annamaria-daneswood-25102012 /administrator/components/com_virtuemart/html/checkout.2Checkout_result.php

Language PHP Lines 101
MD5 Hash 7dee6ab1eec44fe8b30a778f28a4b8f3 Estimated Cost $993 (why?)
Repository https://bitbucket.org/dgough/annamaria-daneswood-25102012.git View Raw File View Project SPDX
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<?php 
/**
*
* 2Checkout Order Confirmation Handler
*
* @version $Id: checkout.2Checkout_result.php 1394 2008-05-04 19:05:15Z soeren_nb $
* @package VirtueMart
* @subpackage html
* @copyright Copyright (C) 2004-2007 soeren - All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* VirtueMart is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
* http://virtuemart.net
*/
if( !defined( '_VALID_MOS' ) && !defined( '_JEXEC' ) ) die( 'Direct Access to '.basename(__FILE__).' is not allowed.' );   

/**
* Read the post from 2Checkout system 
* I have used $_REQUEST instead of $_POST, because
* the "direct return" feature comes here using the GET method
* and $_REQUEST includes $_POST as well as $_GET
**/
if( !isset( $_REQUEST["x_invoice_num"] ) || empty( $_REQUEST["x_invoice_num"] ))
  echo $VM_LANG->_('VM_CHECKOUT_ORDERIDNOTSET');
else {
  
  /* Load the 2Checkout Configuration File */ 
  require_once( CLASSPATH. 'payment/ps_twocheckout.cfg.php' );
  
  /* x_invoice_num is the name of the variable that holds OUR order_number */
  $order_number = vmGet( $_REQUEST, "x_invoice_num" ); 
  
  // In Demo Mode the MD5 Hash is built using a "1"
  if( isset($_REQUEST['demo']) )
      if($_REQUEST['demo']== "Y")
      $_REQUEST['order_number'] = "1";

  /* Concat some variables for MD5 Hashing (like 2Checkout does online)
  * order_number is the 2Checkout Order Number, not our one!
  */
  $compare_string = TWOCO_SECRETWORD . TWOCO_LOGIN . $_REQUEST['order_number'] . $_REQUEST['x_amount'];
  
  // make it md5
  $compare_hash1 = strtoupper(md5($compare_string));
  $compare_hash2 = $_REQUEST['x_MD5_Hash'];
  
  /* If both hashes are the same, the post should come from 2Checkout */
  if ($compare_hash1 != $compare_hash2) {
        ?>
        <img src="<?php echo VM_THEMEURL ?>images/button_cancel.png" align="middle" alt="<?php echo $VM_LANG->_('VM_CHECKOUT_FAILURE'); ?>" border="0" />
        <span class="message"><?php echo $VM_LANG->_('PHPSHOP_PAYMENT_ERROR') ?></span><?php
  }
  else {
        $qv = "SELECT order_id, order_number FROM #__{vm}_orders ";
        $qv .= "WHERE order_number='".$order_number."'";
        $dbbt = new ps_DB;
        $dbbt->query($qv);
        $dbbt->next_record();
        $d['order_id'] = $dbbt->f("order_id");
        
        if ($_REQUEST['x_response_code'] == '1') {
            
            // UPDATE THE ORDER STATUS to 'VALID'
            $d['order_status'] = TWOCO_VERIFIED_STATUS;
            require_once ( CLASSPATH . 'ps_order.php' );
            $ps_order= new ps_order;
            $ps_order->order_status_update($d);
            
    ?> 
            <img src="<?php echo VM_THEMEURL ?>images/button_ok.png" align="middle" alt="<?php echo $VM_LANG->_('VM_CHECKOUT_SUCCESS'); ?>" border="0" />
            <h2><?php echo $VM_LANG->_('PHPSHOP_PAYMENT_TRANSACTION_SUCCESS') ?></h2>
        <?php
        }
        else {
            // the Payment wasn't successful. Maybe the Payment couldn't
            // be verified and is pending
            // UPDATE THE ORDER STATUS to 'INVALID'
            $d['order_status'] = TWOCO_INVALID_STATUS;
            require_once ( CLASSPATH . 'ps_order.php' );
            $ps_order= new ps_order;
            $ps_order->order_status_update($d);
            
    ?> 
            <img src="<?php echo VM_THEMEURL ?>images/button_cancel.png" align="middle" alt="<?php echo $VM_LANG->_('VM_CHECKOUT_FAILURE'); ?>" border="0" />
            <h2><?php echo $VM_LANG->_('PHPSHOP_PAYMENT_ERROR') ?></h2>
        <?php
        } 
  }
  ?>
<br />
<p><a href="<?php @$sess->purl( SECUREURL."index.php?option=com_virtuemart&page=account.order_details&order_id=".$d['order_id'] ) ?>">
   <?php echo $VM_LANG->_('PHPSHOP_ORDER_LINK') ?></a>
</p>
<?php
}
Back to Top