2009-01-26 22:49:43 +01:00
< ? php
2012-02-16 11:52:38 +01:00
/* Copyright ( C ) 2008 - 2012 Laurent Destailleur < eldy @ users . sourceforge . net >
2018-10-27 14:43:12 +02:00
* Copyright ( C ) 2011 - 2012 Regis Houssin < regis . houssin @ inodbox . com >
2009-01-26 22:49:43 +01:00
*
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
2013-01-16 15:36:08 +01:00
* the Free Software Foundation ; either version 3 of the License , or
2009-01-26 22:49:43 +01:00
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
2011-08-01 01:19:04 +02:00
* along with this program . If not , see < http :// www . gnu . org / licenses />.
2009-01-26 22:49:43 +01:00
*/
/**
2010-10-04 01:20:49 +02:00
* \file htdocs / paypal / lib / paypal . lib . php
2010-10-27 23:51:41 +02:00
* \ingroup paypal
2010-10-03 20:16:14 +02:00
* \brief Library for common paypal functions
2009-01-26 22:49:43 +01:00
*/
2011-09-06 00:52:17 +02:00
2011-05-17 12:36:53 +02:00
/**
* Define head array for tabs of paypal tools setup pages
2011-10-03 18:10:50 +02:00
*
2011-05-17 12:36:53 +02:00
* @ return Array of head
*/
function paypaladmin_prepare_head ()
{
2011-05-26 12:16:10 +02:00
global $langs , $conf ;
2011-07-13 18:55:25 +02:00
2011-05-17 12:36:53 +02:00
$h = 0 ;
$head = array ();
$head [ $h ][ 0 ] = DOL_URL_ROOT . " /paypal/admin/paypal.php " ;
2015-08-31 12:13:23 +02:00
$head [ $h ][ 1 ] = $langs -> trans ( " PayPal " );
2011-05-17 12:36:53 +02:00
$head [ $h ][ 2 ] = 'paypalaccount' ;
$h ++ ;
2011-07-13 18:55:25 +02:00
2013-01-19 14:32:37 +01:00
$object = new stdClass ();
2011-12-07 17:28:11 +01:00
2011-05-26 08:17:17 +02:00
// Show more tabs from modules
// Entries must be declared in modules descriptor with line
// $this->tabs = array('entity:+tabname:Title:@mymodule:/mymodule/mypage.php?id=__ID__'); to add new tab
2012-12-01 15:45:05 +01:00
// $this->tabs = array('entity:-tabname); to remove a tab
2012-12-02 11:03:23 +01:00
complete_head_from_modules ( $conf , $langs , $object , $head , $h , 'paypaladmin' );
2012-12-01 15:45:05 +01:00
2012-12-02 11:03:23 +01:00
complete_head_from_modules ( $conf , $langs , $object , $head , $h , 'paypaladmin' , 'remove' );
2011-05-17 12:36:53 +02:00
return $head ;
}
2010-11-21 14:48:42 +01:00
2011-09-06 00:52:17 +02:00
2011-11-30 19:42:08 +01:00
/**
* Return string with full Url
*
* @ param string $type Type of URL ( 'free' , 'order' , 'invoice' , 'contractline' , 'membersubscription' ... )
* @ param string $ref Ref of object
* @ return string Url string
*/
function showPaypalPaymentUrl ( $type , $ref )
{
global $conf , $langs ;
$langs -> load ( " paypal " );
$langs -> load ( " paybox " );
$servicename = 'PayPal' ;
$out = '<br><br>' ;
$out .= img_picto ( '' , 'object_globe.png' ) . ' ' . $langs -> trans ( " ToOfferALinkForOnlinePayment " , $servicename ) . '<br>' ;
$url = getPaypalPaymentUrl ( 0 , $type , $ref );
2017-03-23 11:16:30 +01:00
$out .= '<input type="text" id="paypalurl" class="quatrevingtpercent" value="' . $url . '">' ;
$out .= ajax_autoselect ( " paypalurl " , 0 );
2011-11-30 19:42:08 +01:00
return $out ;
}
2011-06-17 12:21:21 +02:00
/**
2011-09-06 00:52:17 +02:00
* Return string with full Url
2011-07-13 18:55:25 +02:00
*
2011-09-06 00:52:17 +02:00
* @ param int $mode 0 = True url , 1 = Url formated with colors
* @ param string $type Type of URL ( 'free' , 'order' , 'invoice' , 'contractline' , 'membersubscription' ... )
* @ param string $ref Ref of object
* @ param int $amount Amount
* @ param string $freetag Free tag
* @ return string Url string
2011-06-17 12:21:21 +02:00
*/
2011-09-06 00:52:17 +02:00
function getPaypalPaymentUrl ( $mode , $type , $ref = '' , $amount = '9.99' , $freetag = 'your_free_tag' )
2011-06-17 12:21:21 +02:00
{
global $conf ;
2011-07-13 18:55:25 +02:00
2016-07-25 21:50:41 +02:00
$ref = str_replace ( ' ' , '' , $ref );
2017-10-28 16:32:19 +02:00
2011-09-06 00:52:17 +02:00
if ( $type == 'free' )
{
$out = DOL_MAIN_URL_ROOT . '/public/paypal/newpayment.php?amount=' . ( $mode ? '<font color="#666666">' : '' ) . $amount . ( $mode ? '</font>' : '' ) . '&tag=' . ( $mode ? '<font color="#666666">' : '' ) . $freetag . ( $mode ? '</font>' : '' );
2012-02-16 11:52:38 +01:00
if ( ! empty ( $conf -> global -> PAYPAL_SECURITY_TOKEN ))
{
