function onPaymentNotification(&$statuses)
{
$vars = array();
$data = array();
$filter = JFilterInput::getInstance();
foreach ($_REQUEST as $key => $value) {
$key = $filter->clean($key);
if (preg_match("#^[0-9a-z_-]{1,30}\$#i", $key) && !preg_match("#^cmd\$#i", $key)) {
$value = JRequest::getString($key);
$vars[$key] = $value;
$data[] = $key . '=' . urlencode($value);
}
}
$data = implode('&', $data) . '&cmd=_notify-validate';
$order_id = (int) @$vars['out_trade_no'];
$order_status = '';
$dbOrder = $this->getOrder($order_id);
$this->loadPaymentParams($dbOrder);
if (empty($this->payment_params)) {
return false;
}
$this->loadOrderData($dbOrder);
if ($this->payment_params->debug) {
$this->writeToLog(print_r($vars, true) . "\n\n\n");
$this->writeToLog(print_r($dbOrder, true) . "\n\n\n");
}
if (empty($dbOrder)) {
echo "Could not load any order for your notification " . $order_id;
return false;
}
$old_status = $dbOrder->order_status;
$url = HIKASHOP_LIVE . 'administrator/index.php?option=com_hikashop&ctrl=order&task=edit&order_id=' . $order_id;
$order_text = "\r\n" . JText::sprintf('NOTIFICATION_OF_ORDER_ON_WEBSITE', $dbOrder->order_number, HIKASHOP_LIVE);
$order_text .= "\r\n" . str_replace('<br/>', "\r\n", JText::sprintf('ACCESS_ORDER_WITH_LINK', $url));
if ($this->payment_params->debug) {
$this->writeToLog(print_r($dbOrder, true) . "\n\n\n");
}
$history = new stdClass();
$email = new stdClass();
$alipay = new alipay();
$alipay->set_transport($this->payment_params->transport);
$alipay->set_security_code($this->payment_params->security_code);
$alipay->set_sign_type($this->payment_params->sign_type);
$alipay->set_partner_id($this->payment_params->partner_id);
if ($alipay->_transport == "https") {
$notify_url = $alipay->_notify_gateway . "service=notify_verify" . "&partner=" . $alipay->_partner_id . "¬ify_id=" . $_POST["notify_id"];
} else {
$notify_url = $alipay->_notify_gateway . "partner=" . $alipay->_partner_id . "¬ify_id=" . $_POST["notify_id"];
}
$url_array = parse_url($notify_url);
$errno = '';
$errstr = '';
$notify = array();
$response = array();
if ($url_array['scheme'] == 'https') {
$transport = 'ssl://';
$url_array['port'] = '443';
} else {
$transport = 'tcp://';
$url_array['port'] = '80';
}
if ($this->payment_params->debug) {
$this->writeToLog(print_r($url_array, true) . "\n\n\n");
}
$fp = @fsockopen($transport . $url_array['host'], $url_array['port'], $errno, $errstr, 60);
if (!$fp) {
$email->subject = JText::sprintf('NOTIFICATION_REFUSED_FOR_THE_ORDER', 'Alipay') . ' ' . JText::sprintf('PAYPAL_CONNECTION_FAILED', $dbOrder->order_number);
$email->body = str_replace('<br/>', "\r\n", JText::sprintf('NOTIFICATION_REFUSED_NO_CONNECTION', 'Alipay')) . "\r\n\r\n" . $order_text;
$this->modifyOrder($order_id, null, false, $email);
JError::raiseError(403, JText::_('Access Forbidden'));
return false;
} else {
fputs($fp, "POST " . $url_array['path'] . " HTTP/1.1\r\n");
fputs($fp, "HOST: " . $url_array['host'] . "\r\n");
fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-length: " . strlen($url_array['query']) . "\r\n");
fputs($fp, "Connection: close\r\n\r\n");
fputs($fp, $url_array['query'] . "\r\n\r\n");
while (!feof($fp)) {
$notify[] = @fgets($fp, 1024);
}
fclose($fp);
if ($this->payment_params->debug) {
$this->writeToLog(print_r($notify, true) . "\n\n\n");
}
$response = implode(',', $notify);
}
if (is_array($_POST)) {
$tmp_array = array();
foreach ($_POST as $key => $value) {
if ($value != '' && $key != 'sign' && $key != 'sign_type') {
$tmp_array[$key] = $value;
}
}
ksort($tmp_array);
reset($tmp_array);
$params = $tmp_array;
} else {
return false;
}
$sign = $alipay->_sign($params);
if ($this->payment_params->debug) {
$this->writeToLog("\n sign1 : \n" . print_r($sign, true) . "\n\n\n");
$this->writeToLog("\n sign2 : \n" . print_r($_POST['sign'], true) . "\n\n\n");
}
if (preg_match('/true$/i', $response) && $sign == $_POST['sign'] && ($_POST['trade_status'] == 'TRADE_FINISHED' || $_POST['trade_status'] == 'TRADE_SUCCESS' || $_POST['trade_status'] == 'WAIT_SELLER_SEND_GOODS' || $_POST['trade_status'] == 'WAIT_BUYER_PAY')) {
$price_check = round($dbOrder->order_full_price, (int) $this->currency->currency_locale['int_frac_digits']);
$history->notified = 1;
$history->amount = $price_check;
$history->data = ob_get_clean();
$order_status = $this->payment_params->verified_status;
if ($dbOrder->order_status == $order_status) {
return true;
}
$mail_status = $statuses[$order_status];
$email->subject = JText::sprintf('PAYMENT_NOTIFICATION_FOR_ORDER', 'Alipay', $_POST['trade_status'], $dbOrder->order_number);
$email->body = str_replace('<br/>', "\r\n", JText::sprintf('PAYMENT_NOTIFICATION_STATUS', 'Alipay', $_POST['trade_status'])) . ' ' . JText::sprintf('ORDER_STATUS_CHANGED', $mail_status) . "\r\n\r\n" . $order_text;
$this->modifyOrder($order_id, $order_status, $history, $email);
return true;
} else {
$email->subject = JText::sprintf('NOTIFICATION_REFUSED_FOR_THE_ORDER', 'Alipay') . 'invalid response';
$email->body = JText::sprintf("Hello,\r\n An Alipay notification was refused because the response from the Alipay server was invalid") . "\r\n\r\n" . $order_text;
$this->modifyOrder($order_id, null, false, $email);
if ($this->payment_params->debug) {
$this->writeToLog('invalid response' . "\n\n\n");
}
return false;
}
}