whoami7 - Manager
:
/
home
/
techyfnq
/
www
/
wp-content
/
plugins
/
easy-digital-downloads
/
includes
/
gateways
/
Upload File:
files >> //home/techyfnq/www/wp-content/plugins/easy-digital-downloads/includes/gateways/paypal-standard.php
<?php /** * PayPal Standard Gateway * * @package EDD * @subpackage Gateways * @copyright Copyright (c) 2018, Easy Digital Downloads, LLC * @license http://opensource.org/licenses/gpl-2.0.php GNU Public License * @since 1.0 */ use EDD\Orders\Order; // Exit if accessed directly defined( 'ABSPATH' ) || exit; /** * PayPal Remove CC Form * * PayPal Standard does not need a CC form, so remove it. * * @access private * @since 1.0 */ add_action( 'edd_paypal_cc_form', '__return_false' ); /** * Register the PayPal Standard gateway subsection * * @since 2.6 * @param array $gateway_sections Current Gateway Tab subsections * @return array Gateway subsections with PayPal Standard */ function edd_register_paypal_gateway_section( $gateway_sections ) { if ( \EDD\Gateways\PayPal\paypal_standard_enabled() ) { $gateway_sections['paypal'] = __( 'PayPal Standard', 'easy-digital-downloads' ); } return $gateway_sections; } add_filter( 'edd_settings_sections_gateways', 'edd_register_paypal_gateway_section', 1, 1 ); /** * Registers the PayPal Standard settings for the PayPal Standard subsection * * @since 2.6 * @param array $gateway_settings Gateway tab settings * @return array Gateway tab settings with the PayPal Standard settings */ function edd_register_paypal_gateway_settings( $gateway_settings ) { if ( ! \EDD\Gateways\PayPal\paypal_standard_enabled() ) { return $gateway_settings; } $paypal_settings = array( 'paypal_email' => array( 'id' => 'paypal_email', 'name' => __( 'PayPal Email', 'easy-digital-downloads' ), 'desc' => __( 'Enter your PayPal account\'s email', 'easy-digital-downloads' ), 'type' => 'text', 'size' => 'regular', ), 'paypal_image_url' => array( 'id' => 'paypal_image_url', 'name' => __( 'PayPal Image', 'easy-digital-downloads' ), 'desc' => __( 'Upload an image to display on the PayPal checkout page.', 'easy-digital-downloads' ), 'type' => 'upload', 'size' => 'regular', ), ); $pdt_desc = sprintf( __( 'Enter your PayPal Identity Token in order to enable Payment Data Transfer (PDT). This allows payments to be verified without relying on the PayPal IPN. See our <a href="%s" target="_blank">documentation</a> for further information.', 'easy-digital-downloads' ), 'https://easydigitaldownloads.com/docs/paypal-legacy-gateways-standard-express-pro-advanced/' ); $paypal_settings['paypal_identify_token'] = array( 'id' => 'paypal_identity_token', 'name' => __( 'PayPal Identity Token', 'easy-digital-downloads' ), 'type' => 'text', 'desc' => $pdt_desc, 'size' => 'regular', ); $desc = sprintf( __( 'If you are unable to use Payment Data Transfer and payments are not getting marked as complete, then check this box. This forces the site to use a slightly less secure method of verifying purchases. See our <a href="%s" target="_blank">FAQ</a> for further information.', 'easy-digital-downloads' ), 'https://easydigitaldownloads.com/docs/paypal-payments-not-marked-as-complete/' ); $paypal_settings['disable_paypal_verification'] = array( 'id' => 'disable_paypal_verification', 'name' => __( 'Disable PayPal IPN Verification', 'easy-digital-downloads' ), 'check' => __( 'Disabled', 'easy-digital-downloads' ), 'desc' => $desc, 'type' => 'checkbox_description', ); $api_key_settings = array( 'paypal_api_keys_desc' => array( 'id' => 'paypal_api_keys_desc', 'name' => __( 'API Credentials', 'easy-digital-downloads' ), 'type' => 'descriptive_text', 'desc' => sprintf( __( 'API credentials are necessary to process PayPal refunds from inside WordPress. These can be obtained from <a href="%s" target="_blank">your PayPal account</a>.', 'easy-digital-downloads' ), 'https://developer.paypal.com/docs/classic/api/apiCredentials/#creating-an-api-signature' ) ), 'paypal_live_api_username' => array( 'id' => 'paypal_live_api_username', 'name' => __( 'Live API Username', 'easy-digital-downloads' ), 'desc' => __( 'Your PayPal live API username. ', 'easy-digital-downloads' ), 'type' => 'text', 'size' => 'regular' ), 'paypal_live_api_password' => array( 'id' => 'paypal_live_api_password', 'name' => __( 'Live API Password', 'easy-digital-downloads' ), 'desc' => __( 'Your PayPal live API password.', 'easy-digital-downloads' ), 'type' => 'text', 'size' => 'regular' ), 'paypal_live_api_signature' => array( 'id' => 'paypal_live_api_signature', 'name' => __( 'Live API Signature', 'easy-digital-downloads' ), 'desc' => __( 'Your PayPal live API signature.', 'easy-digital-downloads' ), 'type' => 'text', 'size' => 'regular' ), 'paypal_test_api_username' => array( 'id' => 'paypal_test_api_username', 'name' => __( 'Test API Username', 'easy-digital-downloads' ), 'desc' => __( 'Your PayPal test API username.', 'easy-digital-downloads' ), 'type' => 'text', 'size' => 'regular' ), 'paypal_test_api_password' => array( 'id' => 'paypal_test_api_password', 'name' => __( 'Test API Password', 'easy-digital-downloads' ), 'desc' => __( 'Your PayPal test API password.', 'easy-digital-downloads' ), 'type' => 'text', 'size' => 'regular' ), 'paypal_test_api_signature' => array( 'id' => 'paypal_test_api_signature', 'name' => __( 'Test API Signature', 'easy-digital-downloads' ), 'desc' => __( 'Your PayPal test API signature.', 'easy-digital-downloads' ), 'type' => 'text', 'size' => 