Merge pull request #12 from paynl/feature/PLUG-453

Plugin update

app/addons/paynl_addon/addon.xml

@@ -3,7 +3,7 @@
 	<id>paynl_addon</id>
 	<name>PAY.</name>
 	<description>PAY. Gateway addon</description>
-	<version>1.1.3</version>
+	<version>1.1.4</version>
 	<priority>1000</priority>
         <settings layout="separate">
           <sections>

app/addons/paynl_addon/func.php

@@ -19,19 +19,16 @@ function fn_get_ideal_banks($processor_data)
     $service->setServiceId($processor_data['processor_params']['service_id']);
     try {
         $result = $service->doRequest();
-        $banks = $result['paymentOptions'][$processor_data['processor_params']['optionId']]['paymentOptionSubList'];
-
-        return $banks;
+        return $result['paymentOptions'][$processor_data['processor_params']['optionId']]['paymentOptionSubList'];
     } catch (Exception $ex) {
         fn_set_notification('E', __('error'), $ex->getMessage());
-
     }
 }
 
 
-function fn_paynl_getInfo($payNLTransactionID, $processor_data)
+function fn_paynl_getStatus($payNLTransactionID, $processor_data)
 {
-    $payApiInfo = new Pay_Api_Info();
+    $payApiInfo = new Pay_Api_Status();
     $payApiInfo->setApiToken($processor_data['processor_params']['token_api']);
     $payApiInfo->setServiceId($processor_data['processor_params']['service_id']);
     $payApiInfo->setTransactionId($payNLTransactionID);
@@ -44,27 +41,11 @@ function fn_paynl_getInfo($payNLTransactionID, $processor_data)
     return $result;
 }
 
-function fn_paynl_getState($payNLTransactionID, $processor_data)
-{
-    $payApiInfo = new Pay_Api_Info();
-    $payApiInfo->setApiToken($processor_data['processor_params']['token_api']);
-    $payApiInfo->setServiceId($processor_data['processor_params']['service_id']);
-    $payApiInfo->setTransactionId($payNLTransactionID);
-    try {
-        $result = $payApiInfo->doRequest();
-    } catch (Exception $ex) {
-        fn_set_notification('E', __('error'), $ex->getMessage());
-        fn_redirect('/index.php?dispatch=checkout.checkout');
-    }
-    $state = Pay_Helper::getStateText($result['paymentDetails']['state']);
-    return $state;
-}
-
 function getObjectData()
 {
     $phpVersion = substr(phpversion(), 0, 3);
     $cscartVersion = defined('PRODUCT_VERSION') ? PRODUCT_VERSION : '-';
-    $payPlugin = '1.1.3';
+    $payPlugin = '1.1.4';
 
     return substr('cscart ' . $payPlugin . ' | ' . $cscartVersion . ' | ' . $phpVersion, 0, 64);
 }
@@ -167,8 +148,7 @@ function fn_paynl_startTransaction($order_id, $order_info, $processor_data, $exc
     }
 
     try {
-        $result = $payNL->doRequest();
-        return $result;
+        return $payNL->doRequest();
     } catch (Exception $ex) {
         fn_set_notification('E', __('error'), $ex->getMessage());
         fn_redirect('/index.php?dispatch=checkout.checkout');

app/addons/paynl_addon/paynl/classes/Pay/Api.php

@@ -6,8 +6,8 @@ class Pay_Api
     const REQUEST_TYPE_POST = 1;
     const REQUEST_TYPE_GET = 0;
 
-    protected $_apiUrl = 'http://rest-api.pay.nl';
-    protected $_version = 'v3';
+    protected $_apiUrl = 'https://rest-api.pay.nl';
+    protected $_version = 'v12';
     protected $_controller = '';
     protected $_action = '';
     protected $_serviceId = '';

app/addons/paynl_addon/paynl/classes/Pay/Api/Status.php

@@ -0,0 +1,28 @@
+<?php
+
+class Pay_Api_Status extends Pay_Api
+{
+
+    protected $_version = 'v15';
+    protected $_controller = 'transaction';
+    protected $_action = 'status';
+
+    public function setTransactionId($transactionId)
+    {
+        $this->_postData['transactionId'] = $transactionId;
+    }
+
+    protected function _getPostData()
+    {
+        $data = parent::_getPostData();
+        if ($this->_apiToken == '') {
+            throw new Pay_Exception('apiToken not set', 1);
+        } else {
+            $data['token'] = $this->_apiToken;
+        }
+        if (!isset($this->_postData['transactionId'])) {
+            throw new Pay_Exception('transactionId is not set', 1);
+        }
+        return $data;
+    }
+}

app/addons/paynl_addon/paynl/classes/Pay/Helper.php

@@ -2,6 +2,11 @@
 
 class Pay_Helper
 {
+    const PAYMENT_PAID = 'PAID';
+    const PAYMENT_AUTHORIZE = 'AUTHORIZE';
+    const PAYMENT_CHECKAMOUNT = 'CHECKAMOUNT';
+    const PAYMENT_CANCEL = 'CANCEL';
+    const PAYMENT_PENDING = 'PENDING';
 
