/includes/classes/paypal_checkout.php
PHP | 1456 lines | 1223 code | 0 blank | 233 comment | 172 complexity | ebb07b6ab38649b3391328a00f316083 MD5 | raw file
Possible License(s): AGPL-1.0
Large files files are truncated, but you can click here to view the full file
- <?php
- /**
- * Project: xt:Commerce - eCommerce Engine
- * @version $Id
- *
- * xt:Commerce - Shopsoftware
- * (c) 2003-2007 xt:Commerce (Winger/Zanier), http://www.xt-commerce.com
- *
- * xt:Commerce ist eine geschŸtzte Handelsmarke und wird vertreten durch die xt:Commerce GmbH (Austria)
- * xt:Commerce is a protected trademark and represented by the xt:Commerce GmbH (Austria)
- *
- * @copyright Copyright 2003-2007 xt:Commerce (Winger/Zanier), www.xt-commerce.com
- * @copyright based on Copyright 2002-2003 osCommerce; www.oscommerce.com
- * @copyright Porttions Copyright 2003-2007 Zen Cart Development Team
- * @copyright Porttions Copyright 2004 DevosC.com
- * @license http://www.xt-commerce.com.com/license/2_0.txt GNU Public License V2.0
- *
- * For questions, help, comments, discussion, etc., please join the
- * xt:Commerce Support Forums at www.xt-commerce.com
- *
- * ab 15.08.2008 Teile vom Hamburger-Internetdienst geändert
- * Hamburger-Internetdienst Support Forums at www.forum.hamburger-internetdienst.de
- * Stand: 16.05.2010
- */
- require_once(DIR_FS_INC . 'xtc_write_user_info.inc.php');
- define('PROXY_HOST', '127.0.0.1');
- define('PROXY_PORT', '808');
- define('VERSION', PAYPAL_API_VERSION);
- class paypal_checkout {
- var $API_UserName,
- $API_Password,
- $API_Signature,
- $API_Endpoint,
- $version,
- $location_error,
- $NOTIFY_URL,
- $EXPRESS_CANCEL_URL,
- $EXPRESS_RETURN_URL,
- $CANCEL_URL,
- $RETURN_URL,
- $GIROPAY_SUCCESS_URL,
- $GIROPAY_CANCEL_URL,
- $BANKTXN_PENDING_URL,
- $EXPRESS_URL,
- $GIROPAY_URL,
- $IPN_URL,
- $ppAPIec,
- $payPalURL;
- /*************************************************************/
- function paypal_checkout() {
- // Stand: 27.03.2010
- if(PAYPAL_MODE=='sandbox'){
- $this->API_UserName = PAYPAL_API_SANDBOX_USER;
- $this->API_Password = PAYPAL_API_SANDBOX_PWD;
- $this->API_Signature = PAYPAL_API_SANDBOX_SIGNATURE;
- $this->API_Endpoint = 'https://api-3t.sandbox.paypal.com/nvp';
- $this->EXPRESS_URL = 'https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token=';
- $this->GIROPAY_URL = 'https://www.sandbox.paypal.com/webscr?cmd=_complete-express-checkout&token=';
- $this->IPN_URL = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
- }elseif(PAYPAL_MODE=='live'){
- $this->API_UserName = PAYPAL_API_USER;
- $this->API_Password = PAYPAL_API_PWD;
- $this->API_Signature = PAYPAL_API_SIGNATURE;
- $this->API_Endpoint = 'https://api-3t.paypal.com/nvp';
- $this->EXPRESS_URL = 'https://www.paypal.com/webscr?cmd=_express-checkout&token=';
- $this->GIROPAY_URL = 'https://www.paypal.com/webscr?cmd=_complete-express-checkout&token=';
- $this->IPN_URL = 'https://www.paypal.com/cgi-bin/webscr';
- }
- if(ENABLE_SSL == true){
- $this->NOTIFY_URL = HTTPS_SERVER.DIR_WS_CATALOG.'callback/paypal/ipn.php';
- $this->EXPRESS_CANCEL_URL = HTTPS_SERVER.DIR_WS_CATALOG.FILENAME_SHOPPING_CART.'?XTCsid='.xtc_session_id();
- $this->EXPRESS_RETURN_URL = HTTPS_SERVER.DIR_WS_CATALOG.FILENAME_PAYPAL_CHECKOUT.'?XTCsid='.xtc_session_id();
- $this->PRE_CANCEL_URL = HTTPS_SERVER.DIR_WS_CATALOG.FILENAME_CHECKOUT_PAYMENT.'?XTCsid='.xtc_session_id();
- $this->CANCEL_URL = HTTPS_SERVER.DIR_WS_CATALOG.FILENAME_CHECKOUT_PAYMENT.'?XTCsid='.xtc_session_id().'&error=true&error_message='.PAYPAL_ERROR;
- $this->RETURN_URL = HTTPS_SERVER.DIR_WS_CATALOG.FILENAME_CHECKOUT_PROCESS.'?XTCsid='.xtc_session_id();
- $this->GIROPAY_SUCCESS_URL = HTTPS_SERVER.DIR_WS_CATALOG.FILENAME_CHECKOUT_SUCCESS.'?XTCsid='.xtc_session_id();
- $this->GIROPAY_CANCEL_URL = HTTPS_SERVER.DIR_WS_CATALOG.FILENAME_SHOPPING_CART.'?XTCsid='.xtc_session_id();
- $this->BANKTXN_PENDING_URL = HTTPS_SERVER.DIR_WS_CATALOG.FILENAME_CHECKOUT_SUCCESS.'?XTCsid='.xtc_session_id();
- }else{
- $this->NOTIFY_URL = HTTP_SERVER.DIR_WS_CATALOG.'callback/paypal/ipn.php';
- $this->EXPRESS_CANCEL_URL = HTTP_SERVER.DIR_WS_CATALOG.FILENAME_SHOPPING_CART.'?XTCsid='.xtc_session_id();
- $this->EXPRESS_RETURN_URL = HTTP_SERVER.DIR_WS_CATALOG.FILENAME_PAYPAL_CHECKOUT.'?XTCsid='.xtc_session_id();
- $this->PRE_CANCEL_URL = HTTP_SERVER.DIR_WS_CATALOG.FILENAME_CHECKOUT_PAYMENT.'?XTCsid='.xtc_session_id();
- $this->CANCEL_URL = HTTP_SERVER.DIR_WS_CATALOG.FILENAME_CHECKOUT_PAYMENT.'?XTCsid='.xtc_session_id().'&error=true&error_message='.PAYPAL_ERROR;
- $this->RETURN_URL = HTTP_SERVER.DIR_WS_CATALOG.FILENAME_CHECKOUT_PROCESS.'?XTCsid='.xtc_session_id();
- $this->GIROPAY_SUCCESS_URL = HTTP_SERVER.DIR_WS_CATALOG.FILENAME_CHECKOUT_SUCCESS.'?XTCsid='.xtc_session_id();
- $this->GIROPAY_CANCEL_URL = HTTP_SERVER.DIR_WS_CATALOG.FILENAME_SHOPPING_CART.'?XTCsid='.xtc_session_id();
- $this->BANKTXN_PENDING_URL = HTTP_SERVER.DIR_WS_CATALOG.FILENAME_CHECKOUT_SUCCESS.'?XTCsid='.xtc_session_id();
- }
- $this->version = VERSION;
- $this->USE_PROXY = FALSE;
- $this->payPalURL = '';
- $this->ppAPIec = $this->buildAPIKey(PAYPAL_API_KEY, 'ec');
- if(ENABLE_SSL == true):
- $hdrImg='templates/'.CURRENT_TEMPLATE.'/img/'.PAYPAL_API_IMAGE;
- if(file_exists(DIR_FS_CATALOG.$hdrImg) AND PAYPAL_API_IMAGE!=''):
- $hdrSize = getimagesize(DIR_FS_CATALOG.$hdrImg);
- if($hdrSize[0]<=750 AND $hdrSize[1]<=90):
- $this->Image = urlencode(HTTPS_SERVER.DIR_WS_CATALOG.$hdrImg);
- endif;
- endif;
- endif;
- // BOF - Hetfield - 2009-11-19 - replaced deprecated function ereg with preg_match to be ready for PHP >= 5.3
