/// <summary>
/// Raises the onpaymentgateway event.
/// </summary>
/// <param name="args">The <see cref="Rendition.PaymentGatewayEventArgs"/> instance containing the event data.</param>
internal void raiseOnPaymentGateway( PaymentGatewayEventArgs args )
{
if( OpeningPaymentGateway != null ) { OpeningPaymentGateway( this, args ); };
}
/// <summary>
/// Defaults gateway processor. Used when there is no onpaymentgateway event handler specified
/// </summary>
/// <param name="args">The <see cref="Rendition.PaymentGatewayEventArgs"/> instance containing the event data.</param>
private static void DefaultPaymentGatewayProcessor( ref PaymentGatewayEventArgs args )
{
try {
StringBuilder url = new StringBuilder( "" );
string responseMessage = "";
string strResult = "";
/* build up the URL to send to the payment gateway URL defined in site_configuration */
url.Append( Main.Site.merchant_auth_url );
url.Replace( "{merchant_auth_name}", HttpUtility.UrlEncode( Main.Site.merchant_auth_name ) );
url.Replace( "{merchant_auth_password}", HttpUtility.UrlEncode( Main.Site.merchant_auth_password ) );
url.Replace( "{merchant_auth_type}", HttpUtility.UrlEncode( Main.Site.merchant_auth_type ) );
url.Replace( "{shipToFirstName}", HttpUtility.UrlEncode( args.ShipToAddress.FirstName.Trim() ) );
url.Replace( "{shipToLastName}", HttpUtility.UrlEncode( args.ShipToAddress.LastName.Trim() ) );
url.Replace( "{shipToAddress}", HttpUtility.UrlEncode( args.ShipToAddress.Address1.Trim() ) );
url.Replace( "{shipToAddress2}", HttpUtility.UrlEncode( args.ShipToAddress.Address2.Trim() ) );
url.Replace( "{shipToCity}", HttpUtility.UrlEncode( args.ShipToAddress.City.Trim() ) );
url.Replace( "{shipToState}", HttpUtility.UrlEncode( args.ShipToAddress.State.Trim() ) );
url.Replace( "{shipToZip}", HttpUtility.UrlEncode( args.ShipToAddress.Zip.Trim() ) );
url.Replace( "{shipToCountry}", HttpUtility.UrlEncode( args.ShipToAddress.Country.Trim() ) );
url.Replace( "{shipToCompany}", HttpUtility.UrlEncode( args.ShipToAddress.Company.Trim() ) );
url.Replace( "{billToFirstName}", HttpUtility.UrlEncode( args.BillToAddress.FirstName.Trim() ) );
url.Replace( "{billToLastName}", HttpUtility.UrlEncode( args.BillToAddress.LastName.Trim() ) );
url.Replace( "{billToAddress}", HttpUtility.UrlEncode( args.BillToAddress.Address1.Trim() ) );
url.Replace( "{billToAddress2}", HttpUtility.UrlEncode( args.BillToAddress.Address2.Trim() ) );
url.Replace( "{billToCity}", HttpUtility.UrlEncode( args.BillToAddress.City.Trim() ) );
url.Replace( "{billToState}", HttpUtility.UrlEncode( args.BillToAddress.State.Trim() ) );
url.Replace( "{billToZip}", HttpUtility.UrlEncode( args.BillToAddress.Zip.Trim() ) );
url.Replace( "{billToCountry}", HttpUtility.UrlEncode( args.BillToAddress.Country.Trim() ) );
url.Replace( "{billToCompany}", HttpUtility.UrlEncode( args.BillToAddress.Company.Trim() ) );
url.Replace( "{amount}", args.Amount.ToString() );
url.Replace( "{cardNumber}", HttpUtility.UrlEncode( args.Card.CardNumber.Trim() ) );
url.Replace( "{experationMonth}", HttpUtility.UrlEncode( args.Card.ExpMonth.Trim() ) );
url.Replace( "{experationYear}", HttpUtility.UrlEncode( args.Card.ExpYear.Trim() ) );
url.Replace( "{securityCode}", HttpUtility.UrlEncode( args.Card.SecCode.Trim() ) );
url.Replace( "{nameOnCard}", HttpUtility.UrlEncode( args.Card.NameOnCard.Trim() ) );
string[] auth_array = url.ToString().Split( '?' );
string auth_url = auth_array[ 0 ];
string auth_data = auth_array[ 1 ];
/* create stream */
ASCIIEncoding encoding = new ASCIIEncoding();
byte[] data = encoding.GetBytes( auth_data );
/* create request */
WebResponse objResponse;
WebRequest objRequest = HttpWebRequest.Create( auth_url );
objRequest.Method = "POST";
objRequest.ContentType = "application/x-www-form-urlencoded";
objRequest.ContentLength = data.Length;
( "gateway processor" ).Debug( 5 );
( "send request>" ).Debug( 5 );
