PageRenderTime 92ms CodeModel.GetById 25ms RepoModel.GetById 0ms app.codeStats 0ms

/includes/modules/payment/worldpay.php

https://github.com/digineo/xt-commerce
PHP | 201 lines | 114 code | 32 blank | 55 comment | 17 complexity | 9f5609b50073947eb0e8fa5ac76c7e19 MD5 | raw file
Possible License(s): AGPL-1.0 
    

  1. <?php

    2. 

  2. 

    3. 

  3. /* -----------------------------------------------------------------------------------------

    4. 

  4.    $Id: worldpay.php,v 1.0 

    5. 

  5. 

    6. 

  6.    XT-Commerce - community made shopping

    7. 

  7.    http://www.xt-commerce.com

    8. 

  8. 

    9. 

  9.    modified for XT-Commerce by XTC-Webservice.de http://www.xtc-webservice.de

    10. 

  10. 

    11. 

  11.    Copyright (c) 2003 XT-Commerce

    12. 

  12.    -----------------------------------------------------------------------------------------

    13. 

  13.    based on: 

    14. 

  14.    (c) 2000-2001 The Exchange Project  (earlier name of osCommerce)

    15. 

  15.    (c) 2002-2003 osCommerce(world.php,v Version 1.6); www.oscommerce.com

    16. 

  16. 

    17. 

  17.    Released under the GNU General Public License

    18. 

  18. 

    19. 

  19.    Third Party contribution:

    20. 

  20. 

    21. 

  21. ************************************************************************

    22. 

  22.   $Id: worldpay.php,v MS1a 2003/04/06 21:30

    23. 

  23.   Author : Graeme Conkie (graeme@conkie.net)

    24. 

  24.   Title: WorldPay Payment Callback Module V4.0 Version 1.6

    25. 

  25. 

    26. 

  26.   Revisions:

    27. 

  27.   

    28. 

  28. Paulz added minor changes to enable control of 'Payment Zone' added function update_status

    29. 

  29. Version MS1a Cleaned up code, moved static English to language file to allow for bi-lingual use,

    30. 

  30.         Now posting language code to WP, Redirect on failure now to Checkout Payment,

    31. 

  31. Reduced re-direct time to 8 seconds, added MD5, made callback dynamic

    32. 

  32. NOTE: YOU MUST CHANGE THE CALLBACK URL IN WP ADMIN TO <wpdisplay item="MC_callback">

    33. 

  33. Version 1.4 Removes boxes to prevent users from clicking away before update,

    34. 

  34. Fixes currency for Yen,

    35. 

  35. Redirects to Checkout_Process after 10 seconds or click by user

    36. 

  36. Version 1.3 Fixes problem with Multi Currency

    37. 

  37. Version 1.2 Added Sort Order and Default order status to work with snapshots after 14 Jan 2003

    38. 

  38. Version 1.1 Added Worldpay Pre-Authorisation ability

    39. 

  39. Version 1.0 Initial Payment Module

    40. 

  40. 

    41. 

  41.   osCommerce, Open Source E-Commerce Solutions

    42. 

  42.   http://www.oscommerce.com

    43. 

  43. 

    44. 

  44.   Copyright (c) 2003

    45. 

  45.   Released under the GNU General Public License

    46. 

  46. -----------------------------------------------------------------------------------------*/

    47. 

  47. 

    48. 

  48. class worldpay {

    49. 

  49. 	var $code, $title, $description, $enabled;

    50. 

  50. 

    51. 

  51. 	// class constructor

    52. 

  52. 	function worldpay() {

    53. 

  53. 		global $order;

    54. 

  54. 		$this->code = 'worldpay';

    55. 

  55. 		$this->title = MODULE_PAYMENT_WORLDPAY_TEXT_TITLE;

    56. 

  56. 		$this->description = MODULE_PAYMENT_WORLDPAY_TEXT_DESC;

    57. 

  57. 		$this->sort_order = MODULE_PAYMENT_WORLDPAY_SORT_ORDER;

    58. 

  58. 		$this->enabled = ((MODULE_PAYMENT_WORLDPAY_STATUS == 'True') ? true : false);

    59. 

  59. 		$this->info = MODULE_PAYMENT_WORLDPAY_TEXT_INFO;

    60. 

  60. 		if ((int) MODULE_PAYMENT_WORLDPAY_ORDER_STATUS_ID > 0) {

    61. 

  61. 			$this->order_status = MODULE_PAYMENT_WORLDPAY_ORDER_STATUS_ID;

    62. 

  62. 		}

    63. 

  63. 

    64. 

  64. 		if (is_object($order))

    65. 

  65. 			$this->update_status();

    66. 

  66. 

    67. 

  67. 		$this->form_action_url = 'https://select.worldpay.com/wcc/purchase';

    68. 

  68. 

    69. 

  69. 	}

    70. 

  70. 

    71. 

  71. 	// class methods

    72. 

  72. 	function update_status() {

    73. 

  73. 		global $order;

    74. 

  74. 

    75. 

  75. 		if (($this->enabled == true) && ((int) MODULE_PAYMENT_WORLDPAY_ZONE > 0)) {

    76. 

  76. 			$check_flag = false;

    77. 

  77. 			$check_query = xtc_db_query("select zone_id from ".TABLE_ZONES_TO_GEO_ZONES." where geo_zone_id = '".MODULE_PAYMENT_WORLDPAY_ZONE."' and zone_country_id = '".$order->billing['country']['id']."' order by zone_id");

    78. 

  78. 			while ($check = xtc_db_fetch_array($check_query)) {

    79. 

  79. 				if ($check['zone_id'] < 1) {

    80. 

  80. 					$check_flag = true;

    81. 

  81. 					break;

    82. 

  82. 				}

    83. 

  83. 				elseif ($check['zone_id'] == $order->billing['zone_id']) {

    84. 

  84. 					$check_flag = true;

    85. 

  85. 					break;

    86. 

  86. 				}

    87. 

  87. 			}

    88. 

  88. 			if ($check_flag == false) {

    89. 

  89. 				$this->enabled = false;

    90. 

  90. 			}

    91. 

  91. 

    92. 

  92. 		}

    93. 

  93. 	}

    94. 

  94. 

    95. 

  95. 	// class methods

    96. 

  96. 	function javascript_validation() {

    97. 

  97. 		return false;

    98. 

  98. 	}

    99. 

  99. 

    100. 

  100. 	function selection() {

    101. 

  101. 		return array ('id' => $this->code, 'module' => $this->title, 'description' => $this->info);

    102. 

  102. 	}

    103. 

  103. 

    104. 

  104. 	function pre_confirmation_check() {

    105. 

  105. 		return false;

    106. 

  106. 	}

    107. 

  107. 

    108. 

  108. 	function confirmation() {

    109. 

  109. 		return false;

    110. 

  110. 	}

    111. 

  111. 

    112. 

  112. 	function process_button() {

    113. 

  113. 		global $order, $xtPrice;

    114. 

  114. 

    115. 

  115. 		$worldpay_url = xtc_session_name().'='.xtc_session_id();

    116. 

  116. 		$total = number_format($order->info['total'], $xtPrice->get_decimal_places($_SESSION['currency']), '.', '');

    117. 

  117. 		

    118. 

  118. 		$process_button_string = xtc_draw_hidden_field('instId', MODULE_PAYMENT_WORLDPAY_ID).xtc_draw_hidden_field('currency', $_SESSION['currency']).xtc_draw_hidden_field('desc', 'Purchase from '.STORE_NAME).xtc_draw_hidden_field('cartId', $worldpay_url).xtc_draw_hidden_field('amount', $total);

    119. 

  119. 

    120. 

  120. 		// Pre Auth Mod 3/1/2002 - Graeme Conkie

    121. 

  121. 		if (MODULE_PAYMENT_WORLDPAY_USEPREAUTH == 'True')

    122. 

  122. 			$process_button_string .= xtc_draw_hidden_field('authMode', MODULE_PAYMENT_WORLDPAY_PREAUTH);

    123. 

  123. 

    124. 

  124. 		// Ian-san: Create callback and language links here 6/4/2003:

    125. 

  125. 		$language_code_raw = xtc_db_query("select code from ".TABLE_LANGUAGES." where languages_id ='".$_SESSION['languages_id']."'");

    126. 

  126. 		$language_code_array = xtc_db_fetch_array($language_code_raw);

    127. 

  127. 		$language_code = $language_code_array['code'];

    128. 

  128. 

    129. 

  129. 		$address = htmlspecialchars($order->customer['street_address']."\n".$order->customer['suburb']."\n".$order->customer['city']."\n".$order->customer['state'], ENT_QUOTES);

    130. 

