diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 6f3680c10c1..162a4503ee2 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -2910,11 +2910,11 @@ class Form /** - * \brief Return an html string with a select combo box to choose yes or no - * \param name Name of html select field - * \param value Pre-selected value - * \param option 0 return yes/no, 1 return 1/0 - * \return int or string See option + * Return an html string with a select combo box to choose yes or no + * @param name Name of html select field + * @param value Pre-selected value + * @param option 0 return yes/no, 1 return 1/0 + * @return int or string See option */ function selectyesno($htmlname,$value='',$option=0) { diff --git a/htdocs/core/class/translate.class.php b/htdocs/core/class/translate.class.php index 19cbcfb6f20..7c153bf08e0 100644 --- a/htdocs/core/class/translate.class.php +++ b/htdocs/core/class/translate.class.php @@ -113,13 +113,15 @@ class Translate { /** - * \brief Return active language code for current user - * \remarks Accessor for this->defaultlang - * \return string Language code used (en_US, en_AU, fr_FR, ...) + * Return active language code for current user + * It's an accessor for this->defaultlang + * @param mode 0=Long language code, 1=Short language code + * @return string Language code used (en_US, en_AU, fr_FR, ...) */ - function getDefaultLang() + function getDefaultLang($mode=0) { - return $this->defaultlang; + if (empty($mode)) return $this->defaultlang; + else return substr($this->defaultlang,0,2); } diff --git a/htdocs/includes/modules/modPaypal.class.php b/htdocs/includes/modules/modPaypal.class.php index 5e0acb9781a..5c07ed5014e 100644 --- a/htdocs/includes/modules/modPaypal.class.php +++ b/htdocs/includes/modules/modPaypal.class.php @@ -57,7 +57,7 @@ class modPaypal extends DolibarrModules // Module description, used if translation string 'ModuleXXXDesc' not found (where XXX is value of numeric property 'numero' of module) $this->description = "Module to offer an online payment page by credit card with PayPal"; // Possible values for version are: 'development', 'experimental', 'dolibarr' or version - $this->version = 'development'; + $this->version = 'dolibarr'; // Key used in llx_const table to save module status enabled/disabled (where MYMODULE is value of property name of module in uppercase) $this->const_name = 'MAIN_MODULE_'.strtoupper($this->name); // Where to store the module in setup page (0=common,1=interface,2=other) diff --git a/htdocs/langs/en_US/paybox.lang b/htdocs/langs/en_US/paybox.lang index 556e713c9de..211dce8df1e 100644 --- a/htdocs/langs/en_US/paybox.lang +++ b/htdocs/langs/en_US/paybox.lang @@ -30,4 +30,5 @@ InformationToFindParameters=Help to find your %s account information PAYBOX_CGI_URL_V2=Url of Paybox CGI module for payment VendorName=Name of vendor CSSUrlForPaymentForm=CSS style sheet url for payment form - +MessageOK=Message on validated payment return page +MessageKO=Message on canceled payment return page diff --git a/htdocs/langs/en_US/paypal.lang b/htdocs/langs/en_US/paypal.lang index 8e20415bb38..5adf942e205 100644 --- a/htdocs/langs/en_US/paypal.lang +++ b/htdocs/langs/en_US/paypal.lang @@ -11,3 +11,4 @@ PAYPAL_API_PASSWORD=API password PAYPAL_API_SIGNATURE=API signature PAYPAL_API_INTEGRAL_OR_PAYPALONLY=Offer payment "integral" (Credit card+Paypal) or "Paypal" only PAYPAL_CSS_URL=Optionnal Url of CSS style sheet on payment page +ThisIsTransactionId=This is id of transaction: %s \ No newline at end of file diff --git a/htdocs/langs/fr_FR/paybox.lang b/htdocs/langs/fr_FR/paybox.lang index 32435fc41b0..04a55508dfd 100644 --- a/htdocs/langs/fr_FR/paybox.lang +++ b/htdocs/langs/fr_FR/paybox.lang @@ -30,3 +30,5 @@ InformationToFindParameters=Informations pour trouver vos paramètres de compte PAYBOX_CGI_URL_V2=Url du module CGI Paybox de paiement VendorName=Nom du vendeur CSSUrlForPaymentForm=Url feuille style css pour le formulaire de paiement +MessageOK=Message sur page de retour de paiement validé +MessageKO=Message sur page de retour de paiement annulé \ No newline at end of file diff --git a/htdocs/langs/fr_FR/paypal.lang b/htdocs/langs/fr_FR/paypal.lang index 75ea7640c83..894deac480f 100644 --- a/htdocs/langs/fr_FR/paypal.lang +++ b/htdocs/langs/fr_FR/paypal.lang @@ -11,3 +11,4 @@ PAYPAL_API_PASSWORD=Mot de passe utilisateur API PAYPAL_API_SIGNATURE=Signature API PAYPAL_API_INTEGRAL_OR_PAYPALONLY=Proposer le paiement intégral (Carte+Paypal) ou Paypal seul PAYPAL_CSS_URL=Url optionnelle de la feuille de style CSS de la page de paiement +ThisIsTransactionId=Voici l'identifiant de la transaction: %s \ No newline at end of file diff --git a/htdocs/paybox/admin/paybox.php b/htdocs/paybox/admin/paybox.php index 3227e8ea377..5aed431b249 100644 --- a/htdocs/paybox/admin/paybox.php +++ b/htdocs/paybox/admin/paybox.php @@ -25,6 +25,7 @@ require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/lib/admin.lib.php"); +require_once(DOL_DOCUMENT_ROOT."/lib/doleditor.class.php"); $servicename='PayBox'; @@ -48,6 +49,9 @@ if ($_POST["action"] == 'setvalue' && $user->admin) $result=dolibarr_set_const($db, "PAYBOX_CREDITOR",$_POST["PAYBOX_CREDITOR"],'chaine',0,'',$conf->entity); $result=dolibarr_set_const($db, "PAYBOX_CSS_URL",$_POST["PAYBOX_CSS_URL"],'chaine',0,'',$conf->entity); + $result=dolibarr_set_const($db, "PAYBOX_MESSAGE_OK",$_POST["PAYBOX_MESSAGE_OK"],'chaine',0,'',$conf->entity); + $result=dolibarr_set_const($db, "PAYBOX_MESSAGE_KO",$_POST["PAYBOX_MESSAGE_KO"],'chaine',0,'',$conf->entity); + if ($result >= 0) { $mesg='
'.$langs->trans("SetupSaved").'
'; @@ -159,6 +163,19 @@ print ''; +$var=!$var; +print ''; +print $langs->trans("MessageOK").''; +$doleditor=new DolEditor('PAYBOX_MESSAGE_OK',$conf->global->PAYBOX_MESSAGE_OK,60,'Basic','In',false,true,true,ROWS_2,60); +$doleditor->Create(); +print ''; + +$var=!$var; +print ''; +print $langs->trans("MessageKO").''; +$doleditor=new DolEditor('PAYBOX_MESSAGE_KO',$conf->global->PAYBOX_MESSAGE_KO,60,'Basic','In',false,true,true,ROWS_2,60); +$doleditor->Create(); +print ''; print '
'; print ''; @@ -168,36 +185,32 @@ print '

'; print ''.$langs->trans("FollowingUrlAreAvailableToMakePayments").':
'; // Should work with DOL_URL_ROOT='' or DOL_URL_ROOT='/dolibarr' $urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',$dolibarr_main_url_root); -print '
'; print img_picto('','object_globe.png').' '.$langs->trans("ToOfferALinkForOnlinePaymentOnFreeAmount",$servicename).':
'; print ''.$urlwithouturlroot.DOL_URL_ROOT.'/public/paybox/newpayment.php?amount=9.99&tag=your_free_tag'."
