public static void ValidateCreditCardInfo(ModelStateDictionary ModelState, PaymentForm pf)
{
if (pf.SavePayInfo && pf.CreditCard.StartsWith("X"))
return;
if (!ValidateCard(pf.CreditCard, pf.SavePayInfo))
ModelState.AddModelError("CreditCard", "invalid card number");
if (!pf.Expires.HasValue())
{
ModelState.AddModelError("Expires", "need expiration date");
return;
}
var exp = DbUtil.NormalizeExpires(pf.Expires);
if (exp == null)
ModelState.AddModelError("Expires", "invalid expiration date (MMYY)");
if (!pf.CCV.HasValue())
{
ModelState.AddModelError("CCV", "need Cardcode");
return;
}
var ccvlen = pf.CCV.GetDigits().Length;
if (ccvlen < 3 || ccvlen > 4)
ModelState.AddModelError("CCV", "invalid Cardcode");
}
public ActionResult ProcessPayment(PaymentForm pf)
{
if (Session["FormId"] != null)
if ((Guid)Session["FormId"] == pf.FormId)
return Content("Already submitted");
OnlineRegModel m = null;
var ed = DbUtil.Db.ExtraDatas.SingleOrDefault(e => e.Id == pf.DatumId);
if (ed != null)
m = Util.DeSerialize<OnlineRegModel>(ed.Data);
if(m != null && m.History.Contains("ProcessPayment"))
return Content("Already submitted");
if (pf.AmtToPay < 0) pf.AmtToPay = 0;
if (pf.Donate < 0) pf.Donate = 0;
pf.AllowCoupon = false;
SetHeaders(pf.OrgId ?? 0);
ViewBag.Url = pf.Url;
ViewBag.timeout = INT_timeout;
if ((pf.AmtToPay ?? 0) <= 0 && (pf.Donate ?? 0) <= 0)
{
DbUtil.Db.SubmitChanges();
ModelState.AddModelError("form", "amount zero");
return View("ProcessPayment", pf);
}
try
{
if (pf.Type == "B")
Payments.ValidateBankAccountInfo(ModelState, pf.Routing, pf.Account);
if (pf.Type == "C")
Payments.ValidateCreditCardInfo(ModelState, pf.CreditCard, pf.Expires, pf.CCV);
if (!ModelState.IsValid)
return View("ProcessPayment", pf);
if (pf.IsLoggedIn == true && pf.SavePayInfo == true)
{
var gateway = OnlineRegModel.GetTransactionGateway();
if (gateway == "authorizenet")
{
var au = new AuthorizeNet(DbUtil.Db, m.testing ?? false);
if ((pf.Type == "B" && !pf.Routing.StartsWith("X") && !pf.Account.StartsWith("X"))
|| (pf.Type == "C" && !pf.CreditCard.StartsWith("X")))
au.AddUpdateCustomerProfile(m.UserPeopleId.Value,
pf.Type,
pf.CreditCard,
Payments.NormalizeExpires(pf.Expires),
pf.MaskedCCV != null && pf.MaskedCCV.StartsWith("X") ? pf.CCV : pf.MaskedCCV,
pf.Routing,
pf.Account);
}
else if (gateway == "sage")
{
var sg = new CmsData.SagePayments(DbUtil.Db, m.testing ?? false);
if ((pf.Type == "B" && !pf.Routing.StartsWith("X") && !pf.Account.StartsWith("X"))
|| (pf.Type == "C" && !pf.CreditCard.StartsWith("X")))
sg.storeVault(m.UserPeopleId.Value,
pf.Type,
pf.CreditCard,
Payments.NormalizeExpires(pf.Expires),
pf.MaskedCCV != null && pf.MaskedCCV.StartsWith("X") ? pf.CCV : pf.MaskedCCV,
pf.Routing,
pf.Account,
pf.IsGiving == true);
}
else
throw new Exception("ServiceU not supported");
}
var ti = ProcessPaymentTransaction(m, pf);
if (ti.Approved == false)
{
ModelState.AddModelError("form", ti.Message);
return View("ProcessPayment", pf);
}
if (m != null)
{
m.TranId = ti.Id;
m.History.Add("ProcessPayment");
