projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #5338 from kurund/CRM-15756
[civicrm-core.git] / CRM / Core / Payment.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.6 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2014 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26 */
27
28 use Civi\Payment\System;
29
30 /**
31 * Class CRM_Core_Payment.
32 *
33 * This class is the main class for the payment processor subsystem.
34 *
35 * It is the parent class for payment processors. It also holds some IPN related functions
36 * that need to be moved. In particular handlePaymentMethod should be moved to a factory class.
37 */
38 abstract class CRM_Core_Payment {
39
40 /**
41 * How are we getting billing information?
42 *
43 * FORM - we collect it on the same page
44 * BUTTON - the processor collects it and sends it back to us via some protocol
45 */
46 const
47 BILLING_MODE_FORM = 1,
48 BILLING_MODE_BUTTON = 2,
49 BILLING_MODE_NOTIFY = 4;
50
51 /**
52 * Which payment type(s) are we using?
53 *
54 * credit card
55 * direct debit
56 * or both
57 * @todo create option group - nb omnipay uses a 3rd type - transparent redirect cc
58 */
59 const
60 PAYMENT_TYPE_CREDIT_CARD = 1,
61 PAYMENT_TYPE_DIRECT_DEBIT = 2;
62
63 /**
64 * Subscription / Recurring payment Status
65 * START, END
66 */
67 const
68 RECURRING_PAYMENT_START = 'START',
69 RECURRING_PAYMENT_END = 'END';
70
71 protected $_paymentProcessor;
72
73 /**
74 * Singleton function used to manage this object.
75 *
76 * We will migrate to calling Civi\Payment\System::singleton()->getByProcessor($paymentProcessor)
77 * & Civi\Payment\System::singleton()->getById($paymentProcessor) directly as the main access methods & work
78 * to remove this function all together
79 *
80 * @param string $mode
81 * The mode of operation: live or test.
82 * @param array $paymentProcessor
83 * The details of the payment processor being invoked.
84 * @param object $paymentForm
85 * Deprecated - avoid referring to this if possible. If you have to use it document why as this is scary interaction.
86 * @param bool $force
87 * Should we force a reload of this payment object.
88 *
89 * @return CRM_Core_Payment
90 * @throws \CRM_Core_Exception
91 */
92 public static function &singleton($mode = 'test', &$paymentProcessor, &$paymentForm = NULL, $force = FALSE) {
93 // make sure paymentProcessor is not empty
94 // CRM-7424
95 if (empty($paymentProcessor)) {
96 return CRM_Core_DAO::$_nullObject;
97 }
98 //we use two lines because we can't remove the '&singleton' without risking breakage
99 //of extension classes that extend this one
100 $object = Civi\Payment\System::singleton()->getByProcessor($paymentProcessor);
101 return $object;
102 }
103
104 /**
105 * Log payment notification message to forensic system log.
106 *
107 * @todo move to factory class \Civi\Payment\System (or similar)
108 *
109 * @param array $params
110 *
111 * @return mixed
112 */
113 public static function logPaymentNotification($params) {
114 $message = 'payment_notification ';
115 if (!empty($params['processor_name'])) {
116 $message .= 'processor_name=' . $params['processor_name'];
117 }
118 if (!empty($params['processor_id'])) {
119 $message .= 'processor_id=' . $params['processor_id'];
120 }
121
122 $log = new CRM_Utils_SystemLogger();
123 $log->alert($message, $_REQUEST);
124 }
125
126 /**
127 * Check if capability is supported.
128 *
129 * Capabilities have a one to one relationship with capability-related functions on this class.
130 *
131 * Payment processor classes should over-ride the capability-specific function rather than this one.
132 *
133 * @param string $capability
134 * E.g BackOffice, LiveMode, FutureRecurStartDate.
135 *
136 * @return bool
137 */
138 public function supports($capability) {
139 $function = 'supports' . ucfirst($capability);
140 if (method_exists($this, $function)) {
141 return $this->$function();
142 }
143 return FALSE;
144 }
145
146 /**
147 * Are back office payments supported.
148 *
149 * e.g paypal standard won't permit you to enter a credit card associated
150 * with someone else's login.
151 * The intention is to support off-site (other than paypal) & direct debit but that is not all working yet so to
152 * reach a 'stable' point we disable.
153 *
154 * @return bool
155 */
156 protected function supportsBackOffice() {
157 if ($this->_paymentProcessor['billing_mode'] == 4 || $this->_paymentProcessor['payment_type'] != 1) {
158 return FALSE;
159 }
160 else {
161 return TRUE;
162 }
163 }
164
165 /**
166 * Are live payments supported - e.g dummy doesn't support this.
