projects / trustcommerce.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Implement changeSubscriptionAmount method.
[trustcommerce.git] / trustcommerce.php
1 <?php
2 /*
3 * This file is part of CiviCRM.
4 *
5 * CiviCRM is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation, either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * CiviCRM is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with CiviCRM. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * Copyright (C) 2012
19 * Licensed to CiviCRM under the GPL v3 or higher
20 *
21 * Written and contributed by Ward Vandewege <ward@fsf.org> (http://www.fsf.org)
22 * Modified by Lisa Marie Maginnis <lisa@fsf.org> (http://www.fsf.org)
23 *
24 */
25
26 // Define logging level (0 = off, 4 = log everything)
27 define('TRUSTCOMMERCE_LOGGING_LEVEL', 4);
28
29 require_once 'CRM/Core/Payment.php';
30 class org_fsf_payment_trustcommerce extends CRM_Core_Payment {
31 CONST CHARSET = 'iso-8859-1';
32 CONST AUTH_APPROVED = 'approve';
33 CONST AUTH_DECLINED = 'decline';
34 CONST AUTH_BADDATA = 'baddata';
35 CONST AUTH_ERROR = 'error';
36 CONST AUTH_BLACKLIST = 'blacklisted';
37
38 static protected $_mode = NULL;
39
40 static protected $_params = array();
41
42 /**
43 * We only need one instance of this object. So we use the singleton
44 * pattern and cache the instance in this variable
45 *
46 * @var object
47 * @static
48 */
49 static private $_singleton = NULL;
50
51 /**
52 * Constructor
53 *
54 * @param string $mode the mode of operation: live or test
55 *
56 * @return void
57 */ function __construct($mode, &$paymentProcessor) {
58 $this->_mode = $mode;
59
60 $this->_paymentProcessor = $paymentProcessor;
61
62 $this->_processorName = ts('TrustCommerce');
63
64 $config = CRM_Core_Config::singleton();
65 $this->_setParam('user_name', $paymentProcessor['user_name']);
66 $this->_setParam('password', $paymentProcessor['password']);
67
68 $this->_setParam('timestamp', time());
69 srand(time());
70 $this->_setParam('sequence', rand(1, 1000));
71 $this->logging_level = TRUSTCOMMERCE_LOGGING_LEVEL;
72
73 }
74
75 /**
76 * singleton function used to manage this object
77 *
78 * @param string $mode the mode of operation: live or test
79 *
80 * @return object
81 * @static
82 *
83 */
84 static
85 function &singleton($mode, &$paymentProcessor) {
86 $processorName = $paymentProcessor['name'];
87 if (self::$_singleton[$processorName] === NULL) {
88 self::$_singleton[$processorName] = new org_fsf_payment_trustcommerce($mode, $paymentProcessor);
89 }
90 return self::$_singleton[$processorName];
91 }
92
93 /**
94 * Submit a payment using the TC API
95 * @param array $params The params we will be sending to tclink_send()
96 * @return mixed An array of our results, or an error object if the transaction fails.
