Exemplo n.º 1
0
 public function notifications($param)
 {
     global $wpdb, $prefix;
     $prefix = $wpdb->prefix . 'pwa_';
     try {
         $uuid = urldecode($param['UUID']);
         $timestamp = urldecode($param['Timestamp']);
         $Signature = str_replace(' ', '+', urldecode($param['Signature']));
         $AWSAccessKeyId = urldecode($param['AWSAccessKeyId']);
         $NotificationType = urldecode($param['NotificationType']);
         $NotificationData = stripslashes(urldecode($param['NotificationData']));
         $wpdb->insert($prefix . 'iopn_records', array('uuid' => $uuid, 'timestamp' => $timestamp, 'notification_type' => $NotificationType));
         $iopn_record_id = $wpdb->insert_id;
         // Verify that the notification request is valid by verifying the Signature
         $concatenate = $uuid . $timestamp;
         $pwacheckkout = new Pwacheckout();
         $secretKeyID = $pwacheckkout->get_option('secret_key');
         $calculator = new SignatureCalculator();
         $generatedSignature = $calculator->calculateRFC2104HMAC($concatenate, $secretKeyID);
         if ($Signature == $generatedSignature) {
             // Verify the Timestamp
             //$this->time_difference($timestamp) > 15
             if (1) {
                 if ($NotificationType == 'NewOrderNotification') {
                     $new_order = new NewOrderNotification();
                     $new_order->update_order($NotificationData, $iopn_record_id);
                 }
                 if ($NotificationType == 'OrderReadyToShipNotification') {
                     $confirm_order = new OrderReadyToShipNotification();
                     $confirm_order->update_order_status($NotificationData, $iopn_record_id);
                 }
                 if ($NotificationType == 'OrderCancelledNotification') {
                     $cancel_order = new OrderCancelledNotification();
                     $cancel_order->cancel_order($NotificationData, $iopn_record_id);
                 }
             } else {
                 $param['message'] = 'IOPN Notifications : ' . $NotificationType . ' : IOPN function called and with wrong timestamp.';
                 $this->generate_log($param);
                 // Respond to the Request
                 header('HTTP/1.1 403 PERMISSION_DENIED');
             }
         } else {
             $param['message'] = 'IOPN Notifications : ' . $NotificationType . ' : IOPN function called and with wrong signature.';
             $this->generate_log($param);
             // Respond to the Request
             header('HTTP/1.1 403 PERMISSION_DENIED');
         }
     } catch (Exception $e) {
         $param['message'] = 'IOPN Notifications : Caught exception : ' . $e->getMessage() . '.';
         $this->generate_log($param);
     }
 }
Exemplo n.º 2
0
 public function notifications($param)
 {
     $prefix = _DB_PREFIX_;
     try {
         if (isset($param['UUID']) && $param['UUID'] != '') {
             $uuid = urldecode($param['UUID']);
         } else {
             $uuid = '';
         }
         if (isset($param['Timestamp']) && $param['Timestamp'] != '') {
             $timestamp = urldecode($param['Timestamp']);
         } else {
             $timestamp = '';
         }
         if (isset($param['Signature']) && $param['Signature'] != '') {
             $Signature = str_replace(' ', '+', urldecode($param['Signature']));
         } else {
             $Signature = '';
         }
         if (isset($param['AWSAccessKeyId']) && $param['AWSAccessKeyId'] != '') {
             $AWSAccessKeyId = urldecode($param['AWSAccessKeyId']);
         } else {
             $AWSAccessKeyId = '';
         }
         $NotificationType = urldecode($param['NotificationType']);
         $NotificationData = stripslashes(urldecode($param['NotificationData']));
         if ($uuid != '') {
             $sql = 'INSERT into `' . $prefix . 'pwa_iopn_records` (`uuid`,`timestamp`,`notification_type`) VALUES("' . $uuid . '" , "' . $timestamp . '" , "' . $NotificationType . '") ';
             Db::getInstance()->Execute($sql);
             $iopn_record_id = Db::getInstance()->Insert_ID();
         }
         // Verify that the notification request is valid by verifying the Signature
         $concatenate = $uuid . $timestamp;
         $secretKeyID = Configuration::get('PWAPRESTA_PWAPRESTA_SECRET_KEY');
         $calculator = new SignatureCalculator();
         $generatedSignature = $calculator->calculateRFC2104HMAC($concatenate, $secretKeyID);
         if ($Signature != '' && $Signature == $generatedSignature || $Signature == '') {
             // Verify the Timestamp
             //$this->time_difference($timestamp) > 15
             if (1) {
                 if ($NotificationType == 'NewOrderNotification') {
                     $new_order = new NewOrderNotification();
                     $new_order->update_order($NotificationData, $iopn_record_id);
                 }
                 if ($NotificationType == 'OrderReadyToShipNotification') {
                     if ($Signature == '') {
                         $xml = simplexml_load_string($NotificationData);
                         $AmazonOrderID = (string) $xml->ProcessedOrder->AmazonOrderID;
                         $obj = new Pwapresta();
                         if ($obj->pwa_order_exist($AmazonOrderID)) {
                             $confirm_order = new OrderReadyToShipNotification();
                             $confirm_order->update_order_status($NotificationData, $iopn_record_id);
                             header('HTTP/1.1 200 OK');
                         } else {
                             echo 'Sorry! it seems that this order is a fake order.';
                         }
                     } else {
                         $confirm_order = new OrderReadyToShipNotification();
                         $confirm_order->update_order_status($NotificationData, $iopn_record_id);
                         header('HTTP/1.1 200 OK');
                     }
                 }
                 if ($NotificationType == 'OrderCancelledNotification') {
                     $cancel_order = new OrderCancelledNotification();
                     $cancel_order->cancel_order($NotificationData, $iopn_record_id);
                     header('HTTP/1.1 200 OK');
                 }
             } else {
                 $param['message'] = 'IOPN Notifications : ' . $NotificationType . ' : IOPN function called and with wrong timestamp.';
                 $obj = new Pwapresta();
                 $obj->generate_log($param);
                 // Respond to the Request
                 header('HTTP/1.1 403 PERMISSION_DENIED');
             }
         } else {
             $param['message'] = 'IOPN Notifications : ' . $NotificationType . ' : IOPN function called and with wrong signature.';
             $obj = new Pwapresta();
             $obj->generate_log($param);
             // Respond to the Request
             header('HTTP/1.1 403 PERMISSION_DENIED');
         }
     } catch (Exception $e) {
         $param['message'] = 'IOPN Notifications : Caught exception : ' . $e->getMessage() . '.';
         $obj = new Pwapresta();
         $obj->generate_log($param);
     }
 }