public ActionResult Detail(long id, string mode) { var model = new DetailViewModel(); var detailModel = new List <PaymentDetailViewModel>(); Payment payment = paymentProvider.GetPayment(id); var paymentDetail = paymentProvider.GetPaymentDetail(id); var orderDetail = orderProvider.GetOrderDetail(payment.OrderId); var order = orderProvider.GetOrder(payment.OrderId); mapper.Map(payment, model); mapper.Map(paymentDetail, detailModel); //model.ServiceCharge = order.ServiceCharge; model.TaxValue = order.TaxAmount; model.DeliveryCharge = order.DeliveryCharge; model.DiscValue = order.DiscValue; model.OrderId = order.Id; model.UnitPriceMode = orderProvider.GetUnitPriceMode(order.UnitPriceMode); model.List = detailModel; model.OrderDetails = mapper.Map <List <OrderViewModel.OrderDetailEntryViewModel> >(orderDetail); ViewBag.mode = mode.XorString(); if (!IsDetailModeValid(ViewBag.mode)) { return(RedirectToAction("Index", "Home", new { area = String.Empty })); } return(View(model)); }
private void LoadPayment(string paymentNo) { PaymentHeader pay = paymentProvider.GetPayment(paymentNo); IEnumerable <PaymentDetailViewModel> paymentDetail = null; if (pay != null) { lblPaymentNo.Text = pay.PaymentNo; lblPaymentDate.Text = pay.Date.ToString("dddd, dd MMMM yyyy"); lblStatusPayment.Text = pay.VoidDate.HasValue ? "Void" : "Active"; paymentDetail = paymentProvider.GetDetail(pay.InvoiceHeader.InvoiceNo); lblTotalPayment.Text = (paymentDetail.Any() ? paymentDetail.Sum(payment => payment.Amount) : 0).ToString("###,##0.00"); gvwPayment.DataSource = paymentDetail; gvwPayment.DataBind(); } }
protected void Page_Load(object sender, EventArgs e) { ConfigurationProvider configuration = new ConfigurationProvider(); Guid paymentId; if (!Guid.TryParse(Request["paymentid"], out paymentId)) { Response.Redirect(configuration.OrderFailedUrl + "?errorcode=" + (int)ErrorCodes.PaymentIdMissing); } CrmConnector connector = new CrmConnector(Properties.Settings.Default.ConnectionString); PaymentProvider paymentProvider = new PaymentProvider(connector); var payment = paymentProvider.GetPayment(paymentId); if (payment == null) { throw new ArgumentException("PaymentId is incorrect."); } try { WebRequest request = WebRequest.Create(configuration.SagePayWebServiceAddress); request.Method = "Post"; string postData = CreatePostRequest(configuration, connector, payment); // If the postData in invalid contact then ensure the Contact has the right details. if (postData == "INVALIDCONTACT") { Response.Redirect(configuration.OrderFailedUrl + "?errorcode=" + ((int)ErrorCodes.InvalidContactDetails).ToString()); } byte[] byteArray = Encoding.UTF8.GetBytes(postData); request.ContentType = "application/x-www-form-urlencoded"; request.ContentLength = byteArray.Length; Stream dataStream = request.GetRequestStream(); dataStream.Write(byteArray, 0, byteArray.Length); dataStream.Close(); WebResponse response = request.GetResponse(); dataStream = response.GetResponseStream(); StreamReader reader = new StreamReader(dataStream); string responseFromSagePay = reader.ReadToEnd(); reader.Close(); dataStream.Close(); response.Close(); string nextUrl = CheckSagePayResponse(configuration, connector, payment, responseFromSagePay); if (!String.IsNullOrEmpty(nextUrl)) { Response.Redirect(nextUrl); } } catch (WebException webException) { string error = String.Empty; ErrorCodes errorCode; if (webException.Status == WebExceptionStatus.NameResolutionFailure) { errorCode = ErrorCodes.NameResolutionFailure; error = @"Your server was unable to register this transaction with Sage Pay. Check that you do not have a firewall restricting the POST and that your server can correctly resolve the address " + configuration.SagePayWebServiceAddress; } else { errorCode = ErrorCodes.GeneralError; error = @"An Error has occurred whilst trying to register this transaction.<BR> The Error is: " + webException; } payment.lss_responsestatus = errorCode.ToString(); payment.lss_responsestatusdetail = (error.Length > 2000) ? error.Substring(0, 2000) : error; payment.lss_paystatus.Value = (int)PaymentProvider.PaymentStatus.Failed; paymentProvider.SavePayment(payment); Response.Redirect(configuration.OrderFailedUrl + "?errorcode=" + ((int)errorCode).ToString()); } }
