PageRenderTime 114ms CodeModel.GetById 51ms app.highlight 15ms RepoModel.GetById 45ms app.codeStats 0ms

/catalog/controller/payment/sagepay.php

https://bitbucket.org/jjasko/opencart_serbian
PHP | 257 lines | 193 code | 64 blank | 0 comment | 42 complexity | edced3a34a007e9762af9d07bca3471a MD5 | raw file
  1<?php
  2class ControllerPaymentSagepay extends Controller {
  3	protected function index() {
  4		$this->language->load('payment/sagepay');
  5		
  6		$this->data['button_confirm'] = $this->language->get('button_confirm');
  7		
  8		if ($this->config->get('sagepay_test') == 'live') {
  9    		$this->data['action'] = 'https://live.sagepay.com/gateway/service/vspform-register.vsp';
 10		} elseif ($this->config->get('sagepay_test') == 'test') {
 11			$this->data['action'] = 'https://test.sagepay.com/gateway/service/vspform-register.vsp';		
 12		} elseif ($this->config->get('sagepay_test') == 'sim') {
 13    		$this->data['action'] = 'https://test.sagepay.com/simulator/vspformgateway.asp';
 14  		} 
 15		
 16		$vendor = $this->config->get('sagepay_vendor');
 17		$password = $this->config->get('sagepay_password');		
 18		
 19		$this->load->model('checkout/order');
 20		
 21		$order_info = $this->model_checkout_order->getOrder($this->session->data['order_id']);
 22		
 23		$data = array();
 24		
 25		$data['VendorTxCode'] = $this->session->data['order_id'];
 26		$data['ReferrerID'] = 'E511AF91-E4A0-42DE-80B0-09C981A3FB61';
 27		$data['Amount'] = $this->currency->format($order_info['total'], $order_info['currency_code'], $order_info['currency_value'], false);
 28		$data['Currency'] = $order_info['currency_code'];
 29		$data['Description'] = sprintf($this->language->get('text_description'), date($this->language->get('date_format_short')), $this->session->data['order_id']);
 30		$data['SuccessURL'] = str_replace('&amp;', '&', $this->url->link('payment/sagepay/success', 'order_id=' . $this->session->data['order_id']));
 31		$data['FailureURL'] = str_replace('&amp;', '&', $this->url->link('checkout/checkout', '', 'SSL'));
 32		
 33		$data['CustomerName'] = html_entity_decode($order_info['payment_firstname'] . ' ' . $order_info['payment_lastname'], ENT_QUOTES, 'UTF-8');
 34		$data['SendEMail'] = '1';
 35		$data['CustomerEMail'] = $order_info['email'];
 36		$data['VendorEMail'] = $this->config->get('config_email');  
 37		
 38		$data['BillingFirstnames'] = $order_info['payment_firstname'];
 39        $data['BillingSurname'] = $order_info['payment_lastname'];
 40        $data['BillingAddress1'] = $order_info['payment_address_1'];
 41		
 42		if ($order_info['payment_address_2']) {
 43        	$data['BillingAddress2'] = $order_info['payment_address_2'];
 44		}
 45		
 46		$data['BillingCity'] = $order_info['payment_city'];
 47       	$data['BillingPostCode'] = $order_info['payment_postcode'];	
 48        $data['BillingCountry'] = $order_info['payment_iso_code_2'];
 49		
 50		if ($order_info['payment_iso_code_2'] == 'US') {
 51			$data['BillingState'] = $order_info['payment_zone_code'];
 52		}
 53		
 54		$data['BillingPhone'] = $order_info['telephone'];
 55		
 56		if ($this->cart->hasShipping()) {
 57			$data['DeliveryFirstnames'] = $order_info['shipping_firstname'];
 58        	$data['DeliverySurname'] = $order_info['shipping_lastname'];
 59        	$data['DeliveryAddress1'] = $order_info['shipping_address_1'];
 60		
 61			if ($order_info['shipping_address_2']) {
 62        		$data['DeliveryAddress2'] = $order_info['shipping_address_2'];
 63			}
 64		
 65        	$data['DeliveryCity'] = $order_info['shipping_city'];
 66        	$data['DeliveryPostCode'] = $order_info['shipping_postcode'];
 67        	$data['DeliveryCountry'] = $order_info['shipping_iso_code_2'];
 68		
 69			if ($order_info['shipping_iso_code_2'] == 'US') {
 70				$data['DeliveryState'] = $order_info['shipping_zone_code'];
 71			}
 72		
 73			$data['DeliveryPhone'] = $order_info['telephone'];
 74		} else {
 75			$data['DeliveryFirstnames'] = $order_info['payment_firstname'];
 76        	$data['DeliverySurname'] = $order_info['payment_lastname'];
 77        	$data['DeliveryAddress1'] = $order_info['payment_address_1'];
 78		
 79			if ($order_info['payment_address_2']) {
 80        		$data['DeliveryAddress2'] = $order_info['payment_address_2'];
 81			}
 82		
 83        	$data['DeliveryCity'] = $order_info['payment_city'];
 84        	$data['DeliveryPostCode'] = $order_info['payment_postcode'];
 85        	$data['DeliveryCountry'] = $order_info['payment_iso_code_2'];
 86		
 87			if ($order_info['payment_iso_code_2'] == 'US') {
 88				$data['DeliveryState'] = $order_info['payment_zone_code'];
 89			}
 90		
 91			$data['DeliveryPhone'] = $order_info['telephone'];			
 92		}
 93		
 94		$data['AllowGiftAid'] = '0';