'regular' ) ); $paypal_settings = array_merge( $paypal_settings, $api_key_settings ); $paypal_settings = apply_filters( 'edd_paypal_settings', $paypal_settings ); $gateway_settings['paypal'] = $paypal_settings; return $gateway_settings; } add_filter( 'edd_settings_gateways', 'edd_register_paypal_gateway_settings', 1, 1 ); /** * Process PayPal Purchase * * @since 1.0 * @param array $purchase_data Purchase Data * @return void */ function edd_process_paypal_purchase( $purchase_data ) { if ( ! wp_verify_nonce( $purchase_data['gateway_nonce'], 'edd-gateway' ) ) { wp_die( __( 'Nonce verification has failed', 'easy-digital-downloads' ), __( 'Error', 'easy-digital-downloads' ), array( 'response' => 403 ) ); } // Collect payment data $payment_data = array( 'price' => $purchase_data['price'], 'date' => $purchase_data['date'], 'user_email' => $purchase_data['user_email'], 'purchase_key' => $purchase_data['purchase_key'], 'currency' => edd_get_currency(), 'downloads' => $purchase_data['downloads'], 'user_info' => $purchase_data['user_info'], 'cart_details' => $purchase_data['cart_details'], 'gateway' => 'paypal', 'status' => ! empty( $purchase_data['buy_now'] ) ? 'private' : 'pending' ); // Record the pending payment $payment = edd_insert_payment( $payment_data ); // Check payment if ( ! $payment ) { // Record the error edd_record_gateway_error( __( 'Payment Error', 'easy-digital-downloads' ), sprintf( __( 'Payment creation failed before sending buyer to PayPal. Payment data: %s', 'easy-digital-downloads' ), json_encode( $payment_data ) ), $payment ); // Problems? send back edd_send_back_to_checkout( '?payment-mode=' . $purchase_data['post_data']['edd-gateway'] ); } else { // Only send to PayPal if the pending payment is created successfully $listener_url = add_query_arg( 'edd-listener', 'IPN', home_url( 'index.php' ) ); // Set the session data to recover this payment in the event of abandonment or error. EDD()->session->set( 'edd_resume_payment', $payment ); // Get the success url $return_url = add_query_arg( array( 'payment-confirmation' => 'paypal', 'payment-id' => urlencode( $payment ), ), get_permalink( edd_get_option( 'success_page', false ) ) ); // Get the PayPal redirect uri $paypal_redirect = trailingslashit( edd_get_paypal_redirect() ) . '?'; // Setup PayPal arguments $paypal_args = array( 'business' => edd_get_option( 'paypal_email', false ), 'email' => $purchase_data['user_email'], 'first_name' => $purchase_data['user_info']['first_name'], 'last_name' => $purchase_data['user_info']['last_name'], 'invoice' => $purchase_data['purchase_key'], 'no_shipping' => '1', 'shipping' => '0', 'no_note' => '1', 'currency_code' => edd_get_currency(), 'charset' => get_bloginfo( 'charset' ), 'custom' => $payment, 'rm' => '2', 'return' => esc_url_raw( $return_url ), 'cancel_return' => esc_url_raw( edd_get_failed_transaction_uri( '?payment-id=' . sanitize_key( $payment ) ) ), 'notify_url' => esc_url_raw( $listener_url ), 'image_url' => esc_url_raw( edd_get_paypal_image_url() ), 'cbt' => get_bloginfo( 'name' ), 'bn' => 'EasyDigitalDownloads_SP' ); if ( ! empty( $purchase_data['user_info']['address'] ) ) { $paypal_args['address1'] = $purchase_data['user_info']['address']['line1']; $paypal_args['address2'] = $purchase_data['user_info']['address']['line2']; $paypal_args['city'] = $purchase_data['user_info']['address']['city']; $paypal_args['country'] = $purchase_data['user_info']['address']['country']; } $paypal_extra_args = array( 'cmd' => '_cart', 'upload' => '1' ); $paypal_args = array_merge( $paypal_extra_args, $paypal_args ); // Add cart items $i = 1; $paypal_sum = 0; if ( is_array( $purchase_data['cart_details'] ) && ! empty( $purchase_data['cart_details'] ) ) { foreach ( $purchase_data['cart_details'] as $item ) { $item_amount = round( ( $item['subtotal'] / $item['quantity'] ) - ( $item['discount'] / $item['quantity'] ), 2 ); if ( $item_amount <= 0 ) { $item_amount = 0; } $paypal_args['item_name_' . $i ] = stripslashes_deep( html_entity_decode( edd_get_cart_item_name( $item ), ENT_COMPAT, 'UTF-8' ) ); $paypal_args['quantity_' . $i ] = $item['quantity']; $paypal_args['amount_' . $i ] = $item_amount; if ( edd_use_skus() ) { $paypal_args['item_number_' . $i ] = edd_get_download_sku( $item['id'] ); } $paypal_sum += ( $item_amount * $item['quantity'] ); $i++; } } // Calculate discount $discounted_amount = 0.00; if ( ! empty( $purchase_data['fees'] ) ) { $i = empty( $i ) ? 1 : $i; foreach ( $purchase_data['fees'] as $fee ) { if ( empty( $fee['download_id'] ) && floatval( $fee['amount'] ) > '0' ) { // this is a positive fee $paypal_args['item_name_' . $i ] = stripslashes_deep( html_entity_decode( wp_strip_all_tags( $fee['label'] ), ENT_COMPAT, 'UTF-8' ) ); $paypal_args['quantity_' . $i ] = '1'; $paypal_args['amount_' . $i ] = edd_sanitize_amount( $fee['amount'] ); $i++; } else if ( empty( $fee['download_id'] ) ) { // This is a negative fee (discount) not assigned to a specific Download $discounted_amount += abs( $fee['amount'] ); } } } $price_before_discount = $purchase_data['price']; if ( $discounted_amount > '0' ) { $paypal_args['discount_amount_cart'] = edd_sanitize_amount( $discounted_amount ); /* * Add the discounted amount back onto the price to get the "price before discount". We do this * to avoid double applying any discounts below. * @link https://github.com/easydigitaldownloads/easy-digital-downloads/issues/6837 */ $price_before_discount += $paypal_args['discount_amount_cart']; } // Check if there are any additional discounts we need to add that we haven't already accounted for. if( $paypal_sum > $price_before_discount ) { $difference = round( $paypal_sum - $price_before_discount, 2 ); if ( ! isset( $paypal_args['discount_amount_cart'] ) ) { $paypal_args['discount_amount_cart'] = 0; } $paypal_args['discount_amount_cart'] += $difference; } // Add taxes to the cart if ( edd_use_taxes() ) { $paypal_args['tax_cart'] = edd_sanitize_amount( $purchase_data['tax'] ); } $paypal_args = apply_filters( 'edd_paypal_redirect_args', $paypal_args, $purchase_data ); edd_debug_log( 'PayPal arguments: ' . print_r( $paypal_args, true ) ); // Build query $paypal_redirect .= http_build_query( $paypal_args ); // Fix for some sites that encode the entities $paypal_redirect = str_replace( '&', '&', $paypal_redirect ); // Allow paypal as a redirect destination. add_filter( 'allowed_redirect_hosts', 'edd_allow_redirect_to_paypal', 10 ); // Redirect to PayPal. edd_redirect( $paypal_redirect ); } } add_action( 'edd_gateway_paypal', 'edd_process_paypal_purchase' ); /** * Add paypal.com to the list of allowed hosts that wp_safe_redirect can redirect to. * * @since 3.0 * @param array $redirects - The list of urls that wp_safe_redirect can redirect to. * @return array */ function edd_allow_redirect_to_paypal( $redirects ) { $redirects[] = 'www.sandbox.paypal.com'; $redirects[] = 'sandbox.paypal.com'; $redirects[] = 'www.paypal.com'; $redirects[] = 'paypal.com'; return $redirects; } /** * Listens for a PayPal IPN requests and then sends to the processing function * * @since 1.0 * @return void */ function edd_listen_for_paypal_ipn() { // Regular PayPal IPN if ( isset( $_GET['edd-listener'] ) && 'ipn' === strtolower( $_GET['edd-listener'] ) ) { edd_debug_log( 'PayPal IPN endpoint loaded' ); /** * This is necessary to delay execution of PayPal PDT and to avoid a race condition causing the order status * updates to be triggered twice. * * @since 2.9.4 * @see https://github.com/easydigitaldownloads/easy-digital-downloads/issues/6605 */ $token = edd_get_option( 'paypal_identity_token' ); if ( $token ) { sleep( 5 ); } do_action( 'edd_verify_paypal_ipn' ); } } add_action( 'init', 'edd_listen_for_paypal_ipn' ); /** * Process PayPal IPN * * @since 1.0 * @return void */ function edd_process_paypal_ipn() { // Check the request method is POST if ( isset( $_SERVER['REQUEST_METHOD'] ) && $_SERVER['REQUEST_METHOD'] != 'POST' ) { return; } edd_debug_log( 'edd_process_paypal_ipn() running during PayPal IPN processing' ); // Set initial post data to empty string $post_data = ''; // Fallback just in case post_max_size is lower than needed if ( ini_get( 'allow_url_fopen' ) ) { $post_data = file_get_contents( 'php://input' ); } else { // If allow_url_fopen is not enabled, then make sure that post_max_size is large enough ini_set( 'post_max_size', '12M' ); } // Start the encoded data collection with notification command $encoded_data = 'cmd=_notify-validate'; // Get current arg separator $arg_separator = edd_get_php_arg_separator_output(); // Verify there is a post_data if ( $post_data || strlen( $post_data ) > 0 ) { // Append the data $encoded_data .= $arg_separator . $post_data; } else { // Check if POST is empty if ( empty( $_POST ) ) { // Nothing to do return; } else { // Loop through each POST foreach ( $_POST as $key => $value ) { // Encode the value and append the data $encoded_data .= $arg_separator . "$key=" . urlencode( $value ); } } } // Convert collected post data to an array parse_str( $encoded_data, $encoded_data_array ); foreach ( $encoded_data_array as $key => $value ) { if ( false !== strpos( $key, 'amp;' ) ) { $new_key = str_replace( '&', '&', $key ); $new_key = str_replace( 'amp;', '&', $new_key ); unset( $encoded_data_array[ $key ] ); $encoded_data_array[ $new_key ] = $value; } } /** * PayPal Web IPN Verification * * Allows filtering the IPN Verification data that PayPal passes back in via IPN with PayPal Standard * * @since 2.8.13 * * @param array $data The PayPal Web Accept Data */ $encoded_data_array = apply_filters( 'edd_process_paypal_ipn_data', $encoded_data_array ); edd_debug_log( 'encoded_data_array data array: ' . print_r( $encoded_data_array, true ) ); if ( ! edd_get_option( 'disable_paypal_verification' ) ) { // Validate the IPN $remote_post_vars = array( 'method' => 'POST', 'timeout' => 45, 'redirection' => 5, 'httpversion' => '1.1', 'blocking' => true, 'headers' => array( 'host' => 'www.paypal.com', 'connection' => 'close', 'content-type' => 'application/x-www-form-urlencoded', 'post' => '/cgi-bin/webscr HTTP/1.1', 'user-agent' => 'EDD IPN Verification/' . EDD_VERSION . '; ' . get_bloginfo( 'url' ) ), 'sslverify' => false, 'body' => $encoded_data_array ); edd_debug_log( 'Attempting to verify PayPal IPN. Data sent for verification: ' . print_r( $remote_post_vars, true ) ); // Get response $api_response = wp_remote_post( edd_get_paypal_redirect( true, true ), $remote_post_vars ); if ( is_wp_error( $api_response ) ) { edd_record_gateway_error( __( 'IPN Error', 'easy-digital-downloads' ), sprintf( __( 'Invalid IPN verification response. IPN data: %s', 'easy-digital-downloads' ), json_encode( $api_response ) ) ); edd_debug_log( 'Invalid IPN verification response. IPN data: ' . print_r( $api_response, true ) ); return; // Something went wrong } if ( wp_remote_retrieve_body( $api_response ) !