projects / weblabels.fsf.org.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
commiting uncommited changes on live site
[weblabels.fsf.org.git] / crm.fsf.org / 20131203 / files / sites / all / modules-new / civicrm / CRM / Core / Payment / PayPalProIPN.php
1 <?php
2 /*
3 +--------------------------------------------------------------------+
4 | CiviCRM version 4.6 |
5 +--------------------------------------------------------------------+
6 | Copyright CiviCRM LLC (c) 2004-2015 |
7 +--------------------------------------------------------------------+
8 | This file is a part of CiviCRM. |
9 | |
10 | CiviCRM is free software; you can copy, modify, and distribute it |
11 | under the terms of the GNU Affero General Public License |
12 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. |
13 | |
14 | CiviCRM is distributed in the hope that it will be useful, but |
15 | WITHOUT ANY WARRANTY; without even the implied warranty of |
16 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
17 | See the GNU Affero General Public License for more details. |
18 | |
19 | You should have received a copy of the GNU Affero General Public |
20 | License and the CiviCRM Licensing Exception along |
21 | with this program; if not, contact CiviCRM LLC |
22 | at info[AT]civicrm[DOT]org. If you have questions about the |
23 | GNU Affero General Public License or the licensing of CiviCRM, |
24 | see the CiviCRM license FAQ at http://civicrm.org/licensing |
25 +--------------------------------------------------------------------+
26 */
27
28 /**
29 *
30 * @package CRM
31 * @copyright CiviCRM LLC (c) 2004-2015
32 * $Id$
33 *
34 */
35 class CRM_Core_Payment_PayPalProIPN extends CRM_Core_Payment_BaseIPN {
36
37 static $_paymentProcessor = NULL;
38
39 /**
40 * Input parameters from payment processor. Store these so that
41 * the code does not need to keep retrieving from the http request
42 * @var array
43 */
44 protected $_inputParameters = array();
45
46 /**
47 * Store for the variables from the invoice string.
48 * @var array
49 */
50 protected $_invoiceData = array();
51
52 /**
53 * Is this a payment express transaction.
54 */
55 protected $_isPaymentExpress = FALSE;
56
57 /**
58 * Are we dealing with an event an 'anything else' (contribute)
59 * @var string component
60 */
61 protected $_component = 'contribute';
62
63 /**
64 * Constructor function.
65 *
66 * @param array $inputData
67 * Contents of HTTP REQUEST.
68 *
69 * @throws CRM_Core_Exception
70 */
71 public function __construct($inputData) {
72 $this->setInputParameters($inputData);
73 $this->setInvoiceData();
74 parent::__construct();
75 }
76
77 /**
78 * get the values from the rp_invoice_id string.
79 *
80 * @param string $name
81 * E.g. i, values are stored in the string with letter codes.
82 * @param bool $abort
83 * Throw exception if not found
84 *
85 * @throws CRM_Core_Exception
86 * @return mixed
87 */
88 public function getValue($name, $abort = TRUE) {
89 if ($abort && empty($this->_invoiceData[$name])) {
90 throw new CRM_Core_Exception("Failure: Missing Parameter $name");
91 }
92 else {
93 return CRM_Utils_Array::value($name, $this->_invoiceData);
94 }
95 }
96
97 /**
98 * Set $this->_invoiceData from the input array
99 */
100 public function setInvoiceData() {
101 if (empty($this->_inputParameters['rp_invoice_id'])) {
102 $this->_isPaymentExpress = TRUE;
103 return;
104 }
105 $rpInvoiceArray = explode('&', $this->_inputParameters['rp_invoice_id']);
106 // for clarify let's also store without the single letter unreadable
107 //@todo after more refactoring we might ditch storing the one letter stuff
108 $mapping = array(
109 'i' => 'invoice_id',
110 'm' => 'component',
111 'c' => 'contact_id',
112 'b' => 'contribution_id',
113 'r' => 'contribution_recur_id',
114 'p' => 'participant_id',
115 'e' => 'event_id',
116 );
117 foreach ($rpInvoiceArray as $rpInvoiceValue) {
118 $rpValueArray = explode('=', $rpInvoiceValue);
119 $this->_invoiceData[$rpValueArray[0]] = $rpValueArray[1];
120 $this->_inputParameters[$mapping[$rpValueArray[0]]] = $rpValueArray[1];
121 // p has been overloaded & could mean contribution page or participant id. Clearly we need an
122 // alphabet with more letters.
123 // the mode will always be resolved before the mystery p is reached
124 if ($rpValueArray[1] == 'contribute') {
125 $mapping['p'] = 'contribution_page_id';
126 }
127 }
128 if (empty($this->_inputParameters['component'])) {
129 $this->_isPaymentExpress = TRUE;
130 }
131 }
132
133 /**
134 * @param string $name
135 * Of variable to return.
136 * @param string $type
137 * Data type.
138 * - String
139 * - Integer
140 * @param string $location
141 * Deprecated.
142 * @param bool $abort
143 * Abort if empty.
144 *
145 * @throws CRM_Core_Exception
146 * @return mixed
147 */
148 public function retrieve($name, $type, $location = 'POST', $abort = TRUE) {
149 $value = CRM_Utils_Type::validate(
150 CRM_Utils_Array::value($name, $this->_inputParameters),
151 $type,
152 FALSE
153 );
154 if ($abort && $value === NULL) {
155 throw new CRM_Core_Exception("Could not find an entry for $name in $location");
156 }
157 return $value;
158 }
159
160 /**
161 * Process recurring contributions.
162 * @param array $input
163 * @param array $ids
164 * @param array $objects
165 * @param bool $first
166 * @return void|bool
167 */
168 public function recur(&$input, &$ids, &$objects, $first) {
169 if (!isset($input['txnType'])) {
170 CRM_Core_Error::debug_log_message("Could not find txn_type in input request");
171 echo "Failure: Invalid parameters<p>";
172 return FALSE;
173 }
174
175 if ($input['txnType'] == 'recurring_payment' &&
176 $input['paymentStatus'] != 'Completed'
177 ) {
178 CRM_Core_Error::debug_log_message("Ignore all IPN payments that are not completed");
179 echo "Failure: Invalid parameters<p>";
180 return FALSE;
181 }
182
183 $recur = &$objects['contributionRecur'];
184
185 // make sure the invoice ids match
186 // make sure the invoice is valid and matches what we have in
187 // the contribution record
188 if ($recur->invoice_id != $input['invoice']) {
189 CRM_Core_Error::debug_log_message("Invoice values dont match between database and IPN request recur is " . $recur->invoice_id . " input is " . $input['invoice']);
190 echo "Failure: Invoice values dont match between database and IPN request recur is " . $recur->invoice_id . " input is " . $input['invoice'];
191 return FALSE;
192 }
193
194 $now = date('YmdHis');
195
196 // fix dates that already exist
197 $dates = array('create', 'start', 'end', 'cancel', 'modified');
198 foreach ($dates as $date) {
199 $name = "{$date}_date";
200 if ($recur->$name) {
201 $recur->$name = CRM_Utils_Date::isoToMysql($recur->$name);
202 }
203 }
204
205 $sendNotification = FALSE;
206 $subscriptionPaymentStatus = NULL;
207 //List of Transaction Type
208 /*
209 recurring_payment_profile_created RP Profile Created
210 recurring_payment RP Sucessful Payment
211 recurring_payment_failed RP Failed Payment
212 recurring_payment_profile_cancel RP Profile Cancelled
213 recurring_payment_expired RP Profile Expired
214 recurring_payment_skipped RP Profile Skipped
215 recurring_payment_outstanding_payment RP Sucessful Outstanding Payment
216 recurring_payment_outstanding_payment_failed RP Failed Outstanding Payment
217 recurring_payment_suspended RP Profile Suspended
218 recurring_payment_suspended_due_to_max_failed_payment RP Profile Suspended due to Max Failed Payment
219 */
220
221 //set transaction type
222 $txnType = $this->retrieve('txn_type', 'String');
223 //Changes for paypal pro recurring payment
224 $contributionStatuses = civicrm_api3('contribution', 'getoptions', array('field' => 'contribution_status_id'));
225 $contributionStatuses = $contributionStatuses['values'];
226 switch ($txnType) {
227 case 'recurring_payment_profile_created':
228 if (in_array($recur->contribution_status_id, array(
229 array_search('Pending', $contributionStatuses),
230 array_search('In Progress', $contributionStatuses),
231 ))
232 && !empty($recur->processor_id)
233 ) {
234 echo "already handled";
235 return;
236 }
237 $recur->create_date = $now;
238 $recur->contribution_status_id = 2;
239 $recur->processor_id = $this->retrieve('recurring_payment_id', 'String');
240 $recur->trxn_id = $recur->processor_id;
241 $subscriptionPaymentStatus = CRM_Core_Payment::RECURRING_PAYMENT_START;
242 $sendNotification = TRUE;
243 break;
244
245 case 'recurring_payment':
246 if ($first) {
247 $recur->start_date = $now;
248 }
249 else {
250 $recur->modified_date = $now;
251 }
252
253 //contribution installment is completed
254 if ($this->retrieve('profile_status', 'String') == 'Expired') {
255 if (!empty($recur->end_date)) {
256 echo "already handled";
257 return;
258 }
259 $recur->contribution_status_id = 1;
260 $recur->end_date = $now;
261 $sendNotification = TRUE;
262 $subscriptionPaymentStatus = CRM_Core_Payment::RECURRING_PAYMENT_END;
263 }
264
265 // make sure the contribution status is not done
266 // since order of ipn's is unknown
267 if ($recur->contribution_status_id != 1) {
268 $recur->contribution_status_id = 5;
269 }
270 break;
271 }
272
273 $recur->save();
274
275 if ($sendNotification) {
276 $autoRenewMembership = FALSE;
277 if ($recur->id &&
278 isset($ids['membership']) && $ids['membership']
279 ) {
280 $autoRenewMembership = TRUE;
281 }
282 //send recurring Notification email for user
283 CRM_Contribute_BAO_ContributionPage::recurringNotify($subscriptionPaymentStatus,
284 $ids['contact'],
285 $ids['contributionPage'],
286 $recur,
287 $autoRenewMembership
288 );
289 }
290
291 if ($txnType != 'recurring_payment') {
292 return;
293 }
294
295 if (!$first) {
296 //check if this contribution transaction is already processed
297 //if not create a contribution and then get it processed
298 $contribution = new CRM_Contribute_BAO_Contribution();
299 $contribution->trxn_id = $input['trxn_id'];
300 if ($contribution->trxn_id && $contribution->find()) {
301 CRM_Core_Error::debug_log_message("returning since contribution has already been handled");
302 echo "Success: Contribution has already been handled<p>";
303 return TRUE;
304 }
305
306 $contribution->contact_id = $recur->contact_id;
307 $contribution->financial_type_id = $objects['contributionType']->id;
308 $contribution->contribution_page_id = $ids['contributionPage'];
309 $contribution->contribution_recur_id = $ids['contributionRecur'];
310 $contribution->currency = $objects['contribution']->currency;
311 $contribution->payment_instrument_id = $objects['contribution']->payment_instrument_id;
312 $contribution->amount_level = $objects['contribution']->amount_level;
313 $contribution->campaign_id = $objects['contribution']->campaign_id;
314 $objects['contribution'] = &$contribution;
315 }
316 // CRM-13737 - am not aware of any reason why payment_date would not be set - this if is a belt & braces
317 $objects['contribution']->receive_date = !empty($input['payment_date']) ? date('YmdHis', strtotime($input['payment_date'])) : $now;
318
319 $this->single($input, $ids, $objects,
320 TRUE, $first
321 );
322 }
323
324 /**
325 * @param $input
326 * @param $ids