ed.Data = Util.Serialize<OnlineRegModel>(m);
ed.Completed = true;
DbUtil.Db.SubmitChanges();
}
Session["FormId"] = pf.FormId;
if (pf.DatumId > 0)
{
confirm = ConfirmTransaction(m, ti.TransactionId);
if (confirm.StartsWith("error:"))
{
TempData["error"] = confirm.Substring(6);
return Redirect("/Error");
}
return View(confirm);
}
ConfirmDuePaidTransaction(ti, ti.TransactionId, sendmail: true);
return View("ConfirmDuePaid", ti);
}
catch (Exception ex)
{
ModelState.AddModelError("form", ex.Message);
return View("ProcessPayment", pf);
}
}
private Transaction ProcessPaymentTransaction(OnlineRegModel m, PaymentForm pf)
{
Transaction ti = null;
if (m != null && m.Transaction != null)
ti = PaymentForm.CreateTransaction(DbUtil.Db, m.Transaction, pf.AmtToPay);
else
ti = pf.CreateTransaction(DbUtil.Db);
int? pid = null;
if (m != null)
{
m.ParseSettings();
var terms = Util.PickFirst(m.Terms, "");
if (terms.HasValue())
ViewData["Terms"] = terms;
pid = m.UserPeopleId;
if (m.TranId == null)
m.TranId = ti.Id;
}
if (!pid.HasValue)
{
var pds = DbUtil.Db.FindPerson(pf.First, pf.Last, null, pf.Email, pf.Phone);
if (pds.Count() == 1)
pid = pds.Single().PeopleId.Value;
}
TransactionResponse tinfo;
var gateway = OnlineRegModel.GetTransactionGateway();
if (gateway == "authorizenet")
if (pf.SavePayInfo == true)
{
var anet = new AuthorizeNet(DbUtil.Db, pf.testing);
tinfo = anet.createCustomerProfileTransactionRequest(
pid ?? 0,
pf.AmtToPay ?? 0,
pf.Description,
pf.TranId ?? 0);
}
else
if (pf.Type == "B")
tinfo = OnlineRegModel.PostECheck(
pf.Routing, pf.Account,
pf.AmtToPay ?? 0,
ti.Id, pf.Description,
pid ?? 0, pf.First, pf.Last,
pf.Address, pf.City, pf.State, pf.Zip,
pf.testing);
else
tinfo = OnlineRegModel.PostTransaction(
pf.CreditCard, pf.CCV,
Payments.NormalizeExpires(pf.Expires),
pf.AmtToPay ?? 0,
ti.Id, pf.Description,
pid ?? 0, pf.Email, pf.First, pf.Last,
pf.Address, pf.City, pf.State, pf.Zip,
pf.testing);
else if (gateway == "sage")
if (pf.SavePayInfo == true)
{
var sage = new SagePayments(DbUtil.Db, pf.testing);
tinfo = sage.createVaultTransactionRequest(
pid ?? 0,
pf.AmtToPay ?? 0,
pf.Description,
ti.Id,
pf.Type);
}
else
if (pf.Type == "B")
tinfo = OnlineRegModel.PostVirtualCheckTransactionSage(
pf.Routing, pf.Account,
pf.AmtToPay ?? 0,
ti.Id, pf.Description,
pid ?? 0, pf.Email, pf.First, pf.MiddleInitial, pf.Last, pf.Suffix,
pf.Address, pf.City, pf.State, pf.Zip, pf.Phone,
pf.testing);
else
tinfo = OnlineRegModel.PostTransactionSage(
pf.CreditCard, pf.CCV,
Payments.NormalizeExpires(pf.Expires),
pf.AmtToPay ?? 0,
ti.Id, pf.Description,
pid ?? 0, pf.Email, pf.First, pf.MiddleInitial, pf.Last, pf.Suffix,
pf.Address, pf.City, pf.State, pf.Zip, pf.Phone,
pf.testing);
else
throw new Exception("unknown gateway " + gateway);
ti.TransactionId = tinfo.TransactionId;
if (ti.Testing == true && !ti.TransactionId.Contains("(testing)"))
ti.TransactionId += "(testing)";
ti.Approved = tinfo.Approved;
if (ti.Approved == false)
{
ti.Amtdue += ti.Amt;
if (m != null && m.OnlineGiving())