167 *
168 * @return bool
169 */
170 protected function supportsLiveMode() {
171 return TRUE;
172 }
173
174 /**
175 * Are test payments supported.
176 *
177 * @return bool
178 */
179 protected function supportsTestMode() {
180 return TRUE;
181 }
182
183 /**
184 * Should the first payment date be configurable when setting up back office recurring payments.
185 *
186 * We set this to false for historical consistency but in fact most new processors use tokens for recurring and can support this
187 *
188 * @return bool
189 */
190 protected function supportsFutureRecurStartDate() {
191 return FALSE;
192 }
193
194 /**
195 * Default payment instrument validation.
196 *
197 * Implement the usual Luhn algorithm via a static function in the CRM_Core_Payment_Form if it's a credit card
198 * Not a static function, because I need to check for payment_type.
199 *
200 * @param array $values
201 * @param array $errors
202 */
203 public function validatePaymentInstrument($values, &$errors) {
204 if ($this->_paymentProcessor['payment_type'] == 1) {
205 CRM_Core_Payment_Form::validateCreditCard($values, $errors);
206 }
207 }
208
209 /**
210 * Setter for the payment form that wants to use the processor.
211 *
212 * @deprecated
213 *
214 * @param CRM_Core_Form $paymentForm
215 */
216 public function setForm(&$paymentForm) {
217 $this->_paymentForm = $paymentForm;
218 }
219
220 /**
221 * Getter for payment form that is using the processor.
222 * @deprecated
223 * @return CRM_Core_Form
224 * A form object
225 */
226 public function getForm() {
227 return $this->_paymentForm;
228 }
229
230 /**
231 * Getter for accessing member vars.
232 * @todo believe this is unused
233 * @param string $name
234 *
235 * @return null
236 */
237 public function getVar($name) {
238 return isset($this->$name) ? $this->$name : NULL;
239 }
240
241 /**
242 * Get name for the payment information type.
243 * @todo - use option group + name field (like Omnipay does)
244 * @return string
245 */
246 public function getPaymentTypeName() {
247 return $this->_paymentProcessor['payment_type'] == 1 ? 'credit_card' : 'direct_debit';
248 }
249
250 /**
251 * Get label for the payment information type.
252 * @todo - use option group + labels (like Omnipay does)
253 * @return string
254 */
255 public function getPaymentTypeLabel() {
256 return $this->_paymentProcessor['payment_type'] == 1 ? 'Credit Card' : 'Direct Debit';
257 }
258
259 /**
260 * Get array of fields that should be displayed on the payment form.
261 * @todo make payment type an option value & use it in the function name - currently on debit & credit card work
262 * @return array
263 * @throws CiviCRM_API3_Exception
264 */
265 public function getPaymentFormFields() {
266 if ($this->_paymentProcessor['billing_mode'] == 4) {
267 return array();
268 }
269 return $this->_paymentProcessor['payment_type'] == 1 ? $this->getCreditCardFormFields() : $this->getDirectDebitFormFields();
270 }
271
272 /**
273 * Get array of fields that should be displayed on the payment form for credit cards.
274 *
275 * @return array
276 */
277 protected function getCreditCardFormFields() {
278 return array(
279 'credit_card_type',
280 'credit_card_number',
281 'cvv2',
282 'credit_card_exp_date',
283 );
284 }
285
286 /**
287 * Get array of fields that should be displayed on the payment form for direct debits.
288 *
289 * @return array
290 */
291 protected function getDirectDebitFormFields() {
292 return array(
293 'account_holder',
294 'bank_account_number',
295 'bank_identification_number',
296 'bank_name',
297 );
298 }
299
300 /**
301 * Return an array of all the details about the fields potentially required for payment fields.