Stream stream = objRequest.GetRequestStream();
/* send data */
stream.Write( data, 0, data.Length );
stream.Close();
objResponse = objRequest.GetResponse();
( "<get response" ).Debug( 5 );
using( StreamReader sr = new StreamReader( objResponse.GetResponseStream() ) ) {
strResult = sr.ReadToEnd();
string[] matchIndexes = Main.Site.merchant_message_match_index.Split( ',' );
int msgMatch1 = Convert.ToInt32( matchIndexes[ 0 ] );
/* isolate the message to be displayed to the user in case of auth failure */
Regex i = new Regex( Main.Site.merchant_message_match, RegexOptions.IgnoreCase | RegexOptions.Multiline );
MatchCollection m;
GroupCollection b;
m = i.Matches( strResult );
if( matchIndexes.GetUpperBound( 0 ) > 0 ) {
int msgMatch2 = Convert.ToInt32( matchIndexes[ 1 ] );
b = m[ msgMatch1 ].Groups;
responseMessage = b[ msgMatch2 ].Value;
} else {
responseMessage = m[ msgMatch1 ].Value;
}
/* figure out if the auth was a failure */
args.Success = Regex.IsMatch( strResult, Main.Site.merchant_sucsess_match );
args.Message = responseMessage;
}
return;
} catch( Exception e ) {
( "gateway transaction error > " + e.Message ).Debug( 5 );
args.Success = false;
args.Message = e.Message;
return;
}
}
/// <summary>
/// internal method to insert virtual terminal history into the database.
/// </summary>
/// <param name="args">The <see cref="Rendition.PaymentGatewayEventArgs"/> instance containing the event data.</param>
private static void InsertPaymentHistory( PaymentGatewayEventArgs args )
{
( "FUNCTION insertPaymentHistory /w SP dbo.insertVTTransaction > Write transaction details" ).Debug( 10 );
string cmdString = @"dbo.insertVTTransaction @amount,@cardNumber,@secNumber,@authResponseCode,@authResponse,@addedby,@provider,
@request,@billToCompany,@billToFirstName,@billToLastName,@billToAddress1,@billToAddress2,@billToCity,@billToState,@billToZIP,@billToCountry,
@shipToCompany,@shipToFirstName,@shipToLastName,@shipToAddress1,@shipToAddress2,@shipToCity,@shipToState,@shipToZIP,@shipToCountry,@expDate,
@sessionId";
/* write the results of the transaction to the database, for postarity */
SqlCommand cmd = null;
if( args.SqlConnection != null ) {
cmd = new SqlCommand( cmdString, args.SqlConnection, args.SqlTransaction );
} else {
cmd = new SqlCommand( cmdString, Site.SqlConnection );
}
cmd.Parameters.Add( "@amount", SqlDbType.Money ).Value = args.Amount.ToString();
/* never record any credit card data in full */
string safeCardNumber = "";
safeCardNumber = args.Card.CardNumber.MaxLength( 25, true );
if( safeCardNumber.Length > 5 ) {
safeCardNumber = safeCardNumber.Substring( args.Card.CardNumber.Length - 4 );
}
cmd.Parameters.Add( "@cardNumber", SqlDbType.VarChar ).Value = "xxx-" + safeCardNumber;
cmd.Parameters.Add( "@secNumber", SqlDbType.VarChar ).Value = "xxxx";
cmd.Parameters.Add( "@authResponseCode", SqlDbType.VarChar ).Value = args.Success.ToString();
cmd.Parameters.Add( "@authResponse", SqlDbType.VarChar ).Value = args.Message;
cmd.Parameters.Add( "@addedby", SqlDbType.Int ).Value = Main.GetCurrentSession().UserId;
cmd.Parameters.Add( "@provider", SqlDbType.VarChar ).Value = "";
cmd.Parameters.Add( "@request", SqlDbType.VarChar ).Value = "";
cmd.Parameters.Add( "@billToCompany", SqlDbType.VarChar ).Value = args.BillToAddress.Company.MaxLength( 100, true );
cmd.Parameters.Add( "@billToFirstName", SqlDbType.VarChar ).Value = args.BillToAddress.FirstName.MaxLength( 100, true );
cmd.Parameters.Add( "@billToLastName", SqlDbType.VarChar ).Value = args.BillToAddress.LastName.MaxLength( 100, true );
cmd.Parameters.Add( "@billToAddress1", SqlDbType.VarChar ).Value = args.BillToAddress.Address1.MaxLength( 100, true );
cmd.Parameters.Add( "@billToAddress2", SqlDbType.VarChar ).Value = args.BillToAddress.Address2.MaxLength( 25, true );
cmd.Parameters.Add( "@billToCity", SqlDbType.VarChar ).Value = args.BillToAddress.City.MaxLength( 50, true );
cmd.Parameters.Add( "@billToState", SqlDbType.VarChar ).Value = args.BillToAddress.State.MaxLength( 25, true );
cmd.Parameters.Add( "@billToZIP", SqlDbType.VarChar ).Value = args.BillToAddress.Zip.MaxLength( 20, true );
cmd.Parameters.Add( "@billToCountry", SqlDbType.VarChar ).Value = args.BillToAddress.Country.MaxLength( 50, true );
cmd.Parameters.Add( "@shipToCompany", SqlDbType.VarChar ).Value = args.ShipToAddress.Company.MaxLength( 100, true );
cmd.Parameters.Add( "@shipToFirstName", SqlDbType.VarChar ).Value = args.ShipToAddress.FirstName.MaxLength( 100, true );
cmd.Parameters.Add( "@shipToLastName", SqlDbType.VarChar ).Value = args.ShipToAddress.LastName.MaxLength( 100, true );
cmd.Parameters.Add( "@shipToAddress1", SqlDbType.VarChar ).Value = args.ShipToAddress.Address1.MaxLength( 100, true );
cmd.Parameters.Add( "@shipToAddress2", SqlDbType.VarChar ).Value = args.ShipToAddress.Address2.MaxLength( 25, true );
cmd.Parameters.Add( "@shipToCity", SqlDbType.VarChar ).Value = args.ShipToAddress.City.MaxLength( 50, true );
cmd.Parameters.Add( "@shipToState", SqlDbType.VarChar ).Value = args.ShipToAddress.State.MaxLength( 25, true );
cmd.Parameters.Add( "@shipToZIP", SqlDbType.VarChar ).Value = args.ShipToAddress.Zip.MaxLength( 20, true );
cmd.Parameters.Add( "@shipToCountry", SqlDbType.VarChar ).Value = args.ShipToAddress.Country.MaxLength( 20, true );
cmd.Parameters.Add( "@expDate", SqlDbType.VarChar ).Value = ( args.Card.ExpMonth.MaxLength( 2, true ) +
Convert.ToString( args.Card.ExpYear ).MaxLength( 2, true ) ).MaxLength( 10, true );
cmd.Parameters.Add( "@sessionId", SqlDbType.UniqueIdentifier ).Value = new Guid( args.OrderSession.ToString() );
cmd.ExecuteNonQuery();
cmd.Dispose();
}
/// <summary>
/// Charges the credit card using the internal CC processor function or the onpaymentgateway even handler.
/// </summary>
/// <param name="billToAddress">The bill to Address.</param>
/// <param name="shipToAddress">The ship to Address.</param>
/// <param name="card">The card.</param>
/// <param name="amount">The amount.</param>
/// <param name="orderSession">The order session.</param>
/// <param name="orderNumber">The order number.</param>
/// <param name="purchaseOrder">The purchase order.</param>
/// <param name="cn">The sql connection (or null).</param>
/// <param name="trans">The sql transaction (or null).</param>
/// <returns>{error:0,desc:"error description"}.</returns>
public static Dictionary<string, object> ChargeCreditCard(
Address billToAddress, Address shipToAddress, CreditCard card,
decimal amount, Guid orderSession, string orderNumber, string purchaseOrder,
SqlConnection cn, SqlTransaction trans )
{
( "FUNCTION /w SP,HTTPWebRequest chargeCreditCard" ).Debug( 10 );
Dictionary<string, object> j = new Dictionary<string, object>();
if( card.CardNumber.Length == 0 ) {
j.Add( "error", -6 );
j.Add( "description", "No card number provided" );
return j;
}
if( card.NameOnCard.Length == 0 ) {
j.Add( "error", -7 );
j.Add( "description", "No card name provided" );
return j;
}
if( card.ExpMonth.Length == 0 || card.ExpYear.Length == 0 ) {
j.Add( "error", -8 );
j.Add( "description", "No experation date provided." );
return j;
}
/* everything seems ok as far as I can tell, pass it to the REAL judge.*/
PaymentGatewayEventArgs args = new PaymentGatewayEventArgs( billToAddress, shipToAddress, card, amount, orderSession, orderNumber, purchaseOrder, cn, trans );
/* try and use an event handler */
Main.Site.raiseOnPaymentGateway( args );
/* if preventDefault is not set in the arguments then try and use the internal payment gateway.*/
if( !args.PreventDefault ) {
DefaultPaymentGatewayProcessor( ref args );
}
/* record that this occured */
InsertPaymentHistory( args );
/* send the results back to the caller */
if( args.Success ) {
j.Add( "error", 0 );
j.Add( "description", "" );
return j;
} else {
j.Add( "error", -1 );
j.Add( "description", args.Message );
return j;
}
}