ti.Amtdue = 0;
}
ti.Message = tinfo.Message;
ti.AuthCode = tinfo.AuthCode;
ti.TransactionDate = DateTime.Now;
DbUtil.Db.SubmitChanges();
return ti;
}
//private string confirm;
public ActionResult ProcessPayment(PaymentForm pf)
{
#if DEBUG
#else
if (Session["FormId"] != null)
if ((Guid)Session["FormId"] == pf.FormId)
return Content("Already submitted");
#endif
OnlineRegModel m = null;
var ed = DbUtil.Db.ExtraDatas.SingleOrDefault(e => e.Id == pf.DatumId);
if (ed != null)
m = Util.DeSerialize<OnlineRegModel>(ed.Data);
#if DEBUG
#else
if(m != null && m.History.Contains("ProcessPayment") && !pf.PayBalance)
return Content("Already submitted");
#endif
if (pf.AmtToPay < 0) pf.AmtToPay = 0;
if (pf.Donate < 0) pf.Donate = 0;
pf.AllowCoupon = false;
SetHeaders(pf.OrgId ?? 0);
if ((pf.AmtToPay ?? 0) <= 0 && (pf.Donate ?? 0) <= 0)
{
DbUtil.Db.SubmitChanges();
ModelState.AddModelError("form", "amount zero");
return View("Payment/Process", pf);
}
try
{
if (pf.Type == "B")
Payments.ValidateBankAccountInfo(ModelState, pf.Routing, pf.Account);
if (pf.Type == "C")
Payments.ValidateCreditCardInfo(ModelState, pf);
if (!ModelState.IsValid)
return View("Payment/Process", pf);
if (pf.IsLoggedIn == true && pf.SavePayInfo)
{
var gateway = OnlineRegModel.GetTransactionGateway();
if (gateway == "authorizenet")
{
var au = new AuthorizeNet(DbUtil.Db, m.testing ?? false);
if ((pf.Type == "B" && !pf.Routing.StartsWith("X") && !pf.Account.StartsWith("X"))
|| (pf.Type == "C" && !pf.CreditCard.StartsWith("X")))
au.AddUpdateCustomerProfile(m.UserPeopleId.Value,
pf.Type,
pf.CreditCard,
DbUtil.NormalizeExpires(pf.Expires).ToString2("MMyy"),
pf.MaskedCCV != null && pf.MaskedCCV.StartsWith("X") ? pf.CCV : pf.MaskedCCV,
pf.Routing,
pf.Account);
}
else if (gateway == "sage")
{
var sg = new CmsData.SagePayments(DbUtil.Db, m.testing ?? false);
if ((pf.Type == "B" && !pf.Routing.StartsWith("X") && !pf.Account.StartsWith("X"))
|| (pf.Type == "C" && !pf.CreditCard.StartsWith("X")))
sg.storeVault(m.UserPeopleId.Value,
pf.Type,
pf.CreditCard,
DbUtil.NormalizeExpires(pf.Expires).ToString2("MMyy"),
pf.MaskedCCV != null && pf.MaskedCCV.StartsWith("X") ? pf.CCV : pf.MaskedCCV,
pf.Routing,
pf.Account,
pf.IsGiving == true);
}
else
throw new Exception("ServiceU not supported");
}
if (pf.UseBootstrap)
{
var r = AddressVerify.LookupAddress(pf.Address, "", "", "", pf.Zip);
if (r.Line1 != "error")
{
if (r.found == false)
{
ModelState.AddModelError("Zip",
r.address + ", to skip address check, Change the country to USA, Not Validated");
return View("Payment/Process", pf);
}
if (r.Line1 != pf.Address)
pf.Address = r.Line1;
if (r.City != (pf.City ?? ""))
pf.City = r.City;
if (r.State != (pf.State ?? ""))
pf.State = r.State;
if (r.Zip != (pf.Zip ?? ""))
pf.Zip = r.Zip;
}
}
var ti = ProcessPaymentTransaction(m, pf);
if (ti.Approved == false)
{
ModelState.AddModelError("form", ti.Message);
return View("Payment/Process", pf);
}
if (m != null)
{
m.TranId = ti.Id;
m.History.Add("ProcessPayment");
