$val) { GLOBAL $no_register_global; securityCheck($key,$val); if(!$no_register_global) ${$key}=$val; } foreach ($_POST as $key=>$val) { GLOBAL $no_register_global; securityCheck($key,$val); if(!$no_register_global) ${$key}=$val; } //komplette URL (Pfad+Query-String) wird überprüft securityCheck("",$_SERVER['REQUEST_URI']); function securityCheck($key,$val) { //Arrays nicht prüfen und Variabele von Shop-Einstellungen für ConvesionTracking if($val AND is_array($val) OR $key=="ga_conversion_global" OR $key=="ga_conversion_signup" OR $key=="ga_conversion_order" OR $key == "ref") return ""; if($key=="sid" AND strlen($val)>=38) fail2ban($key,$val,"301"); else if((substr($key,-3)=="_id" OR $key=="id") AND !is_int($val+1)) fail2ban($key,$val,"302"); else if(preg_match("/cmdshell|exec master|%TEMP%|cmd \/c|wait for delay|;select|select sleep|dnstun|waitfor delay/i",$val)) fail2ban($key,$val,"303"); else if(preg_match("/#temp#|cmd \/c|xampp|char\(|chr\(|bin\(|union all|all select|union select|null,null/i",$val)) fail2ban($key,$val,"304"); else if(preg_match("/boolean mode|concat\(|convert\(|case when|then 1 else|drop function|dbms_pipe/i",$val)) fail2ban($key,$val,"305"); else if(preg_match("/sleep\(|select upper|select var|@version|ping -n|select server|1=1/i",$val)) fail2ban($key,$val,"306"); else if(preg_match("/|alert\(|console\.log|=eval|xss\.js/i",$val)) fail2ban($key,$val,"307"); else if(preg_match("/\/\*\*|load_file|get_host_address|utl_inaddr|utl_http|adduser|sys\.login_user|granted_role/i",$val)) fail2ban($key,$val,"308"); else if(preg_match("/sys\.all_tables|sysobjects|non_existant_table|user_name\(|sysadmin|sp_addlogin|onload=|mysql\.user|create user/i",$val)) fail2ban($key,$val,"309"); else if(preg_match("/addsrvrolemember|xpression\(/i",$val)) fail2ban($key,$val,"310"); } function fail2ban($key,$val,$error) { //Query String ermitteln foreach ($_GET as $key => $value) if(is_string($value)) $query_string[] = $key."=".substr($value,0,100); foreach ($_POST as $key => $value) if(is_string($value)) $query_string[] = $key."=".substr($value,0,100); if($GLOBALS["HTTP_RAW_POST_DATA"]) { $data=json_decode($GLOBALS["HTTP_RAW_POST_DATA"]); foreach ($data as $key => $value) { if($value) $query_string[] = $key."=".substr($value,0,200); } } if($query_string) $query_string=implode("\n",$query_string); $datei = $_SERVER["HTTP_HOST"].$_SERVER["SCRIPT_NAME"]; $error2 = "Dateiname: $datei\n\nParameter: $query_string"; //Fail2Ban $svMeldung="error $error -> $key : $val $error2 "; include($_SERVER['DOCUMENT_ROOT']."/data/fail2ban.inc.php"); exit(); } ?>system = &$system; $this->sid = &$this->system->sid; $this->k_id = &$this->system->k_id; //Settings laden $settings = $this->system->db->shop_settings->TakeData("*", "domain='" . $_SERVER['HTTP_HOST'] . "'"); if (!$settings) { $array_host = preg_split("/\./", $_SERVER['HTTP_HOST']); $subdomain=$array_host[0]; $settings = $this->system->db->shop_settings->TakeData("*", "subdomain='$subdomain'"); } $PaypalBrandname=$settings['name_long']; $PaypalUser=$settings['paypal_user']; $PaypalPW=$settings['paypal_pw']; $PaypalSignatur=$settings['paypal_signatur']; // API SDK $PaypalClientID=$settings['paypal_client_id']; $PaypalClientSECRET=$settings['paypal_client_secret']; if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') $protocol = "https"; else $protocol = "http"; $this->url = $protocol . '://' . $_SERVER['HTTP_HOST']; $this->username=$PaypalUser; $this->password=$PaypalPW; $this->brandname=$PaypalBrandname; $this->signatur=$PaypalSignatur; // API SDK Zugangsdaten $this->live = (object)array(); $this->live->clientID=$PaypalClientID; $this->live->clientSECRET=$PaypalClientSECRET; if($settings['paypal_env']=="sandbox") $this->enableSandbox = true; try { $this->apiContext = new \PayPal\Rest\ApiContext( new \PayPal\Auth\OAuthTokenCredential( $this->live->clientID, // ClientID $this->live->clientSECRET // ClientSecret ) ); $this->apiContext->setConfig([ 'mode' => $this->enableSandbox ? 'sandbox' : 'live', # 'log.FileName' => '../some-paypal-log-file.log', # 'log.LogLevel' => $enableSandbox ? 'DEBUG' : 'INFO' ]); } catch ( \PayPal\Exception\PayPalConnectionException $ex) { $subject="emediashop Paypal Exception - ". $this->system->settings['name']; $fehler="Fehler in PayPal Bestell-Prozess: 65
Exception: ".$ex->getMessage()."
