PageRenderTime 60ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 1ms

/www/shop/engine/Shopware/Plugins/Default/Frontend/HeidelPayment/Controllers/Frontend/PaymentHeidelpay.php

https://bitbucket.org/weberlars/sot-shopware
PHP | 1018 lines | 736 code | 127 blank | 155 comment | 141 complexity | ad14b814fa3754b05812e8a6e0faa277 MD5 | raw file
Possible License(s): AGPL-3.0, MIT, BSD-3-Clause, LGPL-2.1, LGPL-3.0
  1. <?php
  2. /**
  3. * Heidelpay
  4. *
  5. * @link http://www.heidelpay.de
  6. * @copyright Copyright (c) 2011, Heidelberger Payment AG
  7. * @author Jens Richter und Tobias Eilers
  8. * @package Shopware
  9. * @subpackage Controllers
  10. */
  11. class Shopware_Controllers_Frontend_PaymentHeidelpay extends Shopware_Controllers_Frontend_Payment
  12. {
  13. var $reqFields = array(
  14. 'IDENTIFICATION_UNIQUEID',
  15. 'IDENTIFICATION_SHORTID',
  16. 'IDENTIFICATION_TRANSACTIONID',
  17. 'IDENTIFICATION_REFERENCEID',
  18. 'PROCESSING_RESULT',
  19. 'PROCESSING_RETURN_CODE',
  20. 'PROCESSING_CODE',
  21. 'TRANSACTION_SOURCE',
  22. 'TRANSACTION_CHANNEL',
  23. 'TRANSACTION_RESPONSE',
  24. 'TRANSACTION_MODE',
  25. 'CRITERION_RESPONSE_URL',
  26. );
  27. var $dbtable = '';
  28. var $curl_response = '';
  29. var $error = '';
  30. var $httpstatus = '';
  31. /**
  32. * Index action method
  33. */
  34. public function indexAction()/*{{{*/
  35. {
  36. if ( $this->Config()->HEIDELPAY_DEBUG == "Ja" )
  37. {
  38. print "<h1>Heidelpay Controller</h1><br />";
  39. print "<h2>Debug Mode</h2><br />";
  40. print "PaymentShortName: ".$this->getPaymentShortName() ;
  41. print '<br /><a href="'.$this->Front()->Router()->assemble(array(
  42. 'forceSecure' => 1,
  43. 'action' => 'gateway'
  44. )).'">Weiter zum IFrame</a>';
  45. die();
  46. }
  47. $avaliblePayment = Shopware()->Plugins()->Frontend()->HeidelPayment()->paymentMethod();
  48. $Payment = array();
  49. foreach ($avaliblePayment as $key => $value) {
  50. $Payment[] = $avaliblePayment[$key]['name'];
  51. }
  52. $activePayment = preg_replace('/heidelpay_/', '', $this->getPaymentShortName());
  53. if (in_array($activePayment, $Payment , true))
  54. {
  55. //return $this->forward('gateway');
  56. return $this->redirect(array('controller' => 'PaymentHeidelpay', 'action' => 'gateway', 'forceSecure' => 1)) ;
  57. }
  58. else
  59. {
  60. return $this->forward('index', 'checkout');
  61. }
  62. }/*}}}*/
  63. /**
  64. * Pre dispatch action method
  65. */
  66. public function preDispatch()/*{{{*/
  67. {
  68. if(in_array($this->Request()->getActionName(), array('notify', 'book', 'refresh', 'memo'))) {
  69. Shopware()->Plugins()->Controller()->ViewRenderer()->setNoRender();
  70. }
  71. }/*}}}*/
  72. /**
  73. * Style action method
  74. */
  75. public function styleAction()/*{{{*/
  76. {
  77. $this->Response()->setHeader('Content-Type', 'text/css');
  78. }/*}}}*/
  79. /**
  80. * Api call hco
  81. */
  82. public function gatewayAction()/*{{{*/
  83. {
  84. $user = $this->getUser();
  85. $router = $this->Front()->Router();
  86. $request = $this->Request();
  87. unset(Shopware()->Session()->HPError);
  88. $params = array();
  89. $params['PRESENTATION.AMOUNT'] = $this->formatNumber($this->getAmount());
  90. $params['PRESENTATION.CURRENCY'] = Shopware()->Currency()->getShortName();
  91. $params['FRONTEND.LANGUAGE'] = Shopware()->Locale()->getLanguage();
  92. $params['IDENTIFICATION.TRANSACTIONID']= $this->createPaymentUniqueId();
  93. Shopware()->Session()->HPOrderID = $params['IDENTIFICATION.TRANSACTIONID'] ;
  94. /* PaymentMethode */
  95. $activePayment = preg_replace('/heidelpay_/', '', $this->getPaymentShortName());
  96. switch ($activePayment) {
  97. case 'sue':
  98. case 'gir':
  99. case 'ide':
  100. case 'eps':
  101. $params['PAYMENT.CODE'] = "OT.PA" ;
  102. break;
  103. case 'pay';
  104. $params['PAYMENT.CODE'] = "VA.DB" ;
  105. $params['ACCOUNT.BRAND'] = "PAYPAL" ;
  106. $params['FRONTEND.PM.DEFAULT_DISABLE_ALL'] = "true";
  107. $params['FRONTEND.PM.0.ENABLED'] = "true";
  108. $params['FRONTEND.PM.0.METHOD'] = "VA";
  109. $params['FRONTEND.PM.0.SUBTYPES'] = "PAYPAL" ;
  110. break;
  111. case 'pp' :
  112. case 'iv' :
  113. $params['PAYMENT.CODE'] = strtoupper($activePayment).".PA";
  114. break;
  115. default:
  116. $params['PAYMENT.CODE'] = strtoupper($activePayment).".DB";
  117. break;
  118. }
  119. $bookingMode = array( 'cc','dc','dd');
  120. if (in_array($activePayment, $bookingMode))
  121. {
  122. $booking = 'HEIDELPAY_'.strtoupper($activePayment).'_BOOKING_MODE';
  123. if ( $this->Config()->$booking == "Reservierung" ) {
  124. $params['PAYMENT.CODE'] = strtoupper($activePayment).".PA";
  125. }
  126. }
  127. $channel = 'HEIDELPAY_'.strtoupper($activePayment).'_CHANNEL';
  128. $params['TRANSACTION.CHANNEL'] = $this->Config()->$channel;
  129. //$params['TRANSACTION.CHANNEL'] = "31HA07BC81A71E2A47DA94B6ADC524D8";
  130. $countryISO = Shopware()->Db()->fetchOne("
