<?php
include_once "constants.php";
include_once 'getOrders.php';
/* -----------------------------------------------------------------------------
Version 2.0
------------------ Disclaimer --------------------------------------------------
Copyright 2004 Dialect Holdings. All rights reserved.
This document is provided by Dialect Holdings on the basis that you will treat
it as confidential.
No part of this document may be reproduced or copied in any form by any means
without the written permission of Dialect Holdings. Unless otherwise expressly
agreed in writing, the information contained in this document is subject to
change without notice and Dialect Holdings assumes no responsibility for any
alteration to, or any error or other deficiency, in this document.
All intellectual property rights in the Document and in all extracts and things
derived from any part of the Document are owned by Dialect and will be assigned
to Dialect on their creation. You will protect all the intellectual property
rights relating to the Document in a manner that is equal to the protection
you provide your own intellectual property. You will notify Dialect
immediately, and in writing where you become aware of a breach of Dialect's
intellectual property rights in relation to the Document.
The names "Dialect", "QSI Payments" and all similar words are trademarks of
Dialect Holdings and you must not use that name or any similar name.
Dialect may at its sole discretion terminate the rights granted in this
document with immediate effect by notifying you in writing and you will
thereupon return (or destroy and certify that destruction to Dialect) all
copies and extracts of the Document in its possession or control.
Dialect does not warrant the accuracy or completeness of the Document or its
content or its usefulness to you or your merchant customers. To the extent
permitted by law, all conditions and warranties implied by law (whether as to
fitness for any particular purpose or otherwise) are excluded. Where the
exclusion is not effective, Dialect limits its liability to $100 or the
resupply of the Document (at Dialect's option).
Data used in examples and sample data files are intended to be fictional and
any resemblance to real persons or companies is entirely coincidental.
Dialect does not indemnify you or any third party in relation to the content or
any use of the content as contemplated in these terms and conditions.
Mention of any product not owned by Dialect does not constitute an endorsement
of that product.
This document is governed by the laws of New South Wales, Australia and is
intended to be legally binding.
-------------------------------------------------------------------------------
Following is a copy of the disclaimer / license agreement provided by RSA:
Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All rights reserved.
License to copy and use this software is granted provided that it is identified
as the "RSA Data Security, Inc. MD5 Message-Digest Algorithm" in all material
mentioning or referencing this software or this function.
License is also granted to make and use derivative works provided that such
works are identified as "derived from the RSA Data Security, Inc. MD5
Message-Digest Algorithm" in all material mentioning or referencing the
derived work.
RSA Data Security, Inc. makes no representations concerning either the
merchantability of this software or the suitability of this software for any
particular purpose. It is provided "as is" without express or implied warranty
of any kind.
These notices must be retained in any copies of any part of this documentation
and/or software.
--------------------------------------------------------------------------------
This example assumes that a form has been sent to this example with the
required fields. The example then processes the command and displays the
receipt or error to a HTML page in the users web browser.
NOTE:
=====
You may have installed the libeay32.dll and ssleay32.dll libraries
into your x:\WINNT\system32 directory to run this example.
--------------------------------------------------------------------------------
@author Dialect Payment Solutions Pty Ltd Group
------------------------------------------------------------------------------*/
// *********************
// START OF MAIN PROGRAM
// *********************
// Define Constants
// ----------------
// This is secret for encoding the MD5 hash
// This secret will vary from merchant to merchant
// To not create a secure hash, let SECURE_SECRET be an empty string - ""
// $SECURE_SECRET = "secure-hash-secret";
$SECURE_SECRET = $axis_SECRET;
// If there has been a merchant secret set then sort and loop through all the
// data in the Virtual Payment Client response. While we have the data, we can
// append all the fields that contain values (except the secure hash) so that
// we can create a hash and validate it against the secure hash in the Virtual
// Payment Client response.
// NOTE: If the vpc_TxnResponseCode in not a single character then
// there was a Virtual Payment Client error and we cannot accurately validate
// the incoming data from the secure hash. */
// get and remove the vpc_TxnResponseCode code from the response fields as we
// do not want to include this field in the hash calculation
$vpc_Txn_Secure_Hash = $_GET["vpc_SecureHash"];
unset($_GET["vpc_SecureHash"]);
// set a flag to indicate if hash has been validated
$errorExists = false;
if (strlen($SECURE_SECRET) > 0 && $_GET["vpc_TxnResponseCode"] != "7" && $_GET["vpc_TxnResponseCode"] != "No Value Returned") {
$md5HashData = $SECURE_SECRET;
// sort all the incoming vpc response fields and leave out any with no value
foreach($_GET as $key => $value) {
if ($key != "vpc_SecureHash" or strlen($value) > 0) {
$md5HashData .= $value;
}
}
// Validate the Secure Hash (remember MD5 hashes are not case sensitive)
// This is just one way of displaying the result of checking the hash.
