protected function index()
{
$this->data['button_confirm'] = $this->language->get('button_confirm');
$this->data['button_back'] = $this->language->get('button_back');
if (!$this->config->get('paypal_express_test')) {
$this->data['action'] = 'https://www.paypal_express.com/cgi-bin/webscr';
} else {
$this->data['action'] = 'https://www.sandbox.paypal_express.com/cgi-bin/webscr';
}
$this->load->model('checkout/order');
$order_info = $this->model_checkout_order->getOrder($this->session->data['order_id']);
if (empty($comments)) {
if (isset($HTTP_POST_VARS['ppecomments']) && tep_not_null($HTTP_POST_VARS['ppecomments'])) {
$comments = tep_db_prepare_input($HTTP_POST_VARS['ppecomments']);
$order->info['comments'] = $comments;
}
}
if (MODULE_PAYMENT_PAYPAL_EXPRESS_TRANSACTION_SERVER == 'Live') {
$api_url = 'https://api-3t.paypal.com/nvp';
} else {
$api_url = 'https://api-3t.sandbox.paypal.com/nvp';
}
$params = array('USER' => MODULE_PAYMENT_PAYPAL_EXPRESS_API_USERNAME, 'PWD' => MODULE_PAYMENT_PAYPAL_EXPRESS_API_PASSWORD, 'VERSION' => '3.2', 'SIGNATURE' => MODULE_PAYMENT_PAYPAL_EXPRESS_API_SIGNATURE, 'METHOD' => 'DoExpressCheckoutPayment', 'TOKEN' => $ppe_token, 'PAYMENTACTION' => MODULE_PAYMENT_PAYPAL_EXPRESS_TRANSACTION_METHOD == 'Sale' ? 'Sale' : 'Authorization', 'PAYERID' => $ppe_payerid, 'AMT' => $this->format_raw($order->info['total']), 'CURRENCYCODE' => $order->info['currency'], 'BUTTONSOURCE' => 'osCommerce22_Default_EC');
if (is_numeric($sendto) && $sendto > 0) {
$params['SHIPTONAME'] = $order->delivery['firstname'] . ' ' . $order->delivery['lastname'];
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRYCODE'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
$post_string = substr($post_string, 0, -1);
$response = $this->sendTransactionToGateway($api_url, $post_string);
$response_array = array();
parse_str($response, $response_array);
if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') {
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']), 'SSL'));
}
$this->data['back'] = $this->url->https('checkout/payment');
$this->id = 'payment';
$this->template = $this->config->get('config_template') . 'payment/paypal_express.tpl';
$this->render();
}
protected function index()
{
$this->data['button_confirm'] = $this->language->get('button_confirm');
$this->data['button_back'] = $this->language->get('button_back');
if (!$this->config->get('pp_express_test')) {
$this->data['action'] = 'https://www.pp_express.com/cgi-bin/webscr';
} else {
$this->data['action'] = 'https://www.sandbox.pp_express.com/cgi-bin/webscr';
}
$this->load->model('checkout/order');
$order_info = $this->model_checkout_order->getOrder($this->session->data['order_id']);
if (!$this->config->get('pp_direct_test')) {
$api_endpoint = 'https://api-3t.pp.com/nvp';
} else {
$api_endpoint = 'https://api-3t.sandbox.pp.com/nvp';
}
$payment_data = array('USER' => $this->config->get('pp_direct_username'), 'PWD' => $this->config->get('pp_direct_password'), 'VERSION' => '3.2', 'SIGNATURE' => $this->config->get('pp_direct_signature'), 'METHOD' => 'DoExpressCheckoutPayment', 'TOKEN' => $ppe_token, 'PAYMENTACTION' => MODULE_PAYMENT_pp_EXPRESS_TRANSACTION_METHOD == 'Sale' ? 'Sale' : 'Authorization', 'PAYERID' => $ppe_payerid, 'AMT' => $this->format_raw($order->info['total']), 'CURRENCYCODE' => $order->info['currency'], 'BUTTONSOURCE' => 'osCommerce22_Default_EC');
if (is_numeric($sendto) && $sendto > 0) {
$params['SHIPTONAME'] = $order->delivery['firstname'] . ' ' . $order->delivery['lastname'];
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRYCODE'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
$post_string = substr($post_string, 0, -1);
$response = $this->sendTransactionToGateway($api_url, $post_string);
$response_array = array();
parse_str($response, $response_array);
if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') {
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']), 'SSL'));
}
$this->data['back'] = HTTPS_SERVER . 'index.php?route=checkout/payment';
$this->id = 'payment';
if (file_exists(DIR_TEMPLATE . $this->config->get('config_template') . '/template/payment/pp_express.tpl')) {
$this->template = $this->config->get('config_template') . '/template/payment/pp_express.tpl';
} else {
$this->template = 'default/template/payment/pp_express.tpl';
}
$this->response->setOutput($this->render(TRUE), $this->config->get('config_compression'));
}
/**
* Transform OsCommerce order to PaynetEasy order
*
* @param order $oscommerce_order OsCommerce order
* @param string $redirect_url Url for final payment processing
*
* @return PaymentTransaction PaynetEasy transaction
*/
protected function get_paynet_transaction(OsCommerceOrder $oscommerce_order, $redirect_url = null)
{
$oscommerce_customer = $oscommerce_order->customer;
$paynet_transaction = new PaymentTransaction();
$paynet_address = new BillingAddress();
$paynet_payment = new Payment();
$paynet_customer = new Customer();
$query_config = new QueryConfig();
$state_code = tep_get_zone_code($oscommerce_customer['country']['id'], $oscommerce_customer['zone_id'], $oscommerce_customer['state']);
$paynet_address->setCountry($oscommerce_customer['country']['iso_code_2'])->setState($state_code)->setCity($oscommerce_customer['city'])->setFirstLine($oscommerce_customer['street_address'])->setZipCode($oscommerce_customer['postcode'])->setPhone($oscommerce_customer['telephone']);
$paynet_customer->setEmail($oscommerce_customer['email_address'])->setFirstName($oscommerce_customer['firstname'])->setLastName($oscommerce_customer['lastname'])->setIpAddress(tep_get_ip_address());
$paynet_payment->setClientId($oscommerce_order->info['order_id'])->setDescription($this->get_paynet_order_description($oscommerce_order))->setAmount($oscommerce_order->info['total'])->setCurrency($oscommerce_order->info['currency'])->setCustomer($paynet_customer)->setBillingAddress($paynet_address);
if (isset($oscommerce_order->info['paynet_order_id'])) {
$paynet_payment->setPaynetId($oscommerce_order->info['paynet_order_id']);
}
$query_config->setEndPoint((int) MODULE_PAYMENT_PAYNETEASYFORM_END_POINT)->setLogin(MODULE_PAYMENT_PAYNETEASYFORM_LOGIN)->setSigningKey(MODULE_PAYMENT_PAYNETEASYFORM_SIGNING_KEY)->setGatewayMode(MODULE_PAYMENT_PAYNETEASYFORM_GATEWAY_MODE)->setGatewayUrlSandbox(MODULE_PAYMENT_PAYNETEASYFORM_SANDBOX_GATEWAY)->setGatewayUrlProduction(MODULE_PAYMENT_PAYNETEASYFORM_PRODUCTION_GATEWAY);
if (Validator::validateByRule($redirect_url, Validator::URL, false)) {
$query_config->setRedirectUrl($redirect_url)->setCallbackUrl($redirect_url);
}
$paynet_transaction->setPayment($paynet_payment)->setQueryConfig($query_config);
return $paynet_transaction;
}
function before_process()
{
global $order, $sendto, $ppeuk_token, $ppeuk_payerid, $HTTP_POST_VARS, $comments;
if (empty($comments)) {
if (isset($HTTP_POST_VARS['ppecomments']) && tep_not_null($HTTP_POST_VARS['ppecomments'])) {
$comments = tep_db_prepare_input($HTTP_POST_VARS['ppecomments']);
$order->info['comments'] = $comments;
}
}
if (MODULE_PAYMENT_PAYPAL_UK_EXPRESS_TRANSACTION_SERVER == 'Live') {
$api_url = 'https://payflowpro.verisign.com/transaction';
} else {
$api_url = 'https://pilot-payflowpro.verisign.com/transaction';
}
$params = array('USER' => tep_not_null(MODULE_PAYMENT_PAYPAL_UK_EXPRESS_USERNAME) ? MODULE_PAYMENT_PAYPAL_UK_EXPRESS_USERNAME : MODULE_PAYMENT_PAYPAL_UK_EXPRESS_VENDOR, 'VENDOR' => MODULE_PAYMENT_PAYPAL_UK_EXPRESS_VENDOR, 'PARTNER' => MODULE_PAYMENT_PAYPAL_UK_EXPRESS_PARTNER, 'PWD' => MODULE_PAYMENT_PAYPAL_UK_EXPRESS_PASSWORD, 'TENDER' => 'P', 'TRXTYPE' => MODULE_PAYMENT_PAYPAL_UK_EXPRESS_TRANSACTION_METHOD == 'Sale' ? 'S' : 'A', 'EMAIL' => $order->customer['email_address'], 'TOKEN' => $ppeuk_token, 'ACTION' => 'D', 'PAYERID' => $ppeuk_payerid, 'AMT' => $this->format_raw($order->info['total']), 'CURRENCY' => $order->info['currency'], 'BUTTONSOURCE' => 'osCommerce22_Default_PRO2EC');
if (is_numeric($sendto) && $sendto > 0) {
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRY'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '[' . strlen(trim($value)) . ']=' . trim($value) . '&';
}
$post_string = substr($post_string, 0, -1);
$response = $this->sendTransactionToGateway($api_url, $post_string, array('X-VPS-REQUEST-ID: ' . md5($cartID . tep_session_id() . rand())));
$response_array = array();
parse_str($response, $response_array);
if ($response_array['RESULT'] != '0') {
switch ($response_array['RESULT']) {
case '1':
case '26':
$error_message = MODULE_PAYMENT_PAYPAL_UK_EXPRESS_ERROR_CFG_ERROR;
break;
case '7':
$error_message = MODULE_PAYMENT_PAYPAL_UK_EXPRESS_ERROR_ADDRESS;
break;
case '12':
$error_message = MODULE_PAYMENT_PAYPAL_UK_EXPRESS_ERROR_DECLINED;
break;
case '1000':
$error_message = MODULE_PAYMENT_PAYPAL_UK_EXPRESS_ERROR_EXPRESS_DISABLED;
break;
default:
$error_message = MODULE_PAYMENT_PAYPAL_UK_EXPRESS_ERROR_GENERAL;
break;
}
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, 'error_message=' . urlencode($error_message), 'SSL'));
}
}
function before_process()
{
global $HTTP_GET_VARS, $HTTP_POST_VARS, $sagepay_server_skey_code, $sagepay_server_transaction_details, $sage_pay_server_nexturl, $customer_id, $order, $currency, $order_totals, $cartID;
$sagepay_server_transaction_details = null;
$error = null;
if (isset($HTTP_GET_VARS['check']) && $HTTP_GET_VARS['check'] == 'PROCESS') {
if (isset($HTTP_GET_VARS['skcode']) && tep_session_is_registered('sagepay_server_skey_code') && $HTTP_GET_VARS['skcode'] == $sagepay_server_skey_code) {
$skcode = tep_db_prepare_input($HTTP_GET_VARS['skcode']);
$sp_query = tep_db_query('select verified, transaction_details from sagepay_server_securitykeys where code = "' . tep_db_input($skcode) . '" limit 1');
if (tep_db_num_rows($sp_query)) {
$sp = tep_db_fetch_array($sp_query);
tep_session_unregister('sagepay_server_skey_code');
tep_db_query('delete from sagepay_server_securitykeys where code = "' . tep_db_input($skcode) . '"');
if ($sp['verified'] == '1') {
$sagepay_server_transaction_details = $sp['transaction_details'];
return true;
}
}
}
} else {
if (!tep_session_is_registered('sagepay_server_skey_code')) {
tep_session_register('sagepay_server_skey_code');
$sagepay_server_skey_code = tep_create_random_value(16);
}
$params = array('VPSProtocol' => $this->api_version, 'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802', 'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_SERVER_VENDOR_LOGIN_NAME, 0, 15), 'VendorTxCode' => substr(date('YmdHis') . '-' . $customer_id . '-' . $cartID, 0, 40), 'Amount' => $this->format_raw($order->info['total']), 'Currency' => $currency, 'Description' => substr(STORE_NAME, 0, 100), 'NotificationURL' => $this->formatURL(tep_href_link('ext/modules/payment/sage_pay/server.php', 'check=SERVER&skcode=' . $sagepay_server_skey_code, 'SSL', false)), 'BillingSurname' => substr($order->billing['lastname'], 0, 20), 'BillingFirstnames' => substr($order->billing['firstname'], 0, 20), 'BillingAddress1' => substr($order->billing['street_address'], 0, 100), 'BillingCity' => substr($order->billing['city'], 0, 40), 'BillingPostCode' => substr($order->billing['postcode'], 0, 10), 'BillingCountry' => $order->billing['country']['iso_code_2'], 'BillingPhone' => substr($order->customer['telephone'], 0, 20), 'DeliverySurname' => substr($order->delivery['lastname'], 0, 20), 'DeliveryFirstnames' => substr($order->delivery['firstname'], 0, 20), 'DeliveryAddress1' => substr($order->delivery['street_address'], 0, 100), 'DeliveryCity' => substr($order->delivery['city'], 0, 40), 'DeliveryPostCode' => substr($order->delivery['postcode'], 0, 10), 'DeliveryCountry' => $order->delivery['country']['iso_code_2'], 'DeliveryPhone' => substr($order->customer['telephone'], 0, 20), 'CustomerEMail' => substr($order->customer['email_address'], 0, 255), 'Apply3DSecure' => '0');
$ip_address = tep_get_ip_address();
if (ip2long($ip_address) != -1 && ip2long($ip_address) != false) {
$params['ClientIPAddress'] = $ip_address;
}
if (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_METHOD == 'Payment') {
$params['TxType'] = 'PAYMENT';
} elseif (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_METHOD == 'Deferred') {
$params['TxType'] = 'DEFERRED';
} else {
$params['TxType'] = 'AUTHENTICATE';
}
if ($params['BillingCountry'] == 'US') {
$params['BillingState'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], '');
}
if ($params['DeliveryCountry'] == 'US') {
$params['DeliveryState'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], '');
}
if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE != 'Normal') {
$params['Profile'] = 'LOW';
}
$contents = array();
foreach ($order->products as $product) {
$product_name = $product['name'];
if (isset($product['attributes'])) {
foreach ($product['attributes'] as $att) {
$product_name .= '; ' . $att['option'] . '=' . $att['value'];
}
}
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', $product_name) . ':' . $product['qty'] . ':' . $this->format_raw($product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price'] + $product['final_price']) . ':' . $this->format_raw(($product['tax'] / 100 * $product['final_price'] + $product['final_price']) * $product['qty']);
}
foreach ($order_totals as $ot) {
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', strip_tags($ot['title'])) . ':---:---:---:---:' . $this->format_raw($ot['value']);
}
$params['Basket'] = substr(sizeof($contents) . ':' . implode(':', $contents), 0, 7500);
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
if (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_SERVER == 'Live') {
$gateway_url = 'https://live.sagepay.com/gateway/service/vspserver-register.vsp';
} else {
$gateway_url = 'https://test.sagepay.com/gateway/service/vspserver-register.vsp';
}
$transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string);
$string_array = explode(chr(10), $transaction_response);
$return = array();
foreach ($string_array as $string) {
if (strpos($string, '=') != false) {
$parts = explode('=', $string, 2);
$return[trim($parts[0])] = trim($parts[1]);
}
}
if ($return['Status'] == 'OK') {
$sp_query = tep_db_query('select id, securitykey from sagepay_server_securitykeys where code = "' . tep_db_input($sagepay_server_skey_code) . '" limit 1');
if (tep_db_num_rows($sp_query)) {
$sp = tep_db_fetch_array($sp_query);
if ($sp['securitykey'] != $return['SecurityKey']) {
tep_db_query('update sagepay_server_securitykeys set securitykey = "' . tep_db_input($return['SecurityKey']) . '", date_added = now() where id = "' . (int) $sp['id'] . '"');
}
} else {
tep_db_query('insert into sagepay_server_securitykeys (code, securitykey, date_added) values ("' . tep_db_input($sagepay_server_skey_code) . '", "' . tep_db_input($return['SecurityKey']) . '", now())');
}
if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE == 'Normal') {
tep_redirect($return['NextURL']);
} else {
if (!tep_session_is_registered('sage_pay_server_nexturl')) {
tep_session_register('sage_pay_server_nexturl');
}
$sage_pay_server_nexturl = $return['NextURL'];
tep_redirect(tep_href_link('ext/modules/payment/sage_pay/checkout.php', '', 'SSL'));
}
} else {
$error = $this->getErrorMessageNumber($return['StatusDetail']);
$this->sendDebugEmail($return);
}
}
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL'));
}
function quote($method = '')
{
/* FedEx integration starts */
global $shipping_weight, $shipping_num_boxes, $cart, $order;
require_once DIR_FS_CATALOG . DIR_WS_INCLUDES . 'library/fedex-common.php5';
//if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_SERVER == 'test') {
//$request['Version'] = array('ServiceId' => 'crs', 'Major' => '7', 'Intermediate' => '0', 'Minor' => '0');
//$path_to_wsdl = DIR_WS_INCLUDES . "wsdl/RateService_v7_test.wsdl";
//} else {
$path_to_wsdl = DIR_FS_CATALOG . DIR_WS_INCLUDES . "wsdl/RateService_v9.wsdl";
//}
ini_set("soap.wsdl_cache_enabled", "0");
$client = new SoapClient($path_to_wsdl, array('trace' => 1));
$this->types = array();
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_INTERNATIONAL_PRIORITY == 'true') {
$this->types['INTERNATIONAL_PRIORITY'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_INT_EXPRESS_HANDLING_FEE);
$this->types['EUROPE_FIRST_INTERNATIONAL_PRIORITY'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_INT_EXPRESS_HANDLING_FEE);
}
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_INTERNATIONAL_ECONOMY == 'true') {
$this->types['INTERNATIONAL_ECONOMY'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_INT_EXPRESS_HANDLING_FEE);
}
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_STANDARD_OVERNIGHT == 'true') {
$this->types['STANDARD_OVERNIGHT'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_EXPRESS_HANDLING_FEE);
}
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_FIRST_OVERNIGHT == 'true') {
$this->types['FIRST_OVERNIGHT'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_EXPRESS_HANDLING_FEE);
}
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_PRIORITY_OVERNIGHT == 'true') {
$this->types['PRIORITY_OVERNIGHT'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_EXPRESS_HANDLING_FEE);
}
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_2DAY == 'true') {
$this->types['FEDEX_2_DAY'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_EXPRESS_HANDLING_FEE);
}
// because FEDEX_GROUND also is returned for Canadian Addresses, we need to check if the country matches the store country and whether international ground is enabled
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_GROUND == 'true' && $order->delivery['country']['id'] == STORE_COUNTRY || MODULE_SHIPPING_FEDEX_WEB_SERVICES_GROUND == 'true' && $order->delivery['country']['id'] != STORE_COUNTRY && MODULE_SHIPPING_FEDEX_WEB_SERVICES_INTERNATIONAL_GROUND == 'true') {
$this->types['FEDEX_GROUND'] = array('icon' => '', 'handling_fee' => $order->delivery['country']['id'] == STORE_COUNTRY ? MODULE_SHIPPING_FEDEX_WEB_SERVICES_HANDLING_FEE : MODULE_SHIPPING_FEDEX_WEB_SERVICES_INT_HANDLING_FEE);
$this->types['GROUND_HOME_DELIVERY'] = array('icon' => '', 'handling_fee' => $order->delivery['country']['id'] == STORE_COUNTRY ? MODULE_SHIPPING_FEDEX_WEB_SERVICES_HOME_DELIVERY_HANDLING_FEE : MODULE_SHIPPING_FEDEX_WEB_SERVICES_INT_HANDLING_FEE);
}
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_INTERNATIONAL_GROUND == 'true') {
$this->types['INTERNATIONAL_GROUND'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_INT_HANDLING_FEE);
}
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_EXPRESS_SAVER == 'true') {
$this->types['FEDEX_EXPRESS_SAVER'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_EXPRESS_HANDLING_FEE);
}
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_FREIGHT == 'true') {
$this->types['FEDEX_FREIGHT'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_EXPRESS_HANDLING_FEE);
$this->types['FEDEX_NATIONAL_FREIGHT'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_EXPRESS_HANDLING_FEE);
$this->types['FEDEX_1_DAY_FREIGHT'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_EXPRESS_HANDLING_FEE);
$this->types['FEDEX_2_DAY_FREIGHT'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_EXPRESS_HANDLING_FEE);
$this->types['FEDEX_3_DAY_FREIGHT'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_EXPRESS_HANDLING_FEE);
$this->types['INTERNATIONAL_ECONOMY_FREIGHT'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_INT_EXPRESS_HANDLING_FEE);
$this->types['INTERNATIONAL_PRIORITY_FREIGHT'] = array('icon' => '', 'handling_fee' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_INT_EXPRESS_HANDLING_FEE);
}
// $this->types[] = 'SMART_POST';
// customer details
$street_address = $order->delivery['street_address'];
$street_address2 = $order->delivery['suburb'];
$city = $order->delivery['city'];
$state = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], '');
if ($state == "QC") {
$state = "PQ";
}
$postcode = str_replace(array(' ', '-'), '', $order->delivery['postcode']);
$country_id = $order->delivery['country']['iso_code_2'];
$totals = $order->info['subtotal'] || $_SESSION['cart']->show_total();
$this->_setInsuranceValue($totals);
$request['WebAuthenticationDetail'] = array('UserCredential' => array('Key' => $this->fedex_key, 'Password' => $this->fedex_pwd));
$request['ClientDetail'] = array('AccountNumber' => $this->fedex_act_num, 'MeterNumber' => $this->fedex_meter_num);
$request['TransactionDetail'] = array('CustomerTransactionId' => ' *** Rate Request v9 using PHP ***');
// $request['RequestedShipment']['SmartPostDetail'] = array(
// 'Indicia' => 'MEDIA_MAIL',
// 'AncillaryEndorsement' => 'CARRIER_LEAVE_IF_NO_RESPONSE',
// 'SpecialServices' => 'USPS_DELIVERY_CONFIRMATION',
// 'HubId' => '5254',
// 'CustomerManifestId' => 1101);
// $request['RequestedShipment']['ServiceType'] = 'SMART_POST';
$request['Version'] = array('ServiceId' => 'crs', 'Major' => '9', 'Intermediate' => '0', 'Minor' => '0');
$request['ReturnTransitAndCommit'] = true;
$request['RequestedShipment']['DropoffType'] = $this->_setDropOff();
// valid values REGULAR_PICKUP, REQUEST_COURIER, ...
