[civicrm-core.git] / CRM / Core / Payment / AuthorizeNetIPN.php

<?php
/*
 +--------------------------------------------------------------------+
 | CiviCRM version 5                                                  |
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC (c) 2004-2018                                |
 +--------------------------------------------------------------------+
 | This file is a part of CiviCRM.                                    |
 |                                                                    |
 | CiviCRM is free software; you can copy, modify, and distribute it  |
 | under the terms of the GNU Affero General Public License           |
 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
 |                                                                    |
 | CiviCRM is distributed in the hope that it will be useful, but     |
 | WITHOUT ANY WARRANTY; without even the implied warranty of         |
 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
 | See the GNU Affero General Public License for more details.        |
 |                                                                    |
 | You should have received a copy of the GNU Affero General Public   |
 | License and the CiviCRM Licensing Exception along                  |
 | with this program; if not, contact CiviCRM LLC                     |
 | at info[AT]civicrm[DOT]org. If you have questions about the        |
 | GNU Affero General Public License or the licensing of CiviCRM,     |
 | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
 +--------------------------------------------------------------------+
 */

/**
 *
 * @package CRM
 * @copyright CiviCRM LLC (c) 2004-2018
 */
class CRM_Core_Payment_AuthorizeNetIPN extends CRM_Core_Payment_BaseIPN {

  /**
   * Constructor function.
   *
   * @param array $inputData
   *   contents of HTTP REQUEST.
   *
   * @throws CRM_Core_Exception
   */
  public function __construct($inputData) {
    $this->setInputParameters($inputData);
    parent::__construct();
  }

  /**
   * @param string $component
   *
   * @return bool|void
   */
  public function main($component = 'contribute') {

    //we only get invoice num as a key player from payment gateway response.
    //for ARB we get x_subscription_id and x_subscription_paynum
    $x_subscription_id = $this->retrieve('x_subscription_id', 'String');
    $ids = $objects = $input = array();

    if ($x_subscription_id) {
      // Presence of the id means it is approved.
      $input['component'] = $component;

      // load post vars in $input
      $this->getInput($input, $ids);

      // load post ids in $ids
      $this->getIDs($ids, $input);

      // Attempt to get payment processor ID from URL
      if (!empty($this->_inputParameters['processor_id'])) {
        $paymentProcessorID = $this->_inputParameters['processor_id'];
      }
      else {
        // This is an unreliable method as there could be more than one instance.
        // Recommended approach is to use the civicrm/payment/ipn/xx url where xx is the payment
        // processor id & the handleNotification function (which should call the completetransaction api & by-pass this
        // entirely). The only thing the IPN class should really do is extract data from the request, validate it
        // & call completetransaction or call fail? (which may not exist yet).
        Civi::log()->warning('Unreliable method used to get payment_processor_id for AuthNet IPN - this will cause problems if you have more than one instance');
        $paymentProcessorTypeID = CRM_Core_DAO::getFieldValue('CRM_Financial_DAO_PaymentProcessorType',
          'AuthNet', 'id', 'name'
        );
        $paymentProcessorID = (int) civicrm_api3('PaymentProcessor', 'getvalue', array(
          'is_test' => 0,
          'options' => array('limit' => 1),
          'payment_processor_type_id' => $paymentProcessorTypeID,
           'return' => 'id',
        ));
      }

      if (!$this->validateData($input, $ids, $objects, TRUE, $paymentProcessorID)) {
        return FALSE;
      }
      if (!empty($ids['paymentProcessor']) && $objects['contributionRecur']->payment_processor_id != $ids['paymentProcessor']) {
        Civi::log()->warning('Payment Processor does not match the recurring processor id.', array('civi.tag' => 'deprecated'));
      }

      if ($component == 'contribute' && $ids['contributionRecur']) {
        // check if first contribution is completed, else complete first contribution
        $first = TRUE;
        if ($objects['contribution']->contribution_status_id == 1) {
          $first = FALSE;
        }
        return $this->recur($input, $ids, $objects, $first);
      }
    }
    return TRUE;
  }

  /**
   * @param array $input
   * @param array $ids
   * @param array $objects
   * @param $first
   *
   * @return bool
   */
  public function recur(&$input, &$ids, &$objects, $first) {
    $this->_isRecurring = TRUE;
    $recur = &$objects['contributionRecur'];
    $paymentProcessorObject = $objects['contribution']->_relatedObjects['paymentProcessor']['object'];

    // do a subscription check
    if ($recur->processor_id != $input['subscription_id']) {
      CRM_Core_Error::debug_log_message("Unrecognized subscription.");
      echo "Failure: Unrecognized subscription<p>";
      return FALSE;
    }

    $contributionStatus = CRM_Contribute_PseudoConstant::contributionStatus(NULL, 'name');

    $transaction = new CRM_Core_Transaction();

    $now = date('YmdHis');

    // fix dates that already exist
    $dates = array('create_date', 'start_date', 'end_date', 'cancel_date', 'modified_date');
    foreach ($dates as $name) {
      if ($recur->$name) {
        $recur->$name = CRM_Utils_Date::isoToMysql($recur->$name);
      }
    }

    //load new contribution object if required.
    if (!$first) {
      // create a contribution and then get it processed
      $contribution = new CRM_Contribute_BAO_Contribution();
      $contribution->contact_id = $ids['contact'];
      $contribution->financial_type_id = $objects['contributionType']->id;
      $contribution->contribution_page_id = $ids['contributionPage'];
      $contribution->contribution_recur_id = $ids['contributionRecur'];
      $contribution->receive_date = $input['receive_date'];
      $contribution->currency = $objects['contribution']->currency;
      $contribution->payment_instrument_id = $objects['contribution']->payment_instrument_id;
      $contribution->amount_level = $objects['contribution']->amount_level;
      $contribution->address_id = $objects['contribution']->address_id;
      $contribution->campaign_id = $objects['contribution']->campaign_id;
      $contribution->_relatedObjects = $objects['contribution']->_relatedObjects;

      $objects['contribution'] = &$contribution;
    }
    $objects['contribution']->invoice_id = md5(uniqid(rand(), TRUE));
    $objects['contribution']->total_amount = $input['amount'];
    $objects['contribution']->trxn_id = $input['trxn_id'];

    $this->checkMD5($paymentProcessorObject, $input);

    $isFirstOrLastRecurringPayment = FALSE;
    if ($input['response_code'] == 1) {
      // Approved
      if ($first) {
        $recur->start_date = $now;
        $recur->trxn_id = $recur->processor_id;
        $isFirstOrLastRecurringPayment = CRM_Core_Payment::RECURRING_PAYMENT_START;
      }
      $statusName = 'In Progress';
      if (($recur->installments > 0) &&
        ($input['subscription_paynum'] >= $recur->installments)
      ) {
        // this is the last payment
        $statusName = 'Completed';
        $recur->end_date = $now;
        $isFirstOrLastRecurringPayment = CRM_Core_Payment::RECURRING_PAYMENT_END;
      }
      $recur->modified_date = $now;
      $recur->contribution_status_id = array_search($statusName, $contributionStatus);
      $recur->save();
    }
    else {
      // Declined
      // failed status
      $recur->contribution_status_id = array_search('Failed', $contributionStatus);
      $recur->cancel_date = $now;
      $recur->save();

      $message = ts("Subscription payment failed - %1", array(1 => htmlspecialchars($input['response_reason_text'])));
      CRM_Core_Error::debug_log_message($message);

      // the recurring contribution has declined a payment or has failed
      // so we just fix the recurring contribution and not change any of
      // the existing contributions
      // CRM-9036
      return TRUE;
    }

    // check if contribution is already completed, if so we ignore this ipn
    if ($objects['contribution']->contribution_status_id == 1) {
      $transaction->commit();
      CRM_Core_Error::debug_log_message("Returning since contribution has already been handled.");
      echo "Success: Contribution has already been handled<p>";
      return TRUE;
    }

    $this->completeTransaction($input, $ids, $objects, $transaction, $recur);

    // Only Authorize.net does this so it is on the a.net class. If there is a need for other processors
    // to do this we should make it available via the api, e.g as a parameter, changing the nuance
    // from isSentReceipt to an array of which receipts to send.
    // Note that there is site-by-site opinions on which notifications are good to send.
    if ($isFirstOrLastRecurringPayment) {
      CRM_Contribute_BAO_ContributionRecur::sendRecurringStartOrEndNotification($ids, $recur,
        $isFirstOrLastRecurringPayment);
    }

