/**
* parse_gateway_notification method, receives data from the payment gateway
* @access private
*/
function parse_gateway_notification()
{
/// PayPal first expects the IPN variables to be returned to it within 30 seconds, so we do this first.
if ('sandbox' == get_option('paypal_certified_server_type')) {
$paypal_url = "https://www.sandbox.paypal.com/webscr";
} else {
$API_Endpoint = "https://api-3t.paypal.com/nvp";
$paypal_url = "https://www.paypal.com/cgi-bin/webscr";
}
$received_values = array();
$received_values['cmd'] = '_notify-validate';
$received_values += stripslashes_deep($_POST);
$options = array('timeout' => 5, 'body' => $received_values, 'user-agent' => 'WP e-Commerce/' . WPSC_PRESENTABLE_VERSION);
$response = wp_remote_post($paypal_url, $options);
do_action('wpsc_paypal_express_ipn', $received_values, $this);
if ('VERIFIED' == $response['body']) {
$this->paypal_ipn_values = $received_values;
$this->session_id = $received_values['invoice'];
if (strtolower($received_values['payment_status']) == 'completed') {
$this->set_purchase_processed_by_sessionid(3);
transaction_results($this->session_id, false);
} elseif (strtolower($received_values['payment_status']) == 'denied') {
$this->set_purchase_processed_by_sessionid(6);
}
} else {
exit("IPN Request Failure");
}
}
/**
* WP eCommerce Admin AJAX functions
*
* These are the WPSC Admin AJAX functions
*
* @package wp-e-commerce
* @since 3.7
*
* @uses update_option() Updates option in the database given key and value
* @uses wp_delete_term() Removes term from the database
* @uses fetch_rss() DEPRECATED
* @uses wpsc_member_dedeactivate_subscriptions() @todo docs
* @uses wpsc_member_deactivate_subscriptions() @todo docs
* @uses wpsc_update_purchase_log_status() Updates the status of the logs for a purchase
* @uses transaction_results() Main function for creating purchase reports
* @uses wpsc_find_purchlog_status_name() Finds name of given status
*/
function wpsc_admin_ajax()
{
if (!wpsc_is_store_admin()) {
return;
}
global $wpdb;
if (isset($_POST['action']) && $_POST['action'] == 'product-page-order') {
$current_order = get_option('wpsc_product_page_order');
$new_order = $_POST['order'];
if (isset($new_order["advanced"])) {
$current_order["advanced"] = array_unique(explode(',', $new_order["advanced"]));
}
if (isset($new_order["side"])) {
$current_order["side"] = array_unique(explode(',', $new_order["side"]));
}
update_option('wpsc_product_page_order', $current_order);
exit(print_r($order, 1));
}
if (isset($_POST['save_image_upload_state']) && $_POST['save_image_upload_state'] == 'true' && is_numeric($_POST['image_upload_state'])) {
$upload_state = (int) (bool) $_POST['image_upload_state'];
update_option('wpsc_use_flash_uploader', $upload_state);
exit("done");
}
if (isset($_POST['remove_variation_value']) && $_POST['remove_variation_value'] == "true" && is_numeric($_POST['variation_value_id'])) {
$value_id = absint($_GET['variation_value_id']);
echo wp_delete_term($value_id, 'wpsc-variation');
exit;
}
if (isset($_REQUEST['log_state']) && $_REQUEST['log_state'] == "true" && is_numeric($_POST['id']) && is_numeric($_POST['value'])) {
$newvalue = $_POST['value'];
if ($_REQUEST['suspend'] == 'true') {
if ($_REQUEST['value'] == 1 && function_exists('wpsc_member_dedeactivate_subscriptions')) {
wpsc_member_dedeactivate_subscriptions($_POST['id']);
} elseif (function_exists('wpsc_member_deactivate_subscriptions')) {
wpsc_member_deactivate_subscriptions($_POST['id']);
}
exit;
} else {
$log_data = $wpdb->get_row($wpdb->prepare("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id` = '%d' LIMIT 1", $_POST['id']), ARRAY_A);
if ($newvalue == 2 && function_exists('wpsc_member_activate_subscriptions')) {
wpsc_member_activate_subscriptions($_POST['id']);
}
wpsc_update_purchase_log_status($_POST['id'], $newvalue);
if ($newvalue > $log_data['processed'] && $log_data['processed'] < 2) {
transaction_results($log_data['sessionid'], false);
}
$status_name = wpsc_find_purchlog_status_name($purchase['processed']);
echo "document.getElementById(\"form_group_" . absint($_POST['id']) . "_text\").innerHTML = '" . $status_name . "';\n";
$year = date("Y");
$month = date("m");
$start_timestamp = mktime(0, 0, 0, $month, 1, $year);
$end_timestamp = mktime(0, 0, 0, $month + 1, 0, $year);
echo "document.getElementById(\"log_total_month\").innerHTML = '" . addslashes(wpsc_currency_display(admin_display_total_price($start_timestamp, $end_timestamp))) . "';\n";
echo "document.getElementById(\"log_total_absolute\").innerHTML = '" . addslashes(wpsc_currency_display(admin_display_total_price())) . "';\n";
exit;
}
}
}
/**
* WP eCommerce transaction results class
*
* This class is responsible for theming the transaction results page.
*
* @package wp-e-commerce
* @since 3.8
*/
function wpsc_transaction_theme()
{
global $wpdb, $user_ID, $nzshpcrt_gateways, $sessionid, $cart_log_id, $errorcode;
$errorcode = '';
$transactid = '';
$dont_show_transaction_results = false;
if (isset($_GET['sessionid'])) {
$sessionid = $_GET['sessionid'];
}
if (!isset($_GET['sessionid']) && isset($_GET['ms'])) {
$sessionid = $_GET['ms'];
}
if (isset($_GET['gateway']) && 'google' == $_GET['gateway']) {
wpsc_google_checkout_submit();
unset($_SESSION['wpsc_sessionid']);
}
if ('paypal_certified' == $_SESSION['wpsc_previous_selected_gateway']) {
$sessionid = $_SESSION['paypalexpresssessionid'];
}
if (isset($_REQUEST['eway']) && '1' == $_REQUEST['eway']) {
$sessionid = $_GET['result'];
} elseif (isset($_REQUEST['eway']) && '0' == $_REQUEST['eway']) {
echo $_SESSION['eway_message'];
} elseif (isset($_REQUEST['payflow']) && '1' == $_REQUEST['payflow']) {
echo $_SESSION['payflow_message'];
$_SESSION['payflow_message'] = '';
}
// Replaces the ugly if else for gateways
switch ($_SESSION['wpsc_previous_selected_gateway']) {
case 'paypal_certified':
case 'wpsc_merchant_paypal_express':
echo $_SESSION['paypalExpressMessage'];
if (isset($_SESSION['reshash']['TRANSACTIONTYPE']) && 'expresscheckout' == $_SESSION['reshash']['TRANSACTIONTYPE']) {
$dont_show_transaction_results = false;
} else {
$dont_show_transaction_results = true;
}
break;
case 'dps':
$sessionid = decrypt_dps_response();
break;
}
if (!$dont_show_transaction_results) {
if (!empty($sessionid)) {
$cart_log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1");
return transaction_results($sessionid, true);
} else {
printf(__('Sorry your transaction was not accepted.<br /><a href="%1$s">Click here to go back to checkout page</a>.', 'wpsc'), get_option("shopping_cart_url"));
}
}
}
function submit()
{
global $wpdb, $purchase_log, $wpsc_cart;
$sessionid = $this->cart_data['session_id'];
$options = get_option('wpcb_options');
// Trouver la page où le shortcode [wpcb] se situe. Bug si plusieurs fois le shortcode [wpcb], à résoudre todo
$wpcb_checkout_page = $wpdb->get_row("SELECT ID FROM {$wpdb->posts} WHERE `post_content` LIKE '%[wpcb]%' AND `post_status`='publish'");
if (array_key_exists('test', $options) && $options['test']) {
// Mode test, on considère que la CB a été acceptée automatiquement.
// Affiche la page de la fin de transaction et on met à jour la base de donnée avec un vente réussie
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid);
// redirection is inside transaction result :
transaction_results($sessionid, false);
} else {
// Affiche les icônes des cartes bancaires :
$action = 'CB';
// On va vers la page ou se trouve le shortcode
wp_redirect(site_url('?p=' . $wpcb_checkout_page->ID . '&sessionid=' . $sessionid . '&action=' . $action));
}
exit;
}
public function callback_ipn()
{
$ipn = new PHP_Merchant_Paypal_IPN(false, (bool) $this->setting->get('sandbox_mode', false));
if ($ipn->is_verified()) {
$sessionid = $ipn->get('invoice');
$this->set_purchase_log_for_callbacks($sessionid);
if ($ipn->is_payment_denied()) {
$this->purchase_log->set('processed', WPSC_Purchase_Log::PAYMENT_DECLINED);
} elseif ($ipn->is_payment_refunded()) {
$this->purchase_log->set('processed', WPSC_Purchase_Log::REFUNDED);
} elseif ($ipn->is_payment_completed()) {
$this->purchase_log->set('processed', WPSC_Purchase_Log::ACCEPTED_PAYMENT);
} elseif ($ipn->is_payment_pending()) {
if ($ipn->is_payment_refund_pending()) {
$this->purchase_log->set('processed', WPSC_Purchase_Log::REFUND_PENDING);
} else {
$this->purchase_log->set('processed', WPSC_Purchase_Log::ORDER_RECEIVED);
}
}
$this->purchase_log->save();
transaction_results($sessionid, false);
}
exit;
}
function nzshpcrt_paypal_ipn()
{
global $wpdb;
// needs to execute on page start
// look at page 36
//exit(WPSC_GATEWAY_DEBUG );
if ($_GET['ipn_request'] == 'true' && get_option('paypal_ipn') == 1) {
// read the post from PayPal system and add 'cmd'
$fields = 'cmd=_notify-validate';
$message = "";
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$fields .= "&{$key}={$value}";
}
// post back to PayPal system to validate
$results = '';
if (function_exists('curl_init')) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, get_option('paypal_multiple_url'));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_NOPROGRESS, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
curl_setopt($ch, CURLOPT_USERAGENT, "WP e-Commerce " . WPSC_PRESENTABLE_VERSION);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$results = curl_exec($ch);
curl_close($ch);
} else {
$replace_strings[0] = 'http://';
$replace_strings[1] = 'https://';
$replace_strings[2] = '/cgi-bin/webscr';
$paypal_url = str_replace($replace_strings, "", get_option('paypal_multiple_url'));
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen($paypal_url, 80, $errno, $errstr, 30);
if ($fp) {
fputs($fp, $header . $fields);
while (!feof($fp)) {
$res = fgets($fp, 1024);
$results .= $fields;
}
fclose($fp);
}
}
// assign posted variables to local variables
$sessionid = $_POST['invoice'];
$transaction_id = $_POST['txn_id'];
$verification_data['item_name'] = $_POST['item_name'];
$verification_data['item_number'] = $_POST['item_number'];
$verification_data['payment_status'] = $_POST['payment_status'];
$verification_data['payment_amount'] = $_POST['mc_gross'];
$verification_data['payment_currency'] = $_POST['mc_currency'];
$verification_data['txn_id'] = $_POST['txn_id'];
$verification_data['receiver_email'] = $_POST['receiver_email'];
$verification_data['payer_email'] = $_POST['payer_email'];
if (strcmp($results, "VERIFIED") == 0) {
switch ($verification_data['payment_status']) {
case 'Processed':
// I think this is mostly equivalent to Completed
// I think this is mostly equivalent to Completed
case 'Completed':
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '2' WHERE `sessionid` = " . $sessionid . " LIMIT 1");
transaction_results($sessionid, false, $transaction_id);
break;
case 'Failed':
// if it fails, delete it
$log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`='{$sessionid}' LIMIT 1");
$delete_log_form_sql = "SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'";
$cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
foreach ((array) $cart_content as $cart_item) {
$cart_item_variations = $wpdb->query("DELETE FROM `" . WPSC_TABLE_CART_ITEM_VARIATIONS . "` WHERE `cart_id` = '" . $cart_item['id'] . "'", ARRAY_A);
}
$wpdb->query("DELETE FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='{$log_id}'");
$wpdb->query("DELETE FROM `" . WPSC_TABLE_SUBMITED_FORM_DATA . "` WHERE `log_id` IN ('{$log_id}')");
$wpdb->query("DELETE FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id`='{$log_id}' LIMIT 1");
break;
case 'Pending':
// need to wait for "Completed" before processing
$sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `transactid` = '" . $transaction_id . "', `date` = '" . time() . "' WHERE `sessionid` = " . $sessionid . " LIMIT 1";
$wpdb->query($sql);
break;
default:
// if nothing, do nothing, safest course of action here.
break;
}
} else {
if (strcmp($results, "INVALID") == 0) {
// Its already logged, not much need to do more
}
}
/*
* Detect use of sandbox mode, if sandbox mode is present, send debugging email.
