From 7c70febc6bafcd9f2f0d997ccc7f39dd2829c0c6 Mon Sep 17 00:00:00 2001
From: Chris Murray <chris.f.murray@hotmail.co.uk>
Date: Thu, 8 May 2014 01:11:48 +0100
Subject: [PATCH] add in paypal files #253

add in paypal files #253
---
 .../paypal_payment/expresscheckout.php        |  65 +++
 .../paypal_payment/paypalfunctions.php        | 411 ++++++++++++++++++
 2 files changed, 476 insertions(+)
 create mode 100644 crm/modules/paypal_payment/expresscheckout.php
 create mode 100644 crm/modules/paypal_payment/paypalfunctions.php

diff --git a/crm/modules/paypal_payment/expresscheckout.php b/crm/modules/paypal_payment/expresscheckout.php
new file mode 100644
index 00000000..8aeae26e
--- /dev/null
+++ b/crm/modules/paypal_payment/expresscheckout.php
@@ -0,0 +1,65 @@
+<?php
+
+require_once ("paypalfunctions.php");
+// ==================================
+// PayPal Express Checkout Module
+// ==================================
+
+//'------------------------------------
+//' The paymentAmount is the total value of 
+//' the shopping cart, that was set 
+//' earlier in a session variable 
+//' by the shopping cart page
+//'------------------------------------
+$paymentAmount = $_SESSION["Payment_Amount"];
+
+//'------------------------------------
+//' The currencyCodeType and paymentType 
+//' are set to the selections made on the Integration Assistant 
+//'------------------------------------
+$currencyCodeType = "GBP";
+$paymentType = "Sale";
+
+//'------------------------------------
+//' The returnURL is the location where buyers return to when a
+//' payment has been succesfully authorized.
+//'
+//' This is set to the value entered on the Integration Assistant 
+//'------------------------------------
+$returnURL = "https://tony314/crm/index.php?q=contact&cid=5&tab=account";
+
+//'------------------------------------
+//' The cancelURL is the location buyers are sent to when they hit the
+//' cancel button during authorization of payment during the PayPal flow
+//'
+//' This is set to the value entered on the Integration Assistant 
+//'------------------------------------
+$cancelURL = "https://tony314/crm/index.php?q=contact&cid=5&tab=account";
+
+//'------------------------------------
+//' Calls the SetExpressCheckout API call
+//'
+//' The CallShortcutExpressCheckout function is defined in the file PayPalFunctions.php,
+//' it is included at the top of this file.
+//'-------------------------------------------------
+$resArray = CallShortcutExpressCheckout ($paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL);
+$ack = strtoupper($resArray["ACK"]);
+if($ack=="SUCCESS" || $ack=="SUCCESSWITHWARNING")
+{
+	RedirectToPayPal ( $resArray["TOKEN"] );
+} 
+else  
+{
+	//Display a user friendly Error on the page using any of the following error information returned by PayPal
+	$ErrorCode = urldecode($resArray["L_ERRORCODE0"]);
+	$ErrorShortMsg = urldecode($resArray["L_SHORTMESSAGE0"]);
+	$ErrorLongMsg = urldecode($resArray["L_LONGMESSAGE0"]);
+	$ErrorSeverityCode = urldecode($resArray["L_SEVERITYCODE0"]);
+	
+	echo "SetExpressCheckout API call failed. ";
+	echo "Detailed Error Message: " . $ErrorLongMsg;
+	echo "Short Error Message: " . $ErrorShortMsg;
+	echo "Error Code: " . $ErrorCode;
+	echo "Error Severity Code: " . $ErrorSeverityCode;
+}
+?>
\ No newline at end of file
diff --git a/crm/modules/paypal_payment/paypalfunctions.php b/crm/modules/paypal_payment/paypalfunctions.php
new file mode 100644
index 00000000..82c5f93d
--- /dev/null
+++ b/crm/modules/paypal_payment/paypalfunctions.php
@@ -0,0 +1,411 @@
+<?php
+	/********************************************
+	PayPal API Module
+	 
+	Defines all the global variables and the wrapper functions 
+	********************************************/
+	$PROXY_HOST = '127.0.0.1';
+	$PROXY_PORT = '808';
+
+	$SandboxFlag = true;
+
+	//'------------------------------------
+	//' PayPal API Credentials
+	//' Replace <API_USERNAME> with your API Username
+	//' Replace <API_PASSWORD> with your API Password
+	//' Replace <API_SIGNATURE> with your Signature
+	//'------------------------------------
+	$API_UserName="<API_USERNAME>";
+	$API_Password="<API_PASSWORD>";
+	$API_Signature="<API_SIGNATURE>";
+
+	// BN Code 	is only applicable for partners
+	$sBNCode = "PP-ECWizard";
+	
+	
+	/*	
+	' Define the PayPal Redirect URLs.  
