3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.6 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2015 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
28 use Civi\Payment\System
;
29 use Civi\Payment\Exception\PaymentProcessorException
;
32 * Class CRM_Core_Payment.
34 * This class is the main class for the payment processor subsystem.
36 * It is the parent class for payment processors. It also holds some IPN related functions
37 * that need to be moved. In particular handlePaymentMethod should be moved to a factory class.
39 abstract class CRM_Core_Payment
{
42 * How are we getting billing information?
44 * FORM - we collect it on the same page
45 * BUTTON - the processor collects it and sends it back to us via some protocol
48 BILLING_MODE_FORM
= 1,
49 BILLING_MODE_BUTTON
= 2,
50 BILLING_MODE_NOTIFY
= 4;
53 * Which payment type(s) are we using?
58 * @todo create option group - nb omnipay uses a 3rd type - transparent redirect cc
61 PAYMENT_TYPE_CREDIT_CARD
= 1,
62 PAYMENT_TYPE_DIRECT_DEBIT
= 2;
65 * Subscription / Recurring payment Status
69 RECURRING_PAYMENT_START
= 'START',
70 RECURRING_PAYMENT_END
= 'END';
72 protected $_paymentProcessor;
75 * Singleton function used to manage this object.
77 * We will migrate to calling Civi\Payment\System::singleton()->getByProcessor($paymentProcessor)
78 * & Civi\Payment\System::singleton()->getById($paymentProcessor) directly as the main access methods & work
79 * to remove this function all together
82 * The mode of operation: live or test.
83 * @param array $paymentProcessor
84 * The details of the payment processor being invoked.
85 * @param object $paymentForm
86 * Deprecated - avoid referring to this if possible. If you have to use it document why as this is scary interaction.
88 * Should we force a reload of this payment object.
90 * @return CRM_Core_Payment
91 * @throws \CRM_Core_Exception
93 public static function singleton($mode = 'test', &$paymentProcessor, &$paymentForm = NULL, $force = FALSE) {
94 // make sure paymentProcessor is not empty
96 if (empty($paymentProcessor)) {
97 return CRM_Core_DAO
::$_nullObject;
99 //we use two lines because we can't remove the '&singleton' without risking breakage
100 //of extension classes that extend this one
101 $object = Civi\Payment\System
::singleton()->getByProcessor($paymentProcessor);
106 * Log payment notification message to forensic system log.
108 * @todo move to factory class \Civi\Payment\System (or similar)
110 * @param array $params
114 public static function logPaymentNotification($params) {
115 $message = 'payment_notification ';
116 if (!empty($params['processor_name'])) {
117 $message .= 'processor_name=' . $params['processor_name'];
119 if (!empty($params['processor_id'])) {
120 $message .= 'processor_id=' . $params['processor_id'];
123 $log = new CRM_Utils_SystemLogger();
124 $log->alert($message, $_REQUEST);
128 * Check if capability is supported.
130 * Capabilities have a one to one relationship with capability-related functions on this class.
132 * Payment processor classes should over-ride the capability-specific function rather than this one.
134 * @param string $capability
135 * E.g BackOffice, LiveMode, FutureRecurStartDate.
139 public function supports($capability) {
140 $function = 'supports' . ucfirst($capability);
141 if (method_exists($this, $function)) {
142 return $this->$function();
148 * Are back office payments supported.
150 * e.g paypal standard won't permit you to enter a credit card associated
151 * with someone else's login.
152 * The intention is to support off-site (other than paypal) & direct debit but that is not all working yet so to
153 * reach a 'stable' point we disable.
157 protected function supportsBackOffice() {
158 if ($this->_paymentProcessor
['billing_mode'] == 4 ||
$this->_paymentProcessor
['payment_type'] != 1) {
167 * Can more than one transaction be processed at once?
169 * In general processors that process payment by server to server communication support this while others do not.
171 * In future we are likely to hit an issue where this depends on whether a token already exists.
175 protected function supportsMultipleConcurrentPayments() {
176 if ($this->_paymentProcessor
['billing_mode'] == 4 ||
$this->_paymentProcessor
['payment_type'] != 1) {
185 * Are live payments supported - e.g dummy doesn't support this.
189 protected function supportsLiveMode() {
194 * Are test payments supported.
198 protected function supportsTestMode() {
203 * Should the first payment date be configurable when setting up back office recurring payments.
205 * We set this to false for historical consistency but in fact most new processors use tokens for recurring and can support this
209 protected function supportsFutureRecurStartDate() {
214 * Default payment instrument validation.
216 * Implement the usual Luhn algorithm via a static function in the CRM_Core_Payment_Form if it's a credit card
217 * Not a static function, because I need to check for payment_type.
