Home Verkennen Help
Inloggen
iProspective
/
dolibarr
3
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Boom: e040219fdc
Aftakkingen Labels
dolibarr
/
htdocs
/
paypal
/
lib
/
paypal.lib.php

paypal.lib.php 25 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617 
  1. <?php
    2. 

  2. /* Copyright (C) 2008-2012	Laurent Destailleur	<eldy@users.sourceforge.net>
    3. 

  3.  * Copyright (C) 2011-2012	Regis Houssin		<regis.houssin@inodbox.com>
    4. 

  4.  *
    5. 

  5.  * This program is free software; you can redistribute it and/or modify
    6. 

  6.  * it under the terms of the GNU General Public License as published by
    7. 

  7.  * the Free Software Foundation; either version 3 of the License, or
    8. 

  8.  * (at your option) any later version.
    9. 

  9.  *
    10. 

  10.  * This program is distributed in the hope that it will be useful,
    11. 

  11.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12. 

  12.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13. 

  13.  * GNU General Public License for more details.
    14. 

  14.  *
    15. 

  15.  * You should have received a copy of the GNU General Public License
    16. 

  16.  * along with this program. If not, see <https://www.gnu.org/licenses/>.
    17. 

  17.  */
    18. 

  18. 

  19. /**
    20. 

  20.  *	\file			htdocs/paypal/lib/paypal.lib.php
    21. 

  21.  *  \ingroup		paypal
    22. 

  22.  *  \brief			Library for common paypal functions
    23. 

  23.  */
    24. 

  24. 

  25. require_once DOL_DOCUMENT_ROOT.'/core/lib/payments.lib.php';
    26. 

  26. 

  27. 

  28. /**
    29. 

  29.  *  Define head array for tabs of paypal tools setup pages
    30. 

  30.  *
    31. 

  31.  *  @return			Array of head
    32. 

  32.  */
    33. 

  33. function paypaladmin_prepare_head()
    34. 

  34. {
    35. 

  35. 	global $langs, $conf;
    36. 

  36. 

  37. 	$h = 0;
    38. 

  38. 	$head = array();
    39. 

  39. 

  40. 	$head[$h][0] = DOL_URL_ROOT."/paypal/admin/paypal.php";
    41. 

  41. 	$head[$h][1] = $langs->trans("PayPal");
    42. 

  42. 	$head[$h][2] = 'paypalaccount';
    43. 

  43. 	$h++;
    44. 

  44. 

  45. 	$object = new stdClass();
    46. 

  46. 

  47. 	// Show more tabs from modules
    48. 

  48. 	// Entries must be declared in modules descriptor with line
    49. 

  49. 	// $this->tabs = array('entity:+tabname:Title:@mymodule:/mymodule/mypage.php?id=__ID__');   to add new tab
    50. 

  50. 	// $this->tabs = array('entity:-tabname);   												to remove a tab
    51. 

  51. 	complete_head_from_modules($conf, $langs, $object, $head, $h, 'paypaladmin');
    52. 

  52. 

  53. 	complete_head_from_modules($conf, $langs, $object, $head, $h, 'paypaladmin', 'remove');
    54. 

  54. 

  55. 	return $head;
    56. 

  56. }
    57. 

  57. 

  58. 

  59. /**
    60. 

  60.  * Send redirect to paypal to browser
    61. 

  61.  *
    62. 

  62.  * @param	float	$paymentAmount		Amount
    63. 

  63.  * @param   string	$currencyCodeType	Currency code
    64. 

  64.  * @param	string	$paymentType		Payment type
    65. 

  65.  * @param  	string	$returnURL			Url to use if payment is OK
    66. 

  66.  * @param   string	$cancelURL			Url to use if payment is KO
    67. 

  67.  * @param   string	$tag				Full tag
    68. 

  68.  * @return	string						No return (a redirect is done) if OK, or Error message if KO
    69. 

  69.  */
    70. 

  70. function print_paypal_redirect($paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $tag)
    71. 

  71. {
    72. 

  72. 	//declaring of global variables
    73. 

  73. 	global $conf, $langs;
    74. 

  74. 	global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
    75. 

  75. 	global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
    76. 

  76. 

  77. 	global $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum;
    78. 

  78. 	global $email, $desc;
    79. 

  79. 

  80. 	//'------------------------------------
    81. 

  81. 	//' Calls the SetExpressCheckout API call
    82. 

  82. 	//'
    83. 

  83. 	//'-------------------------------------------------
    84. 

  84. 

  85. 	if (!getDolGlobalString('PAYPAL_API_INTEGRAL_OR_PAYPALONLY')) {
    86. 

  86. 		$conf->global->PAYPAL_API_INTEGRAL_OR_PAYPALONLY = 'integral';
    87. 

  87. 	}
    88. 

  88. 

  89. 	$solutionType = 'Sole';
    90. 

  90. 	$landingPage = 'Billing';
    91. 

  91. 	// For payment with Paypal only
    92. 

  92. 	if (getDolGlobalString('PAYPAL_API_INTEGRAL_OR_PAYPALONLY') == 'paypalonly') {
    93. 

  93. 		$solutionType = 'Mark';
    94. 

  94. 		$landingPage = 'Login';
    95. 

  95. 	}
    96. 