\n"; -print '
'; if ($conf->commande->enabled) { print img_picto('','object_globe.png').' '.$langs->trans("ToOfferALinkForOnlinePaymentOnOrder",$servicename).':
'; print ''.$urlwithouturlroot.DOL_URL_ROOT.'/public/paybox/newpayment.php?source=order&ref=order_ref'."
\n"; - print '
'; } if ($conf->facture->enabled) { print img_picto('','object_globe.png').' '.$langs->trans("ToOfferALinkForOnlinePaymentOnInvoice",$servicename).':
'; print ''.$urlwithouturlroot.DOL_URL_ROOT.'/public/paybox/newpayment.php?source=invoice&ref=invoice_ref'."
\n"; // print $langs->trans("SetupPayBoxToHavePaymentCreatedAutomatically",$langs->transnoentitiesnoconv("FeatureNotYetAvailable"))."
\n"; - print '
'; } if ($conf->contrat->enabled) { print img_picto('','object_globe.png').' '.$langs->trans("ToOfferALinkForOnlinePaymentOnContractLine",$servicename).':
'; print ''.$urlwithouturlroot.DOL_URL_ROOT.'/public/paybox/newpayment.php?source=contractline&ref=contractline_ref'."
\n"; - print '
'; } if ($conf->adherent->enabled) { print img_picto('','object_globe.png').' '.$langs->trans("ToOfferALinkForOnlinePaymentOnMemberSubscription",$servicename).':
'; print ''.$urlwithouturlroot.DOL_URL_ROOT.'/public/paybox/newpayment.php?source=membersubscription&ref=member_ref'."
\n"; - print '
'; } -print $langs->trans("YouCanAddTagOnUrl"); + +print "
"; +print info_admin($langs->trans("YouCanAddTagOnUrl")); $db->close(); diff --git a/htdocs/paypal/admin/paypal.php b/htdocs/paypal/admin/paypal.php index b9bd6f2a1d8..c0c64b04c34 100644 --- a/htdocs/paypal/admin/paypal.php +++ b/htdocs/paypal/admin/paypal.php @@ -25,6 +25,7 @@ require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/lib/admin.lib.php"); +require_once(DOL_DOCUMENT_ROOT."/lib/doleditor.class.php"); $servicename='PayPal'; @@ -47,6 +48,8 @@ if ($_POST["action"] == 'setvalue' && $user->admin) $result=dolibarr_set_const($db, "PAYPAL_CREDITOR",$_POST["PAYPAL_CREDITOR"],'chaine',0,'',$conf->entity); $result=dolibarr_set_const($db, "PAYPAL_API_INTEGRAL_OR_PAYPALONLY",$_POST["PAYPAL_API_INTEGRAL_OR_PAYPALONLY"],'chaine',0,'',$conf->entity); $result=dolibarr_set_const($db, "PAYPAL_CSS_URL",$_POST["PAYPAL_CSS_URL"],'chaine',0,'',$conf->entity); + $result=dolibarr_set_const($db, "PAYPAL_MESSAGE_OK",$_POST["PAYPAL_MESSAGE_OK"],'chaine',0,'',$conf->entity); + $result=dolibarr_set_const($db, "PAYPAL_MESSAGE_KO",$_POST["PAYPAL_MESSAGE_KO"],'chaine',0,'',$conf->entity); if ($result >= 0) { @@ -105,7 +108,7 @@ print "\n"; $var=!$var; print ''; print $langs->trans("PAYPAL_API_SANDBOX").''; -print $form->selectyesno("PAYPAL_API_SANDBOX",$conf->global->PAYPAL_API_SANDBOX); +print $form->selectyesno("PAYPAL_API_SANDBOX",$conf->global->PAYPAL_API_SANDBOX,1); print ''; $var=!$var; @@ -161,6 +164,19 @@ print ''; +$var=!$var; +print ''; +print $langs->trans("MessageOK").''; +$doleditor=new DolEditor('PAYPAL_MESSAGE_OK',$conf->global->PAYPAL_MESSAGE_OK,60,'Basic','In',false,true,true,ROWS_2,60); +$doleditor->Create(); +print ''; + +$var=!$var; +print ''; +print $langs->trans("MessageKO").''; +$doleditor=new DolEditor('PAYPAL_MESSAGE_KO',$conf->global->PAYPAL_MESSAGE_KO,60,'Basic','In',false,true,true,ROWS_2,60); +$doleditor->Create(); +print ''; print '
'; print ''; @@ -188,42 +204,38 @@ print 'Your API authentication information can be found with following steps. We print ''; -print '


'; +print '

'; // Url list print ''.$langs->trans("FollowingUrlAreAvailableToMakePayments").':
'; // Should work with DOL_URL_ROOT='' or DOL_URL_ROOT='/dolibarr' $urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',$dolibarr_main_url_root); -print '
'; print img_picto('','object_globe.png').' '.$langs->trans("ToOfferALinkForOnlinePaymentOnFreeAmount",$servicename).':
'; print ''.$urlwithouturlroot.DOL_URL_ROOT.'/public/paypal/newpayment.php?amount=9.99&tag=your_free_tag'."
\n"; -print '
'; if ($conf->commande->enabled) { print img_picto('','object_globe.png').' '.$langs->trans("ToOfferALinkForOnlinePaymentOnOrder",$servicename).':
'; print ''.$urlwithouturlroot.DOL_URL_ROOT.'/public/paypal/newpayment.php?source=order&ref=order_ref'."
\n"; - print '
'; } if ($conf->facture->enabled) { print img_picto('','object_globe.png').' '.$langs->trans("ToOfferALinkForOnlinePaymentOnInvoice",$servicename).':
'; print ''.$urlwithouturlroot.DOL_URL_ROOT.'/public/paypal/newpayment.php?source=invoice&ref=invoice_ref'."
\n"; // print $langs->trans("SetupPaypalToHavePaymentCreatedAutomatically",$langs->transnoentitiesnoconv("FeatureNotYetAvailable"))."
\n"; - print '
'; } if ($conf->contrat->enabled) { print img_picto('','object_globe.png').' '.$langs->trans("ToOfferALinkForOnlinePaymentOnContractLine",$servicename).':
'; print ''.$urlwithouturlroot.DOL_URL_ROOT.'/public/paypal/newpayment.php?source=contractline&ref=contractline_ref'."
\n"; - print '
'; } if ($conf->adherent->enabled) { print img_picto('','object_globe.png').' '.$langs->trans("ToOfferALinkForOnlinePaymentOnMemberSubscription",$servicename).':
'; print ''.$urlwithouturlroot.DOL_URL_ROOT.'/public/paypal/newpayment.php?source=membersubscription&ref=member_ref'."
