1: <?php
  2: /**
  3:  * Magento
  4:  *
  5:  * NOTICE OF LICENSE
  6:  *
  7:  * This source file is subject to the Open Software License (OSL 3.0)
  8:  * that is bundled with this package in the file LICENSE.txt.
  9:  * It is also available through the world-wide-web at this URL:
 10:  * http://opensource.org/licenses/osl-3.0.php
 11:  * If you did not receive a copy of the license and are unable to
 12:  * obtain it through the world-wide-web, please send an email
 13:  * to license@magentocommerce.com so we can send you a copy immediately.
 14:  *
 15:  * @category    Phoenix
 16:  * @package     Phoenix_Moneybookers
 17:  * @copyright   Copyright (c) 2012 Phoenix Medien GmbH & Co. KG (http://www.phoenix-medien.de)
 18:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
 19:  */
 20: 
 21: /**
 22:  * Moneybookers notification processor model
 23:  */
 24: class Phoenix_Moneybookers_Model_Event
 25: {
 26:     const MONEYBOOKERS_STATUS_FAIL = -2;
 27:     const MONEYBOOKERS_STATUS_CANCEL = -1;
 28:     const MONEYBOOKERS_STATUS_PENDING = 0;
 29:     const MONEYBOOKERS_STATUS_SUCCESS = 2;
 30: 
 31:     /*
 32:      * @param Mage_Sales_Model_Order
 33:      */
 34:     protected $_order = null;
 35: 
 36:     /**
 37:      * Event request data
 38:      * @var array
 39:      */
 40:     protected $_eventData = array();
 41: 
 42:     /**
 43:      * Enent request data setter
 44:      * @param array $data
 45:      * @return Phoenix_Moneybookers_Model_Event
 46:      */
 47:     public function setEventData(array $data)
 48:     {
 49:         $this->_eventData = $data;
 50:         return $this;
 51:     }
 52: 
 53:     /**
 54:      * Event request data getter
 55:      * @param string $key
 56:      * @return array|string
 57:      */
 58:     public function getEventData($key = null)
 59:     {
 60:         if (null === $key) {
 61:             return $this->_eventData;
 62:         }
 63:         return isset($this->_eventData[$key]) ? $this->_eventData[$key] : null;
 64:     }
 65: 
 66:     /**
 67:      * Get singleton of Checkout Session Model
 68:      *
 69:      * @return Mage_Checkout_Model_Session
 70:      */
 71:     protected function _getCheckout()
 72:     {
 73:         return Mage::getSingleton('checkout/session');
 74:     }
 75: 
 76:     /**
 77:      * Process status notification from Monebookers server
 78:      *
 79:      * @return String
 80:      */
 81:     public function processStatusEvent()
 82:     {
 83:         try {
 84:             $params = $this->_validateEventData();
 85:             $msg = '';
 86:             switch($params['status']) {
 87:                 case self::MONEYBOOKERS_STATUS_FAIL: //fail
 88:                     $msg = Mage::helper('moneybookers')->__('Payment failed.');
 89:                     $this->_processCancel($msg);
 90:                     break;
 91:                 case self::MONEYBOOKERS_STATUS_CANCEL: //cancel
 92:                     $msg = Mage::helper('moneybookers')->__('Payment was canceled.');
 93:                     $this->_processCancel($msg);
 94:                     break;
 95:                 case self::MONEYBOOKERS_STATUS_PENDING: //pending
 96:                     $msg = Mage::helper('moneybookers')->__('Pending bank transfer created.');
 97:                     $this->_processSale($params['status'], $msg);
 98:                     break;
 99:                 case self::MONEYBOOKERS_STATUS_SUCCESS: //ok
100:                     $msg = Mage::helper('moneybookers')->__('The amount has been authorized and captured by Moneybookers.');
101:                     $this->_processSale($params['status'], $msg);
102:                     break;
103:             }
104:             return $msg;
105:         } catch (Mage_Core_Exception $e) {
106:             return $e->getMessage();
107:         } catch(Exception $e) {
108:             Mage::logException($e);
109:         }
110:         return;
111:     }
112: 
113:     /**
114:      * Process cancelation
115:      */
116:     public function cancelEvent() {
117:         try {
118:             $this->_validateEventData(false);
119:             $this->_processCancel('Payment was canceled.');
120:             return Mage::helper('moneybookers')->__('The order has been canceled.');
121:         } catch (Mage_Core_Exception $e) {
122:             return $e->getMessage();
123:         } catch(Exception $e) {
124:             Mage::logException($e);
125:         }
126:         return '';
127:     }
128: 
129:     /**
130:      * Validate request and return QuoteId
131:      * Can throw Mage_Core_Exception and Exception
132:      *
133:      * @return int
134:      */
135:     public function successEvent(){
136:         $this->_validateEventData(false);
137:         return $this->_order->getQuoteId();
138:     }
139: 
140:     /**
141:      * Processed order cancelation
142:      * @param string $msg Order history message
143:      */
144:     protected function _processCancel($msg)
145:     {
146:         $this->_order->cancel();
147:         $this->_order->addStatusToHistory(Mage_Sales_Model_Order::STATE_CANCELED, $msg);
148:         $this->_order->save();
149:     }
150: 
151:     /**
152:      * Processes payment confirmation, creates invoice if necessary, updates order status,
153:      * sends order confirmation to customer
154:      * @param string $msg Order history message
155:      */
156:     protected function _processSale($status, $msg)
157:     {
158:         switch ($status) {
159:             case self::MONEYBOOKERS_STATUS_SUCCESS:
160:                 $this->_createInvoice();
161:                 $this->_order->setState(Mage_Sales_Model_Order::STATE_PROCESSING, true, $msg);
162:                 // save transaction ID
163:                 $this->_order->getPayment()->setLastTransId($this->getEventData('mb_transaction_id'));
164:                 // send new order email
165:                 $this->_order->sendNewOrderEmail();
166:                 $this->_order->setEmailSent(true);
167:                 break;
168:             case self::MONEYBOOKERS_STATUS_PENDING:
169:                 $this->_order->setState(Mage_Sales_Model_Order::STATE_PENDING_PAYMENT, true, $msg);
170:                 // save transaction ID
171:                 $this->_order->getPayment()->setLastTransId($this->getEventData('mb_transaction_id'));
172:                 break;
173:         }
174:         $this->_order->save();
175:     }
176: 
177:     /**
178:      * Builds invoice for order
179:      */
180:     protected function _createInvoice()
181:     {
182:         if (!$this->_order->canInvoice()) {
183:             return;
184:         }
185:         $invoice = $this->_order->prepareInvoice();
186:         $invoice->register()->capture();
187:         $this->_order->addRelatedObject($invoice);
188:     }
189: 
190:     /**
191:      * Checking returned parameters
192:      * Thorws Mage_Core_Exception if error
193:      * @param bool $fullCheck Whether to make additional validations such as payment status, transaction signature etc.
194:      *
195:      * @return array  $params request params
196:      */
197:     protected function _validateEventData($fullCheck = true)
198:     {
199:         // get request variables
200:         $params = $this->_eventData;
201:         if (empty($params)) {
202:             Mage::throwException('Request does not contain any elements.');
203:         }
204: 
205:         // check order ID
206:         if (empty($params['transaction_id'])
207:             || ($fullCheck == false && $this->_getCheckout()->getMoneybookersRealOrderId() != $params['transaction_id'])
208:         ) {
209:             Mage::throwException('Missing or invalid order ID.');
210:         }
211:         // load order for further validation
212:         $this->_order = Mage::getModel('sales/order')->loadByIncrementId($params['transaction_id']);
213:         if (!$this->_order->getId()) {
214:             Mage::throwException('Order not found.');
215:         }
216: 
217:         if (0 !== strpos($this->_order->getPayment()->getMethodInstance()->getCode(), 'moneybookers_')) {
218:             Mage::throwException('Unknown payment method.');
219:         }
220: 
221:         // make additional validation
222:         if ($fullCheck) {
223:             // check payment status
224:             if (empty($params['status'])) {
225:                 Mage::throwException('Unknown payment status.');
226:             }
227: 
228:             // check transaction signature
229:             if (empty($params['md5sig'])) {
230:                 Mage::throwException('Invalid transaction signature.');
231:             }
232: 
233:             $checkParams = array('merchant_id', 'transaction_id', 'secret', 'mb_amount', 'mb_currency', 'status');
234:             $md5String = '';
235:             foreach ($checkParams as $key) {
236:                 if ($key == 'merchant_id') {
237:                     $md5String .= Mage::getStoreConfig(Phoenix_Moneybookers_Helper_Data::XML_PATH_CUSTOMER_ID,
238:                         $this->_order->getStoreId()
239:                     );
240:                 } elseif ($key == 'secret') {
241:                     $secretKey = Mage::getStoreConfig(
242:                         Phoenix_Moneybookers_Helper_Data::XML_PATH_SECRET_KEY,
243:                         $this->_order->getStoreId()
244:                     );
245: 
246:                     if (empty($secretKey)) {
247:                         Mage::throwException('Secret key is empty.');
248:                     }
249: 
250:                     $md5String .= strtoupper(md5($secretKey));
251:                 } elseif (isset($params[$key])) {
252:                     $md5String .= $params[$key];
253:                 }
254:             }
255:             $md5String = strtoupper(md5($md5String));
256: 
257:             if ($md5String != $params['md5sig']) {
258:                 Mage::throwException('Hash is not valid.');
259:             }
260: 
261:             // check transaction amount if currency matches
262:             if ($this->_order->getOrderCurrencyCode() == $params['mb_currency']) {
263:                 if (round($this->_order->getGrandTotal(), 2) != $params['mb_amount']) {
264:                     Mage::throwException('Transaction amount does not match.');
265:                 }
266:             }
267:         }
268:         return $params;
269:     }
270: }
271: