/// <summary> /// Raises the onpaymentgateway event. /// </summary> /// <param name="args">The <see cref="Rendition.PaymentGatewayEventArgs"/> instance containing the event data.</param> internal void raiseOnPaymentGateway( PaymentGatewayEventArgs args ) { if( OpeningPaymentGateway != null ) { OpeningPaymentGateway( this, args ); }; }
/// <summary> /// Defaults gateway processor. Used when there is no onpaymentgateway event handler specified /// </summary> /// <param name="args">The <see cref="Rendition.PaymentGatewayEventArgs"/> instance containing the event data.</param> private static void DefaultPaymentGatewayProcessor( ref PaymentGatewayEventArgs args ) { try { StringBuilder url = new StringBuilder( "" ); string responseMessage = ""; string strResult = ""; /* build up the URL to send to the payment gateway URL defined in site_configuration */ url.Append( Main.Site.merchant_auth_url ); url.Replace( "{merchant_auth_name}", HttpUtility.UrlEncode( Main.Site.merchant_auth_name ) ); url.Replace( "{merchant_auth_password}", HttpUtility.UrlEncode( Main.Site.merchant_auth_password ) ); url.Replace( "{merchant_auth_type}", HttpUtility.UrlEncode( Main.Site.merchant_auth_type ) ); url.Replace( "{shipToFirstName}", HttpUtility.UrlEncode( args.ShipToAddress.FirstName.Trim() ) ); url.Replace( "{shipToLastName}", HttpUtility.UrlEncode( args.ShipToAddress.LastName.Trim() ) ); url.Replace( "{shipToAddress}", HttpUtility.UrlEncode( args.ShipToAddress.Address1.Trim() ) ); url.Replace( "{shipToAddress2}", HttpUtility.UrlEncode( args.ShipToAddress.Address2.Trim() ) ); url.Replace( "{shipToCity}", HttpUtility.UrlEncode( args.ShipToAddress.City.Trim() ) ); url.Replace( "{shipToState}", HttpUtility.UrlEncode( args.ShipToAddress.State.Trim() ) ); url.Replace( "{shipToZip}", HttpUtility.UrlEncode( args.ShipToAddress.Zip.Trim() ) ); url.Replace( "{shipToCountry}", HttpUtility.UrlEncode( args.ShipToAddress.Country.Trim() ) ); url.Replace( "{shipToCompany}", HttpUtility.UrlEncode( args.ShipToAddress.Company.Trim() ) ); url.Replace( "{billToFirstName}", HttpUtility.UrlEncode( args.BillToAddress.FirstName.Trim() ) ); url.Replace( "{billToLastName}", HttpUtility.UrlEncode( args.BillToAddress.LastName.Trim() ) ); url.Replace( "{billToAddress}", HttpUtility.UrlEncode( args.BillToAddress.Address1.Trim() ) ); url.Replace( "{billToAddress2}", HttpUtility.UrlEncode( args.BillToAddress.Address2.Trim() ) ); url.Replace( "{billToCity}", HttpUtility.UrlEncode( args.BillToAddress.City.Trim() ) ); url.Replace( "{billToState}", HttpUtility.UrlEncode( args.BillToAddress.State.Trim() ) ); url.Replace( "{billToZip}", HttpUtility.UrlEncode( args.BillToAddress.Zip.Trim() ) ); url.Replace( "{billToCountry}", HttpUtility.UrlEncode( args.BillToAddress.Country.Trim() ) ); url.Replace( "{billToCompany}", HttpUtility.UrlEncode( args.BillToAddress.Company.Trim() ) ); url.Replace( "{amount}", args.Amount.ToString() ); url.Replace( "{cardNumber}", HttpUtility.UrlEncode( args.Card.CardNumber.Trim() ) ); url.Replace( "{experationMonth}", HttpUtility.UrlEncode( args.Card.ExpMonth.Trim() ) ); url.Replace( "{experationYear}", HttpUtility.UrlEncode( args.Card.ExpYear.Trim() ) ); url.Replace( "{securityCode}", HttpUtility.UrlEncode( args.Card.SecCode.Trim() ) ); url.Replace( "{nameOnCard}", HttpUtility.UrlEncode( args.Card.NameOnCard.Trim() ) ); string[] auth_array = url.ToString().Split( '?' ); string auth_url = auth_array[ 0 ]; string auth_data = auth_array[ 1 ]; /* create stream */ ASCIIEncoding encoding = new ASCIIEncoding(); byte[] data = encoding.GetBytes( auth_data ); /* create request */ WebResponse objResponse; WebRequest objRequest = HttpWebRequest.Create( auth_url ); objRequest.Method = "POST"; objRequest.ContentType = "application/x-www-form-urlencoded"; objRequest.ContentLength = data.Length; ( "gateway processor" ).Debug( 5 ); ( "send request>" ).Debug( 5 ); Stream stream = objRequest.GetRequestStream(); /* send data */ stream.Write( data, 0, data.Length ); stream.Close(); objResponse = objRequest.GetResponse(); ( "<get response" ).Debug( 5 ); using( StreamReader sr = new StreamReader( objResponse.GetResponseStream() ) ) { strResult = sr.ReadToEnd(); string[] matchIndexes = Main.Site.merchant_message_match_index.Split( ',' ); int msgMatch1 = Convert.ToInt32( matchIndexes[ 0 ] ); /* isolate the message to be displayed to the user in case of auth failure */ Regex i = new Regex( Main.Site.merchant_message_match, RegexOptions.IgnoreCase | RegexOptions.Multiline ); MatchCollection m; GroupCollection b; m = i.Matches( strResult ); if( matchIndexes.GetUpperBound( 0 ) > 0 ) { int msgMatch2 = Convert.ToInt32( matchIndexes[ 1 ] ); b = m[ msgMatch1 ].Groups; responseMessage = b[ msgMatch2 ].Value; } else { responseMessage = m[ msgMatch1 ].Value; } /* figure out if the auth was a failure */ args.Success = Regex.IsMatch( strResult, Main.Site.merchant_sucsess_match ); args.Message = responseMessage; } return; } catch( Exception e ) { ( "gateway transaction error > " + e.Message ).Debug( 5 ); args.Success = false; args.Message = e.Message; return; } }
/// <summary> /// internal method to insert virtual terminal history into the database. /// </summary> /// <param name="args">The <see cref="Rendition.PaymentGatewayEventArgs"/> instance containing the event data.</param> private static void InsertPaymentHistory( PaymentGatewayEventArgs args ) { ( "FUNCTION insertPaymentHistory /w SP dbo.insertVTTransaction > Write transaction details" ).Debug( 10 ); string cmdString = @"dbo.insertVTTransaction @amount,@cardNumber,@secNumber,@authResponseCode,@authResponse,@addedby,@provider, @request,@billToCompany,@billToFirstName,@billToLastName,@billToAddress1,@billToAddress2,@billToCity,@billToState,@billToZIP,@billToCountry, @shipToCompany,@shipToFirstName,@shipToLastName,@shipToAddress1,@shipToAddress2,@shipToCity,@shipToState,@shipToZIP,@shipToCountry,@expDate, @sessionId"; /* write the results of the transaction to the database, for postarity */ SqlCommand cmd = null; if( args.SqlConnection != null ) { cmd = new SqlCommand( cmdString, args.SqlConnection, args.SqlTransaction ); } else { cmd = new SqlCommand( cmdString, Site.SqlConnection ); } cmd.Parameters.Add( "@amount", SqlDbType.Money ).Value = args.Amount.ToString(); /* never record any credit card data in full */ string safeCardNumber = ""; safeCardNumber = args.Card.CardNumber.MaxLength( 25, true ); if( safeCardNumber.Length > 5 ) { safeCardNumber = safeCardNumber.Substring( args.Card.CardNumber.Length - 4 ); } cmd.Parameters.Add( "@cardNumber", SqlDbType.VarChar ).Value = "xxx-" + safeCardNumber; cmd.Parameters.Add( "@secNumber", SqlDbType.VarChar ).Value = "xxxx"; cmd.Parameters.Add( "@authResponseCode", SqlDbType.VarChar ).Value = args.Success.ToString(); cmd.Parameters.Add( "@authResponse", SqlDbType.VarChar ).Value = args.Message; cmd.Parameters.Add( "@addedby", SqlDbType.Int ).Value = Main.GetCurrentSession().UserId; cmd.Parameters.Add( "@provider", SqlDbType.VarChar ).Value = ""; cmd.Parameters.Add( "@request", SqlDbType.VarChar ).Value = ""; cmd.Parameters.Add( "@billToCompany", SqlDbType.VarChar ).Value = args.BillToAddress.Company.MaxLength( 100, true ); cmd.Parameters.Add( "@billToFirstName", SqlDbType.VarChar ).Value = args.BillToAddress.FirstName.MaxLength( 100, true ); cmd.Parameters.Add( "@billToLastName", SqlDbType.VarChar ).Value = args.BillToAddress.LastName.MaxLength( 100, true ); cmd.Parameters.Add( "@billToAddress1", SqlDbType.VarChar ).Value = args.BillToAddress.Address1.MaxLength( 100, true ); cmd.Parameters.Add( "@billToAddress2", SqlDbType.VarChar ).Value = args.BillToAddress.Address2.MaxLength( 25, true ); cmd.Parameters.Add( "@billToCity", SqlDbType.VarChar ).Value = args.BillToAddress.City.MaxLength( 50, true ); cmd.Parameters.Add( "@billToState", SqlDbType.VarChar ).Value = args.BillToAddress.State.MaxLength( 25, true ); cmd.Parameters.Add( "@billToZIP", SqlDbType.VarChar ).Value = args.BillToAddress.Zip.MaxLength( 20, true ); cmd.Parameters.Add( "@billToCountry", SqlDbType.VarChar ).Value = args.BillToAddress.Country.MaxLength( 50, true ); cmd.Parameters.Add( "@shipToCompany", SqlDbType.VarChar ).Value = args.ShipToAddress.Company.MaxLength( 100, true ); cmd.Parameters.Add( "@shipToFirstName", SqlDbType.VarChar ).Value = args.ShipToAddress.FirstName.MaxLength( 100, true ); cmd.Parameters.Add( "@shipToLastName", SqlDbType.VarChar ).Value = args.ShipToAddress.LastName.MaxLength( 100, true ); cmd.Parameters.Add( "@shipToAddress1", SqlDbType.VarChar ).Value = args.ShipToAddress.Address1.MaxLength( 100, true ); cmd.Parameters.Add( "@shipToAddress2", SqlDbType.VarChar ).Value = args.ShipToAddress.Address2.MaxLength( 25, true ); cmd.Parameters.Add( "@shipToCity", SqlDbType.VarChar ).Value = args.ShipToAddress.City.MaxLength( 50, true ); cmd.Parameters.Add( "@shipToState", SqlDbType.VarChar ).Value = args.ShipToAddress.State.MaxLength( 25, true ); cmd.Parameters.Add( "@shipToZIP", SqlDbType.VarChar ).Value = args.ShipToAddress.Zip.MaxLength( 20, true ); cmd.Parameters.Add( "@shipToCountry", SqlDbType.VarChar ).Value = args.ShipToAddress.Country.MaxLength( 20, true ); cmd.Parameters.Add( "@expDate", SqlDbType.VarChar ).Value = ( args.Card.ExpMonth.MaxLength( 2, true ) + Convert.ToString( args.Card.ExpYear ).MaxLength( 2, true ) ).MaxLength( 10, true ); cmd.Parameters.Add( "@sessionId", SqlDbType.UniqueIdentifier ).Value = new Guid( args.OrderSession.ToString() ); cmd.ExecuteNonQuery(); cmd.Dispose(); }
/// <summary> /// Charges the credit card using the internal CC processor function or the onpaymentgateway even handler. /// </summary> /// <param name="billToAddress">The bill to Address.</param> /// <param name="shipToAddress">The ship to Address.</param> /// <param name="card">The card.</param> /// <param name="amount">The amount.</param> /// <param name="orderSession">The order session.</param> /// <param name="orderNumber">The order number.</param> /// <param name="purchaseOrder">The purchase order.</param> /// <param name="cn">The sql connection (or null).</param> /// <param name="trans">The sql transaction (or null).</param> /// <returns>{error:0,desc:"error description"}.</returns> public static Dictionary<string, object> ChargeCreditCard( Address billToAddress, Address shipToAddress, CreditCard card, decimal amount, Guid orderSession, string orderNumber, string purchaseOrder, SqlConnection cn, SqlTransaction trans ) { ( "FUNCTION /w SP,HTTPWebRequest chargeCreditCard" ).Debug( 10 ); Dictionary<string, object> j = new Dictionary<string, object>(); if( card.CardNumber.Length == 0 ) { j.Add( "error", -6 ); j.Add( "description", "No card number provided" ); return j; } if( card.NameOnCard.Length == 0 ) { j.Add( "error", -7 ); j.Add( "description", "No card name provided" ); return j; } if( card.ExpMonth.Length == 0 || card.ExpYear.Length == 0 ) { j.Add( "error", -8 ); j.Add( "description", "No experation date provided." ); return j; } /* everything seems ok as far as I can tell, pass it to the REAL judge.*/ PaymentGatewayEventArgs args = new PaymentGatewayEventArgs( billToAddress, shipToAddress, card, amount, orderSession, orderNumber, purchaseOrder, cn, trans ); /* try and use an event handler */ Main.Site.raiseOnPaymentGateway( args ); /* if preventDefault is not set in the arguments then try and use the internal payment gateway.*/ if( !args.PreventDefault ) { DefaultPaymentGatewayProcessor( ref args ); } /* record that this occured */ InsertPaymentHistory( args ); /* send the results back to the caller */ if( args.Success ) { j.Add( "error", 0 ); j.Add( "description", "" ); return j; } else { j.Add( "error", -1 ); j.Add( "description", args.Message ); return j; } }