From 465f389309627d130037e0ffdb1d435970a40feb Mon Sep 17 00:00:00 2001
From: Jason Coleman <jason@strangerstudios.com>
Date: Fri, 7 Mar 2014 22:37:48 +0000
Subject: [PATCH] Important fix for Braintree Payments users. Credit card
 information is now correctly updated in Braintree when users submit the form
 on the billing information page or checkout again on the site.

---
 .../gateways/class.pmprogateway_braintree.php | 20 ++++-----
 pages/billing.php                             | 41 ++++++++++++++++---
 preheaders/billing.php                        | 35 +++++++++++++++-
 readme.txt                                    |  5 ++-
 4 files changed, 84 insertions(+), 17 deletions(-)

diff --git a/classes/gateways/class.pmprogateway_braintree.php b/classes/gateways/class.pmprogateway_braintree.php
index ec02808c0..2e29948ab 100755
--- a/classes/gateways/class.pmprogateway_braintree.php
+++ b/classes/gateways/class.pmprogateway_braintree.php
@@ -183,19 +183,19 @@ function getCustomer(&$order, $force = false)
 								'expirationDate' => $order->braintree->expiration_date,
 								'cardholderName' => trim($order->FirstName . " " . $order->LastName),
 								'options' => array(
-									'updateExistingToken' => $customer_id
+									'updateExistingToken' => $this->customer->creditCards[0]->token
 								)
 							 )
 						  )
 						);
-
+						
 						if($response->success)
 						{
-							$this->customer = $result->customer;
+							$this->customer = $response->customer;
 						}
 						else
 						{
-							$order->error = __("Failed to update customer.", "pmpro");
+							$order->error = __("Failed to update customer.", "pmpro") . " " . $response->message;
 							$order->shorterror = $order->error;
 							return false;
 						}
@@ -208,7 +208,7 @@ function getCustomer(&$order, $force = false)
 					//assume no customer found							
 				}
 			}
-			
+						
 			//no customer id, create one
 			if(!empty($order->accountnumber))
 			{
@@ -243,7 +243,7 @@ function getCustomer(&$order, $force = false)
 					}
 					else
 					{
-						$order->error = __("Failed to create customer.", "pmpro");
+						$order->error = __("Failed to create customer.", "pmpro") . " " . $result->message;
 						$order->shorterror = $order->error;
 						return false;
 					}										
@@ -367,12 +367,12 @@ function update(&$order)
 			//we just have to run getCustomer which will look for the customer and update it with the new token
 			$this->getCustomer($order);
 			
-			if(!empty($this->customer))
+			if(!empty($this->customer) && empty($order->error))
 			{
 				return true;
 			}			
 			else
-			{
+			{				
 				return false;	//couldn't find the customer
 			}
 		}
@@ -394,7 +394,7 @@ function cancel(&$order)
 				catch(Exception $e)
 				{
 					$order->updateStatus("cancelled");	//assume it's been cancelled already
-					$order->error = __("Could not find the subscription.", "pmpro");
+					$order->error = __("Could not find the subscription.", "pmpro") . " " . $e->getMessage();
 					$order->shorterror = $order->error;
 					return false;	//no subscription found	
 				}
@@ -407,7 +407,7 @@ function cancel(&$order)
 				else
 				{
 					$order->updateStatus("cancelled");	//assume it's been cancelled already
-					$order->error = __("Could not find the subscription.", "pmpro");
+					$order->error = __("Could not find the subscription.", "pmpro") . " " . $result->message;
 					$order->shorterror = $order->error;
 					return false;	//no subscription found	
 				}
diff --git a/pages/billing.php b/pages/billing.php
index 593fc8fa4..3633caec9 100755
--- a/pages/billing.php
+++ b/pages/billing.php
@@ -44,7 +44,7 @@
 		
 	<?php } else { ?>
 	
-		<form class="pmpro_form" action="<?php echo pmpro_url("billing", "", "https")?>" method="post">
+		<form id="pmpro_form" class="pmpro_form" action="<?php echo pmpro_url("billing", "", "https")?>" method="post">
 
 			<input type="hidden" name="level" value="<?php echo esc_attr($level->id);?>" />		
 			<?php if($pmpro_msg) 
@@ -246,9 +246,9 @@
 					
