/**
* Process Transaction URL notification
*
* @param IsotopeProductCollection|Order $objOrder
*/
public function processPostsale(IsotopeProductCollection $objOrder)
{
if (\Input::post('aid') != $this->payone_aid || \Input::post('portalid') != $this->payone_portalid || \Input::post('mode') == 'test' && !$this->debug || \Input::post('mode') == 'live' && $this->debug) {
\System::log('PayOne configuration mismatch', __METHOD__, TL_ERROR);
die('TSOK');
}
// Ignore all except these actions
if (\Input::post('txaction') != 'appointed' && \Input::post('txaction') != 'capture' && \Input::post('txaction') != 'paid') {
die('TSOK');
}
if (\Input::post('currency') != $objOrder->currency || $objOrder->getTotal() != \Input::post('price')) {
\System::log('PayOne order data mismatch for Order ID "' . \Input::post('reference') . '"', __METHOD__, TL_ERROR);
die('TSOK');
}
if (!$objOrder->checkout()) {
\System::log('Postsale checkout for Order ID "' . \Input::post('reference') . '" failed', __METHOD__, TL_ERROR);
die('TSOK');
}
if (\Input::post('txaction') == 'paid' && \Input::post('balance') == 0) {
$objOrder->date_paid = time();
}
$objOrder->updateOrderStatus($this->new_order_status);
$objOrder->save();
// PayOne must get TSOK as return value, otherwise the request will be sent again
die('TSOK');
}
/**
* Return the checkout form.
* @param IsotopeProductCollection The order being places
* @param Module The checkout module instance
* @return string
*/
public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule)
{
global $objPage;
$objAddress = $objOrder->getBillingAddress();
$arrData['instId'] = $this->worldpay_instId;
$arrData['cartId'] = $objOrder->id;
$arrData['amount'] = number_format($objOrder->getTotal(), 2);
$arrData['currency'] = $objOrder->currency;
$arrData['description'] = Translation::get($this->worldpay_description);
$arrData['name'] = substr($objAddress->firstname . ' ' . $objAddress->lastname, 0, 40);
if ($objAddress->company != '') {
$arrData['address1'] = substr($objAddress->company, 0, 84);
$arrData['address2'] = substr($objAddress->street_1, 0, 84);
$arrData['address3'] = substr($objAddress->street_2, 0, 84);
} else {
$arrData['address1'] = substr($objAddress->street_1, 0, 84);
$arrData['address2'] = substr($objAddress->street_2, 0, 84);
$arrData['address3'] = substr($objAddress->street_3, 0, 84);
}
$arrData['town'] = substr($objAddress->city, 0, 30);
$arrData['region'] = substr($objAddress->subdivision, 0, 30);
$arrData['postcode'] = substr($objAddress->postal, 0, 12);
$arrData['country'] = strtoupper($objAddress->country);
$arrData['tel'] = substr($objAddress->phone, 0, 30);
$arrData['email'] = substr($objAddress->email, 0, 80);
// Generate MD5 secret hash
$arrData['signature'] = md5($this->worldpay_md5secret . ':' . implode(':', array_intersect_key($arrData, array_flip(trimsplit(':', $this->worldpay_signatureFields)))));
$objTemplate = new \Isotope\Template('iso_payment_worldpay');
$objTemplate->setData($arrData);
$objTemplate->id = $this->id;
$objTemplate->pageId = $objPage->id;
$objTemplate->debug = $this->debug;
$objTemplate->action = $this->debug ? 'https://secure-test.worldpay.com/wcc/purchase' : 'https://secure.worldpay.com/wcc/purchase';
return $objTemplate->parse();
}
/**
* Process PayPal Instant Payment Notifications (IPN)
* @param IsotopeProductCollection
*/
public function processPostsale(IsotopeProductCollection $objOrder)
{
$objRequest = new \Request();
$objRequest->send('https://www.' . ($this->debug ? 'sandbox.' : '') . 'paypal.com/cgi-bin/webscr?cmd=_notify-validate', file_get_contents("php://input"), 'post');
if ($objRequest->hasError()) {
\System::log('Request Error: ' . $objRequest->error, __METHOD__, TL_ERROR);
exit;
} elseif ($objRequest->response == 'VERIFIED' && (\Input::post('receiver_email', true) == $this->paypal_account || $this->debug)) {
// Validate payment data (see #2221)
if ($objOrder->currency != \Input::post('mc_currency') || $objOrder->getTotal() != \Input::post('mc_gross')) {
\System::log('IPN manipulation in payment from "' . \Input::post('payer_email') . '" !', __METHOD__, TL_ERROR);
return;
}
if (!$objOrder->checkout()) {
\System::log('IPN checkout for Order ID "' . \Input::post('invoice') . '" failed', __METHOD__, TL_ERROR);
return;
}
// Store request data in order for future references
$arrPayment = deserialize($objOrder->payment_data, true);
$arrPayment['POSTSALE'][] = $_POST;
$objOrder->payment_data = $arrPayment;
$objOrder->save();
// @see https://www.paypalobjects.com/webstatic/en_US/developer/docs/pdf/ipnguide.pdf
switch (\Input::post('payment_status')) {
case 'Completed':
$objOrder->date_paid = time();
$objOrder->updateOrderStatus($this->new_order_status);
break;
case 'Canceled_Reversal':
case 'Denied':
case 'Expired':
case 'Failed':
case 'Voided':
// PayPal will also send this notification if the order has not been placed.
