X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=CRM%2FCore%2FPayment%2FAuthorizeNet.php;h=dbdcdcbcac99c5e69fe6563b098fbff029fde967;hb=57e83875288ecee677cff9b1668bb2639a5b1aff;hp=1b1ddde77488973b693707e98d2abf3100e879d5;hpb=44548423898d5320653a7f10c102d3379c87176e;p=civicrm-core.git

diff --git a/CRM/Core/Payment/AuthorizeNet.php b/CRM/Core/Payment/AuthorizeNet.php
index 1b1ddde774..dbdcdcbcac 100644
--- a/CRM/Core/Payment/AuthorizeNet.php
+++ b/CRM/Core/Payment/AuthorizeNet.php
@@ -28,7 +28,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
 
   protected $_mode = NULL;
 
-  protected $_params = array();
+  protected $_params = [];
 
   /**
    * We only need one instance of this object. So we use the singleton
@@ -126,7 +126,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
       return $params;
     }
 
-    $postFields = array();
+    $postFields = [];
     $authorizeNetFields = $this->_getAuthorizeNetFields();
 
     // Set up our call for hook_civicrm_paymentProcessor,
@@ -171,12 +171,6 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
     // fetch available contribution statuses
     $contributionStatus = CRM_Contribute_PseudoConstant::contributionStatus(NULL, 'name');
 
-    // check gateway MD5 response
-    if (!$this->checkMD5($response_fields[37], $response_fields[6], $response_fields[9])) {
-      $params['payment_status_id'] = array_search('Failed', $contributionStatus);
-      return self::error(9003, 'MD5 Verification failed');
-    }
-
     // check for application errors
     // TODO:
     // AVS, CVV2, CAVV, and other verification results
@@ -204,7 +198,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
         // fix for CRM-2566
         if (($this->_mode == 'test') || $response_fields[6] == 0) {
           $query = "SELECT MAX(trxn_id) FROM civicrm_contribution WHERE trxn_id RLIKE 'test[0-9]+'";
-          $p = array();
+          $p = [];
           $trxn_id = strval(CRM_Core_DAO::singleValueQuery($query, $p));
           $trxn_id = str_replace('test', '', $trxn_id);
           $trxn_id = intval($trxn_id) + 1;
@@ -327,7 +321,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
       return self::error(9002, 'Could not initiate connection to payment gateway');
     }
     curl_setopt($submit, CURLOPT_RETURNTRANSFER, 1);
-    curl_setopt($submit, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
+    curl_setopt($submit, CURLOPT_HTTPHEADER, ["Content-Type: text/xml"]);
     curl_setopt($submit, CURLOPT_HEADER, 1);
     curl_setopt($submit, CURLOPT_POSTFIELDS, $arbXML);
     curl_setopt($submit, CURLOPT_POST, 1);
@@ -361,11 +355,13 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
    * @return array
    */
   public function _getAuthorizeNetFields() {
-    $amount = $this->_getParam('total_amount');//Total amount is from the form contribution field
-    if (empty($amount)) {//CRM-9894 would this ever be the case??
+    //Total amount is from the form contribution field
+    $amount = $this->_getParam('total_amount');
+    //CRM-9894 would this ever be the case??
+    if (empty($amount)) {
       $amount = $this->_getParam('amount');
     }
-    $fields = array();
+    $fields = [];
     $fields['x_login'] = $this->_getParam('apiLogin');
     $fields['x_tran_key'] = $this->_getParam('paymentKey');
     $fields['x_email_customer'] = $this->_getParam('emailCustomer');
@@ -437,39 +433,6 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
     }
   }
 
-  /**
-   * Check the gateway MD5 response to make sure that this is a proper
-   * gateway response
-   *
-   * @param string $responseMD5
-   *   MD5 hash generated by the gateway.
-   * @param string $transaction_id
-   *   Transaction id generated by the gateway.
-   * @param string $amount
-   *   Purchase amount.
-   *
-   * @param bool $ipn
-   *
-   * @return bool
-   */
-  public function checkMD5($responseMD5, $transaction_id, $amount, $ipn = FALSE) {
-    // cannot check if no MD5 hash
-    $md5Hash = $this->_getParam('md5Hash');
-    if (empty($md5Hash)) {
-      return TRUE;
-    }
-    $loginid = $this->_getParam('apiLogin');
-    $hashString = $ipn ? ($md5Hash . $transaction_id . $amount) : ($md5Hash . $loginid . $transaction_id . $amount);
-    $result = strtoupper(md5($hashString));
-
-    if ($result == $responseMD5) {
-      return TRUE;
-    }
-    else {
-      return FALSE;
-    }
-  }
-
   /**
    * Calculate and return the transaction fingerprint.
    *
@@ -501,10 +464,10 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
     $data = trim($data);
     //make it easier to parse fields with quotes in them
     $data = str_replace('""', "''", $data);
-    $fields = array();
+    $fields = [];
 
     while ($data != '') {
-      $matches = array();
+      $matches = [];
       if ($data[0] == '"') {
         // handle quoted fields
         preg_match('/^"(([^"]|\\")*?)",?(.*)$/', $data, $matches);
@@ -540,13 +503,13 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
     $code = $this->_substring_between($content, '<code>', '</code>');
     $text = $this->_substring_between($content, '<text>', '</text>');
     $subscriptionId = $this->_substring_between($content, '<subscriptionId>', '</subscriptionId>');
-    return array(
+    return [
       'refId' => $refId,
       'resultCode' => $resultCode,
       'code' => $code,
       'text' => $text,
       'subscriptionId' => $subscriptionId,
-    );
+    ];
   }
 
   /**
@@ -586,7 +549,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
   public function _getParam($field, $xmlSafe = FALSE) {
     $value = CRM_Utils_Array::value($field, $this->_params, '');
     if ($xmlSafe) {
-      $value = str_replace(array('&', '"', "'", '<', '>'), '', $value);
+      $value = str_replace(['&', '"', "'", '<', '>'], '', $value);
     }
     return $value;
   }
@@ -600,10 +563,10 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
   public function &error($errorCode = NULL, $errorMessage = NULL) {
     $e = CRM_Core_Error::singleton();
     if ($errorCode) {
-      $e->push($errorCode, 0, array(), $errorMessage);
+      $e->push($errorCode, 0, [], $errorMessage);
     }
     else {
-      $e->push(9001, 0, array(), 'Unknown System Error.');
+      $e->push(9001, 0, [], 'Unknown System Error.');
     }
     return $e;
   }
@@ -634,7 +597,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
    *   the error message if any
    */
   public function checkConfig() {
-    $error = array();
+    $error = [];
     if (empty($this->_paymentProcessor['user_name'])) {
       $error[] = ts('APILogin is not set for this payment processor');
     }
@@ -664,7 +627,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
    *
    * @return bool|object
    */
-  public function cancelSubscription(&$message = '', $params = array()) {
+  public function cancelSubscription(&$message = '', $params = []) {
     $template = CRM_Core_Smarty::singleton();
 
     $template->assign('subscriptionType', 'cancel');
@@ -682,7 +645,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
     }
 
     curl_setopt($submit, CURLOPT_RETURNTRANSFER, 1);
-    curl_setopt($submit, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
+    curl_setopt($submit, CURLOPT_HTTPHEADER, ["Content-Type: text/xml"]);
     curl_setopt($submit, CURLOPT_HEADER, 1);
     curl_setopt($submit, CURLOPT_POSTFIELDS, $arbXML);
     curl_setopt($submit, CURLOPT_POST, 1);
@@ -711,7 +674,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
    *
    * @return bool|object
    */
-  public function updateSubscriptionBillingInfo(&$message = '', $params = array()) {
+  public function updateSubscriptionBillingInfo(&$message = '', $params = []) {
     $template = CRM_Core_Smarty::singleton();
     $template->assign('subscriptionType', 'updateBilling');
 
@@ -741,7 +704,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
     }
 
     curl_setopt($submit, CURLOPT_RETURNTRANSFER, 1);
-    curl_setopt($submit, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
+    curl_setopt($submit, CURLOPT_HTTPHEADER, ["Content-Type: text/xml"]);
     curl_setopt($submit, CURLOPT_HEADER, 1);
     curl_setopt($submit, CURLOPT_POSTFIELDS, $arbXML);
     curl_setopt($submit, CURLOPT_POST, 1);
@@ -767,7 +730,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
   /**
    * Process incoming notification.
    */
-  static public function handlePaymentNotification() {
+  public static function handlePaymentNotification() {
     $ipnClass = new CRM_Core_Payment_AuthorizeNetIPN(array_merge($_GET, $_REQUEST));
     $ipnClass->main();
   }
@@ -778,7 +741,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
    *
    * @return bool|object
    */
-  public function changeSubscriptionAmount(&$message = '', $params = array()) {
+  public function changeSubscriptionAmount(&$message = '', $params = []) {
     $template = CRM_Core_Smarty::singleton();
 
     $template->assign('subscriptionType', 'update');
@@ -803,7 +766,7 @@ class CRM_Core_Payment_AuthorizeNet extends CRM_Core_Payment {
     }
 
     curl_setopt($submit, CURLOPT_RETURNTRANSFER, 1);
-    curl_setopt($submit, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
+    curl_setopt($submit, CURLOPT_HTTPHEADER, ["Content-Type: text/xml"]);
     curl_setopt($submit, CURLOPT_HEADER, 1);
     curl_setopt($submit, CURLOPT_POSTFIELDS, $arbXML);
     curl_setopt($submit, CURLOPT_POST, 1);