== 'VERIFIED' && edd_get_option( 'disable_paypal_verification', false ) ) { edd_record_gateway_error( __( 'IPN Error', 'easy-digital-downloads' ), sprintf( __( 'Invalid IPN verification response. IPN data: %s', 'easy-digital-downloads' ), json_encode( $api_response ) ) ); edd_debug_log( 'Invalid IPN verification response. IPN data: ' . print_r( $api_response, true ) ); return; // Response not okay } edd_debug_log( 'IPN verified successfully' ); } // Check if $post_data_array has been populated if ( ! is_array( $encoded_data_array ) && ! empty( $encoded_data_array ) ) { return; } $defaults = array( 'txn_type' => '', 'payment_status' => '' ); $encoded_data_array = wp_parse_args( $encoded_data_array, $defaults ); $payment_id = 0; if ( ! empty( $encoded_data_array[ 'parent_txn_id' ] ) ) { $payment_id = edd_get_purchase_id_by_transaction_id( $encoded_data_array[ 'parent_txn_id' ] ); } elseif ( ! empty( $encoded_data_array[ 'txn_id' ] ) ) { $payment_id = edd_get_purchase_id_by_transaction_id( $encoded_data_array[ 'txn_id' ] ); } if ( empty( $payment_id ) ) { $payment_id = ! empty( $encoded_data_array[ 'custom' ] ) ? absint( $encoded_data_array[ 'custom' ] ) : 0; } if ( has_action( 'edd_paypal_' . $encoded_data_array['txn_type'] ) ) { // Allow PayPal IPN types to be processed separately do_action( 'edd_paypal_' . $encoded_data_array['txn_type'], $encoded_data_array, $payment_id ); } else { // Fallback to web accept just in case the txn_type isn't present do_action( 'edd_paypal_web_accept', $encoded_data_array, $payment_id ); } exit; } add_action( 'edd_verify_paypal_ipn', 'edd_process_paypal_ipn' ); /** * Process web accept (one time) payment IPNs * * @since 1.3.4 * @param array $data IPN Data * @param int $payment_id Payment ID * @return void */ function edd_process_paypal_web_accept_and_cart( $data, $payment_id ) { /** * PayPal Web Accept Data * * Allows filtering the Web Accept data that PayPal passes back in via IPN with PayPal Standard * * @since 2.8.13 * * @param array $data The PayPal Web Accept Data * @param int $payment_id The Payment ID associated with this IPN request */ $data = apply_filters( 'edd_paypal_web_accept_and_cart_data', $data, $payment_id ); if ( $data['txn_type'] != 'web_accept' && $data['txn_type'] != 'cart' && $data['payment_status'] != 'Refunded' ) { return; } if ( empty( $payment_id ) ) { return; } $payment = new EDD_Payment( $payment_id ); // Collect payment details $purchase_key = isset( $data['invoice'] ) ? $data['invoice'] : false; if ( ! $purchase_key && ! empty( $data['item_number'] ) ) { $purchase_key = $data['item_number']; } $paypal_amount = $data['mc_gross']; $payment_status = strtolower( $data['payment_status'] ); $currency_code = strtolower( $data['mc_currency'] ); $business_email = isset( $data['business'] ) && is_email( $data['business'] ) ? trim( $data['business'] ) : trim( $data['receiver_email'] ); if ( $payment->gateway != 'paypal' ) { return; // this isn't a PayPal standard IPN } // Verify payment recipient if ( strcasecmp( $business_email, trim( edd_get_option( 'paypal_email', false ) ) ) != 0 ) { edd_record_gateway_error( __( 'IPN Error', 'easy-digital-downloads' ), sprintf( __( 'Invalid business email in IPN response. IPN data: %s', 'easy-digital-downloads' ), json_encode( $data ) ), $payment_id ); edd_debug_log( 'Invalid business email in IPN response. IPN data: ' . print_r( $data, true ) ); edd_update_payment_status( $payment_id, 'failed' ); edd_insert_payment_note( $payment_id, __( 'Payment failed due to invalid PayPal business email.', 'easy-digital-downloads' ) ); return; } // Verify payment currency if ( $currency_code != strtolower( $payment->currency ) ) { edd_record_gateway_error( __( 'IPN Error', 'easy-digital-downloads' ), sprintf( __( 'Invalid currency in IPN response. IPN data: %s', 'easy-digital-downloads' ), json_encode( $data ) ), $payment_id ); edd_debug_log( 'Invalid currency in IPN response. IPN data: ' . print_r( $data, true ) ); edd_update_payment_status( $payment_id, 'failed' ); edd_insert_payment_note( $payment_id, __( 'Payment failed due to invalid currency in PayPal IPN.', 'easy-digital-downloads' ) ); return; } if ( empty( $payment->email ) ) { // This runs when a Buy Now purchase was made. It bypasses checkout so no personal info is collected until PayPal // Setup and store the customers's details $address = array(); $address['line1'] = ! empty( $data['address_street'] ) ? sanitize_text_field( $data['address_street'] ) : false; $address['city'] = ! empty( $data['address_city'] ) ? sanitize_text_field( $data['address_city'] ) : false; $address['state'] = ! empty( $data['address_state'] ) ? sanitize_text_field( $data['address_state'] ) : false; $address['country'] = ! empty( $data['address_country_code'] ) ? sanitize_text_field( $data['address_country_code'] ) : false; $address['zip'] = ! empty( $data['address_zip'] ) ? sanitize_text_field( $data['address_zip'] ) : false; $payment->email = sanitize_text_field( $data['payer_email'] ); $payment->first_name = sanitize_text_field( $data['first_name'] ); $payment->last_name = sanitize_text_field( $data['last_name'] ); $payment->address = $address; if ( empty( $payment->customer_id ) ) { $customer = new EDD_Customer( $payment->email ); if ( ! $customer || $customer->id < 1 ) { $customer->create( array( 'email' => $payment->email, 'name' => $payment->first_name . ' ' . $payment->last_name, 'user_id' => $payment->user_id ) ); } $payment->customer_id = $customer->id; } $payment->save(); } if( empty( $customer ) ) { $customer = new EDD_Customer( $payment->customer_id ); } // Record the payer email on the EDD_Customer record if it is different than the email entered on checkout if( ! empty( $data['payer_email'] ) && ! in_array( strtolower( $data['payer_email'] ), array_map( 'strtolower', $customer->emails ) ) ) { $customer->add_email( strtolower( $data['payer_email'] ) ); } if ( $payment_status == 'refunded' || $payment_status == 'reversed' ) { // Process a refund edd_process_paypal_refund( $data, $payment_id ); } else { if ( edd_get_payment_status( $payment_id ) == 'complete' ) { return; // Only complete payments once } // Retrieve the total purchase amount (before PayPal) $payment_amount = edd_get_payment_amount( $payment_id ); if ( number_format( (float) $paypal_amount, 2 ) < number_format( (float) $payment_amount, 2 ) ) { // The prices don't match edd_record_gateway_error( __( 'IPN Error', 'easy-digital-downloads' ), sprintf( __( 'Invalid payment amount in IPN response. IPN data: %s', 'easy-digital-downloads' ), json_encode( $data ) ), $payment_id ); edd_debug_log( 'Invalid payment amount in IPN response. IPN data: ' . printf( $data, true ) ); edd_update_payment_status( $payment_id, 'failed' ); edd_insert_payment_note( $payment_id, __( 'Payment failed due to invalid amount in PayPal IPN.', 'easy-digital-downloads' ) ); return; } if ( $purchase_key != edd_get_payment_key( $payment_id ) ) { // Purchase keys don't match edd_debug_log( 'Invalid purchase key in IPN response. IPN data: ' . printf( $data, true ) ); edd_record_gateway_error( __( 'IPN Error', 'easy-digital-downloads' ), sprintf( __( 'Invalid purchase key in IPN response. IPN data: %s', 'easy-digital-downloads' ), json_encode( $data ) ), $payment_id ); edd_update_payment_status( $payment_id, 'failed' ); edd_insert_payment_note( $payment_id, __( 'Payment failed due to invalid purchase key in PayPal IPN.', 'easy-digital-downloads' ) ); return; } if ( 'completed' == $payment_status || edd_is_test_mode() ) { edd_insert_payment_note( $payment_id, sprintf( __( 'PayPal Transaction ID: %s', 'easy-digital-downloads' ) , $data['txn_id'] ) ); edd_set_payment_transaction_id( $payment_id, $data['txn_id'], number_format( (float) $paypal_amount, 2 ) ); edd_update_payment_status( $payment_id, 'complete' ); } else if ( 'pending' == $payment_status && isset( $data['pending_reason'] ) ) { // Look for possible pending reasons, such as an echeck $note = ''; switch( strtolower( $data['pending_reason'] ) ) { case 'echeck' : $note = __( 'Payment made via eCheck and will clear automatically in 5-8 days', 'easy-digital-downloads' ); $payment->status = 'processing'; $payment->save(); break; case 'address' : $note = __( 'Payment requires a confirmed customer address and must be accepted manually through PayPal', 'easy-digital-downloads' ); break; case 'intl' : $note = __( 'Payment must be accepted manually through PayPal due to international account regulations', 'easy-digital-downloads' ); break; case 'multi-currency' : $note = __( 'Payment received in non-shop currency and must be accepted manually through PayPal', 'easy-digital-downloads' ); break; case 'paymentreview' : case 'regulatory_review' : $note = __( 'Payment is being reviewed by PayPal staff as high-risk or in possible violation of government regulations', 'easy-digital-downloads' ); break; case 'unilateral' : $note = __( 'Payment was sent to non-confirmed or non-registered email address.', 'easy-digital-downloads' ); break; case 'upgrade' : $note = __( 'PayPal account must be upgraded before this payment can be accepted', 'easy-digital-downloads' ); break; case 'verify' : $note = __( 'PayPal account is not verified. Verify account in order to accept this payment', 'easy-digital-downloads' ); break; case 'other' : $note = __( 'Payment is pending for unknown reasons. Contact PayPal support for assistance', 'easy-digital-downloads' ); break; } if ( ! empty( $note ) ) { edd_debug_log( 'Payment not marked as completed because: ' . $note ); edd_insert_payment_note( $payment_id, $note ); } } } } add_action( 'edd_paypal_web_accept', 'edd_process_paypal_web_accept_and_cart', 10, 2 ); /** * Process PayPal IPN Refunds * * @since 1.3.4 * @param array $data IPN Data * @return void */ function edd_process_paypal_refund( $data, $payment_id = 0 ) { /** * PayPal Process Refund Data * * Allows filtering the Refund data that PayPal passes back in via IPN with PayPal Standard * * @since 2.8.13 * * @param array $data The PayPal Refund data * @param int $payment_id The Payment ID associated with this IPN request */ $data = apply_filters( 'edd_process_paypal_refund_data', $data, $payment_id ); // Collect payment details if ( empty( $payment_id ) ) { return; } if ( get_post_status( $payment_id ) == 'refunded' ) { return; // Only refund payments once } $payment_amount = edd_get_payment_amount( $payment_id ); $refund_amount = $data['mc_gross'] * -1; if ( number_format( (float) $refund_amount, 2 ) < number_format( (float) $payment_amount, 2 ) ) { edd_insert_payment_note( $payment_id, sprintf( __( 'Partial PayPal refund processed: %s', 'easy-digital-downloads' ), $data['parent_txn_id'] ) ); return; // This is a partial refund } edd_insert_payment_note( $payment_id, sprintf( __( 'PayPal Payment #%s Refunded for reason: %s', 'easy-digital-downloads' ), $data['parent_txn_id'], $data['reason_code'] ) ); edd_insert_payment_note( $payment_id, sprintf( __( 'PayPal Refund Transaction ID: %s', 'easy-digital-downloads' ), $data['txn_id'] ) ); edd_update_payment_status( $payment_id, 'refunded' ); } /** * Get PayPal Redirect * * @since 1.0.8.2 * @param bool $ssl_check Is SSL? * @param bool $ipn Is this an IPN verification check? * @return string */ function edd_get_paypal_redirect( $ssl_check = false, $ipn = false ) { $protocol = 'http://'; if ( is_ssl() || ! $ssl_check ) { $protocol = 'https://'; } // Check the current payment mode if ( edd_is_test_mode() ) { // Test mode if ( $ipn ) { $paypal_uri = 'https://ipnpb.sandbox.paypal.com/cgi-bin/webscr'; } else { $paypal_uri = $protocol . 