// What do we do here?
// $objOrder->date_paid = '';
// $objOrder->updateOrderStatus(Isotope::getConfig()->orderstatus_error);
break;
case 'In-Progress':
case 'Partially_Refunded':
case 'Pending':
case 'Processed':
case 'Refunded':
case 'Reversed':
break;
}
$objOrder->payment_data = $arrPayment;
$objOrder->save();
\System::log('PayPal IPN: data accepted', __METHOD__, TL_GENERAL);
} else {
\System::log('PayPal IPN: data rejected (' . $objRequest->response . ')', __METHOD__, TL_ERROR);
}
// 200 OK
$objResponse = new Response();
$objResponse->send();
}
/**
* Return the payment form
* @param IsotopeProductCollection The order being places
* @param Module The checkout module instance
* @return string
*/
public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule)
{
$strCountry = in_array($objOrder->getBillingAddress()->country, array('de', 'ch', 'at')) ? $objOrder->getBillingAddress()->country : 'de';
$strUrl = 'https://www.sofortueberweisung.' . $strCountry . '/payment/start';
$arrParams = array('user_id' => $this->sofortueberweisung_user_id, 'project_id' => $this->sofortueberweisung_project_id, 'sender_holder' => '', 'sender_account_number' => '', 'sender_bank_code' => '', 'sender_country_id' => strtoupper($objOrder->getBillingAddress()->country), 'amount' => number_format($objOrder->getTotal(), 2, '.', ''), 'currency_id' => $objOrder->currency, 'reason_1' => \Environment::get('host'), 'reason_2' => '', 'user_variable_0' => $objOrder->id, 'user_variable_1' => $this->id, 'user_variable_2' => $objOrder->uniqid, 'user_variable_3' => '', 'user_variable_4' => '', 'user_variable_5' => '', 'project_password' => $this->sofortueberweisung_project_password);
$arrParams['hash'] = sha1(implode('|', $arrParams));
$arrParams['language_id'] = $GLOBALS['TL_LANGUAGE'];
$objTemplate = new \Isotope\Template('iso_payment_sofortueberweisung');
$objTemplate->setData($this->arrData);
$objTemplate->action = $strUrl;
$objTemplate->params = array_filter(array_diff_key($arrParams, array('project_password' => '')));
return $objTemplate->parse();
}
/**
* Return the payment form
* @param IsotopeProductCollection The order being places
* @param Module The checkout module instance
* @return string
*/
public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule)
{
// get current host and
$strDescription = \Environment::get('host');
$objContact = \PageModel::findWithDetails($this->wirecard_contact);
$arrParams = array('customerId' => $this->wirecard_customer_id, 'language' => $GLOBALS['TL_LANGUAGE'], 'paymentType' => 'SELECT', 'amount' => number_format($objOrder->getTotal(), 2, '.', ''), 'currency' => $objOrder->currency, 'orderDescription' => $strDescription, 'successUrl' => \Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder), 'cancelUrl' => \Environment::get('base') . $objModule->generateUrlForStep('process'), 'failureUrl' => \Environment::get('base') . $objModule->generateUrlForStep('failed'), 'serviceUrl' => \Environment::get('base') . \Controller::generateFrontendUrl($objContact->row()), 'confirmUrl' => \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id, 'customerStatement' => $strDescription, 'order_id' => $objOrder->id, 'order_uniqid' => $objOrder->uniqid, 'secret' => $this->wirecard_secret, 'REQUEST_TOKEN' => REQUEST_TOKEN);
$arrParams['requestFingerprintOrder'] = implode(',', array_keys($arrParams)) . ',requestFingerprintOrder';
$arrParams['requestFingerprint'] = $this->calcHashArray($arrParams);
$objTemplate = new \Isotope\Template('iso_payment_wirecard');
$objTemplate->setData($this->arrData);
