From c65543f7f2dd68656c9dd8768934dd5cfba7c34a Mon Sep 17 00:00:00 2001 From: Bruce Atkinson Date: Tue, 1 Aug 2023 10:37:23 +0200 Subject: [PATCH] Revert to original 2.4.0 --- .../Payfast/Controller/Notify/Index.php | 31 +-- .../Gateway/Request/AuthorizationRequest.php | 12 +- app/code/Payfast/Payfast/Model/Payfast.php | 109 ++++---- .../Payfast/Payfast/Model/payfast_common.inc | 232 ++++++++++-------- .../Payfast/Payfast/etc/adminhtml/system.xml | 12 +- .../Payfast/Payfast/etc/csp_whitelist.xml | 11 - app/code/Payfast/Payfast/etc/di.xml | 2 +- 7 files changed, 187 insertions(+), 222 deletions(-) delete mode 100644 app/code/Payfast/Payfast/etc/csp_whitelist.xml diff --git a/app/code/Payfast/Payfast/Controller/Notify/Index.php b/app/code/Payfast/Payfast/Controller/Notify/Index.php index fa863ed..8d02e59 100644 --- a/app/code/Payfast/Payfast/Controller/Notify/Index.php +++ b/app/code/Payfast/Payfast/Controller/Notify/Index.php @@ -3,11 +3,8 @@ /** * Copyright (c) 2008 PayFast (Pty) Ltd - * You (being anyone who is not PayFast (Pty) Ltd) may download and use this plugin / code in your own website - * in conjunction with a registered and active PayFast account. If your PayFast account is terminated for any reason, - * you may not use this plugin / code or part thereof. - * Except as expressly indicated in this licence, you may not use, copy, modify or distribute this plugin / code or - * part thereof in any way. + * You (being anyone who is not PayFast (Pty) Ltd) may download and use this plugin / code in your own website in conjunction with a registered and active PayFast account. If your PayFast account is terminated for any reason, you may not use this plugin / code or part thereof. + * Except as expressly indicated in this licence, you may not use, copy, modify or distribute this plugin / code or part thereof in any way. */ @@ -33,7 +30,6 @@ class Index extends AbstractPayfast implements CsrfAwareActionInterface, HttpPos */ public function execute(): ResultInterface { - $this->_logger->debug('Notify: ' . json_encode($_POST)); $pre = __METHOD__ . " : "; $this->_logger->debug($pre . 'bof'); @@ -56,11 +52,6 @@ public function execute(): ResultInterface flush(); } - $passPhrase = $this->_config->getValue('passphrase'); - if (empty($passPhrase)) { - $passPhrase = null; - } - //// Get data sent by PayFast if (!$pfError) { // Posted variables from ITN @@ -80,7 +71,8 @@ public function execute(): ResultInterface if (!pfValidSignature( $pfData, $pfParamString, - $passPhrase + $this->getConfigData('passphrase'), + $this->getConfigData('server') )) { $pfError = true; $pfErrMsg = PF_ERR_INVALID_SIGNATURE; @@ -110,7 +102,7 @@ public function execute(): ResultInterface // Check order is in "pending payment" state if ($this->_order->getState() !== Order::STATE_PENDING_PAYMENT) { -// $pfError = true; + $pfError = true; $pfErrMsg = PF_ERR_ORDER_PROCESSED; } } @@ -130,7 +122,7 @@ public function execute(): ResultInterface pflog('Check status and update order'); // Successful - if ($pfData[Info::PAYMENT_STATUS] === "COMPLETE") { + if ($pfData[Info::PAYMENT_STATUS] == "COMPLETE") { $this->setPaymentAdditionalInformation($pfData); // Save invoice $this->saveInvoice(); @@ -169,18 +161,7 @@ protected function saveInvoice() /** @var \Magento\Sales\Model\Order $order */ $order = $invoice->getOrder(); - $status = $this->getConfigData('successful_order_status'); - $state = $this->getConfigData('successful_order_state'); - if (!$status || $status === '') { - $status = Order::STATE_PROCESSING; - } - if (!