function onMembershipCancelPayment($plugin, $data, $membership, &$transaction) { if (!$this->canRun()) { return; } if ($plugin != $this->_plugin->name) { return false; } if (!$membership->recurring || $membership->period == 0) { return false; } $content = "<ARBCancelSubscriptionRequest xmlns=\"AnetApi/xml/v1/schema/AnetApiSchema.xsd\">" . "<merchantAuthentication>" . "<name>" . $this->_params->get('x_login') . "</name>" . "<transactionKey>" . $this->_params->get('x_tran_key') . "</transactionKey>" . "</merchantAuthentication>" . "<refId>0</refId>" . "<subscriptionId>" . $transaction->custom . "</subscriptionId>" . "<sandbox>true</sandbox>" . "</ARBCancelSubscriptionRequest>"; /*$post_url = $this->_params->get('mode') ? "https://api.authorize.net/xml/v1/request.api" : "https://apitest.authorize.net/xml/v1/request.api";*/ $post_url = $this->_params->get('mode') ? "https://developer.authorize.net/tools/paramdump/index.php" : "https://developer.authorize.net/tools/paramdump/index.php"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $post_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml")); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $content); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); $response = curl_exec($ch); $log = array(); $log[] = 'Cancelled by request. Response is below:'; $log[] = '--- START ---'; list($refId, $resultCode, $code, $text, $subscriptionId) = $this->_parseReturn($response); $log[] = 'Ref Id: ' . $refId; $log[] = 'Result Code: ' . $resultCode; $log[] = 'Code: ' . $code; $log[] = 'Text: ' . $text; $log[] = 'Subscription Id: ' . $subscriptionId; $log[] = '--- END ---'; RSMembership::saveTransactionLog($log, $transaction->id); if ($resultCode == 'Ok') { return true; } JError::raiseWarning(500, $text); return false; }
protected function onPaymentNotification() { if (!$this->canRun()) { return; } ob_end_clean(); $name = $this->getTranslation($this->params->get('payment_name', 'PayPal')); require_once JPATH_ADMINISTRATOR . '/components/com_rsmembership/helpers/adapters/input.php'; $db = JFactory::getDBO(); $query = $db->getQuery(true); $jinput = RSInput::create(); $log = array(); $req = $this->_buildPostData(); $this->addLog("IPN received: {$req}"); // post back to PayPal system to validate $url = $this->params->get('mode') ? 'https://www.paypal.com/cgi-bin/webscr' : 'https://www.sandbox.paypal.com/cgi-bin/webscr'; $only_completed = (int) $this->params->get('only_completed', 0); if (!extension_loaded('curl') || !function_exists('curl_exec') || !is_callable('curl_exec')) { $this->addLog('[err] cURL is not installed or executable, cannot connect back to PayPal for validation!'); $this->finish(); } $this->addLog("Connecting to {$url} to verify if PayPal response is valid."); require_once JPATH_ADMINISTRATOR . '/components/com_rsmembership/helpers/version.php'; $version = (string) new RSMembershipVersion(); $website = JUri::root(); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_FORBID_REUSE, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Host: www.paypal.com')); curl_setopt($ch, CURLOPT_USERAGENT, "RSMembership!/{$version} ({$website})"); $res = curl_exec($ch); $errstr = curl_error($ch); curl_close($ch); if ($errstr) { $this->addLog('[err] cURL reported error: ' . $errstr); $this->finish(); } // assign posted variables to local variables $item_name = $jinput->get('item_name', '', 'none'); $item_number = $jinput->get('item_number', '', 'none'); $payment_status = $jinput->get('payment_status', '', 'none'); $payment_amount = $jinput->get('mc_gross', '', 'none'); $payment_currency = $jinput->get('mc_currency', '', 'none'); $txn_id = $jinput->get('txn_id', '', 'none'); $txn_type = $jinput->get('txn_type', '', 'none'); $receiver_email = $jinput->get('receiver_email', '', 'none'); $payer_email = $jinput->get('payer_email', '', 'none'); $custom = $jinput->get('custom', 0, 'none'); // try to get the transaction id based on the custom hash $transaction_id = $this->getTransactionId($custom); // Do not deny the transaction for now. $deny = false; $this->addLog("Transaction ID is '{$transaction_id}', based on '{$custom}'."); if ($res) { $this->addLog("Successfully connected to {$url}. Response is {$res}"); if (strcmp($res, "VERIFIED") == 0) { $this->addLog("Response is VERIFIED."); $log[] = "PayPal reported a valid transaction."; $log[] = "Payment status is " . (!empty($payment_status) ? $payment_status : 'empty') . "."; // check the payment_status is Completed if (!