[civicrm-core.git] / CRM / Core / Payment / Elavon.php

<?php
/*
 +----------------------------------------------------------------------------+
 | Elavon (Nova) Virtual Merchant Core Payment Module for CiviCRM version 5   |
 +----------------------------------------------------------------------------+
 | Licensed to CiviCRM under the Academic Free License version 3.0            |
 |                                                                            |
 | Written & Contributed by Eileen McNaughton - Nov March 2008                |
 +----------------------------------------------------------------------------+
 */

/**
 * -----------------------------------------------------------------------------------------------
 * The basic functionality of this processor is that variables from the $params object are transformed
 * into xml. The xml is submitted to the processor's https site
 * using curl and the response is translated back into an array using the processor's function.
 *
 * If an array ($params) is returned to the calling function the values from
 * the array are merged into the calling functions array.
 *
 * If an result of class error is returned it is treated as a failure. No error denotes a success. Be
 * WARY of this when coding
 *
 * -----------------------------------------------------------------------------------------------
 */
class CRM_Core_Payment_Elavon extends CRM_Core_Payment {
  // (not used, implicit in the API, might need to convert?)
  const
    CHARSET = 'UFT-8';

  /**
   * We only need one instance of this object. So we use the singleton
   * pattern and cache the instance in this variable
   *
   * @var CRM_Core_Payment_Elavon
   */
  static private $_singleton = NULL;

  /**
   * Constructor.
   *
   * @param string $mode
   *   The mode of operation: live or test.
   *
   * @param $paymentProcessor
   *
   * @return CRM_Core_Payment_Elavon
   */
  public function __construct($mode, &$paymentProcessor) {
    // live or test
    $this->_mode = $mode;
    $this->_paymentProcessor = $paymentProcessor;
    $this->_processorName = ts('Elavon');
  }

  /**
   * This function is set up and put here to make the mapping of fields
   * from the params object  as visually clear as possible for easy editing
   *
   * Comment out irrelevant fields
   * @param $params
   * @return array
   */
  public function mapProcessorFieldstoParams($params) {

    // compile array
    // Payment Processor field name fields from $params array
    // credit card name
    $requestFields['ssl_first_name'] = $params['billing_first_name'];
    // credit card name
    //$requestFields['ssl_middle_name']       = $params['billing_middle_name'];
    // credit card name
    $requestFields['ssl_last_name'] = $params['billing_last_name'];
    // contact name
    $requestFields['ssl_ship_to_first_name'] = $params['first_name'];
    // contact name
    $requestFields['ssl_ship_to_last_name'] = $params['last_name'];
    $requestFields['ssl_card_number'] = $params['credit_card_number'];
    $requestFields['ssl_amount'] = trim($params['amount']);
    $requestFields['ssl_exp_date'] = sprintf('%02d', (int) $params['month']) . substr($params['year'], 2, 2);;
    $requestFields['ssl_cvv2cvc2'] = $params['cvv2'];
    // CVV field passed to processor
    $requestFields['ssl_cvv2cvc2_indicator'] = "1";
    $requestFields['ssl_avs_address'] = $params['street_address'];
    $requestFields['ssl_city'] = $params['city'];
    $requestFields['ssl_state'] = $params['state_province'];
    $requestFields['ssl_avs_zip'] = $params['postal_code'];
    $requestFields['ssl_country'] = $params['country'];
    $requestFields['ssl_email'] = $params['email'];
    // 32 character string
    $requestFields['ssl_invoice_number'] = $params['invoiceID'];
    $requestFields['ssl_transaction_type'] = "CCSALE";
    $requestFields['ssl_description'] = empty($params['description']) ? "backoffice payment" : $params['description'];
    $requestFields['ssl_customer_number'] = substr($params['credit_card_number'], -4);
    // Added two lines below to allow commercial cards to go through as per page 15 of Elavon developer guide
    $requestFields['ssl_customer_code'] = '1111';
    $requestFields['ssl_salestax'] = 0.0;

    /************************************************************************************
     *  Fields available from civiCRM not implemented for Elavon
     *
     *  $params['qfKey'];
     *  $params['amount_other'];
     *  $params['ip_address'];
     *  $params['contributionType_name'  ];
     *  $params['contributionPageID'];
     *  $params['contributionType_accounting_code'];
     *  $params['amount_level'];
     *  $params['credit_card_type'];
     ************************************************************************************/
    return $requestFields;
  }

  /**
   * This function sends request and receives response from
   * the processor
   * @param array $params
   * @return array|object
   * @throws Exception
   */
  public function doDirectPayment(&$params) {
    if (isset($params['is_recur']) && $params['is_recur'] == TRUE) {
      CRM_Core_Error::fatal(ts('Elavon - recurring payments not implemented'));
    }

    if (!defined('CURLOPT_SSLCERT')) {
      CRM_Core_Error::fatal(ts('Elavon / Nova Virtual Merchant Gateway requires curl with SSL support'));
    }