  96. 	// For payment with Credit card or Paypal
    97. 

  97. 	if (getDolGlobalString('PAYPAL_API_INTEGRAL_OR_PAYPALONLY') == 'integral') {
    98. 

  98. 		$solutionType = 'Sole';
    99. 

  99. 		$landingPage = 'Billing';
    100. 

  100. 	}
    101. 

  101. 	// For payment with Credit card
    102. 

  102. 	if (getDolGlobalString('PAYPAL_API_INTEGRAL_OR_PAYPALONLY') == 'cconly') {
    103. 

  103. 		$solutionType = 'Sole';
    104. 

  104. 		$landingPage = 'Billing';
    105. 

  105. 	}
    106. 

  106. 

  107. 	dol_syslog("print_paypal_redirect expresscheckout redirect with callSetExpressCheckout $paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $tag, $solutionType, $landingPage, $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum");
    108. 

  108. 	$resArray = callSetExpressCheckout(
    109. 

  109. 		$paymentAmount,
    110. 

  110. 		$currencyCodeType,
    111. 

  111. 		$paymentType,
    112. 

  112. 		$returnURL,
    113. 

  113. 		$cancelURL,
    114. 

  114. 		$tag,
    115. 

  115. 		$solutionType,
    116. 

  116. 		$landingPage,
    117. 

  117. 		$shipToName,
    118. 

  118. 		$shipToStreet,
    119. 

  119. 		$shipToCity,
    120. 

  120. 		$shipToState,
    121. 

  121. 		$shipToCountryCode,
    122. 

  122. 		$shipToZip,
    123. 

  123. 		$shipToStreet2,
    124. 

  124. 		$phoneNum,
    125. 

  125. 		$email,
    126. 

  126. 		$desc
    127. 

  127. 	);
    128. 

  128. 

  129. 	dol_syslog("print_paypal_redirect resArray=".var_export($resArray, true), LOG_DEBUG);
    130. 

  130. 

  131. 	$ack = strtoupper($resArray["ACK"]);
    132. 

  132. 	if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING") {
    133. 

  133. 		$token = $resArray["TOKEN"];
    134. 

  134. 

  135. 		// Redirect to paypal.com here
    136. 

  136. 		$payPalURL = $API_Url.$token;
    137. 

  137. 		dol_syslog("Redirect to ".$payPalURL, LOG_INFO);
    138. 

  138. 		header("Location: ".$payPalURL);
    139. 

  139. 		exit;
    140. 

  140. 	} else {
    141. 

  141. 		//Display a user friendly Error on the page using any of the following error information returned by PayPal
    142. 

  142. 		$ErrorCode = urldecode($resArray["L_ERRORCODE0"]);
    143. 

  143. 		$ErrorShortMsg = urldecode($resArray["L_SHORTMESSAGE0"]);
    144. 

  144. 		$ErrorLongMsg = urldecode($resArray["L_LONGMESSAGE0"]);
    145. 

  145. 		$ErrorSeverityCode = urldecode($resArray["L_SEVERITYCODE0"]);
    146. 

  146. 

  147. 		if ($ErrorCode == 10729) {
    148. 

  148. 			$mesg = "PayPal can't accept payments for this thirdparty. An address is defined but is not complete (missing State).<br>Ask system administrator to fix address or to setup Paypal module to accept payments even on not complete addresses (remove option PAYPAL_REQUIRE_VALID_SHIPPING_ADDRESS).<br>\n";
    149. 

  149. 		} else {
    150. 

  150. 			$mesg = $langs->trans('SetExpressCheckoutAPICallFailed')."<br>\n";
    151. 

  151. 			$mesg .= $langs->trans('DetailedErrorMessage').": ".$ErrorLongMsg."<br>\n";
    152. 

  152. 			$mesg .= $langs->trans('ShortErrorMessage').": ".$ErrorShortMsg."<br>\n";
    153. 

  153. 			$mesg .= $langs->trans('ErrorCode').": ".$ErrorCode."<br>\n";
    154. 

  154. 			$mesg .= $langs->trans('ErrorSeverityCode').": ".$ErrorSeverityCode."<br>\n";
    155. 

  155. 		}
    156. 

  156. 

  157. 		return $mesg;
    158. 

  158. 	}
    159. 

  159. }
    160. 

  160. 

  161. /**
    162. 

  162.  *-------------------------------------------------------------------------------------------------------------------------------------------
    163. 

  163.  * Purpose:     Prepares the parameters for the SetExpressCheckout API Call.
    164. 

  164.  * Inputs:
    165. 

  165.  *      paymentAmount:      Total value of the shopping cart
    166. 

  166.  *      currencyCodeType:   Currency code value the PayPal API
    167. 

  167.  *      paymentType:        paymentType has to be one of the following values: Sale or Order or Authorization
    168. 

  168.  *      returnURL:          the page where buyers return to after they are done with the payment review on PayPal
    169. 

  169.  *      cancelURL:          the page where buyers return to when they cancel the payment review on PayPal
    170. 

  170.  *      shipToName:     the Ship to name entered on the merchant's site
    171. 

  171.  *      shipToStreet:       the Ship to Street entered on the merchant's site
    172. 

  172.  *      shipToCity:         the Ship to City entered on the merchant's site
    173. 

