<?php
include_once (PFAD_ROOT.PFAD_INCLUDES_MODULES.'PaymentMethod.class.php');
// Mode
define("PP_MODE", 0); // 1 = Test / 0 = Live
// Debug
define("D_MODE", 0); // 1 = An / 0 = Aus
define("D_PFAD", PFAD_ROOT . "jtllogs/paypal.log");
// Sandbox
define("URL_TEST", "https://www.sandbox.paypal.com/cgi-bin/webscr");
define("URLVALID_TEST", "ssl://www.sandbox.paypal.com");
// Live
define("URL_LIVE", "https://www.paypal.com/cgi-bin/webscr");
define("URLVALID_LIVE", "ssl://www.paypal.com");
class PayPal extends PaymentMethod
{
var $oPosition_arr = array();
function init()
{
$this->name = 'PayPal';
$this->caption = 'PayPal';
}
function preparePaymentProcess($order)
{
global $Einstellungen, $DB, $smarty;
$hash = $this->generateHash($order);
$cISOSprache = "";
$cISOSprache_arr = array("FR", "ES", "IT", "DE", "CN", "AU", "EN");
if(strlen($_SESSION['cISOSprache']) > 0)
{
$cISOSprache = convertISO2ISO639($_SESSION['cISOSprache']);
}
else
{
$oSprache = $GLOBALS['DB']->executeQuery("SELECT kSprache, cISO FROM tsprache WHERE cShopStandard = 'Y'", 1);
if($oSprache->kSprache > 0)
$cISOSprache = convertISO2ISO639($oSprache->cISO);
}
if(!in_array(strtoupper($cISOSprache), $cISOSprache_arr))
$cISOSprache = "DE";
$cCountryISO = $order->oKunde->cLand;
if (strlen($cCountryISO) > 2)
$cCountryISO = landISO($cCountryISO);
if ( isset($order->Lieferadresse->kLieferadresse) && ($order->Lieferadresse->kLieferadresse > 0) ) { //Kunde hat eine abweichende Lieferanschrift angegeben
$pp_address_override = array (
'address1'=> $order->Lieferadresse->cStrasse,
'address2'=> $order->Lieferadresse->cAdressZusatz,
'city'=> $order->Lieferadresse->cOrt,
'first_name'=> $order->Lieferadresse->cVorname,
'last_name'=> $order->Lieferadresse->cNachname,
'zip'=> $order->Lieferadresse->cPLZ
);
} else {
$pp_address_override = array (
'address1'=> $order->oKunde->cStrasse,
'address2'=> $order->oKunde->cAdressZusatz,
'city'=> $order->oKunde->cOrt,
'first_name'=> $order->oKunde->cVorname,
'last_name'=> $order->oKunde->cNachname,
'zip'=> $order->oKunde->cPLZ
);
}
$fields = array (
'cmd'=> '_cart',
'business'=> $Einstellungen['zahlungsarten']['zahlungsart_paypal_empfaengermail'],
'currency_code'=> $order->Waehrung->cISO,
/*
'address1'=> $_SESSION['Lieferadresse']->cStrasse,
'address2'=> $_SESSION['Lieferadresse']->cAdressZusatz,
'city'=> $_SESSION['Lieferadresse']->cOrt,
'country'=> $cCountryISO,
'first_name'=> $_SESSION['Lieferadresse']->cVorname,
'last_name'=> $_SESSION['Lieferadresse']->cNachname,
'zip'=> $_SESSION['Lieferadresse']->cPLZ,
'tax_cart' => number_format($order->fSteuern, 2, '.', ','),
'address_override'=> '1',
*/
'address1'=> $pp_address_override['address1'],
'address2'=> $pp_address_override['address2'],
'city'=> $pp_address_override['city'],
'country'=> $cCountryISO,
'first_name'=> $pp_address_override['first_name'],
'last_name'=> $pp_address_override['last_name'],
'zip'=> $pp_address_override['zip'],
'tax_cart' => number_format($order->fSteuern, 2, '.', ','),
'address_override'=> '1',
// Keine Angabe von Steuern (Bruttowerte werden übergeben)
'tax_cart' => '0.00',
'invoice'=> $order->cBestellNr,
'email'=> $order->oKunde->cMail,
'upload'=> '1',
'cancel_return'=> URL_SHOP,
'return'=> URL_SHOP . "/bestellabschluss.php?i=" . $hash,
'custom'=> $hash,
'lc' => strtoupper($cISOSprache),
'notify_url'=> $this->getNotificationURL($hash)
);
/*