    //Create the array of variables to be sent to the processor from the $params array
    // passed into this function
    $requestFields = self::mapProcessorFieldstoParams($params);

    // define variables for connecting with the gateway
    $requestFields['ssl_merchant_id'] = $this->_paymentProcessor['user_name'];
    $requestFields['ssl_user_id'] = CRM_Utils_Array::value('password', $this->_paymentProcessor);
    $requestFields['ssl_pin'] = CRM_Utils_Array::value('signature', $this->_paymentProcessor);
    $host = $this->_paymentProcessor['url_site'];

    if ($this->_mode == "test") {
      $requestFields['ssl_test_mode'] = "TRUE";
    }

    // Allow further manipulation of the arguments via custom hooks ..
    CRM_Utils_Hook::alterPaymentProcessorParams($this, $params, $requestFields);

    // Check to see if we have a duplicate before we send
    if ($this->checkDupe($params['invoiceID'], CRM_Utils_Array::value('contributionID', $params))) {
      return self::errorExit(9003, 'It appears that this transaction is a duplicate.  Have you already submitted the form once?  If so there may have been a connection problem.  Check your email for a receipt.  If you do not receive a receipt within 2 hours you can try your transaction again.  If you continue to have problems please contact the site administrator.');
    }

    // Convert to XML using function below
    $xml = self::buildXML($requestFields);

    // Send to the payment processor using cURL

    $chHost = $host . '?xmldata=' . $xml;

    $ch = curl_init($chHost);
    if (!$ch) {
      return self::errorExit(9004, 'Could not initiate connection to payment gateway');
    }

    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, Civi::settings()->get('verifySSL') ? 2 : 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, Civi::settings()->get('verifySSL'));
    // return the result on success, FALSE on failure
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_TIMEOUT, 36000);
    // set this for debugging -look for output in apache error log
    //curl_setopt ($ch,CURLOPT_VERBOSE,1 );
    // ensures any Location headers are followed
    if (ini_get('open_basedir') == '' && ini_get('safe_mode') == 'Off') {
      curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    }

    // Send the data out over the wire
    $responseData = curl_exec($ch);

    // See if we had a curl error - if so tell 'em and bail out
    // NOTE: curl_error does not return a logical value (see its documentation), but
    // a string, which is empty when there was no error.
    if ((curl_errno($ch) > 0) || (strlen(curl_error($ch)) > 0)) {
      curl_close($ch);
      $errorNum = curl_errno($ch);
      $errorDesc = curl_error($ch);

      // Paranoia - in the unlikley event that 'curl' errno fails
      if ($errorNum == 0) {
        $errorNum = 9005;
      }

      // Paranoia - in the unlikley event that 'curl' error fails
      if (strlen($errorDesc) == 0) {
        $errorDesc = "Connection to payment gateway failed";
      }
      if ($errorNum = 60) {
        return self::errorExit($errorNum, "Curl error - " . $errorDesc . " Try this link for more information http://curl.haxx.se/docs/sslcerts.html");
      }

      return self::errorExit($errorNum, "Curl error - " . $errorDesc . " your key is located at " . $key . " the url is " . $host . " xml is " . $requestxml . " processor response = " . $processorResponse);
    }

    // If null data returned - tell 'em and bail out
    // NOTE: You will not necessarily get a string back, if the request failed for
    // any reason, the return value will be the boolean false.
    if (($responseData === FALSE) || (strlen($responseData) == 0)) {
      curl_close($ch);
      return self::errorExit(9006, "Error: Connection to payment gateway failed - no data returned.");
    }

    // If gateway returned no data - tell 'em and bail out
    if (empty($responseData)) {
      curl_close($ch);
      return self::errorExit(9007, "Error: No data returned from payment gateway.");
    }

    // Success so far - close the curl and check the data
    curl_close($ch);

    // Payment successfully sent to gateway - process the response now

    $processorResponse = self::decodeXMLResponse($responseData);
    // success in test mode returns response "APPROVED"
    // test mode always returns trxn_id = 0
    // fix for CRM-2566

    if ($processorResponse['errorCode']) {
      return self::errorExit(9010, "Error: [" . $processorResponse['errorCode'] . " " . $processorResponse['errorName'] . " " . $processorResponse['errorMessage'] . "] - from payment processor");
    }
    if ($processorResponse['ssl_result_message'] == "APPROVED") {
      if ($this->_mode == 'test') {
        $query = "SELECT MAX(trxn_id) FROM civicrm_contribution WHERE trxn_id LIKE 'test%'";
        $p = [];
        $trxn_id = strval(CRM_Core_Dao::singleValueQuery($query, $p));
        $trxn_id = str_replace('test', '', $trxn_id);
        $trxn_id = intval($trxn_id) + 1;
        $params['trxn_id'] = sprintf('test%08d', $trxn_id);
        return $params;
      }
      else {
        return self::errorExit(9099, "Error: [approval code related to test transaction but mode was " . $this->_mode);
      }
    }

