projects / civicrm-core.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #5526 from mlutfy/4.6-crm6131
[civicrm-core.git] / CRM / Core / Payment.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.6 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2015 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26 */
27
28 use Civi\Payment\System;
29
30 /**
31 * Class CRM_Core_Payment.
32 *
33 * This class is the main class for the payment processor subsystem.
34 *
35 * It is the parent class for payment processors. It also holds some IPN related functions
36 * that need to be moved. In particular handlePaymentMethod should be moved to a factory class.
37 */
38 abstract class CRM_Core_Payment {
39
40 /**
41 * How are we getting billing information?
42 *
43 * FORM - we collect it on the same page
44 * BUTTON - the processor collects it and sends it back to us via some protocol
45 */
46 const
47 BILLING_MODE_FORM = 1,
48 BILLING_MODE_BUTTON = 2,
49 BILLING_MODE_NOTIFY = 4;
50
51 /**
52 * Which payment type(s) are we using?
53 *
54 * credit card
55 * direct debit
56 * or both
57 * @todo create option group - nb omnipay uses a 3rd type - transparent redirect cc
58 */
59 const
60 PAYMENT_TYPE_CREDIT_CARD = 1,
61 PAYMENT_TYPE_DIRECT_DEBIT = 2;
62
63 /**
64 * Subscription / Recurring payment Status
65 * START, END
66 */
67 const
68 RECURRING_PAYMENT_START = 'START',
69 RECURRING_PAYMENT_END = 'END';
70
71 protected $_paymentProcessor;
72
73 /**
74 * Singleton function used to manage this object.
75 *
76 * We will migrate to calling Civi\Payment\System::singleton()->getByProcessor($paymentProcessor)
77 * & Civi\Payment\System::singleton()->getById($paymentProcessor) directly as the main access methods & work
78 * to remove this function all together
79 *
80 * @param string $mode
81 * The mode of operation: live or test.
82 * @param array $paymentProcessor
83 * The details of the payment processor being invoked.
84 * @param object $paymentForm
85 * Deprecated - avoid referring to this if possible. If you have to use it document why as this is scary interaction.
86 * @param bool $force
87 * Should we force a reload of this payment object.
88 *
89 * @return CRM_Core_Payment
90 * @throws \CRM_Core_Exception
91 */
92 public static function &singleton($mode = 'test', &$paymentProcessor, &$paymentForm = NULL, $force = FALSE) {
93 // make sure paymentProcessor is not empty
94 // CRM-7424
95 if (empty($paymentProcessor)) {
96 return CRM_Core_DAO::$_nullObject;
97 }
98 //we use two lines because we can't remove the '&singleton' without risking breakage
99 //of extension classes that extend this one
100 $object = Civi\Payment\System::singleton()->getByProcessor($paymentProcessor);
101 return $object;
102 }
103
104 /**
105 * Log payment notification message to forensic system log.
106 *
107 * @todo move to factory class \Civi\Payment\System (or similar)
108 *
109 * @param array $params
110 *
111 * @return mixed
112 */
113 public static function logPaymentNotification($params) {
114 $message = 'payment_notification ';
115 if (!empty($params['processor_name'])) {
116 $message .= 'processor_name=' . $params['processor_name'];
117 }
118 if (!empty($params['processor_id'])) {
119 $message .= 'processor_id=' . $params['processor_id'];
120 }
121
122 $log = new CRM_Utils_SystemLogger();
123 $log->alert($message, $_REQUEST);
124 }
125
126 /**
127 * Check if capability is supported.
128 *
129 * Capabilities have a one to one relationship with capability-related functions on this class.
130 *
131 * Payment processor classes should over-ride the capability-specific function rather than this one.
132 *
133 * @param string $capability
134 * E.g BackOffice, LiveMode, FutureRecurStartDate.
135 *
136 * @return bool
137 */
138 public function supports($capability) {
139 $function = 'supports' . ucfirst($capability);
140 if (method_exists($this, $function)) {
141 return $this->$function();
142 }
143 return FALSE;
144 }
145
146 /**
147 * Are back office payments supported.
148 *
149 * e.g paypal standard won't permit you to enter a credit card associated
150 * with someone else's login.
151 * The intention is to support off-site (other than paypal) & direct debit but that is not all working yet so to
152 * reach a 'stable' point we disable.
153 *
154 * @return bool
155 */
156 protected function supportsBackOffice() {
157 if ($this->_paymentProcessor['billing_mode'] == 4 || $this->_paymentProcessor['payment_type'] != 1) {
158 return FALSE;
159 }
160 else {
161 return TRUE;
162 }
163 }
164
165 /**
166 * Are live payments supported - e.g dummy doesn't support this.
