/**
  * parse_gateway_notification method, receives data from the payment gateway
  * @access private
  */
 function parse_gateway_notification()
 {
     /// PayPal first expects the IPN variables to be returned to it within 30 seconds, so we do this first.
     if ('sandbox' == get_option('paypal_certified_server_type')) {
         $paypal_url = "https://www.sandbox.paypal.com/webscr";
     } else {
         $API_Endpoint = "https://api-3t.paypal.com/nvp";
         $paypal_url = "https://www.paypal.com/cgi-bin/webscr";
     }
     $received_values = array();
     $received_values['cmd'] = '_notify-validate';
     $received_values += stripslashes_deep($_POST);
     $options = array('timeout' => 5, 'body' => $received_values, 'user-agent' => 'WP e-Commerce/' . WPSC_PRESENTABLE_VERSION);
     $response = wp_remote_post($paypal_url, $options);
     do_action('wpsc_paypal_express_ipn', $received_values, $this);
     if ('VERIFIED' == $response['body']) {
         $this->paypal_ipn_values = $received_values;
         $this->session_id = $received_values['invoice'];
         if (strtolower($received_values['payment_status']) == 'completed') {
             $this->set_purchase_processed_by_sessionid(3);
             transaction_results($this->session_id, false);
         } elseif (strtolower($received_values['payment_status']) == 'denied') {
             $this->set_purchase_processed_by_sessionid(6);
         }
     } else {
         exit("IPN Request Failure");
     }
 }
/**
 * WP eCommerce Admin AJAX functions
 *
 * These are the WPSC Admin AJAX functions
 *
 * @package wp-e-commerce
 * @since 3.7
 *
 * @uses update_option()                              Updates option in the database given key and value
 * @uses wp_delete_term()                             Removes term from the database
 * @uses fetch_rss()                                  DEPRECATED
 * @uses wpsc_member_dedeactivate_subscriptions()     @todo docs
 * @uses wpsc_member_deactivate_subscriptions()       @todo docs
 * @uses wpsc_update_purchase_log_status()            Updates the status of the logs for a purchase
 * @uses transaction_results()                        Main function for creating purchase reports
 * @uses wpsc_find_purchlog_status_name()             Finds name of given status
 */
function wpsc_admin_ajax()
{
    if (!wpsc_is_store_admin()) {
        return;
    }
    global $wpdb;
    if (isset($_POST['action']) && $_POST['action'] == 'product-page-order') {
        $current_order = get_option('wpsc_product_page_order');
        $new_order = $_POST['order'];
        if (isset($new_order["advanced"])) {
            $current_order["advanced"] = array_unique(explode(',', $new_order["advanced"]));
        }
        if (isset($new_order["side"])) {
            $current_order["side"] = array_unique(explode(',', $new_order["side"]));
        }
        update_option('wpsc_product_page_order', $current_order);
        exit(print_r($order, 1));
    }
    if (isset($_POST['save_image_upload_state']) && $_POST['save_image_upload_state'] == 'true' && is_numeric($_POST['image_upload_state'])) {
        $upload_state = (int) (bool) $_POST['image_upload_state'];
        update_option('wpsc_use_flash_uploader', $upload_state);
        exit("done");
    }
    if (isset($_POST['remove_variation_value']) && $_POST['remove_variation_value'] == "true" && is_numeric($_POST['variation_value_id'])) {
        $value_id = absint($_GET['variation_value_id']);
        echo wp_delete_term($value_id, 'wpsc-variation');
        exit;
    }
    if (isset($_REQUEST['log_state']) && $_REQUEST['log_state'] == "true" && is_numeric($_POST['id']) && is_numeric($_POST['value'])) {
        $newvalue = $_POST['value'];
        if ($_REQUEST['suspend'] == 'true') {
            if ($_REQUEST['value'] == 1 && function_exists('wpsc_member_dedeactivate_subscriptions')) {
                wpsc_member_dedeactivate_subscriptions($_POST['id']);
            } elseif (function_exists('wpsc_member_deactivate_subscriptions')) {
                wpsc_member_deactivate_subscriptions($_POST['id']);
            }
            exit;
        } else {
            $log_data = $wpdb->get_row($wpdb->prepare("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id` = '%d' LIMIT 1", $_POST['id']), ARRAY_A);
            if ($newvalue == 2 && function_exists('wpsc_member_activate_subscriptions')) {
                wpsc_member_activate_subscriptions($_POST['id']);
            }
            wpsc_update_purchase_log_status($_POST['id'], $newvalue);
            if ($newvalue > $log_data['processed'] && $log_data['processed'] < 2) {
                transaction_results($log_data['sessionid'], false);
            }
            $status_name = wpsc_find_purchlog_status_name($purchase['processed']);
            echo "document.getElementById(\"form_group_" . absint($_POST['id']) . "_text\").innerHTML = '" . $status_name . "';\n";
            $year = date("Y");
            $month = date("m");
            $start_timestamp = mktime(0, 0, 0, $month, 1, $year);
            $end_timestamp = mktime(0, 0, 0, $month + 1, 0, $year);
            echo "document.getElementById(\"log_total_month\").innerHTML = '" . addslashes(wpsc_currency_display(admin_display_total_price($start_timestamp, $end_timestamp))) . "';\n";
            echo "document.getElementById(\"log_total_absolute\").innerHTML = '" . addslashes(wpsc_currency_display(admin_display_total_price())) . "';\n";
            exit;
        }
    }
}
/**
 * WP eCommerce transaction results class
 *
 * This class is responsible for theming the transaction results page.
 *
 * @package wp-e-commerce
 * @since 3.8
 */
function wpsc_transaction_theme()
{
    global $wpdb, $user_ID, $nzshpcrt_gateways, $sessionid, $cart_log_id, $errorcode;
    $errorcode = '';
    $transactid = '';
    $dont_show_transaction_results = false;
    if (isset($_GET['sessionid'])) {
        $sessionid = $_GET['sessionid'];
    }
    if (!isset($_GET['sessionid']) && isset($_GET['ms'])) {
        $sessionid = $_GET['ms'];
    }
    if (isset($_GET['gateway']) && 'google' == $_GET['gateway']) {
        wpsc_google_checkout_submit();
        unset($_SESSION['wpsc_sessionid']);
    }
    if ('paypal_certified' == $_SESSION['wpsc_previous_selected_gateway']) {
        $sessionid = $_SESSION['paypalexpresssessionid'];
    }
    if (isset($_REQUEST['eway']) && '1' == $_REQUEST['eway']) {
        $sessionid = $_GET['result'];
    } elseif (isset($_REQUEST['eway']) && '0' == $_REQUEST['eway']) {
        echo $_SESSION['eway_message'];
    } elseif (isset($_REQUEST['payflow']) && '1' == $_REQUEST['payflow']) {
        echo $_SESSION['payflow_message'];
        $_SESSION['payflow_message'] = '';
    }
    // Replaces the ugly if else for gateways
    switch ($_SESSION['wpsc_previous_selected_gateway']) {
        case 'paypal_certified':
        case 'wpsc_merchant_paypal_express':
            echo $_SESSION['paypalExpressMessage'];
            if (isset($_SESSION['reshash']['TRANSACTIONTYPE']) && 'expresscheckout' == $_SESSION['reshash']['TRANSACTIONTYPE']) {
                $dont_show_transaction_results = false;
            } else {
                $dont_show_transaction_results = true;
            }
            break;
        case 'dps':
            $sessionid = decrypt_dps_response();
            break;
    }
    if (!$dont_show_transaction_results) {
        if (!empty($sessionid)) {
            $cart_log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1");
            return transaction_results($sessionid, true);
        } else {
            printf(__('Sorry your transaction was not accepted.<br /><a href="%1$s">Click here to go back to checkout page</a>.', 'wpsc'), get_option("shopping_cart_url"));
        }
    }
}
Пример #4
0
 function submit()
 {
     global $wpdb, $purchase_log, $wpsc_cart;
     $sessionid = $this->cart_data['session_id'];
     $options = get_option('wpcb_options');
     // Trouver la page où le shortcode [wpcb] se situe. Bug si plusieurs fois le shortcode [wpcb], à résoudre todo
     $wpcb_checkout_page = $wpdb->get_row("SELECT ID FROM {$wpdb->posts} WHERE `post_content` LIKE '%[wpcb]%' AND `post_status`='publish'");
     if (array_key_exists('test', $options) && $options['test']) {
         // Mode test, on considère que la CB a été acceptée automatiquement.
         // Affiche la page de la fin de transaction et on met à jour la base de donnée avec un vente réussie
         $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid);
         // redirection is inside transaction result :
         transaction_results($sessionid, false);
     } else {
         // Affiche les icônes des cartes bancaires :
         $action = 'CB';
         // On va vers la page ou se trouve le shortcode
         wp_redirect(site_url('?p=' . $wpcb_checkout_page->ID . '&sessionid=' . $sessionid . '&action=' . $action));
     }
     exit;
 }
 public function callback_ipn()
 {
     $ipn = new PHP_Merchant_Paypal_IPN(false, (bool) $this->setting->get('sandbox_mode', false));
     if ($ipn->is_verified()) {
         $sessionid = $ipn->get('invoice');
         $this->set_purchase_log_for_callbacks($sessionid);
         if ($ipn->is_payment_denied()) {
             $this->purchase_log->set('processed', WPSC_Purchase_Log::PAYMENT_DECLINED);
         } elseif ($ipn->is_payment_refunded()) {
             $this->purchase_log->set('processed', WPSC_Purchase_Log::REFUNDED);
         } elseif ($ipn->is_payment_completed()) {
             $this->purchase_log->set('processed', WPSC_Purchase_Log::ACCEPTED_PAYMENT);
         } elseif ($ipn->is_payment_pending()) {
             if ($ipn->is_payment_refund_pending()) {
                 $this->purchase_log->set('processed', WPSC_Purchase_Log::REFUND_PENDING);
             } else {
                 $this->purchase_log->set('processed', WPSC_Purchase_Log::ORDER_RECEIVED);
             }
         }
         $this->purchase_log->save();
         transaction_results($sessionid, false);
     }
     exit;
 }
function nzshpcrt_paypal_ipn()
{
    global $wpdb;
    // needs to execute on page start
    // look at page 36
    //exit(WPSC_GATEWAY_DEBUG );
    if ($_GET['ipn_request'] == 'true' && get_option('paypal_ipn') == 1) {
        // read the post from PayPal system and add 'cmd'
        $fields = 'cmd=_notify-validate';
        $message = "";
        foreach ($_POST as $key => $value) {
            $value = urlencode(stripslashes($value));
            $fields .= "&{$key}={$value}";
        }
        // post back to PayPal system to validate
        $results = '';
        if (function_exists('curl_init')) {
            $ch = curl_init();
            curl_setopt($ch, CURLOPT_URL, get_option('paypal_multiple_url'));
            curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
            curl_setopt($ch, CURLOPT_NOPROGRESS, 1);
            curl_setopt($ch, CURLOPT_VERBOSE, 1);
            curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
            curl_setopt($ch, CURLOPT_TIMEOUT, 120);
            curl_setopt($ch, CURLOPT_USERAGENT, "WP e-Commerce " . WPSC_PRESENTABLE_VERSION);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
            $results = curl_exec($ch);
            curl_close($ch);
        } else {
            $replace_strings[0] = 'http://';
            $replace_strings[1] = 'https://';
            $replace_strings[2] = '/cgi-bin/webscr';
            $paypal_url = str_replace($replace_strings, "", get_option('paypal_multiple_url'));
            $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
            $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
            $header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
            $fp = fsockopen($paypal_url, 80, $errno, $errstr, 30);
            if ($fp) {
                fputs($fp, $header . $fields);
                while (!feof($fp)) {
                    $res = fgets($fp, 1024);
                    $results .= $fields;
                }
                fclose($fp);
            }
        }
        // assign posted variables to local variables
        $sessionid = $_POST['invoice'];
        $transaction_id = $_POST['txn_id'];
        $verification_data['item_name'] = $_POST['item_name'];
        $verification_data['item_number'] = $_POST['item_number'];
        $verification_data['payment_status'] = $_POST['payment_status'];
        $verification_data['payment_amount'] = $_POST['mc_gross'];
        $verification_data['payment_currency'] = $_POST['mc_currency'];
        $verification_data['txn_id'] = $_POST['txn_id'];
        $verification_data['receiver_email'] = $_POST['receiver_email'];
        $verification_data['payer_email'] = $_POST['payer_email'];
        if (strcmp($results, "VERIFIED") == 0) {
            switch ($verification_data['payment_status']) {
                case 'Processed':
                    // I think this is mostly equivalent to Completed
                // I think this is mostly equivalent to Completed
                case 'Completed':
                    $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '2' WHERE `sessionid` = " . $sessionid . " LIMIT 1");
                    transaction_results($sessionid, false, $transaction_id);
                    break;
                case 'Failed':
                    // if it fails, delete it
                    $log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`='{$sessionid}' LIMIT 1");
                    $delete_log_form_sql = "SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'";
                    $cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
                    foreach ((array) $cart_content as $cart_item) {
                        $cart_item_variations = $wpdb->query("DELETE FROM `" . WPSC_TABLE_CART_ITEM_VARIATIONS . "` WHERE `cart_id` = '" . $cart_item['id'] . "'", ARRAY_A);
                    }
                    $wpdb->query("DELETE FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'");
                    $wpdb->query("DELETE FROM `" . WPSC_TABLE_SUBMITED_FORM_DATA . "` WHERE `log_id` IN ('{$log_id}')");
                    $wpdb->query("DELETE FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id`='{$log_id}' LIMIT 1");
                    break;
                case 'Pending':
                    // need to wait for "Completed" before processing
                    $sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `transactid` = '" . $transaction_id . "', `date` = '" . time() . "'  WHERE `sessionid` = " . $sessionid . " LIMIT 1";
                    $wpdb->query($sql);
                    break;
                default:
                    // if nothing, do nothing, safest course of action here.
                    break;
            }
        } else {
            if (strcmp($results, "INVALID") == 0) {
                // Its already logged, not much need to do more
            }
        }
        /*
         * Detect use of sandbox mode, if sandbox mode is present, send debugging email.