97 * @public
98 */
99 function doDirectPayment(&$params) {
100 if (!extension_loaded("tclink")) {
101 return self::error(9001, 'TrustCommerce requires that the tclink module is loaded');
102 }
103
104 /* Copy our paramaters to ourself */
105 foreach ($params as $field => $value) {
106 $this->_setParam($field, $value);
107 }
108
109 /* Get our fields to pass to tclink_send() */
110 $tc_params = $this->_getTrustCommerceFields();
111
112 /* Are we recurring? If so add the extra API fields. */
113 if (CRM_Utils_Array::value('is_recur', $params) && $params['contributionRecurID']) {
114 $tc_params = $this->_getRecurPaymentFields($tc_params);
115 }
116
117 /* Pass our cooked params to the alter hook, per Core/Payment/Dummy.php */
118 CRM_Utils_Hook::alterPaymentProcessorParams($this, $params, $tc_params);
119
120 // TrustCommerce will not refuse duplicates, so we should check if the user already submitted this transaction
121 if ($this->_checkDupe($tc_params['ticket'])) {
122 return self::error(9004, 'It appears that this transaction is a duplicate. Have you already submitted the form once? If so there may have been a connection problem. You can try your transaction again. If you continue to have problems please contact the site administrator.');
123 }
124
125 /* This implements a local blacklist, and passes us though as a normal failure
126 * if the luser is on the blacklist. */
127 if(!$this->_isBlacklisted()) {
128 /* Call the TC API, and grab the reply */
129 $reply = $this->_sendTCRequest($tc_params);
130 } else {
131 $this->_logger($tc_params);
132 $reply['status'] = self::AUTH_BLACKLIST;
133 }
134
135 /* Parse our reply */
136 $result = $this->_getTCReply($reply);
137
138 if($result == 0) {
139 /* We were successful, congrats. Lets wrap it up:
140 * Convert back to dollars
141 * Save the transaction ID
142 */
143
144 if (CRM_Utils_Array::value('is_recur', $params) && $params['contributionRecurID']) {
145 $params['contributionRecurID'] = $reply['billingid'];
146 }
147 $params['trxn_id'] = $reply['transid'];
148
149 $params['gross_amount'] = $tc_params['amount'] / 100;
150
151 return $params;
152
153 } else {
154 /* Otherwise we return the error object */
155 return $result;
156 }
157 }
158
159 function _isBlacklisted() {
160 if($this->_isIPBlacklisted()) {
161 return TRUE;
162 } else if($this->_IsAgentBlacklisted()) {
163 return TRUE;
164 }
165 return FALSE;
166 }
167
168 function _isAgentBlacklisted() {
169 $ip = $_SERVER['REMOTE_ADDR'];
170 $agent = $_SERVER['HTTP_USER_AGENT'];
171 $dao = CRM_Core_DAO::executeQuery('SELECT * FROM `trustcommerce_useragent_blacklist`');
172 while($dao->fetch()) {
173 if(preg_match('/'.$dao->name.'/', $agent) === 1) {
174 error_log(' [client '.$ip.'] [agent '.$agent.'] - Blacklisted by USER_AGENT rule #'.$dao->id);
175 return TRUE;
176 }
177 }
178 return FALSE;
179 }
180
181 function _isIPBlacklisted() {
182 $ip = $_SERVER['REMOTE_ADDR'];
183 $agent = $_SERVER['HTTP_USER_AGENT'];
184 $ip = ip2long($ip);
185 $blacklist = array();
186 $dao = CRM_Core_DAO::executeQuery('SELECT * FROM `trustcommerce_blacklist`');
187 while($dao->fetch()) {
188 if($ip >= $dao->start && $ip <= $dao->end) {
189 error_log('[client '.long2ip($ip).'] [agent '.$agent.'] Blacklisted by IP rule #'.$dao->id);
190 return TRUE;
191 }
192 }
193 return FALSE;
194 }
195
196 function _sendTCRequest($request) {
197 $this->_logger($request);
198 return tclink_send($request);
199 }
200
201 function _logger($params) {
202 $msg = '';
203 foreach ($params as $key => $data) {
204 /* Delete any data we should not be writing to disk. This includes:
205 * custid, password, cc, exp, and cvv
206 */
207 switch($key) {
208 case 'custid':
209 case 'password':
210 case 'cc':
211 case 'exp':
212 case 'cvv':
213 break;
214 default:
215 $msg .= ' '.$key.' => '.$data;
216 }
217 }
218 error_log('[client '.$_SERVER['REMOTE_ADDR'].'] TrustCommerce:'.$msg);
219 }
220
221 /**
222 * Gets the recurring billing fields for the TC API
223 * @param array $fields The fields to modify.
224 * @return array The fields for tclink_send(), modified for recurring billing.
225 * @public
226 */
227 function _getRecurPaymentFields($fields) {
228 $payments = $this->_getParam('frequency_interval');
229 $cycle = $this->_getParam('frequency_unit');
230
231 /* Translate billing cycle from CiviCRM -> TC */
232 switch($cycle) {
233 case 'day':
234 $cycle = 'd';
235 break;
236 case 'week':
237 $cycle = 'w';
238 break;
239 case 'month':
240 $cycle = 'm';
241 break;
242 case 'year':
243 $cycle = 'y';
244 break;
245 }
246
247 /* Translate frequency interval from CiviCRM -> TC
248 * Payments are the same, HOWEVER a payment of 1 (forever) should be 0 in TC */
249 if($payments == 1) {
250 $payments = 0;
251 }
252
253 $fields['cycle'] = '1'.$cycle; /* The billing cycle in years, months, weeks, or days. */
254 $fields['payments'] = $payments;
255 $fields['authnow'] = 'y';
256 $fields['action'] = 'store'; /* Change our mode to `store' mode. */
257
258 return $fields;
259 }
260
261 /* Parses a response from TC via the tclink_send() command.
262 * @param $reply array The result of a call to tclink_send().
263 * @return mixed self::error() if transaction failed, otherwise returns 0.
264 */
265 function _getTCReply($reply) {
266
267 /* DUPLIATE CODE, please refactor. ~lisa */
268 if (!$reply) {
269 return self::error(9002, 'Could not initiate connection to payment gateway');
270 }
271
272 $this->_logger($reply);
273
274 switch($reply['status']) {
275 case self::AUTH_BLACKLIST:
276 return self::error(9001, "Your transaction was declined: error #90210");
277 break;
278 case self::AUTH_APPROVED:
279 // It's all good
280 break;
281 case self::AUTH_DECLINED:
282 // TODO FIXME be more or less specific?
283 // declinetype can be: decline, avs, cvv, call, expiredcard, carderror, authexpired, fraud, blacklist, velocity
284 // See TC documentation for more info
285 switch($reply['declinetype']) {
286 case 'avs':
287 return self::error(9009, "Your transaction was declined for address verification reasons. If your address was correct please contact us at donate@fsf.org before attempting to retry your transaction.");
288 break;
289 }
290 return self::error(9009, "Your transaction was declined: {$reply['declinetype']}");
291 break;
292 case self::AUTH_BADDATA:
293 // TODO FIXME do something with $reply['error'] and $reply['offender']
294 return self::error(9011, "Invalid credit card information. The following fields were invalid: {$reply['offenders']}.");
295 break;
296 case self::AUTH_ERROR:
297 return self::error(9002, 'Could not initiate connection to payment gateway');
298 break;
299 }
300 return 0;
301 }
302
303 function _getTrustCommerceFields() {
304 // Total amount is from the form contribution field
305 $amount = $this->_getParam('total_amount');
306 // CRM-9894 would this ever be the case??
307 if (empty($amount)) {
308 $amount = $this->_getParam('amount');
309 }
310 $fields = array();
311 $fields['custid'] = $this->_getParam('user_name');
312 $fields['password'] = $this->_getParam('password');
313 $fields['action'] = 'sale';
314
315 // Enable address verification
316 $fields['avs'] = 'y';
317
318 $fields['address1'] = $this->_getParam('street_address');
319 $fields['zip'] = $this->_getParam('postal_code');
320
321 $fields['name'] = $this->_getParam('billing_first_name') . ' ' . $this->_getParam('billing_last_name');
322
323 // This assumes currencies where the . is used as the decimal point, like USD
324 $amount = preg_replace("/([^0-9\\.])/i", "", $amount);
325
326 // We need to pass the amount to TrustCommerce in dollar cents
327 $fields['amount'] = $amount * 100;
328
329 // Unique identifier
330 $fields['ticket'] = substr($this->_getParam('invoiceID'), 0, 20);
331
332 // cc info
333 $fields['cc'] = $this->_getParam('credit_card_number');
334 $fields['cvv'] = $this->_getParam('cvv2');