  173.  *      shipToState:        the Ship to State entered on the merchant's site
    174. 

  174.  *      shipToCountryCode:  the Code for Ship to Country entered on the merchant's site
    175. 

  175.  *      shipToZip:          the Ship to ZipCode entered on the merchant's site
    176. 

  176.  *      shipToStreet2:      the Ship to Street2 entered on the merchant's site
    177. 

  177.  *      phoneNum:           the phoneNum  entered on the merchant's site
    178. 

  178.  *      email:              the buyer email
    179. 

  179.  *      desc:               Product description
    180. 

  180.  * See https://developer.paypal.com/docs/classic/api/merchant/SetExpressCheckout_API_Operation_NVP/
    181. 

  181.  *
    182. 

  182.  * @param 	double 			$paymentAmount		Payment amount
    183. 

  183.  * @param 	string 			$currencyCodeType	Currency
    184. 

  184.  * @param 	string 			$paymentType		Payment type
    185. 

  185.  * @param 	string 			$returnURL			Return Url
    186. 

  186.  * @param 	string 			$cancelURL			Cancel Url
    187. 

  187.  * @param 	string 			$tag				Full tag
    188. 

  188.  * @param 	string 			$solutionType		Type ('Mark' or 'Sole')
    189. 

  189.  * @param 	string 			$landingPage		Landing page ('Login' or 'Billing')
    190. 

  190.  * @param	string			$shipToName			Ship to name
    191. 

  191.  * @param	string			$shipToStreet		Ship to street
    192. 

  192.  * @param	string			$shipToCity			Ship to city
    193. 

  193.  * @param	string			$shipToState		Ship to state
    194. 

  194.  * @param	string			$shipToCountryCode	Ship to country code
    195. 

  195.  * @param	string			$shipToZip			Ship to zip
    196. 

  196.  * @param	string			$shipToStreet2		Ship to street2
    197. 

  197.  * @param	string			$phoneNum			Phone
    198. 

  198.  * @param	string			$email				Email
    199. 

  199.  * @param	string			$desc				Description
    200. 

  200.  * @return	array								Array
    201. 

  201.  */
    202. 

  202. function callSetExpressCheckout($paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL, $tag, $solutionType, $landingPage, $shipToName, $shipToStreet, $shipToCity, $shipToState, $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum, $email = '', $desc = '')
    203. 

  203. {
    204. 

  204. 	//------------------------------------------------------------------------------------------------------------------------------------
    205. 

  205. 	// Construct the parameter string that describes the SetExpressCheckout API call in the shortcut implementation
    206. 

  206. 

  207. 	//declaring of global variables
    208. 

  208. 	global $conf, $langs, $mysoc;
    209. 

  209. 	global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
    210. 

  210. 	global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
    211. 

  211. 

  212. 	$nvpstr = '';
    213. 

  213. 	//$nvpstr = $nvpstr . "&VERSION=".$API_version;				// Already added by hash_call
    214. 

  214. 	$nvpstr = $nvpstr."&RETURNURL=".urlencode($returnURL);
    215. 

  215. 	$nvpstr = $nvpstr."&CANCELURL=".urlencode($cancelURL);
    216. 

  216. 	if (getDolGlobalString('PAYPAL_ALLOW_NOTES')) {
    217. 

  217. 		$nvpstr = $nvpstr."&ALLOWNOTE=0";
    218. 

  218. 	}
    219. 

  219. 	if (!getDolGlobalString('PAYPAL_REQUIRE_VALID_SHIPPING_ADDRESS')) {
    220. 

  220. 		$nvpstr = $nvpstr."&NOSHIPPING=1"; // An empty or not complete shipping address will be accepted
    221. 

  221. 	} else {
    222. 

  222. 		$nvpstr = $nvpstr."&NOSHIPPING=0"; // A valid shipping address is required (full required fields mandatory)
    223. 

  223. 	}
    224. 

  224. 	$nvpstr = $nvpstr."&SOLUTIONTYPE=".urlencode($solutionType);
    225. 

  225. 	$nvpstr = $nvpstr."&LANDINGPAGE=".urlencode($landingPage);
    226. 

  226. 	if (getDolGlobalString('PAYPAL_CUSTOMER_SERVICE_NUMBER')) {
    227. 

  227. 		$nvpstr = $nvpstr."&CUSTOMERSERVICENUMBER=".urlencode($conf->global->PAYPAL_CUSTOMER_SERVICE_NUMBER); // Hotline phone number
    228. 

  228. 	}
    229. 

  229. 

  230. 	$paypalprefix = 'PAYMENTREQUEST_0_';
    231. 

  231. 	//$paypalprefix = '';
    232. 

  232. 	if (!empty($paypalprefix) && $paymentType == 'Sole') {
    233. 

  233. 		$paymentType = 'Sale';
    234. 

  234. 	}
    235. 

  235. 

  236. 	$nvpstr = $nvpstr."&AMT=".urlencode($paymentAmount); // Total for all elements
    237. 

  237. 

  238. 	$nvpstr = $nvpstr."&".$paypalprefix."INVNUM=".urlencode($tag);
    239. 

  239. 	$nvpstr = $nvpstr."&".$paypalprefix."AMT=".urlencode($paymentAmount); // AMT deprecated by paypal -> PAYMENTREQUEST_n_AMT
    240. 

