public function initContent()
{
parent::initContent();
$cart = $this->context->cart;
$checkout = new checkout();
$checkout->execPayment($cart);
$this->context->smarty->assign(array('nbProducts' => $cart->nbProducts(), 'cust_currency' => $cart->id_currency, 'isoCode' => $this->context->language->iso_code, 'this_path' => $this->module->getPathUri(), 'this_path_ssl' => Tools::getShopDomainSsl(true, true) . __PS_BASE_URI__ . 'modules/' . $this->module->name . '/'));
$this->setTemplate('payment_execution.tpl');
}
public function postProcess()
{
$sid = Configuration::get('CHECKOUT_SID');
$secret_word = Configuration::get('CHECKOUT_SECRET');
$credit_card_processed = $_REQUEST['credit_card_processed'];
$order_number = $_REQUEST['order_number'];
$cart_id = $_REQUEST['merchant_order_id'];
$cart = new Cart($cart_id);
$checkout = new checkout();
if (Configuration::get('CHECKOUT_CURRENCY') > 0) {
$amount = number_format($cart->getOrderTotal(true, 3), 2, '.', '');
$currency_from = Currency::getCurrency($cart->id_currency);
$currency_to = Currency::getCurrency(Configuration::get('CHECKOUT_CURRENCY'));
$amount = Tools::ps_round($amount / $currency_from['conversion_rate'], 2);
$total = number_format(Tools::ps_round($amount *= $currency_to['conversion_rate'], 2), 2, '.', '');
} else {
$total = number_format($cart->getOrderTotal(true, 3), 2, '.', '');
}
//Check the hash
if ($_REQUEST['demo'] == 'Y') {
$order_number = 1;
}
$compare_string = $secret_word . $sid . $order_number . $total;
$compare_hash1 = strtoupper(md5($compare_string));
$compare_hash2 = $_REQUEST['key'];
if ($compare_hash1 == $compare_hash2) {
$customer = new Customer($cart->id_customer);
$total = (double) $cart->getOrderTotal(true, Cart::BOTH);
$checkout->validateOrder($cart_id, _PS_OS_PAYMENT_, $total, $checkout->displayName, '', array(), NULL, false, $customer->secure_key);
$order = new Order($checkout->currentOrder);
Tools::redirect('index.php?controller=order-confirmation&id_cart=' . (int) $cart->id . '&id_module=' . (int) $this->module->id . '&id_order=' . $checkout->currentOrder);
} else {
echo 'Hash Mismatch! Please contact the seller directly for assistance.</br>';
echo 'Total: ' . $total . '</br>';
echo '2CO Total: ' . $_REQUEST['total'];
}
}
function postback($VAR)
{
# needed for return
$ret['invoice_id'] = $VAR['transaction_id'];
$ret['transaction_id'] = $VAR['mb_transaction_id'];
$ret['amount'] = $VAR['mb_amount'];
$ret['currency'] = $VAR['mb_currency'];
$ret['status'] = true;
$ret['subscription_id'] = $VAR['transaction_id'];
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$do = true;
$this->cfg = unserialize($rs->fields["plugin_data"]);
# If the secret word is set, validate it against what is posted
if (!empty($this->cfg['secret'])) {
$hash = $VAR['merchant_id'];
$hash .= $VAR['transaction_id'];
$hash .= strtoupper(md5($this->cfg['secret']));
$hash .= $VAR['mb_amount'];
$hash .= $VAR['mb_currency'];
$hash .= $VAR['status'];
$hash = strtoupper(md5($hash));
if ($hash != strtoupper($VAR['md5sig'])) {
$do = false;
}
}
# Validate against the posted seller:
if ($this->cfg['account'] != $VAR['pay_to_email']) {
$do = false;
}
if ($do) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->success_url . $ret['invoice_id'] . '";
</script>';
return true;
}
$rs->MoveNext();
}
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->decline_url . $ret['invoice_id'] . '";
</script>';
}
function postback($VAR)
{
# needed for return
$ret['invoice_id'] = $VAR['invoice'];
$ret['transaction_id'] = $VAR['PAYMENT_BATCH_NUM'];
$ret['amount'] = $VAR['PAYMENT_AMOUNT'];
$ret['currency'] = FALSE;
$ret['status'] = true;
