bebeboutik/modules/paybox/direct_paiement.php

<?php
require_once(dirname(__FILE__).'/../../config/config.inc.php');
require_once(dirname(__FILE__).'/../../init.php');
require_once(dirname(__FILE__).'/paybox.php');

global $cart, $smarty;

$module = new Paybox();
$controller->preProcess();

if (!$cookie->isLogged())
    Tools::redirect('authentication.php');

// verif if there's one order already then redirect to the order detail
if ($id_order = (int)Order::getOrderByCartId($cart->id))
{
    // log
    $content = '';
    if (file_exists('logs.txt')) {
        $content = file_get_contents('logs.txt');
    }
    $line = 'SECONDE TENTATIVE ['.(int)$cart->id.'] '.date('Y-m-d H:i:s').': Redirect id_order='.$id_order."\n";
    $content .= $line;
    file_put_contents('logs.txt', $content);
    // end log

    Tools::redirect('order-detail.php?id_order='.$id_order);
}

// verif if there's at least one order with this delivery address
$orders_with_delivery_address = Db::getInstance()->getValue('
    SELECT COUNT(`id_order`)
    FROM `'._DB_PREFIX_.'orders`
    WHERE `id_address_delivery` = '.(int)$cart->id_address_delivery.'
    AND `id_customer` = '.(int)$cart->id_customer.'
');
if ($orders_with_delivery_address == 0) {
    Tools::redirect('order.php?step=3&cgv=1&paybox_error=1');
}

$id_paybox_card = Tools::getValue('id_paybox_card', false);
if ($id_paybox_card) {
    $paybox_card = Db::getInstance()->getRow('
        SELECT *
        FROM `ps_paybox_customer_agreement`
        WHERE `id_customer` = '.(int)$cart->id_customer.'
        AND `id_paybox_card` = '.(int)$id_paybox_card.'
    ');
    if(empty($paybox_card) || (int)$paybox_card['id_customer']!=(int)$cart->id_customer) {
        Tools::redirect('order.php?step=3&cgv=1&paybox_error=1');
    }
} else {
    Tools::redirect('order.php?step=3&cgv=1&paybox_error=1');
}

include(dirname(__FILE__).'/../../header.php');

if(Configuration::get('PBX_DEMO_MODE') == 0) {
    $curl = curl_init('https://preprod-ppps.paybox.com/PPPS.php');
} else {
    $curl = curl_init('https://ppps.paybox.com/PPPS.php');
}

curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_COOKIESESSION, true);

$pbx_site = trim(Configuration::get('PBX_SITE'));
$pbx_rang = trim(Configuration::get('PBX_RANG'));
$pbx_id = trim(Configuration::get('PBX_ID'));

$num_question = Configuration::get('NUM_QUESTION_PAYBOX') + 1;
Configuration::updateValue('NUM_QUESTION_PAYBOX', $num_question);

$montant   = "".(Tools::convertPrice($cart->getOrderTotal(), null, false) * 100)."";
$devise    = 978;
$numbers   = urldecode($paybox_card['handle']);
$dateval   = $paybox_card['date'];
$customer  = new Customer((int)$cart->id_customer);
$refabonne = $paybox_card['refabonne'];
$language  = new Language((int)$cart->id_lang);
switch ($language->iso_code)
{
    case 'fr':
        $country = 'FRA';
    break;
    case 'es':
        $country = 'ESP';
    break;
    case 'de':
        $country = 'DEU';
    break;
    case 'it':
        $country = 'ITA';
    break;
    case 'nl':
        $country = 'NLD';
    break;
    case 'sv':
        $country = 'SWE';
    break;
    case 'en-us':
    default:
        $country = 'GBR';
    break;
}
unset($language);

$postfields = array(
    'VERSION'     => '00104',
    'TYPE'        => '00053',
    'SITE'        => $pbx_site,
    'RANG'        => $pbx_rang,
    'CLE'         => 'EFNLJKFB',
    'NUMQUESTION' => $num_question,
    'MONTANT'     => str_pad($montant, 10, '0', STR_PAD_LEFT),
    'DEVISE'      => $devise,
    'REFERENCE'   => (int)$cart->id,
    'REFABONNE'   => $refabonne,
    'PORTEUR'     => $numbers,
    'DATEVAL'     => $dateval,
    'ACTIVITE'    => '027',
    'PAYS'        => $country,
    /*'CVV'         => Configuration::get('PBX_DEMO_MODE') == 0 ?'000':$cvv,*/
    'DATEQ'       => date('dmYHis')
);

$authorized_ip = array(
  '88.163.22.99',
  '90.63.178.63',
);
$trame = http_build_query($postfields, '', '&');
if (in_array($_SERVER['REMOTE_ADDR'], $authorized_ip)) {
    mail('marion@antadis.com', '[BBB] Envoi paybox direct', $trame);
}

// log
    $content = '';
    if (file_exists('logs.txt')) {
        $content = file_get_contents('logs.txt');
    }
    $line = 'SEND ['.(int)$cart->id.']['.$num_question.'] '.date('Y-m-d H:i:s').': '.$trame."\n";
    $content .= $line;
    file_put_contents('logs.txt', $content);
// end log

curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
curl_setopt($curl, CURLOPT_POSTFIELDS, $trame);