327 * @param $objects
328 * @param bool $recur
329 * @param bool $first
330 *
331 * @return bool
332 */
333 public function single(&$input, &$ids, &$objects, $recur = FALSE, $first = FALSE) {
334 $contribution = &$objects['contribution'];
335
336 // make sure the invoice is valid and matches what we have in the contribution record
337 if ((!$recur) || ($recur && $first)) {
338 if ($contribution->invoice_id != $input['invoice']) {
339 CRM_Core_Error::debug_log_message("Invoice values dont match between database and IPN request");
340 echo "Failure: Invoice values dont match between database and IPN request<p>contribution is" . $contribution->invoice_id . " and input is " . $input['invoice'];
341 return FALSE;
342 }
343 }
344 else {
345 $contribution->invoice_id = md5(uniqid(rand(), TRUE));
346 }
347
348 if (!$recur) {
349 if ($contribution->total_amount != $input['amount']) {
350 CRM_Core_Error::debug_log_message("Amount values dont match between database and IPN request");
351 echo "Failure: Amount values dont match between database and IPN request<p>";
352 return FALSE;
353 }
354 }
355 else {
356 $contribution->total_amount = $input['amount'];
357 }
358
359 $transaction = new CRM_Core_Transaction();
360
361 $participant = &$objects['participant'];
362 $membership = &$objects['membership'];
363
364 $status = $input['paymentStatus'];
365 if ($status == 'Denied' || $status == 'Failed' || $status == 'Voided') {
366 return $this->failed($objects, $transaction);
367 }
368 elseif ($status == 'Pending') {
369 return $this->pending($objects, $transaction);
370 }
371 elseif ($status == 'Refunded' || $status == 'Reversed') {
372 return $this->cancelled($objects, $transaction);
373 }
374 elseif ($status != 'Completed') {
375 return $this->unhandled($objects, $transaction);
376 }
377
378 // check if contribution is already completed, if so we ignore this ipn
379 if ($contribution->contribution_status_id == 1) {
380 $transaction->commit();
381 CRM_Core_Error::debug_log_message("returning since contribution has already been handled");
382 echo "Success: Contribution has already been handled<p>";
383 return TRUE;
384 }
385
386 $this->completeTransaction($input, $ids, $objects, $transaction, $recur);
387 }
388
389 /**
390 * This is the main function to call. It should be sufficient to instantiate the class
391 * (with the input parameters) & call this & all will be done
392 *
393 * @todo the references to POST throughout this class need to be removed
394 * @return void|bool
395 */
396 public function main() {
397 CRM_Core_Error::debug_var('GET', $_GET, TRUE, TRUE);
398 CRM_Core_Error::debug_var('POST', $_POST, TRUE, TRUE);
399 if ($this->_isPaymentExpress) {
400 $this->handlePaymentExpress();
401 return NULL;
402 }
403 $objects = $ids = $input = array();
404 $this->_component = $input['component'] = self::getValue('m');
405 $input['invoice'] = self::getValue('i', TRUE);
406 // get the contribution and contact ids from the GET params
407 $ids['contact'] = self::getValue('c', TRUE);
408 $ids['contribution'] = self::getValue('b', TRUE);
409
410 $this->getInput($input, $ids);
411
412 if ($this->_component == 'event') {
413 $ids['event'] = self::getValue('e', TRUE);
414 $ids['participant'] = self::getValue('p', TRUE);
415 $ids['contributionRecur'] = self::getValue('r', FALSE);
416 }
417 else {
418 // get the optional ids
419 //@ how can this not be broken retrieving from GET as we are dealing with a POST request?