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$do = true;
$this->cfg = unserialize($rs->fields["plugin_data"]);
# Create & validate the Hash String
if (!empty($this->cfg['secret'])) {
$con_str = $VAR['PAYMENT_ID'];
$con_str .= ':' . $VAR['PAYEE_ACCOUNT'];
$con_str .= ':' . $VAR['PAYMENT_AMOUNT'];
$con_str .= ':' . $VAR['PAYMENT_UNITS'];
$con_str .= ':' . $VAR['PAYMENT_METAL_ID'];
$con_str .= ':' . $VAR['PAYMENT_BATCH_NUM'];
$con_str .= ':' . $VAR['PAYER_ACCOUNT'];
$con_str .= ':' . strtoupper(md5($this->cfg['secret']));
$con_str .= ':' . $VAR['ACTUAL_PAYMENT_OUNCES'];
$con_str .= ':' . $VAR['USD_PER_OUNCE'];
$con_str .= ':' . $VAR['FEEWEIGHT'];
$con_str .= ':' . $VAR['TIMESTAMPGMT'];
$str = strtoupper(md5($con_str));
if ($str != $VAR['V2_HASH']) {
$do = false;
}
}
# Get the currency:
for ($i = 0; $i < count($this->support_cur); $i++) {
if ($VAR['PAYMENT_UNITS'] = $this->support_arr[$i]) {
$ret['currency'] = $this->support_cur[$i];
}
}
# Validate against the posted payee:
if ($VAR['PAYEE_ACCOUNT'] != $this->cfg['account']) {
$do = false;
}
if ($do) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->success_url . $ret['invoice_id'] . '";
</script>';
return true;
}
$rs->MoveNext();
}
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->decline_url . $ret['invoice_id'] . '";
</script>';
}
function postback()
{
# read the post from PayPal system and add 'cmd'
global $_POST;
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&{$key}={$value}";
}
# post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);
# needed for validation
$this->status = $_POST['payment_status'];
# needed for return
$ret['invoice_id'] = $_POST['invoice'];
$ret['transaction_id'] = $_POST['txn_id'];
$ret['amount'] = $_POST['mc_gross'];
$ret['currency'] = $_POST['mc_currency'];
$do = true;
# validate vars
if ($fp) {
fputs($fp, $header . $req);
while (!feof($fp)) {
$res = fgets($fp, 1024);
if (strcmp($res, "VERIFIED") == 0) {
# check the payment_status is Completed
if ($this->status == 'Completed' || $this->status == 'Canceled_Reversal') {
$ret['status'] = true;
} else {
$ret['status'] = false;
}
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$this->cfg = unserialize($rs->fields["plugin_data"]);
if ($_POST['receiver_email'] == $this->cfg['email']) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
return;
}
$rs->MoveNext();
}
}
}
fclose($fp);
}
}
if ($cart->id_currency != 2) {
$total = Tools::convertPrice($total, $cart->id_currency, false);
}
$total = round($total);
$total = number_format($total, 2, '.', '');
//Check the hash
if ($_REQUEST['demo'] == 'Y') {
$order_number = 1;
}
$compare_string = $secret_word . $sid . $order_number . $total;
$compare_hash1 = strtoupper(md5($compare_string));
$compare_hash2 = $_REQUEST['key'];
if ($compare_hash1 == $compare_hash2) {
//hash passed, get the cart total for this order
$total = number_format($cart->getOrderTotal(true, 3), 2, '.', '');
$customer = new Customer($cart->id_customer);
$message = '2Checkout Order Number: ' . $order_number;
/* Create Necessary variables for order placement */
$currency = new Currency(intval(isset($_REQUEST['currency_payement']) ? $_REQUEST['currency_payement'] : $cookie->id_currency));
$checkout = new checkout();
$checkout->validateOrder($cart_id, _PS_OS_PAYMENT_, $total, $checkout->displayName, $message, array(), NULL, false, $secure_key);
$order = new Order($checkout->currentOrder);
/* Once complete, redirect to order-confirmation.php */
$url = __PS_BASE_URI__ . "order-confirmation.php?id_cart={$cart_id}&id_module={$checkout->id}&id_order={$checkout->currentOrder}";