\n"; - print '
'; } -print $langs->trans("YouCanAddTagOnUrl"); + +print "
"; +print info_admin($langs->trans("YouCanAddTagOnUrl")); $db->close(); diff --git a/htdocs/paypal/lib/paypalfunctions.php b/htdocs/paypal/lib/paypalfunctions.lib.php similarity index 60% rename from htdocs/paypal/lib/paypalfunctions.php rename to htdocs/paypal/lib/paypalfunctions.lib.php index d07287c5ff5..399bcaeca08 100755 --- a/htdocs/paypal/lib/paypalfunctions.php +++ b/htdocs/paypal/lib/paypalfunctions.lib.php @@ -16,109 +16,134 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ -/** \file htdocs/paypal/lib/paypalfunctions.php +/** \file htdocs/paypal/lib/paypalfunctions.lib.php * \ingroup paypal - * \brief Page with Paypal functions. Downloaded from Paypal. + * \brief Page with Paypal functions. + * Must be included where global variables are set: + * $PAYPAL_API_SANDBOX + * $PAYPAL_API_USER + * $PAYPAL_API_PASSWORD + * $PAYPAL_API_SIGNATURE + * $PAYPAL_AMT + * $PAYPAL_API_DEVISE + * $PAYPAL_API_OK + * $PAYPAL_API_KO * \version $Id$ */ -/******************************************** - PayPal API Module +if (session_id() == "") session_start(); - Defines all the global variables and the wrapper functions - ********************************************/ -$PROXY_HOST = '127.0.0.1'; -$PROXY_PORT = '808'; -$SandboxFlag = ($PAYPAL_API_SANDBOX?true:false); - -//'------------------------------------ -//' PayPal API Credentials -//' Replace with your API Username -//' Replace with your API Password -//' Replace with your Signature -//'------------------------------------ -$API_UserName=$PAYPAL_API_USER; -$API_Password=$PAYPAL_API_PASSWORD; -$API_Signature=$PAYPAL_API_SIGNATURE; - -// BN Code is only applicable for partners -$sBNCode = "PP-ECWizard"; +// ================================== +// PayPal Express Checkout Module +// ================================== +$API_version="56"; /* ' Define the PayPal Redirect URLs. - ' This is the URL that the buyer is first sent to do authorize payment with their paypal account - ' change the URL depending if you are testing on the sandbox or the live PayPal site + ' This is the URL that the buyer is first sent to do authorize payment with their paypal account + ' change the URL depending if you are testing on the sandbox or the live PayPal site ' ' For the sandbox, the URL is https://www.sandbox.paypal.com/webscr&cmd=_express-checkout&token= ' For the live site, the URL is https://www.paypal.com/webscr&cmd=_express-checkout&token= */ - -if ($SandboxFlag == true) +if ($conf->global->PAYPAL_API_SANDBOX) { $API_Endpoint = "https://api-3t.sandbox.paypal.com/nvp"; - $PAYPAL_URL = "https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token="; + $API_Url = "https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token="; } else { $API_Endpoint = "https://api-3t.paypal.com/nvp"; - $PAYPAL_URL = "https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token="; + $API_Url = "https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token="; } +// Proxy +$PROXY_HOST = '127.0.0.1'; +$PROXY_PORT = '808'; $USE_PROXY = false; -$version="2.3"; -if (session_id() == "") -session_start(); +// BN Code is only applicable for partners +$sBNCode = "PP-ECWizard"; -/* An express checkout transaction starts with a token, that - identifies to PayPal your transaction - In this example, when the script sees a token, the script - knows that the buyer has already authorized payment through - paypal. If no token was found, the action is to send the buyer - to PayPal to first authorize payment + + + +/** + * Send redirect to paypal to browser */ - -/* - '------------------------------------------------------------------------------------------------------------------------------------------- - ' Purpose: Prepares the parameters for the SetExpressCheckout API Call. - ' Inputs: - ' paymentAmount: Total value of the shopping cart - ' currencyCodeType: Currency code value the PayPal API - ' paymentType: paymentType has to be one of the following values: Sale or Order or Authorization - ' returnURL: the page where buyers return to after they are done with the payment review on PayPal - ' cancelURL: the page where buyers return to when they cancel the payment review on PayPal - '-------------------------------------------------------------------------------------------------------------------------------------------- - */ -function CallShortcutExpressCheckout( $paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL) +function RedirectToPaypal($paymentAmount,$currencyCodeType,$paymentType,$returnURL,$cancelURL,$tag) { - //------------------------------------------------------------------------------------------------------------------------------------ - // Construct the parameter string that describes the SetExpressCheckout API call in the shortcut implementation + //declaring of global variables + global $conf, $langs; + global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT; + global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE; + global $sBNCode; - $nvpstr="&Amt=". $paymentAmount; - $nvpstr = $nvpstr . "&PAYMENTACTION=" . $paymentType; - $nvpstr = $nvpstr . "&ReturnUrl=" . $returnURL; - $nvpstr = $nvpstr . "&CANCELURL=" . $cancelURL; - $nvpstr = $nvpstr . "&CURRENCYCODE=" . $currencyCodeType; + global $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum; - $_SESSION["currencyCodeType"] = $currencyCodeType; - $_SESSION["PaymentType"] = $paymentType; + //'------------------------------------ + //' Calls the SetExpressCheckout API call + //' + //'------------------------------------------------- + + if (empty($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY)) $conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY='integral'; + + $solutionType='Sole'; + $landingPage='Billing'; + // For payment with Paypal only + if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'paypalonly') + { + $solutionType='Mark'; + $landingPage='Login'; + } + // For payment with Credit card or Paypal + if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'integral') + { + $solutionType='Sole'; + $landingPage='Billing'; + } + // For payment with Credit card + if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'cconly') + { + $solutionType='Sole'; + $landingPage='Billing'; + } + + dol_syslog("expresscheckout redirect with CallSetExpressCheckout $paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $tag, $landingPage, $solutionType, $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum"); + $resArray = CallSetExpressCheckout ($paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $tag, $solutionType, $landingPage, + $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum); + /* For direct payment with credit card + { + //$resArray = DirectPayment (...); + } + */ - //'--------------------------------------------------------------------------------------------------------------- - //' Make the API call to PayPal - //' If the API call succeded, then redirect the buyer to PayPal to begin to authorize payment. - //' If an error occured, show the resulting errors - //'--------------------------------------------------------------------------------------------------------------- - $resArray=hash_call("SetExpressCheckout", $nvpstr); $ack = strtoupper($resArray["ACK"]); if($ack=="SUCCESS" || $ack=="SUCCESSWITHWARNING") { - $token = urldecode($resArray["TOKEN"]); - $_SESSION['TOKEN']=$token; + $token=$resArray["TOKEN"]; + + // Redirect to paypal.com here + $payPalURL = $API_Url . $token; + header("Location: ".