420 // copy & paste? Note the retrieve function now uses data from _REQUEST so this will be included
421 $ids['membership'] = self::retrieve('membershipID', 'Integer', 'GET', FALSE);
422 $ids['contributionRecur'] = self::getValue('r', FALSE);
423 $ids['contributionPage'] = self::getValue('p', FALSE);
424 $ids['related_contact'] = self::retrieve('relatedContactID', 'Integer', 'GET', FALSE);
425 $ids['onbehalf_dupe_alert'] = self::retrieve('onBehalfDupeAlert', 'Integer', 'GET', FALSE);
426 }
427
428 if (!$ids['membership'] && $ids['contributionRecur']) {
429 $sql = "
430 SELECT m.id
431 FROM civicrm_membership m
432 INNER JOIN civicrm_membership_payment mp ON m.id = mp.membership_id AND mp.contribution_id = %1
433 WHERE m.contribution_recur_id = %2
434 LIMIT 1";
435 $sqlParams = array(
436 1 => array($ids['contribution'], 'Integer'),
437 2 => array($ids['contributionRecur'], 'Integer'),
438 );
439 if ($membershipId = CRM_Core_DAO::singleValueQuery($sql, $sqlParams)) {
440 $ids['membership'] = $membershipId;
441 }
442 }
443
444 $paymentProcessorID = CRM_Core_DAO::getFieldValue('CRM_Financial_DAO_PaymentProcessorType',
445 'PayPal', 'id', 'name'
446 );
447
448 if (!$this->validateData($input, $ids, $objects, TRUE, $paymentProcessorID)) {
449 return FALSE;
450 }
451
452 self::$_paymentProcessor = &$objects['paymentProcessor'];
453 //?? how on earth would we not have component be one of these?
454 // they are the only valid settings & this IPN file can't even be called without one of them
455 // grepping for this class doesn't find other paths to call this class
456 if ($this->_component == 'contribute' || $this->_component == 'event') {
457 if ($ids['contributionRecur']) {
458 // check if first contribution is completed, else complete first contribution
459 $first = TRUE;
460 if ($objects['contribution']->contribution_status_id == 1) {
461 $first = FALSE;
462 }
463 return $this->recur($input, $ids, $objects, $first);
464 }
465 else {
466 return $this->single($input, $ids, $objects, FALSE, FALSE);
467 }
468 }
469 else {
470 return $this->single($input, $ids, $objects, FALSE, FALSE);
471 }
472 }
473
474 /**
475 * @param $input
476 * @param $ids
477 *
478 * @return bool
479 * @throws CRM_Core_Exception
480 */
481 public function getInput(&$input, &$ids) {
482
483 if (!$this->getBillingID($ids)) {
484 return FALSE;
485 }
486
487 $input['txnType'] = self::retrieve('txn_type', 'String', 'POST', FALSE);
488 $input['paymentStatus'] = self::retrieve('payment_status', 'String', 'POST', FALSE);
489
490 $input['amount'] = self::retrieve('mc_gross', 'Money', 'POST', FALSE);
491 $input['reasonCode'] = self::retrieve('ReasonCode', 'String', 'POST', FALSE);
492
493 $billingID = $ids['billing'];
494 $lookup = array(
495 "first_name" => 'first_name',
496 "last_name" => 'last_name',
497 "street_address-{$billingID}" => 'address_street',
498 "city-{$billingID}" => 'address_city',
499 "state-{$billingID}" => 'address_state',
500 "postal_code-{$billingID}" => 'address_zip',
501 "country-{$billingID}" => 'address_country_code',
502 );
503 foreach ($lookup as $name => $paypalName) {
504 $value = self::retrieve($paypalName, 'String', 'POST', FALSE);
505 $input[$name] = $value ? $value : NULL;
506 }
507
508 $input['is_test'] = self::retrieve('test_ipn', 'Integer', 'POST', FALSE);
509 $input['fee_amount'] = self::retrieve('mc_fee', 'Money', 'POST', FALSE);
510 $input['net_amount'] = self::retrieve('settle_amount', 'Money', 'POST', FALSE);
511 $input['trxn_id'] = self::retrieve('txn_id', 'String', 'POST', FALSE);
512 $input['payment_date'] = self::retrieve('payment_date', 'String', 'POST', FALSE);
513 }
514
515 /**
516 * Handle payment express IPNs.
