PageRenderTime 61ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 1ms

/application/libraries/merchant.php

https://bitbucket.org/fusioninvoice_it/fusioninvoice
PHP | 893 lines | 564 code | 130 blank | 199 comment | 74 complexity | 8b5e0c0611244f3539e776af18196928 MD5 | raw file
    

  1. <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
    2. 

  2. 

  3. /*
    4. 

  4.  * CI-Merchant Library
    5. 

  5.  *
    6. 

  6.  * Copyright (c) 2011-2012 Adrian Macneil
    7. 

  7.  *
    8. 

  8.  * Permission is hereby granted, free of charge, to any person obtaining a copy
    9. 

  9.  * of this software and associated documentation files (the "Software"), to deal
    10. 

  10.  * in the Software without restriction, including without limitation the rights
    11. 

  11.  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
    12. 

  12.  * copies of the Software, and to permit persons to whom the Software is
    13. 

  13.  * furnished to do so, subject to the following conditions:
    14. 

    15. 

  15.  * The above copyright notice and this permission notice shall be included in
    16. 

  16.  * all copies or substantial portions of the Software.
    17. 

    18. 

  18.  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
    19. 

  19.  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    20. 

  20.  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
    21. 

  21.  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
    22. 

  22.  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
    23. 

  23.  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
    24. 

  24.  * THE SOFTWARE.
    25. 

  25.  */
    26. 

  26. 

  27. // Support legacy drivers which extend the CI_Driver class
    28. 

  28. // All drivers should be updated to extend Merchant_driver instead
    29. 

  29. // This will be removed in a future version!
    30. 

  30. if ( ! class_exists('CI_Driver')) get_instance()->load->library('driver');
    31. 

  31. 

  32. define('MERCHANT_CONFIG_PATH', realpath(dirname(__FILE__).'/../config'));
    33. 

  33. define('MERCHANT_DRIVER_PATH', realpath(dirname(__FILE__).'/merchant'));
    34. 

  34. define('MERCHANT_VENDOR_PATH', realpath(dirname(__FILE__).'/../vendor'));
    35. 

  35. 

  36. /**
    37. 

  37.  * Merchant Class
    38. 

  38.  *
    39. 

  39.  * Payment processing for CodeIgniter
    40. 

  40.  */
    41. 

  41. class Merchant
    42. 

  42. {
    43. 

  43. 	public static $CURRENCIES_WITHOUT_DECIMALS = array('JPY');
    44. 

  44. 

  45. 	public static $NUMERIC_CURRENCY_CODES = array(
    46. 

  46. 		'AUD' => '036',
    47. 

  47. 		'CAD' => '124',
    48. 

  48. 		'EUR' => '978',
    49. 

  49. 		'GBP' => '826',
    50. 

  50. 		'NZD' => '554',
    51. 

  51. 		'USD' => '840',
    52. 

  52. 	);
    53. 

  53. 

  54. 	private $_driver;
    55. 

  55. 

  56. 	public function __construct($driver = NULL)
    57. 

  57. 	{
    58. 

  58. 		if ( ! empty($driver))
    59. 

  59. 		{
    60. 

  60. 			$this->load($driver);
    61. 

  61. 		}
    62. 

  62. 	}
    63. 

  63. 

  64. 	public function __call($function, $arguments)
    65. 

  65. 	{
    66. 

  66. 		if ( ! empty($this->_driver))
    67. 

  67. 		{
    68. 

  68. 			return call_user_func_array(array($this->_driver, $function), $arguments);
    69. 

  69. 		}
    70. 

  70. 	}
    71. 

  71. 

  72. 	/**
    73. 

  73. 	 * Load the specified driver
    74. 

  74. 	 */
    75. 

  75. 	public function load($driver)
    76. 

  76. 	{
    77. 

  77. 		$this->_driver = $this->_create_instance($driver);
    78. 

  78. 		return $this->_driver !== FALSE;
    79. 

  79. 	}
    80. 

  80. 

  81. 	/**
    82. 

  82. 	 * Returns the name of the currently loaded driver
    83. 

  83. 	 */
    84. 

  84. 	public function active_driver()
    85. 

  85. 	{
    86. 

  86. 		$class_name = get_class($this->_driver);
    87. 

  87. 		if ($class_name === FALSE) return FALSE;
    88. 

  88. 		return str_replace('Merchant_', '', $class_name);
    89. 

  89. 	}
    90. 

  90. 

  91. 	/**
    92. 

  92. 	 * Load and create a new instance of a driver.
    93. 

  93. 	 * $driver can be specified either as a class name (Merchant_paypal) or a short name (paypal)
    94. 

  94. 	 */
    95. 

  95. 	private function _create_instance($driver)
    96. 

  96. 	{
    97. 

  97. 		if (stripos($driver, 'merchant_') === 0)
    98. 

  98. 		{
    99. 

  99. 			$driver_class = ucfirst(strtolower($driver));
    100. 

  100. 		}
    101. 

  101. 		else
    102. 

  102. 		{
    103. 

  103. 			$driver_class = 'Merchant_'.strtolower($driver);
    104. 

  104. 		}
    105. 

  105. 

