Commit | Line | Data |
---|---|---|
6a488035 TO |
1 | <?php |
2 | /* | |
3 | +----------------------------------------------------------------------------+ | |
fee14197 | 4 | | Elavon (Nova) Virtual Merchant Core Payment Module for CiviCRM version 5 | |
6a488035 TO |
5 | +----------------------------------------------------------------------------+ |
6 | | Licensed to CiviCRM under the Academic Free License version 3.0 | | |
7 | | | | |
8 | | Written & Contributed by Eileen McNaughton - Nov March 2008 | | |
9 | +----------------------------------------------------------------------------+ | |
e70a7fc0 | 10 | */ |
6a488035 | 11 | |
cfaee245 | 12 | use Civi\Payment\Exception\PaymentProcessorException; |
13 | ||
6a488035 | 14 | /** |
353ffa53 TO |
15 | * ----------------------------------------------------------------------------------------------- |
16 | * The basic functionality of this processor is that variables from the $params object are transformed | |
17 | * into xml. The xml is submitted to the processor's https site | |
18 | * using curl and the response is translated back into an array using the processor's function. | |
19 | * | |
20 | * If an array ($params) is returned to the calling function the values from | |
21 | * the array are merged into the calling functions array. | |
22 | * | |
23 | * If an result of class error is returned it is treated as a failure. No error denotes a success. Be | |
24 | * WARY of this when coding | |
25 | * | |
26 | * ----------------------------------------------------------------------------------------------- | |
d5cc0fc2 | 27 | */ |
6a488035 | 28 | class CRM_Core_Payment_Elavon extends CRM_Core_Payment { |
6a488035 | 29 | |
46043255 | 30 | /** |
fe482240 | 31 | * Constructor. |
6a488035 | 32 | * |
6a0b768e TO |
33 | * @param string $mode |
34 | * The mode of operation: live or test. | |
6a488035 | 35 | * |
cfaee245 | 36 | * @param array $paymentProcessor |
77b97be7 | 37 | */ |
00be9182 | 38 | public function __construct($mode, &$paymentProcessor) { |
6a488035 TO |
39 | // live or test |
40 | $this->_mode = $mode; | |
41 | $this->_paymentProcessor = $paymentProcessor; | |
6a488035 TO |
42 | } |
43 | ||
46043255 | 44 | /** |
cfaee245 | 45 | * Map fields to parameters. |
46 | * | |
6a488035 TO |
47 | * This function is set up and put here to make the mapping of fields |
48 | * from the params object as visually clear as possible for easy editing | |
49 | * | |
cfaee245 | 50 | * @param array $params |
51 | * | |
46043255 CW |
52 | * @return array |
53 | */ | |
00be9182 | 54 | public function mapProcessorFieldstoParams($params) { |
6a488035 | 55 | $requestFields['ssl_first_name'] = $params['billing_first_name']; |
6a488035 TO |
56 | $requestFields['ssl_last_name'] = $params['billing_last_name']; |
57 | // contact name | |
58 | $requestFields['ssl_ship_to_first_name'] = $params['first_name']; | |
59 | // contact name | |
60 | $requestFields['ssl_ship_to_last_name'] = $params['last_name']; | |
61 | $requestFields['ssl_card_number'] = $params['credit_card_number']; | |
b3dd98a5 | 62 | $requestFields['ssl_amount'] = trim($params['amount']); |
fe7f4414 | 63 | $requestFields['ssl_exp_date'] = sprintf('%02d', (int) $params['month']) . substr($params['year'], 2, 2); |
6a488035 TO |