  131. SELECT `countryiso` FROM `s_core_countries`
  132. WHERE `id` = ?
  133. ", array( $user['billingaddress']['countryID'] ));
  134. /* billing informations */
  135. //$params['NAME.SALUTATION '] = $user['billingaddress']['salutation'];
  136. $params['ACCOUNT.HOLDER'] = $user['billingaddress']['firstname'].' '.$user['billingaddress']['lastname'];
  137. $params['NAME.GIVEN'] = $user['billingaddress']['firstname'];
  138. $params['NAME.FAMILY'] = $user['billingaddress']['lastname'];
  139. $params['ADDRESS.STREET'] = $user['billingaddress']['street']." ".$user['shippingaddress']['streetnumber'];
  140. $params['ADDRESS.ZIP'] = $user['billingaddress']['zipcode'];
  141. $params['ADDRESS.CITY'] = $user['billingaddress']['city'];
  142. $params['ADDRESS.COUNTRY'] = $countryISO;
  143. $params['CONTACT.EMAIL'] = $user['additional']['user']['email'];
  144. $params['CONTACT.IP'] = $_SERVER['REMOTE_ADDR'] ;
  145. $params['SHOP.TYPE'] = "Shopware - ". Shopware()->Config()->Version;
  146. $params['SHOPMODUL.VERSION'] = Shopware()->Plugins()->Frontend()->HeidelPayment()->modulType ." ".
  147. Shopware()->Plugins()->Frontend()->HeidelPayment()->version ;
  148. /* api settings */
  149. $params['TRANSACTION.MODE'] = $this->Config()->HEIDELPAY_TRANSACTION_MODE ;
  150. $params['FRONTEND.MODE'] = "DEFAULT";
  151. $params['FRONTEND.ENABLED'] = "true";
  152. // Rechnung und Vorkasse direkt ohne Frame buchen // 05.07.2012
  153. if (in_array($activePayment, array('pp', 'iv'))){
  154. $params['FRONTEND.ENABLED'] = "false";
  155. }
  156. $params['FRONTEND.POPUP'] = "false";
  157. $params['FRONTEND.REDIRECT_TIME'] = "0";
  158. $params['REQUEST.VERSION'] = "1.0";
  159. $params['FRONTEND.NEXTTARGET'] = "top.location.href";
  160. $params['FRONTEND.RESPONSE_URL'] = $this->Front()->Router()->assemble(array(
  161. 'forceSecure' => 1,
  162. 'action' => 'response',
  163. 'appendSession' => 'SESSION_ID'
  164. ));
  165. $params['FRONTEND.CSS_PATH'] = $this->Front()->Router()->assemble(array(
  166. 'forceSecure' => 1,
  167. 'action' => 'style'
  168. ));
  169. if($this->Config()->HEIDELPAY_TRANSACTION_MODE == 'LIVE') {
  170. $requestUrl = $this->Config()->HEIDELPAY_LIVE_URL ;
  171. $params['SECURITY.SENDER'] = $this->Config()->HEIDELPAY_SECURITY_SENDER ;
  172. $params['USER.LOGIN'] = $this->Config()->HEIDELPAY_USER_LOGIN ;
  173. $params['USER.PWD'] = $this->Config()->HEIDELPAY_USER_PW ;
  174. } else {
  175. $requestUrl = $this->Config()->HEIDELPAY_TEST_URL ;
  176. $params['SECURITY.SENDER'] = $this->Config()->HEIDELPAY_SECURITY_SENDER ;
  177. $params['USER.LOGIN'] = $this->Config()->HEIDELPAY_USER_LOGIN ;
  178. $params['USER.PWD'] = $this->Config()->HEIDELPAY_USER_PW ;
  179. }
  180. $params['CRITERION.MERCHANTID'] = $params['SECURITY.SENDER'];
  181. $params['CRITERION.SECRET'] = $this->createSecretHash( Shopware()->Session()->HPOrderID );
  182. // Neue Paramater für HOP
  183. $params['CRITERION.RESPONSE_URL'] = $this->Front()->Router()->assemble(array(
  184. 'forceSecure' => 1,
  185. 'action' => 'notify',
  186. 'appendSession' => 'SESSION_ID'
  187. ));
  188. $respone = $this->doRequest($requestUrl, $params);
  189. if ($this->Config()->HEIDELPAY_DEBUG == "Ja" )
  190. {
  191. print "<h1>Heidelpay Controler</h1><br />";
  192. print "<h2>Debug Mode</h2><br />";
  193. print "Request:<br /> ";
  194. foreach ($params as $key => $value) {
  195. print "&nbsp; $key => $value <br />";
  196. }
  197. print "<br /><br />";
  198. print "Response:<br /> ";
  199. foreach ($respone as $key => $value) {
  200. print "&nbsp; $key => $value <br />";
  201. }
  202. print "<br /><br />";
  203. if($respone['PROCESSING_RESULT'] == "ACK" || $respone['POST_VALIDATION'] == "ACK" ) {
  204. print '<center><iframe id="payment_frame" frameborder="0"
  205. border="0" src="'.$respone['FRONTEND_REDIRECT_URL'].'"
  206. style="width: 450px; border: 1px solid #000; height: 600px;"></iframe></center>';
  207. }
  208. die();
  209. }
  210. if( $respone['POST_VALIDATION'] == "NOK") {
  211. Shopware()->Plugins()->Frontend()->HeidelPayment()->Logging(
  212. $respone['PROCESSING_RETURN'] .
