|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* 2007-2017 PrestaShop |
|
4
|
|
|
* |
|
5
|
|
|
* NOTICE OF LICENSE |
|
6
|
|
|
* |
|
7
|
|
|
* This source file is subject to the Academic Free License (AFL 3.0) |
|
8
|
|
|
* that is bundled with this package in the file LICENSE.txt. |
|
9
|
|
|
* It is also available through the world-wide-web at this URL: |
|
10
|
|
|
* http://opensource.org/licenses/afl-3.0.php |
|
11
|
|
|
* If you did not receive a copy of the license and are unable to |
|
12
|
|
|
* obtain it through the world-wide-web, please send an email |
|
13
|
|
|
* to [email protected] so we can send you a copy immediately. |
|
14
|
|
|
* |
|
15
|
|
|
* DISCLAIMER |
|
16
|
|
|
* |
|
17
|
|
|
* Do not edit or add to this file if you wish to upgrade PrestaShop to newer |
|
18
|
|
|
* versions in the future. If you wish to customize PrestaShop for your |
|
19
|
|
|
* needs please refer to http://www.prestashop.com for more information. |
|
20
|
|
|
* |
|
21
|
|
|
* @author PrestaShop SA <[email protected]> |
|
22
|
|
|
* @copyright 2007-2017 PrestaShop SA |
|
23
|
|
|
* @license http://opensource.org/licenses/afl-3.0.php Academic Free License (AFL 3.0) |
|
24
|
|
|
* International Registered Trademark & Property of PrestaShop SA |
|
25
|
|
|
*/ |
|
26
|
|
|
|
|
27
|
|
|
class PaylaterValidationModuleFrontController extends ModuleFrontController |
|
28
|
|
|
{ |
|
29
|
|
|
|
|
30
|
|
|
public function initContent() |
|
31
|
|
|
{ |
|
32
|
|
|
|
|
33
|
|
|
if (!Tools::getValue('redirect')) { |
|
34
|
|
|
$module_name = $this->module->displayName; |
|
35
|
|
|
$currency_id = (int)Context::getContext()->currency->id; |
|
36
|
|
|
|
|
37
|
|
|
//$json = file_get_contents('php://input'); |
|
|
|
|
|
|
38
|
|
|
$json = Tools::file_get_contents('php://input'); |
|
39
|
|
|
//$data = json_decode($json, true); |
|
|
|
|
|
|
40
|
|
|
$data = Tools::jsonDecode($json); |
|
41
|
|
|
|
|
42
|
|
|
//validate the callback |
|
43
|
|
View Code Duplication |
if (Configuration::get('PAYLATER_ENVIRONMENT') == 1) { |
|
|
|
|
|
|
44
|
|
|
$key_to_use = Configuration::get('PAYLATER_ACCOUNT_KEY_LIVE'); |
|
45
|
|
|
} else { |
|
46
|
|
|
$key_to_use = Configuration::get('PAYLATER_ACCOUNT_KEY_TEST'); |
|
47
|
|
|
} |
|
48
|
|
|
$signature_check = sha1( |
|
49
|
|
|
$key_to_use . |
|
50
|
|
|
$data->account_id . |
|
51
|
|
|
$data->api_version . |
|
52
|
|
|
$data->event . |
|
53
|
|
|
$data->data->id |
|
54
|
|
|
); |
|
55
|
|
|
if ($signature_check != $data->signature) { |
|
56
|
|
|
//hack detected - not validate order |
|
57
|
|
|
die(Tools::displayError('Fatal Error: Callback signature incorrect')); |
|
58
|
|
|
} |
|
59
|
|
|
|
|
60
|
|
|
$order_id = $data->data->order_id; |
|
61
|
|
|
$cart_id = $order_id; |
|
62
|
|
|
|
|
63
|
|
|
if ($data->event == 'charge.created') { |
|
64
|
|
|
$cart = new Cart((int)$cart_id); |
|
65
|
|
|
$customer = new Customer((int)$cart->id_customer); |
|
66
|
|
|
$secure_key = $customer->secure_key; |
|
67
|
|
|
|
|
68
|
|
|
$payment_status = Configuration::get('PS_OS_PAYMENT'); |
|
69
|
|
|
$message = null; |
|
70
|
|
|
|
|
71
|
|
|
//$order_total=$cart->getOrderTotal(); |
|
|
|
|
|
|
72
|
|
|
$order_total = $data->data->amount / 100; |
|
73
|
|
|
|
|
74
|
|
|
$this->module->validateOrder( |
|
75
|
|
|
$cart_id, |
|
76
|
|
|
$payment_status, |
|
77
|
|
|
$order_total, |
|
78
|
|
|
$module_name, |
|
79
|
|
|
$message, |
|
80
|
|
|
array(), |
|
81
|
|
|
$currency_id, |
|
82
|
|
|
false, |
|
83
|
|
|
$secure_key |
|
84
|
|
|
); |
|
85
|
|
|
die(Tools::displayError('OK')); |
|
86
|
|
|
} else { |
|
|
|
|
|
|
87
|
|
|
//nothing happen |
|
88
|
|
|
} |
|
89
|
|
|
} else { |
|
|
|
|
|
|
90
|
|
|
//nothing happen |
|
91
|
|
|
} |
|
92
|
|
|
} |
|
93
|
|
|
} |
|
94
|
|
|
|
pagantis /
pagamastarde-prestashop
Loading history...
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it.
The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production.
This check looks for comments that seem to be mostly valid code and reports them.