15
Sep/090
Sep/090
MiraPay merchant support for WP e-Commerce
WP e-Commerce is a WordPress plugin for adding shopping cart functionality to your WordPress powered website. I wanted to use it for a contract I did but it did not support the payment gateway that I had to use. So, I wrote one. It works and was used in a production website. It may need some work to clean it up or whatnot but I have no plans to continue working on it. Feel free to use it if you need it, the code is released under the MIT license.
To use the code you will of course need a WordPress blog with the WP e-Commerce plugin installed. Download and save this file as mirapay.php and put it in the merchants directory within the wp-content/plugins/wp-e-commerce directory.
<?php
$nzshpcrt_gateways[$num]['name'] = 'Mirapay Payment';
$nzshpcrt_gateways[$num]['admin_name'] = 'Mirapay';
$nzshpcrt_gateways[$num]['internalname'] = 'mirapay';
$nzshpcrt_gateways[$num]['function'] = 'gateway_mirapay';
$nzshpcrt_gateways[$num]['form'] = "form_mirapay";
$nzshpcrt_gateways[$num]['submit_function'] = "submit_mirapay";
function gateway_mirapay($seperator, $sessionid) {
global $wpdb;
$_SESSION['mirapaysessionid'] = $sessionid;
$purchase_log_sql = "SELECT * FROM `".$wpdb->prefix."purchase_logs` WHERE `sessionid`= ".$sessionid." LIMIT 1";
$purchase_log = $wpdb->get_results($purchase_log_sql,ARRAY_A);
$cart_sql = "SELECT * FROM `".$wpdb->prefix."cart_contents` WHERE `purchaseid`='".$purchase_log[0]['id']."'";
$cart = $wpdb->get_results($cart_sql,ARRAY_A);
$transact_url = get_option('transact_url');
$mirapay_url = get_option('mirapay_url');
$total_price = 0;
foreach($cart as $item) {
$product_data = $wpdb->get_results("SELECT * FROM `".$wpdb->prefix."product_list` WHERE `id`='".$item['prodid']."' LIMIT 1",ARRAY_A);
$product_data = $product_data[0];
$total_price = $total_price + ($item['price'] * $item['quantity']);
}
$data['MTID'] = $sessionid;
$data['Merchant_ID'] = get_option('mirapay_merchant_id');
$data['Amount1'] = number_format($total_price, 2);
if(get_option('mirapay_debug') == 1) {
$output = "<form id=\"mirapay_form\" name=\"mirapay_form\" method=\"get\" action=\"".$transact_url.$seperator."sessionid=".$sessionid."&gateway=mirapay"."\">\n";
$output .= "<input type=\"hidden\" name=\"debug\" value=\"true\" />";
$output .= "<select name=\"Response\">";
$output .= "<option value=\"APPROVED\">Accepted</option>";
$output .= "<option value=\"DECLINED\">Declined</option>";
$output .= "<option value=\"CANCELED\">Cancelled</option>";
$output .= "</select>";
$data['MiraID'] = "DEBUG";
$data['gateway'] = "mirapay";
} else {
if($_POST['collected_data'][get_option('mirapay_form_email')] != '') {
$data['EMail'] = $_POST['collected_data'][get_option('mirapay_form_email')];
}
$data['SuccessURL'] = $transact_url.$seperator."sessionid=".$sessionid."&gateway=mirapay";
$data['FailURL'] = $transact_url.$seperator."&gateway=mirapay";
$data['MKEY'] = md5($sessionid.number_format($total_price, 2).get_option('mirapay_salt'));
$output = "<form id=\"mirapay_form\" name=\"mirapay_form\" method=\"post\" action=\"$mirapay_url\">\n";
}
foreach($data as $n=>$v) {
$output .= "<input type=\"hidden\" name=\"$n\" value=\"$v\" />\n";
}
$output .= "You are being automatically re-directed to MiraPay. If this does not occur please click here: <input type=\"submit\" value=\"Continue to MiraPay\" />
</form>
";
if(get_option('mirapay_debug') == 1) {
echo ("DEBUG MODE ON!!<br/>");
echo("The following form is created and would be posted to MiraPay for processing. Press submit to continue:<br/>");
echo("<pre>".htmlspecialchars($output)."</pre>");
}
echo($output);
if(get_option('mirapay_debug') == 0) {
echo "<script language=\"javascript\" type=\"text/javascript\">document.getElementById('mirapay_form').submit();</script>";
}
exit();
}
function g_off_mirapay_callback()
{
global $wpdb;
if($_GET['gateway'] == 'mirapay') {
$mtid = trim(stripslashes($_GET['MTID']));
$response = trim(stripslashes($_GET['Response']));
$miraid = trim(stripslashes($_GET['MiraID']));
$mkey = trim(stripslashes($_GET['MKEY']));
$amount = trim(stripslashes($_GET['Amount1']));
$sessionid = $mtid; //_SESSION['mirasessionid'];
if($_GET['debug'] == 'true' && get_option('mirapay_debug') == 1) {
$mkey = md5($mtid.number_format($amount,2).$miraid.$response.get_option('mirapay_salt'));
// print_r($_GET);
// reset($_GET);
}
$transation_id = $mkey;
$genhash = md5($mtid.number_format($amount,2).$miraid.$response.get_option('mirapay_salt'));