$request['RequestedShipment']['ShipTimestamp'] = date('c');
$request['RequestedShipment']['PackagingType'] = 'YOUR_PACKAGING';
// valid values FEDEX_BOX, FEDEX_PAK, FEDEX_TUBE, YOUR_PACKAGING, ...
$request['RequestedShipment']['TotalInsuredValue'] = array('Ammount' => $this->insurance, 'Currency' => $_SESSION['currency']);
$request['WebAuthenticationDetail'] = array('UserCredential' => array('Key' => $this->fedex_key, 'Password' => $this->fedex_pwd));
$request['ClientDetail'] = array('AccountNumber' => $this->fedex_act_num, 'MeterNumber' => $this->fedex_meter_num);
// print_r($request['WebAuthenticationDetail']);
// print_r($request['ClientDetail']);
// exit;
$request['RequestedShipment']['Shipper'] = array('Address' => array('StreetLines' => array(MODULE_SHIPPING_FEDEX_WEB_SERVICES_ADDRESS_1, MODULE_SHIPPING_FEDEX_WEB_SERVICES_ADDRESS_2), 'City' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_CITY, 'StateOrProvinceCode' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_STATE, 'PostalCode' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_POSTAL, 'CountryCode' => $this->country));
$request['RequestedShipment']['Recipient'] = array('Address' => array('StreetLines' => array($street_address, $street_address2), 'City' => $city, 'PostalCode' => $postcode, 'CountryCode' => $country_id, 'Residential' => $order->delivery['company'] != '' ? false : true));
//customer county code
if (in_array($country_id, array('US', 'CA'))) {
$request['RequestedShipment']['Recipient']['StateOrProvinceCode'] = $state;
}
// print_r($request['RequestedShipment']['Recipient']) ;
// exit;
$request['RequestedShipment']['ShippingChargesPayment'] = array('PaymentType' => 'SENDER', 'Payor' => array('AccountNumber' => $this->fedex_act_num, 'CountryCode' => $this->country));
$request['RequestedShipment']['RateRequestTypes'] = 'LIST';
$request['RequestedShipment']['PackageDetail'] = 'INDIVIDUAL_PACKAGES';
$request['RequestedShipment']['RequestedPackageLineItems'] = array();
$dimensions_failed = false;
// check for ready to ship field
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_READY_TO_SHIP == 'true') {
$products = $_SESSION['cart']->get_products();
$packages = array('default' => 0);
$product_dim_type = 'in';
$new_shipping_num_boxes = 0;
foreach ($products as $product) {
$dimensions_query = "SELECT products_ready_to_ship, products_ship_sep FROM " . TABLE_PRODUCTS . " \r\n WHERE products_id = " . (int) $product['id'] . " \r\n LIMIT 1;";
$dimensions = tep_db_query($dimensions_query);
if ($product_dimensions = tep_db_fetch_array($dimensions)) {
if ($product_dimensions['products_ready_to_ship'] == 1 || $product_dimensions['products_ship_sep'] == 1) {
for ($i = 1; $i <= $product['quantity']; $i++) {
$packages[] = array('weight' => $product['weight']);
}
} else {
$packages['default'] += $product['weight'] * $product['quantity'];
}
}
}
if (count($packages) > 1) {
$za_tare_array = preg_split("/[:,]/", SHIPPING_BOX_WEIGHT);
$zc_tare_percent = $za_tare_array[0];
$zc_tare_weight = $za_tare_array[1];
$za_large_array = preg_split("/[:,]/", SHIPPING_BOX_PADDING);
$zc_large_percent = $za_large_array[0];
$zc_large_weight = $za_large_array[1];
}
foreach ($packages as $id => $values) {
if ($id === 'default') {
// divide the weight by the max amount to be shipped (can be done inside loop as this occurance should only ever happen once
// note $values is not an array
if ($values == 0) {
continue;
}
$shipping_num_boxes = ceil((double) $values / (double) SHIPPING_MAX_WEIGHT);
if ($shipping_num_boxes < 1) {
$shipping_num_boxes = 1;
}
$shipping_weight = round((double) $values / $shipping_num_boxes, 2);
// 2 decimal places max
for ($i = 0; $i < $shipping_num_boxes; $i++) {
$new_shipping_num_boxes++;
if (SHIPPING_MAX_WEIGHT <= $shipping_weight) {
$shipping_weight = $shipping_weight + $shipping_weight * ($zc_large_percent / 100) + $zc_large_weight;
} else {
$shipping_weight = $shipping_weight + $shipping_weight * ($zc_tare_percent / 100) + $zc_tare_weight;
}
if ($shipping_weight <= 0) {
$shipping_weight = 0.1;
}
$new_shipping_weight += $shipping_weight;
$request['RequestedShipment']['RequestedPackageLineItems'][] = array('Weight' => array('Value' => $shipping_weight, 'Units' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_WEIGHT));
}
} else {
// note $values is an array
$new_shipping_num_boxes++;
if ($values['weight'] <= 0) {
$values['weight'] = 0.1;
}
$new_shipping_weight += $values['weight'];
$request['RequestedShipment']['RequestedPackageLineItems'][] = array('Weight' => array('Value' => $values['weight'], 'Units' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_WEIGHT));
}
}
$shipping_num_boxes = $new_shipping_num_boxes;
if (!$shipping_num_boxes || $shipping_num_boxes == 0) {
$shipping_num_boxes = 1;
}
$shipping_weight = round($new_shipping_weight / $shipping_num_boxes, 2);
} else {
// Zen Cart default method for calculating number of packages
if ($shipping_weight == 0) {
$shipping_weight = 0.1;
}
for ($i = 0; $i < $shipping_num_boxes; $i++) {
$request['RequestedShipment']['RequestedPackageLineItems'][] = array('Weight' => array('Value' => $shipping_weight, 'Units' => MODULE_SHIPPING_FEDEX_WEB_SERVICES_WEIGHT));
}
}
$request['RequestedShipment']['PackageCount'] = $shipping_num_boxes;
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_SATURDAY == 'true') {
$request['RequestedShipment']['ServiceOptionType'] = 'SATURDAY_DELIVERY';
}
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_SIGNATURE_OPTION >= 0 && $totals >= MODULE_SHIPPING_FEDEX_WEB_SERVICES_SIGNATURE_OPTION) {
$request['RequestedShipment']['SpecialServicesRequested'] = 'SIGNATURE_OPTION';
}
// echo '<!-- shippingWeight: ' . $shipping_weight . ' ' . $shipping_num_boxes . ' -->';
// echo '<!-- ';
// echo '<pre>';
// print_r($request);
// echo '</pre>';
// echo ' -->';
$response = $client->getRates($request);
// echo '<!-- ';
// echo '<pre>';
// print_r($response);
// echo '</pre>';
// echo ' -->';
if ($response->HighestSeverity != 'FAILURE' && $response->HighestSeverity != 'ERROR' && is_array($response->RateReplyDetails) || is_object($response->RateReplyDetails)) {
if (is_object($response->RateReplyDetails)) {
$response->RateReplyDetails = get_object_vars($response->RateReplyDetails);
}
// echo '<pre>';
// print_r($response->RateReplyDetails);
// echo '</pre>';
$show_box_weight = " (Total items: " . $shipping_num_boxes . ' pcs. Total weight: ' . number_format($shipping_weight * $shipping_num_boxes, 2) . ' ' . strtolower(MODULE_SHIPPING_FEDEX_WEB_SERVICES_WEIGHT) . 's.)';
$this->quotes = array('id' => $this->code, 'module' => $this->title . $show_box_weight, 'info' => $this->info());
// echo '<pre>';
// print_r($response->RateReplyDetails);
// echo '</pre>';
// EXIT();
$methods = array();
// echo '<pre>';
// print_r($this->types);
// echo '</pre>';
foreach ($response->RateReplyDetails as $rateReply) {
if (array_key_exists($rateReply->ServiceType, $this->types) && ($method == '' || str_replace('_', '', $rateReply->ServiceType) == $method)) {
if (MODULE_SHIPPING_FEDEX_WEB_SERVICES_RATES == 'LIST') {
foreach ($rateReply->RatedShipmentDetails as $ShipmentRateDetail) {
if ($ShipmentRateDetail->ShipmentRateDetail->RateType == 'PAYOR_LIST_PACKAGE') {
$cost = $ShipmentRateDetail->ShipmentRateDetail->TotalNetCharge->Amount;
$cost = (double) round(preg_replace('/[^0-9.]/', '', $cost), 2);
}
}
} else {
$cost = $rateReply->RatedShipmentDetails[0]->ShipmentRateDetail->TotalNetCharge->Amount;
$cost = (double) round(preg_replace('/[^0-9.]/', '', $cost), 2);
}
if (in_array($rateReply->ServiceType, array('GROUND_HOME_DELIVERY', 'FEDEX_GROUND', 'INTERNATIONAL_GROUND'))) {
// print_r($rateReply);
$transitTime = ' (' . str_replace(array('_', 'one', 'two', 'three', 'four', 'five', 'six', 'seven', 'eight', 'nine', 'ten', 'eleven', 'twelve', 'thirteen', 'fourteeen'), array(' ', 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14), strtolower($rateReply->TransitTime)) . ')';
}
$methods[] = array('id' => str_replace('_', '', $rateReply->ServiceType), 'title' => ucwords(strtolower(str_replace('_', ' ', $rateReply->ServiceType))) . $transitTime, 'cost' => $cost + (strpos($this->types[$rateReply->ServiceType]['handling_fee'], '%') ? $cost * (double) $this->types[$rateReply->ServiceType]['handling_fee'] / 100 : (double) $this->types[$rateReply->ServiceType]['handling_fee']));
}
}
// usort($methods, 'cmp');
$this->quotes['methods'] = $methods;
if ($this->tax_class > 0) {
$this->quotes['tax'] = tep_get_tax_rate($this->tax_class, $order->delivery['country']['id'], $order->delivery['zone_id']);
}
} else {
$message = 'Error in processing transaction.<br /><br />';
foreach ($response->Notifications as $notification) {
if (is_array($response->Notifications)) {
$message .= $notification->Severity;
$message .= ': ';
$message .= $notification->Message . '<br />';
} else {
$message .= $notification->Message . '<br />';
}
}
$this->quotes = array('module' => $this->title, 'error' => $message);
}
// po box hack by JD
if (eregi("^P(.+)O(.+)BOX", $order->delivery['street_address']) || eregi("^PO BOX", $order->delivery['street_address']) || eregi("^P(.+)O(.+)BOX", $order->delivery['suburb']) || eregi("^[A-Z]PO", $order->delivery['street_address']) || eregi("^[A-Z]PO", $order->delivery['suburb'])) {
$this->quotes = array('module' => $this->title, 'error' => '<font size=+2 color=red><b>Federal Express cannot ship to Post Office Boxes.<b></font><br>Use the Change Address button above to use a FedEx accepted street address.');
}
// end po box hack by JD
if (tep_not_null($this->icon)) {
$this->quotes['icon'] = tep_image($this->icon, $this->title);
}
// echo '<!-- Quotes: ';
// print_r($this->quotes);
// print_r($_SESSION['shipping']);
// echo ' -->';
return $this->quotes;
}
function setShippingMethod($method = '')
{
global $shipping_modules, $language, $order, $cart, $shipping, $onepage;
if (defined('MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING') && MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING == 'true') {
$pass = false;
switch (MODULE_ORDER_TOTAL_SHIPPING_DESTINATION) {
case 'national':
if ($order->delivery['country_id'] == STORE_COUNTRY) {
$pass = true;
}
break;
case 'international':
if ($order->delivery['country_id'] != STORE_COUNTRY) {
$pass = true;
}
break;
case 'both':
$pass = true;
break;
}
// disable free shipping for Alaska and Hawaii
$zone_code = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], '');
if (in_array($zone_code, array('AK', 'HI'))) {
$pass = false;
}
$free_shipping = false;
if ($pass == true && $order->info['total'] >= MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER) {
$free_shipping = true;
include DIR_WS_LANGUAGES . $language . '/modules/order_total/ot_shipping.php';
}
} else {
$free_shipping = false;
}
if (!tep_session_is_registered('shipping')) {
tep_session_register('shipping');
}
$shipping = false;
$onepage['info']['shipping_method'] = false;
if (tep_count_shipping_modules() > 0 || $free_shipping == true) {
if (strpos($method, '_')) {
$shipping = $method;
list($module, $method) = explode('_', $shipping);
global ${$module};
if (is_object(${$module}) || $shipping == 'free_free') {
$quote = $shipping_modules->quote($method, $module);
if (isset($quote['error'])) {
unset($shipping);
} else {
if (isset($quote[0]['methods'][0]['title']) && isset($quote[0]['methods'][0]['cost']) || $shipping == 'free_free') {
$shipping = array('id' => $shipping, 'title' => $shipping == 'free_free' ? FREE_SHIPPING_TITLE : $quote[0]['module'], 'description' => $shipping == 'free_free' ? FREE_SHIPPING_TITLE : $quote[0]['module'] . ':<br />' . $quote[0]['methods'][0]['title'], 'cost' => $shipping == 'free_free' ? '0' : $quote[0]['methods'][0]['cost']);
$onepage['info']['shipping_method'] = $shipping;
}
}
} else {
unset($shipping);
}
}
}
return '{
"success": "true"
}';
}
function before_process()
{
global $order, $order_totals, $sendto, $response_array;
if (isset($_POST['cc_owner']) && !empty($_POST['cc_owner']) && isset($_POST['cc_type']) && $this->isCardAccepted($_POST['cc_type']) && isset($_POST['cc_number_nh-dns']) && !empty($_POST['cc_number_nh-dns'])) {
if (MODULE_PAYMENT_PAYPAL_PRO_DP_TRANSACTION_SERVER == 'Live') {
$api_url = 'https://api-3t.paypal.com/nvp';
} else {
$api_url = 'https://api-3t.sandbox.paypal.com/nvp';
}
$params = array('USER' => MODULE_PAYMENT_PAYPAL_PRO_DP_API_USERNAME, 'PWD' => MODULE_PAYMENT_PAYPAL_PRO_DP_API_PASSWORD, 'VERSION' => $this->api_version, 'SIGNATURE' => MODULE_PAYMENT_PAYPAL_PRO_DP_API_SIGNATURE, 'METHOD' => 'DoDirectPayment', 'PAYMENTACTION' => MODULE_PAYMENT_PAYPAL_PRO_DP_TRANSACTION_METHOD == 'Sale' ? 'Sale' : 'Authorization', 'IPADDRESS' => tep_get_ip_address(), 'AMT' => $this->format_raw($order->info['total']), 'CREDITCARDTYPE' => $_POST['cc_type'], 'ACCT' => $_POST['cc_number_nh-dns'], 'EXPDATE' => $_POST['cc_expires_month'] . $_POST['cc_expires_year'], 'CVV2' => $_POST['cc_cvc_nh-dns'], 'FIRSTNAME' => substr($_POST['cc_owner'], 0, strpos($_POST['cc_owner'], ' ')), 'LASTNAME' => substr($_POST['cc_owner'], strpos($_POST['cc_owner'], ' ') + 1), 'STREET' => $order->billing['street_address'], 'CITY' => $order->billing['city'], 'STATE' => tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), 'COUNTRYCODE' => $order->billing['country']['iso_code_2'], 'ZIP' => $order->billing['postcode'], 'EMAIL' => $order->customer['email_address'], 'SHIPTOPHONENUM' => $order->customer['telephone'], 'CURRENCYCODE' => $order->info['currency'], 'BUTTONSOURCE' => 'OSCOM23_DP');
if ($_POST['cc_type'] == 'MAESTRO') {
$params['STARTDATE'] = $_POST['cc_starts_month'] . $_POST['cc_starts_year'];
$params['ISSUENUMBER'] = $_POST['cc_issue_nh-dns'];
}
if (is_numeric($sendto) && $sendto > 0) {
$params['SHIPTONAME'] = $order->delivery['firstname'] . ' ' . $order->delivery['lastname'];
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRYCODE'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$item_params = array();
$line_item_no = 0;
foreach ($order->products as $product) {
$item_params['L_NAME' . $line_item_no] = $product['name'];
$item_params['L_AMT' . $line_item_no] = $this->format_raw($product['final_price']);
$item_params['L_NUMBER' . $line_item_no] = $product['id'];
$item_params['L_QTY' . $line_item_no] = $product['qty'];
$line_item_no++;
}
$items_total = $this->format_raw($order->info['subtotal']);
foreach ($order_totals as $ot) {
if (!in_array($ot['code'], array('ot_subtotal', 'ot_shipping', 'ot_tax', 'ot_total'))) {
$item_params['L_NAME' . $line_item_no] = $ot['title'];
$item_params['L_AMT' . $line_item_no] = $this->format_raw($ot['value']);
$items_total += $this->format_raw($ot['value']);
$line_item_no++;
}
}
$item_params['ITEMAMT'] = $items_total;
$item_params['TAXAMT'] = $this->format_raw($order->info['tax']);
$item_params['SHIPPINGAMT'] = $this->format_raw($order->info['shipping_cost']);
if ($this->format_raw($item_params['ITEMAMT'] + $item_params['TAXAMT'] + $item_params['SHIPPINGAMT']) == $params['AMT']) {
$params = array_merge($params, $item_params);
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(utf8_encode(trim($value))) . '&';
}
$post_string = substr($post_string, 0, -1);
$response = $this->sendTransactionToGateway($api_url, $post_string);
$response_array = array();
parse_str($response, $response_array);
if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') {
$this->sendDebugEmail($response_array);
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']), 'SSL'));
}
} else {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_message=' . MODULE_PAYMENT_PAYPAL_PRO_DP_ERROR_ALL_FIELDS_REQUIRED, 'SSL'));
}
}
function before_process()
{
global $HTTP_GET_VARS, $HTTP_POST_VARS, $customer_id, $order, $currency, $order_totals, $cartID, $sage_pay_response;
$transaction_response = null;
$sage_pay_response = null;
$error = null;
if (isset($HTTP_GET_VARS['check'])) {
if ($HTTP_GET_VARS['check'] == '3D' && isset($HTTP_POST_VARS['MD']) && tep_not_null($HTTP_POST_VARS['MD']) && isset($HTTP_POST_VARS['PaRes']) && tep_not_null($HTTP_POST_VARS['PaRes'])) {
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_SERVER == 'Live') {
$gateway_url = 'https://live.sagepay.com/gateway/service/direct3dcallback.vsp';
} else {
$gateway_url = 'https://test.sagepay.com/gateway/service/direct3dcallback.vsp';
}
$post_string = 'MD=' . $HTTP_POST_VARS['MD'] . '&PARes=' . $HTTP_POST_VARS['PaRes'];
$transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string);
} elseif ($HTTP_GET_VARS['check'] == 'PAYPAL' && isset($HTTP_POST_VARS['Status'])) {
if ($HTTP_POST_VARS['Status'] == 'PAYPALOK' && isset($HTTP_POST_VARS['VPSTxId']) && isset($HTTP_POST_VARS['CustomerEMail']) && isset($HTTP_POST_VARS['PayerID'])) {
$params = array('VPSProtocol' => $this->api_version, 'TxType' => 'COMPLETE', 'VPSTxId' => $HTTP_POST_VARS['VPSTxId'], 'Amount' => $this->format_raw($order->info['total']), 'Accept' => 'YES');
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_SERVER == 'Live') {
$gateway_url = 'https://live.sagepay.com/gateway/service/complete.vsp';
} else {
$gateway_url = 'https://test.sagepay.com/gateway/service/complete.vsp';
}
$transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string);
} elseif (isset($HTTP_POST_VARS['StatusDetail']) && $HTTP_POST_VARS['StatusDetail'] == 'Paypal transaction cancelled by client.') {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, '', 'SSL'));
}
}
} else {
$sagepay_token = null;
$sagepay_token_cvc = null;
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_TOKENS == 'True') {
if (isset($HTTP_POST_VARS['sagepay_card']) && is_numeric($HTTP_POST_VARS['sagepay_card']) && $HTTP_POST_VARS['sagepay_card'] > 0) {
$token_query = tep_db_query("select sagepay_token from customers_sagepay_tokens where id = '" . (int) $HTTP_POST_VARS['sagepay_card'] . "' and customers_id = '" . (int) $customer_id . "'");
if (tep_db_num_rows($token_query) == 1) {
$token = tep_db_fetch_array($token_query);
$sagepay_token = $token['sagepay_token'];
if (isset($HTTP_POST_VARS['cc_cvc_tokens_nh-dns']) && is_array($HTTP_POST_VARS['cc_cvc_tokens_nh-dns']) && isset($HTTP_POST_VARS['cc_cvc_tokens_nh-dns'][$HTTP_POST_VARS['sagepay_card']])) {
$sagepay_token_cvc = substr($HTTP_POST_VARS['cc_cvc_tokens_nh-dns'][$HTTP_POST_VARS['sagepay_card']], 0, 4);
}
}
}
}
if (!isset($sagepay_token)) {
$cc_type = isset($HTTP_POST_VARS['cc_type']) ? substr($HTTP_POST_VARS['cc_type'], 0, 15) : null;
if (!isset($cc_type) || $this->isCard($cc_type) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardtype', 'SSL'));
}
if ($cc_type != 'PAYPAL') {
$cc_owner = isset($HTTP_POST_VARS['cc_owner']) ? substr($HTTP_POST_VARS['cc_owner'], 0, 50) : null;
$cc_number = isset($HTTP_POST_VARS['cc_number_nh-dns']) ? substr(preg_replace('/[^0-9]/', '', $HTTP_POST_VARS['cc_number_nh-dns']), 0, 20) : null;
$cc_start = null;
$cc_expires = null;
$cc_issue = isset($HTTP_POST_VARS['cc_issue_nh-dns']) ? substr($HTTP_POST_VARS['cc_issue_nh-dns'], 0, 2) : null;
$cc_cvc = isset($HTTP_POST_VARS['cc_cvc_nh-dns']) ? substr($HTTP_POST_VARS['cc_cvc_nh-dns'], 0, 4) : null;
$today = getdate();
$months_array = array();
for ($i = 1; $i < 13; $i++) {
$months_array[] = sprintf('%02d', $i);
}
$year_valid_to_array = array();
for ($i = $today['year']; $i < $today['year'] + 10; $i++) {
$year_valid_to_array[] = strftime('%y', mktime(0, 0, 0, 1, 1, $i));
}
$year_valid_from_array = array();
for ($i = $today['year'] - 4; $i < $today['year'] + 1; $i++) {
$year_valid_from_array[] = strftime('%y', mktime(0, 0, 0, 1, 1, $i));
}
if (!isset($cc_owner) || empty($cc_owner)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardowner', 'SSL'));
}
if (!isset($cc_number) || is_numeric($cc_number) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardnumber', 'SSL'));
}
if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'AMEX' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_AMEX == 'True') {
if (!isset($HTTP_POST_VARS['cc_starts_month']) || !in_array($HTTP_POST_VARS['cc_starts_month'], $months_array)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardstart', 'SSL'));
}
if (!isset($HTTP_POST_VARS['cc_starts_year']) || !in_array($HTTP_POST_VARS['cc_starts_year'], $year_valid_from_array)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardstart', 'SSL'));
}
$cc_start = substr($HTTP_POST_VARS['cc_starts_month'] . $HTTP_POST_VARS['cc_starts_year'], 0, 4);
}
if (!isset($HTTP_POST_VARS['cc_expires_month']) || !in_array($HTTP_POST_VARS['cc_expires_month'], $months_array)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL'));
}
if (!isset($HTTP_POST_VARS['cc_expires_year']) || !in_array($HTTP_POST_VARS['cc_expires_year'], $year_valid_to_array)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL'));
}
if ($HTTP_POST_VARS['cc_expires_year'] == date('y') && $HTTP_POST_VARS['cc_expires_month'] < date('m')) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL'));
}
$cc_expires = substr($HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 0, 4);
if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True') {
if (!isset($cc_issue) || empty($cc_issue)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardissue', 'SSL'));
}
}
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_VERIFY_WITH_CVC == 'True') {
if (!isset($cc_cvc) || empty($cc_cvc)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardcvc', 'SSL'));
}
}
}
}
$params = array('VPSProtocol' => $this->api_version, 'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802', 'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_DIRECT_VENDOR_LOGIN_NAME, 0, 15), 'VendorTxCode' => substr(date('YmdHis') . '-' . $customer_id . '-' . $cartID, 0, 40), 'Amount' => $this->format_raw($order->info['total']), 'Currency' => $currency, 'Description' => substr(STORE_NAME, 0, 100), 'BillingSurname' => substr($order->billing['lastname'], 0, 20), 'BillingFirstnames' => substr($order->billing['firstname'], 0, 20), 'BillingAddress1' => substr($order->billing['street_address'], 0, 100), 'BillingCity' => substr($order->billing['city'], 0, 40), 'BillingPostCode' => substr($order->billing['postcode'], 0, 10), 'BillingCountry' => $order->billing['country']['iso_code_2'], 'BillingPhone' => substr($order->customer['telephone'], 0, 20), 'DeliverySurname' => substr($order->delivery['lastname'], 0, 20), 'DeliveryFirstnames' => substr($order->delivery['firstname'], 0, 20), 'DeliveryAddress1' => substr($order->delivery['street_address'], 0, 100), 'DeliveryCity' => substr($order->delivery['city'], 0, 40), 'DeliveryPostCode' => substr($order->delivery['postcode'], 0, 10), 'DeliveryCountry' => $order->delivery['country']['iso_code_2'], 'DeliveryPhone' => substr($order->customer['telephone'], 0, 20), 'CustomerEMail' => substr($order->customer['email_address'], 0, 255), 'Apply3DSecure' => '0', 'VendorData' => 'Customer ID ' . $customer_id);
if (isset($sagepay_token)) {
$params['Token'] = $sagepay_token;
$params['StoreToken'] = '1';
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_VERIFY_WITH_CVC == 'True') {
$params['CV2'] = $sagepay_token_cvc;
}
} else {
$params['CardType'] = $cc_type;
if ($cc_type == 'PAYPAL') {
$params['PayPalCallbackURL'] = tep_href_link(FILENAME_CHECKOUT_PROCESS, 'check=PAYPAL', 'SSL');
} else {
$params['CardHolder'] = $cc_owner;
$params['CardNumber'] = $cc_number;
$params['ExpiryDate'] = $cc_expires;
$params['CreateToken'] = MODULE_PAYMENT_SAGE_PAY_DIRECT_TOKENS == 'True' && isset($HTTP_POST_VARS['cc_save']) && $HTTP_POST_VARS['cc_save'] == 'true' ? '1' : '0';
if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'AMEX' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_AMEX == 'True') {
$params['StartDate'] = $cc_start;
}
if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True') {
$params['IssueNumber'] = $cc_issue;
}
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_VERIFY_WITH_CVC == 'True') {
$params['CV2'] = $cc_cvc;
}
}
}
$ip_address = tep_get_ip_address();
if (!empty($ip_address) && ip2long($ip_address) != -1 && ip2long($ip_address) != false) {
$params['ClientIPAddress'] = $ip_address;
}
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_METHOD == 'Payment') {
$params['TxType'] = 'PAYMENT';
} elseif (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_METHOD == 'Deferred') {
$params['TxType'] = 'DEFERRED';
} else {
$params['TxType'] = 'AUTHENTICATE';
}
if ($params['BillingCountry'] == 'US') {
$params['BillingState'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], '');
}
if ($params['DeliveryCountry'] == 'US') {
$params['DeliveryState'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], '');
}
$contents = array();
foreach ($order->products as $product) {
$product_name = $product['name'];
if (isset($product['attributes'])) {
foreach ($product['attributes'] as $att) {
$product_name .= '; ' . $att['option'] . '=' . $att['value'];
}
}
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', $product_name) . ':' . $product['qty'] . ':' . $this->format_raw($product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price'] + $product['final_price']) . ':' . $this->format_raw(($product['tax'] / 100 * $product['final_price'] + $product['final_price']) * $product['qty']);
}
foreach ($order_totals as $ot) {
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', strip_tags($ot['title'])) . ':---:---:---:---:' . $this->format_raw($ot['value']);
}
$params['Basket'] = substr(sizeof($contents) . ':' . implode(':', $contents), 0, 7500);
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_SERVER == 'Live') {
$gateway_url = 'https://live.sagepay.com/gateway/service/vspdirect-register.vsp';
} else {
$gateway_url = 'https://test.sagepay.com/gateway/service/vspdirect-register.vsp';
}
$transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string);
}
$string_array = explode(chr(10), $transaction_response);
$sage_pay_response = array();
foreach ($string_array as $string) {
if (strpos($string, '=') != false) {
$parts = explode('=', $string, 2);
$sage_pay_response[trim($parts[0])] = trim($parts[1]);
}
}
if (isset($params['CreateToken']) && $params['CreateToken'] == '1') {
global $sagepay_token_cc_type, $sagepay_token_cc_number, $sagepay_token_cc_expiry_date;
tep_session_register('sagepay_token_cc_type');
$sagepay_token_cc_type = $params['CardType'];
tep_session_register('sagepay_token_cc_number');
$sagepay_token_cc_number = str_repeat('X', strlen($params['CardNumber']) - 4) . substr($params['CardNumber'], -4);
tep_session_register('sagepay_token_cc_expiry_date');
$sagepay_token_cc_expiry_date = $params['ExpiryDate'];
}
if ($sage_pay_response['Status'] == '3DAUTH') {
global $sage_pay_direct_acsurl, $sage_pay_direct_pareq, $sage_pay_direct_md;
tep_session_register('sage_pay_direct_acsurl');
$sage_pay_direct_acsurl = $sage_pay_response['ACSURL'];
tep_session_register('sage_pay_direct_pareq');
$sage_pay_direct_pareq = $sage_pay_response['PAReq'];
tep_session_register('sage_pay_direct_md');
$sage_pay_direct_md = $sage_pay_response['MD'];
tep_redirect(tep_href_link('ext/modules/payment/sage_pay/checkout.php', '', 'SSL'));
}
if ($sage_pay_response['Status'] == 'PPREDIRECT') {
tep_redirect($sage_pay_response['PayPalRedirectURL']);
}
if ($sage_pay_response['Status'] != 'OK' && $sage_pay_response['Status'] != 'AUTHENTICATED' && $sage_pay_response['Status'] != 'REGISTERED') {
$this->sendDebugEmail($sage_pay_response);
$error = $this->getErrorMessageNumber($sage_pay_response['StatusDetail']);
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL'));
}
}
function before_process_payflow()
{
global $cartID, $order, $order_totals, $sendto, $response_array;
if (isset($_POST['cc_owner']) && !empty($_POST['cc_owner']) && isset($_POST['cc_type']) && $this->isCardAccepted($_POST['cc_type']) && isset($_POST['cc_number_nh-dns']) && !empty($_POST['cc_number_nh-dns'])) {
$params = array('AMT' => $this->_app->formatCurrencyRaw($order->info['total']), 'CURRENCY' => $order->info['currency'], 'BILLTOFIRSTNAME' => substr($_POST['cc_owner'], 0, strpos($_POST['cc_owner'], ' ')), 'BILLTOLASTNAME' => substr($_POST['cc_owner'], strpos($_POST['cc_owner'], ' ') + 1), 'BILLTOSTREET' => $order->billing['street_address'], 'BILLTOCITY' => $order->billing['city'], 'BILLTOSTATE' => tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), 'BILLTOCOUNTRY' => $order->billing['country']['iso_code_2'], 'BILLTOZIP' => $order->billing['postcode'], 'EMAIL' => $order->customer['email_address'], 'ACCT' => $_POST['cc_number_nh-dns'], 'EXPDATE' => $_POST['cc_expires_month'] . $_POST['cc_expires_year'], 'CVV2' => $_POST['cc_cvc_nh-dns']);
if (is_numeric($sendto) && $sendto > 0) {
$params['SHIPTOFIRSTNAME'] = $order->delivery['firstname'];
$params['SHIPTOLASTNAME'] = $order->delivery['lastname'];
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRY'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$item_params = array();
$line_item_no = 0;
foreach ($order->products as $product) {
$item_params['L_NAME' . $line_item_no] = $product['name'];
$item_params['L_COST' . $line_item_no] = $this->_app->formatCurrencyRaw($product['final_price']);
$item_params['L_QTY' . $line_item_no] = $product['qty'];
$line_item_no++;
}
$items_total = $this->_app->formatCurrencyRaw($order->info['subtotal']);
foreach ($order_totals as $ot) {
if (!in_array($ot['code'], array('ot_subtotal', 'ot_shipping', 'ot_tax', 'ot_total'))) {
$item_params['L_NAME' . $line_item_no] = $ot['title'];
$item_params['L_COST' . $line_item_no] = $this->_app->formatCurrencyRaw($ot['value']);
$item_params['L_QTY' . $line_item_no] = 1;
$items_total += $this->_app->formatCurrencyRaw($ot['value']);
$line_item_no++;
}
}
$item_params['ITEMAMT'] = $items_total;
$item_params['TAXAMT'] = $this->_app->formatCurrencyRaw($order->info['tax']);
$item_params['FREIGHTAMT'] = $this->_app->formatCurrencyRaw($order->info['shipping_cost']);
if ($this->_app->formatCurrencyRaw($item_params['ITEMAMT'] + $item_params['TAXAMT'] + $item_params['FREIGHTAMT']) == $params['AMT']) {
$params = array_merge($params, $item_params);
}
$params['_headers'] = array('X-VPS-REQUEST-ID: ' . md5($cartID . tep_session_id() . $this->_app->formatCurrencyRaw($order->info['total'])), 'X-VPS-CLIENT-TIMEOUT: 45', 'X-VPS-VIT-INTEGRATION-PRODUCT: OSCOM', 'X-VPS-VIT-INTEGRATION-VERSION: 2.3');
$response_array = $this->_app->getApiResult('DP', 'PayflowPayment', $params);
if ($response_array['RESULT'] != '0') {
switch ($response_array['RESULT']) {
case '1':
case '26':
$error_message = $this->_app->getDef('module_dp_error_configuration');
break;
case '7':
$error_message = $this->_app->getDef('module_dp_error_address');
break;
case '12':
$error_message = $this->_app->getDef('module_dp_error_declined');
break;
case '23':
case '24':
$error_message = $this->_app->getDef('module_dp_error_invalid_card');
break;
default:
$error_message = $this->_app->getDef('module_dp_error_general');
break;
}
tep_redirect(tep_href_link('checkout_confirmation.php', 'error_message=' . $error_message, 'SSL'));
}
} else {
tep_redirect(tep_href_link('checkout_confirmation.php', 'error_message=' . $this->_app->getDef('module_dp_error_all_fields_required'), 'SSL'));
}
}
function before_process()
{
global $HTTP_GET_VARS, $HTTP_POST_VARS, $sage_pay_server_securitykey, $sage_pay_server_nexturl, $customer_id, $order, $currency, $order_totals, $cartID;
$error = null;
if (isset($HTTP_GET_VARS['check']) && $HTTP_GET_VARS['check'] == 'SERVER') {
$sig = $HTTP_POST_VARS['VPSTxId'] . $HTTP_POST_VARS['VendorTxCode'] . $HTTP_POST_VARS['Status'];
if ($HTTP_POST_VARS['Status'] == 'OK') {
$sig .= $HTTP_POST_VARS['TxAuthNo'];
}
$sig .= substr(MODULE_PAYMENT_SAGE_PAY_SERVER_VENDOR_LOGIN_NAME, 0, 15);
if ($HTTP_POST_VARS['Status'] != 'AUTHENTICATED' && $HTTP_POST_VARS['Status'] != 'REGISTERED') {
$sig .= $HTTP_POST_VARS['AVSCV2'];
}
$sig .= $sage_pay_server_securitykey;
if ($HTTP_POST_VARS['Status'] != 'AUTHENTICATED' && $HTTP_POST_VARS['Status'] != 'REGISTERED') {
$sig .= $HTTP_POST_VARS['AddressResult'] . $HTTP_POST_VARS['PostCodeResult'] . $HTTP_POST_VARS['CV2Result'];
}
$sig .= $HTTP_POST_VARS['GiftAid'] . $HTTP_POST_VARS['3DSecureStatus'];
if ($HTTP_POST_VARS['3DSecureStatus'] == 'OK') {
$sig .= $HTTP_POST_VARS['CAVV'];
}
if ($HTTP_POST_VARS['AddressStatus'] == 'NONE' || $HTTP_POST_VARS['AddressStatus'] == 'CONFIRMED' || $HTTP_POST_VARS['AddressStatus'] == 'UNCONFIRMED') {
$sig .= $HTTP_POST_VARS['AddressStatus'];
}
if ($HTTP_POST_VARS['PayerStatus'] == 'VERIFIED' || $HTTP_POST_VARS['PayerStatus'] == 'UNVERIFIED') {
$sig .= $HTTP_POST_VARS['PayerStatus'];
}
if (in_array($HTTP_POST_VARS['CardType'], array('VISA', 'MC', 'DELTA', 'SOLO', 'MAESTRO', 'UKE', 'AMEX', 'DC', 'JCB', 'SWITCH', 'LASER', 'PAYPAL'))) {
$sig .= $HTTP_POST_VARS['CardType'];
}
$sig .= $HTTP_POST_VARS['Last4Digits'];
if (isset($HTTP_POST_VARS['VPSSignature']) && $HTTP_POST_VARS['VPSSignature'] == strtoupper(md5($sig))) {
if ($HTTP_POST_VARS['Status'] != 'OK' && $HTTP_POST_VARS['Status'] != 'AUTHENTICATED' && $HTTP_POST_VARS['Status'] != 'REGISTERED') {
tep_session_unregister('sage_pay_server_securitykey');
tep_session_unregister('sage_pay_server_nexturl');
$error = $this->getErrorMessageNumber($HTTP_POST_VARS['StatusDetail']);
if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE == 'Normal') {
$error_url = tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : '') . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false);
} else {
$error_url = tep_href_link('ext/modules/payment/sage_pay/redirect.php', 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : '') . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false);
}
$result = 'Status=OK' . chr(13) . chr(10) . 'RedirectURL=' . $error_url;
} else {
$result = 'Status=OK' . chr(13) . chr(10) . 'RedirectURL=' . tep_href_link(FILENAME_CHECKOUT_PROCESS, 'check=PROCESS&key=' . md5($sage_pay_server_securitykey) . '&VPSTxId=' . $HTTP_POST_VARS['VPSTxId'] . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false);
}
} else {
tep_session_unregister('sage_pay_server_securitykey');
tep_session_unregister('sage_pay_server_nexturl');
$error = $this->getErrorMessageNumber($HTTP_POST_VARS['StatusDetail']);
if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE == 'Normal') {
$error_url = tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : '') . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false);
} else {
$error_url = tep_href_link('ext/modules/payment/sage_pay/redirect.php', 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : '') . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false);
}
$result = 'Status=INVALID' . chr(13) . chr(10) . 'RedirectURL=' . $error_url;
}
echo $result;
exit;
} elseif (isset($HTTP_GET_VARS['check']) && $HTTP_GET_VARS['check'] == 'PROCESS') {
if ($HTTP_GET_VARS['key'] == md5($sage_pay_server_securitykey)) {
tep_session_unregister('sage_pay_server_securitykey');
tep_session_unregister('sage_pay_server_nexturl');
if (isset($HTTP_GET_VARS['VPSTxId'])) {
$order->info['comments'] = 'Sage Pay Reference ID: ' . $HTTP_GET_VARS['VPSTxId'] . (tep_not_null($order->info['comments']) ? "\n\n" . $order->info['comments'] : '');
}
return true;
}
} else {
$params = array('VPSProtocol' => '2.23', 'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802', 'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_SERVER_VENDOR_LOGIN_NAME, 0, 15), 'VendorTxCode' => substr(date('YmdHis') . '-' . $customer_id . '-' . $cartID, 0, 40), 'Amount' => $this->format_raw($order->info['total']), 'Currency' => $currency, 'Description' => substr(STORE_NAME, 0, 100), 'NotificationURL' => tep_href_link(FILENAME_CHECKOUT_PROCESS, 'check=SERVER&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false), 'BillingSurname' => substr($order->billing['lastname'], 0, 20), 'BillingFirstnames' => substr($order->billing['firstname'], 0, 20), 'BillingAddress1' => substr($order->billing['street_address'], 0, 100), 'BillingCity' => substr($order->billing['city'], 0, 40), 'BillingPostCode' => substr($order->billing['postcode'], 0, 10), 'BillingCountry' => $order->billing['country']['iso_code_2'], 'BillingPhone' => substr($order->customer['telephone'], 0, 20), 'DeliverySurname' => substr($order->delivery['lastname'], 0, 20), 'DeliveryFirstnames' => substr($order->delivery['firstname'], 0, 20), 'DeliveryAddress1' => substr($order->delivery['street_address'], 0, 100), 'DeliveryCity' => substr($order->delivery['city'], 0, 40), 'DeliveryPostCode' => substr($order->delivery['postcode'], 0, 10), 'DeliveryCountry' => $order->delivery['country']['iso_code_2'], 'DeliveryPhone' => substr($order->customer['telephone'], 0, 20), 'CustomerEMail' => substr($order->customer['email_address'], 0, 255), 'Apply3DSecure' => '0');
$ip_address = tep_get_ip_address();
if (ip2long($ip_address) != -1 && ip2long($ip_address) != false) {
$params['ClientIPAddress'] = $ip_address;
}
if (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_METHOD == 'Payment') {
$params['TxType'] = 'PAYMENT';
} elseif (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_METHOD == 'Deferred') {
$params['TxType'] = 'DEFERRED';
} else {
$params['TxType'] = 'AUTHENTICATE';
}
if ($params['BillingCountry'] == 'US') {
$params['BillingState'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], '');
}
if ($params['DeliveryCountry'] == 'US') {
$params['DeliveryState'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], '');
}
if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE != 'Normal') {
$params['Profile'] = 'LOW';
}
$contents = array();
foreach ($order->products as $product) {
$product_name = $product['name'];
if (isset($product['attributes'])) {
