| [ Index ] |
|
Code source de osCommerce 2.2ms2-060817 |
1 <?php 2 /* 3 $Id: authorizenet.php,v 1.48 2003/04/10 21:42:30 project3000 Exp $ 4 5 osCommerce, Open Source E-Commerce Solutions 6 http://www.oscommerce.com 7 8 Copyright (c) 2003 osCommerce 9 10 Released under the GNU General Public License 11 */ 12 13 class authorizenet { 14 var $code, $title, $description, $enabled; 15 16 // class constructor 17 function authorizenet() { 18 global $order; 19 20 $this->code = 'authorizenet'; 21 $this->title = MODULE_PAYMENT_AUTHORIZENET_TEXT_TITLE; 22 $this->description = MODULE_PAYMENT_AUTHORIZENET_TEXT_DESCRIPTION; 23 $this->enabled = ((MODULE_PAYMENT_AUTHORIZENET_STATUS == 'True') ? true : false); 24 $this->sort_order = MODULE_PAYMENT_AUTHORIZENET_SORT_ORDER; 25 26 if ((int)MODULE_PAYMENT_AUTHORIZENET_ORDER_STATUS_ID > 0) { 27 $this->order_status = MODULE_PAYMENT_AUTHORIZENET_ORDER_STATUS_ID; 28 } 29 30 if (is_object($order)) $this->update_status(); 31 32 $this->form_action_url = 'https://secure.authorize.net/gateway/transact.dll'; 33 } 34 35 // Authorize.net utility functions 36 // DISCLAIMER: 37 // This code is distributed in the hope that it will be useful, but without any warranty; 38 // without even the implied warranty of merchantability or fitness for a particular purpose. 39 40 // Main Interfaces: 41 // 42 // function InsertFP ($loginid, $txnkey, $amount, $sequence) - Insert HTML form elements required for SIM 43 // function CalculateFP ($loginid, $txnkey, $amount, $sequence, $tstamp) - Returns Fingerprint. 44 45 // compute HMAC-MD5 46 // Uses PHP mhash extension. Pl sure to enable the extension 47 // function hmac ($key, $data) { 48 // return (bin2hex (mhash(MHASH_MD5, $data, $key))); 49 //} 50 51 // Thanks is lance from http://www.php.net/manual/en/function.mhash.php 52 //lance_rushing at hot* spamfree *mail dot com 53 //27-Nov-2002 09:36 54 // 55 //Want to Create a md5 HMAC, but don't have hmash installed? 56 // 57 //Use this: 58 59 function hmac ($key, $data) 60 { 61 // RFC 2104 HMAC implementation for php. 62 // Creates an md5 HMAC. 63 // Eliminates the need to install mhash to compute a HMAC 64 // Hacked by Lance Rushing 65 66 $b = 64; // byte length for md5 67 if (strlen($key) > $b) { 68 $key = pack("H*",md5($key)); 69 } 70 $key = str_pad($key, $b, chr(0x00)); 71 $ipad = str_pad('', $b, chr(0x36)); 72 $opad = str_pad('', $b, chr(0x5c)); 73 $k_ipad = $key ^ $ipad ; 74 $k_opad = $key ^ $opad; 75 76 return md5($k_opad . pack("H*",md5($k_ipad . $data))); 77 } 78 // end code from lance (resume authorize.net code) 79 80 // Calculate and return fingerprint 81 // Use when you need control on the HTML output 82 function CalculateFP ($loginid, $txnkey, $amount, $sequence, $tstamp, $currency = "") { 83 return ($this->hmac ($txnkey, $loginid . "^" . $sequence . "^" . $tstamp . "^" . $amount . "^" . $currency)); 84 } 85 86 // Inserts the hidden variables in the HTML FORM required for SIM 87 // Invokes hmac function to calculate fingerprint. 88 89 function InsertFP ($loginid, $txnkey, $amount, $sequence, $currency = "") { 90 $tstamp = time (); 91 $fingerprint = $this->hmac ($txnkey, $loginid . "^" . $sequence . "^" . $tstamp . "^" . $amount . "^" . $currency); 92 93 $str = tep_draw_hidden_field('x_fp_sequence', $sequence) . 94 tep_draw_hidden_field('x_fp_timestamp', $tstamp) . 95 tep_draw_hidden_field('x_fp_hash', $fingerprint); 96 97 return $str; 98 } 99 // end authorize.net code 100 101 // class methods 102 function update_status() { 103 global $order; 104 105 if ( ($this->enabled == true) && ((int)MODULE_PAYMENT_AUTHORIZENET_ZONE > 0) ) { 106 $check_flag = false; 107 $check_query = tep_db_query("select zone_id from " . TABLE_ZONES_TO_GEO_ZONES . " where geo_zone_id = '" . MODULE_PAYMENT_AUTHORIZENET_ZONE . "' and zone_country_id = '" . $order->billing['country']['id'] . "' order by zone_id"); 108 while ($check = tep_db_fetch_array($check_query)) { 109 if ($check['zone_id'] < 1) { 110 $check_flag = true; 111 break; 112 } elseif ($check['zone_id'] == $order->billing['zone_id']) { 113 $check_flag = true; 114 break; 115 } 116 } 117 118 if ($check_flag == false) { 119 $this->enabled = false; 120 } 121 } 122 } 123 124 function javascript_validation() { 125 $js = ' if (payment_value == "' . $this->code . '") {' . "\n" . 126 ' var cc_owner = document.checkout_payment.authorizenet_cc_owner.value;' . "\n" . 127 ' var cc_number = document.checkout_payment.authorizenet_cc_number.value;' . "\n" . 128 ' if (cc_owner == "" || cc_owner.length < ' . CC_OWNER_MIN_LENGTH . ') {' . "\n" . 129 ' error_message = error_message + "' . MODULE_PAYMENT_AUTHORIZENET_TEXT_JS_CC_OWNER . '";' . "\n" . 130 ' error = 1;' . "\n" . 131 ' }' . "\n" . 132 ' if (cc_number == "" || cc_number.length < ' . CC_NUMBER_MIN_LENGTH . ') {' . "\n" . 133 ' error_message = error_message + "' . MODULE_PAYMENT_AUTHORIZENET_TEXT_JS_CC_NUMBER . '";' . "\n" . 134 ' error = 1;' . "\n" . 135 ' }' . "\n" . 136 ' }' . "\n"; 137 138 return $js; 139 } 140 141 function selection() { 142 global $order; 143 144 for ($i=1; $i<13; $i++) { 145 $expires_month[] = array('id' => sprintf('%02d', $i), 'text' => strftime('%B',mktime(0,0,0,$i,1,2000))); 146 } 147 148 $today = getdate(); 149 for ($i=$today['year']; $i < $today['year']+10; $i++) { 150 $expires_year[] = array('id' => strftime('%y',mktime(0,0,0,1,1,$i)), 'text' => strftime('%Y',mktime(0,0,0,1,1,$i))); 151 } 152 $selection = array('id' => $this->code, 153 'module' => $this->title, 154 'fields' => array(array('title' => MODULE_PAYMENT_AUTHORIZENET_TEXT_CREDIT_CARD_OWNER, 155 'field' => tep_draw_input_field('authorizenet_cc_owner', $order->billing['firstname'] . ' ' . $order->billing['lastname'])), 156 array('title' => MODULE_PAYMENT_AUTHORIZENET_TEXT_CREDIT_CARD_NUMBER, 157 'field' => tep_draw_input_field('authorizenet_cc_number')), 158 array('title' => MODULE_PAYMENT_AUTHORIZENET_TEXT_CREDIT_CARD_EXPIRES, 159 'field' => tep_draw_pull_down_menu('authorizenet_cc_expires_month', $expires_month) . ' ' . tep_draw_pull_down_menu('authorizenet_cc_expires_year', $expires_year)))); 160 161 return $selection; 162 } 163 164 function pre_confirmation_check() { 165 global $HTTP_POST_VARS; 166 167 include(DIR_WS_CLASSES . 'cc_validation.php'); 168 169 $cc_validation = new cc_validation(); 170 $result = $cc_validation->validate($HTTP_POST_VARS['authorizenet_cc_number'], $HTTP_POST_VARS['authorizenet_cc_expires_month'], $HTTP_POST_VARS['authorizenet_cc_expires_year']); 171 $error = ''; 172 switch ($result) { 173 case -1: 174 $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4)); 175 break; 176 case -2: 177 case -3: 178 case -4: 179 $error = TEXT_CCVAL_ERROR_INVALID_DATE; 180 break; 181 case false: 182 $error = TEXT_CCVAL_ERROR_INVALID_NUMBER; 183 break; 184 } 185 186 if ( ($result == false) || ($result < 1) ) { 187 $payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&authorizenet_cc_owner=' . urlencode($HTTP_POST_VARS['authorizenet_cc_owner']) . '&authorizenet_cc_expires_month=' . $HTTP_POST_VARS['authorizenet_cc_expires_month'] . '&authorizenet_cc_expires_year=' . $HTTP_POST_VARS['authorizenet_cc_expires_year']; 188 189 tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false)); 190 } 191 192 $this->cc_card_type = $cc_validation->cc_type; 193 $this->cc_card_number = $cc_validation->cc_number; 194 $this->cc_expiry_month = $cc_validation->cc_expiry_month; 195 $this->cc_expiry_year = $cc_validation->cc_expiry_year; 