Kunde: ".$this->k_id."
Code: ".$ex->getCode()."
Data: ".$ex->getData()."
Backtrace:
" . $ex->getTraceAsString(); $this->system->email->sendErrorMail2Admin($subject,$fehler); } } function connect($data) { $host = $this->api_live_url; $path="/nvp"; $referer="https://".$host.$path; $content="USER=".$this->username."&PWD=".$this->password."&SIGNATURE=".$this->signatur.$data; $fp = fsockopen("ssl://$host", 443, $errno, $errstr); if (!$fp) { echo "Paypal Connection Error
\n"; } else { fputs($fp, "POST $path HTTP/1.1\r\n"); fputs($fp, "Host: $host\r\n"); // fputs($fp, "Authorization: Basic ".base64_encode("username:password")."\r\n"); fputs($fp, "Content-type: application/x-www-form-urlencoded\n"); fputs($fp, "Content-length: ".strlen($content)."\n"); fputs($fp, "Connection: close\r\n\r\n"); fwrite($fp, $content); while (!feof($fp)) { $zeile=fgets($fp, 128); if(preg_match("/=/",$zeile) AND preg_match("/&/",$zeile)) $answer .= urldecode($zeile); } fclose($fp); } $array=preg_split("/&/",$answer); $count=count($array); $this->data=null; $this->data=array(); for ($i=0; $i<$count; $i++) { $answer=preg_split("/=/",$array[$i]); $answer[0]=str_replace("PAYMENTINFO_0_","",$answer[0]); $this->data[strtolower($answer[0])]=$answer[1]; } } function SetExpressCheckout($betrag,$beschreibung,$name,$email,$liefer_name,$liefer_strasse,$liefer_plz,$liefer_stadt,$liefer_landcode,$cart) { $k_id=$this->k_id; try { // https://developer.paypal.com/docs/api/payments/#payment_create $payer = new \PayPal\Api\Payer(); $payer->setPaymentMethod('paypal'); $shippingAddress = new \PayPal\Api\ShippingAddress(); $shippingAddress->setRecipientName($liefer_name); $shippingAddress->setLine1($liefer_strasse); $shippingAddress->setLine2( "" ); $shippingAddress->setPostalCode($liefer_plz); $shippingAddress->setCountryCode( trim($liefer_landcode) ); $shippingAddress->setCity( $liefer_stadt ); // Versand hinzufügen: $subtotal = ($betrag-$cart['payment']['shipping_price_gross']); $details = new \PayPal\Api\Details(); $details->setSubtotal($subtotal) ->setShipping( $cart['payment']['shipping_price_gross'] ); $amount = new \PayPal\Api\Amount(); $amount->setTotal( $betrag ) ->setDetails( $details ); // FIXME: Dynamische Währung $currency = "EUR"; $amount->setCurrency( $currency ); // Artikel und Lieferadresse an PayPal übermitteln $item_list = new \PayPal\Api\ItemList(); $item_list->setShippingAddress($shippingAddress); $items = array(); // "Pauschale je Bestellung" hinzufügen wenn vorhanden if ( $cart['payment_info']['pauschale_name'] != "" && $cart['payment']['pauschale_price_gross']>0) { $item_tmp = new \PayPal\Api\Item(); $item_tmp->setName( $cart['payment_info']['pauschale_name'] ); // $item_tmp->setDescription( $cart['payment_info']['pauschale_name'] ); $item_tmp->setQuantity( 1 ); $item_tmp->setPrice( $cart['payment']['pauschale_price_gross'] ); $item_tmp->setCurrency( $currency ); $item_list->addItem( $item_tmp ); } // Artikel hinzufügen foreach ( $cart['items'] as $item ) { $item_tmp = new \PayPal\Api\Item(); $item_tmp->setName( $item['product']['name'] ); // $item_tmp->setDescription( $item['product']['name'] ); $item_tmp->setQuantity( $item['amount'] ); $item_tmp->setPrice( $item['payment']['price_gross'] ); $item_tmp->setCurrency( $currency ); $item_list->addItem( $item_tmp ); } // Kontoguthaben falls vorhanden abziehen: if ( isset($cart['payment']['credit_price_total']) && floatval($cart['payment']['credit_price_total'])>0 ) { // Negativer wert da Abzug # var_dump( $amount ); # var_dump( $cart['payment']['credit_price_total'] ); /* FIXME if ( $amount > $cart['payment']['credit_price_total'] ) { $cart['payment']['credit_price_total'] = $amount; } */ $credit_wert = floatval($cart['payment']['credit_price_total'])*-1; $item_tmp = new \PayPal\Api\Item(); $item_tmp->setName( $cart['payment_info']['credit_name'] ); // $item_tmp->setDescription( $cart['payment_info']['credit_name'] ); $item_tmp->setQuantity( 1 ); $item_tmp->setPrice( $credit_wert ); $item_tmp->setCurrency( $currency ); $item_list->addItem( $item_tmp ); } // Notwendig für Adresse nicht überschreibbar $inputFields = new \PayPal\Api\InputFields(); $inputFields->setAllowNote(true) ->setAddressOverride(1); $webProfile = new \PayPal\Api\WebProfile(); $webProfile->setName(uniqid()) ->setInputFields($inputFields) ->setTemporary(true); $createProfile = $webProfile->create( $this->apiContext ); $checkout_id = $this->system->checkout->getCheckoutStatus(); // FIXME Auftragsnummer $paypal_invoice_id=$this->system->checkout->getOrderNr(); $order_vorhanden = $this->system->db->bestellung->TakeData("id","auftrag_nr='$paypal_invoice_id' AND k_id='$k_id'"); $order_vorhanden_2 = $this->system->db->kunde_shopping->TakeData("id", "paypal_express_order_id='".$paypal_invoice_id."' AND k_id='$k_id'"); if($order_vorhanden || $order_vorhanden_2) $paypal_invoice_id=$paypal_invoice_id."2"; $this->system->db->checkout_status->UpdateData("paypal_invoice_id='".$paypal_invoice_id."'", "k_id='$k_id' AND id='$checkout_id'"); $settings = $this->system->db->shop_settings->TakeData("*", "domain='" . $_SERVER['HTTP_HOST'] . "'"); $transaction = new \PayPal\Api\Transaction(); $transaction->setAmount( $amount ) ->setItemList($item_list) ->setInvoiceNumber( $paypal_invoice_id ); # ->setDescription( "Beschreibung Test" ); // Return Urls ergänzen if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') $protocol = "https"; else $protocol = "http"; $url = $protocol . '://' . $_SERVER['HTTP_HOST']; $lang_code = strtolower($this->system->db->setup_land->TakeData("kuerzel","id='".$this->system->settings['std_country_id']."' AND k_id='$k_id'")); $lang_code = strtolower($lang_code); //at muss zu de werden, da ansonsten die redirectUrl bei Enderle nicht stimmt if(trim($lang_code) === "at")$lang_code = "de"; $redirectUrls = new \PayPal\Api\RedirectUrls(); $redirectUrls->setReturnUrl( $url."/$lang_code/checkout/?paypal=success") ->setCancelUrl( $url."/$lang_code/checkout/?paypal=cancel"); $payment = new \PayPal\Api\Payment(); $payment->setIntent('sale') ->setPayer($payer) ->setTransactions(array($transaction)) ->setRedirectUrls($redirectUrls) ->setExperienceProfileId($createProfile->getId()); $payment->create($this->apiContext); # echo "\n\nRedirect user to approval_url: " . $payment->getApprovalLink() . "\n"; return $payment->getApprovalLink(); } catch (\PayPal\Exception\PayPalConnectionException $ex) { $subject="emediashop Paypal Exception - ". $this->system->settings['name']; $fehler="Fehler in PayPal Bestell-Prozess: 197
Exception: ".$ex->getMessage()."