  240. 	$nvpstr = $nvpstr."&".$paypalprefix."ITEMAMT=".urlencode($paymentAmount); // AMT deprecated by paypal -> PAYMENTREQUEST_n_AMT
    241. 

  241. 	$nvpstr = $nvpstr."&".$paypalprefix."PAYMENTACTION=".urlencode($paymentType); // PAYMENTACTION deprecated by paypal -> PAYMENTREQUEST_n_PAYMENTACTION
    242. 

  242. 	$nvpstr = $nvpstr."&".$paypalprefix."CURRENCYCODE=".urlencode($currencyCodeType); // CURRENCYCODE deprecated by paypal -> PAYMENTREQUEST_n_CURRENCYCODE
    243. 

  243. 

  244. 	$nvpstr = $nvpstr."&".$paypalprefix."L_PAYMENTREQUEST_0_QTY0=1";
    245. 

  245. 	$nvpstr = $nvpstr."&".$paypalprefix."L_PAYMENTREQUEST_0_AMT0=".urlencode($paymentAmount);
    246. 

  246. 	$nvpstr = $nvpstr."&".$paypalprefix."L_PAYMENTREQUEST_0_NAME0=".urlencode($desc);
    247. 

  247. 	$nvpstr = $nvpstr."&".$paypalprefix."L_PAYMENTREQUEST_0_NUMBER0=0";
    248. 

  248. 

  249. 	$nvpstr = $nvpstr."&".$paypalprefix."SHIPTONAME=".urlencode($shipToName); // SHIPTONAME deprecated by paypal -> PAYMENTREQUEST_n_SHIPTONAME
    250. 

  250. 	$nvpstr = $nvpstr."&".$paypalprefix."SHIPTOSTREET=".urlencode($shipToStreet); //
    251. 

  251. 	$nvpstr = $nvpstr."&".$paypalprefix."SHIPTOSTREET2=".urlencode($shipToStreet2);
    252. 

  252. 	$nvpstr = $nvpstr."&".$paypalprefix."SHIPTOCITY=".urlencode($shipToCity);
    253. 

  253. 	$nvpstr = $nvpstr."&".$paypalprefix."SHIPTOSTATE=".urlencode($shipToState);
    254. 

  254. 	$nvpstr = $nvpstr."&".$paypalprefix."SHIPTOCOUNTRYCODE=".urlencode($shipToCountryCode);
    255. 

  255. 	$nvpstr = $nvpstr."&".$paypalprefix."SHIPTOZIP=".urlencode($shipToZip);
    256. 

  256. 	$nvpstr = $nvpstr."&".$paypalprefix."PHONENUM=".urlencode($phoneNum);
    257. 

  257. 	if (!empty($email)) {
    258. 

  258. 		$nvpstr = $nvpstr."&".$paypalprefix."EMAIL=".urlencode($email); // EMAIL deprecated by paypal -> PAYMENTREQUEST_n_EMAIL
    259. 

  259. 	}
    260. 

  260. 	if (!empty($desc)) {
    261. 

  261. 		$nvpstr = $nvpstr."&".$paypalprefix."DESC=".urlencode($desc); // DESC deprecated by paypal -> PAYMENTREQUEST_n_DESC
    262. 

  262. 	}
    263. 

  263. 

  264. 	if (getDolGlobalString('PAYPAL_LOGOIMG') && $mysoc->logo) {
    265. 

  265. 		global $dolibarr_main_url_root;
    266. 

  266. 

  267. 		// Define $urlwithroot
    268. 

  268. 		$urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
    269. 

  269. 		$urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
    270. 

  270. 		//$urlwithroot=DOL_MAIN_URL_ROOT;					// This is to use same domain name than current
    271. 

  271. 

  272. 		$urllogo = $urlwithroot."/viewimage.php?modulepart=mycompany&file=".urlencode('logos/'.$mysoc->logo);
    273. 

  273. 		$nvpstr = $nvpstr."&LOGOIMG=".urlencode($urllogo);
    274. 

  274. 	}
    275. 

  275. 	if (getDolGlobalString('PAYPAL_BRANDNAME')) {
    276. 

  276. 		$nvpstr = $nvpstr."&BRANDNAME=".urlencode($conf->global->PAYPAL_BRANDNAME); // BRANDNAME
    277. 

  277. 	}
    278. 

  278. 	if (getDolGlobalString('PAYPAL_NOTETOBUYER')) {
    279. 

  279. 		$nvpstr = $nvpstr."&NOTETOBUYER=".urlencode($conf->global->PAYPAL_NOTETOBUYER); // PAYPAL_NOTETOBUYER
    280. 

  280. 	}
    281. 

  281. 

  282. 	$_SESSION["FinalPaymentAmt"] = $paymentAmount;
    283. 

  283. 	$_SESSION["currencyCodeType"] = $currencyCodeType;
    284. 

  284. 	$_SESSION["PaymentType"] = $paymentType; // 'Mark', 'Sole'
    285. 

  285. 	$_SESSION['ipaddress'] = getUserRemoteIP(); // Payer ip
    286. 

  286. 

  287. 	//'---------------------------------------------------------------------------------------------------------------
    288. 

  288. 	//' Make the API call to PayPal
    289. 