$payPalURL); + } + else + { + //Display a user friendly Error on the page using any of the following error information returned by PayPal + $ErrorCode = urldecode($resArray["L_ERRORCODE0"]); + $ErrorShortMsg = urldecode($resArray["L_SHORTMESSAGE0"]); + $ErrorLongMsg = urldecode($resArray["L_LONGMESSAGE0"]); + $ErrorSeverityCode = urldecode($resArray["L_SEVERITYCODE0"]); + + echo "SetExpressCheckout API call failed. "; + echo "Detailed Error Message: " . $ErrorLongMsg; + echo "Short Error Message: " . $ErrorShortMsg; + echo "Error Code: " . $ErrorCode; + echo "Error Severity Code: " . $ErrorSeverityCode; } - return $resArray; } /* @@ -140,28 +165,36 @@ function CallShortcutExpressCheckout( $paymentAmount, $currencyCodeType, $paymen ' phoneNum: the phoneNum entered on the merchant's site '-------------------------------------------------------------------------------------------------------------------------------------------- */ -function CallMarkExpressCheckout( $paymentAmount, $currencyCodeType, $paymentType, $returnURL, -$cancelURL, $shipToName, $shipToStreet, $shipToCity, $shipToState, -$shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum -) +function CallSetExpressCheckout( $paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $tag, $solutionType, $landingPage, +$shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum) { //------------------------------------------------------------------------------------------------------------------------------------ // Construct the parameter string that describes the SetExpressCheckout API call in the shortcut implementation - $nvpstr="&Amt=". $paymentAmount; - $nvpstr = $nvpstr . "&PAYMENTACTION=" . $paymentType; - $nvpstr = $nvpstr . "&ReturnUrl=" . $returnURL; - $nvpstr = $nvpstr . "&CANCELURL=" . $cancelURL; - $nvpstr = $nvpstr . "&CURRENCYCODE=" . $currencyCodeType; + //declaring of global variables + global $conf, $langs; + global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT; + global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE; + global $sBNCode; + + $nvpstr="&AMT=". urlencode($paymentAmount); + $nvpstr = $nvpstr . "&PAYMENTACTION=" . urlencode($paymentType); + $nvpstr = $nvpstr . "&RETURNURL=" . urlencode($returnURL); + $nvpstr = $nvpstr . "&CANCELURL=" . urlencode($cancelURL); + $nvpstr = $nvpstr . "&CURRENCYCODE=" . urlencode($currencyCodeType); $nvpstr = $nvpstr . "&ADDROVERRIDE=1"; - $nvpstr = $nvpstr . "&SHIPTONAME=" . $shipToName; - $nvpstr = $nvpstr . "&SHIPTOSTREET=" . $shipToStreet; - $nvpstr = $nvpstr . "&SHIPTOSTREET2=" . $shipToStreet2; - $nvpstr = $nvpstr . "&SHIPTOCITY=" . $shipToCity; - $nvpstr = $nvpstr . "&SHIPTOSTATE=" . $shipToState; - $nvpstr = $nvpstr . "&SHIPTOCOUNTRYCODE=" . $shipToCountryCode; - $nvpstr = $nvpstr . "&SHIPTOZIP=" . $shipToZip; - $nvpstr = $nvpstr . "&PHONENUM=" . $phoneNum; + //$nvpstr = $nvpstr . "&ALLOWNOTE=0"; + $nvpstr = $nvpstr . "&SHIPTONAME=" . urlencode($shipToName); + $nvpstr = $nvpstr . "&SHIPTOSTREET=" . urlencode($shipToStreet); + $nvpstr = $nvpstr . "&SHIPTOSTREET2=" . urlencode($shipToStreet2); + $nvpstr = $nvpstr . "&SHIPTOCITY=" . urlencode($shipToCity); + $nvpstr = $nvpstr . "&SHIPTOSTATE=" . urlencode($shipToState); + $nvpstr = $nvpstr . "&SHIPTOCOUNTRYCODE=" . urlencode($shipToCountryCode); + $nvpstr = $nvpstr . "&SHIPTOZIP=" . urlencode($shipToZip); + $nvpstr = $nvpstr . "&PHONENUM=" . urlencode($phoneNum); + $nvpstr = $nvpstr . "&SOLUTIONTYPE=" . urlencode($solutionType); + $nvpstr = $nvpstr . "&LANDINGPAGE=" . urlencode($landingPage); + $_SESSION["currencyCodeType"] = $currencyCodeType; $_SESSION["PaymentType"] = $paymentType; @@ -192,7 +225,7 @@ $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum ' The NVP Collection object of the GetExpressCheckoutDetails Call Response. '------------------------------------------------------------------------------------------- */ -function GetShippingDetails( $token ) +function GetDetails( $token ) { //'-------------------------------------------------------------- //' At this point, the buyer has completed authorizing the payment @@ -203,6 +236,12 @@ function GetShippingDetails( $token ) //' the transaction //'-------------------------------------------------------------- + //declaring of global variables + global $conf, $langs; + global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT; + global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE; + global $sBNCode; + //'--------------------------------------------------------------------------- //' Build a second API request to PayPal, using the token as the //' ID to get the details on the payment authorization @@ -226,32 +265,24 @@ function GetShippingDetails( $token ) /* '------------------------------------------------------------------------------------------------------------------------------------------- - ' Purpose: Prepares the parameters for the GetExpressCheckoutDetails API Call. - ' - ' Inputs: - ' sBNCode: The BN code used by PayPal to track the transactions from a given shopping cart. - ' Returns: - ' The NVP Collection object of the GetExpressCheckoutDetails Call Response. + ' Purpose: Validate payment '-------------------------------------------------------------------------------------------------------------------------------------------- */ -function ConfirmPayment( $FinalPaymentAmt ) +function ConfirmPayment( $token, $paymentType, $currencyCodeType, $payerID, $ipaddress, $FinalPaymentAmt, $tag ) { /* Gather the information to make the final call to finalize the PayPal payment. The variable nvpstr holds the name value pairs */ + //declaring of global variables + global $conf, $langs; + global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT; + global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE; + global $sBNCode; - //Format the other parameters that were stored in the session from the previous calls - $token = urlencode($_SESSION['TOKEN']); - $paymentType = urlencode($_SESSION['PaymentType']); - $currencyCodeType = urlencode($_SESSION['currencyCodeType']); - $payerID = urlencode($_SESSION['payer_id']); - - $serverName = urlencode($_SERVER['SERVER_NAME']); - - $nvpstr = '&TOKEN=' . $token . '&PAYERID=' . $payerID . '&PAYMENTACTION=' . $paymentType . '&AMT=' . $FinalPaymentAmt; - $nvpstr .= '&CURRENCYCODE=' . $currencyCodeType . '&IPADDRESS=' . $serverName; + $nvpstr = '&TOKEN=' . urlencode($token) . '&PAYERID=' . urlencode($payerID) . '&PAYMENTACTION=' . urlencode($paymentType) . '&AMT=' . urlencode($FinalPaymentAmt); + $nvpstr .= '&CURRENCYCODE=' . urlencode($currencyCodeType) . '&IPADDRESS=' . urlencode($ipaddress); /* Make the call to PayPal to finalize payment If an error occured, show the resulting errors @@ -294,11 +325,16 @@ function ConfirmPayment( $FinalPaymentAmt ) '-------------------------------------------------------------------------------------------------------------------------------------------- */ - function DirectPayment( $paymentType, $paymentAmount, $creditCardType, $creditCardNumber, $expDate, $cvv2, $firstName, $lastName, $street, $city, $state, $zip, -$countryCode, $currencyCode ) +$countryCode, $currencyCode, $tag ) { + //declaring of global variables + global $conf, $langs; + global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT; + global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE; + global $sBNCode; + //Construct the parameter string that describes DoDirectPayment $nvpstr = "&AMT=" . $paymentAmount; $nvpstr = $nvpstr . "&CURRENCYCODE=" . $currencyCode; @@ -332,14 +368,17 @@ $countryCode, $currencyCode ) function hash_call($methodName,$nvpStr) { //declaring of global variables - global $API_Endpoint, $version, $API_UserName, $API_Password, $API_Signature; - global $USE_PROXY, $PROXY_HOST, $PROXY_PORT; - global $gv_ApiErrorURL; + global $conf, $langs; + global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT; + global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE; global $sBNCode; + dol_syslog("Paypal API endpoint ".$API_Endpoint); + //setting the curl parameters. $ch = curl_init(); - /*print $API_Endpoint."-".$version."-".$API_UserName."-".$API_Password."-".$API_Signature."
"; + + /*print $API_Endpoint."-".$API_version."-".$PAYPAL_API_USER."-".$PAYPAL_API_PASSWORD."-".$PAYPAL_API_SIGNATURE."
"; print $USE_PROXY."-".$gv_ApiErrorURL."-".$sBNCode."
