/** * Checks if this is a fastcheckout notification */ public function isFCONotification($transId) { $storeId = Mage::app()->getStore()->getStoreId(); $config = Mage::getStoreConfig('mspcheckout/settings', $storeId); $msp = new MultiSafepay(); $msp->test = $config["test_api"] == 'test'; $msp->merchant['account_id'] = $config["account_id"]; $msp->merchant['site_id'] = $config["site_id"]; $msp->merchant['site_code'] = $config["secure_code"]; $msp->transaction['id'] = $transId; if ($msp->getStatus() == false) { //Mage::log("Error while getting status.", null, "multisafepay.log"); } else { //Mage::log("Got status: ".$msp->details['ewallet']['fastcheckout'], null, "multisafepay.log"); return $msp->details['ewallet']['fastcheckout'] == "YES"; } }
/** * Status notification */ public function notificationAction($return = false) { $orderId = $this->getRequest()->getQuery('transactionid'); $initial = $this->getRequest()->getQuery('type') == 'initial' ? true : false; $transactionid = $this->getRequest()->getQuery('transactionid'); // Check if this is a fastcheckout notification and redirect //check if FCO transaction $storeId = Mage::app()->getStore()->getStoreId(); $config = Mage::getStoreConfig('mspcheckout' . "/settings", $storeId); if (isset($config["account_id"])) { $msp = new MultiSafepay(); $msp->test = $config["test_api"] == 'test'; $msp->merchant['account_id'] = $config["account_id"]; $msp->merchant['site_id'] = $config["site_id"]; $msp->merchant['site_code'] = $config["secure_code"]; $msp->transaction['id'] = $transactionid; if ($msp->getStatus() == false) { //Mage::log("Error while getting status.", null, "multisafepay.log"); } else { if ($msp->details['ewallet']['fastcheckout'] == "YES") { $transactionid = $this->getRequest()->getQuery('transactionid'); $initial = $this->getRequest()->getQuery('type') == 'initial' ? true : false; $checkout = Mage::getModel("msp/checkout"); $done = $checkout->notification($transactionid, $initial); if ($initial) { $returnUrl = Mage::getUrl("msp/checkout/return", array("_secure" => true)) . '?transactionid=' . $transactionid; $storeId = Mage::getModel('sales/quote')->load($transactionid)->getStoreId(); $storeName = Mage::app()->getGroup($storeId)->getName(); // display return message echo 'Return to <a href="' . $returnUrl . '?transactionid=' . $orderId . '">' . $storeName . '</a>'; } else { if ($done) { echo 'ok'; } else { echo 'ng'; } } exit; } } } $paymentModel = Mage::getSingleton("msp/" . $this->getGatewayModel()); $done = $paymentModel->notification($orderId, $initial); if (!$return) { if ($initial) { $returnUrl = $paymentModel->getReturnUrl(); $order = Mage::getSingleton('sales/order')->loadByIncrementId($orderId); $storename = $order->getStoreGroupName(); // display return message $this->getResponse()->setBody('Return to <a href="' . $returnUrl . '?transactionid=' . $orderId . '">' . $storename . '</a>'); } else { if ($done) { $this->getResponse()->setBody('ok'); } else { $this->getResponse()->setBody('ng'); } } } else { return true; } }
function handle_multisafepay_ipn() { ob_end_clean(); ini_set('display_errors', false); include 'MultiSafepay.combined.php'; $msp = new MultiSafepay(); // transaction id (same as the transaction->id given in the transaction request) $transactionid = isset($_GET['transactionid']) ? $_GET['transactionid'] : false; if (!$transactionid) { send_error('No MultiSafepay transaction ID'); } $multisafepay_bits = explode("|", $transactionid); $user_id = $multisafepay_bits[0]; $payment_id = (int) $multisafepay_bits[1]; $invoice_id = (int) $multisafepay_bits[2]; //send_error('bad?'); //send_error($payment_id.' multisafepay IPN check started',var_export($_REQUEST,true)); if ($payment_id && $invoice_id) { $hash = $this->multisafepay_custom($user_id, $payment_id, $invoice_id); if ($hash != $transactionid) { send_error("Multisafepay IPN Error (incorrect hash)"); exit; } $user_id = (int) $user_id; // sometimes userid is '' $paymetn_history = get_single('invoice_payment', 'invoice_payment_id', $payment_id); if (!$paymetn_history) { send_error("Unknown Multisafe Payment - maybe a history was deleted?"); exit; } // (notify.php?type=initial is used as notification_url and should output a link) $initial = isset($_GET['type']) && $_GET['type'] == "initial"; /* * Merchant Settings */ // $msp->test = MSP_TEST_API; // $msp->merchant['account_id'] = MSP_ACCOUNT_ID; // $msp->merchant['site_id'] = MSP_SITE_ID; // $msp->merchant['site_code'] = MSP_SITE_CODE; $msp->test = self::is_sandbox(); $msp->merchant['account_id'] = module_config::c('payment_method_multisafepay_account', ''); $msp->merchant['site_id'] = module_config::c('payment_method_multisafepay_site_id', ''); $msp->merchant['site_code'] = module_config::c('payment_method_multisafepay_side_code', ''); /* * Transaction Details */ $msp->transaction['id'] = $transactionid; // returns the status $status = $msp->getStatus(); if ($msp->error && !$initial) { // only show error if we dont need to display the link echo "Error " . $msp->error_code . ": " . $msp->error; exit; } //send_error($payment_id.' MultiSafepay Status of '.