s2dpaymb.php /// Art: Payment /// Inhalt: Transaktionsscript für Moneaybookers /// Beschreibung: Nimmt die Rückmeldung von moneybookers.com entgegen und wertet diese entsprechend aus. /// Benötigt: normal /// CCML-Parsing: notwendig /// //////////////////////////////////////////////////////////////////////////// /// /// Letzte Änderungen: /// 28.11.2009 Datei erstellt /// //////////////////////////////////////////////////////////////////////////// ///<02.11.2009/6.0.4.28/> define('ROOT', './'); define('ASSETS', ROOT.'assets/'); require(ASSETS.'s2diconf.php'); require(CC_INCLUDE_INIT); $log = handle_transaction(); // Log speichern if (LOG_PAYMENT) save_to_file(FILE_PAYMENTLOG, "\nMoneybookers ".time()."\n".($log ? $log : 'OK')); // Ggf. 403 Header setzen für moneybookers.com if ($log) { header(HTTP_FORBIDDEN); script_die(CC_RESSOURCE_FORBIDDEN, __FILE__, __LINE__); } //////////////////////////////////////////////////////////////////////////// function handle_transaction() { // Bezahlmethode einlesen $payment_id = is_get(PARAMETER_ID) ? get(PARAMETER_ID) : null; $payment = new payment(); if (!$pm = $payment->get($payment_id)) return "Cannot open payment $payment_id\n"; //////////////////////////////////////////////////////////////////////////// Überprüfungen // Status überprüfen, falls nicht fertig abbrechen // Status of the transaction: -2 failed / 2 processed / 0 pending / -1 cancelled $status = floor(post('status')); if ($status != 2) return "Invalid status $status\n"; // Bestellnummer überprüfen und Bestellung laden $order_id = is_post('transaction_id') ? floor(post('transaction_id')) : null; $myorder = new order($order_id); if ($myorder->order_id != $order_id) return "No such order $order_id\n"; // Schlüssel überprüfen $key = is_get(PARAMETER_KEY) ? get(PARAMETER_KEY) : null; if ($myorder->generate_key() != $key) return "Key mismatch: '$key' and '".$myorder->generate_key()."' \n"; // Verkäufer ID $merchant_id = is_post('merchant_id') ? post('merchant_id') : null; if ($merchant_id != $pm->parameter[1]) return "Merchant_id mismatch: '$merchant_id' and '".$pm->parameter[1]."' \n"; // Verkäufer Email $pay_to_email = is_post('pay_to_email') ? post('pay_to_email') : null; if ($pay_to_email != $pm->parameter[2]) return "Pay_to_email mismatch: '$pay_to_email' and '".$pme->parameter[2]."' \n"; // Käufer Email $pay_from_email = is_post('pay_from_email') ? post('pay_from_email') : null; if ($pay_from_email != $myorder->client->email) return "Pay_from_email mismatch: '$pay_from_email' and '".$myorder->client->email."' \n"; // Gesamtpreis überprüfen $total = is_post('amount') ? floatval(post('amount')) : 0; if ($total != $myorder->get_totalprice()) return "Total mismatch: '$total' and '".$myorder->get_totalprice()."' \n"; // Währung überprüfen $currency_code = is_post('currency') ? post('currency') : null; if ($currency_code != $pm->parameter[3]) return "Currency mismatch: '$currency_code' and '".$pm->parameter[3]."' \n"; // md5 $md5sig = is_post('md5sig') ? post('md5sig') : null; $mb_amount = is_post('mb_amount') ? post('mb_amount') : null; $mb_currency = is_post('mb_currency') ? post('mb_currency') : null; $string = $merchant_id.$order_id.strtoupper(md5($pm->parameter[5])).$mb_amount.$mb_currency.$status; $hash = strtoupper(md5($string)); # 14433376 791452387 PALUPPE 77 EUR 2 # 647A0F203FF9CE1D143A329CB11FB64F # 401B527188D026E1B67EBA40BB432A97 if ($hash != $md5sig) return "Hash mismatch. $string $hash $md5sig\n"; //////////////////////////////////////////////////////////////////////////// Zahlung abschliessen // Falls Sofortspeicherung aktiviert ist, neuen Status eintragen if ($pm->autocharge) { $myorder->set_status(CC_RESSOURCE_ORDERSTATUSSHORT_WAITINGITEMS, true); $myorder->send_status_email(); } } ?>