  130. 

    131. 

  131. 		$process_button_string .= xtc_draw_hidden_field('testMode', MODULE_PAYMENT_WORLDPAY_MODE).xtc_draw_hidden_field('name', $order->customer['firstname'].' '.$order->customer['lastname']).xtc_draw_hidden_field('address', $address).xtc_draw_hidden_field('postcode', $order->customer['postcode']).xtc_draw_hidden_field('country', $order->customer['country']['iso_code_2']).xtc_draw_hidden_field('tel', $order->customer['telephone']).xtc_draw_hidden_field('myvar', 'Y').xtc_draw_hidden_field('fax', $order->customer['fax']).xtc_draw_hidden_field('email', $order->customer['email_address']).

    132. 

  132. 

    133. 

  133. 		// Ian-san: Added dynamic callback and languages link here 6/4/2003:

    134. 

  134. 		xtc_draw_hidden_field('lang', $language_code).xtc_draw_hidden_field('MC_callback', xtc_href_link('wpcallback.php')).xtc_draw_hidden_field('MC_XTCsid', $XTCsid);

    135. 

  135. 

    136. 

  136. 		// Ian-san: Added MD5 here 6/4/2003:

    137. 

  137. 		if (MODULE_PAYMENT_WORLDPAY_USEMD5 == '1') {

    138. 

  138. 			$md5_signature_fields = 'amount:language:email';

    139. 

  139. 			$md5_signature = MODULE_PAYMENT_WORLDPAY_MD5KEY.':'. (number_format($order->info['total'] * $currencies->get_value($currency), $currencies->get_decimal_places($currency), '.', '')).':'.$language_code.':'.$order->customer['email_address'];

    140. 

  140. 			$md5_signature_md5 = md5($md5_signature);

    141. 

  141. 

    142. 

  142. 			$process_button_string .= xtc_draw_hidden_field('signatureFields', $md5_signature_fields).xtc_draw_hidden_field('signature', $md5_signature_md5);

    143. 

  143. 		}

    144. 

  144. 		return $process_button_string;

    145. 

  145. 	}

    146. 

  146. 

    147. 

  147. 	function before_process() {

    148. 

  148. 		return false;

    149. 

  149. 	}

    150. 

  150. 

    151. 

  151. 	function after_process() {

    152. 

  152.  	global $insert_id;

    153. 

  153. 	if ($this->order_status) xtc_db_query("UPDATE ". TABLE_ORDERS ." SET orders_status='".$this->order_status."' WHERE orders_id='".$insert_id."'");

    154. 

  154. 	}

    155. 

  155. 	

    156. 

  156. 	function admin_order($oID) {

    157. 

  157. 		return false;

    158. 

  158. 	}

    159. 

  159. 

    160. 

  160. 	function output_error() {

    161. 

  161. 		return false;

    162. 

  162. 	}

    163. 

  163. 

    164. 

  164. 	function check() {

    165. 

  165. 		if (!isset ($this->_check)) {

    166. 

  166. 			$check_query = xtc_db_query("select configuration_value from ".TABLE_CONFIGURATION." where configuration_key = 'MODULE_PAYMENT_WORLDPAY_STATUS'");

    167. 

  167. 			$this->_check = xtc_db_num_rows($check_query);

    168. 

  168. 		}

    169. 

  169. 		return $this->_check;

    170. 

  170. 	}

    171. 

  171. 

    172. 

  172. 	function install() {

    173. 

  173. 		xtc_db_query("insert into ".TABLE_CONFIGURATION." (configuration_key, configuration_value, configuration_group_id, sort_order, set_function, date_added) values ('MODULE_PAYMENT_WORLDPAY_STATUS', 'True', '6', '1', 'xtc_cfg_select_option(array(\'True\', \'False\'), ', now())");

    174. 

  174. 		xtc_db_query("insert into ".TABLE_CONFIGURATION." (configuration_key, configuration_value, configuration_group_id, sort_order, date_added) values ('MODULE_PAYMENT_WORLDPAY_ID', '00000', '6', '2', now())");

    175. 

  175. 		xtc_db_query("insert into ".TABLE_CONFIGURATION." (configuration_key, configuration_value, configuration_group_id, sort_order, date_added) values ('MODULE_PAYMENT_WORLDPAY_MODE', '100', '6', '5', now())");

    176. 

  176. 		xtc_db_query("insert into ".TABLE_CONFIGURATION." (configuration_key, configuration_value,  configuration_group_id, sort_order, date_added) values ('MODULE_PAYMENT_WORLDPAY_ALLOWED', '', '6', '0', now())");

    177. 

  177. 		// Ian-san: Added MD5 here 6/4/2003:

    178. 

  178. 		xtc_db_query("insert into ".TABLE_CONFIGURATION." (configuration_key, configuration_value, configuration_group_id, sort_order, date_added) values ('MODULE_PAYMENT_WORLDPAY_USEMD5', '0', '6', '4', now())");

    179. 

  179. 		xtc_db_query("insert into ".TABLE_CONFIGURATION." (configuration_key, configuration_value, configuration_group_id, sort_order, date_added) values ('MODULE_PAYMENT_WORLDPAY_MD5KEY', '', '6', '5', now())");

    180. 

  180. 

    181. 

  181. 		// Pre Auth Mod - Graeme Conkie 13/1/2003

    182. 

  182. 		xtc_db_query("insert into ".TABLE_CONFIGURATION." (configuration_key, configuration_value, configuration_group_id, sort_order, date_added) values ('MODULE_PAYMENT_WORLDPAY_SORT_ORDER', '0', '6', '0', now())");

    183. 

  183. 		xtc_db_query("insert into ".TABLE_CONFIGURATION." (configuration_key, configuration_value, configuration_group_id, sort_order, set_function, date_added) values ('MODULE_PAYMENT_WORLDPAY_USEPREAUTH', 'False', '6', '3', 'xtc_cfg_select_option(array(\'True\', \'False\'), ', now())");

    184. 

  184. 		xtc_db_query("insert into ".TABLE_CONFIGURATION." (configuration_key, configuration_value, configuration_group_id, sort_order, set_function, use_function, date_added) values ('MODULE_PAYMENT_WORLDPAY_ORDER_STATUS_ID', '0', '6', '0', 'xtc_cfg_pull_down_order_statuses(', 'xtc_get_order_status_name', now())");

    185. 

  185. 		xtc_db_query("insert into ".TABLE_CONFIGURATION." (configuration_key, configuration_value, configuration_group_id, sort_order, date_added) values ('MODULE_PAYMENT_WORLDPAY_PREAUTH', 'A', '6', '4', now())");

    186. 

  186. 		// Paulz zone control 04/04/2004        

    187. 

  187. 		xtc_db_query("insert into ".TABLE_CONFIGURATION." (configuration_key, configuration_value, configuration_group_id, sort_order, use_function, set_function, date_added) values ('MODULE_PAYMENT_WORLDPAY_ZONE', '0', '6', '2', 'xtc_get_zone_class_title', 'xtc_cfg_pull_down_zone_classes(', now())");

    188. 

  188. 		// Ian-san: Added MD5 here 6/4/2003:

    189. 

  189. 		xtc_db_query("delete from ".TABLE_CONFIGURATION." where configuration_key = 'MODULE_PAYMENT_WORLDPAY_USEMD5'");

    190. 

  190. 		xtc_db_query("delete from ".TABLE_CONFIGURATION." where configuration_key = 'MODULE_PAYMENT_WORLDPAY_MD5KEY'");

    191. 

  191. 	}

    192. 

  192. 

    193. 

  193. 	function remove() {

    194. 

  194. 		xtc_db_query("delete from ".TABLE_CONFIGURATION." where configuration_key in ('".implode("', '", $this->keys())."')");

    195. 

  195. 	}

    196. 

  196. 

    197. 

  197. 	function keys() {

    198. 

  198. 		return array ('MODULE_PAYMENT_WORLDPAY_STATUS', 'MODULE_PAYMENT_WORLDPAY_ID', 'MODULE_PAYMENT_WORLDPAY_MODE', 'MODULE_PAYMENT_WORLDPAY_ALLOWED', 'MODULE_PAYMENT_WORLDPAY_USEPREAUTH', 'MODULE_PAYMENT_WORLDPAY_PREAUTH', 'MODULE_PAYMENT_WORLDPAY_ZONE', 'MODULE_PAYMENT_WORLDPAY_SORT_ORDER', 'MODULE_PAYMENT_WORLDPAY_ORDER_STATUS_ID');

    199. 

  199. 	}

    200. 

  200. }

    201. 

  201. ?>
    202.