sagepay_server.php (10875B)
1 <?php 2 class ControllerExtensionCreditCardSagepayServer extends Controller { 3 public function index() { 4 if (!$this->customer->isLogged()) { 5 $this->session->data['redirect'] = $this->url->link('account/account', '', true); 6 7 $this->response->redirect($this->url->link('account/login', '', true)); 8 } 9 10 $this->load->language('extension/credit_card/sagepay_server'); 11 12 $this->load->model('extension/payment/sagepay_server'); 13 14 $this->document->setTitle($this->language->get('heading_title')); 15 16 $data['breadcrumbs'] = array(); 17 18 $data['breadcrumbs'][] = array( 19 'text' => $this->language->get('text_home'), 20 'href' => $this->url->link('common/home') 21 ); 22 23 $data['breadcrumbs'][] = array( 24 'text' => $this->language->get('text_account'), 25 'href' => $this->url->link('account/account', '', true) 26 ); 27 28 29 if (isset($this->session->data['success'])) { 30 $data['success'] = $this->session->data['success']; 31 unset($this->session->data['success']); 32 } else { 33 $data['success'] = ''; 34 } 35 36 if (isset($this->session->data['error_warning'])) { 37 $data['error_warning'] = $this->session->data['error_warning']; 38 unset($this->session->data['error_warning']); 39 } else { 40 $data['error_warning'] = ''; 41 } 42 43 if ($this->config->get('payment_sagepay_server_card')) { 44 $data['cards'] = $this->model_extension_payment_sagepay_server->getCards($this->customer->getId()); 45 $data['delete'] = $this->url->link('extension/credit_card/sagepay_server/delete', 'card_id=', true); 46 47 if (isset($this->request->get['page'])) { 48 $page = $this->request->get['page']; 49 } else { 50 $page = 1; 51 } 52 53 $cards_total = count($data['cards']); 54 55 $pagination = new Pagination(); 56 $pagination->total = $cards_total; 57 $pagination->page = $page; 58 $pagination->limit = 10; 59 $pagination->url = $this->url->link('extension/credit_card/sagepay_server', 'page={page}', true); 60 61 $data['pagination'] = $pagination->render(); 62 63 $data['results'] = sprintf($this->language->get('text_pagination'), ($cards_total) ? (($page - 1) * 10) + 1 : 0, ((($page - 1) * 10) > ($cards_total - 10)) ? $cards_total : ((($page - 1) * 10) + 10), $cards_total, ceil($cards_total / 10)); 64 } else { 65 $data['cards'] = false; 66 $data['pagination'] = false; 67 $data['results'] = false; 68 } 69 70 $data['add'] = $this->url->link('extension/credit_card/sagepay_server/add', '', true); 71 $data['back'] = $this->url->link('account/account', '', true); 72 73 $data['column_left'] = $this->load->controller('common/column_left'); 74 $data['column_right'] = $this->load->controller('common/column_right'); 75 $data['content_top'] = $this->load->controller('common/content_top'); 76 $data['content_bottom'] = $this->load->controller('common/content_bottom'); 77 $data['footer'] = $this->load->controller('common/footer'); 78 $data['header'] = $this->load->controller('common/header'); 79 80 $this->response->setOutput($this->load->view('extension/credit_card/sagepay_server_list', $data)); 81 } 82 83 public function delete() { 84 $this->load->language('extension/credit_card/sagepay_server'); 85 86 $this->load->model('extension/payment/sagepay_server'); 87 88 $card = $this->model_extension_payment_sagepay_server->getCard($this->request->get['card_id'], ''); 89 90 if (!empty($card['token'])) { 91 if ($this->config->get('payment_sagepay_server_test') == 'live') { 92 $url = 'https://live.sagepay.com/gateway/service/removetoken.vsp'; 93 } else { 94 $url = 'https://test.sagepay.com/gateway/service/removetoken.vsp'; 95 } 96 97 $payment_data['VPSProtocol'] = '3.00'; 98 $payment_data['Vendor'] = $this->config->get('payment_sagepay_server_vendor'); 