         */
        if (stristr(get_option('paypal_multiple_url'), "sandbox") || (defined('WPSC_ADD_DEBUG_PAGE') and WPSC_ADD_DEBUG_PAGE == true)) {
            $message = "This is a debugging message sent because it appears that you are using sandbox mode.\n\rIt is only sent if the paypal URL contains the word \"sandbox\"\n\r\n\r";
            $message .= "RESULTS:\n\r" . print_r($results, true) . "\n\r\n\r";
            $message .= "OUR_POST:\n\r" . print_r($header . $req, true) . "\n\r\n\r";
            $message .= "THEIR_POST:\n\r" . print_r($_POST, true) . "\n\r\n\r";
            $message .= "GET:\n\r" . print_r($_GET, true) . "\n\r\n\r";
            $message .= "SERVER:\n\r" . print_r($_SERVER, true) . "\n\r\n\r";
            //$wpdb->query("INSERT INTO `paypal_log` ( `id` , `text` , `date` ) VALUES ( '', '$message', NOW( ) );");
            mail(get_option('purch_log_email'), "IPN Data", $message);
        }
        exit;
    }
}
Пример #7
0
/*
 * this updates the processing status of an item
 */
if (is_numeric($_GET['id']) && is_numeric($_GET['value'])) {
    $max_stage = $wpdb->get_var("SELECT MAX(*) AS `max` FROM `" . $wpdb->prefix . "purchase_statuses` WHERE `active`='1'");
    if (is_numeric($_GET['value']) && $_GET['value'] <= $max_stage) {
        $newvalue = $_GET['value'];
    } else {
        $newvalue = 1;
    }
    $log_data = $wpdb->get_row("SELECT * FROM `" . $wpdb->prefix . "purchase_logs` WHERE `id` = '" . $_GET['id'] . "' LIMIT 1");
    $update_sql = "UPDATE `" . $wpdb->prefix . "purchase_logs` SET `processed` = '" . $newvalue . "' WHERE `id` = '" . $_GET['id'] . "' LIMIT 1";
    $wpdb->query($update_sql);
    if ($newvalue > $log_data['processed'] && $log_data['processed'] <= 1) {
        transaction_results($log_data['sessionid'], false);
    }
}
if (is_numeric($_GET['deleteid'])) {
    $delete_id = $_GET['deleteid'];
    $delete_log_form_sql = "SELECT * FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$delete_id}'";
    $cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
    foreach ((array) $cart_content as $cart_item) {
        $cart_item_variations = $wpdb->query("DELETE FROM `" . $wpdb->prefix . "cart_item_variations` WHERE `cart_id` = '" . $cart_item['id'] . "'", ARRAY_A);
    }
    $wpdb->query("DELETE FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$delete_id}'");
    $wpdb->query("DELETE FROM `" . $wpdb->prefix . "submited_form_data` WHERE `log_id` IN ('{$delete_id}')");
    $wpdb->query("DELETE FROM `" . $wpdb->prefix . "purchase_logs` WHERE `id`='{$delete_id}' LIMIT 1");
    echo '<div id="message" class="updated fade"><p>' . TXT_WPSC_THANKS_DELETED . '</p></div>';
}
if (isset($_GET['clear_locks']) && $_GET['clear_locks'] == 'true' && is_numeric($_GET['purchaseid'])) {
Пример #8
0
function wpsc_transaction_theme()
{
    global $wpdb, $user_ID, $nzshpcrt_gateways, $sessionid, $cart_log_id, $errorcode;
    $errorcode = '';
    $transactid = '';
    $dont_show_transaction_results = false;
    if (isset($_GET['sessionid'])) {
        $sessionid = $_GET['sessionid'];
    }
    if (!isset($_GET['sessionid']) && isset($_GET['ms'])) {
        $sessionid = $_GET['ms'];
    }
    $selected_gateway = wpsc_get_customer_meta('selected_gateway');
    if ($selected_gateway && in_array($selected_gateway, array('paypal_certified', 'wpsc_merchant_paypal_express'))) {
        $sessionid = wpsc_get_customer_meta('paypal_express_sessionid');
    }
    if (isset($_REQUEST['eway']) && '1' == $_REQUEST['eway']) {
        $sessionid = $_GET['result'];
    } elseif (isset($_REQUEST['eway']) && '0' == $_REQUEST['eway']) {
        echo wpsc_get_customer_meta('eway_message');
    } elseif (isset($_REQUEST['payflow']) && '1' == $_REQUEST['payflow']) {
        echo wpsc_get_customer_meta('payflow_message');
        wpsc_delete_customer_meta('payflow_message');
    }
    $dont_show_transaction_results = false;
    if ($selected_gateway) {
        // Replaces the ugly if else for gateways
        switch ($selected_gateway) {
            case 'paypal_certified':
            case 'wpsc_merchant_paypal_express':
                echo wpsc_get_customer_meta('paypal_express_message');
                $reshash = wpsc_get_customer_meta('paypal_express_reshash');
                if (isset($reshash['PAYMENTINFO_0_TRANSACTIONTYPE']) && in_array($reshash['PAYMENTINFO_0_TRANSACTIONTYPE'], array('expresscheckout', 'cart'))) {
                    $dont_show_transaction_results = false;
                } else {
                    $dont_show_transaction_results = true;
                }
                break;
            case 'dps':
                $sessionid = decrypt_dps_response();
                break;
                //paystation was not updating the purchase logs for successful payment - this is ugly as need to have the databse update done in one place by all gatways on a sucsessful transaction hook not some within the gateway and some within here and some not at all??? This is getting a major overhaul but for here and now it just needs to work for the gold cart people!
            //paystation was not updating the purchase logs for successful payment - this is ugly as need to have the databse update done in one place by all gatways on a sucsessful transaction hook not some within the gateway and some within here and some not at all??? This is getting a major overhaul but for here and now it just needs to work for the gold cart people!
            case 'paystation':
                $ec = $_GET['ec'];
                $result = $_GET['em'];
                if ($result == 'Transaction successful' && $ec == 0) {
                    $processed_id = '3';
                }
                if ($result == 'Insufficient Funds' && $ec == 5) {
                    $processed_id = '6';
                }
                if ($processed_id) {
                    wpsc_update_purchase_log_status($sessionid, $processed_id, 'sessionid');
                }
                break;
            case 'wpsc_merchant_paymentexpress':
                // Payment Express sends back there own session id, which is temporarily stored in the Auth field
                // so just swapping that over here
                $query = "SELECT `sessionid` FROM  `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE  `authcode` ='" . $sessionid . "'";
                $result = $wpdb->get_var($query);
                if ($result != null) {
                    // just in case they are using an older version old gold cart (pre 2.9.5)
                    $sessionid = $result;
                    $dont_show_transaction_results = true;
                }
                break;
            case 'eway_hosted':
                $sessionid = decrypt_eway_uk_response();
                break;
                //default filter for other payment gateways to use
            //default filter for other payment gateways to use
            default:
                $sessionid = apply_filters('wpsc_previous_selected_gateway_' . $selected_gateway, $sessionid);
                break;
        }
    }
    if (!$dont_show_transaction_results) {
        if (!empty($sessionid)) {
            $cart_log_id = $wpdb->get_var($wpdb->prepare("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= %s LIMIT 1", $sessionid));
            echo transaction_results($sessionid, true);
        } else {
            printf(__('Sorry your transaction was not accepted.<br /><a href="%1$s">Click here to go back to checkout page</a>.', 'wp-e-commerce'), wpsc_get_checkout_url());
        }
    }
}
Пример #9
0
/**
	* submit checkout function, used through ajax and in normal page loading.
	* No parameters, returns nothing
*/
function wpsc_submit_checkout()
{
    global $wpdb, $wpsc_cart, $user_ID, $nzshpcrt_gateways, $wpsc_shipping_modules;
    $_SESSION['wpsc_checkout_misc_error_messages'] = array();
    $wpsc_checkout = new wpsc_checkout();
    //exit('coupons:'.$wpsc_cart->coupons_name);
    $selected_gateways = get_option('custom_gateway_options');
    $submitted_gateway = $_POST['custom_gateway'];
    $options = get_option('custom_shipping_options');
    $form_validity = $wpsc_checkout->validate_forms();
    //exit('<pre>'.print_r($_POST, true).'</pre>');
    //	exit('2<pre>'.print_r($_SESSION['wpsc_zipcode'], true).'</pre>');
    extract($form_validity);
    // extracts $is_valid and $error_messages
    //	exit('<pre>'.print_r($results, true).'</pre>');
    if (get_option('do_not_use_shipping') == 0 && ($wpsc_cart->selected_shipping_method == null || $wpsc_cart->selected_shipping_option == null)) {
        $_SESSION['wpsc_checkout_misc_error_messages'][] = TXT_WPSC_PLEASEASELECTSHIPPINGMETHOD;
        $is_valid = false;
    }
    if ($_POST['agree'] != 'yes') {
        $_SESSION['wpsc_checkout_misc_error_messages'][] = TXT_WPSC_PLEASEAGREETERMSANDCONDITIONS;
        $is_valid = false;
    }
    //exit('<pre>'.print_r($_POST, true).'</pre>');
    $selectedCountry = $wpdb->get_results("SELECT id, country FROM `" . WPSC_TABLE_CURRENCY_LIST . "` WHERE isocode='" . $wpdb->escape($_SESSION['wpsc_delivery_country']) . "'", ARRAY_A);
    //  exit('valid >'.$is_valid.'\r\n'.$_SESSION['wpsc_delivery_country']);
    foreach ($wpsc_cart->cart_items as $cartitem) {
        //	exit('<pre>'.print_r($cartitem, true).'</pre>');
        $categoriesIDs = $wpdb->get_col("SELECT category_id FROM `" . WPSC_TABLE_ITEM_CATEGORY_ASSOC . "` WHERE product_id=" . $cartitem->product_id);
        foreach ((array) $categoriesIDs as $catid) {
            if (is_array($catid)) {
                $sql = "SELECT `countryid` FROM `" . WPSC_TABLE_CATEGORY_TM . "` WHERE `visible`=0 AND `categoryid`=" . $catid[0];
            } else {
                $sql = "SELECT `countryid` FROM `" . WPSC_TABLE_CATEGORY_TM . "` WHERE `visible`=0 AND `categoryid`=" . $catid;
            }
            $countries = $wpdb->get_col($sql);
            if (in_array($selectedCountry[0]['id'], (array) $countries)) {
                $errormessage = sprintf(TXT_WPSC_CATEGORY_TARGETMARKET, $cartitem->product_name, $selectedCountry[0]['country']);
                $_SESSION['categoryAndShippingCountryConflict'] = $errormessage;
                $is_valid = false;
            }
        }
        //count number of items, and number of items using shipping
        $num_items++;
        if ($cartitem->uses_shipping != 1) {
            $disregard_shipping++;
        } else {
            $use_shipping++;
        }
    }
    // exit('valid >'.$is_valid);
    if (array_search($submitted_gateway, $selected_gateways) !== false) {
        $_SESSION['wpsc_previous_selected_gateway'] = $submitted_gateway;
    } else {
        $is_valid = false;
    }
    if (get_option('do_not_use_shipping') != 1 && in_array('ups', (array) $options) && $_SESSION['wpsc_zipcode'] == '') {
        //exit('Not being called');
        if ($num_items != $disregard_shipping) {
            //<-- new line of code
            $_SESSION['categoryAndShippingCountryConflict'] = __('Please enter a Zipcode and click calculate to proceed');
            $is_valid = false;
        }
    }
    if ($is_valid == true || $_GET['gateway'] == 'noca') {
        $_SESSION['categoryAndShippingCountryConflict'] = '';
        // check that the submitted gateway is in the list of selected ones
        $sessionid = mt_rand(100, 999) . time();
        $_SESSION['wpsc_sessionid'] = $sessionid;
        $subtotal = $wpsc_cart->calculate_subtotal();
        if ($wpsc_cart->has_total_shipping_discount() == false) {
            $base_shipping = $wpsc_cart->calculate_base_shipping();
        } else {
            $base_shipping = 0;
        }
        if (isset($_POST['how_find_us'])) {
            $find_us = $_POST['how_find_us'];
        } else {
            $find_us = '';
        }
        $tax = $wpsc_cart->calculate_total_tax();
        $total = $wpsc_cart->calculate_total_price();
        $sql = "INSERT INTO `" . WPSC_TABLE_PURCHASE_LOGS . "` (`totalprice`,`statusno`, `sessionid`, `user_ID`, `date`, `gateway`, `billing_country`,`shipping_country`, `billing_region`, `shipping_region`, `base_shipping`,`shipping_method`, `shipping_option`, `plugin_version`, `discount_value`, `discount_data`,`find_us`) VALUES ('{$total}' ,'0', '{$sessionid}', '" . (int) $user_ID . "', UNIX_TIMESTAMP(), '{$submitted_gateway}', '{$wpsc_cart->delivery_country}', '{$wpsc_cart->selected_country}','{$wpsc_cart->selected_region}', '{$wpsc_cart->delivery_region}', '{$base_shipping}', '{$wpsc_cart->selected_shipping_method}', '{$wpsc_cart->selected_shipping_option}', '" . WPSC_VERSION . "', '{$wpsc_cart->coupons_amount}','{$wpsc_cart->coupons_name}', '{$find_us}')";
        //exit($sql);
        $wpdb->query($sql);
        $purchase_log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid` IN('{$sessionid}') LIMIT 1");
        //exit('PurchLog id'.$purchase_log_id);
        $wpsc_checkout->save_forms_to_db($purchase_log_id);
        $wpsc_cart->save_to_db($purchase_log_id);
        $wpsc_cart->submit_stock_claims($purchase_log_id);
        if (get_option('wpsc_also_bought') == 1) {
            wpsc_populate_also_bought_list();
        }
        do_action('wpsc_submit_checkout', array("purchase_log_id" => $purchase_log_id, "our_user_id" => $our_user_id));
        if (get_option('permalink_structure') != '') {
            $seperator = "?";
        } else {
            $seperator = "&";
        }
        // submit to gateway
        foreach ($nzshpcrt_gateways as $gateway) {
            if ($gateway['internalname'] == $submitted_gateway && $gateway['internalname'] != 'google') {
                $gateway_used = $gateway['internalname'];
                $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `gateway` = '" . $gateway_used . "' WHERE `id` = '" . $log_id . "' LIMIT 1 ;");
                $gateway['function']($seperator, $sessionid);
                break;
            } elseif ($gateway['internalname'] == 'google' && $gateway['internalname'] == $submitted_gateway) {