Kunde: ".$this->k_id."
Code: ".$ex->getCode()."
Data: ".$ex->getData()."
Backtrace:
" . $ex->getTraceAsString(); $this->system->email->sendErrorMail2Admin($subject,$fehler); return false; } } /* function SetExpressCheckout($betrag,$beschreibung,$name,$email,$liefer_name,$liefer_strasse,$liefer_plz,$liefer_stadt,$liefer_landcode) { $k_id=$this->k_id; if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') $protocol = "https"; else $protocol = "http"; $url = $protocol . '://' . $_SERVER['HTTP_HOST']; $lang_code = $this->system->db->setup_land->TakeData("kuerzel","id='".$this->system->settings['std_country_id']."' AND k_id='$k_id'"); if(!$lang_code) $lang_code="de"; else $lang_code=strtolower($lang_code); $content.="&METHOD=SetExpressCheckout"; $content.="&VERSION=".urlencode("63.0"); $content.="&PAYMENTREQUEST_0_AMT=".urlencode($betrag); $content.="&RETURNURL=".urlencode($url."/$lang_code/checkout/?paypal=success"); $content.="&CANCELURL=".urlencode($url."/$lang_code/checkout/?paypal=cancel"); $content.="&PAYMENTREQUEST_0_PAYMENTACTION=".urlencode("Sale"); $content.="&NOSHIPPING=".urlencode("1"); //$content.="&ADDROVERRIDE=".urlencode("1"); $content.="&BRANDNAME=".urlencode($this->brandname); $content.="&EMAIL=".urlencode($email); $content.="&LOCALECODE=".urlencode("DE"); $content.="&NAME=".urlencode($name); $content.="&PAYMENTREQUEST_0_CURRENCYCODE=".urlencode("EUR"); $content.="&PAYMENTREQUEST_0_SHIPTONAME=".urlencode($liefer_name); $content.="&PAYMENTREQUEST_0_SHIPTOSTREET=".urlencode($liefer_strasse); $content.="&PAYMENTREQUEST_0_SHIPTOCITY=".urlencode($liefer_stadt); $content.="&PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE=".urlencode($liefer_landcode); $content.="&PAYMENTREQUEST_0_SHIPTOZIP=".urlencode($liefer_plz); $content.="&DESC=".urlencode($beschreibung); echo $content; $this->noecho=1; $this->connect($content); return $this->redirect_live_url."?cmd=_express-checkout&token=".$this->data[token]; } */ function GetExpressCheckoutDetails( $token, $get ) { $k_id=$this->k_id; try { // Get payment object by passing paymentId $paymentId = $get['paymentId']; $payment = PayPal\Api\Payment::get($paymentId, $this->apiContext); // Wenn bei PayPal andere Adresse angegeben: // $payment->payer->payer_info->shipping_addres $this->data[token] = $token; $this->data[payerid] = $payment->payer->payer_info->payer_id; $this->data[firstname] = $payment->payer->payer_info->first_name; $this->data[lastname] = $payment->payer->payer_info->last_name; $this->data['email'] = $payment->payer->payer_info->email; $this->data['payerstatus'] = $payment->payer->status; //unverified oder verified $this->data['payment_id'] = $paymentId; } catch (PayPal\Exception\PayPalConnectionException $ex) { $subject="emediashop Paypal Exception - ". $this->system->settings['name']; $fehler="Fehler in PayPal Bestell-Prozess: 300
Exception: ".$ex->getMessage()."
Kunde: ".$this->k_id."
Code: ".$ex->getCode()."
Data: ".$ex->getData()."