if($genhash == $mkey) {
$_GET['sessionid'] = $sessionid;
switch($response) {
case 'APPROVED':
// echo "purchase succeeded\n";
// echo "UPDATE `".$wpdb->prefix."purchase_logs` SET
// `processed` = '2',
// `transactid` = '".$transaction_id."',
// `date` = '".time()."' WHERE `sessionid` = ".$sessionid." LIMIT 1";
$wpdb->query("UPDATE `".$wpdb->prefix."purchase_logs` SET
`processed` = '2',
`transactid` = '".$transaction_id."',
`date` = '".time()."' WHERE `sessionid` = ".$sessionid." LIMIT 1");
transaction_results($sessionid, false, $transaction_id);
// $transact_url = get_option('transact_url');
// unset($_SESSION['WpscGatewayErrorMessage']);
// header("Location: ".$transact_url.$seperator."sessionid=".$sessionid);
break;
case 'DECLINED':
$log_id = $wpdb->get_var("SELECT `id` FROM `".$wpdb->prefix."purchase_logs` WHERE `sessionid`='$sessionid' LIMIT 1");
$delete_log_form_sql = "SELECT * FROM `".$wpdb->prefix."cart_contents` WHERE `purchaseid`='$log_id'";
$cart_content = $wpdb->get_results($delete_log_form_sql,ARRAY_A);
foreach((array)$cart_content as $cart_item) {
$cart_item_variations = $wpdb->query("DELETE FROM `".$wpdb->prefix."cart_item_variations` WHERE `cart_id` = '".$cart_item['id']."'", ARRAY_A);
}
$wpdb->query("DELETE FROM `".$wpdb->prefix."cart_contents` WHERE `purchaseid`='$log_id'");
$wpdb->query("DELETE FROM `".$wpdb->prefix."submited_form_data` WHERE `log_id` IN ('$log_id')");
$wpdb->query("DELETE FROM `".$wpdb->prefix."purchase_logs` WHERE `id`='$log_id' LIMIT 1");
break;
case 'CANCELED':
$log_id = $wpdb->get_var("SELECT `id` FROM `".$wpdb->prefix."purchase_logs` WHERE `sessionid`='$sessionid' LIMIT 1");
$delete_log_form_sql = "SELECT * FROM `".$wpdb->prefix."cart_contents` WHERE `purchaseid`='$log_id'";
$cart_content = $wpdb->get_results($delete_log_form_sql,ARRAY_A);
foreach((array)$cart_content as $cart_item) {
$cart_item_variations = $wpdb->query("DELETE FROM `".$wpdb->prefix."cart_item_variations` WHERE `cart_id` = '".$cart_item['id']."'", ARRAY_A);
}
$wpdb->query("DELETE FROM `".$wpdb->prefix."cart_contents` WHERE `purchaseid`='$log_id'");
$wpdb->query("DELETE FROM `".$wpdb->prefix."submited_form_data` WHERE `log_id` IN ('$log_id')");
$wpdb->query("DELETE FROM `".$wpdb->prefix."purchase_logs` WHERE `id`='$log_id' LIMIT 1");
header("Location: ".get_option('shopping_cart_url'));
exit;
break;
default:
break;
}
} else {
// $message = "This message has been sent because a call to your ChronoPay function was made by a server that did not have the correct security key. This could mean someone is trying to hack your payment site. The details of the call are below.\n\r\n\r";
// $message .= "OUR_POST:\n\r".print_r($header . $req,true)."\n\r\n\r";
// $message .= "THEIR_POST:\n\r".print_r($_POST,true)."\n\r\n\r";
// $message .= "GET:\n\r".print_r($_GET,true)."\n\r\n\r";
// $message .= "SERVER:\n\r".print_r($_SERVER,true)."\n\r\n\r";
// mail(get_option('purch_log_email'), "ChronoPay Security Key Failed!", $message);
}
}
}
function submit_mirapay() {
if($_POST['mirapay_merchant_id'] != null)
{
update_option('mirapay_merchant_id', $_POST['mirapay_merchant_id']);
}
if($_POST['mirapay_url'] != null)
{
update_option('mirapay_url', $_POST['mirapay_url']);
}
if($_POST['mirapay_salt'] != null)
{
update_option('mirapay_salt', $_POST['mirapay_salt']);
}
if($_POST['mirapay_curcode'] != null)
{
update_option('mirapay_curcode', $_POST['mirapay_curcode']);
}
if($_POST['mirapay_language'] != null)
{
update_option('mirapay_language', $_POST['mirapay_language']);
}
if($_POST['mirapay_debug'] != null)
{
update_option('mirapay_debug', $_POST['mirapay_debug']);
}
foreach((array)$_POST['mirapay_form'] as $form => $value)
{
update_option(('mirapay_form_'.$form), $value);
}
return true;
}
function form_mirapay() {
$mirapay_url = ( get_option('mirapay_url')=='' ? 'https://www3.eigendev.com/mirapay/secure_credit.php' : get_option('mirapay_url') );
$mirapay_salt = ( get_option('mirapay_salt')=='' ? 'changeme' : get_option('mirapay_salt') );
$mirapay_debug = get_option('mirapay_debug');
$mirapay_debug1 = "";
$mirapay_debug2 = "";
switch($mirapay_debug)
{
case 0:
$mirapay_debug2 = "checked ='true'";
break;
case 1:
$mirapay_debug1 = "checked ='true'";
break;
}
$output = "
<tr>
<td>MiraPay Merchant ID</td>
<td><input type='text' size='40' value='".get_option('mirapay_merchant_id')."' name='mirapay_merchant_id' /></td>
</tr>
<tr>
<td> </td>
<td><small>This should be set to your MiraPay Merchant ID.
This is the MiraPay Merchant ID that all purchases will be processed against.</small></td>
</tr>
<tr>
<td>MiraPay processing URL</td>
<td><input type='text' size='40' value='".$mirapay_url."' name='mirapay_url' /></td>
</tr>
<tr>
<td> </td>
<td><small>URL of the secure payment page customers are sent to for payment processing. If unsure leave at default setting.</small></td>
</tr>
<tr>
<td>MiraPay Security Key</td>
<td><input type='text' size='40' value='".$mirapay_salt."' name='mirapay_salt' /></td>
</tr>
<tr>
<td> </td>
<td><small>A bit of security... This is a keyword that is used to ensure transaction approval calls from MiraPay to this application are real and were instigated from this server. Enter a unique word into this field.</small></td>
</tr>
<tr>
<td>MiraPay Accepted Currency (CAD)</td>
<td><select name='mirapay_curcode'>
<option ".$select_currency['CAD']." value='CAD'>CAD - Canadian Dollar</option>
</select>
</td>
</tr>
<tr>
<td> </td>
<td><small>The currency code that MiraPay will process the payment in. All products must be set up in this currency.</small></td>
</tr>
<tr>
<td>MiraPay Language</td>
<td><select name='mirapay_language'>
<option ".$select_language['EN']." value='EN'>Engish</option>
<option ".$select_language['ES']." value='FR'>French</option>
</select>
</td>
</tr>
<tr>
<td> </td>
<td><small>The language that the MiraPay secure processing page will be displayed in.</small></td>
</tr>
<tr>
<td>MiraPay Debug Mode</td>
<td>
<input type='radio' value='1' name='mirapay_debug' id='mirapay_debug1' ".$mirapay_debug1." /> <label for='mirapay_debug1'>".TXT_WPSC_YES."</label>
<input type='radio' value='0' name='mirapay_debug' id='mirapay_debug2' ".$mirapay_debug2." /> <label for='mirapay_debug2'>".TXT_WPSC_NO."</label>
</td>
</tr>
<tr>
<td> </td>
<td><small>Debug mode is used to write HTTP communications between the MiraPay server and your host to a log file. This should only be activated for testing!</small></td>
</tr>
<tr class='update_gateway' >
<td colspan='2'>
<div class='submit'>
<input type='submit' value='Update »' name='updateoption'/>
</div>
</td>
</tr>
<tr class='firstrowth'>
<td style='border-bottom: medium none;' colspan='2'>
<strong class='form_group'>Forms Sent to Gateway</strong>
</td>
</tr>
<tr>
<td>First Name Field</td>
<td><select name='mirapay_form[first_name]'>
".nzshpcrt_form_field_list(get_option('mirapay_form_first_name'))."
</select>
</td>
</tr>
<tr>
<td>Last Name Field</td>
<td><select name='mirapay_form[last_name]'>
".nzshpcrt_form_field_list(get_option('mirapay_form_last_name'))."
</select>
</td>
</tr>
<tr>
<td>Address Field</td>
<td><select name='mirapay_form[address]'>
".nzshpcrt_form_field_list(get_option('mirapay_form_address'))."
</select>
</td>
</tr>
<tr>
<td>City Field</td>
<td><select name='mirapay_form[city]'>
".nzshpcrt_form_field_list(get_option('mirapay_form_city'))."
</select>
</td>
</tr>
<tr>
<td>State Field</td>
<td><select name='mirapay_form[state]'>
".nzshpcrt_form_field_list(get_option('mirapay_form_state'))."
</select>
</td>
</tr>
<tr>
<td>Postal code/Zip code Field</td>
<td><select name='mirapay_form[post_code]'>
".nzshpcrt_form_field_list(get_option('mirapay_form_post_code'))."
</select>
</td>
</tr>
<tr>
<td>Country Field</td>
<td><select name='mirapay_form[country]'>
".nzshpcrt_form_field_list(get_option('mirapay_form_country'))."
</select>
</td>
</tr>
<tr>
<td>Email Field</td>
<td><select name='mirapay_form[email]'>
".nzshpcrt_form_field_list(get_option('mirapay_form_email'))."
</select>
</td>
</tr>
";
return $output;
}
add_action('init', 'g_off_mirapay_callback', 5);
About Me
Ottawa, Canada based software developer specializing in iPhone/Mac development with a dash of Python/Django