$state || $state === '') { - $state = Order::STATE_PROCESSING; - } $order->setIsInProcess(true); - $order->setState($state); - $order->setStatus($status); - $order->save(); $transaction = $this->transactionFactory->create(); $transaction->addObject($order)->save(); diff --git a/app/code/Payfast/Payfast/Gateway/Request/AuthorizationRequest.php b/app/code/Payfast/Payfast/Gateway/Request/AuthorizationRequest.php index 5389b4f..a8f250d 100644 --- a/app/code/Payfast/Payfast/Gateway/Request/AuthorizationRequest.php +++ b/app/code/Payfast/Payfast/Gateway/Request/AuthorizationRequest.php @@ -98,16 +98,16 @@ public function build(array $buildSubject) $pfOutput = ''; // Create output string foreach ($data as $key => $val) { - if (!empty($val) && $key !== 'currency') { + if (!empty($val)) { $pfOutput .= $key . '=' . urlencode($val) . '&'; } } - $passPhrase = $this->config->getValue('passphrase', $order->getStoreId()) ?? ''; - if (!empty($passPhrase)) { - $pfOutput .= 'passphrase=' . urlencode($passPhrase); - } else { - $pfOutput = rtrim($pfOutput, '&'); + $passPhrase = $this->config->getValue('passphrase', $order->getStoreId()); + $pfOutput = substr($pfOutput, 0, -1); + + if (!empty($passPhrase) && $this->config->getValue('server', $order->getStoreId()) !== 'test') { + $pfOutput = $pfOutput . "&passphrase=" . urlencode($passPhrase); } $this->logger->debug($pre . 'pfOutput for signature is : ' . $pfOutput); diff --git a/app/code/Payfast/Payfast/Model/Payfast.php b/app/code/Payfast/Payfast/Model/Payfast.php index 4a7200e..453a301 100644 --- a/app/code/Payfast/Payfast/Model/Payfast.php +++ b/app/code/Payfast/Payfast/Model/Payfast.php @@ -5,7 +5,6 @@ * You (being anyone who is not PayFast (Pty) Ltd) may download and use this plugin / code in your own website in conjunction with a registered and active PayFast account. If your PayFast account is terminated for any reason, you may not use this plugin / code or part thereof. * Except as expressly indicated in this licence, you may not use, copy, modify or distribute this plugin / code or part thereof in any way. */ - namespace Payfast\Payfast\Model; require_once dirname(__FILE__) . '/../Model/payfast_common.inc'; @@ -33,13 +32,14 @@ use Magento\Store\Model\Store; use Magento\Store\Model\StoreManagerInterface; -/** - * PayFast Module. - * - * @method \Magento\Quote\Api\Data\PaymentMethodExtensionInterface getExtensionAttributes() - * @SuppressWarnings(PHPMD.TooManyFields) - * @SuppressWarnings(PHPMD.CouplingBetweenObjects) - */ + /** + * PayFast Module. + * + * @method \Magento\Quote\Api\Data\PaymentMethodExtensionInterface getExtensionAttributes() + * @SuppressWarnings(PHPMD.TooManyFields) + * @SuppressWarnings(PHPMD.CouplingBetweenObjects) + */ + class Payfast { /** @@ -139,18 +139,18 @@ public function __construct( TransactionRepositoryInterface $transactionRepository, BuilderInterface $transactionBuilder ) { - $this->_storeManager = $storeManager; - $this->_urlBuilder = $urlBuilder; - $this->_checkoutSession = $checkoutSession; - $this->_exception = $exception; + $this->_storeManager = $storeManager; + $this->_urlBuilder = $urlBuilder; + $this->_checkoutSession = $checkoutSession; + $this->_exception = $exception; $this->transactionRepository = $transactionRepository; - $this->transactionBuilder = $transactionBuilder; + $this->transactionBuilder = $transactionBuilder; - $parameters = ['params' => [$this->_code]]; + $parameters = [ 'params' => [ $this->_code ] ]; $this->_config = $configFactory->create($parameters); - if (!defined('PF_DEBUG')) { + if (! defined('PF_DEBUG')) { define('PF_DEBUG', $this->_config->getValue('debug')); } } @@ -191,8 +191,8 @@ public function canUseForCurrency($currencyCode) /** * Payment action getter compatible with payment model * - * @return string * @see \Magento\Sales\Model\Payment::place() + * @return string */ public function getConfigPaymentAction() { @@ -233,8 +233,9 @@ protected function getStoreName() * this where we compile data posted by the form to payfast * * @return array + * @throws \Magento\Framework\Exception\NoSuchEntityException */ - public function getStandardCheckoutFormFields(): array + public function getStandardCheckoutFormFields() { $pre = __METHOD__ . ' : '; // Variable initialization @@ -247,16 +248,13 @@ public function getStandardCheckoutFormFields(): array // If NOT test mode, use normal credentials if ($this->_config->getValue('server') == 'live') { - $merchantId = $this->_config->getValue('merchant_id'); + $merchantId = $this->_config->getValue('merchant_id'); $merchantKey = $this->_config->getValue('merchant_key'); - } // If test mode, use generic / specific sandbox credentials + } + // If test mode, use generic sandbox credentials else { - $merchantId = !empty($this->_config->getValue('merchant_id')) ? - $this->_config->getValue('merchant_id') : - '10000100'; - $merchantKey = !empty($this->_config->getValue('merchant_key')) ? - $this->_config->getValue('merchant_key') : - '46f0cd694581a'; + $merchantId = '10000100'; + $merchantKey = '46f0cd694581a'; } // Create description @@ -269,22 +267,22 @@ public function getStandardCheckoutFormFields(): array // Construct data for the form $data = [ // Merchant details - 'merchant_id' => $merchantId, - 'merchant_key' => $merchantKey, - 'return_url' => $this->getPaidSuccessUrl(), - 'cancel_url' => $this->getPaidCancelUrl(), - 'notify_url' => $this->getPaidNotifyUrl(), + 'merchant_id' => $merchantId, + 'merchant_key' => $merchantKey, + 'return_url' => $this->getPaidSuccessUrl(), + 'cancel_url' => $this->getPaidCancelUrl(), + 'notify_url' => $this->getPaidNotifyUrl(), // Buyer details - 'name_first' => $order->getData('customer_firstname'), - 'name_last' => $order->getData('customer_lastname'), + 'name_first' => $order->getData('customer_firstname'), + 'name_last' => $order->getData('customer_lastname'), 'email_address' => $order->getData('customer_email'), // Item details - 'm_payment_id' => $order->getRealOrderId(), - 'amount' => $this->getTotalAmount($order), - 'item_name' => 'Order #' . $order->getRealOrderId(), - //this html special characters breaks signature. + 'm_payment_id' => $order->getRealOrderId(), + 'amount' => $this->getTotalAmount($order), + 'item_name' => $this->_storeManager->getStore()->getName() . ', Order #' . $order->getRealOrderId(), + //this html special characters breaks signature. //'item_description' => $pfDescription, ]; @@ -297,21 +295,21 @@ public function getStandardCheckoutFormFields(): array } $passPhrase = $this->_config->getValue('passphrase'); - if (!empty($passPhrase)) { - $pfOutput .= 'passphrase=' . urlencode($passPhrase); - } else { - $pfOutput = rtrim($pfOutput, '&'); + $pfOutput = substr($pfOutput, 0, -1); + + if (!empty($passPhrase) && $this->_config->getValue('server') !== 'test') { + $pfOutput = $pfOutput . "&passphrase=" . urlencode($passPhrase); } pflog($pre . 'pfOutput for signature is : ' . $pfOutput); $pfSignature = md5($pfOutput); - $data['signature'] = $pfSignature; + $data['signature'] = $pfSignature; $data['user_agent'] = 'Magento ' . $this->getAppVersion(); pflog($pre . 