Untitled

<?php

class YandexModel extends PaymentModel
{
    public $processor;
    public $transField = 'orderNumber';

    public $shopId = '';
    public $scid = '';
    public $shopPassword = '';
    public $mode = 'live';

    public function getModeUrl()
    {
        return ($this->mode == self::MODE_LIVE) ? 'https://money.yandex.ru/eshop.xml' : 'https://demomoney.yandex.ru/eshop.xml';
    }

    public function getFormFields()
    {
        $fields = array(
            'shopId'=>$this->shopId,
            'scid'=>$this->scid,
            'sum'=>round($this->cost, 2),
            'customerNumber'=>$this->id,
            $this->transField=>$this->token,
        );
        return $this->getFormHiddenFields($fields);
    }

    public function verifyPayment()
    {
        if($this->paymentStatus != 'process')
            return false;

        $request = Yii::app()->request->getParam('invoiceId');
        $action = $request->getParam('action');
        $invoiceId = $request->getParam('invoiceId');
        if($action != 'paymentAviso' && $action != 'checkOrder')
            return false;

        $response = null;
        if(!$this->isValidMd5())
        {
            $response = $this->buildResponse($action, $invoiceId, 1);
        }
        elseif($this->shopId != $request->getParam('shopId'))
        {
            $response = $this->buildResponse($action, $invoiceId, 100, 'Invalid shop ID');
        }
        elseif(!$this->isValidCost($request->getParam('orderSumAmount')))
        {
            $response = $this->buildResponse($action, $invoiceId, 100, 'Invalid price');
        }

        if($response != null)
        {
            $this->closeTransaction(2);
            $this->sendResponse($response);
        }

        if($action == 'paymentAviso')
            $this->runProcess();

        $response = $this->buildResponse($action, $invoiceId, 0);
        $this->sendResponse($response);
    }

    /**
     * Checking the MD5 sign.
     * @return bool true if MD5 hash is correct
     */
    private function isValidMd5()
    {
        $request = Yii::app()->request;
        $params = [
            $request->getParam('action'),
            $request->getParam('orderSumAmount'),
            $request->getParam('orderSumCurrencyPaycash'),
            $request->getParam('orderSumBankPaycash'),
            $request->getParam('shopId'),
            $request->getParam('invoiceId'),
            trim($request->getParam('customerNumber')),
            $this->shopPassword
        ];

        $md5 = strtoupper(md5(implode(';', $params)));
        return ($md5 == strtoupper($request->getParam('md5')));
    }

    /**
     * Building XML response.
     * @param  string $functionName  "checkOrder" or "paymentAviso" string
     * @param  string $invoiceId     transaction number
     * @param  string $result_code   result code
     * @param  string $message       error message. May be null.
     * @return string                prepared XML response
     */
    private function buildResponse($functionName, $invoiceId, $result_code, $message = null)
    {
        try
        {
            $performedDatetime = date('c');
            $response = '<?xml version="1.0" encoding="UTF-8"?><' . $functionName . 'Response performedDatetime="' . $performedDatetime .
                '" code="' . $result_code . '" ' . ($message != null ? 'message="' . $message . '"' : "") . ' invoiceId="' . $invoiceId . '" shopId="' . $this->shopId . '"/>';
            return $response;
        }
        catch (Exception $e)
        {
            Yii::log($e->getMessage(), 'error');
        }
        return null;
    }

    private function sendResponse($responseBody)
    {
        header("HTTP/1.0 200");
        header("Content-Type: application/xml");
        echo $responseBody;
        exit;
    }

}