$objTemplate->action = 'https://checkout.wirecard.com/page/init.php';
$objTemplate->params = array_filter(array_diff_key($arrParams, array('secret' => '')));
return $objTemplate->parse();
}
/**
* Generate the submit form for datatrans and if javascript is enabled redirect automaticly
* @param IsotopeProductCollection The order being places
* @param Module The checkout module instance
* @return string
*/
public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule)
{
$objAddress = $objOrder->getBillingAddress();
$arrParams = array('merchantId' => $this->datatrans_id, 'amount' => round($objOrder->getTotal() * 100), 'currency' => $objOrder->currency, 'refno' => $objOrder->id, 'language' => $objOrder->language, 'reqtype' => $this->trans_type == 'auth' ? 'NOA' : 'CAA', 'uppCustomerDetails' => 'yes', 'uppCustomerTitle' => $objAddress->salutation, 'uppCustomerFirstName' => $objAddress->firstname, 'uppCustomerLastName' => $objAddress->lastname, 'uppCustomerStreet' => $objAddress->street_1, 'uppCustomerStreet2' => $objAddress->street_2, 'uppCustomerCity' => $objAddress->city, 'uppCustomerCountry' => $objAddress->country, 'uppCustomerZipCode' => $objAddress->postal, 'uppCustomerPhone' => $objAddress->phone, 'uppCustomerEmail' => $objAddress->email, 'successUrl' => ampersand(\Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder)), 'errorUrl' => ampersand(\Environment::get('base') . $objModule->generateUrlForStep('failed')), 'cancelUrl' => ampersand(\Environment::get('base') . $objModule->generateUrlForStep('failed')), 'mod' => 'pay', 'id' => $this->id);
// Security signature (see Security Level 2)
$arrParams['sign'] = hash_hmac('md5', $arrParams['merchantId'] . $arrParams['amount'] . $arrParams['currency'] . $arrParams['refno'], $this->datatrans_sign);
$objTemplate = new \Isotope\Template('iso_payment_datatrans');
$objTemplate->id = $this->id;
$objTemplate->action = 'https://' . ($this->debug ? 'pilot' : 'payment') . '.datatrans.biz/upp/jsp/upStart.jsp';
$objTemplate->params = $arrParams;
$objTemplate->headline = $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][0];
$objTemplate->message = $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][1];
$objTemplate->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][2]);
return $objTemplate->parse();
}
/**
* HTML form for checkout
* @param object
* @param object
* @return string
*/
public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule)
{
$strPrice = number_format(round($objOrder->getTotal(), 2), 2, '.', '');
$objTemplate = new \Isotope\Template('iso_payment_transferujpl');
$objTemplate->setData($this->arrData);
$objTemplate->id = $this->id;
$objTemplate->order_id = $objOrder->id;
$objTemplate->amount = $strPrice;
$objTemplate->products = specialchars(sprintf($GLOBALS['TL_LANG']['MSC']['transferujpl_order'], $objOrder->uniqid));
$objTemplate->hash = md5($this->transferujpl_id . $strPrice . $objOrder->id . $this->transferujpl_code);
$objTemplate->postsaleUrl = \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id;
$objTemplate->successUrl = \Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder);
$objTemplate->errorUrl = \Environment::get('base') . $objModule->generateUrlForStep('failed');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->address = $objOrder->getBillingAddress();
$objTemplate->headline = $GLOBALS['TL_LANG']['MSC']['pay_with_transferujpl'][0];
$objTemplate->message = $GLOBALS['TL_LANG']['MSC']['pay_with_transferujpl'][1];
$objTemplate->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_transferujpl'][2]);
return $objTemplate->parse();
}
