From 1caec538acc5d68e867861eb997da36b8d92bc5c Mon Sep 17 00:00:00 2001 From: Marion Muszynski Date: Wed, 27 Sep 2017 12:03:07 +0200 Subject: [PATCH 1/2] fix paypal api errors --- modules/paypal/express_checkout/payment.php | 12 ++- modules/paypal/express_checkout/process.php | 37 +++---- modules/paypal/paypal.php | 107 +++++++++++--------- 3 files changed, 92 insertions(+), 64 deletions(-) diff --git a/modules/paypal/express_checkout/payment.php b/modules/paypal/express_checkout/payment.php index 05a49106..c9a6ecd5 100755 --- a/modules/paypal/express_checkout/payment.php +++ b/modules/paypal/express_checkout/payment.php @@ -178,7 +178,9 @@ if ($request_type && $ppec->type) { // @ANTADIS - if id_billing make transaction if ($id_billing_to_use != 0) { - $ppec->DoReferenceTransaction($id_billing_to_use); + if(!$ppec->DoReferenceTransaction($id_billing_to_use)){ + return Tools::redirectLink($ppec->context->link->getPageLink('order.php').'?step=3&cgv=1&paypal_error=1'); + } $amount_match = $ppec->rightPaymentProcess(); // PAIEMENT REUSSI @@ -237,6 +239,14 @@ elseif (!empty($ppec->token) && ($ppec->token == $token) && ($ppec->payer_id = $ if ($ppec->hasSucceedRequest() && !empty($ppec->token)) { + // Check token validity + if(isset($ppec->result['TIMESTAMP']) && !empty($ppec->result['TIMESTAMP'])){ + $validity_time = strtotime($ppec->result['TIMESTAMP']); + if($validity_time < time()){ + return Tools::redirectLink($ppec->context->link->getPageLink('order.php').'?step=3&cgv=1&paypal_error=1'); + } + } + $address = $customer = null; $email = $ppec->result['EMAIL']; diff --git a/modules/paypal/express_checkout/process.php b/modules/paypal/express_checkout/process.php index dae3adbd..a51c7055 100755 --- a/modules/paypal/express_checkout/process.php +++ b/modules/paypal/express_checkout/process.php @@ -140,7 +140,7 @@ class PaypalExpressCheckout extends Paypal ' . (int) $result['ID_CUSTOMER'] . ', "' . pSQL($result['BILLINGAGREEMENTID']) . '", "'.(isset($result['EMAIL']) && $result['EMAIL'] ? pSQL($result['EMAIL']) : '') . '", - "'.(isset($result['SHIPTONAME']) && $result['SHIPTONAME'] ? pSQL($result['SHIPTONAME']) : '') . '", + "'.(isset($result['SHIPTONAME']) && $result['SHIPTONAME'] ? pSQL($result['SHIPTONAME']) : '') . '", "'.(isset($result['SHIPTOCITY']) && $result['SHIPTOCITY'] ? pSQL($result['SHIPTOCITY']) : '') . '", "'.(isset($result['SHIPTOSTREET']) && $result['SHIPTOSTREET'] ? pSQL($result['SHIPTOSTREET']) : '') . '", NOW(), @@ -159,7 +159,7 @@ class PaypalExpressCheckout extends Paypal WHERE `id_paypal_agreement` = ' . (int) $id_billing ); } - + protected function getBillingAgreementId($id_billing) { return Db::getInstance()->getValue(' @@ -187,7 +187,7 @@ class PaypalExpressCheckout extends Paypal $fields['USER'] = Configuration::get('PAYPAL_API_USER'); $fields['PWD'] = Configuration::get('PAYPAL_API_PASSWORD'); $fields['SIGNATURE'] = Configuration::get('PAYPAL_API_SIGNATURE'); - + if ($access_token) $fields['IDENTITYACCESSTOKEN'] = $access_token; @@ -206,8 +206,8 @@ class PaypalExpressCheckout extends Paypal $cart->secure_key = $customer->secure_key; $cart->save(); } - - // ANTADIS + + // ANTADIS if ($request_billing) { $fields['L_BILLINGTYPE0'] = 'MerchantInitiatedBillingSingleAgreement'; $fields['L_BILLINGAGREEMENTDESCRIPTION0'] = 'www.bebeboutik.com'; @@ -222,7 +222,7 @@ class PaypalExpressCheckout extends Paypal public function DoReferenceTransaction($id_billing_to_use) { $this->method = 'DoReferenceTransaction'; - + $fields = array(); $this->initParameters(); @@ -233,12 +233,15 @@ class PaypalExpressCheckout extends Paypal $fields['PAYMENTACTION'] = 'Sale'; $fields['AMT'] = $this->getTotalPaid(); + if($fields['AMT'] <= 0){ + return false; + } $currency = new Currency((int)$this->context->cart->id_currency); $fields['CURRENCYCODE'] = $currency->iso_code; - + $fields['REFERENCEID'] = $this->getBillingAgreementId($id_billing_to_use); - $fields['IPADDRESS'] = $_SERVER['REMOTE_ADDR']; + $fields['IPADDRESS'] = $_SERVER['REMOTE_ADDR']; // $shipping_cost_wt = $this->context->cart->getOrderShippingCost(); // $fields['SHIPPINGAMT'] = $shipping_cost_wt; // $items_amount = $this->context->cart->getOrderTotal(true, Cart::BOTH_WITHOUT_SHIPPING); @@ -250,7 +253,7 @@ class PaypalExpressCheckout extends Paypal public function getCancelUrl() { return $this->context->link->getPageLink('order.php', false, null, array('step' => '3')); } - + public function setCancelUrl(&$fields) { $url = urldecode(Tools::getValue('current_shop_url')); @@ -438,14 +441,14 @@ class PaypalExpressCheckout extends Paypal $fields['PAYMENTREQUEST_0_PAYMENTACTION'] = 'Authorization'; else $fields['PAYMENTREQUEST_0_PAYMENTACTION'] = 'Sale'; - + $currency = new Currency((int)$this->context->cart->id_currency); $fields['PAYMENTREQUEST_0_CURRENCYCODE'] = $currency->iso_code; /** * If the total amount is lower than 1 we put the shipping cost as an item * so the payment could be valid. - */ + */ if ($total <= 1) { $carrier = new Carrier($this->context->cart->id_carrier); @@ -453,7 +456,7 @@ class PaypalExpressCheckout extends Paypal $fields['L_PAYMENTREQUEST_0_NAME'.$index] = $carrier->name; $fields['L_PAYMENTREQUEST_0_AMT'.$index] = Tools::ps_round($shipping_cost_wt, $this->decimals); $fields['L_PAYMENTREQUEST_0_QTY'.$index] = 1; - + $fields['PAYMENTREQUEST_0_ITEMAMT'] = Tools::ps_round($total, $this->decimals) + Tools::ps_round($shipping_cost_wt, $this->decimals); $fields['PAYMENTREQUEST_0_AMT'] = $total + Tools::ps_round($shipping_cost_wt, $this->decimals); } @@ -472,7 +475,7 @@ class PaypalExpressCheckout extends Paypal // float problem with php, have to use the string cast. if ((isset($this->result['AMT']) && ((string)$this->result['AMT'] != (string)$total)) || (isset($this->result['PAYMENTINFO_0_AMT']) && ((string)$this->result['PAYMENTINFO_0_AMT'] != (string)$total))) - return false; + return false; return true; } @@ -492,7 +495,7 @@ class PaypalExpressCheckout extends Paypal if ($this->context->cart->gift == 1) $total = Tools::ps_round($total + $this->getGiftWrappingPrice(), $this->decimals); - + if (version_compare(_PS_VERSION_, '1.5', '<')) { $discounts = $this->context->cart->getDiscounts(); @@ -503,14 +506,14 @@ class PaypalExpressCheckout extends Paypal $discounts = $this->context->cart->getCartRules(); $shipping_cost = $this->context->cart->getTotalShippingCost(); } - + if (count($discounts) > 0) foreach ($discounts as $product) { $price = - 1 * Tools::ps_round($product['value_real'], $this->decimals); $total = Tools::ps_round($total + $price, $this->decimals); } - + return Tools::ps_round($shipping_cost, $this->decimals) + $total; } @@ -609,7 +612,7 @@ class PaypalExpressCheckout extends Paypal if ($redirect) { - $link = $this->context->link->getPageLink('order.php', false, null, array('step' => '3')); + $link = $this->context->link->getPageLink('order.php', false, null, array('step' => '3')); Tools::redirectLink($link); exit(0); } diff --git a/modules/paypal/paypal.php b/modules/paypal/paypal.php index 22e99fcc..6a1c373a 100755 --- a/modules/paypal/paypal.php +++ b/modules/paypal/paypal.php @@ -695,7 +695,12 @@ class PayPal extends PaymentModule $message = $this->l('Cancel products result:').'