- //if(ereg('^(([a-f]|[A-F]|[0-9]){6})$',PAYPAL_API_CO_BACK))
- if(preg_match('/^(([a-f]|[A-F]|[0-9]){6})$/',PAYPAL_API_CO_BACK))
- $this->BackColor = PAYPAL_API_CO_BACK;
- //if(ereg('^(([a-f]|[A-F]|[0-9]){6})$',PAYPAL_API_CO_BORD))
- if(preg_match('/^(([a-f]|[A-F]|[0-9]){6})$/',PAYPAL_API_CO_BORD))
- $this->BorderColor = PAYPAL_API_CO_BORD;
- // EOF - Hetfield - 2009-11-19 - replaced deprecated function ereg with preg_match to be ready for PHP >= 5.3
- }
- /*************************************************************/
- function build_express_checkout_button(){
- // Stand: 01.06.2009
- global $PHP_SELF;
- if($_SESSION['allow_checkout'] == 'true' AND $_SESSION['cart']->show_total()>0 AND MODULE_PAYMENT_PAYPALEXPRESS_STATUS=='True'):
- $unallowed_modules = explode(',', $_SESSION['customers_status']['customers_status_payment_unallowed']);
- if(!in_array('paypalexpress', $unallowed_modules)):
- include(DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/payment/paypalexpress.php');
- $alt=((defined('MODULE_PAYMENT_PAYPALEXPRESS_ALT_BUTTON'))? MODULE_PAYMENT_PAYPALEXPRESS_ALT_BUTTON :'PayPal');
- $source=((strtoupper($_SESSION['language_code'])=='DE')?'epaypal_de.gif':'epaypal_en.gif');
- $button .= '<a style="cursor:pointer;" onfocus="if(this.blur) this.blur();" onmouseover="window.status = '."''".'; return true;" href="'.xtc_href_link(basename($PHP_SELF), xtc_get_all_get_params(array('action')).'action=paypal_express_checkout').'"><img src="'.DIR_WS_ICONS.$source.'" alt="'.$alt.'" title="'.$alt.'" /></a>';
- return $button;
- endif;
- endif;
- return;
- }
- /*************************************************************/
- function build_express_fehler_button(){
- // Stand: 01.06.2009
- if(MODULE_PAYMENT_PAYPALEXPRESS_STATUS=='True'){
- include(DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/payment/paypalexpress.php');
- $alt=((defined('MODULE_PAYMENT_PAYPALEXPRESS_ALT_BUTTON'))? MODULE_PAYMENT_PAYPALEXPRESS_ALT_BUTTON :'PayPal');
- $source=((strtoupper($_SESSION['language_code'])=='DE')?'epaypal_de.gif':'epaypal_en.gif');
- $button .= '<a style="cursor:pointer;" onfocus="if(this.blur) this.blur();" onmouseover="window.status = '."''".'; return true;" href="'.$this->EXPRESS_CANCEL_URL.'"><img src="'.DIR_WS_ICONS.$source.'" alt="'.$alt.'" title="'.$alt.'" /></a>';
- return $button;
- }
- return;
- }
- /*************************************************************/
- /******* fürs express als Zahlbedingung **********************/
- /*************************************************************/
- function paypal_auth_call(){
- // aufruf aus paypal.php NICHT für PP Express aus Warenkorb
- // Daten aus der Cart - Order noch nicht gespeichert
- // 1. Call um die Token ID zu bekommen
- // Daten mitgeben, da direkt bestätigung ohne nochmaliges Confirm im Shop
- // Stand: 05.01.2010
- global $xtPrice,$order;
- // Session säubern
- unset($_SESSION['reshash']);
- unset($_SESSION['nvpReqArray']);
- require(DIR_WS_CLASSES.'order_total.php');
- $order_total_modules = new order_total();
- $order_totals = $order_total_modules->process();
- $order_tax=0;
- $order_discount=0;
- $order_fee=0;
- $order_gs=0;
- $order_shipping=0;
- for($i = 0, $n = sizeof($order_totals); $i < $n; $i ++):
- switch($order_totals[$i]['code']):
- case 'ot_total':
- $paymentAmount=$order_totals[$i]['value'];
- break;
- case 'ot_shipping':
- $order_shipping=$order_totals[$i]['value'];
- break;
- case 'ot_tax':
- $order_tax+=$order_totals[$i]['value'];
- break;
- case 'ot_discount':
- $order_discount+=$order_totals[$i]['value'];
- break;
- case 'ot_coupon':
- $order_gs+= ($order_totals[$i]['value'] < 0) ? $order_totals[$i]['value'] : $order_totals[$i]['value'] *(-1);
- break;
- case 'ot_gv':
- $order_gs+= ($order_totals[$i]['value'] < 0) ? $order_totals[$i]['value'] : $order_totals[$i]['value'] *(-1);
- break;
- /// customers bonus
- case 'ot_bonus_fee':
- $order_gs+= ($order_totals[$i]['value'] < 0) ? $order_totals[$i]['value'] : $order_totals[$i]['value'] *(-1);
- break;
- case 'ot_payment':
- if($order_totals[$i]['value'] < 0): // Rabatt aus Fremd Modul
- $order_discount+=$order_totals[$i]['value'];
- else:
- $order_fee+=$order_totals[$i]['value'];
- endif;
- break;
- case 'ot_cod_fee':
- $order_fee+=$order_totals[$i]['value'];
- break;
- case 'ot_ps_fee':
- $order_fee+=$order_totals[$i]['value'];
- break;
- case 'ot_loworderfee':
- $order_fee+=$order_totals[$i]['value'];
- endswitch;
- endfor;
- // AMT
- $paymentAmount = round($paymentAmount, $xtPrice->get_decimal_places($order->info['currency']));
- // Summen der Order
- $order_tax=round($order_tax, $xtPrice->get_decimal_places($order->info['currency']));
- $order_discount=round($order_discount, $xtPrice->get_decimal_places($order->info['currency']));
- $order_gs=round($order_gs, $xtPrice->get_decimal_places($order->info['currency']));
- $order_fee=round($order_fee, $xtPrice->get_decimal_places($order->info['currency']));
- $order_shipping=round($order_shipping, $xtPrice->get_decimal_places($order->info['currency']));
- $nvp_products=$this->paypal_get_products($paymentAmount,$order_tax,$order_discount,$order_fee,$order_shipping,$order_gs);
- $paymentAmount = urlencode(number_format($paymentAmount, $xtPrice->get_decimal_places($order->info['currency']), '.', ','));
- $currencyCodeType = urlencode($order->info['currency']);
- // Payment Type
- $paymentType='Sale';
- // The returnURL is the location where buyers return when a
- // payment has been succesfully authorized.
- // The cancelURL is the location buyers are sent to when they hit the
- // cancel button during authorization of payment during the PayPal flow
- $returnURL =urlencode($this->RETURN_URL);
- $cancelURL =urlencode($this->CANCEL_URL);
- $gpsucssesURL =urlencode($this->GIROPAY_SUCCESS_URL);
- $gpcancelURL =urlencode($this->GIROPAY_CANCEL_URL);
- $bankpending =urlencode($this->BANKTXN_PENDING_URL);
- // Construct the parameter string that describes the PayPal payment
- // the varialbes were set in the web form, and the resulting string
- // is stored in $nvpstr
- $sh_name = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8", $order->delivery['firstname'].' '.$order->delivery['lastname']));
- $sh_street = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8", $order->delivery['street_address']));
- $sh_street_2 = '';
- $sh_city = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8", $order->delivery['city']));
- $sh_zip = urlencode($order->delivery['postcode']);
- $sh_state = urlencode($this->state_code($order->delivery['state']));
- $sh_countrycode = urlencode($order->delivery['country']['iso_code_2']);
- $sh_countryname = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8",$order->delivery['country']['title']));
- $sh_phonenum = urlencode($order->customer['telephone']);
- // String zusammenbauen
- $nvpstr="&AMT=".$paymentAmount.
- "&CURRENCYCODE=".$currencyCodeType.
- "&PAYMENTACTION=".$paymentType.
- "&LOCALECODE=".$_SESSION['language_code'].
- "&RETURNURL=".$returnURL.
- "&CANCELURL=".$cancelURL.
- "&GIROPAYSUCCESSURL=".$gpsucssesURL.
- "&GIROPAYCANCELURL=".$gpcancelURL.
- "&BANKTXNPENDINGURL=".$bankpending.
- "&HDRIMG=".$this->Image.
- "&HDRBORDERCOLOR=".$this->BorderColor.
- "&HDRBACKCOLOR=".$this->BackColor.
- "&CUSTOM=".''.
- "&SHIPTONAME=".$sh_name.
- "&SHIPTOSTREET=".$sh_street.
- "&SHIPTOSTREET2=".$sh_street2.
- "&SHIPTOCITY=".$sh_city.
- "&SHIPTOZIP=".$sh_zip.
- "&SHIPTOSTATE=".$sh_state.
- "&SHIPTOCOUNTRYCODE=".$sh_countrycode.
- "&SHIPTOCOUNTRYNAME=".$sh_countryname.
- "&PHONENUM=".$sh_phonenum.
- "&ALLOWNOTE=0".
- "&ADDROVERRIDE=1";
- // Artikel Details mitgeben
- $nvpstr.=$nvp_products;
- // Senden
- $resArray=$this->hash_call("SetExpressCheckout",$nvpstr);
- $_SESSION['reshash']= $resArray;
- $ack = strtoupper($resArray["ACK"]);
- if($ack!="SUCCESS"):
- if(PAYPAL_ERROR_DEBUG=='true'):
- $this->build_error_message($_SESSION['reshash']);
- else:
- $_SESSION['reshash']['FORMATED_ERRORS'] = PAYPAL_NOT_AVIABLE;
- endif;
- xtc_redirect($this->PRE_CANCEL_URL);
- endif;
- if($ack=="SUCCESS"){
- $token = urldecode($resArray["TOKEN"]);
- $this->payPalURL = $this->EXPRESS_URL.''.$token;
- return $this->payPalURL;
- }
- }
- /*************************************************************/
- /******* fürs express aus dem warenkorb **********************/
- /*************************************************************/
- function paypal_express_auth_call(){
- // aufruf aus cart_actions.php
- // 1. Call um die Token ID zu bekommen
- // Steuer, Artikel usw bei eingeloggt
- // Stand: 05.01.2010
- global $xtPrice,$order;
- // Session säubern
- unset($_SESSION['reshash']);
- unset($_SESSION['nvpReqArray']);
- // Shipping:
- if(!isset($_SESSION['sendto'])) {
- $_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
- } else {
- // verify the selected shipping address
- $check_address_query = xtc_db_query("select count(*) as total from ".TABLE_ADDRESS_BOOK." where customers_id = '".(int) $_SESSION['customer_id']."' and address_book_id = '".(int) $_SESSION['sendto']."'");
- $check_address = xtc_db_fetch_array($check_address_query);
- if($check_address['total'] != '1') {
- $_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
- if(isset($_SESSION['shipping']))
- unset($_SESSION['shipping']);
- }
- }
- // Shipping END
- require(DIR_WS_CLASSES.'order.php');
- $order = new order();
- require(DIR_WS_CLASSES.'order_total.php');
- $order_total_modules = new order_total();
- $order_totals = $order_total_modules->process();
- $order_tax=0;
- $order_discount=0;
- $order_gs=0;
- $order_fee=0;
- $order_shipping=0;
- for($i = 0, $n = sizeof($order_totals); $i < $n; $i ++):
- switch($order_totals[$i]['code']):
- case 'ot_discount':
- $order_discount+=$order_totals[$i]['value'];
- break;
- case 'ot_coupon':
- $order_gs+= ($order_totals[$i]['value'] < 0) ? $order_totals[$i]['value'] : $order_totals[$i]['value'] *(-1);
- break;
- case 'ot_gv':
- $order_gs+= ($order_totals[$i]['value'] < 0) ? $order_totals[$i]['value'] : $order_totals[$i]['value'] *(-1);
- break;
- /// customers bonus
- case 'ot_bonus_fee':
- $order_gs+= ($order_totals[$i]['value'] < 0) ? $order_totals[$i]['value'] : $order_totals[$i]['value'] *(-1);
- break;
- case 'ot_payment':
- if($order_totals[$i]['value'] < 0): // Rabatt aus Fremd Modul
- $order_discount+=$order_totals[$i]['value'];
- else:
- $order_fee+=$order_totals[$i]['value'];
- endif;
- case 'ot_cod_fee':
- $order_fee+=$order_totals[$i]['value'];
- break;
- case 'ot_ps_fee':
- $order_fee+=$order_totals[$i]['value'];
- break;
- case 'ot_loworderfee':
- $order_fee+=$order_totals[$i]['value'];
- endswitch;
- endfor;
- // AMT
- $paymentAmount=$_SESSION['cart']->show_total()
- +$order_discount
- +$order_gs
- +$order_fee;
- if($_SESSION['customers_status']['customers_status_show_price_tax'] == 0 && $_SESSION['customers_status']['customers_status_add_tax_ot'] == 1):
- $order_tax=$_SESSION['cart']->show_tax(false);
- endif;
- // Vorläufige Versandkosten
- if(PAYPAL_EXP_VORL!='' AND PAYPAL_EXP_VERS!=0):
- $paymentAmount+=PAYPAL_EXP_VERS;
- endif;
- // AMT
- $paymentAmount = round($paymentAmount, $xtPrice->get_decimal_places($order->info['currency']));
- // Summen der Order
- $order_tax=round($order_tax, $xtPrice->get_decimal_places($order->info['currency']));
- $order_discount=round($order_discount, $xtPrice->get_decimal_places($order->info['currency']));
- $order_gs=round($order_gs, $xtPrice->get_decimal_places($order->info['currency']));
- $order_fee=round($order_fee, $xtPrice->get_decimal_places($order->info['currency']));
- $nvp_products=$this->paypal_get_products($paymentAmount,$order_tax,$order_discount,$order_fee,$order_shipping,$order_gs,True);