64 | $requestFields['ssl_cvv2cvc2'] = $params['cvv2']; |
65 | // CVV field passed to processor | |
66 | $requestFields['ssl_cvv2cvc2_indicator'] = "1"; | |
67 | $requestFields['ssl_avs_address'] = $params['street_address']; | |
68 | $requestFields['ssl_city'] = $params['city']; | |
69 | $requestFields['ssl_state'] = $params['state_province']; | |
70 | $requestFields['ssl_avs_zip'] = $params['postal_code']; | |
71 | $requestFields['ssl_country'] = $params['country']; | |
72 | $requestFields['ssl_email'] = $params['email']; | |
73 | // 32 character string | |
74 | $requestFields['ssl_invoice_number'] = $params['invoiceID']; | |
75 | $requestFields['ssl_transaction_type'] = "CCSALE"; | |
ceb10dc7 | 76 | $requestFields['ssl_description'] = empty($params['description']) ? "backoffice payment" : $params['description']; |
6a488035 | 77 | $requestFields['ssl_customer_number'] = substr($params['credit_card_number'], -4); |
b3dd98a5 DL |
78 | // Added two lines below to allow commercial cards to go through as per page 15 of Elavon developer guide |
79 | $requestFields['ssl_customer_code'] = '1111'; | |
80 | $requestFields['ssl_salestax'] = 0.0; | |
6a488035 TO |
81 | return $requestFields; |
82 | } | |
83 | ||
46043255 | 84 | /** |
cfaee245 | 85 | * This function sends request and receives response from the processor. |
86 | * | |
e7dc92b8 MW |
87 | * @param array|PropertyBag $params |
88 | * | |
89 | * @param string $component | |
cfaee245 | 90 | * |
91 | * @return array | |
e7dc92b8 | 92 | * Result array (containing at least the key payment_status_id) |
cfaee245 | 93 | * |
e7dc92b8 | 94 | * @throws \Civi\Payment\Exception\PaymentProcessorException |
46043255 | 95 | */ |
e7dc92b8 MW |
96 | public function doPayment(&$params, $component = 'contribute') { |
97 | $propertyBag = \Civi\Payment\PropertyBag::cast($params); | |
98 | $this->_component = $component; | |
99 | $statuses = CRM_Contribute_BAO_Contribution::buildOptions('contribution_status_id', 'validate'); | |
100 | ||
101 | // If we have a $0 amount, skip call to processor and set payment_status to Completed. | |
102 | // Conceivably a processor might override this - perhaps for setting up a token - but we don't | |
103 | // have an example of that at the moment. | |
104 | if ($propertyBag->getAmount() == 0) { | |
105 | $result['payment_status_id'] = array_search('Completed', $statuses); | |
106 | $result['payment_status'] = 'Completed'; | |
107 | return $result; | |
108 | } | |
109 | ||
b3dd98a5 | 110 | if (isset($params['is_recur']) && $params['is_recur'] == TRUE) { |
2d296f18 | 111 | throw new CRM_Core_Exception(ts('Elavon - recurring payments not implemented')); |
6a488035 TO |
112 | } |
113 | ||
114 | if (!defined('CURLOPT_SSLCERT')) { | |
2d296f18 | 115 | throw new CRM_Core_Exception(ts('Elavon / Nova Virtual Merchant Gateway requires curl with SSL support')); |
6a488035 TO |
116 | } |
117 | ||
46043255 CW |
118 | //Create the array of variables to be sent to the processor from the $params array |
119 | // passed into this function | |
cfaee245 | 120 | $requestFields = $this->mapProcessorFieldstoParams($params); |
6a488035 | 121 | |
46043255 | 122 | // define variables for connecting with the gateway |
6a488035 | 123 | $requestFields['ssl_merchant_id'] = $this->_paymentProcessor['user_name']; |
9c1bc317 CW |
