UPGRADE NOTE:
Do not edit or add to this file if you wish to upgrade AbanteCart to newer
versions in the future. If you wish to customize AbanteCart for your
needs please refer to http://www.AbanteCart.com for more information.
------------------------------------------------------------------------------*/
if ( !defined ( 'DIR_CORE' )) {
header ( 'Location: static_pages/' );
}
class ModelExtensionDefaultRealex extends Model {
public function getMethod($address) {
$this->load->language('default_realex/default_realex');
if ($this->config->get('default_realex_status')) {
$query = $this->db->query("SELECT * FROM `" . $this->db->table("zones_to_locations") . "` WHERE location_id = '" . (int)$this->config->get('default_realex_location_id') . "' AND country_id = '" . (int)$address['country_id'] . "' AND (zone_id = '" . (int)$address['zone_id'] . "' OR zone_id = '0')");
if (!$this->config->get('default_realex_location_id')) {
$status = TRUE;
} elseif ($query->num_rows) {
$status = TRUE;
} else {
$status = FALSE;
}
} else {
$status = FALSE;
}
$payment_data = array();
if ($status) {
$payment_data = array(
'id' => 'default_realex',
'title' => $this->language->get('text_title'),
'sort_order' => $this->config->get('default_realex_sort_order')
);
}
return $payment_data;
}
public function check3DEnrollment($account, $amount, $currency, $order_ref, $data) {
$timestamp = strftime("%Y%m%d%H%M%S");
$merchant_id = $this->config->get('default_realex_merchant_id');
$secret = $this->config->get('default_realex_secret');
$tmp = $timestamp . '.' . $merchant_id . '.' . $order_ref . '.' . $amount . '.' . $currency . '.' . $data['cc_number'];
$hash = sha1($tmp);
$tmp = $hash . '.' . $secret;
$hash = sha1($tmp);
$xml = ''."\n";
$xml .= '' . $merchant_id . ''."\n";
$xml .= '' . $account . ''."\n";
$xml .= '' . $order_ref . ''."\n";
$xml .= '' . $amount . ''."\n";
$xml .= ''."\n";
$xml .= '' . $data['cc_number'] . ''."\n";
$xml .= '' . $data['cc_expire_date_month'] . $data['cc_expire_date_year'] . ''."\n";
$xml .= '' . $data['cc_type'] . ''."\n";
$xml .= '' . $data['cc_owner'] . ''."\n";
$xml .= ''."\n";
$xml .= '' . $hash . ''."\n";
$xml .= ''."\n";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://epage.payandshop.com/epage-3dsecure.cgi");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "AbanteCart " . VERSION);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$response = curl_exec ($ch);
curl_close ($ch);
return simplexml_load_string($response);
}
public function processPayment($pd, $v3d) {
$this->load->model('checkout/order');
$this->load->language('default_realex/default_realex');
$timestamp = strftime("%Y%m%d%H%M%S");
$merchant_id = $this->config->get('default_realex_merchant_id');
$secret = $this->config->get('default_realex_secret');
$tmp = $timestamp.'.'.$merchant_id.'.'.$pd['order_ref'].'.'.$pd['amount'].'.'.$pd['currency'].'.'.$pd['cc_number'];
$hash = sha1($tmp);
$tmp = $hash.'.'.$secret;
$hash = sha1($tmp);
$order_info = $this->model_checkout_order->getOrder($pd['order_id']);
$xml = ''."\n";
$xml .= '' . $merchant_id . ''."\n";
if ($pd['account']) {
$xml .= '' . $pd['account'] . ''."\n";
}
$xml .= '' . $pd['order_ref'] . ''."\n";
$xml .= '' . $pd['amount'] . ''."\n";
$xml .= ''."\n";
$xml .= 'AbanteCart'."\n";
$xml .= ''."\n";
$xml .= ''."\n";
$xml .= '' . $pd['cc_number'] . ''."\n";
$xml .= '' . $pd['cc_expire'] . ''."\n";
$xml .= '' . $pd['cc_type'] . ''."\n";
$xml .= '' . $pd['cc_owner'] . ''."\n";
$xml .= ''."\n";
$xml .= '' . (int)$pd['cc_cvv2'] . ''."\n";
$xml .= '2'."\n";
$xml .= ''."\n";
if (has_value($pd['cc_issue'])) {
$xml .= '' . (int)$pd['cc_issue'] . ''."\n";
}
$xml .= ''."\n";
if ($this->config->get('default_realex_settlement') == 'delayed') {
$xml .= ''."\n";
} elseif ($this->config->get('default_realex_settlement') == 'auto') {
$xml .= ''."\n";
} elseif ($this->config->get('default_realex_settlement') == 'multi') {
$xml .= ''."\n";
} else {
$xml .= ''."\n";
}
if ( has_value($v3d['eci']) || has_value($v3d['cavv']) || has_value($v3d['xid']) ) {
$xml .= ''."\n";
if (has_value($v3d['eci'])) {