  }

  /**
   * Get the input from passed in fields.
   *
   * @param array $input
   * @param array $ids
   *
   * @return bool
   */
  public function getInput(&$input, &$ids) {
    $input['amount'] = $this->retrieve('x_amount', 'String');
    $input['subscription_id'] = $this->retrieve('x_subscription_id', 'Integer');
    $input['response_code'] = $this->retrieve('x_response_code', 'Integer');
    $input['MD5_Hash'] = $this->retrieve('x_MD5_Hash', 'String', FALSE, '');
    $input['response_reason_code'] = $this->retrieve('x_response_reason_code', 'String', FALSE);
    $input['response_reason_text'] = $this->retrieve('x_response_reason_text', 'String', FALSE);
    $input['subscription_paynum'] = $this->retrieve('x_subscription_paynum', 'Integer', FALSE, 0);
    $input['trxn_id'] = $this->retrieve('x_trans_id', 'String', FALSE);
    $input['trxn_id'] = $this->retrieve('x_trans_id', 'String', FALSE);
    $input['receive_date'] = $this->retrieve('receive_date', 'String', FALSE, 'now');

    if ($input['trxn_id']) {
      $input['is_test'] = 0;
    }
    // Only assume trxn_id 'should' have been returned for success.
    // Per CRM-17611 it would also not be passed back for a decline.
    elseif ($input['response_code'] == 1) {
      $input['is_test'] = 1;
      $input['trxn_id'] = md5(uniqid(rand(), TRUE));
    }

    if (!$this->getBillingID($ids)) {
      return FALSE;
    }
    $billingID = $ids['billing'];
    $params = array(
      'first_name' => 'x_first_name',
      'last_name' => 'x_last_name',
      "street_address-{$billingID}" => 'x_address',
      "city-{$billingID}" => 'x_city',
      "state-{$billingID}" => 'x_state',
      "postal_code-{$billingID}" => 'x_zip',
      "country-{$billingID}" => 'x_country',
      "email-{$billingID}" => 'x_email',
    );
    foreach ($params as $civiName => $resName) {
      $input[$civiName] = $this->retrieve($resName, 'String', FALSE);
    }
  }

  /**
   * Get ids from input.
   *
   * @param array $ids
   * @param array $input
   *
   * @throws \CRM_Core_Exception
   */
  public function getIDs(&$ids, &$input) {
    $ids['contact'] = $this->retrieve('x_cust_id', 'Integer', FALSE, 0);
    $ids['contribution'] = $this->retrieve('x_invoice_num', 'Integer');

    // joining with contribution table for extra checks
    $sql = "
    SELECT cr.id, cr.contact_id
      FROM civicrm_contribution_recur cr
INNER JOIN civicrm_contribution co ON co.contribution_recur_id = cr.id
     WHERE cr.processor_id = '{$input['subscription_id']}' AND
           (cr.contact_id = {$ids['contact']} OR co.id = {$ids['contribution']})
     LIMIT 1";
    $contRecur = CRM_Core_DAO::executeQuery($sql);
    $contRecur->fetch();
    $ids['contributionRecur'] = $contRecur->id;
    if ($ids['contact'] != $contRecur->contact_id) {
      $message = ts("Recurring contribution appears to have been re-assigned from id %1 to %2, continuing with %2.", array(1 => $ids['contact'], 2 => $contRecur->contact_id));
      CRM_Core_Error::debug_log_message($message);
      $ids['contact'] = $contRecur->contact_id;
    }
    if (!$ids['contributionRecur']) {
      $message = ts("Could not find contributionRecur id");
      $log = new CRM_Utils_SystemLogger();
      $log->error('payment_notification', array('message' => $message, 'ids' => $ids, 'input' => $input));
      throw new CRM_Core_Exception($message);
    }

