function onMembershipCancelPayment($plugin, $data, $membership, &$transaction)
{
if (!$this->canRun()) {
return;
}
if ($plugin != $this->_plugin->name) {
return false;
}
if (!$membership->recurring || $membership->period == 0) {
return false;
}
$content = "<ARBCancelSubscriptionRequest xmlns=\"AnetApi/xml/v1/schema/AnetApiSchema.xsd\">" . "<merchantAuthentication>" . "<name>" . $this->_params->get('x_login') . "</name>" . "<transactionKey>" . $this->_params->get('x_tran_key') . "</transactionKey>" . "</merchantAuthentication>" . "<refId>0</refId>" . "<subscriptionId>" . $transaction->custom . "</subscriptionId>" . "<sandbox>true</sandbox>" . "</ARBCancelSubscriptionRequest>";
/*$post_url = $this->_params->get('mode') ? "https://api.authorize.net/xml/v1/request.api" : "https://apitest.authorize.net/xml/v1/request.api";*/
$post_url = $this->_params->get('mode') ? "https://developer.authorize.net/tools/paramdump/index.php" : "https://developer.authorize.net/tools/paramdump/index.php";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $post_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $content);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$response = curl_exec($ch);
$log = array();
$log[] = 'Cancelled by request. Response is below:';
$log[] = '--- START ---';
list($refId, $resultCode, $code, $text, $subscriptionId) = $this->_parseReturn($response);
$log[] = 'Ref Id: ' . $refId;
$log[] = 'Result Code: ' . $resultCode;
$log[] = 'Code: ' . $code;
$log[] = 'Text: ' . $text;
$log[] = 'Subscription Id: ' . $subscriptionId;
$log[] = '--- END ---';
RSMembership::saveTransactionLog($log, $transaction->id);
if ($resultCode == 'Ok') {
return true;
}
JError::raiseWarning(500, $text);
return false;
}
protected function onPaymentNotification()
{
if (!$this->canRun()) {
return;
}
ob_end_clean();
$name = $this->getTranslation($this->params->get('payment_name', 'PayPal'));
require_once JPATH_ADMINISTRATOR . '/components/com_rsmembership/helpers/adapters/input.php';
$db = JFactory::getDBO();
$query = $db->getQuery(true);
$jinput = RSInput::create();
$log = array();
$req = $this->_buildPostData();
$this->addLog("IPN received: {$req}");
// post back to PayPal system to validate
$url = $this->params->get('mode') ? 'https://www.paypal.com/cgi-bin/webscr' : 'https://www.sandbox.paypal.com/cgi-bin/webscr';
$only_completed = (int) $this->params->get('only_completed', 0);
if (!extension_loaded('curl') || !function_exists('curl_exec') || !is_callable('curl_exec')) {
$this->addLog('[err] cURL is not installed or executable, cannot connect back to PayPal for validation!');
$this->finish();
}
$this->addLog("Connecting to {$url} to verify if PayPal response is valid.");
require_once JPATH_ADMINISTRATOR . '/components/com_rsmembership/helpers/version.php';
$version = (string) new RSMembershipVersion();
$website = JUri::root();
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Host: www.paypal.com'));
curl_setopt($ch, CURLOPT_USERAGENT, "RSMembership!/{$version} ({$website})");
$res = curl_exec($ch);
$errstr = curl_error($ch);
curl_close($ch);
if ($errstr) {
$this->addLog('[err] cURL reported error: ' . $errstr);
$this->finish();
}
// assign posted variables to local variables
$item_name = $jinput->get('item_name', '', 'none');
$item_number = $jinput->get('item_number', '', 'none');
$payment_status = $jinput->get('payment_status', '', 'none');
$payment_amount = $jinput->get('mc_gross', '', 'none');
$payment_currency = $jinput->get('mc_currency', '', 'none');
$txn_id = $jinput->get('txn_id', '', 'none');
$txn_type = $jinput->get('txn_type', '', 'none');
$receiver_email = $jinput->get('receiver_email', '', 'none');
$payer_email = $jinput->get('payer_email', '', 'none');
$custom = $jinput->get('custom', 0, 'none');
// try to get the transaction id based on the custom hash
$transaction_id = $this->getTransactionId($custom);
// Do not deny the transaction for now.
$deny = false;
$this->addLog("Transaction ID is '{$transaction_id}', based on '{$custom}'.");
if ($res) {
$this->addLog("Successfully connected to {$url}. Response is {$res}");
if (strcmp($res, "VERIFIED") == 0) {
$this->addLog("Response is VERIFIED.");
$log[] = "PayPal reported a valid transaction.";
$log[] = "Payment status is " . (!empty($payment_status) ? $payment_status : 'empty') . ".";
// check the payment_status is Completed
if (!$only_completed || $only_completed && $payment_status == 'Completed') {
// sign up - do nothing, we use our "custom" parameter to identify the transaction
if ($txn_type == 'subscr_signup') {
$log[] = "Subscription signup has been received.";
// If this is a free trial, we'll need to make sure that the transaction is accepted since "subscr_payment" will be received after the trial ends
$mc_amount1 = $jinput->get('mc_amount1', '', 'none');
$subscr_id = $jinput->get('subscr_id', '', 'none');
if ((double) $mc_amount1 == (double) $transaction->price && $mc_amount1 == '0.00') {
// Emulate the variables needed below to approve the transaction
// No txn_id here, let's just use subscr_id so we can use something for PayPal identification.
$txn_id = 'Subscription ID: ' . $subscr_id;
$payment_amount = $mc_amount1;
// Load the transaction so that it can be processed below
$transaction = $this->getTransaction($transaction_id, 'id');
}
} elseif ($txn_type == 'subscr_payment' || $txn_type == 'recurring_payment') {
$log[] = "Adding new payment...";
// check that txn_id has not been previously processed
// check custom_hash from db -> if custom_hash == txn_id
$query->clear();
$query->select($db->qn('id'))->from($db->qn('#__rsmembership_transactions'))->where($db->qn('hash') . ' = ' . $db->q($txn_id))->where($db->qn('gateway') . ' = ' . $db->q($name));
$db->setQuery($query);
if (!$db->loadResult()) {
$transaction = $this->getTransaction($custom);
// check if transaction exists
if (!empty($transaction)) {
// this transaction has already been processed
// we need to create a new "renewal" transaction
if ($transaction->status == 'completed') {
$log[] = "Identified this payment as recurring.";
$query->clear();
$query->select($db->qn('id'))->select($db->qn('user_id'))->select($db->qn('membership_id'))->from($db->qn('#__rsmembership_membership_subscribers'))->where($db->qn('from_transaction_id') . ' = ' . $db->q($transaction->id));
$db->setQuery($query);
$membership = $db->loadObject();
if (!empty($membership)) {
$user = JFactory::getUser($membership->user_id);
JTable::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_rsmembership/tables');
$transaction = JTable::getInstance('Transaction', 'RSMembershipTable');
$transaction->user_id = $user->get('id');
$transaction->user_email = $user->get('email');
$transaction->type = 'renew';
$params = array();
$params[] = 'id=' . $membership->id;
$params[] = 'membership_id=' . $membership->membership_id;
$transaction->params = implode(';', $params);
// params, membership, extras etc
$date = JFactory::getDate();
$transaction->date = $date->toSql();
$transaction->ip = $_SERVER['REMOTE_ADDR'];
$transaction->price = $payment_amount;
$transaction->currency = RSMembershipHelper::getConfig('currency');
$transaction->hash = '';
$transaction->gateway = $name;
$transaction->status = 'pending';
// store the transaction
$transaction->store();
RSMembership::finalize($transaction->id);
$log[] = "Successfully added the recurring transaction to the database.";
} else {
$log[] = "Could not identify the original transaction for this recurring payment.";
}
}
} else {
