/** * Serve the file * * @param $pId * @return void */ public function displayTask() { // Get the transaction ID $tId = Request::getInt('task', ''); // Get the SKU ID $sId = Request::getVar('p0'); // Get the landing page flag $direct = Request::getVar('p1'); // Check if the transaction is complete and belongs to the user and is active and the SKU requested is valid $transaction = Cart::getTransactionFacts($tId); $transactionExistingItems = $transaction->items; $transaction = $transaction->info; $transactionItems = unserialize($transaction->tiItems); $tStatus = $transaction->tStatus; $crtId = $transaction->crtId; // get cart user $cartUser = Cart::getCartUser($crtId); $currentUser = $this->juser->id; // Error if needed if ($tStatus !== 'completed') { $messages = array(array(Lang::txt('COM_CART_DOWNLOAD_TRANSACTION_NOT_COMPLETED'), 'error')); $this->messageTask($messages); return; } elseif ($cartUser != $currentUser) { $messages = array(array(Lang::txt('COM_CART_DOWNLOAD_NOT_AUTHORIZED'), 'error')); $this->messageTask($messages); return; } elseif (!array_key_exists($sId, $transactionItems)) { $messages = array(array(Lang::txt('COM_CART_DOWNLOAD_NOT_AUTHORIZED'), 'error')); $this->messageTask($messages); return; } // Check if the product is valid and downloadable; find the file $warehouse = new Warehouse(); $sku = $warehouse->getSkuInfo($sId); $productType = $warehouse->getProductTypeInfo($sku['info']->ptId); $downloadFile = $sku['meta']['downloadFile']; // Error if needed if ($productType['ptName'] != 'Software Download' || empty($downloadFile)) { $messages = array(array(Lang::txt('COM_CART_DOWNLOAD_FILE_NOT_DOWNLOADABLE'), 'error')); $this->messageTask($messages); return; } $db = \App::get('db'); // Check if there is a limit on how many times the product can be downloaded // Get the number of downloads allowed if (isset($sku['meta']['downloadLimit']) && $sku['meta']['downloadLimit'] && is_numeric($sku['meta']['downloadLimit'])) { $sql = "SELECT COUNT(`dId`) FROM `#__cart_downloads` WHERE `uId` = {$currentUser} AND `sId` = {$sId} AND `dStatus` > 0"; $db->setQuery($sql); $downloadsCount = $db->loadResult(); if ($downloadsCount >= $sku['meta']['downloadLimit']) { $messages = array(array('Download limit exceeded', 'error')); $this->messageTask($messages); return; } } // Path and file name $storefrontConfig = Component::params('com_storefront'); $dir = $storefrontConfig->get('downloadFolder', '/site/protected/storefront/software'); $file = PATH_APP . $dir . DS . $downloadFile; if (!file_exists($file)) { $messages = array(array(Lang::txt('COM_CART_DOWNLOAD_FILE_NOT_FOUND'), 'error')); $this->messageTask($messages); return; } if (!$direct) { $this->landingTask($tId, $sId); return; } // Log the download $sql = "INSERT INTO `#__cart_downloads` SET\n\t\t\t\t`uId` = " . $currentUser . ",\n\t\t\t\t`sId` = " . $sId . ",\n\t\t\t\t`dIp` = INET_ATON(" . $db->quote(Request::ip()) . "),\n\t\t\t\t`dDownloaded` = NOW()"; $db->setQuery($sql); $db->query(); $dId = $db->insertid(); // Save the meta data $userGroups = User::getAuthorisedGroups(); $meta = array(); $ignoreGroups = array('public', 'registered'); foreach ($userGroups as $groupId) { $group = Accessgroup::one($groupId); if (!in_array(strtolower($group->get('title')), $ignoreGroups)) { $meta[$groupId] = $group->get('title'); } } if ($mta = User::getState('metadata')) { $meta = array_merge($meta, $mta); } $sql = "INSERT INTO `#__cart_meta` SET\n\t\t\t\t`scope_id` = " . $dId . ",\n\t\t\t\t`scope` = 'download',\n\t\t\t\t`mtKey` = 'userInfo',\n\t\t\t\t`mtValue` = '" . serialize($meta) . "'"; $db->setQuery($sql); $db->query(); // Figure