    // get page id based on contribution id
    $ids['contributionPage'] = CRM_Core_DAO::getFieldValue('CRM_Contribute_DAO_Contribution',
      $ids['contribution'],
      'contribution_page_id'
    );

    if ($input['component'] == 'event') {
      // FIXME: figure out fields for event
    }
    else {
      // Get membershipId. Join with membership payment table for additional checks
      $sql = "
    SELECT m.id
      FROM civicrm_membership m
INNER JOIN civicrm_membership_payment mp ON m.id = mp.membership_id AND mp.contribution_id = {$ids['contribution']}
     WHERE m.contribution_recur_id = {$ids['contributionRecur']}
     LIMIT 1";
      if ($membershipId = CRM_Core_DAO::singleValueQuery($sql)) {
        $ids['membership'] = $membershipId;
      }

      // FIXME: todo related_contact and onBehalfDupeAlert. Check paypalIPN.
    }
  }

  /**
   * @param string $name
   *   Parameter name.
   * @param string $type
   *   Parameter type.
   * @param bool $abort
   *   Abort if not present.
   * @param null $default
   *   Default value.
   *
   * @throws CRM_Core_Exception
   * @return mixed
   */
  public function retrieve($name, $type, $abort = TRUE, $default = NULL) {
    $value = CRM_Utils_Type::validate(
      empty($this->_inputParameters[$name]) ? $default : $this->_inputParameters[$name],
      $type,
      FALSE
    );
    if ($abort && $value === NULL) {
      throw new CRM_Core_Exception("Could not find an entry for $name");
    }
    return $value;
  }

  /**
   * Check and validate gateway MD5 response if present.
   *
   * @param CRM_Core_Payment_AuthorizeNet $paymentObject
   * @param array $input
   *
   * @throws CRM_Core_Exception
   */
  public function checkMD5($paymentObject, $input) {
    if (empty($input['trxn_id'])) {
      // For decline we have nothing to check against.
      return;
    }
    if (!$paymentObject->checkMD5($input['MD5_Hash'], $input['trxn_id'], $input['amount'], TRUE)) {
      $message = "Failure: Security verification failed";
      $log = new CRM_Utils_SystemLogger();
      $log->error('payment_notification', array('message' => $message, 'input' => $input));
      throw new CRM_Core_Exception($message);
    }
  }

}
Commit	Line	Data
6a488035 TO	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
fee14197	4	\| CiviCRM version 5 \|
6a488035	5	+--------------------------------------------------------------------+
8c9251b3	6	\| Copyright CiviCRM LLC (c) 2004-2018 \|
6a488035 TO	7	+--------------------------------------------------------------------+
	8	\| This file is a part of CiviCRM. \|
	9	\| \|
	10	\| CiviCRM is free software; you can copy, modify, and distribute it \|
	11	\| under the terms of the GNU Affero General Public License \|
	12	\| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. \|
	13	\| \|
	14	\| CiviCRM is distributed in the hope that it will be useful, but \|
	15	\| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	16	\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. \|
	17	\| See the GNU Affero General Public License for more details. \|
	18	\| \|
	19	\| You should have received a copy of the GNU Affero General Public \|
	20	\| License and the CiviCRM Licensing Exception along \|
	21	\| with this program; if not, contact CiviCRM LLC \|
	22	\| at info[AT]civicrm[DOT]org. If you have questions about the \|
	23	\| GNU Affero General Public License or the licensing of CiviCRM, \|
	24	\| see the CiviCRM license FAQ at http://civicrm.org/licensing \|
	25	+--------------------------------------------------------------------+
d25dd0ee	26	*/
6a488035 TO	27
	28	/**
	29	*
	30	* @package CRM
8c9251b3	31	* @copyright CiviCRM LLC (c) 2004-2018
6a488035 TO	32	*/
6a488035 TO	33	class CRM_Core_Payment_AuthorizeNetIPN extends CRM_Core_Payment_BaseIPN {
0dbefed3	34
b5c2afd0	35	/**
fe482240	36	* Constructor function.
0dbefed3	37	*
5a4f6742 CW	38	* @param array $inputData
5a4f6742 CW	39	* contents of HTTP REQUEST.
0dbefed3 EM	40	*
0dbefed3 EM	41	* @throws CRM_Core_Exception
b5c2afd0	42	*/
00be9182	43	public function __construct($inputData) {
0dbefed3	44	$this->setInputParameters($inputData);
6a488035 TO	45	parent::__construct();
	46	}
	47
6c786a9b EM	48	/**
	49	* @param string $component
	50	*
	51	* @return bool\|void
	52	*/
00be9182	53	public function main($component = 'contribute') {
6a488035 TO	54
	55	//we only get invoice num as a key player from payment gateway response.
	56	//for ARB we get x_subscription_id and x_subscription_paynum
0dbefed3	57	$x_subscription_id = $this->retrieve('x_subscription_id', 'String');
b6b59c64	58	$ids = $objects = $input = array();
6a488035 TO	59
6a488035 TO	60	if ($x_subscription_id) {
dbb0d30b	61	// Presence of the id means it is approved.
6a488035 TO	62	$input['component'] = $component;
	63
	64	// load post vars in $input
	65	$this->getInput($input, $ids);
	66
	67	// load post ids in $ids
	68	$this->getIDs($ids, $input);
	69
c5cf3602 JP	70	// Attempt to get payment processor ID from URL
	71	if (!empty($this->_inputParameters['processor_id'])) {
	72	$paymentProcessorID = $this->_inputParameters['processor_id'];
	73	}
	74	else {
	75	// This is an unreliable method as there could be more than one instance.
	76	// Recommended approach is to use the civicrm/payment/ipn/xx url where xx is the payment
	77	// processor id & the handleNotification function (which should call the completetransaction api & by-pass this
	78	// entirely). The only thing the IPN class should really do is extract data from the request, validate it
	79	// & call completetransaction or call fail? (which may not exist yet).
d2803851	80	Civi::log()->warning('Unreliable method used to get payment_processor_id for AuthNet IPN - this will cause problems if you have more than one instance');
c5cf3602 JP	81	$paymentProcessorTypeID = CRM_Core_DAO::getFieldValue('CRM_Financial_DAO_PaymentProcessorType',
	82	'AuthNet', 'id', 'name'
	83	);
	84	$paymentProcessorID = (int) civicrm_api3('PaymentProcessor', 'getvalue', array(
	85	'is_test' => 0,
	86	'options' => array('limit' => 1),
	87	'payment_processor_type_id' => $paymentProcessorTypeID,
	88	'return' => 'id',
	89	));
	90	}
6a488035 TO	91
	92	if (!$this->validateData($input, $ids, $objects, TRUE, $paymentProcessorID)) {
