$_return .= '&aws-access-key-id=' . $aws_access_key; } echo $_return; exit; } elseif ($message_recognizer == 'NewOrderNotification') { // Order was placed by Amazon checkout. We need to proceed the callback. list($amazon_sess_id, $payment_id) = explode(';', base64_decode((string) $xml->ProcessedOrder->ProcessedOrderItems->ProcessedOrderItem->CartCustomData->ClientRequestId)); $processor_data = fn_get_payment_method_data($payment_id); // If we use the signed cart, validate the request if (!fn_amazon_validate_request($processor_data, $_POST)) { die('Access denied'); } // Restart session if (!empty($amazon_sess_id)) { Tygh::$app['session']->resetID($amazon_sess_id); fn_payments_set_company_id(0, Tygh::$app['session']['settings']['company_id']['value']); $cart =& Tygh::$app['session']['cart']; $auth =& Tygh::$app['session']['auth']; } // Compare the cart data with the Amazon request if (!fn_amazon_validate_cart_data($cart, $xml)) { fn_set_notification('E', __('error'), 'text_amazon_incorrect_products_count'); exit; } $transaction_id = (string) $xml->ProcessedOrder->AmazonOrderID; // Prevent the double notifications $reference_id = (string) $xml->NotificationReferenceId; if (!empty(Tygh::$app['session']['reference_id']) && Tygh::$app['session']['reference_id'] == $reference_id) { exit; } else { Tygh::$app['session']['reference_id'] = $reference_id;
$_return .= '&aws-access-key-id=' . $aws_access_key; } echo $_return; exit; } elseif ($message_recognizer == 'NewOrderNotification') { // Order was placed by Amazon checkout. We need to proceed the callback. list($amazon_sess_id, $payment_id) = explode(';', base64_decode((string) $xml->ProcessedOrder->ProcessedOrderItems->ProcessedOrderItem->CartCustomData->ClientRequestId)); $processor_data = fn_get_payment_method_data($payment_id); // If we use the signed cart, validate the request if (!fn_amazon_validate_request($processor_data, $_POST)) { die('Access denied'); } // Restart session if (!empty($amazon_sess_id)) { Session::resetId($amazon_sess_id); fn_payments_set_company_id(0, $_SESSION['settings']['company_id']['value']); $cart =& $_SESSION['cart']; $auth =& $_SESSION['auth']; } // Compare the cart data with the Amazon request if (!fn_amazon_validate_cart_data($cart, $xml)) { fn_set_notification('E', __('error'), 'text_amazon_incorrect_products_count'); exit; } $transaction_id = (string) $xml->ProcessedOrder->AmazonOrderID; // Prevent the double notifications $reference_id = (string) $xml->NotificationReferenceId; if (!empty($_SESSION['reference_id']) && $_SESSION['reference_id'] == $reference_id) { exit; } else { $_SESSION['reference_id'] = $reference_id;
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. * ****************************************************************************/ use Tygh\Registry; $avs_res = array('0' => 'Not Supported', '1' => 'Not Checked', '2' => 'Matched', '4' => 'Not Matched', '8' => 'Partially Matched'); $mode_test_declined = 101; $mode_test = 100; $mode_live = 0; $card_holder_for_declined_test = 'REFUSED'; if (defined('PAYMENT_NOTIFICATION')) { if ($mode == 'notify') { fn_order_placement_routines('route', $_REQUEST['order_id']); } } elseif (!empty($_REQUEST['cartId']) && !empty($_REQUEST['transStatus'])) { require './init_payment.php'; $order_id = strpos($_REQUEST['cartId'], '_') ? substr($_REQUEST['cartId'], 0, strpos($_REQUEST['cartId'], '_')) : $_REQUEST['cartId']; fn_payments_set_company_id($order_id); $pp_response["reason_text"] = ''; $payment_id = db_get_field("SELECT ?:orders.payment_id FROM ?:orders WHERE ?:orders.order_id = ?i", $order_id); $processor_data = fn_get_payment_method_data($payment_id); $pp_response['order_status'] = $_REQUEST['transStatus'] == 'Y' && (!empty($processor_data['processor_params']['callback_password']) ? !empty($_REQUEST['callbackPW']) && $_REQUEST['callbackPW'] == $processor_data['processor_params']['callback_password'] : true) ? 'P' : 'F'; if ($_REQUEST['transStatus'] == 'Y') { $pp_response['reason_text'] = $_REQUEST['rawAuthMessage']; $pp_response['transaction_id'] = $_REQUEST['transId']; $pp_response['descr_avs'] = 'CVV (Security Code): ' . $avs_res[substr($_REQUEST['AVS'], 0, 1)] . '; Postcode: ' . $avs_res[substr($_REQUEST['AVS'], 1, 1)] . '; Address: ' . $avs_res[substr($_REQUEST['AVS'], 2, 1)] . '; Country: ' . $avs_res[substr($_REQUEST['AVS'], 3)]; } if (!empty($_REQUEST['testMode'])) { $pp_response['reason_text'] .= '; This a TEST Transaction'; } $area = db_get_field("SELECT data FROM ?:order_data WHERE order_id = ?i AND type = 'E'", $order_id); $override = $area == 'A' ? true : false; fn_finish_payment($order_id, $pp_response, false);
* (c) 2004 Vladimir V. Kalynyak, Alexey V. Vinokurov, Ilya M. Shalnev * * * * This is commercial software, only users who have purchased a valid * * license and accept to the terms of the License Agreement can install * * and use this program. * * * **************************************************************************** * PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE * * "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. * ****************************************************************************/ if (!defined('BOOTSTRAP')) { die('Access denied'); } if (defined('PAYMENT_NOTIFICATION')) { if (!empty($_REQUEST['order_id'])) { fn_payments_set_company_id($_REQUEST['order_id']); } if (!empty($_REQUEST['key'])) { $payment_id = db_get_field("SELECT payment_id FROM ?:orders WHERE order_id = ?i", $_REQUEST['order_id']); $processor_data = fn_get_payment_method_data($payment_id); $order_info = fn_get_order_info($_REQUEST['order_id']); $order_number_id = $processor_data['processor_params']['mode'] == 'test' ? '1' : $_REQUEST['order_number']; $pp_response = array(); if (strtoupper(md5($processor_data['processor_params']['secret_word'] . $processor_data['processor_params']['account_number'] . $order_number_id . $order_info['total'])) == $_REQUEST['key'] && $_REQUEST['credit_card_processed'] == 'Y') { $pp_response['order_status'] = $processor_data['processor_params']['fraud_verification'] == 'Y' ? $processor_data['processor_params']['fraud_wait'] : 'P'; $pp_response['reason_text'] = __('order_id') . '-' . $_REQUEST['order_number']; } else { $pp_response['order_status'] = $_REQUEST['credit_card_processed'] == 'K' ? 'O' : 'F'; $pp_response['reason_text'] = $_REQUEST['credit_card_processed'] == 'Y' ? "MD5 Hash is invalid" : __('order_id') . '-' . $_REQUEST['order_number']; } $pp_response['transaction_id'] = !empty($_REQUEST['tcoid']) ? $_REQUEST['tcoid'] : '';