+	' 	This is the URL that the buyer is first sent to do authorize payment with their paypal account
+	' 	change the URL depending if you are testing on the sandbox or the live PayPal site
+	'
+	' For the sandbox, the URL is       https://www.sandbox.paypal.com/webscr&cmd=_express-checkout&token=
+	' For the live site, the URL is        https://www.paypal.com/webscr&cmd=_express-checkout&token=
+	*/
+	
+	if ($SandboxFlag == true) 
+	{
+		$API_Endpoint = "https://api-3t.sandbox.paypal.com/nvp";
+		$PAYPAL_URL = "https://www.sandbox.paypal.com/webscr?cmd=_express-checkout&token=";
+	}
+	else
+	{
+		$API_Endpoint = "https://api-3t.paypal.com/nvp";
+		$PAYPAL_URL = "https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=";
+	}
+
+	$USE_PROXY = false;
+	$version="93";
+
+	if (session_id() == "") 
+		session_start();
+
+	/* An express checkout transaction starts with a token, that
+	   identifies to PayPal your transaction
+	   In this example, when the script sees a token, the script
+	   knows that the buyer has already authorized payment through
+	   paypal.  If no token was found, the action is to send the buyer
+	   to PayPal to first authorize payment
+	   */
+
+	/*   
+	'-------------------------------------------------------------------------------------------------------------------------------------------
+	' Purpose: 	Prepares the parameters for the SetExpressCheckout API Call.
+	' Inputs:  
+	'		paymentAmount:  	Total value of the shopping cart
+	'		currencyCodeType: 	Currency code value the PayPal API
+	'		paymentType: 		paymentType has to be one of the following values: Sale or Order or Authorization
+	'		returnURL:			the page where buyers return to after they are done with the payment review on PayPal
+	'		cancelURL:			the page where buyers return to when they cancel the payment review on PayPal
+	'--------------------------------------------------------------------------------------------------------------------------------------------	
+	*/
+	function CallShortcutExpressCheckout( $paymentAmount, $currencyCodeType, $paymentType, $returnURL, $cancelURL) 
+	{
+		//------------------------------------------------------------------------------------------------------------------------------------
+		// Construct the parameter string that describes the SetExpressCheckout API call in the shortcut implementation
+		
+		$nvpstr="&PAYMENTREQUEST_0_AMT=". $paymentAmount;
+		$nvpstr = $nvpstr . "&PAYMENTREQUEST_0_PAYMENTACTION=" . $paymentType;
+		$nvpstr = $nvpstr . "&RETURNURL=" . $returnURL;
+		$nvpstr = $nvpstr . "&CANCELURL=" . $cancelURL;
+		$nvpstr = $nvpstr . "&PAYMENTREQUEST_0_CURRENCYCODE=" . $currencyCodeType;
+		
+		$_SESSION["currencyCodeType"] = $currencyCodeType;	  
+		$_SESSION["PaymentType"] = $paymentType;
+
+		//'--------------------------------------------------------------------------------------------------------------- 
+		//' Make the API call to PayPal
+		//' If the API call succeded, then redirect the buyer to PayPal to begin to authorize payment.  