  213. " -> please verify plugin configuration.", "ERROR" ) ;
  214. return $this->forward('error');
  215. }
  216. if($respone['PROCESSING_RESULT'] == "ACK" || $respone['POST_VALIDATION'] == "ACK" ) {
  217. if (in_array($activePayment, array('pp', 'iv'))){
  218. $transactionId = $respone['IDENTIFICATION_TRANSACTIONID'];
  219. $paymentUniqueId = $respone['IDENTIFICATION_UNIQUEID'];
  220. #echo '<pre>'.print_r($respone, 1).'</pre>'; exit();
  221. $locId = Shopware()->Shop()->getLocale()->getId();
  222. $repl = array(
  223. '{AMOUNT}' => sprintf('%1.2f', $this->getAmount()),
  224. '{CURRENCY}' => $this->getCurrencyShortName(),
  225. '{CONNECTOR_ACCOUNT_COUNTRY}' => $respone['CONNECTOR_ACCOUNT_COUNTRY']."\n",
  226. '{CONNECTOR_ACCOUNT_HOLDER}' => $respone['CONNECTOR_ACCOUNT_HOLDER']."\n",
  227. '{CONNECTOR_ACCOUNT_NUMBER}' => $respone['CONNECTOR_ACCOUNT_NUMBER']."\n",
  228. '{CONNECTOR_ACCOUNT_BANK}' => $respone['CONNECTOR_ACCOUNT_BANK']."\n",
  229. '{CONNECTOR_ACCOUNT_IBAN}' => $respone['CONNECTOR_ACCOUNT_IBAN']."\n",
  230. '{CONNECTOR_ACCOUNT_BIC}' => $respone['CONNECTOR_ACCOUNT_BIC']."\n",
  231. '{IDENTIFICATION_SHORTID}' => "\n\n".$respone['IDENTIFICATION_SHORTID']."\n\n",
  232. );
  233. if ($activePayment == 'iv'){
  234. $comment = $this->getSnippet('InvoiceHeader', $locId)."\n";
  235. $comment.= strtr($this->getSnippet('PrepaymentText', $locId), $repl);
  236. } else {
  237. $comment = strtr($this->getSnippet('PrepaymentText', $locId), $repl);
  238. }
  239. /*
  240. * Basket to order
  241. */
  242. $paymentStatus = "21";
  243. Shopware()->Session()->HPTrans = $paymentUniqueId;
  244. $this->saveOrder($transactionId, $paymentUniqueId, $paymentStatus);
  245. // Add Infos to Order
  246. $params = array(
  247. 'o_attr1' => $respone['IDENTIFICATION_SHORTID'],
  248. 'o_attr2' => $respone['IDENTIFICATION_UNIQUEID'],
  249. 'o_attr5' => $respone['TRANSACTION_CHANNEL'],
  250. 'comment' => $comment,
  251. 'internalcomment' => '',
  252. );
  253. $this->addOrderInfos($transactionId, $params);
  254. $comment = preg_replace('/:/', ':<br><br>', $comment, 1);
  255. $comment = nl2br($comment);
  256. Shopware()->Session()->sOrderVariables['sTransactionumber'] = $transactionId.'<br><br>'.$comment;
  257. return $this->redirect(array(
  258. 'forceSecure' => 1,
  259. 'action' => 'success',
  260. 'txnID' => $transactionId,
  261. 'sUniqueID' => $transactionId,
  262. #'sComment' => urlencode($comment)
  263. ));
  264. }
  265. $this->View()->PaymentShortName = $this->getPaymentShortName();
  266. $this->View()->PaymentUrl = $respone['FRONTEND_REDIRECT_URL'];
  267. }
  268. }/*}}}*/
  269. public function notifyAction()/*{{{*/
  270. {
  271. $internalcomment = '';
  272. $comment = "ShortID: ".$this->Request()->getParam('IDENTIFICATION_SHORTID');
  273. $status = $this->Request()->getParam('PROCESSING_RESULT');
  274. $transactionId = $this->Request()->getParam('IDENTIFICATION_TRANSACTIONID');
  275. $paymentUniqueId = $this->Request()->getParam('IDENTIFICATION_UNIQUEID');
  276. $errorMessage = $this->Request()->getParam('PROCESSING_RETURN');
  277. $order = $this->getOrder($transactionId);
  278. #echo '<pre>'.print_r($order, 1).'</pre>';
  279. Shopware()->Session()->HPOrderID = $transactionId;
  280. // Heidelpay function to verify the response
  281. $orgHash = $this->createSecretHash( $transactionId );
  282. $responseHash = $this->Request()->getParam('CRITERION_SECRET');
  283. #$this->View()->loadTemplate("frontend/payment_heidelpay/notify.tpl");
  284. if ($responseHash != $orgHash ) {
  285. Shopware()->Plugins()->Frontend()->HeidelPayment()->Logging(
  286. "Hash verification error, suspecting manipulation.".
  287. " PaymentUniqeID: " . Shopware()->Session()->HPOrderID .
  288. " IP: " . $_SERVER['REMOTE_ADDR'] .
  289. " Hash: " . $orgHash .
  290. " ResponseHash: " . $responseHash
  291. , "ERROR" );
  292. #$this->View()->URL = 'FAIL';
  293. echo 'FAIL';
  294. } else if ($this->Request()->getParam('PROCESSING_RESULT') == 'ACK') {
  295. $params = array();
  296. $tmp = explode('.', $this->Request()->getParam('PAYMENT_CODE'));
  297. $meth = $tmp[0];
  298. $type = $tmp[1];
  299. $amount = $this->Request()->getParam('PRESENTATION_AMOUNT');
  300. $currency = $this->Request()->getParam('PRESENTATION_CURRENCY');
  301. #$ori_amount = $this->formatNumber($this->getAmount());
  302. #$ori_currency = $this->getCurrencyShortName();
  303. $ori_amount = $this->formatNumber($order['invoice_amount']);
  304. $ori_currency = $order['currency'];
  305. if ($type == 'PA'){
  306. $params['cleared'] = 18; // Reserviert
  307. $params['internalcomment'] = 'Reservation '.$comment;
  308. $params['o_attr3'] = $this->Request()->getParam('IDENTIFICATION_SHORTID');
  309. $params['o_attr4'] = $this->Request()->getParam('IDENTIFICATION_UNIQUEID');
  310. $params['o_attr5'] = $this->Request()->getParam('TRANSACTION_CHANNEL');
  311. } else if ($type == 'CP' || $type == 'RC' || $type == 'DB'){
  312. $params['cleared'] = 12; // default payment status is "12 Komplett bezahl"
  313. if ($type == 'CP'){
  314. $params['internalcomment'] = 'Capture '.$comment;
  315. } else if ($type == 'DB'){
  316. $params['internalcomment'] = 'Debit '.$comment;
  317. } else {
  318. $params['internalcomment'] = 'Receipt '.$comment;
  319. }
  320. $params['cleareddate'] = date('Y-m-d H:i:s');
  321. $params['o_attr1'] = $this->Request()->getParam('IDENTIFICATION_SHORTID');
  322. $params['o_attr2'] = $this->Request()->getParam('IDENTIFICATION_UNIQUEID');
  323. $params['o_attr5'] = $this->Request()->getParam('TRANSACTION_CHANNEL');
  324. } else if ($type == 'RB'){
  325. $params['internalcomment'] = 'Rebill '.$comment;
  326. } else if ($type == 'RF'){
  327. $params['internalcomment'] = 'Refund '.$comment;
  328. } else if ($type == 'RV'){
  329. $params['internalcomment'] = 'Reversal '.$comment;
  330. } else if ($type == 'CB'){
  331. $params['internalcomment'] = 'Chargeback '.$comment;
  332. }
  333. // Amount mit in Kommentar
  334. $params['internalcomment'].= "\n".'Amount: '.$amount.' '.$currency."\n".'Original Amount: '.$ori_amount.' '.$ori_currency; // Amount in Kommentar
  335. // Amount prüfen
  336. if ($type == 'RC' && $amount > 0 && $ori_amount != $amount){
  337. $params['internalcomment'].= "\n".'!!! Amount mismatch !!!';
  338. }
  339. // Currency prüfen
  340. if (!empty($currency) && $ori_currency != $currency){
  341. $params['internalcomment'].= "\n".'!!! Currency mismatch !!!';
  342. }
  343. // Externes Kommentar mit speichern
  344. $externalcomment = $this->Request()->getParam('CRITERION_COMMENT');
  345. if (!empty($externalcomment)){
  346. $params['internalcomment'].= "\nExternal Comment: ".$externalcomment;
  347. }
  348. // Add Infos to Order
  349. $this->addOrderInfos($transactionId, $params);
  350. #$this->View()->URL = '<pre>'.print_r($params, 1).'</pre>';
  351. echo '<pre>'.print_r($params, 1).'</pre>';
  352. }
  353. unset(Shopware()->Session()->HPOrderID);
  354. }/*}}}*/
  355. /* Respose and redirct */
  356. public function responseAction()/*{{{*/
  357. {
  358. $internalcomment = '';
  359. $comment = '';
  360. $status = $this->Request()->getParam('PROCESSING_RESULT');
  361. $transactionId = $this->Request()->getParam('IDENTIFICATION_TRANSACTIONID');
  362. $paymentUniqueId = $this->Request()->getParam('IDENTIFICATION_UNIQUEID');
  363. $errorMessage = $this->Request()->getParam('PROCESSING_RETURN');
  364. // Payment Code zerlegen
  365. $tmp = explode('.', $this->Request()->getParam('PAYMENT_CODE'));
  366. $meth = $tmp[0];
  367. $type = $tmp[1];
  368. /*
  369. * Heidelpay function to verify the response
  370. * new feature since version 12.06
  371. */
  372. // $orgHash = $this->createSecretHash( Shopware()->Session()->HPOrderID, $this->formatNumber($this->getAmount()) );
  373. $orgHash = $this->createSecretHash( $transactionId );
  374. $responseHash = $this->Request()->getParam('CRITERION_SECRET');
  375. if ($responseHash != $orgHash ) {
  376. Shopware()->Plugins()->Frontend()->HeidelPayment()->Logging(
  377. "Hash verification error, suspecting manipulation.".
  378. " PaymentUniqeID: " . Shopware()->Session()->HPOrderID .
  379. " IP: " . $_SERVER['REMOTE_ADDR'] .
  380. " Hash: " . $orgHash .
