/modules/sale/payment/authorizenet/payment.php
PHP | 228 lines | 185 code | 35 blank | 8 comment | 33 complexity | 1b28758ab5542f6011d79825ab090961 MD5 | raw file
- <?if (!defined("B_PROLOG_INCLUDED") || B_PROLOG_INCLUDED !== true) die();?><?
- include_once(GetLangFileName(dirname(__FILE__)."/", "/payment.php"));
- include(dirname(__FILE__)."/common.php");
- $strErrorMessage = "";
- $bCanProcess = False;
- $bSuccessProcess = False;
- $year = date('Y');
- if ($_REQUEST["pay_this_order"] == "Y")
- {
- $bCanProcess = True;
- $INPUT_CARD_NUM = Trim($_REQUEST["ccard_num"]);
- if (!isset($INPUT_CARD_NUM) || $INPUT_CARD_NUM == '')
- $strErrorMessage .= GetMessage("AN_CC_NUM")." ";
- $INPUT_CARD_NUM = preg_replace("/[\D]+/", "", $INPUT_CARD_NUM);
- if ($INPUT_CARD_NUM == '')
- $strErrorMessage .= GetMessage("AN_CC_NUM")." ";
- $INPUT_CARD_EXP_MONTH = intval($_REQUEST["ccard_date1"]);
- if ($INPUT_CARD_EXP_MONTH < 1 || $INPUT_CARD_EXP_MONTH > 12)
- $strErrorMessage .= GetMessage("AN_CC_MONTH")." ";
- elseif (mb_strlen($INPUT_CARD_EXP_MONTH) < 2)
- $INPUT_CARD_EXP_MONTH = "0".$INPUT_CARD_EXP_MONTH;
- $INPUT_CARD_EXP_YEAR = intval($_REQUEST["ccard_date2"]);
- if ($INPUT_CARD_EXP_YEAR < $year)
- $strErrorMessage .= GetMessage("AN_CC_YEAR")." ";
- $INPUT_CARD_CODE = Trim($_REQUEST["ccard_code"]);
- if ($strErrorMessage <> '')
- $bCanProcess = False;
- }
- $ORDER_ID = intval($GLOBALS["SALE_INPUT_PARAMS"]["ORDER"]["ID"]);
- if ($bCanProcess)
- {
- // Merchant Account Information
- $strPostQueryString = "x_version=3.1";
- $strPostQueryString .= "&x_login=".urlencode(CSalePaySystemAction::GetParamValue("PS_LOGIN"));
- $strPostQueryString .= "&x_tran_key=".urlencode(CSalePaySystemAction::GetParamValue("PS_TRANSACTION_KEY"));
- $strPostQueryString .= "&x_test_request=".(CSalePaySystemAction::GetParamValue("TEST_TRANSACTION") ? "TRUE" : "FALSE")."";
- // Gateway Response Configuration
- $strPostQueryString .= "&x_delim_data=True";
- $strPostQueryString .= "&x_relay_response=False";
- $strPostQueryString .= "&x_delim_char=,";
- $strPostQueryString .= "&x_encap_char=|";
- $arTmp = array("x_first_name" => "FIRST_NAME", "x_last_name" => "LAST_NAME",
- "x_company" => "COMPANY", "x_address" => "ADDRESS", "x_city" => "CITY",
- "x_state" => "STATE", "x_zip" => "ZIP", "x_country" => "COUNTRY",
- "x_phone" => "PHONE", "x_fax" => "FAX"
- );
- foreach ($arTmp as $key => $value)
- {
- if (($val = CSalePaySystemAction::GetParamValue($value)) !== False)
- $strPostQueryString .= "&".$key."=".urlencode($val);
- }
- // Additional Customer Data
- $strPostQueryString .= "&x_cust_id=".urlencode($GLOBALS["SALE_INPUT_PARAMS"]["ORDER"]["USER_ID"]);
- $strPostQueryString .= "&x_customer_ip=".urlencode($_SERVER["REMOTE_ADDR"]);
- // Email Settings
- if (($val = CSalePaySystemAction::GetParamValue("EMAIL")) !== False)
- $strPostQueryString .= "&x_email=".urlencode($val);
- $strPostQueryString .= "&x_email_customer=FALSE";
- $strPostQueryString .= "&x_merchant_email=".urlencode(COption::GetOptionString("sale", "order_email", ""));
- // Invoice Information
- $strPostQueryString .= "&x_invoice_num=".urlencode($GLOBALS["SALE_INPUT_PARAMS"]["ORDER"]["ID"]);
- $strPostQueryString .= "&x_description=".urlencode($GLOBALS["SALE_INPUT_PARAMS"]["ORDER"]["DATE_INSERT"]);
- // Customer Shipping Address
- $arTmp = array("x_ship_to_first_name" => "SHIP_FIRST_NAME",
- "x_ship_to_last_name" => "SHIP_LAST_NAME", "x_ship_to_company" => "SHIP_COMPANY",
- "x_ship_to_address" => "SHIP_ADDRESS", "x_ship_to_city" => "SHIP_CITY",
- "x_ship_to_state" => "SHIP_STATE", "x_ship_to_zip" => "SHIP_ZIP",
- "x_ship_to_country" => "SHIP_COUNTRY"
- );
- foreach ($arTmp as $key => $value)
- {
- if (($val = CSalePaySystemAction::GetParamValue($value)) !== False)
- $strPostQueryString .= "&".$key."=".urlencode($val);
- }
- // Transaction Data
- $strPostQueryString .= "&x_amount=".urlencode($GLOBALS["SALE_INPUT_PARAMS"]["ORDER"]["SHOULD_PAY"]);
- $strPostQueryString .= "&x_currency_code=".urlencode($GLOBALS["SALE_INPUT_PARAMS"]["ORDER"]["CURRENCY"]);
- $strPostQueryString .= "&x_method=CC";
- $strPostQueryString .= "&x_type=AUTH_CAPTURE";
- $strPostQueryString .= "&x_recurring_billing=NO";
- $strPostQueryString .= "&x_card_num=".urlencode($INPUT_CARD_NUM);
- $strPostQueryString .= "&x_exp_date=".urlencode($INPUT_CARD_EXP_MONTH.$INPUT_CARD_EXP_YEAR); // MMYYYY
- $strPostQueryString .= "&x_card_code=".urlencode($INPUT_CARD_CODE);
- // Level 2 Data
- $strPostQueryString .= "&x_tax=".urlencode($GLOBALS["SALE_INPUT_PARAMS"]["ORDER"]["TAX_VALUE"]);
- $strPostQueryString .= "&x_freight=".urlencode($GLOBALS["SALE_INPUT_PARAMS"]["ORDER"]["PRICE_DELIVERY"]);
- $strResult = QueryGetData("secure.authorize.net", 443, "/gateway/transact.dll", $strPostQueryString, $errno, $errstr, "POST", "ssl://");
- $mass = explode("|,|", "|,".$strResult);
- $strHashValue = CSalePaySystemAction::GetParamValue("HASH_VALUE");
- if ($strHashValue <> '')
- {
- if (md5($strHashValue.(CSalePaySystemAction::GetParamValue("PS_LOGIN")).$mass[7].sprintf("%.2f", $GLOBALS["SALE_INPUT_PARAMS"]["ORDER"]["SHOULD_PAY"])) != mb_strtolower($mass[38]))
- {
- $mass = array();
- $mass[1] = 3;
- $mass[4] = "MD5 transaction signature is incorrect!";
- $mass[3] = 0;
- $mass[2] = 0;
- }
- }
- $strPS_STATUS = ((intval($mass[1])==1) ? "Y" : "N");
- $strPS_STATUS_CODE = $mass[3];
- if ($strPS_STATUS=="Y")
- $strPS_STATUS_DESCRIPTION = "Approval Code: ".$mass[5].(!empty($mass[7]) ? "; Transaction ID: ".$mass[7] : "");
- else
- {
- $strPS_STATUS_DESCRIPTION = (intval($mass[1])==2 ? "Declined" : "Error").": ".$mass[4]." (Reason Code ".$mass[3]." / Sub ".$mass[2].")";
- $strErrorMessage .= (intval($mass[1])==2 ? "Transaction was declined" : "Error while processing transaction").": ".$mass[4]." (".$mass[3]."/".$mass[2].")";
- }
- $strPS_STATUS_MESSAGE = "";
- if (!empty($mass[6]))
- $strPS_STATUS_MESSAGE .= "\nAVS Result: [".$mass[6]."] ".$arAVSErr[$mass[6]].";";
- if (!empty($mass[39]))
- $strPS_STATUS_MESSAGE .= "\nCard Code Result: [".$mass[39]."] ".$arCVVErr[$mass[39]].";";
- if (!empty($mass[40]))
- $strPS_STATUS_MESSAGE .= "\nCAVV: [".$mass[40]."] ".$arCAVVErr[$mass[40]].";";
- $strPS_SUM = $mass[10];
- $arFields = array(
- "PS_STATUS" => $strPS_STATUS,
- "PS_STATUS_CODE" => $strPS_STATUS_CODE,
- "PS_STATUS_DESCRIPTION" => $strPS_STATUS_DESCRIPTION,
- "PS_STATUS_MESSAGE" => $strPS_STATUS_MESSAGE,
- "PS_SUM" => $strPS_SUM,
- "PS_CURRENCY" => $GLOBALS["SALE_INPUT_PARAMS"]["ORDER"]["CURRENCY"],
- "PS_RESPONSE_DATE" => Date(CDatabase::DateFormatToPHP(CLang::GetDateFormat("FULL", LANG)))
- );
- if (CSalePaySystemAction::GetParamValue("AUTO_PAY") === 'Y')
- {
- $arOrder = CSaleOrder::GetByID($ORDER_ID);
- if ($arOrder["PRICE"] == $arFields["PS_SUM"] && $arFields["PS_STATUS"] == "Y")
- {
- CSaleOrder::PayOrder($arOrder["ID"], "Y");
- }
- }
- CSaleOrder::Update($ORDER_ID, $arFields);
- if ($strErrorMessage == '')
- $bSuccessProcess = True;
- }
- if ($bSuccessProcess)
- {
- ?><div class="alert alert-success" role="alert"><?=GetMessage("AN_SUCC")?></div><?
- }
- else
- {
- if ($strErrorMessage <> '')
- {
- ?><div class="alert alert-danger" role="alert"><?= $strErrorMessage ?></div><?
- }
- ?>
- <form action="" method="post">
- <div class="form-group row">
- <label for="ccardNumber" class="col-sm-6 col-form-label text-sm-right"><?=GetMessage("AN_CC")?></label>
- <div class="col-sm-6">
- <input type="text" id="ccardNumber" name="ccard_num" size="30" value="<?= htmlspecialcharsbx($_REQUEST["ccard_num"]) ?>" class="form-control inputtext">
- </div>
- </div>
- <div class="form-group row">
- <label for="ccardDate1" class="col-sm-6 col-form-label text-sm-right"><?=GetMessage("AN_CC_DATE")?></label>
- <div class="col-auto">
- <select name="ccard_date1" class="inputselect form-control" id="ccardDate1">
- <?for ($i = 1; $i <= 12; $i++):?>
- <option value="<?= $i ?>"<?= (($i==$_REQUEST["ccard_date1"]) ? "selected" : "") ?>><?= $i ?></option>
- <?endfor;?>
- </select>
- </div>
- <div class="col-auto col-form-label">/</div>
- <div class="col-auto">
- <select name="ccard_date2" class="inputselect form-control">
- <?for ($i = $year; $i <= $year+5; $i++):?>
- <option value="<?= $i ?>"<?= (($i==$_REQUEST["ccard_date2"]) ? "selected" : "") ?>><?= $i ?></option>
- <?endfor;?>
- </select>
- </div>
- </div>
- <div class="form-group row">
- <label for="ccardCode" class="col-sm-6 col-form-label text-sm-right"><?=GetMessage("AN_CC_CVV2")?></label>
- <div class="col-auto">
- <input type="text" id="ccardCode" name="ccard_code" size="5" value="<?= htmlspecialcharsbx($_REQUEST["ccard_code"]) ?>" class="inputtext form-control">
- </div>
- </div>
- <div class="form-group row">
- <div class="col-sm-6 col-form-label text-sm-right"></div>
- <div class="col-auto">
- <input type="hidden" name="CurrentStep" value="<?= intval($GLOBALS["CurrentStep"]) ?>">
- <input type="hidden" name="ORDER_ID" value="<?= $ORDER_ID ?>">
- <input type="hidden" name="pay_this_order" value="Y">
- <input type="submit" value="<?=GetMessage("AN_CC_BUTTON")?>" class="inputbutton btn btn-primary">
- </div>
- </div>
- </form>
- <?
- }
- ?>