$log[] = "Could not identify transaction with custom hash {$custom}. Stopping.";
}
} else {
$log[] = "The transaction {$txn_id} has already been processed. Stopping.";
}
} else {
// check that txn_id has not been previously processed
// check custom_hash from db -> if custom_hash == txn_id
$query->clear();
$query->select($db->qn('id'))->from($db->qn('#__rsmembership_transactions'))->where($db->qn('hash') . ' = ' . $db->q($txn_id))->where($db->qn('gateway') . ' = ' . $db->q($name));
$db->setQuery($query);
if (!$db->loadResult()) {
$query->clear();
$query->select('*')->from($db->qn('#__rsmembership_transactions'))->where($db->qn('custom') . ' = ' . $db->q($custom))->where($db->qn('status') . ' != ' . $db->q('completed'));
$db->setQuery($query);
$transaction = $db->loadObject();
// check if transaction exists
if (empty($transaction)) {
$log[] = "Could not identify transaction with custom hash {$custom}. Stopping.";
}
} else {
$log[] = "The transaction {$txn_id} has already been processed. Stopping.";
}
}
if (!empty($transaction)) {
$plugin_email = $this->normalize($this->params->get('email'));
$primary_email = $this->normalize($this->params->get('primary_email'));
$receiver_email = $this->normalize($receiver_email);
if (!$primary_email) {
$primary_email = $plugin_email;
}
// check that receiver_email is your Primary PayPal email
if ($receiver_email == $plugin_email || $receiver_email == $primary_email) {
// check that payment_amount/payment_currency are correct
// check $payment_amount == $price from $subscription_id && $payment_currency == $price from $subscription_id
$price = $this->_convertNumber($transaction->price);
$currency = $this->normalize(RSMembershipHelper::getConfig('currency'));
$payment_currency = $this->normalize($payment_currency);
if ((double) $payment_amount >= (double) $price) {
if ($currency == $payment_currency) {
// set the hash
$this->setTransactionHash($transaction->id, $txn_id);
// process payment unless manual activation selected
$membership_id = $this->getMembershipId($transaction->params, $transaction->type);
if ($membership_id) {
$query->clear()->select('activation')->from($db->qn('#__rsmembership_memberships'))->where($db->qn('id') . ' = ' . $db->q((int) $membership_id));
$db->setQuery($query);
$activation = $db->loadResult();
if ($activation != MEMBERSHIP_ACTIVATION_MANUAL) {
RSMembership::approve($transaction->id);
}
$activationText = 'missing';
if ($activation == MEMBERSHIP_ACTIVATION_MANUAL) {
$activationText = 'manual';
} elseif ($activation == MEMBERSHIP_ACTIVATION_AUTO) {
$activationText = 'auto';
} elseif ($activation == MEMBERSHIP_ACTIVATION_INSTANT) {
$activationText = 'instant';
}
$log[] = "Activation is {$activationText}.";
$log[] = "Successfully added the payment to the database.";
} else {
$log[] = "The membership could not be found in the database.";
}
} else {
$log[] = "Expected a currency of {$currency}. PayPal reports this payment is made in {$payment_currency}. Stopping.";
$deny = true;
}
} else {
$log[] = "Expected an amount of {$price} {$currency}. PayPal reports this payment is {$payment_amount} {$payment_currency}. Stopping.";
$deny = true;
}
} else {
$log[] = "Expected payment to be made to {$plugin_email}" . ($primary_email ? " or {$primary_email}" : "") . ". PayPal reports this payment is made for {$receiver_email}. Stopping.";
$deny = true;
}
}
} else {
$log[] = "Payment status is {$payment_status}. Stopping.";
}
} elseif (strcmp($res, "INVALID") == 0) {
$this->addLog("[err] Response is INVALID.");
$log[] = "Could not verify transaction authencity. PayPal said it's invalid.";