302 *
303 * Only those determined by getPaymentFormFields will actually be assigned to the form
304 *
305 * @return array
306 * field metadata
307 */
308 public function getPaymentFormFieldsMetadata() {
309 //@todo convert credit card type into an option value
310 $creditCardType = array('' => ts('- select -')) + CRM_Contribute_PseudoConstant::creditCard();
311 return array(
312 'credit_card_number' => array(
313 'htmlType' => 'text',
314 'name' => 'credit_card_number',
315 'title' => ts('Card Number'),
316 'cc_field' => TRUE,
317 'attributes' => array(
318 'size' => 20,
319 'maxlength' => 20,
320 'autocomplete' => 'off',
321 'class' => 'creditcard',
322 ),
323 'is_required' => TRUE,
324 ),
325 'cvv2' => array(
326 'htmlType' => 'text',
327 'name' => 'cvv2',
328 'title' => ts('Security Code'),
329 'cc_field' => TRUE,
330 'attributes' => array(
331 'size' => 5,
332 'maxlength' => 10,
333 'autocomplete' => 'off',
334 ),
335 'is_required' => CRM_Core_BAO_Setting::getItem(CRM_Core_BAO_Setting::CONTRIBUTE_PREFERENCES_NAME,
336 'cvv_backoffice_required',
337 NULL,
338 1
339 ),
340 'rules' => array(
341 array(
342 'rule_message' => ts('Please enter a valid value for your card security code. This is usually the last 3-4 digits on the card\'s signature panel.'),
343 'rule_name' => 'integer',
344 'rule_parameters' => NULL,
345 ),
346 ),
347 ),
348 'credit_card_exp_date' => array(
349 'htmlType' => 'date',
350 'name' => 'credit_card_exp_date',
351 'title' => ts('Expiration Date'),
352 'cc_field' => TRUE,
353 'attributes' => CRM_Core_SelectValues::date('creditCard'),
354 'is_required' => TRUE,
355 'rules' => array(
356 array(
357 'rule_message' => ts('Card expiration date cannot be a past date.'),
358 'rule_name' => 'currentDate',
359 'rule_parameters' => TRUE,
360 ),
361 ),
362 ),
363 'credit_card_type' => array(
364 'htmlType' => 'select',
365 'name' => 'credit_card_type',
366 'title' => ts('Card Type'),
367 'cc_field' => TRUE,
368 'attributes' => $creditCardType,
369 'is_required' => FALSE,
370 ),
371 'account_holder' => array(
372 'htmlType' => 'text',
373 'name' => 'account_holder',
374 'title' => ts('Account Holder'),
375 'cc_field' => TRUE,
376 'attributes' => array(
377 'size' => 20,
378 'maxlength' => 34,
379 'autocomplete' => 'on',
380 ),
381 'is_required' => TRUE,
382 ),
383 //e.g. IBAN can have maxlength of 34 digits
384 'bank_account_number' => array(
385 'htmlType' => 'text',
386 'name' => 'bank_account_number',
387 'title' => ts('Bank Account Number'),
388 'cc_field' => TRUE,
389 'attributes' => array(
390 'size' => 20,
391 'maxlength' => 34,
392 'autocomplete' => 'off',
393 ),
394 'rules' => array(
395 array(
396 'rule_message' => ts('Please enter a valid Bank Identification Number (value must not contain punctuation characters).'),
397 'rule_name' => 'nopunctuation',
398 'rule_parameters' => NULL,
399 ),
400 ),
401 'is_required' => TRUE,
402 ),
403 //e.g. SWIFT-BIC can have maxlength of 11 digits
404 'bank_identification_number' => array(
405 'htmlType' => 'text',
406 'name' => 'bank_identification_number',
407 'title' => ts('Bank Identification Number'),
408 'cc_field' => TRUE,
409 'attributes' => array(
410 'size' => 20,
411 'maxlength' => 11,
412 'autocomplete' => 'off',
413 ),
414 'is_required' => TRUE,
415 'rules' => array(
416 array(
417 'rule_message' => ts('Please enter a valid Bank Identification Number (value must not contain punctuation characters).'),
418 'rule_name' => 'nopunctuation',
419 'rule_parameters' => NULL,
420 ),
421 ),
422 ),
423 'bank_name' => array(
424 'htmlType' => 'text',
425 'name' => 'bank_name',
426 'title' => ts('Bank Name'),
427 'cc_field' => TRUE,
428 'attributes' => array(
429 'size' => 20,
430 'maxlength' => 64,
431 'autocomplete' => 'off',
432 ),
433 'is_required' => TRUE,
434
435 ),
436 );
437 }
438
439 /**
440 * Calling this from outside the payment subsystem is deprecated - use doPayment.
441 *
442 * Does a server to server payment transaction.
443 *
444 * Note that doPayment will throw an exception so the code may need to be modified
445 *
446 * @param array $params
447 * Assoc array of input parameters for this transaction.