if ( empty ( $conf -> global -> PAYPAL_SECURITY_TOKEN_UNIQUE )) $out .= '&securekey=' . $conf -> global -> PAYPAL_SECURITY_TOKEN ;
else $out .= '&securekey=' . dol_hash ( $conf -> global -> PAYPAL_SECURITY_TOKEN , 2 );
}
2011-09-06 00:52:17 +02:00
}
if ( $type == 'order' )
{
$out = DOL_MAIN_URL_ROOT . '/public/paypal/newpayment.php?source=order&ref=' . ( $mode ? '<font color="#666666">' : '' );
if ( $mode == 1 ) $out .= 'order_ref' ;
if ( $mode == 0 ) $out .= urlencode ( $ref );
$out .= ( $mode ? '</font>' : '' );
if ( ! empty ( $conf -> global -> PAYPAL_SECURITY_TOKEN ))
{
if ( empty ( $conf -> global -> PAYPAL_SECURITY_TOKEN_UNIQUE )) $out .= '&securekey=' . $conf -> global -> PAYPAL_SECURITY_TOKEN ;
else
{
$out .= '&securekey=' . ( $mode ? '<font color="#666666">' : '' );
2016-03-05 12:20:58 +01:00
if ( $mode == 1 ) $out .= " hash(' " . $conf -> global -> PAYPAL_SECURITY_TOKEN . " ' + ' " . $type . " ' + order_ref) " ;
if ( $mode == 0 ) $out .= dol_hash ( $conf -> global -> PAYPAL_SECURITY_TOKEN . $type . $ref , 2 );
2011-09-06 00:52:17 +02:00
$out .= ( $mode ? '</font>' : '' );
}
}
}
if ( $type == 'invoice' )
{
$out = DOL_MAIN_URL_ROOT . '/public/paypal/newpayment.php?source=invoice&ref=' . ( $mode ? '<font color="#666666">' : '' );
if ( $mode == 1 ) $out .= 'invoice_ref' ;
if ( $mode == 0 ) $out .= urlencode ( $ref );
$out .= ( $mode ? '</font>' : '' );
if ( ! empty ( $conf -> global -> PAYPAL_SECURITY_TOKEN ))
{
if ( empty ( $conf -> global -> PAYPAL_SECURITY_TOKEN_UNIQUE )) $out .= '&securekey=' . $conf -> global -> PAYPAL_SECURITY_TOKEN ;
else
{
$out .= '&securekey=' . ( $mode ? '<font color="#666666">' : '' );
2016-03-05 12:20:58 +01:00
if ( $mode == 1 ) $out .= " hash(' " . $conf -> global -> PAYPAL_SECURITY_TOKEN . " ' + ' " . $type . " ' + invoice_ref) " ;
if ( $mode == 0 ) $out .= dol_hash ( $conf -> global -> PAYPAL_SECURITY_TOKEN . $type . $ref , 2 );
2011-09-06 00:52:17 +02:00
$out .= ( $mode ? '</font>' : '' );
}
}
}
if ( $type == 'contractline' )
{
$out = DOL_MAIN_URL_ROOT . '/public/paypal/newpayment.php?source=contractline&ref=' . ( $mode ? '<font color="#666666">' : '' );
if ( $mode == 1 ) $out .= 'contractline_ref' ;
if ( $mode == 0 ) $out .= urlencode ( $ref );
$out .= ( $mode ? '</font>' : '' );
if ( ! empty ( $conf -> global -> PAYPAL_SECURITY_TOKEN ))
{
if ( empty ( $conf -> global -> PAYPAL_SECURITY_TOKEN_UNIQUE )) $out .= '&securekey=' . $conf -> global -> PAYPAL_SECURITY_TOKEN ;
else
{
$out .= '&securekey=' . ( $mode ? '<font color="#666666">' : '' );
2016-03-05 12:20:58 +01:00
if ( $mode == 1 ) $out .= " hash(' " . $conf -> global -> PAYPAL_SECURITY_TOKEN . " ' + ' " . $type . " ' + contractline_ref) " ;
if ( $mode == 0 ) $out .= dol_hash ( $conf -> global -> PAYPAL_SECURITY_TOKEN . $type . $ref , 2 );
2011-09-06 00:52:17 +02:00
$out .= ( $mode ? '</font>' : '' );
}
}
}
if ( $type == 'membersubscription' )
{
$out = DOL_MAIN_URL_ROOT . '/public/paypal/newpayment.php?source=membersubscription&ref=' . ( $mode ? '<font color="#666666">' : '' );
if ( $mode == 1 ) $out .= 'member_ref' ;
if ( $mode == 0 ) $out .= urlencode ( $ref );
$out .= ( $mode ? '</font>' : '' );
if ( ! empty ( $conf -> global -> PAYPAL_SECURITY_TOKEN ))
{
if ( empty ( $conf -> global -> PAYPAL_SECURITY_TOKEN_UNIQUE )) $out .= '&securekey=' . $conf -> global -> PAYPAL_SECURITY_TOKEN ;
else
{
$out .= '&securekey=' . ( $mode ? '<font color="#666666">' : '' );
2016-03-05 12:20:58 +01:00
if ( $mode == 1 ) $out .= " hash(' " . $conf -> global -> PAYPAL_SECURITY_TOKEN . " ' + ' " . $type . " ' + member_ref) " ;
if ( $mode == 0 ) $out .= dol_hash ( $conf -> global -> PAYPAL_SECURITY_TOKEN . $type . $ref , 2 );
2011-09-06 00:52:17 +02:00
$out .= ( $mode ? '</font>' : '' );
}
}
}
2013-12-07 03:23:14 +01:00
2013-04-08 12:38:51 +02:00
// For multicompany
2015-07-03 08:18:32 +02:00
$out .= " &entity= " . $conf -> entity ; // Check the entity because He may be the same reference in several entities
2013-12-07 03:23:14 +01:00
2011-09-06 00:52:17 +02:00
return $out ;
2011-06-17 12:21:21 +02:00
}
2011-09-06 00:52:17 +02:00
2010-11-21 14:48:42 +01:00
/**
* Send redirect to paypal to browser
2010-11-21 14:55:18 +01:00
*
2011-10-03 18:10:50 +02:00
* @ param float $paymentAmount Amount
* @ param string $currencyCodeType Currency code
* @ param string $paymentType Payment type