// In production, you would work out your own way of presenting the result.
// The hash check is all about detecting if the data has changed in transit.
if (strtoupper($vpc_Txn_Secure_Hash) == strtoupper(md5($md5HashData))) {
// Secure Hash validation succeeded, add a data field to be displayed
// later.
$hashValidated = "<FONT color='#00AA00'><strong>CORRECT</strong></FONT>";
} else {
// Secure Hash validation failed, add a data field to be displayed
// later.
$hashValidated = "<FONT color='#FF0066'><strong>INVALID HASH</strong></FONT>";
$errorExists = true;
}
} else {
// Secure Hash was not validated, add a data field to be displayed later.
$hashValidated = "<FONT color='orange'><strong>Not Calculated - No 'SECURE_SECRET' present.</strong></FONT>";
}
// Define Variables
// ----------------
// Extract the available receipt fields from the VPC Response
// If not present then let the value be equal to 'No Value Returned'
// Standard Receipt Data
$amount = null2unknown($_GET["vpc_Amount"]);
$locale = null2unknown($_GET["vpc_Locale"]);
$batchNo = null2unknown($_GET["vpc_BatchNo"]);
$command = null2unknown($_GET["vpc_Command"]);
$message = null2unknown($_GET["vpc_Message"]);
$version = null2unknown($_GET["vpc_Version"]);
$cardType = null2unknown($_GET["vpc_Card"]);
$orderInfo = null2unknown($_GET["vpc_OrderInfo"]);
$receiptNo = null2unknown($_GET["vpc_ReceiptNo"]);
$merchantID = null2unknown($_GET["vpc_Merchant"]);
$authorizeID = null2unknown($_GET["vpc_AuthorizeId"]);
$merchTxnRef = null2unknown($_GET["vpc_MerchTxnRef"]);
$transactionNo = null2unknown($_GET["vpc_TransactionNo"]);
$acqResponseCode = null2unknown($_GET["vpc_AcqResponseCode"]);
$txnResponseCode = null2unknown($_GET["vpc_TxnResponseCode"]);
$address = null2unknown($_GET["address"]);
$city = null2unknown($_GET["city"]);
$state = null2unknown($_GET["state"]);
$country_name = null2unknown($_GET["country"]);
// 3-D Secure Data
$verType = array_key_exists("vpc_VerType", $_GET) ? $_GET["vpc_VerType"] : "No Value Returned";
$verStatus = array_key_exists("vpc_VerStatus", $_GET) ? $_GET["vpc_VerStatus"] : "No Value Returned";
$token = array_key_exists("vpc_VerToken", $_GET) ? $_GET["vpc_VerToken"] : "No Value Returned";
$verSecurLevel = array_key_exists("vpc_VerSecurityLevel", $_GET) ? $_GET["vpc_VerSecurityLevel"] : "No Value Returned";
$enrolled = array_key_exists("vpc_3DSenrolled", $_GET) ? $_GET["vpc_3DSenrolled"] : "No Value Returned";
$xid = array_key_exists("vpc_3DSXID", $_GET) ? $_GET["vpc_3DSXID"] : "No Value Returned";
$acqECI = array_key_exists("vpc_3DSECI", $_GET) ? $_GET["vpc_3DSECI"] : "No Value Returned";
$authStatus = array_key_exists("vpc_3DSstatus", $_GET) ? $_GET["vpc_3DSstatus"] : "No Value Returned";
// *******************
// END OF MAIN PROGRAM
// *******************
// FINISH TRANSACTION - Process the VPC Response Data
// =====================================================
// For the purposes of demonstration, we simply display the Result fields on a
// web page.
// Show 'Error' in title if an error condition
$errorTxt = "";
// Show this page as an error page if vpc_TxnResponseCode equals '7'
if ($txnResponseCode == "7" || $txnResponseCode == "No Value Returned" || $errorExists) {
$errorTxt = "Error ";
}
// This is the display title for 'Receipt' page
$title = $_GET["Title"];
// The URL link for the receipt to do another transaction.