$status,var_export($_REQUEST,true)); $payment_history_data = isset($paymetn_history['data']) && strlen($paymetn_history['data']) ? unserialize($paymetn_history['data']) : array(); if (!is_array($payment_history_data)) { $payment_history_data = array(); } if (!isset($payment_history_data['log'])) { $payment_history_data['log'] = array(); } $payment_history_data['log'][] = 'Payment ' . $status . ' at ' . print_date(time(), true); update_insert("invoice_payment_id", $payment_id, "invoice_payment", array('data' => serialize($payment_history_data))); switch ($status) { case "initialized": // waiting break; case "completed": // payment complete update_insert("invoice_payment_id", $payment_id, "invoice_payment", array('date_paid' => date('Y-m-d'), 'method' => 'MultiSafepay')); module_invoice::save_invoice($invoice_id, array()); break; case "uncleared": // waiting (credit cards or direct debit) break; case "void": // canceled break; case "declined": // declined break; case "refunded": // refunded send_error("Multisafepay Error! The payment {$payment_id} has been refunded or reversed! BAD BAD! You have to follup up customer for money manually now."); break; case "expired": // expired break; default: } if ($initial) { // displayed at the last page of the transaction proces (if no redirect_url is set) echo '<a href="' . module_invoice::link_public($invoice_id) . '">Return to Invoice</a>'; } else { // link to notify.php for MultiSafepay back-end (for delayed payment notifications) // backend expects an "ok" if no error occurred echo "ok"; } } else { send_error('No bits in transaction id'); } exit; $multisafepay_bits = explode("|", $_REQUEST['custom']); $user_id = (int) $multisafepay_bits[0]; $payment_id = (int) $multisafepay_bits[1]; $invoice_id = (int) $multisafepay_bits[2]; //send_error('bad?'); if ($user_id && $payment_id && $invoice_id) { $hash = $this->multisafepay_custom($user_id, $payment_id, $invoice_id); if ($hash != $_REQUEST['custom']) { send_error("Multisafepay IPN Error (incorrect hash)"); exit; } $sql = "SELECT * FROM `" . _DB_PREFIX . "user` WHERE user_id = '{$user_id}' LIMIT 1"; $res = qa($sql); if ($res) { $user = array_shift($res); if ($user && $user['user_id'] == $user_id) { // check for payment exists $payment = module_invoice::get_invoice_payment($payment_id); $invoice = module_invoice::get_invoice($invoice_id); if ($payment && $invoice) { $invoice_currency = module_config::get_currency($invoice['currency_id']); $invoice_currency_code = $invoice_currency['code']; // check correct business if (!$_REQUEST['business'] && $_REQUEST['receiver_email']) { $_REQUEST['business'] = $_REQUEST['receiver_email']; } if ($_REQUEST['business'] != module_config::c('payment_method_multisafepay_email', _ERROR_EMAIL)) { send_error('Multisafepay error! Paid the wrong business name. ' . $_REQUEST['business'] . ' instead of ' . module_config::c('payment_method_multisafepay_email', _ERROR_EMAIL)); exit; } // check correct currency if ($invoice_currency_code && $_REQUEST['mc_currency'] != $invoice_currency_code) { send_error('Multisafepay error! Paid the wrong currency code. ' . $_REQUEST['mc_currency'] . ' instead of ' . $invoice_currency_code); exit; } if ($_REQUEST['payment_status'] == "Canceled_Reversal" || $_REQUEST['payment_status'] == "Refunded") { // funky refund!! oh noes!! // TODO: store this in the database as a negative payment... should be easy. // populate $_REQUEST vars then do something like $payment_history_id = update_insert("payment_history_id","new","payment_history"); send_error("Multisafepay Error! The payment {$payment_id} has been refunded or reversed! BAD BAD! You have to follup up customer for money manually now."); } else { if ($_REQUEST['payment_status'] == "Completed") { // payment is completed! yeye getting closer... switch ($_REQUEST['txn_type']) { case "web_accept": // running in multisafepay sandbox or not? //$sandbox = (self::is_sandbox())?"sandbox.":''; // quick check we're not getting a fake payment request. $url = 'https://www.' . (self::is_sandbox() ? 'sandbox.' : '') . 'multisafepay.com/cgi-bin/webscr'; $result = self::fsockPost($url, $_POST); //send_error('multisafepay sock post: '.$url."\n\n".var_export($result,true)); if (eregi("VERIFIED", $result)) { // finally have everything. // mark the payment as completed. update_insert("invoice_payment_id", $payment_id, "invoice_payment", array('date_paid' => date('Y-m-d'), 'amount' => $_REQUEST['mc_gross'], 'method' => 'Multisafepay (IPN)')); module_invoice::save_invoice($invoice_id, array()); echo "Successful Payment!"; } else { send_error("Multisafepay IPN Error (multisafepay rejected the payment!) " . var_export($result, true)); } break; case "subscr_signup": default: // TODO: support different payment methods later? like a monthly hosting fee.. send_error("Multisafepay IPN Error (we dont currently support this payment method: " . $_REQUEST['txn_type'] . ")"); break; } } else { send_error("Multisafepay info: This payment is not yet completed, this usually means it's an e-cheque, follow it up in a few days if you dont hear anything. This also means you may have to login to multisafepay and 'Accept' the payment. So check there first."); } } } else { send_error("Multisafepay IPN Error (no payment found in database!)"); } } else { send_error("Multisafepay IPN Error (error with user that was found in database..)"); } } else { send_error("Multisafepay IPN Error (no user found in database #1)"); } } else { send_error("Multisafepay IPN Error (no user id found)"); } exit; }