* @ param string $returnURL Url to use if payment is OK
* @ param string $cancelURL Url to use if payment is KO
2017-05-13 15:19:35 +02:00
* @ param string $tag Full tag
2018-03-04 19:39:46 +01:00
* @ return string No return ( a redirect is done ) if OK , or Error message if KO
2010-11-21 14:48:42 +01:00
*/
function print_paypal_redirect ( $paymentAmount , $currencyCodeType , $paymentType , $returnURL , $cancelURL , $tag )
{
//declaring of global variables
global $conf , $langs ;
global $API_Endpoint , $API_Url , $API_version , $USE_PROXY , $PROXY_HOST , $PROXY_PORT ;
global $PAYPAL_API_USER , $PAYPAL_API_PASSWORD , $PAYPAL_API_SIGNATURE ;
global $shipToName , $shipToStreet , $shipToCity , $shipToState , $shipToCountryCode , $shipToZip , $shipToStreet2 , $phoneNum ;
2011-11-30 18:48:04 +01:00
global $email , $desc ;
2010-11-21 14:48:42 +01:00
//'------------------------------------
//' Calls the SetExpressCheckout API call
//'
//'-------------------------------------------------
if ( empty ( $conf -> global -> PAYPAL_API_INTEGRAL_OR_PAYPALONLY )) $conf -> global -> PAYPAL_API_INTEGRAL_OR_PAYPALONLY = 'integral' ;
$solutionType = 'Sole' ;
$landingPage = 'Billing' ;
// For payment with Paypal only
if ( $conf -> global -> PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'paypalonly' )
{
$solutionType = 'Mark' ;
$landingPage = 'Login' ;
}
// For payment with Credit card or Paypal
if ( $conf -> global -> PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'integral' )
{
$solutionType = 'Sole' ;
$landingPage = 'Billing' ;
}
// For payment with Credit card
if ( $conf -> global -> PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'cconly' )
{
$solutionType = 'Sole' ;
$landingPage = 'Billing' ;
}
2012-01-22 20:33:45 +01:00
dol_syslog ( " expresscheckout redirect with callSetExpressCheckout $paymentAmount , $currencyCodeType , $paymentType , $returnURL , $cancelURL , $tag , $solutionType , $landingPage , $shipToName , $shipToStreet , $shipToCity , $shipToState , $shipToCountryCode , $shipToZip , $shipToStreet2 , $phoneNum " );
$resArray = callSetExpressCheckout (
2011-10-03 18:10:50 +02:00
$paymentAmount ,
$currencyCodeType ,
$paymentType ,
$returnURL ,
$cancelURL ,
$tag ,
$solutionType ,
$landingPage ,
$shipToName ,
$shipToStreet ,
$shipToCity ,
$shipToState ,
$shipToCountryCode ,
$shipToZip ,
$shipToStreet2 ,
2011-11-30 18:48:04 +01:00
$phoneNum ,
$email ,
$desc
2011-10-03 18:10:50 +02:00
);
2010-11-21 14:48:42 +01:00
$ack = strtoupper ( $resArray [ " ACK " ]);
if ( $ack == " SUCCESS " || $ack == " SUCCESSWITHWARNING " )
{
$token = $resArray [ " TOKEN " ];
// Redirect to paypal.com here
$payPalURL = $API_Url . $token ;
header ( " Location: " . $payPalURL );
2011-09-02 18:46:38 +02:00
exit ;
2010-11-21 14:48:42 +01:00
}
else
{
//Display a user friendly Error on the page using any of the following error information returned by PayPal
$ErrorCode = urldecode ( $resArray [ " L_ERRORCODE0 " ]);
$ErrorShortMsg = urldecode ( $resArray [ " L_SHORTMESSAGE0 " ]);
$ErrorLongMsg = urldecode ( $resArray [ " L_LONGMESSAGE0 " ]);
$ErrorSeverityCode = urldecode ( $resArray [ " L_SEVERITYCODE0 " ]);
2018-03-04 19:39:46 +01:00
if ( $ErrorCode == 10729 )
{
$mesg .= " PayPal can't accept payments for this thirdparty. An address is defined but is not complete (missing State).<br>Ask system administrator to fix address or to setup Paypal module to accept payments even on not complete addresses (remove option PAYPAL_REQUIRE_VALID_SHIPPING_ADDRESS).<br> \n " ;
}
else
{
$mesg = $langs -> trans ( 'SetExpressCheckoutAPICallFailed' ) . " <br> \n " ;
$mesg .= $langs -> trans ( 'DetailedErrorMessage' ) . " : " . $ErrorLongMsg . " <br> \n " ;
$mesg .= $langs -> trans ( 'ShortErrorMessage' ) . " : " . $ErrorShortMsg . " <br> \n " ;
$mesg .= $langs -> trans ( 'ErrorCode' ) . " : " . $ErrorCode . " <br> \n " ;
$mesg .= $langs -> trans ( 'ErrorSeverityCode' ) . " : " . $ErrorSeverityCode . " <br> \n " ;
}
return $mesg ;
2010-11-21 14:48:42 +01:00
}
}
2015-04-07 02:45:30 +02:00
/**
2015-04-08 00:14:44 +02:00
*-------------------------------------------------------------------------------------------------------------------------------------------
* Purpose : Prepares the parameters for the SetExpressCheckout API Call .