  381. " ResponseHash: " . $responseHash
  382. , "ERROR" );
  383. $this->View()->URL = $this->Front()->Router()->assemble(array(
  384. 'action' => 'error'
  385. ));
  386. } elseif ($this->Request()->getParam('PROCESSING_RESULT') == 'ACK' && $this->Request()->getParam('PROCESSING_REASON_CODE') == "00" ) {
  387. $paymentStatus = 12 ; // default payment status is "12 Komplett bezahl"
  388. if ($type == 'PA'){
  389. $paymentStatus = 18; // if booking type is set to reservation set payment status to "18 Reserviert"
  390. }
  391. $comment = "ShortID: ".$this->Request()->getParam('IDENTIFICATION_SHORTID') ;
  392. //$locId = Shopware()->Locale()->getId(); // Locale ID laden
  393. /*
  394. * Basket to order
  395. */
  396. Shopware()->Session()->HPTrans = $paymentUniqueId;
  397. $this->saveOrder( $transactionId, $paymentUniqueId, $paymentStatus );
  398. // Add Infos to Order
  399. $params = array(
  400. 'o_attr1' => $this->Request()->getParam('IDENTIFICATION_SHORTID'),
  401. 'o_attr2' => $this->Request()->getParam('IDENTIFICATION_UNIQUEID'),
  402. 'o_attr5' => $this->Request()->getParam('TRANSACTION_CHANNEL'),
  403. 'comment' => "ShortID: ".$this->Request()->getParam('IDENTIFICATION_SHORTID'),
  404. 'internalcomment' => $internalcomment,
  405. );
  406. if ($paymentStatus == 12){
  407. $params['cleareddate'] = date('Y-m-d H:i:s');
  408. }
  409. $this->addOrderInfos($transactionId, $params);
  410. $this->View()->URL = $this->Front()->Router()->assemble(array(
  411. 'forceSecure' => 1,
  412. 'action' => 'success'
  413. ));
  414. /* 3D Secure Waiting */
  415. } elseif ($this->Request()->getParam('POST_VALIDATION') == 'ACK' && $this->Request()->getParam('PROCESSING_REASON_CODE') == 80 ) {
  416. $paymentStatus = 21;
  417. /* Basket to order */
  418. Shopware()->Session()->HPTrans = $transactionId;
  419. $this->saveOrder( $transactionId, $paymentUniqueId, $paymentStatus );
  420. // Add Infos to Order
  421. $params = array(
  422. 'o_attr1' => $this->Request()->getParam('IDENTIFICATION_SHORTID'),
  423. 'o_attr2' => $this->Request()->getParam('IDENTIFICATION_UNIQUEID'),
  424. 'o_attr5' => $this->Request()->getParam('TRANSACTION_CHANNEL'),
  425. 'comment' => "ShortID: ".$this->Request()->getParam('IDENTIFICATION_SHORTID'),
  426. 'internalcomment' => $internalcomment,
  427. );
  428. $this->addOrderInfos($transactionId, $params);
  429. $this->View()->URL = $this->Front()->Router()->assemble(array(
  430. 'forceSecure' => 1,
  431. 'action' => 'success'
  432. ));
  433. } elseif ($this->Request()->getParam('FRONTEND_REQUEST_CANCELLED') == 'true') {
  434. //if ( $this->Config()->HEIDELPAY_CANCEL_ORDER == "Ja" )
  435. //{
  436. // $this->saveOrder( $transactionId, $transactionId, "35", false );
  437. //}
  438. $this->View()->URL = $this->Front()->Router()->assemble(array(
  439. 'forceSecure' => 1,
  440. 'action' => 'cancel'
  441. ));
  442. } else {
  443. //if ( $this->Config()->HEIDELPAY_FAIL_ORDER == "Ja" )
  444. //{
  445. // $this->saveOrder( $transactionId, $paymentUniqueId , "35", false );
  446. //}
  447. Shopware()->Session()->HPError = $errorMessage;
  448. $this->savePaymentStatus( $transactionId, $paymentUniqueId , "35, false" );
  449. $this->View()->ErrorMessage = $errorMessage;
  450. $this->View()->URL = $this->Front()->Router()->assemble(array(
  451. 'action' => 'fail'
  452. ));
  453. }
  454. unset(Shopware()->Session()->HPOrderID);
  455. }/*}}}*/
  456. public function cancelAction()/*{{{*/
  457. {
  458. //if ( $this->Config()->HEIDELPAY_CANCEL_ORDER == "Ja" )
  459. //{
  460. //}
  461. //else
  462. //{
  463. //return $this->redirect(array('controller' => 'checkout', 'action' => 'cart', 'forceSecure' => 1)) ;
  464. //}
  465. }/*}}}*/
  466. public function failAction()/*{{{*/
  467. {
  468. Shopware()->Template()->addTemplateDir(dirname(__FILE__).'/Views/');
  469. ////if ( $this->Config()->HEIDELPAY_FAIL_ORDER == "Nein" )
  470. //{
  471. $this->View()->back2basket = 1 ;
  472. //}
  473. $this->View()->ErrorMessage = htmlentities(Shopware()->Session()->HPError);
  474. //unset(Shopware()->Session()->HPError);
  475. }/*}}}*/
  476. public function successAction()/*{{{*/
  477. {
  478. return $this->redirect(array('controller' => 'checkout', 'action' => 'finish', 'forceSecure' => 1, 'sUniqueID' => Shopware()->Session()->HPTrans)) ;
  479. unset(Shopware()->Session()->HPTrans);
  480. }/*}}}*/
  481. public function prepaymentAction()/*{{{*/
  482. {
  483. $this->View()->back2basket = 1 ;
  484. $bankInfo = $this->readComment($this->Request()->getParam('txnID'));
  485. if ($bankInfo == '' ) {
  486. $bankInfo = "Es konnten keine Daten zur Ihrer Transaktion ermittelt werden";
  487. }
  488. $this->View()->bankInfo = $bankInfo ;
  489. $this->View()->transID = Shopware()->Session()->HPTrans;
  490. }/*}}}*/
  491. public function errorAction()/*{{{*/
  492. {
  493. }/*}}}*/
  494. public function formatNumber($value)/*{{{*/
  495. {
  496. //$value = preg_replace(",", ".", $value);
  497. return sprintf('%1.2f', $value);
  498. }/*}}}*/
  499. /**
  500. * Do request method
  501. *
  502. * @param string $url
  503. * @param array $params
  504. * @return array
  505. */
  506. public function doRequest($url, $params=array())/*{{{*/
  507. {
  508. $client = new Zend_Http_Client($url, array(
  509. 'useragent' => 'Shopware/' . Shopware()->Config()->Version
  510. ));
  511. $client->setParameterPost($params);
  512. if (extension_loaded('curl')) {
  513. $adapter = new Zend_Http_Client_Adapter_Curl();
  514. $adapter->setCurlOption(CURLOPT_SSL_VERIFYPEER, false);
  515. $adapter->setCurlOption(CURLOPT_SSL_VERIFYHOST, false);
  516. $client->setAdapter($adapter);
  517. }
  518. $respone = $client->request('POST');
  519. $respone = $respone->getBody();
  520. //$respone = file_get_contents($url . '?' . http_build_query($params, '', '&'));
  521. $result = null;
  522. //$respone = str_replace('&#37;2B' , ' ', $respone);
  523. parse_str($respone, $result);
  524. return $result;
  525. }/*}}}*/
  526. /**
  527. * Returns payment plugin config
  528. *
  529. * @return unknown
  530. */
  531. public function Config()/*{{{*/
  532. {
  533. return Shopware()->Plugins()->Frontend()->HeidelPayment()->Config();
  534. }/*}}}*/
  535. function readComment($transactionID) {/*{{{*/
  536. $data = Shopware()->Db()->fetchAll("