  106. 		if ( ! class_exists($driver_class))
    107. 

  107. 		{
    108. 

  108. 			// attempt to load driver file
    109. 

  109. 			$driver_path = MERCHANT_DRIVER_PATH.'/'.strtolower($driver_class).'.php';
    110. 

  110. 			if ( ! file_exists($driver_path)) return FALSE;
    111. 

  111. 			require_once($driver_path);
    112. 

  112. 

  113. 			// did the driver file implement the class?
    114. 

  114. 			if ( ! class_exists($driver_class)) return FALSE;
    115. 

  115. 		}
    116. 

  116. 

  117. 		// ensure class is not abstract
    118. 

  118. 		$reflection_class = new ReflectionClass($driver_class);
    119. 

  119. 		if ($reflection_class->isAbstract()) return FALSE;
    120. 

  120. 

  121. 		return new $driver_class();
    122. 

  122. 	}
    123. 

  123. 

  124. 	public function valid_drivers()
    125. 

  125. 	{
    126. 

  126. 		static $valid_drivers = array();
    127. 

  127. 

  128. 		if (empty($valid_drivers))
    129. 

  129. 		{
    130. 

  130. 			foreach (scandir(MERCHANT_DRIVER_PATH) as $file_name)
    131. 

  131. 			{
    132. 

  132. 				$driver_path = MERCHANT_DRIVER_PATH.'/'.$file_name;
    133. 

  133. 				if (stripos($file_name, 'merchant_') === 0 AND is_file($driver_path))
    134. 

  134. 				{
    135. 

  135. 					require_once($driver_path);
    136. 

  136. 

  137. 					// does the file implement an appropriately named class?
    138. 

  138. 					$driver_class = ucfirst(str_replace('.php', '', $file_name));
    139. 

  139. 					if ( ! class_exists($driver_class)) continue;
    140. 

  140. 

  141. 					// ensure class is not abstract
    142. 

  142. 					$reflection_class = new ReflectionClass($driver_class);
    143. 

  143. 					if ($reflection_class->isAbstract()) continue;
    144. 

  144. 

  145. 					$valid_drivers[] = str_replace('Merchant_', '', $driver_class);
    146. 

  146. 				}
    147. 

  147. 			}
    148. 

  148. 		}
    149. 

  149. 

  150. 		return $valid_drivers;
    151. 

  151. 	}
    152. 

  152. 

  153. 	public function authorize($params)
    154. 

  154. 	{
    155. 

  155. 		return $this->_do_authorize_or_purchase('authorize', $params);
    156. 

  156. 	}
    157. 

  157. 

  158. 	public function authorize_return($params)
    159. 

  159. 	{
    160. 

  160. 		return $this->_do_authorize_or_purchase('authorize_return', $params);
    161. 

  161. 	}
    162. 

  162. 

  163. 	public function capture($params)
    164. 

  164. 	{
    165. 

  165. 		return $this->_do_capture_or_refund('capture', $params);
    166. 

  166. 	}
    167. 

  167. 

  168. 	public function purchase($params)
    169. 

  169. 	{
    170. 

  170. 		return $this->_do_authorize_or_purchase('purchase', $params);
    171. 

  171. 	}
    172. 

  172. 

  173. 	public function purchase_return($params)
    174. 

  174. 	{
    175. 

  175. 		return $this->_do_authorize_or_purchase('purchase_return', $params);
    176. 

  176. 	}
    177. 

  177. 

  178. 	public function refund($params)
    179. 

  179. 	{
    180. 

  180. 		return $this->_do_capture_or_refund('refund', $params);
    181. 

  181. 	}
    182. 

  182. 

  183. 	private function _do_authorize_or_purchase($method, $params)
    184. 

  184. 	{
    185. 

  185. 		$this->_normalize_card_params($params);
    186. 

  186. 		$this->_normalize_currency_params($params);
    187. 

  187. 

  188. 		try
    189. 

  189. 		{
    190. 

  190. 			// load driver params
    191. 

  191. 			$this->_driver->set_params($params);
    192. 

  192. 

  193. 			// all payments require amount and currency
    194. 

  194. 			$this->_driver->require_params('amount', 'currency');
    195. 

  195. 

  196. 			// support drivers using deprecated required_fields array
    197. 

  197. 			if (($method == 'authorize' OR $method == 'purchase') AND
    198. 

  198. 				! empty($this->_driver->required_fields))
    199. 

  199. 			{
    200. 

  200. 				$this->_driver->require_params($this->_driver->required_fields);
    201. 

  201. 			}
    202. 

  202. 

  203. 			// validate card_no
    204. 

  204. 			$this->_driver->validate_card();
    205. 

  205. 

  206. 			// begin the actual processing
    207. 

  207. 			return $this->_driver->$method();
    208. 

  208. 		}
    209. 

  209. 		catch (Merchant_exception $e)
    210. 

  210. 		{
    211. 

  211. 			return new Merchant_response(Merchant_response::FAILED, $e->getMessage());
    212. 

  212. 		}
    213. 

  213. 	}
    214. 

  214. 

  215. 	private function _do_capture_or_refund($method, $params)
    216. 

  216. 	{
    217. 