  289. 	//' If the API call succeded, then redirect the buyer to PayPal to begin to authorize payment.
    290. 

  290. 	//' If an error occured, show the resulting errors
    291. 

  291. 	//'---------------------------------------------------------------------------------------------------------------
    292. 

  292. 	$resArray = hash_call("SetExpressCheckout", $nvpstr);
    293. 

  293. 	$ack = strtoupper($resArray["ACK"]);
    294. 

  294. 	if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING") {
    295. 

  295. 		$token = urldecode($resArray["TOKEN"]);
    296. 

  296. 		$_SESSION['TOKEN'] = $token;
    297. 

  297. 	}
    298. 

  298. 

  299. 	return $resArray;
    300. 

  300. }
    301. 

  301. 

  302. /**
    303. 

  303.  * 	Prepares the parameters for the GetExpressCheckoutDetails API Call.
    304. 

  304.  *
    305. 

  305.  *	@param	string	$token		Token
    306. 

  306.  *	@return	array				The NVP Collection object of the GetExpressCheckoutDetails Call Response.
    307. 

  307.  */
    308. 

  308. function getDetails($token)
    309. 

  309. {
    310. 

  310. 	//'--------------------------------------------------------------
    311. 

  311. 	//' At this point, the buyer has completed authorizing the payment
    312. 

  312. 	//' at PayPal.  The function will call PayPal to obtain the details
    313. 

  313. 	//' of the authorization, incuding any shipping information of the
    314. 

  314. 	//' buyer.  Remember, the authorization is not a completed transaction
    315. 

  315. 	//' at this state - the buyer still needs an additional step to finalize
    316. 

  316. 	//' the transaction
    317. 

  317. 	//'--------------------------------------------------------------
    318. 

  318. 

  319. 	//declaring of global variables
    320. 

  320. 	global $conf, $langs;
    321. 

  321. 	global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
    322. 

  322. 	global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
    323. 

  323. 

  324. 	//'---------------------------------------------------------------------------
    325. 

  325. 	//' Build a second API request to PayPal, using the token as the
    326. 

  326. 	//'  ID to get the details on the payment authorization
    327. 

  327. 	//'---------------------------------------------------------------------------
    328. 

  328. 	$nvpstr = "&TOKEN=".$token;
    329. 

  329. 

  330. 	//'---------------------------------------------------------------------------
    331. 

  331. 	//' Make the API call and store the results in an array.
    332. 

  332. 	//' If the call was a success, show the authorization details, and provide
    333. 

  333. 	//'     an action to complete the payment.
    334. 

  334. 	//' If failed, show the error
    335. 

  335. 	//'---------------------------------------------------------------------------
    336. 

  336. 	$resArray = hash_call("GetExpressCheckoutDetails", $nvpstr);
    337. 

  337. 	$ack = strtoupper($resArray["ACK"]);
    338. 

  338. 	if ($ack == "SUCCESS" || $ack == "SUCCESSWITHWARNING") {
    339. 

  339. 		$_SESSION['payer_id'] = $resArray['PAYERID'];
    340. 

  340. 	}
    341. 

  341. 	return $resArray;
    342. 

  342. }
    343. 

  343. 

  344. 

  345. /**
    346. 

  346.  *	Validate payment
    347. 

  347.  *
    348. 

  348.  *	@param	string	$token				Token
    349. 

  349.  *	@param	string	$paymentType		Type
    350. 

  350.  *	@param	string	$currencyCodeType	Currency
    351. 

  351.  *	@param	string	$payerID			Payer ID
    352. 

  352.  *	@param	string	$ipaddress			IP Address
    353. 

  353.  *	@param	string	$FinalPaymentAmt	Amount
    354. 

  354.  *	@param	string	$tag				Full tag
    355. 

  355.  *	@return	array
    356. 

  356.  */
    357. 

  357. function confirmPayment($token, $paymentType, $currencyCodeType, $payerID, $ipaddress, $FinalPaymentAmt, $tag)
    358. 

  358. {
    359. 

  359. 	/* Gather the information to make the final call to
    360. 

  360. 	 finalize the PayPal payment.  The variable nvpstr
    361. 

  361. 	 holds the name value pairs
    362. 

  362. 	 */
    363. 

  363. 

  364. 	//declaring of global variables
    365. 

  365. 	global $conf, $langs;
    366. 

  366. 	global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
    367. 

  367. 	global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
    368. 

  368. 

  369. 	$nvpstr = '';
    370. 

  370. 	$nvpstr .= '&TOKEN='.urlencode($token);
    371. 

  371. 	$nvpstr .= '&PAYERID='.urlencode($payerID);
    372. 

  372. 	$nvpstr .= '&PAYMENTACTION='.urlencode($paymentType);
    373. 

  373. 	$nvpstr .= '&AMT='.urlencode($FinalPaymentAmt);
    374. 

  374. 	$nvpstr .= '&CURRENCYCODE='.urlencode($currencyCodeType);
    375. 

  375. 	$nvpstr .= '&IPADDRESS='.urlencode($ipaddress);
    376. 

  376. 	$nvpstr .= '&INVNUM='.urlencode($tag);
    377. 

  377. 

  378. 	/* Make the call to PayPal to finalize payment
    379. 