$log[] = "String sent to PayPal is {$req}";
$deny = true;
// log for manual investigation
} else {
$this->addLog("[err] PayPal response returned invalid data. Data is presented below:");
$this->addLog($res);
$this->addLog("End of data.");
$log[] = 'PayPal response is not valid! Should be either VERIFIED or INVALID, received "' . strip_tags($res) . '"';
}
} else {
$log[] = "Could not open {$url} in order to verify this transaction. Error reported is: {$errstr}";
}
if ($transaction_id) {
$log[] = "String sent by PayPal is {$req}";
RSMembership::saveTransactionLog($log, $transaction_id);
if ($deny) {
RSMembership::deny($transaction_id);
}
}
$this->finish();
}
function deny()
{
// Check for request forgeries
JRequest::checkToken() or jexit('Invalid Token');
// Get the selected items
$cid = JRequest::getVar('cid', array(0), 'post', 'array');
$total = count($cid);
$msg = JText::sprintf('RSM_TRANSACTIONS_DENIED', $total);
// Force array elements to be integers
JArrayHelper::toInteger($cid, array(0));
$msg = '';
// No items are selected
if (!is_array($cid) || count($cid) < 1) {
JError::raiseWarning(500, JText::_('SELECT ITEM'));
} else {
$user =& JFactory::getUser();
$user_id = $user->get('username');
foreach ($cid as $id) {
RSMembership::saveTransactionLog('Manually denied by ' . $user_id, $id);
RSMembership::deny($id);
}
$total = count($cid);
$msg = JText::sprintf('RSM_TRANSACTIONS_DENIED', $total);
// Clean the cache, if any
$cache =& JFactory::getCache('com_rsmembership');
$cache->clean();
}
$this->setRedirect('index.php?option=com_rsmembership&view=transactions', $msg);
}
public function deny()
{
// Check for request forgeries
JSession::checkToken() or jexit('Invalid Token');
// Get the selected items
$cid = JFactory::getApplication()->input->get('cid', array(), 'array');
// Force array elements to be integers
JArrayHelper::toInteger($cid, array(0));
$msg = '';
// No items are selected
if (!is_array($cid) || count($cid) < 1) {
JError::raiseWarning(500, JText::_('JERROR_NO_ITEMS_SELECTED'));
} else {
$user = JFactory::getUser();
$user_id = $user->get('username');
$total = 0;
foreach ($cid as $id) {
RSMembership::saveTransactionLog('Manually denied by ' . $user_id, $id);
if (RSMembership::deny($id)) {
$total++;
}
}
$msg = JText::sprintf('COM_RSMEMBERSHIP_TRANSACTIONS_DENIED', $total);
// Clean the cache, if any
$cache = JFactory::getCache('com_rsmembership');
$cache->clean();
}
$this->setRedirect(JRoute::_('index.php?option=com_rsmembership&view=transactions', false), $msg);
}
function onAfterRoute()
{
$app =& JFactory::getApplication();
if ($app->isAdmin()) {
return;
}
if (JRequest::getVar('authorizepayment')) {
return $this->onPaymentNotification();
}
$option = JRequest::getVar('option');
$task = JRequest::getCmd('plugin_task');
$membership_id = JRequest::getInt('membership_id');
if ($option == 'com_rsmembership' && $task == 'authorize') {
@ob_end_clean();
$db =& JFactory::getDBO();
$db->setQuery("SELECT * FROM #__rsmembership_memberships WHERE `id`='" . $membership_id . "'");
$membership = $db->loadObject();
JTable::addIncludePath(JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_rsmembership' . DS . 'tables');
$row =& JTable::getInstance('RSMembership_Transactions', 'Table');
$transaction = $this->getDelayedTransaction();
if (empty($transaction)) {
$app->enqueueMessage('RSM_SESSION_EXPIRED', 'error');
echo 'RSM_SESSION_END';
die;
}
$row->bind($transaction);
// adjust price
$row->price += $this->_getTax($row->price);
$row->price = $this->_convertNumber($row->price);
$description = $this->_params->get('message_type') ? $membership->name : JText::sprintf('RSM_MEMBERSHIP_PURCHASE_ON', date(RSMembershipHelper::getConfig('date_format'), $row->date));
$post_url = $this->_params->get('mode') ? "https://secure.authorize.net/gateway/transact.dll" : "https://test.authorize.net/gateway/transact.dll";
$is_recurring = $membership->recurring && $membership->period > 0 && $row->type == 'new';
$cc_number = JRequest::getCmd('cc_number', '', 'post');
$cc_expiration = substr(JRequest::getCmd('cc_exp_mm', '', 'post'), 0, 2) . '-' . JRequest::getInt('cc_exp_yy', 0, 'post');
$cc_fname = JRequest::getVar('cc_fname', '', 'post');
$cc_lname = JRequest::getVar('cc_lname', '', 'post');
$post_values = array("x_login" => $this->_params->get('x_login'), "x_tran_key" => $this->_params->get('x_tran_key'), "x_version" => "3.1", "x_delim_data" => "TRUE", "x_delim_char" => "|", "x_relay_response" => "FALSE", "x_type" => "AUTH_CAPTURE", "x_method" => "CC", "x_card_num" => $cc_number, "x_exp_date" => $cc_expiration, "x_card_code" => JRequest::getVar('csc_number', '', 'post'), "x_amount" => $row->price, "x_currency_code" => RSMembershipHelper::getConfig('currency'), "x_invoice_num" => md5(uniqid($this->_params->get('x_login') . ' ' . $this->_params->get('x_tran_key'))), "x_description" => $description, "x_first_name" => $cc_fname, "x_last_name" => $cc_lname, "x_email" => $row->get('user_email'), "x_address" => '', "x_state" => '', "x_zip" => '');
$string = '';
foreach ($post_values as $key => $value) {
$string .= "{$key}=" . urlencode($value) . "&";
}
$string = rtrim($string, "& ");
unset($post_values);
if (!function_exists('curl_init')) {
echo JHTML::image('plugins/system/' . $this->joomla16prefix . 'rsmembershipauthorize/images/error.png', 'Error', array('id' => 'rsm_warning')) . ' ' . JText::_('RSM_AUTHORIZE_CURL_ERROR');
} else {
$request = curl_init($post_url);
curl_setopt($request, CURLOPT_HEADER, 0);
curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($request, CURLOPT_POSTFIELDS, $string);
curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE);
$response = curl_exec($request);
curl_close($request);
// close curl object
// This line takes the response and breaks it into an array using the specified delimiting character
$response = explode('|', $response);
if ($response[0] == 1) {
$order_no = $response[6];
if (!$is_recurring) {
$this->emptyDelayedTransaction();
$row->hash = $order_no;
$row->store();
RSMembership::finalize($row->get('id'));
RSMembership::approve($row->get('id'));
$log = array();
$log[] = 'POSTed to ' . $post_url . ':';
$log[] = str_replace('&x_card_num=' . $cc_number, '&x_card_num=<HIDDEN>', $string);
$log[] = 'Response:';
$log[] = implode('|', $response);
$log[] = 'Transaction ID extracted from Response: ' . $response[6];
RSMembership::saveTransactionLog($log, $row->get('id'));
} else {
list($length, $unit) = $this->_getAuthorizeLength($membership);
$date =& JFactory::getDate();
$startDate = date('Y-m-d', strtotime("+{$length} {$unit}", $date->toUnix()));
$extra_total = 0;
$params = RSMembershipHelper::parseParams($row->params);
if (!empty($params['extras'])) {
$db->setQuery("SELECT SUM(`price`) FROM #__rsmembership_extra_values WHERE `id` IN (" . implode(',', $params['extras']) . ")");
$extra_total = $db->loadResult();
}
$amount = $membership->use_renewal_price ? $membership->renewal_price : $membership->price;
$amount += $extra_total;
$amount += $this->_getTax($amount);
$trialOccurrences = $membership->use_trial_period ? 1 : 0;
