projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Ian province abbreviation patch - issue 724
[civicrm-core.git] / CRM / Core / Payment / Realex.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.7 |
5 +--------------------------------------------------------------------+
6 | This file is a part of CiviCRM. |
7 | |
8 | CiviCRM is free software; you can copy, modify, and distribute it |
9 | under the terms of the GNU Affero General Public License |
10 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
11 | |
12 | CiviCRM is distributed in the hope that it will be useful, but |
13 | WITHOUT ANY WARRANTY; without even the implied warranty of |
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
15 | See the GNU Affero General Public License for more details. |
16 | |
17 | You should have received a copy of the GNU Affero General Public |
18 | License and the CiviCRM Licensing Exception along |
19 | with this program; if not, contact CiviCRM LLC |
20 | at info[AT]civicrm[DOT]org. If you have questions about the |
21 | GNU Affero General Public License or the licensing of CiviCRM, |
22 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
23 +--------------------------------------------------------------------+
24 */
25
26
27 /*
28 * Copyright (C) 2009
29 * Licensed to CiviCRM under the Academic Free License version 3.0.
30 *
31 * Written and contributed by Kirkdesigns (http://www.kirkdesigns.co.uk)
32 */
33
34 /**
35 *
36 * @package CRM
37 * @author Tom Kirkpatrick <tkp@kirkdesigns.co.uk>
38 * $Id$
39 */
40 class CRM_Core_Payment_Realex extends CRM_Core_Payment {
41 const AUTH_APPROVED = '00';
42
43 protected $_mode = NULL;
44
45 protected $_params = array();
46
47 /**
48 * We only need one instance of this object. So we use the singleton
49 * pattern and cache the instance in this variable
50 *
51 * @var object
52 */
53 static private $_singleton = NULL;
54
55 /**
56 * Constructor.
57 *
58 * @param string $mode
59 * The mode of operation: live or test.
60 *
61 * @param $paymentProcessor
62 *
63 * @return \CRM_Core_Payment_Realex
64 */
65 public function __construct($mode, &$paymentProcessor) {
66 $this->_mode = $mode;
67 $this->_paymentProcessor = $paymentProcessor;
68 $this->_processorName = ts('Realex');
69
70 $this->_setParam('merchant_ref', $paymentProcessor['user_name']);
71 $this->_setParam('secret', $paymentProcessor['password']);
72 $this->_setParam('account', $paymentProcessor['subject']);
73
74 $this->_setParam('emailCustomer', 'TRUE');
75 srand(time());
76 $this->_setParam('sequence', rand(1, 1000));
77 }
78
79 /**
80 * Submit a payment using Advanced Integration Method.
81 *
82 * @param array $params
83 * Assoc array of input parameters for this transaction.
84 *
85 * @return array
86 * the result in a nice formatted array (or an error object)
87 */
88 public function doDirectPayment(&$params) {
89
90 if (!defined('CURLOPT_SSLCERT')) {
91 return self::error(9001, ts('RealAuth requires curl with SSL support'));
92 }
93
94 $result = $this->setRealexFields($params);
95
96 if ($result !== TRUE) {
97 return $result;
98 }
99
100 /**********************************************************
101 * Check to see if we have a duplicate before we send
102 **********************************************************/
103 if ($this->checkDupe($params['invoiceID'], CRM_Utils_Array::value('contributionID', $params))) {
104 return self::error(9004, ts('It appears that this transaction is a duplicate. Have you already submitted the form once? If so there may have been a connection problem. Check your email for a receipt from Authorize.net. If you do not receive a receipt within 2 hours you can try your transaction again. If you continue to have problems please contact the site administrator.'));
105 }
106
107 // Create sha1 hash for request
108 $hashme = "{$this->_getParam('timestamp')}.{$this->_getParam('merchant_ref')}.{$this->_getParam('order_id')}.{$this->_getParam('amount')}.{$this->_getParam('currency')}.{$this->_getParam('card_number')}";
109 $sha1hash = sha1($hashme);
110 $hashme = "$sha1hash.{$this->_getParam('secret')}";
111 $sha1hash = sha1($hashme);
112
113 // Generate the request xml that is send to Realex Payments.