124 | $requestFields['ssl_user_id'] = $this->_paymentProcessor['password'] ?? NULL; |
125 | $requestFields['ssl_pin'] = $this->_paymentProcessor['signature'] ?? NULL; | |
6a488035 TO |
126 | $host = $this->_paymentProcessor['url_site']; |
127 | ||
cfaee245 | 128 | if ($this->_mode === 'test') { |
6a488035 TO |
129 | $requestFields['ssl_test_mode'] = "TRUE"; |
130 | } | |
131 | ||
132 | // Allow further manipulation of the arguments via custom hooks .. | |
133 | CRM_Utils_Hook::alterPaymentProcessorParams($this, $params, $requestFields); | |
134 | ||
46043255 | 135 | // Check to see if we have a duplicate before we send |
d253aeb8 | 136 | if ($this->checkDupe($params['invoiceID'], CRM_Utils_Array::value('contributionID', $params))) { |
cfaee245 | 137 | throw new PaymentProcessorException('It appears that this transaction is a duplicate. Have you already submitted the form once? If so there may have been a connection problem. Check your email for a receipt. If you do not receive a receipt within 2 hours you can try your transaction again. If you continue to have problems please contact the site administrator.', 9003); |
6a488035 TO |
138 | } |
139 | ||
46043255 | 140 | // Convert to XML using function below |
cfaee245 | 141 | $xml = $this->buildXML($requestFields); |
6a488035 | 142 | |
46043255 | 143 | // Send to the payment processor using cURL |
6a488035 TO |
144 | |
145 | $chHost = $host . '?xmldata=' . $xml; | |
146 | ||
147 | $ch = curl_init($chHost); | |
148 | if (!$ch) { | |
cfaee245 | 149 | throw new PaymentProcessorException('Could not initiate connection to payment gateway', 9004); |
6a488035 TO |
150 | } |
151 | ||
aaffa79f | 152 | curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, Civi::settings()->get('verifySSL') ? 2 : 0); |
153 | curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, Civi::settings()->get('verifySSL')); | |
6a488035 TO |
154 | // return the result on success, FALSE on failure |
155 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); | |
156 | curl_setopt($ch, CURLOPT_TIMEOUT, 36000); | |
157 | // set this for debugging -look for output in apache error log | |
158 | //curl_setopt ($ch,CURLOPT_VERBOSE,1 ); | |
159 | // ensures any Location headers are followed | |
4d03ddb9 | 160 | if (ini_get('open_basedir') == '') { |
439b9688 LS |
161 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); |
162 | } | |
6a488035 | 163 | |
46043255 | 164 | // Send the data out over the wire |
6a488035 TO |
165 | $responseData = curl_exec($ch); |
166 | ||
46043255 CW |
167 | // See if we had a curl error - if so tell 'em and bail out |
168 | // NOTE: curl_error does not return a logical value (see its documentation), but | |
169 | // a string, which is empty when there was no error. | |
6a488035 TO |
170 | if ((curl_errno($ch) > 0) || (strlen(curl_error($ch)) > 0)) { |
171 | curl_close($ch); | |
172 | $errorNum = curl_errno($ch); | |
173 | $errorDesc = curl_error($ch); | |
174 | ||
175 | // Paranoia - in the unlikley event that 'curl' errno fails | |
2aa397bc TO |
176 | if ($errorNum == 0) { |
177 | $errorNum = 9005; | |
178 | } | |
6a488035 TO |
179 | |
180 | // Paranoia - in the unlikley event that 'curl' error fails | |
2aa397bc | 181 | if (strlen($errorDesc) == 0) { |
cfaee245 | 182 | $errorDesc = 'Connection to payment gateway failed'; |
2aa397bc | 183 | } |
cfaee245 | 184 | throw new PaymentProcessorException('Curl error - ' . $errorDesc . ' Try this link for more information http://curl.haxx.se/docs/sslcerts.html', $errorNum); |
6a488035 TO |
185 | } |
186 | ||
46043255 CW |
187 | // If null data returned - tell 'em and bail out |
188 | // NOTE: You will not necessarily get a string back, if the request failed for | |
189 | // any reason, the return value will be the boolean false. | |
6a488035 TO |
190 | if (($responseData === FALSE) || (strlen($responseData) == 0)) { |
191 | curl_close($ch); | |
cfaee245 | 192 | throw new PaymentProcessorException('Error: Connection to payment gateway failed - no data returned.', 9006); |
6a488035 TO |
193 | } |
194 | ||
46043255 | 195 | // If gateway returned no data - tell 'em and bail out |
6a488035 TO |
196 | if (empty($responseData)) { |
197 | curl_close($ch); | |
cfaee245 | 198 | throw new PaymentProcessorException('Error: No data returned from payment gateway.', 9007); |
6a488035 TO |
199 | } |
200 | ||
46043255 | 201 | // Success so far - close the curl and check the data |
6a488035 TO |
202 | curl_close($ch); |
203 | ||
46043255 | 204 | // Payment successfully sent to gateway - process the response now |
6a488035 | 205 | |
cfaee245 | 206 | $processorResponse = $this->decodeXMLresponse($responseData); |
46043255 CW |
207 | // success in test mode returns response "APPROVED" |
208 | // test mode always returns trxn_id = 0 | |
209 | // fix for CRM-2566 | |
6a488035 | 210 | |
6a488035 | 211 | if ($processorResponse['errorCode']) { |
cfaee245 | 212 | throw new PaymentProcessorException("Error: [" . $processorResponse['errorCode'] . " " . $processorResponse['errorName'] . " " . $processorResponse['errorMessage'] . '] - from payment processor', 9010); |
6a488035 | 213 | } |
cfaee245 | 214 | if ($processorResponse['ssl_result_message'] === "APPROVED") { |
215 | if ($this->_mode === 'test') { | |
353ffa53 | 216 | $query = "SELECT MAX(trxn_id) FROM civicrm_contribution WHERE trxn_id LIKE 'test%'"; |
cfaee245 | 217 | $trxn_id = (string) CRM_Core_DAO::singleValueQuery($query); |
218 | $trxn_id = (int) str_replace('test', '', $trxn_id); | |
219 | ++$trxn_id; | |
6a488035 TO |
220 | $params['trxn_id'] = sprintf('test%08d', $trxn_id); |
221 | return $params; | |
222 | } | |
cfaee245 | 223 | throw new PaymentProcessorException('Error: [approval code related to test transaction but mode was ' . $this->_mode, 9099); |
6a488035 TO |
224 | } |
225 | ||
226 | // transaction failed, print the reason | |
cfaee245 | 227 | if ($processorResponse['ssl_result_message'] !== "APPROVAL") { |
228 | throw new PaymentProcessorException('Error: [' . $processorResponse['ssl_result_message'] . ' ' . $processorResponse['ssl_result'] . '] - from payment processor', 9009); | |
6a488035 TO |
229 | } |
230 | else { | |
46043255 | 231 | // Success ! |
cfaee245 | 232 | if ($this->_mode !== 'test') { |
6a488035 TO |
233 | // 'trxn_id' is varchar(255) field. returned value is length 37 |
234 | $params['trxn_id'] = $processorResponse['ssl_txn_id']; | |
235 | } | |
236 | ||
237 | $params['trxn_result_code'] = $processorResponse['ssl_approval_code'] . "-Cvv2:" . $processorResponse['ssl_cvv2_response'] . "-avs:" . $processorResponse['ssl_avs_response']; | |