'www.sandbox.paypal.com/cgi-bin/webscr'; } } else { // Live mode if ( $ipn ) { $paypal_uri = 'https://ipnpb.paypal.com/cgi-bin/webscr'; } else { $paypal_uri = $protocol . 'www.paypal.com/cgi-bin/webscr'; } } return apply_filters( 'edd_paypal_uri', $paypal_uri, $ssl_check, $ipn ); } /** * Get the image for the PayPal purchase page. * * @since 2.8 * @return string */ function edd_get_paypal_image_url() { $image_url = trim( edd_get_option( 'paypal_image_url', '' ) ); return apply_filters( 'edd_paypal_image_url', $image_url ); } /** * Shows "Purchase Processing" message for PayPal payments are still pending on site return. * * This helps address the Race Condition, as detailed in issue #1839 * * @since 1.9 * @return string */ function edd_paypal_success_page_content( $content ) { if ( ! isset( $_GET['payment-id'] ) && ! edd_get_purchase_session() ) { return $content; } edd_empty_cart(); $payment_id = isset( $_GET['payment-id'] ) ? absint( $_GET['payment-id'] ) : false; if ( ! $payment_id ) { $session = edd_get_purchase_session(); $payment_id = edd_get_purchase_id_by_key( $session['purchase_key'] ); } $payment = new EDD_Payment( $payment_id ); if ( $payment->ID > 0 && 'pending' == $payment->status ) { // Payment is still pending so show processing indicator to fix the Race Condition, issue # ob_start(); edd_get_template_part( 'payment', 'processing' ); $content = ob_get_clean(); } return $content; } add_filter( 'edd_payment_confirm_paypal', 'edd_paypal_success_page_content' ); /** * Mark payment as complete on return from PayPal if a PayPal Identity Token is present. * * See https://github.com/easydigitaldownloads/easy-digital-downloads/issues/6197 * * @since 2.8.13 * @return void */ function edd_paypal_process_pdt_on_return() { if ( ! isset( $_GET['payment-id'] ) || ! isset( $_GET['tx'] ) ) { return; } $token = edd_get_option( 'paypal_identity_token' ); if ( ! edd_is_success_page() || ! $token || ! edd_is_gateway_active( 'paypal' ) ) { return; } $payment_id = isset( $_GET['payment-id'] ) ? absint( $_GET['payment-id'] ) : false; if ( empty( $payment_id ) ) { return; } $purchase_session = edd_get_purchase_session(); $payment = new EDD_Payment( $payment_id ); // If there is no purchase session, don't try and fire PDT. if ( empty( $purchase_session ) ) { return; } // Do not fire a PDT verification if the purchase session does not match the payment-id PDT is asking to verify. if ( ! empty( $purchase_session['purchase_key'] ) && $payment->key !== $purchase_session['purchase_key'] ) { return; } if ( $token && ! empty( $_GET['tx'] ) && $payment->ID > 0 ) { // An identity token has been provided in settings so let's immediately verify the purchase $remote_post_vars = array( 'method' => 'POST', 'timeout' => 45, 'redirection' => 5, 'httpversion' => '1.1', 'blocking' => true, 'headers' => array( 'host' => 'www.paypal.com', 'connection' => 'close', 'content-type' => 'application/x-www-form-urlencoded', 'post' => '/cgi-bin/webscr HTTP/1.1', 'user-agent' => 'EDD PDT Verification/' . EDD_VERSION . '; ' . get_bloginfo( 'url' ) ), 'sslverify' => false, 'body' => array( 'tx' => sanitize_text_field( $_GET['tx'] ), 'at' => $token, 'cmd' => '_notify-synch', ) ); // Sanitize the data for debug logging. $debug_args = $remote_post_vars; $debug_args['body']['at'] = str_pad( substr( $debug_args['body']['at'], -6 ), strlen( $debug_args['body']['at'] ), '*', STR_PAD_LEFT ); edd_debug_log( 'Attempting to verify PayPal payment with PDT. Args: ' . print_r( $debug_args, true ) ); edd_debug_log( 'Sending PDT Verification request to ' . edd_get_paypal_redirect() ); $request = wp_remote_post( edd_get_paypal_redirect(), $remote_post_vars ); if ( ! is_wp_error( $request ) ) { $body = wp_remote_retrieve_body( $request ); // parse the data $lines = explode( "\n", trim( $body ) ); $data = array(); if ( strcmp ( $lines[0], "SUCCESS" ) == 0 ) { for ( $i = 1; $i < count( $lines ); $i++ ) { $parsed_line = explode( "=", $lines[ $i ],2 ); $data[ urldecode( $parsed_line[0] ) ] = urldecode( $parsed_line[1] ); } if ( isset( $data['mc_gross'] ) ) { $total = $data['mc_gross']; } else if ( isset( $data['payment_gross'] ) ) { $total = $data['payment_gross']; } else if ( isset( $_REQUEST['amt'] ) ) { $total = $_REQUEST['amt']; } else { $total = null; } if ( is_null( $total ) ) { edd_debug_log( 'Attempt to verify PayPal payment with PDT failed due to payment total missing' ); $payment->add_note( __( 'Payment could not be verified while validating PayPal PDT. Missing payment total fields.', 'easy-digital-downloads' ) ); $payment->status = 'pending'; } elseif ( (float) $total < (float) $payment->total ) { /** * Here we account for payments that are less than the expected results only. There are times that * PayPal will sometimes round and have $0.01 more than the amount. The goal here is to