/**
* Process PayPal Instant Payment Notifications (IPN)
*
* @param IsotopeProductCollection|Order $objOrder
*/
public function processPostsale(IsotopeProductCollection $objOrder)
{
if (\Input::post('payment_status') != 'Completed') {
\System::log('PayPal IPN: payment status "' . \Input::post('payment_status') . '" not implemented', __METHOD__, TL_GENERAL);
return;
}
$objRequest = new \Request();
$objRequest->send('https://www.' . ($this->debug ? 'sandbox.' : '') . 'paypal.com/cgi-bin/webscr?cmd=_notify-validate', file_get_contents("php://input"), 'post');
if ($objRequest->hasError()) {
\System::log('PayPal IPN: Request Error (' . $objRequest->error . ')', __METHOD__, TL_ERROR);
$response = new Response('', 500);
$response->send();
}
if ($objRequest->response != 'VERIFIED') {
\System::log('PayPal IPN: data rejected (' . $objRequest->response . ')', __METHOD__, TL_ERROR);
return;
}
if (\Input::post('receiver_email', true) != $this->paypal_account && !$this->debug) {
\System::log('PayPal IPN: Account email does not match (got ' . \Input::post('receiver_email', true) . ', expected ' . $this->paypal_account . ')', __METHOD__, TL_ERROR);
return;
}
// Validate payment data (see #2221)
if ($objOrder->currency != \Input::post('mc_currency') || $objOrder->getTotal() != \Input::post('mc_gross')) {
\System::log('PayPal IPN: manipulation in payment from "' . \Input::post('payer_email') . '" !', __METHOD__, TL_ERROR);
return;
}
if (!$objOrder->checkout()) {
\System::log('PayPal IPN: checkout for Order ID "' . \Input::post('invoice') . '" failed', __METHOD__, TL_ERROR);
return;
}
// Store request data in order for future references
$arrPayment = deserialize($objOrder->payment_data, true);
$arrPayment['POSTSALE'][] = $_POST;
$objOrder->payment_data = $arrPayment;
$objOrder->date_paid = time();
$objOrder->updateOrderStatus($this->new_order_status);
$objOrder->save();
\System::log('PayPal IPN: data accepted', __METHOD__, TL_GENERAL);
}
/**
* Return the redirect form.
* @param IsotopeProductCollection The order being places
* @param Module The checkout module instance
* @return string
*/
public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule)
{
$objTemplate = new \Isotope\Template('iso_payment_paybyway');
$objTemplate->action = 'https://www.paybyway.com/e-payments/pay';
$objTemplate->headline = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][0]);
$objTemplate->message = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][1]);
$objTemplate->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][2]);
$objTemplate->noscript = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][3]);
$objTemplate->merchant_id = (int) $this->paybyway_merchant_id;
$objTemplate->amount = round($objOrder->getTotal() * 100);
$objTemplate->currency = 'EUR';
$objTemplate->order_number = $objOrder->id;
$objTemplate->lang = $GLOBALS['TL_LANGUAGE'] == 'fi' ? 'FI' : 'EN';
$objTemplate->return_address = \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id;
$objTemplate->cancel_address = \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id;
if ($this->debug) {
$objTemplate->action = 'https://www.paybyway.com/e-payments/test_pay';
$this->paybyway_private_key = 'private_key';
}
$objTemplate->authcode = strtoupper(md5($this->paybyway_private_key . '|' . $objTemplate->merchant_id . '|' . $objTemplate->amount . '|' . $objTemplate->currency . '|' . $objTemplate->order_number . '|' . $objTemplate->lang . '|' . $objTemplate->return_address . '|' . $objTemplate->cancel_address));
return $objTemplate->parse();
}
/**
* Return the PayPal form.