"; print $nvpStr; exit;*/ @@ -355,11 +394,16 @@ function hash_call($methodName,$nvpStr) //if USE_PROXY constant set to TRUE in Constants.php, then only proxy will be enabled. //Set proxy name to PROXY_HOST and port number to PROXY_PORT in constants.php - if($USE_PROXY) - curl_setopt ($ch, CURLOPT_PROXY, $PROXY_HOST. ":" . $PROXY_PORT); + if($USE_PROXY) curl_setopt ($ch, CURLOPT_PROXY, $PROXY_HOST. ":" . $PROXY_PORT); //NVPRequest for submitting to server - $nvpreq="METHOD=" . urlencode($methodName) . "&VERSION=" . urlencode($version) . "&PWD=" . urlencode($API_Password) . "&USER=" . urlencode($API_UserName) . "&SIGNATURE=" . urlencode($API_Signature) . $nvpStr . "&BUTTONSOURCE=" . urlencode($sBNCode); + $nvpreq="METHOD=" . urlencode($methodName) . "&VERSION=" . urlencode($API_version) . "&PWD=" . urlencode($PAYPAL_API_PASSWORD) . "&USER=" . urlencode($PAYPAL_API_USER) . "&SIGNATURE=" . urlencode($PAYPAL_API_SIGNATURE) . $nvpStr . "&BUTTONSOURCE=" . urlencode($sBNCode); + $nvpreq.="&LOCALE=".strtoupper($langs->getDefaultLang(1)); + //$nvpreq.="&BRANDNAME=".urlencode(); // Override merchant name + //$nvpreq.="&NOTIFYURL=".urlencode(); // For Instant Payment Notification url + + + dol_syslog("Paypal API Request nvpreq=".$nvpreq); //setting the nvpreq as POST FIELD to curl curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq); @@ -367,11 +411,13 @@ function hash_call($methodName,$nvpStr) //getting response from server $response = curl_exec($ch); - //convrting NVPResponse to an Associative Array - $nvpResArray=deformatNVP($response); $nvpReqArray=deformatNVP($nvpreq); $_SESSION['nvpReqArray']=$nvpReqArray; + //convrting NVPResponse to an Associative Array + dol_syslog("Paypal API Response nvpresp=".$response); + $nvpResArray=deformatNVP($response); + if (curl_errno($ch)) { // moving to display page to display curl errors @@ -389,20 +435,6 @@ function hash_call($methodName,$nvpStr) return $nvpResArray; } -/*'---------------------------------------------------------------------------------- - Purpose: Redirects to PayPal.com site. - Inputs: NVP string. - Returns: - ---------------------------------------------------------------------------------- - */ -function RedirectToPayPal ( $token ) -{ - global $PAYPAL_URL; - - // Redirect to paypal.com here - $payPalURL = $PAYPAL_URL . $token; - header("Location: ".$payPalURL); -} /*'---------------------------------------------------------------------------------- diff --git a/htdocs/public/paybox/newpayment.php b/htdocs/public/paybox/newpayment.php index 3633de1fb2f..5a135fe21f4 100644 --- a/htdocs/public/paybox/newpayment.php +++ b/htdocs/public/paybox/newpayment.php @@ -38,12 +38,6 @@ require_once(DOL_DOCUMENT_ROOT."/product/class/product.class.php"); // Security check if (empty($conf->paybox->enabled)) accessforbidden('',1,1,1); -// Creation d'un jeton contre les failles CSRF -$token = md5(uniqid(mt_rand(),TRUE)); // Genere un hash d'un nombre aleatoire -// roulement des jetons car cree a chaque appel -if (isset($_SESSION['newtoken'])) $_SESSION['token'] = $_SESSION['newtoken']; -$_SESSION['newtoken'] = $token; - $langs->load("main"); $langs->load("other"); $langs->load("dict"); @@ -107,12 +101,12 @@ if (!empty($FULLTAG)) */ if ($_REQUEST["action"] == 'dopayment') { - $PAYPAL_API_PRICE=price2num(GETPOST("newamount")); + $PRICE=price2num(GETPOST("newamount"),'MT'); $EMAIL=GETPOST("EMAIL"); $ID=GETPOST("id"); $mesg=''; - if (empty($PRICE)) $mesg=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Amount")); + if (empty($PRICE) || ! is_numeric($PRICE)) $mesg=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Amount")); elseif (empty($EMAIL)) $mesg=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("YourEMail")); elseif (! isValidEMail($EMAIL)) $mesg=$langs->trans("ErrorBadEMail",$EMAIL); elseif (empty($FULLTAG)) $mesg=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("PaymentCode")); @@ -214,7 +208,9 @@ if (empty($_REQUEST["source"])) // Creditor $var=!$var; print ''.$langs->trans("Creditor"); - print ''.$creditor.''."\n"; + print ''.$creditor.''; + print ''; + print ''."\n"; // Amount $var=!$var; @@ -278,7 +274,9 @@ if ($_REQUEST["source"] == 'order') // Creditor $var=!$var; print ''.$langs->trans("Creditor"); - print ''.$creditor.''."\n"; + print ''.$creditor.''; + print ''; + print ''."\n"; // Debitor $var=!$var; @@ -358,7 +356,9 @@ if ($_REQUEST["source"] == 'invoice') // Creditor $var=!$var; print ''.$langs->trans("Creditor"); - print ''.$creditor.''."\n"; + print ''.$creditor.''; + print ''; + print ''."\n"; // Debitor $var=!$var; @@ -484,7 +484,9 @@ if ($_REQUEST["source"] == 'contractline') // Creditor $var=!$var; print ''.$langs->trans("Creditor"); - print ''.$creditor.''."\n"; + print ''.$creditor.''; + print ''; + print ''."\n"; // Debitor $var=!$var; @@ -607,7 +609,9 @@ if ($_REQUEST["source"] == 'membersubscription') // Creditor $var=!$var; print ''.$langs->trans("Creditor"); - print ''.$creditor.''."\n"; + print ''.$creditor.''; + print ''; + print ''."\n"; // Debitor $var=!$var; diff --git a/htdocs/public/paybox/paymentko.php b/htdocs/public/paybox/paymentko.php index e3cd0e025c7..58b678591cf 100644 --- a/htdocs/public/paybox/paymentko.php +++ b/htdocs/public/paybox/paymentko.php @@ -58,17 +58,24 @@ $langs->load("paypal"); * View */ +dol_syslog("Callback url when a PayBox payment was canceled ".$_SERVER["QUERY_STRING"]); + llxHeaderPayBox($langs->trans("PaymentForm")); +// Show message print ''."\n"; +print '
'."\n"; -print $langs->trans("YourPaymentHasNotBeenRecorded"); +print $langs->trans("YourPaymentHasNotBeenRecorded")."
\n"; + +if (! empty($conf->global->PAYBOX_MESSAGE_KO)) print $conf->global->PAYBOX_MESSAGE_KO; + +print "\n
\n"; html_print_paybox_footer($mysoc,$langs); - $db->close(); llxFooterPayBox('$Date$ - $Revision$'); diff --git a/htdocs/public/paybox/paymentok.php b/htdocs/public/paybox/paymentok.php index 922a5b1970f..c55bd3c49c2 100644 --- a/htdocs/public/paybox/paymentok.php +++ b/htdocs/public/paybox/paymentok.php @@ -57,12 +57,20 @@ $langs->load("paypal"); * View */ +dol_syslog("Callback url when a PayBox payment was done ".$_SERVER["QUERY_STRING"]); + llxHeaderPayBox($langs->trans("PaymentForm")); +// Show message print ''."\n"; +print '
'."\n"; -print $langs->trans("YourPaymentHasBeenRecorded"); +print $langs->trans("YourPaymentHasBeenRecorded")."
