示例#1
0
        protected void Page_Load(object sender, System.EventArgs e)
        {
            // This page gets requested by the Ogone payment server, not the client's browser

            if (AppLogic.ActivePaymentGatewayCleaned().ToLower() == "ogone")
            {
                // Check SHASIGN before proceeding
                String OgoneSignatureSeed = CommonLogic.FormCanBeDangerousContent("orderID") + CommonLogic.FormCanBeDangerousContent("currency");
                OgoneSignatureSeed += CommonLogic.FormCanBeDangerousContent("amount") + CommonLogic.FormCanBeDangerousContent("PM");
                OgoneSignatureSeed += CommonLogic.FormCanBeDangerousContent("ACCEPTANCE") + CommonLogic.FormCanBeDangerousContent("STATUS");
                OgoneSignatureSeed += CommonLogic.FormCanBeDangerousContent("CARDNO") + CommonLogic.FormCanBeDangerousContent("PAYID");
                OgoneSignatureSeed += CommonLogic.FormCanBeDangerousContent("NCERROR") + CommonLogic.FormCanBeDangerousContent("BRAND");
                if (CommonLogic.FormCanBeDangerousContent("SHASIGN") == Ogone.Signature(OgoneSignatureSeed))
                {
                    // Valid Ogone request
                    if (CommonLogic.FormCanBeDangerousContent("STATUS").Substring(0, 1) == "5" || CommonLogic.FormCanBeDangerousContent("STATUS").Substring(0, 1) == "9")
                    {
                        String       sCustomer         = CommonLogic.FormCanBeDangerousContent("orderID").Split(new char[] { '-' }, 2, StringSplitOptions.None).GetValue(0).ToString();
                        int          OgoneCustomerID   = Localization.ParseNativeInt(sCustomer);
                        Customer     OgoneCustomer     = new Customer(OgoneCustomerID);
                        ShoppingCart cart              = new ShoppingCart(1, OgoneCustomer, CartTypeEnum.ShoppingCart, 0, false);
                        int          OrderNumber       = AppLogic.GetNextOrderNumber();
                        String       TransactionID     = CommonLogic.FormCanBeDangerousContent("PAYID");
                        Address      UseBillingAddress = new Address();
                        UseBillingAddress.LoadByCustomer(OgoneCustomer.CustomerID, OgoneCustomer.PrimaryBillingAddressID, AddressTypes.Billing);
                        String status = Gateway.MakeOrder(String.Empty, AppLogic.TransactionMode(), cart, OrderNumber, String.Empty, String.Empty, TransactionID, String.Empty);

                        String AVSResult = CommonLogic.FormCanBeDangerousContent("AAVCheck");
                        String CVCResult = CommonLogic.FormCanBeDangerousContent("CVCCheck");
                        if (CVCResult.Length > 0)
                        {
                            if (AVSResult.Length != 0)
                            {
                                AVSResult += ", ";
                            }
                            AVSResult += "CV Result: " + CVCResult;
                        }
                        String CardNo = CommonLogic.FormCanBeDangerousContent("CARDNO");
                        String Last4  = CardNo.Substring(CardNo.Length - 4, 4);
                        String sql    = String.Format("update Orders set AVSResult={0}, AuthorizationCode={1}, Last4={2} where OrderNumber={3}",
                                                      DB.SQuote(AVSResult), DB.SQuote(CommonLogic.FormCanBeDangerousContent("ACCEPTANCE")), DB.SQuote(Last4), OrderNumber.ToString());
                        DB.ExecuteSQL(sql);
                        Response.Redirect(AppLogic.GetStoreHTTPLocation(true) + "orderconfirmation.aspx?ordernumber=" + OrderNumber.ToString() + "&paymentmethod=Credit+Card");
                    }
                }
            }
            // if it was not a successful order then we will display a message to the customer
            Response.Redirect(AppLogic.GetStoreHTTPLocation(true) + "ogone_return.aspx");
        }
示例#2
0
        private string WriteOgonePane(Address BillingAddress)
        {
            StringBuilder s = new StringBuilder("");