517 * For one off IPNS no actual response is required
518 * Recurring is more difficult as we have limited confirmation material
519 * lets look up invoice id in recur_contribution & rely on the unique transaction id to ensure no
520 * duplicated
521 * this may not be acceptable to all sites - e.g. if they are shipping or delivering something in return
522 * then the quasi security of the ids array might be required - although better to
523 * http://stackoverflow.com/questions/4848227/validate-that-ipn-call-is-from-paypal
524 * but let's assume knowledge on invoice id & schedule is enough for now esp for donations
525 * only contribute is handled
526 */
527 public function handlePaymentExpress() {
528 //@todo - loads of copy & paste / code duplication but as this not going into core need to try to
529 // keep discreet
530 // also note that a lot of the complexity above could be removed if we used
531 // http://stackoverflow.com/questions/4848227/validate-that-ipn-call-is-from-paypal
532 // as membership id etc can be derived by the load objects fn
533 $objects = $ids = $input = array();
534 $isFirst = FALSE;
535 $input['txnType'] = $this->retrieve('txn_type', 'String');
536 if ($input['txnType'] != 'recurring_payment') {
537 throw new CRM_Core_Exception('Paypal IPNS not handled other than recurring_payments');
538 }
539 $input['invoice'] = self::getValue('i', FALSE);
540 $this->getInput($input, $ids);
541 if ($this->transactionExists($input['trxn_id'])) {
542 throw new CRM_Core_Exception('This transaction has already been processed');
543 }
544
545 $contributionRecur = civicrm_api3('contribution_recur', 'getsingle', array(
546 'return' => 'contact_id, id',
547 'invoice_id' => $input['invoice'],
548 ));
549 $ids['contact'] = $contributionRecur['contact_id'];
550 $ids['contributionRecur'] = $contributionRecur['id'];
551 $result = civicrm_api3('contribution', 'getsingle', array('invoice_id' => $input['invoice']));
552
553 $ids['contribution'] = $result['id'];
554 //@todo hard - coding 'pending' for now
555 if ($result['contribution_status_id'] == 2) {
556 $isFirst = TRUE;
557 }
558 // arg api won't get this - fix it
559 $ids['contributionPage'] = CRM_Core_DAO::singleValueQuery("SELECT contribution_page_id FROM civicrm_contribution WHERE invoice_id = %1", array(
560 1 => array(
561 $ids['contribution'],
562 'Integer',
563 ),
564 ));
565 // only handle component at this stage - not terribly sure how a recurring event payment would arise
566 // & suspec main function may be a victom of copy & paste
567 // membership would be an easy add - but not relevant to my customer...
568 $this->_component = $input['component'] = 'contribute';
569 $input['trxn_date'] = date('Y-m-d-H-i-s', strtotime(self::retrieve('time_created', 'String')));
570 $paymentProcessorID = CRM_Core_DAO::getFieldValue('CRM_Financial_DAO_PaymentProcessorType',
571 'PayPal', 'id', 'name'
572 );
573
574 if (!$this->validateData($input, $ids, $objects, TRUE, $paymentProcessorID)) {
575 throw new CRM_Core_Exception('Data did not validate');
576 }
577 return $this->recur($input, $ids, $objects, $isFirst);
578 }
579
580 /**
581 * Function check if transaction already exists.
582 * @param string $trxn_id
583 * @return bool|void
584 */
585 public function transactionExists($trxn_id) {
586 if (CRM_Core_DAO::singleValueQuery("SELECT count(*) FROM civicrm_contribution WHERE trxn_id = %1",
587 array(
588 1 => array($trxn_id, 'String'),
589 ))
590 ) {
591 return TRUE;
592 }
593 }
594
595 }