'; $amount = (float)($products[(int)$order_detail->id]['product_price_wt'] * (int)$cancel_quantity[(int)$order_detail->id]); - $refund = $this->_makeRefund($paypal_order['id_transaction'], (int)$order->id, $amount); + if($amount > 0){ + $refund = $this->_makeRefund($paypal_order['id_transaction'], (int)$order->id, $amount); + } else { + $refund = array(); + $message .= $this->l('Transaction error because of the amount of the cancel product!').'
'; + } $this->formatMessage($refund, $message); $this->_addNewPrivateMessage((int)$order->id, $message); } @@ -1141,30 +1146,35 @@ class PayPal extends PaymentModule $amt += (float)($product['product_price_wt']) * ($product['product_quantity'] - $product['product_quantity_refunded']); $amt += (float)($order->total_shipping) + (float)($order->total_wrapping) - (float)($order->total_discounts); - // check if total or partial - if (Tools::ps_round($order->total_paid_real, $decimals) == Tools::ps_round($amt, $decimals)) - $response = $this->_makeRefund($paypal_order['id_transaction'], $id_order); - else - $response = $this->_makeRefund($paypal_order['id_transaction'], $id_order, (float)($amt)); + if($amt > 0){ + // check if total or partial + if (Tools::ps_round($order->total_paid_real, $decimals) == Tools::ps_round($amt, $decimals)) + $response = $this->_makeRefund($paypal_order['id_transaction'], $id_order); + else + $response = $this->_makeRefund($paypal_order['id_transaction'], $id_order, (float)($amt)); - $message = $this->l('Refund operation result:').'
'; - foreach ($response as $key => $value) - $message .= $key.': '.$value.'
'; + $message = $this->l('Refund operation result:').'
'; + foreach ($response as $key => $value) + $message .= $key.': '.$value.'
'; - if (array_key_exists('ACK', $response) && $response['ACK'] == 'Success' && $response['REFUNDTRANSACTIONID'] != '') - { - $message .= $this->l('PayPal refund successful!'); - if (!Db::getInstance()->Execute('UPDATE `'._DB_PREFIX_.'paypal_order` SET `payment_status` = \'Refunded\' WHERE `id_order` = '.(int)$id_order)) - die(Tools::displayError('Error when updating PayPal database')); + if (array_key_exists('ACK', $response) && $response['ACK'] == 'Success' && $response['REFUNDTRANSACTIONID'] != '') + { + $message .= $this->l('PayPal refund successful!'); + if (!Db::getInstance()->Execute('UPDATE `'._DB_PREFIX_.'paypal_order` SET `payment_status` = \'Refunded\' WHERE `id_order` = '.(int)$id_order)) + die(Tools::displayError('Error when updating PayPal database')); - $history = new OrderHistory(); - $history->id_order = (int)$id_order; - $history->changeIdOrderState((int)Configuration::get('PS_OS_REFUND'), $history->id_order); - $history->addWithemail(); - $history->save(); + $history = new OrderHistory(); + $history->id_order = (int)$id_order; + $history->changeIdOrderState((int)Configuration::get('PS_OS_REFUND'), $history->id_order); + $history->addWithemail(); + $history->save(); + } + else + $message .= $this->l('Transaction error!'); + } else { + $message = $this->l('Refund operation result:').'
'; + $message .= $this->l('Transaction error because of the amount (amt)!'); } - else - $message .= $this->l('Transaction error!'); $this->_addNewPrivateMessage((int)$id_order, $message); @@ -1180,35 +1190,40 @@ class PayPal extends PaymentModule $order = new Order((int)$id_order); $currency = new Currency((int)$order->id_currency); - $paypal_lib = new PaypalLib(); - $response = $paypal_lib->makeCall($this->getAPIURL(), $this->getAPIScript(), 'DoCapture', - '&'.http_build_query(array('AMT' => (float)$order->total_paid, 'AUTHORIZATIONID' => $paypal_order['id_transaction'], - 'CURRENCYCODE' => $currency->iso_code, 'COMPLETETYPE' => 'Complete'), '', '&')); - $message = $this->l('Capture operation result:').'