167 *
168 * @return bool
169 */
170 protected function supportsLiveMode() {
171 return TRUE;
172 }
173
174 /**
175 * Are test payments supported.
176 *
177 * @return bool
178 */
179 protected function supportsTestMode() {
180 return TRUE;
181 }
182
183 /**
184 * Should the first payment date be configurable when setting up back office recurring payments.
185 *
186 * We set this to false for historical consistency but in fact most new processors use tokens for recurring and can support this
187 *
188 * @return bool
189 */
190 protected function supportsFutureRecurStartDate() {
191 return FALSE;
192 }
193
194 /**
195 * Default payment instrument validation.
196 *
197 * Implement the usual Luhn algorithm via a static function in the CRM_Core_Payment_Form if it's a credit card
198 * Not a static function, because I need to check for payment_type.
199 *
200 * @param array $values
201 * @param array $errors
202 */
203 public function validatePaymentInstrument($values, &$errors) {
204 if ($this->_paymentProcessor['payment_type'] == 1) {
205 CRM_Core_Payment_Form::validateCreditCard($values, $errors);
206 }
207 }
208
209 /**
210 * Setter for the payment form that wants to use the processor.
211 *
212 * @deprecated
213 *
214 * @param CRM_Core_Form $paymentForm
215 */
216 public function setForm(&$paymentForm) {
217 $this->_paymentForm = $paymentForm;
218 }
219
220 /**
221 * Getter for payment form that is using the processor.
222 * @deprecated
223 * @return CRM_Core_Form
224 * A form object
225 */
226 public function getForm() {
227 return $this->_paymentForm;
228 }
229
230 /**
231 * Getter for accessing member vars.
232 *
233 * @todo believe this is unused
234 *
235 * @param string $name
236 *
237 * @return null
238 */
239 public function getVar($name) {
240 return isset($this->$name) ? $this->$name : NULL;
241 }
242
243 /**
244 * Get name for the payment information type.
245 * @todo - use option group + name field (like Omnipay does)
246 * @return string
247 */
248 public function getPaymentTypeName() {
249 return $this->_paymentProcessor['payment_type'] == 1 ? 'credit_card' : 'direct_debit';
250 }
251
252 /**
253 * Get label for the payment information type.
254 * @todo - use option group + labels (like Omnipay does)
255 * @return string
256 */
257 public function getPaymentTypeLabel() {
258 return $this->_paymentProcessor['payment_type'] == 1 ? 'Credit Card' : 'Direct Debit';
259 }
260
261 /**
262 * Get array of fields that should be displayed on the payment form.
263 * @todo make payment type an option value & use it in the function name - currently on debit & credit card work
264 * @return array
265 * @throws CiviCRM_API3_Exception
266 */
267 public function getPaymentFormFields() {
268 if ($this->_paymentProcessor['billing_mode'] == 4) {
269 return array();
270 }
271 return $this->_paymentProcessor['payment_type'] == 1 ? $this->getCreditCardFormFields() : $this->getDirectDebitFormFields();
272 }
273
274 /**
275 * Get array of fields that should be displayed on the payment form for credit cards.
276 *
277 * @return array
278 */
279 protected function getCreditCardFormFields() {
280 return array(
281 'credit_card_type',
282 'credit_card_number',
283 'cvv2',
284 'credit_card_exp_date',
285 );
286 }
287
288 /**
289 * Get array of fields that should be displayed on the payment form for direct debits.
290 *
291 * @return array
292 */
293 protected function getDirectDebitFormFields() {
294 return array(
295 'account_holder',
296 'bank_account_number',
297 'bank_identification_number',
298 'bank_name',
299 );
300 }
301
302 /**
303 * Return an array of all the details about the fields potentially required for payment fields.