*
* @param IsotopeProductCollection The order being places
* @param Module The checkout module instance
* @return string
*/
public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule)
{
$arrData = array('popupId' => $this->expercash_popupId, 'jobId' => microtime(), 'functionId' => $objOrder->member ?: $objOrder->uniqid, 'transactionId' => $objOrder->id, 'amount' => round($objOrder->getTotal(), 2) * 100, 'currency' => $objOrder->currency, 'paymentMethod' => $this->expercash_paymentMethod, 'returnUrl' => \Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder), 'errorUrl' => \Environment::get('base') . $objModule->generateUrlForStep('failed'), 'notifyUrl' => \Environment::get('base') . 'system/modules/isotope/postsale.php?mod=pay&id=' . $this->id, 'profile' => $this->expercash_profile);
$strKey = '';
$strUrl = 'https://epi.expercash.net/epi_popup2.php?';
foreach ($arrData as $k => $v) {
$strKey .= $v;
$strUrl .= $k . '=' . urlencode($v) . '&';
}
if (is_file(TL_ROOT . '/' . $this->expercash_css)) {
$strUrl .= 'cssUrl=' . urlencode(\Environment::get('base') . $this->expercash_css) . '&';
}
$strUrl .= 'language=' . strtoupper($GLOBALS['TL_LANGUAGE']) . '&popupKey=' . md5($strKey . $this->expercash_popupKey);
$strBuffer = '
<h2>' . $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][0] . '</h2>
<p class="message">' . $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][1] . '</p>
<iframe src="' . $strUrl . '" width="100%" height="500">
<p>Ihr Browser kann leider keine eingebetteten Frames anzeigen:
Sie können die eingebettete Seite über den folgenden Verweis
aufrufen: <a href="' . $strUrl . '">ExperCash</a></p>
</iframe>';
return $strBuffer;
}
/**
* Validate input parameters and hash
*
* @param IsotopeProductCollection|Order $objOrder
*
* @return bool
*/
protected function validatePayment(IsotopeProductCollection $objOrder)
{
$arrValues = $_GET;
unset($arrValues['hash']);
unset($arrValues['auto_item']);
unset($arrValues['step']);
$strHash = md5(implode('', $arrValues) . $this->epay_secretkey);
$intAmount = Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency);
if ($strHash != \Input::get('hash')) {
\System::log('Invalid hash for ePay payment. See system/logs/isotope_epay.log for more details.', __METHOD__, TL_ERROR);
log_message(sprintf("Invalid hash for ePay payment:\ngot %s, expected %s\nParameters: %s\n\n", \Input::get('hash'), $strHash, print_r($arrValues, true)), 'isotope_epay.log');
return false;
}
if (Currency::getIsoNumber($objOrder->currency) != \Input::get('currency') || $intAmount != \Input::get('amount')) {
\System::log('Currency or amount does not match order. See system/logs/isotope_epay.log for more details.', __METHOD__, TL_ERROR);
log_message(sprintf("Currency or amount does not match order:\nCurrency: got %s (%s), expected %s\nAmount: got %s, expected %s\n\n", \Input::get('currency'), Currency::getIsoNumber($objOrder->currency), $objOrder->currency, \Input::get('amount'), $intAmount), 'isotope_epay.log');
return false;
}
return true;
}
/**
* Validate input parameters and hash
*
* @param IsotopeProductCollection|Order $objOrder
*
* @return bool
*/
private function validatePayment(IsotopeProductCollection $objOrder)
{
$checksum = hash_hmac("sha256", file_get_contents("php://input"), $this->quickpay_privateKey);
if ($checksum != $_SERVER['HTTP_QUICKPAY_CHECKSUM_SHA256']) {
\System::log('Invalid hash for QuickPay payment. See system/logs/isotope_quickpay.log for more details.', __METHOD__, TL_ERROR);
log_message(sprintf("Invalid hash for QuickPay payment:\ngot %s, expected %s\nInput: %s\n\n", $_SERVER['HTTP_QUICKPAY_CHECKSUM_SHA256'], $checksum, file_get_contents("php://input")), 'isotope_quickpay.log');
return false;
}
$data = $this->getRequestResource();
if (null === $data) {
return false;
}
$amount = Currency::getAmountInMinorUnits($objOrder->getTotal(), $objOrder->currency);
if ($objOrder->currency != $data['currency'] || $amount != $data['operations'][0]['amount'] || 0 != $data['balance'] || $data['test_mode'] != $this->debug) {
\System::log('QuickPay data was not accepted. See system/logs/isotope_quickpay.log for more details.', __METHOD__, TL_ERROR);