$trialAmount = $membership->use_trial_period ? $membership->trial_price : 0;
$trialAmount += $extra_total;
$trialAmount += $this->_getTax($trialAmount);
$content = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" . "<ARBCreateSubscriptionRequest xmlns=\"AnetApi/xml/v1/schema/AnetApiSchema.xsd\">" . "<merchantAuthentication>" . "<name>" . $this->_params->get('x_login') . "</name>" . "<transactionKey>" . $this->_params->get('x_tran_key') . "</transactionKey>" . "</merchantAuthentication>" . "<refId>0</refId>" . "<subscription>" . "<name>" . htmlentities($description, ENT_COMPAT, 'UTF-8') . "</name>" . "<paymentSchedule>" . "<interval>" . "<length>" . $length . "</length>" . "<unit>" . $unit . "</unit>" . "</interval>" . "<startDate>" . $startDate . "</startDate>" . "<totalOccurrences>9999</totalOccurrences>" . "<trialOccurrences>" . $trialOccurrences . "</trialOccurrences>" . "</paymentSchedule>" . "<amount>" . $amount . "</amount>" . "<trialAmount>" . $trialAmount . "</trialAmount>" . "<payment>" . "<creditCard>" . "<cardNumber>" . $cc_number . "</cardNumber>" . "<expirationDate>" . $cc_expiration . "</expirationDate>" . "</creditCard>" . "</payment>" . "<billTo>" . "<firstName>" . $cc_fname . "</firstName>" . "<lastName>" . $cc_lname . "</lastName>" . "</billTo>" . "</subscription>" . "</ARBCreateSubscriptionRequest>";
$post_url = $this->_params->get('mode') ? "https://api.authorize.net/xml/v1/request.api" : "https://apitest.authorize.net/xml/v1/request.api";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $post_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $content);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$response = curl_exec($ch);
if ($response) {
list($refId, $resultCode, $code, $text, $subscriptionId) = $this->_parseReturn($response);
if ($resultCode == 'Ok' || strpos($text, 'Successful') !== false) {
$this->emptyDelayedTransaction();
$row->custom = $subscriptionId;
$row->hash = $order_no;
$row->store();
RSMembership::finalize($row->get('id'));
RSMembership::approve($row->get('id'));
$log = array();
$log[] = 'XML POSTed to ' . $post_url . ':';
$log[] = str_replace("<cardNumber>" . $cc_number . "</cardNumber>", '<cardNumber>HIDDEN</cardNumber>', $content);
$log[] = 'Response:';
$log[] = $response;
RSMembership::saveTransactionLog($log, $row->get('id'));
} else {
$image = 'error';
if (!$text) {
$text = explode("\r\n\r\n", $response, 2);
$text = strip_tags($text[1]);
}
echo JHTML::image('plugins/system/' . $this->joomla16prefix . 'rsmembershipauthorize/images/' . $image . '.png', 'Information', array('id' => 'rsm_warning')) . ' ' . htmlentities($text, ENT_COMPAT, 'UTF-8');
die;
}
} else {
echo JHTML::image('plugins/system/' . $this->joomla16prefix . 'rsmembershipauthorize/images/error.png', 'Error') . ' ' . JText::_('RSM_AUTHORIZE_GENERAL_ERROR');
die;
}
}
echo 'RSM_AUTHORIZE_OK';
} else {
$image = $response[0] == 4 ? 'warning' : 'error';
echo JHTML::image('plugins/system/' . $this->joomla16prefix . 'rsmembershipauthorize/images/' . $image . '.png', 'Information', array('id' => 'rsm_warning')) . ' ' . htmlentities($response[3], ENT_COMPAT, 'UTF-8');
}
}
die;
}
}
protected function onOldPaymentNotification()
{
if (!$this->canRun()) {
return;
}
$log = array();
$deny = false;
$app = JFactory::getApplication();
$jinput = $app->input;
$db = JFactory::getDBO();
$query = $db->getQuery(true);
$recurring = $jinput->get('recurring', 0, 'int');
$custom = $jinput->get('custom', '', 'string');
$ordernumber = $this->params->get('mode') ? $jinput->get('order_number', '', 'string') : 1;
$total = $jinput->get('total', '', 'string');