    // transaction failed, print the reason
    if ($processorResponse['ssl_result_message'] != "APPROVAL") {
      return self::errorExit(9009, "Error: [" . $processorResponse['ssl_result_message'] . " " . $processorResponse['ssl_result'] . "] - from payment processor");
    }
    else {
      // Success !
      if ($this->_mode != 'test') {
        // 'trxn_id' is varchar(255) field. returned value is length 37
        $params['trxn_id'] = $processorResponse['ssl_txn_id'];
      }

      $params['trxn_result_code'] = $processorResponse['ssl_approval_code'] . "-Cvv2:" . $processorResponse['ssl_cvv2_response'] . "-avs:" . $processorResponse['ssl_avs_response'];

      return $params;
    }
  }

  /**
   * Produces error message and returns from class.
   * @param string $errorCode
   * @param string $errorMessage
   * @return CRM_Core_Error
   */
  public function &errorExit($errorCode = NULL, $errorMessage = NULL) {
    $e = CRM_Core_Error::singleton();
    if ($errorCode) {
      $e->push($errorCode, 0, NULL, $errorMessage);
    }
    else {
      $e->push(9000, 0, NULL, 'Unknown System Error.');
    }
    return $e;
  }

  /**
   * This public function checks to see if we have the right processor config values set.
   *
   * NOTE: Called by Events and Contribute to check config params are set prior to trying
   *  register any credit card details
   *
   * @return string|null
   *   $errorMsg if any errors found - null if OK
   *
   */
  public function checkConfig() {
    $errorMsg = [];

    if (empty($this->_paymentProcessor['user_name'])) {
      $errorMsg[] = ' ' . ts('ssl_merchant_id is not set for this payment processor');
    }

    if (empty($this->_paymentProcessor['url_site'])) {
      $errorMsg[] = ' ' . ts('URL is not set for this payment processor');
    }

    if (!empty($errorMsg)) {
      return implode('<p>', $errorMsg);
    }
    else {
      return NULL;
    }
  }

  /**
   * @param $requestFields
   *
   * @return string
   */
  public function buildXML($requestFields) {
    $xmlFieldLength['ssl_first_name'] = 15;
    // credit card name
    $xmlFieldLength['ssl_last_name'] = 15;
    // contact name
    $xmlFieldLength['ssl_ship_to_first_name'] = 15;
    // contact name
    $xmlFieldLength['ssl_ship_to_last_name'] = 15;
    $xmlFieldLength['ssl_card_number'] = 19;
    $xmlFieldLength['ssl_amount'] = 13;
    $xmlFieldLength['ssl_exp_date'] = 4;
    $xmlFieldLength['ssl_cvv2cvc2'] = 4;
    $xmlFieldLength['ssl_cvv2cvc2_indicator'] = 1;
    $xmlFieldLength['ssl_avs_address'] = 20;
    $xmlFieldLength['ssl_city'] = 20;
    $xmlFieldLength['ssl_state'] = 30;
    $xmlFieldLength['ssl_avs_zip'] = 9;
    $xmlFieldLength['ssl_country'] = 50;
    $xmlFieldLength['ssl_email'] = 100;
    // 32 character string
    $xmlFieldLength['ssl_invoice_number'] = 25;
    $xmlFieldLength['ssl_transaction_type'] = 20;
    $xmlFieldLength['ssl_description'] = 255;
    $xmlFieldLength['ssl_merchant_id'] = 15;
    $xmlFieldLength['ssl_user_id'] = 15;
    $xmlFieldLength['ssl_pin'] = 128;
    $xmlFieldLength['ssl_test_mode'] = 5;
    $xmlFieldLength['ssl_salestax'] = 10;
    $xmlFieldLength['ssl_customer_code'] = 17;
    $xmlFieldLength['ssl_customer_number'] = 25;

    $xml = '<txn>';
    foreach ($requestFields as $key => $value) {
      //dev/core/966 Don't send email through the urlencode.
      if ($key == 'ssl_email') {
        $xml .= '<' . $key . '>' . substr($value, 0, $xmlFieldLength[$key]) . '</' . $key . '>';
      }
      else {
        $xml .= '<' . $key . '>' . self::tidyStringforXML($value, $xmlFieldLength[$key]) . '</' . $key . '>';
      }
    }
    $xml .= '</txn>';
    return $xml;
  }

