182 lines
5.5 KiB
PHP
182 lines
5.5 KiB
PHP
<?php
|
|
|
|
include(dirname(__FILE__).'/../../config/config.inc.php');
|
|
include(dirname(__FILE__).'/atos_cyberplus.php');
|
|
|
|
if (!isset($_POST['DATA']))
|
|
throw new Exception('error in atos module: data is required');
|
|
else
|
|
{
|
|
$result = exec('/home/www/bebeboutik.com/cgi/www/response pathfile='.dirname(__FILE__).'/pathfile message='.$_POST['DATA']);
|
|
$resultArray = explode('!', $result);
|
|
|
|
// @mail('perron@antadis.com', 'bbb', serialize($resultArray));
|
|
|
|
if (!sizeof($resultArray) OR !isset($resultArray[3]) OR !isset($resultArray[6]))
|
|
{
|
|
$message = 'error in atos payment module : can\'t execute request';
|
|
$orderState = _PS_OS_ERROR_;
|
|
// TODO: mail merchant
|
|
}
|
|
elseif ($resultArray[1] == -1)
|
|
{
|
|
$message = 'error in atos payment module : '.$resultArray[2];
|
|
$orderState = _PS_OS_ERROR_;
|
|
// TODO: mail merchant
|
|
}
|
|
else
|
|
{
|
|
$message = 'Transaction ID: '.$resultArray[6].'<br />Payment mean: '.$resultArray[7].'<br />Payment has began at: '.$resultArray[8].'<br />
|
|
Payment received at: '.$resultArray[10].' '.$resultArray[9].'<br />Authorization ID: '.$resultArray[13].'<br />Currency: '.$resultArray[14].'<br />
|
|
Customer IP address: '.$resultArray[29].'<br />';
|
|
$orderState = _PS_OS_PAYMENT_;
|
|
|
|
/* We need to perform some checks */
|
|
|
|
/* Checking whether merchant ID is OK */
|
|
$merchantId = Configuration::get('ATOS_MERCHANT_ID');
|
|
if(Db::getInstance()->getValue('SELECT `id_customer` FROM `'._DB_PREFIX_.'cart` WHERE `id_cart` = '.(int) $resultArray[6]) == 2 || Db::getInstance()->getValue('SELECT `id_customer` FROM `'._DB_PREFIX_.'cart` WHERE `id_cart` = '.(int) $resultArray[6]) == 286342) {
|
|
//$merchantId = '082584341411111';
|
|
$merchantId = '075028916700025';
|
|
}
|
|
if ($resultArray[3] != $merchantId)
|
|
{
|
|
$orderState = _PS_OS_ERROR_;
|
|
$message .= '<span style="color: red;">Merchant ID is not valid ('.$resultArray[3].' should be '.$merchantId.')</span>';
|
|
}
|
|
|
|
/* Checking for cur rency */
|
|
if ($orderState == _PS_OS_PAYMENT_)
|
|
{
|
|
$cart = new Cart($resultArray[6]);
|
|
$currencies = array(1 => '978');
|
|
if (isset($currencies[$cart->id_currency]))
|
|
{
|
|
if ($currencies[$cart->id_currency] != strtoupper($resultArray[14]))
|
|
{
|
|
$orderState = _PS_OS_ERROR_;
|
|
$message .= '<span style="color: red;">Currency is not the right one (should be '.$currencies[$cart->id_currency].')</span>';
|
|
}
|
|
}
|
|
}
|
|
|
|
/* Checking for bank code response */
|
|
if ($orderState == _PS_OS_PAYMENT_)
|
|
{
|
|
$responseCode = intval($resultArray[11]);
|
|
|
|
switch ($responseCode)
|
|
{
|
|
case 3:
|
|
$message .= '<span style="color: red;">Merchand ID is not valid</span>';
|
|
$orderState = _PS_OS_ERROR_;
|
|
break;
|
|
|
|
case 5:
|
|
$message .= '<span style="color: red;">Bank has rejected payment</span>';
|
|
$orderState = _PS_OS_ERROR_;
