3 +--------------------------------------------------------------------+
5 +--------------------------------------------------------------------+
6 | This file is a part of CiviCRM. |
8 | CiviCRM is free software; you can copy, modify, and distribute it |
9 | under the terms of the GNU Affero General Public License |
10 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
12 | CiviCRM is distributed in the hope that it will be useful, but |
13 | WITHOUT ANY WARRANTY; without even the implied warranty of |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
15 | See the GNU Affero General Public License for more details. |
17 | You should have received a copy of the GNU Affero General Public |
18 | License and the CiviCRM Licensing Exception along |
19 | with this program; if not, contact CiviCRM LLC |
20 | at info[AT]civicrm[DOT]org. If you have questions about the |
21 | GNU Affero General Public License or the licensing of CiviCRM, |
22 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
23 +--------------------------------------------------------------------+
28 * PxPay Functionality Copyright (C) 2008 Lucas Baker, Logistic Information Systems Limited (Logis)
29 * PxAccess Functionality Copyright (C) 2008 Eileen McNaughton
30 * Licensed to CiviCRM under the Academic Free License version 3.0.
32 * Grateful acknowledgements go to Donald Lobo for invaluable assistance
33 * in creating this payment processor module
37 * Class CRM_Core_Payment_PaymentExpressIPN
39 class CRM_Core_Payment_PaymentExpressIPN
extends CRM_Core_Payment_BaseIPN
{
42 * We only need one instance of this object. So we use the singleton
43 * pattern and cache the instance in this variable
47 static private $_singleton = NULL;
50 * Mode of operation: live or test
54 protected $_mode = NULL;
64 public static function retrieve($name, $type, $object, $abort = TRUE) {
65 $value = $object[$name] ??
NULL;
66 if ($abort && $value === NULL) {
67 CRM_Core_Error
::debug_log_message("Could not find an entry for $name");
68 echo "Failure: Missing Parameter - " . $name . "<p>";
73 if (!CRM_Utils_Type
::validate($value, $type)) {
74 CRM_Core_Error
::debug_log_message("Could not find a valid entry for $name");
75 echo "Failure: Invalid Parameter<p>";
87 * The mode of operation: live or test.
89 * @param $paymentProcessor
91 * @return \CRM_Core_Payment_PaymentExpressIPN
93 public function __construct($mode, &$paymentProcessor) {
94 parent
::__construct();
97 $this->_paymentProcessor
= $paymentProcessor;
101 * The function gets called when a new order takes place.
104 * @param array $privateData
105 * Contains the name value pair of <merchant-private-data>.
109 * @param $transactionReference
113 public function newOrderNotify($success, $privateData, $component, $amount, $transactionReference) {
114 $ids = $input = $params = [];
116 $input['component'] = strtolower($component);
118 $ids['contact'] = self
::retrieve('contactID', 'Integer', $privateData, TRUE);
119 $ids['contribution'] = self
::retrieve('contributionID', 'Integer', $privateData, TRUE);
121 if ($input['component'] == "event") {
122 $ids['event'] = self
::retrieve('eventID', 'Integer', $privateData, TRUE);
123 $ids['participant'] = self
::retrieve('participantID', 'Integer', $privateData, TRUE);
124 $ids['membership'] = NULL;
127 $ids['membership'] = self
::retrieve('membershipID', 'Integer', $privateData, FALSE);
129 $ids['contributionRecur'] = $ids['contributionPage'] = NULL;
131 $paymentProcessorID = CRM_Core_DAO
::getFieldValue('CRM_Financial_DAO_PaymentProcessorType',
132 'PayPal_Express', 'id', 'name'
135 if (!$this->validateData($input, $ids, $objects, TRUE, $paymentProcessorID)) {
139 // make sure the invoice is valid and matches what we have in the contribution record
140 $input['invoice'] = $privateData['invoiceID'];
141 $input['newInvoice'] = $transactionReference;
142 $contribution = &$objects['contribution'];
143 $input['trxn_id'] = $transactionReference;
145 if ($contribution->invoice_id
!= $input['invoice']) {
146 CRM_Core_Error
::debug_log_message("Invoice values dont match between database and IPN request");
147 echo "Failure: Invoice values dont match between database and IPN request<p>";
151 // lets replace invoice-id with Payment Processor -number because thats what is common and unique
152 // in subsequent calls or notifications sent by google.
153 $contribution->invoice_id
= $input['newInvoice'];
155 $input['amount'] = $amount;
157 if ($contribution->total_amount
!= $input['amount']) {
158 CRM_Core_Error
::debug_log_message("Amount values dont match between database and IPN request");
159 echo "Failure: Amount values dont match between database and IPN request. " . $contribution->total_amount
. "/" . $input['amount'] . "<p>";
163 $transaction = new CRM_Core_Transaction();
165 // check if contribution is already completed, if so we ignore this ipn
167 if ($contribution->contribution_status_id
== 1) {
168 CRM_Core_Error
::debug_log_message("returning since contribution has already been handled");
169 echo "Success: Contribution has already been handled<p>";
173 /* Since trxn_id hasn't got any use here,
174 * lets make use of it by passing the eventID/membershipTypeID to next level.