Backtrace:
" . $ex->getTraceAsString(); $this->system->email->sendErrorMail2Admin($subject,$fehler); return false; } catch (Exception $ex) { die($ex); } /* $content.="&METHOD=GetExpressCheckoutDetails"; $content.="&VERSION=".urlencode("63.0"); $content.="&TOKEN=".urlencode($tokenID); $this->connect($content); */ } function DoExpressCheckoutPayment($tokenID,$payerID,$betrag,$auftrag_nr,$custom) { try { // https://developer.paypal.com/docs/api/payments/#payment_create // Here, OrdersCaptureRequest() creates a POST request to /v2/checkout/orders // $response->result->id gives the orderId of the order created above $paymentId = $_POST['paypal_payment_id']; $payment = PayPal\Api\Payment::get($paymentId, $this->apiContext); // Es gab eine Anpassung an Warenkorb seit PayPal Reservierung => Abbrechen und neu reservieren $paypal_price = round( floatval( $payment->transactions[0]->amount->total), 2 ); $betrag = round( $betrag, 2 ); if ( $paypal_price !== $betrag ) { $this->data[ack] = "false"; $this->data[reason] = "changed_cart"; return false; } $execution = new PayPal\Api\PaymentExecution(); $execution->setPayerId($payerID); // Rechnungsnummer $transactions = $payment->getTransactions(); $transaction = $transactions[0]; $transaction->setInvoiceNumber( $auftrag_nr ); # $payment->setTransactions( array($transactions) ); // Execute payment $result = $payment->execute($execution, $this->apiContext); if ( $payment->getState() == "approved" ) { $this->data[ack] = "success"; } // Redirect } catch (PayPal\Exception\PayPalConnectionException $ex) { $subject="emediashop Paypal Exception - ". $this->system->settings['name']; $fehler="Fehler in PayPal DoExpressCheckoutPayment
Exception: ".$ex->getMessage()."
Kunde: ".$this->k_id."
Code: ".$ex->getCode()."
Data: ".$ex->getData()."
Backtrace:
" . $ex->getTraceAsString(); $this->system->email->sendErrorMail2Admin($subject,$fehler); } /* $content.="&METHOD=DoExpressCheckoutPayment"; $content.="&VERSION=".urlencode("63.0"); $content.="&TOKEN=".urlencode($tokenID); $content.="&PAYERID=".urlencode($payerID); $content.="&PAYMENTREQUEST_0_AMT=".urlencode($betrag); $content.="&PAYMENTREQUEST_0_PAYMENTACTION=".urlencode("Sale"); $content.="&PAYMENTREQUEST_0_CURRENCYCODE=".urlencode("EUR"); $content.="&PAYMENTREQUEST_0_CUSTOM=".urlencode($custom); $content.="&PAYMENTREQUEST_0_INVNUM=".urlencode($auftrag_nr); $this->connect($content); */ } function GetTransactionDetails($trans_id) { $content.="&METHOD=GetTransactionDetails"; $content.="&VERSION=".urlencode("63.0"); $content.="&TRANSACTIONID=".urlencode($trans_id); $this->connect($content); } /** * Generiert einen Link für PayPal um zu bezahlen * * @param $order_id ID der Bestellung * @param $direkt_link Wenn true wird es als Link zurück gegeben und nicht als JS PayPal Smart Button */ function getPayLink( $order_id, $direkt_link=false ) { $bestellung = $this->system->db->bestellung->TakeData('*', 'k_id='.$this->system->session['k_id'].' AND id='.$order_id ); $order_nr = $bestellung['auftrag_nr']; $brutto_preis = $bestellung['gesamtpreis_brutto']; $empfaenger = $this->settings['paypal_mailadresse']; // Artikel ermitteln $artikel_array = array(); $artikel_request = $this->system->db->bestellung_produkte->TakeTable('*', 'k_id='.$this->system->session['k_id'].' AND bestellung_id='.$order_id ); while ( $artikel_row = mysqli_fetch_assoc( $artikel_request ) ) $artikel_array[] = $artikel_row; $public_cart = array(); $public_cart['items'] = array(); // Einzelnen Produkte hinzufügen $produkt_preis_gesamt = 0; foreach ($artikel_array as $artikel ) { if ( $artikel['produkt_preis_brutto']>0 ) { $tmp_item = array(); $tmp_item['name'] = $artikel['produkt_name']; $tmp_item['quantity'] = $artikel['anzahl']; // unit_amount: {value: product_price, currency_code: "EUR"}, $tmp_item['unit_amount'] = (object) ['value'=>round( $artikel['produkt_preis_brutto'], 2), 'currency_code'=>'EUR']; $produkt_preis_gesamt += ($artikel['produkt_preis_brutto']*$artikel['anzahl']); array_push($public_cart['items'], $tmp_item); } else { $gutschein = $artikel; } } if ( !