Merge branch 'ticket-14301-ErrorApiPaypal'

2017-09-27 16:01:37 +02:00 · 2017-09-27 16:01:37 +02:00 · 1e4d91baec
commit 1e4d91baec
parent 7ec18480b8 695cd7740c
3 changed files with 92 additions and 64 deletions
--- a/modules/paypal/express_checkout/payment.php
+++ b/modules/paypal/express_checkout/payment.php
@ -178,7 +178,9 @@ if ($request_type && $ppec->type) {

 	// @ANTADIS - if id_billing make transaction
 	if ($id_billing_to_use != 0) {
-		$ppec->DoReferenceTransaction($id_billing_to_use);
+		if($ppec->DoReferenceTransaction($id_billing_to_use) === false){
+			return Tools::redirectLink($ppec->context->link->getPageLink('order.php').'?step=3&cgv=1&paypal_error=1');
+		}
 		$amount_match = $ppec->rightPaymentProcess();

 		// PAIEMENT REUSSI
@ -237,6 +239,14 @@ elseif (!empty($ppec->token) && ($ppec->token == $token) && ($ppec->payer_id = $

 	if ($ppec->hasSucceedRequest() && !empty($ppec->token))
 	{
+		// Check token validity
+		if(isset($ppec->result['TIMESTAMP']) && !empty($ppec->result['TIMESTAMP'])){
+			$validity_time = strtotime($ppec->result['TIMESTAMP']);
+			if($validity_time < time()){
+				return Tools::redirectLink($ppec->context->link->getPageLink('order.php').'?step=3&cgv=1&paypal_error=1');
+			}
+		}
+
 		$address = $customer = null;
 		$email = $ppec->result['EMAIL'];

--- a/modules/paypal/express_checkout/process.php
+++ b/modules/paypal/express_checkout/process.php
@ -140,7 +140,7 @@ class PaypalExpressCheckout extends Paypal
 				' . (int) $result['ID_CUSTOMER'] . ',
 				"' . pSQL($result['BILLINGAGREEMENTID']) . '",
 				"'.(isset($result['EMAIL']) && $result['EMAIL'] ? pSQL($result['EMAIL']) : '') . '",
-				"'.(isset($result['SHIPTONAME']) && $result['SHIPTONAME'] ? pSQL($result['SHIPTONAME']) : '') . '",				
+				"'.(isset($result['SHIPTONAME']) && $result['SHIPTONAME'] ? pSQL($result['SHIPTONAME']) : '') . '",
 				"'.(isset($result['SHIPTOCITY']) && $result['SHIPTOCITY'] ? pSQL($result['SHIPTOCITY']) : '') . '",
 				"'.(isset($result['SHIPTOSTREET']) && $result['SHIPTOSTREET'] ? pSQL($result['SHIPTOSTREET']) : '') . '",
 				NOW(),
@ -159,7 +159,7 @@ class PaypalExpressCheckout extends Paypal
 			WHERE `id_paypal_agreement` = ' . (int) $id_billing
 		);
 	}
-	
+
 	protected function getBillingAgreementId($id_billing)
 	{
 		return Db::getInstance()->getValue('
@ -187,7 +187,7 @@ class PaypalExpressCheckout extends Paypal
 		$fields['USER'] = Configuration::get('PAYPAL_API_USER');
 		$fields['PWD'] = Configuration::get('PAYPAL_API_PASSWORD');
 		$fields['SIGNATURE'] = Configuration::get('PAYPAL_API_SIGNATURE');
-		
+

 		if ($access_token)
 			$fields['IDENTITYACCESSTOKEN'] = $access_token;
@ -206,8 +206,8 @@ class PaypalExpressCheckout extends Paypal
 			$cart->secure_key = $customer->secure_key;
 			$cart->save();
 		}
-		
-		// ANTADIS			
+
+		// ANTADIS
 		if ($request_billing) {
 			$fields['L_BILLINGTYPE0'] = 'MerchantInitiatedBillingSingleAgreement';
 			$fields['L_BILLINGAGREEMENTDESCRIPTION0'] = 'www.bebeboutik.com';
@ -222,7 +222,7 @@ class PaypalExpressCheckout extends Paypal
 	public function DoReferenceTransaction($id_billing_to_use)
 	{
 		$this->method = 'DoReferenceTransaction';
-		
+
 		$fields = array();
 		$this->initParameters();