  217. 		$this->_normalize_currency_params($params);
    218. 

  218. 

  219. 		try
    220. 

  220. 		{
    221. 

  221. 			// load driver params
    222. 

  222. 			$this->_driver->set_params($params);
    223. 

  223. 

  224. 			// begin the actual processing
    225. 

  225. 			return $this->_driver->$method();
    226. 

  226. 		}
    227. 

  227. 		catch (Merchant_exception $e)
    228. 

  228. 		{
    229. 

  229. 			return new Merchant_response(Merchant_response::FAILED, $e->getMessage());
    230. 

  230. 		}
    231. 

  231. 	}
    232. 

  232. 

  233. 	private function _normalize_card_params(&$params)
    234. 

  234. 	{
    235. 

  235. 		// normalize months to 2 digits and years to 4
    236. 

  236. 		if ( ! empty($params['exp_month'])) $params['exp_month'] = sprintf('%02d', (int)$params['exp_month']);
    237. 

  237. 		if ( ! empty($params['exp_year'])) $params['exp_year'] = sprintf('%04d', (int)$params['exp_year']);
    238. 

  238. 		if ( ! empty($params['start_month'])) $params['start_month'] = sprintf('%02d', (int)$params['start_month']);
    239. 

  239. 		if ( ! empty($params['start_year'])) $params['start_year'] = sprintf('%04d', (int)$params['start_year']);
    240. 

  240. 

  241. 		// normalize card_type to lowercase
    242. 

  242. 		if (isset($params['card_type'])) $params['card_type'] = strtolower($params['card_type']);
    243. 

  243. 

  244. 		// support deprecated card_name parameter
    245. 

  245. 		if (isset($params['card_name']))
    246. 

  246. 		{
    247. 

  247. 			$params['name'] = $params['card_name'];
    248. 

  248. 		}
    249. 

  249. 		if (isset($params['name']))
    250. 

  250. 		{
    251. 

  251. 			$params['card_name'] = $params['name'];
    252. 

  252. 			// split first/last names
    253. 

  253. 			if (empty($params['first_name']) AND empty($params['last_name']))
    254. 

  254. 			{
    255. 

  255. 				$names = explode(' ', (string)$params['name'], 2);
    256. 

  256. 				$params['first_name'] = $names[0];
    257. 

  257. 				$params['last_name'] = isset($names[1]) ? $names[1] : '';
    258. 

  258. 			}
    259. 

  259. 		}
    260. 

  260. 

  261. 		// support deprecated address parameter
    262. 

  262. 		if (isset($params['address']))
    263. 

  263. 		{
    264. 

  264. 			$params['address1'] = $params['address'];
    265. 

  265. 		}
    266. 

  266. 		elseif (isset($params['address1']))
    267. 

  267. 		{
    268. 

  268. 			$params['address'] = $params['address1'];
    269. 

  269. 		}
    270. 

  270. 	}
    271. 

  271. 

  272. 	private function _normalize_currency_params(&$params)
    273. 

  273. 	{
    274. 

  274. 		// support deprecated currency_code parameter
    275. 

  275. 		if (isset($params['currency_code']))
    276. 

  276. 		{
    277. 

  277. 			$params['currency'] = $params['currency_code'];
    278. 

  278. 		}
    279. 

  279. 		if (isset($params['currency']))
    280. 

  280. 		{
    281. 

  281. 			// currency should always be uppercase
    282. 

  282. 			$params['currency'] = strtoupper($params['currency']);
    283. 

  283. 			$params['currency_code'] = $params['currency'];
    284. 

  284. 		}
    285. 

  285. 	}
    286. 

  286. 

  287. 	/**
    288. 

  288. 	 * Deprecated. Please use Merchant_driver::get_request() or
    289. 

  289. 	 * Merchant_driver::post_request() instead.
    290. 

  290. 	 */
    291. 

  291. 	public static function curl_helper($url, $post_data = NULL, $username = NULL, $password = NULL)
    292. 

  292. 	{
    293. 

  293. 		// errors are now thrown as Merchant_exception()
    294. 

  294. 		$response = array('error' => NULL);
    295. 

  295. 

  296. 		if (is_null($post_data))
    297. 

  297. 		{
    298. 

  298. 			$response['data'] = get_instance()->merchant->get_request($url, $username, $password);
    299. 

  299. 		}
    300. 

  300. 		else
    301. 

  301. 		{
    302. 

  302. 			$response['data'] = get_instance()->merchant->post_request($url, $post_data, $username, $password);
    303. 

  303. 		}
    304. 

  304. 

  305. 		return $response;
    306. 

  306. 	}
    307. 

  307. 

  308. 	/**
    309. 

  309. 	 * Redirect the user's browser to a URL.
    310. 

  310. 	 *
    311. 

  311. 	 * @param string $url
    312. 

  312. 	 */
    313. 

  313. 	public static function redirect($url)
    314. 

  314. 	{
    315. 

  315. 		get_instance()->load->helper('url');
    316. 

  316. 		redirect($url);
    317. 

  317. 	}
    318. 

  318. 

  319. 	/**
    320. 

  320. 	 * Redirect the user's browser to a URL using a POST request.
    321. 

