<?php/** @author PrestaShop SA <contact@prestashop.com>* @copyrigh

1. <?php
2.  
3. /*
4.  
5. * @author PrestaShop SA <contact@prestashop.com>
6.  
7. * @copyright 2007-2012 PrestaShop SA
8.  
9. * @version Release: $Revision: 1.4 $
10.  
11. *
12.  
13. * International Registered Trademark & Property of PrestaShop SA
14.  
15. */
16.  
17.  
18.  
19. require_once(dirname(__FILE__).'/../../config/config.inc.php');
20.  
21. require_once(dirname(__FILE__).'/lib/paypal.class.php');
22.  
23. require_once(dirname(__FILE__).'/paypalpro.php');
24.  
25.  
26.  
27. require_once(dirname(__FILE__).'/backward_compatibility/backward.php');
28.  
29.  
30.  
31. /* SSL Tricks to bypass the redirect for the FrontController in 1.5 + */
32.  
33. if (Configuration::get('PS_SSL_ENABLED'))
34.  
35. {
36.  
37. $resetSsl = true;
38.  
39. Configuration::updateValue('PS_SSL_ENABLED', 0);
40.  
41. }
42.  
43. include(dirname(__FILE__). '/../../init.php');
44.  
45. if (isset($resetSsl) && $resetSsl)
46.  
47. Configuration::updateValue('PS_SSL_ENABLED', 1);
48.  
49.  
50.  
51.  
52.  
53. if (Tools::isSubmit('paypalInfo'))
54.  
55. {
56.  
57. try
58.  
59. {
60.  
61. $PayPal = new PayPal(json_decode(base64_decode($_POST['paypalInfo']), true));
62.  
63.  
64.  
65. $response = $PayPal->DoDirectPayment(array(
66.  
67. 'DPFields' => array(
68.  
69. 'paymentaction' => 'Sale',
70.  
71. 'ipaddress' => Tools::safeOutput($_SERVER['REMOTE_ADDR']),
72.  
73. 'returnfmfdetails' => '1',
74.  
75. ),
76.  
77. 'CCDetails' => array(
78.  
79. 'creditcardtype' => Tools::safeOutput($_POST['paypalpro_cardType']),
80.  
81. 'acct' => Tools::safeOutput($_POST['x_card_num']),
82.  
83. 'expdate' => forgeDate($_POST['x_exp_date_m'], $_POST['x_exp_date_y']),
84.  
85. 'cvv2' => Tools::safeOutput($_POST['paypalpro_card_code']),
86.  
87. ),
88.  
89. 'PayerName' => json_decode(base64_decode($_POST['userInfo']), true),
90.  
91. 'BillingAddress' => json_decode(base64_decode($_POST['billingAddressInfo']), true),
92.  
93. 'PaymentDetails' => json_decode(base64_decode($_POST['paymentInfo']), true),
94.  
95. ));
96.  
97.  
98.  
99. if (!isset($response['ACK']) || !isset($response['REQUESTDATA']))
100.  
101. throw new Exception('Paypal returned malformed response');
102.  
103.  
104.  
105. if (isset($response['ERRORS']) && count($response['ERRORS']))
106.  
107. throw new Exception('PayPalPro returned errors: <pre>'.
108.  
109. print_r($response['ERRORS'], true).'</pre>');
110.  
111.  
112.  
113. if (!(int)$response['REQUESTDATA']['INVNUM'])
114.  
115. throw new Exception('Missing cart number');
116.  
117.  
118.  
119. if (!(float)$response['AMT'])
120.  
121. throw new Exception('Missing price paid');
122.  
123.  
124.  
125. $cart = new Cart((int)$response['REQUESTDATA']['INVNUM']);
126.  
127. if (!Validate::isLoadedObject($cart))
128.  
129. throw new Exception('Cart loading failed for cart '.
130.  
131. (int)$response['REQUESTDATA']['INVNUM']);
132.  
133.  
134.  
135. $customer = new Customer((int)$cart->id_customer);
136.  
137. if (!Validate::isLoadedObject($customer))
138.  
139. throw new Exception('Customer laoding failed for customer '.
140.  
141. (int)$cart->id_customer);
142.  
143.  
144.  
145. switch (strtolower($response['ACK']))
146.  
147. {
148.  
149. case 'success':
150.  
151. $paypalpro = new PayPalPro();
152.  
153.  
154.  
155. $paypalpro->validateOrder((int)$cart->id,
156.  
157. Configuration::get('PS_OS_PAYMENT'), (float)$response['AMT'],
158.  
159. (!Configuration::get('PAYPALPRO_DISPLAY_LOGO') ? 'PayPal Pro Direct Payment' : 'Credit Card Payment'), NULL, NULL, false,
160.  
161. $customer->secure_key);
162.  
163.  
164.  
165. $url = 'index.php?controller=order-confirmation&';
166.  
167. if (_PS_VERSION_ < '1.5')
168.  
169. $url = 'order-confirmation.php?';
170.  
171.  
172.  
173. Tools::redirect($url.'id_module='.(int)$paypalpro->id.'&id_cart='.
174.  
175. (int)$cart->id.'&key='.$customer->secure_key);
176.  
177.  
178.  
179. break ;
180.  
181.  
182.  
183. default:
184.  
185. throw new Exception('The transaction did not succeed: '.
186.  
187. $response['ACK']);
188.  
189. }
190.  
191.  
192.  
193. }
194.  
195. catch (Exception $e)
196.  
197. {
198.  
199. Logger::AddLog('[PayPalPro] '.Tools::safeOutput($e->getMessage()), 2);
200.  
201. $checkout_type = Configuration::get('PS_ORDER_PROCESS_TYPE') ?
202.  
203. 'order-opc' : 'order';
204.  
205. $url = _PS_VERSION_ >= '1.5' ?
206.  
207. 'index.php?controller='.$checkout_type.'&' : $checkout_type.'.php?';
208.  
209. $url .= 'step=3&cgv=1&paypalproerror=1';
210.  
211.  
212.  
213. if (!isset($_SERVER['HTTP_REFERER']) ||
214.  
215. strstr($_SERVER['HTTP_REFERER'], 'order'))
216.  
217. Tools::redirect($url);
218.  
219. elseif (strstr($_SERVER['HTTP_REFERER'], '?'))
220.  
221. Tools::redirect(Tools::safeOutput($_SERVER['HTTP_REFERER']).'&paypalproerror=1', '');
222.  
223. else
224.  
225. Tools::redirect(Tools::safeOutput($_SERVER['HTTP_REFERER']).'?paypalproerror=1', '');
226.  
227.  
228.  
229. exit;
230.  
231. }
232.  
233. }
234.  
235.  
236.  
237. function forgeDate($m, $y)
238.  
239. {
240.  
241. $m = substr(Tools::safeOutput($m), 0, 2);
242.  
243. $y = substr(Tools::safeOutput($y), 0, 2);
244.  
245. if (intval($m) <= 0 || intval($y) <= 0)
246.  
247. throw new Exception('Wrong date');
248.  
249. return $m.'20'.$y;
250.  
251. }