'data is :' . print_r($data, true)); - return ($data); + return($data); } /** @@ -322,11 +320,10 @@ public function getStandardCheckoutFormFields(): array private function getAppVersion(): string { $objectManager = \Magento\Framework\App\ObjectManager::getInstance(); - $version = $objectManager->get('Magento\Framework\App\ProductMetadataInterface')->getVersion(); + $version = $objectManager->get('Magento\Framework\App\ProductMetadataInterface')->getVersion(); - return (preg_match('([0-9])', $version)) ? $version : '2.0.0'; + return (preg_match('([0-9])', $version)) ? $version : '2.0.0'; } - /** * getTotalAmount */ @@ -354,7 +351,7 @@ public function getNumberFormat($number) */ public function getPaidSuccessUrl() { - return $this->_urlBuilder->getUrl('payfast/redirect/success', ['_secure' => true]); + return $this->_urlBuilder->getUrl('payfast/redirect/success', [ '_secure' => true ]); } /** @@ -366,11 +363,7 @@ public function getPaidSuccessUrl() */ protected function getOrderTransaction($payment) { - return $this->transactionRepository->getByTransactionType( - Transaction::TYPE_ORDER, - $payment->getId(), - $payment->getOrder()->getId() - ); + return $this->transactionRepository->getByTransactionType(Transaction::TYPE_ORDER, $payment->getId(), $payment->getOrder()->getId()); } /* @@ -383,13 +376,12 @@ public function getOrderPlaceRedirectUrl() return $this->_urlBuilder->getUrl('payfast/redirect'); } - /** * Checkout redirect URL getter for onepage checkout (hardcode) * - * @return string - * @see Quote\Payment::getCheckoutRedirectUrl() * @see \Magento\Checkout\Controller\Onepage::savePaymentAction() + * @see Quote\Payment::getCheckoutRedirectUrl() + * @return string */ public function getCheckoutRedirectUrl() { @@ -405,15 +397,14 @@ public function getCheckoutRedirectUrl() */ public function getPaidCancelUrl() { - return $this->_urlBuilder->getUrl('payfast/redirect/cancel', ['_secure' => true]); + return $this->_urlBuilder->getUrl('payfast/redirect/cancel', [ '_secure' => true ]); } - /** * getPaidNotifyUrl */ public function getPaidNotifyUrl() { - return $this->_urlBuilder->getUrl('payfast/notify', ['_secure' => true]); + return $this->_urlBuilder->getUrl('payfast/notify', [ '_secure' => true ]); } /** @@ -423,7 +414,7 @@ public function getPaidNotifyUrl() */ public function getPayFastUrl() { - return ('https://' . $this->getPayfastHost($this->_config->getValue('server')) . '/eng/process'); + return('https://' . $this->getPayfastHost($this->_config->getValue('server')) . '/eng/process'); } /** @@ -433,7 +424,7 @@ public function getPayFastUrl() */ public function getPayfastHost($serverMode) { - if (!in_array($serverMode, ['live', 'test'])) { + if (!in_array($serverMode, [ 'live', 'test' ])) { $pfHost = "payfast.{$serverMode}"; } else { $pfHost = (($serverMode == 'live') ? 'www' : 'sandbox') . '.payfast.co.za'; diff --git a/app/code/Payfast/Payfast/Model/payfast_common.inc b/app/code/Payfast/Payfast/Model/payfast_common.inc index 183ff29..07e25a5 100644 --- a/app/code/Payfast/Payfast/Model/payfast_common.inc +++ b/app/code/Payfast/Payfast/Model/payfast_common.inc @@ -3,12 +3,9 @@ * payfast_common.inc * * Copyright (c) 2008 PayFast (Pty) Ltd - * You (being anyone who is not PayFast (Pty) Ltd) may download and use this plugin / code in your own website - * in conjunction with a registered and active PayFast account. If your PayFast account is terminated for any reason, - * you may not use this plugin / code or part thereof. - * Except as expressly indicated in this licence, you may not use, copy, modify or distribute this plugin / code or - * part thereof in any way. - * + * You (being anyone who is not PayFast (Pty) Ltd) may download and use this plugin / code in your own website in conjunction with a registered and active PayFast account. If your PayFast account is terminated for any reason, you may not use this plugin / code or part thereof. + * Except as expressly indicated in this licence, you may not use, copy, modify or distribute this plugin / code or part thereof in any way. + * * @author Jonathan Smit */ @@ -21,29 +18,27 @@ define('PF_MODULE_VER', '1.1'); // Features // - PHP -$pfFeatures = 'PHP ' . phpversion() . ';'; +$pfFeatures = 'PHP '. phpversion() .';'; // - cURL -if (in_array('curl', get_loaded_extensions())) { +if(in_array('curl', get_loaded_extensions()) ) { define('PF_CURL', ''); - $pfVersion = curl_version(); - $pfFeatures .