- $paymentAmount = urlencode(number_format($paymentAmount, $xtPrice->get_decimal_places($order->info['currency']), '.', ','));
- $currencyCodeType = urlencode($order->info['currency']);
- // Payment Type
- $paymentType='Sale';
- $returnURL =urlencode($this->EXPRESS_RETURN_URL);
- $cancelURL =urlencode($this->EXPRESS_CANCEL_URL);
- $gpsucssesURL =urlencode($this->GIROPAY_SUCCESS_URL);
- $gpcancelURL =urlencode($this->EXPRESS_CANCEL_URL);
- $bankpending =urlencode($this->BANKTXN_PENDING_URL);
- if(isset($_SESSION['sendto']) AND isset($_SESSION['customer_id'])):
- // User eingeloggt
- $sh_name = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8", $order->delivery['firstname'].' '.$order->delivery['lastname']));
- $sh_street = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8", $order->delivery['street_address']));
- $sh_street_2 = '';
- $sh_city = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8", $order->delivery['city']));
- $sh_zip = urlencode($order->delivery['postcode']);
- $sh_state = urlencode($this->state_code($order->delivery['state']));
- $sh_countrycode = urlencode($order->delivery['country']['iso_code_2']);
- $sh_countryname = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8",$order->delivery['country']['title']));
- $sh_phonenum = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8",$order->customer['telephone']));
- if($_SESSION['paypal_express_new_customer']!='true')
- $address = "&SHIPTONAME=".$sh_name."&SHIPTOSTREET=".$sh_street."&SHIPTOSTREET2=".$sh_street2."&SHIPTOCITY=".$sh_city."&SHIPTOZIP=".$sh_zip."&SHIPTOSTATE=".$sh_state."&SHIPTOCOUNTRYCODE=".$sh_countrycode."&SHIPTOCOUNTRYNAME=".$sh_countryname."&PHONENUM=".$sh_phonenum;
- endif;
- // String zusammenbauen
- $nvpstr="&AMT=".$paymentAmount.
- "&CURRENCYCODE=".$currencyCodeType.
- "&PAYMENTACTION=".$paymentType.
- "&LOCALECODE=".$_SESSION['language_code'].
- "&RETURNURL=".$returnURL.
- "&CANCELURL=".$cancelURL.
- "&GIROPAYSUCCESSURL=".$gpsucssesURL.
- "&GIROPAYCANCELURL=".$gpcancelURL.
- "&BANKTXNPENDINGURL=".$bankpending.
- "&HDRIMG=".$this->Image.
- "&HDRBORDERCOLOR=".$this->BorderColor.
- "&HDRBACKCOLOR=".$this->BackColor.
- "&CUSTOM=".''.
- $address.
- "&ALLOWNOTE=0".
- "&ADDROVERRIDE=0";
- // Artikel Details mitgeben
- $nvpstr.=$nvp_products;
- // Make the call to PayPal to set the Express Checkout token
- // If the API call succeded, then redirect the buyer to PayPal
- // to begin to authorize payment. If an error occured, show the
- // resulting errors
- $resArray=$this->hash_call("SetExpressCheckout",$nvpstr);
- $_SESSION['reshash']= $resArray;
- $ack = strtoupper($resArray["ACK"]);
- if($ack=="SUCCESS"){
- $token = urldecode($resArray["TOKEN"]);
- $this->payPalURL = $this->EXPRESS_URL.''.$token;
- return $this->payPalURL;
- } else {
- if(PAYPAL_ERROR_DEBUG=='true'):
- $this->build_error_message($_SESSION['reshash']);
- else:
- $_SESSION['reshash']['FORMATED_ERRORS'] = PAYPAL_NOT_AVIABLE;
- endif;
- $this->payPalURL = $this->EXPRESS_CANCEL_URL;
- return $this->payPalURL;
- }
- }
- /*************************************************************/
- /******* für abgelehnte Zahlungen **********************/
- /*************************************************************/
- function paypal_second_auth_call($insert_id){
- // aufruf aus shopping_cart.php
- // 1. Call um die Token ID zu bekommen
- // Daten aus der Order !
- // Stand: 29.04.2009
- global $xtPrice,$order;
- // Session säubern
- unset($_SESSION['reshash']);
- unset($_SESSION['nvpReqArray']);
- require(DIR_WS_CLASSES.'order.php');
- $order = new order($insert_id);
- // Amt
- $paymentAmount = round($order->info['pp_total'], $xtPrice->get_decimal_places($order->info['currency']));
- // Summen der Order
- $order_tax = round($order->info['pp_tax'], $xtPrice->get_decimal_places($order->info['currency']));
- $order_discount = round($order->info['pp_disc'], $xtPrice->get_decimal_places($order->info['currency']));
- $order_gs = round($order->info['pp_gs'], $xtPrice->get_decimal_places($order->info['currency']));
- $order_fee = round($order->info['pp_fee'], $xtPrice->get_decimal_places($order->info['currency']));
- $order_shipping = round($order->info['pp_shipping'], $xtPrice->get_decimal_places($order->info['currency']));
- $nvp_products=$this->paypal_get_products($paymentAmount,$order_tax,$order_discount,$order_fee,$order_shipping,$order_gs);
- $paymentAmount = urlencode(number_format($paymentAmount, $xtPrice->get_decimal_places($order->info['currency']), '.', ','));
- $currencyCodeType = urlencode($order->info['currency']);
- // Payment Type
- $paymentType='Sale';
- $returnURL =urlencode($this->EXPRESS_CANCEL_URL);
- $cancelURL =urlencode($this->EXPRESS_CANCEL_URL);
- $gpsucssesURL =urlencode($this->GIROPAY_SUCCESS_URL);
- $gpcancelURL =urlencode($this->EXPRESS_CANCEL_URL);
- $bankpending =urlencode($this->BANKTXN_PENDING_URL);
- $notify_url = urlencode($this->NOTIFY_URL);
- $inv_num = urlencode($insert_id);
- // Versandadresse
- $sh_name = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8", $order->delivery['firstname'].' '.$order->delivery['lastname']));
- $sh_street = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8", $order->delivery['street_address']));
- $sh_street_2 = '';
- $sh_city = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8", $order->delivery['city']));
- $sh_state = urlencode($this->state_code($order->delivery['state']));
- if(is_array($order->delivery['country'])):
- $sh_countrycode = urlencode($order->delivery['country']['iso_code_2']);
- $sh_countryname = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8",$order->delivery['country']['title']));
- else:
- $sh_countrycode = urlencode($order->delivery['country_iso_2']);
- $sh_countryname = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8",$order->delivery['country']));
- endif;
- $sh_phonenum = urlencode($order->customer['telephone']);
- $sh_zip = urlencode($order->delivery['postcode']);
- $address = "&SHIPTONAME=".$sh_name."&SHIPTOSTREET=".$sh_street."&SHIPTOSTREET2=".$sh_street2."&SHIPTOCITY=".$sh_city."&SHIPTOZIP=".$sh_zip."&SHIPTOSTATE=".$sh_state."&SHIPTOCOUNTRYCODE=".$sh_countrycode."&SHIPTOCOUNTRYNAME=".$sh_countryname."&PHONENUM=".$sh_phonenum;
- // String zusammenbauen
- $nvpstr="&AMT=".$paymentAmount.