 95		
 96		if (!$this->config->get('sagepay_transaction')) {
 97			$data['ApplyAVSCV2'] = '0';
 98		}
 99		
100 		$data['Apply3DSecure'] = '0';
101		
102		$this->data['transaction'] = $this->config->get('sagepay_transaction');
103		$this->data['vendor'] = $vendor;
104		
105		$crypt_data = array();
106   
107		foreach($data as $key => $value){
108   			$crypt_data[] = $key . '=' . $value;
109		}
110
111		$this->data['crypt'] = base64_encode($this->simpleXor(implode('&', $crypt_data), $password));
112		
113		if (file_exists(DIR_TEMPLATE . $this->config->get('config_template') . '/template/payment/sagepay.tpl')) {
114			$this->template = $this->config->get('config_template') . '/template/payment/sagepay.tpl';
115		} else {
116			$this->template = 'default/template/payment/sagepay.tpl';
117		}	
118		
119		$this->render();		
120	}
121	
122	public function success() {
123		if (isset($this->request->get['crypt'])) {
124			$string = base64_decode(str_replace(' ', '+', $this->request->get['crypt']));
125			$password = $this->config->get('sagepay_password');	
126
127			$output = $this->simpleXor($string, $password);
128			
129			$data = $this->getToken($output);
130		
131			if ($data && is_array($data)) {
132				$this->load->model('checkout/order');
133		
134				$this->model_checkout_order->confirm($this->request->get['order_id'], $this->config->get('config_order_status_id'));
135
136				$message = '';
137		
138				if (isset($data['VPSTxId'])) { 
139					$message .= 'VPSTxId: ' . $data['VPSTxId'] . "\n";
140				}
141
142				if (isset($data['TxAuthNo'])) {
143					$message .= 'TxAuthNo: ' . $data['TxAuthNo'] . "\n";
144				}
145
146				if (isset($data['AVSCV2'])) {
147					$message .= 'AVSCV2: ' . $data['AVSCV2'] . "\n";
148				}
149
150				if (isset($data['AddressResult'])) {
151					$message .= 'AddressResult: ' . $data['AddressResult'] . "\n";
152				}
153				
154				if (isset($data['PostCodeResult'])) {
155					$message .= 'PostCodeResult: ' . $data['PostCodeResult'] . "\n";
156				}
157				
158				if (isset($data['CV2Result'])) {
159					$message .= 'CV2Result: ' . $data['CV2Result'] . "\n";
160				}
161
162				if (isset($data['3DSecureStatus'])) {
163					$message .= '3DSecureStatus: ' . $data['3DSecureStatus'] . "\n";
164				}
165
166				if (isset($data['CAVV'])) {
167					$message .= 'CAVV: ' . $data['CAVV'] . "\n";
168				}
169				
170				if (isset($data['CardType'])) {
171					$message .= 'CardType: ' . $data['CardType'] . "\n";
172				}
173				
174				if (isset($data['Last4Digits'])) {
175					$message .= 'Last4Digits: ' . $data['Last4Digits'] . "\n";
176				}
177				
178				if ($data['Status'] == 'OK') {
179					$this->model_checkout_order->update($this->request->get['order_id'], $this->config->get('sagepay_order_status_id'), $message, false);
180				} else {
181					$this->model_checkout_order->update($this->request->get['order_id'], $this->config->get('config_order_status_id'), $message, false);
182				}
183				
184				$this->redirect($this->url->link('checkout/success'));
185			}
186		}
187	}	 
188	
189	private function simpleXor($string, $password) {
190		$data = array();
191
192		for ($i = 0; $i < utf8_strlen($password); $i++) {
193			$data[$i] = ord(substr($password, $i, 1));
194		}
195
196		$output = '';
197
198		for ($i = 0; $i < utf8_strlen($string); $i++) {
199    		$output .= chr(ord(substr($string, $i, 1)) ^ ($data[$i % utf8_strlen($password)]));
200		}
201
202		return $output;		
203	}
204	
205	private function getToken($string) {
206  		$tokens = array(
207   			'Status',
208    		'StatusDetail',
209    		'VendorTxCode',
210   			'VPSTxId',
211    		'TxAuthNo',
212    		'Amount',
213   			'AVSCV2', 
214    		'AddressResult', 
215    		'PostCodeResult', 
216    		'CV2Result', 
217    		'GiftAid', 
218    		'3DSecureStatus', 
219    		'CAVV',
220			'AddressStatus',
221			'CardType',
222			'Last4Digits',
223			'PayerStatus',
224			'CardType'
225		);		
226		
227  		$output = array();
228		$data = array();
229  
230  		for ($i = count($tokens) - 1; $i >= 0; $i--){
231    		$start = strpos($string, $tokens[$i]);
232    		
233			if ($start){
234     			$data[$i]['start'] = $start;
235     			$data[$i]['token'] = $tokens[$i];
236			}
237		}
238  
239		sort($data);
240		
241		for ($i = 0; $i < count($data); $i++){
242			$start = $data[$i]['start'] + strlen($data[$i]['token']) + 1;
243
244			if ($i == (count($data) - 1)) {
245				$output[$data[$i]['token']] = substr($string, $start);
246			} else {
247				$length = $data[$i+1]['start'] - $data[$i]['start'] - strlen($data[$i]['token']) - 2;
248				
249				$output[$data[$i]['token']] = substr($string, $start, $length);
250			}      
251
252		}
253  
254		return $output;
255	}	
256}
257?>