* Inputs :
* paymentAmount : Total value of the shopping cart
* currencyCodeType : Currency code value the PayPal API
* paymentType : paymentType has to be one of the following values : Sale or Order or Authorization
* returnURL : the page where buyers return to after they are done with the payment review on PayPal
* cancelURL : the page where buyers return to when they cancel the payment review on PayPal
* shipToName : the Ship to name entered on the merchant ' s site
* shipToStreet : the Ship to Street entered on the merchant ' s site
* shipToCity : the Ship to City entered on the merchant ' s site
* shipToState : the Ship to State entered on the merchant ' s site
* shipToCountryCode : the Code for Ship to Country entered on the merchant ' s site
* shipToZip : the Ship to ZipCode entered on the merchant ' s site
* shipToStreet2 : the Ship to Street2 entered on the merchant ' s site
* phoneNum : the phoneNum entered on the merchant ' s site
* email : the buyer email
* desc : Product description
2018-03-04 19:39:46 +01:00
* See https :// developer . paypal . com / docs / classic / api / merchant / SetExpressCheckout_API_Operation_NVP /
2015-04-08 00:14:44 +02:00
*
* @ param double $paymentAmount Payment amount
* @ param string $currencyCodeType Currency
* @ param string $paymentType Payment type
* @ param string $returnURL Return Url
* @ param string $cancelURL Cancel Url
2017-05-13 15:19:35 +02:00
* @ param string $tag Full tag
2018-03-04 19:39:46 +01:00
* @ param string $solutionType Type ( 'Mark' or 'Sole' )
* @ param string $landingPage Landing page ( 'Login' or 'Billing' )
2015-04-08 00:14:44 +02:00
* @ param string $shipToName Ship to name
* @ param string $shipToStreet Ship to street
* @ param string $shipToCity Ship to city
* @ param string $shipToState Ship to state
* @ param string $shipToCountryCode Ship to country code
* @ param string $shipToZip Ship to zip
* @ param string $shipToStreet2 Ship to street2
* @ param string $phoneNum Phone
* @ param string $email Email
* @ param string $desc Description
* @ return array Array
2015-04-07 02:45:30 +02:00
*/
2012-01-22 20:33:45 +01:00
function callSetExpressCheckout ( $paymentAmount , $currencyCodeType , $paymentType , $returnURL , $cancelURL , $tag , $solutionType , $landingPage , $shipToName , $shipToStreet , $shipToCity , $shipToState , $shipToCountryCode , $shipToZip , $shipToStreet2 , $phoneNum , $email = '' , $desc = '' )
2010-11-21 14:48:42 +01:00
{
//------------------------------------------------------------------------------------------------------------------------------------
// Construct the parameter string that describes the SetExpressCheckout API call in the shortcut implementation
//declaring of global variables
2018-03-04 19:39:46 +01:00
global $conf , $langs , $mysoc ;
2010-11-21 14:48:42 +01:00
global $API_Endpoint , $API_Url , $API_version , $USE_PROXY , $PROXY_HOST , $PROXY_PORT ;
global $PAYPAL_API_USER , $PAYPAL_API_PASSWORD , $PAYPAL_API_SIGNATURE ;
2011-11-30 18:48:04 +01:00
$nvpstr = '' ;
2018-03-06 00:12:23 +01:00
//$nvpstr = $nvpstr . "&VERSION=".$API_version; // Already added by hash_call
2010-11-21 14:48:42 +01:00
$nvpstr = $nvpstr . " &RETURNURL= " . urlencode ( $returnURL );
$nvpstr = $nvpstr . " &CANCELURL= " . urlencode ( $cancelURL );
2018-03-04 19:39:46 +01:00
if ( ! empty ( $conf -> global -> PAYPAL_ALLOW_NOTES ))
{
$nvpstr = $nvpstr . " &ALLOWNOTE=0 " ;
}
if ( empty ( $conf -> global -> PAYPAL_REQUIRE_VALID_SHIPPING_ADDRESS ))
{
$nvpstr = $nvpstr . " &NOSHIPPING=1 " ; // An empty or not complete shipping address will be accepted
}
else
{
$nvpstr = $nvpstr . " &NOSHIPPING=0 " ; // A valid shipping address is required (full required fields mandatory)
}
2010-11-21 14:48:42 +01:00
$nvpstr = $nvpstr . " &SOLUTIONTYPE= " . urlencode ( $solutionType );
$nvpstr = $nvpstr . " &LANDINGPAGE= " . urlencode ( $landingPage );
2018-03-04 19:39:46 +01:00
if ( ! empty ( $conf -> global -> PAYPAL_CUSTOMER_SERVICE_NUMBER ))
{
$nvpstr = $nvpstr . " &CUSTOMERSERVICENUMBER= " . urlencode ( $conf -> global -> PAYPAL_CUSTOMER_SERVICE_NUMBER ); // Hotline phone number
}
$paypalprefix = 'PAYMENTREQUEST_0_' ;
//$paypalprefix = '';
if ( ! empty ( $paypalprefix ) && $paymentType == 'Sole' ) $paymentType = 'Sale' ;
$nvpstr = $nvpstr . " &AMT= " . urlencode ( $paymentAmount ); // Total for all elements
$nvpstr = $nvpstr . " & " . $paypalprefix . " INVNUM= " . urlencode ( $tag );