  /**
   * @param $value
   * @param $fieldlength
   *
   * @return string
   */
  public function tidyStringforXML($value, $fieldlength) {
    // the xml is posted to a url so must not contain spaces etc. It also needs to be cut off at a certain
    // length to match the processor's field length. The cut needs to be made after spaces etc are
    // transformed but must not include a partial transformed character e.g. %20 must be in or out not half-way
    $xmlString = substr(rawurlencode($value), 0, $fieldlength);
    $lastPercent = strrpos($xmlString, '%');
    if ($lastPercent > $fieldlength - 3) {
      $xmlString = substr($xmlString, 0, $lastPercent);
    }
    return $xmlString;
  }

  /**
   * Simple function to use in place of the 'simplexml_load_string' call.
   *
   * It returns the NodeValue for a given NodeName
   * or returns an empty string.
   *
   * @param string $NodeName
   * @param string $strXML
   * @return string
   */
  public function GetNodeValue($NodeName, &$strXML) {
    $OpeningNodeName = "<" . $NodeName . ">";
    $ClosingNodeName = "</" . $NodeName . ">";

    $pos1 = stripos($strXML, $OpeningNodeName);
    $pos2 = stripos($strXML, $ClosingNodeName);

    if (($pos1 === FALSE) || ($pos2 === FALSE)) {

      return "";

    }

    $pos1 += strlen($OpeningNodeName);
    $len = $pos2 - $pos1;

    $return = substr($strXML, $pos1, $len);
    // check out rtn values for debug
    // echo " $NodeName &nbsp &nbsp $return <br>";
    return ($return);
  }

  /**
   * @param string $Xml
   *
   * @return mixed
   */
  public function decodeXMLresponse($Xml) {
    $processorResponse = [];

    $processorResponse['ssl_result'] = self::GetNodeValue("ssl_result", $Xml);
    $processorResponse['ssl_result_message'] = self::GetNodeValue("ssl_result_message", $Xml);
    $processorResponse['ssl_txn_id'] = self::GetNodeValue("ssl_txn_id", $Xml);
    $processorResponse['ssl_cvv2_response'] = self::GetNodeValue("ssl_cvv2_response", $Xml);
    $processorResponse['ssl_avs_response'] = self::GetNodeValue("ssl_avs_response", $Xml);
    $processorResponse['ssl_approval_code'] = self::GetNodeValue("ssl_approval_code", $Xml);
    $processorResponse['errorCode'] = self::GetNodeValue("errorCode", $Xml);
    $processorResponse['errorName'] = self::GetNodeValue("errorName", $Xml);
    $processorResponse['errorMessage'] = self::GetNodeValue("errorMessage", $Xml);

