PageRenderTime 42ms CodeModel.GetById 15ms RepoModel.GetById 1ms app.codeStats 0ms

/administrator/components/com_virtuemart/html/checkout.2Checkout_result.php

https://bitbucket.org/dgough/annamaria-daneswood-25102012
PHP | 100 lines | 53 code | 12 blank | 35 comment | 13 complexity | 7dee6ab1eec44fe8b30a778f28a4b8f3 MD5 | raw file
Possible License(s): GPL-2.0, LGPL-2.1 
    

  1. <?php 
    2. 

  2. /**
    3. 

  3. *
    4. 

  4. * 2Checkout Order Confirmation Handler
    5. 

  5. *
    6. 

  6. * @version $Id: checkout.2Checkout_result.php 1394 2008-05-04 19:05:15Z soeren_nb $
    7. 

  7. * @package VirtueMart
    8. 

  8. * @subpackage html
    9. 

  9. * @copyright Copyright (C) 2004-2007 soeren - All rights reserved.
    10. 

  10. * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
    11. 

  11. * VirtueMart is free software. This version may have been modified pursuant
    12. 

  12. * to the GNU General Public License, and as distributed it includes or
    13. 

  13. * is derivative of works licensed under the GNU General Public License or
    14. 

  14. * other free or open source software licenses.
    15. 

  15. * See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
    16. 

  16. *
    17. 

  17. * http://virtuemart.net
    18. 

  18. */
    19. 

  19. if( !defined( '_VALID_MOS' ) && !defined( '_JEXEC' ) ) die( 'Direct Access to '.basename(__FILE__).' is not allowed.' );   
    20. 

  20. 

  21. /**
    22. 

  22. * Read the post from 2Checkout system 
    23. 

  23. * I have used $_REQUEST instead of $_POST, because
    24. 

  24. * the "direct return" feature comes here using the GET method
    25. 

  25. * and $_REQUEST includes $_POST as well as $_GET
    26. 

  26. **/
    27. 

  27. if( !isset( $_REQUEST["x_invoice_num"] ) || empty( $_REQUEST["x_invoice_num"] ))
    28. 

  28.   echo $VM_LANG->_('VM_CHECKOUT_ORDERIDNOTSET');
    29. 

  29. else {
    30. 

  30.   
    31. 

  31.   /* Load the 2Checkout Configuration File */ 
    32. 

  32.   require_once( CLASSPATH. 'payment/ps_twocheckout.cfg.php' );
    33. 

  33.   
    34. 

  34.   /* x_invoice_num is the name of the variable that holds OUR order_number */
    35. 

  35.   $order_number = vmGet( $_REQUEST, "x_invoice_num" ); 
    36. 

  36.   
    37. 

  37.   // In Demo Mode the MD5 Hash is built using a "1"
    38. 

  38.   if( isset($_REQUEST['demo']) )
    39. 

  39.       if($_REQUEST['demo']== "Y")
    40. 

  40.       $_REQUEST['order_number'] = "1";
    41. 

  41. 

  42.   /* Concat some variables for MD5 Hashing (like 2Checkout does online)
    43. 

  43.   * order_number is the 2Checkout Order Number, not our one!
    44. 

  44.   */
    45. 

  45.   $compare_string = TWOCO_SECRETWORD . TWOCO_LOGIN . $_REQUEST['order_number'] . $_REQUEST['x_amount'];
    46. 

  46.   
    47. 

  47.   // make it md5
    48. 

  48.   $compare_hash1 = strtoupper(md5($compare_string));
    49. 

  49.   $compare_hash2 = $_REQUEST['x_MD5_Hash'];
    50. 

  50.   
    51. 

  51.   /* If both hashes are the same, the post should come from 2Checkout */
    52. 

  52.   if ($compare_hash1 != $compare_hash2) {
    53. 

  53.         ?>
    54. 

  54.         <img src="<?php echo VM_THEMEURL ?>images/button_cancel.png" align="middle" alt="<?php echo $VM_LANG->_('VM_CHECKOUT_FAILURE'); ?>" border="0" />
    55. 

  55.         <span class="message"><?php echo $VM_LANG->_('PHPSHOP_PAYMENT_ERROR') ?></span><?php
    56. 

  56.   }
    57. 

  57.   else {
    58. 

  58.         $qv = "SELECT order_id, order_number FROM #__{vm}_orders ";
    59. 

  59.         $qv .= "WHERE order_number='".$order_number."'";
    60. 

  60.         $dbbt = new ps_DB;
    61. 

  61.         $dbbt->query($qv);
    62. 

  62.         $dbbt->next_record();
    63. 

  63.         $d['order_id'] = $dbbt->f("order_id");
    64. 

  64.         
    65. 

  65.         if ($_REQUEST['x_response_code'] == '1') {
    66. 

  66.             
    67. 

  67.             // UPDATE THE ORDER STATUS to 'VALID'
    68. 

  68.             $d['order_status'] = TWOCO_VERIFIED_STATUS;
    69. 

  69.             require_once ( CLASSPATH . 'ps_order.php' );
    70. 

  70.             $ps_order= new ps_order;
    71. 

  71.             $ps_order->order_status_update($d);
    72. 

  72.             
    73. 

  73.     ?> 
    74. 

  74.             <img src="<?php echo VM_THEMEURL ?>images/button_ok.png" align="middle" alt="<?php echo $VM_LANG->_('VM_CHECKOUT_SUCCESS'); ?>" border="0" />
    75. 

  75.             <h2><?php echo $VM_LANG->_('PHPSHOP_PAYMENT_TRANSACTION_SUCCESS') ?></h2>
    76. 

  76.         <?php
    77. 

  77.         }
    78. 

  78.         else {
    79. 

  79.             // the Payment wasn't successful. Maybe the Payment couldn't
    80. 

  80.             // be verified and is pending
    81. 

  81.             // UPDATE THE ORDER STATUS to 'INVALID'
    82. 

  82.             $d['order_status'] = TWOCO_INVALID_STATUS;
    83. 

  83.             require_once ( CLASSPATH . 'ps_order.php' );
    84. 

  84.             $ps_order= new ps_order;
    85. 

  85.             $ps_order->order_status_update($d);
    86. 

  86.             
    87. 

  87.     ?> 
    88. 

  88.             <img src="<?php echo VM_THEMEURL ?>images/button_cancel.png" align="middle" alt="<?php echo $VM_LANG->_('VM_CHECKOUT_FAILURE'); ?>" border="0" />
    89. 

  89.             <h2><?php echo $VM_LANG->_('PHPSHOP_PAYMENT_ERROR') ?></h2>
    90. 

  90.         <?php
    91. 

  91.         } 
    92. 

  92.   }
    93. 

  93.   ?>
    94. 

  94. <br />
    95. 

  95. <p><a href="<?php @$sess->purl( SECUREURL."index.php?option=com_virtuemart&page=account.order_details&order_id=".$d['order_id'] ) ?>">
    96. 

  96.    <?php echo $VM_LANG->_('PHPSHOP_ORDER_LINK') ?></a>
    97. 

  97. </p>
    98. 

  98. <?php
    99. 

  99. }
    100. 

  100. 

  101.