e7dc92b8 MW |
238 | $params['payment_status_id'] = array_search('Completed', $statuses); |
239 | $params['payment_status'] = 'Completed'; | |
6a488035 TO |
240 | |
241 | return $params; | |
242 | } | |
243 | } | |
6a488035 | 244 | |
46043255 | 245 | /** |
fe482240 | 246 | * This public function checks to see if we have the right processor config values set. |
6a488035 TO |
247 | * |
248 | * NOTE: Called by Events and Contribute to check config params are set prior to trying | |
249 | * register any credit card details | |
250 | * | |
46043255 CW |
251 | * @return string|null |
252 | * $errorMsg if any errors found - null if OK | |
6a488035 | 253 | * |
77b97be7 | 254 | */ |
00be9182 | 255 | public function checkConfig() { |
be2fb01f | 256 | $errorMsg = []; |
6a488035 TO |
257 | |
258 | if (empty($this->_paymentProcessor['user_name'])) { | |
259 | $errorMsg[] = ' ' . ts('ssl_merchant_id is not set for this payment processor'); | |
260 | } | |
261 | ||
262 | if (empty($this->_paymentProcessor['url_site'])) { | |
263 | $errorMsg[] = ' ' . ts('URL is not set for this payment processor'); | |
264 | } | |
265 | ||
266 | if (!empty($errorMsg)) { | |
267 | return implode('<p>', $errorMsg); | |
268 | } | |
cfaee245 | 269 | return NULL; |
6a488035 | 270 | } |
46043255 | 271 | |
6c786a9b EM |
272 | /** |
273 | * @param $requestFields | |
274 | * | |
275 | * @return string | |
276 | */ | |
00be9182 | 277 | public function buildXML($requestFields) { |
6a488035 TO |
278 | $xmlFieldLength['ssl_first_name'] = 15; |
279 | // credit card name | |
280 | $xmlFieldLength['ssl_last_name'] = 15; | |
281 | // contact name | |
282 | $xmlFieldLength['ssl_ship_to_first_name'] = 15; | |
283 | // contact name | |
284 | $xmlFieldLength['ssl_ship_to_last_name'] = 15; | |
285 | $xmlFieldLength['ssl_card_number'] = 19; | |
286 | $xmlFieldLength['ssl_amount'] = 13; | |
287 | $xmlFieldLength['ssl_exp_date'] = 4; | |
288 | $xmlFieldLength['ssl_cvv2cvc2'] = 4; | |
289 | $xmlFieldLength['ssl_cvv2cvc2_indicator'] = 1; | |
290 | $xmlFieldLength['ssl_avs_address'] = 20; | |
291 | $xmlFieldLength['ssl_city'] = 20; | |
292 | $xmlFieldLength['ssl_state'] = 30; | |
293 | $xmlFieldLength['ssl_avs_zip'] = 9; | |
294 | $xmlFieldLength['ssl_country'] = 50; | |
295 | $xmlFieldLength['ssl_email'] = 100; | |
296 | // 32 character string | |
297 | $xmlFieldLength['ssl_invoice_number'] = 25; | |
298 | $xmlFieldLength['ssl_transaction_type'] = 20; | |
299 | $xmlFieldLength['ssl_description'] = 255; | |
300 | $xmlFieldLength['ssl_merchant_id'] = 15; | |
b3dd98a5 DL |
301 | $xmlFieldLength['ssl_user_id'] = 15; |
302 | $xmlFieldLength['ssl_pin'] = 128; | |
6a488035 | 303 | $xmlFieldLength['ssl_test_mode'] = 5; |
b3dd98a5 DL |
304 | $xmlFieldLength['ssl_salestax'] = 10; |
305 | $xmlFieldLength['ssl_customer_code'] = 17; | |
306 | $xmlFieldLength['ssl_customer_number'] = 25; | |
6a488035 TO |
307 | |
308 | $xml = '<txn>'; | |
309 | foreach ($requestFields as $key => $value) { | |
a8ed7f4d EL |
310 | //dev/core/966 Don't send email through the urlencode. |
311 | if ($key == 'ssl_email') { | |
312 | $xml .= '<' . $key . '>' . substr($value, 0, $xmlFieldLength[$key]) . '</' . $key . '>'; | |
313 | } | |
314 | else { | |