            Customer ThisCustomer = ((AspDotNetStorefrontPrincipal)Context.User).ThisCustomer;

            String OgoneOrderID       = ThisCustomer.CustomerID + "-" + Localization.ToDBDateTimeString(DateTime.Now); // Max length 30 chars, we don't know what the order number will be...
            String OgoneAmount        = Localization.CurrencyStringForGatewayWithoutExchangeRate((NetTotal)).Replace(".", "");
            String OgoneSignatureSeed = OgoneOrderID + OgoneAmount + Localization.StoreCurrency() + AppLogic.AppConfig("Ogone.PSPID");

            s.Append("<script type=\"text/javascript\">\n");
            s.Append("function OgoneForm_Validator(theForm)\n");
            s.Append("	{\n");
            s.Append("	submitenabled(theForm);\n");
            s.Append("	return (true);\n");
            s.Append("	}\n");
            s.Append("</script>\n");
            s.Append("<body onload=\"javascript:document.forms.OgoneForm.submit();\" >");
            s.Append("<form id=\"OgoneForm\" name=\"OgoneForm\" target=\"_top\" action=\"" + CommonLogic.IIF(AppLogic.AppConfigBool("UseLiveTransactions"), AppLogic.AppConfig("Ogone.LivePostURL"), AppLogic.AppConfig("Ogone.TestPostURL")) + "\" method=\"post\" onsubmit=\"return (validateForm(this) && OgoneForm_Validator(this))\">\n");
            s.Append("<input type=\"hidden\" name=\"PSPID\" value=\"" + AppLogic.AppConfig("Ogone.PSPID") + "\">\n");
            s.Append("<input type=\"hidden\" name=\"amount\" value=\"" + OgoneAmount + "\">\n");
            s.Append("<input type=\"hidden\" name=\"orderID\" value=\"" + OgoneOrderID + "\">\n");
            s.Append("<input type=\"hidden\" name=\"CN\" value=\"" + BillingAddress.FirstName + " " + BillingAddress.LastName + "\">\n");
            s.Append("<input type=\"hidden\" name=\"owneraddress\" value=\"" + BillingAddress.Address1 + "\">\n");
            s.Append("<input type=\"hidden\" name=\"ownertown\" value=\"" + BillingAddress.City + "\">\n");
            s.Append("<input type=\"hidden\" name=\"ownerZIP\" value=\"" + BillingAddress.Zip + "\">\n");
            s.Append("<input type=\"hidden\" name=\"ownercty\" value=\"" + AppLogic.GetCountryTwoLetterISOCode(BillingAddress.Country) + "\">\n");
            s.Append("<input type=\"hidden\" name=\"EMAIL\" value=\"" + BillingAddress.EMail + "\">\n");
            s.Append("<input type=\"hidden\" name=\"ownertelno\" value=\"" + BillingAddress.Phone + "\">\n");
            s.Append("<input type=\"hidden\" name=\"currency\" value=\"" + Localization.StoreCurrency() + "\">\n");
            s.Append("<input type=\"hidden\" name=\"language\" value=\"" + ThisCustomer.LocaleSetting.Replace("-", "_") + "\">\n");
            s.Append("<input type=\"hidden\" name=\"SHASign\" value=\"" + Ogone.Signature(OgoneSignatureSeed) + "\">\n");
            s.Append("<input type=\"hidden\" name=\"accepturl\" value=\"" + AppLogic.GetStoreHTTPLocation(true) + "ogone_postsale.aspx\">\n");
            s.Append("<input type=\"hidden\" name=\"declineurl\" value=\"" + AppLogic.GetStoreHTTPLocation(true) + "ogone_postsale.aspx\">\n");
            s.Append("<input type=\"hidden\" name=\"exceptionurl\" value=\"" + AppLogic.GetStoreHTTPLocation(true) + "ogone_postsale.aspx\">\n");
            s.Append("<input type=\"hidden\" name=\"cancelurl\" value=\"" + AppLogic.GetStoreHTTPLocation(true) + "ogone_postsale.aspx\">\n");
            s.Append("</form>\n");
            s.Append("</body>");

            return(s.ToString());
        }