                $gateway_used = $gateway['internalname'];
                $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `gateway` = '" . $gateway_used . "' WHERE `id` = '" . $log_id . "' LIMIT 1 ;");
                $_SESSION['gateway'] = 'google';
                header('Location: ' . get_option('shopping_cart_url'));
                break;
            }
        }
        if (isset($_GET['gateway']) && $_GET['gateway'] == 'noca') {
            //exit('HERE2');
            echo transaction_results($sessionid, true);
        } else {
            //exit('HERE');
        }
    } else {
    }
}
Пример #10
0
function gateway_eway($seperator, $sessionid)
{
    global $wpdb, $wpsc_cart;
    $purchase_log_sql = "SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= '" . $sessionid . "' LIMIT 1";
    $purchase_log = $wpdb->get_results($purchase_log_sql, ARRAY_A);
    $purchase_log = $purchase_log[0];
    $cart_sql = "SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='" . $purchase_log['id'] . "'";
    $cart = $wpdb->get_results($cart_sql, ARRAY_A);
    $member_subtype = get_product_meta($cart[0]['prodid'], 'is_permenant', true);
    $member_shiptype = get_product_meta($cart[0]['prodid'], 'membership_length', true);
    $member_shiptype = $member_shiptype[0];
    $status = get_product_meta($cart[0]['prodid'], 'is_membership', true);
    $is_member = $status;
    $is_perm = $member_subtype;
    if ($_POST['collected_data'][get_option('eway_form_first_name')] != '') {
        $data['first_name'] = esc_attr($_POST['collected_data'][get_option('eway_form_first_name')]);
    }
    if ($_POST['collected_data'][get_option('eway_form_last_name')] != '') {
        $data['last_name'] = esc_attr($_POST['collected_data'][get_option('eway_form_last_name')]);
    }
    if ($_POST['collected_data'][get_option('eway_form_address')] != '') {
        $address_rows = explode("\n\r", $_POST['collected_data'][get_option('eway_form_address')]);
        $data['address1'] = esc_attr(str_replace(array("\n", "\r"), '', $address_rows[0]));
        unset($address_rows[0]);
        if ($address_rows != null) {
            $data['address2'] = implode(", ", $address_rows);
        } else {
            $data['address2'] = '';
        }
    }
    //exit('<pre>'.print_r($wpsc_cart, true).'</pre>');
    foreach ($wpsc_cart->cart_items as $item) {
        $itemsName .= $item->product_name . ', ';
        //exit('<pre>'.print_r($item,true).'</pre>');
    }
    if ($_POST['collected_data'][get_option('eway_form_city')] != '') {
        $data['city'] = esc_attr($_POST['collected_data'][get_option('eway_form_city')]);
    }
    if (empty($_POST['collected_data'][get_option('eway_form_state')]) && isset($_POST['collected_data'][get_option('eway_form_country')][1]) && !empty($_POST['collected_data'][get_option('eway_form_country')][1])) {
        $data['state'] = $_POST['collected_data'][get_option('eway_form_country')][1];
    } elseif (!empty($_POST['collected_data'][get_option('eway_form_state')])) {
        $data['state'] = $_POST['collected_data'][get_option('eway_form_state')];
    }
    if ($_POST['collected_data'][get_option('eway_form_country')] != '') {
        $data['country'] = $_POST['collected_data'][get_option('eway_form_country')][0];
    }
    if (is_numeric($_POST['collected_data'][get_option('eway_form_post_code')])) {
        $data['zip'] = esc_attr($_POST['collected_data'][get_option('eway_form_post_code')]);
    }
    if ($_POST['collected_data'][get_option('eway_form_email')]) {
        $data['email'] = $_POST['collected_data'][get_option('eway_form_email')];
    }
    if ($_POST['collected_data'][get_option('email_form_field')] != null && $data['email'] == null) {
        $data['email'] = esc_attr($_POST['collected_data'][get_option('email_form_field')]);
    }
    // Live or Test Server?
    if (get_option('eway_test')) {
        $user = '******';
        $gateway = false;
    } else {
        $user = get_option('ewayCustomerID_id');
        $gateway = true;
    }
    if ($is_member[0]) {
        require_once WPSC_GOLD_FILE_PATH . '/ewaylib/GatewayConnector.php';
        $objRebill = new RebillPayment();
        $objRebill->CustomerRef($purchase_log['id']);
        $objRebill->CustomerTitle('');
        $objRebill->CustomerFirstName($data['first_name']);
        $objRebill->CustomerLastName($data['last_name']);
        $objRebill->CustomerCompany('');
        $objRebill->CustomerJobDesc('');
        $objRebill->CustomerEmail($data['email']);
        $objRebill->CustomerAddress($data['address1']);
        $objRebill->CustomerSuburb('');
        $objRebill->CustomerState($data['state']);
        $objRebill->CustomerPostCode($data['zip']);
        $objRebill->CustomerCountry($data['country']);
        $objRebill->CustomerPhone1($data['phone']);
        $objRebill->CustomerPhone2('');
        $objRebill->CustomerFax('');
        $objRebill->CustomerURL('');
        $objRebill->CustomerComments('');
        $objRebill->RebillInvRef('');
        $objRebill->RebillInvDesc('');
        $objRebill->RebillCCname($data['first_name'] . " " . $data['last_name']);
        $objRebill->RebillCCNumber($_POST['card_number']);
        $objRebill->RebillInitAmt($purchase_log['totalprice']);
        $objRebill->RebillInitDate(date('d/m/Y'));
        $objRebill->RebillRecurAmt($purchase_log['totalprice']);
        $objRebill->RebillStartDate(date('d/m/Y'));
        $objRebill->RebillEndDate(date("d/m/Y", mktime(0, 0, 0, date('m'), date('d'), (int) date('Y') + 1)));
        $objRebill->RebillCCExpMonth($_POST['expiry']['month']);
        $objRebill->RebillCCExpYear($_POST['expiry']['year']);
        $objRebill->RebillInterval($member_shiptype['length']);
        switch ($member_shiptype['unit']) {
            case 'd':
                $member_ship_unit = '1';
                break;
            case 'w':
                $member_ship_unit = '2';
                break;
            case 'm':
                $member_ship_unit = '3';
                break;
            case 'y':
                $member_ship_unit = '4';
                break;
        }
        $objRebill->RebillIntervalType($member_ship_unit);
        $objRebill->eWAYCustomerID($user);
        $objConnector = new GatewayConnector($gateway);
        if ($objConnector->ProcessRequest($objRebill)) {
            $objResponse = $objConnector->Response();
            if ($objResponse != null) {
                $lblResult = $objResponse->Result();
                if ($lblResult == 'Success') {
                    wpsc_member_activate_subscriptions($purchase_log['id']);
                    $_SESSION['nzshpcrt_cart'] = '';
                    $_SESSION['nzshpcrt_cart'] = array();
                    header("Location:" . get_option('product_list_url'));
                }
                $lblErrorDescription = $objResponse->ErrorDetails();
                $lblErrorSeverity = $objResponse->ErrorSeverity();
                // This is woefully inadequate!!!
                exit('An Error has occured >' . $lblResult . " " . $lblErrorDescription . " " . $lblErrorSeverity);
            }
        } else {
            exit("Rebill Gateway failed: " . $objConnector->Response());
        }
    } else {
        require WPSC_GOLD_FILE_PATH . '/merchants/ewaylib/EwayPaymentLive.php';
        //echo WPSC_GOLD_FILE_PATH.'/ewaylib/EwayPaymentLive.php';
        if (get_option('eway_cvn')) {
            $method = 'REAL_TIME_CVN';
        } else {
            $method = 'REAL_TIME';
        }
        $eway = new EwayPaymentLive($user, $method, $gateway);
        $amount = number_format($purchase_log['totalprice'], 2, '.', '') * 100;
        $eway->setTransactionData("TotalAmount", $amount);
        //mandatory field
        $eway->setTransactionData("CustomerFirstName", $data['first_name']);
        $eway->setTransactionData("CustomerLastName", $data['last_name']);
        $eway->setTransactionData("CustomerEmail", $data['email']);
        $eway->setTransactionData("CustomerAddress", $data['address1'] . ' ' . $data['state']);
        $eway->setTransactionData("CustomerPostcode", $data['zip']);
        $eway->setTransactionData("CustomerInvoiceDescription", $itemsName);
        $eway->setTransactionData("CustomerInvoiceRef", $purchase_log['id']);
        $eway->setTransactionData("CardHoldersName", $data['first_name'] . ' ' . $data['last_name']);
        //mandatory field
        $eway->setTransactionData("CardNumber", $_POST['card_number']);
        //mandatory field
        $eway->setTransactionData("CardExpiryMonth", $_POST['expiry']['month']);
        //mandatory field
        $eway->setTransactionData("CardExpiryYear", $_POST['expiry']['year']);
        //mandatory field
        $eway->setTransactionData("TrxnNumber", $purchase_log['id']);
        $eway->setTransactionData("Option1", "");
        $eway->setTransactionData("Option2", "");
        $eway->setTransactionData("Option3", "");
        //for REAL_TIME_CVN
        $eway->setTransactionData("CVN", $_POST['cvn']);
        //for GEO_IP_ANTI_FRAUD
        $eway->setTransactionData("CustomerIPAddress", $eway->getVisitorIP());
        //mandatory field when using Geo-IP Anti-Fraud
        $eway->setTransactionData("CustomerBillingCountry", $data['country']);
        //mandatory field when using Geo-IP Anti-Fraud
        //special preferences for php Curl
        $eway->setCurlPreferences(CURLOPT_SSL_VERIFYPEER, 0);
        //pass a long that is set to a zero value to stop curl from verifying the peer's certificate
        //$eway->setCurlPreferences(CURLOPT_CAINFO, "/usr/share/ssl/certs/my.cert.crt"); //Pass a filename of a file holding one or more certificates to verify the peer with. This only makes sense when used in combination with the CURLOPT_SSL_VERIFYPEER option.
        //$eway->setCurlPreferences(CURLOPT_CAPATH, "/usr/share/ssl/certs/my.cert.path");
        //$eway->setCurlPreferences(CURLOPT_PROXYTYPE, CURLPROXY_HTTP); //use CURL proxy, for example godaddy.com hosting requires it
        //$eway->setCurlPreferences(CURLOPT_PROXY, "http://proxy.shr.secureserver.net:3128"); //use CURL proxy, for example godaddy.com hosting requires it
        $ewayResponseFields = $eway->doPayment();
        //exit(print_r($ewayResponseFields,1));
        //print_r($ewayResponseFields);
        if ($ewayResponseFields["EWAYTRXNSTATUS"] == "False") {
            $message .= "<h3>Please Check the Payment Results</h3>";
            $message .= "Your transaction was not successful." . "<br><br>";
            $message .= $ewayResponseFields['EWAYTRXNERROR'] . "<br><br>";
            $message .= "<a href=" . get_option('shopping_cart_url') . ">Click here to go back to checkout page.</a>";
            $_SESSION['eway_message'] = $message;
            header("Location:" . get_option('transact_url') . $seperator . "eway=0&result=" . $sessionid . "&message=1");
            //exit();
        } else {
            if ($ewayResponseFields["EWAYTRXNSTATUS"] == "True") {
                $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`='2' WHERE `sessionid`='" . $sessionid . "' LIMIT 1");
                transaction_results($sessionid, false);
                $message .= "Your transaction was successful." . "<br><br>";
                $message .= $ewayResponseFields['EWAYTRXNERROR'] . "<br><br>";
                $_SESSION['eway_message'] = $message;
                header("Location:" . get_option('transact_url') . $seperator . "eway=1&result=" . $sessionid . "&message=1");
                //exit();
            }
        }
    }
    //echo $_SESSION['eway_message'];
    exit;
}
Пример #11
0
function wpec_vmerchant_return()
{
    global $sessionid, $wpdb;
    $sessionid = $_GET['ssl_invoice_number'];
    if ($_GET['ssl_result_message'] == 'APPROVED' || $_GET['ssl_result_message'] == 'APPROVAL') {
        // success
        $purchase_log = new WPSC_Purchase_Log($sessionid, 'sessionid');
        $purchase_log->set(array('processed' => WPSC_Purchase_Log::ACCEPTED_PAYMENT, 'transactid' => $_GET['ssl_txn_id'], 'notes' => 'Virtual Merchant time : "' . $_GET['ssl_txn_time'] . '"'));
        $purchase_log->save();
        // set this global, wonder if this is ok
        transaction_results($sessionid, true);
    } else {
        // success
        $purchase_log = new WPSC_Purchase_Log($sessionid, 'sessionid');
        $purchase_log->set(array('processed' => WPSC_Purchase_Log::INCOMPLETE_SALE, 'transactid' => $_GET['ssl_txn_id'], 'notes' => 'Virtual Merchant time : "' . $_GET['ssl_txn_time'] . '"'));
        $purchase_log->save();
        $error_messages = wpsc_get_customer_meta('checkout_misc_error_messages');
        if (!is_array($error_messages)) {
            $error_messages = array();
        }
        $error_messages[] = '<strong style="color:red">' . urldecode($_GET['ssl_result_message']) . ' </strong>';
        wpsc_update_customer_meta('checkout_misc_error_messages', $error_messages);
        $checkout_page_url = get_option('shopping_cart_url');
        if ($checkout_page_url) {
            header('Location: ' . $checkout_page_url);
            exit;
        }
    }
}
function bitpay_callback()
{
    global $wpdb;
    try {
        if (isset($_GET['bitpay_callback'])) {
            $post = file_get_contents("php://input");
            if (true === empty($post)) {
                return array('error' => 'No post data');
            }
            $json = json_decode($post, true);
            if (true === is_string($json)) {
                return array('error' => $json);
            }
            if (false === array_key_exists('posData', $json)) {
                return array('error' => 'no posData');
            }
            if (false === array_key_exists('id', $json)) {
                return 'Cannot find invoice ID';
            }
            // Don't trust parameters from the scary internet.