$gutschein ) $gutschein = false; if ( $gutschein ) $rabatt = $gutschein['produkt_preis_brutto']*-1; else $rabatt = 0; // Lieferkosten if ( $bestellung['lieferpreis_brutto'] ) $lieferpreis = $bestellung['lieferpreis_brutto']; else $lieferpreis = 0; // Gesamtpreis ohne Rabatt $brutto_preis_gesamt=$produkt_preis_gesamt; $brutto_preis_abzuege = $produkt_preis_gesamt-($lieferpreis+$rabatt); // Produktpreis $brutteo_preis_komplett = ($produkt_preis_gesamt+$lieferpreis)-$rabatt; $paypal_client_id = $this->system->settings['paypal_client_id']; $html = " "; if ( !$direkt_link ) return $html; // Ab hier Link per HTML für Mail zb $paypal_link = "https://www.paypal.com/cgi-bin/webscr?&cmd=_cart&upload=1&business=###mailadresse###¤cy_code=EUR&amount=###amount###&invoice=###ordernr###"; $paypal_link = preg_replace("/###mailadresse###/", trim($this->system->settings['paypal_mailadresse']), $paypal_link ); $paypal_link = preg_replace("/###amount###/", $brutto_preis_gesamt, $paypal_link ); $paypal_link = preg_replace("/###ordernr###/", $order_nr, $paypal_link ); // Items hinzufügen $paypal_link .= "&###items###"; $i=1; $item_parameter=""; foreach ( $public_cart['items'] as $item ) { $item_parameter .= '&item_name_'.$i.'='.urlencode($item[name]); $item_parameter .= '&amount_'.$i.'='.$item['unit_amount']->value; $item_parameter .= '&quantity_'.$i.'='.$item[quantity]; $i++; } $item_parameter .= '&shipping_1='.$lieferpreis; if ( $gutschein ) { $item_parameter .= '&discount_amount_1='.($gutschein['produkt_preis_brutto']*-1); } $paypal_link = preg_replace("/###items###/", $item_parameter, $paypal_link ); return $paypal_link; /* ALS HTML Button funktioniert in Mail nicht $html = '
'; $i=1; foreach ( $public_cart['items'] as $item ) { $html .= ' '; $i++; } // Wenn es einen Rabatt gab diesen beim ersten Artikel abziehen ??? if ( $gutschein ) { $html .= ''; } $html .= '
'; */ } /** * Prüft ob PayPal Express Transaction erfolgreich war und legt die Bestellung an * * @param string $orderId */ function getOrder($orderId) { $k_id=$this->k_id; try { // Verbindung zu PayPal if ( $this->enableSandbox == true ) $environment = new PayPalCheckoutSdk\Core\SandboxEnvironment( $this->live->clientID, $this->live->clientSECRET ); else $environment = new PayPalCheckoutSdk\Core\ProductionEnvironment( $this->live->clientID, $this->live->clientSECRET ); $client = new PayPalCheckoutSdk\Core\PayPalHttpClient( $environment ); // Order ziehen $response = $client->execute(new PayPalCheckoutSdk\Orders\OrdersGetRequest($orderId)); $details = json_decode($_POST['details']); // Bestellung anlegen if ( $response->result->status == "COMPLETED" && $response->statusCode == "200" ) { $liefer_daten = $response->result->purchase_units[0]->shipping; $kontaktgruppe_id = $this->system->settings['kontaktgruppe_guest_id']; $company = ""; $anrede_id = 0; // Wird von PayPal nicht geliefert $akagrad_id = 0; // Wird von PayPal nicht geliefert // Name nur komplett geliefert: $name = explode(" ", $liefer_daten->name->full_name, 2); $vorname = $name[0]; $nachname = $name[1]; $strasse_hno = explode(" ", $liefer_daten->address->address_line_1, 2); $strasse = $strasse_hno[0]; $hno = $strasse_hno[1]; $additional = $liefer_daten->address->address_line_2; $plz = $liefer_daten->address->postal_code; $stadt = $liefer_daten->address->admin_area_2; $land_id = $this->system->db->setup_land->TakeData("id","k_id='$k_id' AND kuerzel='".$liefer_daten->address->country_code."'" ); $email = $details->email_address; // Adresse des Customer aktualisieren $address = array(); $kontakt_id = $this->system->session['userid']; $address['id'] = $this->system->session['userid']; // $this->system->db->kontakt_adresse->TakeData("id","k_id='$k_id' AND kontakt_id=".