<?php require 'includes/application_top.php'; require DIR_WS_MODULES . 'payment/libwebtopay/WebToPay.php'; $query = tep_db_query("SELECT configuration_value FROM " . TABLE_CONFIGURATION . " WHERE `configuration_key` = 'MODULE_PAYMENT_PAYSERA_PROJECT_ID'"); $data = tep_db_fetch_array($query); $projectID = $data['configuration_value']; $query = tep_db_query("SELECT configuration_value FROM " . TABLE_CONFIGURATION . " WHERE `configuration_key` = 'MODULE_PAYMENT_PAYSERA_PROJECT_PASS'"); $data = tep_db_fetch_array($query); $projectPass = $data['configuration_value']; try { WebToPay::toggleSS2(true); $response = WebToPay::checkResponse($_REQUEST, array('projectid' => $projectID, 'sign_password' => $projectPass)); if ($response['status'] == 1) { $orderID = $response['orderid']; $query = tep_db_query("SELECT `value` FROM " . TABLE_ORDERS_TOTAL . " WHERE orders_id = '" . $orderID . "'"); $amount = tep_db_fetch_array($query); $query = tep_db_query("SELECT `currency` FROM " . TABLE_ORDERS . " WHERE orders_id = '" . $orderID . "'"); $currency = tep_db_fetch_array($query); $Order = array('currency' => $currency['currency'], 'total' => $amount['value']); if ($response['amount'] < intval(number_format($Order['total'], 2, '', ''))) { exit('Bad amount!'); } if ($Order['currency'] != $response['currency']) { exit('Bad currency!'); } tep_db_query('UPDATE ' . TABLE_ORDERS . ' SET orders_status = 2 WHERE orders_id = ' . $orderID); tep_db_query('UPDATE ' . TABLE_ORDERS_STATUS_HISTORY . ' SET orders_status_id = 2 WHERE orders_status_history_id = ' . $orderID); exit('OK'); } } catch (Exception $e) {
function validateOrder($orderID) { if (ltrim($_GET[WebToPay::PREFIX . 'orderid'], "0") != $orderID) { exit('Order ID mismatch!'); } global $application; $msg =& $application->getInstance('MessageResources', "payment-module-wtp-messages", "AdminZone"); $moduleData = $this->getSettings(); $query = new DB_Select(); $query->addSelectTable('order_prices'); $query->addSelectField('*'); $query->WhereValue('order_id', DB_EQ, $orderID); $Order = $application->db->getDB_Result($query); try { WebToPay::toggleSS2(true); $response = WebToPay::checkResponse($_GET, array('projectid' => $moduleData['MODULE_METHOD_ID'], 'sign_password' => $moduleData['MODULE_METHOD_PASS'])); } catch (Exception $e) { exit(get_class($e) . ': ' . $e->getMessage()); } if (intval(number_format($Order[0]['order_total'], 2, '', '')) > $_GET[WebToPay::PREFIX . 'amount']) { exit('Bad amount!'); } else { if ($Order[0]['currency_code'] != $_GET[WebToPay::PREFIX . 'currency']) { exit('Bad currency!'); } else { modApiFunc("Checkout", "UpdatePaymentStatusInDB", $orderID, 2, 'Payment accepted.'); exit('OK'); } } }