    return $processorResponse;
  }

}
Commit	Line	Data
6a488035 TO	1	<?php
	2	/*
	3	+----------------------------------------------------------------------------+
fee14197	4	\| Elavon (Nova) Virtual Merchant Core Payment Module for CiviCRM version 5 \|
6a488035 TO	5	+----------------------------------------------------------------------------+
	6	\| Licensed to CiviCRM under the Academic Free License version 3.0 \|
	7	\| \|
	8	\| Written & Contributed by Eileen McNaughton - Nov March 2008 \|
	9	+----------------------------------------------------------------------------+
e70a7fc0	10	*/
6a488035 TO	11
6a488035 TO	12	/**
353ffa53 TO	13	* -----------------------------------------------------------------------------------------------
	14	* The basic functionality of this processor is that variables from the $params object are transformed
	15	* into xml. The xml is submitted to the processor's https site
	16	* using curl and the response is translated back into an array using the processor's function.
	17	*
	18	* If an array ($params) is returned to the calling function the values from
	19	* the array are merged into the calling functions array.
	20	*
	21	* If an result of class error is returned it is treated as a failure. No error denotes a success. Be
	22	* WARY of this when coding
	23	*
	24	* -----------------------------------------------------------------------------------------------
d5cc0fc2	25	*/
6a488035 TO	26	class CRM_Core_Payment_Elavon extends CRM_Core_Payment {
6a488035 TO	27	// (not used, implicit in the API, might need to convert?)
7da04cde	28	const
353ffa53	29	CHARSET = 'UFT-8';
6a488035 TO	30
	31	/**
	32	* We only need one instance of this object. So we use the singleton
	33	* pattern and cache the instance in this variable
	34	*
46043255	35	* @var CRM_Core_Payment_Elavon
6a488035 TO	36	*/
	37	static private $_singleton = NULL;
	38
46043255	39	/**
fe482240	40	* Constructor.
6a488035	41	*
6a0b768e TO	42	* @param string $mode
6a0b768e TO	43	* The mode of operation: live or test.
6a488035	44	*
77b97be7 EM	45	* @param $paymentProcessor
77b97be7 EM	46	*
46043255	47	* @return CRM_Core_Payment_Elavon
77b97be7	48	*/
00be9182	49	public function __construct($mode, &$paymentProcessor) {
6a488035 TO	50	// live or test
	51	$this->_mode = $mode;
	52	$this->_paymentProcessor = $paymentProcessor;
	53	$this->_processorName = ts('Elavon');
	54	}
	55
46043255	56	/**
6a488035 TO	57	* This function is set up and put here to make the mapping of fields
	58	* from the params object as visually clear as possible for easy editing
	59	*
46043255 CW	60	* Comment out irrelevant fields
	61	* @param $params
	62	* @return array
	63	*/
00be9182	64	public function mapProcessorFieldstoParams($params) {
6a488035	65
46043255 CW	66	// compile array
46043255 CW	67	// Payment Processor field name fields from $params array
6a488035 TO	68	// credit card name
	69	$requestFields['ssl_first_name'] = $params['billing_first_name'];
	70	// credit card name
	71	//$requestFields['ssl_middle_name'] = $params['billing_middle_name'];
	72	// credit card name
	73	$requestFields['ssl_last_name'] = $params['billing_last_name'];
	74	// contact name
	75	$requestFields['ssl_ship_to_first_name'] = $params['first_name'];
	76	// contact name
	77	$requestFields['ssl_ship_to_last_name'] = $params['last_name'];
	78	$requestFields['ssl_card_number'] = $params['credit_card_number'];
b3dd98a5	79	$requestFields['ssl_amount'] = trim($params['amount']);
6a488035 TO	80	$requestFields['ssl_exp_date'] = sprintf('%02d', (int) $params['month']) . substr($params['year'], 2, 2);;
	81	$requestFields['ssl_cvv2cvc2'] = $params['cvv2'];
	82	// CVV field passed to processor
	83	$requestFields['ssl_cvv2cvc2_indicator'] = "1";
	84	$requestFields['ssl_avs_address'] = $params['street_address'];
	85	$requestFields['ssl_city'] = $params['city'];
	86	$requestFields['ssl_state'] = $params['state_province'];
	87	$requestFields['ssl_avs_zip'] = $params['postal_code'];
	88	$requestFields['ssl_country'] = $params['country'];
	89	$requestFields['ssl_email'] = $params['email'];
	90	// 32 character string
	91	$requestFields['ssl_invoice_number'] = $params['invoiceID'];
	92	$requestFields['ssl_transaction_type'] = "CCSALE";
ceb10dc7	93	$requestFields['ssl_description'] = empty($params['description']) ? "backoffice payment" : $params['description'];
6a488035	94	$requestFields['ssl_customer_number'] = substr($params['credit_card_number'], -4);
b3dd98a5 DL	95	// Added two lines below to allow commercial cards to go through as per page 15 of Elavon developer guide
	96	$requestFields['ssl_customer_code'] = '1111';
	97	$requestFields['ssl_salestax'] = 0.0;