log_message(sprintf("QuickPay data was not accepted:\n" . "Currency: got \"%s\", expected \"%s\"\n" . "Amount: got \"%s\", expected \"%s\"\n" . "Balance: got \"%s\", expected \"0\"\n" . "Accepted: got \"%s\", expected \"yes\"\n\n" . "Test Mode: got \"%s\", expected \"%s\"\n\n", $data['currency'], $objOrder->currency, $data['operations'][0]['amount'], $amount, $data['balance'], $data['accepted'] ? 'yes' : 'no', $data['test_mode'] ? 'yes' : 'no', $this->debug ? 'yes' : 'no'), 'isotope_quickpay.log');
return false;
}
return true;
}
private function getCollectionTotalAsXML(IsotopeProductCollection $objCollection)
{
$intRebate = 0;
$intRebateGross = 0;
$strShippingName = '';
$intShippingPrice = 0;
$intShippingPriceGross = 0;
foreach ($objCollection->getSurcharges() as $objSurcharge) {
if ($objSurcharge->total_price < 0) {
$intRebate += round($objSurcharge->tax_free_total_price * 100);
$intRebateGross += round($objSurcharge->total_price * 100);
} elseif ($objSurcharge instanceof Shipping) {
$strShippingName = $objSurcharge->label;
$intShippingPrice += round($objSurcharge->tax_free_total_price * 100);
$intShippingPriceGross += round($objSurcharge->total_price * 100);
}
}
$xml = new \DOMDocument();
$total = $xml->createElement('total');
if ($intShippingPrice != 0 || $intShippingPriceGross != 0) {
$shippingName = $xml->createAttribute('shippingname');
$shippingName->value = $strShippingName;
$total->appendChild($shippingName);
$shippingPrice = $xml->createAttribute('shippingprice');
$shippingPrice->value = $intShippingPrice;
$total->appendChild($shippingPrice);
$shippingPriceGross = $xml->createAttribute('shippingpricegross');
$shippingPriceGross->value = $intShippingPriceGross;
$total->appendChild($shippingPriceGross);
}
if ($intRebate != 0 || $intRebateGross != 0) {
$rebate = $xml->createAttribute('rebate');
$rebate->value = $intRebate;
$total->appendChild($rebate);
$rebateGross = $xml->createAttribute('rebategross');
$rebateGross->value = $intRebateGross;
$total->appendChild($rebateGross);
}
$cartTotalPrice = $xml->createAttribute('carttotalprice');
$cartTotalPrice->value = round($objCollection->getTaxFreeTotal() * 100);
$total->appendChild($cartTotalPrice);
$cartTotalPriceGross = $xml->createAttribute('carttotalpricegross');
$cartTotalPriceGross->value = round($objCollection->getTotal() * 100);
$total->appendChild($cartTotalPriceGross);
$currency = $xml->createAttribute('currency');
$currency->value = $objCollection->currency;
$total->appendChild($currency);
$xml->appendChild($total);
return $xml->saveXML($xml->documentElement);
}
/**
* Return the payment form.
* @param IsotopeProductCollection The order being places
* @param Module The checkout module instance
* @return string
*/
public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule)
{
global $objPage;
$arrUrl = array();
$strUrl = 'https://' . ($this->debug ? 'test' : '') . 'system.sparkassen-internetkasse.de/vbv/mpi_legacy?';
$arrParam = array('amount' => number_format($objOrder->getTotal(), 2, ',', ''), 'basketid' => $objOrder->source_collection_id, 'command' => 'sslform', 'currency' => $objOrder->currency, 'locale' => $objOrder->language, 'orderid' => $objOrder->id, 'paymentmethod' => $this->sparkasse_paymentmethod, 'sessionid' => $objPage->id, 'sslmerchant' => $this->sparkasse_sslmerchant, 'transactiontype' => $this->trans_type == 'auth' ? 'preauthorization' : 'authorization', 'version' => '1.5');
if ($this->sparkasse_merchantref != '') {
$arrParam['merchantref'] = substr($this->replaceInsertTags($this->sparkasse_merchantref), 0, 30);
}
$arrParam['mac'] = $this->calculateHash($arrParam);
foreach ($arrParam as $k => $v) {
$arrUrl[] = $k . '=' . $v;
}
$strUrl .= implode('&', $arrUrl);
return "\n<script>\nwindow.location.href = '" . $strUrl . "';\n</script>\n<h3>" . $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][0] . "</h3>\n<p>" . $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][1] . "</p>\n<p><a href=\"" . $strUrl . "\">" . $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][2] . "</a>";
}
/**
* Replace insert tag for a product collection.