  379. 	 If an error occured, show the resulting errors
    380. 

  380. 	 */
    381. 

  381. 	$resArray = hash_call("DoExpressCheckoutPayment", $nvpstr);
    382. 

  382. 

  383. 	/* Display the API response back to the browser.
    384. 

  384. 	 If the response from PayPal was a success, display the response parameters'
    385. 

  385. 	 If the response was an error, display the errors received using APIError.php.
    386. 

  386. 	 */
    387. 

  387. 	$ack = strtoupper($resArray["ACK"]);
    388. 

  388. 

  389. 	return $resArray;
    390. 

  390. }
    391. 

  391. 

  392. /**
    393. 

  393.  *	This function makes a DoDirectPayment API call
    394. 

  394.  *
    395. 

  395.  *  paymentType:        paymentType has to be one of the following values: Sale or Order or Authorization
    396. 

  396.  *  paymentAmount:      total value of the shopping cart
    397. 

  397.  *  currencyCode:       currency code value the PayPal API
    398. 

  398.  *  firstName:          first name as it appears on credit card
    399. 

  399.  *  lastName:           last name as it appears on credit card
    400. 

  400.  *  street:             buyer's street address line as it appears on credit card
    401. 

  401.  *  city:               buyer's city
    402. 

  402.  *  state:              buyer's state
    403. 

  403.  *  countryCode:        buyer's country code
    404. 

  404.  *  zip:                buyer's zip
    405. 

  405.  *  creditCardType:     buyer's credit card type (i.e. Visa, MasterCard ... )
    406. 

  406.  *  creditCardNumber:   buyers credit card number without any spaces, dashes or any other characters
    407. 

  407.  *  expDate:            credit card expiration date
    408. 

  408.  *  cvv2:               Card Verification Value
    409. 

  409.  *	@return		array	The NVP Collection object of the DoDirectPayment Call Response.
    410. 

  410.  */
    411. 

  411. /*
    412. 

  412. function DirectPayment($paymentType, $paymentAmount, $creditCardType, $creditCardNumber, $expDate, $cvv2, $firstName, $lastName, $street, $city, $state, $zip, $countryCode, $currencyCode, $tag)
    413. 

  413. {
    414. 

  414. 	//declaring of global variables
    415. 

  415. 	global $conf, $langs;
    416. 

  416. 	global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
    417. 

  417. 	global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
    418. 

  418. 

  419. 	//Construct the parameter string that describes DoDirectPayment
    420. 

  420. 	$nvpstr = '';
    421. 

  421. 	$nvpstr = $nvpstr . "&AMT=" . urlencode($paymentAmount);              // deprecated by paypal
    422. 

  422. 	$nvpstr = $nvpstr . "&CURRENCYCODE=" . urlencode($currencyCode);
    423. 

  423. 	$nvpstr = $nvpstr . "&PAYMENTACTION=" . urlencode($paymentType);      // deprecated by paypal
    424. 

  424. 	$nvpstr = $nvpstr . "&CREDITCARDTYPE=" . urlencode($creditCardType);
    425. 

  425. 	$nvpstr = $nvpstr . "&ACCT=" . urlencode($creditCardNumber);
    426. 

  426. 	$nvpstr = $nvpstr . "&EXPDATE=" . urlencode($expDate);
    427. 

  427. 	$nvpstr = $nvpstr . "&CVV2=" . urlencode($cvv2);
    428. 

  428. 	$nvpstr = $nvpstr . "&FIRSTNAME=" . urlencode($firstName);
    429. 

  429. 	$nvpstr = $nvpstr . "&LASTNAME=" . urlencode($lastName);
    430. 

  430. 	$nvpstr = $nvpstr . "&STREET=" . urlencode($street);
    431. 

  431. 	$nvpstr = $nvpstr . "&CITY=" . urlencode($city);
    432. 

  432. 	$nvpstr = $nvpstr . "&STATE=" . urlencode($state);
    433. 

  433. 	$nvpstr = $nvpstr . "&COUNTRYCODE=" . urlencode($countryCode);
    434. 

  434. 	$nvpstr = $nvpstr . "&IPADDRESS=" . getUserRemotIP();
    435. 

  435. 	$nvpstr = $nvpstr . "&INVNUM=" . urlencode($tag);
    436. 

  436. 

  437. 	$resArray=hash_call("DoDirectPayment", $nvpstr);
    438. 

  438. 

  439. 	return $resArray;
    440. 

  440. }
    441. 

  441. */
    442. 

  442. 

  443. 

  444. /**
    445. 

  445.  * hash_call: Function to perform the API call to PayPal using API signature
    446. 

  446.  *
    447. 

  447.  * @param	string	$methodName 	is name of API  method.
    448. 

  448.  * @param	string	$nvpStr 		is nvp string.
    449. 

  449.  * @return	array					returns an associtive array containing the response from the server.
    450. 

  450.  */
    451. 

  451. function hash_call($methodName, $nvpStr)
    452. 

  452. {
    453. 

  453. 	//declaring of global variables
    454. 

  454. 	global $conf, $langs;
    455. 

  455. 	global $API_Endpoint, $API_Url, $API_version, $USE_PROXY, $PROXY_HOST, $PROXY_PORT, $PROXY_USER, $PROXY_PASS;
    456. 