315 | $xml .= '<' . $key . '>' . self::tidyStringforXML($value, $xmlFieldLength[$key]) . '</' . $key . '>'; | |
316 | } | |
6a488035 | 317 | } |
b3dd98a5 | 318 | $xml .= '</txn>'; |
6a488035 TO |
319 | return $xml; |
320 | } | |
321 | ||
6c786a9b EM |
322 | /** |
323 | * @param $value | |
324 | * @param $fieldlength | |
325 | * | |
326 | * @return string | |
327 | */ | |
00be9182 | 328 | public function tidyStringforXML($value, $fieldlength) { |
6a488035 TO |
329 | // the xml is posted to a url so must not contain spaces etc. It also needs to be cut off at a certain |
330 | // length to match the processor's field length. The cut needs to be made after spaces etc are | |
331 | // transformed but must not include a partial transformed character e.g. %20 must be in or out not half-way | |
332 | $xmlString = substr(rawurlencode($value), 0, $fieldlength); | |
333 | $lastPercent = strrpos($xmlString, '%'); | |
334 | if ($lastPercent > $fieldlength - 3) { | |
335 | $xmlString = substr($xmlString, 0, $lastPercent); | |
336 | } | |
337 | return $xmlString; | |
338 | } | |
339 | ||
46043255 | 340 | /** |
6a488035 TO |
341 | * Simple function to use in place of the 'simplexml_load_string' call. |
342 | * | |
343 | * It returns the NodeValue for a given NodeName | |
344 | * or returns an empty string. | |
46043255 CW |
345 | * |
346 | * @param string $NodeName | |
347 | * @param string $strXML | |
348 | * @return string | |
349 | */ | |
00be9182 | 350 | public function GetNodeValue($NodeName, &$strXML) { |
6a488035 TO |
351 | $OpeningNodeName = "<" . $NodeName . ">"; |
352 | $ClosingNodeName = "</" . $NodeName . ">"; | |
353 | ||
354 | $pos1 = stripos($strXML, $OpeningNodeName); | |
355 | $pos2 = stripos($strXML, $ClosingNodeName); | |
356 | ||
357 | if (($pos1 === FALSE) || ($pos2 === FALSE)) { | |
358 | ||
cfaee245 | 359 | return ''; |
6a488035 TO |
360 | |
361 | } | |
362 | ||
363 | $pos1 += strlen($OpeningNodeName); | |
364 | $len = $pos2 - $pos1; | |
365 | ||
366 | $return = substr($strXML, $pos1, $len); | |
367 | // check out rtn values for debug | |
368 | // echo " $NodeName     $return <br>"; | |
369 | return ($return); | |
370 | } | |
371 | ||
6c786a9b | 372 | /** |
46043255 | 373 | * @param string $Xml |
6c786a9b EM |
374 | * |
375 | * @return mixed | |
376 | */ | |
00be9182 | 377 | public function decodeXMLresponse($Xml) { |
be2fb01f | 378 | $processorResponse = []; |
6a488035 TO |
379 | |
380 | $processorResponse['ssl_result'] = self::GetNodeValue("ssl_result", $Xml); | |
381 | $processorResponse['ssl_result_message'] = self::GetNodeValue("ssl_result_message", $Xml); | |
382 | $processorResponse['ssl_txn_id'] = self::GetNodeValue("ssl_txn_id", $Xml); | |
383 | $processorResponse['ssl_cvv2_response'] = self::GetNodeValue("ssl_cvv2_response", $Xml); | |
384 | $processorResponse['ssl_avs_response'] = self::GetNodeValue("ssl_avs_response", $Xml); | |
385 | $processorResponse['ssl_approval_code'] = self::GetNodeValue("ssl_approval_code", $Xml); | |
386 | $processorResponse['errorCode'] = self::GetNodeValue("errorCode", $Xml); | |
387 | $processorResponse['errorName'] = self::GetNodeValue("errorName", $Xml); | |
388 | $processorResponse['errorMessage'] = self::GetNodeValue("errorMessage", $Xml); | |
389 | ||
390 | return $processorResponse; | |
391 | } | |
96025800 | 392 | |
6a488035 | 393 | } |