$only_completed || $only_completed && $payment_status == 'Completed') { // sign up - do nothing, we use our "custom" parameter to identify the transaction if ($txn_type == 'subscr_signup') { $log[] = "Subscription signup has been received."; // If this is a free trial, we'll need to make sure that the transaction is accepted since "subscr_payment" will be received after the trial ends $mc_amount1 = $jinput->get('mc_amount1', '', 'none'); $subscr_id = $jinput->get('subscr_id', '', 'none'); if ((double) $mc_amount1 == (double) $transaction->price && $mc_amount1 == '0.00') { // Emulate the variables needed below to approve the transaction // No txn_id here, let's just use subscr_id so we can use something for PayPal identification. $txn_id = 'Subscription ID: ' . $subscr_id; $payment_amount = $mc_amount1; // Load the transaction so that it can be processed below $transaction = $this->getTransaction($transaction_id, 'id'); } } elseif ($txn_type == 'subscr_payment' || $txn_type == 'recurring_payment') { $log[] = "Adding new payment..."; // check that txn_id has not been previously processed // check custom_hash from db -> if custom_hash == txn_id $query->clear(); $query->select($db->qn('id'))->from($db->qn('#__rsmembership_transactions'))->where($db->qn('hash') . ' = ' . $db->q($txn_id))->where($db->qn('gateway') . ' = ' . $db->q($name)); $db->setQuery($query); if (!$db->loadResult()) { $transaction = $this->getTransaction($custom); // check if transaction exists if (!empty($transaction)) { // this transaction has already been processed // we need to create a new "renewal" transaction if ($transaction->status == 'completed') { $log[] = "Identified this payment as recurring."; $query->clear(); $query->select($db->qn('id'))->select($db->qn('user_id'))->select($db->qn('membership_id'))->from($db->qn('#__rsmembership_membership_subscribers'))->where($db->qn('from_transaction_id') . ' = ' . $db->q($transaction->id)); $db->setQuery($query); $membership = $db->loadObject(); if (!empty($membership)) { $user = JFactory::getUser($membership->user_id); JTable::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_rsmembership/tables'); $transaction = JTable::getInstance('Transaction', 'RSMembershipTable'); $transaction->user_id = $user->get('id'); $transaction->user_email = $user->get('email'); $transaction->type = 'renew'; $params = array(); $params[] = 'id=' . $membership->id; $params[] = 'membership_id=' . $membership->membership_id; $transaction->params = implode(';', $params); // params, membership, extras etc $date = JFactory::getDate(); $transaction->date = $date->toSql(); $transaction->ip = $_SERVER['REMOTE_ADDR']; $transaction->price = $payment_amount; $transaction->currency = RSMembershipHelper::getConfig('currency'); $transaction->hash = ''; $transaction->gateway = $name; $transaction->status = 'pending'; // store the transaction $transaction->store(); RSMembership::finalize($transaction->id); $log[] = "Successfully added the recurring transaction to the database."; } else { $log[] = "Could not identify the original transaction for this recurring payment."; } } } else { $log[] = "Could not identify transaction with custom hash {$custom}. Stopping."; } } else { $log[] = "The transaction {$txn_id} has already been processed. Stopping."; } } else { // check that txn_id has not been previously processed // check custom_hash from db -> if custom_hash == txn_id $query->clear(); $query->select($db->qn('id'))->from($db->qn('#__rsmembership_transactions'))->where($db->qn('hash') . ' = ' . $db->q($txn_id))->where($db->qn('gateway') . ' = ' . $db->q($name)); $db->setQuery($query); if (!$db->loadResult()) { $query->clear(); $query->select('*')->from($db->qn('#__rsmembership_transactions'))->where($db->qn('custom') . ' = ' . $db->q($custom))->where($db->qn('status') . ' != ' . $db->q('completed')); $db->setQuery($query); $transaction = $db->loadObject(); // check if transaction exists if (empty($transaction)) { $log[] = "Could not identify transaction with custom hash {$custom}. Stopping."; } } else { $log[] = "The transaction {$txn_id} has already been processed. Stopping."; } } if (!empty($transaction)) { $plugin_email = $this->normalize($this->params->get('email')); $primary_email = $this->normalize($this->params->get('primary_email')); $receiver_email = $this->normalize($receiver_email); if (!