            // Use invoice ID from the $json in  getInvoice($invoice_id) and get status from that.
            $client = new \Bitpay\Client\Client();
            $adapter = new \Bitpay\Client\Adapter\CurlAdapter();
            $network = strpos($json['url'], 'test') === false ? new \Bitpay\Network\Livenet() : new \Bitpay\Network\Testnet();
            $client->setAdapter($adapter);
            $client->setNetwork($network);
            // Checking invoice is valid...
            $response = $client->getInvoice($json['id']);
            $sessionid = $response->getPosData();
            // get buyer email
            $sql = "SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`=" . $sessionid;
            $purchase_log = $wpdb->get_results($sql, ARRAY_A);
            $email_form_field = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `type` IN ('email') AND `active` = '1' ORDER BY `checkout_order` ASC LIMIT 1");
            $email = $wpdb->get_var($wpdb->prepare("SELECT `value` FROM `" . WPSC_TABLE_SUBMITTED_FORM_DATA . "` WHERE `log_id` = %d AND `form_id` = %d LIMIT 1", $purchase_log[0]['id'], $email_form_field));
            // get cart contents
            $sql = "SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`=" . $purchase_log[0]['id'];
            $cart_contents = $wpdb->get_results($sql, ARRAY_A);
            // get currency symbol
            $currency_id = get_option('currency_type');
            $sql = "SELECT * FROM `" . WPSC_TABLE_CURRENCY_LIST . "` WHERE `id`=" . $currency_id;
            $currency_data = $wpdb->get_results($sql, ARRAY_A);
            $currency_symbol = $currency_data[0]['symbol'];
            // list products and individual prices in the email
            $message_product = "\r\n\r\nTransaction Details:\r\n\r\n";
            $pnp = 0.0;
            $subtotal = 0.0;
            foreach ($cart_contents as $product) {
                // shipping for each item
                $pnp += $product['pnp'];
                $message_product .= 'x' . $product['quantity'] . ' ' . $product['name'] . ' - ' . $currency_symbol . $product['price'] * $product['quantity'] . "\r\n";
                $subtotal += $product['price'] * $product['quantity'];
            }
            //list subtotal
            $subtotal = number_format($subtotal, 2, '.', ',');
            $message_product .= "\r\n" . 'Subtotal: ' . $currency_symbol . $subtotal . "\r\n";
            //list total taxes and total shipping costs in the email
            $message_product .= 'Taxes: ' . $currency_symbol . $purchase_log[0]['wpec_taxes_total'] . "\r\n";
            $message_product .= 'Shipping: ' . $currency_symbol . ($purchase_log[0]['base_shipping'] + $pnp) . "\r\n\r\n";
            //display total price in the email
            $message_product .= 'Total Price: ' . $currency_symbol . $purchase_log[0]['totalprice'];
            switch ($response->getStatus()) {
                //For low and medium transaction speeds, the order status is set to "Order Received" . The customer receives
                //an initial email stating that the transaction has been paid.
                case 'paid':
                    if (true === is_numeric($sessionid)) {
                        $sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '2' WHERE `sessionid`=" . $sessionid;
                        $wpdb->query($sql);
                        $message = 'Thank you! Your payment has been received, but the transaction has not been confirmed on the bitcoin network. You will receive another email when the transaction has been confirmed.';
                        $message .= $message_product;
                        $sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `notes`= 'The payment has been received, but the transaction has not been confirmed on the bitcoin network. This will be updated when the transaction has been confirmed.' WHERE `sessionid`=" . $sessionid;
                        $wpdb->query($sql);
                        if (wp_mail($email, 'Payment Received', $message)) {
                            $mail_sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `email_sent`= '1' WHERE `sessionid`=" . $sessionid;
                            $wpdb->query($mail_sql);
                        }
                        transaction_results($sessionid, false);
                        //false because this is just for email notification
                    }
                    break;
                    //For low and medium transaction speeds, the order status will not change. For high transaction speed, the order
                    //status is set to "Order Received" here. For all speeds, an email will be sent stating that the transaction has
                    //been confirmed.
                //For low and medium transaction speeds, the order status will not change. For high transaction speed, the order
                //status is set to "Order Received" here. For all speeds, an email will be sent stating that the transaction has
                //been confirmed.
                case 'confirmed':
                    if (true === is_numeric($sessionid)) {
                        $sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '2' WHERE `sessionid`=" . $sessionid;
                        $wpdb->query($sql);
                        $mail_sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `email_sent`= '1' WHERE `sessionid`=" . $sessionid;
                        //display initial "thank you" if transaction speed is high, as the 'paid' status is skipped on high speed
                        if (get_option('bitpay_transaction_speed') == 'high') {
                            $message = 'Thank you! Your payment has been received, and the transaction has been confirmed on the bitcoin network. You will receive another email when the transaction is complete.';
                            $message .= $message_product;
                            $sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `notes`= 'The payment has been received, and the transaction has been confirmed on the bitcoin network. This will be updated when the transaction has been completed.' WHERE `sessionid`=" . $sessionid;
                            $wpdb->query($sql);
                            if (wp_mail($email, 'Payment Received', $message)) {
                                $wpdb->query($mail_sql);
                            }
                        } else {
                            $message = 'Your transaction has now been confirmed on the bitcoin network. You will receive another email when the transaction is complete.';
                            $sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `notes`= 'The payment has been received, and the transaction has been confirmed on the bitcoin network. This will be updated when the transaction has been completed.' WHERE `sessionid`=" . $sessionid;
                            $wpdb->query($sql);
                            if (wp_mail($email, 'Transaction Confirmed', $message)) {
                                $wpdb->query($mail_sql);
                            }
                        }
                        //false because this is just for email notification
                        transaction_results($sessionid, false);
                    }
                    break;
                    //The purchase receipt email is sent upon the invoice status changing to "complete", and the order
                    //status is changed to Accepted Payment
                //The purchase receipt email is sent upon the invoice status changing to "complete", and the order
                //status is changed to Accepted Payment
                case 'complete':
                    if (true === is_numeric($sessionid)) {
                        $sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid;
                        $wpdb->query($sql);
                        $message = 'Your transaction is now complete! Thank you for using BitPay!';
                        $sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `notes`= 'The transaction is now complete.' WHERE `sessionid`=" . $sessionid;
                        $wpdb->query($sql);
                        if (wp_mail($email, 'Transaction Complete', $message)) {
                            $mail_sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `email_sent`= '1' WHERE `sessionid`=" . $sessionid;
                            $wpdb->query($mail_sql);
                        }
                        //false because this is just for email notification
                        transaction_results($sessionid, false);
                    }
                    break;
                    // END OF switch ($response->getStatus())
            }
        }
    } catch (\Exception $e) {
        debuglog('[Error] In Bitpay plugin, form_bitpay() function on line ' . $e->getLine() . ', with the error "' . $e->getMessage() . '".');
        throw $e;
    }
}
Пример #13
0
 /**
  * submit method, sends the received data to the payment gateway
  * @access public
  */
 function submit()
 {
     $name_value_pairs = array();
     foreach ($this->collected_gateway_data as $key => $value) {
         //$output .= $key.'='.urlencode($value).$amp;
         $name_value_pairs[] = $key . '=' . urlencode($value);
     }
     $gateway_values = implode('&', $name_value_pairs);
     if (defined('WPSC_ADD_DEBUG_PAGE') and WPSC_ADD_DEBUG_PAGE == true) {
         // 			echo "<a href='".get_option('paypal_multiple_url')."?".$gateway_values."'>Test the URL here</a>";
         // 	  	echo "<pre>".print_r($gateway_values,true)."</pre>";
         // 	   	echo "<pre>".print_r($this,true)."</pre>";
         // 	  	exit();
     }
     $options = array('timeout' => 10, 'body' => $this->collected_gateway_data, 'user-agent' => $this->cart_data['software_name'] . " " . get_bloginfo('url'), 'sslverify' => false);
     $options['body']['x_relay_response'] = "FALSE";
     $options['body']['x_delim_data'] = "TRUE";
     $wdsl_url = "https://api.authorize.net/soap/v1/Service.asmx?WSDL";
     if ((bool) get_option('authorize_testmode') == true) {
         $authorize_url = "https://test.authorize.net/gateway/transact.dll";
         $service_url = "https://apitest.authorize.net/soap/v1/Service.asmx";
     } else {
         $authorize_url = "https://secure.authorize.net/gateway/transact.dll";
         $service_url = "https://api.authorize.net/soap/v1/Service.asmx";
     }
     $response = wp_remote_post($authorize_url, $options);
     if (is_wp_error($response)) {
         // echo "teh broken";
     } else {
         $split_response = explode(",", $response['body']);
         // Splits out the buffer return into an array so . . .
         $parsed_response = $this->parse_aim_response($split_response);
     }
     //echo "<pre>";
     //print_r($parsed_response);
     //echo "</pre>";
     //exit();
     //$parsed_response['response_code'] = 1;
     switch ($parsed_response['response_code']) {
         case 1:
             /// case 1 is order accepted,
         /// case 1 is order accepted,
         case 4:
             /// case 4 is order held for review
             if (count($this->arb_requests) > 0) {
                 foreach ($this->arb_requests as $cart_item_id => $arb_request) {
                     $subscription_results = $this->do_soap_request('ARBCreateSubscription', $arb_request);
                     if ($subscription_id = $subscription_results['ARBCreateSubscriptionResult']['resultCode'] == "Ok") {
                         $subscription_id = $subscription_results['ARBCreateSubscriptionResult']['subscriptionId'];
                         do_action('wpsc_activate_subscription', $cart_item_id, $subscription_id);
                     } else {
                         $subscription_error['code'] = $subscription_results['ARBCreateSubscriptionResult']['messages']['MessagesTypeMessage']['code'];
                         $subscription_error['description'] = $subscription_results['ARBCreateSubscriptionResult']['messages']['MessagesTypeMessage']['text'];
                         wpsc_update_cartmeta($cart_item_id, 'subscription_error', $subscription_error);
                         wpsc_update_cartmeta($cart_item_id, 'is_subscribed', 0);
                     }
                     wpsc_update_cartmeta($cart_item_id, 'subscription_report', $subscription_results);
                 }
                 /*					echo "<pre>";
                 					//print_r($arb_client);
                 					print_r($subscription_results);
                 					//print_r($arb_request);
                 					echo "</pre>";
                 					exit()*/
             }
             $status = 1;
             if ($parsed_response['response_code'] == 1) {
                 $status = 2;
             }
             $this->set_transaction_details($parsed_response['transaction_id'], $status);
             transaction_results($this->cart_data['session_id'], false);
             $this->go_to_transaction_results($this->cart_data['session_id']);
             break;
         case 2:
             /// case 2 is order denied
         /// case 2 is order denied
         case 3:
             /// case 3 is error state
         /// case 3 is error state
         default:
             /// default is http or unknown error state
             if ($parsed_response['response_description'] == '') {
                 // If there is no error message it means there was some sort of HTTP connection failure, use the following error message
                 $parsed_response['response_description'] = __("There was an error contacting the payment gateway, please try again later.", 'wpsc');
             }
             $this->set_error_message($parsed_response['response_description']);
             $this->return_to_checkout();
             break;
     }
 }
Пример #14
0
function nzshpcrt_paypal_ipn()
{
    global $wpdb;
    // needs to execute on page start
    // look at page 36
    if ($_GET['ipn_request'] == 'true' && get_option('paypal_ipn') == 1) {
        // read the post from PayPal system and add 'cmd'
        $req = 'cmd=_notify-validate';
        $message = "";
        foreach ($_POST as $key => $value) {
            $value = urlencode(stripslashes($value));
            $req .= "&{$key}={$value}";
        }
        //$req .= "&ipn_request=true";
        $replace_strings[0] = 'http://';
        $replace_strings[1] = 'https://';
        $replace_strings[2] = '/cgi-bin/webscr';
        $paypal_url = str_replace($replace_strings, "", get_option('paypal_multiple_url'));
        // post back to PayPal system to validate
        $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
        $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
        $header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
        $fp = fsockopen($paypal_url, 80, $errno, $errstr, 30);
        // assign posted variables to local variables
        $sessionid = $_POST['invoice'];
        $transaction_id = $_POST['txn_id'];
        $verification_data['item_name'] = $_POST['item_name'];
        $verification_data['item_number'] = $_POST['item_number'];
        $verification_data['payment_status'] = $_POST['payment_status'];
        $verification_data['payment_amount'] = $_POST['mc_gross'];
        $verification_data['payment_currency'] = $_POST['mc_currency'];
        $verification_data['txn_id'] = $_POST['txn_id'];
        $verification_data['receiver_email'] = $_POST['receiver_email'];
        $verification_data['payer_email'] = $_POST['payer_email'];
        if (!$fp) {
            //mail(get_option('purch_log_email'),'IPN CONNECTION FAILS IT',("Fix the paypal URL, it is currently:\n\r". $paypal_url));
            // HTTP ERROR
        } else {
            fputs($fp, $header . $req);
            while (!feof($fp)) {
                $res = fgets($fp, 1024);
                if (strcmp($res, "VERIFIED") == 0) {
                    switch ($verification_data['payment_status']) {
                        case 'Processed':
                            // I think this is mostly equivalent to Completed
                        // I think this is mostly equivalent to Completed
                        case 'Completed':
                            $wpdb->query("UPDATE `" . $wpdb->prefix . "purchase_logs` SET `processed` = '2' WHERE `sessionid` = " . $sessionid . " LIMIT 1");
                            transaction_results($sessionid, false, $transaction_id);
                            break;
                        case 'Failed':
                            // if it fails, delete it
                            $log_id = $wpdb->get_var("SELECT `id` FROM `" . $wpdb->prefix . "purchase_logs` WHERE `sessionid`='{$sessionid}' LIMIT 1");
                            $delete_log_form_sql = "SELECT * FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$log_id}'";
                            $cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
                            foreach ((array) $cart_content as $cart_item) {
                                $cart_item_variations = $wpdb->query("DELETE FROM `" . $wpdb->prefix . "cart_item_variations` WHERE `cart_id` = '" . $cart_item['id'] . "'", ARRAY_A);
                            }
                            $wpdb->query("DELETE FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$log_id}'");
                            $wpdb->query("DELETE FROM `" . $wpdb->prefix . "submited_form_data` WHERE `log_id` IN ('{$log_id}')");
                            $wpdb->query("DELETE FROM `" . $wpdb->prefix . "purchase_logs` WHERE `id`='{$log_id}' LIMIT 1");
                            break;
                        case 'Pending':
                            // need to wait for "Completed" before processing
                            $sql = "UPDATE `" . $wpdb->prefix . "purchase_logs` SET `transactid` = '" . $transaction_id . "', `date` = '" . time() . "'  WHERE `sessionid` = " . $sessionid . " LIMIT 1";
                            $wpdb->query($sql);
                            break;
                        default:
                            // if nothing, do nothing, safest course of action here.