448 *
449 * @return array
450 * the result in an nice formatted array (or an error object)
451 * @abstract
452 */
453 abstract protected function doDirectPayment(&$params);
454
455 /**
456 * Process payment - this function wraps around both doTransferPayment and doDirectPayment
457 * it ensures an exception is thrown & moves some of this logic out of the form layer and makes the forms more agnostic
458 *
459 * @param array $params
460 *
461 * @param $component
462 *
463 * @return array
464 * (modified)
465 * @throws CRM_Core_Exception
466 */
467 public function doPayment(&$params, $component = 'contribute') {
468 if ($this->_paymentProcessor['billing_mode'] == 4) {
469 $result = $this->doTransferCheckout($params, $component);
470 }
471 else {
472 $result = $this->doDirectPayment($params, $component);
473 }
474 if (is_a($result, 'CRM_Core_Error')) {
475 throw new CRM_Core_Exception(CRM_Core_Error::getMessages($result));
476 }
477 //CRM-15767 - Submit Credit Card Contribution not being saved
478 return $result;
479 }
480
481 /**
482 * This function checks to see if we have the right config values.
483 *
484 * @return string
485 * the error message if any
486 */
487 abstract protected function checkConfig();
488
489 /**
490 * @param $paymentProcessor
491 * @todo move to paypal class or remover
492 * @return bool
493 */
494 public static function paypalRedirect(&$paymentProcessor) {
495 if (!$paymentProcessor) {
496 return FALSE;
497 }
498
499 if (isset($_GET['payment_date']) &&
500 isset($_GET['merchant_return_link']) &&
501 CRM_Utils_Array::value('payment_status', $_GET) == 'Completed' &&
502 $paymentProcessor['payment_processor_type'] == "PayPal_Standard"
503 ) {
504 return TRUE;
505 }
506
507 return FALSE;
508 }
509
510 /**
511 * @todo move to0 \Civi\Payment\System factory method
512 * Page callback for civicrm/payment/ipn
513 */
514 public static function handleIPN() {
515 self::handlePaymentMethod(
516 'PaymentNotification',
517 array(
518 'processor_name' => @$_GET['processor_name'],
519 'processor_id' => @$_GET['processor_id'],
520 'mode' => @$_GET['mode'],
521 )
522 );
523 CRM_Utils_System::civiExit();
524 }
525
526 /**
527 * Payment callback handler.
528 *
529 * The processor_name or processor_id is passed in.
530 * Note that processor_id is more reliable as one site may have more than one instance of a
531 * processor & ideally the processor will be validating the results
532 * Load requested payment processor and call that processor's handle<$method> method
533 *
534 * @todo move to \Civi\Payment\System factory method
535 *
536 * @param string $method
537 * 'PaymentNotification' or 'PaymentCron'
538 * @param array $params
539 */
540 public static function handlePaymentMethod($method, $params = array()) {
541 if (!isset($params['processor_id']) && !isset($params['processor_name'])) {
542 CRM_Core_Error::fatal("Either 'processor_id' or 'processor_name' param is required for payment callback");
543 }
544 self::logPaymentNotification($params);
545
546 $sql = "SELECT ppt.class_name, ppt.name as processor_name, pp.id AS processor_id
547 FROM civicrm_payment_processor_type ppt
548 INNER JOIN civicrm_payment_processor pp
549 ON pp.payment_processor_type_id = ppt.id
550 AND pp.is_active";
551
552 if (isset($params['processor_id'])) {
553 $sql .= " WHERE pp.id = %2";
554 $args[2] = array($params['processor_id'], 'Integer');
555 $notFound = "No active instances of payment processor ID#'{$params['processor_id']}' were found.";
556 }
557 else {
558 // This is called when processor_name is passed - passing processor_id instead is recommended.
559 $sql .= " WHERE ppt.name = %2 AND pp.is_test = %1";
560 $args[1] = array((CRM_Utils_Array::value('mode', $params) == 'test') ? 1 : 0, 'Integer');
561 $args[2] = array($params['processor_name'], 'String');
562 $notFound = "No active instances of the '{$params['processor_name']}' payment processor were found.";
563 }
564
565 $dao = CRM_Core_DAO::executeQuery($sql, $args);
566
567 // Check whether we found anything at all.
568 if (!$dao->N) {
569 CRM_Core_Error::fatal($notFound);
570 }
571
572 $method = 'handle' . $method;
573 $extension_instance_found = FALSE;
574
575 // In all likelihood, we'll just end up with the one instance returned here. But it's
576 // possible we may get more. Hence, iterate through all instances ..
577
578 while ($dao->fetch()) {
579 // Check pp is extension
580 $ext = CRM_Extension_System::singleton()->getMapper();
581 if ($ext->isExtensionKey($dao->class_name)) {
582 $paymentClass = $ext->keyToClass($dao->class_name, 'payment');
583 require_once $ext->classToPath($paymentClass);
584 }
585 else {
586 // Legacy or extension as module instance
587 if (empty($paymentClass)) {
588 $paymentClass = 'CRM_Core_' . $dao->class_name;
589
590 }
591 }
592
593 $processorInstance = Civi\Payment\System::singleton()->getById($dao->processor_id);
594
595 // Should never be empty - we already established this processor_id exists and is active.
596 if (empty($processorInstance)) {
597 continue;
598 }
599
600 // Does PP implement this method, and can we call it?
601 if (!method_exists($processorInstance, $method) ||
602 !is_callable(array($processorInstance, $method))
603 ) {
604 // on the off chance there is a double implementation of this processor we should keep looking for another
605 // note that passing processor_id is more reliable & we should work to deprecate processor_name
606 continue;
607 }
608
609 // Everything, it seems, is ok - execute pp callback handler
610 $processorInstance->$method();
611 $extension_instance_found = TRUE;
612 }
613
614 if (!$extension_instance_found) {
615 CRM_Core_Error::fatal(
616 "No extension instances of the '{$params['processor_name']}' payment processor were found.<br />" .
617 "$method method is unsupported in legacy payment processors."
618 );
619 }
620 }
621
622 /**
623 * Check whether a method is present ( & supported ) by the payment processor object.
624 *
625 * @param string $method
626 * Method to check for.
627 *
628 * @return bool
629 */
630 public function isSupported($method = 'cancelSubscription') {
631 return method_exists(CRM_Utils_System::getClassName($this), $method);
632 }
633
634 /**
635 * Get url for users to manage this recurring contribution for this processor.
636 *
637 * @param int $entityID
638 * @param null $entity
639 * @param string $action
640 *
641 * @return string
642 */
643 public function subscriptionURL($entityID = NULL, $entity = NULL, $action = 'cancel') {
644 // Set URL
645 switch ($action) {
646 case 'cancel':
647 $url = 'civicrm/contribute/unsubscribe';
648 break;
649
650 case 'billing':
651 //in notify mode don't return the update billing url
652 if (!$this->isSupported('updateSubscriptionBillingInfo')) {
653 return NULL;
654 }
655 $url = 'civicrm/contribute/updatebilling';
656 break;
657
658 case 'update':
659 $url = 'civicrm/contribute/updaterecur';
660 break;
661 }
662
663 $session = CRM_Core_Session::singleton();
664 $userId = $session->get('userID');
665 $contactID = 0;
666 $checksumValue = '';
667 $entityArg = '';
668
669 // Find related Contact
670 if ($entityID) {
671 switch ($entity) {
672 case 'membership':
673 $contactID = CRM_Core_DAO::getFieldValue("CRM_Member_DAO_Membership", $entityID, "contact_id");
674 $entityArg = 'mid';
675 break;
676
677 case 'contribution':
678 $contactID = CRM_Core_DAO::getFieldValue("CRM_Contribute_DAO_Contribution", $entityID, "contact_id");
679 $entityArg = 'coid';
680 break;
681
682 case 'recur':
683 $sql = "
684 SELECT con.contact_id
685 FROM civicrm_contribution_recur rec
686 INNER JOIN civicrm_contribution con ON ( con.contribution_recur_id = rec.id )
687 WHERE rec.id = %1
688 GROUP BY rec.id";
689 $contactID = CRM_Core_DAO::singleValueQuery($sql, array(1 => array($entityID, 'Integer')));
690 $entityArg = 'crid';
691 break;
692 }
693 }
694
695 // Add entity arguments
696 if ($entityArg != '') {
697 // Add checksum argument
698 if ($contactID != 0 && $userId != $contactID) {
699 $checksumValue = '&cs=' . CRM_Contact_BAO_Contact_Utils::generateChecksum($contactID, NULL, 'inf');
700 }
701 return CRM_Utils_System::url($url, "reset=1&{$entityArg}={$entityID}{$checksumValue}", TRUE, NULL, FALSE, TRUE);
702 }
703
704 // Else login URL
705 if ($this->isSupported('accountLoginURL')) {
706 return $this->accountLoginURL();
707 }
708
709 // Else default
710 return $this->_paymentProcessor['url_recur'];
711 }
712
713 }