  321. 	 *
    322. 

  322. 	 * @param string $url
    323. 

  323. 	 * @param array $data
    324. 

  324. 	 * @param string $message
    325. 

  325. 	 */
    326. 

  326. 	public static function post_redirect($url, $data, $message = NULL)
    327. 

  327. 	{
    328. 

  328. 		if (empty($message))
    329. 

  329. 		{
    330. 

  330. 			$message = lang('merchant_payment_redirect');
    331. 

  331. 		}
    332. 

  332. 

  333. 		?><!DOCTYPE html>
    334. 

  334. <html>
    335. 

  335. <head><title>Redirecting...</title></head>
    336. 

  336. <body onload="document.forms[0].submit();">
    337. 

  337. 	<form name="payment" action="<?php echo htmlspecialchars($url); ?>" method="post">
    338. 

  338. 		<p><?php echo htmlspecialchars($message); ?></p>
    339. 

  339. 		<p>
    340. 

  340. 			<?php foreach ($data as $key => $value): ?>
    341. 

  341. 				<input type="hidden" name="<?php echo htmlspecialchars($key); ?>" value="<?php echo htmlspecialchars($value); ?>" />
    342. 

  342. 			<?php endforeach ?>
    343. 

  343. 			<input type="submit" value="Continue" />
    344. 

  344. 		</p>
    345. 

  345. 	</form>
    346. 

  346. </body>
    347. 

  347. </html>
    348. 

  348. <?php
    349. 

  349. 		exit();
    350. 

  350. 	}
    351. 

  351. }
    352. 

  352. 

  353. abstract class Merchant_driver
    354. 

  354. {
    355. 

  355. 	protected $CI;
    356. 

  356. 

  357. 	/**
    358. 

  358. 	 * Settings related to the payment gateway.
    359. 

  359. 	 * Accessing this array directly is deprecated.
    360. 

  360. 	 *
    361. 

  361. 	 * @var array
    362. 

  362. 	 */
    363. 

  363. 	protected $settings = array();
    364. 

  364. 

  365. 	/**
    366. 

  366. 	 * Parameters related to the current payment.
    367. 

  367. 	 *
    368. 

  368. 	 * @var array
    369. 

  369. 	 */
    370. 

  370. 	private $_params = array();
    371. 

  371. 

  372. 	public function __construct()
    373. 

  373. 	{
    374. 

  374. 		$this->CI =& get_instance();
    375. 

  375. 

  376. 		// initialize default settings
    377. 

  377. 		foreach ($this->default_settings() as $key => $default)
    378. 

  378. 		{
    379. 

  379. 			if (is_array($default))
    380. 

  380. 			{
    381. 

  381. 				$this->settings[$key] = isset($default['default']) ? $default['default'] : NULL;
    382. 

  382. 			}
    383. 

  383. 			else
    384. 

  384. 			{
    385. 

  385. 				$this->settings[$key] = $default;
    386. 

  386. 			}
    387. 

  387. 		}
    388. 

  388. 	}
    389. 

  389. 

  390. 	/**
    391. 

  391. 	 * Default settings. This should be overridden by the driver.
    392. 

  392. 	 */
    393. 

  393. 	public abstract function default_settings();
    394. 

  394. 

  395. 	/**
    396. 

  396. 	 * Initialize the driver settings
    397. 

  397. 	 */
    398. 

  398. 	public function initialize($settings)
    399. 

  399. 	{
    400. 

  400. 		foreach ($this->default_settings() as $key => $default)
    401. 

  401. 		{
    402. 

  402. 			if (isset($settings[$key]))
    403. 

  403. 			{
    404. 

  404. 				// boolean settings must remain booleans
    405. 

  405. 				$this->settings[$key] = is_bool($default) ? (bool)$settings[$key] : $settings[$key];
    406. 

  406. 			}
    407. 

  407. 		}
    408. 

  408. 	}
    409. 

  409. 

  410. 	/**
    411. 

  411. 	 * All driver settings
    412. 

  412. 	 *
    413. 

  413. 	 * @return array
    414. 

  414. 	 */
    415. 

  415. 	public function settings()
    416. 

  416. 	{
    417. 

  417. 		return $this->settings;
    418. 

  418. 	}
    419. 

  419. 

  420. 	/**
    421. 

  421. 	 * Setting
    422. 

  422. 	 *
    423. 

  423. 	 * @return  mixed
    424. 

  424. 	 */
    425. 

  425. 	public function setting($key)
    426. 

  426. 	{
    427. 

  427. 		return isset($this->settings[$key]) ? $this->settings[$key] : FALSE;
    428. 

  428. 	}
    429. 

  429. 

  430. 	public function can_authorize()
    431. 

  431. 	{
    432. 

  432. 		$method = new ReflectionMethod($this, 'authorize');
    433. 

  433. 		return $method->getDeclaringClass()->name !== __CLASS__;
    434. 

  434. 	}
    435. 

  435. 

  436. 	public function can_capture()
    437. 

  437. 	{
    438. 

  438. 		$method = new ReflectionMethod($this, 'capture');
    439. 

  439. 		return $method->getDeclaringClass()->name !== __CLASS__;
    440. 