Tools::redirectLink(__PS_BASE_URI__ . "order-confirmation.php?key=" . $customer->secure_key . "&id_cart=" . $cart_id . "&id_module=" . $checkout->id . "&id_order=" . $checkout->currentOrder);
//echo __PS_BASE_URI__."order-confirmation.php?key=".$customer->secure_key."&id_cart=".$cart_id."&id_module=".$checkout->id."&id_order=".$checkout->currentOrder;
//echo '<script type="text/javascript">location.replace("'.$url.'")</script>';
} else {
$smarty->display('failure.tpl');
include dirname(__FILE__) . '/../../footer.php';
}
function postback($VAR)
{
# needed for return
$ret['invoice_id'] = $VAR['order_id'];
$ret['transaction_id'] = $VAR['transaction_id'];
$ret['amount'] = $VAR['amount'];
$ret['currency'] = DEFAULT_CURRENCY;
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$do = true;
$this->cfg = unserialize($rs->fields["plugin_data"]);
# Validate agains the posted 2checkout id:
if ($this->cfg['email'] != $VAR['to_email']) {
$do = false;
}
# Contact the nochex server for validation
if ($do) {
$this->host = 'www.nochex.com';
$this->url = '/nochex.dll/apc/apc';
while (list($key, $value) = each($VAR)) {
$vars[] = array($key, $value);
}
# POST the variables back to NOCHEX:
include_once PATH_CORE . 'ssl.inc.php';
$n = new CORE_ssl();
$response = $n->connect($this->host, $this->url, $vars, true, 1);
if (empty($response) || eregi("DECLINED", $response)) {
$do = false;
} elseif (eregi("AUTHORISED", $response)) {
$do = true;
} else {
$do = false;
}
}
if ($do) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->success_url . '&id=' . $ret['invoice_id'] . '";
</script>';
return true;
}
$rs->MoveNext();
}
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->decline_url . '&id=' . $ret['invoice_id'] . '";
</script>';
}
function postback()
{
# read the post from PayPal system and add 'cmd'
global $_POST, $C_debug;
# Log paypal postback:
foreach ($_POST as $key => $value) {
@($debug .= "\r\n{$key}={$value}");
}
$C_debug->error('PAYPAL_RECUR:' . $_POST['txn_type'], 'Invoice: ' . $_POST['invoice'], "{$debug}");
# Assemble postback string
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&{$key}={$value}";
}
# post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$domain = 'www.paypal.com';
#$domain = 'www.sandbox.paypal.com';
$fp = fsockopen($domain, 80, $errno, $errstr, 30);
# needed for validation
$ret['invoice_id'] = $_POST['invoice'];
$ret['transaction_id'] = $_POST['txn_id'];
$ret['currency'] = $_POST['mc_currency'];
$ret['subscription_id'] = $_POST['subscr_id'];
if (!empty($_POST['mc_gross'])) {
$ret['amount'] = $_POST['mc_gross'];
} else {
$ret['amount'] = $_POST['payment_gross'];
}
# validate
$do = true;
$force = true;
// force approved reply
if (!$fp) {
# HTTP ERROR:
$C_debug->error('PAYPAL_RECURRING.php', 'postback()', "Unable to connect to domain {$domain}");
} else {
fputs($fp, $header . $req);
while (!feof($fp)) {
$res = fgets($fp, 1024);
if (!$force && strcmp($res, "INVALID") == 0) {
# Log for manual investigation:
$C_debug->error('PAYPAL_RECURRING.php', 'postback()', "Postback for Invoice {$ret['invoice_id']} is INVALID, PayPal subscription id {$ret['subscription_id']}");
header("HTTP/1.0 404 Not Found");
return false;
} else {
if ($force || strcmp($res, "VERIFIED") == 0) {
# get the payment status
$ret['status'] = true;
switch ($_POST['txn_type']) {
case "subscr_cancel":
$ret['status'] = false;
break;
case "subscr_failed":
$ret['status'] = false;
break;
case "subscr_eot":
$ret['status'] = false;
break;
}
if ($ret['status'] != false) {
switch ($_POST['payment_status']) {
case "Canceled_Reversal":
$ret['status'] = true;
break;
case "Completed":
$ret['status'] = true;
break;
case "Denied":
$ret['status'] = false;