@ -233,12 +233,15 @@ class PaypalExpressCheckout extends Paypal

 		$fields['PAYMENTACTION'] = 'Sale';
 		$fields['AMT'] = $this->getTotalPaid();
+		if($fields['AMT'] <= 0){
+			return false;
+		}

 		$currency = new Currency((int)$this->context->cart->id_currency);
 		$fields['CURRENCYCODE'] = $currency->iso_code;
-		
+
 		$fields['REFERENCEID'] = $this->getBillingAgreementId($id_billing_to_use);
-		$fields['IPADDRESS'] = $_SERVER['REMOTE_ADDR'];	
+		$fields['IPADDRESS'] = $_SERVER['REMOTE_ADDR'];
 		// $shipping_cost_wt = $this->context->cart->getOrderShippingCost();
 		// $fields['SHIPPINGAMT'] = $shipping_cost_wt;
 		// $items_amount = $this->context->cart->getOrderTotal(true, Cart::BOTH_WITHOUT_SHIPPING);
@ -250,7 +253,7 @@ class PaypalExpressCheckout extends Paypal
 	public function getCancelUrl() {
 		return	$this->context->link->getPageLink('order.php', false, null, array('step' => '3'));
 	}
-	
+
 	public function setCancelUrl(&$fields)
 	{
 		$url = urldecode(Tools::getValue('current_shop_url'));
@ -438,14 +441,14 @@ class PaypalExpressCheckout extends Paypal
 			$fields['PAYMENTREQUEST_0_PAYMENTACTION'] = 'Authorization';
 		else
 			$fields['PAYMENTREQUEST_0_PAYMENTACTION'] = 'Sale';
-		
+
 		$currency = new Currency((int)$this->context->cart->id_currency);
 		$fields['PAYMENTREQUEST_0_CURRENCYCODE'] = $currency->iso_code;

 		/**
 		 * If the total amount is lower than 1 we put the shipping cost as an item
 		 * so the payment could be valid.
-		 */ 
+		 */
 		if ($total <= 1)
 		{
 			$carrier = new Carrier($this->context->cart->id_carrier);
@ -453,7 +456,7 @@ class PaypalExpressCheckout extends Paypal
 			$fields['L_PAYMENTREQUEST_0_NAME'.$index] = $carrier->name;
 			$fields['L_PAYMENTREQUEST_0_AMT'.$index] = Tools::ps_round($shipping_cost_wt, $this->decimals);
 			$fields['L_PAYMENTREQUEST_0_QTY'.$index] = 1;
-			
+
 			$fields['PAYMENTREQUEST_0_ITEMAMT'] = Tools::ps_round($total, $this->decimals) + Tools::ps_round($shipping_cost_wt, $this->decimals);
 			$fields['PAYMENTREQUEST_0_AMT'] = $total + Tools::ps_round($shipping_cost_wt, $this->decimals);
 		}
@ -472,7 +475,7 @@ class PaypalExpressCheckout extends Paypal
 		// float problem with php, have to use the string cast.
 		if ((isset($this->result['AMT']) && ((string)$this->result['AMT'] != (string)$total)) ||
 			(isset($this->result['PAYMENTINFO_0_AMT']) && ((string)$this->result['PAYMENTINFO_0_AMT'] != (string)$total)))
-			return false;	
+			return false;
 		return true;
 	}

@ -492,7 +495,7 @@ class PaypalExpressCheckout extends Paypal

 		if ($this->context->cart->gift == 1)
 			$total = Tools::ps_round($total + $this->getGiftWrappingPrice(), $this->decimals);
-		
+
 		if (version_compare(_PS_VERSION_, '1.5', '<'))
 		{
 			$discounts = $this->context->cart->getDiscounts();
@ -503,14 +506,14 @@ class PaypalExpressCheckout extends Paypal
 			$discounts = $this->context->cart->getCartRules();
 			$shipping_cost = $this->context->cart->getTotalShippingCost();
 		}
-		
+
 		if (count($discounts) > 0)
 			foreach ($discounts as $product)
 			{
 				$price = - 1 * Tools::ps_round($product['value_real'], $this->decimals);
 				$total = Tools::ps_round($total + $price, $this->decimals);
 			}
-		
+
 		return Tools::ps_round($shipping_cost, $this->decimals) + $total;
 	}