  440. 	}
    441. 

  441. 

  442. 	public function can_refund()
    443. 

  443. 	{
    444. 

  444. 		$method = new ReflectionMethod($this, 'refund');
    445. 

  445. 		return $method->getDeclaringClass()->name !== __CLASS__;
    446. 

  446. 	}
    447. 

  447. 

  448. 	public function can_return()
    449. 

  449. 	{
    450. 

  450. 		$method = new ReflectionMethod($this, 'purchase_return');
    451. 

  451. 		if ($method->getDeclaringClass()->name !== __CLASS__) return TRUE;
    452. 

  452. 

  453. 		// try calling deprecated process_return() method instead
    454. 

  454. 		if (method_exists($this, 'process_return')) return TRUE;
    455. 

  455. 		if (method_exists($this, '_process_return')) return TRUE;
    456. 

  456. 

  457. 		return FALSE;
    458. 

  458. 	}
    459. 

  459. 

  460. 	public function authorize()
    461. 

  461. 	{
    462. 

  462. 		throw new BadMethodCallException(lang('merchant_invalid_method'));
    463. 

  463. 	}
    464. 

  464. 

  465. 	public function authorize_return()
    466. 

  466. 	{
    467. 

  467. 		throw new BadMethodCallException(lang('merchant_invalid_method'));
    468. 

  468. 	}
    469. 

  469. 

  470. 	public function capture()
    471. 

  471. 	{
    472. 

  472. 		throw new BadMethodCallException(lang('merchant_invalid_method'));
    473. 

  473. 	}
    474. 

  474. 

  475. 	public function purchase()
    476. 

  476. 	{
    477. 

  477. 		// try calling deprecated process() method instead
    478. 

  478. 		if (method_exists($this, 'process'))
    479. 

  479. 		{
    480. 

  480. 			return $this->process($this->_params);
    481. 

  481. 		}
    482. 

  482. 

  483. 		if (method_exists($this, '_process'))
    484. 

  484. 		{
    485. 

  485. 			return $this->_process($this->_params);
    486. 

  486. 		}
    487. 

  487. 

  488. 		throw new BadMethodCallException(lang('merchant_invalid_method'));
    489. 

  489. 	}
    490. 

  490. 

  491. 	public function purchase_return()
    492. 

  492. 	{
    493. 

  493. 		// try calling deprecated process_return() method instead
    494. 

  494. 		if (method_exists($this, 'process_return'))
    495. 

  495. 		{
    496. 

  496. 			return $this->process_return($this->_params);
    497. 

  497. 		}
    498. 

  498. 

  499. 		if (method_exists($this, '_process_return'))
    500. 

  500. 		{
    501. 

  501. 			return $this->_process_return($this->_params);
    502. 

  502. 		}
    503. 

  503. 

  504. 		throw new BadMethodCallException(lang('merchant_invalid_method'));
    505. 

  505. 	}
    506. 

  506. 

  507. 	public function refund()
    508. 

  508. 	{
    509. 

  509. 		throw new BadMethodCallException(lang('merchant_invalid_method'));
    510. 

  510. 	}
    511. 

  511. 

  512. 	public function param($name)
    513. 

  513. 	{
    514. 

  514. 		return isset($this->_params[$name]) ? $this->_params[$name] : FALSE;
    515. 

  515. 	}
    516. 

  516. 

  517. 	public function set_params($params)
    518. 

  518. 	{
    519. 

  519. 		$this->_params = array_merge($this->_params, $params);
    520. 

  520. 	}
    521. 

  521. 

  522. 	public function require_params()
    523. 

  523. 	{
    524. 

  524. 		$args = func_get_args();
    525. 

  525. 		if (empty($args)) return;
    526. 

  526. 

  527. 		// also accept an array instead of multiple parameters
    528. 

  528. 		if (count($args) == 1 AND is_array($args[0])) $args = $args[0];
    529. 

  529. 

  530. 		foreach ($args as $name)
    531. 

  531. 		{
    532. 

  532. 			if (empty($this->_params[$name]))
    533. 

  533. 			{
    534. 

  534. 				throw new Merchant_exception(str_replace('%s', lang("merchant_$name"), lang('merchant_required')));
    535. 

  535. 			}
    536. 

  536. 		}
    537. 

  537. 	}
    538. 

  538. 

  539. 	public function validate_card()
    540. 

  540. 	{
    541. 

  541. 		// skip validation if card_no is empty
    542. 

  542. 		if (empty($this->_params['card_no'])) return;
    543. 

  543. 

  544. 		if ( ! $this->secure_request())
    545. 

  545. 		{
    546. 

  546. 			throw new Merchant_exception(lang('merchant_insecure_connection'));
    547. 

  547. 		}
    548. 

  548. 

  549. 		// strip any non-digits from card_no
    550. 

  550. 		$this->_params['card_no'] = preg_replace('/\D/', '', $this->_params['card_no']);
    551. 

  551. 

  552. 		if ($this->validate_luhn($this->_params['card_no']) == FALSE)
    553. 

  553. 		{
    554. 

  554. 			throw new Merchant_exception(lang('merchant_invalid_card_no'));
    555. 