break;
case "Failed":
$ret['status'] = false;
break;
case "Pending":
$ret['status'] = false;
break;
case "Refunded":
$ret['status'] = false;
break;
case "Reversed":
$ret['status'] = false;
break;
}
}
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$this->cfg = unserialize($rs->fields["plugin_data"]);
if ($_POST['business'] == $this->cfg['email']) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
header("HTTP/1.1 200 OK");
header("Status: 200 OK");
fclose($fp);
return;
}
$rs->MoveNext();
}
}
}
}
fclose($fp);
}
header("HTTP/1.0 404 Not Found");
}
/**
* Preview checkout of multiple invoices
*/
function checkout_multiple_preview($VAR)
{
global $smarty, $C_list;
if (!SESS_LOGGED) {
return false;
}
$db =& DB();
$total = $this->multiple_invoice_total(@$VAR['id'], SESS_ACCOUNT);
if ($total > 0 && count($this->invoice) > 1) {
// get country id for checkout options
$account = sqlSelect($db, "account", "country_id", "id=" . SESS_ACCOUNT);
// get payment options
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkoutoptions = $checkout->get_checkout_options(SESS_ACCOUNT, $total, false, $account->fields['country_id'], true);
// get a temporary id (48 hours)
$id = sqlGenID($db, "temporary_data");
$invoice["id"] = "MULTI-{$id}";
$invoice["total"] = $total;
$fields = array('date_orig' => time(), 'date_expire' => time() + 86400 * 3, 'field2' => $invoice['id'], 'field1' => $total, 'data' => serialize($this->invoice));
$id =& $db->Execute(sqlInsert($db, "temporary_data", $fields));
$smarty->assign('invoice', $invoice);
$smarty->assign('total', $C_list->format_currency_num($total, SESS_CURRENCY));
$smarty->assign('checkoutoptions', $checkoutoptions);
} elseif (count($this->invoice) == 1) {
$id = $this->invoice[0];
echo "<script language=javascript>document.location.href='?_page=invoice:user_view&id=" . $id . "';</script>";
} else {
echo "No due invoices selected for payment.";
}
}
function postback($VAR)
{
# needed for return
$ret['invoice_id'] = $VAR['PAYMENT_ID'];
$ret['transaction_id'] = $VAR['TRANSACTION_NUMBER'];
$ret['amount'] = $VAR['PAYMENT_AMOUNT'];
$ret['currency'] = $VAR['CURRENCY_CODE'];
$ret['status'] = true;
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$do = true;
$this->cfg = unserialize($rs->fields["plugin_data"]);
# Create & validate the Hash String
$con_str = $VAR['PAYMENT_UNITS'];
$con_str .= '|' . $VAR['PAYMENT_AMOUNT'];
$con_str .= '|' . $VAR['PAYEE_ACCOUNT'];
$con_str .= '|' . $VAR['DATE_TIME_GMT'];
$con_str .= '|' . $this->cfg['secret'];
$str = strtoupper(md5($con_str));
if (!empty($this->cfg['secret']) && $str != $VAR['HASH_KEY']) {
$do = false;
}
# Validate agains the posted payee:
if ($VAR['PAYEE_ACCOUNT'] != $this->cfg['account']) {
$do = false;
}
if ($do) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->success_url . $ret['invoice_id'] . '";
</script>';
return true;
}
$rs->MoveNext();
}
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->decline_url . $ret['invoice_id'] . '";
</script>';
}
function postback($VAR)
{
# needed for return
$ret['invoice_id'] = $VAR['ref'];
$ret['transaction_id'] = $VAR['transactionID'];
$ret['amount'] = $VAR['paymentAmount'];
$ret['status'] = true;
$ret['currency'] = $VAR['currency'];
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$do = true;
$this->cfg = unserialize($rs->fields["plugin_data"]);
# Test for response code
/*
if($VAR['responseCode'] != "PP")
$do = false;
*/
if ($do) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . URL . '?_page=invoice:thankyou&_next_page=invoice:user_view&id=' . $ret['invoice_id'] . '";
</script>';
return true;
}
$rs->MoveNext();
}
