/**
* Method to send the request to the zaakpay api
* identified by the endpoint (url)
*/
public function send()
{
$config = $this->getZaakpayConfig();
$this->_params = array_merge($this->_params, array('merchantIdentifier' => $config['merchant_id'], 'mode' => $config['sandbox_mode'] ? '0' : '1'));
$fields = $this->_params;
#ksort($fields);
$all = Checksum::getAllParams($fields);
$checksum = Checksum::calculateChecksum($config['secret_key'], $all);
$fields['checksum'] = $checksum;
$query_string = http_build_query($fields);
// Mage::log('Update Request sent:'.$query_string);
// var_dump($fields); exit;
//open connection
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch, CURLOPT_URL, $this->getUrl());
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $query_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
//execute post
$result = curl_exec($ch);
// incase of an error, log it
if (curl_errno($ch)) {
Mage::log('Curl error: ' . curl_error($ch));
Mage::throwException('Request not completed because of an error connecting to zaakpay server for transaction update. See exception logs');
} else {
//close connection
curl_close($ch);
$this->_processResponse($result);
$this->_sentFlag = true;
}
}
/**
* Constructor
*
* @param var value
*/
public function __construct($value)
{
if (is_int($value)) {
parent::__construct(sprintf('%04x', $value));
} else {
parent::__construct($value);
}
}
function verifyChecksum($checksum, $all, $secret) {
$cal_checksum = Checksum::calculateChecksum($secret, $all);
$bool = 0;
if($checksum == $cal_checksum) {
$bool = 1;
}
return $bool;
}
public function responseAction()
{
// actual processing
$postdata = Mage::app()->getRequest()->getPost();
$session = Mage::getSingleton('checkout/session');
$session->setQuoteId($session->getZaakpayQuoteId(true));
$zaakpayConfig = Mage::getStoreConfig('payment/zaakpay');
// Checksum Verification
// Proceed only if checksum matches. Else redirect to error page.
$checksumReceived = $postdata['checksum'];
$allParamsReceived = Checksum::getAllParams($postdata);
$checksumCalculated = Checksum::calculateChecksum($zaakpayConfig['secret_key'], $allParamsReceived);
if ($checksumReceived !== $checksumCalculated) {
if ($session->getLastRealOrderId()) {
$order = Mage::getModel('sales/order')->loadByIncrementId($session->getLastRealOrderId());
if ($order->getId()) {
$order->cancel()->save();
}
}
$er = 'Checksum does not match. This response has been compromised. However, transaction might have been successful.';
$session->addError($er);
$this->_redirect('zaakpay/transact/failure');
return;
}
// success
if ($this->_validateResponse()) {
Mage::getSingleton('checkout/session')->getQuote()->setIsActive(false)->save();
// load the order and change the order status
$zaakpay = Mage::getModel('zaakpay/transact');
$state = $zaakpay->zaakpaySuccessOrderState();
$order = Mage::getModel('sales/order')->loadByIncrementId($postdata['orderId'])->setState($state, true);
// also do something similar to capturing the payment here
$payment = $order->getPayment();
$transaction = Mage::getModel('sales/order_payment_transaction');
$dummy_txn_id = 'ZP_' . $postdata['orderId'];
$transaction->setOrderPaymentObject($payment)->setTxnId($dummy_txn_id)->setTxnType(Mage_Sales_Model_Order_Payment_Transaction::TYPE_AUTH)->setIsClosed(0)->save();
$order->save();
$order->sendNewOrderEmail();
$this->_redirect('checkout/onepage/success', array('_secure' => true));
} else {
// failure/cancel
if ($session->getLastRealOrderId()) {
$order = Mage::getModel('sales/order')->loadByIncrementId($session->getLastRealOrderId());
if ($order->getId()) {
$order->cancel()->save();
}
}
$er = 'Zaakpay could not process your request because of the error "' . $postdata['responseDescription'] . '"';
$session->addError($er);
$this->_redirect('zaakpay/transact/failure');
}
}
/**
* This will just spit out the html without loading any other magento stuff
* and the form will be submitted right away.