*
* @param IsotopeProductCollection $collection
* @param array $tokens
*
* @return string
*/
private function getValueForCollectionTag(IsotopeProductCollection $collection, array $tokens)
{
switch ($tokens[1]) {
case 'items':
return $collection->countItems();
case 'quantity':
return $collection->sumItemsQuantity();
case 'items_label':
$intCount = $collection->countItems();
if (!$intCount) {
return '';
}
if ($intCount == 1) {
return '(' . $GLOBALS['TL_LANG']['MSC']['productSingle'] . ')';
} else {
return sprintf('(' . $GLOBALS['TL_LANG']['MSC']['productMultiple'] . ')', $intCount);
}
break;
case 'quantity_label':
$intCount = $collection->sumItemsQuantity();
if (!$intCount) {
return '';
}
if ($intCount == 1) {
return '(' . $GLOBALS['TL_LANG']['MSC']['productSingle'] . ')';
} else {
return sprintf('(' . $GLOBALS['TL_LANG']['MSC']['productMultiple'] . ')', $intCount);
}
break;
case 'subtotal':
return Isotope::formatPriceWithCurrency($collection->getSubtotal());
case 'taxfree_subtotal':
return Isotope::formatPriceWithCurrency($collection->getTaxFreeSubtotal());
case 'total':
return Isotope::formatPriceWithCurrency($collection->getTotal());
case 'taxfree_total':
return Isotope::formatPriceWithCurrency($collection->getTaxFreeTotal());
case 'billing_address':
if (!$collection instanceof IsotopeOrderableCollection || ($address = $collection->getBillingAddress()) === null) {
return '';
}
return $this->getValueForAddressTag($address, $tokens[2]);
case 'shipping_address':
if (!$collection instanceof IsotopeOrderableCollection || !$collection->hasShipping() || ($address = $collection->getShippingAddress()) === null) {
return '';
}
return $this->getValueForAddressTag($address, $tokens[2]);
default:
return $collection->{$tokens[1]};
}
}
/**
* Process post-sale requestion from the PSP payment server.
* @param IsotopeProductCollection
*/
public function processPostsale(IsotopeProductCollection $objOrder)
{
if (!$this->validateSHASign()) {
\System::log('Received invalid postsale data for order ID "' . $objOrder->id . '"', __METHOD__, TL_ERROR);
return false;
}
// Validate payment data
if ($objOrder->currency != $this->getRequestData('currency') || $objOrder->getTotal() != $this->getRequestData('amount')) {
\System::log('Postsale checkout manipulation in payment for Order ID ' . $objOrder->id . '!', __METHOD__, TL_ERROR);
return false;
}
// Validate payment status
switch ($this->getRequestData('STATUS')) {
case 9:
// Zahlung beantragt (Authorize & Capture)
$objOrder->date_paid = time();
// no break
// no break
case 5:
// Genehmigt (Authorize ohne Capture)
$intStatus = $this->new_order_status;
break;
case 41:
// Unbekannter Wartezustand
// Unbekannter Wartezustand
case 51:
// Genehmigung im Wartezustand
// Genehmigung im Wartezustand
case 91:
// Zahlung im Wartezustand
// Zahlung im Wartezustand
case 52:
// Genehmigung nicht bekannt
// Genehmigung nicht bekannt
case 92:
// Zahlung unsicher
if (($objConfig = $objOrder->getRelated('config_id')) === null) {
$this->log('Config for Order ID ' . $objOrder->id . ' not found', __METHOD__, TL_ERROR);
return false;
}
$intStatus = $objConfig->orderstatus_error;
break;
case 0:
// Ungültig / Unvollständig
// Ungültig / Unvollständig
case 1:
// Zahlungsvorgang abgebrochen
// Zahlungsvorgang abgebrochen
case 2:
// Genehmigung verweigert
// Genehmigung verweigert
case 4:
// Gespeichert
// Gespeichert
case 93:
// Bezahlung verweigert
// Bezahlung verweigert
default:
return false;
}
if (!$objOrder->checkout()) {
\System::log('Post-Sale checkout for Order ID "' . $objOrder->id . '" failed', __METHOD__, TL_ERROR);
return false;
}
$objOrder->updateOrderStatus($intStatus);
$objOrder->save();
return true;
}
/**
* Generate POST data to initialize payment
*
* @param IsotopeProductCollection $objOrder
* @param \Module $objModule
*
* @return array
*/