 						<div>
 							<label for="AccountNumber"><?php _e('Card Number', 'pmpro');?></label>
-							<input id="AccountNumber" <?php if($gateway != "stripe") { ?>name="AccountNumber"<?php } ?> class="input" type="text" size="25" value="<?php echo esc_attr($AccountNumber)?>" autocomplete="off" /> 
+							<input id="AccountNumber" <?php if($gateway != "stripe" && $gateway != "braintree") { ?>name="AccountNumber"<?php } ?> class="input <?php echo pmpro_getClassForField("AccountNumber");?>" type="text" size="25" value="<?php echo esc_attr($AccountNumber)?>" <?php if($gateway == "braintree") { ?>data-encrypted-name="number"<?php } ?> autocomplete="off" /> 
 						</div>
-					
+						
 						<div>
 							<label for="ExpirationMonth"><?php _e('Expiration Date', 'pmpro');?></label>
 							<select id="ExpirationMonth" <?php if($gateway != "stripe") { ?>name="ExpirationMonth"<?php } ?>>
@@ -283,8 +283,8 @@
 						?>
 						<div>
 							<label for="CVV"><?php _ex('CVV', 'Credit card security code, CVV/CCV/CVV2', 'pmpro');?></label>
-							<input class="input" id="CVV" <?php if($gateway != "stripe") { ?>name="CVV"<?php } ?> type="text" size="4" value="<?php if(!empty($_REQUEST['CVV'])) { echo esc_attr($_REQUEST['CVV']); }?>" />  <small>(<a href="#" onclick="javascript:window.open('<?php echo plugins_url( "/pages/popup-cvv.html", dirname(__FILE__))?>','cvv','toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=yes, resizable=yes, width=600, height=475');"><?php _ex("what's this?", 'link to CVV help', 'pmpro');?></a>)</small>
-						</div>	
+							<input class="input" id="CVV" <?php if($gateway != "stripe" && $gateway != "braintree") { ?>name="CVV"<?php } ?> type="text" size="4" value="<?php if(!empty($_REQUEST['CVV'])) { echo esc_attr($_REQUEST['CVV']); }?>" class=" <?php echo pmpro_getClassForField("CVV");?>" <?php if($gateway == "braintree") { ?>data-encrypted-name="cvv"<?php } ?> />  <small>(<a href="javascript:void(0);" onclick="javascript:window.open('<?php echo pmpro_https_filter(PMPRO_URL)?>/pages/popup-cvv.html','cvv','toolbar=no, location=no, directories=no, status=no, menubar=no, scrollbars=yes, resizable=yes, width=600, height=475');"><?php _ex("what's this?", 'link to CVV help', 'pmpro');?></a>)</small>
+						</div>						
 						<?php
 							}
 						?>
@@ -293,6 +293,37 @@
 			</tbody>
 			</table>																	
 			
+			<?php if($gateway == "braintree") { ?>						  
+				<input type='hidden' data-encrypted-name='expiration_date' id='credit_card_exp' />
+				<input type='hidden' name='AccountNumber' id='BraintreeAccountNumber' />
+				<script type="text/javascript" src="https://js.braintreegateway.com/v1/braintree.js"></script>
+				<script type="text/javascript">
+					//setup braintree encryption
+					var braintree = Braintree.create('<?php echo pmpro_getOption("braintree_encryptionkey"); ?>');
+					braintree.onSubmitEncryptForm('pmpro_form');
+
+					//pass expiration dates in original format
+					function pmpro_updateBraintreeCardExp()
+					{
+						jQuery('#credit_card_exp').val(jQuery('#ExpirationMonth').val() + "/" + jQuery('#ExpirationYear').val());
+					}
+					jQuery('#ExpirationMonth, #ExpirationYear').change(function() {
+						pmpro_updateBraintreeCardExp();
+					});
+					pmpro_updateBraintreeCardExp();
+					
+					//pass last 4 of credit card
+					function pmpro_updateBraintreeAccountNumber()
+					{
+						jQuery('#BraintreeAccountNumber').val('XXXXXXXXXXXXX' + jQuery('#AccountNumber').val().substr(jQuery('#AccountNumber').val().length - 4));
+					}
+					jQuery('#AccountNumber').change(function() {
+						pmpro_updateBraintreeAccountNumber();
+					});
+					pmpro_updateBraintreeAccountNumber();
+				</script>
+			<?php } ?>
+			
 			<div align="center">
 				<input type="hidden" name="update-billing" value="1" />
 				<input type="submit" class="pmpro_btn pmpro_btn-submit" value="<?php _e('Update', 'pmpro');?>" />
diff --git a/preheaders/billing.php b/preheaders/billing.php
index cce7a3606..90693cb0c 100755
--- a/preheaders/billing.php
+++ b/preheaders/billing.php
@@ -117,6 +117,19 @@ function pmpro_stripe_dont_require_CVV($fields)
 		add_filter("pmpro_required_billing_fields", "pmpro_stripe_dont_require_CVV");
 	}
 	