\n"; + +if (! empty($conf->global->PAYBOX_MESSAGE_OK)) print $conf->global->PAYBOX_MESSAGE_OK; + +print "\n
\n"; html_print_paybox_footer($mysoc,$langs); diff --git a/htdocs/public/paypal/expresscheckout.php b/htdocs/public/paypal/expresscheckout.php deleted file mode 100755 index 86cb887efeb..00000000000 --- a/htdocs/public/paypal/expresscheckout.php +++ /dev/null @@ -1,110 +0,0 @@ - - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - */ - -/** \file htdocs/public/paypal/expresscheckout.php - * \ingroup paypal - * \brief Page with Paypal redirect page. Code provided by Paypal. - * \version $Id$ - */ - -// This file is not called directly but is included into another one -require_once (DOL_DOCUMENT_ROOT."/paypal/lib/paypalfunctions.php"); - -// ================================== -// PayPal Express Checkout Module -// ================================== - - -//'------------------------------------ -//' The paymentAmount is the total value of -//' the shopping cart, that was set -//' earlier in a session variable -//' by the shopping cart page -//'------------------------------------ -$paymentAmount = $_SESSION["Payment_Amount"]; - -//'------------------------------------ -//' The currencyCodeType and paymentType -//' are set to the selections made on the Integration Assistant -//'------------------------------------ -$currencyCodeType = $PAYPAL_API_DEVISE; // "EUR" -$paymentType = "Sale"; - -//'------------------------------------ -//' The returnURL is the location where buyers return to when a -//' payment has been succesfully authorized. -//' -//' This is set to the value entered on the Integration Assistant -//'------------------------------------ -$returnURL = $PAYPAL_API_OK; - -//'------------------------------------ -//' The cancelURL is the location buyers are sent to when they hit the -//' cancel button during authorization of payment during the PayPal flow -//' -//' This is set to the value entered on the Integration Assistant -//'------------------------------------ -$cancelURL = $PAYPAL_API_KO; - -//'------------------------------------ -//' Calls the SetExpressCheckout API call -//' -//'------------------------------------------------- - -if (empty($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY)) $conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY='integral'; - -// For payment with Paypal only -if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'paypalonly') -{ - dol_syslog("expresscheckout redirect with CallShortcutExpressCheckout $paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL"); - $resArray = CallShortcutExpressCheckout ($paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL); -} -// For payment with Credit card or Paypal -if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'integral') -{ - dol_syslog("expresscheckout redirect with CallMarkExpressCheckout $paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum"); - //$resArray = CallMarkExpressCheckout ($paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL); - $resArray = CallMarkExpressCheckout ($paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, - $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum); -} -// For direct payment with credit card -if ($conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY == 'cconly') -{ - //$resArray = DirectPayment (...); -} - -$ack = strtoupper($resArray["ACK"]); -if($ack=="SUCCESS" || $ack=="SUCCESSWITHWARNING") -{ - RedirectToPayPal ( $resArray["TOKEN"] ); -} -else -{ - //Display a user friendly Error on the page using any of the following error information returned by PayPal - $ErrorCode = urldecode($resArray["L_ERRORCODE0"]); - $ErrorShortMsg = urldecode($resArray["L_SHORTMESSAGE0"]); - $ErrorLongMsg = urldecode($resArray["L_LONGMESSAGE0"]); - $ErrorSeverityCode = urldecode($resArray["L_SEVERITYCODE0"]); - - echo "SetExpressCheckout API call failed. "; - echo "Detailed Error Message: " . $ErrorLongMsg; - echo "Short Error Message: " . $ErrorShortMsg; - echo "Error Code: " . $ErrorCode; - echo "Error Severity Code: " . $ErrorSeverityCode; -} -?> \ No newline at end of file diff --git a/htdocs/public/paypal/newpayment.php b/htdocs/public/paypal/newpayment.php index 0e6bd883d13..100c9203d9b 100755 --- a/htdocs/public/paypal/newpayment.php +++ b/htdocs/public/paypal/newpayment.php @@ -31,6 +31,7 @@ define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/paypal/lib/paypal.lib.php"); +require_once(DOL_DOCUMENT_ROOT."/paypal/lib/paypalfunctions.lib.php"); require_once(DOL_DOCUMENT_ROOT."/lib/company.lib.php"); require_once(DOL_DOCUMENT_ROOT."/lib/functions2.lib.php"); require_once(DOL_DOCUMENT_ROOT."/product/class/product.class.php"); @@ -38,12 +39,6 @@ require_once(DOL_DOCUMENT_ROOT."/product/class/product.class.php"); // Security check if (empty($conf->paypal->enabled)) accessforbidden('',1,1,1); -// Creation d'un jeton contre les failles CSRF -$token = md5(uniqid(mt_rand(),TRUE)); // Genere un hash d'un nombre aleatoire -// roulement des jetons car cree a chaque appel -if (isset($_SESSION['newtoken'])) $_SESSION['token'] = $_SESSION['newtoken']; -$_SESSION['newtoken'] = $token; - $langs->load("main"); $langs->load("other"); $langs->load("dict"); @@ -53,6 +48,10 @@ $langs->load("errors"); $langs->load("paybox"); $langs->load("paypal"); +$urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',$dolibarr_main_url_root); +$urlok=$urlwithouturlroot.DOL_URL_ROOT.'/public/paypal/paymentok.php?'; +$urlko=$urlwithouturlroot.DOL_URL_ROOT.'/public/paypal/paymentko.php?'; + // Input are: // type ('invoice','order','contractline'), // id (object id), @@ -84,24 +83,50 @@ if (! GETPOST("action")) } } -$urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',$dolibarr_main_url_root); -$urlok=$urlwithouturlroot.DOL_URL_ROOT.'/public/paypal/paymentok.php?'; -$urlko=$urlwithouturlroot.DOL_URL_ROOT.'/public/paypal/paymentko.php?'; - +// Complete urls $TAG=GETPOST("tag"); $FULLTAG=GETPOST("fulltag"); // fulltag is tag with more informations - if (!empty($TAG)) { - $urlok.='tag='.