+		//' If an error occured, show the resulting errors
+		//'---------------------------------------------------------------------------------------------------------------
+	    $resArray=hash_call("SetExpressCheckout", $nvpstr);
+		$ack = strtoupper($resArray["ACK"]);
+		if($ack=="SUCCESS" || $ack=="SUCCESSWITHWARNING")
+		{
+			$token = urldecode($resArray["TOKEN"]);
+			$_SESSION['TOKEN']=$token;
+		}
+		   
+	    return $resArray;
+	}
+
+	/*   
+	'-------------------------------------------------------------------------------------------------------------------------------------------
+	' Purpose: 	Prepares the parameters for the SetExpressCheckout API Call.
+	' Inputs:  
+	'		paymentAmount:  	Total value of the shopping cart
+	'		currencyCodeType: 	Currency code value the PayPal API
+	'		paymentType: 		paymentType has to be one of the following values: Sale or Order or Authorization
+	'		returnURL:			the page where buyers return to after they are done with the payment review on PayPal
+	'		cancelURL:			the page where buyers return to when they cancel the payment review on PayPal
+	'		shipToName:		the Ship to name entered on the merchant's site
+	'		shipToStreet:		the Ship to Street entered on the merchant's site
+	'		shipToCity:			the Ship to City entered on the merchant's site
+	'		shipToState:		the Ship to State entered on the merchant's site
+	'		shipToCountryCode:	the Code for Ship to Country entered on the merchant's site
+	'		shipToZip:			the Ship to ZipCode entered on the merchant's site
+	'		shipToStreet2:		the Ship to Street2 entered on the merchant's site
+	'		phoneNum:			the phoneNum  entered on the merchant's site
+	'--------------------------------------------------------------------------------------------------------------------------------------------	
+	*/
+	function CallMarkExpressCheckout( $paymentAmount, $currencyCodeType, $paymentType, $returnURL, 
+									  $cancelURL, $shipToName, $shipToStreet, $shipToCity, $shipToState,
+									  $shipToCountryCode, $shipToZip, $shipToStreet2, $phoneNum
+									) 
+	{
+		//------------------------------------------------------------------------------------------------------------------------------------
+		// Construct the parameter string that describes the SetExpressCheckout API call in the shortcut implementation
+		
+		$nvpstr="&PAYMENTREQUEST_0_AMT=". $paymentAmount;
+		$nvpstr = $nvpstr . "&PAYMENTREQUEST_0_PAYMENTACTION=" . $paymentType;
+		$nvpstr = $nvpstr . "&RETURNURL=" . $returnURL;
+		$nvpstr = $nvpstr . "&CANCELURL=" . $cancelURL;
+		$nvpstr = $nvpstr . "&PAYMENTREQUEST_0_CURRENCYCODE=" . $currencyCodeType;
+		$nvpstr = $nvpstr . "&ADDROVERRIDE=1";
+		$nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTONAME=" . $shipToName;
+		$nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOSTREET=" . $shipToStreet;
+		$nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOSTREET2=" . $shipToStreet2;
+		$nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOCITY=" . $shipToCity;
+		$nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOSTATE=" . $shipToState;
+		$nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE=" . $shipToCountryCode;
+		$nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOZIP=" . $shipToZip;
+		$nvpstr = $nvpstr . "&PAYMENTREQUEST_0_SHIPTOPHONENUM=" . $phoneNum;
+		
+		$_SESSION["currencyCodeType"] = $currencyCodeType;	  
+		$_SESSION["PaymentType"] = $paymentType;
+
+		//'--------------------------------------------------------------------------------------------------------------- 
+		//' Make the API call to PayPal
+		//' If the API call succeded, then redirect the buyer to PayPal to begin to authorize payment.  