protect store owners * from getting paid less than expected. */ edd_debug_log( 'Attempt to verify PayPal payment with PDT failed due to payment total discrepancy' ); $payment->add_note( sprintf( __( 'Payment failed while validating PayPal PDT. Amount expected: %f. Amount Received: %f', 'easy-digital-downloads' ), $payment->total, $data['payment_gross'] ) ); $payment->status = 'failed'; } else { // Verify the status switch( strtolower( $data['payment_status'] ) ) { case 'completed': $payment->status = 'complete'; break; case 'failed': $payment->status = 'failed'; break; default: $payment->status = 'pending'; break; } } $payment->transaction_id = sanitize_text_field( $_GET['tx'] ); $payment->save(); } elseif ( strcmp ( $lines[0], "FAIL" ) == 0 ) { edd_debug_log( 'Attempt to verify PayPal payment with PDT failed due to PDT failure response: ' . print_r( $body, true ) ); $payment->add_note( __( 'Payment failed while validating PayPal PDT.', 'easy-digital-downloads' ) ); $payment->status = 'failed'; $payment->save(); } else { edd_debug_log( 'Attempt to verify PayPal payment with PDT met with an unexpected result: ' . print_r( $body, true ) ); $payment->add_note( __( 'PayPal PDT encountered an unexpected result, payment set to pending', 'easy-digital-downloads' ) ); $payment->status = 'pending'; $payment->save(); } } else { edd_debug_log( 'Attempt to verify PayPal payment with PDT failed. Request return: ' . print_r( $request, true ) ); } } } add_action( 'template_redirect', 'edd_paypal_process_pdt_on_return' ); /** * Given a Payment ID, extract the transaction ID * * @since 2.1 * @since 3.0 Updated to use EDD_Note class. * * @param string $payment_id Payment ID. * @return string Transaction ID. */ function edd_paypal_get_payment_transaction_id( $payment_id ) { $transaction_id = ''; $notes = edd_get_payment_notes( $payment_id ); foreach ( $notes as $note ) { if ( preg_match( '/^PayPal Transaction ID: ([^\s]+)/', $note->content, $match ) ) { $transaction_id = $match[1]; continue; } } return apply_filters( 'edd_paypal_set_payment_transaction_id', $transaction_id, $payment_id ); } add_filter( 'edd_get_payment_transaction_id-paypal', 'edd_paypal_get_payment_transaction_id', 10, 1 ); /** * Given a transaction ID, generate a link to the PayPal transaction ID details * * @since 2.2 * @param string $transaction_id The Transaction ID * @param int $payment_id The payment ID for this transaction * @return string A link to the PayPal transaction details */ function edd_paypal_link_transaction_id( $transaction_id, $payment_id ) { $payment = new EDD_Payment( $payment_id ); $sandbox = 'test' === $payment->mode ? 'sandbox.' : ''; $paypal_base_url = 'https://' . $sandbox . 'paypal.com/activity/payment/'; $transaction_url = '<a href="' . esc_url( $paypal_base_url . $transaction_id ) . '" target="_blank">' . esc_html( $transaction_id ) . '</a>'; return apply_filters( 'edd_paypal_link_payment_details_transaction_id', $transaction_url ); } add_filter( 'edd_payment_details_transaction_id-paypal', 'edd_paypal_link_transaction_id', 10, 2 ); /** * Shows a checkbox to automatically refund payments in PayPal. * * @param Order $order * * @since 3.0 * @return void */ function edd_paypal_refund_checkbox( Order $order ) { if ( 'paypal' !== $order->gateway ) { return; } // If our credentials are not set, return early. $key = $order->mode; $username = edd_get_option( 'paypal_' . $key . '_api_username' ); $password = edd_get_option( 'paypal_' . $key . '_api_password' ); $signature = edd_get_option( 'paypal_' . $key . '_api_signature' ); if ( empty( $username ) || empty( $password ) || empty( $signature ) ) { return; } ?> <div class="edd-form-group edd-paypal-refund-transaction"> <div class="edd-form-group__control"> <input type="checkbox" id="edd-paypal-refund" name="edd-paypal-refund" class="edd-form-group__input" value="1"> <label for="edd-paypal-refund" class="edd-form-group__label"> <?php esc_html_e( 'Refund transaction in PayPal', 'easy-digital-downloads' ); ?> </label> </div> </div> <?php } add_action( 'edd_after_submit_refund_table', 'edd_paypal_refund_checkbox' ); /** * If selected, refunds a transaction in PayPal when creating a new refund record. * * @param int $order_id ID of the order we're processing a refund for. * @param int $refund_id ID of the newly created refund record. * @param bool $all_refunded Whether or not this was a full refund. * * @since 3.0 */ function edd_paypal_maybe_refund_transaction( $order_id, $refund_id, $all_refunded ) { if ( ! current_user_can( 'edit_shop_payments', $order_id ) ) { return; } if ( empty( $_POST['data'] ) ) { return; } $order = edd_get_order( $order_id ); if ( empty( $order->gateway ) || 'paypal' !