  456. 	global $PAYPAL_API_USER, $PAYPAL_API_PASSWORD, $PAYPAL_API_SIGNATURE;
    457. 

  457. 

  458. 	// TODO problem with triggers
    459. 

  459. 	$API_version = "98.0";
    460. 

  460. 	if (getDolGlobalString('PAYPAL_API_SANDBOX') || GETPOST('forcesandbox', 'alpha')) {		// We can force sand box with param 'forcesandbox'
    461. 

  461. 		$API_Endpoint = "https://api-3t.sandbox.paypal.com/nvp";
    462. 

  462. 		$API_Url = "https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token=";
    463. 

  463. 	} else {
    464. 

  464. 		$API_Endpoint = "https://api-3t.paypal.com/nvp";
    465. 

  465. 		$API_Url = "https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=";
    466. 

  466. 	}
    467. 

  467. 

  468. 	// Clean parameters
    469. 

  469. 	$PAYPAL_API_USER = "";
    470. 

  470. 	if (getDolGlobalString('PAYPAL_API_USER')) {
    471. 

  471. 		$PAYPAL_API_USER = $conf->global->PAYPAL_API_USER;
    472. 

  472. 	}
    473. 

  473. 	$PAYPAL_API_PASSWORD = "";
    474. 

  474. 	if (getDolGlobalString('PAYPAL_API_PASSWORD')) {
    475. 

  475. 		$PAYPAL_API_PASSWORD = $conf->global->PAYPAL_API_PASSWORD;
    476. 

  476. 	}
    477. 

  477. 	$PAYPAL_API_SIGNATURE = "";
    478. 

  478. 	if (getDolGlobalString('PAYPAL_API_SIGNATURE')) {
    479. 

  479. 		$PAYPAL_API_SIGNATURE = $conf->global->PAYPAL_API_SIGNATURE;
    480. 

  480. 	}
    481. 

  481. 	$PAYPAL_API_SANDBOX = "";
    482. 

  482. 	if (getDolGlobalString('PAYPAL_API_SANDBOX')) {
    483. 

  483. 		$PAYPAL_API_SANDBOX = $conf->global->PAYPAL_API_SANDBOX;
    484. 

  484. 	}
    485. 

  485. 	// TODO END problem with triggers
    486. 

  486. 

  487. 	dol_syslog("Paypal API endpoint ".$API_Endpoint);
    488. 

  488. 

  489. 	//setting the curl parameters.
    490. 

  490. 	$ch = curl_init();
    491. 

  491. 

  492. 	/*print $API_Endpoint."-".$API_version."-".$PAYPAL_API_USER."-".$PAYPAL_API_PASSWORD."-".$PAYPAL_API_SIGNATURE."<br>";
    493. 

  493. 	 print $USE_PROXY."-".$gv_ApiErrorURL."<br>";
    494. 

  494. 	 print $nvpStr;
    495. 

  495. 	 exit;*/
    496. 

  496. 	curl_setopt($ch, CURLOPT_URL, $API_Endpoint);
    497. 

  497. 	curl_setopt($ch, CURLOPT_VERBOSE, 1);
    498. 

  498. 	// TLSv1 by default or change to TLSv1.2 in module configuration
    499. 

  499. 	curl_setopt($ch, CURLOPT_SSLVERSION, (!getDolGlobalString('PAYPAL_SSLVERSION') ? 1 : $conf->global->PAYPAL_SSLVERSION));
    500. 

  500. 

  501. 	$ssl_verifypeer = -1;
    502. 

  502. 

  503. 	// Turning on or off the ssl target certificate
    504. 

  504. 	if ($ssl_verifypeer < 0) {
    505. 

  505. 		global $dolibarr_main_prod;
    506. 

  506. 		$ssl_verifypeer =  ($dolibarr_main_prod ? true : false);
    507. 

  507. 	}
    508. 

  508. 	if (getDolGlobalString('MAIN_CURL_DISABLE_VERIFYPEER')) {
    509. 

  509. 		$ssl_verifypeer = 0;
    510. 

  510. 	}
    511. 

  511. 

  512. 	//turning off the server and peer verification(TrustManager Concept).
    513. 

  513. 	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, ($ssl_verifypeer ? true : false));
    514. 

  514. 	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, ($ssl_verifypeer ? true : false));
    515. 

  515. 

  516. 	curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, !getDolGlobalString('MAIN_USE_CONNECT_TIMEOUT') ? 5 : $conf->global->MAIN_USE_CONNECT_TIMEOUT);
    517. 

  517. 	curl_setopt($ch, CURLOPT_TIMEOUT, !getDolGlobalString('MAIN_USE_RESPONSE_TIMEOUT') ? 30 : $conf->global->MAIN_USE_RESPONSE_TIMEOUT);
    518. 

  518. 

  519. 	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    520. 

  520. 	curl_setopt($ch, CURLOPT_POST, 1);
    521. 

  521. 

  522. 	//if USE_PROXY constant set to true in Constants.php, then only proxy will be enabled.
    523. 

  523. 	if ($USE_PROXY) {
    524. 

  524. 		dol_syslog("Paypal API hash_call set proxy to ".$PROXY_HOST.":".$PROXY_PORT." - ".$PROXY_USER.":".$PROXY_PASS);
    525. 