+		//' If an error occured, show the resulting errors
+		//'---------------------------------------------------------------------------------------------------------------
+	    $resArray=hash_call("SetExpressCheckout", $nvpstr);
+		$ack = strtoupper($resArray["ACK"]);
+		if($ack=="SUCCESS" || $ack=="SUCCESSWITHWARNING")
+		{
+			$token = urldecode($resArray["TOKEN"]);
+			$_SESSION['TOKEN']=$token;
+		}
+		   
+	    return $resArray;
+	}
+	
+	/*
+	'-------------------------------------------------------------------------------------------
+	' Purpose: 	Prepares the parameters for the GetExpressCheckoutDetails API Call.
+	'
+	' Inputs:  
+	'		None
+	' Returns: 
+	'		The NVP Collection object of the GetExpressCheckoutDetails Call Response.
+	'-------------------------------------------------------------------------------------------
+	*/
+	function GetShippingDetails( $token )
+	{
+		//'--------------------------------------------------------------
+		//' At this point, the buyer has completed authorizing the payment
+		//' at PayPal.  The function will call PayPal to obtain the details
+		//' of the authorization, incuding any shipping information of the
+		//' buyer.  Remember, the authorization is not a completed transaction
+		//' at this state - the buyer still needs an additional step to finalize
+		//' the transaction
+		//'--------------------------------------------------------------
+	   
+	    //'---------------------------------------------------------------------------
+		//' Build a second API request to PayPal, using the token as the
+		//'  ID to get the details on the payment authorization
+		//'---------------------------------------------------------------------------
+	    $nvpstr="&TOKEN=" . $token;
+
+		//'---------------------------------------------------------------------------
+		//' Make the API call and store the results in an array.  
+		//'	If the call was a success, show the authorization details, and provide
+		//' 	an action to complete the payment.  
+		//'	If failed, show the error
+		//'---------------------------------------------------------------------------
+	    $resArray=hash_call("GetExpressCheckoutDetails",$nvpstr);
+	    $ack = strtoupper($resArray["ACK"]);
+		if($ack == "SUCCESS" || $ack=="SUCCESSWITHWARNING")
+		{	
+			$_SESSION['payer_id'] =	$resArray['PAYERID'];
+		} 
+		return $resArray;
+	}
+	
+	/*
+	'-------------------------------------------------------------------------------------------------------------------------------------------
+	' Purpose: 	Prepares the parameters for the GetExpressCheckoutDetails API Call.
+	'
+	' Inputs:  
+	'		sBNCode:	The BN code used by PayPal to track the transactions from a given shopping cart.
+	' Returns: 
+	'		The NVP Collection object of the GetExpressCheckoutDetails Call Response.
+	'--------------------------------------------------------------------------------------------------------------------------------------------	
+	*/
+	function ConfirmPayment( $FinalPaymentAmt )
+	{
+		/* Gather the information to make the final call to
+		   finalize the PayPal payment.  The variable nvpstr
+		   holds the name value pairs
+		   */
+		
+
+		//Format the other parameters that were stored in the session from the previous calls	
+		$token 				= urlencode($_SESSION['TOKEN']);
+		$paymentType 		= urlencode($_SESSION['PaymentType']);
+		$currencyCodeType 	= urlencode($_SESSION['currencyCodeType']);
+		$payerID 			= urlencode($_SESSION['payer_id']);
+
+		$serverName 		= urlencode($_SERVER['SERVER_NAME']);
+
+		$nvpstr  = '&TOKEN=' . $token . '&PAYERID=' . $payerID . '&PAYMENTREQUEST_0_PAYMENTACTION=' . $paymentType . '&PAYMENTREQUEST_0_AMT=' . $FinalPaymentAmt;
+		$nvpstr .= '&PAYMENTREQUEST_0_CURRENCYCODE=' . $currencyCodeType . '&IPADDRESS=' . $serverName; 
+
+		 /* Make the call to PayPal to finalize payment
+		    If an error occured, show the resulting errors
+		    */
+		$resArray=hash_call("DoExpressCheckoutPayment",$nvpstr);
+
+		/* Display the API response back to the browser.