protected void Page_Load(object sender, EventArgs e) { string vendorTxCode = Request.Form["VendorTxCode"]; string vpstxId = Request.Form["VPSTxId"]; ConfigurationProvider configuration = new ConfigurationProvider(); CrmConnector connector = new CrmConnector(Properties.Settings.Default.ConnectionString); PaymentProvider paymentProvider = new PaymentProvider(connector); // Check we have a payment for the transaction code and id var payment = paymentProvider.GetPayment(vendorTxCode, vpstxId); if (payment == null) { HandleError(configuration, ErrorCodes.TransactionNotFound); return; } else { ReadFormFields(payment); // Before we check that the signatures are correct, we should just check if the user cancelled the transaction or an error occurred string returnStatus = String.Empty; string redirectURL = String.Empty; StatusCodes statusCode = HandleStatus(payment.lss_notificationstatus); switch (statusCode) { case StatusCodes.Abort: payment.lss_paystatus.Value = (int)PaymentProvider.PaymentStatus.Unpaid; returnStatus = "OK"; redirectURL = configuration.OrderFailedUrl + "?errorcode=" + ((int)ErrorCodes.Aborted).ToString(); break; case StatusCodes.Unspecified: payment.lss_paystatus.Value = (int)PaymentProvider.PaymentStatus.Failed; returnStatus = "OK"; redirectURL = configuration.OrderFailedUrl + "?errorcode=" + ((int)ErrorCodes.UnspecifiedPaymentError).ToString(); break; case StatusCodes.Error: payment.lss_paystatus.Value = (int)PaymentProvider.PaymentStatus.Failed; returnStatus = "INVALID"; redirectURL = configuration.OrderFailedUrl + "?errorcode=" + ((int)ErrorCodes.PaymentError).ToString(); break; } // Return the status if one has occurred already if (!String.IsNullOrEmpty(returnStatus)) { paymentProvider.SavePayment(payment); Response.Write("Status=" + returnStatus + System.Environment.NewLine); Response.Write("RedirectURL=" + redirectURL); Response.End(); return; } // Rebuild the post message, so we can then hash it with the security key, and then check against VPSSignature string postMessage = vpstxId + vendorTxCode + payment.lss_notificationstatus + payment.lss_txauthno.ToString() + configuration.VendorName + payment.lss_avscv2 + payment.lss_securitykey + payment.lss_addressresult + payment.lss_postcoderesult + payment.lss_cv2result + payment.lss_giftaid + payment.lss_securestatus3d + payment.lss_cavv + payment.lss_addressstatus + payment.lss_payerstatus + payment.lss_cardtype + payment.lss_last4digits; string hashedPostMessage = FormsAuthentication.HashPasswordForStoringInConfigFile(postMessage, "MD5"); if (payment.lss_vpssignature != hashedPostMessage) { // The signatures don't match up, so this could indicate the order has been tampered with. payment.lss_paystatus.Value = (int)PaymentProvider.PaymentStatus.Failed; payment.lss_notificationstatus = "INVALID"; payment.lss_notificationstatusdetail = "TAMPER WARNING! Signatures do not match for this Payment. The Payment was Cancelled."; paymentProvider.SavePayment(payment); HandleError(configuration, ErrorCodes.UnmatchedSignatures); return; } else { Response.Clear(); Response.ContentType = "text/plain"; // Signatures match, so this is Good :) Now let's find out what actually happened switch (statusCode) { case StatusCodes.Ok: case StatusCodes.Authenticated: case StatusCodes.Registered: payment.lss_datepaid = DateTime.Now; payment.lss_paystatus.Value = (int)PaymentProvider.PaymentStatus.Successful; Response.Write("Status=OK" + System.Environment.NewLine); Response.Write("RedirectURL=" + configuration.OrderSuccessfulUrl); break; case StatusCodes.Abort: payment.lss_paystatus.Value = (int)PaymentProvider.PaymentStatus.Failed; Response.Write("Status=OK" + System.Environment.NewLine); Response.Write("RedirectURL=" + configuration.OrderFailedUrl + "?errorcode=" + ((int)ErrorCodes.Aborted).ToString()); break; case StatusCodes.NotAuthed: payment.lss_paystatus.Value = (int)PaymentProvider.PaymentStatus.Declined; Response.Write("Status=OK" + System.Environment.NewLine); Response.Write("RedirectURL=" + configuration.OrderFailedUrl + "?errorcode=" + ((int)ErrorCodes.NotAuthorised).ToString()); break; case StatusCodes.Rejected: payment.lss_paystatus.Value = (int)PaymentProvider.PaymentStatus.Rejected; Response.Write("Status=OK" + System.Environment.NewLine); Response.Write("RedirectURL=" + configuration.OrderFailedUrl + "?errorcode=" + ((int)ErrorCodes.Rejected).ToString()); break; case StatusCodes.Unspecified: payment.lss_paystatus.Value = (int)PaymentProvider.PaymentStatus.Failed; Response.Write("Status=OK" + System.Environment.NewLine); Response.Write("RedirectURL=" + configuration.OrderFailedUrl + "?errorcode=" + ((int)ErrorCodes.UnspecifiedPaymentError).ToString()); break; case StatusCodes.Error: payment.lss_paystatus.Value = (int)PaymentProvider.PaymentStatus.Failed; Response.Write("Status=INVALID" + System.Environment.NewLine); Response.Write("RedirectURL=" + configuration.OrderFailedUrl + "?errorcode=" + ((int)ErrorCodes.PaymentError).ToString()); break; } paymentProvider.SavePayment(payment); Response.End(); } } }