$nvpstr = $nvpstr . " & " . $paypalprefix . " AMT= " . urlencode ( $paymentAmount ); // AMT deprecated by paypal -> PAYMENTREQUEST_n_AMT
$nvpstr = $nvpstr . " & " . $paypalprefix . " ITEMAMT= " . urlencode ( $paymentAmount ); // AMT deprecated by paypal -> PAYMENTREQUEST_n_AMT
$nvpstr = $nvpstr . " & " . $paypalprefix . " PAYMENTACTION= " . urlencode ( $paymentType ); // PAYMENTACTION deprecated by paypal -> PAYMENTREQUEST_n_PAYMENTACTION
$nvpstr = $nvpstr . " & " . $paypalprefix . " CURRENCYCODE= " . urlencode ( $currencyCodeType ); // CURRENCYCODE deprecated by paypal -> PAYMENTREQUEST_n_CURRENCYCODE
$nvpstr = $nvpstr . " & " . $paypalprefix . " L_PAYMENTREQUEST_0_QTY0=1 " ;
$nvpstr = $nvpstr . " & " . $paypalprefix . " L_PAYMENTREQUEST_0_AMT0= " . urlencode ( $paymentAmount );
$nvpstr = $nvpstr . " & " . $paypalprefix . " L_PAYMENTREQUEST_0_NAME0= " . urlencode ( $desc );
$nvpstr = $nvpstr . " & " . $paypalprefix . " L_PAYMENTREQUEST_0_NUMBER0=0 " ;
$nvpstr = $nvpstr . " & " . $paypalprefix . " SHIPTONAME= " . urlencode ( $shipToName ); // SHIPTONAME deprecated by paypal -> PAYMENTREQUEST_n_SHIPTONAME
$nvpstr = $nvpstr . " & " . $paypalprefix . " SHIPTOSTREET= " . urlencode ( $shipToStreet ); //
$nvpstr = $nvpstr . " & " . $paypalprefix . " SHIPTOSTREET2= " . urlencode ( $shipToStreet2 );
$nvpstr = $nvpstr . " & " . $paypalprefix . " SHIPTOCITY= " . urlencode ( $shipToCity );
$nvpstr = $nvpstr . " & " . $paypalprefix . " SHIPTOSTATE= " . urlencode ( $shipToState );
$nvpstr = $nvpstr . " & " . $paypalprefix . " SHIPTOCOUNTRYCODE= " . urlencode ( $shipToCountryCode );
$nvpstr = $nvpstr . " & " . $paypalprefix . " SHIPTOZIP= " . urlencode ( $shipToZip );
$nvpstr = $nvpstr . " & " . $paypalprefix . " PHONENUM= " . urlencode ( $phoneNum );
if ( ! empty ( $email )) $nvpstr = $nvpstr . " & " . $paypalprefix . " EMAIL= " . urlencode ( $email ); // EMAIL deprecated by paypal -> PAYMENTREQUEST_n_EMAIL
if ( ! empty ( $desc )) $nvpstr = $nvpstr . " & " . $paypalprefix . " DESC= " . urlencode ( $desc ); // DESC deprecated by paypal -> PAYMENTREQUEST_n_DESC
if ( ! empty ( $conf -> global -> PAYPAL_LOGOIMG ) && $mysoc -> logo )
{
global $dolibarr_main_url_root ;
// Define $urlwithroot
$urlwithouturlroot = preg_replace ( '/' . preg_quote ( DOL_URL_ROOT , '/' ) . '$/i' , '' , trim ( $dolibarr_main_url_root ));
$urlwithroot = $urlwithouturlroot . DOL_URL_ROOT ; // This is to use external domain name found into config file
//$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
2010-11-21 14:48:42 +01:00
2018-09-09 12:53:30 +02:00
$urllogo = $urlwithroot . " /viewimage.php?modulepart=mycompany&file= " . urlencode ( 'logos/' . $mysoc -> logo );
2018-03-04 19:39:46 +01:00
$nvpstr = $nvpstr . " &LOGOIMG= " . urlencode ( $urllogo );
}
if ( ! empty ( $conf -> global -> PAYPAL_BRANDNAME ))
{
$nvpstr = $nvpstr . " &BRANDNAME= " . urlencode ( $conf -> global -> PAYPAL_BRANDNAME ); // BRANDNAME
}
if ( ! empty ( $conf -> global -> PAYPAL_NOTETOBUYER ))
{
$nvpstr = $nvpstr . " &NOTETOBUYER= " . urlencode ( $conf -> global -> PAYPAL_NOTETOBUYER ); // PAYPAL_NOTETOBUYER
}
2010-11-21 14:48:42 +01:00
2017-08-31 02:34:07 +02:00
$_SESSION [ " FinalPaymentAmt " ] = $paymentAmount ;
2010-11-21 14:48:42 +01:00
$_SESSION [ " currencyCodeType " ] = $currencyCodeType ;
2018-03-04 19:39:46 +01:00
$_SESSION [ " PaymentType " ] = $paymentType ; // 'Mark', 'Sole'
$_SESSION [ 'ipaddress' ] = $_SERVER [ 'REMOTE_ADDR' ]; // Payer ip
2010-11-21 14:48:42 +01:00
//'---------------------------------------------------------------------------------------------------------------
//' Make the API call to PayPal
//' If the API call succeded, then redirect the buyer to PayPal to begin to authorize payment.
//' If an error occured, show the resulting errors
//'---------------------------------------------------------------------------------------------------------------
$resArray = hash_call ( " SetExpressCheckout " , $nvpstr );
$ack = strtoupper ( $resArray [ " ACK " ]);
if ( $ack == " SUCCESS " || $ack == " SUCCESSWITHWARNING " )
{
$token = urldecode ( $resArray [ " TOKEN " ]);
$_SESSION [ 'TOKEN' ] = $token ;
}
return $resArray ;
}
2011-10-03 18:10:50 +02:00
/**
* Prepares the parameters for the GetExpressCheckoutDetails API Call .
*
2012-01-22 20:33:45 +01:00
* @ param string $token Token
* @ return array The NVP Collection object of the GetExpressCheckoutDetails Call Response .