- "&CURRENCYCODE=".$currencyCodeType.
- "&PAYMENTACTION=".$paymentType.
- "&NOTIFYURL=".$notify_url.
- "&INVNUM=".$inv_num.$adress.
- "&LOCALECODE=".$_SESSION['language_code'].
- "&RETURNURL=".$returnURL.
- "&CANCELURL=".$cancelURL.
- "&GIROPAYSUCCESSURL=".$gpsucssesURL.
- "&GIROPAYCANCELURL=".$gpcancelURL.
- "&BANKTXNPENDINGURL=".$bankpending.
- "&HDRIMG=".$this->Image.
- "&HDRBORDERCOLOR=".$this->BorderColor.
- "&HDRBACKCOLOR=".$this->BackColor.
- "&CUSTOM=".''.
- $address.
- "&ALLOWNOTE=0".
- "&ADDROVERRIDE=1";
- // Artikel Details mitgeben
- $nvpstr.=$nvp_products;
- // Make the call to PayPal to set the Express Checkout token
- // If the API call succeded, then redirect the buyer to PayPal
- // to begin to authorize payment. If an error occured, show the
- // resulting errors
- $resArray=$this->hash_call("SetExpressCheckout",$nvpstr);
- $_SESSION['reshash']= $resArray;
- $ack = strtoupper($resArray["ACK"]);
- if($ack=="SUCCESS"){
- $token = urldecode($resArray["TOKEN"]);
- $this->payPalURL = $this->EXPRESS_URL.''.$token;
- return $this->payPalURL;
- } else {
- $this->build_error_message($_SESSION['reshash']);
- if(PAYPAL_ERROR_DEBUG=='true'):
- $_SESSION['reshash']['FORMATED_ERRORS'] = PAYPAL_NOT_AVIABLE;
- else:
- $this->payPalURL = $this->EXPRESS_CANCEL_URL;
- endif;
- return $this->payPalURL;
- }
- }
- /*************************************************************/
- /******* für beide Versionen *********************************/
- /*************************************************************/
- function complete_ceckout($insert_id, $data=''){
- // aufruf aus paypal.php oder paypalexpress.php aus Warenkorb
- // 2. Call um die PayPal Aktion abzuschliessen
- // Daten aus der Order
- // Stand: 29.04.2009
- global $xtPrice,$order;
- $order = new order($insert_id);
- // IP Adresse
- if($_SERVER["HTTP_X_FORWARDED_FOR"]) {
- $customers_ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
- } else {
- $customers_ip = $_SERVER["REMOTE_ADDR"];
- }
- // Amt
- $paymentAmount = round($order->info['pp_total'], $xtPrice->get_decimal_places($order->info['currency']));
- // Summen der Order
- $order_tax = round($order->info['pp_tax'], $xtPrice->get_decimal_places($order->info['currency']));
- $order_discount = round($order->info['pp_disc'], $xtPrice->get_decimal_places($order->info['currency']));
- $order_gs = round($order->info['pp_gs'], $xtPrice->get_decimal_places($order->info['currency']));
- $order_fee = round($order->info['pp_fee'], $xtPrice->get_decimal_places($order->info['currency']));
- $order_shipping = round($order->info['pp_shipping'], $xtPrice->get_decimal_places($order->info['currency']));
- $nvp_products=$this->paypal_get_products($paymentAmount,$order_tax,$order_discount,$order_fee,$order_shipping,$order_gs);
- $paymentAmount = urlencode(number_format($paymentAmount, $xtPrice->get_decimal_places($order->info['currency']), '.', ','));
- $currencyCodeType = urlencode($order->info['currency']);
- $tkn=(($data['token']!='')?$data['token']:$_SESSION['nvpReqArray']['TOKEN']);
- $payer=(($data['PayerID']!='')?$data['PayerID']:$payer = $_SESSION['reshash']['PAYERID']);
- $token =urlencode($tkn);
- $payerID = urlencode($payer);
- $paymentType='Sale';
- $notify_url = urlencode($this->NOTIFY_URL);
- $inv_num = urlencode($insert_id);
- $button_source = urlencode($this->ppAPIec);
- // Versandadresse
- $sh_name = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8", $order->delivery['firstname'].' '.$order->delivery['lastname']));
- $sh_street = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8", $order->delivery['street_address']));
- $sh_street_2 = '';
- $sh_city = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8", $order->delivery['city']));
- $sh_state = urlencode($this->state_code($order->delivery['state']));
- if(is_array($order->delivery['country'])):
- $sh_countrycode = urlencode($order->delivery['country']['iso_code_2']);
- $sh_countryname = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8",$order->delivery['country']['title']));
- else:
- $sh_countrycode = urlencode($order->delivery['country_iso_2']);
- $sh_countryname = urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8",$order->delivery['country']));
- endif;
- $sh_phonenum = urlencode($order->customer['telephone']);
- $sh_zip = urlencode($order->delivery['postcode']);
- $address = "&SHIPTONAME=".$sh_name."&SHIPTOSTREET=".$sh_street."&SHIPTOSTREET2=".$sh_street2."&SHIPTOCITY=".$sh_city."&SHIPTOZIP=".$sh_zip."&SHIPTOSTATE=".$sh_state."&SHIPTOCOUNTRYCODE=".$sh_countrycode."&SHIPTOCOUNTRYNAME=".$sh_countryname."&PHONENUM=".$sh_phonenum;
- // Versand Ende
- $nvpstr='&TOKEN='.$token.
- '&PAYERID='.$payerID.
- '&PAYMENTACTION='.$paymentType.
- '&AMT='.$paymentAmount.
- '&CURRENCYCODE='.$currencyCodeType.
- '&IPADDRESS='.$customers_ip.
- '&NOTIFYURL='.$notify_url.
- '&INVNUM='.$inv_num.$adress.
- '&BUTTONSOURCE='.$button_source.