219 * @param array $values
220 * @param array $errors
222 public function validatePaymentInstrument($values, &$errors) {
223 if ($this->_paymentProcessor
['payment_type'] == 1) {
224 CRM_Core_Payment_Form
::validateCreditCard($values, $errors);
229 * Getter for the payment processor.
231 * The payment processor array is based on the civicrm_payment_processor table entry.
234 * Payment processor array.
236 public function getPaymentProcessor() {
237 return $this->_paymentProcessor
;
241 * Setter for the payment processor.
243 * @param array $processor
245 public function setPaymentProcessor($processor) {
246 $this->_paymentProcessor
= $processor;
250 * Setter for the payment form that wants to use the processor.
254 * @param CRM_Core_Form $paymentForm
256 public function setForm(&$paymentForm) {
257 $this->_paymentForm
= $paymentForm;
261 * Getter for payment form that is using the processor.
263 * @return CRM_Core_Form
266 public function getForm() {
267 return $this->_paymentForm
;
271 * Getter for accessing member vars.
273 * @todo believe this is unused
275 * @param string $name
279 public function getVar($name) {
280 return isset($this->$name) ?
$this->$name : NULL;
284 * Get name for the payment information type.
285 * @todo - use option group + name field (like Omnipay does)
288 public function getPaymentTypeName() {
289 return $this->_paymentProcessor
['payment_type'] == 1 ?
'credit_card' : 'direct_debit';
293 * Get label for the payment information type.
294 * @todo - use option group + labels (like Omnipay does)
297 public function getPaymentTypeLabel() {
298 return $this->_paymentProcessor
['payment_type'] == 1 ?
'Credit Card' : 'Direct Debit';
302 * Get array of fields that should be displayed on the payment form.
303 * @todo make payment type an option value & use it in the function name - currently on debit & credit card work
305 * @throws CiviCRM_API3_Exception
307 public function getPaymentFormFields() {
308 if ($this->_paymentProcessor
['billing_mode'] == 4) {
311 return $this->_paymentProcessor
['payment_type'] == 1 ?
$this->getCreditCardFormFields() : $this->getDirectDebitFormFields();
315 * Get array of fields that should be displayed on the payment form for credit cards.
319 protected function getCreditCardFormFields() {
322 'credit_card_number',
324 'credit_card_exp_date',
329 * Get array of fields that should be displayed on the payment form for direct debits.
333 protected function getDirectDebitFormFields() {
336 'bank_account_number',
337 'bank_identification_number',
343 * Return an array of all the details about the fields potentially required for payment fields.
345 * Only those determined by getPaymentFormFields will actually be assigned to the form
350 public function getPaymentFormFieldsMetadata() {
351 //@todo convert credit card type into an option value
352 $creditCardType = array('' => ts('- select -')) + CRM_Contribute_PseudoConstant
::creditCard();
354 'credit_card_number' => array(
355 'htmlType' => 'text',
356 'name' => 'credit_card_number',
357 'title' => ts('Card Number'),
359 'attributes' => array(
362 'autocomplete' => 'off',
363 'class' => 'creditcard',
365 'is_required' => TRUE,
368 'htmlType' => 'text',
370 'title' => ts('Security Code'),
372 'attributes' => array(
375 'autocomplete' => 'off',
377 'is_required' => CRM_Core_BAO_Setting
::getItem(CRM_Core_BAO_Setting
::CONTRIBUTE_PREFERENCES_NAME
,
378 'cvv_backoffice_required',
384 'rule_message' => ts('Please enter a valid value for your card security code. This is usually the last 3-4 digits on the card\'s signature panel.'),
385 'rule_name' => 'integer',
386 'rule_parameters' => NULL,
390 'credit_card_exp_date' => array(
391 'htmlType' => 'date',
392 'name' => 'credit_card_exp_date',
393 'title' => ts('Expiration Date'),
395 'attributes' => CRM_Core_SelectValues
::date('creditCard'),
396 'is_required' => TRUE,
399 'rule_message' => ts('Card expiration date cannot be a past date.'),
400 'rule_name' => 'currentDate',
401 'rule_parameters' => TRUE,
405 'credit_card_type' => array(
406 'htmlType' => 'select',
407 'name' => 'credit_card_type',
408 'title' => ts('Card Type'),
410 'attributes' => $creditCardType,
411 'is_required' => FALSE,
413 'account_holder' => array(
414 'htmlType' => 'text',
415 'name' => 'account_holder',
416 'title' => ts('Account Holder'),
418 'attributes' => array(
421 'autocomplete' => 'on',
423 'is_required' => TRUE,
425 //e.g. IBAN can have maxlength of 34 digits
426 'bank_account_number' => array(
427 'htmlType' => 'text',
428 'name' => 'bank_account_number',
429 'title' => ts('Bank Account Number'),
431 'attributes' => array(
434 'autocomplete' => 'off',
438 'rule_message' => ts('Please enter a valid Bank Identification Number (value must not contain punctuation characters).'),
439 'rule_name' => 'nopunctuation',
440 'rule_parameters' => NULL,
443 'is_required' => TRUE,
445 //e.g. SWIFT-BIC can have maxlength of 11 digits
446 'bank_identification_number' => array(
447 'htmlType' => 'text',
448 'name' => 'bank_identification_number',
449 'title' => ts('Bank Identification Number'),
451 'attributes' => array(
454 'autocomplete' => 'off',
456 'is_required' => TRUE,
459 'rule_message' => ts('Please enter a valid Bank Identification Number (value must not contain punctuation characters).'),
460 'rule_name' => 'nopunctuation',
461 'rule_parameters' => NULL,
465 'bank_name' => array(
466 'htmlType' => 'text',
467 'name' => 'bank_name',
468 'title' => ts('Bank Name'),
470 'attributes' => array(
473 'autocomplete' => 'off',
475 'is_required' => TRUE,
482 * Calling this from outside the payment subsystem is deprecated - use doPayment.