|
|
break;
|
|
|
|
case 12:
|
|
$message .= '<span style="color: red;">Customer has canceled its order</span>';
|
|
$orderState = _PS_OS_CANCELED_;
|
|
break;
|
|
|
|
case 17:
|
|
$message .= '<span style="color: red;">Customer has canceled its order</span>';
|
|
$orderState = _PS_OS_CANCELED_;
|
|
break;
|
|
|
|
case 30:
|
|
$message .= '<span style="color: red;">Format error</span>';
|
|
$orderState = _PS_OS_ERROR_;
|
|
break;
|
|
|
|
case 34:
|
|
$message .= '<span style="color: red;">Bank said that transaction might be fraudulous</span>';
|
|
$orderState = _PS_OS_ERROR_;
|
|
break;
|
|
|
|
case 75:
|
|
$message .= '<span style="color: red;">Customer has exceeded max tries for its card number</span>';
|
|
$orderState = _PS_OS_ERROR_;
|
|
break;
|
|
|
|
case 90:
|
|
$message .= '<span style="color: red;">Bank server was unavailable</span>';
|
|
$orderState = _PS_OS_ERROR_;
|
|
break;
|
|
|
|
}
|
|
}
|
|
|
|
if($orderState == _PS_OS_PAYMENT_) {
|
|
// Fraud detection
|
|
$count_orders = Db::getInstance()->getRow('
|
|
SELECT COUNT(*) AS `total`
|
|
FROM `ps_orders`
|
|
WHERE `id_customer` = '.(int) $cart->id_customer.'
|
|
AND `date_add` >= DATE_SUB(NOW(), INTERVAL 7 DAY)
|
|
');
|
|
|
|
$count_products = Db::getInstance()->getRow('
|
|
SELECT COUNT(*)
|
|
FROM `ps_cart_product`
|
|
WHERE `id_cart` = '.(int) $cart->id.'
|
|
');
|
|
|
|
$count_total_paid = $cart->getOrderTotal();
|
|
|
|
$count_order_ip = Db::getInstance()->getRow('
|
|
SELECT COUNT(*) AS `total`
|
|
FROM `ps_payment_iplog`
|
|
WHERE `ipaddr` = "'.pSQL($resultArray[29]).'"
|
|
AND `date_add` >= DATE_SUB(NOW(), INTERVAL 7 DAY)
|
|
');
|
|
|
|
$reason = '';
|
|
|
|
if($count_orders['total'] + 1 > 3) {
|
|
$reason .= 'le client a passé plus de 3 commandes sur 7 jours'."\n";
|
|
}
|
|
|
|
if($count_products['total'] > 7 && $count_total_paid > 500.0) {
|
|
$reason .= 'la commande contient plus de 7 produits et est de plus de 500€'."\n";
|
|
}
|
|
|
|
if($count_order_ip['total'] > 3) {
|
|
$reason .= 'l\'ip a passé plus de 3 commandes sur 7 jours'."\n";
|
|
}
|
|
|
|
if($reason != '') {
|
|
@mail('frederic+paiement@bebeboutik.com', '[BEBEBOUTIK] Suspicion de fraude', 'Une commande suspecte a été détectée.
|
|
|
|
Détails de la commande :
|
|
|
|
- client : '.(int) $cart->id_customer.'
|
|
|
|
- panier : '.(int) $cart->id.'
|
|
|
|
- raison de l\'alerte :
|
|
'.$reason.'
|
|
', 'Content-Type: text/plain; charset="utf-8"'."\r\n".'From: paiement@bebeboutik.com'."\r\n".'Reply-To: perron@antadis.com'."\r\n".'Return-Path: perron@antadis.com'."\r\n");
|
|
}
|
|
|
|
Db::getInstance()->ExecuteS('
|
|
INSERT INTO `'._DB_PREFIX_.'payment_iplog` VALUES (
|
|
'.(int) $cart->id_customer.',
|
|
'.(int) $cart->id.',
|
|
"'.pSQL($resultArray[29]).'",
|
|
NOW()
|
|
)
|
|
');
|
|
//
|
|
}
|
|
|
|
$atos = new Atos_cyberplus();
|
|
$atos->validateOrder($resultArray[6], $orderState, ($resultArray[5] / 100), $atos->displayName, $message);
|
|
}
|
|
}
|
|
|
|
?>
|