$primary_email) { $primary_email = $plugin_email; } // check that receiver_email is your Primary PayPal email if ($receiver_email == $plugin_email || $receiver_email == $primary_email) { // check that payment_amount/payment_currency are correct // check $payment_amount == $price from $subscription_id && $payment_currency == $price from $subscription_id $price = $this->_convertNumber($transaction->price); $currency = $this->normalize(RSMembershipHelper::getConfig('currency')); $payment_currency = $this->normalize($payment_currency); if ((double) $payment_amount >= (double) $price) { if ($currency == $payment_currency) { // set the hash $this->setTransactionHash($transaction->id, $txn_id); // process payment unless manual activation selected $membership_id = $this->getMembershipId($transaction->params, $transaction->type); if ($membership_id) { $query->clear()->select('activation')->from($db->qn('#__rsmembership_memberships'))->where($db->qn('id') . ' = ' . $db->q((int) $membership_id)); $db->setQuery($query); $activation = $db->loadResult(); if ($activation != MEMBERSHIP_ACTIVATION_MANUAL) { RSMembership::approve($transaction->id); } $activationText = 'missing'; if ($activation == MEMBERSHIP_ACTIVATION_MANUAL) { $activationText = 'manual'; } elseif ($activation == MEMBERSHIP_ACTIVATION_AUTO) { $activationText = 'auto'; } elseif ($activation == MEMBERSHIP_ACTIVATION_INSTANT) { $activationText = 'instant'; } $log[] = "Activation is {$activationText}."; $log[] = "Successfully added the payment to the database."; } else { $log[] = "The membership could not be found in the database."; } } else { $log[] = "Expected a currency of {$currency}. PayPal reports this payment is made in {$payment_currency}. Stopping."; $deny = true; } } else { $log[] = "Expected an amount of {$price} {$currency}. PayPal reports this payment is {$payment_amount} {$payment_currency}. Stopping."; $deny = true; } } else { $log[] = "Expected payment to be made to {$plugin_email}" . ($primary_email ? " or {$primary_email}" : "") . ". PayPal reports this payment is made for {$receiver_email}. Stopping."; $deny = true; } } } else { $log[] = "Payment status is {$payment_status}. Stopping."; } } elseif (strcmp($res, "INVALID") == 0) { $this->addLog("[err] Response is INVALID."); $log[] = "Could not verify transaction authencity. PayPal said it's invalid."; $log[] = "String sent to PayPal is {$req}"; $deny = true; // log for manual investigation } else { $this->addLog("[err] PayPal response returned invalid data. Data is presented below:"); $this->addLog($res); $this->addLog("End of data."); $log[] = 'PayPal response is not valid! Should be either VERIFIED or INVALID, received "' . strip_tags($res) . '"'; } } else { $log[] = "Could not open {$url} in order to verify this transaction. Error reported is: {$errstr}"; } if ($transaction_id) { $log[] = "String sent by PayPal is {$req}"; RSMembership::saveTransactionLog($log, $transaction_id); if ($deny) { RSMembership::deny($transaction_id); } } $this->finish(); }
function deny() { // Check for request forgeries JRequest::checkToken() or jexit('Invalid Token'); // Get the selected items $cid = JRequest::getVar('cid', array(0), 'post', 'array'); $total = count($cid); $msg = JText::sprintf('RSM_TRANSACTIONS_DENIED', $total); // Force array elements to be integers JArrayHelper::toInteger($cid, array(0)); $msg = ''; // No items are selected if (!is_array($cid) || count($cid) < 1) { JError::raiseWarning(500, JText::_('SELECT ITEM')); } else { $user =& JFactory::getUser(); $user_id = $user->get('username'); foreach ($cid as $id) { RSMembership::saveTransactionLog('Manually denied by ' . $user_id, $id); RSMembership::deny($id); } $total = count($cid); $msg = JText::sprintf('RSM_TRANSACTIONS_DENIED', $total); // Clean the cache, if any $cache =& JFactory::getCache('com_rsmembership'); $cache->clean(); } $this->setRedirect('index.php?option=com_rsmembership&view=transactions', $msg); }
public function deny() { // Check for request forgeries JSession::checkToken() or jexit('Invalid Token'); // Get the selected items $cid = JFactory::getApplication()->input->get('cid', array(), 'array'); // Force array elements to be integers JArrayHelper::toInteger($cid, array(0)); $msg = ''; // No items are selected if (!is_array($cid) || count($cid) < 1) { JError::raiseWarning(500, JText::_('JERROR_NO_ITEMS_SELECTED')); } else { $user = JFactory::getUser(); $user_id = $user->get('username'); $total = 0; foreach ($cid as $id) { RSMembership::saveTransactionLog('Manually denied by ' . $user_id, $id); if (RSMembership::deny($id)) { $total++; } } $msg = JText::sprintf('COM_RSMEMBERSHIP_TRANSACTIONS_DENIED', $total); // Clean the cache, if any $cache = JFactory::getCache('com_rsmembership'); $cache->clean(); } $this->setRedirect(JRoute::_('index.php?option=com_rsmembership&view=transactions', false), $msg); }
function onAfterRoute() { $app =& JFactory::getApplication(); if ($app->isAdmin()) { return; } if (JRequest::getVar('authorizepayment')) { return $this->onPaymentNotification(); } $option = JRequest::getVar('option'); $task = JRequest::getCmd('plugin_task'); $membership_id = JRequest::getInt('membership_id'); if ($option == 'com_rsmembership' && $task == 'authorize') { @ob_end_clean(); $db =& JFactory::getDBO(); $db->setQuery("SELECT * FROM #__rsmembership_memberships WHERE `id`='" . $membership_id . "'"); $membership = $db->loadObject(); JTable::addIncludePath(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_rsmembership' . DS . 'tables'); $row =& JTable::getInstance('RSMembership_Transactions', 'Table'); $transaction = $this->getDelayedTransaction(); if (empty($transaction)) { $app->enqueueMessage('RSM_SESSION_EXPIRED', 'error'); echo 'RSM_SESSION_END'; die; } $row->bind($transaction); // adjust price $row->price += $this->_getTax($row->price); $row->price = $this->_convertNumber($row->price); $description = $this->_params->get('message_type') ? $membership->name : JText::sprintf('RSM_MEMBERSHIP_PURCHASE_ON', date(RSMembershipHelper::getConfig('date_format'), $row->date)); $post_url = $this->_params->get('mode') ? "https://secure.authorize.net/gateway/transact.dll" : "https://test.authorize.net/gateway/transact.dll"; $is_recurring = $membership->recurring && $membership->period > 0 && $row->type == 'new'; $cc_number = JRequest::getCmd('cc_number', '', 'post'); $cc_expiration = substr(JRequest::getCmd('cc_exp_mm', '', 'post'), 0, 2) . '-' . JRequest::getInt('cc_exp_yy', 0, 'post'); $cc_fname = JRequest::getVar('cc_fname', '', 'post'); $cc_lname = JRequest::getVar('cc_lname', '', 'post'); $post_values = array("x_login" => $this->_params->get('x_login'), "x_tran_key" => $this->_params->get('x_tran_key'), "x_version" => "3.1", "x_delim_data" => "TRUE", "x_delim_char" => "|", "x_relay_response" => "FALSE", "x_type" => "AUTH_CAPTURE", "x_method" => "CC", "x_card_num" => $cc_number, "x_exp_date" => $cc_expiration, "x_card_code" => JRequest::getVar('csc_number', '', 'post'), "x_amount" => $row->price, "x_currency_code" => RSMembershipHelper::getConfig('currency'), "x_invoice_num" => md5(uniqid($this->_params->get('x_login') . ' ' . $this->_params->get('x_tran_key'))), "x_description" => $description, "x_first_name" => $cc_fname, "x_last_name" => $cc_lname, "x_email" => $row->get('user_email'), "x_address" => '', "x_state" => '', "x_zip" => ''); $string = ''; foreach ($post_values as $key => $value) { $string .= "{$key}=" . urlencode($value) . "&"; } $string = rtrim($string, "& "); unset($post_values); if (!function_exists('curl_init')) { echo JHTML::image('plugins/system/' . $this->joomla16prefix . 'rsmembershipauthorize/images/error.png', 'Error', array('id' => 'rsm_warning')) . ' ' . JText::_('RSM_AUTHORIZE_CURL_ERROR'); } else { $request = curl_init($post_url); curl_setopt($request, CURLOPT_HEADER, 0); curl_setopt($request, CURLOPT_RETURNTRANSFER, 1); curl_setopt($request, CURLOPT_POSTFIELDS, $string); curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE); $response = curl_exec($request); curl_close($request); // close curl object // This line takes the response and breaks it into an array using the specified delimiting character $response = explode('|', $response); if ($response[0] == 1) { $order_no = $response[6]; if (!