	98
6a488035 TO	99	/************************************************************************************
	100	* Fields available from civiCRM not implemented for Elavon
	101	*
	102	* $params['qfKey'];
	103	* $params['amount_other'];
	104	* $params['ip_address'];
	105	* $params['contributionType_name' ];
	106	* $params['contributionPageID'];
	107	* $params['contributionType_accounting_code'];
	108	* $params['amount_level'];
	109	* $params['credit_card_type'];
	110	************************************************************************************/
	111	return $requestFields;
	112	}
	113
46043255	114	/**
6a488035 TO	115	* This function sends request and receives response from
6a488035 TO	116	* the processor
46043255 CW	117	* @param array $params
	118	* @return array\|object
	119	* @throws Exception
	120	*/
00be9182	121	public function doDirectPayment(&$params) {
b3dd98a5	122	if (isset($params['is_recur']) && $params['is_recur'] == TRUE) {
6a488035 TO	123	CRM_Core_Error::fatal(ts('Elavon - recurring payments not implemented'));
	124	}
	125
	126	if (!defined('CURLOPT_SSLCERT')) {
	127	CRM_Core_Error::fatal(ts('Elavon / Nova Virtual Merchant Gateway requires curl with SSL support'));
	128	}
	129
46043255 CW	130	//Create the array of variables to be sent to the processor from the $params array
46043255 CW	131	// passed into this function
6a488035 TO	132	$requestFields = self::mapProcessorFieldstoParams($params);
6a488035 TO	133
46043255	134	// define variables for connecting with the gateway
6a488035	135	$requestFields['ssl_merchant_id'] = $this->_paymentProcessor['user_name'];
5bfade63 WA	136	$requestFields['ssl_user_id'] = CRM_Utils_Array::value('password', $this->_paymentProcessor);
5bfade63 WA	137	$requestFields['ssl_pin'] = CRM_Utils_Array::value('signature', $this->_paymentProcessor);
6a488035 TO	138	$host = $this->_paymentProcessor['url_site'];
	139
	140	if ($this->_mode == "test") {
	141	$requestFields['ssl_test_mode'] = "TRUE";
	142	}
	143
	144	// Allow further manipulation of the arguments via custom hooks ..
	145	CRM_Utils_Hook::alterPaymentProcessorParams($this, $params, $requestFields);
	146
46043255	147	// Check to see if we have a duplicate before we send
d253aeb8	148	if ($this->checkDupe($params['invoiceID'], CRM_Utils_Array::value('contributionID', $params))) {
6a488035 TO	149	return self::errorExit(9003, 'It appears that this transaction is a duplicate. Have you already submitted the form once? If so there may have been a connection problem. Check your email for a receipt. If you do not receive a receipt within 2 hours you can try your transaction again. If you continue to have problems please contact the site administrator.');
	150	}
	151
46043255	152	// Convert to XML using function below
6a488035 TO	153	$xml = self::buildXML($requestFields);
6a488035 TO	154
46043255	155	// Send to the payment processor using cURL
6a488035 TO	156
	157	$chHost = $host . '?xmldata=' . $xml;
	158
	159	$ch = curl_init($chHost);
	160	if (!$ch) {
	161	return self::errorExit(9004, 'Could not initiate connection to payment gateway');
	162	}
	163
aaffa79f	164	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, Civi::settings()->get('verifySSL') ? 2 : 0);
aaffa79f	165	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, Civi::settings()->get('verifySSL'));
6a488035 TO	166	// return the result on success, FALSE on failure
	167	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	168	curl_setopt($ch, CURLOPT_TIMEOUT, 36000);
	169	// set this for debugging -look for output in apache error log
	170	//curl_setopt ($ch,CURLOPT_VERBOSE,1 );
	171	// ensures any Location headers are followed
439b9688 LS	172	if (ini_get('open_basedir') == '' && ini_get('safe_mode') == 'Off') {
	173	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
	174	}
6a488035	175
46043255	176	// Send the data out over the wire
6a488035 TO	177	$responseData = curl_exec($ch);
6a488035 TO	178
46043255 CW	179	// See if we had a curl error - if so tell 'em and bail out
	180	// NOTE: curl_error does not return a logical value (see its documentation), but
	181	// a string, which is empty when there was no error.
6a488035 TO	182	if ((curl_errno($ch) > 0) \|\| (strlen(curl_error($ch)) > 0)) {
	183	curl_close($ch);
	184	$errorNum = curl_errno($ch);
	185	$errorDesc = curl_error($ch);
	186
	187	// Paranoia - in the unlikley event that 'curl' errno fails
2aa397bc TO	188	if ($errorNum == 0) {
	189	$errorNum = 9005;
	190	}
6a488035 TO	191
6a488035 TO	192	// Paranoia - in the unlikley event that 'curl' error fails
2aa397bc TO	193	if (strlen($errorDesc) == 0) {
	194	$errorDesc = "Connection to payment gateway failed";
