* @package AgileBill * @version 1.4.93 */ /** * Base checkout plugin class * */ class base_checkout_plugin { protected $checkout_id; /* current checkout plugin id */ protected $name; /* plugin name */ var $type; /* redirect, gateway, or other */ var $recurr_only=false; /* bool */ var $return_url; /* return url */ var $success_url; /* decline url */ var $support_cur; /* supported currency array */ var $cfg; protected $flds; var $eft; /* true if checkout plugin type is eft */ var $req_all_flds=true; /* require all account fields (first/last name, address1, state/province, zip) */ var $req_fields_arr=false; /* if req_all_fields=false, use this array to define which fields will be required */ var $billing; /* the billing details */ var $account; /* the account level details */ /** * Get the checkout plugin settings from the database */ protected function getDetails($checkout_id) { if (! $checkout_id) return; $db = &DB(); $rs = $db->Execute(sqlSelect($db,'checkout','*',array('id'=>$checkout_id))); if ($rs && $rs->RecordCount()) { @$this->cfg = unserialize($rs->fields['plugin_data']); $this->flds = $rs->fields; $this->checkout_id = $rs->fields['id']; } } /** * Get the checkout plugin settings from the database */ protected function getDetailsName($checkout_name) { if (! $checkout_name) return; $db = &DB(); $rs = $db->Execute(sqlSelect($db,'checkout','*',array('name'=>$checkout_name))); if ($rs && $rs->RecordCount()) { @$this->cfg = unserialize($rs->fields['plugin_data']); $this->flds = $rs->fields; $this->checkout_id = $rs->fields['id']; } } public function getName() { return $this->name; } /** * Get country name, * * @param string $field name, two_code, or three_code */ function getCountry($field, $country_id) { $db = &DB(); $sql= 'SELECT '.$field.' FROM '.AGILE_DB_PREFIX.'country WHERE site_id='.DEFAULT_SITE.' AND id='.$country_id; $rs = $db->Execute($sql); if($rs == false || $rs->RecordCount() == 0) return "Not Defined"; else return $rs->fields["$field"]; } /** * Validate the current currency is allowed * * @return bool */ function validate_currency($currency_iso) { $do = false; for($i=0; $isupport_cur); $i++) if ($currency_iso == $this->support_cur[$i]) $do = true; if ( !$do ) { global $C_list, $C_translate; $C_translate->value['checkout']['currency'] = $C_list->currency_iso(DEFAULT_CURRENCY); $msg = $C_translate->translate('currency_not_supported','checkout',''); $this->redirect=''; return false; } return true; } /** * Validate the current credit card details */ function validate_card_details(&$ret) { // validate input fields if($this->req_all_flds) $this->req_fields_arr = Array('first_name','last_name', 'address1', 'state', 'zip'); if (is_array($this->req_fields_arr)) { $validate=true; global $VAR; foreach($this->req_fields_arr as $fld) { if(empty($this->billing["$fld"]) && empty($this->account["$fld"]) ) { $VAR["{$fld}_error"]=true; $validate=false; } } if(!$validate) { global $C_translate; $ret['status'] = 0; $ret['msg'] = $C_translate->translate('missing_fields','checkout',''); return false; } } // validate actual credit card details include_once(PATH_CORE . 'validate.inc.php'); $validate = new CORE_validate; $this->billing["cc_no"] == preg_replace('/^[0-9]/', '', $this->billing["cc_no"]); if (!$validate->validate_cc( $this->billing["cc_no"], false, $this->billing["card_type"], $this->cfg['card_type'] )) { $ret['status'] = 0; global $C_translate; $ret['msg'] = $C_translate->translate('card_invalid','checkout',''); } elseif (!