$is_recurring) { $this->emptyDelayedTransaction(); $row->hash = $order_no; $row->store(); RSMembership::finalize($row->get('id')); RSMembership::approve($row->get('id')); $log = array(); $log[] = 'POSTed to ' . $post_url . ':'; $log[] = str_replace('&x_card_num=' . $cc_number, '&x_card_num=<HIDDEN>', $string); $log[] = 'Response:'; $log[] = implode('|', $response); $log[] = 'Transaction ID extracted from Response: ' . $response[6]; RSMembership::saveTransactionLog($log, $row->get('id')); } else { list($length, $unit) = $this->_getAuthorizeLength($membership); $date =& JFactory::getDate(); $startDate = date('Y-m-d', strtotime("+{$length} {$unit}", $date->toUnix())); $extra_total = 0; $params = RSMembershipHelper::parseParams($row->params); if (!empty($params['extras'])) { $db->setQuery("SELECT SUM(`price`) FROM #__rsmembership_extra_values WHERE `id` IN (" . implode(',', $params['extras']) . ")"); $extra_total = $db->loadResult(); } $amount = $membership->use_renewal_price ? $membership->renewal_price : $membership->price; $amount += $extra_total; $amount += $this->_getTax($amount); $trialOccurrences = $membership->use_trial_period ? 1 : 0; $trialAmount = $membership->use_trial_period ? $membership->trial_price : 0; $trialAmount += $extra_total; $trialAmount += $this->_getTax($trialAmount); $content = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" . "<ARBCreateSubscriptionRequest xmlns=\"AnetApi/xml/v1/schema/AnetApiSchema.xsd\">" . "<merchantAuthentication>" . "<name>" . $this->_params->get('x_login') . "</name>" . "<transactionKey>" . $this->_params->get('x_tran_key') . "</transactionKey>" . "</merchantAuthentication>" . "<refId>0</refId>" . "<subscription>" . "<name>" . htmlentities($description, ENT_COMPAT, 'UTF-8') . "</name>" . "<paymentSchedule>" . "<interval>" . "<length>" . $length . "</length>" . "<unit>" . $unit . "</unit>" . "</interval>" . "<startDate>" . $startDate . "</startDate>" . "<totalOccurrences>9999</totalOccurrences>" . "<trialOccurrences>" . $trialOccurrences . "</trialOccurrences>" . "</paymentSchedule>" . "<amount>" . $amount . "</amount>" . "<trialAmount>" . $trialAmount . "</trialAmount>" . "<payment>" . "<creditCard>" . "<cardNumber>" . $cc_number . "</cardNumber>" . "<expirationDate>" . $cc_expiration . "</expirationDate>" . "</creditCard>" . "</payment>" . "<billTo>" . "<firstName>" . $cc_fname . "</firstName>" . "<lastName>" . $cc_lname . "</lastName>" . "</billTo>" . "</subscription>" . "</ARBCreateSubscriptionRequest>"; $post_url = $this->_params->get('mode') ? "https://api.authorize.net/xml/v1/request.api" : "https://apitest.authorize.net/xml/v1/request.api"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $post_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml")); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $content); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); $response = curl_exec($ch); if ($response) { list($refId, $resultCode, $code, $text, $subscriptionId) = $this->_parseReturn($response); if ($resultCode == 'Ok' || strpos($text, 'Successful') !== false) { $this->emptyDelayedTransaction(); $row->custom = $subscriptionId; $row->hash = $order_no; $row->store(); RSMembership::finalize($row->get('id')); RSMembership::approve($row->get('id')); $log = array(); $log[] = 'XML POSTed to ' . $post_url . ':'; $log[] = str_replace("<cardNumber>" . $cc_number . "</cardNumber>", '<cardNumber>HIDDEN</cardNumber>', $content); $log[] = 'Response:'; $log[] = $response; RSMembership::saveTransactionLog($log, $row->get('id')); } else { $image = 'error'; if (!$text) { $text = explode("\r\n\r\n", $response, 2); $text = strip_tags($text[1]); } echo JHTML::image('plugins/system/' . $this->joomla16prefix . 'rsmembershipauthorize/images/' . $image . '.png', 'Information', array('id' => 'rsm_warning')) . ' ' . htmlentities($text, ENT_COMPAT, 'UTF-8'); die; } } else { echo JHTML::image('plugins/system/' . $this->joomla16prefix . 'rsmembershipauthorize/images/error.png', 'Error') . ' ' . JText::_('RSM_AUTHORIZE_GENERAL_ERROR'); die; } } echo 'RSM_AUTHORIZE_OK'; } else { $image = $response[0] == 4 ? 'warning' : 'error'; echo JHTML::image('plugins/system/' . $this->joomla16prefix . 'rsmembershipauthorize/images/' . $image . '.png', 'Information', array('id' => 'rsm_warning')) . ' ' . htmlentities($response[3], ENT_COMPAT, 'UTF-8'); } } die; } }