	195	}
6a488035 TO	196	if ($errorNum = 60) {
	197	return self::errorExit($errorNum, "Curl error - " . $errorDesc . " Try this link for more information http://curl.haxx.se/docs/sslcerts.html");
	198	}
	199
	200	return self::errorExit($errorNum, "Curl error - " . $errorDesc . " your key is located at " . $key . " the url is " . $host . " xml is " . $requestxml . " processor response = " . $processorResponse);
	201	}
	202
46043255 CW	203	// If null data returned - tell 'em and bail out
	204	// NOTE: You will not necessarily get a string back, if the request failed for
	205	// any reason, the return value will be the boolean false.
6a488035 TO	206	if (($responseData === FALSE) \|\| (strlen($responseData) == 0)) {
	207	curl_close($ch);
	208	return self::errorExit(9006, "Error: Connection to payment gateway failed - no data returned.");
	209	}
	210
46043255	211	// If gateway returned no data - tell 'em and bail out
6a488035 TO	212	if (empty($responseData)) {
	213	curl_close($ch);
	214	return self::errorExit(9007, "Error: No data returned from payment gateway.");
	215	}
	216
46043255	217	// Success so far - close the curl and check the data
6a488035 TO	218	curl_close($ch);
6a488035 TO	219
46043255	220	// Payment successfully sent to gateway - process the response now
6a488035 TO	221
6a488035 TO	222	$processorResponse = self::decodeXMLResponse($responseData);
46043255 CW	223	// success in test mode returns response "APPROVED"
	224	// test mode always returns trxn_id = 0
	225	// fix for CRM-2566
6a488035	226
6a488035 TO	227	if ($processorResponse['errorCode']) {
	228	return self::errorExit(9010, "Error: [" . $processorResponse['errorCode'] . " " . $processorResponse['errorName'] . " " . $processorResponse['errorMessage'] . "] - from payment processor");
	229	}
	230	if ($processorResponse['ssl_result_message'] == "APPROVED") {
	231	if ($this->_mode == 'test') {
353ffa53	232	$query = "SELECT MAX(trxn_id) FROM civicrm_contribution WHERE trxn_id LIKE 'test%'";
be2fb01f	233	$p = [];
353ffa53 TO	234	$trxn_id = strval(CRM_Core_Dao::singleValueQuery($query, $p));
	235	$trxn_id = str_replace('test', '', $trxn_id);
	236	$trxn_id = intval($trxn_id) + 1;
6a488035 TO	237	$params['trxn_id'] = sprintf('test%08d', $trxn_id);
	238	return $params;
	239	}
	240	else {
	241	return self::errorExit(9099, "Error: [approval code related to test transaction but mode was " . $this->_mode);
	242	}
	243	}
	244
	245	// transaction failed, print the reason
	246	if ($processorResponse['ssl_result_message'] != "APPROVAL") {
	247	return self::errorExit(9009, "Error: [" . $processorResponse['ssl_result_message'] . " " . $processorResponse['ssl_result'] . "] - from payment processor");
	248	}
	249	else {
46043255 CW	250	// Success !
46043255 CW	251	if ($this->_mode != 'test') {
6a488035 TO	252	// 'trxn_id' is varchar(255) field. returned value is length 37
	253	$params['trxn_id'] = $processorResponse['ssl_txn_id'];
	254	}
	255
	256	$params['trxn_result_code'] = $processorResponse['ssl_approval_code'] . "-Cvv2:" . $processorResponse['ssl_cvv2_response'] . "-avs:" . $processorResponse['ssl_avs_response'];
	257
	258	return $params;
	259	}
	260	}
6a488035	261
46043255	262	/**
fe482240	263	* Produces error message and returns from class.
46043255 CW	264	* @param string $errorCode
	265	* @param string $errorMessage
	266	* @return CRM_Core_Error
	267	*/
00be9182	268	public function &errorExit($errorCode = NULL, $errorMessage = NULL) {
6a488035 TO	269	$e = CRM_Core_Error::singleton();
	270	if ($errorCode) {
	271	$e->push($errorCode, 0, NULL, $errorMessage);
	272	}
	273	else {
	274	$e->push(9000, 0, NULL, 'Unknown System Error.');
	275	}
	276	return $e;
	277	}
	278
46043255	279	/**
fe482240	280	* This public function checks to see if we have the right processor config values set.
6a488035 TO	281	*
	282	* NOTE: Called by Events and Contribute to check config params are set prior to trying
	283	* register any credit card details
	284	*
46043255 CW	285	* @return string\|null
46043255 CW	286	* $errorMsg if any errors found - null if OK
6a488035	287	*
77b97be7	288	*/
00be9182	289	public function checkConfig() {
be2fb01f	290	$errorMsg = [];
6a488035 TO	291
	292	if (empty($this->_paymentProcessor['user_name'])) {
	293	$errorMsg[] = ' ' . ts('ssl_merchant_id is not set for this payment processor');
	294	}
	295
	296	if (empty($this->_paymentProcessor['url_site'])) {
	297	$errorMsg[] = ' ' . ts('URL is not set for this payment processor');
	298	}
	299
	300	if (!empty($errorMsg)) {
	301	return implode('<p>', $errorMsg);
	302	}
	303	else {
	304	return NULL;
	305	}
	306	}
46043255	307
6c786a9b EM	308	/**
