PageRenderTime 48ms CodeModel.GetById 22ms RepoModel.GetById 0ms app.codeStats 0ms

/wp-content/plugins/event-espresso.3.1.23.P/gateways/mwarrior/Mwarrior.php

https://bitbucket.org/anneivycat/ebcookhouse
PHP | 346 lines | 180 code | 49 blank | 117 comment | 26 complexity | 7e3ee927a9583716a1f872c7c27a2515 MD5 | raw file
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * Mwarrior Class
    4. 

  4.  *
    5. 

  5.  * @author 		Rajinesh Ravendran (rajinesh@merchantwarrior.com)
    6. 

  6.  * @package		Event Espresso Merchant Warrior Gateway
    7. 

  7.  * @category	Library
    8. 

  8.  */
    9. 

  9. 

  10. 

  11. class Mwarrior extends PaymentGateway{
    12. 

  12. 

  13. 	public $gateway_version = '1.0';
    14. 

  14. 

  15. 	public function __construct()
    16. 

  16. 	{
    17. 

  17.         parent::__construct();
    18. 

  18. 		// Some default values of the class
    19. 

  19. 		$this->gatewayUrl = 'https://secure.merchantwarrior.com';
    20. 

  20. 		$this->gatewayUrlQuery = 'https://api.merchantwarrior.com/post/';
    21. 

  21. 		$this->ipnLogFile = 'mwarrior.ipn_results.log';
    22. 

  22. 	}
    23. 

  23. 

  24.     /**
    25. 

  25.      * Enables the test mode
    26. 

  26.      *
    27. 

  27.      * @param none
    28. 

  28.      * @return none
    29. 

  29.      */
    30. 

  30.     public function enableTestMode()
    31. 

  31.     {
    32. 

  32.         $this->testMode = TRUE;
    33. 

  33.         $this->gatewayUrl = 'https://securetest.merchantwarrior.com';
    34. 

  34. 		$this->gatewayUrlQuery = 'https://base.merchantwarrior.com/post/';
    35. 

  35.     }
    36. 

  36. 

  37. 	/**
    38. 

  38.      * Set merchant id and passphrase
    39. 

  39.      *
    40. 

  40. 	 * @param string merchantID
    41. 

  41. 	 * @param string passphrase
    42. 

  42.      * @return void
    43. 

  43.      */
    44. 

  44.     public function setMerchantInfo($merchantID, $apikey, $passphrase)
    45. 

  45.     {
    46. 

  46. 		$this->merchantID = $merchantID;
    47. 

  47. 		$this->apikey = $apikey;
    48. 

  48. 		$this->passphrase = $passphrase;
    49. 

  49.     }
    50. 

  50. 

  51.     /**
    52. 

  52. 	 * Validate the IPN notification
    53. 

  53. 	 *
    54. 

  54. 	 * @param none
    55. 

  55. 	 * @return boolean
    56. 

  56. 	 */
    57. 

  57. 	public function validateIpn()
    58. 

  58. 	{
    59. 

  59. 		if (empty($_POST))
    60. 

  60. 		{
    61. 

  61. 			// Redirect
    62. 

  62. 			if(!empty($_REQUEST))
    63. 

  63. 			{
    64. 

  64. 				$this->response['status'] = (isset($_REQUEST['status']))? $_REQUEST['status'] : "N/A";
    65. 

  65. 				$this->response['responseData']['transactionID'] = (isset($_REQUEST['reference'])) ? $_REQUEST['reference'] : "N/A" ;
    66. 

  66. 				$this->response['responseData']['responseMessage'] = (isset($_REQUEST['error'])) ? $_REQUEST['error'] : "N/A";
    67. 

  67. 				$this->response['responseData']['hash'] = (isset($_REQUEST['hash'])) ? $_REQUEST['hash'] : "N/A";
    68. 

  68. 			}
    69. 

  69. 			$xml = "n/a";
    70. 

  70. 		}
    71. 

  71. 		else
    72. 

  72. 		{
    73. 

  73. 			// Get XML POST notification
    74. 

  74. 			$xml = file_get_contents('php://input', NULL, NULL, 0, 1024);
    75. 

  75. 			$this->response = $this->_parseResponse($xml);
    76. 

  76. 			$this->response['status'] = ($this->response['status'] == true) ? "approved" : "declined";
    77. 

  77. 		}
    78. 

  78. 

  79. 		$this->response['attendee_id'] = (isset($_REQUEST['id']))? $_REQUEST['id'] : 0;
    80. 

  80. 		$this->response['reg_id'] = espresso_registration_id($this->response['attendee_id']);
    81. 

  81. 