114 $request_xml = "<request type='auth' timestamp='{$this->_getParam('timestamp')}'>
115 <merchantid>{$this->_getParam('merchant_ref')}</merchantid>
116 <account>{$this->_getParam('account')}</account>
117 <orderid>{$this->_getParam('order_id')}</orderid>
118 <amount currency='{$this->_getParam('currency')}'>{$this->_getParam('amount')}</amount>
119 <card>
120 <number>{$this->_getParam('card_number')}</number>
121 <expdate>{$this->_getParam('exp_date')}</expdate>
122 <type>{$this->_getParam('card_type')}</type>
123 <chname>{$this->_getParam('card_name')}</chname>
124 <issueno>{$this->_getParam('issue_number')}</issueno>
125 <cvn>
126 <number>{$this->_getParam('cvn')}</number>
127 <presind>1</presind>
128 </cvn>
129 </card>
130 <autosettle flag='1'/>
131 <sha1hash>$sha1hash</sha1hash>
132 <comments>
133 <comment id='1'>{$this->_getParam('comments')}</comment>
134 </comments>
135 <tssinfo>
136 <varref>{$this->_getParam('varref')}</varref>
137 </tssinfo>
138 </request>";
139
140 /**********************************************************
141 * Send to the payment processor using cURL
142 **********************************************************/
143
144 $submit = curl_init($this->_paymentProcessor['url_site']);
145
146 if (!$submit) {
147 return self::error(9002, ts('Could not initiate connection to payment gateway'));
148 }
149
150 curl_setopt($submit, CURLOPT_HTTPHEADER, array('SOAPAction: ""'));
151 curl_setopt($submit, CURLOPT_RETURNTRANSFER, 1);
152 curl_setopt($submit, CURLOPT_TIMEOUT, 60);
153 curl_setopt($submit, CURLOPT_SSL_VERIFYPEER, CRM_Core_BAO_Setting::getItem(CRM_Core_BAO_Setting::SYSTEM_PREFERENCES_NAME, 'verifySSL'));
154 curl_setopt($submit, CURLOPT_HEADER, 0);
155
156 // take caching out of the picture
157 curl_setopt($submit, CURLOPT_FORBID_REUSE, 1);
158 curl_setopt($submit, CURLOPT_FRESH_CONNECT, 1);
159
160 // Apply the XML to our curl call
161 curl_setopt($submit, CURLOPT_POST, 1);
162 curl_setopt($submit, CURLOPT_POSTFIELDS, $request_xml);
163
164 $response_xml = curl_exec($submit);
165
166 if (!$response_xml) {
167 return self::error(curl_errno($submit), curl_error($submit));
168 }
169
170 curl_close($submit);
171
172 // Tidy up the response xml
173 $response_xml = preg_replace("/[\s\t]/", " ", $response_xml);
174 $response_xml = preg_replace("/[\n\r]/", "", $response_xml);
175
176 // Parse the response xml
177 $xml_parser = xml_parser_create();
178 if (!xml_parse($xml_parser, $response_xml)) {
179 return self::error(9003, 'XML Error');
180 }
181
182 $response = $this->xml_parse_into_assoc($response_xml);
183 $response = $response['#return']['RESPONSE'];
184
185 // Log the Realex response for debugging
186 // CRM_Core_Error::debug_var('REALEX --------- Response from Realex: ', $response, TRUE);
187
188 // Return an error if authentication was not successful
189 if ($response['RESULT'] !== self::AUTH_APPROVED) {
190 return self::error($response['RESULT'], ' ' . $response['MESSAGE']);
191 }
192
193 // Check the response hash
194 $hashme = "{$this->_getParam('timestamp')}.{$this->_getParam('merchant_ref')}.{$this->_getParam('order_id')}.{$response['RESULT']}.{$response['MESSAGE']}.{$response['PASREF']}.{$response['AUTHCODE']}";
195 $sha1hash = sha1($hashme);
196 $hashme = "$sha1hash.{$this->_getParam('secret')}";
197 $sha1hash = sha1($hashme);
198
199 if ($response['SHA1HASH'] != $sha1hash) {
200 // FIXME: Need to actually check this - I couldn't get the
201 // hashes to match so I'm commenting out for now'
202 // return self::error( 9001, "Hash error, please report this to the webmaster" );
203 }
204
205 // FIXME: We are using the trxn_result_code column to store all these extra details since there
206 // seems to be nowhere else to put them. This is THE WRONG THING TO DO!
207 $extras = array(
208 'authcode' => $response['AUTHCODE'],
209 'batch_id' => $response['BATCHID'],
210 'message' => $response['MESSAGE'],
211 'trxn_result_code' => $response['RESULT'],
212 );
213
214 $params['trxn_id'] = $response['PASREF'];
215 $params['trxn_result_code'] = serialize($extras);
216 $params['currencyID'] = $this->_getParam('currency');
217 $params['gross_amount'] = $this->_getParam('amount');
218 $params['fee_amount'] = 0;
219
220 return $params;
221 }
222
223 /**
224 * Helper function to convert XML string to multi-dimension array.
225 *
226 * @param string $xml
227 * an XML string.
228 *
229 * @return array
230 * An array of the result with following keys:
231 */
232 public function xml_parse_into_assoc($xml) {
233 $input = array();
234 $result = array();
235
236 $result['#error'] = FALSE;
237 $result['#return'] = NULL;
238
239 $xmlparser = xml_parser_create();
240 $ret = xml_parse_into_struct($xmlparser, $xml, $input);
241
242 xml_parser_free($xmlparser);
243
244 if (empty($input)) {
245 $result['#return'] = $xml;
246 }
247 else {
248 if ($ret > 0) {
249 $result['#return'] = $this->_xml_parse($input);
250 }
251 else {
252 $result['#error'] = ts('Error parsing XML result - error code = %1 at line %2 char %3',
253 array(
254 1 => xml_get_error_code($xmlparser),
255 2 => xml_get_current_line_number($xmlparser),
256 3 => xml_get_current_column_number($xmlparser),
257 )
258 );
259 }
260 }
261 return $result;
262 }
263
264 /**
265 * Private helper for xml_parse_into_assoc, to recusively parsing the result
266 * @param $input
267 * @param int $depth
268 *
269 * @return array
270 */
271 public function _xml_parse($input, $depth = 1) {
272 $output = array();
273 $children = array();
274
275 foreach ($input as $data) {
276 if ($data['level'] == $depth) {
277 switch ($data['type']) {
278 case 'complete':
279 $output[$data['tag']] = isset($data['value']) ? $data['value'] : '';
280 break;
281
282 case 'open':
283 $children = array();
284 break;
285
286 case 'close':
287 $output[$data['tag']] = $this->_xml_parse($children, $depth + 1);
288 break;
289 }
290 }
291 else {
292 $children[] = $data;
293 }
294 }
295 return $output;
296 }
297
298 /**
299 * Format the params from the form ready for sending to Realex. Also perform some validation
300 */
301 public function setRealexFields(&$params) {
302 if ((int) $params['amount'] <= 0) {
303 return self::error(9001, ts('Amount must be positive'));
304 }
305
306 // format amount to be in smallest possible units
307 //list($bills, $pennies) = explode('.', $params['amount']);
308 $this->_setParam('amount', 100 * $params['amount']);
309
310 switch (strtolower($params['credit_card_type'])) {
311 case 'mastercard':
312 $this->_setParam('card_type', 'MC');
313 $this->_setParam('requiresIssueNumber', FALSE);
314 break;
315
316 case 'visa':
317 $this->_setParam('card_type', 'VISA');
318 $this->_setParam('requiresIssueNumber', FALSE);
319 break;
320
321 case 'amex':
322 $this->_setParam('card_type', 'AMEX');
323 $this->_setParam('requiresIssueNumber', FALSE);
324 break;
325
326 case 'laser':
327 $this->_setParam('card_type', 'LASER');
328 $this->_setParam('requiresIssueNumber', FALSE);
329 break;
330
331 case 'maestro':
332 case 'switch':
333 case 'maestro/switch':
334 case 'solo':
335 $this->_setParam('card_type', 'SWITCH');
336 $this->_setParam('requiresIssueNumber', TRUE);
337 break;
338
339 default:
340 return self::error(9001, ts('Credit card type not supported by Realex:') . ' ' . $params['credit_card_type']);
341 }
342
343 // get the card holder name - cater cor customized billing forms
344 if (isset($params['cardholder_name'])) {
345 $credit_card_name = $params['cardholder_name'];
346 }
347 else {
348 $credit_card_name = $params['first_name'] . " ";
349 if (!empty($params['middle_name'])) {
350 $credit_card_name .= $params['middle_name'] . " ";
351 }
352 $credit_card_name .= $params['last_name'];
353 }
354
355 $this->_setParam('card_name', $credit_card_name);
356 $this->_setParam('card_number', str_replace(' ', '', $params['credit_card_number']));
357 $this->_setParam('cvn', $params['cvv2']);
358 $this->_setParam('country', $params['country']);
359 $this->_setParam('post_code', $params['postal_code']);
360 $this->_setParam('order_id', $params['invoiceID']);
361 $params['issue_number'] = (isset($params['issue_number']) ? $params['issue_number'] : '');
362 $this->_setParam('issue_number', $params['issue_number']);
363 $this->_setParam('varref', $params['contributionType_name']);
364 $comment = $params['description'] . ' (page id:' . $params['contributionPageID'] . ')';
365 $this->_setParam('comments', $comment);
366 //$this->_setParam('currency', $params['currencyID']);
367
368 // set the currency to the default which can be overrided.