175 * And change trxn_id to the payment processor reference before finishing db update */
178 $contribution->trxn_id
= $ids['event'] . CRM_Core_DAO
::VALUE_SEPARATOR
. $ids['participant'];
181 $contribution->trxn_id
= $ids['membership'];
184 $this->completeTransaction($input, $ids, $objects, $transaction);
191 * The function returns the component(Event/Contribute..)and whether it is Test or not
193 * @param array $privateData
194 * Contains the name-value pairs of transaction related data.
195 * @param int $orderNo
196 * <order-total> send by google.
199 * context of this call (test, component, payment processor id)
201 public static function getContext($privateData, $orderNo) {
206 $contributionID = $privateData['contributionID'];
207 $contribution = new CRM_Contribute_DAO_Contribution();
208 $contribution->id
= $contributionID;
210 if (!$contribution->find(TRUE)) {
211 CRM_Core_Error
::debug_log_message("Could not find contribution record: $contributionID");
212 echo "Failure: Could not find contribution record for $contributionID<p>";
216 if (stristr($contribution->source
, 'Online Contribution')) {
217 $component = 'contribute';
219 elseif (stristr($contribution->source
, 'Online Event Registration')) {
220 $component = 'event';
222 $isTest = $contribution->is_test
;
224 $duplicateTransaction = 0;
225 if ($contribution->contribution_status_id
== 1) {
226 //contribution already handled. (some processors do two notifications so this could be valid)
227 $duplicateTransaction = 1;
230 if ($component == 'contribute') {
231 if (!$contribution->contribution_page_id
) {
232 CRM_Core_Error
::debug_log_message("Could not find contribution page for contribution record: $contributionID");
233 echo "Failure: Could not find contribution page for contribution record: $contributionID<p>";
239 $eventID = $privateData['eventID'];
242 CRM_Core_Error
::debug_log_message("Could not find event ID");
243 echo "Failure: Could not find eventID<p>";
247 // we are in event mode
248 // make sure event exists and is valid
249 $event = new CRM_Event_DAO_Event();
250 $event->id
= $eventID;
251 if (!$event->find(TRUE)) {
252 CRM_Core_Error
::debug_log_message("Could not find event: $eventID");
253 echo "Failure: Could not find event: $eventID<p>";
258 return [$isTest, $component, $duplicateTransaction];
262 * Main notification processing method.
264 * hex string from paymentexpress is passed to this function as hex string. Code based on googleIPN
265 * mac_key is only passed if the processor is pxaccess as it is used for decryption
266 * $dps_method is either pxaccess or pxpay
268 * @param string $dps_method
269 * @param array $rawPostData
270 * @param string $dps_url
271 * @param string $dps_user
272 * @param string $dps_key
273 * @param string $mac_key
277 public static function main($dps_method, $rawPostData, $dps_url, $dps_user, $dps_key, $mac_key) {
279 $config = CRM_Core_Config
::singleton();
280 define('RESPONSE_HANDLER_LOG_FILE', $config->uploadDir
. 'CiviCRM.PaymentExpress.log');
283 if (!$message_log = fopen(RESPONSE_HANDLER_LOG_FILE
, "a")) {
284 error_func("Cannot open " . RESPONSE_HANDLER_LOG_FILE
. " file.\n", 0);
288 if ($dps_method == "pxpay") {
289 $processResponse = CRM_Core_Payment_PaymentExpressUtils
::_valueXml([
290 'PxPayUserId' => $dps_user,
291 'PxPayKey' => $dps_key,
292 'Response' => $_GET['result'],
294 $processResponse = CRM_Core_Payment_PaymentExpressUtils
::_valueXml('ProcessResponse', $processResponse);
296 fwrite($message_log, sprintf("\n\r%s:- %s\n", date("D M j G:i:s T Y"),
300 // Send the XML-formatted validation request to DPS so that we can receive a decrypted XML response which contains the transaction results
301 $curl = CRM_Core_Payment_PaymentExpressUtils
::_initCURL($processResponse, $dps_url);
303 fwrite($message_log, sprintf("\n\r%s:- %s\n", date("D M j G:i:s T Y"),
307 if ($response = curl_exec($curl)) {
308 $info = curl_getinfo($curl);
309 if ($info['http_code'] < 200 ||
$info['http_code'] > 299) {
310 $log_message = "DPS error: HTTP {$info['http_code']} retrieving {$info['url']}.";
311 CRM_Core_Error
::fatal($log_message);
314 fwrite($message_log, sprintf("\n\r%s:- %s\n", date("D M j G:i:s T Y"), $response));
317 // Assign the returned XML values to variables
318 $valid = CRM_Core_Payment_PaymentExpressUtils
::_xmlAttribute($response, 'valid');
319 // CRM_Core_Payment_PaymentExpressUtils::_xmlAttribute() returns NULL if preg fails.
320 if (is_null($valid)) {
321 CRM_Core_Error
::fatal(ts("DPS error: Unable to parse XML response from DPS.", [1 => $valid]));
323 $success = CRM_Core_Payment_PaymentExpressUtils
::_xmlElement($response, 'Success');
324 $txnId = CRM_Core_Payment_PaymentExpressUtils
::_xmlElement($response, 'TxnId');
325 $responseText = CRM_Core_Payment_PaymentExpressUtils
::_xmlElement($response, 'ResponseText');
326 $authCode = CRM_Core_Payment_PaymentExpressUtils
::_xmlElement($response, 'AuthCode');
327 $DPStxnRef = CRM_Core_Payment_PaymentExpressUtils
::_xmlElement($response, 'DpsTxnRef');
328 $qfKey = CRM_Core_Payment_PaymentExpressUtils
::_xmlElement($response, "TxnData1");
329 $privateData = CRM_Core_Payment_PaymentExpressUtils
::_xmlElement($response, "TxnData2");
330 list($component, $paymentProcessorID,) = explode(',', CRM_Core_Payment_PaymentExpressUtils
::_xmlElement($response, "TxnData3"));
331 $amount = CRM_Core_Payment_PaymentExpressUtils
::_xmlElement($response, "AmountSettlement");
332 $merchantReference = CRM_Core_Payment_PaymentExpressUtils
::_xmlElement($response, "MerchantReference");
336 // calling DPS failed
337 CRM_Core_Error
::fatal(ts('Unable to establish connection to the payment gateway to verify transaction response.'));
341 elseif ($dps_method == "pxaccess") {
343 require_once 'PaymentExpress/pxaccess.inc.php';
345 $pxaccess = new PxAccess($dps_url, $dps_user, $dps_key, $mac_key);
346 // GetResponse method in PxAccess object returns PxPayResponse object
347 // which encapsulates all the response data
348 $rsp = $pxaccess->getResponse($rawPostData);
350 $qfKey = $rsp->getTxnData1();
351 $privateData = $rsp->getTxnData2();
352 list($component, $paymentProcessorID) = explode(',', $rsp->getTxnData3());
353 $success = $rsp->getSuccess();
354 $authCode = $rsp->getAuthCode();
355 $DPStxnRef = $rsp->getDpsTxnRef();
356 $amount = $rsp->getAmountSettlement();
357 $MerchantReference = $rsp->getMerchantReference();
360 $privateData = $privateData ? self
::stringToArray($privateData) : '';
362 // Record the current count in array, before we start adding things (for later checks)
363 $countPrivateData = count($privateData);
365 // Private Data consists of : a=contactID, b=contributionID,c=contributionTypeID,d=invoiceID,e=membershipID,f=participantID,g=eventID
366 $privateData['contactID'] = $privateData['a'];
367 $privateData['contributionID'] = $privateData['b'];
368 $privateData['contributionTypeID'] = $privateData['c'];
369 $privateData['invoiceID'] = $privateData['d'];
371 if ($component == "event") {
372 $privateData['participantID'] = $privateData['f'];
373 $privateData['eventID'] = $privateData['g'];
375 elseif ($component == "contribute") {
377 if ($countPrivateData == 5) {
378 $privateData["membershipID"] = $privateData['e'];
382 $transactionReference = $authCode . "-" . $DPStxnRef;
384 list($mode, $component, $duplicateTransaction) = self
::getContext($privateData, $transactionReference);
385 $mode = $mode ?
'test' : 'live';
387 $paymentProcessor = CRM_Financial_BAO_PaymentProcessor
::getPayment($paymentProcessorID,
391 $ipn = self
::singleton($mode, $component, $paymentProcessor);
393 //Check status and take appropriate action
396 if ($duplicateTransaction == 0) {
397 $ipn->newOrderNotify($success, $privateData, $component, $amount, $transactionReference);
400 if ($component == "event") {
401 $finalURL = CRM_Utils_System
::url('civicrm/event/register',
402 "_qf_ThankYou_display=1&qfKey=$qfKey",
406 elseif ($component == "contribute") {
407 $finalURL = CRM_Utils_System
::url('civicrm/contribute/transact',
408 "_qf_ThankYou_display=1&qfKey=$qfKey",
413 CRM_Utils_System
::redirect($finalURL);
417 if ($component == "event") {
418 $finalURL = CRM_Utils_System
::url('civicrm/event/confirm',
419 "reset=1&cc=fail&participantId=$privateData[participantID]",
423 elseif ($component == "contribute") {
424 $finalURL = CRM_Utils_System
::url('civicrm/contribute/transact',
425 "_qf_Main_display=1&cancel=1&qfKey=$qfKey",
430 CRM_Utils_System
::redirect($finalURL);
435 * Converts the comma separated name-value pairs in <TxnData2> to an array of values.
441 public static function stringToArray($str) {
442 $vars = $labels = [];
443 $labels = explode(',', $str);
444 foreach ($labels as $label) {
445 $terms = explode('=', $label);
446 $vars[$terms[0]] = $terms[1];