99 $payment_data['TxType'] = 'REMOVETOKEN'; 100 $payment_data['Token'] = $card['token']; 101 102 $response_data = $this->model_extension_payment_sagepay_server->sendCurl($url, $payment_data); 103 104 if ($response_data['Status'] == 'OK') { 105 $this->model_extension_payment_sagepay_server->deleteCard($this->request->get['card_id']); 106 $this->session->data['success'] = $this->language->get('text_success_card'); 107 } else { 108 $this->session->data['error_warning'] = $this->language->get('text_fail_card'); 109 } 110 } else { 111 $this->session->data['error_warning'] = $this->language->get('text_fail_card'); 112 } 113 $this->response->redirect($this->url->link('extension/credit_card/sagepay_server', '', true)); 114 } 115 116 public function addCard() { 117 $this->load->language('extension/payment/sagepay_server'); 118 119 $this->load->model('checkout/order'); 120 $this->load->model('extension/payment/sagepay_server'); 121 122 $payment_data = array(); 123 124 if ($this->config->get('payment_sagepay_server_test') == 'live') { 125 $url = 'https://live.sagepay.com/gateway/service/token.vsp'; 126 } else { 127 $url = 'https://test.sagepay.com/gateway/service/token.vsp'; 128 } 129 $payment_data['VPSProtocol'] = '3.00'; 130 131 $payment_data['ReferrerID'] = 'E511AF91-E4A0-42DE-80B0-09C981A3FB61'; 132 $payment_data['TxType'] = 'TOKEN'; 133 $payment_data['Vendor'] = $this->config->get('payment_sagepay_server_vendor'); 134 $payment_data['VendorTxCode'] = 'server_card_' . strftime("%Y%m%d%H%M%S") . mt_rand(1, 999); 135 $payment_data['NotificationURL'] = $this->url->link('extension/credit_card/sagepay_server/callback', '', true); 136 $payment_data['Currency'] = $this->session->data['currency']; 137 138 $response_data = $this->model_extension_payment_sagepay_server->sendCurl($url, $payment_data); 139 140 $this->model_extension_payment_sagepay_server->logger('Response', $response_data); 141 142 if ($response_data['Status'] == 'OK') { 143 $json['redirect'] = $response_data['NextURL']; 144 $json['Status'] = $response_data['Status']; 145 $json['StatusDetail'] = $response_data['StatusDetail']; 146 147 $order_info['order_id'] = -1; 148 $order_info['VPSTxId'] = substr($response_data['VPSTxId'], 1, -1); 149 $order_info['SecurityKey'] = $response_data['SecurityKey']; 150 $order_info['VendorTxCode'] = $payment_data['VendorTxCode']; 151 $order_info['currency_code'] = $this->session->data['currency']; 152 $order_info['total'] = ''; 153 $this->model_extension_payment_sagepay_server->addOrder($order_info); 154 } else { 155 $json['error'] = $response_data['StatusDetail']; 156 } 157 158 $this->response->addHeader('Content-Type: application/json'); 159 $this->response->setOutput(json_encode($json)); 160 } 161 162 public function callback() { 163 $this->load->model('checkout/order'); 164 $this->load->model('extension/payment/sagepay_server'); 165 166 $this->model_extension_payment_sagepay_server->logger('Callback data', $this->request->post); 167 168 $success_page = $this->url->link('extension/credit_card/sagepay_server/success', '', true); 169 $error_page = $this->url->link('extension/credit_card/sagepay_server/failure', '', true); 170 $end_ln = chr(13) . chr(10); 171 172 if (isset($this->request->post['VendorTxCode'])) { 173 $vendor_tx_code = $this->request->post['VendorTxCode']; 174 } else { 175 $vendor_tx_code = ''; 176 } 177 178 if (isset($this->request->post['Status'])) { 179 $str_status = $this->request->post['Status']; 180 } else { 181 $str_status = ''; 182 } 183 184 if (isset($this->request->post['VPSSignature'])) { 185 $str_vps_signature = $this->request->post['VPSSignature']; 186 } else { 187 $str_vps_signature = ''; 188 } 189 190 if (isset($this->request->post['VPSTxId'])) { 191 $str_vps_tx_id = $this->request->post['VPSTxId']; 192 } else { 193 $str_vps_tx_id = ''; 194 } 195 196 if (isset($this->request->post['ExpiryDate'])) { 197 $str_expiry_date = $this->request->post['ExpiryDate']; 198 } else { 199 $str_expiry_date = ''; 200 } 201 202 if (isset($this->request->post['Token'])) { 203 $str_token = $this->request->post['Token']; 204 } else { 205 $str_token = ''; 206 } 207 208 $transaction_info = $this->model_extension_payment_sagepay_server->getOrder('', $str_vps_tx_id); 209 210 if (isset($transaction_info['SecurityKey'])) { 211 $str_security_key = $transaction_info['SecurityKey']; 212 } else { 213 $str_security_key = ''; 214 } 215 $this->model_extension_payment_sagepay_server->logger('$transaction_info', $transaction_info); 216 $this->model_extension_payment_sagepay_server->logger('$str_vps_tx_id', $str_vps_tx_id); 217 $this->model_extension_payment_sagepay_server->logger('$vendor_tx_code', $vendor_tx_code); 218 $this->model_extension_payment_sagepay_server->logger('$str_status', $str_status); 219 $this->model_extension_payment_sagepay_server->logger('payment_sagepay_server_vendor', $this->config->get('payment_sagepay_server_vendor')); 220 $this->model_extension_payment_sagepay_server->logger('$str_token', $str_token); 221 $this->model_extension_payment_sagepay_server->logger('$str_security_key', $str_security_key); 222 223 $str_message = $str_vps_tx_id . $vendor_tx_code . $str_status . strtolower($this->config->get('payment_sagepay_server_vendor')) . $str_token . $str_security_key; 224 225 $str_my_signature = strtoupper(md5($str_message)); 226 227 /** We can now compare our MD5 Hash signature with that from Sage Pay Server * */ 228 if ($str_my_signature != $str_vps_signature) { 229 230 echo "Status=INVALID" . $end_ln; 231 echo "StatusDetail= Cannot match the MD5 Hash. Order might be tampered with." . $end_ln; 232 echo "RedirectURL=" . $error_page . $end_ln; 233 $this->model_extension_payment_sagepay_server->logger('StatusDetail', 'Cannot match the MD5 Hash. Order might be tampered with.'); 234 exit; 235 } 236 237 if ($str_status != "OK") { 238 echo "Status=INVALID" . $end_ln; 239 echo "StatusDetail= Either status invalid or order info was not found."; 240 echo "RedirectURL=" . $error_page . $end_ln; 241 242 $this->model_extension_payment_sagepay_server->logger('StatusDetail', 'Either status invalid or order info was not found.'); 243 244 exit; 245 } 246 247 $card_data['customer_id'] = $transaction_info['customer_id']; 248 $card_data['Token'] = $this->request->post['Token']; 249 $card_data['Last4Digits'] = $this->request->post['Last4Digits']; 250 $card_data['ExpiryDate'] = substr_replace($this->request->post['ExpiryDate'], '/', 2, 0); 251 $card_data['CardType'] = $this->request->post['CardType']; 252 $this->model_extension_payment_sagepay_server->addCard($card_data); 253 254 echo "Status=OK" . $end_ln; 255 echo "RedirectURL=" . $success_page . $end_ln; 256 } 257 258 public function success() { 259 $this->load->model('extension/payment/sagepay_server'); 260 $this->model_extension_payment_sagepay_server->logger('Success', ''); 261 $this->session->data['success'] = 'Success'; 262 $this->response->redirect($this->url->link('extension/credit_card/sagepay_server', '', true)); 263 } 264 265 public function failure() { 266 $this->load->model('extension/payment/sagepay_server'); 267 $this->model_extension_payment_sagepay_server->logger('Failure', ''); 268 $this->session->data['error_warning'] = 'Failure'; 269 $this->response->redirect($this->url->link('extension/credit_card/sagepay_server', '', true)); 270 } 271 }