= ' curl ' . $pfVersion['version'] . ';'; -} else { + $pfVersion = curl_version(); + $pfFeatures .= ' curl '. $pfVersion['version'] .';'; +} +else { $pfFeatures .= ' nocurl;'; } // Create user agrent -define( - 'PF_USER_AGENT', - PF_SOFTWARE_NAME . '/' . PF_SOFTWARE_VER . ' (' . trim($pfFeatures) . ') ' . PF_MODULE_NAME . '/' . PF_MODULE_VER -); +define('PF_USER_AGENT', PF_SOFTWARE_NAME .'/'. PF_SOFTWARE_VER .' ('. trim($pfFeatures) .') '. PF_MODULE_NAME .'/'. PF_MODULE_VER); // General Defines define('PF_TIMEOUT', 15); define('PF_EPSILON', 0.01); // Messages -// Error + // Error define('PF_ERR_AMOUNT_MISMATCH', 'Amount mismatch'); define('PF_ERR_BAD_ACCESS', 'Bad access of page'); define('PF_ERR_BAD_SOURCE_IP', 'Bad source IP address'); @@ -60,14 +55,14 @@ define('PF_ERR_PDT_TOKEN_MISSING', 'PDT token not present in URL'); define('PF_ERR_SESSIONID_MISMATCH', 'Session ID mismatch'); define('PF_ERR_UNKNOWN', 'Unkown error occurred'); -// General + // General define('PF_MSG_OK', 'Payment was successful'); define('PF_MSG_FAILED', 'Payment has failed'); define( 'PF_MSG_PENDING', - 'The payment is pending. Please note, you will receive another Instant' . - ' Transaction Notification when the payment status changes to' . - ' "Completed", or "Failed"' + 'The payment is pending. Please note, you will receive another Instant'. + ' Transaction Notification when the payment status changes to'. + ' "Completed", or "Failed"' ); // {{{ pfLog @@ -76,40 +71,42 @@ define( * * Log function for logging output. * + * @author Jonathan Smit * @param $msg String Message to log * @param $close Boolean Whether to close the log file or not - * - * @author Jonathan Smit */ -function pflog($msg = '', $close = false) +function pflog( $msg = '', $close = false ) { static $fh = 0; global $module; // Only log if debugging is enabled - if (PF_DEBUG) { - if ($close) { + if(PF_DEBUG ) { + if($close ) { fclose($fh); - } else { + } + else + { // If file doesn't exist, create it - if (!$fh) { + if(!$fh ) { $pathinfo = pathinfo(__FILE__); - $fh = fopen($pathinfo['dirname'] . '/payfast.log', 'a+'); + $fh = fopen($pathinfo['dirname'] .'/payfast.log', 'a+'); } // If file was successfully created - if ($fh) { - $line = date('Y-m-d H:i:s') . ' : ' . $msg . "\n"; + if($fh ) { + $line = date('Y-m-d H:i:s') .' : '. $msg ."\n"; fwrite($fh, $line); } } } } - +// }}} +// {{{ pfGetData /** * pfGetData - * + * * @author Jonathan Smit */ function pfGetData() @@ -117,165 +114,181 @@ function pfGetData() // Posted variables from ITN $pfData = $_POST; - if (empty($_POST)) { - $data = file_get_contents('php://input'); - $pfData = json_decode($data, true); - } - // Strip any slashes in data - foreach ($pfData as $key => $val) { + foreach( $pfData as $key => $val ) { $pfData[$key] = stripslashes($val); } // Return "false" if no data was received - if (empty($pfData)) { + if(sizeof($pfData) == 0 ) { return []; } else { - return ($pfData); + return( $pfData ); } } - +// }}} +// {{{ pfValidSignature /** * pfValidSignature - * + * * @author Jonathan Smit */ -function pfValidSignature($pfData = null, &$pfParamString = null, $pfPassphrase = null) +function pfValidSignature( $pfData = null, &$pfParamString = null, $pfPassphrase = null, $serverMode=null ) { + // Dump the submitted variables and calculate security signature - foreach ($pfData as $key => $val) { - if ($key !== 'signature') { - $pfParamString .= $key . '=' . urlencode($val) . '&'; + foreach( $pfData as $key => $val ) + { + if($key != 'signature' ) { + $pfParamString .= $key .'='. urlencode($val) .'&'; } } - if ($pfPassphrase) { - $pfParamString .= 'passphrase=' . urlencode($pfPassphrase); - } else { - $pfParamString = rtrim($pfParamString, '&'); + // Remove the last '&' from the parameter string + $pfParamString = substr($pfParamString, 0, -1); + + if(!is_null($pfPassphrase) && $serverMode != 'test' ) { + //if server mode is live and a passphrase is set + $tempParamString = $pfParamString."&passphrase=".urlencode($pfPassphrase); + } + else + { + //if server mode is not live or a passphrase is not set + $tempParamString = $pfParamString; } - $signature = md5($pfParamString); + $signature = md5($tempParamString); - $result = hash_equals($pfData['signature'], $signature); + $result = ( $pfData['signature'] == $signature ); - pflog('Signature is ' . ($result ? 'valid' : 'invalid')); + pflog('Signature = '. ( $result ? 'valid' : 'invalid' )); - return ($result); + return( $result ); } - +// }}} +// {{{ pfValidData /** * pfValidData * - * @param $pfHost String Hostname to use - * @param $pfParamString String - * * @author Jonathan Smit + * @param $pfHost String Hostname to use + * @param $pfParamString String */ -function pfValidData($pfHost = 'www.payfast.co.za', $pfParamString = '') +function pfValidData( $pfHost = 'www.payfast.co.za', $pfParamString = '' ) { - pflog('Host = ' . $pfHost); - pflog('Params = ' . $pfParamString); + pflog('Host = '. $pfHost); + pflog('Params = '. $pfParamString); $response = null; // Use cURL (if available) - if (defined('PF_CURL')) { + if(defined('PF_CURL') ) { // Variable initialization - $url = 'https://' . $pfHost . '/eng/query/validate'; + $url = 'https://'. $pfHost .'/eng/query/validate'; pflog('full url is : ' . $url); // Create default cURL object $ch = curl_init(); - + // Set cURL options - Use curl_setopt for freater PHP compatibility // Base settings curl_setopt($ch, CURLOPT_USERAGENT, PF_USER_AGENT); // Set user agent curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); // Return output as string rather than outputting it curl_setopt($ch, CURLOPT_HEADER, false); // Don't include header in output - curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); - + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); + // Standard settings curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $pfParamString); curl_setopt($ch, CURLOPT_TIMEOUT, PF_TIMEOUT); - + // Execute CURL $response = curl_exec($ch); curl_close($ch); - } else { // Use fsockopen + } + // Use fsockopen + else + { // Variable initialization + $header = ''; + $res = ''; $headerDone = false; - + // Construct Header $header = "POST /eng/query/validate HTTP/1.0\r\n"; - $header .= "Host: " . $pfHost . "\r\n"; - $header .= "User-Agent: " . PF_USER_AGENT . "\r\n"; + $header .= "Host: ". $pfHost ."\r\n"; + $header .= "User-Agent: ". PF_USER_AGENT ."\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($pfParamString) . "\r\n\r\n"; - + // Connect to server - $socket = fsockopen('ssl://' . $pfHost, 443, $errno, $errstr, PF_TIMEOUT); - + $socket = fsockopen('ssl://'. $pfHost, 443, $errno, $errstr, PF_TIMEOUT); + // Send command to server fputs($socket, $header . $pfParamString); - + // Read the response from the server - while (!feof($socket)) { + while( !feof($socket) ) + { $line = fgets($socket, 1024); - + // Check if we are finished reading the header yet - if (strcmp($line, "\r\n") == 0) { + if(strcmp($line, "\r\n") == 0 ) { // read the header $headerDone = true; - } elseif ($headerDone) { // If header has been processed + } + // If header has been processed + else if($headerDone ) { // Read the main response $response .