out if the EULA was accepted $itemTransactionInfoMeta = $transactionExistingItems[$sId]['transactionInfo']->tiMeta; $eulaAccepted = $itemTransactionInfoMeta && property_exists($itemTransactionInfoMeta, 'eulaAccepted') && $itemTransactionInfoMeta->eulaAccepted ? true : false; if ($eulaAccepted) { $sql = "INSERT INTO `#__cart_meta` SET\n\t\t\t\t\t`scope_id` = " . $dId . ",\n\t\t\t\t\t`scope` = 'download',\n\t\t\t\t\t`mtKey` = 'eulaAccepted',\n\t\t\t\t\t`mtValue` = '" . $eulaAccepted . "'"; $db->setQuery($sql); $db->query(); } // Serve up the file $xserver = new \Hubzero\Content\Server(); $xserver->filename($file); $xserver->serve_attachment($file); // Firefox and Chrome fail if served inline exit; }
/** * Payment gateway postback: make sure everything checks out and complete transaction * * @return void */ public function postbackTask() { $test = false; // TESTING *********************** if ($test) { $postBackTransactionId = 215; } $params = Component::params(Request::getVar('option')); if (empty($_POST) && !$test) { App::abort(404, Lang::txt('Page not found')); } // Initialize logger $logger = new \CartMessenger('Payment Postback'); // Get payment provider if (!$test) { $paymentGatewayProivder = $params->get('paymentProvider'); require_once dirname(dirname(__DIR__)) . DS . 'lib' . DS . 'payment' . DS . 'PaymentDispatcher.php'; $paymentDispatcher = new \PaymentDispatcher($paymentGatewayProivder); $pay = $paymentDispatcher->getPaymentProvider(); // Extract the transaction id from postback information $postBackTransactionId = $pay->setPostBack($_POST); if (!$postBackTransactionId) { // Transaction id couldn't be extracted $error = 'Post back did not have the valid transaction ID '; $logger->setMessage($error); $logger->setPostback($_POST); $logger->log(\LoggingLevel::ERROR); return false; } } else { require_once dirname(dirname(__DIR__)) . DS . 'lib' . DS . 'payment' . DS . 'PaymentDispatcher.php'; $paymentDispatcher = new \PaymentDispatcher('DUMMY AUTO PAYMENT'); $pay = $paymentDispatcher->getPaymentProvider(); } // Get transaction info $tInfo = Cart::getTransactionFacts($postBackTransactionId); //print_r($tInfo); die; // Check if it exists if (!$tInfo) { // Transaction doesn't exist, log error $error = 'Incoming payment for the transaction that does not exist: ' . $postBackTransactionId; $logger->setMessage($error); $logger->setPostback($_POST); $logger->log(\LoggingLevel::ERROR); return false; } // Check if the transaction can be processed (it can only be processed if the transaction is awaiting payment) if ($tInfo->info->tStatus != 'awaiting payment') { // Transaction cannot be processed, log error $error = 'Transaction cannot be processed: ' . $postBackTransactionId . '. Current transaction status is "' . $tInfo->info->tStatus . '"'; $logger->setMessage($error); $logger->setPostback($_POST); $logger->log(\LoggingLevel::ERROR); return false; } // Get the action. Post back will normally be triggered on payment success, but can also be the cancel post back $postBackAction = $pay->getPostBackAction(); if ($postBackAction == 'payment' || $test) { // verify payment if (!$test && !$pay->verifyPayment($tInfo)) { // Payment has not been verified, get verification error $error = $pay->getError()->msg; $error .= ' Transaction ID: ' . $postBackTransactionId; // Log error $logger->setMessage($error); $logger->setPostback($_POST); $logger->log(\LoggingLevel::ERROR); // Handle error Cart::handleTransactionError($postBackTransactionId, $error); return false; } // No error $message = 'Transaction completed. '; $message .