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . URL . '?_page=checkout:checkout";
</script>';
}
function postback($VAR)
{
# needed for return
$ret['invoice_id'] = $VAR['MERCHANT_TRANID'];
$ret['transaction_id'] = $VAR['TRANSACTIONID'];
$ret['amount'] = $VAR['AMOUNT'];
$ret['currency'] = $VAR['CURRENCYCODE'];
if ($VAR['TXN_STATUS'] == 'Y') {
$ret['status'] = true;
} else {
$ret['status'] = false;
}
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$this->cfg = unserialize($rs->fields["plugin_data"]);
if ($ret['status']) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . SSL_URL . '?_page=invoice:thankyou&_next_page=invoice:user_view&id=' . $ret['invoice_id'] . '";
</script>';
return true;
}
$rs->MoveNext();
}
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . SSL_URL . '?_page=invoice:thankyou&_next_page=invoice:user_view&id=' . $ret['invoice_id'] . '";
</script>';
}
<?php include dirname(__FILE__) . '/../../config/config.inc.php'; include dirname(__FILE__) . '/../../header.php'; include dirname(__FILE__) . '/checkout.php'; $checkout = new checkout(); echo $checkout->execPayment($cart); include_once dirname(__FILE__) . '/../../footer.php';
function postback($VAR)
{
# needed for return
$ret['invoice_id'] = $VAR['custom'];
$ret['transaction_id'] = $VAR['confirmation'];
$ret['amount'] = $VAR['total'];
if ($VAR['func'] == "PURCHASE") {
// PURCHASE, REVERSAL, CANCELLATION
$ret['status'] = true;
} else {
$ret['status'] = false;
}
$ret['currency'] = DEFAULT_CURRENCY;
# needed for verification
$order_number = $VAR['x_trans_id'];
// invoice_id
$order_id = $VAR['x_invoice_num'];
// transaction id
$amount = $VAR['total'];
// total
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$do = true;
$this->cfg = unserialize($rs->fields["plugin_data"]);
# check the account number
if ($VAR['pwd'] != $this->cfg['ipn_pass']) {
return false;
}
# check the seller account
if ($VAR['account_no'] != $this->cfg['id']) {
return false;
}
# update
if ($do) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->success_url . $ret['invoice_id'] . '";
</script>';
return true;
}
$rs->MoveNext();
}
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->decline_url . $ret['invoice_id'] . '";
</script>';
}
function postback($VAR)
{
# needed for return
$ret['invoice_id'] = $VAR['option1'];
$ret['transaction_id'] = $VAR['order_id'];
$ret['amount'] = $VAR['amount'];
$ret['currency'] = DEFAULT_CURRENCY;
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$do = true;
$this->cfg = unserialize($rs->fields["plugin_data"]);
if ($do) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->success_url . $ret['invoice_id'] . '";
</script>';
return true;
}
$rs->MoveNext();
}
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->decline_url . $ret['invoice_id'] . '";
</script>';
}
function postback($VAR)
{
# needed for return
$ret['invoice_id'] = $VAR['OMI_MERCHANT_REF_NO'];
$ret['transaction_id'] = $VAR['OMI_TXN_ID'];
$ret['amount'] = $VAR['OMI_CURRENCY_AMT'];
$ret['currency'] = FALSE;
$ret['status'] = true;
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$do = true;
$this->cfg = unserialize($rs->fields["plugin_data"]);
# Test for test mode
if ($this->cfg['mode'] == 1 && $VAR['OMI_MODE'] != "LIVE") {
$do = false;
}
# Create & validate the Hash String
if (!empty($this->cfg['secret'])) {
$con_str = $VAR['OMI_MERCHANT_REF_NO'];
$con_str .= '?' . $VAR['OMI_MODE'];
$con_str .= '?' . $VAR['OMI_MERCHANT_HLD_NO'];
$con_str .= '?' . $VAR['OMI_PAYER_HLD_NO'];
$con_str .= '?' . $VAR['OMI_CURRENCY_CODE'];
$con_str .= '?' . $VAR['OMI_CURRENCY_AMT'];
$con_str .= '?' . $VAR['OMI_GOLDGRAM_AMT'];
$con_str .= '?' . $VAR['OMI_TXN_ID'];