= $line; } } + } - pflog("Response:\n" . print_r($response, true)); + pflog("Response:\n". print_r($response, true)); // Interpret Response - $lines = explode("\r\n", $response); + $lines = explode("\r\n", $response); $verifyResult = trim($lines[0]); - if (strcasecmp($verifyResult, 'VALID') == 0) { - return (true); + if(strcasecmp($verifyResult, 'VALID') == 0 ) { + return( true ); } else { - return (false); + return( false ); } } - +// }}} +// {{{ pfValidIP /** * pfValidIP * - * @param string $sourceIP String Source IP address + * @author Jonathan Smit + * + * @param string $sourceIP String Source IP address * @param string $serverMode * * @return bool - * @author Jonathan Smit - * */ -function pfValidIP($sourceIP, $serverMode = '') +function pfValidIP( $sourceIP, $serverMode = '' ) { // Variable initialization $validHosts = array( 'sandbox.payfast.co.za', 'w1w.payfast.co.za', 'w2w.payfast.co.za', - ); + ); - if (!empty($serverMode)) { + if (!empty($serverMode) ) { array_push($validHosts, "www.payfast.{$serverMode}"); } $validIps = array(); - foreach ($validHosts as $pfHostname) { + foreach( $validHosts as $pfHostname ) + { $ips = gethostbynamel($pfHostname); - if ($ips !== false) { + if($ips !== false ) { $validIps = array_merge($validIps, $ips); } } @@ -283,35 +296,36 @@ function pfValidIP($sourceIP, $serverMode = '') // Remove duplicates $validIps = array_unique($validIps); - pflog("Valid IPs:\n" . print_r($validIps, true)); + pflog("Valid IPs:\n". print_r($validIps, true)); - if (in_array($sourceIP, $validIps)) { - return (true); + if(in_array($sourceIP, $validIps) ) { + return( true ); } else { - return (false); + return( false ); } } - +// }}} +// {{{ pfAmountsEqual /** * pfAmountsEqual - * + * * Checks to see whether the given amounts are equal using a proper floating * point comparison with an Epsilon which ensures that insignificant decimal * places are ignored in the comparison. - * + * * eg. 100.00 is equal to 100.0001 * - * @param $amount1 Float 1st amount for comparison - * @param $amount2 Float 2nd amount for comparison - * * @author Jonathan Smit + * @param $amount1 Float 1st amount for comparison + * @param $amount2 Float 2nd amount for comparison */ -function pfAmountsEqual($amount1, $amount2) +function pfAmountsEqual( $amount1, $amount2 ) { - if (abs(floatval($amount1) - floatval($amount2)) > PF_EPSILON) { - return (false); + if(abs(floatval($amount1) - floatval($amount2)) > PF_EPSILON ) { + return( false ); } else { - return (true); + return( true ); } } - +// }}} +?> diff --git a/app/code/Payfast/Payfast/etc/adminhtml/system.xml b/app/code/Payfast/Payfast/etc/adminhtml/system.xml index c7420a6..7313abc 100644 --- a/app/code/Payfast/Payfast/etc/adminhtml/system.xml +++ b/app/code/Payfast/Payfast/etc/adminhtml/system.xml @@ -68,16 +68,6 @@ - - - Magento\Sales\Model\Config\Source\Order\Status - - - - Magento\Sales\Model\Config\Source\Order\Status - validate-number @@ -85,4 +75,4 @@ - + \ No newline at end of file diff --git a/app/code/Payfast/Payfast/etc/csp_whitelist.xml b/app/code/Payfast/Payfast/etc/csp_whitelist.xml deleted file mode 100644 index 5c4889f..0000000 --- a/app/code/Payfast/Payfast/etc/csp_whitelist.xml +++ /dev/null @@ -1,11 +0,0 @@ - - - - - - https://sandbox.payfast.co.za - https://www.payfast.co.za/eng/process - - - - diff --git a/app/code/Payfast/Payfast/etc/di.xml b/app/code/Payfast/Payfast/etc/di.xml index d4e1ee2..914d115 100644 --- a/app/code/Payfast/Payfast/etc/di.xml +++ b/app/code/Payfast/Payfast/etc/di.xml @@ -124,7 +124,7 @@ - + Payfast\Payfast\Gateway\Response\CancelDetailsHandler Payfast\Payfast\Gateway\Validator\CancelResponseValidator