$this->system->session['userid']); $address['address_type'] = "main"; $address['data_from_paypal'] = true; // Hier keinen AdressCheck durchführen $address['firma'] = $additional; $address['vorname'] = $vorname; $address['nachname'] = $nachname; $address['kurzname'] = $vorname . " " . $nachname; $address['strasse'] = $liefer_daten->address->address_line_1; $address['hausnummer'] = $hno; $address['plz'] = $plz; $address['ort'] = $stadt; $address['land_id'] = $land_id; // Mailadresse nur aktualisieren wenn es ein Gast ist ohne mailadresse $user_type = $this->system->db->kontakt_shop->TakeData("type","k_id='$k_id' AND id='$kontakt_id'"); $mailadresse_kontakt = $this->system->db->kontakte->TakeData("email","k_id='$k_id' AND id='$kontakt_id'"); if ( $user_type == "guest" && $mailadresse_kontakt=='' ) $address['email'] = $email; if ( $kontakt_id>0 ) { $this->system->customer->updateCustomerData( $address ); if ( $user_type == "guest" && $mailadresse_kontakt=='' ) $this->system->customer->updateCustomerShop($kontakt_id, "guest", $email, "", "", 0, 0, 0, 0); } $order_nr = $response->result->purchase_units[0]->invoice_id; $checkout_id=$this->system->checkout->getCheckoutStatus(); $this->system->db->checkout_status->UpdateData("order_nr='$order_nr'","k_id='$k_id' AND id='$checkout_id'"); $this->system->db->kunde_shopping->UpdateData("paypal_express_order_id='$orderId'", "id='".$this->system->shopping['id']."' AND k_id='$k_id' AND status='1'"); // redirect auf "Jetzt kaufen" seite echo json_encode( array( 'checkout'=> $this->system->shop_url ."/" . $this->system->actual_lang_code . "/checkout") ); } } catch (PayPal\Exception\PayPalConnectionException $ex) { $subject="emediashop Paypal Exception - ". $this->system->settings['name']; $fehler="Fehler in PayPal GetOrder
Exception: ".$ex->getMessage()."
Kunde: ".$this->k_id."
Code: ".$ex->getCode()."
Data: ".$ex->getData()."
Backtrace:
" . $ex->getTraceAsString(); $this->system->email->sendErrorMail2Admin($subject,$fehler); } } function captureOrder( $order_id, $checkout_id) { try { // Verbindung zu PayPal if ( $this->enableSandbox == true ) $environment = new PayPalCheckoutSdk\Core\SandboxEnvironment( $this->live->clientID, $this->live->clientSECRET ); else $environment = new PayPalCheckoutSdk\Core\ProductionEnvironment( $this->live->clientID, $this->live->clientSECRET ); $client = new PayPalCheckoutSdk\Core\PayPalHttpClient( $environment ); // Order Status $order_response = $client->execute(new PayPalCheckoutSdk\Orders\OrdersGetRequest( $order_id )); $paypal_invoice_id = $order_response->result->purchase_units[0]->invoice_id; // PR 2937 War mal leer => In diesem Fall von der checkout status Tabelle ziehen if ( $paypal_invoice_id=="" ) { $paypal_invoice_id = $this->system->db->checkout_status->TakeData("order_nr", "k_id='$this->k_id' AND id='$checkout_id'"); } $this->system->db->checkout_status->UpdateData("paypal_invoice_id='".$paypal_invoice_id."'", "k_id='$this->k_id' AND id='$checkout_id'"); $authorization_id = $order_response->result->purchase_units[0]->payments->authorizations[0]->id; $capture_request = new PayPalCheckoutSdk\Payments\AuthorizationsCaptureRequest( $authorization_id ); $capture_request->body = "{}"; $capture_response = $client->execute( $capture_request ); $order_response = $client->execute(new PayPalCheckoutSdk\Orders\OrdersGetRequest( $order_id )); $authorization_status = $order_response->result->purchase_units[0]->payments->authorizations[0]->status; if ( $authorization_status == "CAPTURED" ) { $this->data[ack] = "success"; } return $order_response; } catch (PayPal\Exception\PayPalConnectionException $ex) { $subject="emediashop Paypal Exception - ". $this->system->settings['name']; $fehler="Fehler in PayPal DoExpressCheckoutPayment
Exception: ".$ex->getMessage()."
Kunde: ".$this->k_id."
Code: ".$ex->getCode()."
Data: ".$ex->getData()."
Backtrace:
" . $ex->getTraceAsString(); $this->system->email->sendErrorMail2Admin($subject,$fehler); } } } ?>