tpayPaymentBasic

Class PaymentBasic.

Defined (1)

The class is defined in the following location(s).

/includes/lib/src/_class_tpay/paymentBasic.php  
  1. class PaymentBasic 
  2. const REMOTE_ADDR = 'REMOTE_ADDR'; 
  3. /** 
  4. * @var string 
  5. */ 
  6.  
  7. const ACTIONURL = 'action_url'; 
  8. /** 
  9. * @var string 
  10. */ 
  11. const FIELDS = 'fields'; 
  12. /** 
  13. * @var string 
  14. */ 
  15. const PAYMENTFORM = 'paymentForm'; 
  16. /** 
  17. * Merchant id 
  18. * @var int 
  19. */ 
  20. protected $merchantId = '[MERCHANT_ID]'; 
  21. /** 
  22. * tpay payment url 
  23. * @var string 
  24. */ 
  25. protected $apiURL = 'https://secure.tpay.com'; 
  26. /** 
  27. * Merchant secret 
  28. * @var string 
  29. */ 
  30. private $merchantSecret = '[MERCHANT_SECRET]'; 
  31. /** 
  32. * tpay response IP 
  33. * @var string 
  34. */ 
  35. private $secureIP = array( 
  36. '195.149.229.109',  
  37. '148.251.96.163',  
  38. '178.32.201.77',  
  39. '46.248.167.59',  
  40. '46.29.19.106' 
  41. ); 
  42. /** 
  43. * If false library not validate tpay server IP 
  44. * @var bool 
  45. */ 
  46. private $validateServerIP = true; 
  47. /** 
  48. * Path to template directory 
  49. * @var string 
  50. */ 
  51. private $templateDir = 'common/_tpl/'; 
  52. /** 
  53. * URL to tpay regulations file 
  54. * @var string 
  55. */ 
  56. private $regulationURL = 'https://secure.tpay.com/regulamin.pdf'; 
  57.  
  58. /** 
  59. * PaymentBasic class constructor for payment: 
  60. * - basic from tpay panel 
  61. * - with bank selection in merchant shop 
  62. * - eHat 
  63. * @param string|bool $merchantId merchant id 
  64. * @param string|bool $merchantSecret merchant secret 
  65. */ 
  66. public function __construct($merchantId = false, $merchantSecret = false) 
  67. if ($merchantId !== false) { 
  68. $this->merchantId = $merchantId; 
  69. if ($merchantSecret !== false) { 
  70. $this->merchantSecret = $merchantSecret; 
  71.  
  72. require_once(dirname(__FILE__) . '/util.php'); 
  73.  
  74. Util::loadClass('curl'); 
  75. Util::loadClass('validate'); 
  76. Util::loadClass('exception'); 
  77. Util::loadClass('lang'); 
  78. Util::checkVersionPHP(); 
  79. Validate::validateMerchantId($this->merchantId); 
  80. Validate::validateMerchantSecret($this->merchantSecret); 
  81.  
  82. /** 
  83. * Disabling validation of payment notification server IP 
  84. * Validation of tpay server ip is very important. 
  85. * Use this method only in test mode and be sure to enable validation in production. 
  86. */ 
  87. public function disableValidationServerIP() 
  88. $this->validateServerIP = false; 
  89.  
  90. /** 
  91. * Enabling validation of payment notification server IP 
  92. */ 
  93. public function enableValidationServerIP() 
  94. $this->validateServerIP = true; 
  95.  
  96. /** 
  97. * Check cURL request from tpay server after payment. 
  98. * This method check server ip, required fields and md5 checksum sent by payment server. 
  99. * Display information to prevent sending repeated notifications. 
  100. * @param string $paymentType optional payment type default is 'basic' 
  101. * @throws TException 
  102. * @return array 
  103. */ 
  104. public function checkPayment($paymentType = Validate::PAYMENT_TYPE_BASIC) 
  105. Util::log('check basic payment', '$_POST: ' . "\n" . print_r($_POST, true)); 
  106.  
  107. $res = Validate::getResponse($paymentType); 
  108.  
  109. $checkMD5 = $this->checkMD5( 
  110. $res['md5sum'],  
  111. $res['tr_id'],  
  112. number_format($res['tr_amount'], 2, '.', ''),  
  113. $res['tr_crc'] 
  114. ); 
  115. Util::logLine('Check MD5: ' . (int)$checkMD5); 
  116.  
  117. if ($this->validateServerIP === true && $this->checkServer() === false) { 
  118. throw new TException('Request is not from secure server'); 
  119.  
  120. if ($checkMD5 === false) { 
  121. throw new TException('MD5 checksum is invalid'); 
  122. echo 'TRUE'; 
  123.  
  124. return $res; 
  125.  
  126. /** 
  127. * Check md5 sum to validate tpay response. 
  128. * The values of variables that md5 sum includes are available only for 
  129. * merchant and tpay system. 
  130. * @param string $md5sum md5 sum received from tpay 
  131. * @param string $transactionId transaction id 
  132. * @param float $transactionAmount transaction amount 
  133. * @param string $crc transaction crc 
  134. * @return bool 
  135. */ 
  136. private function checkMD5($md5sum, $transactionId, $transactionAmount, $crc) 
  137. if (!is_string($md5sum) || strlen($md5sum) !== 32) { 
  138. return false; 
  139.  
  140. return ($md5sum === md5($this->merchantId . $transactionId . 
  141. $transactionAmount . $crc . $this->merchantSecret)); 
  142.  
  143. /** 
  144. * Check if request is called from secure tpay server 
  145. * @return bool 
  146. */ 
  147. private function checkServer() 
  148. if (!isset($_SERVER[static::REMOTE_ADDR]) 
  149. || !in_array($_SERVER[static::REMOTE_ADDR], $this->secureIP) 
  150. ) { 
  151. if (!isset($_SERVER['HTTP_X_FORWARDED_FOR']) 
  152. || !in_array($_SERVER['HTTP_X_FORWARDED_FOR'], $this->secureIP) 
  153. ) { 
  154. return false; 
  155. return true; 
  156.  
  157. /** 
  158. * Create HTML form for EHat payment based on transaction config 
  159. * More information about config fields @see Validate::$panelPaymentRequestFields 
  160. * @param array $config transaction config 
  161. * @return string 
  162. */ 
  163. public function getEHatForm($config) 
  164. $config = $this->prepareConfig($config); 
  165.  
  166. $config['kanal'] = 58; 
  167. $config['akceptuje_regulamin'] = 1; 
  168.  
  169. $data = array( 
  170. static::ACTIONURL => $this->apiURL,  
  171. static::FIELDS => $config,  
  172. ); 
  173.  
  174. return Util::parseTemplate($this->templateDir . static::PAYMENTFORM, $data); 
  175.  
  176. /** 
  177. * Validate passed payment config and add required elements with merchant id and md5 sum 
  178. * More information about config fields @see Validate::$panelPaymentRequestField 
  179. * @param array $config transaction config 
  180. * @return array 
  181. * @throws TException 
  182. */ 
  183. public function prepareConfig($config) 
  184. $ready = Validate::validateConfig(Validate::PAYMENT_TYPE_BASIC, $config); 
  185.  
  186. $ready['md5sum'] = md5($this->merchantId . $ready['kwota'] . $ready['crc'] . $this->merchantSecret); 
  187. $ready['id'] = $this->merchantId; 
  188.  
  189. return $ready; 
  190.  
  191. /** 
  192. * Create HTML form for basic panel payment based on transaction config 
  193. * More information about config fields @see Validate::$panelPaymentRequestFields 
  194. * @param array $config transaction config 
  195. * @return string 
  196. */ 
  197. public function getTransactionForm($config) 
  198. $config = $this->prepareConfig($config); 
  199.  
  200. $data = array( 
  201. static::ACTIONURL => $this->apiURL,  
  202. static::FIELDS => $config,  
  203. ); 
  204.  
  205. return Util::parseTemplate($this->templateDir . static::PAYMENTFORM, $data); 
  206.  
  207.  
  208. public function getTransactionFormConfig($config) 
  209. return $this->prepareConfig($config); 
  210.  
  211. /** 
  212. * Create HTML form for payment with bank selection based on transaction config 
  213. * More information about config fields @see Validate::$panelPaymentRequestField 
  214. * @param array $config transaction config 
  215. * @param bool $smallList type of bank selection list big icons or small form with select 
  216. * @param bool $showRegulations show accept regulations input 
  217. * @return string 
  218. * @throws TException 
  219. */ 
  220. public function getBankSelectionForm($config, $smallList = false, $showRegulations = true) 
  221. $config = $this->prepareConfig($config); 
  222. $config['kanal'] = 0; 
  223. $config['akceptuje_regulamin'] = ($showRegulations) ? 0 : 1; 
  224.  
  225. $data = array( 
  226. static::ACTIONURL => $this->apiURL,  
  227. static::FIELDS => $config,  
  228. ); 
  229.  
  230. $form = Util::parseTemplate($this->templateDir . static::PAYMENTFORM, $data); 
  231.  
  232. $data = array( 
  233. 'merchant_id' => $this->merchantId,  
  234. 'regulation_url' => $this->regulationURL,  
  235. 'show_regulations_checkbox' => $showRegulations,  
  236. 'form' => $form 
  237. ); 
  238. if ($smallList) { 
  239. $templateFile = 'bankSelectionList'; 
  240. } else { 
  241. $templateFile = 'bankSelection'; 
  242. return Util::parseTemplate($this->templateDir . $templateFile, $data); 
  243.  
  244. /** 
  245. * Check md5 sum to confirm value of payment amount 
  246. * @param string $md5sum md5 sum received from tpay 
  247. * @param string $transactionId transaction id 
  248. * @param string $transactionAmount transaction amount 
  249. * @param string $crc transaction crc 
  250. * @throws TException 
  251. */ 
  252. public function validateSign($md5sum, $transactionId, $transactionAmount, $crc) 
  253. if ($md5sum !== md5($this->merchantId . $transactionId . $transactionAmount . $crc . $this->merchantSecret)) { 
  254. throw new TException('Invalid checksum');