// Note: This is ONLY used for this example and is not required for
// production code. You would hard code your own URL into your application
// to allow customers to try another transaction.
//TK//$againLink = URLDecode($_GET["AgainLink"]);
include_once "connection.php";
if(isset($_POST['SubButL']) && $_POST['SubButL']=='Pay Now!')
{
$invoice_number=$_GET['vpc_MerchTxnRef'];
/*$customer_id=
$country_name=
$address= $_POST['address'];
$city=
$pincode=
$email_id=
$state=
$country_name=
*/
}
if($txnResponseCode=='0')
{
/*
Rendering paid invoice pdf and queuing mail in with attachment e.g Paid Invoive.
*/
include_once "connection.php";
$update_pd="UPDATE payment_details SET paid_amount='$amount',payment_date=CURDATE() WHERE invoice_number_payment='$orderInfo'";
$insert_data_pd=mysql_query($update_pd) or die(mysql_error());
$update_ps="UPDATE payment_status SET AxisBank_Status='Success' WHERE Invoice_Number='$orderInfo'";
$insert_data_ps=mysql_query($update_ps) or die(mysql_error());
//ini_set('include_path', '../printTracker/PEAR/');
require('Paid_invoice_pdf_with_MailQueue.php');
$invoiceObj = new paidINVOICE;
$invoiceObj->pdf_PaidInvoice($invoice=$orderInfo);
}else
{
$update_ps="UPDATE payment_status SET AxisBank_Status='Failed' WHERE Invoice_Number='$orderInfo'";
$insert_data_ps=mysql_query($update_ps) or die(mysql_error());
}
?>
<html>
<head>
<title>Enter Customer Info</title>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<link rel="stylesheet" type="text/css" href="../printTracker/css/style.css" media="screen" />
<link rel="stylesheet" type="text/css" href="../printTracker/css/button.css" media="screen" />
<!--Link Path for Email Validation -->
</head>
<body >
<div id="wrap">
<div id="header">
<div class="box-1">
<div class="box-2">
<div class="box-3 deepest "> <a href="http://ijcaonline.org">
<div style="background:url(../printTracker/image/icfcia_02.png) 0px 0px repeat-x">
<div style="background:url(../printTracker/image/icfcia_03.png) 100% 0px no-repeat">
<div style="background:url(../printTracker/image/icfcia_01.png) 0px 0px no-repeat; height:127px;"> </div>
</div>
</div>
</a> </div>
</div>
</div>
</div>
<div id="content">
<h2><a href="#">Print Order Tracking System</a></h2>
<p class="meta"><?php echo date("d-M-Y");?></p>
<!--Customer Information Form /Shipping Address Details -->
<div class="block">
<!--Pre Submited Customer Order Details Display-->
<form name="order" action="../printTracker/vpc_php_authenticate_and_pay_merchanthost_do.php" method="post" >
<div >
<fieldset >
<legend>Order Details</legend>
<table border="0" cellpadding="0" cellspacing="0" class="orderinfo" width="100%" >
<tr >
<td width="50%" > Invoice Number:</td><td><?=$orderInfo?></td>
</tr>
</table>
<table border="0" cellpadding="0" cellspacing="0" class="orderinfo" width="100%" >
<?php if($txnResponseCode=='0'){ ?>
<tr>
<td width="50%" >Download your paid invoice as PDF </td><td>
<?php if(true){ echo "<a href=\"../printTracker/SaveAsPdf_PaidInvoice.php?InvoiceNumber=$orderInfo\" ><img border=\"0\" src=\"../printTracker/images/adobe-pdf-icon.png\" alt=\"pdf download\" width=\"24\" height=\"24\" /></a></td>" ; } ?>
</tr>
<?php } ?>
<tr >
<td width="50%"> Transaction Status </td><td> <font <?php if($txnResponseCode=='0'){ ?> color="#008000" <?php }else { ?> color="red" <?php } ?> ><?=getResponseDescription($txnResponseCode)?></font></td>
</tr>
<?php if($txnResponseCode=='0'){ ?>
<tr>
<td width="50%"><strong><i>Receipt Number </i></strong></td><td><?=$receiptNo?></td>
</tr>
<?php } ?>
</table>
<?php
$i=0;
$rs = mysql_query("SELECT AxisBank_Status,Paypal_Status FROM payment_status
WHERE Invoice_Number='$orderInfo'" );
while( $row = mysql_fetch_array($rs) ){
$AxisBank_Status = $row[0];
$Paypal_Status = $row[1];