  537. SELECT comment FROM s_order
  538. WHERE transactionID = '".$transactionID."'
  539. ");
  540. return $data[0]['comment'] ;
  541. }/*}}}*/
  542. function createSecretHash($orderID) {/*{{{*/
  543. $secret = $this->Config()->HEIDELPAY_SECRET ;
  544. $hash = sha1( $orderID . $secret );
  545. return $hash;
  546. }/*}}}*/
  547. public function getSnippet($name, $localeId, $ns = 'frontend/payment_heidelpay/success', $shopId = 1)/*{{{*/
  548. {
  549. $sql = 'SELECT `value`
  550. FROM `s_core_snippets`
  551. WHERE `namespace` = "'.$ns.'"
  552. AND `shopID` = "'.$shopId.'"
  553. AND `localeID` = "'.$localeId.'"
  554. AND `name` = "'.$name.'" ';
  555. $data = current(Shopware()->Db()->fetchAll($sql));
  556. return $data['value'];
  557. }/*}}}*/
  558. public function getOrder($transactionId)/*{{{*/
  559. {
  560. $sql = 'SELECT *
  561. FROM `s_order`
  562. WHERE `transactionID` = "'.$transactionId.'"
  563. ';
  564. $data = current(Shopware()->Db()->fetchAll($sql));
  565. return $data;
  566. }/*}}}*/
  567. function addOrderInfos($transactionID, $params) /*{{{*/
  568. {
  569. $orderModel = Shopware()
  570. ->Models()
  571. ->getRepository('Shopware\Models\Order\Order')
  572. ->findOneBy(array('transactionId' => $transactionID));
  573. // if internalComment is set, read old commment and add time stamp
  574. $alterWert = $orderModel->getInternalComment();
  575. if (!empty($params['internalcomment'])) {
  576. $params['internalcomment'] = date('d.m.Y H:i:s') . "\n" . $params['internalcomment'] . "\n \n" . $alterWert;
  577. } else {
  578. $params['internalcomment'] = $alterWert;
  579. }
  580. // Mapping database -> model
  581. $orderMappings = array('ordernumber' => 'number',
  582. 'userID' => 'customerId',
  583. 'invoice_amount' => 'invoiceAmount',
  584. 'invoice_amount_net' => 'invoiceAmountNet',
  585. 'invoice_shipping' => 'invoiceShipping',
  586. 'invoice_shipping_net' => 'invoiceShippingNet',
  587. 'ordertime' => 'orderTime',
  588. 'status' => 'status',
  589. 'cleared' => 'cleared', // Payment Status model
  590. 'paymentID' => 'paymentId',
  591. 'transactionID' => 'transactionId',
  592. 'comment' => 'comment',
  593. 'customercomment' => 'customerComment',
  594. 'internalcomment' => 'internalComment',
  595. 'net' => 'net',
  596. 'taxfree' => 'taxFree',
  597. 'partnerID' => 'partnerId',
  598. 'temporaryID' => 'temporaryId',
  599. 'referer' => 'referer',
  600. 'cleareddate' => 'clearedDate',
  601. 'trackingcode' => 'trackingCode',
  602. 'language' => 'languageIso',
  603. 'dispatchID' => 'dispatch', // dispatch model
  604. 'currency' => 'currency',
  605. 'currencyFactor' => 'currencyFactor',
  606. 'subshopID' => 'shopId',
  607. 'remote_addr' => 'remoteAddress');
  608. $attributeMapping = array(
  609. 'o_attr1' => 'attribute1',
  610. 'o_attr2' => 'attribute2',
  611. 'o_attr3' => 'attribute3',
  612. 'o_attr4' => 'attribute4',
  613. 'o_attr5' => 'attribute5',
  614. 'o_attr6' => 'attribute6');
  615. /** @var $orderModel \Shopware\Models\Order\Order */
  616. $newData = array();
  617. $attribute = array();
  618. $params['o_attr6'] = "HEIDELPAY"; // Damit das Backend diese Zahlung als Heidelpay Zahlung erkennt
  619. //order mapping
  620. foreach ($orderMappings as $key => $mapping) {
  621. if (isset($params[$key])) {
  622. $newData[$mapping] = $params[$key];
  623. }
  624. }
  625. //attribute mapping
  626. foreach ($attributeMapping as $key => $mapping) {
  627. if (isset($params[$key])) {
  628. $attribute[$mapping] = $params[$key];
  629. }
  630. }
  631. if (!empty($attribute)) {
  632. $newData['attribute'] = $attribute;
  633. }
  634. //check if the cleared parameter is passed, if this is the case resolve the id with the status model .
  635. if (isset($params['cleared'])) {
  636. //$orderModel->getInternalComment();
  637. /*
  638. $newData['paymentStatus'] = Shopware()
  639. ->Models()
  640. ->getRepository('\Shopware\Models\Order\Status')
  641. ->findOneBy(array('id' => $params['cleared']));
  642. */
  643. $sql = 'UPDATE `s_order` SET `cleared` = ? WHERE `transactionID` = ?';
  644. Shopware()->Db()->query($sql,array((int)$params['cleared'], $transactionID));
  645. }
  646. /*
  647. if (isset($params['status'])) {
  648. $newData['orderStatus'] = Shopware()
  649. ->Models()
  650. ->getRepository('\Shopware\Models\Order\Status')
  651. ->find($params['status']);
  652. }
  653. if (isset($params['dispatch'])) {
  654. $newData['dispatch'] = Shopware()
  655. ->Models()
  656. ->getRepository('\Shopware\Models\Dispatch\Dispatch')
  657. ->find($params['dispatch']);
  658. }
  659. */
  660. // populate Model with data
  661. $orderModel->fromArray($newData);
  662. Shopware()->Models()->persist($orderModel);
  663. // save to database
  664. Shopware()->Models()->flush();
  665. }
  666. /*}}}*/
  667. public function rawnotifyAction(){
  668. ini_set('session.use_cookies', 0); // Session Cookie unterbinden
  669. ob_start();
  670. $PaymentIP = explode(',', $this->Config()->HEIDELPAY_NOTIFY_IP);
  671. if (!in_array($_SERVER['REMOTE_ADDR'], $PaymentIP)) {
  672. Shopware()->Plugins()->Frontend()->HeidelPayment()->Logging(
  673. "Notify call from an unauthorized ip-address".
