Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- define(PLATNOSCI_POS_ID, $pos[0]);
- define(PLATNOSCI_KEY1, $klucz1[0]);
- define(PLATNOSCI_KEY2, $klucz2[0]);
- function get_status($parts)
- {
- if ($parts[1] != PLATNOSCI_POS_ID) return array('code' => false, 'message' => 'wrong POS number'); //--- bledny numer POS
- $sig = md5($parts[1] . $parts[2] . $parts[3] . $parts[5] . $parts[4] . $parts[6] . $parts[7] . PLATNOSCI_KEY2);
- if ($parts[8] != $sig) return array('code' => false, 'message' => 'incorrect signature'); //--- bledny podpis
- switch ($parts[5]) {
- case 1:
- return array('code' => $parts[5], 'message' => 'new');
- break;
- case 2:
- return array('code' => $parts[5], 'message' => 'cancelled');
- break;
- case 3:
- return array('code' => $parts[5], 'message' => 'rejected');
- break;
- case 4:
- return array('code' => $parts[5], 'message' => 'started');
- break;
- case 5:
- return array('code' => $parts[5], 'message' => 'awaiting receipt');
- break;
- case 6:
- return array('code' => $parts[5], 'message' => 'no authorization');
- break;
- case 7:
- return array('code' => $parts[5], 'message' => 'payment rejected');
- break;
- case 99:
- return array('code' => $parts[5], 'message' => 'payment received - ended');
- break;
- case 888:
- return array('code' => $parts[5], 'message' => 'incorrect status');
- break;
- default:
- return array('code' => false, 'message' => 'no status');
- break;
- }
- }
- if (!isset($_POST['pos_id']) || !isset($_POST['session_id']) || !isset($_POST['ts']) || !isset($_POST['sig'])) die('ERROR: EMPTY PARAMETERS'); //-- brak wszystkich parametrow
- if ($_POST['pos_id'] != PLATNOSCI_POS_ID) die('ERROR: WRONG POS ID'); //--- błędny numer POS
- $sig = md5($_POST['pos_id'] . $_POST['session_id'] . $_POST['ts'] . PLATNOSCI_KEY2);
- if ($_POST['sig'] != $sig) die('ERROR: WRONG SIGNATURE'); //--- błędny podpis
- $ts = time();
- $sig = md5(PLATNOSCI_POS_ID . $_POST['session_id'] . $ts . PLATNOSCI_KEY1);
- $parameters = "pos_id=" . PLATNOSCI_POS_ID . "&session_id=" . $_POST['session_id'] . "&ts=" . $ts . "&sig=" . $sig;
- $fsocket = false;
- $curl = false;
- $result = false;
- if ((PHP_VERSION >= 4.3) && ($fp = @fsockopen('ssl://' . $server, 443, $errno, $errstr, 30))) {
- $fsocket = true;
- } elseif (function_exists('curl_exec')) {
- $curl = true;
- }
- if ($fsocket == true) {
- $header = 'POST ' . $server_script . ' HTTP/1.0' . "\r\n" .
- 'Host: ' . $server . "\r\n" .
- 'Content-Type: application/x-www-form-urlencoded' . "\r\n" .
- 'Content-Length: ' . strlen($parameters) . "\r\n" .
- 'Connection: close' . "\r\n\r\n";
- @fputs($fp, $header . $parameters);
- $platnosci_response = '';
- while (!@feof($fp)) {
- $res = @fgets($fp, 1024);
- $platnosci_response .= $res;
- }
- @fclose($fp);
- } elseif ($curl == true) {
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, "https://" . $server . $server_script);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_TIMEOUT, 20);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, $parameters);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $platnosci_response = curl_exec($ch);
- curl_close($ch);
- } else {
- die("ERROR: No connect method ...\n");
- }
- //if (preg_match('/<trans>s\*<pos_id>([0-9]*)<\/pos_id>\s*<session_id>(.*?)<\/session_id>\s*<order_id>(.*?)<\/order_id>\s*<amount>(\d+)<\/amount>\s*<status>(\d+)<\/status>\s*<desc>(.*?)<\/desc>\s*<ts>(\d+)<\/ts>\s*<sig>([a-z0-9]*)<\/sig>\s*<\/trans>/si', $platnosci_response, $parts)) $result = get_status($parts);
- //if (preg_match('~^<trans>.*<pos_id>([0-9]*)</pos_id>.*<session_id>(.*)</session_id>.*<order_id>(.*)</order_id>.*<amount>([0-9]*)</amount>.*<status>([0-9]*)</status>.*<desc>(.*)</desc>.*<ts>([0-9]*)</ts>.*<sig>([a-z0-9]*)</sig>.*</trans>$~', $platnosci_response, $parts)) $result = get_status($parts);