$i++;
}
$j=0;
$rs_c = mysql_query("SELECT ship_Country FROM address
WHERE invoice_number='$orderInfo'" );
while($row_c = mysql_fetch_array($rs_c)){
$country_name = $row_[0];
$j++;
}
$ts=false;
if($txnResponseCode=='0'){
?>
<div class="box-info"><p>You will receive an e-mail within 30 minutes with an attachment having Paid Invoice.</p><p> Please save your invoice number and Receipt Number for future communication. Thank you !!</p></div>
<?php }elseif($AxisBank_Status=='Failed' && $Paypal_Status == 'Failed')
{
?>
<table border="0" cellpadding="0" cellspacing="0" class="orderinfo" width="100%" >
<tr >
<td > Invoice Number:</td><td> <?php echo $orderInfo; ?></td>
</tr>
<tr>
<td >Download your Invoice as PDF: </td><td>
<?php if(true){ echo "<a href=\"./SaveAsPdf.php?InvoiceNumber=$orderInfo\" ><img border=\"0\" src=\"../printTracker/images/adobe-pdf-icon.png\" alt=\"pdf download\" width=\"24\" height=\"24\" /></a></td>" ; } ?>
</tr>
<tr>
<td >Download your Payment Instruction: </td><td>
<?php if(true){ echo "<a href=\"./Payment_InstructionD.php?country_name=$country_name\" ><img border=\"0\" src=\"../printTracker/images/adobe-pdf-icon.png\" alt=\"pdf download\" width=\"24\" height=\"24\" /></a></td>" ; } ?>
<input type="hidden" name="INVOICENUMBER" value="<?php echo $orderInfo;?>" />
</tr>
<tr >
<td >To get the details on your mail click on given button</td><td> <?php if(true){ echo "<a href=\"./offlineReciept.php?InvoiceNumber=$orderInfo\" ><img border=\"0\" src=\"../printTracker/images/1337408250_emails-letters.png\" alt=\"pdf download\" width=\"24\" height=\"24\" /></a></td>" ; } ?> </td>
</tr>
</table>
<?php
}
else{
$total=0;
$order=getOrdersDetails($invoiceNumber=$orderInfo);
$i=1 ;$nvpindex=0;$paypal_quantity=0;$issue='';$nvpstring='';
if(!empty($order))
{
for ( $column = 0; $column < count($order['volume']); $column++ )
{
$costINR=$order['qty'][$column]*$rateINR;
$costUSD=$order['qty'][$column]*$rate;
$total_costINR=$total_costINR+$costINR;
$total_costUSD=$total_costUSD+$costUSD;
$issue=$issue.' '.$volume[$a].$number[$a] ;
$paypal_quantity=$paypal_quantity+$quantity[$a];
$nvpstring=$nvpstring.'&L_NAME'.$nvpindex.'='.$volume[$a].$number[$a].'&L_AMT'.$nvpindex.'='.$rate.'&L_QTY'.$nvpindex.'='.$quantity[$a];
$i++ ;++$nvpindex;
}
}else
{
echo 'You have not placed any valid orders';
}
//$vpc_TotalCost=$total_costINR*100;
if($country_name!='India')
{
// $nvpindex=$nvpindex+1;
$total_costUSD=$total_costUSD+$shippingCharge;
$nvpstring=$nvpstring.'&L_NAME'.$nvpindex.'='.'Shipping Charge'.'&L_AMT'.$nvpindex.'='.$shippingCharge.'&L_QTY'.$nvpindex.'=1';
}
?>
<input type=hidden name=paymentType value='<?php echo $paymentType='Sale'?>' >
<input type=hidden name="currencyCodeType" value="USD" >
<input type="hidden" name="SHIPTOCOUNTRYCODE" value="<?=$country_name?>" />
<input type="hidden" name="SHIPTOZIP" value="560037" />
<input type="hidden" name="NVPSTRING" value="<?=$nvpstring?>" />
<input type="hidden" name="ITEMAMT" value="<?=$total_costUSD?>" />
<input type="hidden" name="INVOICENUMBER" value="<?=$orderInfo?>" />
<input type="hidden" name="demo_radio" id="rad1" value="no" /><span style="font-size:11px; font-family: Arial, Verdana;"> Pay using Paypal <img src="../printTracker/images/PayPal_mark_37x23.gif" style="margin-left:7px;margin-right:7px;"> in US currency</span></br></br>
<tr><td width="70%">    </td><td><input class="button" type="submit" NAME="SubButL" value="Pay Now!" align="right"></td></tr>
<?php } ?>
</fieldset>
</div>
</form>
<div id="bottom">
<div id="bottomleft"></div>
<div id="bottomright">
<div id="div2"></div>
</div>
</div>
</div>
<div id="footer"><a href="http://www.ijcaonline.org//"> Published By FCS<sup>®</sup> (Foundation of Computer Science, USA) </a><a href="#"></a>.