196 } 197 198 function confirmation() { 199 global $HTTP_POST_VARS; 200 201 $confirmation = array('title' => $this->title . ': ' . $this->cc_card_type, 202 'fields' => array(array('title' => MODULE_PAYMENT_AUTHORIZENET_TEXT_CREDIT_CARD_OWNER, 203 'field' => $HTTP_POST_VARS['authorizenet_cc_owner']), 204 array('title' => MODULE_PAYMENT_AUTHORIZENET_TEXT_CREDIT_CARD_NUMBER, 205 'field' => substr($this->cc_card_number, 0, 4) . str_repeat('X', (strlen($this->cc_card_number) - 8)) . substr($this->cc_card_number, -4)), 206 array('title' => MODULE_PAYMENT_AUTHORIZENET_TEXT_CREDIT_CARD_EXPIRES, 207 'field' => strftime('%B, %Y', mktime(0,0,0,$HTTP_POST_VARS['authorizenet_cc_expires_month'], 1, '20' . $HTTP_POST_VARS['authorizenet_cc_expires_year']))))); 208 209 return $confirmation; 210 } 211 212 function process_button() { 213 global $HTTP_SERVER_VARS, $order, $customer_id; 214 215 $sequence = rand(1, 1000); 216 $process_button_string = tep_draw_hidden_field('x_Login', MODULE_PAYMENT_AUTHORIZENET_LOGIN) . 217 tep_draw_hidden_field('x_Card_Num', $this->cc_card_number) . 218 tep_draw_hidden_field('x_Exp_Date', $this->cc_expiry_month . substr($this->cc_expiry_year, -2)) . 219 tep_draw_hidden_field('x_Amount', number_format($order->info['total'], 2)) . 220 tep_draw_hidden_field('x_Relay_URL', tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL', false)) . 221 tep_draw_hidden_field('x_Method', ((MODULE_PAYMENT_AUTHORIZENET_METHOD == 'Credit Card') ? 'CC' : 'ECHECK')) . 222 tep_draw_hidden_field('x_Version', '3.0') . 223 tep_draw_hidden_field('x_Cust_ID', $customer_id) . 224 tep_draw_hidden_field('x_Email_Customer', ((MODULE_PAYMENT_AUTHORIZENET_EMAIL_CUSTOMER == 'True') ? 'TRUE': 'FALSE')) . 225 tep_draw_hidden_field('x_first_name', $order->billing['firstname']) . 226 tep_draw_hidden_field('x_last_name', $order->billing['lastname']) . 227 tep_draw_hidden_field('x_address', $order->billing['street_address']) . 228 tep_draw_hidden_field('x_city', $order->billing['city']) . 229 tep_draw_hidden_field('x_state', $order->billing['state']) . 230 tep_draw_hidden_field('x_zip', $order->billing['postcode']) . 231 tep_draw_hidden_field('x_country', $order->billing['country']['title']) . 232 tep_draw_hidden_field('x_phone', $order->customer['telephone']) . 233 tep_draw_hidden_field('x_email', $order->customer['email_address']) . 234 tep_draw_hidden_field('x_ship_to_first_name', $order->delivery['firstname']) . 235 tep_draw_hidden_field('x_ship_to_last_name', $order->delivery['lastname']) . 236 tep_draw_hidden_field('x_ship_to_address', $order->delivery['street_address']) . 237 tep_draw_hidden_field('x_ship_to_city', $order->delivery['city']) . 238 tep_draw_hidden_field('x_ship_to_state', $order->delivery['state']) . 239 tep_draw_hidden_field('x_ship_to_zip', $order->delivery['postcode']) . 240 tep_draw_hidden_field('x_ship_to_country', $order->delivery['country']['title']) . 241 tep_draw_hidden_field('x_Customer_IP', $HTTP_SERVER_VARS['REMOTE_ADDR']) . 242 $this->InsertFP(MODULE_PAYMENT_AUTHORIZENET_LOGIN, MODULE_PAYMENT_AUTHORIZENET_TXNKEY, number_format($order->info['total'], 2), $sequence); 243 if (MODULE_PAYMENT_AUTHORIZENET_TESTMODE == 'Test') $process_button_string .= tep_draw_hidden_field('x_Test_Request', 'TRUE'); 244 245 $process_button_string .= tep_draw_hidden_field(tep_session_name(), tep_session_id()); 246 247 return $process_button_string; 248 } 249 250 function before_process() { 251 global $HTTP_POST_VARS; 252 253 if ($HTTP_POST_VARS['x_response_code'] == '1') return; 254 if ($HTTP_POST_VARS['x_response_code'] == '2') { 255 tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_AUTHORIZENET_TEXT_DECLINED_MESSAGE), 'SSL', true, false)); 256 } 257 // Code 3 is an error - but anything else is an error too (IMHO) 258 tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(MODULE_PAYMENT_AUTHORIZENET_TEXT_ERROR_MESSAGE), 'SSL', true, false)); 259 } 260 261 function after_process() { 262 return false; 263 } 264 265 function get_error() { 266 global $HTTP_GET_VARS; 267 268 $error = array('title' => MODULE_PAYMENT_AUTHORIZENET_TEXT_ERROR, 269 'error' => stripslashes(urldecode($HTTP_GET_VARS['error']))); 270 271 return $error; 272 } 273 274 function check() { 275 if (!isset($this->_check)) { 276 $check_query = tep_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_AUTHORIZENET_STATUS'"); 277 $this->_check = tep_db_num_rows($check_query); 278 } 279 return $this->_check; 280 } 281 282 function install() { 283 tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Authorize.net Module', 'MODULE_PAYMENT_AUTHORIZENET_STATUS', 'True', 'Do you want to accept Authorize.net payments?', '6', '0', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); 284 tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Login Username', 'MODULE_PAYMENT_AUTHORIZENET_LOGIN', 'testing', 'The login username used for the Authorize.net service', '6', '0', now())"); 285 tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Transaction Key', 'MODULE_PAYMENT_AUTHORIZENET_TXNKEY', 'Test', 'Transaction Key used for encrypting TP data', '6', '0', now())"); 286 tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Transaction Mode', 'MODULE_PAYMENT_AUTHORIZENET_TESTMODE', 'Test', 'Transaction mode used for processing orders', '6', '0', 'tep_cfg_select_option(array(\'Test\', \'Production\'), ', now())"); 287 tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Transaction Method', 'MODULE_PAYMENT_AUTHORIZENET_METHOD', 'Credit Card', 'Transaction method used for processing orders', '6', '0', 'tep_cfg_select_option(array(\'Credit Card\', \'eCheck\'), ', now())"); 288 tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Customer Notifications', 'MODULE_PAYMENT_AUTHORIZENET_EMAIL_CUSTOMER', 'False', 'Should Authorize.Net e-mail a receipt to the customer?', '6', '0', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())"); 289 tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort order of display.', 'MODULE_PAYMENT_AUTHORIZENET_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0', now())"); 290 tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, use_function, set_function, date_added) values ('Payment Zone', 'MODULE_PAYMENT_AUTHORIZENET_ZONE', '0', 'If a zone is selected, only enable this payment method for that zone.', '6', '2', 'tep_get_zone_class_title', 'tep_cfg_pull_down_zone_classes(', now())"); 291 tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, use_function, date_added) values ('Set Order Status', 'MODULE_PAYMENT_AUTHORIZENET_ORDER_STATUS_ID', '0', 'Set the status of orders made with this payment module to this value', '6', '0', 'tep_cfg_pull_down_order_statuses(', 'tep_get_order_status_name', now())"); 292 } 293 294 function remove() { 295 tep_db_query("delete from " . TABLE_CONFIGURATION . " where configuration_key in ('" . implode("', '", $this->keys()) . "')"); 296 } 297 298 function keys() { 299 return array('MODULE_PAYMENT_AUTHORIZENET_STATUS', 'MODULE_PAYMENT_AUTHORIZENET_LOGIN', 'MODULE_PAYMENT_AUTHORIZENET_TXNKEY', 'MODULE_PAYMENT_AUTHORIZENET_TESTMODE', 'MODULE_PAYMENT_AUTHORIZENET_METHOD', 'MODULE_PAYMENT_AUTHORIZENET_EMAIL_CUSTOMER', 'MODULE_PAYMENT_AUTHORIZENET_ZONE', 'MODULE_PAYMENT_AUTHORIZENET_ORDER_STATUS_ID', 'MODULE_PAYMENT_AUTHORIZENET_SORT_ORDER'); 300 } 301 } 302 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Mon Nov 26 19:48:25 2007 | par Balluche grâce à PHPXref 0.7 |
|
|