	93	return FALSE;
	94	}
f4aff12e JP	95	if (!empty($ids['paymentProcessor']) && $objects['contributionRecur']->payment_processor_id != $ids['paymentProcessor']) {
	96	Civi::log()->warning('Payment Processor does not match the recurring processor id.', array('civi.tag' => 'deprecated'));
	97	}
6a488035 TO	98
	99	if ($component == 'contribute' && $ids['contributionRecur']) {
	100	// check if first contribution is completed, else complete first contribution
	101	$first = TRUE;
	102	if ($objects['contribution']->contribution_status_id == 1) {
	103	$first = FALSE;
	104	}
	105	return $this->recur($input, $ids, $objects, $first);
	106	}
	107	}
0dbefed3	108	return TRUE;
6a488035 TO	109	}
6a488035 TO	110
6c786a9b	111	/**
7a6073fd EM	112	* @param array $input
7a6073fd EM	113	* @param array $ids
0dbefed3	114	* @param array $objects
6c786a9b	115	* @param $first
7a6073fd EM	116	*
7a6073fd EM	117	* @return bool
6c786a9b	118	*/
00be9182	119	public function recur(&$input, &$ids, &$objects, $first) {
937cf542	120	$this->_isRecurring = TRUE;
6a488035	121	$recur = &$objects['contributionRecur'];
d6944518	122	$paymentProcessorObject = $objects['contribution']->_relatedObjects['paymentProcessor']['object'];
6a488035 TO	123
	124	// do a subscription check
	125	if ($recur->processor_id != $input['subscription_id']) {
	126	CRM_Core_Error::debug_log_message("Unrecognized subscription.");
	127	echo "Failure: Unrecognized subscription<p>";
	128	return FALSE;
	129	}
	130
6a488035 TO	131	$contributionStatus = CRM_Contribute_PseudoConstant::contributionStatus(NULL, 'name');
	132
	133	$transaction = new CRM_Core_Transaction();
	134
	135	$now = date('YmdHis');
	136
	137	// fix dates that already exist
	138	$dates = array('create_date', 'start_date', 'end_date', 'cancel_date', 'modified_date');
	139	foreach ($dates as $name) {
	140	if ($recur->$name) {
	141	$recur->$name = CRM_Utils_Date::isoToMysql($recur->$name);
	142	}
	143	}
	144
	145	//load new contribution object if required.
	146	if (!$first) {
	147	// create a contribution and then get it processed
	148	$contribution = new CRM_Contribute_BAO_Contribution();
	149	$contribution->contact_id = $ids['contact'];
353ffa53	150	$contribution->financial_type_id = $objects['contributionType']->id;
6a488035 TO	151	$contribution->contribution_page_id = $ids['contributionPage'];
6a488035 TO	152	$contribution->contribution_recur_id = $ids['contributionRecur'];
4a1ba425	153	$contribution->receive_date = $input['receive_date'];
6a488035 TO	154	$contribution->currency = $objects['contribution']->currency;
	155	$contribution->payment_instrument_id = $objects['contribution']->payment_instrument_id;
	156	$contribution->amount_level = $objects['contribution']->amount_level;
	157	$contribution->address_id = $objects['contribution']->address_id;
94d1bc8d	158	$contribution->campaign_id = $objects['contribution']->campaign_id;
9bee639f	159	$contribution->_relatedObjects = $objects['contribution']->_relatedObjects;
94d1bc8d	160
6a488035 TO	161	$objects['contribution'] = &$contribution;
	162	}
	163	$objects['contribution']->invoice_id = md5(uniqid(rand(), TRUE));
	164	$objects['contribution']->total_amount = $input['amount'];
	165	$objects['contribution']->trxn_id = $input['trxn_id'];
	166
d6944518	167	$this->checkMD5($paymentProcessorObject, $input);
6a488035	168
4086637a	169	$isFirstOrLastRecurringPayment = FALSE;
6a488035 TO	170	if ($input['response_code'] == 1) {
	171	// Approved
	172	if ($first) {
	173	$recur->start_date = $now;
	174	$recur->trxn_id = $recur->processor_id;
4086637a	175	$isFirstOrLastRecurringPayment = CRM_Core_Payment::RECURRING_PAYMENT_START;
6a488035 TO	176	}
	177	$statusName = 'In Progress';
	178	if (($recur->installments > 0) &&
	179	($input['subscription_paynum'] >= $recur->installments)
	180	) {
	181	// this is the last payment
	182	$statusName = 'Completed';
	183	$recur->end_date = $now;
4086637a	184	$isFirstOrLastRecurringPayment = CRM_Core_Payment::RECURRING_PAYMENT_END;
6a488035 TO	185	}
	186	$recur->modified_date = $now;
	187	$recur->contribution_status_id = array_search($statusName, $contributionStatus);
	188	$recur->save();
	189	}
	190	else {
	191	// Declined
	192	// failed status
	193	$recur->contribution_status_id = array_search('Failed', $contributionStatus);
	194	$recur->cancel_date = $now;
	195	$recur->save();
	196
267353f4 CB	197	$message = ts("Subscription payment failed - %1", array(1 => htmlspecialchars($input['response_reason_text'])));
267353f4 CB	198	CRM_Core_Error::debug_log_message($message);
6a488035 TO	199
	200	// the recurring contribution has declined a payment or has failed
	201	// so we just fix the recurring contribution and not change any of
7a6073fd	202	// the existing contributions
6a488035 TO	203	// CRM-9036
	204	return TRUE;
	205	}
	206
	207	// check if contribution is already completed, if so we ignore this ipn
	208	if ($objects['contribution']->contribution_status_id == 1) {
	209	$transaction->commit();
267353f4	210	CRM_Core_Error::debug_log_message("Returning since contribution has already been handled.");
6a488035 TO	211	echo "Success: Contribution has already been handled<p>";
	212	return TRUE;
	213	}
	214
	215	$this->completeTransaction($input, $ids, $objects, $transaction, $recur);
4086637a	216
	217	// Only Authorize.net does this so it is on the a.net class. If there is a need for other processors
	218	// to do this we should make it available via the api, e.g as a parameter, changing the nuance
	219	// from isSentReceipt to an array of which receipts to send.
	220	// Note that there is site-by-site opinions on which notifications are good to send.
	221	if ($isFirstOrLastRecurringPayment) {
	222	CRM_Contribute_BAO_ContributionRecur::sendRecurringStartOrEndNotification($ids, $recur,
	223	$isFirstOrLastRecurringPayment);
	224	}
	225
6a488035 TO	226	}
6a488035 TO	227
6c786a9b	228	/**
dbb0d30b	229	* Get the input from passed in fields.
	230	*
	231	* @param array $input
	232	* @param array $ids
7a9ab499 EM	233	*
7a9ab499 EM	234	* @return bool
6c786a9b	235	*/
00be9182	236	public function getInput(&$input, &$ids) {
0dbefed3 EM	237	$input['amount'] = $this->retrieve('x_amount', 'String');
	238	$input['subscription_id'] = $this->retrieve('x_subscription_id', 'Integer');
	239	$input['response_code'] = $this->retrieve('x_response_code', 'Integer');
	240	$input['MD5_Hash'] = $this->retrieve('x_MD5_Hash', 'String', FALSE, '');
	241	$input['response_reason_code'] = $this->retrieve('x_response_reason_code', 'String', FALSE);
	242	$input['response_reason_text'] = $this->retrieve('x_response_reason_text', 'String', FALSE);
	243	$input['subscription_paynum'] = $this->retrieve('x_subscription_paynum', 'Integer', FALSE, 0);
	244	$input['trxn_id'] = $this->retrieve('x_trans_id', 'String', FALSE);
4a1ba425	245	$input['trxn_id'] = $this->retrieve('x_trans_id', 'String', FALSE);
4a1ba425	246	$input['receive_date'] = $this->retrieve('receive_date', 'String', FALSE, 'now');
0dbefed3	247
6a488035 TO	248	if ($input['trxn_id']) {
	249	$input['is_test'] = 0;
	250	}
5c6c7e76	251	// Only assume trxn_id 'should' have been returned for success.
	252	// Per CRM-17611 it would also not be passed back for a decline.
	253	elseif ($input['response_code'] == 1) {
6a488035 TO	254	$input['is_test'] = 1;
	255	$input['trxn_id'] = md5(uniqid(rand(), TRUE));
	256	}
	257
	258	if (!$this->getBillingID($ids)) {
	259	return FALSE;
	260	}
	261	$billingID = $ids['billing'];
	262	$params = array(
	263	'first_name' => 'x_first_name',
	264	'last_name' => 'x_last_name',
	265	"street_address-{$billingID}" => 'x_address',
	266	"city-{$billingID}" => 'x_city',
	267	"state-{$billingID}" => 'x_state',
	268	"postal_code-{$billingID}" => 'x_zip',
	269	"country-{$billingID}" => 'x_country',
	270	"email-{$billingID}" => 'x_email',
	271	);
	272	foreach ($params as $civiName => $resName) {
0dbefed3	273	$input[$civiName] = $this->retrieve($resName, 'String', FALSE);
6a488035 TO	274	}
	275	}
	276
6c786a9b	277	/**
dbb0d30b	278	* Get ids from input.
	279	*
	280	* @param array $ids
	281	* @param array $input
	282	*
	283	* @throws \CRM_Core_Exception