	309	* @param $requestFields
	310	*
	311	* @return string
	312	*/
00be9182	313	public function buildXML($requestFields) {
6a488035 TO	314	$xmlFieldLength['ssl_first_name'] = 15;
	315	// credit card name
	316	$xmlFieldLength['ssl_last_name'] = 15;
	317	// contact name
	318	$xmlFieldLength['ssl_ship_to_first_name'] = 15;
	319	// contact name
	320	$xmlFieldLength['ssl_ship_to_last_name'] = 15;
	321	$xmlFieldLength['ssl_card_number'] = 19;
	322	$xmlFieldLength['ssl_amount'] = 13;
	323	$xmlFieldLength['ssl_exp_date'] = 4;
	324	$xmlFieldLength['ssl_cvv2cvc2'] = 4;
	325	$xmlFieldLength['ssl_cvv2cvc2_indicator'] = 1;
	326	$xmlFieldLength['ssl_avs_address'] = 20;
	327	$xmlFieldLength['ssl_city'] = 20;
	328	$xmlFieldLength['ssl_state'] = 30;
	329	$xmlFieldLength['ssl_avs_zip'] = 9;
	330	$xmlFieldLength['ssl_country'] = 50;
	331	$xmlFieldLength['ssl_email'] = 100;
	332	// 32 character string
	333	$xmlFieldLength['ssl_invoice_number'] = 25;
	334	$xmlFieldLength['ssl_transaction_type'] = 20;
	335	$xmlFieldLength['ssl_description'] = 255;
	336	$xmlFieldLength['ssl_merchant_id'] = 15;
b3dd98a5 DL	337	$xmlFieldLength['ssl_user_id'] = 15;
b3dd98a5 DL	338	$xmlFieldLength['ssl_pin'] = 128;
6a488035	339	$xmlFieldLength['ssl_test_mode'] = 5;
b3dd98a5 DL	340	$xmlFieldLength['ssl_salestax'] = 10;
	341	$xmlFieldLength['ssl_customer_code'] = 17;
	342	$xmlFieldLength['ssl_customer_number'] = 25;
6a488035 TO	343
	344	$xml = '<txn>';
	345	foreach ($requestFields as $key => $value) {
a8ed7f4d EL	346	//dev/core/966 Don't send email through the urlencode.
	347	if ($key == 'ssl_email') {
	348	$xml .= '<' . $key . '>' . substr($value, 0, $xmlFieldLength[$key]) . '</' . $key . '>';
	349	}
	350	else {
	351	$xml .= '<' . $key . '>' . self::tidyStringforXML($value, $xmlFieldLength[$key]) . '</' . $key . '>';
	352	}
6a488035	353	}
b3dd98a5	354	$xml .= '</txn>';
6a488035 TO	355	return $xml;
	356	}
	357
6c786a9b EM	358	/**
	359	* @param $value
	360	* @param $fieldlength
	361	*
	362	* @return string
	363	*/
00be9182	364	public function tidyStringforXML($value, $fieldlength) {
6a488035 TO	365	// the xml is posted to a url so must not contain spaces etc. It also needs to be cut off at a certain
	366	// length to match the processor's field length. The cut needs to be made after spaces etc are
	367	// transformed but must not include a partial transformed character e.g. %20 must be in or out not half-way
	368	$xmlString = substr(rawurlencode($value), 0, $fieldlength);
	369	$lastPercent = strrpos($xmlString, '%');
	370	if ($lastPercent > $fieldlength - 3) {
	371	$xmlString = substr($xmlString, 0, $lastPercent);
	372	}
	373	return $xmlString;
	374	}
	375
46043255	376	/**
6a488035 TO	377	* Simple function to use in place of the 'simplexml_load_string' call.
	378	*
	379	* It returns the NodeValue for a given NodeName
	380	* or returns an empty string.
46043255 CW	381	*
	382	* @param string $NodeName
	383	* @param string $strXML
	384	* @return string
	385	*/
00be9182	386	public function GetNodeValue($NodeName, &$strXML) {
6a488035 TO	387	$OpeningNodeName = "<" . $NodeName . ">";
	388	$ClosingNodeName = "</" . $NodeName . ">";
	389
	390	$pos1 = stripos($strXML, $OpeningNodeName);
	391	$pos2 = stripos($strXML, $ClosingNodeName);
	392
	393	if (($pos1 === FALSE) \|\| ($pos2 === FALSE)) {
	394
	395	return "";
	396
	397	}
	398
	399	$pos1 += strlen($OpeningNodeName);
	400	$len = $pos2 - $pos1;
	401
	402	$return = substr($strXML, $pos1, $len);
	403	// check out rtn values for debug
	404	// echo " $NodeName &nbsp &nbsp $return <br>";
	405	return ($return);
	406	}
	407
6c786a9b	408	/**
46043255	409	* @param string $Xml
6c786a9b EM	410	*
	411	* @return mixed
	412	*/
00be9182	413	public function decodeXMLresponse($Xml) {
be2fb01f	414	$processorResponse = [];
6a488035 TO	415
	416	$processorResponse['ssl_result'] = self::GetNodeValue("ssl_result", $Xml);
	417	$processorResponse['ssl_result_message'] = self::GetNodeValue("ssl_result_message", $Xml);
	418	$processorResponse['ssl_txn_id'] = self::GetNodeValue("ssl_txn_id", $Xml);
	419	$processorResponse['ssl_cvv2_response'] = self::GetNodeValue("ssl_cvv2_response", $Xml);
	420	$processorResponse['ssl_avs_response'] = self::GetNodeValue("ssl_avs_response", $Xml);
	421	$processorResponse['ssl_approval_code'] = self::GetNodeValue("ssl_approval_code", $Xml);
	422	$processorResponse['errorCode'] = self::GetNodeValue("errorCode", $Xml);
	423	$processorResponse['errorName'] = self::GetNodeValue("errorName", $Xml);
	424	$processorResponse['errorMessage'] = self::GetNodeValue("errorMessage", $Xml);
	425
	426	return $processorResponse;
	427	}
96025800	428
6a488035	429	}