$xml .= '' . (string)$v3d['eci'] . ''."\n";
}
if (has_value($v3d['cavv'])) {
$xml .= '' . (string)$v3d['cavv'] . ''."\n";
}
if (has_value($v3d['xid'])) {
$xml .= '' . (string)$v3d['xid'] . ''."\n";
}
$xml .= ''."\n";
}
$xml .= '' . $hash . ''."\n";
if ($this->config->get('default_realex_tss_check')) {
$xml .= ''."\n";
$xml .= '' . $order_info['ip'] . ''."\n";
//if not guest checkout
if ($this->customer->getId() > 0) {
$xml .= '' . (int)$this->customer->getId() . ''."\n";
}
if (has_value($order_info['payment_iso_code_2']) || has_value($order_info['payment_postcode'])) {
$xml .= ''."\n";
if (has_value($order_info['payment_postcode'])) {
$xml .= '' . filter_var($order_info['payment_postcode'], FILTER_SANITIZE_NUMBER_INT) . '|' . filter_var($order_info['payment_address_1'], FILTER_SANITIZE_NUMBER_INT) . '
'."\n";
}
if (has_value($order_info['payment_iso_code_2'])) {
$xml .= '' . $order_info['payment_iso_code_2'] . ''."\n";
}
$xml .= ''."\n";
}
if (has_value($order_info['shipping_iso_code_2']) || has_value($order_info['shipping_postcode'])) {
$xml .= ''."\n";
if (has_value($order_info['shipping_postcode'])) {
$xml .= '' . filter_var($order_info['shipping_postcode'], FILTER_SANITIZE_NUMBER_INT) . '|' . filter_var($order_info['shipping_address_1'], FILTER_SANITIZE_NUMBER_INT) . '
'."\n";
}
if (has_value($order_info['shipping_iso_code_2'])) {
$xml .= '' . $order_info['shipping_iso_code_2'] . ''."\n";
}
$xml .= ''."\n";
}
$xml .= ''."\n";
}
$xml .= ''."\n";
ADebug::variable('Processing realex payment request: ', $xml);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://epage.payandshop.com/epage-remote.cgi");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "AbanteCart ".VERSION);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$response = curl_exec ($ch);
curl_close ($ch);
ADebug::variable('Processing realex payment response: ', $response);
$response = simplexml_load_string($response);
//Note: no language support as this UK based payment
$message .= 'Order Reference: ' . (string)$pd['order_ref'] . "\n";
$message .= 'Transaction Timestamp: ' . (string)$timestamp;
$message = 'Response Result: ' . (int)$response->result . "\n";
$message .= 'Response Message: ' . (string) $result->message . "\n";
if (isset($result->authcode)) {
$message .= 'AuthCode: ' . (string) $result->authcode . "\n";
}
if (isset($result->cvnresult)) {
$message .= 'CVNResult: ' . (string) $result->cvnresult . "\n";
}
if (isset($result->avsaddressresponse)) {
$message .= 'AvsAddressResponse: ' . (string) $result->avsaddressresponse . "\n";
}
if (isset($result->avspostcoderesponse)) {
$message .= 'AvsPostCodeResponse: ' . (string) $result->avspostcoderesponse . "\n";
}
if (has_value($v3d['eci_ref'])) {
$text_arr = array();
$text_arr[0] = 'ECI (3D secure) ';
$text_arr[1] = 'Cardholder Not Enrolled, liability shift';
$text_arr[2] = 'Unable To Verify Enrolment, no liability shift';
$text_arr[3] = 'Invalid Response From Enrolment Server, no liability shift';
$text_arr[4] = 'Enrolled, But Invalid Response From ACS (Access Control Server), no liability shift';
$text_arr[5] = 'Successful Authentication, liability shift';
$text_arr[6] = 'Authentication Attempt Acknowledged, liability shift';
$text_arr[7] = 'Incorrect Password Entered, no liability shift';
$text_arr[8] = 'Authentication Unavailable, no liability shift';
$text_arr[9] = 'Invalid Response From ACS, no liability shift';
$text_arr[10] = 'RealMPI Fatal Error, no liability shift';
$message .= $text_arr[0].': (' . (int)$v3d['eci'] . ') ' . $text_arr[(int)$v3d['eci_ref']];
}
if (has_value($response->tss->result)) {
$message .= 'TSS: ' . (int)$response->tss->result;
}
if ($response->result == '00') {
//finalize order only if payment is a success
$realex_order_id = $this->recordOrder($order_info, $response, $pd['account'], $pd['order_ref']);
if ($this->config->get('default_realex_settlement') == 'auto') {
$this->addTransaction($realex_order_id, 'payment', $order_info);
//auto complete the order in sattled mode
$this->model_checkout_order->confirm(
$pd['order_id'],
$this->config->get('default_realex_status_success_settled')
);
} else {
$this->addTransaction($realex_order_id, 'auth', 0);
//complete the order in unsattled mode
$this->model_checkout_order->confirm(
$pd['order_id'],
$this->config->get('default_realex_status_success_unsettled')
);
}
} elseif ($response->result == "101") {
// Transaction Declined
$this->model_checkout_order->addHistory(
$pd['order_id'],
$this->config->get('default_realex_status_decline'),
$message
);
} elseif ($response->result == "102") {
$this->model_checkout_order->addHistory(
$pd['order_id'],
$this->config->get('default_realex_status_decline_pending'),
$message
);
} elseif ($response->result == "103") {
$this->model_checkout_order->addHistory(
$pd['order_id'],
$this->config->get('default_realex_status_decline_stolen'),
$message
);
} elseif (in_array($response->result, array("200", "204", "205"))) {
$this->model_checkout_order->addHistory(
$pd['order_id'],
$this->config->get('default_realex_status_decline_bank'),
$message
);
} else {
// Some other error
$this->model_checkout_order->addHistory(
$pd['order_id'],
$this->config->get('default_realex_status_decline'),
$message
);
}
return $response;
}
//Check 3D Signature
public function verify3DSignature( $data, $pares) {
$this->load->model('checkout/order');
$timestamp = strftime("%Y%m%d%H%M%S");
$merchant_id = $this->config->get('default_realex_merchant_id');
$secret = $this->config->get('default_realex_secret');
$tmp = $timestamp.'.'.$merchant_id.'.'.$data['order_ref'].'.'.$data['amount'].'.'.$data['currency'].'.'.$data['cc_number'];
$hash = sha1($tmp);
$tmp = $hash . '.' . $secret;
$hash = sha1($tmp);
$xml = '';
$xml .= ''."\n";
$xml .= '' . $merchant_id . ''."\n";
$xml .= '' . $data['account'] . ''."\n";
$xml .= '' . $data['order_ref'] . ''."\n";
$xml .= '' . (int)$data['amount'] . ''."\n";
$xml .= ''."\n";
$xml .= '' . $data['cc_number'] . ''."\n";
$xml .= '' . $data['cc_expire'] . ''."\n";
$xml .= '' . $data['cc_type'] . ''."\n";
$xml .= '' . $data['cc_owner'] . ''."\n";
$xml .= ''."\n";
$xml .= '' . $pares . ''."\n";
$xml .= '' . $hash . ''."\n";
$xml .= ''."\n";
ADebug::variable('Running verify3DSignature: ', $xml);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://epage.payandshop.com/epage-3dsecure.cgi");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "AbanteCart " . VERSION);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$response = curl_exec ($ch);
curl_close ($ch);
ADebug::variable('Response from verify3DSignature: ', $response);
return simplexml_load_string($response);
}
//record order with realex database
public function recordOrder($order_info, $response, $account, $order_ref) {
if ($this->config->get('default_realex_settlement') == 'auto') {
$settle_status = 1;
} else {
$settle_status = 0;
}
$this->db->query("INSERT INTO `" . $this->db->table("realex_orders") . "`
SET `order_id` = '" . (int)$order_info['order_id'] . "',
`settle_type` = '" . (int)$this->config->get('default_realex_settlement') . "',
`order_ref` = '" . $this->db->escape($order_ref) . "',
`order_ref_previous` = '" . $this->db->escape($order_ref) . "',
`capture_status` = '" . (int)$settle_status . "',
`currency_code` = '" . $this->db->escape($order_info['currency']) . "',
`pasref` = '" . $this->db->escape($response->pasref) . "',
`pasref_previous` = '" . $this->db->escape($response->pasref) . "',
`authcode` = '" . $this->db->escape($response->authcode) . "',
`account` = '" . $this->db->escape($account) . "',
`total` = '" . $this->currency->convert($order_info['total'],$this->config->get('config_currency'), $order_info['currency']) . "',
`date_added` = now()
");
return $this->db->getLastId();
}
public function addTransaction($realex_order_id, $type, $order_info) {
$this->db->query("INSERT INTO `" . $this->db->table("realex_order_transactions") . "`
SET `realex_order_id` = '" . (int)$realex_order_id . "',
`type` = '" . $this->db->escape($type) . "',
`amount` = '" . $this->currency->convert($order_info['total'],$this->config->get('config_currency'), $order_info['currency']) . "',
`date_added` = now()
");
}
}