  555. 		}
    556. 

  556. 

  557. 		if ($this->param('exp_month') AND $this->param('exp_year') AND
    558. 

  558. 			$this->validate_expiry($this->param('exp_month'), $this->param('exp_year')) == FALSE)
    559. 

  559. 		{
    560. 

  560. 			throw new Merchant_exception(lang('merchant_card_expired'));
    561. 

  561. 		}
    562. 

  562. 	}
    563. 

  563. 

  564. 	/**
    565. 

  565. 	 * Luhn algorithm number checker - (c) 2005-2008 shaman - www.planzero.org
    566. 

  566. 	 * This code has been released into the public domain, however please
    567. 

  567. 	 * give credit to the original author where possible.
    568. 

  568. 	 *
    569. 

  569. 	 * @return boolean TRUE if the number is valid
    570. 

  570. 	 */
    571. 

  571. 	protected function validate_luhn($number)
    572. 

  572. 	{
    573. 

  573. 		// Set the string length and parity
    574. 

  574. 		$number_length = strlen($number);
    575. 

  575. 		$parity = $number_length % 2;
    576. 

  576. 

  577. 		// Loop through each digit and do the maths
    578. 

  578. 		$total = 0;
    579. 

  579. 		for ($i = 0; $i < $number_length; $i++)
    580. 

  580. 		{
    581. 

  581. 			$digit = $number[$i];
    582. 

  582. 			// Multiply alternate digits by two
    583. 

  583. 			if ($i % 2 == $parity)
    584. 

  584. 			{
    585. 

  585. 				$digit *= 2;
    586. 

  586. 				// If the sum is two digits, add them together (in effect)
    587. 

  587. 				if ($digit > 9)
    588. 

  588. 				{
    589. 

  589. 					$digit -= 9;
    590. 

  590. 				}
    591. 

  591. 			}
    592. 

  592. 			// Total up the digits
    593. 

  593. 			$total += $digit;
    594. 

  594. 		}
    595. 

  595. 

  596. 		// If the total mod 10 equals 0, the number is valid
    597. 

  597. 		return ($total % 10 == 0) ? TRUE : FALSE;
    598. 

  598. 	}
    599. 

  599. 

  600. 	/**
    601. 

  601. 	 * Check whether an expiry date has already passed
    602. 

  602. 	 *
    603. 

  603. 	 * @return bool TRUE if the expiry date is valid
    604. 

  604. 	 */
    605. 

  605. 	protected function validate_expiry($month, $year)
    606. 

  606. 	{
    607. 

  607. 		// subtract 12 hours from current GMT time to avoid potential timezone issues
    608. 

  608. 		// in this rare case we will leave it up to the payment gateway to decide
    609. 

  609. 		$date = getdate(gmmktime() - 43200); // 12*60*60
    610. 

  610. 

  611. 		if ($year < $date['year'])
    612. 

  612. 		{
    613. 

  613. 			return FALSE;
    614. 

  614. 		}
    615. 

  615. 

  616. 		if ($year == $date['year'] AND $month < $date['mon'])
    617. 

  617. 		{
    618. 

  618. 			return FALSE;
    619. 

  619. 		}
    620. 

  620. 

  621. 		return TRUE;
    622. 

  622. 	}
    623. 

  623. 

  624. 	/**
    625. 

  625. 	 * Returns TRUE if the current request was made using HTTPS
    626. 

  626. 	 */
    627. 

  627. 	protected function secure_request()
    628. 

  628. 	{
    629. 

  629. 		if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) AND $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
    630. 

  630. 		{
    631. 

  631. 			return TRUE;
    632. 

  632. 		}
    633. 

  633. 		if (empty($_SERVER['HTTPS']) OR strtolower($_SERVER['HTTPS']) == 'off')
    634. 

  634. 		{
    635. 

  635. 			return FALSE;
    636. 

  636. 		}
    637. 

  637. 

  638. 		return TRUE;
    639. 

  639. 	}
    640. 

  640. 

  641. 	protected function amount_dollars()
    642. 

  642. 	{
    643. 

  643. 		if (in_array($this->param('currency'), Merchant::$CURRENCIES_WITHOUT_DECIMALS))
    644. 

  644. 		{
    645. 

  645. 			return round($this->param('amount'));
    646. 

  646. 		}
    647. 

  647. 

  648. 		return sprintf('%01.2f', $this->param('amount'));
    649. 

  649. 	}
    650. 

  650. 

  651. 	protected function amount_cents()
    652. 

  652. 	{
    653. 

  653. 		if (in_array($this->param('currency'), Merchant::$CURRENCIES_WITHOUT_DECIMALS))
    654. 

  654. 		{
    655. 

  655. 			return round($this->param('amount'));
    656. 

  656. 		}
    657. 

  657. 

  658. 		return round($this->param('amount') * 100);
    659. 

  659. 	}
    660. 

  660. 

  661. 	protected function currency()
    662. 

  662. 	{
    663. 

  663. 		return $this->param('currency');
    664. 

  664. 	}
    665. 

  665. 

  666. 	protected function currency_numeric()
    667. 

  667. 	{
    668. 