== $order->gateway ) { return; } // Get our data out of the serialized string. parse_str( $_POST['data'], $form_data ); if ( empty( $form_data['edd-paypal-refund'] ) ) { edd_add_note( array( 'object_id' => $order_id, 'object_type' => 'order', 'user_id' => is_admin() ? get_current_user_id() : 0, 'content' => __( 'Transaction not refunded in PayPal, as checkbox was not selected.', 'easy-digital-downloads' ) ) ); return; } $refund = edd_get_order( $refund_id ); if ( empty( $refund->total ) ) { return; } edd_refund_paypal_purchase( $order, $refund ); } add_action( 'edd_refund_order', 'edd_paypal_maybe_refund_transaction', 10, 3 ); /** * Refunds a purchase made via PayPal. * * @since 2.6.0 * * @param EDD_Payment|Order|int $payment_id_or_object The ID or object of the order to refund. * @param Order|null $refund_object Optional. The refund object associated with this * transaction refund. If provided, then the refund * amount is used as the transaction refund amount (used for * partial refunds), and an EDD transaction record will be * inserted. * * @return void */ function edd_refund_paypal_purchase( $payment_id_or_object, $refund_object = null ) { /* * Internally we want to work with an Order object, but we also need * an EDD_Payment object for backwards compatibility in the hooks. */ $order = $payment = false; if ( $payment_id_or_object instanceof Order ) { $order = $payment_id_or_object; $payment = edd_get_payment( $order->id ); } elseif ( $payment_id_or_object instanceof EDD_Payment ) { $payment = $payment_id_or_object; $order = edd_get_order( $payment_id_or_object->ID ); } elseif ( is_numeric( $payment_id_or_object ) ) { $order = edd_get_order( $payment_id_or_object ); $payment = edd_get_payment( $payment_id_or_object ); } if ( empty( $order ) || ! $order instanceof Order ) { return; } // Set PayPal API key credentials. $credentials = array( 'api_endpoint' => 'test' == $order->mode ? 'https://api-3t.sandbox.paypal.com/nvp' : 'https://api-3t.paypal.com/nvp', 'api_username' => edd_get_option( 'paypal_' . $order->mode . '_api_username' ), 'api_password' => edd_get_option( 'paypal_' . $order->mode . '_api_password' ), 'api_signature' => edd_get_option( 'paypal_' . $order->mode . '_api_signature' ) ); $credentials = apply_filters( 'edd_paypal_refund_api_credentials', $credentials, $payment ); $body = array( 'USER' => $credentials['api_username'], 'PWD' => $credentials['api_password'], 'SIGNATURE' => $credentials['api_signature'], 'VERSION' => '124', 'METHOD' => 'RefundTransaction', 'TRANSACTIONID' => $order->get_transaction_id(), 'REFUNDTYPE' => 'Full' ); // If a refund object is supplied, let's check if this should be a partial refund instead. if ( $refund_object instanceof Order && abs( $refund_object->total ) !== abs( $order->total ) ) { $body['REFUNDTYPE'] = 'Partial'; $body['AMT'] = abs( $refund_object->total ); /* Translators: %d - order ID number; %s - formatted refund amount */ edd_debug_log( sprintf( 'Processing partial PayPal refund for order #%d. Amount: %s.', $order->id, edd_currency_filter( $refund_object->total, $refund_object->currency ) ) ); } else { /* Translators: %d - order ID number */ edd_debug_log( sprintf( 'Processing full PayPal refund for order #%d.', $order->id ) ); } $body = apply_filters( 'edd_paypal_refund_body_args', $body, $payment ); // Prepare the headers of the refund request. $headers = array( 'Content-Type' => 'application/x-www-form-urlencoded', 'Cache-Control' => 'no-cache' ); $headers = apply_filters( 'edd_paypal_refund_header_args', $headers, $payment ); // Prepare args of the refund request. $args = array( 'body' => $body, 'headers' => $headers, 'httpversion' => '1.1' ); $args = apply_filters( 'edd_paypal_refund_request_args', $args, $payment ); $error_msg = ''; $request = wp_remote_post( $credentials['api_endpoint'], $args ); if ( is_wp_error( $request ) ) { $success = false; $error_msg = $request->get_error_message(); } else { $body = wp_remote_retrieve_body( $request ); if ( is_string( $body ) ) { wp_parse_str( $body, $body ); } if ( isset( $body['ACK'] ) && 'success' === strtolower( $body['ACK'] ) ) { $success = true; } else { $success = false; if ( isset( $body['L_LONGMESSAGE0'] ) ) { $error_msg = $body['L_LONGMESSAGE0']; } else { $error_msg = __( 'PayPal refund failed for unknown reason.', 'easy-digital-downloads' ); } } } if ( $success ) { edd_update_order_meta( $order->id, '_edd_paypal_refunded', true ); // Add a note to the original order, and, if provided, the new refund object. if ( isset( $body['GROSSREFUNDAMT'] ) ) { /* Translators: %1$s - amount refunded; %2$s - transaction ID. */ $note_message = sprintf( __( '%1$s refunded in PayPal. Transaction ID: %2$s', 'easy-digital-downloads' ), edd_currency_filter( edd_format_amount( $body['GROSSREFUNDAMT'] ) ), esc_html( $body['REFUNDTRANSACTIONID'] ) ); } else { /* Translators: %s - transaction ID. */ $note_message = sprintf( __( 'PayPal refund transaction ID: %s', 'easy-digital-downloads' ), esc_html( $body['REFUNDTRANSACTIONID'] ) ); } $note_object_ids = array( $order->id ); if ( $refund_object instanceof Order ) { $note_object_ids[] = $refund_object->id; } foreach ( $note_object_ids as $note_object_id ) { edd_add_note( array( 'object_id' => $note_object_id, 'object_type' => 'order', 'user_id' => is_admin() ? get_current_user_id() : 0, 'content' => $note_message ) ); } // Add a negative transaction. if ( $refund_object instanceof Order && isset( $body['REFUNDTRANSACTIONID'] ) && isset( $body['GROSSREFUNDAMT'] ) ) { edd_add_order_transaction( array( 'object_id' => $refund_object->id, 'object_type' => 'order', 'transaction_id' => sanitize_text_field( $body['REFUNDTRANSACTIONID'] ), 'gateway' => 'paypal', 'status' => 'complete', 'total' => edd_negate_amount( $body['GROSSREFUNDAMT'] ) ) ); } } else { edd_add_note( array( 'object_id' => $order->id, 'object_type' => 'order', 'user_id' => is_admin() ? get_current_user_id() : 0, 'content' => sprintf( __( 'PayPal refund failed: %s', 'easy-digital-downloads' ), $error_msg ) ) ); } // Run hook letting people know the payment has been refunded successfully. do_action( 'edd_paypal_refund_purchase', $payment ); }
Copyright ©2021 || Defacer Indonesia