  82. 		if (isset($xml) && isset($this->response['status']) && $this->_calculateHash($this->response, 'redirect') == $this->response['responseData']['hash'])
    83. 

  83. 		{
    84. 

  84. 		 	// Valid IPN transaction.
    85. 

  85. 		 	$this->logResults(true);
    86. 

  86. 		 	return true;
    87. 

  87. 		}
    88. 

  88. 		else
    89. 

  89. 		{
    90. 

  90. 		 	$this->lastError = isset($this->response['error']) ?  $this->response['error'] : $this->response['responseData']['responseMessage'];
    91. 

  91. 			$this->logResults(false);
    92. 

  92. 			return false;
    93. 

  93. 		}
    94. 

  94. 	}
    95. 

  95. 

  96. 	/**
    97. 

  97.      * Method that parses response from Merchant Warrior
    98. 

  98.      *
    99. 

  99. 	 * @param string $result (XML)
    100. 

  100.      * @return array
    101. 

  101.      */
    102. 

  102.     public function _parseResponse($result)
    103. 

  103. 	{
    104. 

  104.         // Check for any result at all
    105. 

  105.         if ($result === false)
    106. 

  106. 		{
    107. 

  107.             return array('status' => false, 'error' => "Could not successfully communicate with Payment Processor.  Check the URL.", 'result' => $result);
    108. 

  108.         }
    109. 

  109. 

  110.         // Parse the XML
    111. 

  111.         $xml = simplexml_load_string($result);
    112. 

  112.         // Convert the result from a SimpleXMLObject into an array
    113. 

  113.         $xml = (array) $xml;
    114. 

  114. 

  115.         // Check for a valid response code
    116. 

  116.         if (!isset($xml['responseCode']) || strlen($xml['responseCode']) < 1)
    117. 

  117. 		{
    118. 

  118.             return array('status' => false, 'error' => "Payment Processor did not return a valid response.", 'result' => $result, 'responseData' => $xml);
    119. 

  119.         }
    120. 

  120. 

  121.         // Validate the response - the only successful code is 0
    122. 

  122.         $status = ((int) $xml['responseCode'] === 0) ? true : false;
    123. 

  123. 

  124.         // Set an error message if the transaction failed
    125. 

  125.         if ($status === false)
    126. 

  126. 		{
    127. 

  127.             return array('status' => false, 'error' => "Transaction Declined: {$xml['responseMessage']}.", 'result' => $result, 'responseData' => $xml);
    128. 

  128.         }
    129. 

  129. 

  130.         // Make the response a little more useable - there are a few fields that may or may not be present
    131. 

  131.         // depending on the different transaction types, so this handles them all generically.
    132. 

  132.         $response = array ( 'status' => $status,
    133. 

  133. 							'result' => $result,
    134. 

  134. 							'responseData' => $xml,
    135. 

  135. 							'transactionID' => (isset($xml['transactionID']) ? $xml['transactionID'] : null),
    136. 

  136. 							'authCode' => (isset($xml['authCode']) ? $xml['authCode'] : null));
    137. 

  137. 

  138.         return $response;
    139. 

  139.     }
    140. 

  140. 

  141. 	/**
    142. 

  142.      * Calculate verification hash for Merchant Warrior POST API
    143. 

  143.      *
    144. 

  144. 	 * @param array $postData
    145. 

  145. 	 * @param string $type
    146. 

  146.      * @return string
    147. 

  147.      */
    148. 

  148.     public function _calculateHash(array $postData = array(), $type = '')
    149. 

  149. 	{
    150. 

  150. 		if ($type == "redirect") // 302 Redirect
    151. 

  151. 		{
    152. 

  152. 			// Generate & return the hash
    153. 

  153. 			return md5(strtolower($this->passphrase . $this->_getHashSalt($this->response['reg_id']) . $this->merchantID . $postData['status'] . $postData['responseData']['transactionID']));
    154. 

  154. 		}
    155. 

  155. 		elseif ($type == "transaction")
    156. 

  156. 		{
    157. 

  157. 			// Generate & return the hash
    158. 

  158. 			return md5(strtolower($this->passphrase . $this->merchantID . $postData['transactionAmount'] . $postData['transactionCurrency']));
    159. 

  159. 		}
    160. 

  160. 		elseif ($type == "query")
    161. 

  161. 		{
    162. 

  162. 			// Generate & return the hash
    163. 

  163. 			return md5(strtolower($this->passphrase . $this->merchantID . $postData['transactionID']));
    164. 

  164. 		}
    165. 

  165. 		elseif ($type == "url")
    166. 

  166. 		{
    167. 

  167. 			// Check the amount param
    168. 

  168. 			if (!isset($postData['returnURL']) || !strlen($postData['returnURL'])) {
    169. 

  169. 				throw new Exception("Missing or blank return URL field in post array.");
    170. 

  170. 			}
    171. 

  171. 

  172. 			// Check the currency param
    173. 

  173. 			if (!isset($postData['notifyURL']) || !strlen($postData['notifyURL'])) {
    174. 

  174. 				throw new Exception("Missing or blank notify URL field in post array.");
    175. 

  175. 			}
    176. 

  176. 

  177. 			// Generate & return the hash
    178. 

  178. 			return md5(strtolower($this->passphrase . $this->merchantID . $postData['returnURL'] . $postData['notifyURL']));
    179. 

  179. 

  180. 		}
    181. 

  181.     }
    182. 

  182. 

  183. 	/**
    184. 

  184. 	 * Helper function which returns a random alphanumeric string
    185. 

  185. 	 * which can be used as the hash salt.
    186. 

  186. 	 *
    187. 

  187. 	 * @param int $length
    188. 

  188. 	 * @return string
    189. 

  189. 	 */
    190. 

  190. 	public function _generateHashSalt($length = 16)
    191. 

  191. 	{
    192. 

  192. 		$str = "";
    193. 

  193. 		$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
    194. 

  194. 

  195. 		for($i=0;$i<$length;$i++)
    196. 

  196. 		{
    197. 

  197. 			$str .= substr(str_shuffle($chars), 0, 1);
    198. 

  198. 		}
    199. 

  199. 

  200. 		return $str;
    201. 

  201. 	}
    202. 

  202. 

  203. 	/**
    204. 

  204. 	 * Helper function which returns the random alphanumeric string
    205. 

  205. 	 * which was be used to generate the hash salt from the db.
    206. 

  206. 	 *
    207. 

  207. 	 * @param string $reg_id
    208. 

  208. 	 * @return string
    209. 

  209. 	 */
    210. 

  210. 	public function _getHashSalt($reg_id = '')
    211. 

  211. 	{
    212. 

  212. 		global $wpdb;
    213. 

  213. 		$s = $wpdb->get_row("SELECT hashSalt FROM " . EVENTS_ATTENDEE_TABLE . " WHERE registration_id ='$reg_id' ORDER BY id LIMIT 1 ");
    214. 

  214. 

  215. 		return $s->hashSalt;
    216. 

  216. 	}
    217. 

  217. 

  218. 	/**
    219. 

  219. 	 * Helper function which temporarily stores the salt in the db
    220. 

  220. 	 *
    221. 

  221. 	 * @param string $salt
    222. 

  222. 	 * @param string $reg_id
    223. 

  223. 	 * @return
    224. 

  224. 	 */
    225. 

  225. 	public function _storeHashSalt($salt='', $reg_id = '')
    226. 

  226. 	{
    227. 

  227. 		global $wpdb;
    228. 

  228. 		$sql="UPDATE ". EVENTS_ATTENDEE_TABLE . " SET hashSalt = '$salt' WHERE registration_id ='$reg_id' ";
    229. 

  229. 		$result = $wpdb->query($sql);
    230. 

  230. 

  231. 		return $result;
    232. 

  232. 	}
    233. 

  233. 

  234. 	/**
    235. 

  235. 	 * Helper function which returns the transaction amount
    236. 

  236. 	 *
    237. 

  237. 	 * @param
    238. 

  238. 	 * @return string
    239. 

  239. 	 */
    240. 

  240. 	public function _getAmount($reg_id = '')
    241. 

  241. 	{
    242. 

  242. 		global $wpdb;
    243. 

  243. 

  244. 		/*
    245. 

  245. 		$reg_id = (isset($reg_id)) ? $reg_id : $this->response['reg_id'];
    246. 

  246. 		$s = $wpdb->get_row("SELECT attendee_session FROM " . EVENTS_ATTENDEE_TABLE . " WHERE registration_id='$reg_id' ORDER BY id LIMIT 1 ");
    247. 

  247. 		$old_session_id = $s->attendee_session;
    248. 

  248. 		$s = $wpdb->get_row("SELECT sum(amount_pd) as total FROM " . EVENTS_ATTENDEE_TABLE . " WHERE attendee_session = '$old_session_id'");
    249. 

  249. 		*/
    250. 

  250. 

  251. 		$reg_id = (isset($reg_id) && strlen($reg_id) > 0) ? $reg_id : $this->response['reg_id'];
    252. 

  252. 		$s = $wpdb->get_row("SELECT amount_pd as total FROM " . EVENTS_ATTENDEE_TABLE . " WHERE registration_id='$reg_id' ORDER BY id LIMIT 1 ");
    253. 

  253. 

  254. 		return $s->total;
    255. 

  255. 	}
    256. 

  256. 

  257. 	/**
    258. 

  258. 	 * Calls the MW queryCard method.
    259. 

  259. 	 *
    260. 

  260. 	 * @param string $transactionID
    261. 

  261. 	 * @return array
    262. 

  262. 	 */
    263. 

  263. 	public function queryCard($transactionID)
    264. 

  264. 	{
    265. 

  265. 		$url = $this->gatewayUrlQuery;
    266. 

  266. 

  267. 		// Setup all of the core, non-optional fields
    268. 

  268. 		$data = array('method'				=> 'queryCard',
    269. 

  269. 					  'merchantUUID'		=> $this->merchantID,
    270. 

  270. 					  'apiKey'				=> $this->apikey,
    271. 

  271. 					  'transactionID'		=> $transactionID);
    272. 

  272. 

  273. 		// Create the hash
    274. 

  274. 		$data['hash'] = $this->_calculateHash($data, 'query');
    275. 

  275. 

  276. 		$result = $this->_doCurl($url, $data);
    277. 

  277. 

  278. 		$resp = $this->_parseResponse($result['data']);
    279. 

  279. 

  280. 		return $resp['responseData'];
    281. 

  281. 	}
    282. 

  282. 

  283. 	/**
    284. 

  284.      * Send request to Merchant Warrior via CURL
    285. 

  285.      *
    286. 

  286. 	 * @param string $url
    287. 

  287. 	 * @param array $data
    288. 

  288. 	 * @param array $options
    289. 

  289.      * @return string
    290. 

  290.      */
    291. 

  291.     public function _doCurl($url = null, $data = array(), array $options = array())
    292. 

  292. 	{
    293. 

  293. 		if (function_exists("curl_init") == true)
    294. 

  294. 		{
    295. 

  295. 			$result = array();
    296. 

  296. 

  297. 			// Default CURL options (these can be overwritten via $options)
    298. 

  298. 			$baseOptions = array(CURLOPT_HEADER => false,
    299. 

  299. 				CURLOPT_RETURNTRANSFER => true,
    300. 

  300. 				CURLOPT_SSL_VERIFYPEER => false,
    301. 

  301. 				CURLOPT_FORBID_REUSE => true,
    302. 

  302. 				CURLOPT_FRESH_CONNECT => true,
    303. 

  303. 				CURLOPT_TIMEOUT => 60,
    304. 

  304. 				CURLOPT_CONNECTTIMEOUT => 30,
    305. 

  305. 				CURLOPT_POST => true);
    306. 

  306. 

  307. 			if (!isset($url) || strlen($url) < 1) {
    308. 

  308. 				return false;
    309. 

  309. 			}
    310. 

  310. 

  311. 			// Instante a cURL object
    312. 

  312. 			$curlHandle = curl_init($url);
    313. 

  313. 

  314. 			// Note - do NOT just pass an array to POSTFIELDS - that will make the form
    315. 

  315. 			// get sent as multipart/form-data instead of application/x-www-form-urlencoded
    316. 

  316. 			$options[CURLOPT_POSTFIELDS] = is_array($data) ? http_build_query($data, '', '&') : $data;
    317. 

  317. 

  318. 			// Assign any options passed into the function
    319. 

  319. 			// This will overwrite any defaults if the setting
    320. 

  320. 			// has been passed in - yes, just like array_merge
    321. 

  321. 			foreach ($options AS $key => $value) {
    322. 

  322. 				$baseOptions[$key] = $value;
    323. 

  323. 			}
    324. 

  324. 

  325. 			// Assign the options to the curl object
    326. 

  326. 			foreach ($baseOptions AS $optKey => $optVal) {
    327. 

  327. 				curl_setopt($curlHandle, $optKey, $optVal);
    328. 

  328. 			}
    329. 

  329. 

  330. 			// Execute the request
    331. 

  331. 			$result['data'] = curl_exec($curlHandle);
    332. 

  332. 

  333. 			// Fetch a bunch of useful data - just in case
    334. 

  334. 			$result['code'] = curl_getinfo($curlHandle, CURLINFO_HTTP_CODE);
    335. 

  335. 			$result['info'] = curl_getinfo($curlHandle);
    336. 

  336. 			$result['err'] = curl_error($curlHandle);
    337. 

  337. 			$result['errno'] = curl_errno($curlHandle);
    338. 

  338. 

  339. 			// Cleanup after ourselves and close the connection
    340. 

  340. 			curl_close($curlHandle);
    341. 

  341. 

  342. 			return $result;
    343. 

  343. 		}
    344. 

  344.     }
    345. 

  345. 

  346. }
    347. 

  347.