$con_str .= '?' . $VAR['OMI_TXN_DATETIME'];
$con_str .= '?' . $VAR['OMI_MERCHANT_STRG_FEE'];
$con_str .= '?' . $this->cfg['secret'];
$str = strtoupper(md5($con_str));
if ($str != $VAR['OMI_HASH']) {
$do = false;
}
}
# Get the currency:
for ($i = 0; $i < count($this->support_cur); $i++) {
if ($VAR['OMI_CURRENCY_CODE'] = $this->support_arr[$i]) {
$ret['currency'] = $this->support_cur[$i];
}
}
# Validate against the posted payee:
if ($VAR['OMI_MERCHANT_HLD_NO'] != $this->cfg['account']) {
$do = false;
}
if ($do) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->success_url . $ret['invoice_id'] . '";
</script>';
return true;
}
$rs->MoveNext();
}
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->decline_url . $ret['invoice_id'] . '";
</script>';
}
function postback($VAR)
{
# needed for return
$ret['invoice_id'] = $VAR['merchant_product_id'];
$ret['transaction_id'] = $VAR['order_number'];
$ret['amount'] = $VAR['total'];
$ret['status'] = true;
$ret['currency'] = DEFAULT_CURRENCY;
# needed for verification
$order_number = $VAR['merchant_product_id'];
// invoice_id
$order_id = $VAR['order_number'];
// transaction id
$amount = $VAR['total'];
// total
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$do = true;
$this->cfg = unserialize($rs->fields["plugin_data"]);
# Get the 2checkout settings
$sid = $this->cfg['id'];
// store id
$secret_word = $this->cfg['secret'];
// secret word
# Test for demo mode
if ($VAR['demo'] == "Y" && $this->cfg['mode'] != "Y") {
$do = $false;
} elseif ($VAR['demo'] == "Y") {
$oid = '1';
} else {
$oid = $order_id;
}
# If the secret word is set, validate it against what is posted
if (!empty($secret_word)) {
$hash_remote = strtoupper($VAR['key']);
$string = $secret_word . $sid . $oid . $amount;
$hash_local = strtoupper(md5($string));
if ($hash_local != $hash_remote) {
$do = false;
}
}
# Validate agains the posted 2checkout id:
if ($sid != $VAR['sid']) {
$do = false;
}
if ($do) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="?_page=invoice:thankyou&_next_page=invoice:user_view&id=' . $ret['invoice_id'] . '";
</script>';
return true;
}
$rs->MoveNext();
}
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->decline_url . $ret['invoice_id'] . '";
</script>';
}
function postback($VAR)
{
# needed for return
$ret['invoice_id'] = $VAR['transaction_ref'];
$ret['transaction_id'] = $VAR['transaction_id'];
$ret['amount'] = $VAR['amount'];
$ret['currency'] = DEFAULT_CURRENCY;
# get the processor details:
$db =& DB();
$q = "SELECT id,active,plugin_data FROM " . AGILE_DB_PREFIX . "checkout WHERE\n\t\t\t site_id \t\t= " . $db->qstr(DEFAULT_SITE) . " AND\n\t\t\t checkout_plugin\t= " . $db->qstr($this->name);
$rs = $db->Execute($q);
while (!$rs->EOF) {
$ret['checkout_id'] = $rs->fields["id"];
$do = true;
$this->cfg = unserialize($rs->fields["plugin_data"]);
# If the secret word is set, validate it against what is posted
if (!empty($this->cfg['secret'])) {
if ($this->cfg['secret'] != $VAR['secret_code']) {
$do = false;
}
}
# Validate agains the posted payee:
if ($VAR['vendor_email'] != $this->cfg['email']) {
$do = false;
}
# Set the status // SUCCESS, CANCEL, REFUND, CHARGEBACK, or ERROR
if ($VAR['status'] == 'SUCCESS') {
$ret['status'] = true;
} else {
$ret['status'] = false;
}
if ($do) {
include_once PATH_MODULES . 'checkout/checkout.inc.php';
$checkout = new checkout();
$checkout->postback($ret);
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->success_url . $ret['invoice_id'] . '";
</script>';
return true;
}
$rs->MoveNext();
}
echo '<SCRIPT LANGUAGE="JavaScript">
window.location="' . $this->decline_url . $ret['invoice_id'] . '";
</script>';
}