foreach ($product['attributes'] as $att) {
$product_name .= '; ' . $att['option'] . '=' . $att['value'];
}
}
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', $product_name) . ':' . $product['qty'] . ':' . $this->format_raw($product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price'] + $product['final_price']) . ':' . $this->format_raw(($product['tax'] / 100 * $product['final_price'] + $product['final_price']) * $product['qty']);
}
foreach ($order_totals as $ot) {
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', strip_tags($ot['title'])) . ':---:---:---:---:' . $this->format_raw($ot['value']);
}
$params['Basket'] = substr(sizeof($contents) . ':' . implode(':', $contents), 0, 7500);
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
switch (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_SERVER) {
case 'Live':
$gateway_url = 'https://live.sagepay.com/gateway/service/vspserver-register.vsp';
break;
case 'Test':
$gateway_url = 'https://test.sagepay.com/gateway/service/vspserver-register.vsp';
break;
default:
$gateway_url = 'https://test.sagepay.com/Simulator/VSPServerGateway.asp?Service=VendorRegisterTx';
break;
}
$transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string);
$string_array = explode(chr(10), $transaction_response);
$return = array();
foreach ($string_array as $string) {
if (strpos($string, '=') != false) {
$parts = explode('=', $string, 2);
$return[trim($parts[0])] = trim($parts[1]);
}
}
if ($return['Status'] == 'OK') {
tep_session_register('sage_pay_server_securitykey');
$sage_pay_server_securitykey = $return['SecurityKey'];
tep_session_register('sage_pay_server_nexturl');
$sage_pay_server_nexturl = $return['NextURL'];
if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE == 'Normal') {
tep_redirect($return['NextURL']);
} else {
tep_redirect(tep_href_link('ext/modules/payment/sage_pay/checkout.php', '', 'SSL'));
}
} else {
$error = $this->getErrorMessageNumber($return['StatusDetail']);
}
}
tep_session_unregister('sage_pay_server_securitykey');
tep_session_unregister('sage_pay_server_nexturl');
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL'));
}
function before_process()
{
global $customer_id, $order, $sendto, $ppe_token, $ppe_payerid, $ppe_secret, $ppe_order_total_check, $HTTP_POST_VARS, $comments, $response_array;
if (!tep_session_is_registered('ppe_token')) {
tep_redirect(tep_href_link('ext/modules/payment/paypal/express.php', '', 'SSL'));
}
$response_array = $this->getExpressCheckoutDetails($ppe_token);
if ($response_array['ACK'] == 'Success' || $response_array['ACK'] == 'SuccessWithWarning') {
if (!tep_session_is_registered('ppe_secret') || $response_array['PAYMENTREQUEST_0_CUSTOM'] != $ppe_secret) {
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, '', 'SSL'));
} elseif ($response_array['PAYMENTREQUEST_0_AMT'] != $this->format_raw($order->info['total']) && !tep_session_is_registered('ppe_order_total_check')) {
tep_session_register('ppe_order_total_check');
$ppe_order_total_check = true;
tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, '', 'SSL'));
}
} else {
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']), 'SSL'));
}
if (tep_session_is_registered('ppe_order_total_check')) {
tep_session_unregister('ppe_order_total_check');
}
if (empty($comments)) {
if (isset($HTTP_POST_VARS['ppecomments']) && tep_not_null($HTTP_POST_VARS['ppecomments'])) {
$comments = tep_db_prepare_input($HTTP_POST_VARS['ppecomments']);
$order->info['comments'] = $comments;
}
}
$params = array('TOKEN' => $ppe_token, 'PAYERID' => $ppe_payerid, 'PAYMENTREQUEST_0_AMT' => $this->format_raw($order->info['total']), 'PAYMENTREQUEST_0_CURRENCYCODE' => $order->info['currency']);
if (is_numeric($sendto) && $sendto > 0) {
$params['PAYMENTREQUEST_0_SHIPTONAME'] = $order->delivery['firstname'] . ' ' . $order->delivery['lastname'];
$params['PAYMENTREQUEST_0_SHIPTOSTREET'] = $order->delivery['street_address'];
$params['PAYMENTREQUEST_0_SHIPTOCITY'] = $order->delivery['city'];
$params['PAYMENTREQUEST_0_SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE'] = $order->delivery['country']['iso_code_2'];
$params['PAYMENTREQUEST_0_SHIPTOZIP'] = $order->delivery['postcode'];
}
$response_array = $this->doExpressCheckoutPayment($params);
if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') {
if ($response_array['L_ERRORCODE0'] == '10486') {
if (MODULE_PAYMENT_PAYPAL_EXPRESS_TRANSACTION_SERVER == 'Live') {
$paypal_url = 'https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout';
} else {
$paypal_url = 'https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout';
}
$paypal_url .= '&token=' . $ppe_token . '&useraction=commit';
tep_redirect($paypal_url);
}
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']), 'SSL'));
}
}
$params['L_NUMBER' . $line_item_no] = $product['id'];
$params['L_QTY' . $line_item_no] = $product['qty'];
$product_tax = tep_calculate_tax($product['final_price'], $product['tax']);
$params['L_TAXAMT' . $line_item_no] = $paypal_express->format_raw($product_tax);
$tax_total += $paypal_express->format_raw($product_tax) * $product['qty'];
$items_total += $paypal_express->format_raw($product['final_price']) * $product['qty'];
$line_item_no++;
}
$params['ITEMAMT'] = $items_total;
$params['TAXAMT'] = $tax_total;
if (tep_not_null($order->delivery['firstname'])) {
$params['ADDROVERRIDE'] = '1';
$params['SHIPTONAME'] = $order->delivery['firstname'] . ' ' . $order->delivery['lastname'];
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRYCODE'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$quotes_array = array();
if ($cart->get_content_type() != 'virtual') {
$total_weight = $cart->show_weight();
$total_count = $cart->count_contents();
// load all enabled shipping modules
include DIR_WS_CLASSES . 'shipping.php';
$shipping_modules = new shipping();
$free_shipping = false;
if (defined('MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING') && MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING == 'true') {
$pass = false;
switch (MODULE_ORDER_TOTAL_SHIPPING_DESTINATION) {
case 'national':
function before_process()
{
global $customer_id, $order, $sendto, $ppeuk_token, $ppeuk_payerid, $ppeuk_secret, $ppeuk_order_total_check, $HTTP_POST_VARS, $comments, $response_array;
if (!tep_session_is_registered('ppeuk_token')) {
tep_redirect(tep_href_link('ext/modules/payment/paypal/express_payflow.php', '', 'SSL'));
}
$response_array = $this->getExpressCheckoutDetails($ppeuk_token);
if ($response_array['RESULT'] == '0') {
if (!tep_session_is_registered('ppeuk_secret') || $response_array['CUSTOM'] != $ppeuk_secret) {
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, '', 'SSL'));
} elseif (!tep_session_is_registered('ppeuk_order_total_check')) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, '', 'SSL'));
}
} else {
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, 'error_message=' . urlencode($response_array['OSCOM_ERROR_MESSAGE']), 'SSL'));
}
if (tep_session_is_registered('ppeuk_order_total_check')) {
tep_session_unregister('ppeuk_order_total_check');
}
if (empty($comments)) {
if (isset($HTTP_POST_VARS['ppecomments']) && tep_not_null($HTTP_POST_VARS['ppecomments'])) {
$comments = tep_db_prepare_input($HTTP_POST_VARS['ppecomments']);
$order->info['comments'] = $comments;
}
}
$params = array('EMAIL' => $order->customer['email_address'], 'TOKEN' => $ppeuk_token, 'PAYERID' => $ppeuk_payerid, 'AMT' => $this->format_raw($order->info['total']), 'CURRENCY' => $order->info['currency']);
if (is_numeric($sendto) && $sendto > 0) {
$params['SHIPTONAME'] = $order->delivery['firstname'] . ' ' . $order->delivery['lastname'];
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRY'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$response_array = $this->doExpressCheckoutPayment($params);
if ($response_array['RESULT'] != '0') {
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, 'error_message=' . urlencode($response_array['OSCOM_ERROR_MESSAGE']), 'SSL'));
}
}
function before_process()
{
global $customer_id, $order, $sendto, $ppe_token, $ppe_payerid, $HTTP_POST_VARS, $comments, $response_array;
if (empty($comments)) {
if (isset($HTTP_POST_VARS['ppecomments']) && tep_not_null($HTTP_POST_VARS['ppecomments'])) {
$comments = tep_db_prepare_input($HTTP_POST_VARS['ppecomments']);
$order->info['comments'] = $comments;
}
}
$params = array('TOKEN' => $ppe_token, 'PAYERID' => $ppe_payerid, 'AMT' => $this->format_raw($order->info['total']), 'CURRENCYCODE' => $order->info['currency']);
if (is_numeric($sendto) && $sendto > 0) {
$params['SHIPTONAME'] = $order->delivery['firstname'] . ' ' . $order->delivery['lastname'];
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRYCODE'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$response_array = $this->doExpressCheckoutPayment($params);
if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') {
tep_redirect(tep_href_link(FILENAME_SHOPPING_CART, 'error_message=' . stripslashes($response_array['L_LONGMESSAGE0']), 'SSL'));
}
}
function before_process()
{
global $HTTP_POST_VARS, $order, $sendto;
if (isset($HTTP_POST_VARS['cc_owner']) && $HTTP_POST_VARS['cc_owner'] != '' && isset($HTTP_POST_VARS['cc_type']) && isset($this->cc_types[$HTTP_POST_VARS['cc_type']]) && isset($HTTP_POST_VARS['cc_number_nh-dns']) && $HTTP_POST_VARS['cc_number_nh-dns'] != '') {
if (MODULE_PAYMENT_PAYPAL_DIRECT_TRANSACTION_SERVER == 'Live') {
$api_url = 'https://api-3t.paypal.com/nvp';
} else {
$api_url = 'https://api-3t.sandbox.paypal.com/nvp';
}
$params = array('USER' => MODULE_PAYMENT_PAYPAL_DIRECT_API_USERNAME, 'PWD' => MODULE_PAYMENT_PAYPAL_DIRECT_API_PASSWORD, 'VERSION' => '3.2', 'SIGNATURE' => MODULE_PAYMENT_PAYPAL_DIRECT_API_SIGNATURE, 'METHOD' => 'DoDirectPayment', 'PAYMENTACTION' => MODULE_PAYMENT_PAYPAL_DIRECT_TRANSACTION_METHOD == 'Sale' ? 'Sale' : 'Authorization', 'IPADDRESS' => tep_get_ip_address(), 'AMT' => $this->format_raw($order->info['total']), 'CREDITCARDTYPE' => $HTTP_POST_VARS['cc_type'], 'ACCT' => $HTTP_POST_VARS['cc_number_nh-dns'], 'STARTDATE' => $HTTP_POST_VARS['cc_starts_month'] . $HTTP_POST_VARS['cc_starts_year'], 'EXPDATE' => $HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 'CVV2' => $HTTP_POST_VARS['cc_cvc_nh-dns'], 'FIRSTNAME' => substr($HTTP_POST_VARS['cc_owner'], 0, strpos($HTTP_POST_VARS['cc_owner'], ' ')), 'LASTNAME' => substr($HTTP_POST_VARS['cc_owner'], strpos($HTTP_POST_VARS['cc_owner'], ' ') + 1), 'STREET' => $order->billing['street_address'], 'CITY' => $order->billing['city'], 'STATE' => tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), 'COUNTRYCODE' => $order->billing['country']['iso_code_2'], 'ZIP' => $order->billing['postcode'], 'EMAIL' => $order->customer['email_address'], 'PHONENUM' => $order->customer['telephone'], 'CURRENCYCODE' => $order->info['currency'], 'BUTTONSOURCE' => 'osCommerce22_Default_DP');
/*if ( ($HTTP_POST_VARS['cc_type'] == 'SWITCH') || ($HTTP_POST_VARS['cc_type'] == 'SOLO') ) {
$params['ISSUENUMBER'] = $HTTP_POST_VARS['cc_issue_nh-dns'];
}*/
if (is_numeric($sendto) && $sendto > 0) {
$params['SHIPTONAME'] = $order->delivery['firstname'] . ' ' . $order->delivery['lastname'];
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRYCODE'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
$post_string = substr($post_string, 0, -1);
$response = $this->sendTransactionToGateway($api_url, $post_string);
$response_array = array();
parse_str($response, $response_array);
if ($response_array['ACK'] != 'Success' && $response_array['ACK'] != 'SuccessWithWarning') {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_payment=' . stripslashes($response_array['L_LONGMESSAGE0']), 'NONSSL'));
}
} else {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_payment=' . MODULE_PAYMENT_PAYPAL_DIRECT_ERROR_ALL_FIELDS_REQUIRED, 'NONSSL'));
}
}
function process_button()
{
global $customer_id, $order, $sendto, $cart_inpay_Standard_ID, $shipping;
$process_button_string = '';
$parameters = array('cmd' => '_xclick', 'item_name' => STORE_NAME, 'shipping' => $this->format_raw($order->info['shipping_cost']), 'tax' => $this->format_raw($order->info['tax']), 'amount' => $this->format_raw($order->info['total']), 'currency' => $_SESSION['currency'], 'order_id' => substr($cart_inpay_Standard_ID, strpos($cart_inpay_Standard_ID, '-') + 1), 'custom' => $customer_id, 'no_note' => '1', 'notify_url' => tep_href_link('ext/modules/payment/inpay/pb_handler.php', '', 'SSL', false, false), 'return_url' => tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL'), 'cancel_url' => tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'), 'bn' => 'osCommerce22_Default_ST', 'buyer_email' => $order->customer['email_address'], 'merchant_id' => MODULE_PAYMENT_INPAY_MERCHANT_ID, 'flow_layout' => MODULE_PAYMENT_INPAY_FLOW_LAYOUT, 'paymentaction' => 'Sale');
if (is_numeric($sendto) && $sendto > 0) {
$address = '';
$address = $order->delivery['street_address'] . ' ' . $order->delivery['city'] . ' ' . tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']) . ' ' . $order->delivery['postcode'] . ' ' . $order->delivery['country']['iso_code_2'];
$parameters['address_override'] = '1';
$parameters['buyer_name'] = utf8_encode($order->delivery['firstname'] . " " . $order->delivery['lastname']);
$parameters['buyer_address'] = utf8_encode($address);
$parameters['country'] = $order->delivery['country']['iso_code_2'];
} else {
$address = '';
$address = $order->billing['street_address'] . ' ' . $order->billing['city'] . ' ' . tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']) . ' ' . $order->billing['postcode'] . ' ' . $order->billing['country']['iso_code_2'];
$parameters['buyer_name'] = utf8_encode($order->billing['firstname'] . " " . $order->billing['lastname']);
$parameters['buyer_address'] = utf8_encode($address);
$parameters['country'] = $order->billing['country']['iso_code_2'];
}
//
// pruduct(s) info
//
$products_info = '';
for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) {
$products_info = $products_info . $order->products[$i]['qty'] . "x" . $order->products[$i]['model'] . ' ' . $order->products[$i]['name'] . ";";
}
$parameters['order_text'] = utf8_encode($products_info);
//
// calc Md5 sum
//
$parameters['checksum'] = $this->calcInpayMd5Key($parameters);
reset($parameters);
while (list($key, $value) = each($parameters)) {
$process_button_string .= tep_draw_hidden_field($key, $value);
}
return $process_button_string;
}
function process_button()
{
global $customer_id, $order, $languages_id, $currencies, $currency, $cart_PayPal_IPN_ID, $shipping, $order_total_modules;
if (MODULE_PAYMENT_PAYPAL_IPN_CURRENCY == 'Selected Currency') {
$my_currency = $currency;
} else {
$my_currency = substr(MODULE_PAYMENT_PAYPAL_IPN_CURRENCY, 5);
}
if (!in_array($my_currency, array('AUD', 'CAD', 'CHF', 'CZK', 'DKK', 'EUR', 'GBP', 'HKD', 'HUF', 'JPY', 'NOK', 'NZD', 'PLN', 'SEK', 'SGD', 'USD'))) {
$my_currency = 'USD';
}
// BOF Per Item mode fix by alexstudio
$order_totals = array();
if (is_array($order_total_modules->modules)) {
reset($order_total_modules->modules);
while (list(, $value) = each($order_total_modules->modules)) {
$class = substr($value, 0, strrpos($value, '.'));
if ($GLOBALS[$class]->enabled) {
for ($i = 0, $n = sizeof($GLOBALS[$class]->output); $i < $n; $i++) {
if (tep_not_null($GLOBALS[$class]->output[$i]['title']) && tep_not_null($GLOBALS[$class]->output[$i]['text'])) {
$order_totals[] = array('code' => $GLOBALS[$class]->code, 'title' => $GLOBALS[$class]->output[$i]['title'], 'text' => $GLOBALS[$class]->output[$i]['text'], 'value' => $GLOBALS[$class]->output[$i]['value'], 'sort_order' => $GLOBALS[$class]->sort_order);
}
}
}
}
}
foreach ($order_totals as $ot) {
$order_total[$ot['code']] = $ot['value'];
}
$subtotal = $order_total['ot_subtotal'];
if (DISPLAY_PRICE_WITH_TAX == 'true') {
$subtotal -= $order->info['tax'];
}
// EOF Per Item mode fix by alexstudio
$parameters = array();
if (MODULE_PAYMENT_PAYPAL_IPN_TRANSACTION_TYPE == 'Per Item') {
$parameters['cmd'] = '_cart';
$parameters['upload'] = '1';
// Decide how many items are virtual (no shipping)
$shipping_count = 0;
$shipping_added = 0;
$handling_added = 0;
$item_tax = 0;
$virtual_items = 0;
for ($y = 0; $y < sizeof($order->products); $y++) {
if (is_array($order->products[$y]['attributes'])) {
while (list($key, $value) = each($order->products[$y]['attributes'])) {
$z = $key;
$attributes_query = "select pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval,\n " . TABLE_PRODUCTS_ATTRIBUTES . " pa left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$y]['id'] . "'\n and pa.options_id = '" . $order->products[$y]['attributes'][$z]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$y]['attributes'][$z]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id";
$attributes = tep_db_query($attributes_query);
$attributes_values = tep_db_fetch_array($attributes);
if (tep_not_null($attributes_values['products_attributes_filename'])) {
$virtual_items++;
}
}
}
}
for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) {
$item = $i + 1;
$tax_value = $order->products[$i]['tax'] / 100 * $order->products[$i]['final_price'];
$parameters['item_name_' . $item] = $order->products[$i]['name'];
$parameters['item_number_' . $item] = $order->products[$i]['model'];
// BOF Tax pre item fix by AlexStudio
if (MOVE_TAX_TO_TOTAL_AMOUNT == 'True') {
$parameters['amount_' . $item] = number_format(($order->products[$i]['final_price'] + $tax_value) * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
} else {
$parameters['amount_' . $item] = number_format($order->products[$i]['final_price'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
$parameters['tax_' . $item] = number_format($tax_value * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
}
$item_tax += number_format($tax_value * $order->products[$i]['qty'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
// EOF Tax pre item fix by AlexStudio
$parameters['quantity_' . $item] = $order->products[$i]['qty'];
// BOF shipping & handling fix by AlexStudio
$item_has_shipping = true;
// EOF shipping & handling fix by AlexStudio
if (isset($order->products[$i]['attributes'])) {
for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) {
if (DOWNLOAD_ENABLED == 'true') {
$attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $languages_id . "'\n and poval.language_id = '" . $languages_id . "'";
$attributes = tep_db_query($attributes_query);
} else {
$attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'");
}
$attributes_values = tep_db_fetch_array($attributes);
// BOF shipping & handling fix by AlexStudio
if (tep_not_null($attributes_values['products_attributes_filename'])) {
$item_has_shipping = false;
}
// EOF shipping & handling fix by AlexStudio