*/
if (stristr(get_option('paypal_multiple_url'), "sandbox") || (defined('WPSC_ADD_DEBUG_PAGE') and WPSC_ADD_DEBUG_PAGE == true)) {
$message = "This is a debugging message sent because it appears that you are using sandbox mode.\n\rIt is only sent if the paypal URL contains the word \"sandbox\"\n\r\n\r";
$message .= "RESULTS:\n\r" . print_r($results, true) . "\n\r\n\r";
$message .= "OUR_POST:\n\r" . print_r($header . $req, true) . "\n\r\n\r";
$message .= "THEIR_POST:\n\r" . print_r($_POST, true) . "\n\r\n\r";
$message .= "GET:\n\r" . print_r($_GET, true) . "\n\r\n\r";
$message .= "SERVER:\n\r" . print_r($_SERVER, true) . "\n\r\n\r";
//$wpdb->query("INSERT INTO `paypal_log` ( `id` , `text` , `date` ) VALUES ( '', '$message', NOW( ) );");
mail(get_option('purch_log_email'), "IPN Data", $message);
}
exit;
}
}
/*
* this updates the processing status of an item
*/
if (is_numeric($_GET['id']) && is_numeric($_GET['value'])) {
$max_stage = $wpdb->get_var("SELECT MAX(*) AS `max` FROM `" . $wpdb->prefix . "purchase_statuses` WHERE `active`='1'");
if (is_numeric($_GET['value']) && $_GET['value'] <= $max_stage) {
$newvalue = $_GET['value'];
} else {
$newvalue = 1;
}
$log_data = $wpdb->get_row("SELECT * FROM `" . $wpdb->prefix . "purchase_logs` WHERE `id` = '" . $_GET['id'] . "' LIMIT 1");
$update_sql = "UPDATE `" . $wpdb->prefix . "purchase_logs` SET `processed` = '" . $newvalue . "' WHERE `id` = '" . $_GET['id'] . "' LIMIT 1";
$wpdb->query($update_sql);
if ($newvalue > $log_data['processed'] && $log_data['processed'] <= 1) {
transaction_results($log_data['sessionid'], false);
}
}
if (is_numeric($_GET['deleteid'])) {
$delete_id = $_GET['deleteid'];
$delete_log_form_sql = "SELECT * FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$delete_id}'";
$cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
foreach ((array) $cart_content as $cart_item) {
$cart_item_variations = $wpdb->query("DELETE FROM `" . $wpdb->prefix . "cart_item_variations` WHERE `cart_id` = '" . $cart_item['id'] . "'", ARRAY_A);
}
$wpdb->query("DELETE FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$delete_id}'");
$wpdb->query("DELETE FROM `" . $wpdb->prefix . "submited_form_data` WHERE `log_id` IN ('{$delete_id}')");
$wpdb->query("DELETE FROM `" . $wpdb->prefix . "purchase_logs` WHERE `id`='{$delete_id}' LIMIT 1");
echo '<div id="message" class="updated fade"><p>' . TXT_WPSC_THANKS_DELETED . '</p></div>';
}
if (isset($_GET['clear_locks']) && $_GET['clear_locks'] == 'true' && is_numeric($_GET['purchaseid'])) {
function wpsc_transaction_theme()
{
global $wpdb, $user_ID, $nzshpcrt_gateways, $sessionid, $cart_log_id, $errorcode;
$errorcode = '';
$transactid = '';
$dont_show_transaction_results = false;
if (isset($_GET['sessionid'])) {
$sessionid = $_GET['sessionid'];
}
if (!isset($_GET['sessionid']) && isset($_GET['ms'])) {
$sessionid = $_GET['ms'];
}
$selected_gateway = wpsc_get_customer_meta('selected_gateway');
if ($selected_gateway && in_array($selected_gateway, array('paypal_certified', 'wpsc_merchant_paypal_express'))) {
$sessionid = wpsc_get_customer_meta('paypal_express_sessionid');
}
if (isset($_REQUEST['eway']) && '1' == $_REQUEST['eway']) {
$sessionid = $_GET['result'];
} elseif (isset($_REQUEST['eway']) && '0' == $_REQUEST['eway']) {
echo wpsc_get_customer_meta('eway_message');
} elseif (isset($_REQUEST['payflow']) && '1' == $_REQUEST['payflow']) {
echo wpsc_get_customer_meta('payflow_message');
wpsc_delete_customer_meta('payflow_message');
}
$dont_show_transaction_results = false;
if ($selected_gateway) {
// Replaces the ugly if else for gateways
switch ($selected_gateway) {
case 'paypal_certified':
case 'wpsc_merchant_paypal_express':
echo wpsc_get_customer_meta('paypal_express_message');
$reshash = wpsc_get_customer_meta('paypal_express_reshash');
if (isset($reshash['PAYMENTINFO_0_TRANSACTIONTYPE']) && in_array($reshash['PAYMENTINFO_0_TRANSACTIONTYPE'], array('expresscheckout', 'cart'))) {
$dont_show_transaction_results = false;
} else {
$dont_show_transaction_results = true;
}
break;
case 'dps':
$sessionid = decrypt_dps_response();
break;
//paystation was not updating the purchase logs for successful payment - this is ugly as need to have the databse update done in one place by all gatways on a sucsessful transaction hook not some within the gateway and some within here and some not at all??? This is getting a major overhaul but for here and now it just needs to work for the gold cart people!
//paystation was not updating the purchase logs for successful payment - this is ugly as need to have the databse update done in one place by all gatways on a sucsessful transaction hook not some within the gateway and some within here and some not at all??? This is getting a major overhaul but for here and now it just needs to work for the gold cart people!
case 'paystation':
$ec = $_GET['ec'];
$result = $_GET['em'];
if ($result == 'Transaction successful' && $ec == 0) {
$processed_id = '3';
}
if ($result == 'Insufficient Funds' && $ec == 5) {
$processed_id = '6';
}
if ($processed_id) {
wpsc_update_purchase_log_status($sessionid, $processed_id, 'sessionid');
}
break;
case 'wpsc_merchant_paymentexpress':
// Payment Express sends back there own session id, which is temporarily stored in the Auth field
// so just swapping that over here
$query = "SELECT `sessionid` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `authcode` ='" . $sessionid . "'";
$result = $wpdb->get_var($query);
if ($result != null) {
// just in case they are using an older version old gold cart (pre 2.9.5)
$sessionid = $result;
$dont_show_transaction_results = true;
}
break;
case 'eway_hosted':
$sessionid = decrypt_eway_uk_response();
break;
//default filter for other payment gateways to use
//default filter for other payment gateways to use
default:
$sessionid = apply_filters('wpsc_previous_selected_gateway_' . $selected_gateway, $sessionid);
break;
}
}
if (!$dont_show_transaction_results) {
if (!empty($sessionid)) {
$cart_log_id = $wpdb->get_var($wpdb->prepare("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= %s LIMIT 1", $sessionid));
echo transaction_results($sessionid, true);
} else {
printf(__('Sorry your transaction was not accepted.<br /><a href="%1$s">Click here to go back to checkout page</a>.', 'wp-e-commerce'), wpsc_get_checkout_url());
}
}
}
/**
* submit checkout function, used through ajax and in normal page loading.
* No parameters, returns nothing
*/
function wpsc_submit_checkout()
{
global $wpdb, $wpsc_cart, $user_ID, $nzshpcrt_gateways, $wpsc_shipping_modules;
$_SESSION['wpsc_checkout_misc_error_messages'] = array();
$wpsc_checkout = new wpsc_checkout();
//exit('coupons:'.$wpsc_cart->coupons_name);
$selected_gateways = get_option('custom_gateway_options');
$submitted_gateway = $_POST['custom_gateway'];
$options = get_option('custom_shipping_options');
$form_validity = $wpsc_checkout->validate_forms();
//exit('<pre>'.print_r($_POST, true).'</pre>');
// exit('2<pre>'.print_r($_SESSION['wpsc_zipcode'], true).'</pre>');
extract($form_validity);
// extracts $is_valid and $error_messages
// exit('<pre>'.print_r($results, true).'</pre>');
if (get_option('do_not_use_shipping') == 0 && ($wpsc_cart->selected_shipping_method == null || $wpsc_cart->selected_shipping_option == null)) {
$_SESSION['wpsc_checkout_misc_error_messages'][] = TXT_WPSC_PLEASEASELECTSHIPPINGMETHOD;
$is_valid = false;
}
if ($_POST['agree'] != 'yes') {
$_SESSION['wpsc_checkout_misc_error_messages'][] = TXT_WPSC_PLEASEAGREETERMSANDCONDITIONS;
$is_valid = false;
}
//exit('<pre>'.print_r($_POST, true).'</pre>');
$selectedCountry = $wpdb->get_results("SELECT id, country FROM `" . WPSC_TABLE_CURRENCY_LIST . "` WHERE isocode='" . $wpdb->escape($_SESSION['wpsc_delivery_country']) . "'", ARRAY_A);
// exit('valid >'.$is_valid.'\r\n'.$_SESSION['wpsc_delivery_country']);
foreach ($wpsc_cart->cart_items as $cartitem) {
// exit('<pre>'.print_r($cartitem, true).'</pre>');
$categoriesIDs = $wpdb->get_col("SELECT category_id FROM `" . WPSC_TABLE_ITEM_CATEGORY_ASSOC . "` WHERE product_id=" . $cartitem->product_id);
foreach ((array) $categoriesIDs as $catid) {
if (is_array($catid)) {
$sql = "SELECT `countryid` FROM `" . WPSC_TABLE_CATEGORY_TM . "` WHERE `visible`=0 AND `categoryid`=" . $catid[0];
} else {
$sql = "SELECT `countryid` FROM `" . WPSC_TABLE_CATEGORY_TM . "` WHERE `visible`=0 AND `categoryid`=" . $catid;
}
$countries = $wpdb->get_col($sql);
if (in_array($selectedCountry[0]['id'], (array) $countries)) {
$errormessage = sprintf(TXT_WPSC_CATEGORY_TARGETMARKET, $cartitem->product_name, $selectedCountry[0]['country']);
$_SESSION['categoryAndShippingCountryConflict'] = $errormessage;
$is_valid = false;
}
}
//count number of items, and number of items using shipping
$num_items++;
if ($cartitem->uses_shipping != 1) {
$disregard_shipping++;
} else {
$use_shipping++;
}
}
// exit('valid >'.$is_valid);
if (array_search($submitted_gateway, $selected_gateways) !== false) {
$_SESSION['wpsc_previous_selected_gateway'] = $submitted_gateway;
} else {
$is_valid = false;
}
if (get_option('do_not_use_shipping') != 1 && in_array('ups', (array) $options) && $_SESSION['wpsc_zipcode'] == '') {
//exit('Not being called');
if ($num_items != $disregard_shipping) {
//<-- new line of code
$_SESSION['categoryAndShippingCountryConflict'] = __('Please enter a Zipcode and click calculate to proceed');
$is_valid = false;
}
}
if ($is_valid == true || $_GET['gateway'] == 'noca') {
$_SESSION['categoryAndShippingCountryConflict'] = '';
// check that the submitted gateway is in the list of selected ones
$sessionid = mt_rand(100, 999) . time();
$_SESSION['wpsc_sessionid'] = $sessionid;
$subtotal = $wpsc_cart->calculate_subtotal();
if ($wpsc_cart->has_total_shipping_discount() == false) {
$base_shipping = $wpsc_cart->calculate_base_shipping();
} else {
$base_shipping = 0;
}
if (isset($_POST['how_find_us'])) {
$find_us = $_POST['how_find_us'];
} else {
$find_us = '';
}
$tax = $wpsc_cart->calculate_total_tax();
$total = $wpsc_cart->calculate_total_price();
$sql = "INSERT INTO `" . WPSC_TABLE_PURCHASE_LOGS . "` (`totalprice`,`statusno`, `sessionid`, `user_ID`, `date`, `gateway`, `billing_country`,`shipping_country`, `billing_region`, `shipping_region`, `base_shipping`,`shipping_method`, `shipping_option`, `plugin_version`, `discount_value`, `discount_data`,`find_us`) VALUES ('{$total}' ,'0', '{$sessionid}', '" . (int) $user_ID . "', UNIX_TIMESTAMP(), '{$submitted_gateway}', '{$wpsc_cart->delivery_country}', '{$wpsc_cart->selected_country}','{$wpsc_cart->selected_region}', '{$wpsc_cart->delivery_region}', '{$base_shipping}', '{$wpsc_cart->selected_shipping_method}', '{$wpsc_cart->selected_shipping_option}', '" . WPSC_VERSION . "', '{$wpsc_cart->coupons_amount}','{$wpsc_cart->coupons_name}', '{$find_us}')";
//exit($sql);
$wpdb->query($sql);
$purchase_log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid` IN('{$sessionid}') LIMIT 1");
//exit('PurchLog id'.$purchase_log_id);
$wpsc_checkout->save_forms_to_db($purchase_log_id);
$wpsc_cart->save_to_db($purchase_log_id);
$wpsc_cart->submit_stock_claims($purchase_log_id);
if (get_option('wpsc_also_bought') == 1) {
wpsc_populate_also_bought_list();
}
do_action('wpsc_submit_checkout', array("purchase_log_id" => $purchase_log_id, "our_user_id" => $our_user_id));
if (get_option('permalink_structure') != '') {
$seperator = "?";
} else {
$seperator = "&";
}
// submit to gateway
foreach ($nzshpcrt_gateways as $gateway) {
if ($gateway['internalname'] == $submitted_gateway && $gateway['internalname'] != 'google') {
$gateway_used = $gateway['internalname'];
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `gateway` = '" . $gateway_used . "' WHERE `id` = '" . $log_id . "' LIMIT 1 ;");
$gateway['function']($seperator, $sessionid);
break;
} elseif ($gateway['internalname'] == 'google' && $gateway['internalname'] == $submitted_gateway) {
$gateway_used = $gateway['internalname'];
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `gateway` = '" . $gateway_used . "' WHERE `id` = '" . $log_id . "' LIMIT 1 ;");
$_SESSION['gateway'] = 'google';
header('Location: ' . get_option('shopping_cart_url'));
break;
}
}
if (isset($_GET['gateway']) && $_GET['gateway'] == 'noca') {
//exit('HERE2');
echo transaction_results($sessionid, true);
} else {
//exit('HERE');
}
} else {
}
}
function gateway_eway($seperator, $sessionid)
{
global $wpdb, $wpsc_cart;
$purchase_log_sql = "SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= '" . $sessionid . "' LIMIT 1";
$purchase_log = $wpdb->get_results($purchase_log_sql, ARRAY_A);
$purchase_log = $purchase_log[0];
$cart_sql = "SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='" . $purchase_log['id'] . "'";
$cart = $wpdb->get_results($cart_sql, ARRAY_A);
$member_subtype = get_product_meta($cart[0]['prodid'], 'is_permenant', true);
$member_shiptype = get_product_meta($cart[0]['prodid'], 'membership_length', true);
$member_shiptype = $member_shiptype[0];
$status = get_product_meta($cart[0]['prodid'], 'is_membership', true);
$is_member = $status;
$is_perm = $member_subtype;
if ($_POST['collected_data'][get_option('eway_form_first_name')] != '') {
$data['first_name'] = esc_attr($_POST['collected_data'][get_option('eway_form_first_name')]);
}
if ($_POST['collected_data'][get_option('eway_form_last_name')] != '') {
$data['last_name'] = esc_attr($_POST['collected_data'][get_option('eway_form_last_name')]);
}
if ($_POST['collected_data'][get_option('eway_form_address')] != '') {
$address_rows = explode("\n\r", $_POST['collected_data'][get_option('eway_form_address')]);
$data['address1'] = esc_attr(str_replace(array("\n", "\r"), '', $address_rows[0]));
unset($address_rows[0]);
if ($address_rows != null) {
$data['address2'] = implode(", ", $address_rows);
} else {
$data['address2'] = '';
}
}
//exit('<pre>'.print_r($wpsc_cart, true).'</pre>');
foreach ($wpsc_cart->cart_items as $item) {
$itemsName .= $item->product_name . ', ';
//exit('<pre>'.print_r($item,true).'</pre>');
}
if ($_POST['collected_data'][get_option('eway_form_city')] != '') {
$data['city'] = esc_attr($_POST['collected_data'][get_option('eway_form_city')]);
}
if (empty($_POST['collected_data'][get_option('eway_form_state')]) && isset($_POST['collected_data'][get_option('eway_form_country')][1]) && !empty($_POST['collected_data'][get_option('eway_form_country')][1])) {
$data['state'] = $_POST['collected_data'][get_option('eway_form_country')][1];
} elseif (!empty($_POST['collected_data'][get_option('eway_form_state')])) {
$data['state'] = $_POST['collected_data'][get_option('eway_form_state')];
}
if ($_POST['collected_data'][get_option('eway_form_country')] != '') {
$data['country'] = $_POST['collected_data'][get_option('eway_form_country')][0];
}
if (is_numeric($_POST['collected_data'][get_option('eway_form_post_code')])) {
$data['zip'] = esc_attr($_POST['collected_data'][get_option('eway_form_post_code')]);
}
if ($_POST['collected_data'][get_option('eway_form_email')]) {
$data['email'] = $_POST['collected_data'][get_option('eway_form_email')];
}
if ($_POST['collected_data'][get_option('email_form_field')] != null && $data['email'] == null) {
$data['email'] = esc_attr($_POST['collected_data'][get_option('email_form_field')]);
}
// Live or Test Server?
if (get_option('eway_test')) {
$user = '******';
$gateway = false;
} else {
$user = get_option('ewayCustomerID_id');
$gateway = true;
}
if ($is_member[0]) {
require_once WPSC_GOLD_FILE_PATH . '/ewaylib/GatewayConnector.php';
$objRebill = new RebillPayment();
$objRebill->CustomerRef($purchase_log['id']);
$objRebill->CustomerTitle('');
$objRebill->CustomerFirstName($data['first_name']);
$objRebill->CustomerLastName($data['last_name']);
$objRebill->CustomerCompany('');
$objRebill->CustomerJobDesc('');
$objRebill->CustomerEmail($data['email']);
$objRebill->CustomerAddress($data['address1']);
$objRebill->CustomerSuburb('');
$objRebill->CustomerState($data['state']);
$objRebill->CustomerPostCode($data['zip']);
$objRebill->CustomerCountry($data['country']);
$objRebill->CustomerPhone1($data['phone']);
$objRebill->CustomerPhone2('');
$objRebill->CustomerFax('');
$objRebill->CustomerURL('');
$objRebill->CustomerComments('');
$objRebill->RebillInvRef('');
$objRebill->RebillInvDesc('');
$objRebill->RebillCCname($data['first_name'] . " " . $data['last_name']);
$objRebill->RebillCCNumber($_POST['card_number']);
$objRebill->RebillInitAmt($purchase_log['totalprice']);
$objRebill->RebillInitDate(date('d/m/Y'));
$objRebill->RebillRecurAmt($purchase_log['totalprice']);
$objRebill->RebillStartDate(date('d/m/Y'));
$objRebill->RebillEndDate(date("d/m/Y", mktime(0, 0, 0, date('m'), date('d'), (int) date('Y') + 1)));
$objRebill->RebillCCExpMonth($_POST['expiry']['month']);
$objRebill->RebillCCExpYear($_POST['expiry']['year']);
$objRebill->RebillInterval($member_shiptype['length']);
switch ($member_shiptype['unit']) {
case 'd':
$member_ship_unit = '1';
break;
case 'w':
$member_ship_unit = '2';
break;
case 'm':
$member_ship_unit = '3';
break;
case 'y':
$member_ship_unit = '4';
break;
}
$objRebill->RebillIntervalType($member_ship_unit);
$objRebill->eWAYCustomerID($user);
$objConnector = new GatewayConnector($gateway);
if ($objConnector->ProcessRequest($objRebill)) {
$objResponse = $objConnector->Response();
if ($objResponse != null) {
$lblResult = $objResponse->Result();
if ($lblResult == 'Success') {
wpsc_member_activate_subscriptions($purchase_log['id']);
$_SESSION['nzshpcrt_cart'] = '';
$_SESSION['nzshpcrt_cart'] = array();
header("Location:" . get_option('product_list_url'));
}
$lblErrorDescription = $objResponse->ErrorDetails();
$lblErrorSeverity = $objResponse->ErrorSeverity();
// This is woefully inadequate!!!
exit('An Error has occured >' . $lblResult . " " . $lblErrorDescription . " " . $lblErrorSeverity);
}
} else {
exit("Rebill Gateway failed: " . $objConnector->Response());
}
} else {
require WPSC_GOLD_FILE_PATH . '/merchants/ewaylib/EwayPaymentLive.php';
//echo WPSC_GOLD_FILE_PATH.'/ewaylib/EwayPaymentLive.php';
if (get_option('eway_cvn')) {
$method = 'REAL_TIME_CVN';
} else {
$method = 'REAL_TIME';
}
$eway = new EwayPaymentLive($user, $method, $gateway);
$amount = number_format($purchase_log['totalprice'], 2, '.', '') * 100;
$eway->setTransactionData("TotalAmount", $amount);
//mandatory field
$eway->setTransactionData("CustomerFirstName", $data['first_name']);
$eway->setTransactionData("CustomerLastName", $data['last_name']);
$eway->setTransactionData("CustomerEmail", $data['email']);
$eway->setTransactionData("CustomerAddress", $data['address1'] . ' ' . $data['state']);
$eway->setTransactionData("CustomerPostcode", $data['zip']);
$eway->setTransactionData("CustomerInvoiceDescription", $itemsName);
$eway->setTransactionData("CustomerInvoiceRef", $purchase_log['id']);
$eway->setTransactionData("CardHoldersName", $data['first_name'] . ' ' . $data['last_name']);
//mandatory field
$eway->setTransactionData("CardNumber", $_POST['card_number']);
//mandatory field
$eway->setTransactionData("CardExpiryMonth", $_POST['expiry']['month']);
//mandatory field
$eway->setTransactionData("CardExpiryYear", $_POST['expiry']['year']);
//mandatory field
$eway->setTransactionData("TrxnNumber", $purchase_log['id']);
$eway->setTransactionData("Option1", "");
$eway->setTransactionData("Option2", "");
$eway->setTransactionData("Option3", "");
//for REAL_TIME_CVN
$eway->setTransactionData("CVN", $_POST['cvn']);
//for GEO_IP_ANTI_FRAUD
$eway->setTransactionData("CustomerIPAddress", $eway->getVisitorIP());
//mandatory field when using Geo-IP Anti-Fraud
$eway->setTransactionData("CustomerBillingCountry", $data['country']);
//mandatory field when using Geo-IP Anti-Fraud
//special preferences for php Curl
$eway->setCurlPreferences(CURLOPT_SSL_VERIFYPEER, 0);
//pass a long that is set to a zero value to stop curl from verifying the peer's certificate
//$eway->setCurlPreferences(CURLOPT_CAINFO, "/usr/share/ssl/certs/my.cert.crt"); //Pass a filename of a file holding one or more certificates to verify the peer with. This only makes sense when used in combination with the CURLOPT_SSL_VERIFYPEER option.
//$eway->setCurlPreferences(CURLOPT_CAPATH, "/usr/share/ssl/certs/my.cert.path");
//$eway->setCurlPreferences(CURLOPT_PROXYTYPE, CURLPROXY_HTTP); //use CURL proxy, for example godaddy.com hosting requires it
//$eway->setCurlPreferences(CURLOPT_PROXY, "http://proxy.shr.secureserver.net:3128"); //use CURL proxy, for example godaddy.com hosting requires it
$ewayResponseFields = $eway->doPayment();
//exit(print_r($ewayResponseFields,1));
//print_r($ewayResponseFields);
if ($ewayResponseFields["EWAYTRXNSTATUS"] == "False") {
$message .= "<h3>Please Check the Payment Results</h3>";
$message .= "Your transaction was not successful." . "<br><br>";
$message .= $ewayResponseFields['EWAYTRXNERROR'] . "<br><br>";
$message .= "<a href=" . get_option('shopping_cart_url') . ">Click here to go back to checkout page.</a>";
$_SESSION['eway_message'] = $message;
header("Location:" . get_option('transact_url') . $seperator . "eway=0&result=" . $sessionid . "&message=1");
//exit();
} else {
if ($ewayResponseFields["EWAYTRXNSTATUS"] == "True") {
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`='2' WHERE `sessionid`='" . $sessionid . "' LIMIT 1");
transaction_results($sessionid, false);
$message .= "Your transaction was successful." . "<br><br>";
$message .= $ewayResponseFields['EWAYTRXNERROR'] . "<br><br>";
$_SESSION['eway_message'] = $message;
header("Location:" . get_option('transact_url') . $seperator . "eway=1&result=" . $sessionid . "&message=1");
//exit();
}
}
}
//echo $_SESSION['eway_message'];
exit;
}
function wpec_vmerchant_return()
{
global $sessionid, $wpdb;
$sessionid = $_GET['ssl_invoice_number'];
if ($_GET['ssl_result_message'] == 'APPROVED' || $_GET['ssl_result_message'] == 'APPROVAL') {
// success
$purchase_log = new WPSC_Purchase_Log($sessionid, 'sessionid');
$purchase_log->set(array('processed' => WPSC_Purchase_Log::ACCEPTED_PAYMENT, 'transactid' => $_GET['ssl_txn_id'], 'notes' => 'Virtual Merchant time : "' . $_GET['ssl_txn_time'] . '"'));
$purchase_log->save();
// set this global, wonder if this is ok
transaction_results($sessionid, true);
} else {
// success
$purchase_log = new WPSC_Purchase_Log($sessionid, 'sessionid');
$purchase_log->set(array('processed' => WPSC_Purchase_Log::INCOMPLETE_SALE, 'transactid' => $_GET['ssl_txn_id'], 'notes' => 'Virtual Merchant time : "' . $_GET['ssl_txn_time'] . '"'));
$purchase_log->save();
$error_messages = wpsc_get_customer_meta('checkout_misc_error_messages');
if (!is_array($error_messages)) {
$error_messages = array();
}
$error_messages[] = '<strong style="color:red">' . urldecode($_GET['ssl_result_message']) . ' </strong>';
wpsc_update_customer_meta('checkout_misc_error_messages', $error_messages);
$checkout_page_url = get_option('shopping_cart_url');
if ($checkout_page_url) {
header('Location: ' . $checkout_page_url);
exit;
}
}
}
function bitpay_callback()
{
global $wpdb;
try {
if (isset($_GET['bitpay_callback'])) {
$post = file_get_contents("php://input");
if (true === empty($post)) {
return array('error' => 'No post data');
}
$json = json_decode($post, true);
if (true === is_string($json)) {
return array('error' => $json);
}
if (false === array_key_exists('posData', $json)) {
return array('error' => 'no posData');
}
if (false === array_key_exists('id', $json)) {
return 'Cannot find invoice ID';
}
// Don't trust parameters from the scary internet.
// Use invoice ID from the $json in getInvoice($invoice_id) and get status from that.
$client = new \Bitpay\Client\Client();
$adapter = new \Bitpay\Client\Adapter\CurlAdapter();
$network = strpos($json['url'], 'test') === false ? new \Bitpay\Network\Livenet() : new \Bitpay\Network\Testnet();
$client->setAdapter($adapter);
$client->setNetwork($network);
// Checking invoice is valid...
$response = $client->getInvoice($json['id']);
$sessionid = $response->getPosData();
// get buyer email
$sql = "SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`=" . $sessionid;
$purchase_log = $wpdb->get_results($sql, ARRAY_A);
$email_form_field = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `type` IN ('email') AND `active` = '1' ORDER BY `checkout_order` ASC LIMIT 1");
$email = $wpdb->get_var($wpdb->prepare("SELECT `value` FROM `" . WPSC_TABLE_SUBMITTED_FORM_DATA . "` WHERE `log_id` = %d AND `form_id` = %d LIMIT 1", $purchase_log[0]['id'], $email_form_field));
// get cart contents
$sql = "SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`=" . $purchase_log[0]['id'];
$cart_contents = $wpdb->get_results($sql, ARRAY_A);
// get currency symbol
$currency_id = get_option('currency_type');
$sql = "SELECT * FROM `" . WPSC_TABLE_CURRENCY_LIST . "` WHERE `id`=" . $currency_id;
$currency_data = $wpdb->get_results($sql, ARRAY_A);
$currency_symbol = $currency_data[0]['symbol'];
// list products and individual prices in the email
$message_product = "\r\n\r\nTransaction Details:\r\n\r\n";
$pnp = 0.0;
$subtotal = 0.0;
foreach ($cart_contents as $product) {
// shipping for each item
$pnp += $product['pnp'];
$message_product .= 'x' . $product['quantity'] . ' ' . $product['name'] . ' - ' . $currency_symbol . $product['price'] * $product['quantity'] . "\r\n";
$subtotal += $product['price'] * $product['quantity'];
}
//list subtotal
$subtotal = number_format($subtotal, 2, '.', ',');
$message_product .= "\r\n" . 'Subtotal: ' . $currency_symbol . $subtotal . "\r\n";
//list total taxes and total shipping costs in the email
$message_product .= 'Taxes: ' . $currency_symbol . $purchase_log[0]['wpec_taxes_total'] . "\r\n";
$message_product .= 'Shipping: ' . $currency_symbol . ($purchase_log[0]['base_shipping'] + $pnp) . "\r\n\r\n";
//display total price in the email
$message_product .= 'Total Price: ' . $currency_symbol . $purchase_log[0]['totalprice'];
switch ($response->getStatus()) {
//For low and medium transaction speeds, the order status is set to "Order Received" . The customer receives
//an initial email stating that the transaction has been paid.
case 'paid':
if (true === is_numeric($sessionid)) {
$sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '2' WHERE `sessionid`=" . $sessionid;
$wpdb->query($sql);
$message = 'Thank you! Your payment has been received, but the transaction has not been confirmed on the bitcoin network. You will receive another email when the transaction has been confirmed.';
$message .= $message_product;
$sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `notes`= 'The payment has been received, but the transaction has not been confirmed on the bitcoin network. This will be updated when the transaction has been confirmed.' WHERE `sessionid`=" . $sessionid;
$wpdb->query($sql);
if (wp_mail($email, 'Payment Received', $message)) {
$mail_sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `email_sent`= '1' WHERE `sessionid`=" . $sessionid;
$wpdb->query($mail_sql);
}
transaction_results($sessionid, false);
//false because this is just for email notification
}
break;
//For low and medium transaction speeds, the order status will not change. For high transaction speed, the order
//status is set to "Order Received" here. For all speeds, an email will be sent stating that the transaction has
//been confirmed.
//For low and medium transaction speeds, the order status will not change. For high transaction speed, the order
//status is set to "Order Received" here. For all speeds, an email will be sent stating that the transaction has
//been confirmed.
case 'confirmed':
if (true === is_numeric($sessionid)) {
$sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '2' WHERE `sessionid`=" . $sessionid;
$wpdb->query($sql);
$mail_sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `email_sent`= '1' WHERE `sessionid`=" . $sessionid;
//display initial "thank you" if transaction speed is high, as the 'paid' status is skipped on high speed
if (get_option('bitpay_transaction_speed') == 'high') {
$message = 'Thank you! Your payment has been received, and the transaction has been confirmed on the bitcoin network. You will receive another email when the transaction is complete.';
$message .= $message_product;
$sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `notes`= 'The payment has been received, and the transaction has been confirmed on the bitcoin network. This will be updated when the transaction has been completed.' WHERE `sessionid`=" . $sessionid;
$wpdb->query($sql);
if (wp_mail($email, 'Payment Received', $message)) {
$wpdb->query($mail_sql);
}
} else {
$message = 'Your transaction has now been confirmed on the bitcoin network. You will receive another email when the transaction is complete.';
$sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `notes`= 'The payment has been received, and the transaction has been confirmed on the bitcoin network. This will be updated when the transaction has been completed.' WHERE `sessionid`=" . $sessionid;
$wpdb->query($sql);
if (wp_mail($email, 'Transaction Confirmed', $message)) {
$wpdb->query($mail_sql);
}
}
//false because this is just for email notification
transaction_results($sessionid, false);
}
break;
//The purchase receipt email is sent upon the invoice status changing to "complete", and the order
//status is changed to Accepted Payment
//The purchase receipt email is sent upon the invoice status changing to "complete", and the order
//status is changed to Accepted Payment
case 'complete':
if (true === is_numeric($sessionid)) {
$sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid;
$wpdb->query($sql);
$message = 'Your transaction is now complete! Thank you for using BitPay!';
$sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `notes`= 'The transaction is now complete.' WHERE `sessionid`=" . $sessionid;
$wpdb->query($sql);
if (wp_mail($email, 'Transaction Complete', $message)) {
$mail_sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `email_sent`= '1' WHERE `sessionid`=" . $sessionid;
$wpdb->query($mail_sql);
}
//false because this is just for email notification
transaction_results($sessionid, false);
}
break;
// END OF switch ($response->getStatus())
}
}
} catch (\Exception $e) {
debuglog('[Error] In Bitpay plugin, form_bitpay() function on line ' . $e->getLine() . ', with the error "' . $e->getMessage() . '".');
throw $e;
}
}
/**
* submit method, sends the received data to the payment gateway
* @access public
*/
function submit()
{
$name_value_pairs = array();
foreach ($this->collected_gateway_data as $key => $value) {
//$output .= $key.'='.urlencode($value).$amp;
$name_value_pairs[] = $key . '=' . urlencode($value);
}
$gateway_values = implode('&', $name_value_pairs);
if (defined('WPSC_ADD_DEBUG_PAGE') and WPSC_ADD_DEBUG_PAGE == true) {
// echo "<a href='".get_option('paypal_multiple_url')."?".$gateway_values."'>Test the URL here</a>";
// echo "<pre>".print_r($gateway_values,true)."</pre>";
// echo "<pre>".print_r($this,true)."</pre>";
// exit();
}
$options = array('timeout' => 10, 'body' => $this->collected_gateway_data, 'user-agent' => $this->cart_data['software_name'] . " " . get_bloginfo('url'), 'sslverify' => false);
$options['body']['x_relay_response'] = "FALSE";
$options['body']['x_delim_data'] = "TRUE";
$wdsl_url = "https://api.authorize.net/soap/v1/Service.asmx?WSDL";
if ((bool) get_option('authorize_testmode') == true) {
$authorize_url = "https://test.authorize.net/gateway/transact.dll";
$service_url = "https://apitest.authorize.net/soap/v1/Service.asmx";
} else {
$authorize_url = "https://secure.authorize.net/gateway/transact.dll";
$service_url = "https://api.authorize.net/soap/v1/Service.asmx";
}
$response = wp_remote_post($authorize_url, $options);
if (is_wp_error($response)) {
// echo "teh broken";
} else {
$split_response = explode(",", $response['body']);
// Splits out the buffer return into an array so . . .
$parsed_response = $this->parse_aim_response($split_response);
}
//echo "<pre>";
//print_r($parsed_response);
//echo "</pre>";
//exit();
//$parsed_response['response_code'] = 1;
switch ($parsed_response['response_code']) {
case 1:
/// case 1 is order accepted,
/// case 1 is order accepted,
case 4:
/// case 4 is order held for review
if (count($this->arb_requests) > 0) {
foreach ($this->arb_requests as $cart_item_id => $arb_request) {
$subscription_results = $this->do_soap_request('ARBCreateSubscription', $arb_request);
if ($subscription_id = $subscription_results['ARBCreateSubscriptionResult']['resultCode'] == "Ok") {
$subscription_id = $subscription_results['ARBCreateSubscriptionResult']['subscriptionId'];
do_action('wpsc_activate_subscription', $cart_item_id, $subscription_id);
} else {
$subscription_error['code'] = $subscription_results['ARBCreateSubscriptionResult']['messages']['MessagesTypeMessage']['code'];
$subscription_error['description'] = $subscription_results['ARBCreateSubscriptionResult']['messages']['MessagesTypeMessage']['text'];
wpsc_update_cartmeta($cart_item_id, 'subscription_error', $subscription_error);
wpsc_update_cartmeta($cart_item_id, 'is_subscribed', 0);
}
wpsc_update_cartmeta($cart_item_id, 'subscription_report', $subscription_results);
}
/* echo "<pre>";
//print_r($arb_client);
print_r($subscription_results);
//print_r($arb_request);
echo "</pre>";
exit()*/
}
$status = 1;
if ($parsed_response['response_code'] == 1) {
$status = 2;
}
$this->set_transaction_details($parsed_response['transaction_id'], $status);
transaction_results($this->cart_data['session_id'], false);
$this->go_to_transaction_results($this->cart_data['session_id']);
break;
case 2:
/// case 2 is order denied
/// case 2 is order denied
case 3:
/// case 3 is error state
/// case 3 is error state
default:
/// default is http or unknown error state
if ($parsed_response['response_description'] == '') {
// If there is no error message it means there was some sort of HTTP connection failure, use the following error message
$parsed_response['response_description'] = __("There was an error contacting the payment gateway, please try again later.", 'wpsc');
}
$this->set_error_message($parsed_response['response_description']);
$this->return_to_checkout();
break;
}
}
function nzshpcrt_paypal_ipn()
{
global $wpdb;
// needs to execute on page start
// look at page 36
if ($_GET['ipn_request'] == 'true' && get_option('paypal_ipn') == 1) {
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
$message = "";
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&{$key}={$value}";
}
//$req .= "&ipn_request=true";
$replace_strings[0] = 'http://';
$replace_strings[1] = 'https://';
$replace_strings[2] = '/cgi-bin/webscr';
$paypal_url = str_replace($replace_strings, "", get_option('paypal_multiple_url'));
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen($paypal_url, 80, $errno, $errstr, 30);
// assign posted variables to local variables
$sessionid = $_POST['invoice'];
$transaction_id = $_POST['txn_id'];
$verification_data['item_name'] = $_POST['item_name'];
$verification_data['item_number'] = $_POST['item_number'];
$verification_data['payment_status'] = $_POST['payment_status'];
$verification_data['payment_amount'] = $_POST['mc_gross'];
$verification_data['payment_currency'] = $_POST['mc_currency'];
$verification_data['txn_id'] = $_POST['txn_id'];
$verification_data['receiver_email'] = $_POST['receiver_email'];
$verification_data['payer_email'] = $_POST['payer_email'];
if (!$fp) {
//mail(get_option('purch_log_email'),'IPN CONNECTION FAILS IT',("Fix the paypal URL, it is currently:\n\r". $paypal_url));
// HTTP ERROR
} else {
fputs($fp, $header . $req);
while (!feof($fp)) {
$res = fgets($fp, 1024);
if (strcmp($res, "VERIFIED") == 0) {
switch ($verification_data['payment_status']) {
case 'Processed':
// I think this is mostly equivalent to Completed
// I think this is mostly equivalent to Completed
case 'Completed':
$wpdb->query("UPDATE `" . $wpdb->prefix . "purchase_logs` SET `processed` = '2' WHERE `sessionid` = " . $sessionid . " LIMIT 1");
transaction_results($sessionid, false, $transaction_id);
break;
case 'Failed':
// if it fails, delete it
$log_id = $wpdb->get_var("SELECT `id` FROM `" . $wpdb->prefix . "purchase_logs` WHERE `sessionid`='{$sessionid}' LIMIT 1");
$delete_log_form_sql = "SELECT * FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$log_id}'";
$cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
foreach ((array) $cart_content as $cart_item) {
$cart_item_variations = $wpdb->query("DELETE FROM `" . $wpdb->prefix . "cart_item_variations` WHERE `cart_id` = '" . $cart_item['id'] . "'", ARRAY_A);
}
$wpdb->query("DELETE FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$log_id}'");
$wpdb->query("DELETE FROM `" . $wpdb->prefix . "submited_form_data` WHERE `log_id` IN ('{$log_id}')");
$wpdb->query("DELETE FROM `" . $wpdb->prefix . "purchase_logs` WHERE `id`='{$log_id}' LIMIT 1");
break;
case 'Pending':
// need to wait for "Completed" before processing
$sql = "UPDATE `" . $wpdb->prefix . "purchase_logs` SET `transactid` = '" . $transaction_id . "', `date` = '" . time() . "' WHERE `sessionid` = " . $sessionid . " LIMIT 1";
$wpdb->query($sql);
break;
default:
// if nothing, do nothing, safest course of action here.