304 *
305 * Only those determined by getPaymentFormFields will actually be assigned to the form
306 *
307 * @return array
308 * field metadata
309 */
310 public function getPaymentFormFieldsMetadata() {
311 //@todo convert credit card type into an option value
312 $creditCardType = array('' => ts('- select -')) + CRM_Contribute_PseudoConstant::creditCard();
313 return array(
314 'credit_card_number' => array(
315 'htmlType' => 'text',
316 'name' => 'credit_card_number',
317 'title' => ts('Card Number'),
318 'cc_field' => TRUE,
319 'attributes' => array(
320 'size' => 20,
321 'maxlength' => 20,
322 'autocomplete' => 'off',
323 'class' => 'creditcard',
324 ),
325 'is_required' => TRUE,
326 ),
327 'cvv2' => array(
328 'htmlType' => 'text',
329 'name' => 'cvv2',
330 'title' => ts('Security Code'),
331 'cc_field' => TRUE,
332 'attributes' => array(
333 'size' => 5,
334 'maxlength' => 10,
335 'autocomplete' => 'off',
336 ),
337 'is_required' => CRM_Core_BAO_Setting::getItem(CRM_Core_BAO_Setting::CONTRIBUTE_PREFERENCES_NAME,
338 'cvv_backoffice_required',
339 NULL,
340 1
341 ),
342 'rules' => array(
343 array(
344 'rule_message' => ts('Please enter a valid value for your card security code. This is usually the last 3-4 digits on the card\'s signature panel.'),
345 'rule_name' => 'integer',
346 'rule_parameters' => NULL,
347 ),
348 ),
349 ),
350 'credit_card_exp_date' => array(
351 'htmlType' => 'date',
352 'name' => 'credit_card_exp_date',
353 'title' => ts('Expiration Date'),
354 'cc_field' => TRUE,
355 'attributes' => CRM_Core_SelectValues::date('creditCard'),
356 'is_required' => TRUE,
357 'rules' => array(
358 array(
359 'rule_message' => ts('Card expiration date cannot be a past date.'),
360 'rule_name' => 'currentDate',
361 'rule_parameters' => TRUE,
362 ),
363 ),
364 ),
365 'credit_card_type' => array(
366 'htmlType' => 'select',
367 'name' => 'credit_card_type',
368 'title' => ts('Card Type'),
369 'cc_field' => TRUE,
370 'attributes' => $creditCardType,
371 'is_required' => FALSE,
372 ),
373 'account_holder' => array(
374 'htmlType' => 'text',
375 'name' => 'account_holder',
376 'title' => ts('Account Holder'),
377 'cc_field' => TRUE,
378 'attributes' => array(
379 'size' => 20,
380 'maxlength' => 34,
381 'autocomplete' => 'on',
382 ),
383 'is_required' => TRUE,
384 ),
385 //e.g. IBAN can have maxlength of 34 digits
386 'bank_account_number' => array(
387 'htmlType' => 'text',
388 'name' => 'bank_account_number',
389 'title' => ts('Bank Account Number'),
390 'cc_field' => TRUE,
391 'attributes' => array(
392 'size' => 20,
393 'maxlength' => 34,
394 'autocomplete' => 'off',
395 ),
396 'rules' => array(
397 array(
398 'rule_message' => ts('Please enter a valid Bank Identification Number (value must not contain punctuation characters).'),
399 'rule_name' => 'nopunctuation',
400 'rule_parameters' => NULL,
401 ),
402 ),
403 'is_required' => TRUE,
404 ),
405 //e.g. SWIFT-BIC can have maxlength of 11 digits
406 'bank_identification_number' => array(
407 'htmlType' => 'text',
408 'name' => 'bank_identification_number',
409 'title' => ts('Bank Identification Number'),
410 'cc_field' => TRUE,
411 'attributes' => array(
412 'size' => 20,
413 'maxlength' => 11,
414 'autocomplete' => 'off',
415 ),
416 'is_required' => TRUE,
417 'rules' => array(
418 array(
419 'rule_message' => ts('Please enter a valid Bank Identification Number (value must not contain punctuation characters).'),
420 'rule_name' => 'nopunctuation',
421 'rule_parameters' => NULL,
422 ),
423 ),
424 ),
425 'bank_name' => array(
426 'htmlType' => 'text',
427 'name' => 'bank_name',
428 'title' => ts('Bank Name'),
429 'cc_field' => TRUE,
430 'attributes' => array(
431 'size' => 20,
432 'maxlength' => 64,
433 'autocomplete' => 'off',
434 ),
435 'is_required' => TRUE,
436
437 ),
438 );
439 }
440
441 /**
442 * Calling this from outside the payment subsystem is deprecated - use doPayment.
443 *
444 * Does a server to server payment transaction.
445 *
446 * Note that doPayment will throw an exception so the code may need to be modified
447 *
448 * @param array $params
449 * Assoc array of input parameters for this transaction.
450 *
451 * @return array
452 * the result in an nice formatted array (or an error object)
453 * @abstract
454 */
455 abstract protected function doDirectPayment(&$params);
456
457 /**
458 * Process payment - this function wraps around both doTransferPayment and doDirectPayment.