// Unfortunately PayPal only accepts two attributes per product, so the
// third attribute onwards will not be shown at PayPal
$parameters['on' . $j . '_' . $item] = $attributes_values['products_options_name'];
$parameters['os' . $j . '_' . $item] = $attributes_values['products_options_values_name'];
}
}
// BOF shipping & handling fix by AlexStudio
$handling = $order_total['ot_loworderfee'];
if ($n == 1 || $item < $n) {
$parameters['handling_' . $item] = number_format($handling / $n * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
$handling_added += $parameters['handling_' . $item];
} else {
$parameters['handling_' . $item] = number_format($handling * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency)) - $handling_added;
}
if ($item_has_shipping) {
$shipping_count++;
$shipping_items = $n - $virtual_items;
if ($shipping_items == 1 || $shipping_count < $shipping_items) {
$parameters['shipping_' . $item] = number_format($order_total['ot_shipping'] / $shipping_items * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
$shipping_added += $parameters['shipping_' . $item];
} else {
$parameters['shipping_' . $item] = number_format($order_total['ot_shipping'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency)) - $shipping_added;
}
}
// EOF shipping & handling fix by AlexStudio
}
// BOF Tax pre item fix by AlexStudio
$tax_total = number_format($order->info['tax'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
if ($tax_total > $item_tax && DISPLAY_PRICE_WITH_TAX != 'true') {
$item++;
$parameters['item_name_' . $item] = 'Shipping Tax';
$parameters['amount_' . $item] = $tax_total - $item_tax;
$parameters['quantity_' . $item] = 1;
}
// EOF Tax pre item fix by AlexStudio
if (MOVE_TAX_TO_TOTAL_AMOUNT == 'True') {
// BOF Tax pre item fix by AlexStudio
$parameters['amount'] = number_format(($subtotal + $order->info['tax']) * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
} else {
// default
$parameters['amount'] = number_format($subtotal * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
// EOF Tax pre item fix by AlexStudio
}
} else {
$parameters['cmd'] = '_ext-enter';
$parameters['redirect_cmd'] = '_xclick';
$parameters['item_name'] = STORE_NAME;
///CCGV extras by Alexander Dimelow - better to calculate separate otherwise the shipping Free vaucher/code never will work
$shipping['cost'] = number_format($order_total['ot_shipping'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
// BOF shipping & handling fix by AlexStudio
if (MOVE_TAX_TO_TOTAL_AMOUNT == 'True') {
///CCGV extras by Alexander Dimelow
if (isset($order_total['ot_gv']) || isset($order_total['ot_coupon'])) {
$parameters['amount'] = number_format(($subtotal + $order->info['tax']) * $currencies->get_value($my_currency) - $order_total['ot_gv'] - $order_total['ot_coupon'], $currencies->get_decimal_places($my_currency));
} else {
$parameters['amount'] = number_format(($subtotal + $order->info['tax']) * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
}
} else {
// default
$parameters['amount'] = number_format($subtotal * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
$parameters['tax'] = number_format($order->info['tax'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
}
if ($order->content_type != 'virtual') {
$parameters['shipping'] = number_format($order_total['ot_shipping'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
}
$parameters['handling'] = number_format($order_total['ot_loworderfee'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency));
// EOF shipping & handling fix by AlexStudio
}
// BOF billing address fix by AlexStudio
if ($order->content_type != 'virtual') {
$state_abbr = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
} else {
$state_abbr = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']);
}
// EOF billing address fix by AlexStudio
$parameters['business'] = MODULE_PAYMENT_PAYPAL_IPN_ID;
// let's check what has been defined in the shop admin for the shipping address
// BOF parameters fix by AlexStudio
if ($order->content_type != 'virtual') {
$parameters['address_override'] = '1';
$parameters['no_shipping'] = '2';
$parameters['night_phone_b'] = $order->customer['telephone'];
$parameters['first_name'] = $order->delivery['firstname'];
$parameters['last_name'] = $order->delivery['lastname'];
$parameters['address1'] = $order->delivery['street_address'];
$parameters['address2'] = $order->delivery['suburb'];
$parameters['city'] = $order->delivery['city'];
$parameters['zip'] = $order->delivery['postcode'];
$parameters['state'] = $state_abbr;
$parameters['country'] = $order->delivery['country']['iso_code_2'];
$parameters['email'] = $order->customer['email_address'];
} else {
$parameters['no_shipping'] = '1';
$parameters['night_phone_b'] = $order->customer['telephone'];
$parameters['first_name'] = $order->billing['firstname'];
$parameters['last_name'] = $order->billing['lastname'];
$parameters['address1'] = $order->billing['street_address'];
$parameters['address2'] = $order->billing['suburb'];
$parameters['city'] = $order->billing['city'];
$parameters['zip'] = $order->billing['postcode'];
$parameters['state'] = $state_abbr;
$parameters['country'] = $order->billing['country']['iso_code_2'];
$parameters['email'] = $order->customer['email_address'];
}
/*********************************************************************************************
* Currently these are the supported charsets: *
* big5, euc-jp, euc-kr, euc-tw, gb2312, hz-gb-2312, ibm-862, iso-2022-cn, iso-2022-jp, *
* iso-2022-kr, iso-8859-1, iso-8859-2, iso-8859-3, iso-8859-4, iso-8859-5, iso-8859-6, *
* iso-8859-7, iso-8859-8, iso-8859-9, iso-8859-13, iso-8859-15, ko18-r, shift_jis, *
* utf-7, utf-8, utf-16, utf-16be, utf-16le, utf-16_platformendian, utf-16_oppositeendian, *
* utf-32, utf-32be, utf-32le, utf-32_platformendian, utf-32_oppositeendian, usa-ascii, *
* windows-1250, windows-1251, windows-1252, windows-1253, windows-1254, windows-1255, *
* windows-1256, windows-1257, windows-1258, windows-874, windows-949, x-mac-greek, *
* x-mac-turkish, x-mac-centraleurroman, x-mac-cyrillic, ebcdic-cp-us, ibm-1047 *
**********************************************************************************************/
$parameters['charset'] = "utf-8";
// Modify this line if you have problems with the character set.
// EOF parameters fix by AlexStudio
$parameters['currency_code'] = $my_currency;
$parameters['invoice'] = substr($cart_PayPal_IPN_ID, strpos($cart_PayPal_IPN_ID, '-') + 1);
$parameters['custom'] = $customer_id;
$parameters['no_note'] = '1';
$parameters['notify_url'] = tep_href_link('ext/modules/payment/paypal_ipn/ipn.php', 'language=' . $_SESSION['language'], 'SSL', false, false);
$parameters['cbt'] = CONFIRMATION_BUTTON_TEXT;
$parameters['return'] = tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL');
// $parameters['cancel_return'] = tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL');
$parameters['cancel_return'] = tep_href_link(FILENAME_SHOPPING_CART, 'ipn=cancel_ipn&order=' . $parameters['invoice'], 'SSL');
$parameters['bn'] = $this->identifier;
$parameters['lc'] = $order->customer['country']['iso_code_2'];
if (tep_not_null(MODULE_PAYMENT_PAYPAL_IPN_PAGE_STYLE)) {
$parameters['page_style'] = MODULE_PAYMENT_PAYPAL_IPN_PAGE_STYLE;
}
if (MODULE_PAYMENT_PAYPAL_IPN_EWP_STATUS == 'True') {
$parameters['cert_id'] = MODULE_PAYMENT_PAYPAL_IPN_EWP_CERT_ID;
$random_string = rand(100000, 999999) . '-' . $customer_id . '-';
$data = '';
reset($parameters);
while (list($key, $value) = each($parameters)) {
$data .= $key . '=' . $value . "\n";
}
$fp = fopen(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt', 'w');
fwrite($fp, $data);
fclose($fp);
unset($data);
if (function_exists('openssl_pkcs7_sign') && function_exists('openssl_pkcs7_encrypt')) {
openssl_pkcs7_sign(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt', MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_PUBLIC_KEY), file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_PRIVATE_KEY), array('From' => MODULE_PAYMENT_PAYPAL_IPN_ID), PKCS7_BINARY);
unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt');
// remove headers from the signature
$signed = file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
$signed = explode("\n\n", $signed);
$signed = base64_decode($signed[1]);
$fp = fopen(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', 'w');
fwrite($fp, $signed);
fclose($fp);
unset($signed);
openssl_pkcs7_encrypt(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt', file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_PAYPAL_KEY), array('From' => MODULE_PAYMENT_PAYPAL_IPN_ID), PKCS7_BINARY);
unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
// remove headers from the encrypted result
$data = file_get_contents(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
$data = explode("\n\n", $data);
$data = '-----BEGIN PKCS7-----' . "\n" . $data[1] . "\n" . '-----END PKCS7-----';
unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
} else {
exec(MODULE_PAYMENT_PAYPAL_IPN_EWP_OPENSSL . ' smime -sign -in ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt -signer ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_PUBLIC_KEY . ' -inkey ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_PRIVATE_KEY . ' -outform der -nodetach -binary > ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt');
exec(MODULE_PAYMENT_PAYPAL_IPN_EWP_OPENSSL . ' smime -encrypt -des3 -binary -outform pem ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_PAYPAL_KEY . ' < ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt > ' . MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
$fh = fopen(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt', 'rb');
$data = fread($fh, filesize(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt'));
fclose($fh);
unlink(MODULE_PAYMENT_PAYPAL_IPN_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
}
$process_button_string = tep_draw_hidden_field('cmd', '_s-xclick') . tep_draw_hidden_field('encrypted', $data);
unset($data);
} else {
reset($parameters);
while (list($key, $value) = each($parameters)) {
$process_button_string .= tep_draw_hidden_field($key, $value);
}
}
return $process_button_string;
}
function tep_address_format($address_format_id, $address, $html, $boln, $eoln)
{
global $osC_Database;
$Qformat = $osC_Database->query('select address_format from :table_address_format where address_format_id = :address_format_id');
$Qformat->bindTable(':table_address_format', TABLE_ADDRESS_FORMAT);
$Qformat->bindInt(':address_format_id', $address_format_id);
$Qformat->execute();
$company = tep_output_string_protected($address['company']);
if (isset($address['firstname']) && tep_not_null($address['firstname'])) {
$firstname = tep_output_string_protected($address['firstname']);
$lastname = tep_output_string_protected($address['lastname']);
} elseif (isset($address['name']) && tep_not_null($address['name'])) {
$firstname = tep_output_string_protected($address['name']);
$lastname = '';
} else {
$firstname = '';
$lastname = '';
}
$street = tep_output_string_protected($address['street_address']);
$suburb = tep_output_string_protected($address['suburb']);
$city = tep_output_string_protected($address['city']);
$state = tep_output_string_protected($address['state']);
if (isset($address['country_id']) && tep_not_null($address['country_id'])) {
$country = tep_get_country_name($address['country_id']);
if (isset($address['zone_id']) && tep_not_null($address['zone_id'])) {
$state = tep_get_zone_code($address['country_id'], $address['zone_id'], $state);
}
} elseif (isset($address['country']) && tep_not_null($address['country'])) {
$country = tep_output_string_protected($address['country']);
} else {
$country = '';
}
$postcode = tep_output_string_protected($address['postcode']);
$zip = $postcode;
if ($html) {
// HTML Mode
$HR = '<hr>';
$hr = '<hr>';
if ($boln == '' && $eoln == "\n") {
// Values not specified, use rational defaults
$CR = '<br>';
$cr = '<br>';
$eoln = $cr;
} else {
// Use values supplied
$CR = $eoln . $boln;
$cr = $CR;
}
} else {
// Text Mode
$CR = $eoln;
$cr = $CR;
$HR = '----------------------------------------';
$hr = '----------------------------------------';
}
$statecomma = '';
$streets = $street;
if ($suburb != '') {
$streets = $street . $cr . $suburb;
}
if ($country == '') {
$country = tep_output_string_protected($address['country']);
}
if ($state != '') {
$statecomma = $state . ', ';
}
$fmt = $Qformat->value('address_format');
eval("\$address = \"{$fmt}\";");
if (ACCOUNT_COMPANY == 'true' && tep_not_null($company)) {
$address = $company . $cr . $address;
}
return $address;
}
function process_button()
{
global $customer_id, $order, $currency, $cartID;
$process_button_string = '';
$params = array('VPSProtocol' => '2.23', 'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802', 'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_FORM_VENDOR_LOGIN_NAME, 0, 15));
if (MODULE_PAYMENT_SAGE_PAY_FORM_TRANSACTION_METHOD == 'Payment') {
$params['TxType'] = 'PAYMENT';
} elseif (MODULE_PAYMENT_SAGE_PAY_FORM_TRANSACTION_METHOD == 'Deferred') {
$params['TxType'] = 'DEFERRED';
} else {
$params['TxType'] = 'AUTHENTICATE';
}
$crypt = array('VendorTxCode' => substr(date('YmdHis') . '-' . $customer_id . '-' . $cartID, 0, 40), 'Amount' => $this->format_raw($order->info['total']), 'Currency' => $currency, 'Description' => substr(STORE_NAME, 0, 100), 'SuccessURL' => tep_href_link(FILENAME_CHECKOUT_PROCESS, tep_session_name() . '=' . tep_session_id(), 'SSL', false), 'FailureURL' => tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&' . tep_session_name() . '=' . tep_session_id(), 'SSL', false), 'CustomerName' => substr($order->billing['firstname'] . ' ' . $order->billing['lastname'], 0, 100), 'CustomerEMail' => substr($order->customer['email_address'], 0, 255), 'BillingSurname' => substr($order->billing['lastname'], 0, 20), 'BillingFirstnames' => substr($order->billing['firstname'], 0, 20), 'BillingAddress1' => substr($order->billing['street_address'], 0, 100), 'BillingCity' => substr($order->billing['city'], 0, 40), 'BillingPostCode' => substr($order->billing['postcode'], 0, 10), 'BillingCountry' => $order->billing['country']['iso_code_2']);
if ($crypt['BillingCountry'] == 'US') {
$crypt['BillingState'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], '');
}
$crypt['BillingPhone'] = substr($order->customer['telephone'], 0, 20);
$crypt['DeliverySurname'] = substr($order->delivery['lastname'], 0, 20);
$crypt['DeliveryFirstnames'] = substr($order->delivery['firstname'], 0, 20);
$crypt['DeliveryAddress1'] = substr($order->delivery['street_address'], 0, 100);
$crypt['DeliveryCity'] = substr($order->delivery['city'], 0, 40);
$crypt['DeliveryPostCode'] = substr($order->delivery['postcode'], 0, 10);
$crypt['DeliveryCountry'] = $order->delivery['country']['iso_code_2'];
if ($crypt['DeliveryCountry'] == 'US') {
$crypt['DeliveryState'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], '');
}
if (tep_not_null(MODULE_PAYMENT_SAGE_PAY_FORM_VENDOR_EMAIL)) {
$crypt['VendorEMail'] = substr(MODULE_PAYMENT_SAGE_PAY_FORM_VENDOR_EMAIL, 0, 255);
}
switch (MODULE_PAYMENT_SAGE_PAY_FORM_SEND_EMAIL) {
case 'No One':
$crypt['SendEMail'] = 0;
break;
case 'Customer and Vendor':
$crypt['SendEMail'] = 1;
break;
case 'Vendor Only':
$crypt['SendEMail'] = 2;
break;
}
if (tep_not_null(MODULE_PAYMENT_SAGE_PAY_FORM_CUSTOMER_EMAIL_MESSAGE)) {
$crypt['eMailMessage'] = substr(MODULE_PAYMENT_SAGE_PAY_FORM_CUSTOMER_EMAIL_MESSAGE, 0, 7500);
}
$contents = array();
foreach ($order->products as $product) {
$product_name = $product['name'];
if (isset($product['attributes'])) {
foreach ($product['attributes'] as $att) {
$product_name .= '; ' . $att['option'] . '=' . $att['value'];
}
}
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', $product_name) . ':' . $product['qty'] . ':' . $this->format_raw($product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price'] + $product['final_price']) . ':' . $this->format_raw(($product['tax'] / 100 * $product['final_price'] + $product['final_price']) * $product['qty']);
}
foreach ($this->getOrderTotalsSummary() as $ot) {
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', strip_tags($ot['title'])) . ':---:---:---:---:' . $this->format_raw($ot['value']);
}
$crypt['Basket'] = substr(sizeof($contents) . ':' . implode(':', $contents), 0, 7500);
$crypt['Apply3DSecure'] = '0';
$crypt_string = '';
foreach ($crypt as $key => $value) {
$crypt_string .= $key . '=' . trim($value) . '&';
}
$crypt_string = substr($crypt_string, 0, -1);
$params['Crypt'] = base64_encode($this->simpleXor($crypt_string, MODULE_PAYMENT_SAGE_PAY_FORM_ENCRYPTION_PASSWORD));
foreach ($params as $key => $value) {
$process_button_string .= tep_draw_hidden_field($key, $value);
}
return $process_button_string;
}
function _getQuote()
{
global $order, $customer_id, $sendto;
if (MODULE_SHIPPING_FEDEX1_ACCOUNT == "NONE" || strlen(MODULE_SHIPPING_FEDEX1_ACCOUNT) == 0) {
return array('error' => 'You forgot to set up your Fedex account number, this can be set up in Admin -> Modules -> Shipping');
}
if (MODULE_SHIPPING_FEDEX1_ADDRESS_1 == "NONE" || strlen(MODULE_SHIPPING_FEDEX1_ADDRESS_1) == 0) {
return array('error' => 'You forgot to set up your ship from street address line 1, this can be set up in Admin -> Modules -> Shipping');
}
if (MODULE_SHIPPING_FEDEX1_CITY == "NONE" || strlen(MODULE_SHIPPING_FEDEX1_CITY) == 0) {
return array('error' => 'You forgot to set up your ship from City, this can be set up in Admin -> Modules -> Shipping');
}
if (MODULE_SHIPPING_FEDEX1_POSTAL == "NONE" || strlen(MODULE_SHIPPING_FEDEX1_POSTAL) == 0) {
return array('error' => 'You forgot to set up your ship from postal code, this can be set up in Admin -> Modules -> Shipping');
}
if (MODULE_SHIPPING_FEDEX1_PHONE == "NONE" || strlen(MODULE_SHIPPING_FEDEX1_PHONE) == 0) {
return array('error' => 'You forgot to set up your ship from phone number, this can be set up in Admin -> Modules -> Shipping');
}
if (MODULE_SHIPPING_FEDEX1_METER == "NONE") {
if ($this->_getMeter() === false) {
return array('error' => $this->error_message);
}
}
$data = '0,"25"';
// TransactionCode
$data .= '10,"' . MODULE_SHIPPING_FEDEX1_ACCOUNT . '"';
// Sender fedex account number
$data .= '498,"' . $this->meter . '"';
// Meter number
$data .= '8,"' . MODULE_SHIPPING_FEDEX1_STATE . '"';
// Sender state code
$orig_zip = str_replace(array(' ', '-'), '', MODULE_SHIPPING_FEDEX1_POSTAL);
$data .= '9,"' . $orig_zip . '"';
// Origin postal code
$data .= '117,"' . $this->country . '"';
// Origin country
$dest_zip = str_replace(array(' ', '-'), '', $order->delivery['postcode']);
$data .= '17,"' . $dest_zip . '"';
// Recipient zip code
if ($order->delivery['country']['iso_code_2'] == "US" || $order->delivery['country']['iso_code_2'] == "CA" || $order->delivery['country']['iso_code_2'] == "PR") {
$state .= tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], '');
// Recipient state
if ($state == "QC") {
$state = "PQ";
}
$data .= '16,"' . $state . '"';
// Recipient state
}
$data .= '50,"' . $order->delivery['country']['iso_code_2'] . '"';
// Recipient country
$data .= '75,"' . MODULE_SHIPPING_FEDEX1_WEIGHT . '"';
// Weight units
if (MODULE_SHIPPING_FEDEX1_WEIGHT == "KGS") {
$data .= '1116,"C"';
// Dimension units
} else {
$data .= '1116,"I"';
// Dimension units
}
$data .= '1401,"' . $this->pounds . '"';
// Total weight
$data .= '1529,"1"';
// Quote discounted rates
if ($this->insurance > 0) {
$data .= '1415,"' . $this->insurance . '"';
// Insurance value
$data .= '68,"USD"';
// Insurance value currency
}
if ($order->delivery['company'] == '' && MODULE_SHIPPING_FEDEX1_RESIDENTIAL == 0) {
$data .= '440,"Y"';
// Residential address
} else {
$data .= '440,"N"';
// Business address, use if adding a residential surcharge
}
$data .= '1273,"' . $this->packageType . '"';
// Package type
$data .= '1333,"' . MODULE_SHIPPING_FEDEX1_DROPOFF . '"';
// Drop of drop off or pickup
if (MODULE_SHIPPING_FEDEX1_LIST_RATES == 'True') {
$data .= '1529,"2"';
// Also return list rates
}
$data .= '99,""';
// End of record
if (MODULE_SHIPPING_FEDEX1_DEBUG == 'True') {
echo "Data sent to Fedex for Rating: " . $data . "<br>";
}
$fedexData = $this->_AccessFedex($data);
if (MODULE_SHIPPING_FEDEX1_DEBUG == 'True') {
echo "Data returned from Fedex for Rating: " . $fedexData . "<br>";
}
if (strlen($fedexData) == 0) {
$this->error_message = 'No data returned from Fedex, perhaps the Fedex site is down';
return array('error' => $this->error_message);
}
$fedexData = $this->_ParseFedex($fedexData);
$i = 1;
if ($this->country == $order->delivery['country']['iso_code_2']) {
$this->intl = FALSE;
} else {
$this->intl = TRUE;
}
$rates = NULL;
while (isset($fedexData['1274-' . $i])) {
if ($this->intl) {
if (isset($this->international_types[$fedexData['1274-' . $i]])) {
if (MODULE_SHIPPING_FEDEX1_LIST_RATES == 'False') {
if (isset($fedexData['3058-' . $i])) {
$rates[$fedexData['1274-' . $i] . $fedexData['3058-' . $i]] = $fedexData['1419-' . $i];
} else {
$rates[$fedexData['1274-' . $i]] = $fedexData['1419-' . $i];
}
} else {
if (isset($fedexData['3058-' . $i])) {
$rates[$fedexData['1274-' . $i] . $fedexData['3058-' . $i]] = $fedexData['1528-' . $i];
} else {
$rates[$fedexData['1274-' . $i]] = $fedexData['1528-' . $i];
}
}
}
} else {
if (isset($this->domestic_types[$fedexData['1274-' . $i]])) {
if (MODULE_SHIPPING_FEDEX1_LIST_RATES == 'False') {
if (isset($fedexData['3058-' . $i])) {
$rates[$fedexData['1274-' . $i] . $fedexData['3058-' . $i]] = $fedexData['1419-' . $i];
} else {
$rates[$fedexData['1274-' . $i]] = $fedexData['1419-' . $i];
}
} else {
if (isset($fedexData['3058-' . $i])) {
$rates[$fedexData['1274-' . $i] . $fedexData['3058-' . $i]] = $fedexData['1528-' . $i];
} else {
$rates[$fedexData['1274-' . $i]] = $fedexData['1528-' . $i];
}
}
}
}
$i++;
}
if (is_array($rates)) {
if (MODULE_SHIPPING_FEDEX1_WEIGHT_SORT == 'Low to High') {
asort($rates);
} else {
arsort($rates);
}
} else {
$this->error_message = 'No Rates Returned, ' . $fedexData['2'] . ' : ' . $fedexData['3'];
return array('error' => $this->error_message);
}
return sizeof($rates) > 0 ? $rates : false;
}
function process_button()
{
global $customer_id, $order, $sendto, $currency, $cart_PayPal_Standard_ID, $shipping;
$process_button_string = '';
$parameters = array('cmd' => '_xclick', 'item_name' => STORE_NAME, 'shipping' => $this->format_raw($order->info['shipping_cost']), 'tax' => $this->format_raw($order->info['tax']), 'business' => MODULE_PAYMENT_PAYPAL_STANDARD_ID, 'amount' => $this->format_raw($order->info['total'] - $order->info['shipping_cost'] - $order->info['tax']), 'currency_code' => $currency, 'invoice' => substr($cart_PayPal_Standard_ID, strpos($cart_PayPal_Standard_ID, '-') + 1), 'custom' => $customer_id, 'no_note' => '1', 'notify_url' => tep_href_link('ext/modules/payment/paypal/standard_ipn.php', '', 'SSL', false, false), 'return' => tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL'), 'cancel_return' => tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'), 'bn' => 'osCommerce22_Default_ST', 'paymentaction' => MODULE_PAYMENT_PAYPAL_STANDARD_TRANSACTION_METHOD == 'Sale' ? 'sale' : 'authorization');
if (is_numeric($sendto) && $sendto > 0) {
$parameters['address_override'] = '1';
$parameters['first_name'] = $order->delivery['firstname'];
$parameters['last_name'] = $order->delivery['lastname'];
$parameters['address1'] = $order->delivery['street_address'];
$parameters['city'] = $order->delivery['city'];
$parameters['state'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$parameters['zip'] = $order->delivery['postcode'];
$parameters['country'] = $order->delivery['country']['iso_code_2'];
} else {
$parameters['no_shipping'] = '1';
$parameters['first_name'] = $order->billing['firstname'];
$parameters['last_name'] = $order->billing['lastname'];
$parameters['address1'] = $order->billing['street_address'];
$parameters['city'] = $order->billing['city'];
$parameters['state'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']);
$parameters['zip'] = $order->billing['postcode'];
$parameters['country'] = $order->billing['country']['iso_code_2'];
}
if (tep_not_null(MODULE_PAYMENT_PAYPAL_STANDARD_PAGE_STYLE)) {
$parameters['page_style'] = MODULE_PAYMENT_PAYPAL_STANDARD_PAGE_STYLE;
}
if (MODULE_PAYMENT_PAYPAL_STANDARD_EWP_STATUS == 'True') {
$parameters['cert_id'] = MODULE_PAYMENT_PAYPAL_STANDARD_EWP_CERT_ID;
$random_string = rand(100000, 999999) . '-' . $customer_id . '-';
$data = '';
reset($parameters);
while (list($key, $value) = each($parameters)) {
$data .= $key . '=' . $value . "\n";
}
$fp = fopen(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt', 'w');
fwrite($fp, $data);
fclose($fp);
unset($data);
if (function_exists('openssl_pkcs7_sign') && function_exists('openssl_pkcs7_encrypt')) {
openssl_pkcs7_sign(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt', MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', file_get_contents(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_PUBLIC_KEY), file_get_contents(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_PRIVATE_KEY), array('From' => MODULE_PAYMENT_PAYPAL_STANDARD_ID), PKCS7_BINARY);
unlink(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt');
// remove headers from the signature
$signed = file_get_contents(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
$signed = explode("\n\n", $signed);
$signed = base64_decode($signed[1]);
$fp = fopen(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', 'w');
fwrite($fp, $signed);
fclose($fp);
unset($signed);
openssl_pkcs7_encrypt(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt', file_get_contents(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_PAYPAL_KEY), array('From' => MODULE_PAYMENT_PAYPAL_STANDARD_ID), PKCS7_BINARY);
unlink(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
// remove headers from the encrypted result
$data = file_get_contents(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
$data = explode("\n\n", $data);
$data = '-----BEGIN PKCS7-----' . "\n" . $data[1] . "\n" . '-----END PKCS7-----';
unlink(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
} else {
exec(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_OPENSSL . ' smime -sign -in ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt -signer ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_PUBLIC_KEY . ' -inkey ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_PRIVATE_KEY . ' -outform der -nodetach -binary > ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
unlink(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt');
exec(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_OPENSSL . ' smime -encrypt -des3 -binary -outform pem ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_PAYPAL_KEY . ' < ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt > ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
unlink(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
$fh = fopen(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt', 'rb');
$data = fread($fh, filesize(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt'));
fclose($fh);
unlink(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
}
$process_button_string = tep_draw_hidden_field('cmd', '_s-xclick') . tep_draw_hidden_field('encrypted', $data);
unset($data);
} else {
reset($parameters);
while (list($key, $value) = each($parameters)) {
$process_button_string .= tep_draw_hidden_field($key, $value);
}
}
return $process_button_string;
}
function before_process()
{
global $HTTP_POST_VARS, $order, $order_totals, $sendto, $response_array;
if (isset($HTTP_POST_VARS['cc_owner_firstname']) && !empty($HTTP_POST_VARS['cc_owner_firstname']) && isset($HTTP_POST_VARS['cc_owner_lastname']) && !empty($HTTP_POST_VARS['cc_owner_lastname']) && isset($HTTP_POST_VARS['cc_number_nh-dns']) && !empty($HTTP_POST_VARS['cc_number_nh-dns'])) {
if (MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_TRANSACTION_SERVER == 'Live') {
$api_url = 'https://payflowpro.paypal.com';
} else {
$api_url = 'https://pilot-payflowpro.paypal.com';
}
$params = array('USER' => tep_not_null(MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_USERNAME) ? MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_USERNAME : MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_VENDOR, 'VENDOR' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_VENDOR, 'PARTNER' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_PARTNER, 'PWD' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_PASSWORD, 'TENDER' => 'C', 'TRXTYPE' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_TRANSACTION_METHOD == 'Sale' ? 'S' : 'A', 'AMT' => $this->format_raw($order->info['total']), 'CURRENCY' => $order->info['currency'], 'BILLTOFIRSTNAME' => $HTTP_POST_VARS['cc_owner_firstname'], 'BILLTOLASTNAME' => $HTTP_POST_VARS['cc_owner_lastname'], 'BILLTOSTREET' => $order->billing['street_address'], 'BILLTOCITY' => $order->billing['city'], 'BILLTOSTATE' => tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), 'BILLTOCOUNTRY' => $order->billing['country']['iso_code_2'], 'BILLTOZIP' => $order->billing['postcode'], 'CUSTIP' => tep_get_ip_address(), 'EMAIL' => $order->customer['email_address'], 'ACCT' => $HTTP_POST_VARS['cc_number_nh-dns'], 'EXPDATE' => $HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 'CVV2' => $HTTP_POST_VARS['cc_cvc_nh-dns'], 'BUTTONSOURCE' => 'OSCOM23_DPPF');
if (is_numeric($sendto) && $sendto > 0) {
$params['SHIPTOFIRSTNAME'] = $order->delivery['firstname'];
$params['SHIPTOLASTNAME'] = $order->delivery['lastname'];
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRY'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$item_params = array();
$line_item_no = 0;
foreach ($order->products as $product) {
$item_params['L_NAME' . $line_item_no] = $product['name'];
$item_params['L_COST' . $line_item_no] = $this->format_raw($product['final_price']);
$item_params['L_QTY' . $line_item_no] = $product['qty'];
$line_item_no++;
}
$items_total = $this->format_raw($order->info['subtotal']);
foreach ($order_totals as $ot) {
if (!in_array($ot['code'], array('ot_subtotal', 'ot_shipping', 'ot_tax', 'ot_total'))) {
$item_params['L_NAME' . $line_item_no] = $ot['title'];
$item_params['L_COST' . $line_item_no] = $this->format_raw($ot['value']);
$item_params['L_QTY' . $line_item_no] = 1;
$items_total += $this->format_raw($ot['value']);
$line_item_no++;
}
}
$item_params['ITEMAMT'] = $items_total;
$item_params['TAXAMT'] = $this->format_raw($order->info['tax']);
$item_params['FREIGHTAMT'] = $this->format_raw($order->info['shipping_cost']);
if ($this->format_raw($item_params['ITEMAMT'] + $item_params['TAXAMT'] + $item_params['FREIGHTAMT']) == $params['AMT']) {
$params = array_merge($params, $item_params);
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '[' . strlen(trim($value)) . ']=' . trim($value) . '&';
}
$post_string = substr($post_string, 0, -1);
$response = $this->sendTransactionToGateway($api_url, $post_string);
$response_array = array();
parse_str($response, $response_array);
if ($response_array['RESULT'] != '0') {
$this->sendDebugEmail($response_array);
switch ($response_array['RESULT']) {
case '1':
case '26':
$error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_CFG_ERROR;
break;
case '7':
$error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_ADDRESS;
break;
case '12':
$error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_DECLINED;
break;
case '23':
case '24':
$error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_INVALID_CREDIT_CARD;
break;
default:
$error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_GENERAL;
break;
}
tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_message=' . urlencode($error_message), 'SSL'));
}
} else {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_message=' . MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_ALL_FIELDS_REQUIRED, 'SSL'));
}
}
function before_process()
{
global $HTTP_GET_VARS, $HTTP_POST_VARS, $customer_id, $order, $currency, $order_totals, $cartID;
$error = null;
if (isset($HTTP_GET_VARS['check']) && $HTTP_GET_VARS['check'] == '3D' && isset($HTTP_POST_VARS['MD']) && tep_not_null($HTTP_POST_VARS['MD']) && isset($HTTP_POST_VARS['PaRes']) && tep_not_null($HTTP_POST_VARS['PaRes'])) {
switch (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_SERVER) {
case 'Live':
$gateway_url = 'https://live.sagepay.com/gateway/service/direct3dcallback.vsp';
break;
case 'Test':
$gateway_url = 'https://test.sagepay.com/gateway/service/direct3dcallback.vsp';
break;
default:
$gateway_url = 'https://test.sagepay.com/Simulator/VSPDirectCallback.asp';
break;
}
$post_string = 'MD=' . $HTTP_POST_VARS['MD'] . '&PARes=' . $HTTP_POST_VARS['PaRes'];
$transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string);
} else {
$cc_type = substr($HTTP_POST_VARS['cc_type'], 0, 15);
$cc_owner = substr($HTTP_POST_VARS['cc_owner'], 0, 50);
$cc_number = substr(preg_replace('/[^0-9]/', '', $HTTP_POST_VARS['cc_number_nh-dns']), 0, 20);
$cc_start = null;
$cc_expires = null;
$cc_issue = null;
$cc_cvc = null;
$today = getdate();
$months_array = array();
for ($i = 1; $i < 13; $i++) {
$months_array[] = sprintf('%02d', $i);
}
$year_valid_to_array = array();
for ($i = $today['year']; $i < $today['year'] + 10; $i++) {
$year_valid_to_array[] = strftime('%y', mktime(0, 0, 0, 1, 1, $i));
}
$year_valid_from_array = array();
for ($i = $today['year'] - 4; $i < $today['year'] + 1; $i++) {
$year_valid_from_array[] = strftime('%Y', mktime(0, 0, 0, 1, 1, $i));
}
if (isset($HTTP_POST_VARS['cc_type']) == false || $this->isCard($cc_type) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardtype', 'SSL'));
}
if (isset($HTTP_POST_VARS['cc_owner']) == false || empty($cc_owner)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardowner', 'SSL'));
}
if (isset($HTTP_POST_VARS['cc_number_nh-dns']) == false || is_numeric($cc_number) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardnumber', 'SSL'));
}
if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True' || $cc_type == 'AMEX' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_AMEX == 'True') {
if (in_array($HTTP_POST_VARS['cc_starts_month'], $months_array) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardstart', 'SSL'));
}
if (in_array($HTTP_POST_VARS['cc_starts_year'], $year_valid_from_array) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardstart', 'SSL'));
}
$cc_start = substr($HTTP_POST_VARS['cc_starts_month'] . $HTTP_POST_VARS['cc_starts_year'], 0, 4);
}
if (in_array($HTTP_POST_VARS['cc_expires_month'], $months_array) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL'));
}
if (in_array($HTTP_POST_VARS['cc_expires_year'], $year_valid_to_array) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL'));
}
if ($HTTP_POST_VARS['cc_expires_year'] == date('y') && $HTTP_POST_VARS['cc_expires_month'] < date('m')) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardexpires', 'SSL'));
}
$cc_expires = substr($HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 0, 4);
if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True') {
$cc_issue = substr($HTTP_POST_VARS['cc_issue_nh-dns'], 0, 2);
if (isset($HTTP_POST_VARS['cc_issue_nh-dns']) == false || empty($cc_issue)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardissue', 'SSL'));
}
}
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_VERIFY_WITH_CVC == 'True') {
$cc_cvc = substr($HTTP_POST_VARS['cc_cvc_nh-dns'], 0, 4);
if (isset($HTTP_POST_VARS['cc_cvc_nh-dns']) == false || empty($cc_cvc)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . '&error=cardcvc', 'SSL'));
}
}
$params = array('VPSProtocol' => '2.23', 'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802', 'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_DIRECT_VENDOR_LOGIN_NAME, 0, 15), 'VendorTxCode' => substr(date('YmdHis') . '-' . $customer_id . '-' . $cartID, 0, 40), 'Amount' => $this->format_raw($order->info['total']), 'Currency' => $currency, 'Description' => substr(STORE_NAME, 0, 100), 'CardHolder' => $cc_owner, 'CardNumber' => $cc_number, 'ExpiryDate' => $cc_expires, 'CardType' => $cc_type, 'BillingSurname' => substr($order->billing['lastname'], 0, 20), 'BillingFirstnames' => substr($order->billing['firstname'], 0, 20), 'BillingAddress1' => substr($order->billing['street_address'], 0, 100), 'BillingCity' => substr($order->billing['city'], 0, 40), 'BillingPostCode' => substr($order->billing['postcode'], 0, 10), 'BillingCountry' => $order->billing['country']['iso_code_2'], 'BillingPhone' => substr($order->customer['telephone'], 0, 20), 'DeliverySurname' => substr($order->delivery['lastname'], 0, 20), 'DeliveryFirstnames' => substr($order->delivery['firstname'], 0, 20), 'DeliveryAddress1' => substr($order->delivery['street_address'], 0, 100), 'DeliveryCity' => substr($order->delivery['city'], 0, 40), 'DeliveryPostCode' => substr($order->delivery['postcode'], 0, 10), 'DeliveryCountry' => $order->delivery['country']['iso_code_2'], 'CustomerName' => substr($order->billing['firstname'] . ' ' . $order->billing['lastname'], 0, 100), 'DeliveryPhone' => substr($order->customer['telephone'], 0, 20), 'CustomerEMail' => substr($order->customer['email_address'], 0, 255), 'Apply3DSecure' => '0');
$ip_address = tep_get_ip_address();
if (ip2long($ip_address) != -1 && ip2long($ip_address) != false) {
$params['ClientIPAddress'] = $ip_address;
}
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_METHOD == 'Payment') {
$params['TxType'] = 'PAYMENT';