$validate->validate_cc_exp(@$this->billing["exp_month"],@$this->billing["exp_year"])) { $ret['status'] = 0; global $C_translate; $ret['msg'] = $C_translate->translate('card_exp_invalid','checkout',''); } else { $ret['status'] = 1; return true; } return false; } /** * Validate the current eft card details */ function validate_eft_details(&$ret) { // validate input fields if($this->req_all_flds) $this->req_fields_arr = Array('first_name','last_name', 'address1', 'city', 'state', 'zip', 'eft_check_acct_type', 'eft_trn', 'eft_check_acct', 'phone'); if (is_array($this->req_fields_arr)) { $validate=true; global $VAR; foreach($this->req_fields_arr as $fld) { if(empty($this->billing["$fld"]) && empty($this->account["$fld"]) ) { $VAR["{$fld}_error"]=true; $validate=false; } } if(!$validate) { global $C_translate; $ret['status'] = 0; $ret['msg'] = $C_translate->translate('missing_fields','checkout',''); return false; } } $ret['status'] = 1; return true; } /** * Set the redirect URL and form values * * @param string $url * @param string $vals */ function post_vars($url,$vals) { $ret = '

'; foreach($vals as $v) $ret .=''; $ret .= ''; $this->redirect=$ret; } /** * Set array for processing order with a stored billing record * "getStoredArray" */ function setBillingFromDB($account_id, $account_billing_id, $checkout_plugin_id,$rebilling=false) { $db=&DB(); $ccrs=$db->Execute($sql=sqlSelect($db,"account_billing","*","account_id=::$account_id:: AND id=::$account_billing_id:: AND checkout_plugin_id=::$checkout_plugin_id::")); return $this->setBillingFromDBObj($ccrs); } /** * Get stored array by passing in database object */ function setBillingFromDBObj(&$ccrs,$rebilling=false) { if($ccrs && $ccrs->RecordCount()) { // account fields if(empty($ccrs->fields['address1'])) { if(!$this->setAccountFromDB($ccrs->fields['account_id'])) return false; } else { $this->account = Array( 'first_name'=> $ccrs->fields['first_name'], 'last_name'=> $ccrs->fields['last_name'], 'company'=> $ccrs->fields['company'], 'address1'=> $ccrs->fields['address1'], 'address2'=> $ccrs->fields['address2'], 'city'=> $ccrs->fields['city'], 'state'=> $ccrs->fields['state'], 'zip'=> $ccrs->fields['zip'], 'country_id'=> $ccrs->fields['country_id'], 'phone'=> $ccrs->fields['phone'], 'company' => $ccrs->fields['company'], 'email' => $ccrs->fields['email'] ); } // get the card or eft details & decrypt include_once(PATH_CORE.'crypt.inc.php'); $this->billing['card_type'] = $ccrs->fields['card_type']; $this->billing['rebilling'] = $rebilling; if($this->eft || $ccrs->fields['card_type']=='eft') { // stored eft $this->billing['eft_check_acct_type'] = $ccrs->fields['eft_check_acct_type']; $this->billing['eft_check_checkno'] = false; $this->billing['eft_check_acct'] = CORE_decrypt($ccrs->fields['eft_check_acct']); $this->billing['eft_trn'] = CORE_decrypt($ccrs->fields['eft_trn']); if(!empty($ccrs->fields['ssn'])) $this->billing['ssn'] = CORE_decrypt($ccrs->fields['ssn']); if(!empty($ccrs->fields['dob'])) $this->billing['dob'] = CORE_decrypt($ccrs->fields['dob']); if(!empty($ccrs->fields['dl_no'])) $this->billing['dl_no'] = CORE_decrypt($ccrs->fields['dl_no']); } else { // stored card $this->billing['cc_no'] = CORE_decrypt($ccrs->fields['card_num']); $this->billing['exp_month'] = $ccrs->fields['card_exp_month']; $this->billing['exp_year'] = $ccrs->fields['card_exp_year']; } /* write back params to global */ $this->setBillingParams(); return true; } else { return false; } } /** * Set account from account db table */ function setAccountFromDB($id) { $db=&DB(); $rs = $db->Execute(sqlSelect($db,"account","first_name,last_name,company,address1,address2,city,state,zip,country_id","id=::$id::")); if($rs&&$rs->RecordCount()) { $this->account = $rs->fields; return true; } return false; } /** * Set account and billing details from $VAR (user params) */ function setBillingFromParams($VAR) { global $VAR; @$a = $VAR['checkout_plugin_data']; @$this->billing = Array( 'card_type' => $a['card_type'], 'cc_no' => $a['cc_no'], 'ccv' => $a['ccv'], 'exp_month' => $a['exp_month'], 'exp_year' => $a['exp_year'], 'eft_check_acct_type' => $a['eft_check_acct_type'], 'eft_check_checkno' => $a['eft_check_checkno'], 'eft_check_acct' => $a['eft_check_acct'], 'eft_trn' => $a['eft_trn'], 'ssn' => $a['ssn'], 'dob' => $a['dob'], 'dl_no' => $a['dl_no'] ); @$this->account = Array( 'first_name' => stripslashes($a['first_name']), 'last_name' => stripslashes($a['last_name']), 'address1' => stripslashes($a['address1']), 'address2' => stripslashes($a['address2']), 'city' => stripslashes($a['city']), 'state' => stripslashes($a['state']), 'zip' => stripslashes($a['zip']), 'country_id' => stripslashes($a['country_id']), 'phone' => stripslashes($a['phone']), 'company' => stripslashes($a['company']), 'email' => stripslashes($a['email']) ); /* write back params for global */ $this->setBillingParams(); } /** * Write the vars back to the global VAR for availibilty on the checkout plugin templates */ function setBillingParams() { global $VAR; foreach($this->billing as $key=>$val) $VAR["$key"]=$val; foreach($this->account as $key=>$val) $VAR["$key"]=$val; } /** * Store the billing credit card entered */ function saveCreditCardDetails($VAR) { global $C_auth; if(!empty($VAR['account_id']) && $C_auth->auth_method_by_name('checkout','admin_checkoutnow')) $account_id=$VAR['account_id']; else $account_id=SESS_ACCOUNT; # Check if this card is already on file: $last_four = substr($this->billing['cc_no'],(strlen($this->billing['cc_no'])-4),4); $db = &DB(); $q = "SELECT id,card_exp_month,card_exp_year FROM ".AGILE_DB_PREFIX."account_billing WHERE site_id = ".$db->qstr(DEFAULT_SITE) ." AND account_id = ".$db->qstr($account_id) ." AND card_num4 = ".$db->qstr($last_four) ." AND checkout_plugin_id = ".$db->qstr($this->checkout_id) ." AND card_type = ".$db->qstr($this->billing['card_type']); $rs = $db->Execute($q); if($rs && $rs->RecordCount()) { $fields=Array('card_exp_month'=>$this->billing['exp_month'], 'card_exp_year'=>$this->billing['exp_year']); $db->Execute(sqlUpdate($db,"account_billing",$fields,"id = {$rs->fields['id']}")); return $rs->fields['id']; } include_once(PATH_CORE.'crypt.inc.php'); $card_num = CORE_encrypt ($this->billing['cc_no']); $id = $db->GenID(AGILE_DB_PREFIX . 'account_billing_id'); $sql = "INSERT INTO ".AGILE_DB_PREFIX."account_billing SET id = " . $db->qstr($id) . ", site_id = " . $db->qstr(DEFAULT_SITE) . ", account_id = " . $db->qstr(@$account_id) . ", checkout_plugin_id = " . $db->qstr(@$this->checkout_id) . ", card_type = " . $db->qstr(@$this->billing['card_type']) . ", card_num = " . $db->qstr(@$card_num) . ", card_num4 = " . $db->qstr(@$last_four) . ", card_exp_month = " . $db->qstr(@$this->billing['exp_month']) . ", card_exp_year = " . $db->qstr(@$this->billing['exp_year']) . ", card_start_month = " . $db->qstr(@$this->billing['start_month']) . ", card_start_year = " . $db->qstr(@$this->billing['start_year']) . ", first_name = " . $db->qstr(@$this->account['first_name']) . ", last_name = " . $db->qstr(@$this->account['last_name']) . ", address1 = " . $db->qstr(@$this->account['address1']) . ", address2 = " . $db->qstr(@$this->account['address2']) . ", city = " . $db->qstr(@$this->account['city']) . ", state = " . $db->qstr(@$this->account['state']) . ", zip = " . $db->qstr(@$this->account['zip']) . ", country_id = " . $db->qstr(@$this->account['country_id']) . ", phone = " . $db->qstr(@$this->account['phone']) . ", email = " . $db->qstr(@$this->account['email']) . ", company = " . $db->qstr(@$this->account['company']) ; $result = $db->Execute($sql); if ($result) return $id; return false; } /** * Store the billing EFT details entered */ function saveEFTDetails($VAR) { global $C_auth; if(!empty($VAR['account_id']) && $C_auth->auth_method_by_name('checkout','admin_checkoutnow')) $account_id=$VAR['account_id']; else $account_id=SESS_ACCOUNT; # Check if this card is already on file: $last_four = substr($this->billing['eft_check_acct'],(strlen($this->billing['eft_check_acct']) - 4),4); $db = &DB(); $q = "SELECT id,card_exp_month,card_exp_year FROM ".AGILE_DB_PREFIX."account_billing WHERE site_id = ".$db->qstr(DEFAULT_SITE) ." AND account_id = ".$db->qstr($account_id) ." AND card_num4 = ".$db->qstr($last_four) ." AND checkout_plugin_id = ".$db->qstr($this->checkout_id) ." AND card_type = ".$db->qstr($this->billing['card_type']); $rs = $db->Execute($q); if($rs && $rs->RecordCount()) { return $rs->fields['id']; } include_once(PATH_CORE.'crypt.inc.php'); $ssn=false; $dob=false; $dl_no=false; if(!empty($this->billing['dob'])) $dob = CORE_encrypt ($this->billing['dob']); if(!empty($this->billing['ssn'])) $ssn = CORE_encrypt ($this->billing['ssn']); if(!empty($this->billing['dl_no'])) $dl_no = CORE_encrypt ($this->billing['dl_no']); $check_acct = CORE_encrypt ($this->billing['eft_check_acct']); $trn = CORE_encrypt ($this->billing['eft_trn']); $id = $db->GenID(AGILE_DB_PREFIX . 'account_billing_id'); $sql = "INSERT INTO ".AGILE_DB_PREFIX."account_billing SET id = " . $db->qstr($id) . ", site_id = " . $db->qstr(DEFAULT_SITE) . ", account_id = " . $db->qstr($account_id) . ", checkout_plugin_id = " . $db->qstr($this->checkout_id) . ", card_num4 = " . $db->qstr($last_four) . ", card_type = " . $db->qstr(@$this->billing['card_type']) . ", eft_check_checkno = " . $db->qstr($this->billing['eft_check_checkno']) . ", eft_check_acct_type = " . $db->qstr($this->billing['eft_check_acct_type']) . ", eft_trn = " . $db->qstr($trn) . ", eft_check_acct = " . $db->qstr($check_acct) . ", dob = " . $db->qstr($dob) . ", dl_no = " . $db->qstr($dl_no) . ", ssn = " . $db->qstr($ssn) . ", first_name = " . $db->qstr(@$this->account['first_name']) . ", last_name = " . $db->qstr(@$this->account['last_name']) . ", address1 = " . $db->qstr(@$this->account['address1']) . ", address2 = " . $db->qstr(@$this->account['address2']) . ", city = " . $db->qstr(@$this->account['city']) . ", state = " . $db->qstr(@$this->account['state']) . ", zip = " . $db->qstr(@$this->account['zip']) . ", country_id = " . $db->qstr(@$this->account['country_id']) . ", phone = " . $db->qstr(@$this->account['phone']) . ", email = " . $db->qstr(@$this->account['email']) . ", company = " . $db->qstr(@$this->account['company']); $result = $db->Execute($sql); if ($result) return $id; return false; } } ?>