$key = $jinput->get('key', '', 'string');
$processed = $jinput->get('credit_card_processed', '', 'string');
$timestamp = $jinput->get('timestamp', '', 'string');
$payment_amount = $jinput->get('payment_amount', '', 'string');
$query->select('*')->from($db->qn('#__rsmembership_transactions'))->where($db->qn('custom') . ' = ' . $db->q($custom));
$db->setQuery($query);
$db->execute();
$transaction = $db->loadObject();
$secret_word = $this->params->get('secret_word');
$sid = $this->params->get('id');
// calculate the hash
$hash = strtoupper(md5($secret_word . $sid . $ordernumber . $total));
if ($hash != $key) {
$log[] = JText::sprintf("PLG_SYSTEM_RSMEMBERSHIP2CO_VERIFICATION_ERROR", $key, $hash);
$deny = true;
} else {
if ($recurring) {
// recurring payment
$log[] = "Identified this payment as recurring.";
$query->clear();
$query->select($db->qn('id'))->select($db->qn('user_id'))->select($db->qn('membership_id'))->from($db->qn('#__rsmembership_membership_subscribers'))->where($db->qn('from_transaction_id') . ' = ' . $db->q($transaction->id));
$db->setQuery($query);
$membership = $db->loadObject();
if (!empty($membership)) {
$user = JFactory::getUser($membership->user_id);
// get the serialized user_data from previous transaction
$user_data = $transaction->user_data;
// load new transaction object
JTable::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_rsmembership/tables');
$transaction = JTable::getInstance('Transaction', 'RSMembershipTable');
$transaction->user_id = $user->get('id');
$transaction->user_email = $user->get('email');
$transaction->user_data = $user_data;
$transaction->type = 'renew';
$params = array();
$params[] = 'id=' . $membership->id;
$params[] = 'membership_id=' . $membership->membership_id;
$transaction->params = implode(';', $params);
// params, membership, extras etc
$transaction->ip = $_SERVER['REMOTE_ADDR'];
$transaction->date = $timestamp;
$transaction->price = $payment_amount;
$transaction->currency = RSMembershipHelper::getConfig('currency');
$transaction->hash = '';
$transaction->gateway = $this->getTranslation($this->params->get('payment_name', '2Checkout'));
$transaction->status = 'completed';
// store the transaction
$transaction->store();
RSMembership::finalize($transaction->id);
$log[] = "Successfully added the recurring transaction to the database.";
} else {
$log[] = "Could not identify the original transaction for this recurring payment.";
}
} else {
// transaction exists
if (empty($transaction) || $transaction->status == 'completed') {
return;
}
// check if the amount is correct
$price = $this->_convertNumber($transaction->price);
$currency = strtolower(trim(RSMembershipHelper::getConfig('currency')));
if ($price <= $total) {
// process payment
if ($processed == 'Y') {
// update order number
$query->clear();
$query->update($db->qn('#__rsmembership_transactions'))->set($db->qn('hash') . ' = ' . $db->q($ordernumber))->where($db->qn('id') . ' = ' . $db->q($transaction->id));
$db->setQuery($query);
$db->execute();
// approve
RSMembership::approve($transaction->id);
$log[] = JText::sprintf('PLG_SYSTEM_RSMEMBERSHIP2CO_PAYMENT_SUCCESS', $ordernumber);
} else {
$log[] = JText::_("PLG_SYSTEM_RSMEMBERSHIP2CO_CC_NOT_PROCESSED");
$deny = true;
}
} else {
$log[] = JText::sprintf("PLG_SYSTEM_RSMEMBERSHIP2CO_EXPECTED_AMOUNT", $price, $currency, $total, $currency);
$deny = true;
}
}
}
RSMembership::saveTransactionLog($log, $transaction->id);
if ($deny) {
RSMembership::deny($transaction->id);
}
$app->redirect('index.php?option=com_rsmembership&task=thankyou');
}