$cNeedState_arr = array("US", "CA");
if (in_array(strtoupper($cCountryISO), $cNeedState_arr))
$fields['state'] = $_SESSION['Lieferadresse']->cBundesland;
*/
$idx = 1;
$fDiscountCart = 0;
if ($order->fGuthaben != 0)
{
if ($order->fGuthaben < 0)
$order->fGuthaben *= -1;
$fDiscountCart += $order->fGuthaben;
}
foreach ($order->Positionen as $oPosition)
{
if ($oPosition->nPosTyp == C_WARENKORBPOS_TYP_KUPON || $oPosition->nPosTyp == C_WARENKORBPOS_TYP_GUTSCHEIN || $oPosition->nPosTyp == C_WARENKORBPOS_TYP_NEUKUNDENKUPON || $oPosition->fPreis < 0)
{
$fDiscount = berechneBrutto($oPosition->fPreis * $order->Waehrung->fFaktor, $oPosition->fMwSt);
if ($fDiscount < 0)
$fDiscount *= -1;
$fDiscountCart += $fDiscount;
}
elseif ($oPosition->nPosTyp != C_WARENKORBPOS_TYP_VERSANDPOS && $oPosition->nPosTyp != C_WARENKORBPOS_TYP_VERPACKUNG && $oPosition->nPosTyp != C_WARENKORBPOS_TYP_VERSAND_ARTIKELABHAENGIG)
{
if(intval($oPosition->nAnzahl) != $oPosition->nAnzahl) {
$fields['item_name_' . $idx] = $oPosition->cName.' ('.str_replace('.', ',',$oPosition->nAnzahl).' '.$oPosition->cEinheit.')';
$fields['quantity_' . $idx] = 1;
$fields['amount_' . $idx] = round(berechneBrutto($oPosition->fPreis * $order->Waehrung->fFaktor, $oPosition->fMwSt)*$oPosition->nAnzahl, 2);
} else {
$fields['item_name_' . $idx] = $oPosition->cName;
$fields['quantity_' . $idx] = $oPosition->nAnzahl;
$fields['amount_' . $idx] = round(berechneBrutto($oPosition->fPreis * $order->Waehrung->fFaktor, $oPosition->fMwSt), 2);
}
if ($oPosition->Artikel)
$fields['item_number_' . $idx] = $oPosition->Artikel->cArtNr;
if ($idx == 1)
$fields['shipping_' . $idx] = round($order->fVersandKundenwaehrung, 2);
$idx++;
}
}
if ($fDiscountCart > 0)
$fields['discount_amount_cart'] = round($fDiscountCart, 2);
$smarty->assign('fields', $fields);
$smarty->assign('url', PP_MODE == 1 ? URL_TEST : URL_LIVE);
}
function handleNotification($order, $paymentHash, $args)
{
if($this->verifyNotification($order, $paymentHash, $args))
{
$zahlungsid = $GLOBALS['DB']->executeQuery("select * from tzahlungsid where cId=\"".$args['custom']."\"",1);
if(D_MODE == 1)
writeLog(D_PFAD, "kBestellung: " . $zahlungsid->kBestellung, 1);
$b = $GLOBALS['DB']->executeQuery("select kKunde from tbestellung where kBestellung=".$zahlungsid->kBestellung,1);
$kunde = new Kunde($b->kKunde);
$Sprache = $GLOBALS["DB"]->executeQuery("select cISO from tsprache where kSprache=".$kunde->kSprache,1);
if (!$Sprache)
$Sprache = $GLOBALS["DB"]->executeQuery("select cISO from tsprache where cShopStandard=\"Y\"",1);
$bestellung = new Bestellung($zahlungsid->kBestellung);
$bestellung->fuelleBestellung(0);
if ($bestellung->Waehrung->cISO!=$_POST['mc_currency'])
{
if(D_MODE == 1)
writeLog(D_PFAD, "Falsche Waehrung: " . $bestellung->Waehrung->cISO . " != " . $_POST['mc_currency'], 1);
die('0');
}
//zahlung setzen
$GLOBALS['DB']->executeQuery("update tbestellung set
dBezahltDatum=now(),
cStatus=\"".BESTELLUNG_STATUS_BEZAHLT."\" where kBestellung=".intval($bestellung->kBestellung),4);
unset($bestellung);
$bestellung = new Bestellung($zahlungsid->kBestellung);
$bestellung->fuelleBestellung(0);
// process payment
$paymentDateTmp=strtotime($_POST['payment_date']);
$zahlungseingang->kBestellung = $bestellung->kBestellung;
$zahlungseingang->cZahlungsanbieter = "PayPal";
$zahlungseingang->fBetrag = $_POST['mc_gross'];
$zahlungseingang->fZahlungsgebuehr = $_POST['payment_fee'];
$zahlungseingang->cISO = $_POST['mc_currency'];
$zahlungseingang->cEmpfaenger = $_POST['receiver_email'];
$zahlungseingang->cZahler = $_POST['payer_email'];
$zahlungseingang->cAbgeholt = 'N';
$zahlungseingang->cHinweis = $_POST['txn_id'];
$zahlungseingang->dZeit = strftime('%Y-%m-%d %H:%M:%S',$paymentDateTmp);
$GLOBALS['DB']->insertRow('tzahlungseingang',$zahlungseingang);
//mail
$obj->tkunde = $kunde;
$obj->tbestellung = $bestellung;
sendeMail(MAILTEMPLATE_BESTELLUNG_BEZAHLT,$obj);
echo $this->getReturnURL($order);
}
}
/**
* @return boolean
* @param Bestellung $order
* @param array $args
*/
function verifyNotification($order, $paymentHash, $args)
{
$req = 'cmd=_notify-validate';
foreach ($args as $key => $value)
{
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = @fsockopen (PP_MODE == 1 ? URLVALID_TEST : URLVALID_LIVE, 443, $errno, $errstr, 30);
if (!$fp)
{
// HTTP ERROR
if(D_MODE == 1)
writeLog(D_PFAD, $errstr . "(" . $errno . ")", 1);
}
else
{
fputs ($fp, $header . $req);
while (!feof($fp))
{
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0)
{
// echo the response
if(D_MODE == 1)
writeLog(D_PFAD, "VERIFIED - true", 1);
// check the payment_status is Completed
if ($args['payment_status']!="Completed")
{
if(D_MODE == 1)
writeLog(D_PFAD, $args['payment_status'] . " != Completed", 1);
return false;
}
// check that txn_id has not been previously processed
$txn_id_obj = $GLOBALS['DB']->executeQuery("select * from tzahlungsid where txn_id=\"".$args['txn_id']."\"",1);
if ($txn_id_obj->kBestellung>0)
{
if(D_MODE == 1)
writeLog(D_PFAD, "ZahlungsID " . $args['txn_id'] . " bereits gehabt.", 1);
return false;
}
// check that receiver_email is your Primary PayPal email
$Einstellungen = getEinstellungen(array(CONF_ZAHLUNGSARTEN));
if ($Einstellungen['zahlungsarten']['zahlungsart_paypal_empfaengermail']!=$args['receiver_email'] && $Einstellungen['zahlungsarten']['zahlungsart_paypal_empfaengermail']!=$args['business'])
{
if(D_MODE == 1)
writeLog(D_PFAD, "Falscher Emailempfaenger: " . $args['receiver_email'] . " != " . $Einstellungen['zahlungsarten']['zahlungsart_paypal_empfaengermail'], 1);
return false;
}
// check that payment_amount/payment_currency are correct
if($_POST['custom']{0} == "_")
{
checkeExterneZahlung($args['custom']);
}
else
{
$zahlungsid = $GLOBALS['DB']->executeQuery("select * from tzahlungsid where cId=\"".$args['custom']."\"",1);
if (!$zahlungsid->kBestellung)
{
if(D_MODE == 1)
writeLog(D_PFAD, "ZahlungsID ist unbekannt: " . $args['custom'], 1);
return false;
}
}
}
}
}
return true;
}
function finalizeOrder($order, $hash, $args)
{
return $this->verifyNotification($order, $hash, $args);
}
function parse($resultURL)
{
$r_arr=explode("&",$resultURL);
foreach($r_arr AS $buf)
{
$temp=urldecode($buf);
$temp=split("=",$temp,2);
$postatt=$temp[0];
$postvar=$temp[1];
$returnvalue[$postatt]=$postvar;
}
return($returnvalue);
}
function isValidIntern($args_arr = array())
{
if(strlen($GLOBALS['Einstellungen']['zahlungsarten']['zahlungsart_paypal_empfaengermail']) == 0 || $GLOBALS['Einstellungen']['zahlungsarten']['zahlungsart_paypal_empfaengermail'] == "")
{
ZahlungsLog::add($this->moduleID, "Pflichtparameter 'Empfaengeremail' ist nicht gesetzt!", null, LOGLEVEL_ERROR);
return false;
}
return true;
}
public function canPayAgain()
{
return true;
}
}
?>