  668. 		$code = $this->param('currency');
    669. 

  669. 		return isset(Merchant::$NUMERIC_CURRENCY_CODES[$code]) ? Merchant::$NUMERIC_CURRENCY_CODES[$code] : 0;
    670. 

  670. 	}
    671. 

  671. 

  672. 	/**
    673. 

  673. 	 * Make a standard HTTP GET request.
    674. 

  674. 	 * This method is only public to support the deprecated Merchant::curl_helper() method,
    675. 

  675. 	 * and will be marked as protected in a future version.
    676. 

  676. 	 *
    677. 

  677. 	 * @param string $url The URL to request
    678. 

  678. 	 * @param string $username
    679. 

  679. 	 * @param string $password
    680. 

  680. 	 * @param array $extra_headers
    681. 

  681. 	 */
    682. 

  682. 	public function get_request($url, $username = NULL, $password = NULL, $extra_headers = NULL)
    683. 

  683. 	{
    684. 

  684. 		$ch = curl_init($url);
    685. 

  685. 		return $this->_do_curl_request($ch, $username, $password, $extra_headers);
    686. 

  686. 	}
    687. 

  687. 

  688. 	/**
    689. 

  689. 	 * Make a standard HTTP POST request.
    690. 

  690. 	 * This method is only public to support the deprecated Merchant::curl_helper() method,
    691. 

  691. 	 * and will be marked as protected in a future version.
    692. 

  692. 	 *
    693. 

  693. 	 * @param string $url The URL to request
    694. 

  694. 	 * @param mixed $data An optional string or array of form data which will be appended to the URL
    695. 

  695. 	 * @param string $username
    696. 

  696. 	 * @param string $password
    697. 

  697. 	 * @param array $extra_headers
    698. 

  698. 	 */
    699. 

  699. 	public function post_request($url, $data = NULL, $username = NULL, $password = NULL, $extra_headers = NULL)
    700. 

  700. 	{
    701. 

  701. 		$ch = curl_init($url);
    702. 

  702. 

  703. 		if (is_array($data))
    704. 

  704. 		{
    705. 

  705. 			$data = http_build_query($data);
    706. 

  706. 		}
    707. 

  707. 

  708. 		curl_setopt($ch, CURLOPT_POST, TRUE);
    709. 

  709. 		curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
    710. 

  710. 

  711. 		return $this->_do_curl_request($ch, $username, $password, $extra_headers);
    712. 

  712. 	}
    713. 

  713. 

  714. 	private function _do_curl_request($ch, $username, $password, $extra_headers)
    715. 

  715. 	{
    716. 

  716. 		curl_setopt($ch, CURLOPT_HEADER, FALSE);
    717. 

  717. 		curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
    718. 

  718. 		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
    719. 

  719. 		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
    720. 

  720. 		curl_setopt($ch, CURLOPT_CAINFO, MERCHANT_CONFIG_PATH.'/cacert.pem');
    721. 

  721. 

  722. 		if ($username !== NULL)
    723. 

  723. 		{
    724. 

  724. 			curl_setopt($ch, CURLOPT_USERPWD, $username.':'.$password);
    725. 

  725. 		}
    726. 

  726. 

  727. 		if ( ! empty($extra_headers))
    728. 

  728. 		{
    729. 

  729. 			curl_setopt($ch, CURLOPT_HTTPHEADER, $extra_headers);
    730. 

  730. 		}
    731. 

  731. 

  732. 		$response = curl_exec($ch);
    733. 

  733. 		$error = curl_error($ch);
    734. 

  734. 

  735. 		if ( ! empty($error))
    736. 

  736. 		{
    737. 

  737. 			throw new Merchant_exception($error);
    738. 

  738. 		}
    739. 

  739. 

  740. 		curl_close($ch);
    741. 

  741. 		return $response;
    742. 

  742. 	}
    743. 

  743. 

  744. 	/**
    745. 

  745. 	 * Redirect the user's browser to a URL.
    746. 

  746. 	 */
    747. 

  747. 	protected function redirect($url)
    748. 

  748. 	{
    749. 

  749. 		return Merchant::redirect($url);
    750. 

  750. 	}
    751. 

  751. 

  752. 	/**
    753. 

  753. 	 * Redirect the user's browser to a URL using a POST request.
    754. 

  754. 	 */
    755. 

  755. 	protected function post_redirect($url, $data, $message = NULL)
    756. 

  756. 	{
    757. 

  757. 		return Merchant::post_redirect($url, $data, $message);
    758. 

  758. 	}
    759. 

  759. }
    760. 

  760. 

  761. class Merchant_exception extends Exception {}
    762. 

  762. 

  763. class Merchant_response
    764. 

  764. {
    765. 

  765. 	const AUTHORIZED = 'authorized';
    766. 

  766. 	const COMPLETE = 'complete';
    767. 

  767. 	const FAILED = 'failed';
    768. 

  768. 	const REDIRECT = 'redirect';
    769. 

  769. 	const REFUNDED = 'refunded';
    770. 

  770. 

  771. 	protected $_status;
    772. 

  772. 	protected $_message;
    773. 

  773. 	protected $_reference;
    774. 