*/
protected function _toHtml()
{
$zaakpay = Mage::getModel('zaakpay/transact');
$fields = $zaakpay->getCheckoutFormFields();
$form = '<form id="zaakpay_checkout" method="POST" action="' . $zaakpay->getZaakpayTransactAction() . '">';
foreach ($fields as $key => $value) {
$form .= '<input type="hidden" name="' . $key . '" value="' . Checksum::sanitizedParam($value) . '" />' . "\n";
#$form .= '<input type="hidden" name="'.$key.'" value="'.$value.'" />'."\n";
}
$form .= '</form>';
$html = '<html><body>';
$html .= $this->__('You will be redirected to the Zaakpay website in a few seconds.');
$html .= $form;
$html .= '<script type="text/javascript">document.getElementById("zaakpay_checkout").submit();</script>';
$html .= '</body></html>';
return $html;
}
/**
* @dataProvider getMatchesContentData
*/
public function testMatchesContent($checksum, $content, $expected)
{
$this->assertEquals($expected, Checksum::matchesContent($checksum, $content));
}
public function getRequestFields()
{
$fields = $this->_buildRequestFields();
// pass it through validate so that an exception is thrown
$this->_validateFields($fields);
$all = Checksum::getAllParams($fields);
#error_log("Logging stripped params : " . $all);
$zaakpayConfig = $this->getZaakpayConfig();
$checksum = Checksum::calculateChecksum($zaakpayConfig['secret_key'], $all);
#error_log('Logging key used to produce checksum : ' . $zaakpayConfig['secret_key']);
#error_log('Logging checksum : ' . $checksum);
$this->_checksum = $checksum;
// var_dump($all, $checksum);
#ksort($fields);
// first sort by key and then append checksum in the end
$fields['checksum'] = $checksum;
return $fields;
}
/**
* @dataProvider getFromContentData
*/
public function testFromContent($content, $expected)
{
$this->assertEquals($expected, Checksum::fromContent($content));
}
public function getRequestFields()
{
$fields = $this->_buildRequestFields();
// pass it through validate so that an exception is thrown
$this->_validateFields($fields);
$airpCheckfields = Checksum::sanitizedParam($fields['buyerEmail']) . Checksum::sanitizedParam($fields['buyerFirstName']) . Checksum::sanitizedParam($fields['buyerLastName']) . Checksum::sanitizedParam($fields['buyerAddress']) . Checksum::sanitizedParam($fields['buyerCity']) . Checksum::sanitizedParam($fields['buyerState']) . Checksum::sanitizedParam($fields['buyerCountry']) . Checksum::sanitizedParam($fields['amount']) . Checksum::sanitizedParam($fields['orderid']);
$all = $airpCheckfields;
error_log("Logging stripped params : " . $all);
$airpayConfig = $this->getAirpayConfig();
$privatekey = Checksum::encrypt($airpayConfig['username'] . ":|:" . $airpayConfig['password'], $airpayConfig['secret_key']);
$checksum = Checksum::calculateChecksum($all . date('Y-m-d'), $privatekey);
error_log("Logging stripped params : " . $all);
error_log('Logging key used to produce checksum : ' . $airpayConfig['secret_key']);
error_log('Logging checksum : ' . $checksum);
$this->_checksum = $checksum;
// var_dump($all, $checksum);
#ksort($fields);
// first sort by key and then append checksum in the end
$fields['checksum'] = $checksum;
$fields['privatekey'] = $privatekey;
$fields['mercid'] = $airpayConfig['merchant_id'];
return $fields;
}
public function responseAction()
{
// actual processing
$postdata = Mage::app()->getRequest()->getPost();
$session = Mage::getSingleton('checkout/session');
$session->setQuoteId($session->getAirpayQuoteId(true));
$airpayConfig = Mage::getStoreConfig('payment/airpay');
// Checksum Verification
// Proceed only if checksum matches. Else redirect to error page.
$checksumReceived = $postdata['ap_SecureHash'];
$TRANSACTIONID = $postdata['TRANSACTIONID'];
$APTRANSACTIONID = $postdata['APTRANSACTIONID'];
$AMOUNT = $postdata['AMOUNT'];
$TRANSACTIONSTATUS = $postdata['TRANSACTIONSTATUS'];
$MESSAGE = $postdata['MESSAGE'];
$mercid = $airpayConfig['merchant_id'];
$username = $airpayConfig['username'];
$allParamsReceived = Checksum::getAllParams($postdata);
//$checksumCalculated = Checksum::calculateChecksum($airpayConfig['secret_key'], $allParamsReceived);
$checksumCalculated = sprintf("%u", crc32($TRANSACTIONID . ':' . $APTRANSACTIONID . ':' . $AMOUNT . ':' . $TRANSACTIONSTATUS . ':' . $MESSAGE . ':' . $mercid . ':' . $username));
error_log("Logging response params : " . $allParamsReceived);
error_log('Logging checksum : ' . $checksumCalculated);
if ($checksumReceived !== $checksumCalculated) {
if ($session->getLastRealOrderId()) {
$order = Mage::getModel('sales/order')->loadByIncrementId($session->getLastRealOrderId());
if ($order->getId()) {
$order->cancel()->save();
}
}
$er = 'Checksum does not match. This response has been compromised. However, transaction might have been successful.';
$session->addError($er);
$this->_redirect('airpay/transact/failure');
return;
}
// success
if ($this->_validateResponse()) {
Mage::getSingleton('checkout/session')->getQuote()->setIsActive(false)->save();
// load the order and change the order status
$airpay = Mage::getModel('airpay/transact');
//$state = $airpay->airpaySuccessOrderState();
$order = Mage::getModel('sales/order')->loadByIncrementId($postdata['TRANSACTIONID'])->setState(Mage_Sales_Model_Order::STATE_PROCESSING, true);
$payment = $order->getPayment();
$transaction = Mage::getModel('sales/order_payment_transaction');
$dummy_txn_id = 'AP_' . $postdata['TRANSACTIONID'];
$transaction->setOrderPaymentObject($payment)->setTxnId($dummy_txn_id)->setTxnType(Mage_Sales_Model_Order_Payment_Transaction::TYPE_AUTH)->setIsClosed(0)->save();
$order->save();
try {
$order->sendNewOrderEmail();
} catch (Exception $ex) {
}
$this->_redirect('checkout/onepage/success', array('_secure' => true));
} else {
// failure/cancel
if ($session->getLastRealOrderId()) {
$order = Mage::getModel('sales/order')->loadByIncrementId($session->getLastRealOrderId());
if ($order->getId()) {
$order->cancel()->save();
}
}
$er = 'Airpay could not process your request because of the error "' . $postdata['MESSAGE'] . '"';
$session->addError($er);
$this->_redirect('airpay/transact/failure');
}
}