protected function onOldPaymentNotification() { if (!$this->canRun()) { return; } $log = array(); $deny = false; $app = JFactory::getApplication(); $jinput = $app->input; $db = JFactory::getDBO(); $query = $db->getQuery(true); $recurring = $jinput->get('recurring', 0, 'int'); $custom = $jinput->get('custom', '', 'string'); $ordernumber = $this->params->get('mode') ? $jinput->get('order_number', '', 'string') : 1; $total = $jinput->get('total', '', 'string'); $key = $jinput->get('key', '', 'string'); $processed = $jinput->get('credit_card_processed', '', 'string'); $timestamp = $jinput->get('timestamp', '', 'string'); $payment_amount = $jinput->get('payment_amount', '', 'string'); $query->select('*')->from($db->qn('#__rsmembership_transactions'))->where($db->qn('custom') . ' = ' . $db->q($custom)); $db->setQuery($query); $db->execute(); $transaction = $db->loadObject(); $secret_word = $this->params->get('secret_word'); $sid = $this->params->get('id'); // calculate the hash $hash = strtoupper(md5($secret_word . $sid . $ordernumber . $total)); if ($hash != $key) { $log[] = JText::sprintf("PLG_SYSTEM_RSMEMBERSHIP2CO_VERIFICATION_ERROR", $key, $hash); $deny = true; } else { if ($recurring) { // recurring payment $log[] = "Identified this payment as recurring."; $query->clear(); $query->select($db->qn('id'))->select($db->qn('user_id'))->select($db->qn('membership_id'))->from($db->qn('#__rsmembership_membership_subscribers'))->where($db->qn('from_transaction_id') . ' = ' . $db->q($transaction->id)); $db->setQuery($query); $membership = $db->loadObject(); if (!empty($membership)) { $user = JFactory::getUser($membership->user_id); // get the serialized user_data from previous transaction $user_data = $transaction->user_data; // load new transaction object JTable::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_rsmembership/tables'); $transaction = JTable::getInstance('Transaction', 'RSMembershipTable'); $transaction->user_id = $user->get('id'); $transaction->user_email = $user->get('email'); $transaction->user_data = $user_data; $transaction->type = 'renew'; $params = array(); $params[] = 'id=' . $membership->id; $params[] = 'membership_id=' . $membership->membership_id; $transaction->params = implode(';', $params); // params, membership, extras etc $transaction->ip = $_SERVER['REMOTE_ADDR']; $transaction->date = $timestamp; $transaction->price = $payment_amount; $transaction->currency = RSMembershipHelper::getConfig('currency'); $transaction->hash = ''; $transaction->gateway = $this->getTranslation($this->params->get('payment_name', '2Checkout')); $transaction->status = 'completed'; // store the transaction $transaction->store(); RSMembership::finalize($transaction->id); $log[] = "Successfully added the recurring transaction to the database."; } else { $log[] = "Could not identify the original transaction for this recurring payment."; } } else { // transaction exists if (empty($transaction) || $transaction->status == 'completed') { return; } // check if the amount is correct $price = $this->_convertNumber($transaction->price); $currency = strtolower(trim(RSMembershipHelper::getConfig('currency'))); if ($price <= $total) { // process payment if ($processed == 'Y') { // update order number $query->clear(); $query->update($db->qn('#__rsmembership_transactions'))->set($db->qn('hash') . ' = ' . $db->q($ordernumber))->where($db->qn('id') . ' = ' . $db->q($transaction->id)); $db->setQuery($query); $db->execute(); // approve RSMembership::approve($transaction->id); $log[] = JText::sprintf('PLG_SYSTEM_RSMEMBERSHIP2CO_PAYMENT_SUCCESS', $ordernumber); } else { $log[] = JText::_("PLG_SYSTEM_RSMEMBERSHIP2CO_CC_NOT_PROCESSED"); $deny = true; } } else { $log[] = JText::sprintf("PLG_SYSTEM_RSMEMBERSHIP2CO_EXPECTED_AMOUNT", $price, $currency, $total, $currency); $deny = true; } } } RSMembership::saveTransactionLog($log, $transaction->id); if ($deny) { RSMembership::deny($transaction->id); } $app->redirect('index.php?option=com_rsmembership&task=thankyou'); }