2010-11-21 14:48:42 +01:00
*/
2012-01-22 20:33:45 +01:00
function getDetails ( $token )
2010-11-21 14:48:42 +01:00
{
//'--------------------------------------------------------------
//' At this point, the buyer has completed authorizing the payment
//' at PayPal. The function will call PayPal to obtain the details
//' of the authorization, incuding any shipping information of the
//' buyer. Remember, the authorization is not a completed transaction
//' at this state - the buyer still needs an additional step to finalize
//' the transaction
//'--------------------------------------------------------------
//declaring of global variables
global $conf , $langs ;
global $API_Endpoint , $API_Url , $API_version , $USE_PROXY , $PROXY_HOST , $PROXY_PORT ;
global $PAYPAL_API_USER , $PAYPAL_API_PASSWORD , $PAYPAL_API_SIGNATURE ;
//'---------------------------------------------------------------------------
//' Build a second API request to PayPal, using the token as the
//' ID to get the details on the payment authorization
//'---------------------------------------------------------------------------
$nvpstr = " &TOKEN= " . $token ;
//'---------------------------------------------------------------------------
//' Make the API call and store the results in an array.
//' If the call was a success, show the authorization details, and provide
//' an action to complete the payment.
//' If failed, show the error
//'---------------------------------------------------------------------------
$resArray = hash_call ( " GetExpressCheckoutDetails " , $nvpstr );
$ack = strtoupper ( $resArray [ " ACK " ]);
if ( $ack == " SUCCESS " || $ack == " SUCCESSWITHWARNING " )
{
$_SESSION [ 'payer_id' ] = $resArray [ 'PAYERID' ];
}
return $resArray ;
}
2011-05-04 17:19:48 +02:00
2011-10-03 18:10:50 +02:00
/**
* Validate payment
*
2012-01-22 20:33:45 +01:00
* @ param string $token Token
* @ param string $paymentType Type
* @ param string $currencyCodeType Currency
* @ param string $payerID Payer ID
* @ param string $ipaddress IP Address
* @ param string $FinalPaymentAmt Amount
2017-05-13 15:19:35 +02:00
* @ param string $tag Full tag
2011-10-03 18:10:50 +02:00
* @ return void
2010-11-21 14:48:42 +01:00
*/
2012-01-22 20:33:45 +01:00
function confirmPayment ( $token , $paymentType , $currencyCodeType , $payerID , $ipaddress , $FinalPaymentAmt , $tag )
2010-11-21 14:48:42 +01:00
{
/* Gather the information to make the final call to
finalize the PayPal payment . The variable nvpstr
holds the name value pairs
*/
//declaring of global variables
global $conf , $langs ;
global $API_Endpoint , $API_Url , $API_version , $USE_PROXY , $PROXY_HOST , $PROXY_PORT ;
global $PAYPAL_API_USER , $PAYPAL_API_PASSWORD , $PAYPAL_API_SIGNATURE ;
2011-11-30 18:48:04 +01:00
$nvpstr = '' ;
$nvpstr .= '&TOKEN=' . urlencode ( $token );
$nvpstr .= '&PAYERID=' . urlencode ( $payerID );
$nvpstr .= '&PAYMENTACTION=' . urlencode ( $paymentType );
$nvpstr .= '&AMT=' . urlencode ( $FinalPaymentAmt );
$nvpstr .= '&CURRENCYCODE=' . urlencode ( $currencyCodeType );
$nvpstr .= '&IPADDRESS=' . urlencode ( $ipaddress );
2010-11-21 14:48:42 +01:00
$nvpstr .= '&INVNUM=' . urlencode ( $tag );
/* Make the call to PayPal to finalize payment
If an error occured , show the resulting errors
*/
$resArray = hash_call ( " DoExpressCheckoutPayment " , $nvpstr );
/* Display the API response back to the browser .
If the response from PayPal was a success , display the response parameters '
If the response was an error , display the errors received using APIError . php .
*/
$ack = strtoupper ( $resArray [ " ACK " ]);
return $resArray ;
}
2011-10-03 18:10:50 +02:00
/**
* This function makes a DoDirectPayment API call
*
* paymentType : paymentType has to be one of the following values : Sale or Order or Authorization
* paymentAmount : total value of the shopping cart
* currencyCode : currency code value the PayPal API
* firstName : first name as it appears on credit card
* lastName : last name as it appears on credit card
* street : buyer ' s street address line as it appears on credit card
* city : buyer ' s city
* state : buyer ' s state
* countryCode : buyer ' s country code
* zip : buyer ' s zip
* creditCardType : buyer ' s credit card type ( i . e . Visa , MasterCard ... )
* creditCardNumber : buyers credit card number without any spaces , dashes or any other characters
* expDate : credit card expiration date
* cvv2 : Card Verification Value
* @ return array The NVP Collection object of the DoDirectPayment Call Response .
2010-11-21 14:48:42 +01:00
*/
2011-11-30 18:48:04 +01:00
/*
2011-10-03 18:10:50 +02:00
function DirectPayment ( $paymentType , $paymentAmount , $creditCardType , $creditCardNumber , $expDate , $cvv2 , $firstName , $lastName , $street , $city , $state , $zip , $countryCode , $currencyCode , $tag )
2010-11-21 14:48:42 +01:00
{
//declaring of global variables
global $conf , $langs ;
global $API_Endpoint , $API_Url , $API_version , $USE_PROXY , $PROXY_HOST , $PROXY_PORT ;
global $PAYPAL_API_USER , $PAYPAL_API_PASSWORD , $PAYPAL_API_SIGNATURE ;
//Construct the parameter string that describes DoDirectPayment
2011-11-30 18:48:04 +01:00
$nvpstr = '' ;
$nvpstr = $nvpstr . " &AMT= " . urlencode ( $paymentAmount ); // deprecated by paypal
2010-11-21 14:48:42 +01:00
$nvpstr = $nvpstr . " &CURRENCYCODE= " . urlencode ( $currencyCode );
2011-11-30 18:48:04 +01:00
$nvpstr = $nvpstr . " &PAYMENTACTION= " . urlencode ( $paymentType ); // deprecated by paypal
2010-11-21 14:48:42 +01:00
$nvpstr = $nvpstr . " &CREDITCARDTYPE= " . urlencode ( $creditCardType );
$nvpstr = $nvpstr . " &ACCT= " . urlencode ( $creditCardNumber );
$nvpstr = $nvpstr . " &EXPDATE= " . urlencode ( $expDate );
$nvpstr = $nvpstr . " &CVV2= " . urlencode ( $cvv2 );
$nvpstr = $nvpstr . " &FIRSTNAME= " . urlencode ( $firstName );
$nvpstr = $nvpstr . " &LASTNAME= " . urlencode ( $lastName );
$nvpstr = $nvpstr . " &STREET= " . urlencode ( $street );
$nvpstr = $nvpstr . " &CITY= " . urlencode ( $city );
$nvpstr = $nvpstr . " &STATE= " . urlencode ( $state );
$nvpstr = $nvpstr . " &COUNTRYCODE= " . urlencode ( $countryCode );
$nvpstr = $nvpstr . " &IPADDRESS= " . $_SERVER [ 'REMOTE_ADDR' ];
$nvpstr = $nvpstr . " &INVNUM= " . urlencode ( $tag );
$resArray = hash_call ( " DoDirectPayment " , $nvpstr );
return $resArray ;
}
2011-11-30 18:48:04 +01:00
*/
2010-11-21 14:48:42 +01:00
/**
* hash_call : Function to perform the API call to PayPal using API signature
2011-10-03 18:10:50 +02:00
*
* @ param string $methodName is name of API method .
* @ param string $nvpStr is nvp string .
* @ return array returns an associtive array containing the response from the server .
2010-11-21 14:48:42 +01:00
*/
function hash_call ( $methodName , $nvpStr )
{
//declaring of global variables
global $conf , $langs ;
2011-04-03 01:04:13 +02:00
global $API_Endpoint , $API_Url , $API_version , $USE_PROXY , $PROXY_HOST , $PROXY_PORT , $PROXY_USER , $PROXY_PASS ;
2010-11-21 14:48:42 +01:00
global $PAYPAL_API_USER , $PAYPAL_API_PASSWORD , $PAYPAL_API_SIGNATURE ;
2011-07-13 18:55:25 +02:00
2011-05-26 14:36:56 +02:00
// TODO problem with triggers
2018-03-06 00:12:23 +01:00
$API_version = " 98.0 " ;
2017-10-28 16:32:19 +02:00
if ( ! empty ( $conf -> global -> PAYPAL_API_SANDBOX ) || GETPOST ( 'forcesandbox' , 'alpha' )) // We can force sand box with param 'forcesandbox'
2011-05-26 14:36:56 +02:00
{
$API_Endpoint = " https://api-3t.sandbox.paypal.com/nvp " ;
$API_Url = " https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token= " ;
}
else
{
$API_Endpoint = " https://api-3t.paypal.com/nvp " ;
$API_Url = " https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token= " ;
}
2011-07-13 18:55:25 +02:00
2011-05-26 14:36:56 +02:00
// Clean parameters
$PAYPAL_API_USER = " " ;
2012-09-15 10:01:35 +02:00
if ( ! empty ( $conf -> global -> PAYPAL_API_USER )) $PAYPAL_API_USER = $conf -> global -> PAYPAL_API_USER ;
2011-05-26 14:36:56 +02:00
$PAYPAL_API_PASSWORD = " " ;
2012-09-15 10:01:35 +02:00
if ( ! empty ( $conf -> global -> PAYPAL_API_PASSWORD )) $PAYPAL_API_PASSWORD = $conf -> global -> PAYPAL_API_PASSWORD ;
2011-05-26 14:36:56 +02:00
$PAYPAL_API_SIGNATURE = " " ;
2012-09-15 10:01:35 +02:00
if ( ! empty ( $conf -> global -> PAYPAL_API_SIGNATURE )) $PAYPAL_API_SIGNATURE = $conf -> global -> PAYPAL_API_SIGNATURE ;
2011-05-26 14:36:56 +02:00
$PAYPAL_API_SANDBOX = " " ;
2012-09-15 10:01:35 +02:00
if ( ! empty ( $conf -> global -> PAYPAL_API_SANDBOX )) $PAYPAL_API_SANDBOX = $conf -> global -> PAYPAL_API_SANDBOX ;
2011-05-26 14:36:56 +02:00
// TODO END problem with triggers
2011-07-13 18:55:25 +02:00
2010-11-21 14:48:42 +01:00
dol_syslog ( " Paypal API endpoint " . $API_Endpoint );
//setting the curl parameters.
$ch = curl_init ();
/* print $API_Endpoint . " - " . $API_version . " - " . $PAYPAL_API_USER . " - " . $PAYPAL_API_PASSWORD . " - " . $PAYPAL_API_SIGNATURE . " <br> " ;
2011-04-03 01:04:13 +02:00
print $USE_PROXY . " - " . $gv_ApiErrorURL . " <br> " ;
2010-11-21 14:48:42 +01:00
print $nvpStr ;
exit ; */
2011-04-03 01:04:13 +02:00
curl_setopt ( $ch , CURLOPT_URL , $API_Endpoint );
2010-11-21 14:48:42 +01:00
curl_setopt ( $ch , CURLOPT_VERBOSE , 1 );
2015-12-10 16:28:22 +01:00
// TLSv1 by default or change to TLSv1.2 in module configuration
curl_setopt ( $ch , CURLOPT_SSLVERSION , ( empty ( $conf -> global -> PAYPAL_SSLVERSION ) ? 1 : $conf -> global -> PAYPAL_SSLVERSION ));
2010-11-21 14:48:42 +01:00
//turning off the server and peer verification(TrustManager Concept).