                            break;
                    }
                } else {
                    if (strcmp($res, "INVALID") == 0) {
                        // Its already logged, not much need to do more
                    }
                }
            }
            fclose($fp);
        }
        /*
         * Detect use of sandbox mode, if sandbox mode is present, send debugging email.
         */
        if (stristr(get_option('paypal_multiple_url'), "sandbox")) {
            $message = "This is a debugging message sent because it appears that you are using sandbox mode.\n\rIt is only sent if the paypal URL contains the word \"sandbox\"\n\r\n\r";
            $message .= "OUR_POST:\n\r" . print_r($header . $req, true) . "\n\r\n\r";
            $message .= "THEIR_POST:\n\r" . print_r($_POST, true) . "\n\r\n\r";
            $message .= "GET:\n\r" . print_r($_GET, true) . "\n\r\n\r";
            $message .= "SERVER:\n\r" . print_r($_SERVER, true) . "\n\r\n\r";
            $wpdb->query("INSERT INTO `paypal_log` ( `id` , `text` , `date` ) VALUES ( '', '{$message}', NOW( ) );");
            mail(get_option('purch_log_email'), "IPN Data", $message);
        }
    }
}
 /**
  * @param $inputData
  * @return mixed|string|void
  */
 public function checkResponse($inputData)
 {
     global $wpdb;
     $ref = $inputData['orderReference'];
     $sessID = explode("_", $ref);
     $sessionId = $sessID[1];
     $sign = $this->getResponseSignature($inputData);
     if (!empty($inputData["merchantSignature"]) && $inputData["merchantSignature"] == $sign) {
         if ($inputData['transactionStatus'] == self::ORDER_APPROVED) {
             $notes = "WayForPay : orderReference:" . $inputData['transactionStatus'] . " \n\n recToken: " . $inputData['recToken'];
             $data = array('processed' => 3, 'transactid' => $ref, 'date' => time(), 'notes' => $notes);
             $where = array('transactid' => $ref);
             $format = array('%d', '%s', '%s', '%s');
             $wpdb->update(WPSC_TABLE_PURCHASE_LOGS, $data, $where, $format);
             transaction_results($sessionId, false, $ref);
             return $this->getAnswerToGateWay($inputData);
         }
     }
     return null;
 }
Пример #16
0
 /**
  * process_gateway_notification method, receives data from the payment gateway
  * @access public
  */
 function process_gateway_notification()
 {
     global $wpdb;
     $status = 1;
     switch (strtolower($this->paypal_ipn_values['payment_status'])) {
         case 'pending':
             $status = 2;
             break;
         case 'completed':
             $status = 3;
             break;
         case 'denied':
             $status = 6;
             break;
     }
     do_action('wpsc_paypal_standard_ipn', $this->paypal_ipn_values, $this);
     $paypal_email = strtolower(get_option('paypal_multiple_business'));
     if (!$this->is_valid_ipn_response()) {
         return;
     }
     // Compare the received store owner email address to the set one
     if (strtolower($this->paypal_ipn_values['receiver_email']) == $paypal_email || strtolower($this->paypal_ipn_values['business']) == $paypal_email) {
         switch ($this->paypal_ipn_values['txn_type']) {
             case 'cart':
             case 'express_checkout':
             case 'web_accept':
                 // import shipping & billing details if this is from "Buy Now" button
                 if (isset($this->paypal_ipn_values['custom']) && $this->paypal_ipn_values['custom'] == 'buy_now') {
                     $this->import_ipn_data();
                 }
                 if ($status > 1) {
                     $this->set_transaction_details($this->paypal_ipn_values['txn_id'], $status);
                 }
                 if (in_array($status, array(2, 3))) {
                     transaction_results($this->cart_data['session_id'], false);
                 }
                 break;
             case 'subscr_signup':
             case 'subscr_payment':
                 if (in_array($status, array(2, 3))) {
                     $this->set_transaction_details($this->paypal_ipn_values['subscr_id'], $status);
                     transaction_results($this->cart_data['session_id'], false);
                 }
                 foreach ($this->cart_items as $cart_row) {
                     if ($cart_row['is_recurring'] == true) {
                         do_action('wpsc_activate_subscription', $cart_row['cart_item_id'], $this->paypal_ipn_values['subscr_id']);
                         do_action('wpsc_activated_subscription', $cart_row['cart_item_id'], $this);
                     }
                 }
                 break;
             case 'subscr_cancel':
                 do_action('wpsc_paypal_standard_deactivate_subscription', $this->paypal_ipn_values['subscr_id'], $this);
                 break;
             case 'subscr_eot':
             case 'subscr_failed':
                 foreach ($this->cart_items as $cart_row) {
                     $altered_count = 0;
                     if ((bool) $cart_row['is_recurring'] == true) {
                         $altered_count++;
                         wpsc_update_cart_item_meta($cart_row['cart_item_id'], 'is_subscribed', 0);
                     }
                 }
                 break;
             default:
                 break;
         }
     }
 }
Пример #17
0
/**
 * Handle Response from DIBS server
 * 
 * 
 *  
 */
function dibspayment_paywin_process()
{
    global $wpdb;
    if (isset($_GET['dibspw_result']) && isset($_POST['s_pid'])) {
        array_walk($_POST, create_function('&$val', '$val = stripslashes($val);'));
        $hamc_key = get_option('dibspw_hmac');
        $order_id = $_POST['orderid'];
        switch ($_GET['dibspw_result']) {
            case 'callback':
                if ($hamc_key && !isset($_POST['MAC'])) {
                    die("HMAC error!");
                }
                if (isset($_POST['MAC']) && $_POST['MAC'] != dibspayment_paywin_calc_mac($_POST, $hamc_key, $bUrlDecode = FALSE)) {
                    die("Mac is incorrect, fraud attempt!!");
                }
                $dibsInvoiceFields = array("acquirerLastName", "acquirerFirstName", "acquirerDeliveryAddress", "acquirerDeliveryPostalCode", "acquirerDeliveryPostalPlace");
                $dibsInvoiceFieldsString = "";
                foreach ($_POST as $key => $value) {
                    if (in_array($key, $dibsInvoiceFields)) {
                        $dibsInvoiceFieldsString .= "{$key}={$value}\n";
                    }
                }
                // Email is not send automatically on a success transactio page
                // from version '3.8.9 so we send email on callback from this version
                if (version_compare(get_option('wpsc_version'), '3.8.9', '>=')) {
                    if ($_POST['status'] == "ACCEPTED") {
                        $purchaselog = new WPSC_Purchase_Log($order_id);
                        $purchaselog->set('processed', get_option('dibspw_status'));
                        $purchaselog->set('notes', $dibsInvoiceFieldsString);
                        $purchaselog->save();
                        $wpscmerch = new wpsc_merchant($order_id, false);
                        $wpscmerch->set_purchase_processed_by_purchid(get_option('dibspw_status'));
                    }
                } else {
                    if ($_POST['status'] == "ACCEPTED") {
                        $purchase_log = $wpdb->get_results("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $_POST['s_pid'] . " LIMIT 1", ARRAY_A);
                        $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '" . get_option('dibspw_status') . "', `notes`='" . $dibsInvoiceFieldsString . "'  WHERE `id` = '" . $purchase_log[0]['id'] . "' LIMIT 1;");
                        // If it is the second callback with status ACCEPTED
                        // we want to send an email to customer.
                        if ($purchase_log[0]['authcode'] == "PENDING") {
                            transaction_results($_POST['s_pid'], false);
                        }
                    } else {
                        // we save not successed statuses it can be PENDING status..
                        $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '1' , `authcode` = '" . $_POST['status'] . "'  WHERE `id` = '" . $purchase_log[0]['id'] . "' LIMIT 1;");
                    }
                }
                break;
            case 'success':
                if (!isset($_GET['page_id']) || get_permalink($_GET['page_id']) != get_option('transact_url')) {
                    $location = add_query_arg('sessionid', $_POST['s_pid'], get_option('transact_url'));
                    if ($_POST['status'] == "ACCEPTED") {
                        if ($hamc_key && !isset($_POST['MAC'])) {
                            die("HMAC error!");
                        }
                        if (isset($_POST['MAC']) && $_POST['MAC'] != dibspayment_paywin_calc_mac($_POST, $hamc_key, $bUrlDecode = FALSE)) {
                            die("HMAC is incorrect, fraud attempt!");
                        }
                    } else {
                        // Declined or PENDING
                        $purchase_log = $wpdb->get_results("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $_POST['s_pid'] . " LIMIT 1", ARRAY_A);
                        $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '1' , `authcode` = '" . $_POST['status'] . "'  WHERE `id` = '" . $purchase_log[0]['id'] . "' LIMIT 1;");
                    }
                    wp_redirect($location);
                    exit;
                }
                break;
            case 'cancel':
                if (isset($_POST['orderid'])) {
                    $purchase_log = $wpdb->get_results("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $_POST['s_pid'] . " LIMIT 1", ARRAY_A);
                    $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '" . get_option('dibspw_statusc') . "' WHERE `id` = '" . $purchase_log[0]['id'] . "' LIMIT 1;");
                    wp_redirect(get_option('shopping_cart_url'));
                    exit;
                }
                break;
        }
    }
}
Пример #18
0
 /**
  * Update lead status of the specified payment
  *
  * @param Pronamic_Pay_Payment $payment
  */
 public static function status_update(Pronamic_Pay_Payment $payment, $can_redirect = false)
 {
     $merchant = new Pronamic_WP_Pay_Extensions_WPeCommerce_IDealMerchant($payment->get_source_id());
     $data = new Pronamic_WP_Pay_Extensions_WPeCommerce_PaymentData($merchant);
     $url = $data->get_normal_return_url();
     switch ($payment->status) {
         case Pronamic_WP_Pay_Statuses::CANCELLED:
             $merchant->set_purchase_processed_by_purchid(Pronamic_WP_Pay_Extensions_WPeCommerce_WPeCommerce::PURCHASE_STATUS_INCOMPLETE_SALE);
             // $merchant->set_transaction_details( $payment->transaction->getId(), Pronamic_WP_Pay_Extensions_WPeCommerce_WPeCommerce::PURCHASE_STATUS_INCOMPLETE_SALE );
             $url = $data->get_cancel_url();
             break;
         case Pronamic_WP_Pay_Statuses::EXPIRED:
             break;
         case Pronamic_WP_Pay_Statuses::FAILURE:
             break;
         case Pronamic_WP_Pay_Statuses::SUCCESS:
             /*
              * Transactions results
              *
              * @see https://github.com/wp-e-commerce/WP-e-Commerce/blob/v3.8.9.5/wpsc-merchants/paypal-pro.merchant.php#L303
              */
             $session_id = get_post_meta($payment->get_id(), '_pronamic_payment_wpsc_session_id', true);
             transaction_results($session_id);
             $merchant->set_purchase_processed_by_purchid(Pronamic_WP_Pay_Extensions_WPeCommerce_WPeCommerce::PURCHASE_STATUS_ACCEPTED_PAYMENT);
             $url = $data->get_success_url();
             break;
         case Pronamic_WP_Pay_Statuses::OPEN:
             break;
         default:
             break;
     }
     if ($can_redirect) {
         wp_redirect($url, 303);
         exit;
     }
 }
Пример #19
0
function check_ipn()
{
    global $wpdb, $purchase_log, $wpsc_cart;
    $wpcb_atos = get_option('wpcb_atos');
    $wpcb_general = get_option('wpcb_general');
    $wpcb_dev = get_option('wpcb_dev');
    $purch_log_email = get_option('purch_log_email');
    if (!$purch_log_email) {
        $purch_log_email = get_bloginfo('admin_email');
    }
    // Automatic Response ATOS :
    if ($_GET['ipn'] == 'atos') {
        if (array_key_exists('mode_demo', $wpcb_dev) && $wpcb_dev['mode_demo']) {
            // Ce Kit de demo a du vous etre envoyé par la banque
            $pathfile = dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/cgi-bin/demo/pathfile";
            $path_bin_response = dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/cgi-bin/demo/response";
            $logfile = dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/cgi-bin/demo/logfile.txt";
        } else {
            $pathfile = $wpcb_atos['pathfile'];
            $path_bin_response = $wpcb_atos['path_bin_response'];
            $logfile = $wpcb_atos['logfile'];
        }
        // Initialisation du chemin du fichier de log :
        if (isset($_POST['DATA'])) {
            $data = escapeshellcmd($_POST['DATA']);
            $message = "message={$data}";
            $pathfile = "pathfile=" . $pathfile;
            if (isset($_POST['sandbox'])) {
                $result = $_POST['sandbox'];
            } else {
                $result = exec("{$path_bin_response} {$pathfile} {$message}");
            }
            $tableau = explode("!", $result);
            $response = array('code' => $tableau[1], 'error' => $tableau[2], 'merchantid' => $tableau[3], 'merchantcountry' => $tableau[4], 'amount' => $tableau[5], 'transactionid' => $tableau[6], 'paymentmeans' => $tableau[7], 'transmissiondate' => $tableau[8], 'paymenttime' => $tableau[9], 'paymentdate' => $tableau[10], 'responsecode' => $tableau[11], 'paymentcertificate' => $tableau[12], 'authorisationid' => $tableau[13], 'currencycode' => $tableau[14], 'cardnumber' => $tableau[15], 'cvvflag' => $tableau[16], 'cvvresponsecode' => $tableau[17], 'bankresponsecode' => $tableau[18], 'complementarycode' => $tableau[19], 'complementaryinfo' => $tableau[20], 'returncontext' => $tableau[21], 'caddie' => $tableau[22], 'receiptcomplement' => $tableau[23], 'merchantlanguage' => $tableau[24], 'language' => $tableau[25], 'customerid' => $tableau[26], 'orderid' => $tableau[27], 'customeremail' => $tableau[28], 'customeripaddress' => $tableau[29], 'captureday' => $tableau[30], 'capturemode' => $tableau[31], 'data' => $tableau[32]);
            //Session id used by wp ecommerce :
            $sessionid = $response['orderid'];
            // A venir : Ajout dans un google spreadsheet qui a toutes les entêtes précédentes (requis Zend)
            // A coler dans la page admin pour tester
            if (WP_ZEND_FRAMEWORK) {
                $GoogleConnection = true;
                $SpreadSheetConnection = true;
                try {
                    $client = Zend_Gdata_ClientLogin::getHttpClient($wpcb_general['googleemail'], $wpcb_general['googlepassword']);
                } catch (Zend_Gdata_App_AuthException $ae) {
                    echo $ae->exception();
                    $GoogleConnection = false;
                }
                if ($GoogleConnection) {
                    // Test
                    $service = Zend_Gdata_Spreadsheets::AUTH_SERVICE_NAME;
                    $client = Zend_Gdata_ClientLogin::getHttpClient($wpcb_general['googleemail'], $wpcb_general['googlepassword'], $service);
                    // On va chercher le numéro de la feuille :
                    $query_worksheet = new Zend_Gdata_Spreadsheets_DocumentQuery();
                    // todo pour pas de client ici ?
                    $query_worksheet->setSpreadsheetKey($wpcb_general['spreadsheetKey']);
                    $spreadsheetService = new Zend_Gdata_Spreadsheets($client);
                    try {
                        $feed = $spreadsheetService->getWorksheetFeed($query_worksheet);
                    } catch (Zend_Gdata_App_HttpException $ae) {
                        echo $ae->exception();
                        $SpreadSheetConnection = false;
                    }
                    if ($SpreadSheetConnection) {
                        // Tout bon on ajoute :
                        foreach ($feed->entries as $entry) {
                            if ($entry->title->text == 'CB') {
                                $worksheetId_CB = basename($entry->id);
                            } elseif ($entry->title->text == 'Paypal') {
                                $worksheetId_Paypal = basename($entry->id);
                            }
                        }
                        $spreadsheetService = new Zend_Gdata_Spreadsheets($client);
                        // Insert row in google spreadsheet :
                        $insertedListEntry = $spreadsheetService->insertRow($response, $wpcb_general['spreadsheetKey'], $worksheetId_CB);
                    } else {
                        wp_mail($purch_log_email, 'Email envoyé depuis le auto_response', 'Mauvais Numero de Spreadsheet dans les options du plugin wpcb');
                    }
                } else {
                    if (WP_DEBUG) {
                        wp_mail($purch_log_email, 'Email envoyé depuis le auto_response', 'Mauvais login/mot de pass google dans les options du plugin wpcb');
                    }
                }
            } else {
                wp_mail($purch_log_email, 'Email envoyé depuis le auto_response', 'Installer Zend pour ajouter automatiquement les ventes à google drive !');
            }
            //  analyse du code retour
            if (isset($_POST['sandbox'])) {
                $message = "-----------SANDBOX-------------------------\n";
                foreach ($response as $k => $v) {
                    $message .= $k . " = " . $v . "\n";
                }
                $message .= "-------------------------------------------\n";
                if ($logfile) {
                    $fp = fopen($logfile, "a");
                    fwrite($fp, $message);
                    fclose($fp);
                }
                echo $message;
                wp_mail($purch_log_email, 'Email pour vous dire qu\'un paiement SANDBOX est arrivé !', $message);
            } else {
                //Vrai achat !
                if ($response['code'] == "" && $response['error'] == "") {
                    $message = "erreur appel response\n executable response non trouve {$path_bin_response}\n Session Id : {$sessionid}";
                    if ($logfile) {
                        $fp = fopen($logfile, "a");
                        // Ouverture du fichier de log en append
                        fwrite($fp, $message);
                        fclose($fp);
                    }
                    if (WP_DEBUG) {
                        wp_mail($purch_log_email, 'Email envoyé depuis le auto_response car il y a une erreur avec un paiement Atos', $message);
                    }
                    $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid);
                    $wpsc_cart->empty_cart();
                } elseif ($response['code'] != 0) {
                    $message = " API call error.\n Error message :  {$error}\n Session Id : {$sessionid}";
                    if ($logfile) {
                        // Ouverture du fichier de log en append
                        $fp = fopen($logfile, "a");
                        fwrite($fp, $message);
                        fclose($fp);
                    }
                    if (WP_DEBUG) {
                        wp_mail($purch_log_email, 'Email envoyé depuis le auto_response car il y a une erreur avec un paiement Atos', $message);
                    }
                    $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid);
                    $wpsc_cart->empty_cart();
                } else {
                    // Ok, Sauvegarde dans la base de donnée du shop.
                    if ($response_code == 00) {
                        $message = "-----------SALES----------------------------\n";
                        foreach ($response as $k => $v) {
                            $message .= $k . " = " . $v . "\n";
                        }
                        $message .= "-------------------------------------------\n";
                        if ($logfile) {
                            $fp = fopen($logfile, "a");
                            fwrite($fp, $message);
                            fclose($fp);
                        }
                        if (WP_DEBUG) {
                            wp_mail($purch_log_email, 'Email pour vous dire qu\'un paiement est arrivé !', $message);
                        }
                        $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid);
                        $purchase_log = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1", ARRAY_A);
                        // Ne pas enlever car global !
                        $wpsc_cart->empty_cart();
                        // Peut-être faut-il ici decrease stock ???
                        // redirect ->
                        transaction_results($sessionid, false);
                        // false -> no echo ! // The cart is emptied in this function a condition d'avoir la global $wpsc_cart !
                    }
                }
            }
            // Fin du vrai achat
        } else {
            if (WP_DEBUG) {
                wp_mail($purch_log_email, 'Qqn a accéder à cette page sans utiliser le module de CB', 'Rien de grave, c\'est peut-etre un robot google !');
            }
        }
    } elseif ($_GET['ipn'] == 'systempaycyberplus') {
        $message = '';
        foreach ($_POST as $key => $value) {
            $message .= $key . '->' . $value . "\n";
        }
        mail($purch_log_email, 'ipn systempay cyberplus', $message);
        $wpcb_systempaycyberplus = get_option('wpcb_systempaycyberplus');
        $control = Check_Signature(uncharm($_POST), $wpcb_systempaycyberplus['certificat']);
        if ($control == 'true') {
            $sessionid = $_POST['vads_order_id'];
            if ($_POST['vads_result'] == "00") {
                switch ($_POST['vads_auth_mode']) {
                    case "FULL":
                        $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid);
                        $purchase_log = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1", ARRAY_A);
                        // Ne pas enlever car global !
                        $wpsc_cart->empty_cart();
                        // Peut-être faut-il ici decrease stock ???
                        // redirect ->
                        transaction_results($sessionid, false);
                        break;
                    case "MARK":
                        break;
                }
            } else {
                //failed
                $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid);
                $wpsc_cart->empty_cart();
                //http://matale.fr/?cbListener=systempay_cyberplus&mode=test
            }
        } else {
            mail($purch_log_email, 'ipn systempay cyberplus signature non valide', $message);
        }
        if ($transauthorised == false) {
        }
    } elseif ($_GET['ipn'] == 'paypal') {
        $wpcb_paypal = get_option('wpcb_paypal');
        // Initialisation du chemin du fichier de log :
        error_reporting(E_ALL ^ E_NOTICE);
        $header = "";
        $emailtext = "";
        // Read the post from PayPal and add 'cmd'
        $req = 'cmd=_notify-validate';
        if (function_exists('get_magic_quotes_gpc')) {
            $get_magic_quotes_exits = true;
        }
        foreach ($_POST as $key => $value) {
            // Handle escape characters, which depends on setting of magic quotes
            if ($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
                $value = urlencode(stripslashes($value));
            } else {
                $value = urlencode($value);
            }
            $req .= "&{$key}={$value}";
        }
        // Post back to PayPal to validate
        $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
        $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
        $header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
        if ($wpcb_paypal['sandbox_paypal']) {
            $fp = fsockopen('ssl://sandbox.paypal.com', 443, $errno, $errstr, 30);
        } else {
            $fp = fsockopen('ssl://www.paypal.com', 443, $errno, $errstr, 30);
        }
        // Process validation from PayPal
        if (!$fp) {
            // HTTP ERROR
        } else {
            // NO HTTP ERROR
            fputs($fp, $header . $req);
            while (!feof($fp)) {
                $res = fgets($fp, 1024);
                if (strcmp($res, "VERIFIED") == 0) {
                    if ($_POST['payment_status'] == 'Completed') {
                        if (WP_DEBUG) {
                            wp_mail($purch_log_email, "IPN Completed Payement", $req);
                        }
                        $sessionid = $_POST['item_number'];
                        $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid);
                        $purchase_log = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1", ARRAY_A);
                        transaction_results($sessionid, false);
                        // false -> no echo !
                    }
                    //End if completed
                } elseif (strcmp($res, "INVALID") == 0) {
                    // If 'INVALID', send an email. TODO: Log for manual investigation.
                    if (WP_DEBUG) {
                        wp_mail($purch_log_email, "Live-INVALID IPN", $req);
                    }
                    $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid);
                }
            }
            fclose($fp);
        }
    }
    // fin du ipn=paypal
}
Пример #20
0
/**
 * Cron job to process outstanding Bitcoin transactions.
 */
function bitcoin_cron()
{
    /*
     * Find transactions where purchase status = 1 and gateway = bitcoin.
     * Bitcoin address for the transaction is stored in transactid
     */
    global $wpdb;
    bitcoin_debug("entering cron");
    $transactions = $wpdb->get_results("SELECT id,totalprice,sessionid,transactid,date FROM " . WPSC_TABLE_PURCHASE_LOGS . " WHERE gateway='bitcoin' AND processed='1'");
    if (count($transactions) < 1) {
        return;
    }
    bitcoin_debug("have transactions to process");
    include_once "library/bitcoin.inc";
    $bitcoin_client = new BitcoinClient(get_option("bitcoin_scheme"), get_option("bitcoin_username"), get_option("bitcoin_password"), get_option("bitcoin_address"), get_option("bitcoin_port"), get_option("bitcoin_certificate_path"));
    if (TRUE !== ($fault = $bitcoin_client->can_connect())) {
        error_log('The Bitcoin server is presently unavailable. Fault: ' . $fault);
        return;
    }
    bitcoin_debug("server reachable");
    foreach ($transactions as $transaction) {
        $address = $transaction->transactid;
        $order_id = $transaction->id;
        $order_total = $transaction->totalprice;
        $sessionid = $transaction->sessionid;
        $order_date = $transaction->date;
        bitcoin_debug("processing: " . var_export($transaction, TRUE));
        try {
            $paid = $bitcoin_client->query("getreceivedbyaddress", $address, get_option("bitcoin_confirms"));
        } catch (BitcoinClientException $e) {
            error_log("Bitcoin server communication failed on getreceivedbyaddress " . $address . " with fault string " . $e->getMessage());
            continue;
        }
        if ($paid >= $order_total) {
            bitcoin_debug("paid in full");
            // PAID IN FULL
            // Update payment log
            $wpdb->query("UPDATE " . WPSC_TABLE_PURCHASE_LOGS . " SET processed='2' WHERE id='" . $order_id . "'");
            // Email customer
            transaction_results($sessionid, false);
            continue;
        }
        if (time() > $order_date + get_option("bitcoin_timeout") * 60 * 60) {
            bitcoin_debug("order expired");
            // ORDER EXPIRED
            // Update payment log
            $wpdb->query("UPDATE " . WPSC_TABLE_PURCHASE_LOGS . " SET processed='5' WHERE id='" . $order_id . "'");
            // Can't email the customer via transaction_results
            // TODO: Email the customer, delete the order
        }
    }
    bitcoin_debug("leaving cron");
}
Пример #21
0
function nzshpcrt_chronopay_callback()
{
    global $wpdb;
    // needs to execute on page start
    // look at page 36
    if (isset($_GET['chronopay_callback']) && $_GET['chronopay_callback'] == 'true' && $_POST['cs2'] == 'chronopay') {
        // This is a call from chronopay.  validate that it is from a chronopay server in the and process.