} elseif (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_METHOD == 'Deferred') {
$params['TxType'] = 'DEFERRED';
} else {
$params['TxType'] = 'AUTHENTICATE';
}
if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True' || $cc_type == 'AMEX' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_AMEX == 'True') {
$params['StartDate'] = $cc_start;
}
if ($cc_type == 'MAESTRO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_MAESTRO == 'True' || $cc_type == 'SOLO' && MODULE_PAYMENT_SAGE_PAY_DIRECT_ALLOW_SOLO == 'True') {
$params['IssueNumber'] = $cc_issue;
}
if (MODULE_PAYMENT_SAGE_PAY_DIRECT_VERIFY_WITH_CVC == 'True') {
$params['CV2'] = $cc_cvc;
}
if ($params['BillingCountry'] == 'US') {
$params['BillingState'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], '');
}
if ($params['DeliveryCountry'] == 'US') {
$params['DeliveryState'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], '');
}
$contents = array();
foreach ($order->products as $product) {
$product_name = $product['name'];
if (isset($product['attributes'])) {
foreach ($product['attributes'] as $att) {
$product_name .= '; ' . $att['option'] . '=' . $att['value'];
}
}
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', $product_name) . ':' . $product['qty'] . ':' . $this->format_raw($product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price'] + $product['final_price']) . ':' . $this->format_raw(($product['tax'] / 100 * $product['final_price'] + $product['final_price']) * $product['qty']);
}
foreach ($order_totals as $ot) {
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', strip_tags($ot['title'])) . ':---:---:---:---:' . $this->format_raw($ot['value']);
}
$params['Basket'] = substr(sizeof($contents) . ':' . implode(':', $contents), 0, 7500);
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
switch (MODULE_PAYMENT_SAGE_PAY_DIRECT_TRANSACTION_SERVER) {
case 'Live':
$gateway_url = 'https://live.sagepay.com/gateway/service/vspdirect-register.vsp';
break;
case 'Test':
$gateway_url = 'https://test.sagepay.com/gateway/service/vspdirect-register.vsp';
break;
default:
$gateway_url = 'https://test.sagepay.com/Simulator/VSPDirectGateway.asp';
break;
}
$transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string);
}
$string_array = explode(chr(10), $transaction_response);
$return = array();
foreach ($string_array as $string) {
if (strpos($string, '=') != false) {
$parts = explode('=', $string, 2);
$return[trim($parts[0])] = trim($parts[1]);
}
}
if ($return['Status'] == '3DAUTH') {
global $sage_pay_direct_acsurl, $sage_pay_direct_pareq, $sage_pay_direct_md;
tep_session_register('sage_pay_direct_acsurl');
$sage_pay_direct_acsurl = $return['ACSURL'];
tep_session_register('sage_pay_direct_pareq');
$sage_pay_direct_pareq = $return['PAReq'];
tep_session_register('sage_pay_direct_md');
$sage_pay_direct_md = $return['MD'];
tep_redirect(tep_href_link('ext/modules/payment/sage_pay/checkout.php', '', 'SSL'));
}
if ($return['Status'] != 'OK' && $return['Status'] != 'AUTHENTICATED' && $return['Status'] != 'REGISTERED') {
$error = $this->getErrorMessageNumber($return['StatusDetail']);
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL'));
}
if (isset($return['VPSTxId'])) {
$order->info['comments'] = 'Sage Pay Reference ID: ' . $return['VPSTxId'] . (tep_not_null($order->info['comments']) ? "\n\n" . $order->info['comments'] : '');
}
}
function process_button()
{
global $customer_id, $order, $sendto, $currency, $cart_PayPal_Standard_ID, $shipping, $order_total_modules;
$total_tax = $order->info['tax'];
// remove shipping tax in total tax value
if (isset($shipping['cost'])) {
$total_tax -= $order->info['shipping_cost'] - $shipping['cost'];
}
$process_button_string = '';
$parameters = array('cmd' => '_cart', 'upload' => '1', 'item_name_1' => STORE_NAME, 'shipping_1' => $this->format_raw($order->info['shipping_cost']), 'business' => MODULE_PAYMENT_PAYPAL_STANDARD_ID, 'amount_1' => $this->format_raw($order->info['total'] - $order->info['shipping_cost'] - $total_tax), 'currency_code' => $currency, 'invoice' => substr($cart_PayPal_Standard_ID, strpos($cart_PayPal_Standard_ID, '-') + 1), 'custom' => $customer_id, 'no_note' => '1', 'notify_url' => tep_href_link('ext/modules/payment/paypal/standard_ipn.php', '', 'SSL', false, false), 'rm' => '2', 'return' => tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL'), 'cancel_return' => tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'), 'bn' => 'OSCOM23_PS', 'paymentaction' => MODULE_PAYMENT_PAYPAL_STANDARD_TRANSACTION_METHOD == 'Sale' ? 'sale' : 'authorization');
if (defined('MODULE_PAYMENT_PAYPAL_STANDARD_TEXT_PAYPAL_RETURN_BUTTON') && tep_not_null(MODULE_PAYMENT_PAYPAL_STANDARD_TEXT_PAYPAL_RETURN_BUTTON) && strlen(MODULE_PAYMENT_PAYPAL_STANDARD_TEXT_PAYPAL_RETURN_BUTTON) <= 60) {
$parameters['cbt'] = MODULE_PAYMENT_PAYPAL_STANDARD_TEXT_PAYPAL_RETURN_BUTTON;
}
if (is_numeric($sendto) && $sendto > 0) {
$parameters['address_override'] = '1';
$parameters['first_name'] = $order->delivery['firstname'];
$parameters['last_name'] = $order->delivery['lastname'];
$parameters['address1'] = $order->delivery['street_address'];
$parameters['city'] = $order->delivery['city'];
$parameters['state'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$parameters['zip'] = $order->delivery['postcode'];
$parameters['country'] = $order->delivery['country']['iso_code_2'];
} else {
$parameters['no_shipping'] = '1';
$parameters['first_name'] = $order->billing['firstname'];
$parameters['last_name'] = $order->billing['lastname'];
$parameters['address1'] = $order->billing['street_address'];
$parameters['city'] = $order->billing['city'];
$parameters['state'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']);
$parameters['zip'] = $order->billing['postcode'];
$parameters['country'] = $order->billing['country']['iso_code_2'];
}
if (tep_not_null(MODULE_PAYMENT_PAYPAL_STANDARD_PAGE_STYLE)) {
$parameters['page_style'] = MODULE_PAYMENT_PAYPAL_STANDARD_PAGE_STYLE;
}
$item_params = array();
$line_item_no = 1;
foreach ($order->products as $product) {
if (DISPLAY_PRICE_WITH_TAX == 'true') {
$product_price = $this->format_raw($product['final_price'] + tep_calculate_tax($product['final_price'], $product['tax']));
} else {
$product_price = $this->format_raw($product['final_price']);
}
$item_params['item_name_' . $line_item_no] = $product['name'];
$item_params['amount_' . $line_item_no] = $product_price;
$item_params['quantity_' . $line_item_no] = $product['qty'];
$line_item_no++;
}
$items_total = $this->format_raw($order->info['subtotal']);
$has_negative_price = false;
// order totals are processed on checkout confirmation but not captured into a variable
if (is_array($order_total_modules->modules)) {
foreach ($order_total_modules->modules as $value) {
$class = substr($value, 0, strrpos($value, '.'));
if ($GLOBALS[$class]->enabled) {
for ($i = 0, $n = sizeof($GLOBALS[$class]->output); $i < $n; $i++) {
if (tep_not_null($GLOBALS[$class]->output[$i]['title']) && tep_not_null($GLOBALS[$class]->output[$i]['text'])) {
if (!in_array($GLOBALS[$class]->code, array('ot_subtotal', 'ot_shipping', 'ot_tax', 'ot_total'))) {
$item_params['item_name_' . $line_item_no] = $GLOBALS[$class]->output[$i]['title'];
$item_params['amount_' . $line_item_no] = $this->format_raw($GLOBALS[$class]->output[$i]['value']);
$items_total += $item_params['amount_' . $line_item_no];
if ($item_params['amount_' . $line_item_no] < 0) {
$has_negative_price = true;
}
$line_item_no++;
}
}
}
}
}
}
$paypal_item_total = $items_total + $parameters['shipping_1'];
if (DISPLAY_PRICE_WITH_TAX == 'false') {
$item_params['tax_cart'] = $this->format_raw($total_tax);
$paypal_item_total += $item_params['tax_cart'];
}
if ($has_negative_price == false && $this->format_raw($paypal_item_total) == $this->format_raw($order->info['total'])) {
$parameters = array_merge($parameters, $item_params);
} else {
$parameters['tax_cart'] = $this->format_raw($total_tax);
}
if (MODULE_PAYMENT_PAYPAL_STANDARD_EWP_STATUS == 'True') {
$parameters['cert_id'] = MODULE_PAYMENT_PAYPAL_STANDARD_EWP_CERT_ID;
$random_string = rand(100000, 999999) . '-' . $customer_id . '-';
$data = '';
foreach ($parameters as $key => $value) {
$data .= $key . '=' . $value . "\n";
}
$fp = fopen(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt', 'w');
fwrite($fp, $data);
fclose($fp);
unset($data);
if (function_exists('openssl_pkcs7_sign') && function_exists('openssl_pkcs7_encrypt')) {
openssl_pkcs7_sign(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt', MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', file_get_contents(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_PUBLIC_KEY), file_get_contents(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_PRIVATE_KEY), array('From' => MODULE_PAYMENT_PAYPAL_STANDARD_ID), PKCS7_BINARY);
unlink(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt');
// remove headers from the signature
$signed = file_get_contents(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
$signed = explode("\n\n", $signed);
$signed = base64_decode($signed[1]);
$fp = fopen(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', 'w');
fwrite($fp, $signed);
fclose($fp);
unset($signed);
openssl_pkcs7_encrypt(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt', MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt', file_get_contents(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_PAYPAL_KEY), array('From' => MODULE_PAYMENT_PAYPAL_STANDARD_ID), PKCS7_BINARY);
unlink(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
// remove headers from the encrypted result
$data = file_get_contents(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
$data = explode("\n\n", $data);
$data = '-----BEGIN PKCS7-----' . "\n" . $data[1] . "\n" . '-----END PKCS7-----';
unlink(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
} else {
exec(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_OPENSSL . ' smime -sign -in ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt -signer ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_PUBLIC_KEY . ' -inkey ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_PRIVATE_KEY . ' -outform der -nodetach -binary > ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
unlink(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'data.txt');
exec(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_OPENSSL . ' smime -encrypt -des3 -binary -outform pem ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_PAYPAL_KEY . ' < ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt > ' . MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
unlink(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'signed.txt');
$fh = fopen(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt', 'rb');
$data = fread($fh, filesize(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt'));
fclose($fh);
unlink(MODULE_PAYMENT_PAYPAL_STANDARD_EWP_WORKING_DIRECTORY . '/' . $random_string . 'encrypted.txt');
}
$process_button_string = tep_draw_hidden_field('cmd', '_s-xclick') . tep_draw_hidden_field('encrypted', $data);
unset($data);
} else {
foreach ($parameters as $key => $value) {
$process_button_string .= tep_draw_hidden_field($key, $value);
}
}
return $process_button_string;
}
tep_db_query($sql);
// Get Sum of payment (Could have changed since last selects);
$sql = "\n SELECT sum(affiliate_payment) as affiliate_payment\n FROM " . TABLE_AFFILIATE_SALES . " \n WHERE affiliate_id='" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status=99 \n ";
$affiliate_billing_query = tep_db_query($sql);
$affiliate_billing = tep_db_fetch_array($affiliate_billing_query);
// Get affiliate Informations
$sql = "\n SELECT a.*, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id \n from " . TABLE_AFFILIATE . " a \n left join " . TABLE_ZONES . " z on (a.affiliate_zone_id = z.zone_id) \n left join " . TABLE_COUNTRIES . " c on (a.affiliate_country_id = c.countries_id)\n WHERE affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' \n ";
$affiliate_query = tep_db_query($sql);
$affiliate = tep_db_fetch_array($affiliate_query);
// Get need tax informations for the affiliate
$affiliate_tax_rate = tep_get_affiliate_tax_rate(AFFILIATE_TAX_ID, $affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id']);
$affiliate_tax = tep_round($affiliate_billing['affiliate_payment'] * $affiliate_tax_rate / 100, 2);
// Netto-Provision
$affiliate_payment_total = $affiliate_billing['affiliate_payment'] + $affiliate_tax;
// Bill the order
$affiliate['affiliate_state'] = tep_get_zone_code($affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id'], $affiliate['affiliate_state']);
$sql_data_array = array('affiliate_id' => $affiliate_payment['affiliate_id'], 'affiliate_payment' => $affiliate_billing['affiliate_payment'], 'affiliate_payment_tax' => $affiliate_tax, 'affiliate_payment_total' => $affiliate_payment_total, 'affiliate_payment_date' => 'now()', 'affiliate_payment_status' => '0', 'affiliate_firstname' => $affiliate['affiliate_firstname'], 'affiliate_lastname' => $affiliate['affiliate_lastname'], 'affiliate_street_address' => $affiliate['affiliate_street_address'], 'affiliate_suburb' => $affiliate['affiliate_suburb'], 'affiliate_city' => $affiliate['affiliate_city'], 'affiliate_country' => $affiliate['countries_name'], 'affiliate_postcode' => $affiliate['affiliate_postcode'], 'affiliate_company' => $affiliate['affiliate_company'], 'affiliate_state' => $affiliate['affiliate_state'], 'affiliate_address_format_id' => $affiliate['address_format_id']);
tep_db_perform(TABLE_AFFILIATE_PAYMENT, $sql_data_array);
$insert_id = tep_db_insert_id();
// Set the Sales to Final State
tep_db_query("update " . TABLE_AFFILIATE_SALES . " set affiliate_payment_id = '" . $insert_id . "', affiliate_billing_status = 1, affiliate_payment_date = now() where affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status = 99");
// Notify Affiliate
if (AFFILIATE_NOTIFY_AFTER_BILLING == 'true') {
$check_status_query = tep_db_query("select af.affiliate_email_address, ap.affiliate_lastname, ap.affiliate_firstname, ap.affiliate_payment_status, ap.affiliate_payment_date, ap.affiliate_payment_date from " . TABLE_AFFILIATE_PAYMENT . " ap, " . TABLE_AFFILIATE . " af where affiliate_payment_id = '" . $insert_id . "' and af.affiliate_id = ap.affiliate_id ");
$check_status = tep_db_fetch_array($check_status_query);
$email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_AFFILIATE_PAYMENT_NUMBER . ' ' . $insert_id . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . tep_catalog_href_link(FILENAME_CATALOG_AFFILIATE_PAYMENT_INFO, 'payment_id=' . $insert_id, 'SSL') . "\n" . EMAIL_TEXT_PAYMENT_BILLED . ' ' . tep_date_long($check_status['affiliate_payment_date']) . "\n\n" . EMAIL_TEXT_NEW_PAYMENT;
tep_mail($check_status['affiliate_firstname'] . ' ' . $check_status['affiliate_lastname'], $check_status['affiliate_email_address'], EMAIL_TEXT_SUBJECT, nl2br($email), STORE_OWNER, AFFILIATE_EMAIL_ADDRESS);
}
}
$messageStack->add_session(SUCCESS_BILLING, 'success');
tep_redirect(tep_href_link(FILENAME_AFFILIATE_PAYMENT, tep_get_all_get_params(array('action')) . 'action=edit'));
function before_process()
{
global $HTTP_POST_VARS, $order, $sendto;
if (isset($HTTP_POST_VARS['cc_owner_firstname']) && !empty($HTTP_POST_VARS['cc_owner_firstname']) && isset($HTTP_POST_VARS['cc_owner_lastname']) && !empty($HTTP_POST_VARS['cc_owner_lastname']) && isset($HTTP_POST_VARS['cc_type']) && isset($this->cc_types[$HTTP_POST_VARS['cc_type']]) && isset($HTTP_POST_VARS['cc_number_nh-dns']) && !empty($HTTP_POST_VARS['cc_number_nh-dns'])) {
if (MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_TRANSACTION_SERVER == 'Live') {
$api_url = 'https://payflowpro.verisign.com/transaction';
} else {
$api_url = 'https://pilot-payflowpro.verisign.com/transaction';
}
$name = explode(' ', $HTTP_POST_VARS['cc_owner'], 2);
$params = array('USER' => tep_not_null(MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_USERNAME) ? MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_USERNAME : MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_VENDOR, 'VENDOR' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_VENDOR, 'PARTNER' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_PARTNER, 'PWD' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_PASSWORD, 'TENDER' => 'C', 'TRXTYPE' => MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_TRANSACTION_METHOD == 'Sale' ? 'S' : 'A', 'AMT' => $this->format_raw($order->info['total']), 'CURRENCY' => $order->info['currency'], 'FIRSTNAME' => $HTTP_POST_VARS['cc_owner_firstname'], 'LASTNAME' => $HTTP_POST_VARS['cc_owner_lastname'], 'STREET' => $order->billing['street_address'], 'CITY' => $order->billing['city'], 'STATE' => tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), 'COUNTRY' => $order->billing['country']['iso_code_2'], 'ZIP' => $order->billing['postcode'], 'CLIENTIP' => tep_get_ip_address(), 'EMAIL' => $order->customer['email_address'], 'ACCT' => $HTTP_POST_VARS['cc_number_nh-dns'], 'ACCTTYPE' => $HTTP_POST_VARS['cc_type'], 'CARDSTART' => $HTTP_POST_VARS['cc_starts_month'] . $HTTP_POST_VARS['cc_starts_year'], 'EXPDATE' => $HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year'], 'CVV2' => $HTTP_POST_VARS['cc_cvc_nh-dns'], 'BUTTONSOURCE' => 'osCommerce22_Default_PRO2DP');
if ($HTTP_POST_VARS['cc_type'] == '9' || $HTTP_POST_VARS['cc_type'] == 'S') {
$params['CARDISSUE'] = $HTTP_POST_VARS['cc_issue_nh-dns'];
}
if (is_numeric($sendto) && $sendto > 0) {
$params['SHIPTOFIRSTNAME'] = $order->delivery['firstname'];
$params['SHIPTOLASTNAME'] = $order->delivery['lastname'];
$params['SHIPTOSTREET'] = $order->delivery['street_address'];
$params['SHIPTOCITY'] = $order->delivery['city'];
$params['SHIPTOSTATE'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['SHIPTOCOUNTRY'] = $order->delivery['country']['iso_code_2'];
$params['SHIPTOZIP'] = $order->delivery['postcode'];
}
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '[' . strlen(urlencode(utf8_encode(trim($value)))) . ']=' . urlencode(utf8_encode(trim($value))) . '&';
}
$post_string = substr($post_string, 0, -1);
$response = $this->sendTransactionToGateway($api_url, $post_string, array('X-VPS-REQUEST-ID: ' . md5($cartID . tep_session_id() . rand())));
$response_array = array();
parse_str($response, $response_array);
if ($response_array['RESULT'] != '0') {
switch ($response_array['RESULT']) {
case '1':
case '26':
$error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_CFG_ERROR;
break;
case '7':
$error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_ADDRESS;
break;
case '12':
$error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_DECLINED;
break;
case '23':
case '24':
$error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_INVALID_CREDIT_CARD;
break;
default:
$error_message = MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_GENERAL;
break;
}
tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_message=' . urlencode($error_message), 'SSL'));
}
} else {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_CONFIRMATION, 'error_message=' . MODULE_PAYMENT_PAYPAL_PRO_PAYFLOW_DP_ERROR_ALL_FIELDS_REQUIRED, 'SSL'));
}
}
function before_process()
{
global $sagepay_server_transaction_details, $order, $order_totals;
$OSCOM_Db = Registry::get('Db');
$sagepay_server_transaction_details = null;
$error = null;
if (isset($_GET['check']) && $_GET['check'] == 'PROCESS') {
if (isset($_GET['skcode']) && isset($_SESSION['sagepay_server_skey_code']) && $_GET['skcode'] == $_SESSION['sagepay_server_skey_code']) {
$skcode = HTML::sanitize($_GET['skcode']);
$Qsp = $OSCOM_Db->get('sagepay_server_securitykeys', ['verified', 'transaction_details'], ['code' => $skcode], null, 1);
if ($Qsp->fetch() !== false) {
unset($_SESSION['sagepay_server_skey_code']);
$OSCOM_Db->delete('sagepay_server_securitykeys', ['code' => $skcode]);
if ($Qsp->value('verified') == '1') {
$sagepay_server_transaction_details = $Qsp->value('transaction_details');
return true;
}
}
}
} else {
if (!isset($_SESSION['sagepay_server_skey_code'])) {
$_SESSION['sagepay_server_skey_code'] = tep_create_random_value(16);
}
$params = array('VPSProtocol' => $this->api_version, 'ReferrerID' => 'C74D7B82-E9EB-4FBD-93DB-76F0F551C802', 'Vendor' => substr(MODULE_PAYMENT_SAGE_PAY_SERVER_VENDOR_LOGIN_NAME, 0, 15), 'VendorTxCode' => substr(date('YmdHis') . '-' . $_SESSION['customer_id'] . '-' . $_SESSION['cartID'], 0, 40), 'Amount' => $this->format_raw($order->info['total']), 'Currency' => $_SESSION['currency'], 'Description' => substr(STORE_NAME, 0, 100), 'NotificationURL' => $this->formatURL(OSCOM::link('ext/modules/payment/sage_pay/server.php', 'check=SERVER&skcode=' . $_SESSION['sagepay_server_skey_code'], 'SSL', false)), 'BillingSurname' => substr($order->billing['lastname'], 0, 20), 'BillingFirstnames' => substr($order->billing['firstname'], 0, 20), 'BillingAddress1' => substr($order->billing['street_address'], 0, 100), 'BillingCity' => substr($order->billing['city'], 0, 40), 'BillingPostCode' => substr($order->billing['postcode'], 0, 10), 'BillingCountry' => $order->billing['country']['iso_code_2'], 'BillingPhone' => substr($order->customer['telephone'], 0, 20), 'DeliverySurname' => substr($order->delivery['lastname'], 0, 20), 'DeliveryFirstnames' => substr($order->delivery['firstname'], 0, 20), 'DeliveryAddress1' => substr($order->delivery['street_address'], 0, 100), 'DeliveryCity' => substr($order->delivery['city'], 0, 40), 'DeliveryPostCode' => substr($order->delivery['postcode'], 0, 10), 'DeliveryCountry' => $order->delivery['country']['iso_code_2'], 'DeliveryPhone' => substr($order->customer['telephone'], 0, 20), 'CustomerEMail' => substr($order->customer['email_address'], 0, 255), 'Apply3DSecure' => '0');
$ip_address = tep_get_ip_address();
if (ip2long($ip_address) != -1 && ip2long($ip_address) != false) {
$params['ClientIPAddress'] = $ip_address;
}
if (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_METHOD == 'Payment') {
$params['TxType'] = 'PAYMENT';
} elseif (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_METHOD == 'Deferred') {
$params['TxType'] = 'DEFERRED';
} else {
$params['TxType'] = 'AUTHENTICATE';
}
if ($params['BillingCountry'] == 'US') {
$params['BillingState'] = tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], '');
}
if ($params['DeliveryCountry'] == 'US') {
$params['DeliveryState'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], '');
}
if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE != 'Normal') {
$params['Profile'] = 'LOW';
}
$contents = array();
foreach ($order->products as $product) {
$product_name = $product['name'];
if (isset($product['attributes'])) {
foreach ($product['attributes'] as $att) {
$product_name .= '; ' . $att['option'] . '=' . $att['value'];
}
}
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', $product_name) . ':' . $product['qty'] . ':' . $this->format_raw($product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price']) . ':' . $this->format_raw($product['tax'] / 100 * $product['final_price'] + $product['final_price']) . ':' . $this->format_raw(($product['tax'] / 100 * $product['final_price'] + $product['final_price']) * $product['qty']);
}
foreach ($order_totals as $ot) {
$contents[] = str_replace(array(':', "\n", "\r", '&'), '', strip_tags($ot['title'])) . ':---:---:---:---:' . $this->format_raw($ot['value']);
}
$params['Basket'] = substr(sizeof($contents) . ':' . implode(':', $contents), 0, 7500);
$post_string = '';
foreach ($params as $key => $value) {
$post_string .= $key . '=' . urlencode(trim($value)) . '&';
}
if (MODULE_PAYMENT_SAGE_PAY_SERVER_TRANSACTION_SERVER == 'Live') {
$gateway_url = 'https://live.sagepay.com/gateway/service/vspserver-register.vsp';
} else {
$gateway_url = 'https://test.sagepay.com/gateway/service/vspserver-register.vsp';
}
$transaction_response = $this->sendTransactionToGateway($gateway_url, $post_string);
$string_array = explode(chr(10), $transaction_response);
$return = array();
foreach ($string_array as $string) {
if (strpos($string, '=') != false) {
$parts = explode('=', $string, 2);
$return[trim($parts[0])] = trim($parts[1]);
}
}
if ($return['Status'] == 'OK') {
$Qsp = $OSCOM_Db->get('sagepay_server_securitykeys', ['id', 'securitykey'], ['code' => $_SESSION['sagepay_server_skey_code']], null, 1);
if ($Qsp->fetch() !== false) {
if ($Qsp->value('securitykey') != $return['SecurityKey']) {
$OSCOM_Db->save('sagepay_server_securitykeys', ['securitykey' => $return['SecurityKey'], 'date_added' => 'now()'], ['id' => $Qsp->valueInt('id')]);
}
} else {
$OSCOM_Db->save('sagepay_server_securitykeys', ['code' => $_SESSION['sagepay_server_skey_code'], 'securitykey' => $return['SecurityKey'], 'date_added' => 'now()']);
}
if (MODULE_PAYMENT_SAGE_PAY_SERVER_PROFILE_PAGE == 'Normal') {
HTTP::redirect($return['NextURL']);
} else {
$_SESSION['sage_pay_server_nexturl'] = $return['NextURL'];
OSCOM::redirect('ext/modules/payment/sage_pay/checkout.php', '', 'SSL');
}
} else {
$error = $this->getErrorMessageNumber($return['StatusDetail']);
$this->sendDebugEmail($return);
}
}
OSCOM::redirect('checkout_payment.php', 'payment_error=' . $this->code . (tep_not_null($error) ? '&error=' . $error : ''), 'SSL');
}
function tep_address_format($address_format_id, $address, $html, $boln, $eoln)
{
$address_format_query = tep_db_query("select address_format as format from " . TABLE_ADDRESS_FORMAT . " where address_format_id = '" . (int) $address_format_id . "'");
$address_format = tep_db_fetch_array($address_format_query);
$company = tep_output_string_protected($address['company']);
if (isset($address['firstname']) && tep_not_null($address['firstname'])) {
$firstname = tep_output_string_protected($address['firstname']);
$lastname = tep_output_string_protected($address['lastname']);
} elseif (isset($address['name']) && tep_not_null($address['name'])) {
$firstname = tep_output_string_protected($address['name']);
$lastname = '';
} else {
$firstname = '';
$lastname = '';
}
$street = tep_output_string_protected($address['street_address']);
$suburb = tep_output_string_protected($address['suburb']);
$city = tep_output_string_protected($address['city']);
$state = tep_output_string_protected($address['state']);
if (isset($address['country_id']) && tep_not_null($address['country_id'])) {
$country = tep_get_country_name($address['country_id']);
if (isset($address['zone_id']) && tep_not_null($address['zone_id'])) {
$state = tep_get_zone_code($address['country_id'], $address['zone_id'], $state);
}
} elseif (isset($address['country']) && tep_not_null($address['country'])) {
$country = tep_output_string_protected($address['country']);
} else {
$country = '';
}
$postcode = tep_output_string_protected($address['postcode']);
$zip = $postcode;
if ($html) {
// HTML Mode
$HR = '<hr />';
$hr = '<hr />';
if ($boln == '' && $eoln == "\n") {
// Values not specified, use rational defaults
$CR = '<br />';
$cr = '<br />';
$eoln = $cr;
} else {
// Use values supplied
$CR = $eoln . $boln;
$cr = $CR;
}
} else {
// Text Mode
$CR = $eoln;
$cr = $CR;
$HR = '----------------------------------------';
$hr = '----------------------------------------';
}
$statecomma = '';
$streets = $street;
if ($suburb != '') {
$streets = $street . $cr . $suburb;
}
if ($country == '') {
$country = tep_output_string_protected($address['country']);
}
if ($state != '') {
$statecomma = $state . ', ';
}
$fmt = $address_format['format'];
eval("\$address = \"{$fmt}\";");
if (ACCOUNT_COMPANY == 'true' && tep_not_null($company)) {
$address = $company . $cr . $address;
}
return $address;
}
function confirmation()
{
global $cartID, $cart_PayPal_Pro_HS_ID, $customer_id, $languages_id, $order, $order_total_modules, $currency, $sendto, $pphs_result, $pphs_key;
$pphs_result = array();
if (tep_session_is_registered('cartID')) {
$insert_order = false;
if (tep_session_is_registered('cart_PayPal_Pro_HS_ID')) {
$order_id = substr($cart_PayPal_Pro_HS_ID, strpos($cart_PayPal_Pro_HS_ID, '-') + 1);
$curr_check = tep_db_query("select currency from orders where orders_id = '" . (int) $order_id . "'");
$curr = tep_db_fetch_array($curr_check);
if ($curr['currency'] != $order->info['currency'] || $cartID != substr($cart_PayPal_Pro_HS_ID, 0, strlen($cartID))) {
$check_query = tep_db_query('select orders_id from orders_status_history where orders_id = "' . (int) $order_id . '" limit 1');
if (tep_db_num_rows($check_query) < 1) {
tep_db_query('delete from orders where orders_id = "' . (int) $order_id . '"');
tep_db_query('delete from orders_total where orders_id = "' . (int) $order_id . '"');
tep_db_query('delete from orders_status_history where orders_id = "' . (int) $order_id . '"');
tep_db_query('delete from orders_products where orders_id = "' . (int) $order_id . '"');
tep_db_query('delete from orders_products_attributes where orders_id = "' . (int) $order_id . '"');
tep_db_query('delete from orders_products_download where orders_id = "' . (int) $order_id . '"');
}
$insert_order = true;
}
} else {
$insert_order = true;
}
if ($insert_order == true) {
$order_totals = array();
if (is_array($order_total_modules->modules)) {
foreach ($order_total_modules->modules as $value) {
$class = substr($value, 0, strrpos($value, '.'));
if ($GLOBALS[$class]->enabled) {
for ($i = 0, $n = sizeof($GLOBALS[$class]->output); $i < $n; $i++) {
if (tep_not_null($GLOBALS[$class]->output[$i]['title']) && tep_not_null($GLOBALS[$class]->output[$i]['text'])) {
$order_totals[] = array('code' => $GLOBALS[$class]->code, 'title' => $GLOBALS[$class]->output[$i]['title'], 'text' => $GLOBALS[$class]->output[$i]['text'], 'value' => $GLOBALS[$class]->output[$i]['value'], 'sort_order' => $GLOBALS[$class]->sort_order);
}
}
}
}
}
$sql_data_array = array('customers_id' => $customer_id, 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'], 'customers_company' => $order->customer['company'], 'customers_street_address' => $order->customer['street_address'], 'customers_suburb' => $order->customer['suburb'], 'customers_city' => $order->customer['city'], 'customers_postcode' => $order->customer['postcode'], 'customers_state' => $order->customer['state'], 'customers_country' => $order->customer['country']['title'], 'customers_telephone' => $order->customer['telephone'], 'customers_email_address' => $order->customer['email_address'], 'customers_address_format_id' => $order->customer['format_id'], 'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], 'delivery_company' => $order->delivery['company'], 'delivery_street_address' => $order->delivery['street_address'], 'delivery_suburb' => $order->delivery['suburb'], 'delivery_city' => $order->delivery['city'], 'delivery_postcode' => $order->delivery['postcode'], 'delivery_state' => $order->delivery['state'], 'delivery_country' => $order->delivery['country']['title'], 'delivery_address_format_id' => $order->delivery['format_id'], 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'], 'billing_company' => $order->billing['company'], 'billing_street_address' => $order->billing['street_address'], 'billing_suburb' => $order->billing['suburb'], 'billing_city' => $order->billing['city'], 'billing_postcode' => $order->billing['postcode'], 'billing_state' => $order->billing['state'], 'billing_country' => $order->billing['country']['title'], 'billing_address_format_id' => $order->billing['format_id'], 'payment_method' => $order->info['payment_method'], 'cc_type' => $order->info['cc_type'], 'cc_owner' => $order->info['cc_owner'], 'cc_number' => $order->info['cc_number'], 'cc_expires' => $order->info['cc_expires'], 'date_purchased' => 'now()', 'orders_status' => $order->info['order_status'], 'currency' => $order->info['currency'], 'currency_value' => $order->info['currency_value']);
tep_db_perform('orders', $sql_data_array);
$insert_id = tep_db_insert_id();
for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) {
$sql_data_array = array('orders_id' => $insert_id, 'title' => $order_totals[$i]['title'], 'text' => $order_totals[$i]['text'], 'value' => $order_totals[$i]['value'], 'class' => $order_totals[$i]['code'], 'sort_order' => $order_totals[$i]['sort_order']);
tep_db_perform('orders_total', $sql_data_array);
}
for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) {
$sql_data_array = array('orders_id' => $insert_id, 'products_id' => tep_get_prid($order->products[$i]['id']), 'products_model' => $order->products[$i]['model'], 'products_name' => $order->products[$i]['name'], 'products_price' => $order->products[$i]['price'], 'final_price' => $order->products[$i]['final_price'], 'products_tax' => $order->products[$i]['tax'], 'products_quantity' => $order->products[$i]['qty']);
tep_db_perform('orders_products', $sql_data_array);
$order_products_id = tep_db_insert_id();
$attributes_exist = '0';
if (isset($order->products[$i]['attributes'])) {
$attributes_exist = '1';
for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) {
if (DOWNLOAD_ENABLED == 'true') {
$attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename\n from products_options popt, products_options_values poval, products_attributes pa\n left join products_attributes_download pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $languages_id . "'\n and poval.language_id = '" . $languages_id . "'";
$attributes = tep_db_query($attributes_query);
} else {
$attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from products_options popt, products_options_values poval, products_attributes pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'");
}
$attributes_values = tep_db_fetch_array($attributes);
$sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values['products_options_name'], 'products_options_values' => $attributes_values['products_options_values_name'], 'options_values_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']);
tep_db_perform('orders_products_attributes', $sql_data_array);
if (DOWNLOAD_ENABLED == 'true' && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) {
$sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount']);
tep_db_perform('orders_products_download', $sql_data_array);
}
}
}
}
$cart_PayPal_Pro_HS_ID = $cartID . '-' . $insert_id;
tep_session_register('cart_PayPal_Pro_HS_ID');
}
$order_id = substr($cart_PayPal_Pro_HS_ID, strpos($cart_PayPal_Pro_HS_ID, '-') + 1);
$params = array('buyer_email' => $order->customer['email_address'], 'cancel_return' => tep_href_link('checkout_payment.php', '', 'SSL'), 'currency_code' => $currency, 'invoice' => $order_id, 'custom' => $customer_id, 'paymentaction' => OSCOM_APP_PAYPAL_HS_TRANSACTION_METHOD == '1' ? 'sale' : 'authorization', 'return' => tep_href_link('checkout_process.php', '', 'SSL'), 'notify_url' => tep_href_link('ext/modules/payment/paypal/pro_hosted_ipn.php', '', 'SSL', false, false), 'shipping' => $this->_app->formatCurrencyRaw($order->info['shipping_cost']), 'tax' => $this->_app->formatCurrencyRaw($order->info['tax']), 'subtotal' => $this->_app->formatCurrencyRaw($order->info['total'] - $order->info['shipping_cost'] - $order->info['tax']), 'billing_first_name' => $order->billing['firstname'], 'billing_last_name' => $order->billing['lastname'], 'billing_address1' => $order->billing['street_address'], 'billing_city' => $order->billing['city'], 'billing_state' => tep_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), 'billing_zip' => $order->billing['postcode'], 'billing_country' => $order->billing['country']['iso_code_2'], 'night_phone_b' => $order->customer['telephone'], 'template' => 'templateD', 'item_name' => STORE_NAME, 'showBillingAddress' => 'false', 'showShippingAddress' => 'false', 'showHostedThankyouPage' => 'false');
if (is_numeric($sendto) && $sendto > 0) {
$params['address_override'] = 'true';
$params['first_name'] = $order->delivery['firstname'];
$params['last_name'] = $order->delivery['lastname'];
$params['address1'] = $order->delivery['street_address'];
$params['city'] = $order->delivery['city'];
$params['state'] = tep_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']);
$params['zip'] = $order->delivery['postcode'];
$params['country'] = $order->delivery['country']['iso_code_2'];
}
$return_link_title = $this->_app->getDef('module_hs_button_return_to_store', array('storename' => STORE_NAME));
if (strlen($return_link_title) <= 60) {
$params['cbt'] = $return_link_title;
}
$pphs_result = $this->_app->getApiResult('APP', 'BMCreateButton', $params, OSCOM_APP_PAYPAL_HS_STATUS == '1' ? 'live' : 'sandbox');
if (!tep_session_is_registered('pphs_result')) {
tep_session_register('pphs_result');
}
}
$pphs_key = tep_create_random_value(16);
if (!tep_session_is_registered('pphs_key')) {
tep_session_register('pphs_key');
}
$iframe_url = tep_href_link('ext/modules/payment/paypal/hosted_checkout.php', 'key=' . $pphs_key, 'SSL');
$form_url = tep_href_link('checkout_payment.php', 'payment_error=paypal_pro_hs', 'SSL');
// include jquery if it doesn't exist in the template
$output = <<<EOD
<iframe src="{$iframe_url}" width="570px" height="540px" frameBorder="0" scrolling="no"></iframe>
<script>
if ( typeof jQuery == 'undefined' ) {
document.write('<scr' + 'ipt src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></scr' + 'ipt>');
}
</script>
<script>
\$(function() {
\$('form[name="checkout_confirmation"] input[type="submit"], form[name="checkout_confirmation"] input[type="image"], form[name="checkout_confirmation"] button[type="submit"]').hide();
\$('form[name="checkout_confirmation"]').attr('action', '{$form_url}');
});
</script>
EOD;
$confirmation = array('title' => $output);
return $confirmation;
}