$TAG.'&'; - $urlko.='tag='.$TAG.'&'; + $urlok.='tag='.urlencode($TAG).'&'; + $urlko.='tag='.urlencode($TAG).'&'; } if (!empty($FULLTAG)) { - $urlok.='fulltag='.$FULLTAG.'&'; - $urlko.='fulltag='.$FULLTAG.'&'; + $urlok.='fulltag='.urlencode($FULLTAG).'&'; + $urlko.='fulltag='.urlencode($FULLTAG).'&'; } +$urlok=preg_replace('/&$/','',$urlok); // Remove last & +$urlko=preg_replace('/&$/','',$urlko); // Remove last & +// Clean parameters +$PAYPAL_API_USER=""; +if ($conf->global->PAYPAL_API_USER) $PAYPAL_API_USER=$conf->global->PAYPAL_API_USER; +$PAYPAL_API_PASSWORD=""; +if ($conf->global->PAYPAL_API_PASSWORD) $PAYPAL_API_PASSWORD=$conf->global->PAYPAL_API_PASSWORD; +$PAYPAL_API_SIGNATURE=""; +if ($conf->global->PAYPAL_API_SIGNATURE) $PAYPAL_API_SIGNATURE=$conf->global->PAYPAL_API_SIGNATURE; +$PAYPAL_API_SANDBOX=""; +if ($conf->global->PAYPAL_API_SANDBOX) $PAYPAL_API_SANDBOX=$conf->global->PAYPAL_API_SANDBOX; +$PAYPAL_API_OK=""; +if ($urlok) $PAYPAL_API_OK=$urlok; +$PAYPAL_API_KO=""; +if ($urlko) $PAYPAL_API_KO=$urlko; +if (empty($PAYPAL_API_USER)) +{ + dol_print_error('',"Paypal setup param PAYPAL_API_USER not defined"); + return -1; +} +if (empty($PAYPAL_API_PASSWORD)) +{ + dol_print_error('',"Paypal setup param PAYPAL_API_PASSWORD not defined"); + return -1; +} +if (empty($PAYPAL_API_SIGNATURE)) +{ + dol_print_error('',"Paypal setup param PAYPAL_API_SIGNATURE not defined"); + return -1; +} /* @@ -109,9 +134,10 @@ if (!empty($FULLTAG)) */ if (GETPOST("action") == 'dopayment') { - $PAYPAL_API_PRICE=price2num(GETPOST("newamount")); + $PAYPAL_API_PRICE=price2num(GETPOST("newamount"),'MT'); $EMAIL=GETPOST("EMAIL"); $ID=GETPOST("id"); + $PAYPAL_PAYMENT_TYPE='Sale'; $shipToName=GETPOST("shipToName"); $shipToStreet=GETPOST("shipToStreet"); @@ -123,7 +149,7 @@ if (GETPOST("action") == 'dopayment') $phoneNum=GETPOST("phoneNum"); $mesg=''; - if (empty($PAYPAL_API_PRICE)) $mesg=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Amount")); + if (empty($PAYPAL_API_PRICE) || ! is_numeric($PAYPAL_API_PRICE)) $mesg=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("Amount")); elseif (empty($EMAIL)) $mesg=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("YourEMail")); elseif (! isValidEMail($EMAIL)) $mesg=$langs->trans("ErrorBadEMail",$EMAIL); elseif (empty($FULLTAG)) $mesg=$langs->trans("ErrorFieldRequired",$langs->transnoentitiesnoconv("PaymentCode")); @@ -133,36 +159,6 @@ if (GETPOST("action") == 'dopayment') { dol_syslog("newpayment.php call paypal api and do redirect", LOG_DEBUG); - // Clean parameters - $PAYPAL_API_USER=""; - if ($conf->global->PAYPAL_API_USER) $PAYPAL_API_USER=$conf->global->PAYPAL_API_USER; - $PAYPAL_API_PASSWORD=""; - if ($conf->global->PAYPAL_API_PASSWORD) $PAYPAL_API_PASSWORD=$conf->global->PAYPAL_API_PASSWORD; - $PAYPAL_API_SIGNATURE=""; - if ($conf->global->PAYPAL_API_SIGNATURE) $PAYPAL_API_SIGNATURE=$conf->global->PAYPAL_API_SIGNATURE; - $PAYPAL_API_SANDBOX=""; - if ($conf->global->PAYPAL_API_SANDBOX) $PAYPAL_API_SANDBOX=$conf->global->PAYPAL_API_SANDBOX; - $PAYPAL_API_OK=""; - if ($urlok) $PAYPAL_API_OK=$urlok; - $PAYPAL_API_KO=""; - if ($urlko) $PAYPAL_API_KO=$urlko; - - if (empty($PAYPAL_API_USER)) - { - dol_print_error('',"Paypal setup param PAYPAL_API_USER not defined"); - return -1; - } - if (empty($PAYPAL_API_PASSWORD)) - { - dol_print_error('',"Paypal setup param PAYPAL_API_PASSWORD not defined"); - return -1; - } - if (empty($PAYPAL_API_SIGNATURE)) - { - dol_print_error('',"Paypal setup param PAYPAL_API_SIGNATURE not defined"); - return -1; - } - // Other $PAYPAL_API_DEVISE="EUR"; if ($CURRENCY == 'EUR') $PAYPAL_API_DEVISE="EUR"; @@ -198,7 +194,7 @@ if (GETPOST("action") == 'dopayment') $_SESSION["Payment_Amount"]=$PAYPAL_API_PRICE; // A redirect is added if API call successfull - require_once(DOL_DOCUMENT_ROOT."/public/paypal/expresscheckout.php"); + RedirectToPaypal($PAYPAL_API_PRICE,$PAYPAL_API_DEVISE,$PAYPAL_PAYMENT_TYPE,$PAYPAL_API_OK,$PAYPAL_API_KO, $FULLTAG); print ''."\n"; print "\n"; @@ -234,7 +230,7 @@ print "\n"; print ''."\n"; print ''."\n"; print ''."\n"; -print ''."\n"; +print ''."\n"; print ''."\n"; print ''."\n"; print "\n"; @@ -295,7 +291,9 @@ if (empty($_REQUEST["source"])) // Creditor $var=!$var; print ''.$langs->trans("Creditor"); - print ''.$creditor.''."\n"; + print ''.$creditor.''; + print ''; + print ''."\n"; // Amount $var=!$var; @@ -362,7 +360,9 @@ if ($_REQUEST["source"] == 'order') // Creditor $var=!$var; print ''.$langs->trans("Creditor"); - print ''.$creditor.''."\n"; + print ''.$creditor.''; + print ''; + print ''."\n"; // Debitor $var=!$var; @@ -467,7 +467,9 @@ if ($_REQUEST["source"] == 'invoice') // Creditor $var=!$var; print ''.$langs->trans("Creditor"); - print ''.$creditor.''."\n"; + print ''.$creditor.''; + print ''; + print ''."\n"; // Debitor $var=!$var; @@ -618,7 +620,9 @@ if ($_REQUEST["source"] == 'contractline') // Creditor $var=!$var; print ''.$langs->trans("Creditor"); - print ''.$creditor.''."\n"; + print ''.$creditor.''; + print ''; + print ''."\n"; // Debitor $var=!$var; @@ -765,7 +769,9 @@ if ($_REQUEST["source"] == 'membersubscription') // Creditor $var=!$var; print ''.$langs->trans("Creditor"); - print ''.$creditor.''."\n"; + print ''.$creditor.''; + print ''; + print ''."\n"; // Debitor $var=!$var; diff --git a/htdocs/public/paypal/paymentko.php b/htdocs/public/paypal/paymentko.php index 514d40be871..42d25d55056 100755 --- a/htdocs/public/paypal/paymentko.php +++ b/htdocs/public/paypal/paymentko.php @@ -32,6 +32,7 @@ define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/paypal/lib/paypal.lib.php"); +require_once(DOL_DOCUMENT_ROOT."/paypal/lib/paypalfunctions.lib.php"); require_once(DOL_DOCUMENT_ROOT."/lib/company.lib.php"); // Security check @@ -57,17 +58,24 @@ $langs->load("paypal"); * View */ +dol_syslog("Callback url when a PayPal payment was canceled ".$_SERVER["QUERY_STRING"]); + llxHeaderPaypal($langs->trans("PaymentForm")); +// Show ko message print ''."\n"; +print '
'."\n"; +print $langs->trans("YourPaymentHasNotBeenRecorded")."