$response = curl_exec($curl);
curl_close($curl);

// log
    $content = '';
    if (file_exists('logs.txt')) {
        $content = file_get_contents('logs.txt');
    }
    $line = 'RESPONSE ['.(int)$cart->id.']['.$num_question.'] '.date('Y-m-d H:i:s').': '.$response."\n";
    $content .= $line;
file_put_contents('logs.txt', $content);
// end log

$data = explode('&', $response);
foreach ($data as $d) {
    $d = explode('=', $d);
    if($d[0] == 'NUMTRANS') {
        $num_trans = $d[1];
    } elseif($d[0] == 'NUMAPPEL') {
        $num_appel = $d[1];
    } elseif($d[0] == 'AUTORISATION') {
        $autorisation = $d[1];
    } elseif($d[0] == 'CODEREPONSE') {
        $code_reponse = $d[1];
    } elseif($d[0] == 'COMMENTAIRE') {
        $commentaire = $d[1];
    } elseif($d[0] == 'PAYS') {
        $pays = $d[1];
    }
}

$data[7] = utf8_encode($data[7]);

if (in_array($_SERVER['REMOTE_ADDR'], $authorized_ip)) {
    mail('marion@antadis.com', '[BBB] Reponse paybox direct', $response);
}

$error = '';
$paybox = new Paybox();
$test_mode = (int)Configuration::get('PBX_DEMO_MODE');

$values = array(
    'm' => (int) $montant,
    'r' => (int) $cart->id,
    't' => (int) $num_appel,
    'p' => $autorisation,
    'c' => $paybox_card['payment_type'],
    'a' => 'CARTE',
    's' => (int) $num_trans,
    'e' => $code_reponse,
    'd' => $paybox_card['date'],
    'i' => isset($pays)?$pays:null,
    'saved' => 1
);

// payment success

if ((!isset($autorisation) || empty($autorisation)))
{
    if (in_array($_SERVER['REMOTE_ADDR'], $authorized_ip)) {
        mail('marion@antadis.com', '[BBB] ERREUR Reponse paybox direct', http_build_query($data, '', '&'));
    }
    Logger::addLog('No autorisation number', 4);
    die('No autorisation number');
}
// Wrong authorization number in live mode
if ($autorisation == 'XXXXXX' && $test_mode === 1) {
    $error .= '- error payment - wrong authorization number <br>'."\n";
}

if ($id_order = (int)Order::getOrderByCartId($cart->id))
{
    // log
    $content = '';
    if (file_exists('logs.txt')) {
        $content = file_get_contents('logs.txt');
    }
    $line = 'SECONDE RESPONSE ['.(int)$cart->id.']['.$num_question.'] '.date('Y-m-d H:i:s').': '.$response."\n";
    $content .= $line;
    file_put_contents('logs.txt', $content);
    // end log

    if (empty($error))
    {
        $order = new Order($id_order);
        $order->valid = 1;
        $order->total_paid_real = $values['m'] / 100;
        $order->update();

        if ($order->getCurrentState() != _PS_OS_PAYMENT_)
        {
            $products = $cart->getProducts();
            foreach ($products as $product)
            {
                Product::updateQuantity($product);
                Hook::updateQuantity($product, $order);
            }
        }

        $history = new OrderHistory();
        $history->id_order = $id_order;
        $history->changeIdOrderState((int)_PS_OS_PAYMENT_, $id_order);
        $history->addWithemail(true, array());

        $order_message = '';
        foreach ($values as $key => $value) {
            $order_message .= $key.': '.$value.'<br>';
        }

        if (isset($order_message) && !empty($order_message))
        {
            $msg = new Message();
            $message = $order_message;
            if (Validate::isCleanHtml($order_message))
            {
                $msg->message = $order_message;
                $msg->id_order = (int)$order->id;
                $msg->private = 1;
                $msg->add();
            }
        }
    }
    die($error);
}

$total_paid = $values['m'] / 100;

if ($test_mode === 0)
{
    if (empty($error) && $code_reponse == '00000')
    {
        $error = '***TEST*** : Validated Payment  <br>'."\n";
        $statut = _PS_OS_PAYMENT_;
    }
    else
    {
        $error = '***TEST*** : Invalid Payment  <br>'."\n".$error;
        $statut = _PS_OS_ERROR_;
    }
}
elseif ($test_mode === 1)
{
    if ($code_reponse == '00000' && empty($error)){
        $statut = _PS_OS_PAYMENT_;
    }
    else
    {
        $statut = _PS_OS_ERROR_;
    }
}