484 * Does a server to server payment transaction.
486 * Note that doPayment will throw an exception so the code may need to be modified
488 * @param array $params
489 * Assoc array of input parameters for this transaction.
492 * the result in an nice formatted array (or an error object)
495 abstract protected function doDirectPayment(&$params);
498 * Process payment - this function wraps around both doTransferPayment and doDirectPayment.
500 * The function ensures an exception is thrown & moves some of this logic out of the form layer and makes the forms
503 * Payment processors should set contribution_status_id. This function adds some historical defaults ie. the
504 * assumption that if a 'doDirectPayment' processors comes back it completed the transaction & in fact
505 * doTransferCheckout would not traditionally come back.
507 * doDirectPayment does not do an immediate payment for Authorize.net or Paypal so the default is assumed
510 * @param array $params
512 * @param string $component
517 * @throws \Civi\Payment\Exception\PaymentProcessorException
519 public function doPayment(&$params, $component = 'contribute') {
520 $statuses = CRM_Contribute_BAO_Contribution
::buildOptions('contribution_status_id');
521 if ($this->_paymentProcessor
['billing_mode'] == 4) {
522 $result = $this->doTransferCheckout($params, $component);
523 if (is_array($result) && !isset($result['contribution_status_id'])) {
524 $result['contribution_status_id'] = array_search('Pending', $statuses);
528 $result = $this->doDirectPayment($params, $component);
529 if (is_array($result) && !isset($result['contribution_status_id'])) {
530 if (!empty($params['is_recur'])) {
531 // See comment block.
532 $paymentParams['contribution_status_id'] = array_search('Pending', $statuses);
535 $result['contribution_status_id'] = array_search('Completed', $statuses);
539 if (is_a($result, 'CRM_Core_Error')) {
540 throw new PaymentProcessorException(CRM_Core_Error
::getMessages($result));
546 * This function checks to see if we have the right config values.
549 * the error message if any
551 abstract protected function checkConfig();
554 * Redirect for paypal.
556 * @todo move to paypal class or remove
558 * @param $paymentProcessor
562 public static function paypalRedirect(&$paymentProcessor) {
563 if (!$paymentProcessor) {
567 if (isset($_GET['payment_date']) &&
568 isset($_GET['merchant_return_link']) &&
569 CRM_Utils_Array
::value('payment_status', $_GET) == 'Completed' &&
570 $paymentProcessor['payment_processor_type'] == "PayPal_Standard"
579 * Handle incoming payment notification.
581 * IPNs, also called silent posts are notifications of payment outcomes or activity on an external site.
583 * @todo move to0 \Civi\Payment\System factory method
584 * Page callback for civicrm/payment/ipn
586 public static function handleIPN() {
587 self
::handlePaymentMethod(
588 'PaymentNotification',
590 'processor_name' => @$_GET['processor_name'],
591 'processor_id' => @$_GET['processor_id'],
592 'mode' => @$_GET['mode'],
596 CRM_Utils_System
::civiExit();
600 * Payment callback handler.
602 * The processor_name or processor_id is passed in.
603 * Note that processor_id is more reliable as one site may have more than one instance of a
604 * processor & ideally the processor will be validating the results
605 * Load requested payment processor and call that processor's handle<$method> method
607 * @todo move to \Civi\Payment\System factory method
609 * @param string $method
610 * 'PaymentNotification' or 'PaymentCron'
611 * @param array $params
613 public static function handlePaymentMethod($method, $params = array()) {
614 if (!isset($params['processor_id']) && !isset($params['processor_name'])) {
615 $q = explode('/', CRM_Utils_Array
::value('q', $params, ''));
616 $lastParam = array_pop($q);
617 if (is_numeric($lastParam)) {
618 $params['processor_id'] = $_GET['processor_id'] = $lastParam;
621 throw new CRM_Core_Exception("Either 'processor_id' or 'processor_name' param is required for payment callback");
625 self
::logPaymentNotification($params);
627 $sql = "SELECT ppt.class_name, ppt.name as processor_name, pp.id AS processor_id
628 FROM civicrm_payment_processor_type ppt
629 INNER JOIN civicrm_payment_processor pp
630 ON pp.payment_processor_type_id = ppt.id
633 if (isset($params['processor_id'])) {
634 $sql .= " WHERE pp.id = %2";
635 $args[2] = array($params['processor_id'], 'Integer');
636 $notFound = "No active instances of payment processor ID#'{$params['processor_id']}' were found.";
639 // This is called when processor_name is passed - passing processor_id instead is recommended.
640 $sql .= " WHERE ppt.name = %2 AND pp.is_test = %1";
642 (CRM_Utils_Array
::value('mode', $params) == 'test') ?
1 : 0,
645 $args[2] = array($params['processor_name'], 'String');
646 $notFound = "No active instances of the '{$params['processor_name']}' payment processor were found.";
649 $dao = CRM_Core_DAO
::executeQuery($sql, $args);
651 // Check whether we found anything at all.
653 CRM_Core_Error
::fatal($notFound);
656 $method = 'handle' . $method;
657 $extension_instance_found = FALSE;
659 // In all likelihood, we'll just end up with the one instance returned here. But it's
660 // possible we may get more. Hence, iterate through all instances ..
662 while ($dao->fetch()) {
663 // Check pp is extension
664 $ext = CRM_Extension_System
::singleton()->getMapper();
665 if ($ext->isExtensionKey($dao->class_name
)) {
666 $paymentClass = $ext->keyToClass($dao->class_name
, 'payment');
667 require_once $ext->classToPath($paymentClass);
670 // Legacy or extension as module instance
671 $paymentClass = 'CRM_Core_' . $dao->class_name
;
674 $processorInstance = Civi\Payment\System
::singleton()->getById($dao->processor_id
);
676 // Should never be empty - we already established this processor_id exists and is active.
677 if (empty($processorInstance)) {
681 // Does PP implement this method, and can we call it?
682 if (!method_exists($processorInstance, $method) ||
683 !is_callable(array($processorInstance, $method))
685 // on the off chance there is a double implementation of this processor we should keep looking for another
686 // note that passing processor_id is more reliable & we should work to deprecate processor_name
690 // Everything, it seems, is ok - execute pp callback handler
691 $processorInstance->$method();
692 $extension_instance_found = TRUE;
695 if (!$extension_instance_found) {
696 CRM_Core_Error
::fatal(
697 "No extension instances of the '{$params['processor_name']}' payment processor were found.<br />" .
698 "$method method is unsupported in legacy payment processors."
704 * Check whether a method is present ( & supported ) by the payment processor object.
706 * @param string $method
707 * Method to check for.
711 public function isSupported($method = 'cancelSubscription') {
712 return method_exists(CRM_Utils_System
::getClassName($this), $method);
716 * Get url for users to manage this recurring contribution for this processor.
718 * @param int $entityID
719 * @param null $entity
720 * @param string $action
724 public function subscriptionURL($entityID = NULL, $entity = NULL, $action = 'cancel') {
728 $url = 'civicrm/contribute/unsubscribe';
732 //in notify mode don't return the update billing url
733 if (!$this->isSupported('updateSubscriptionBillingInfo')) {
736 $url = 'civicrm/contribute/updatebilling';
740 $url = 'civicrm/contribute/updaterecur';
744 $session = CRM_Core_Session
::singleton();
745 $userId = $session->get('userID');
750 // Find related Contact
754 $contactID = CRM_Core_DAO
::getFieldValue("CRM_Member_DAO_Membership", $entityID, "contact_id");
759 $contactID = CRM_Core_DAO
::getFieldValue("CRM_Contribute_DAO_Contribution", $entityID, "contact_id");
765 SELECT con.contact_id
766 FROM civicrm_contribution_recur rec
767 INNER JOIN civicrm_contribution con ON ( con.contribution_recur_id = rec.id )
770 $contactID = CRM_Core_DAO
::singleValueQuery($sql, array(1 => array($entityID, 'Integer')));
776 // Add entity arguments
777 if ($entityArg != '') {
778 // Add checksum argument
779 if ($contactID != 0 && $userId != $contactID) {
780 $checksumValue = '&cs=' . CRM_Contact_BAO_Contact_Utils
::generateChecksum($contactID, NULL, 'inf');
782 return CRM_Utils_System
::url($url, "reset=1&{$entityArg}={$entityID}{$checksumValue}", TRUE, NULL, FALSE, TRUE);
786 if ($this->isSupported('accountLoginURL')) {
787 return $this->accountLoginURL();
791 return $this->_paymentProcessor
['url_recur'];