- //if (preg_match("/<trans>.*<pos_id>([0-9]*)</pos_id>.*<session_id>(.*)</session_id>.*<order_id>(.*)</order_id>.*<amount>([0-9]*)</amount>.*<status>([0-9]*)</status>.*<desc>(.*)</desc>.*<ts>([0-9]*)</ts>.*<sig>([a-z0-9]*)</sig>.*</trans>/", $platnosci_response, $parts)) $result = get_status($parts);
- // if (eregi("<trans>.*<pos_id>([0-9]*)</pos_id>.*<session_id>(.*)</session_id>.*<order_id>(.*)</order_id>.*<amount>([0-9]*)</amount>.*<status>([0-9]*)</status>.*<desc>(.*)</desc>.*<ts>([0-9]*)</ts>.*<sig>([a-z0-9]*)</sig>.*</trans>", $platnosci_response, $parts)) $result = get_status($parts);
- $parts = array();
- if (preg_match_all("/<trans>\s*<pos_id>([0-9]*)<\/pos_id>\s*<session_id>(.*)<\/session_id>\s*<order_id>(.*)<\/order_id>\s*<amount>([0-9]*)<\/amount>\s*<status>([0-9]*)<\/status>\s*<desc>(.*)<\/desc>\s*<ts>([0-9]*)<\/ts>\s*<sig>([a-z0-9]*)<\/sig>\s*<\/trans>/smi", $platnosci_response, $output_array)) {
- foreach ($output_array as $index => $item) {
- if ($index > 0 && isset($item[0])) {
- $parts[$index] = $item[0];
- }
- }
- }
- $result = get_status($parts);
- if ($result['code']) { //--- rozpoznany status transakcji
- $pos_id = $parts[1];
- $session_id = $parts[2];
- $order_id = $parts[3];
- $amount_grosze = $parts[4]; //-- w groszach
- $status = $parts[5];
- $desc = $parts[6];
- $ts = $parts[7];
- $sig = $parts[8];
- $transid = $parts[2];
- $invoiceid = $parts[3];
- $amount = $amount_grosze / 100;
- $fee = 0;
- /* TODO: zmiana statusu transakcji w systemie Sklepu */
- if ($result['code'] == '99') {
- if ($licencja["status"] == "Active") {
- # Allow Script to Run
- checkCbTransID($transid);
- addInvoicePayment($invoiceid, $transid, $amount, $fee, $gatewaymodule);
- logTransaction($GATEWAY["payu"], $_POST, "Successful");
- if ($licencja["localkey"]) {
- # Save Updated Local Key to DB or File
- $localkeydata = $licencja["localkey"];
- $fh = fopen($key_file, 'w') or die("can't find local key!");
- fwrite($fh, $localkeydata);
- fclose($fh);
- }
- echo "OK";
- exit;
- } elseif ($licencja["status"] == "Invalid") {
- # Show Invalid Message
- echo "Invalid";
- } elseif ($licencja["status"] == "Expired") {
- # Show Expired Message
- echo "Expired";
- } elseif ($licencja["status"] == "Suspended") {
- # Show Suspended Message
- echo "Suspended";
- }
- /*
- $postfields["username"] = $username;
- $postfields["password"] = md5($password);
- $postfields["action"] = "addinvoicepayment";
- $postfields["invoiceid"] = $faktura;
- $postfields["transid"] = $sig;
- $postfields["gateway"] = "platnosci";
- //$postfields["amount"] = $kwota;
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_TIMEOUT, 100);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
- $data = curl_exec($ch);
- curl_close($ch);
- $data = explode(";",$data);
- foreach ($data AS $temp) {
- $temp = explode("=",$temp);
- $results[$temp[0]] = $temp[1];
- }
- */
- } else if ($result['code'] == '2') {
- // transakcja anulowana mozemy również anulować zamowienie
- } else {
- // inne akcje
- }
- // jezeli wszytskie operacje wykonane poprawnie wiec odsylamy ok
- // w innym przypadku należy wygenerować błąd
- // if ( wszystko_ok ) {
- echo "OK";
- exit;
- // } else {
- //
- // }
- } else {
- /* TODO: obsługa powiadamiania o błędnych statusach transakcji*/
- echo "ERROR: data error ....\n";
- echo "code=" . $result['code'] . " message=" . $result['message'] . "\n";
- echo $platnosci_response;
- // powiadomienie bedzie wysłane ponownie przez platnosci.pl
- // ewentualnie dodajemy sobie jakis wpis do logow ...
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement