From 11c03c08798e405d3b67e720e32f57f7a5d78843 Mon Sep 17 00:00:00 2001 From: eileenmcnaughton Date: Wed, 29 Jul 2015 23:29:15 +0000 Subject: [PATCH] CRM-16923 enotice fix revealed A.net was passing processor_type_id as processor_id --- CRM/Core/Payment/AuthorizeNetIPN.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/CRM/Core/Payment/AuthorizeNetIPN.php b/CRM/Core/Payment/AuthorizeNetIPN.php index 02d873c468..082a67e809 100644 --- a/CRM/Core/Payment/AuthorizeNetIPN.php +++ b/CRM/Core/Payment/AuthorizeNetIPN.php @@ -68,9 +68,20 @@ class CRM_Core_Payment_AuthorizeNetIPN extends CRM_Core_Payment_BaseIPN { // load post ids in $ids $this->getIDs($ids, $input); - $paymentProcessorID = CRM_Core_DAO::getFieldValue('CRM_Financial_DAO_PaymentProcessorType', + // This is an unreliable method as there could be more than one instance. + // Recommended approach is to use the civicrm/payment/ipn/xx url where xx is the payment + // processor id & the handleNotification function (which should call the completetransaction api & by-pass this + // entirely). The only thing the IPN class should really do is extract data from the request, validate it + // & call completetransaction or call fail? (which may not exist yet). + $paymentProcessorTypeID = CRM_Core_DAO::getFieldValue('CRM_Financial_DAO_PaymentProcessorType', 'AuthNet', 'id', 'name' ); + $paymentProcessorID = (int) civicrm_api3('PaymentProcessor', 'getvalue', array( + 'is_test' => 0, + 'options' => array('limit' => 1), + 'payment_processor_type_id' => $paymentProcessorTypeID, + 'return' => 'id', + )); if (!$this->validateData($input, $ids, $objects, TRUE, $paymentProcessorID)) { return FALSE; -- 2.25.1