  525. 		//curl_setopt ($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); // Curl 7.10
    526. 

  526. 		curl_setopt($ch, CURLOPT_PROXY, $PROXY_HOST.":".$PROXY_PORT);
    527. 

  527. 		if ($PROXY_USER) {
    528. 

  528. 			curl_setopt($ch, CURLOPT_PROXYUSERPWD, $PROXY_USER.":".$PROXY_PASS);
    529. 

  529. 		}
    530. 

  530. 	}
    531. 

  531. 

  532. 	//NVPRequest for submitting to server
    533. 

  533. 	$nvpreq = "METHOD=".urlencode($methodName)."&VERSION=".urlencode($API_version)."&PWD=".urlencode($PAYPAL_API_PASSWORD)."&USER=".urlencode($PAYPAL_API_USER)."&SIGNATURE=".urlencode($PAYPAL_API_SIGNATURE).$nvpStr;
    534. 

  534. 	$nvpreq .= "&LOCALECODE=".strtoupper($langs->getDefaultLang(1));
    535. 

  535. 	//$nvpreq.="&BRANDNAME=".urlencode();       // Override merchant name
    536. 

  536. 	//$nvpreq.="&NOTIFYURL=".urlencode();       // For Instant Payment Notification url
    537. 

  537. 

  538. 

  539. 	dol_syslog("Paypal API hash_call nvpreq=".$nvpreq);
    540. 

  540. 

  541. 	//setting the nvpreq as POST FIELD to curl
    542. 

  542. 	curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq);
    543. 

  543. 

  544. 	//getting response from server
    545. 

  545. 	$response = curl_exec($ch);
    546. 

  546. 

  547. 	$nvpReqArray = deformatNVP($nvpreq);
    548. 

  548. 	$_SESSION['nvpReqArray'] = $nvpReqArray;
    549. 

  549. 

  550. 	//convrting NVPResponse to an Associative Array
    551. 

  551. 	dol_syslog("Paypal API hash_call Response nvpresp=".$response);
    552. 

  552. 	$nvpResArray = deformatNVP($response);
    553. 

  553. 

  554. 	if (curl_errno($ch)) {
    555. 

  555. 		// moving to display page to display curl errors
    556. 

  556. 		$_SESSION['curl_error_no'] = curl_errno($ch);
    557. 

  557. 		$_SESSION['curl_error_msg'] = curl_error($ch);
    558. 

  558. 

  559. 	//Execute the Error handling module to display errors.
    560. 

  560. 	} else {
    561. 

  561. 		//closing the curl
    562. 

  562. 		curl_close($ch);
    563. 

  563. 	}
    564. 

  564. 

  565. 	return $nvpResArray;
    566. 

  566. }
    567. 

  567. 

  568. 

  569. /**
    570. 

  570.  * This function will take NVPString and convert it to an Associative Array and it will decode the response.
    571. 

  571.  * It is usefull to search for a particular key and displaying arrays.
    572. 

  572.  *
    573. 

  573.  * @param	string	$nvpstr 		NVPString
    574. 

  574.  * @return	array					nvpArray = Associative Array
    575. 

  575.  */
    576. 

  576. function deformatNVP($nvpstr)
    577. 

  577. {
    578. 

  578. 	$intial = 0;
    579. 

  579. 	$nvpArray = array();
    580. 

  580. 

  581. 	while (strlen($nvpstr)) {
    582. 

  582. 		//postion of Key
    583. 

  583. 		$keypos = strpos($nvpstr, '=');
    584. 

  584. 		//position of value
    585. 

  585. 		$valuepos = strpos($nvpstr, '&') ? strpos($nvpstr, '&') : strlen($nvpstr);
    586. 

  586. 

  587. 		/*getting the Key and Value values and storing in a Associative Array*/
    588. 

  588. 		$keyval = substr($nvpstr, $intial, $keypos);
    589. 

  589. 		$valval = substr($nvpstr, $keypos + 1, $valuepos - $keypos - 1);
    590. 

  590. 		//decoding the respose
    591. 

  591. 		$nvpArray[urldecode($keyval)] = urldecode($valval);
    592. 

  592. 		$nvpstr = substr($nvpstr, $valuepos + 1, strlen($nvpstr));
    593. 

  593. 	}
    594. 

  594. 	return $nvpArray;
    595. 

  595. }
    596. 

  596. 

  597. /**
    598. 

  598.  * 	Get API errors
    599. 

  599.  *
    600. 

  600.  * 	@return	array		Array of errors
    601. 

  601.  */
    602. 

  602. function getApiError()
    603. 

  603. {
    604. 

  604. 	$errors = array();
    605. 

  605. 

  606. 	$resArray = $_SESSION['reshash'];
    607. 

  607. 

  608. 	if (isset($_SESSION['curl_error_no'])) {
    609. 

  609. 		$errors[] = $_SESSION['curl_error_no'].'-'.$_SESSION['curl_error_msg'];
    610. 

  610. 	}
    611. 

  611. 

  612. 	foreach ($resArray as $key => $value) {
    613. 

  613. 		$errors[] = $key.'-'.$value;
    614. 

  614. 	}
    615. 

  615. 

  616. 	return $errors;
    617. 

  617. }
    618.