459 *
460 * The function ensures an exception is thrown & moves some of this logic out of the form layer and makes the forms
461 * more agnostic.
462 *
463 * @param array $params
464 *
465 * @param $component
466 *
467 * @return array
468 * (modified)
469 * @throws CRM_Core_Exception
470 */
471 public function doPayment(&$params, $component = 'contribute') {
472 if ($this->_paymentProcessor['billing_mode'] == 4) {
473 $result = $this->doTransferCheckout($params, $component);
474 }
475 else {
476 $result = $this->doDirectPayment($params, $component);
477 }
478 if (is_a($result, 'CRM_Core_Error')) {
479 throw new CRM_Core_Exception(CRM_Core_Error::getMessages($result));
480 }
481 //CRM-15767 - Submit Credit Card Contribution not being saved
482 return $result;
483 }
484
485 /**
486 * This function checks to see if we have the right config values.
487 *
488 * @return string
489 * the error message if any
490 */
491 abstract protected function checkConfig();
492
493 /**
494 * Redirect for paypal.
495 *
496 * @todo move to paypal class or remove
497 *
498 * @param $paymentProcessor
499 *
500 * @return bool
501 */
502 public static function paypalRedirect(&$paymentProcessor) {
503 if (!$paymentProcessor) {
504 return FALSE;
505 }
506
507 if (isset($_GET['payment_date']) &&
508 isset($_GET['merchant_return_link']) &&
509 CRM_Utils_Array::value('payment_status', $_GET) == 'Completed' &&
510 $paymentProcessor['payment_processor_type'] == "PayPal_Standard"
511 ) {
512 return TRUE;
513 }
514
515 return FALSE;
516 }
517
518 /**
519 * Handle incoming payment notification.
520 *
521 * IPNs, also called silent posts are notifications of payment outcomes or activity on an external site.
522 *
523 * @todo move to0 \Civi\Payment\System factory method
524 * Page callback for civicrm/payment/ipn
525 */
526 public static function handleIPN() {
527 self::handlePaymentMethod(
528 'PaymentNotification',
529 array(
530 'processor_name' => @$_GET['processor_name'],
531 'processor_id' => @$_GET['processor_id'],
532 'mode' => @$_GET['mode'],
533 )
534 );
535 CRM_Utils_System::civiExit();
536 }
537
538 /**
539 * Payment callback handler.
540 *
541 * The processor_name or processor_id is passed in.
542 * Note that processor_id is more reliable as one site may have more than one instance of a
543 * processor & ideally the processor will be validating the results
544 * Load requested payment processor and call that processor's handle<$method> method
545 *
546 * @todo move to \Civi\Payment\System factory method
547 *
548 * @param string $method
549 * 'PaymentNotification' or 'PaymentCron'
550 * @param array $params
551 */
552 public static function handlePaymentMethod($method, $params = array()) {
553 if (!isset($params['processor_id']) && !isset($params['processor_name'])) {
554 CRM_Core_Error::fatal("Either 'processor_id' or 'processor_name' param is required for payment callback");
555 }
556 self::logPaymentNotification($params);
557
558 $sql = "SELECT ppt.class_name, ppt.name as processor_name, pp.id AS processor_id
559 FROM civicrm_payment_processor_type ppt
560 INNER JOIN civicrm_payment_processor pp
561 ON pp.payment_processor_type_id = ppt.id
562 AND pp.is_active";
563
564 if (isset($params['processor_id'])) {
565 $sql .= " WHERE pp.id = %2";
566 $args[2] = array($params['processor_id'], 'Integer');
567 $notFound = "No active instances of payment processor ID#'{$params['processor_id']}' were found.";
568 }
569 else {
570 // This is called when processor_name is passed - passing processor_id instead is recommended.
571 $sql .= " WHERE ppt.name = %2 AND pp.is_test = %1";
572 $args[1] = array(
573 (CRM_Utils_Array::value('mode', $params) == 'test') ? 1 : 0,
574 'Integer',
575 );
576 $args[2] = array($params['processor_name'], 'String');
577 $notFound = "No active instances of the '{$params['processor_name']}' payment processor were found.";
578 }
579
580 $dao = CRM_Core_DAO::executeQuery($sql, $args);
581
582 // Check whether we found anything at all.
583 if (!$dao->N) {
584 CRM_Core_Error::fatal($notFound);
585 }
586
587 $method = 'handle' . $method;
588 $extension_instance_found = FALSE;
589
590 // In all likelihood, we'll just end up with the one instance returned here. But it's
591 // possible we may get more. Hence, iterate through all instances ..
592
593 while ($dao->fetch()) {
594 // Check pp is extension
595 $ext = CRM_Extension_System::singleton()->getMapper();
596 if ($ext->isExtensionKey($dao->class_name)) {
597 $paymentClass = $ext->keyToClass($dao->class_name, 'payment');
598 require_once $ext->classToPath($paymentClass);
599 }
600 else {
601 // Legacy or extension as module instance
602 if (empty($paymentClass)) {
603 $paymentClass = 'CRM_Core_' . $dao->class_name;
604
605 }
606 }
607
608 $processorInstance = Civi\Payment\System::singleton()->getById($dao->processor_id);
609
610 // Should never be empty - we already established this processor_id exists and is active.
611 if (empty($processorInstance)) {
612 continue;
613 }
614
615 // Does PP implement this method, and can we call it?
616 if (!method_exists($processorInstance, $method) ||
617 !is_callable(array($processorInstance, $method))
618 ) {
619 // on the off chance there is a double implementation of this processor we should keep looking for another
620 // note that passing processor_id is more reliable & we should work to deprecate processor_name
621 continue;
622 }
623
624 // Everything, it seems, is ok - execute pp callback handler
625 $processorInstance->$method();
626 $extension_instance_found = TRUE;
627 }
628
629 if (!$extension_instance_found) {
630 CRM_Core_Error::fatal(
631 "No extension instances of the '{$params['processor_name']}' payment processor were found.<br />" .
632 "$method method is unsupported in legacy payment processors."
633 );
634 }
635 }
636
637 /**
638 * Check whether a method is present ( & supported ) by the payment processor object.
639 *
640 * @param string $method
641 * Method to check for.
642 *
643 * @return bool
644 */
645 public function isSupported($method = 'cancelSubscription') {
646 return method_exists(CRM_Utils_System::getClassName($this), $method);
647 }
648
649 /**
650 * Get url for users to manage this recurring contribution for this processor.
651 *
652 * @param int $entityID
653 * @param null $entity
654 * @param string $action
655 *
656 * @return string
657 */
658 public function subscriptionURL($entityID = NULL, $entity = NULL, $action = 'cancel') {
659 // Set URL
660 switch ($action) {
661 case 'cancel':
662 $url = 'civicrm/contribute/unsubscribe';
663 break;
664
665 case 'billing':
666 //in notify mode don't return the update billing url
667 if (!$this->isSupported('updateSubscriptionBillingInfo')) {
668 return NULL;
669 }
670 $url = 'civicrm/contribute/updatebilling';
671 break;
672
673 case 'update':
674 $url = 'civicrm/contribute/updaterecur';
675 break;
676 }
677
678 $session = CRM_Core_Session::singleton();
679 $userId = $session->get('userID');
680 $contactID = 0;
681 $checksumValue = '';
682 $entityArg = '';
683
684 // Find related Contact
685 if ($entityID) {
686 switch ($entity) {
687 case 'membership':
688 $contactID = CRM_Core_DAO::getFieldValue("CRM_Member_DAO_Membership", $entityID, "contact_id");
689 $entityArg = 'mid';
690 break;
691
692 case 'contribution':
693 $contactID = CRM_Core_DAO::getFieldValue("CRM_Contribute_DAO_Contribution", $entityID, "contact_id");
694 $entityArg = 'coid';
695 break;
696
697 case 'recur':
698 $sql = "
699 SELECT con.contact_id
700 FROM civicrm_contribution_recur rec
701 INNER JOIN civicrm_contribution con ON ( con.contribution_recur_id = rec.id )
702 WHERE rec.id = %1
703 GROUP BY rec.id";
704 $contactID = CRM_Core_DAO::singleValueQuery($sql, array(1 => array($entityID, 'Integer')));
705 $entityArg = 'crid';
706 break;
707 }
708 }
709
710 // Add entity arguments
711 if ($entityArg != '') {
712 // Add checksum argument
713 if ($contactID != 0 && $userId != $contactID) {
714 $checksumValue = '&cs=' . CRM_Contact_BAO_Contact_Utils::generateChecksum($contactID, NULL, 'inf');
715 }
716 return CRM_Utils_System::url($url, "reset=1&{$entityArg}={$entityID}{$checksumValue}", TRUE, NULL, FALSE, TRUE);
717 }
718
719 // Else login URL
720 if ($this->isSupported('accountLoginURL')) {
721 return $this->accountLoginURL();
722 }
723
724 // Else default
725 return $this->_paymentProcessor['url_recur'];
726 }
727
728 }