- $address;
- // Artikel Details mitgeben
- $nvpstr.=$nvp_products;
- // Make the call to PayPal to finalize payment
- // If an error occured, show the resulting errors
- $resArray=$this->hash_call("DoExpressCheckoutPayment",$nvpstr);
- $_SESSION['reshash'] = array_merge($_SESSION['reshash'], $resArray) ;
- $ack = strtoupper($resArray["ACK"]);
- if($ack!="SUCCESS" AND $ack!="SUCCESSWITHWARNING"){
- $this->build_error_message($_SESSION['reshash'],'DoEx');
- }
- }
- /*************************************************************/
- /******* funktionen nur für Warenkorb ************************/
- /*************************************************************/
- function paypal_get_customer_data(){
- // Stand: 29.04.2009
- $nvpstr="&TOKEN=".$_SESSION['reshash']['TOKEN'];
- // Make the API call and store the results in an array. If the
- // call was a success, show the authorization details, and provide
- // an action to complete the payment. If failed, show the error
- $resArray=$this->hash_call("GetExpressCheckoutDetails",$nvpstr);
- $_SESSION['reshash'] = array_merge($_SESSION['reshash'], $resArray) ;
- $ack = strtoupper($resArray["ACK"]);
- if($ack=="SUCCESS"){
- $_SESSION['paypal_express_checkout'] = true;
- $_SESSION['paypal_express_payment_modules'] = 'paypalexpress.php';
- $this->check_customer();
- } else {
- $this->build_error_message($_SESSION['reshash']);
- $this->payPalURL = $this->EXPRESS_CANCEL_URL;
- return $this->payPalURL;
- }
- }
- /*************************************************************/
- function check_customer(){
- // Stand: 29.04.2009
- if(!isset($_SESSION['customer_id'])) {
- $check_customer_query = xtc_db_query("select * from ".TABLE_CUSTOMERS." where customers_email_address = '".xtc_db_input($_SESSION['reshash']['EMAIL'])."' and account_type = '0'");
- if(!xtc_db_num_rows($check_customer_query)) {
- $this->create_account();
- }else{
- $check_customer = xtc_db_fetch_array($check_customer_query);
- $this->login_customer($check_customer);
- if(PAYPAL_EXPRESS_ADDRESS_OVERRIDE == 'true' && $_SESSION['pp_allow_address_change']!='true')
- $this->create_shipping_address();
- }
- }else{
- if(PAYPAL_EXPRESS_ADDRESS_OVERRIDE == 'true' && $_SESSION['pp_allow_address_change']!='true'){
- $check_customer_query = xtc_db_query("select * from ".TABLE_CUSTOMERS." where customers_id = '".xtc_db_input($_SESSION['customer_id'])."' and account_type = '0'");
- $check_customer = xtc_db_fetch_array($check_customer_query);
- $this->create_shipping_address();
- }
- }
- }
- /*************************************************************/
- function create_account(){
- // Stand: 29.04.2009
- $firstname = xtc_db_prepare_input($this->UTF8decode($_SESSION['reshash']['FIRSTNAME']));
- $lastname = xtc_db_prepare_input($this->UTF8decode($_SESSION['reshash']['LASTNAME']));
- $email_address = xtc_db_prepare_input($_SESSION['reshash']['EMAIL']);
- $company = xtc_db_prepare_input($this->UTF8decode($_SESSION['reshash']['BUSINESS']));
- $street_address = xtc_db_prepare_input($this->UTF8decode($_SESSION['reshash']['SHIPTOSTREET'] . $_SESSION['reshash']['SHIPTOSTREET_2']));
- $postcode = xtc_db_prepare_input($_SESSION['reshash']['SHIPTOZIP']);
- $city = xtc_db_prepare_input($this->UTF8decode($_SESSION['reshash']['SHIPTOCITY']));
- $state = xtc_db_prepare_input($_SESSION['reshash']['SHIPTOSTATE']);
- $telephone = xtc_db_prepare_input($_SESSION['reshash']['PHONENUM']);
- $country_query = xtc_db_query("select * from ".TABLE_COUNTRIES." where countries_iso_code_2 = '".xtc_db_input($_SESSION['reshash']['SHIPTOCOUNTRYCODE'])."' ");
- $tmp_country = xtc_db_fetch_array($country_query);
- $country = xtc_db_prepare_input($tmp_country['countries_id']);
- $customers_status = DEFAULT_CUSTOMERS_STATUS_ID;
- $sql_data_array = array(
- 'customers_status' => $customers_status,
- 'customers_firstname' => $firstname,
- 'customers_lastname' => $lastname,
- 'customers_email_address' => $email_address,
- 'customers_telephone' => $telephone,
- 'customers_date_added' => 'now()',
- 'customers_last_modified' => 'now()');
- xtc_db_perform(TABLE_CUSTOMERS, $sql_data_array);
- $_SESSION['paypal_express_new_customer'] = 'true';
- $_SESSION['customer_id'] = xtc_db_insert_id();
- $user_id = xtc_db_insert_id();
- xtc_write_user_info($user_id);
- $sql_data_array = array(
- 'customers_id' => $_SESSION['customer_id'],
- 'entry_firstname' => $firstname,
- 'entry_lastname' => $lastname,
- 'entry_street_address' => $street_address,
- 'entry_postcode' => $postcode,
- 'entry_city' => $city,
- 'entry_country_id' => $country,
- 'entry_company' => $company,
- 'entry_zone_id' => '0',
- 'entry_state' => $state,
- 'address_date_added' => 'now()',
- 'address_last_modified' => 'now()');
- xtc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
- $address_id = xtc_db_insert_id();
- $_SESSION['sendto'] = $address_id;
- xtc_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . $address_id . "' where customers_id = '" . (int) $_SESSION['customer_id'] . "'");
- xtc_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $_SESSION['customer_id'] . "', '0', now())");
- if(isset($_SESSION['tracking']['refID'])) {
- $campaign_check_query_raw = "SELECT *
- FROM " . TABLE_CAMPAIGNS . "
- WHERE campaigns_refID = '" . $_SESSION[tracking][refID] . "'";
- $campaign_check_query = xtc_db_query($campaign_check_query_raw);
- if(xtc_db_num_rows($campaign_check_query) > 0) {
- $campaign = xtc_db_fetch_array($campaign_check_query);
- $refID = $campaign['campaigns_id'];
- } else {
- $refID = 0;
- }
- xtc_db_query("update " . TABLE_CUSTOMERS . " set
- refferers_id = '" . $refID . "'
- where customers_id = '" . (int) $_SESSION['customer_id'] . "'");
- $leads = $campaign['campaigns_leads'] + 1;
- xtc_db_query("update " . TABLE_CAMPAIGNS . " set
- campaigns_leads = '" . $leads . "'
- where campaigns_id = '" . $refID . "'");
- }
- if(ACTIVATE_GIFT_SYSTEM == 'true') {
- // GV Code Start
- // ICW - CREDIT CLASS CODE BLOCK ADDED ******************************************************* BEGIN
- if(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT > 0) {
- $coupon_code = create_coupon_code();
- $insert_query = xtc_db_query("insert into " . TABLE_COUPONS . " (coupon_code, coupon_type, coupon_amount, date_created) values ('" . $coupon_code . "', 'G', '" . NEW_SIGNUP_GIFT_VOUCHER_AMOUNT . "', now())");
- $insert_id = xtc_db_insert_id($insert_query);
- $insert_query = xtc_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $insert_id . "', '0', 'Admin', '" . $email_address . "', now() )");
- $_SESSION['reshash']['SEND_GIFT'] = 'true';
- $_SESSION['reshash']['GIFT_AMMOUNT'] = $xtPrice->xtcFormat(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT, true);
- $_SESSION['reshash']['GIFT_CODE'] = $coupon_code;
- $_SESSION['reshash']['GIFT_LINK'] = xtc_href_link(FILENAME_GV_REDEEM, 'gv_no=' . $coupon_code, 'NONSSL', false);
- }
- if(NEW_SIGNUP_DISCOUNT_COUPON != '') {
- $coupon_code = NEW_SIGNUP_DISCOUNT_COUPON;