+		   If the response from PayPal was a success, display the response parameters'
+		   If the response was an error, display the errors received using APIError.php.
+		   */
+		$ack = strtoupper($resArray["ACK"]);
+
+		return $resArray;
+	}
+	
+	/*
+	'-------------------------------------------------------------------------------------------------------------------------------------------
+	' Purpose: 	This function makes a DoDirectPayment API call
+	'
+	' Inputs:  
+	'		paymentType:		paymentType has to be one of the following values: Sale or Order or Authorization
+	'		paymentAmount:  	total value of the shopping cart
+	'		currencyCode:	 	currency code value the PayPal API
+	'		firstName:			first name as it appears on credit card
+	'		lastName:			last name as it appears on credit card
+	'		street:				buyer's street address line as it appears on credit card
+	'		city:				buyer's city
+	'		state:				buyer's state
+	'		countryCode:		buyer's country code
+	'		zip:				buyer's zip
+	'		creditCardType:		buyer's credit card type (i.e. Visa, MasterCard ... )
+	'		creditCardNumber:	buyers credit card number without any spaces, dashes or any other characters
+	'		expDate:			credit card expiration date
+	'		cvv2:				Card Verification Value 
+	'		
+	'-------------------------------------------------------------------------------------------
+	'		
+	' Returns: 
+	'		The NVP Collection object of the DoDirectPayment Call Response.
+	'--------------------------------------------------------------------------------------------------------------------------------------------	
+	*/
+
+
+	function DirectPayment( $paymentType, $paymentAmount, $creditCardType, $creditCardNumber,
+							$expDate, $cvv2, $firstName, $lastName, $street, $city, $state, $zip, 
+							$countryCode, $currencyCode )
+	{
+		//Construct the parameter string that describes DoDirectPayment
+		$nvpstr = "&AMT=" . $paymentAmount;
+		$nvpstr = $nvpstr . "&CURRENCYCODE=" . $currencyCode;
+		$nvpstr = $nvpstr . "&PAYMENTACTION=" . $paymentType;
+		$nvpstr = $nvpstr . "&CREDITCARDTYPE=" . $creditCardType;
+		$nvpstr = $nvpstr . "&ACCT=" . $creditCardNumber;
+		$nvpstr = $nvpstr . "&EXPDATE=" . $expDate;
+		$nvpstr = $nvpstr . "&CVV2=" . $cvv2;
+		$nvpstr = $nvpstr . "&FIRSTNAME=" . $firstName;
+		$nvpstr = $nvpstr . "&LASTNAME=" . $lastName;
+		$nvpstr = $nvpstr . "&STREET=" . $street;
+		$nvpstr = $nvpstr . "&CITY=" . $city;
+		$nvpstr = $nvpstr . "&STATE=" . $state;
+		$nvpstr = $nvpstr . "&COUNTRYCODE=" . $countryCode;
+		$nvpstr = $nvpstr . "&IPADDRESS=" . $_SERVER['REMOTE_ADDR'];
+
+		$resArray=hash_call("DoDirectPayment", $nvpstr);
+
+		return $resArray;
+	}
+
+
+	/**
+	  '-------------------------------------------------------------------------------------------------------------------------------------------
+	  * hash_call: Function to perform the API call to PayPal using API signature
+	  * @methodName is name of API  method.
+	  * @nvpStr is nvp string.
+	  * returns an associtive array containing the response from the server.
+	  '-------------------------------------------------------------------------------------------------------------------------------------------
+	*/
+	function hash_call($methodName,$nvpStr)
+	{
+		//declaring of global variables
+		global $API_Endpoint, $version, $API_UserName, $API_Password, $API_Signature;
+		global $USE_PROXY, $PROXY_HOST, $PROXY_PORT;
+		global $gv_ApiErrorURL;
+		global $sBNCode;
+
+		//setting the curl parameters.