        // validate cs3 variable to see if it makes sense for security
        $salt = get_option('chronopay_salt');
        $gen_hash = md5($salt . md5($_POST['cs1'] . $salt));
        if ($gen_hash == $_POST['cs3']) {
            // Added in to fake a TX number for testing.  ChronoPay dev accounts do not return a trans_id.
            //if($_POST['transaction_id'] == '')
            //	$_POST['transaction_id'] = 'testid123123';
            // process response.
            $sessionid = trim(stripslashes($_POST['cs1']));
            $transaction_id = trim(stripslashes($_POST['transaction_id']));
            $verification_data['trans_id'] = trim(stripslashes($_POST['transaction_id']));
            $verification_data['trans_type'] = trim(stripslashes($_POST['transaction_type']));
            switch ($verification_data['trans_type']) {
                case 'onetime':
                    // All successful processing statuses.
                // All successful processing statuses.
                case 'initial':
                case 'rebill':
                    $data = array('processed' => 2, 'transactid' => $transact_id, 'date' => time());
                    wpsc_update_purchase_log_details($sessionid, $data, 'sessionid');
                    transaction_results($sessionid, false, $transaction_id);
                    break;
                case 'decline':
                    // if it fails, delete it
                    $log_id = $wpdb->get_var($wpdb->prepare("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`=%s LIMIT 1", $sessionid));
                    $delete_log_form_sql = $wpdb->prepare("SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`=%d", $log_id);
                    $cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
                    foreach ((array) $cart_content as $cart_item) {
                        $cart_item_variations = $wpdb->query($wpdb->prepare("DELETE FROM `" . WPSC_TABLE_CART_ITEM_VARIATIONS . "` WHERE `cart_id` = %d", $cart_item['id']), ARRAY_A);
                    }
                    $wpdb->query($wpdb->prepare("DELETE FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`=%d", $log_id));
                    $wpdb->query($wpdb->prepare("DELETE FROM `" . WPSC_TABLE_SUBMITTED_FORM_DATA . "` WHERE `log_id` IN ( %d )", $log_id));
                    $wpdb->query($wpdb->prepare("DELETE FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id`=%d LIMIT 1", $log_id));
                    break;
                case 'Pending':
                    // need to wait for "Completed" before processing
                    $wpdb->update(WPSC_TABLE_PURCHASE_LOGS, array('transactid' => $transaction_id, 'date' => time()), array('sessionid' => $sessionid), array('%d', '%s'));
                    break;
                default:
                    // if nothing, do nothing, safest course of action here.
                    break;
            }
        } else {
            // Security Hash failed!!.. notify someone..
            $message = "This message has been sent because a call to your ChronoPay function was made by a server that did not have the correct security key.  This could mean someone is trying to hack your payment site.  The details of the call are below.\n\r\n\r";
            $message .= "OUR_POST:\n\r" . print_r($header . $req, true) . "\n\r\n\r";
            $message .= "THEIR_POST:\n\r" . print_r($_POST, true) . "\n\r\n\r";
            $message .= "GET:\n\r" . print_r($_GET, true) . "\n\r\n\r";
            $message .= "SERVER:\n\r" . print_r($_SERVER, true) . "\n\r\n\r";
            mail(get_option('purch_log_email'), "ChronoPay Security Key Failed!", $message);
        }
    }
}
Пример #22
0
function wpsc_purchlog_edit_status($purchlog_id = '', $purchlog_status = '')
{
    global $wpdb;
    if (empty($purchlog_id) && empty($purchlog_status)) {
        $purchlog_id = absint($_POST['purchlog_id']);
        $purchlog_status = absint($_POST['purchlog_status']);
    }
    $log_data = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id` = '{$purchlog_id}' LIMIT 1", ARRAY_A);
    $is_transaction = wpsc_check_purchase_processed($log_data['processed']);
    if ($is_transaction && function_exists('wpsc_member_activate_subscriptions')) {
        wpsc_member_activate_subscriptions($_POST['id']);
    }
    //in the future when everyone is using the 2.0 merchant api, we should use the merchant class to update the staus,
    // then you can get rid of this hook and have each person overwrite the method that updates the status.
    do_action('wpsc_edit_order_status', array('purchlog_id' => $purchlog_id, 'purchlog_data' => $log_data, 'new_status' => $purchlog_status));
    $wpdb->update(WPSC_TABLE_PURCHASE_LOGS, array('processed' => $purchlog_status), array('id' => $purchlog_id), '%d', '%d');
    wpsc_clear_stock_claims();
    wpsc_decrement_claimed_stock($purchlog_id);
    if ($purchlog_status == 3) {
        transaction_results($log_data['sessionid'], false, null);
    }
}
Пример #23
0
function wpsc_purchlog_edit_status($purchlog_id = '', $purchlog_status = '')
{
    global $wpdb;
    if ($purchlog_id == '' && $purchlog_status == '') {
        $purchlog_id = absint($_POST['purchlog_id']);
        $purchlog_status = absint($_POST['purchlog_status']);
    }
    $log_data = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id` = '{$purchlog_id}' LIMIT 1", ARRAY_A);
    if ($purchlog_status == 2 && function_exists('wpsc_member_activate_subscriptions')) {
        wpsc_member_activate_subscriptions($_POST['id']);
    }
    // if the order is marked as failed, remove the claim on the stock
    if ($purchlog_status == 5) {
        $wpdb->query("DELETE FROM `" . WPSC_TABLE_CLAIMED_STOCK . "` WHERE `cart_id` = '{$purchlog_id}' AND `cart_submitted` = '1'");
        //echo "DELETE FROM `".WPSC_TABLE_CLAIMED_STOCK."` WHERE `cart_id` = '{$purchlog_id}' AND `cart_submitted` = '1'";
    }
    $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET processed='{$purchlog_status}' WHERE id='{$purchlog_id}'");
    if ($purchlog_status > $log_data['processed'] && $log_data['processed'] <= 2) {
        transaction_results($log_data['sessionid'], false);
    }
    //	exit("1");
}
Пример #24
0
function nzshpcrt_tco_callback()
{
    global $wpdb;
    if (isset($_REQUEST['tco_callback']) && $_REQUEST['tco_callback'] == 'true' && $_REQUEST['payment_method'] == 'tco') {
        $seller_id = get_option('tco_seller_id');
        $secret_word = get_option('tco_secret_word');
        $sessionid = trim(stripslashes($_REQUEST['cart_order_id']));
        $transaction_id = trim(stripslashes($_REQUEST['order_number']));
        if ($_REQUEST['demo'] == 'Y') {
            $transaction_id = 1;
        }
        $compare_string = $secret_word . $seller_id . $transaction_id . $_REQUEST['total'];
        $compare_hash1 = strtoupper(md5($compare_string));
        $compare_hash2 = $_REQUEST['key'];
        if ($compare_hash1 != $compare_hash2) {
            $wpdb->update(WPSC_TABLE_PURCHASE_LOGS, array('processed' => 2, 'transactid' => $transaction_id, 'date' => time()), array('sessionid' => $sessionid), array('%d', '%s'));
        } else {
            $data = array('processed' => 3, 'transactid' => $transaction_id, 'date' => time());
            $where = array('sessionid' => $sessionid);
            $format = array('%d', '%s', '%s');
            $wpdb->update(WPSC_TABLE_PURCHASE_LOGS, $data, $where, $format);
            transaction_results($sessionid, false, $transaction_id);
        }
    }
}
Пример #25
0
function nzshpcrt_chronopay_callback()
{
    global $wpdb;
    // needs to execute on page start
    // look at page 36
    if ($_GET['chronopay_callback'] == 'true' && $_POST['cs2'] == 'chronopay') {
        // This is a call from chronopay.  validate that it is from a chronopay server in the and process.
        // validate cs3 variable to see if it makes sense for security
        $salt = get_option('chronopay_salt');
        $gen_hash = md5($salt . md5($_POST['cs1'] . $salt));
        if ($gen_hash == $_POST['cs3']) {
            // Added in to fake a TX number for testing.  ChronoPay dev accounts do not return a trans_id.
            //if($_POST['transaction_id'] == '')
            //	$_POST['transaction_id'] = 'testid123123';
            // process response.
            $sessionid = trim(stripslashes($_POST['cs1']));
            $transaction_id = trim(stripslashes($_POST['transaction_id']));
            $verification_data['trans_id'] = trim(stripslashes($_POST['transaction_id']));
            $verification_data['trans_type'] = trim(stripslashes($_POST['transaction_type']));
            switch ($verification_data['trans_type']) {
                case 'onetime':
                    // All successful processing statuses.
                // All successful processing statuses.
                case 'initial':
                case 'rebill':
                    $wpdb->query("UPDATE `" . $wpdb->prefix . "purchase_logs` SET \n\t\t\t\t\t\t\t\t\t\t`processed` = '2', \n\t\t\t\t\t\t\t\t\t\t`transactid` = '" . $transaction_id . "', \n\t\t\t\t\t\t\t\t\t\t`date` = '" . time() . "'\n\t\t\t\t\t\t\t\t\tWHERE `sessionid` = " . $sessionid . " LIMIT 1");
                    transaction_results($sessionid, false, $transaction_id);
                    break;
                case 'decline':
                    // if it fails, delete it
                    $log_id = $wpdb->get_var("SELECT `id` FROM `" . $wpdb->prefix . "purchase_logs` WHERE `sessionid`='{$sessionid}' LIMIT 1");
                    $delete_log_form_sql = "SELECT * FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$log_id}'";
                    $cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
                    foreach ((array) $cart_content as $cart_item) {
                        $cart_item_variations = $wpdb->query("DELETE FROM `" . $wpdb->prefix . "cart_item_variations` WHERE `cart_id` = '" . $cart_item['id'] . "'", ARRAY_A);
                    }
                    $wpdb->query("DELETE FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$log_id}'");
                    $wpdb->query("DELETE FROM `" . $wpdb->prefix . "submited_form_data` WHERE `log_id` IN ('{$log_id}')");
                    $wpdb->query("DELETE FROM `" . $wpdb->prefix . "purchase_logs` WHERE `id`='{$log_id}' LIMIT 1");
                    break;
                case 'Pending':
                    // need to wait for "Completed" before processing
                    $sql = "UPDATE `" . $wpdb->prefix . "purchase_logs` SET `transactid` = '" . $transaction_id . "', `date` = '" . time() . "'  WHERE `sessionid` = " . $sessionid . " LIMIT 1";
                    $wpdb->query($sql);
                    break;
                default:
                    // if nothing, do nothing, safest course of action here.
                    break;
            }
        } else {
            // Security Hash failed!!.. notify someone..
            $message = "This message has been sent because a call to your ChronoPay function was made by a server that did not have the correct security key.  This could mean someone is trying to hack your payment site.  The details of the call are below.\n\r\n\r";
            $message .= "OUR_POST:\n\r" . print_r($header . $req, true) . "\n\r\n\r";
            $message .= "THEIR_POST:\n\r" . print_r($_POST, true) . "\n\r\n\r";
            $message .= "GET:\n\r" . print_r($_GET, true) . "\n\r\n\r";
            $message .= "SERVER:\n\r" . print_r($_SERVER, true) . "\n\r\n\r";
            mail(get_option('purch_log_email'), "ChronoPay Security Key Failed!", $message);
        }
        // If in debug, email details
        if (get_option('chronopay_debug') == 1) {
            $message = "This is a debugging message sent because it appears that you are in debug mode.\n\rEnsure ChronoPay debug is turned off once you are happy with the function.\n\r\n\r";
            $message .= "OUR_POST:\n\r" . print_r($header . $req, true) . "\n\r\n\r";
            $message .= "THEIR_POST:\n\r" . print_r($_POST, true) . "\n\r\n\r";
            $message .= "GET:\n\r" . print_r($_GET, true) . "\n\r\n\r";
            $message .= "SERVER:\n\r" . print_r($_SERVER, true) . "\n\r\n\r";
            mail(get_option('purch_log_email'), "ChronoPay Data", $message);
        }
    }
}
Пример #26
0
/**
 * Purchase log ajax code starts here
 */
function wpsc_purchlog_resend_email()
{
    global $wpdb;
    $log_id = $_REQUEST['email_buyer_id'];
    $wpec_taxes_controller = new wpec_taxes_controller();
    if (is_numeric($log_id)) {
        $selectsql = "SELECT `sessionid` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id`= %d LIMIT 1";
        $purchase_log = $wpdb->get_var($wpdb->prepare($selectsql, $log_id));
        transaction_results($purchase_log, false);
        $sent = true;
    }
    $sendback = wp_get_referer();
    if (isset($sent)) {
        $sendback = add_query_arg('sent', $sent, $sendback);
    }
    wp_redirect($sendback);
    exit;
}
Пример #27
0
/**
	* submit checkout function, used through ajax and in normal page loading.