     /**
      * Bepaal de status aan de hand van het statusid.
@@ -15,16 +20,16 @@ public static function getStateText($stateId)
         switch ($stateId) {
             case 80:
             case -51:
-                return 'CHECKAMOUNT';
+                return self::PAYMENT_CHECKAMOUNT;
             case 100:
-                return 'PAID';
+                return self::PAYMENT_PAID;
             case 95:
-                return 'AUTHORIZE';
+                return self::PAYMENT_AUTHORIZE;
             default:
                 if ($stateId < 0) {
-                    return 'CANCEL';
+                    return self::PAYMENT_CANCEL;
                 } else {
-                    return 'PENDING';
+                    return self::PAYMENT_PENDING;
                 }
         }
     }

app/payments/paynl.php

@@ -1,8 +1,8 @@
 <?php
 
 /**
- *    Pay.nl
- *    Date: 8-7-2014
+ *    PAY.
+ *    Date: 11-06-2021
  *    Version: 1.0.7
  */
 use Tygh\Registry;
@@ -11,70 +11,69 @@
     die('Access denied');
 }
 
-if (defined('PAYMENT_NOTIFICATION')) { // callback
+if (defined('PAYMENT_NOTIFICATION')) {
+    # Callback
     $order_info = null;
     $orderId = intval($_REQUEST['csCartOrderId']);
 
     if ($mode == 'finish') {
-      fn_order_placement_routines('route', $orderId, false);
-      die();
+        fn_order_placement_routines('route', $orderId, false);
+        die();
     }
 
-    $order_info = fn_get_order_info($orderId, true);
-    $payNLTransactionID = $mode == 'exchange' ? $_REQUEST['order_id'] : $_REQUEST['orderId'];
+    $action = $_REQUEST['action'] ?? '';
+    $payNLTransactionID = $_REQUEST['order_id'] ?? '';
+    if ($action == 'pending' || $action == 'refund:received' || empty($action) || empty($payNLTransactionID)) {
+        die('TRUE|Ignoring ' . (empty($payNLTransactionID) ? ', no order id' : $action));
+    }
 
+    $order_info = fn_get_order_info($orderId, true);
+    $csCartOrderAmount = intval(floatval($order_info['total']) * 100);
     $processor_data = fn_get_processor_data($order_info['payment_id']);
     $statuses = $processor_data['processor_params']['statuses'];
 
-    # Retrieve payment state from Pay.nl.
-    $state = fn_paynl_getState($payNLTransactionID, $processor_data);
-    $idstate = $statuses[strtolower($state)];
-
     if ($mode == 'exchange') {
-
+        # Retrieve PAY.-data
+        $payData = fn_paynl_getStatus($payNLTransactionID, $processor_data);
         $alreadyPaid = fn_isAlreadyPAID($payNLTransactionID) || $order_info['status'] == 'P';
+
         if ($alreadyPaid) {
-            $message = 'Order already PAID';
-            if ($mode == 'exchange') {
-                echo 'TRUE|' . $message;
-                die;
-            }
+            die('TRUE|Order already PAID');
         }
+        $payAmount = intval($payData['paymentDetails']['amount']['value']);
+        $state = Pay_Helper::getStateText($payData['paymentDetails']['state']);
+        $bPaid = in_array($state, array(Pay_Helper::PAYMENT_AUTHORIZE, Pay_Helper::PAYMENT_PAID));
 
-        if (fn_check_payment_script('paynl.php', $orderId) && !empty($idstate)) {
-            // set the status
-            fn_change_order_status($orderId, $idstate);
+        if ($bPaid && $payAmount !== $csCartOrderAmount) {
+            die('TRUE|Failed, invalid amounts: ' . $payAmount . ' vs ' . $csCartOrderAmount);
         }
-
+
+        $idstate = $statuses[strtolower($state)];
         if (!empty($idstate)) {
-            fn_updatePayTransaction($payNLTransactionID, $state);
+            if (fn_check_payment_script('paynl.php', $orderId)) {
+                fn_change_order_status($orderId, $idstate);
+            }
 
-            if ($state == 'PAID') {
-                $payData = fn_paynl_getInfo($payNLTransactionID, $processor_data);
-                $pp_response = array(
-                    'order_status' => $idstate,
-                    'naam' => $payData['paymentDetails']['identifierName'],
-                    'rekening' => $payData['paymentDetails']['identifierPublic']
-                );
+            fn_updatePayTransaction($payNLTransactionID, $state);
 
+            if ($bPaid) {
+                $pp_response = array('order_status' => $idstate, 'naam' => $payData['paymentDetails']['identifierName'], 'rekening' => $payData['paymentDetails']['identifierPublic']);
                 fn_finish_payment($orderId, $pp_response);
             }
-            die('TRUE| Updated status to: '.$state.' state_id: '.$idstate);
+            die('TRUE| Updated status to: ' . $state . ' state_id: ' . $idstate);
         }
-        die('TRUE| unknown status '.$state);
+        die('TRUE| unknown status ' . $state);
     }
-} else {//create the transaction
+} else {
+    # Create the transaction
     $paymentOptionSub = null;
     if (isset($_REQUEST['paymentOptionbSubId'])) {
         $paymentOptionSub = $_REQUEST['paymentOptionbSubId'];
     }
 
-    $exchangeUrl = fn_url("payment_notification.exchange?payment=paynl&csCartOrderId=$order_id",
-        AREA, 'current');
-    $finishUrl = fn_url("payment_notification.finish?payment=paynl&csCartOrderId=$order_id",
-        AREA, 'current');
-    $result = fn_paynl_startTransaction($order_id, $order_info,
-        $processor_data, $exchangeUrl, $finishUrl, $paymentOptionSub);
+    $exchangeUrl = fn_url("payment_notification.exchange?payment=paynl&csCartOrderId=$order_id", AREA, 'current');
+    $finishUrl = fn_url("payment_notification.finish?payment=paynl&csCartOrderId=$order_id", AREA, 'current');
+    $result = fn_paynl_startTransaction($order_id, $order_info, $processor_data, $exchangeUrl, $finishUrl, $paymentOptionSub);
     $data = array(
         'transaction_id' => $result['transaction']['transactionId'],
         'option_id' => $processor_data['processor_params']['optionId'],
@@ -85,15 +84,14 @@
 
     db_query("INSERT INTO ?:paynl_transactions  ?e", $data);
 
-    //update table order
+    # Update table order
     fn_change_order_status($order_id, 'O', '', false);
     $url = $result['transaction']['paymentURL'];
     if (isset($url)) {
         fn_redirect($url, true);
         exit;
     } else {
-        fn_set_notification('E',
-            "There was an error while processing your transaction: ", "");
+        fn_set_notification('E', "There was an error while processing your transaction: ", "");
         fn_redirect(Registry::get('config.http_location') . "/?dispatch=checkout.cart");
     }
 
@@ -102,24 +100,17 @@
 
 function fn_updatePayTransaction($transactionId, $status)
 {
-    $data = array(
-        'status' => $status,
-        'last_update' => date('Y-m-d H:i:s')
-    );
-    db_query('UPDATE ?:paynl_transactions SET ?u WHERE transaction_id = ?i',
-        $data, $transactionId);
+    $data = array('status' => $status, 'last_update' => date('Y-m-d H:i:s'));
+    db_query('UPDATE ?:paynl_transactions SET ?u WHERE transaction_id = ?i', $data, $transactionId);
 }
 
 function fn_isAlreadyPAID($transactionID)
 {
-    $orderID = db_get_field('SELECT order_id FROM ?:paynl_transactions WHERE transaction_id =?s',
-        $transactionID);
-    $arrTransactions = db_get_field('SELECT count(*) FROM ?:paynl_transactions WHERE order_id =?s AND status = "PAID" ',
-        $orderID);
+    $orderID = db_get_field('SELECT order_id FROM ?:paynl_transactions WHERE transaction_id =?s', $transactionID);
+
+    $arrTransactions = db_get_field('SELECT count(*) FROM ?:paynl_transactions WHERE order_id =?s AND status = "PAID" ', $orderID);
 
     if (intval($arrTransactions) > 0) {
         return true;
     } else return false;
-}
-
-?>
+}