<p> © 2012 International Journal of Computer Applications </p>
<a href="http://www.ijcaonline.org/index.php?option=com_content&view=article&id=585">Privacy Policy </a> | <a href="http://www.ijcaonline.org/index.php?option=com_content&view=article&id=9">Terms of Service</a>
</div>
</div>
</div>
</body>
</html>
<?
// End Processing
// This method uses the QSI Response code retrieved from the Digital
// Receipt and returns an appropriate description for the QSI Response Code
//
// @param $responseCode String containing the QSI Response Code
//
// @return String containing the appropriate description
//
function getResponseDescription($responseCode) {
switch ($responseCode) {
case "0" : $result = "Transaction Successful"; break;
case "?" : $result = "Transaction status is unknown"; break;
case "1" : $result = "Unknown Error"; break;
case "2" : $result = "Bank Declined Transaction"; break;
case "3" : $result = "No Reply from Bank"; break;
case "4" : $result = "Expired Card"; break;
case "5" : $result = "Insufficient funds"; break;
case "6" : $result = "Error Communicating with Bank"; break;
case "7" : $result = "Payment Server System Error"; break;
case "8" : $result = "Transaction Type Not Supported"; break;
case "9" : $result = "Bank declined transaction (Do not contact Bank)"; break;
case "A" : $result = "Transaction Aborted"; break;
case "C" : $result = "Transaction Cancelled"; break;
case "D" : $result = "Deferred transaction has been received and is awaiting processing"; break;
case "F" : $result = "3D Secure Authentication failed"; break;
case "I" : $result = "Card Security Code verification failed"; break;
case "L" : $result = "Shopping Transaction Locked (Please try the transaction again later)"; break;
case "N" : $result = "Cardholder is not enrolled in Authentication scheme"; break;
case "P" : $result = "Transaction has been received by the Payment Adaptor and is being processed"; break;
case "R" : $result = "Transaction was not processed - Reached limit of retry attempts allowed"; break;
case "S" : $result = "Duplicate SessionID (OrderInfo)"; break;
case "T" : $result = "Address Verification Failed"; break;
case "U" : $result = "Card Security Code Failed"; break;
case "V" : $result = "Address Verification and Card Security Code Failed"; break;
default : $result = "Unable to be determined";
}
return $result;
}
// -----------------------------------------------------------------------------
// This method uses the verRes status code retrieved from the Digital
// Receipt and returns an appropriate description for the QSI Response Code
// @param statusResponse String containing the 3DS Authentication Status Code
// @return String containing the appropriate description
function getStatusDescription($statusResponse) {
if ($statusResponse == "" || $statusResponse == "No Value Returned") {
$result = "3DS not supported or there was no 3DS data provided";
} else {
switch ($statusResponse) {
Case "Y" : $result = "The cardholder was successfully authenticated."; break;
Case "E" : $result = "The cardholder is not enrolled."; break;
Case "N" : $result = "The cardholder was not verified."; break;
Case "U" : $result = "The cardholder's Issuer was unable to authenticate due to some system error at the Issuer."; break;
Case "F" : $result = "There was an error in the format of the request from the merchant."; break;
Case "A" : $result = "Authentication of your Merchant ID and Password to the ACS Directory Failed."; break;
Case "D" : $result = "Error communicating with the Directory Server."; break;
Case "C" : $result = "The card type is not supported for authentication."; break;
Case "S" : $result = "The signature on the response received from the Issuer could not be validated."; break;
Case "P" : $result = "Error parsing input from Issuer."; break;
Case "I" : $result = "Internal Payment Server system error."; break;
default : $result = "Unable to be determined"; break;
}
}
return $result;
}
// -----------------------------------------------------------------------------
// If input is null, returns string "No Value Returned", else returns input
function null2unknown($data) {
if ($data == "") {
return "No Value Returned";
} else {
return $data;
}
}
// ----------------------------------------------------------------------------