  774. 	protected $_data;
    775. 

  775. 	protected $_redirect_url;
    776. 

  776. 	protected $_redirect_method = 'GET';
    777. 

  777. 	protected $_redirect_message;
    778. 

  778. 	protected $_redirect_data;
    779. 

  779. 

  780. 	public function __construct($status, $message = NULL, $reference = NULL)
    781. 

  781. 	{
    782. 

  782. 		// support deprecated 'declined' status
    783. 

  783. 		if ($status == 'declined') $status = self::FAILED;
    784. 

  784. 

  785. 		// always require a valid status
    786. 

  786. 		if ( ! in_array($status, array(self::AUTHORIZED, self::COMPLETE, self::FAILED, self::REDIRECT, self::REFUNDED)))
    787. 

  787. 		{
    788. 

  788. 			throw new InvalidArgumentException(lang('merchant_invalid_status'));
    789. 

  789. 		}
    790. 

  790. 

  791. 		$this->_status = $status;
    792. 

  792. 		$this->_message = $message;
    793. 

  793. 		$this->_reference = $reference;
    794. 

  794. 	}
    795. 

  795. 

  796. 	/**
    797. 

  797. 	 * The response status.
    798. 

  798. 	 * One of self::AUTHORIZED, self::COMPLETE, self::FAILED, self::REDIRECT, or self::REFUNDED
    799. 

  799. 	 */
    800. 

  800. 	public function status()
    801. 

  801. 	{
    802. 

  802. 		return $this->_status;
    803. 

  803. 	}
    804. 

  804. 

  805. 	/**
    806. 

  806. 	 * Whether the request was successful.
    807. 

  807. 	 */
    808. 

  808. 	public function success()
    809. 

  809. 	{
    810. 

  810. 		return $this->_status !== self::FAILED;
    811. 

  811. 	}
    812. 

  812. 

  813. 	/**
    814. 

  814. 	 * A plain text message returned by the payment gateway.
    815. 

  815. 	 */
    816. 

  816. 	public function message()
    817. 

  817. 	{
    818. 

  818. 		return $this->_message;
    819. 

  819. 	}
    820. 

  820. 

  821. 	/**
    822. 

  822. 	 * A transaction reference generated by the payment gateway.
    823. 

  823. 	 */
    824. 

  824. 	public function reference()
    825. 

  825. 	{
    826. 

  826. 		return $this->_reference;
    827. 

  827. 	}
    828. 

  828. 

  829. 	/**
    830. 

  830. 	 * The raw response data returned by the payment gateway.
    831. 

  831. 	 */
    832. 

  832. 	public function data()
    833. 

  833. 	{
    834. 

  834. 		return $this->_data;
    835. 

  835. 	}
    836. 

  836. 

  837. 	/**
    838. 

  838. 	 * Does this response require a redirect?
    839. 

  839. 	 */
    840. 

  840. 	public function is_redirect()
    841. 

  841. 	{
    842. 

  842. 		return $this->_status === self::REDIRECT;
    843. 

  843. 	}
    844. 

  844. 

  845. 	/**
    846. 

  846. 	 * If this response requires a redirect, the URL which must be redirected to.
    847. 

  847. 	 */
    848. 

  848. 	public function redirect_url()
    849. 

  849. 	{
    850. 

  850. 		return $this->_redirect_url;
    851. 

  851. 	}
    852. 

  852. 

  853. 	/**
    854. 

  854. 	 * The HTTP redirect method required (either "GET" or "POST").
    855. 

  855. 	 */
    856. 

  856. 	public function redirect_method()
    857. 

  857. 	{
    858. 

  858. 		return $this->_redirect_method;
    859. 

  859. 	}
    860. 

  860. 

  861. 	/**
    862. 

  862. 	 * A message to display while redirecting using the POST method.
    863. 

  863. 	 */
    864. 

  864. 	public function redirect_message()
    865. 

  865. 	{
    866. 

  866. 		return $this->_redirect_message;
    867. 

  867. 	}
    868. 

  868. 

  869. 	/**
    870. 

  870. 	 * If this response requires a POST redirect, the HTTP form data which must be submitted.
    871. 

  871. 	 */
    872. 

  872. 	public function redirect_data()
    873. 

  873. 	{
    874. 

  874. 		return $this->_redirect_data;
    875. 

  875. 	}
    876. 

  876. 

  877. 	/**
    878. 

  878. 	 * Perform the required redirect. If no redirect is required, returns FALSE.
    879. 

  879. 	 */
    880. 

  880. 	public function redirect()
    881. 

  881. 	{
    882. 

  882. 		if ($this->is_redirect() == FALSE) return FALSE;
    883. 

  883. 

  884. 		if ('POST' == strtoupper($this->redirect_method()))
    885. 

  885. 		{
    886. 

  886. 			return Merchant::post_redirect($this->redirect_url(), $this->redirect_data(), $this->redirect_message());
    887. 

  887. 		}
    888. 

  888. 

  889. 		return Merchant::redirect($this->redirect_url());
    890. 

  890. 	}
    891. 

  891. }
    892. 

  892. 

  893. /* End of file ./libraries/merchant/merchant.php */
    894.