  674. " IP: " . $_SERVER['REMOTE_ADDR'] .
  675. " allowed are : " . $this->Config()->HEIDELPAY_NOTIFY_IP
  676. , "ERROR" );
  677. $this->View()->MES = 'FAIL';
  678. exit();
  679. }
  680. $HTTP_RAW_POST_DATA = $this->Request()->getRawBody();
  681. if (empty($HTTP_RAW_POST_DATA)) {
  682. $HTTP_RAW_POST_DATA = '';
  683. exit();
  684. };
  685. $mail = '<pre>RAW:'.print_r($HTTP_RAW_POST_DATA, 1).'</pre>';
  686. $xml = simplexml_load_string($HTTP_RAW_POST_DATA); // Raw Daten in XML Object laden
  687. $mail.= '<pre>XML:'.print_r($xml, 1).'</pre>';
  688. $postData = $this->getPostFromXML($xml); // XML in Post Array konvertieren
  689. $mail.= '<pre>Data:'.print_r($postData, 1).'</pre>';
  690. #echo '<pre>'.print_r($postData, 1).'</pre>';
  691. $table = $this->Config()->HEIDELPAY_SECURITY_SENDER;
  692. $res = Shopware()->Plugins()->Frontend()->HeidelPayment()->checkTable($table);
  693. if ($res) $this->setActiveTable($table); // Aktuelle Tabelle w�hlen
  694. #var_dump($res);
  695. if (!$res){
  696. Shopware()->Plugins()->Frontend()->HeidelPayment()->createSenderTable($table);
  697. $this->setActiveTable($table); // Aktuelle Tabelle wählen
  698. }
  699. // Falls RefId nicht gefuellt aber AccountRegistration gesetzt, dann ueübernehmen
  700. if (empty($postData['IDENTIFICATION_REFERENCEID']) && !empty($postData['CRITERION_ACCOUNT_REGISTRATION'])){
  701. $postData['IDENTIFICATION_REFERENCEID'] = $postData['CRITERION_ACCOUNT_REGISTRATION'];
  702. }
  703. $lastId = $this->saveReq($postData, $HTTP_RAW_POST_DATA); // Request speichern
  704. if (!$lastId){
  705. // Buchung bereits gefunden
  706. header('HTTP/1.1 200 Not Found');
  707. exit();
  708. }
  709. $this->saveSERIAL($lastId, $postData); // Postdaten speichern
  710. $url = $postData['CRITERION_RESPONSE_URL'];
  711. if ($postData['PROCESSING_STATUS'] == 'WAITING') $url = 'NORESP'; // Wenn 3D Secure Waiting, dann keine Response an Shop.
  712. if ($url != 'NORESP' && !empty($url)){
  713. $res = $this->doNotify($url, $postData); // Post Response an Shop schicken
  714. if ($this->httpstatus != '200'){
  715. if ($postData['CRITERION_RESPONSE_PER_MAIL']){
  716. //@mail($postData['CRITERION_RESPONSE_PER_MAIL'], 'RESPONSE PER MAIL', print_r($postData,1));
  717. header('HTTP/1.1 200 OK'); // Hier wird es eh keinen Erfolg mehr geben
  718. exit();
  719. } else {
  720. header('HTTP/1.1 403 Forbidden');
  721. exit();
  722. }
  723. }
  724. $this->saveRes2Req($postData['IDENTIFICATION_UNIQUEID'], $res); // Response speichern
  725. // 3D Secure
  726. if ($postData['PROCESSING_STATUS_CODE'] == '80'
  727. && $postData['PROCESSING_RETURN_CODE'] == '000.200.000'
  728. && $postData['PROCESSING_REASON_CODE'] == '00'){
  729. // Nix tun
  730. $mail.= 'Noch keine Aktion, da 3D Secure WAITING...'."\n";
  731. }
  732. }
  733. $mail.= '<pre>Res:'.print_r($res, 1).'</pre>';
  734. header('HTTP/1.1 200 OK');
  735. $this->View()->MES = 'OK';
  736. }
  737. private function getPostFromXML($xml)/*{{{*/
  738. {
  739. $tmp = array();
  740. if (empty($xml)) return array();
  741. foreach($xml AS $k => $v){
  742. $attribs = $v->attributes();
  743. #echo '<pre>'.print_r($attribs, 1).'</pre>';
  744. foreach($attribs AS $ak => $av){
  745. #echo $ak.' -> '.$av.'<br>';
  746. $tmp[strtoupper($k).'_'.strtoupper($ak)] = (string)$av;
  747. }
  748. foreach($v AS $kk => $vv){
  749. $attribs = $vv->attributes();
  750. if (!empty($attribs)){
  751. foreach($attribs AS $ak => $av){
  752. #echo $ak.' -> '.$av.'<br>';
  753. $tmp[strtoupper($kk).'_'.strtoupper($ak)] = (string)$av;
  754. }
  755. }# else {
  756. foreach($vv AS $kkk => $vvv){
  757. $attribs = $vvv->attributes();
  758. if (!empty($attribs)){
  759. foreach($attribs AS $ak => $av){
  760. if ($kk == 'Analysis') continue;
  761. #echo $ak.' -> '.$av.'<br>';
  762. $tmp[strtoupper($kk).'_'.strtoupper($kkk).'_'.strtoupper($ak)] = (string)$av;
  763. }
  764. }# else {
  765. if ($kk == 'Customer'){
  766. foreach($vvv AS $kkkk => $vvvv){
  767. #echo $ak.' -> '.$av.'<br>';
  768. $tmp[strtoupper($kkk).'_'.strtoupper($kkkk)] = (string)$vvvv;
  769. }
  770. } else if ($kk == 'Payment'){
  771. foreach($vvv AS $kkkk => $vvvv){
  772. #echo $ak.' -> '.$av.'<br>';
  773. $tmp[strtoupper($kkk).'_'.strtoupper($kkkk)] = (string)$vvvv;
  774. }
  775. } else if ($kk == 'Analysis'){
  776. $attribs = $vvv->attributes();
  777. if (!empty($attribs)){