= 'Transaction ID: ' . $postBackTransactionId; // Log info if (!$test) { $logger->setMessage($message); $logger->setPostback($_POST); $logger->log(\LoggingLevel::INFO); } // Finalize order -- whatever needs to be done $this->completeOrder($tInfo); } elseif ($postBackAction == 'cancel') { // Cancel transaction $message = 'Transaction cancelled. '; $message .= 'Transaction ID: ' . $postBackTransactionId; // Log info if (!$test) { $logger->setMessage($message); $logger->setPostback($_POST); $logger->log(\LoggingLevel::INFO); } // Release the transaction Cart::releaseTransaction($postBackTransactionId); } else { // No supported action, log error $error = 'Post back action is invalid: ' . $postBackAction; $logger->setMessage($error); $logger->setPostback($_POST); $logger->log(\LoggingLevel::ERROR); return false; } }
/** * Serve the file * * @param $pId * @return void */ public function displayTask() { // Get the transaction ID $tId = Request::getInt('task', ''); // Get the SKU ID $sId = Request::getVar('p0'); // Get the landing page flag $direct = Request::getVar('p1'); // Check if the transaction is complete and belongs to the user and is active $transaction = Cart::getTransactionFacts($tId); $transaction = $transaction->info; $tStatus = $transaction->tStatus; $crtId = $transaction->crtId; // get cart user $cartUser = Cart::getCartUser($crtId); $currentUser = $this->juser->id; // Error if needed if ($tStatus !== 'completed') { $messages = array(array('COM_CART_DOWNLOAD_TRANSACTION_NOT_COMPLETED', 'error')); $this->messageTask($messages); return; } elseif ($cartUser != $currentUser) { $messages = array(array('COM_CART_DOWNLOAD_NOT_AUTHORIZED', 'error')); $this->messageTask($messages); return; } // Check if the product is valid and downloadable; find the file $warehouse = new Warehouse(); $sku = $warehouse->getSkuInfo($sId); $productType = $sku['info']->ptId; $downloadFile = $sku['meta']['downloadFile']; // Error if needed if ($productType != 30 || empty($downloadFile)) { $messages = array(array(Lang::txt('COM_CART_DOWNLOAD_FILE_NOT_DOWNLOABLE'), 'error')); $this->messageTask($messages); return; } $db = \App::get('db'); // Check if there is a limit on how many times the product can be downloaded // Get the number of downloads allowed $allowedDownloads = $sku; if (isset($sku['meta']['downloadLimit']) && $sku['meta']['downloadLimit'] && is_numeric($sku['meta']['downloadLimit'])) { $sql = "SELECT COUNT(`dId`) FROM `#__cart_downloads` WHERE `uId` = {$currentUser} AND `sId` = {$sId}"; $db->setQuery($sql); $downloadsCount = $db->loadResult(); if ($downloadsCount >= $sku['meta']['downloadLimit']) { $messages = array(array('Download limit exceeded', 'error')); $this->messageTask($messages); return; } } // Path and file name $storefrontConfig = Component::params('com_storefront'); $dir = $storefrontConfig->get('downloadFolder'); $file = PATH_ROOT . $dir . DS . $downloadFile; if (!file_exists($file)) { $messages = array(array(Lang::txt('COM_CART_DOWNLOAD_FILE_NOT_FOUND'), 'error')); $this->messageTask($messages); return; } if (!$direct) { $this->landingTask($tId, $sId); return; } // Log the download $sql = "INSERT INTO `#__cart_downloads` SET\n\t\t\t\t`uId` = " . $currentUser . ",\n\t\t\t\t`sId` = " . $sId . ",\n\t\t\t\t`dIp` = INET_ATON(" . $db->quote(Request::getClientIp()) . "),\n\t\t\t\t`dDownloaded` = NOW()"; $db->setQuery($sql); $db->query(); // Serve up the file $xserver = new \Hubzero\Content\Server(); $xserver->filename($file); $xserver->serve_attachment($file); // Firefox and Chrome fail if served inline exit; }