ed.Data = Util.Serialize<OnlineRegModel>(m);
ed.Completed = true;
DbUtil.Db.SubmitChanges();
}
Session["FormId"] = pf.FormId;
if (pf.DatumId > 0)
{
try
{
var view = ConfirmTransaction(m, ti.TransactionId);
switch (view)
{
case ConfirmEnum.Confirm:
return View("Confirm", m);
case ConfirmEnum.ConfirmAccount:
return View("ConfirmAccount");
}
}
catch (Exception ex)
{
TempData["error"] = ex.Message;
return Redirect("/Error");
}
}
ConfirmDuePaidTransaction(ti, ti.TransactionId, sendmail: true);
return View("PayAmtDue/Confirm", ti);
}
catch (Exception ex)
{
ModelState.AddModelError("form", ex.Message);
return View("Payment/Process", pf);
}
}
public ActionResult ApplyCoupon(PaymentForm pf)
{
OnlineRegModel m = null;
ExtraDatum ed = null;
if (pf.PayBalance == false)
{
ed = DbUtil.Db.ExtraDatas.SingleOrDefault(e => e.Id == pf.DatumId);
m = Util.DeSerialize<OnlineRegModel>(ed.Data);
m.ParseSettings();
}
if (!pf.Coupon.HasValue())
return Json(new { error = "empty coupon" });
string coupon = pf.Coupon.ToUpper().Replace(" ", "");
string admincoupon = DbUtil.Db.Setting("AdminCoupon", "ifj4ijweoij").ToUpper().Replace(" ", "");
if (coupon == admincoupon)
return Json(new { confirm = "/onlinereg/Confirm/{0}?TransactionID=Coupon(Admin)".Fmt(pf.DatumId) });
var c = DbUtil.Db.Coupons.SingleOrDefault(cp => cp.Id == coupon);
if (c == null)
return Json(new { error = "coupon not found" });
if (pf.OrgId.HasValue && c.Organization != null && c.Organization.OrgPickList.HasValue())
{
var a = c.Organization.OrgPickList.SplitStr(",").Select(ss => ss.ToInt()).ToArray();
if(!a.Contains(pf.OrgId.Value))
return Json(new {error = "coupon and org do not match"});
}
else if (pf.OrgId != c.OrgId)
return Json(new {error = "coupon and org do not match"});
if (c.Used.HasValue && c.Id.Length == 12)
return Json(new { error = "coupon already used" });
if (c.Canceled.HasValue)
return Json(new { error = "coupon canceled" });
var ti = pf.CreateTransaction(DbUtil.Db, c.Amount);
if (m != null) // Start this transaction in the chain
{
m.History.Add("ApplyCoupon");
m.TranId = ti.OriginalId;
ed.Data = Util.Serialize<OnlineRegModel>(m);
}
var tid = "Coupon({0:n2})".Fmt(Util.fmtcoupon(coupon));
if(!pf.PayBalance)
ConfirmDuePaidTransaction(ti, tid, sendmail: false);
var msg = "<i class='red'>Your coupon for {0:n2} has been applied, your balance is now {1:n2}</i>."
.Fmt(c.Amount, ti.Amtdue );
if(ti.Amt < pf.AmtToPay)
msg += "You still must complete this transaction with a payment";
if (m != null)
m.UseCoupon(ti.TransactionId, ti.Amt ?? 0);
else
c.UseCoupon(ti.FirstTransactionPeopleId(), ti.Amt ?? 0);
DbUtil.Db.SubmitChanges();
if (pf.PayBalance)
return Json(new { confirm = "/onlinereg/ConfirmDuePaid/{0}?TransactionID=Coupon({1})&Amount={2}".Fmt(ti.Id, Util.fmtcoupon(coupon), ti.Amt) });
pf.AmtToPay -= ti.Amt;
if (pf.AmtToPay <= 0)
return Json( new { confirm = "/OnlineReg/Confirm/{0}?TransactionId={1}".Fmt(pf.DatumId, "Coupon") });
return Json(new { tiamt = pf.AmtToPay, amtdue=ti.Amtdue, amt=pf.AmtToPay.ToString2("N2"), msg });
}