'; + if((float)$order->total_paid > 0){ + $paypal_lib = new PaypalLib(); + $response = $paypal_lib->makeCall($this->getAPIURL(), $this->getAPIScript(), 'DoCapture', + '&'.http_build_query(array('AMT' => (float)$order->total_paid, 'AUTHORIZATIONID' => $paypal_order['id_transaction'], + 'CURRENCYCODE' => $currency->iso_code, 'COMPLETETYPE' => 'Complete'), '', '&')); + $message = $this->l('Capture operation result:').'
'; - foreach ($response as $key => $value) - $message .= $key.': '.$value.'
'; + foreach ($response as $key => $value) + $message .= $key.': '.$value.'
'; - if ((array_key_exists('ACK', $response)) && ($response['ACK'] == 'Success') && ($response['PAYMENTSTATUS'] == 'Completed')) - { - $order_history = new OrderHistory(); - $order_history->id_order = (int)$id_order; + if ((array_key_exists('ACK', $response)) && ($response['ACK'] == 'Success') && ($response['PAYMENTSTATUS'] == 'Completed')) + { + $order_history = new OrderHistory(); + $order_history->id_order = (int)$id_order; - if (version_compare(_PS_VERSION_, '1.5', '<')) - $order_history->changeIdOrderState(Configuration::get('PS_OS_WS_PAYMENT'), (int)$id_order); - else - $order_history->changeIdOrderState(Configuration::get('PS_OS_WS_PAYMENT'), $order); - $order_history->addWithemail(); - $message .= $this->l('Order finished with PayPal!'); + if (version_compare(_PS_VERSION_, '1.5', '<')) + $order_history->changeIdOrderState(Configuration::get('PS_OS_WS_PAYMENT'), (int)$id_order); + else + $order_history->changeIdOrderState(Configuration::get('PS_OS_WS_PAYMENT'), $order); + $order_history->addWithemail(); + $message .= $this->l('Order finished with PayPal!'); + } + elseif (isset($response['PAYMENTSTATUS'])) + $message .= $this->l('Transaction error!'); + + if (!Db::getInstance()->Execute(' + UPDATE `'._DB_PREFIX_.'paypal_order` + SET `capture` = 0, `payment_status` = \''.pSQL($response['PAYMENTSTATUS']).'\', `id_transaction` = \''.pSQL($response['TRANSACTIONID']).'\' + WHERE `id_order` = '.(int)$id_order)) + die(Tools::displayError('Error when updating PayPal database')); + } else { + $message = $this->l('Capture operation result:').'
'; + $message .= $this->l('Transaction error because of the amount (amt)!'); } - elseif (isset($response['PAYMENTSTATUS'])) - $message .= $this->l('Transaction error!'); - - if (!Db::getInstance()->Execute(' - UPDATE `'._DB_PREFIX_.'paypal_order` - SET `capture` = 0, `payment_status` = \''.pSQL($response['PAYMENTSTATUS']).'\', `id_transaction` = \''.pSQL($response['TRANSACTIONID']).'\' - WHERE `id_order` = '.(int)$id_order)) - die(Tools::displayError('Error when updating PayPal database')); $this->_addNewPrivateMessage((int)$id_order, $message); From 695cd7740c8e382d9f949df91193f839ed58f022 Mon Sep 17 00:00:00 2001 From: Marion Muszynski Date: Wed, 27 Sep 2017 16:00:08 +0200 Subject: [PATCH 2/2] fix direct payment paypal --- modules/paypal/express_checkout/payment.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/paypal/express_checkout/payment.php b/modules/paypal/express_checkout/payment.php index c9a6ecd5..20185209 100755 --- a/modules/paypal/express_checkout/payment.php +++ b/modules/paypal/express_checkout/payment.php @@ -178,7 +178,7 @@ if ($request_type && $ppec->type) { // @ANTADIS - if id_billing make transaction if ($id_billing_to_use != 0) { - if(!$ppec->DoReferenceTransaction($id_billing_to_use)){ + if($ppec->DoReferenceTransaction($id_billing_to_use) === false){ return Tools::redirectLink($ppec->context->link->getPageLink('order.php').'?step=3&cgv=1&paypal_error=1'); } $amount_match = $ppec->rightPaymentProcess();