break;
}
} else {
if (strcmp($res, "INVALID") == 0) {
// Its already logged, not much need to do more
}
}
}
fclose($fp);
}
/*
* Detect use of sandbox mode, if sandbox mode is present, send debugging email.
*/
if (stristr(get_option('paypal_multiple_url'), "sandbox")) {
$message = "This is a debugging message sent because it appears that you are using sandbox mode.\n\rIt is only sent if the paypal URL contains the word \"sandbox\"\n\r\n\r";
$message .= "OUR_POST:\n\r" . print_r($header . $req, true) . "\n\r\n\r";
$message .= "THEIR_POST:\n\r" . print_r($_POST, true) . "\n\r\n\r";
$message .= "GET:\n\r" . print_r($_GET, true) . "\n\r\n\r";
$message .= "SERVER:\n\r" . print_r($_SERVER, true) . "\n\r\n\r";
$wpdb->query("INSERT INTO `paypal_log` ( `id` , `text` , `date` ) VALUES ( '', '{$message}', NOW( ) );");
mail(get_option('purch_log_email'), "IPN Data", $message);
}
}
}
/**
* @param $inputData
* @return mixed|string|void
*/
public function checkResponse($inputData)
{
global $wpdb;
$ref = $inputData['orderReference'];
$sessID = explode("_", $ref);
$sessionId = $sessID[1];
$sign = $this->getResponseSignature($inputData);
if (!empty($inputData["merchantSignature"]) && $inputData["merchantSignature"] == $sign) {
if ($inputData['transactionStatus'] == self::ORDER_APPROVED) {
$notes = "WayForPay : orderReference:" . $inputData['transactionStatus'] . " \n\n recToken: " . $inputData['recToken'];
$data = array('processed' => 3, 'transactid' => $ref, 'date' => time(), 'notes' => $notes);
$where = array('transactid' => $ref);
$format = array('%d', '%s', '%s', '%s');
$wpdb->update(WPSC_TABLE_PURCHASE_LOGS, $data, $where, $format);
transaction_results($sessionId, false, $ref);
return $this->getAnswerToGateWay($inputData);
}
}
return null;
}
/**
* process_gateway_notification method, receives data from the payment gateway
* @access public
*/
function process_gateway_notification()
{
global $wpdb;
$status = 1;
switch (strtolower($this->paypal_ipn_values['payment_status'])) {
case 'pending':
$status = 2;
break;
case 'completed':
$status = 3;
break;
case 'denied':
$status = 6;
break;
}
do_action('wpsc_paypal_standard_ipn', $this->paypal_ipn_values, $this);
$paypal_email = strtolower(get_option('paypal_multiple_business'));
if (!$this->is_valid_ipn_response()) {
return;
}
// Compare the received store owner email address to the set one
if (strtolower($this->paypal_ipn_values['receiver_email']) == $paypal_email || strtolower($this->paypal_ipn_values['business']) == $paypal_email) {
switch ($this->paypal_ipn_values['txn_type']) {
case 'cart':
case 'express_checkout':
case 'web_accept':
// import shipping & billing details if this is from "Buy Now" button
if (isset($this->paypal_ipn_values['custom']) && $this->paypal_ipn_values['custom'] == 'buy_now') {
$this->import_ipn_data();
}
if ($status > 1) {
$this->set_transaction_details($this->paypal_ipn_values['txn_id'], $status);
}
if (in_array($status, array(2, 3))) {
transaction_results($this->cart_data['session_id'], false);
}
break;
case 'subscr_signup':
case 'subscr_payment':
if (in_array($status, array(2, 3))) {
$this->set_transaction_details($this->paypal_ipn_values['subscr_id'], $status);
transaction_results($this->cart_data['session_id'], false);
}
foreach ($this->cart_items as $cart_row) {
if ($cart_row['is_recurring'] == true) {
do_action('wpsc_activate_subscription', $cart_row['cart_item_id'], $this->paypal_ipn_values['subscr_id']);
do_action('wpsc_activated_subscription', $cart_row['cart_item_id'], $this);
}
}
break;
case 'subscr_cancel':
do_action('wpsc_paypal_standard_deactivate_subscription', $this->paypal_ipn_values['subscr_id'], $this);
break;
case 'subscr_eot':
case 'subscr_failed':
foreach ($this->cart_items as $cart_row) {
$altered_count = 0;
if ((bool) $cart_row['is_recurring'] == true) {
$altered_count++;
wpsc_update_cart_item_meta($cart_row['cart_item_id'], 'is_subscribed', 0);
}
}
break;
default:
break;
}
}
}
/**
* Handle Response from DIBS server
*
*
*
*/
function dibspayment_paywin_process()
{
global $wpdb;
if (isset($_GET['dibspw_result']) && isset($_POST['s_pid'])) {
array_walk($_POST, create_function('&$val', '$val = stripslashes($val);'));
$hamc_key = get_option('dibspw_hmac');
$order_id = $_POST['orderid'];
switch ($_GET['dibspw_result']) {
case 'callback':
if ($hamc_key && !isset($_POST['MAC'])) {
die("HMAC error!");
}
if (isset($_POST['MAC']) && $_POST['MAC'] != dibspayment_paywin_calc_mac($_POST, $hamc_key, $bUrlDecode = FALSE)) {
die("Mac is incorrect, fraud attempt!!");
}
$dibsInvoiceFields = array("acquirerLastName", "acquirerFirstName", "acquirerDeliveryAddress", "acquirerDeliveryPostalCode", "acquirerDeliveryPostalPlace");
$dibsInvoiceFieldsString = "";
foreach ($_POST as $key => $value) {
if (in_array($key, $dibsInvoiceFields)) {
$dibsInvoiceFieldsString .= "{$key}={$value}\n";
}
}
// Email is not send automatically on a success transactio page
// from version '3.8.9 so we send email on callback from this version
if (version_compare(get_option('wpsc_version'), '3.8.9', '>=')) {
if ($_POST['status'] == "ACCEPTED") {
$purchaselog = new WPSC_Purchase_Log($order_id);
$purchaselog->set('processed', get_option('dibspw_status'));
$purchaselog->set('notes', $dibsInvoiceFieldsString);
$purchaselog->save();
$wpscmerch = new wpsc_merchant($order_id, false);
$wpscmerch->set_purchase_processed_by_purchid(get_option('dibspw_status'));
}
} else {
if ($_POST['status'] == "ACCEPTED") {
$purchase_log = $wpdb->get_results("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $_POST['s_pid'] . " LIMIT 1", ARRAY_A);
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '" . get_option('dibspw_status') . "', `notes`='" . $dibsInvoiceFieldsString . "' WHERE `id` = '" . $purchase_log[0]['id'] . "' LIMIT 1;");
// If it is the second callback with status ACCEPTED
// we want to send an email to customer.
if ($purchase_log[0]['authcode'] == "PENDING") {
transaction_results($_POST['s_pid'], false);
}
} else {
// we save not successed statuses it can be PENDING status..
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '1' , `authcode` = '" . $_POST['status'] . "' WHERE `id` = '" . $purchase_log[0]['id'] . "' LIMIT 1;");
}
}
break;
case 'success':
if (!isset($_GET['page_id']) || get_permalink($_GET['page_id']) != get_option('transact_url')) {
$location = add_query_arg('sessionid', $_POST['s_pid'], get_option('transact_url'));
if ($_POST['status'] == "ACCEPTED") {
if ($hamc_key && !isset($_POST['MAC'])) {
die("HMAC error!");
}
if (isset($_POST['MAC']) && $_POST['MAC'] != dibspayment_paywin_calc_mac($_POST, $hamc_key, $bUrlDecode = FALSE)) {
die("HMAC is incorrect, fraud attempt!");
}
} else {
// Declined or PENDING
$purchase_log = $wpdb->get_results("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $_POST['s_pid'] . " LIMIT 1", ARRAY_A);
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '1' , `authcode` = '" . $_POST['status'] . "' WHERE `id` = '" . $purchase_log[0]['id'] . "' LIMIT 1;");
}
wp_redirect($location);
exit;
}
break;
case 'cancel':
if (isset($_POST['orderid'])) {
$purchase_log = $wpdb->get_results("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $_POST['s_pid'] . " LIMIT 1", ARRAY_A);
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '" . get_option('dibspw_statusc') . "' WHERE `id` = '" . $purchase_log[0]['id'] . "' LIMIT 1;");
wp_redirect(get_option('shopping_cart_url'));
exit;
}
break;
}
}
}
/**
* Update lead status of the specified payment
*
* @param Pronamic_Pay_Payment $payment
*/
public static function status_update(Pronamic_Pay_Payment $payment, $can_redirect = false)
{
$merchant = new Pronamic_WP_Pay_Extensions_WPeCommerce_IDealMerchant($payment->get_source_id());
$data = new Pronamic_WP_Pay_Extensions_WPeCommerce_PaymentData($merchant);
$url = $data->get_normal_return_url();
switch ($payment->status) {
case Pronamic_WP_Pay_Statuses::CANCELLED:
$merchant->set_purchase_processed_by_purchid(Pronamic_WP_Pay_Extensions_WPeCommerce_WPeCommerce::PURCHASE_STATUS_INCOMPLETE_SALE);
// $merchant->set_transaction_details( $payment->transaction->getId(), Pronamic_WP_Pay_Extensions_WPeCommerce_WPeCommerce::PURCHASE_STATUS_INCOMPLETE_SALE );
$url = $data->get_cancel_url();
break;
case Pronamic_WP_Pay_Statuses::EXPIRED:
break;
case Pronamic_WP_Pay_Statuses::FAILURE:
break;
case Pronamic_WP_Pay_Statuses::SUCCESS:
/*
* Transactions results
*
* @see https://github.com/wp-e-commerce/WP-e-Commerce/blob/v3.8.9.5/wpsc-merchants/paypal-pro.merchant.php#L303
*/
$session_id = get_post_meta($payment->get_id(), '_pronamic_payment_wpsc_session_id', true);
transaction_results($session_id);
$merchant->set_purchase_processed_by_purchid(Pronamic_WP_Pay_Extensions_WPeCommerce_WPeCommerce::PURCHASE_STATUS_ACCEPTED_PAYMENT);
$url = $data->get_success_url();
break;
case Pronamic_WP_Pay_Statuses::OPEN:
break;
default:
break;
}
if ($can_redirect) {
wp_redirect($url, 303);
exit;
}
}
function check_ipn()
{
global $wpdb, $purchase_log, $wpsc_cart;
$wpcb_atos = get_option('wpcb_atos');
$wpcb_general = get_option('wpcb_general');
$wpcb_dev = get_option('wpcb_dev');
$purch_log_email = get_option('purch_log_email');
if (!$purch_log_email) {
$purch_log_email = get_bloginfo('admin_email');
}
// Automatic Response ATOS :
if ($_GET['ipn'] == 'atos') {
if (array_key_exists('mode_demo', $wpcb_dev) && $wpcb_dev['mode_demo']) {
// Ce Kit de demo a du vous etre envoyé par la banque
$pathfile = dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/cgi-bin/demo/pathfile";
$path_bin_response = dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/cgi-bin/demo/response";
$logfile = dirname(dirname(dirname(dirname(dirname(__FILE__))))) . "/cgi-bin/demo/logfile.txt";
} else {
$pathfile = $wpcb_atos['pathfile'];
$path_bin_response = $wpcb_atos['path_bin_response'];
$logfile = $wpcb_atos['logfile'];
}
// Initialisation du chemin du fichier de log :
if (isset($_POST['DATA'])) {
$data = escapeshellcmd($_POST['DATA']);
$message = "message={$data}";
$pathfile = "pathfile=" . $pathfile;
if (isset($_POST['sandbox'])) {
$result = $_POST['sandbox'];
} else {
$result = exec("{$path_bin_response} {$pathfile} {$message}");
}
$tableau = explode("!", $result);
$response = array('code' => $tableau[1], 'error' => $tableau[2], 'merchantid' => $tableau[3], 'merchantcountry' => $tableau[4], 'amount' => $tableau[5], 'transactionid' => $tableau[6], 'paymentmeans' => $tableau[7], 'transmissiondate' => $tableau[8], 'paymenttime' => $tableau[9], 'paymentdate' => $tableau[10], 'responsecode' => $tableau[11], 'paymentcertificate' => $tableau[12], 'authorisationid' => $tableau[13], 'currencycode' => $tableau[14], 'cardnumber' => $tableau[15], 'cvvflag' => $tableau[16], 'cvvresponsecode' => $tableau[17], 'bankresponsecode' => $tableau[18], 'complementarycode' => $tableau[19], 'complementaryinfo' => $tableau[20], 'returncontext' => $tableau[21], 'caddie' => $tableau[22], 'receiptcomplement' => $tableau[23], 'merchantlanguage' => $tableau[24], 'language' => $tableau[25], 'customerid' => $tableau[26], 'orderid' => $tableau[27], 'customeremail' => $tableau[28], 'customeripaddress' => $tableau[29], 'captureday' => $tableau[30], 'capturemode' => $tableau[31], 'data' => $tableau[32]);
//Session id used by wp ecommerce :
$sessionid = $response['orderid'];
// A venir : Ajout dans un google spreadsheet qui a toutes les entêtes précédentes (requis Zend)
// A coler dans la page admin pour tester
if (WP_ZEND_FRAMEWORK) {
$GoogleConnection = true;
$SpreadSheetConnection = true;
try {
$client = Zend_Gdata_ClientLogin::getHttpClient($wpcb_general['googleemail'], $wpcb_general['googlepassword']);
} catch (Zend_Gdata_App_AuthException $ae) {
echo $ae->exception();
$GoogleConnection = false;
}
if ($GoogleConnection) {
// Test
$service = Zend_Gdata_Spreadsheets::AUTH_SERVICE_NAME;
$client = Zend_Gdata_ClientLogin::getHttpClient($wpcb_general['googleemail'], $wpcb_general['googlepassword'], $service);
// On va chercher le numéro de la feuille :
$query_worksheet = new Zend_Gdata_Spreadsheets_DocumentQuery();
// todo pour pas de client ici ?