- $coupon_query = xtc_db_query("select * from " . TABLE_COUPONS . " where coupon_code = '" . $coupon_code . "'");
- $coupon = xtc_db_fetch_array($coupon_query);
- $coupon_id = $coupon['coupon_id'];
- $coupon_desc_query = xtc_db_query("select * from " . TABLE_COUPONS_DESCRIPTION . " where coupon_id = '" . $coupon_id . "' and language_id = '" . (int) $_SESSION['language_id'] . "'");
- $coupon_desc = xtc_db_fetch_array($coupon_desc_query);
- $insert_query = xtc_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $coupon_id . "', '0', 'Admin', '" . $email_address . "', now() )");
- $_SESSION['reshash']['SEND_COUPON'] = 'true';
- $_SESSION['reshash']['COUPON_DESC'] = $coupon_desc['coupon_description'];
- $_SESSION['reshash']['COUPON_CODE'] = $coupon['coupon_code'];
- }
- // ICW - CREDIT CLASS CODE BLOCK ADDED ******************************************************* END
- // GV Code End // create templates
- }
- $_SESSION['ACCOUNT_PASSWORD'] = 'true';
- // Login Customer
- $check_customer_query = xtc_db_query("select * from ".TABLE_CUSTOMERS." where customers_email_address = '".xtc_db_input($email_address)."' and account_type = '0'");
- $check_customer = xtc_db_fetch_array($check_customer_query);
- $this->login_customer($check_customer);
- if(PAYPAL_EXPRESS_ADDRESS_OVERRIDE == 'true'):
- if($firstname.' '.$lastname != $this->UTF8decode($_SESSION['reshash']['SHIPTONAME']))
- $this->create_shipping_address();
- endif;
- }
- /*************************************************************/
- function login_customer($check_customer){
- // Stand: 29.04.2009
- global $main,$xtPrice,$econda;
- if(SESSION_RECREATE == 'True')
- xtc_session_recreate();
- $check_country_query = xtc_db_query("select entry_country_id, entry_zone_id from ".TABLE_ADDRESS_BOOK." where customers_id = '".(int) $check_customer['customers_id']."' and address_book_id = '".$check_customer['customers_default_address_id']."'");
- $check_country = xtc_db_fetch_array($check_country_query);
- $_SESSION['customer_gender'] = $check_customer['customers_gender'];
- $_SESSION['customer_first_name'] = $check_customer['customers_firstname'];
- $_SESSION['customer_last_name'] = $check_customer['customers_lastname'];
- $_SESSION['customer_id'] = $check_customer['customers_id'];
- $_SESSION['customer_vat_id'] = $check_customer['customers_vat_id'];
- $_SESSION['customer_default_address_id'] = $check_customer['customers_default_address_id'];
- $_SESSION['customer_country_id'] = $check_country['entry_country_id'];
- $_SESSION['customer_zone_id'] = $check_country['entry_zone_id'];
- $_SESSION['customer_email_address'] = $check_customer['customers_email_address'];
- $date_now = date('Ymd');
- xtc_db_query("update ".TABLE_CUSTOMERS_INFO." SET customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1 WHERE customers_info_id = '".(int) $_SESSION['customer_id']."'");
- xtc_write_user_info((int) $_SESSION['customer_id']);
- // Falls vorher schon mal eingeloggt und was in der Cart war
- xtc_db_query("delete from ".TABLE_CUSTOMERS_BASKET." where customers_id = '".(int)$_SESSION['customer_id']."'");
- xtc_db_query("delete from ".TABLE_CUSTOMERS_BASKET_ATTRIBUTES." where customers_id = '".(int)$_SESSION['customer_id']."'");
- // Warenkorb restoren
- $_SESSION['cart']->restore_contents();
- if(is_object($econda)) $econda->_loginUser();
- // write customers status in session
- require(DIR_WS_INCLUDES.'write_customers_status.php');
- $xtPrice = new xtcPrice($_SESSION['currency'], $_SESSION['customers_status']['customers_status_id']);
- }
- /*************************************************************/
- function create_shipping_address(){
- // Stand: 29.04.2009
- $pos = strrpos($_SESSION['reshash']['SHIPTONAME'], ' ');
- $lenght = strlen($_SESSION['reshash']['SHIPTONAME']);
- $firstname = $this->UTF8decode(substr($_SESSION['reshash']['SHIPTONAME'], 0, $pos));
- $lastname = $this->UTF8decode(substr($_SESSION['reshash']['SHIPTONAME'], ($pos+1), $lenght));
- $email_address = xtc_db_prepare_input($_SESSION['reshash']['EMAIL']);
- $company = xtc_db_prepare_input($_SESSION['reshash']['BUSINESS']);
- $street_address = xtc_db_prepare_input($this->UTF8decode($_SESSION['reshash']['SHIPTOSTREET'] . $_SESSION['reshash']['SHIPTOSTREET_2']));
- $postcode = xtc_db_prepare_input($_SESSION['reshash']['SHIPTOZIP']);
- $city = xtc_db_prepare_input($this->UTF8decode($_SESSION['reshash']['SHIPTOCITY']));
- $state = xtc_db_prepare_input($_SESSION['reshash']['SHIPTOSTATE']);
- $telephone = xtc_db_prepare_input($_SESSION['reshash']['PHONENUM']);
- $country_query = xtc_db_query("select * from ".TABLE_COUNTRIES." where countries_iso_code_2 = '".xtc_db_input($_SESSION['reshash']['SHIPTOCOUNTRYCODE'])."' ");
- $tmp_country = xtc_db_fetch_array($country_query);
- $country = xtc_db_prepare_input($tmp_country['countries_id']);
- $sql_data_array = array(
- 'customers_id' => $_SESSION['customer_id'],
- 'entry_firstname' => $firstname,
- 'entry_lastname' => $lastname,
- 'entry_street_address' => $street_address,
- 'entry_postcode' => $postcode,
- 'entry_city' => $city,
- 'entry_country_id' => $country,
- 'entry_company' => $company,
- 'entry_zone_id' => '0',
- 'entry_state' => $state,
- 'address_date_added' => 'now()',
- 'address_last_modified' => 'now()',
- 'address_class' => 'paypal');
- $check_address_query = xtc_db_query("select address_book_id from ".TABLE_ADDRESS_BOOK." where customers_id = '".(int) $_SESSION['customer_id']."' and address_class = 'paypal'");
- $check_address = xtc_db_fetch_array($check_address_query);
- if($check_address['address_book_id']!='') {
- xtc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "address_book_id = '".(int) $check_address['address_book_id']."' and customers_id ='".(int) $_SESSION['customer_id']."'");
- $send_to = $check_address['address_book_id'];
- }else{
- xtc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
- $send_to = xtc_db_insert_id();
- }
- $_SESSION['sendto'] = $send_to;
- }
- /*************************************************************/
- /******* funktionen für beide versionen **********************/
- /*************************************************************/
- // hash_call: Function to perform the API call to PayPal using API signature
- // @methodName is name of API method.
- // @nvpStr is nvp string.
- // returns an associtive array containing the response from the server.
- // 08.01.2009.ergänzt für PHP ohne cURL von Stefan Kl.
- // 05.01.2010 Verbose auf 0 da bei einigen Hostern sonst zuviel angezeigt wird
- function hash_call($methodName,$nvpStr,$pp_token=''){
- // Stand: 05.01.2010
- if(function_exists('curl_init')):
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL,$this->API_Endpoint.$pp_token);
- curl_setopt($ch, CURLOPT_VERBOSE, 0);
- //turning off the server and peer verification(TrustManager Concept).
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
- curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_POST, 1);
- //if USE_PROXY constant set to TRUE am Anfang dieser Datei, then only proxy will be enabled.
- //Set proxy name to PROXY_HOST and port number to PROXY_PORT im Anfang dieser Datei
- if($this->USE_PROXY)
- curl_setopt($ch, CURLOPT_PROXY, PROXY_HOST.":".PROXY_PORT);
- //NVPRequest for submitting to server
- $nvpreq="METHOD=".urlencode($methodName)."&VERSION=".urlencode($this->version)."&PWD=".urlencode($this->API_Password)."&USER=".urlencode($this->API_UserName)."&SIGNATURE=".urlencode($this->API_Signature).$nvpStr;
- //setting the nvpreq as POST FIELD to curl
- curl_setopt($ch,CURLOPT_POSTFIELDS,$nvpreq);
- //getting response from server
- $response = curl_exec($ch);
- //convrting NVPResponse to an Associative Array
- $nvpResArray=$this->deformatNVP($response);
- $nvpReqArray=$this->deformatNVP($nvpreq);
- $_SESSION['nvpReqArray']= $nvpReqArray;
- /* Mit cURL Fehleranzeige und nicht Versuch mit file_get_contents
- if(curl_errno($ch)) {
- // moving to display page to display curl errors
- $_SESSION['curl_error_no']=curl_errno($ch) ;
- $_SESSION['curl_error_msg']=curl_error($ch);
- $this->build_error_message($_SESSION['reshash']);
- }
- */
- $curl_fehler=curl_errno($ch);
- //closing the curl
- curl_close($ch);
- //return $nvpResArray;
- if(!$curl_fehler)
- return $nvpResArray;
- //else:
- endif;
- /// Falls cURL nicht da oder Fehlerhaft
- global $API_Endpoint,$version,$API_UserName,$API_Password,$API_Signature,$nvp_Header;
- $nvpreq="METHOD=".urlencode($methodName)."&VERSION=".urlencode($this->version)."&PWD=".urlencode($this->API_Password)."&USER=".urlencode($this->API_UserName)."&SIGNATURE=".urlencode($this->API_Signature).$nvpStr;
- $request_post = array(
- 'http'=>array(
- 'method'=>'POST',
- 'header'=>"Content-type: application/x-www-form-urlencoded\r\n",
- 'content'=>$nvpreq));
- $request = stream_context_create($request_post);
- $response= file_get_contents($this->API_Endpoint.$pp_token, false, $request);
- $nvpResArray=$this->deformatNVP($response);
- $nvpReqArray=$this->deformatNVP($nvpreq);
- $_SESSION['nvpReqArray']= $nvpReqArray;
- return $nvpResArray;
- //endif;
- }
- /*************************************************************/
- // This function will take NVPString and convert it to an Associative Array and it will decode the response.
- // It is usefull to search for a particular key and displaying arrays.
- // @nvpstr is NVPString.
- // @nvpArray is Associative Array.
- function deformatNVP($nvpstr){
- // Stand: 29.04.2009
- $intial=0;
- $nvpArray = array();
- while(strlen($nvpstr)){
- //postion of Key
- $keypos= strpos($nvpstr,'=');
- //position of value
- $valuepos = strpos($nvpstr,'&') ? strpos($nvpstr,'&'): strlen($nvpstr);
- // getting the Key and Value values and storing in a Associative Array
- $keyval=substr($nvpstr,$intial,$keypos);
- $valval=substr($nvpstr,$keypos+1,$valuepos-$keypos-1);
- //decoding the respose
- $nvpArray[urldecode($keyval)] =urldecode( $valval);
- $nvpstr=substr($nvpstr,$valuepos+1,strlen($nvpstr));
- }
- return $nvpArray;
- }
- /*************************************************************/
- function build_error_message($resArray='',$Aufruf=''){
- // Stand: 29.04.2009
- global $messageStack;
- if(isset($_SESSION['curl_error_no'])) {
- $errorCode= $_SESSION['curl_error_no'] ;
- $errorMessage=$_SESSION['curl_error_msg'] ;
- $error .= 'Error Number: '. $errorCode . '<br />';
- $error .= 'Error Message: '. $errorMessage . '<br />';
- } else {
- $error .= 'Ack: '. $resArray['ACK'] . '<br />';
- $error .= 'Correlation ID: '. $resArray['CORRELATIONID'] . '<br />';
- $error .= 'Version:'. $resArray['VERSION'] . '<br />';
- $count=0;
- $redirect=0;
- while(isset($resArray["L_SHORTMESSAGE".$count])) {
- $errorCode = $resArray["L_ERRORCODE".$count];
- $shortMessage = $resArray["L_SHORTMESSAGE".$count];
- $longMessage = $resArray["L_LONGMESSAGE".$count];
- if($Aufruf=='DoEx' AND ($errorCode=='10422' OR $errorCode=='10417'))
- $redirect=1;
- $count=$count+1;
- $error .= 'Error Number:'. $errorCode . '<br />';
- $error .= 'Error Short Message: '. $shortMessage . '<br />';
- $error .= 'Error Long Message: '. $longMessage . '<br />';
- }//end while
- if($redirect==1)
- $_SESSION['reshash']['REDIRECTREQUIRED']="TRUE";
- }// end else
- $_SESSION['reshash']['FORMATED_ERRORS'] = $error;
- }
- /*************************************************************/
- function paypal_get_products($paymentAmount,$order_tax,$order_discount,$order_fee,$order_shipping,$order_gs,$express_call=False){
- // für beide PayPal Versionen
- // Artikel Details mitgeben
- // Für den Express Call Vermerk für den Versand + Vorläufige Kosten mitgeben
- // Stand: 05.01.2010
- global $xtPrice,$order;
- $products_sum_amt = 0;
- $tmp_products='';
- for($i = 0, $n = sizeof($order->products); $i < $n; $i ++) {
- $products_price = round($order->products[$i]['price'],$xtPrice->get_decimal_places($order->info['currency']));
- $products_sum_amt+=$products_price*$order->products[$i]['qty'];
- $tmp_products .='&L_NAME'.$i.'='.urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8",substr($order->products[$i]['name'],0,127))).
- '&L_NUMBER'.$i.'='.urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8",substr($order->products[$i]['model'],0,127))).
- '&L_QTY'.$i.'='.urlencode($order->products[$i]['qty']).
- '&L_AMT'.$i.'='.urlencode(number_format($products_price, $xtPrice->get_decimal_places($order->info['currency']), '.', ','));
- }
- if($order_discount!=0): // ist ein - Betrag !
- $products_sum_amt+=$order_discount;
- $tmp_products .='&L_NAME'.$i.'='.urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8",substr(SUB_TITLE_OT_DISCOUNT,0,127))).
- '&L_NUMBER'.$i.'='.
- '&L_QTY'.$i.'=1'.
- '&L_AMT'.$i.'='.urlencode(number_format($order_discount, $xtPrice->get_decimal_places($order->info['currency']), '.', ','));
- $i++;
- endif;
- if($order_gs!=0): // ist ein - Betrag !
- $products_sum_amt+=$order_gs;
- $tmp_products .='&L_NAME'.$i.'='.urlencode($this->mn_iconv($_SESSION['language_charset'], "UTF-8",substr(PAYPAL_GS,0,127))).
- '&L_NUMBER'.$i.'='.
- '&L_QTY'.$i.'=1'.
- …
Large files files are truncated, but you can click here to view the full file