@ -609,7 +612,7 @@ class PaypalExpressCheckout extends Paypal

 		if ($redirect)
 		{
-			$link = $this->context->link->getPageLink('order.php', false, null, array('step' => '3'));			
+			$link = $this->context->link->getPageLink('order.php', false, null, array('step' => '3'));
 			Tools::redirectLink($link);
 			exit(0);
 		}
--- a/modules/paypal/paypal.php
+++ b/modules/paypal/paypal.php
@ -695,7 +695,12 @@ class PayPal extends PaymentModule
 		$message = $this->l('Cancel products result:').'<br>';

 		$amount = (float)($products[(int)$order_detail->id]['product_price_wt'] * (int)$cancel_quantity[(int)$order_detail->id]);
-		$refund = $this->_makeRefund($paypal_order['id_transaction'], (int)$order->id, $amount);
+		if($amount > 0){
+			$refund = $this->_makeRefund($paypal_order['id_transaction'], (int)$order->id, $amount);
+		} else {
+			$refund = array();
+			$message .= $this->l('Transaction error because of the amount of the cancel product!').'<br>';
+		}
 		$this->formatMessage($refund, $message);
 		$this->_addNewPrivateMessage((int)$order->id, $message);
 	}
@ -1141,30 +1146,35 @@ class PayPal extends PaymentModule
 			$amt += (float)($product['product_price_wt']) * ($product['product_quantity'] - $product['product_quantity_refunded']);
 		$amt += (float)($order->total_shipping) + (float)($order->total_wrapping) - (float)($order->total_discounts);

-		// check if total or partial
-		if (Tools::ps_round($order->total_paid_real, $decimals) == Tools::ps_round($amt, $decimals))
-			$response = $this->_makeRefund($paypal_order['id_transaction'], $id_order);
-		else
-			$response = $this->_makeRefund($paypal_order['id_transaction'], $id_order, (float)($amt));
+		if($amt > 0){
+			// check if total or partial
+			if (Tools::ps_round($order->total_paid_real, $decimals) == Tools::ps_round($amt, $decimals))
+				$response = $this->_makeRefund($paypal_order['id_transaction'], $id_order);
+			else
+				$response = $this->_makeRefund($paypal_order['id_transaction'], $id_order, (float)($amt));

-		$message = $this->l('Refund operation result:').'<br>';
-		foreach ($response as $key => $value)
-			$message .= $key.': '.$value.'<br>';
+			$message = $this->l('Refund operation result:').'<br>';
+			foreach ($response as $key => $value)
+				$message .= $key.': '.$value.'<br>';

-		if (array_key_exists('ACK', $response) && $response['ACK'] == 'Success' && $response['REFUNDTRANSACTIONID'] != '')
-		{
-			$message .= $this->l('PayPal refund successful!');
-			if (!Db::getInstance()->Execute('UPDATE `'._DB_PREFIX_.'paypal_order` SET `payment_status` = \'Refunded\' WHERE `id_order` = '.(int)$id_order))
-				die(Tools::displayError('Error when updating PayPal database'));
+			if (array_key_exists('ACK', $response) && $response['ACK'] == 'Success' && $response['REFUNDTRANSACTIONID'] != '')
+			{
+				$message .= $this->l('PayPal refund successful!');
+				if (!Db::getInstance()->Execute('UPDATE `'._DB_PREFIX_.'paypal_order` SET `payment_status` = \'Refunded\' WHERE `id_order` = '.(int)$id_order))
+					die(Tools::displayError('Error when updating PayPal database'));

-			$history = new OrderHistory();
-			$history->id_order = (int)$id_order;
-			$history->changeIdOrderState((int)Configuration::get('PS_OS_REFUND'), $history->id_order);
-			$history->addWithemail();
-			$history->save();
+				$history = new OrderHistory();
+				$history->id_order = (int)$id_order;
+				$history->changeIdOrderState((int)Configuration::get('PS_OS_REFUND'), $history->id_order);
+				$history->addWithemail();
+				$history->save();
+			}
+			else
+				$message .= $this->l('Transaction error!');
+		} else {
+			$message = $this->l('Refund operation result:').'<br>';
+			$message .= $this->l('Transaction error because of the amount (amt)!');
 		}
-		else
-			$message .= $this->l('Transaction error!');