$query_worksheet->setSpreadsheetKey($wpcb_general['spreadsheetKey']);
$spreadsheetService = new Zend_Gdata_Spreadsheets($client);
try {
$feed = $spreadsheetService->getWorksheetFeed($query_worksheet);
} catch (Zend_Gdata_App_HttpException $ae) {
echo $ae->exception();
$SpreadSheetConnection = false;
}
if ($SpreadSheetConnection) {
// Tout bon on ajoute :
foreach ($feed->entries as $entry) {
if ($entry->title->text == 'CB') {
$worksheetId_CB = basename($entry->id);
} elseif ($entry->title->text == 'Paypal') {
$worksheetId_Paypal = basename($entry->id);
}
}
$spreadsheetService = new Zend_Gdata_Spreadsheets($client);
// Insert row in google spreadsheet :
$insertedListEntry = $spreadsheetService->insertRow($response, $wpcb_general['spreadsheetKey'], $worksheetId_CB);
} else {
wp_mail($purch_log_email, 'Email envoyé depuis le auto_response', 'Mauvais Numero de Spreadsheet dans les options du plugin wpcb');
}
} else {
if (WP_DEBUG) {
wp_mail($purch_log_email, 'Email envoyé depuis le auto_response', 'Mauvais login/mot de pass google dans les options du plugin wpcb');
}
}
} else {
wp_mail($purch_log_email, 'Email envoyé depuis le auto_response', 'Installer Zend pour ajouter automatiquement les ventes à google drive !');
}
// analyse du code retour
if (isset($_POST['sandbox'])) {
$message = "-----------SANDBOX-------------------------\n";
foreach ($response as $k => $v) {
$message .= $k . " = " . $v . "\n";
}
$message .= "-------------------------------------------\n";
if ($logfile) {
$fp = fopen($logfile, "a");
fwrite($fp, $message);
fclose($fp);
}
echo $message;
wp_mail($purch_log_email, 'Email pour vous dire qu\'un paiement SANDBOX est arrivé !', $message);
} else {
//Vrai achat !
if ($response['code'] == "" && $response['error'] == "") {
$message = "erreur appel response\n executable response non trouve {$path_bin_response}\n Session Id : {$sessionid}";
if ($logfile) {
$fp = fopen($logfile, "a");
// Ouverture du fichier de log en append
fwrite($fp, $message);
fclose($fp);
}
if (WP_DEBUG) {
wp_mail($purch_log_email, 'Email envoyé depuis le auto_response car il y a une erreur avec un paiement Atos', $message);
}
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid);
$wpsc_cart->empty_cart();
} elseif ($response['code'] != 0) {
$message = " API call error.\n Error message : {$error}\n Session Id : {$sessionid}";
if ($logfile) {
// Ouverture du fichier de log en append
$fp = fopen($logfile, "a");
fwrite($fp, $message);
fclose($fp);
}
if (WP_DEBUG) {
wp_mail($purch_log_email, 'Email envoyé depuis le auto_response car il y a une erreur avec un paiement Atos', $message);
}
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid);
$wpsc_cart->empty_cart();
} else {
// Ok, Sauvegarde dans la base de donnée du shop.
if ($response_code == 00) {
$message = "-----------SALES----------------------------\n";
foreach ($response as $k => $v) {
$message .= $k . " = " . $v . "\n";
}
$message .= "-------------------------------------------\n";
if ($logfile) {
$fp = fopen($logfile, "a");
fwrite($fp, $message);
fclose($fp);
}
if (WP_DEBUG) {
wp_mail($purch_log_email, 'Email pour vous dire qu\'un paiement est arrivé !', $message);
}
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid);
$purchase_log = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1", ARRAY_A);
// Ne pas enlever car global !
$wpsc_cart->empty_cart();
// Peut-être faut-il ici decrease stock ???
// redirect ->
transaction_results($sessionid, false);
// false -> no echo ! // The cart is emptied in this function a condition d'avoir la global $wpsc_cart !
}
}
}
// Fin du vrai achat
} else {
if (WP_DEBUG) {
wp_mail($purch_log_email, 'Qqn a accéder à cette page sans utiliser le module de CB', 'Rien de grave, c\'est peut-etre un robot google !');
}
}
} elseif ($_GET['ipn'] == 'systempaycyberplus') {
$message = '';
foreach ($_POST as $key => $value) {
$message .= $key . '->' . $value . "\n";
}
mail($purch_log_email, 'ipn systempay cyberplus', $message);
$wpcb_systempaycyberplus = get_option('wpcb_systempaycyberplus');
$control = Check_Signature(uncharm($_POST), $wpcb_systempaycyberplus['certificat']);
if ($control == 'true') {
$sessionid = $_POST['vads_order_id'];
if ($_POST['vads_result'] == "00") {
switch ($_POST['vads_auth_mode']) {
case "FULL":
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid);
$purchase_log = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1", ARRAY_A);
// Ne pas enlever car global !
$wpsc_cart->empty_cart();
// Peut-être faut-il ici decrease stock ???
// redirect ->
transaction_results($sessionid, false);
break;
case "MARK":
break;
}
} else {
//failed
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid);
$wpsc_cart->empty_cart();
//http://matale.fr/?cbListener=systempay_cyberplus&mode=test
}
} else {
mail($purch_log_email, 'ipn systempay cyberplus signature non valide', $message);
}
if ($transauthorised == false) {
}
} elseif ($_GET['ipn'] == 'paypal') {
$wpcb_paypal = get_option('wpcb_paypal');
// Initialisation du chemin du fichier de log :
error_reporting(E_ALL ^ E_NOTICE);
$header = "";
$emailtext = "";
// Read the post from PayPal and add 'cmd'
$req = 'cmd=_notify-validate';
if (function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exits = true;
}
foreach ($_POST as $key => $value) {
// Handle escape characters, which depends on setting of magic quotes
if ($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&{$key}={$value}";
}
// Post back to PayPal to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
if ($wpcb_paypal['sandbox_paypal']) {
$fp = fsockopen('ssl://sandbox.paypal.com', 443, $errno, $errstr, 30);
} else {
$fp = fsockopen('ssl://www.paypal.com', 443, $errno, $errstr, 30);
}
// Process validation from PayPal
if (!$fp) {
// HTTP ERROR
} else {
// NO HTTP ERROR
fputs($fp, $header . $req);
while (!feof($fp)) {
$res = fgets($fp, 1024);
if (strcmp($res, "VERIFIED") == 0) {
if ($_POST['payment_status'] == 'Completed') {
if (WP_DEBUG) {
wp_mail($purch_log_email, "IPN Completed Payement", $req);
}
$sessionid = $_POST['item_number'];
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '3' WHERE `sessionid`=" . $sessionid);
$purchase_log = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1", ARRAY_A);
transaction_results($sessionid, false);
// false -> no echo !
}
//End if completed
} elseif (strcmp($res, "INVALID") == 0) {
// If 'INVALID', send an email. TODO: Log for manual investigation.
if (WP_DEBUG) {
wp_mail($purch_log_email, "Live-INVALID IPN", $req);
}
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed`= '5' WHERE `sessionid`=" . $sessionid);
}
}
fclose($fp);
}
}
// fin du ipn=paypal
}
/**
* Cron job to process outstanding Bitcoin transactions.
*/
function bitcoin_cron()
{
/*
* Find transactions where purchase status = 1 and gateway = bitcoin.
* Bitcoin address for the transaction is stored in transactid
*/
global $wpdb;
bitcoin_debug("entering cron");
$transactions = $wpdb->get_results("SELECT id,totalprice,sessionid,transactid,date FROM " . WPSC_TABLE_PURCHASE_LOGS . " WHERE gateway='bitcoin' AND processed='1'");
if (count($transactions) < 1) {
return;
}
bitcoin_debug("have transactions to process");
include_once "library/bitcoin.inc";
$bitcoin_client = new BitcoinClient(get_option("bitcoin_scheme"), get_option("bitcoin_username"), get_option("bitcoin_password"), get_option("bitcoin_address"), get_option("bitcoin_port"), get_option("bitcoin_certificate_path"));
if (TRUE !== ($fault = $bitcoin_client->can_connect())) {
error_log('The Bitcoin server is presently unavailable. Fault: ' . $fault);
return;
}
bitcoin_debug("server reachable");
foreach ($transactions as $transaction) {
$address = $transaction->transactid;
$order_id = $transaction->id;
$order_total = $transaction->totalprice;
$sessionid = $transaction->sessionid;
$order_date = $transaction->date;
bitcoin_debug("processing: " . var_export($transaction, TRUE));
try {
$paid = $bitcoin_client->query("getreceivedbyaddress", $address, get_option("bitcoin_confirms"));
} catch (BitcoinClientException $e) {
error_log("Bitcoin server communication failed on getreceivedbyaddress " . $address . " with fault string " . $e->getMessage());
continue;
}
if ($paid >= $order_total) {
bitcoin_debug("paid in full");
// PAID IN FULL
// Update payment log
$wpdb->query("UPDATE " . WPSC_TABLE_PURCHASE_LOGS . " SET processed='2' WHERE id='" . $order_id . "'");
// Email customer
transaction_results($sessionid, false);
continue;
}
if (time() > $order_date + get_option("bitcoin_timeout") * 60 * 60) {
bitcoin_debug("order expired");
// ORDER EXPIRED
// Update payment log
$wpdb->query("UPDATE " . WPSC_TABLE_PURCHASE_LOGS . " SET processed='5' WHERE id='" . $order_id . "'");
// Can't email the customer via transaction_results
// TODO: Email the customer, delete the order
}
}
bitcoin_debug("leaving cron");
}
function nzshpcrt_chronopay_callback()
{
global $wpdb;
// needs to execute on page start
// look at page 36
if (isset($_GET['chronopay_callback']) && $_GET['chronopay_callback'] == 'true' && $_POST['cs2'] == 'chronopay') {
// This is a call from chronopay. validate that it is from a chronopay server in the and process.
// validate cs3 variable to see if it makes sense for security
$salt = get_option('chronopay_salt');
$gen_hash = md5($salt . md5($_POST['cs1'] . $salt));
if ($gen_hash == $_POST['cs3']) {
// Added in to fake a TX number for testing. ChronoPay dev accounts do not return a trans_id.
//if($_POST['transaction_id'] == '')
// $_POST['transaction_id'] = 'testid123123';
// process response.
$sessionid = trim(stripslashes($_POST['cs1']));
$transaction_id = trim(stripslashes($_POST['transaction_id']));
$verification_data['trans_id'] = trim(stripslashes($_POST['transaction_id']));
$verification_data['trans_type'] = trim(stripslashes($_POST['transaction_type']));
switch ($verification_data['trans_type']) {
case 'onetime':
// All successful processing statuses.
// All successful processing statuses.
case 'initial':
case 'rebill':
$data = array('processed' => 2, 'transactid' => $transact_id, 'date' => time());
wpsc_update_purchase_log_details($sessionid, $data, 'sessionid');
transaction_results($sessionid, false, $transaction_id);
break;
case 'decline':
// if it fails, delete it
$log_id = $wpdb->get_var($wpdb->prepare("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`=%s LIMIT 1", $sessionid));
$delete_log_form_sql = $wpdb->prepare("SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`=%d", $log_id);
$cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
foreach ((array) $cart_content as $cart_item) {
$cart_item_variations = $wpdb->query($wpdb->prepare("DELETE FROM `" . WPSC_TABLE_CART_ITEM_VARIATIONS . "` WHERE `cart_id` = %d", $cart_item['id']), ARRAY_A);
}
$wpdb->query($wpdb->prepare("DELETE FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`=%d", $log_id));
$wpdb->query($wpdb->prepare("DELETE FROM `" . WPSC_TABLE_SUBMITTED_FORM_DATA . "` WHERE `log_id` IN ( %d )", $log_id));
$wpdb->query($wpdb->prepare("DELETE FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id`=%d LIMIT 1", $log_id));
break;
case 'Pending':
// need to wait for "Completed" before processing
$wpdb->update(WPSC_TABLE_PURCHASE_LOGS, array('transactid' => $transaction_id, 'date' => time()), array('sessionid' => $sessionid), array('%d', '%s'));
break;
default:
// if nothing, do nothing, safest course of action here.
break;
}
} else {
// Security Hash failed!!.. notify someone..
$message = "This message has been sent because a call to your ChronoPay function was made by a server that did not have the correct security key. This could mean someone is trying to hack your payment site. The details of the call are below.\n\r\n\r";
$message .= "OUR_POST:\n\r" . print_r($header . $req, true) . "\n\r\n\r";
$message .= "THEIR_POST:\n\r" . print_r($_POST, true) . "\n\r\n\r";
$message .= "GET:\n\r" . print_r($_GET, true) . "\n\r\n\r";
$message .= "SERVER:\n\r" . print_r($_SERVER, true) . "\n\r\n\r";
mail(get_option('purch_log_email'), "ChronoPay Security Key Failed!", $message);
}
}
}
function wpsc_purchlog_edit_status($purchlog_id = '', $purchlog_status = '')
{
global $wpdb;
if (empty($purchlog_id) && empty($purchlog_status)) {
$purchlog_id = absint($_POST['purchlog_id']);
$purchlog_status = absint($_POST['purchlog_status']);
}
$log_data = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id` = '{$purchlog_id}' LIMIT 1", ARRAY_A);
$is_transaction = wpsc_check_purchase_processed($log_data['processed']);
if ($is_transaction && function_exists('wpsc_member_activate_subscriptions')) {
wpsc_member_activate_subscriptions($_POST['id']);
}
//in the future when everyone is using the 2.0 merchant api, we should use the merchant class to update the staus,
// then you can get rid of this hook and have each person overwrite the method that updates the status.
do_action('wpsc_edit_order_status', array('purchlog_id' => $purchlog_id, 'purchlog_data' => $log_data, 'new_status' => $purchlog_status));
$wpdb->update(WPSC_TABLE_PURCHASE_LOGS, array('processed' => $purchlog_status), array('id' => $purchlog_id), '%d', '%d');
wpsc_clear_stock_claims();
wpsc_decrement_claimed_stock($purchlog_id);
if ($purchlog_status == 3) {
transaction_results($log_data['sessionid'], false, null);
}
}
function wpsc_purchlog_edit_status($purchlog_id = '', $purchlog_status = '')
{
global $wpdb;
if ($purchlog_id == '' && $purchlog_status == '') {
$purchlog_id = absint($_POST['purchlog_id']);
$purchlog_status = absint($_POST['purchlog_status']);
}
$log_data = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id` = '{$purchlog_id}' LIMIT 1", ARRAY_A);
if ($purchlog_status == 2 && function_exists('wpsc_member_activate_subscriptions')) {
wpsc_member_activate_subscriptions($_POST['id']);
}
// if the order is marked as failed, remove the claim on the stock
if ($purchlog_status == 5) {
$wpdb->query("DELETE FROM `" . WPSC_TABLE_CLAIMED_STOCK . "` WHERE `cart_id` = '{$purchlog_id}' AND `cart_submitted` = '1'");
//echo "DELETE FROM `".WPSC_TABLE_CLAIMED_STOCK."` WHERE `cart_id` = '{$purchlog_id}' AND `cart_submitted` = '1'";
}
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET processed='{$purchlog_status}' WHERE id='{$purchlog_id}'");
if ($purchlog_status > $log_data['processed'] && $log_data['processed'] <= 2) {
transaction_results($log_data['sessionid'], false);
}
// exit("1");
}
function nzshpcrt_tco_callback()
{
global $wpdb;
if (isset($_REQUEST['tco_callback']) && $_REQUEST['tco_callback'] == 'true' && $_REQUEST['payment_method'] == 'tco') {
$seller_id = get_option('tco_seller_id');
$secret_word = get_option('tco_secret_word');
$sessionid = trim(stripslashes($_REQUEST['cart_order_id']));
$transaction_id = trim(stripslashes($_REQUEST['order_number']));
if ($_REQUEST['demo'] == 'Y') {
$transaction_id = 1;
}
$compare_string = $secret_word . $seller_id . $transaction_id . $_REQUEST['total'];
$compare_hash1 = strtoupper(md5($compare_string));
$compare_hash2 = $_REQUEST['key'];
if ($compare_hash1 != $compare_hash2) {
$wpdb->update(WPSC_TABLE_PURCHASE_LOGS, array('processed' => 2, 'transactid' => $transaction_id, 'date' => time()), array('sessionid' => $sessionid), array('%d', '%s'));
} else {
$data = array('processed' => 3, 'transactid' => $transaction_id, 'date' => time());
$where = array('sessionid' => $sessionid);
$format = array('%d', '%s', '%s');
$wpdb->update(WPSC_TABLE_PURCHASE_LOGS, $data, $where, $format);
transaction_results($sessionid, false, $transaction_id);
}
}
}
function nzshpcrt_chronopay_callback()
{
global $wpdb;
// needs to execute on page start
// look at page 36
if ($_GET['chronopay_callback'] == 'true' && $_POST['cs2'] == 'chronopay') {
// This is a call from chronopay. validate that it is from a chronopay server in the and process.
// validate cs3 variable to see if it makes sense for security
$salt = get_option('chronopay_salt');
$gen_hash = md5($salt . md5($_POST['cs1'] . $salt));
if ($gen_hash == $_POST['cs3']) {
// Added in to fake a TX number for testing. ChronoPay dev accounts do not return a trans_id.
//if($_POST['transaction_id'] == '')
// $_POST['transaction_id'] = 'testid123123';
// process response.
$sessionid = trim(stripslashes($_POST['cs1']));
$transaction_id = trim(stripslashes($_POST['transaction_id']));
$verification_data['trans_id'] = trim(stripslashes($_POST['transaction_id']));
$verification_data['trans_type'] = trim(stripslashes($_POST['transaction_type']));
switch ($verification_data['trans_type']) {
case 'onetime':
// All successful processing statuses.
// All successful processing statuses.
case 'initial':
case 'rebill':
$wpdb->query("UPDATE `" . $wpdb->prefix . "purchase_logs` SET \n\t\t\t\t\t\t\t\t\t\t`processed` = '2', \n\t\t\t\t\t\t\t\t\t\t`transactid` = '" . $transaction_id . "', \n\t\t\t\t\t\t\t\t\t\t`date` = '" . time() . "'\n\t\t\t\t\t\t\t\t\tWHERE `sessionid` = " . $sessionid . " LIMIT 1");
transaction_results($sessionid, false, $transaction_id);
break;
case 'decline':
// if it fails, delete it
$log_id = $wpdb->get_var("SELECT `id` FROM `" . $wpdb->prefix . "purchase_logs` WHERE `sessionid`='{$sessionid}' LIMIT 1");
$delete_log_form_sql = "SELECT * FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$log_id}'";
$cart_content = $wpdb->get_results($delete_log_form_sql, ARRAY_A);
foreach ((array) $cart_content as $cart_item) {
$cart_item_variations = $wpdb->query("DELETE FROM `" . $wpdb->prefix . "cart_item_variations` WHERE `cart_id` = '" . $cart_item['id'] . "'", ARRAY_A);
}
$wpdb->query("DELETE FROM `" . $wpdb->prefix . "cart_contents` WHERE `purchaseid`='{$log_id}'");
$wpdb->query("DELETE FROM `" . $wpdb->prefix . "submited_form_data` WHERE `log_id` IN ('{$log_id}')");
$wpdb->query("DELETE FROM `" . $wpdb->prefix . "purchase_logs` WHERE `id`='{$log_id}' LIMIT 1");
break;
case 'Pending':
// need to wait for "Completed" before processing
$sql = "UPDATE `" . $wpdb->prefix . "purchase_logs` SET `transactid` = '" . $transaction_id . "', `date` = '" . time() . "' WHERE `sessionid` = " . $sessionid . " LIMIT 1";
$wpdb->query($sql);
break;
default:
// if nothing, do nothing, safest course of action here.
break;
}
} else {
// Security Hash failed!!.. notify someone..
$message = "This message has been sent because a call to your ChronoPay function was made by a server that did not have the correct security key. This could mean someone is trying to hack your payment site. The details of the call are below.\n\r\n\r";
$message .= "OUR_POST:\n\r" . print_r($header . $req, true) . "\n\r\n\r";
$message .= "THEIR_POST:\n\r" . print_r($_POST, true) . "\n\r\n\r";
$message .= "GET:\n\r" . print_r($_GET, true) . "\n\r\n\r";
$message .= "SERVER:\n\r" . print_r($_SERVER, true) . "\n\r\n\r";
mail(get_option('purch_log_email'), "ChronoPay Security Key Failed!", $message);
}
// If in debug, email details
if (get_option('chronopay_debug') == 1) {
$message = "This is a debugging message sent because it appears that you are in debug mode.\n\rEnsure ChronoPay debug is turned off once you are happy with the function.\n\r\n\r";
$message .= "OUR_POST:\n\r" . print_r($header . $req, true) . "\n\r\n\r";
$message .= "THEIR_POST:\n\r" . print_r($_POST, true) . "\n\r\n\r";
$message .= "GET:\n\r" . print_r($_GET, true) . "\n\r\n\r";
$message .= "SERVER:\n\r" . print_r($_SERVER, true) . "\n\r\n\r";
mail(get_option('purch_log_email'), "ChronoPay Data", $message);
}
}
}
/**
* Purchase log ajax code starts here
*/
function wpsc_purchlog_resend_email()
{
global $wpdb;
$log_id = $_REQUEST['email_buyer_id'];
$wpec_taxes_controller = new wpec_taxes_controller();
if (is_numeric($log_id)) {
$selectsql = "SELECT `sessionid` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id`= %d LIMIT 1";
$purchase_log = $wpdb->get_var($wpdb->prepare($selectsql, $log_id));
transaction_results($purchase_log, false);
$sent = true;
}
$sendback = wp_get_referer();
if (isset($sent)) {
$sendback = add_query_arg('sent', $sent, $sendback);
}
wp_redirect($sendback);
exit;
}
/**
* submit checkout function, used through ajax and in normal page loading.
* No parameters, returns nothing
*/
function wpsc_submit_checkout()
{
global $wpdb, $wpsc_cart, $user_ID, $nzshpcrt_gateways, $wpsc_shipping_modules, $wpsc_gateways;
//echo "break redirect";
//
do_action('wpsc_before_submit_checkout');
$_SESSION['wpsc_checkout_misc_error_messages'] = array();
$wpsc_checkout = new wpsc_checkout();
//exit('coupons:'.$wpsc_cart->coupons_name);
$selected_gateways = get_option('custom_gateway_options');
$submitted_gateway = $_POST['custom_gateway'];
$options = get_option('custom_shipping_options');
$form_validity = $wpsc_checkout->validate_forms();
extract($form_validity);
// extracts $is_valid and $error_messages
if (get_option('do_not_use_shipping') == 0 && ($wpsc_cart->selected_shipping_method == null || $wpsc_cart->selected_shipping_option == null) && $wpsc_cart->uses_shipping) {
$_SESSION['wpsc_checkout_misc_error_messages'][] = __('You must select a shipping method, otherwise we cannot process your order.', 'wpsc');
$is_valid = false;
}
if ($_POST['agree'] != 'yes') {
$_SESSION['wpsc_checkout_misc_error_messages'][] = __('Please agree to the terms and conditions, otherwise we cannot process your order.', 'wpsc');
$is_valid = false;
}
$selectedCountry = $wpdb->get_results("SELECT id, country FROM `" . WPSC_TABLE_CURRENCY_LIST . "` WHERE isocode='" . $wpdb->escape($_SESSION['wpsc_delivery_country']) . "'", ARRAY_A);
foreach ($wpsc_cart->cart_items as $cartitem) {
// exit('<pre>'.print_r($cartitem, true).'</pre>');
$categoriesIDs = $wpdb->get_col("SELECT category_id FROM `" . WPSC_TABLE_ITEM_CATEGORY_ASSOC . "` WHERE product_id=" . $cartitem->product_id);
foreach ((array) $categoriesIDs as $catid) {
if (is_array($catid)) {
$sql = "SELECT `countryid` FROM `" . WPSC_TABLE_CATEGORY_TM . "` WHERE `visible`=0 AND `categoryid`=" . $catid[0];
} else {
$sql = "SELECT `countryid` FROM `" . WPSC_TABLE_CATEGORY_TM . "` WHERE `visible`=0 AND `categoryid`=" . $catid;
}
$countries = $wpdb->get_col($sql);
if (in_array($selectedCountry[0]['id'], (array) $countries)) {
$errormessage = sprintf(__('Oops the product : %s cannot be shipped to %s. To continue with your transaction please remove this product from the list above.', 'wpsc'), $cartitem->product_name, $selectedCountry[0]['country']);
$_SESSION['categoryAndShippingCountryConflict'] = $errormessage;
$is_valid = false;
}
}
//count number of items, and number of items using shipping
$num_items++;
if ($cartitem->uses_shipping != 1) {
$disregard_shipping++;
} else {
$use_shipping++;
}
}
// exit('valid >'.$is_valid);
if (array_search($submitted_gateway, $selected_gateways) !== false) {
$_SESSION['wpsc_previous_selected_gateway'] = $submitted_gateway;
} else {
$is_valid = false;
}
if (get_option('do_not_use_shipping') != 1 && in_array('ups', (array) $options) && $_SESSION['wpsc_zipcode'] == '') {
//exit('Not being called');
if ($num_items != $disregard_shipping) {
//<-- new line of code
$_SESSION['categoryAndShippingCountryConflict'] = __('Please enter a Zipcode and click calculate to proceed');
$is_valid = false;
}
}
if ($is_valid == true || $_GET['gateway'] == 'noca') {
$_SESSION['categoryAndShippingCountryConflict'] = '';
// check that the submitted gateway is in the list of selected ones
$sessionid = mt_rand(100, 999) . time();
$_SESSION['wpsc_sessionid'] = $sessionid;
$subtotal = $wpsc_cart->calculate_subtotal();
if ($wpsc_cart->has_total_shipping_discount() == false) {
$base_shipping = $wpsc_cart->calculate_base_shipping();
} else {
$base_shipping = 0;
}
if (isset($_POST['how_find_us'])) {
$find_us = $_POST['how_find_us'];
} else {
$find_us = '';
}
$tax = $wpsc_cart->calculate_total_tax();
$total = $wpsc_cart->calculate_total_price();
// Make sure delivery and selected region are onlly saved if the country does have regions
// Im unsure how this would effect countries that HAVE regions, i.e if you select Canada as country,, will your // region be alabama if no region was selected?
$wpsc_cart->update_location();
if (!wpsc_has_regions($wpsc_cart->selected_country)) {
$wpsc_cart->selected_region = '';
}
if (!wpsc_has_regions($wpsc_cart->delivery_country)) {
$wpsc_cart->delivery_region = '';
}
$sql = "INSERT INTO `" . WPSC_TABLE_PURCHASE_LOGS . "` (`totalprice`,`statusno`, `sessionid`, `user_ID`, `date`, `gateway`, `billing_country`,`shipping_country`, `billing_region`, `shipping_region`, `base_shipping`,`shipping_method`, `shipping_option`, `plugin_version`, `discount_value`, `discount_data`,`find_us`) VALUES ('{$total}' ,'0', '{$sessionid}', '" . (int) $user_ID . "', UNIX_TIMESTAMP(), '{$submitted_gateway}', '{$wpsc_cart->selected_country}', '{$wpsc_cart->delivery_country}','{$wpsc_cart->selected_region}', '{$wpsc_cart->delivery_region}', '{$base_shipping}', '{$wpsc_cart->selected_shipping_method}', '{$wpsc_cart->selected_shipping_option}', '" . WPSC_VERSION . "', '{$wpsc_cart->coupons_amount}','{$wpsc_cart->coupons_name}', '{$find_us}')";
//exit($sql);
$wpdb->query($sql);
$purchase_log_id = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid` IN('{$sessionid}') LIMIT 1");
//exit('PurchLog id'.$purchase_log_id);
$wpsc_checkout->save_forms_to_db($purchase_log_id);
$wpsc_cart->save_to_db($purchase_log_id);
$wpsc_cart->submit_stock_claims($purchase_log_id);
if (get_option('wpsc_also_bought') == 1) {
wpsc_populate_also_bought_list();
}
wp_get_current_user();
$our_user_id = $user_ID;
do_action('wpsc_submit_checkout', array("purchase_log_id" => $purchase_log_id, "our_user_id" => $our_user_id));
if (get_option('permalink_structure') != '') {
$seperator = "?";
} else {
$seperator = "&";
}
if ($total <= 0) {
$transaction_url_with_sessionid = add_query_arg('sessionid', $session_id, get_option('transact_url'));
wp_redirect($transaction_url_with_sessionid);
}
/// submit to gateway
$current_gateway_data =& $wpsc_gateways[$submitted_gateway];
if ($current_gateway_data['api_version'] >= 2.0) {
$merchant_instance = new $current_gateway_data['class_name']($purchase_log_id);
$merchant_instance->construct_value_array();
$merchant_instance->submit();
//print_r($merchant_instance);
} else {
if ($current_gateway_data['internalname'] == $submitted_gateway && $current_gateway_data['internalname'] != 'google') {
$gateway_used = $current_gateway_data['internalname'];
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `gateway` = '" . $gateway_used . "' WHERE `id` = '" . $log_id . "' LIMIT 1 ;");
$current_gateway_data['function']($seperator, $sessionid);
//break;
} else {
if ($_POST['custom_gateway'] == 'google') {
$gateway_used = $current_gateway_data['internalname'];
$wpdb->query("UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `gateway` = '" . $gateway_used . "' WHERE `id` = '" . $log_id . "' LIMIT 1 ;");
$_SESSION['gateway'] = 'google';
header('Location: ' . get_option('shopping_cart_url'));
exit;
//break;
}
}
}
if (isset($_GET['gateway']) && $_GET['gateway'] == 'noca') {
//exit('HERE2');
echo transaction_results($sessionid, true);
} else {
//exit('HERE');
}
} else {
}
}
/**
* Submit
* Charges the user for the purchase and if profit sharing is enabled
* each product owner.
* @since 1.3
* @version 1.3
*/
function submit()
{
// Since the wpsc_pre_submit_gateway action could change these values, we need to check
if ($this->cost > 0 && $this->user_id != 0 && !empty($this->transaction_id)) {
// Let other play before we start
do_action_ref_array('mycred_wpecom_charg', array(&$this));
// Charge
$this->core->add_creds('wpecom_payment', $this->user_id, 0 - $this->cost, $this->prefs['log'], '', $this->purchase_id, $this->mycred_type);
// Update Order
$this->set_transaction_details($this->transaction_id, 3);
transaction_results($this->cart_data['session_id'], false);
// Payout Share
if ($this->prefs['share'] > 0) {
// Loop though items
foreach ((array) $this->cart_items as $item) {
// Get product
$product = get_post((int) $item['product_id']);
// Continue if product has just been deleted or owner is buyer
if ($product === NULL || $product->post_author == $this->user_id) {
continue;
}
// Calculate Cost
$price = $item['price'];
$quantity = $item['quantity'];
$cost = $price * $quantity;
// Calculate Share
$percentage = apply_filters('mycred_wpecom_profit_share', $this->prefs['share'], $this, $product);
if ($percentage == 0) {
continue;
}
$share = $percentage / 100 * $cost;
// Payout
$this->core->add_creds('store_sale', $product->post_author, $share, $this->prefs['share_log'], $product->ID, array('ref_type' => 'post'), $this->mycred_type);
}
}
// Let others play before we end
do_action_ref_array('mycred_wpecom_charged', array(&$this));
// Empty Cart, Redirect & Exit
wpsc_empty_cart();
$this->go_to_transaction_results($this->cart_data['session_id']);
exit;
} elseif (!empty($this->transaction_id)) {
$this->set_transaction_details($this->transaction_id, 2);
}
}
/**
* process_gateway_notification method, receives data from the payment gateway
* @access public
*/
function process_gateway_notification()
{
$status = false;
switch (strtolower($this->paypal_ipn_values['payment_status'])) {
case 'pending':
$status = 2;
break;
case 'completed':
$status = 3;
break;
case 'denied':
$status = 6;
break;
}
do_action('wpsc_paypal_pro_ipn', $this->paypal_ipn_values, $this);
// Compare the received store owner email address to the set one
if (strtolower($this->paypal_ipn_values['receiver_email']) == strtolower(get_option('paypal_multiple_business'))) {
switch ($this->paypal_ipn_values['txn_type']) {
case 'cart':
case 'express_checkout':
if ($status) {
$this->set_transaction_details($this->paypal_ipn_values['txn_id'], $status);
}
if (in_array($status, array(2, 3))) {
transaction_results($this->cart_data['session_id'], false);
}
break;
case 'subscr_signup':
case 'subscr_payment':
if (in_array($status, array(2, 3))) {
$this->set_transaction_details($this->paypal_ipn_values['subscr_id'], $status);
transaction_results($this->cart_data['session_id'], false);
}
foreach ($this->cart_items as $cart_row) {
if ($cart_row['is_recurring'] == true) {
do_action('wpsc_activate_subscription', $cart_row['cart_item_id'], $this->paypal_ipn_values['subscr_id']);
do_action('wpsc_activated_subscription', $cart_row['cart_item_id'], $this);
}
}
break;
case 'subscr_cancel':
case 'subscr_eot':
case 'subscr_failed':
foreach ($this->cart_items as $cart_row) {
$altered_count = 0;
if ((bool) $cart_row['is_recurring'] == true) {
$altered_count++;
wpsc_update_cart_item_meta($cart_row['cart_item_id'], 'is_subscribed', 0);
}
}
break;
default:
break;
}
}
$message = "\n\t\t{$this->paypal_ipn_values['receiver_email']} => " . get_option('paypal_multiple_business') . "\n\t\t{$this->paypal_ipn_values['txn_type']}\n\t\t{$this->paypal_ipn_values['mc_gross']} => {$this->cart_data['total_price']}\n\t\t{$this->paypal_ipn_values['txn_id']}\n\n\t\t" . print_r($this->cart_items, true) . "\n\t\t{$altered_count}\n\t\t";
}
if ($_SESSION['wpsc_previous_selected_gateway'] == 'paypal_certified') {
$sessionid = $_SESSION['paypalexpresssessionid'];
}
//exit("test!");
$errorcode = '';
$transactid = '';
if ($_REQUEST['eway'] == '1') {
$sessionid = $_GET['result'];
} elseif ($_REQUEST['eway'] == '0') {
echo $_SESSION['eway_message'];
} elseif ($_REQUEST['payflow'] == '1') {
echo $_SESSION['payflow_message'];
$_SESSION['payflow_message'] = '';
}
//exit('getting here?<pre>'.print_r($_SESSION[[wpsc_previous_selected_gateway], true).'</pre>'.get_option('payment_gateway'));
if ($_SESSION['wpsc_previous_selected_gateway'] == 'paypal_certified' && $_SESSION['paypalExpressMessage'] != '') {
echo $_SESSION['paypalExpressMessage'];
} else {
if ($_SESSION['wpsc_previous_selected_gateway'] == 'dps') {
$sessionid = decrypt_dps_response();
//exit($sessionid);
if ($sessionid != '') {
//exit('<pre>'.print_r($sessionid, true).'</pre>');
transaction_results($sessionid, true);
} else {
_e('Sorry your transaction was not accepted.<br /><a href=' . get_option("shopping_cart_url") . '>Click here to go back to checkout page.</a>');
}
} else {
echo transaction_results($sessionid, true);
}
}