	* No parameters, returns nothing
*/
function wpsc_submit_checkout()
{
    global $wpdb, $wpsc_cart, $user_ID, $nzshpcrt_gateways, $wpsc_shipping_modules, $wpsc_gateways;
    //echo "break redirect";
    //
    do_action('wpsc_before_submit_checkout');
    $_SESSION['wpsc_checkout_misc_error_messages'] = array();
    $wpsc_checkout = new wpsc_checkout();
    //exit('coupons:'.$wpsc_cart->coupons_name);
    $selected_gateways = get_option('custom_gateway_options');
    $submitted_gateway = $_POST['custom_gateway'];
    $options = get_option('custom_shipping_options');
    $form_validity = $wpsc_checkout->validate_forms();
    extract($form_validity);
    // extracts $is_valid and $error_messages
    if (get_option('do_not_use_shipping') == 0 && ($wpsc_cart->selected_shipping_method == null || $wpsc_cart->selected_shipping_option == null) && $wpsc_cart->uses_shipping) {
        $_SESSION['wpsc_checkout_misc_error_messages'][] = __('You must select a shipping method, otherwise we cannot process your order.', 'wpsc');
        $is_valid = false;
    }
    if ($_POST['agree'] != 'yes') {
        $_SESSION['wpsc_checkout_misc_error_messages'][] = __('Please agree to the terms and conditions, otherwise we cannot process your order.', 'wpsc');
        $is_valid = false;
    }
    $selectedCountry = $wpdb->get_results("SELECT id, country FROM `" . WPSC_TABLE_CURRENCY_LIST . "` WHERE isocode='" . $wpdb->escape($_SESSION['wpsc_delivery_country']) . "'", ARRAY_A);
    foreach ($wpsc_cart->cart_items as $cartitem) {
        //	exit('<pre>'.print_r($cartitem, true).'</pre>');
        $categoriesIDs = $wpdb->get_col("SELECT category_id FROM `" . WPSC_TABLE_ITEM_CATEGORY_ASSOC . "` WHERE product_id=" . $cartitem->product_id);
        foreach ((array) $categoriesIDs as $catid) {
            if (is_array($catid)) {
                $sql = "SELECT `countryid` FROM `" . WPSC_TABLE_CATEGORY_TM . "` WHERE `visible`=0 AND `categoryid`=" . $catid[0];
            } else {
                $sql = "SELECT `countryid` FROM `" . WPSC_TABLE_CATEGORY_TM . "` WHERE `visible`=0 AND `categoryid`=" . $catid;
            }
            $countries = $wpdb->get_col($sql);
            if (in_array($selectedCountry[0]['id'], (array) $countries)) {
                $errormessage = sprintf(__('Oops the product : %s cannot be shipped to %s. To continue with your transaction please remove this product from the list above.', 'wpsc'), $cartitem->product_name, $selectedCountry[0]['country']);
                $_SESSION['categoryAndShippingCountryConflict'] = $errormessage;
                $is_valid = false;
            }
        }
        //count number of items, and number of items using shipping
        $num_items++;
        if ($cartitem->uses_shipping != 1) {
            $disregard_shipping++;
        } else {
            $use_shipping++;
        }
    }
    // exit('valid >'.$is_valid);
    if (array_search($submitted_gateway, $selected_gateways) !== false) {
        $_SESSION['wpsc_previous_selected_gateway'] = $submitted_gateway;
    } else {
        $is_valid = false;
    }
    if (get_option('do_not_use_shipping') != 1 && in_array('ups', (array) $options) && $_SESSION['wpsc_zipcode'] == '') {
        //exit('Not being called');
        if ($num_items != $disregard_shipping) {
            //<-- new line of code
            $_SESSION['categoryAndShippingCountryConflict'] = __('Please enter a Zipcode and click calculate to proceed');
            $is_valid = false;
        }
    }
    if ($is_valid == true || $_GET['gateway'] == 'noca') {
        $_SESSION['categoryAndShippingCountryConflict'] = '';
        // check that the submitted gateway is in the list of selected ones
        $sessionid = mt_rand(100, 999) . time();
        $_SESSION['wpsc_sessionid'] = $sessionid;
        $subtotal = $wpsc_cart->calculate_subtotal();
        if ($wpsc_cart->has_total_shipping_discount() == false) {
            $base_shipping = $wpsc_cart->calculate_base_shipping();
        } else {
            $base_shipping = 0;
        }
        if (isset($_POST['how_find_us'])) {
            $find_us = $_POST['how_find_us'];
        } else {
            $find_us = '';
        }
        $tax = $wpsc_cart->calculate_total_tax();
        $total = $wpsc_cart->calculate_total_price();
        // Make sure delivery and selected region are onlly saved if the country does have regions
        // Im unsure how this would effect countries that HAVE regions, i.e if you select Canada as country,, will your 			// region be alabama if no region was selected?
        $wpsc_cart->update_location();
        if (!wpsc_has_regions($wpsc_cart->selected_country)) {
            $wpsc_cart->selected_region = '';
        }
        if (!wpsc_has_regions($wpsc_cart->delivery_country)) {
            $wpsc_cart->delivery_region = '';
        }
        $sql = "INSERT INTO `" . WPSC_TABLE_PURCHASE_LOGS . "` (`totalprice`,`statusno`, `sessionid`, `user_ID`, `date`, `gateway`, `billing_country`,`shipping_country`, `billing_region`, `shipping_region`, `base_shipping`,`shipping_method`, `shipping_option`, `plugin_version`, `discount_value`, `discount_data`,`find_us`) VALUES ('{$total}' ,'0', '{$sessionid}', '" . (int) $user_ID . "', UNIX_TIMESTAMP(), '{$submitted_gateway}', '{$wpsc_cart->selected_country}', '{$wpsc_cart->delivery_country}','{$wpsc_cart->selected_region}', '{$wpsc_cart->delivery_region}', '{$base_shipping}', '{$wpsc_cart->selected_shipping_method}', '{$wpsc_cart->selected_shipping_option}', '" . WPSC_VERSION . "', '{$wpsc_cart->coupons_amount}','{$wpsc_cart->coupons_name}', '{$find_us}')";
        //exit($sql);
        $wpdb->query($sql);
        $purchase_log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid` IN('{$sessionid}') LIMIT 1");
        //exit('PurchLog id'.$purchase_log_id);
        $wpsc_checkout->save_forms_to_db($purchase_log_id);
        $wpsc_cart->save_to_db($purchase_log_id);
        $wpsc_cart->submit_stock_claims($purchase_log_id);
        if (get_option('wpsc_also_bought') == 1) {
            wpsc_populate_also_bought_list();
        }
        wp_get_current_user();
        $our_user_id = $user_ID;
        do_action('wpsc_submit_checkout', array("purchase_log_id" => $purchase_log_id, "our_user_id" => $our_user_id));
        if (get_option('permalink_structure') != '') {
            $seperator = "?";
        } else {
            $seperator = "&";
        }
        if ($total <= 0) {
            $transaction_url_with_sessionid = add_query_arg('sessionid', $session_id, get_option('transact_url'));
            wp_redirect($transaction_url_with_sessionid);
        }
        /// submit to gateway
        $current_gateway_data =& $wpsc_gateways[$submitted_gateway];
        if ($current_gateway_data['api_version'] >= 2.0) {
            $merchant_instance = new $current_gateway_data['class_name']($purchase_log_id);
            $merchant_instance->construct_value_array();
            $merchant_instance->submit();
            //print_r($merchant_instance);
        } else {
            if ($current_gateway_data['internalname'] == $submitted_gateway && $current_gateway_data['internalname'] != 'google') {
                $gateway_used = $current_gateway_data['internalname'];
                $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `gateway` = '" . $gateway_used . "' WHERE `id` = '" . $log_id . "' LIMIT 1 ;");
                $current_gateway_data['function']($seperator, $sessionid);
                //break;
            } else {
                if ($_POST['custom_gateway'] == 'google') {
                    $gateway_used = $current_gateway_data['internalname'];
                    $wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `gateway` = '" . $gateway_used . "' WHERE `id` = '" . $log_id . "' LIMIT 1 ;");
                    $_SESSION['gateway'] = 'google';
                    header('Location: ' . get_option('shopping_cart_url'));
                    exit;
                    //break;
                }
            }
        }
        if (isset($_GET['gateway']) && $_GET['gateway'] == 'noca') {
            //exit('HERE2');
            echo transaction_results($sessionid, true);
        } else {
            //exit('HERE');
        }
    } else {
    }
}
Пример #28
0
 /**
  * Submit
  * Charges the user for the purchase and if profit sharing is enabled
  * each product owner.
  * @since 1.3
  * @version 1.3
  */
 function submit()
 {
     // Since the wpsc_pre_submit_gateway action could change these values, we need to check
     if ($this->cost > 0 && $this->user_id != 0 && !empty($this->transaction_id)) {
         // Let other play before we start
         do_action_ref_array('mycred_wpecom_charg', array(&$this));
         // Charge
         $this->core->add_creds('wpecom_payment', $this->user_id, 0 - $this->cost, $this->prefs['log'], '', $this->purchase_id, $this->mycred_type);
         // Update Order
         $this->set_transaction_details($this->transaction_id, 3);
         transaction_results($this->cart_data['session_id'], false);
         // Payout Share
         if ($this->prefs['share'] > 0) {
             // Loop though items
             foreach ((array) $this->cart_items as $item) {
                 // Get product
                 $product = get_post((int) $item['product_id']);
                 // Continue if product has just been deleted or owner is buyer
                 if ($product === NULL || $product->post_author == $this->user_id) {
                     continue;
                 }
                 // Calculate Cost
                 $price = $item['price'];
                 $quantity = $item['quantity'];
                 $cost = $price * $quantity;
                 // Calculate Share
                 $percentage = apply_filters('mycred_wpecom_profit_share', $this->prefs['share'], $this, $product);
                 if ($percentage == 0) {
                     continue;
                 }
                 $share = $percentage / 100 * $cost;
                 // Payout
                 $this->core->add_creds('store_sale', $product->post_author, $share, $this->prefs['share_log'], $product->ID, array('ref_type' => 'post'), $this->mycred_type);
             }
         }
         // Let others play before we end
         do_action_ref_array('mycred_wpecom_charged', array(&$this));
         // Empty Cart, Redirect & Exit
         wpsc_empty_cart();
         $this->go_to_transaction_results($this->cart_data['session_id']);
         exit;
     } elseif (!empty($this->transaction_id)) {
         $this->set_transaction_details($this->transaction_id, 2);
     }
 }
Пример #29
0
 /**
  * process_gateway_notification method, receives data from the payment gateway
  * @access public
  */
 function process_gateway_notification()
 {
     $status = false;
     switch (strtolower($this->paypal_ipn_values['payment_status'])) {
         case 'pending':
             $status = 2;
             break;
         case 'completed':
             $status = 3;
             break;
         case 'denied':
             $status = 6;
             break;
     }
     do_action('wpsc_paypal_pro_ipn', $this->paypal_ipn_values, $this);
     // Compare the received store owner email address to the set one
     if (strtolower($this->paypal_ipn_values['receiver_email']) == strtolower(get_option('paypal_multiple_business'))) {
         switch ($this->paypal_ipn_values['txn_type']) {
             case 'cart':
             case 'express_checkout':
                 if ($status) {
                     $this->set_transaction_details($this->paypal_ipn_values['txn_id'], $status);
                 }
                 if (in_array($status, array(2, 3))) {
                     transaction_results($this->cart_data['session_id'], false);
                 }
                 break;
             case 'subscr_signup':
             case 'subscr_payment':
                 if (in_array($status, array(2, 3))) {
                     $this->set_transaction_details($this->paypal_ipn_values['subscr_id'], $status);
                     transaction_results($this->cart_data['session_id'], false);
                 }
                 foreach ($this->cart_items as $cart_row) {
                     if ($cart_row['is_recurring'] == true) {
                         do_action('wpsc_activate_subscription', $cart_row['cart_item_id'], $this->paypal_ipn_values['subscr_id']);
                         do_action('wpsc_activated_subscription', $cart_row['cart_item_id'], $this);
                     }
                 }
                 break;
             case 'subscr_cancel':
             case 'subscr_eot':
             case 'subscr_failed':
                 foreach ($this->cart_items as $cart_row) {
                     $altered_count = 0;
                     if ((bool) $cart_row['is_recurring'] == true) {
                         $altered_count++;
                         wpsc_update_cart_item_meta($cart_row['cart_item_id'], 'is_subscribed', 0);
                     }
                 }
                 break;
             default:
                 break;
         }
     }
     $message = "\n\t\t{$this->paypal_ipn_values['receiver_email']} => " . get_option('paypal_multiple_business') . "\n\t\t{$this->paypal_ipn_values['txn_type']}\n\t\t{$this->paypal_ipn_values['mc_gross']} => {$this->cart_data['total_price']}\n\t\t{$this->paypal_ipn_values['txn_id']}\n\n\t\t" . print_r($this->cart_items, true) . "\n\t\t{$altered_count}\n\t\t";
 }
Пример #30
0
if ($_SESSION['wpsc_previous_selected_gateway'] == 'paypal_certified') {
    $sessionid = $_SESSION['paypalexpresssessionid'];
}
//exit("test!");
$errorcode = '';
$transactid = '';
if ($_REQUEST['eway'] == '1') {
    $sessionid = $_GET['result'];
} elseif ($_REQUEST['eway'] == '0') {
    echo $_SESSION['eway_message'];
} elseif ($_REQUEST['payflow'] == '1') {
    echo $_SESSION['payflow_message'];
    $_SESSION['payflow_message'] = '';
}
//exit('getting here?<pre>'.print_r($_SESSION[[wpsc_previous_selected_gateway], true).'</pre>'.get_option('payment_gateway'));
if ($_SESSION['wpsc_previous_selected_gateway'] == 'paypal_certified' && $_SESSION['paypalExpressMessage'] != '') {
    echo $_SESSION['paypalExpressMessage'];
} else {
    if ($_SESSION['wpsc_previous_selected_gateway'] == 'dps') {
        $sessionid = decrypt_dps_response();
        //exit($sessionid);
        if ($sessionid != '') {
            //exit('<pre>'.print_r($sessionid, true).'</pre>');
            transaction_results($sessionid, true);
        } else {
            _e('Sorry your transaction was not accepted.<br /><a href=' . get_option("shopping_cart_url") . '>Click here to go back to checkout page.</a>');
        }
    } else {
        echo transaction_results($sessionid, true);
    }
}