369 $config = CRM_Core_Config::singleton();
370 $this->_setParam('currency', $config->defaultCurrency);
371
372 // Format the expiry date to MMYY
373 $expmonth = (string) $params['month'];
374 $expmonth = (strlen($expmonth) === 1) ? '0' . $expmonth : $expmonth;
375 $expyear = substr((string) $params['year'], 2, 2);
376 $this->_setParam('exp_date', $expmonth . $expyear);
377
378 if (isset($params['credit_card_start_date']) && (strlen($params['credit_card_start_date']['M']) !== 0) &&
379 (strlen($params['credit_card_start_date']['Y']) !== 0)
380 ) {
381 $startmonth = (string) $params['credit_card_start_date']['M'];
382 $startmonth = (strlen($startmonth) === 1) ? '0' . $startmonth : $startmonth;
383 $startyear = substr((string) $params['credit_card_start_date']['Y'], 2, 2);
384 $this->_setParam('start_date', $startmonth . $startyear);
385 }
386
387 // Create timestamp
388 $timestamp = strftime("%Y%m%d%H%M%S");
389 $this->_setParam('timestamp', $timestamp);
390
391 return TRUE;
392 }
393
394 /**
395 * Get the value of a field if set.
396 *
397 * @param string $field
398 * The field.
399 *
400 * @return mixed
401 * value of the field, or empty string if the field is
402 * not set
403 */
404 public function _getParam($field) {
405 if (isset($this->_params[$field])) {
406 return $this->_params[$field];
407 }
408 else {
409 return '';
410 }
411 }
412
413 /**
414 * Set a field to the specified value. Value must be a scalar (int,
415 * float, string, or boolean)
416 *
417 * @param string $field
418 * @param mixed $value
419 *
420 * @return bool
421 * false if value is not a scalar, true if successful
422 */
423 public function _setParam($field, $value) {
424 if (!is_scalar($value)) {
425 return FALSE;
426 }
427 else {
428 $this->_params[$field] = $value;
429 }
430 }
431
432 /**
433 * @param null $errorCode
434 * @param null $errorMessage
435 *
436 * @return object
437 */
438 public function &error($errorCode = NULL, $errorMessage = NULL) {
439 $e = CRM_Core_Error::singleton();
440
441 if ($errorCode) {
442 if ($errorCode == '101' || $errorCode == '102') {
443 $display_error = ts('Card declined by bank. Please try with a different card.');
444 }
445 elseif ($errorCode == '103') {
446 $display_error = ts('Card reported lost or stolen. This incident will be reported.');
447 }
448 elseif ($errorCode == '501') {
449 $display_error = ts("It appears that this transaction is a duplicate. Have you already submitted the form once? If so there may have been a connection problem. Check your email for a receipt for this transaction. If you do not receive a receipt within 2 hours you can try your transaction again. If you continue to have problems please contact the site administrator.");
450 }
451 elseif ($errorCode == '509') {
452 $display_error = $errorMessage;
453 }
454 else {
455 $display_error = ts('We were unable to process your payment at this time. Please try again later.');
456 }
457 $e->push($errorCode, 0, NULL, $display_error);
458 }
459 else {
460 $e->push(9001, 0, NULL, ts('We were unable to process your payment at this time. Please try again later.'));
461 }
462 return $e;
463 }
464
465 /**
466 * This function checks to see if we have the right config values.
467 *
468 * @return string
469 * the error message if any
470 */
471 public function checkConfig() {
472 $error = array();
473 if (empty($this->_paymentProcessor['user_name'])) {
474 $error[] = ts('Merchant ID is not set for this payment processor');
475 }
476
477 if (empty($this->_paymentProcessor['password'])) {
478 $error[] = ts('Secret is not set for this payment processor');
479 }
480
481 if (!empty($error)) {
482 return implode('<p>', $error);
483 }
484 else {
485 return NULL;
486 }
487 }
488
489 }