protected function generatePaymentPostData(IsotopeProductCollection $objOrder, \Module $objModule)
{
$arrData = array();
$arrData['ACCOUNTID'] = $this->saferpay_accountid;
$arrData['AMOUNT'] = round($objOrder->getTotal() * 100, 0);
$arrData['CURRENCY'] = $objOrder->currency;
$arrData['SUCCESSLINK'] = \Environment::get('base') . $objModule->generateUrlForStep('complete', $objOrder);
$arrData['FAILLINK'] = \Environment::get('base') . $objModule->generateUrlForStep('failed');
$arrData['BACKLINK'] = $arrData['FAILLINK'];
$arrData['NOTIFYURL'] = \Environment::get('base') . '/system/modules/isotope/postsale.php?mod=pay&id=' . $this->id;
$arrData['DESCRIPTION'] = $this->saferpay_description;
$arrData['ORDERID'] = $objOrder->id;
// order id
// Additional attributes
if ($this->saferpay_vtconfig) {
$arrData['VTCONFIG'] = $this->saferpay_vtconfig;
}
if ($this->saferpay_paymentmethods != '') {
$arrData['PAYMENTMETHODS'] = $this->saferpay_paymentmethods;
}
return $arrData;
}
/**
* HTML form for checkout
* @param object
* @param object
* @return string
*/
public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule)
{
$time = time();
$strSessionId = $objOrder->id . '_' . uniqid();
$objAddress = $objOrder->getBillingAddress();
$intPrice = round($objOrder->getTotal(), 2) * 100;
$strDescription = sprintf($GLOBALS['TL_LANG']['MSC']['payu_order'], $objOrder->uniqid);
$objTemplate = new \Isotope\Template('iso_payment_payu');
$objTemplate->setData($this->arrData);
$objTemplate->id = $this->id;
$objTemplate->order_id = $objOrder->uniqid;
$objTemplate->ts = $time;
$objTemplate->amount = $intPrice;
$objTemplate->session_id = $strSessionId;
$objTemplate->desc = specialchars($strDescription);
$objTemplate->sig = md5($this->payu_id . ($this->debug ? 't' : '') . $strSessionId . $this->payu_authKey . $intPrice . $strDescription . $objOrder->uniqid . $objAddress->firstname . $objAddress->lastname . $objAddress->street_1 . $objAddress->city . $objAddress->postal . $objAddress->country . $objAddress->email . $objAddress->phone . $GLOBALS['TL_LANGUAGE'] . \Environment::get('ip') . $time . $this->payu_key1);
$objTemplate->ip = \Environment::get('ip');
$objTemplate->language = $GLOBALS['TL_LANGUAGE'];
$objTemplate->address = $objAddress;
$objTemplate->headline = $GLOBALS['TL_LANG']['MSC']['pay_with_payu'][0];
$objTemplate->message = $GLOBALS['TL_LANG']['MSC']['pay_with_payu'][1];
$objTemplate->slabel = specialchars($GLOBALS['TL_LANG']['MSC']['pay_with_payu'][2]);
return $objTemplate->parse();
}
/**
* Return the payment form.
* @param IsotopeProductCollection The order being places
* @param Module The checkout module instance
* @return string
*/
public function checkoutForm(IsotopeProductCollection $objOrder, \Module $objModule)
{
global $objPage;
$objTemplate = new Template('iso_payment_sparkasse');
$objTemplate->amount = number_format($objOrder->getTotal(), 2, ',', '');
$objTemplate->basketid = $objOrder->source_collection_id;
$objTemplate->currency = $objOrder->currency;
$objTemplate->locale = $objOrder->language;
$objTemplate->orderid = $objOrder->id;
$objTemplate->sessionid = $objPage->id;
$objTemplate->transactiontype = $this->trans_type == 'auth' ? 'preauthorization' : 'authorization';
$objTemplate->merchantref = '';
if ($this->sparkasse_merchantref != '') {
$objTemplate->merchantref = substr($this->replaceInsertTags($this->sparkasse_merchantref), 0, 30);
}
$objTemplate->headline = $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][0];
$objTemplate->message = $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][1];
$objTemplate->link = $GLOBALS['TL_LANG']['MSC']['pay_with_redirect'][2];
// Unfortunately we can't use the class method for this
// @todo change when PHP 5.4 is compulsory
$objTemplate->calculateHash = function ($arrData) {
ksort($arrData);
return hash_hmac('sha1', implode('', $arrData), $this->sparkasse_sslpassword);
};
return $objTemplate->parse();
}