 		$this->_addNewPrivateMessage((int)$id_order, $message);

@ -1180,35 +1190,40 @@ class PayPal extends PaymentModule
 		$order = new Order((int)$id_order);
 		$currency = new Currency((int)$order->id_currency);

-		$paypal_lib	= new PaypalLib();
-		$response = $paypal_lib->makeCall($this->getAPIURL(), $this->getAPIScript(), 'DoCapture',
-			'&'.http_build_query(array('AMT' => (float)$order->total_paid, 'AUTHORIZATIONID' => $paypal_order['id_transaction'],
-			'CURRENCYCODE' => $currency->iso_code, 'COMPLETETYPE' => 'Complete'), '', '&'));
-		$message = $this->l('Capture operation result:').'<br>';
+		if((float)$order->total_paid > 0){
+			$paypal_lib	= new PaypalLib();
+			$response = $paypal_lib->makeCall($this->getAPIURL(), $this->getAPIScript(), 'DoCapture',
+				'&'.http_build_query(array('AMT' => (float)$order->total_paid, 'AUTHORIZATIONID' => $paypal_order['id_transaction'],
+				'CURRENCYCODE' => $currency->iso_code, 'COMPLETETYPE' => 'Complete'), '', '&'));
+			$message = $this->l('Capture operation result:').'<br>';

-		foreach ($response as $key => $value)
-			$message .= $key.': '.$value.'<br>';
+			foreach ($response as $key => $value)
+				$message .= $key.': '.$value.'<br>';

-		if ((array_key_exists('ACK', $response)) && ($response['ACK'] == 'Success') && ($response['PAYMENTSTATUS'] == 'Completed'))
-		{
-			$order_history = new OrderHistory();
-			$order_history->id_order = (int)$id_order;
+			if ((array_key_exists('ACK', $response)) && ($response['ACK'] == 'Success') && ($response['PAYMENTSTATUS'] == 'Completed'))
+			{
+				$order_history = new OrderHistory();
+				$order_history->id_order = (int)$id_order;

-			if (version_compare(_PS_VERSION_, '1.5', '<'))
-				$order_history->changeIdOrderState(Configuration::get('PS_OS_WS_PAYMENT'), (int)$id_order);
-			else
-				$order_history->changeIdOrderState(Configuration::get('PS_OS_WS_PAYMENT'), $order);
-			$order_history->addWithemail();
-			$message .= $this->l('Order finished with PayPal!');
+				if (version_compare(_PS_VERSION_, '1.5', '<'))
+					$order_history->changeIdOrderState(Configuration::get('PS_OS_WS_PAYMENT'), (int)$id_order);
+				else
+					$order_history->changeIdOrderState(Configuration::get('PS_OS_WS_PAYMENT'), $order);
+				$order_history->addWithemail();
+				$message .= $this->l('Order finished with PayPal!');
+			}
+			elseif (isset($response['PAYMENTSTATUS']))
+				$message .= $this->l('Transaction error!');
+
+			if (!Db::getInstance()->Execute('
+				UPDATE `'._DB_PREFIX_.'paypal_order`
+				SET `capture` = 0, `payment_status` = \''.pSQL($response['PAYMENTSTATUS']).'\', `id_transaction` = \''.pSQL($response['TRANSACTIONID']).'\'
+				WHERE `id_order` = '.(int)$id_order))
+				die(Tools::displayError('Error when updating PayPal database'));
+		} else {
+			$message = $this->l('Capture operation result:').'<br>';
+			$message .= $this->l('Transaction error because of the amount (amt)!');
 		}
-		elseif (isset($response['PAYMENTSTATUS']))
-			$message .= $this->l('Transaction error!');
-
-		if (!Db::getInstance()->Execute('
-			UPDATE `'._DB_PREFIX_.'paypal_order`
-			SET `capture` = 0, `payment_status` = \''.pSQL($response['PAYMENTSTATUS']).'\', `id_transaction` = \''.pSQL($response['TRANSACTIONID']).'\'
-			WHERE `id_order` = '.(int)$id_order))
-			die(Tools::displayError('Error when updating PayPal database'));

 		$this->_addNewPrivateMessage((int)$id_order, $message);