switch ($code_reponse)
{
    case '00001':
        $error .= 'Connection to the authorization center failed or an internal error occurred <br>'."\n";
    break;
    case '00003':
        $error .= 'Paybox error<br>'."\n";
    break;
    case '00004':
        $error .= 'Card number invalid or visual cryptogram invalid <br>'."\n";
    break;
    case '00006':
        $error .= 'Access refused or site/rank/identifier incorrect <br>'."\n";
    break;
    case '00008':
        $error .= 'Incorrect expiry date.<br>'."\n";
    break;
    case '00009':
        $error .= 'Error when during subscriber creation<br>'."\n";
    break;
    case '00010':
        $error .= 'Unknown currency<br>'."\n";
    break;
    case '00011':
        $error .= 'Amount incorrect<br>'."\n";
    break;
    case '00015':
        $error .= 'Payment already done<br>'."\n";
    break;
    case '00105':
        $error .= 'Error 00105<br>'."\n";
    break;
    case '00016':
        $error .= 'Subscriber already exists<br>'."\n";
    break;
    case '00021':
        $error .= 'Not authorized bin card<br>'."\n";
    break;
    case '00029':
        $error .= 'Not the same card used for the first payment.<br>'."\n";
    break;
    case '00030':
        $error .= 'Time-out > 15 mn before validation by the buyer when the buyer is on the page of payments of PAYBOX<br>'."\n";
    break;
    case '00031':
    case '00032':
        $error .= 'Reserved<br>'."\n";
    break;
    case '00033':
        $error .= 'Unauthorized country code of the IP address of the cardholder’s browser<br>'."\n";
    break;
    case '00040':
        $error .= 'Operation without 3DSecure authentication, blocked by the fraud filter.<br>'."\n";
    break;
    case '99999':
        $error .= 'Payment waiting confirmation from the issuer<br>'."\n";
    break;

    case '00100':
        $error .= 'Transaction approved or successfully processed.<br>'."\n";
    break;
    case '00101':
    case '00102':
        $error .= 'Contact the card issuer<br>'."\n";
    break;
    case '00103':
        $error .= 'Invalid retailer<br>'."\n";
    break;
    case '00104':
        $error .= 'Keep the card<br>'."\n";
    break;
    case '00105':
        $error .= 'Do not honor<br>'."\n";
    break;
    case '00107':
        $error .= 'Keep the card, special conditions<br>'."\n";
    break;
    case '00108':
        $error .= 'Approve after holder identification<br>'."\n";
    break;
    case '00112':
        $error .= 'Invalid transaction<br>'."\n";
    break;
    case '00113':
        $error .= 'Invalid amount<br>'."\n";
    break;
    case '00114':
        $error .= 'Invalid holder number<br>'."\n";
    break;
    case '00115':
        $error .= 'Card issuer unknown<br>'."\n";
    break;
    case '00117':
        $error .= 'Client cancellation<br>'."\n";
    break;
    case '00119':
        $error .= 'Repeat the transaction later<br>'."\n";
    break;
    case '00120':
        $error .= 'Error in reply (error in the server’s domain).<br>'."\n";
    break;
    case '00124':
        $error .= 'File update not withstood<br>'."\n";
    break;
    case '00125':
        $error .= 'Impossible to situate the record in the file<br>'."\n";
    break;
    case '00126':
        $error .= 'Record duplicated, former record replaced<br>'."\n";
    break;
    case '00127':
        $error .= 'Error in ‘edit’ in file update field<br>'."\n";
    break;
    case '00128':
        $error .= 'Access to file denied<br>'."\n";
    break;
    case '00129':
        $error .= 'File update impossible<br>'."\n";
    break;
    case '00130':
        $error .= 'Error in format<br>'."\n";
    break;
    case '00133':
        $error .= 'Expired card<br>'."\n";
    break;
    case '00138':
        $error .= 'Too many attempts at secret code.<br>'."\n";
    break;
    case '00151':
        $error .= 'provision insuffisante.<br>'."\n";
    break;
    case '00159':
        $error .= 'Suspicion of fraud.<br>'."\n";
    break;

    case '00000':
    default:
        $error .= '<b>Successful operation</b><br>'."\n\n";
    break;
}

$error .= 'PayBox version: '.$paybox->version."\n".'<br> POST '.print_r($postfields, true)."\n".'<br>GET '.print_r($data, true)."\n";
$paybox->validateOrder((int)$cart->id, $statut, $total_paid, $paybox->displayName, $error, array(), NULL, false, $customer->secure_key, $values);

// save info paiement BDD
$paybox->saveInformationPaiement($values);

if (version_compare(_PS_VERSION_, '1.5.0.0') >= '0')
{
    $order_id = Order::getOrderByCartId((int)$cart->id);
    $order = new Order((int)$order_id);
    if ($order_state == _PS_OS_PAYMENT_)
    {
        $order->valid = 1;
        $order->save();
    }

    $id_order_payment = Db::getInstance()->getValue('SELECT id_order_payment
    FROM `'._DB_PREFIX_.'order_payment`
    WHERE `order_reference` LIKE \'%'.pSQL($order->reference).'%\'');

    if ($id_order_payment == false)
        $order->addOrderPayment($total_paid, null, trim($values['t']));
    else
    {
        $order_payment = new OrderPayment((int)$id_order_payment);
        $order_payment->transaction_id = trim($values['t']);
        $order_payment->save();
    }
}

Tools::redirect('order-confirmation.php?id_cart='.$cart->id.'&id_module='.$paybox->id.'&key='.$customer->secure_key);

include(dirname(__FILE__).'/../../footer.php');