2018-04-16 13:51:16 +02:00
curl_setopt ( $ch , CURLOPT_SSL_VERIFYPEER , false );
curl_setopt ( $ch , CURLOPT_SSL_VERIFYHOST , false );
2010-11-21 14:48:42 +01:00
2013-06-07 20:09:15 +02:00
curl_setopt ( $ch , CURLOPT_CONNECTTIMEOUT , empty ( $conf -> global -> MAIN_USE_CONNECT_TIMEOUT ) ? 5 : $conf -> global -> MAIN_USE_CONNECT_TIMEOUT );
curl_setopt ( $ch , CURLOPT_TIMEOUT , empty ( $conf -> global -> MAIN_USE_RESPONSE_TIMEOUT ) ? 30 : $conf -> global -> MAIN_USE_RESPONSE_TIMEOUT );
2013-12-07 03:23:14 +01:00
2010-11-21 14:48:42 +01:00
curl_setopt ( $ch , CURLOPT_RETURNTRANSFER , 1 );
curl_setopt ( $ch , CURLOPT_POST , 1 );
2018-04-16 13:51:16 +02:00
//if USE_PROXY constant set to true in Constants.php, then only proxy will be enabled.
2011-04-03 01:04:13 +02:00
if ( $USE_PROXY )
{
dol_syslog ( " Paypal API hash_call set proxy to " . $PROXY_HOST . " : " . $PROXY_PORT . " - " . $PROXY_USER . " : " . $PROXY_PASS );
//curl_setopt ($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); // Curl 7.10
2011-10-03 18:10:50 +02:00
curl_setopt ( $ch , CURLOPT_PROXY , $PROXY_HOST . " : " . $PROXY_PORT );
if ( $PROXY_USER ) curl_setopt ( $ch , CURLOPT_PROXYUSERPWD , $PROXY_USER . " : " . $PROXY_PASS );
2011-04-03 01:04:13 +02:00
}
2010-11-21 14:48:42 +01:00
//NVPRequest for submitting to server
2011-04-03 01:04:13 +02:00
$nvpreq = " METHOD= " . urlencode ( $methodName ) . " &VERSION= " . urlencode ( $API_version ) . " &PWD= " . urlencode ( $PAYPAL_API_PASSWORD ) . " &USER= " . urlencode ( $PAYPAL_API_USER ) . " &SIGNATURE= " . urlencode ( $PAYPAL_API_SIGNATURE ) . $nvpStr ;
2011-11-30 18:48:04 +01:00
$nvpreq .= " &LOCALECODE= " . strtoupper ( $langs -> getDefaultLang ( 1 ));
2010-11-21 14:48:42 +01:00
//$nvpreq.="&BRANDNAME=".urlencode(); // Override merchant name
//$nvpreq.="&NOTIFYURL=".urlencode(); // For Instant Payment Notification url
2011-04-03 01:04:13 +02:00
dol_syslog ( " Paypal API hash_call nvpreq= " . $nvpreq );
2010-11-21 14:48:42 +01:00
//setting the nvpreq as POST FIELD to curl
curl_setopt ( $ch , CURLOPT_POSTFIELDS , $nvpreq );
//getting response from server
$response = curl_exec ( $ch );
$nvpReqArray = deformatNVP ( $nvpreq );
$_SESSION [ 'nvpReqArray' ] = $nvpReqArray ;
//convrting NVPResponse to an Associative Array
2011-04-03 01:04:13 +02:00
dol_syslog ( " Paypal API hash_call Response nvpresp= " . $response );
2010-11-21 14:48:42 +01:00
$nvpResArray = deformatNVP ( $response );
if ( curl_errno ( $ch ))
{
// moving to display page to display curl errors
2011-09-20 15:32:16 +02:00
$_SESSION [ 'curl_error_no' ] = curl_errno ( $ch );
2010-11-21 14:48:42 +01:00
$_SESSION [ 'curl_error_msg' ] = curl_error ( $ch );
//Execute the Error handling module to display errors.
}
else
{
//closing the curl
curl_close ( $ch );
}
return $nvpResArray ;
}
2011-11-30 18:48:04 +01:00
2011-10-03 18:10:50 +02:00
/**
2010-11-21 14:48:42 +01:00
* This function will take NVPString and convert it to an Associative Array and it will decode the response .
* It is usefull to search for a particular key and displaying arrays .
2011-10-03 18:10:50 +02:00
*
* @ param string $nvpstr NVPString
* @ return array nvpArray = Associative Array
2010-11-21 14:48:42 +01:00
*/
function deformatNVP ( $nvpstr )
{
$intial = 0 ;
$nvpArray = array ();
while ( strlen ( $nvpstr ))
{
//postion of Key
$keypos = strpos ( $nvpstr , '=' );
//position of value
$valuepos = strpos ( $nvpstr , '&' ) ? strpos ( $nvpstr , '&' ) : strlen ( $nvpstr );
/*getting the Key and Value values and storing in a Associative Array*/
$keyval = substr ( $nvpstr , $intial , $keypos );
$valval = substr ( $nvpstr , $keypos + 1 , $valuepos - $keypos - 1 );
//decoding the respose
2011-09-20 11:40:27 +02:00
$nvpArray [ urldecode ( $keyval )] = urldecode ( $valval );
2010-11-21 14:48:42 +01:00
$nvpstr = substr ( $nvpstr , $valuepos + 1 , strlen ( $nvpstr ));
}
return $nvpArray ;
}
2012-07-02 19:30:37 +02:00
/**
2012-03-19 17:18:11 +01:00
* Get API errors
*
2012-07-02 19:30:37 +02:00
* @ return array Array of errors
*/
function getApiError ()
{
$errors = array ();
$resArray = $_SESSION [ 'reshash' ];
if ( isset ( $_SESSION [ 'curl_error_no' ]))
{
$errors [] = $_SESSION [ 'curl_error_no' ] . '-' . $_SESSION [ 'curl_error_msg' ];
}
foreach ( $resArray as $key => $value )
{
$errors [] = $key . '-' . $value ;
}
return $errors ;
2012-03-12 17:13:54 +01:00
}
