/**
* Check XML data, add to log if debugging is enabled
*
* @param Order $objOrder
*
* @return bool
*/
private function validateXML(Order $objOrder)
{
if ($this->getPostValue('ACCOUNTID') != $this->saferpay_accountid) {
\System::log('XML data wrong, possible manipulation (accountId validation failed)! See log files for further details.', __METHOD__, TL_ERROR);
log_message(sprintf('XML data wrong, possible manipulation (accountId validation failed)! XML was: "%s". Order was: "%s"', $this->getPostValue('ACCOUNTID'), $this->saferpay_accountid), 'isotope_saferpay.log');
return false;
} elseif ($this->getPostValue('AMOUNT') != round($objOrder->getTotal() * 100, 0)) {
\System::log('XML data wrong, possible manipulation (amount validation failed)! See log files for further details.', __METHOD__, TL_ERROR);
log_message(sprintf('XML data wrong, possible manipulation (amount validation failed)! XML was: "%s". Order was: "%s"', $this->getPostValue('AMOUNT'), $this->getTotal()), 'isotope_saferpay.log');
return false;
} elseif ($this->getPostValue('CURRENCY') != $objOrder->currency) {
\System::log('XML data wrong, possible manipulation (currency validation failed)! See log files for further details.', __METHOD__, TL_ERROR);
log_message(sprintf('XML data wrong, possible manipulation (currency validation failed)! XML was: "%s". Order was: "%s"', $this->getPostValue('CURRENCY'), $this->currency), 'isotope_saferpay.log');
return false;
}
return true;
}
/**
* Prepare PSP params
*
* @param Order $objOrder
* @param \Isotope\Module\Checkout $objModule
*
* @return array
*/
protected function preparePSPParams($objOrder, $objModule)
{
$objBillingAddress = $objOrder->getBillingAddress();
return array('PSPID' => $this->psp_pspid, 'ORDERID' => $objOrder->id, 'AMOUNT' => round($objOrder->getTotal() * 100), 'CURRENCY' => $objOrder->currency, 'LANGUAGE' => $GLOBALS['TL_LANGUAGE'] . '_' . strtoupper($GLOBALS['TL_LANGUAGE']), 'CN' => $objBillingAddress->firstname . ' ' . $objBillingAddress->lastname, 'EMAIL' => $objBillingAddress->email, 'OWNERZIP' => $objBillingAddress->postal, 'OWNERADDRESS' => $objBillingAddress->street_1, 'OWNERADDRESS2' => $objBillingAddress->street_2, 'OWNERCTY' => strtoupper($objBillingAddress->country), 'OWNERTOWN' => $objBillingAddress->city, 'OWNERTELNO' => $objBillingAddress->phone, 'ACCEPTURL' => \Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder), 'DECLINEURL' => \Environment::get('base') . $objModule->generateUrlForStep('failed'), 'BACKURL' => \Environment::get('base') . $objModule->generateUrlForStep('review'), 'PARAMPLUS' => 'mod=pay&id=' . $this->id, 'TP' => $this->psp_dynamic_template ?: '');
}