"; -print $langs->trans("YourPaymentHasNotBeenRecorded"); +$PAYPALTOKEN=GETPOST('TOKEN'); +if (empty($PAYPALTOKEN)) $PAYPALTOKEN=GETPOST('token'); +$PAYPALFULLTAG=GETPOST('FULLTAG'); +if (empty($PAYPALFULLTAG)) $PAYPALFULLTAG=GETPOST('fulltag'); + +if (! empty($conf->global->PAYPAL_MESSAGE_KO)) print $conf->global->PAYPAL_MESSAGE_KO; +print "\n
\n"; -//require_once(DOL_DOCUMENT_ROOT."/paypal/lib/paypalfunctions.php"); -//$PAYPALTOKEN=GETPOST('paypaltoken'); -//$resarray=GetShippingDetails($PAYPALTOKEN); -//var_dump($resarray); html_print_paypal_footer($mysoc,$langs); diff --git a/htdocs/public/paypal/paymentok.php b/htdocs/public/paypal/paymentok.php index 16a403636bc..d696b4fb1c0 100755 --- a/htdocs/public/paypal/paymentok.php +++ b/htdocs/public/paypal/paymentok.php @@ -32,6 +32,7 @@ define("NOCSRFCHECK",1); // We accept to go on this page from external web site. require("../../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/paypal/lib/paypal.lib.php"); +require_once(DOL_DOCUMENT_ROOT."/paypal/lib/paypalfunctions.lib.php"); require_once(DOL_DOCUMENT_ROOT."/lib/company.lib.php"); // Security check @@ -45,6 +46,34 @@ $langs->load("companies"); $langs->load("paybox"); $langs->load("paypal"); +// Clean parameters +$PAYPAL_API_USER=""; +if ($conf->global->PAYPAL_API_USER) $PAYPAL_API_USER=$conf->global->PAYPAL_API_USER; +$PAYPAL_API_PASSWORD=""; +if ($conf->global->PAYPAL_API_PASSWORD) $PAYPAL_API_PASSWORD=$conf->global->PAYPAL_API_PASSWORD; +$PAYPAL_API_SIGNATURE=""; +if ($conf->global->PAYPAL_API_SIGNATURE) $PAYPAL_API_SIGNATURE=$conf->global->PAYPAL_API_SIGNATURE; +$PAYPAL_API_SANDBOX=""; +if ($conf->global->PAYPAL_API_SANDBOX) $PAYPAL_API_SANDBOX=$conf->global->PAYPAL_API_SANDBOX; +$PAYPAL_API_OK=""; +if ($urlok) $PAYPAL_API_OK=$urlok; +$PAYPAL_API_KO=""; +if ($urlko) $PAYPAL_API_KO=$urlko; +if (empty($PAYPAL_API_USER)) +{ + dol_print_error('',"Paypal setup param PAYPAL_API_USER not defined"); + return -1; +} +if (empty($PAYPAL_API_PASSWORD)) +{ + dol_print_error('',"Paypal setup param PAYPAL_API_PASSWORD not defined"); + return -1; +} +if (empty($PAYPAL_API_SIGNATURE)) +{ + dol_print_error('',"Paypal setup param PAYPAL_API_SIGNATURE not defined"); + return -1; +} /* @@ -59,17 +88,79 @@ $langs->load("paypal"); * View */ +dol_syslog("Callback url when a PayPal payment was done ".$_SERVER["QUERY_STRING"]); + llxHeaderPaypal($langs->trans("PaymentForm")); print ''."\n"; +print '
'."\n"; -print $langs->trans("YourPaymentHasBeenRecorded"); +$PAYPALTOKEN=GETPOST('TOKEN'); +if (empty($PAYPALTOKEN)) $PAYPALTOKEN=GETPOST('token'); +$PAYPALPAYERID=GETPOST('PAYERID'); +if (empty($PAYPALPAYERID)) $PAYPALPAYERID=GETPOST('PayerID'); +$PAYPALFULLTAG=GETPOST('FULLTAG'); +if (empty($PAYPALFULLTAG)) $PAYPALFULLTAG=GETPOST('fulltag'); -//require_once(DOL_DOCUMENT_ROOT."/paypal/lib/paypalfunctions.php"); -//$PAYPALTOKEN=GETPOST('paypaltoken'); -//$resarray=GetShippingDetails($PAYPALTOKEN); -//var_dump($resarray); +if ($PAYPALTOKEN) +{ + // Get on url call + $token = $PAYPALTOKEN; + $fulltag = $PAYPALFULLTAG; + $payerID = $PAYPALPAYERID; + // Set by newpayment.php + $paymentType = $_SESSION['PaymentType']; + $currencyCodeType = $_SESSION['currencyCodeType']; + $FinalPaymentAmt = $_SESSION["Payment_Amount"]; + // From env + $ipaddress = $_SERVER['REMOTE_ADDR ']; // Payer ip + + + dol_syslog("We call GetExpressCheckoutDetails"); + $resArray=GetDetails($token); + //var_dump($resarray); + + dol_syslog("We call DoExpressCheckoutPayment token=".$token." paymentType=".$paymentType." currencyCodeType=".$currencyCodeType." payerID=".$payerID." ipaddress=".$ipaddress." FinalPaymentAmt=".$FinalPaymentAmt." fulltag=".$fulltag); + $resArray=ConfirmPayment($token, $paymentType, $currencyCodeType, $payerID, $ipaddress, $FinalPaymentAmt, $fulltag); + + $ack = strtoupper($resArray["ACK"]); + if($ack=="SUCCESS" || $ack=="SUCCESSWITHWARNING") + { + // resArray was built from a string like that + // TOKEN=EC%2d1NJ057703V9359028&TIMESTAMP=2010%2d11%2d01T11%3a40%3a13Z&CORRELATIONID=1efa8c6a36bd8&ACK=Success&VERSION=56&BUILD=1553277&TRANSACTIONID=9B994597K9921420R&TRANSACTIONTYPE=expresscheckout&PAYMENTTYPE=instant&ORDERTIME=2010%2d11%2d01T11%3a40%3a12Z&AMT=155%2e57&FEEAMT=5%2e54&TAXAMT=0%2e00&CURRENCYCODE=EUR&PAYMENTSTATUS=Completed&PENDINGREASON=None&REASONCODE=None + $PAYMENTSTATUS=urldecode($resArray["PAYMENTSTATUS"]); // Should contains 'Completed' + $TRANSACTIONID=urldecode($resArray["TRANSACTIONID"]); + + print $langs->trans("YourPaymentHasBeenRecorded")."
\n"; + print $langs->trans("ThisIsTransactionId",$TRANSACTIONID)."
\n"; + if (! empty($conf->global->PAYPAL_MESSAGE_OK)) print $conf->global->PAYPAL_MESSAGE_OK; + } + else + { + //Display a user friendly Error on the page using any of the following error information returned by PayPal + $ErrorCode = urldecode($resArray["L_ERRORCODE0"]); + $ErrorShortMsg = urldecode($resArray["L_SHORTMESSAGE0"]); + $ErrorLongMsg = urldecode($resArray["L_LONGMESSAGE0"]); + $ErrorSeverityCode = urldecode($resArray["L_SEVERITYCODE0"]); + + echo "DoExpressCheckoutPayment API call failed. "; + echo "Detailed Error Message: " . $ErrorLongMsg; + echo "Short Error Message: " . $ErrorShortMsg; + echo "Error Code: " . $ErrorCode; + echo "Error Severity Code: " . $ErrorSeverityCode; + + if ($mysoc->email) echo "\nPlease, send a screenshot of this page to ".$mysoc->email; + } +} +else +{ + // No TOKEN parameter in URL + dol_print_error($langs->trans("ErrorBadPArameter")); + dol_syslog("No TOKEN parameter in URL"); +} + +print "\n
\n"; html_print_paypal_footer($mysoc,$langs);