+	//code for Braintree
+	if($gateway == "braintree")
+	{
+		//don't require the CVV, but look for cvv (lowercase) that braintree sends
+		function pmpro_braintree_dont_require_CVV($fields)
+		{
+			unset($fields['CVV']);	
+			$fields['cvv'] = true;
+			return $fields;
+		}
+		add_filter("pmpro_required_billing_fields", "pmpro_braintree_dont_require_CVV");
+	}
+	
 	//_x stuff in case they clicked on the image button with their mouse
 	if(isset($_REQUEST['update-billing']))
 		$submit = $_REQUEST['update-billing'];
@@ -172,7 +185,15 @@ function pmpro_stripe_dont_require_CVV($fields)
 		if(isset($_REQUEST['stripeToken']))
 		{
 			$stripeToken = $_REQUEST['stripeToken'];				
-		}	
+		}		
+		
+		//for Braintree, load up values
+		if(isset($_REQUEST['number']) && isset($_REQUEST['expiration_date']) && isset($_REQUEST['cvv']))
+		{
+			$braintree_number = $_REQUEST['number'];
+			$braintree_expiration_date = $_REQUEST['expiration_date'];
+			$braintree_cvv = $_REQUEST['cvv'];
+		}
 		
 		//avoid warnings for the required fields
 		if(!isset($bfirstname))
@@ -291,6 +312,15 @@ function pmpro_stripe_dont_require_CVV($fields)
 				if(isset($stripeToken))
 					$morder->stripeToken = $stripeToken;
 			
+				//Braintree values
+				if(isset($braintree_number))
+				{
+					$morder->braintree = new stdClass();
+					$morder->braintree->number = $braintree_number;
+					$morder->braintree->expiration_date = $braintree_expiration_date;
+					$morder->braintree->cvv = $braintree_cvv;
+				}
+			
 				//not saving email in order table, but the sites need it
 				$morder->Email = $bemail;
 				
@@ -343,6 +373,9 @@ function pmpro_stripe_dont_require_CVV($fields)
 			else
 			{
 				$pmpro_msg = $morder->error;
+				
+				krumo($morder);
+				
 				if(!$pmpro_msg)
 					$pmpro_msg = __("Error updating billing information.", 'pmpro');
 				$pmpro_msgt = "pmpro_error";
diff --git a/readme.txt b/readme.txt
index 78f443c34..d050791ba 100755
--- a/readme.txt
+++ b/readme.txt
@@ -3,7 +3,7 @@ Contributors: strangerstudios
 Tags: memberships, membership, authorize.net, ecommerce, paypal, stripe, braintree, restrict access, restrict content, directory site, payflow
 Requires at least: 3.5
 Tested up to: 3.8.1
-Stable tag: 1.7.8
+Stable tag: 1.7.8.1
 
 The easiest way to GET PAID with your WordPress site. Flexible content control by Membership Level, Reports, Affiliates and Discounts
 
@@ -102,6 +102,9 @@ Not sure? You can find out by doing a bit a research.
 4. Offer Membership Discounts with specific price rules (restricted by level, unique pricing for each level, # of uses, expiration date.)
 
 == Changelog == 
+= 1.7.8.1 =
+* Important fix for Braintree Payments users. Credit card information is now correctly updated in Braintree when users submit the form on the billing information page or checkout again on the site.
+
 = 1.7.8 =
 * Added various hooks.
 * Updated the expiration field dropdown on the edit levels page to use translation strings. (Thanks, 24uurdates)