  778. #echo (string)$attribs->name;
  779. #echo (string)$vvv;
  780. $tmp[strtoupper($kkk).'_'.strtoupper((string)$attribs->name)] = (string)$vvv;
  781. }
  782. foreach($vvv AS $kkkk => $vvvv){
  783. #echo $kkkk.' -> '.$vvvv.'<br>';
  784. #$tmp[strtoupper($kkkk).'_'.strtoupper((string)$attribs->name)] = (string)$vvvv;
  785. }
  786. } else {
  787. if ($kkk == 'Expiry') continue;
  788. $tmp[strtoupper($kk).'_'.strtoupper($kkk)] = (string)$vvv;
  789. #echo $kkk.' -> '.$vvv.'<br>';
  790. }
  791. #}
  792. }
  793. #}
  794. }
  795. }
  796. return $tmp;
  797. }/*}}}*/
  798. private function saveReq($data, $xml)/*{{{*/
  799. {
  800. // Double Check
  801. if (!empty($data['IDENTIFICATION_UNIQUEID'])){
  802. $sql = 'SELECT `id` FROM `'.$this->dbtable.'`
  803. WHERE `IDENTIFICATION_UNIQUEID`= "'.addslashes($data['IDENTIFICATION_UNIQUEID']).'" ';
  804. $row = Shopware()->Db()->fetchAll($sql);
  805. if ($row[0]['id'] > 0) return $row[0]['id'];
  806. }
  807. $sql = 'INSERT INTO `'.$this->dbtable.'` SET ';
  808. foreach($this->reqFields AS $key){
  809. $sql.= '`'.$key.'` = "'.addslashes($data[$key]).'", ';
  810. }
  811. $tmp = explode('.', $data['PROCESSING_CODE']);
  812. $sql.= '`meth` = "'.addslashes($tmp[0]).'", ';
  813. $sql.= '`typ` = "'.addslashes($tmp[1]).'", ';
  814. #$sql.= '`XML` = "'.addslashes($xml).'", '; // Raw Post Data
  815. $sql.= '`created` = NOW() ';
  816. #echo $sql;
  817. $res = Shopware()->Db()->query($sql);
  818. $lastID = Shopware()->Db()->lastInsertId();
  819. // Im Fall von CP die PA Zeile als gecaptured markieren
  820. if (!empty($data['IDENTIFICATION_REFERENCEID']) && $tmp[1] == 'CP'){
  821. $sql = 'UPDATE `'.$this->dbtable.'`
  822. SET `CAPTURED` = 1
  823. WHERE `IDENTIFICATION_UNIQUEID` = "'.addslashes($data['IDENTIFICATION_REFERENCEID']).'"';
  824. Shopware()->Db()->query($sql);
  825. }
  826. return $lastID;
  827. }/*}}}*/
  828. private function saveSERIAL($id, $data)/*{{{*/
  829. {
  830. foreach ($data AS $key => $value) {
  831. $data[$key] = utf8_decode($value);
  832. }
  833. $serial = serialize($data);
  834. $sql = 'UPDATE `'.$this->dbtable.'`
  835. SET `SERIAL` = "'.addslashes($serial).'"
  836. WHERE `id` = '.(int)$id;
  837. return Shopware()->Db()->query($sql);
  838. }/*}}}*/
  839. private function doNotify($url, $data, $xml = NULL)/*{{{*/
  840. {
  841. $strPOST = '';
  842. foreach($data AS $k => $v) {
  843. $strPOST.= $k.'='.$v.'&';
  844. }
  845. if (!empty($xml)) $strPOST = 'load='.urlencode($xml);
  846. #echo '<pre>'.print_r($strPOST, 1).'</pre>';
  847. if (function_exists('curl_init')) {
  848. $ch = curl_init();
  849. curl_setopt($ch, CURLOPT_URL, $url);
  850. curl_setopt($ch, CURLOPT_HEADER, 0);
  851. curl_setopt($ch, CURLOPT_FAILONERROR, 1);
  852. curl_setopt($ch, CURLOPT_TIMEOUT, 8);
  853. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 8);
  854. curl_setopt($ch, CURLOPT_POST, 1);
  855. curl_setopt($ch, CURLOPT_POSTFIELDS, $strPOST);
  856. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  857. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);
  858. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
  859. #curl_setopt($ch, CURLOPT_FOLLLOW_LOCATION,1);
  860. curl_setopt($ch, CURLOPT_USERAGENT, "php ctpepost");
  861. $this->curl_response = curl_exec($ch);
  862. $this->error = curl_error($ch);
  863. $this->httpstatus = curl_getinfo($ch,CURLINFO_HTTP_CODE);
  864. #echo '<pre>'.print_r($this->curl_response, 1).'</pre>';
  865. #echo '<pre>'.print_r($this->error, 1).'</pre>';
  866. #echo '<pre>'.print_r($this->httpstatus, 1).'</pre>';
  867. curl_close($ch);
  868. $res = $this->curl_response;
  869. if (!$this->curl_response && $this->error){
  870. $msg = urlencode('Curl Fehler...');
  871. $res = 'status=FAIL&msg='.$this->error;
  872. }
  873. } else {
  874. $msg = urlencode('Curl Fehler..');
  875. $res = 'status=FAIL&msg='.$msg;
  876. }
  877. return $res;
  878. }/*}}}*/
  879. private function saveRes2Req($uniqueId, $response)/*{{{*/
  880. {
  881. $sql = 'UPDATE `'.$this->dbtable.'` SET ';
  882. $sql.= '`RESPONSE` = "'.addslashes($response).'" ';
  883. $sql.= 'WHERE `IDENTIFICATION_UNIQUEID` = "'.addslashes($uniqueId).'" ';
  884. return Shopware()->Db()->query($sql);
  885. }/*}}}*/
  886. public function setActiveTable($table)/*{{{*/
  887. {
  888. $this->dbtable = $table;
  889. return $table;
  890. }/*}}}*/
  891. }