6c786a9b	284	*/
00be9182	285	public function getIDs(&$ids, &$input) {
0dbefed3 EM	286	$ids['contact'] = $this->retrieve('x_cust_id', 'Integer', FALSE, 0);
0dbefed3 EM	287	$ids['contribution'] = $this->retrieve('x_invoice_num', 'Integer');
6a488035 TO	288
	289	// joining with contribution table for extra checks
	290	$sql = "
	291	SELECT cr.id, cr.contact_id
	292	FROM civicrm_contribution_recur cr
	293	INNER JOIN civicrm_contribution co ON co.contribution_recur_id = cr.id
	294	WHERE cr.processor_id = '{$input['subscription_id']}' AND
	295	(cr.contact_id = {$ids['contact']} OR co.id = {$ids['contribution']})
	296	LIMIT 1";
	297	$contRecur = CRM_Core_DAO::executeQuery($sql);
	298	$contRecur->fetch();
	299	$ids['contributionRecur'] = $contRecur->id;
9b873358	300	if ($ids['contact'] != $contRecur->contact_id) {
267353f4 CB	301	$message = ts("Recurring contribution appears to have been re-assigned from id %1 to %2, continuing with %2.", array(1 => $ids['contact'], 2 => $contRecur->contact_id));
267353f4 CB	302	CRM_Core_Error::debug_log_message($message);
8753de39	303	$ids['contact'] = $contRecur->contact_id;
6a488035 TO	304	}
6a488035 TO	305	if (!$ids['contributionRecur']) {
4346da4b	306	$message = ts("Could not find contributionRecur id");
	307	$log = new CRM_Utils_SystemLogger();
	308	$log->error('payment_notification', array('message' => $message, 'ids' => $ids, 'input' => $input));
	309	throw new CRM_Core_Exception($message);
6a488035 TO	310	}
	311
	312	// get page id based on contribution id
	313	$ids['contributionPage'] = CRM_Core_DAO::getFieldValue('CRM_Contribute_DAO_Contribution',
	314	$ids['contribution'],
	315	'contribution_page_id'
	316	);
	317
	318	if ($input['component'] == 'event') {
	319	// FIXME: figure out fields for event
	320	}
	321	else {
6a488035 TO	322	// Get membershipId. Join with membership payment table for additional checks
	323	$sql = "
	324	SELECT m.id
	325	FROM civicrm_membership m
	326	INNER JOIN civicrm_membership_payment mp ON m.id = mp.membership_id AND mp.contribution_id = {$ids['contribution']}
	327	WHERE m.contribution_recur_id = {$ids['contributionRecur']}
	328	LIMIT 1";
	329	if ($membershipId = CRM_Core_DAO::singleValueQuery($sql)) {
	330	$ids['membership'] = $membershipId;
	331	}
	332
	333	// FIXME: todo related_contact and onBehalfDupeAlert. Check paypalIPN.
	334	}
	335	}
	336
6c786a9b	337	/**
6a0b768e TO	338	* @param string $name
	339	* Parameter name.
	340	* @param string $type
	341	* Parameter type.
	342	* @param bool $abort
	343	* Abort if not present.
	344	* @param null $default
	345	* Default value.
6c786a9b	346	*
0dbefed3	347	* @throws CRM_Core_Exception
6c786a9b EM	348	* @return mixed
6c786a9b EM	349	*/
00be9182	350	public function retrieve($name, $type, $abort = TRUE, $default = NULL) {
0dbefed3 EM	351	$value = CRM_Utils_Type::validate(
	352	empty($this->_inputParameters[$name]) ? $default : $this->_inputParameters[$name],
	353	$type,
	354	FALSE
6a488035 TO	355	);
6a488035 TO	356	if ($abort && $value === NULL) {
0dbefed3	357	throw new CRM_Core_Exception("Could not find an entry for $name");
6a488035 TO	358	}
6a488035 TO	359	return $value;
2aa397bc	360	}
6a488035	361
6c786a9b	362	/**
d6944518 EM	363	* Check and validate gateway MD5 response if present.
	364	*
	365	* @param CRM_Core_Payment_AuthorizeNet $paymentObject
	366	* @param array $input
6c786a9b	367	*
4346da4b	368	* @throws CRM_Core_Exception
6c786a9b	369	*/
d6944518	370	public function checkMD5($paymentObject, $input) {
5c6c7e76	371	if (empty($input['trxn_id'])) {
	372	// For decline we have nothing to check against.
	373	return;
	374	}
6a488035	375	if (!$paymentObject->checkMD5($input['MD5_Hash'], $input['trxn_id'], $input['amount'], TRUE)) {
4346da4b	376	$message = "Failure: Security verification failed";
4346da4b	377	$log = new CRM_Utils_SystemLogger();
11a1ad01	378	$log->error('payment_notification', array('message' => $message, 'input' => $input));
4346da4b	379	throw new CRM_Core_Exception($message);
6a488035	380	}
6a488035	381	}
96025800	382
6a488035	383	}