+		$ch = curl_init();
+		curl_setopt($ch, CURLOPT_URL,$API_Endpoint);
+		curl_setopt($ch, CURLOPT_VERBOSE, 1);
+
+		//turning off the server and peer verification(TrustManager Concept).
+		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
+		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
+
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
+		curl_setopt($ch, CURLOPT_POST, 1);
+		
+	    //if USE_PROXY constant set to TRUE in Constants.php, then only proxy will be enabled.
+	   //Set proxy name to PROXY_HOST and port number to PROXY_PORT in constants.php 
+		if($USE_PROXY)
+			curl_setopt ($ch, CURLOPT_PROXY, $PROXY_HOST. ":" . $PROXY_PORT); 
+
+		//NVPRequest for submitting to server
+		$nvpreq="METHOD=" . urlencode($methodName) . "&VERSION=" . urlencode($version) . "&PWD=" . urlencode($API_Password) . "&USER=" . urlencode($API_UserName) . "&SIGNATURE=" . urlencode($API_Signature) . $nvpStr . "&BUTTONSOURCE=" . urlencode($sBNCode);
+
+		//setting the nvpreq as POST FIELD to curl
+		curl_setopt($ch, CURLOPT_POSTFIELDS, $nvpreq);
+
+		//getting response from server
+		$response = curl_exec($ch);
+
+		//convrting NVPResponse to an Associative Array
+		$nvpResArray=deformatNVP($response);
+		$nvpReqArray=deformatNVP($nvpreq);
+		$_SESSION['nvpReqArray']=$nvpReqArray;
+
+		if (curl_errno($ch)) 
+		{
+			// moving to display page to display curl errors
+			  $_SESSION['curl_error_no']=curl_errno($ch) ;
+			  $_SESSION['curl_error_msg']=curl_error($ch);
+
+			  //Execute the Error handling module to display errors. 
+		} 
+		else 
+		{
+			 //closing the curl
+		  	curl_close($ch);
+		}
+
+		return $nvpResArray;
+	}
+
+	/*'----------------------------------------------------------------------------------
+	 Purpose: Redirects to PayPal.com site.
+	 Inputs:  NVP string.
+	 Returns: 
+	----------------------------------------------------------------------------------
+	*/
+	function RedirectToPayPal ( $token )
+	{
+		global $PAYPAL_URL;
+		
+		// Redirect to paypal.com here
+		$payPalURL = $PAYPAL_URL . $token;
+		header("Location: ".$payPalURL);
+		exit;
+	}
+
+	
+	/*'----------------------------------------------------------------------------------
+	 * This function will take NVPString and convert it to an Associative Array and it will decode the response.
+	  * It is usefull to search for a particular key and displaying arrays.
+	  * @nvpstr is NVPString.
+	  * @nvpArray is Associative Array.
+	   ----------------------------------------------------------------------------------
+	  */
+	function deformatNVP($nvpstr)
+	{
+		$intial=0;
+	 	$nvpArray = array();
+
+		while(strlen($nvpstr))
+		{
+			//postion of Key
+			$keypos= strpos($nvpstr,'=');
+			//position of value
+			$valuepos = strpos($nvpstr,'&') ? strpos($nvpstr,'&'): strlen($nvpstr);
+
+			/*getting the Key and Value values and storing in a Associative Array*/
+			$keyval=substr($nvpstr,$intial,$keypos);
+			$valval=substr($nvpstr,$keypos+1,$valuepos-$keypos-1);
+			//decoding the respose
+			$nvpArray[urldecode($keyval)] =urldecode( $valval);
+			$nvpstr=substr($nvpstr,$valuepos+1,strlen($nvpstr));
+	     }
+		return $nvpArray;
+	}
+
+?>
\ No newline at end of file