMLElement) {
throw new Am_Exception_InputError('Incorrect Gateway response received!');
}
if ($paymenturl = (string) $resxml->transactionresponse->paymenturl) {
$a = new Am_Paysystem_Action_Redirect($paymenturl);
$result->setAction($a);
} else {
throw new Am_Exception_InputError('Incorrect Gateway response received! Got: ' . (string) $resxml->responsedesc);
}
}
public function directAction(Am_Request $request, Zend_Controller_Response_Http $response, array $invokeArgs)
{
if ($request->getActionName() == 'confirm') {
$invoice = $this->getDi()->invoiceTable->findFirstBy(array('public_id' => $request->get('invoice')));
if (!$invoice) {
throw new Am_Exception_InputError('An error occurred while payment request');
}
if ($user = $this->getDi()->auth->getUser()) {
if ($user->user_id != $invoice->user_id) {
throw new Am_Exception_InputError('An error occurred while payment request');
}
}
$product = $this->getDi()->productTable->load($invoice->getItem(0)->item_id);
$billers = json_decode($product->data()->getBlob('sliiing_billers'), true);
if (!@$billers['options'][$request->get('biller')]) {
throw new Am_Exception_InputError('An error occurred while payment request');
}
//redirect
$aff = '0';
$lin = '0';
$refe_url = '0';
$ip = '0';
$keyword = '0';
if (isset($_COOKIE['MID'])) {
$mid = base64_decode($_COOKIE['MID']);
list($aff, $lin, $refe_url, $ip, $keyword) = explode('|', $mid);
}
$datas = base64_encode("{$aff}|{$lin}|{$refe_url}|{$ip}|{$keyword}");
$url = $billers['options'][$request->get('biller')];
$url = str_replace('$datas', $datas, $url) . '&x_invoice_id=' . $invoice->public_id . '&username='******'&email=' . urlencode($invoice->getUser()->email);
header('Location: ' . $url);
exit;
} else {
parent::directAction($request, $response, $invokeArgs);
}
}
/**
* Compare request IP with configured in plugin
* and raise exception if that is wrong
* @param mixed $ip string will be parsed using this format: $ip1_start [- $ip1_end][\n$ip2_start [- $ip2_end]] etc...
* Array should have this format: array( array('start1', 'stop1'), single_ip, array('start2', 'stop2'))
* also it may automatically check for hostname belonging to subdomain like
* .worldpay.com
*/
public function _checkIp($ip)
{
$got = $this->request->getClientIp(false);
if (!is_array($ip)) {
$expected = array();
foreach (split("\n", $ip) as $l) {
if (strpos($l, "-") !== false) {
list($k, $v) = split("-", $l);
$expected[] = array(trim($k), trim($v));
} else {
$expected[] = trim($l);
}
}
} else {
$expected = $ip;
}
$expected = array_filter($expected);
if (empty($expected)) {
throw new Am_Exception_InputError("{$this->plugin->getId()} configuration error. Expected IP address array is empty!");
}
$found = false;
$hostname = null;
foreach ($expected as $v) {
if (is_array($v)) {
if (ip2long($got) >= ip2long($v[0]) && ip2long($got) <= ip2long($v[1])) {
$found = true;
break;
}
} else {
if ($got == $v) {
$found = true;
break;
}
if ($v[0] == '.') {
if (!$hostname) {
$hostname = gethostbyaddr($got);
}
if (preg_match($x = '|' . preg_quote($v) . '$|', $hostname)) {
$found = true;
break;
}
}
}
}
if (!$found) {
throw new Am_Exception_Paysystem_TransactionSource("{$this->plugin->getId()} post comes from unknown IP [{$got}]");
}
}
public function setValue($value)
{
if (is_string($value)) {
$value = Am_Controller::decodeJson($value);
}
$this->value = (array) $value;
foreach ($this->value as &$row) {
if (empty($row['id'])) {
continue;
}
if (isset($row['config']) && is_string($row['config'])) {
parse_str($row['config'], $c);
if (get_magic_quotes_gpc()) {
$c = Am_Request::ss($c);
}
// remove quotes
$row['config'] = $c;
}
if ($brick = $this->getBrick($row['class'], $row['id'])) {
$brick->setFromRecord($row);
}
}
// handle special case - where there is a "multiple" brick and that is enabled
// we have to insert additional brick to "disabled", so new bricks of same
// type can be added in editor
$disabled = $this->getBricks(self::DISABLED);
foreach ($this->getBricks(self::ENABLED) as $brick) {
if (!$brick->isMultiple()) {
continue;
}
$found = false;
foreach ($disabled as $dBrick) {
if ($dBrick->getClass() == $brick->getClass()) {
$found = true;
break;
}
}
// create new disabled brick of same class
if (!$found) {
$this->getBrick($brick->getClass(), null);
}
}
}
public function getIncomingSecurityKey(Am_Request $r)
{
return md5(sprintf('DateTime=%s&TransactionID=%s&OrderId=%s&Amount=%s&Currency=%s&PrivateSecurityKey=%s', $r->get('DateTime'), $r->get('TransactionID'), $r->get('OrderId'), $r->get('Amount'), $r->get('Currency'), $this->getConfig('security_key')));
}