335 $exp_month = str_pad($this->_getParam('month'), 2, '0', STR_PAD_LEFT);
336 $exp_year = substr($this->_getParam('year'),-2);
337 $fields['exp'] = "$exp_month$exp_year";
338
339 if ($this->_mode != 'live') {
340 $fields['demo'] = 'y';
341 }
342 return $fields;
343 }
344
345 /**
346 * Checks to see if invoice_id already exists in db
347 *
348 * @param int $invoiceId The ID to check
349 *
350 * @return bool True if ID exists, else false
351 */
352 function _checkDupe($invoiceId) {
353 require_once 'CRM/Contribute/DAO/Contribution.php';
354 $contribution = new CRM_Contribute_DAO_Contribution();
355 $contribution->invoice_id = $invoiceId;
356 return $contribution->find();
357 }
358
359 /**
360 * Get the value of a field if set
361 *
362 * @param string $field the field
363 *
364 * @return mixed value of the field, or empty string if the field is
365 * not set
366 */
367 function _getParam($field) {
368 return CRM_Utils_Array::value($field, $this->_params, '');
369 }
370
371 function &error($errorCode = NULL, $errorMessage = NULL) {
372 $e = CRM_Core_Error::singleton();
373 if ($errorCode) {
374 $e->push($errorCode, 0, NULL, $errorMessage);
375 }
376 else {
377 $e->push(9001, 0, NULL, 'Unknown System Error.');
378 }
379 return $e;
380 }
381
382 /**
383 * Set a field to the specified value. Value must be a scalar (int,
384 * float, string, or boolean)
385 *
386 * @param string $field
387 * @param mixed $value
388 *
389 * @return bool false if value is not a scalar, true if successful
390 */
391 function _setParam($field, $value) {
392 if (!is_scalar($value)) {
393 return FALSE;
394 }
395 else {
396 $this->_params[$field] = $value;
397 }
398 }
399
400 /**
401 * This function checks to see if we have the right config values
402 *
403 * @return string the error message if any
404 * @public
405 */
406 function checkConfig() {
407 $error = array();
408 if (empty($this->_paymentProcessor['user_name'])) {
409 $error[] = ts('Customer ID is not set for this payment processor');
410 }
411
412 if (empty($this->_paymentProcessor['password'])) {
413 $error[] = ts('Password is not set for this payment processor');
414 }
415
416 if (!empty($error)) {
417 return implode('<p>', $error);
418 } else {
419 return NULL;
420 }
421 }
422
423 function cancelSubscription(&$message = '', $params = array()) {
424 $tc_params['custid'] = $this->_getParam('user_name');
425 $tc_params['password'] = $this->_getParam('password');
426 $tc_params['action'] = 'unstore';
427 $tc_params['billingid'] = CRM_Utils_Array::value('trxn_id', $params);
428
429 $result = $this->_sendTCRequest($tc_params);
430
431 /* Test if call failed */
432 if(!$result) {
433 return self::error(9002, 'Could not initiate connection to payment gateway');
434 }
435 /* We are done, pass success */
436 return TRUE;
437 }
438
439 function changeSubscriptionAmount(&$message = '', $params = array()) {
440 $tc_params['custid'] = $this->_getParam('user_name');
441 $tc_params['password'] = $this->_getParam('password');
442 $tc_params['action'] = 'store';
443
444 $tc_params['billingid'] = CRM_Utils_Array::value('subscriptionId', $params);
445 $tc_params['payments'] = CRM_Utils_Array::value('installments', $params);
446 $tc_params['amount'] = CRM_Utils_Array::value('amount', $params) * 100;
447
448 if($tc_params['payments'] == 1) {
449 $tc_params['payments'] = 0;
450 }
451 $reply = $this->_sendTCRequest($tc_params);
452 $result = $this->_getTCReply($reply);
453
454 /* Test if call failed */
455 if(!$result) {
456 return self::error(9002, 'Could not initiate connection to payment gateway');
457 }
458
459 /* We are done, pass success */
460 return TRUE;
461
462 }
463
464 public function install() {
465 return TRUE;
466 }
467
468 public function uninstall() {
469 return TRUE;
470 }
471
472 }