classname . ".cfg.php"); $db = &new ps_DB; ?>

_('PS_PAYBOX_CONF_SHOP_MODE'); ?>		_('PS_PAYBOX_CONF_SHOP_MODE_TIP'); ?>
_('PS_PAYBOX_CONF_SITE_ID'); ?>		_('PS_PAYBOX_CONF_SITE_ID_TIP'); ?>
_('PS_PAYBOX_CONF_RANG'); ?>		_('PS_PAYBOX_CONF_RANG_TIP'); ?>
_('PS_PAYBOX_CONF_IDENTIFIANT'); ?>		_('PS_PAYBOX_CONF_IDENTIFIANT_TIP'); ?>
_('PS_PAYBOX_CONF_KEY'); ?>
_('PS_PAYBOX_CONF_DEBIT_TYPE'); ?>		_('PS_PAYBOX_CONF_DEBIT_TYPE_TIP'); ?>
_('PS_PAYBOX_CONF_DIFF'); ?>		_('PS_PAYBOX_CONF_DIFF_TIP'); ?>
_('PS_PAYBOX_CONF_ACTIVATE_3DSECURE'); ?>		_('PS_PAYBOX_CONF_ACTIVATE_3DSECURE_TIP'); ?>
_('PS_PAYBOX_CONF_3DSECURE_MIN_AMOUNT'); ?>		_('PS_PAYBOX_CONF_3DSECURE_MIN_AMOUNT_TIP'); ?>
_('PS_PAYBOX_CONF_STATUS_SUCCESS'); ?>		_('PS_PAYBOX_CONF_STATUS_SUCCESS_TIP'); ?>
_('PS_PAYBOX_CONF_STATUS_CANCEL'); ?>		_('PS_PAYBOX_CONF_STATUS_CANCEL_TIP'); ?>

classname . ".cfg.php"); } /** * Returns the "is_readable" status of the configuration file * @param void * @returns boolean True when the configuration file is writeable, false when not */ function configfile_readable() { return is_readable(CLASSPATH . "payment/" . $this->classname . ".cfg.php"); } /** * Writes the configuration file for this payment method * @param array An array of objects * @returns boolean True when writing was successful */ function write_configuration(&$d) { global $mosConfig_absolute_path, $mosConfig_live_site; $my_config_array = array( "paybox_conf_shop_mode" => $d['paybox_conf_shop_mode'], "paybox_conf_site_id" => $d['paybox_conf_site_id'], "paybox_conf_rang" => $d['paybox_conf_rang'], "paybox_conf_identifiant" => $d['paybox_conf_identifiant'], "paybox_conf_key" => $d['paybox_conf_key'], "paybox_conf_debit_type" => $d['paybox_conf_debit_type'], "paybox_conf_diff" => $d['paybox_conf_diff'], "paybox_conf_activate_3dsecure" => $d['paybox_conf_activate_3dsecure'], "paybox_conf_min_amount_3dsecure" => $d['paybox_conf_min_amount_3dsecure'], "paybox_conf_status_success" => $d['paybox_conf_status_success'], "paybox_conf_status_success_recurring" => $d['paybox_conf_status_success_recurring'], "paybox_conf_status_success_recurring_end" => $d['paybox_conf_status_success_recurring_end'], "paybox_conf_status_success_recurring_end" => $d['paybox_conf_status_success_recurring_end'], ); $config = " $value) { $config .= "define ('$key', '$value');\n"; } $config .= "?>"; if ($fp = fopen(CLASSPATH . "payment/" . $this->classname . ".cfg.php", "w")) { fputs($fp, $config, strlen($config)); fclose($fp); } else { return false; } } /************************************************************************** ** name: process_payment() ** returns: ***************************************************************************/ function process_payment($order_number, $order_total, &$d) { return true; } } class ps_paybox_Language extends vmAbstractLanguage { function ps_paybox_Language() { global $mosConfig_lang; if (file_exists(ADMINPATH . 'languages/paybox/' . $mosConfig_lang . '.php')) { require_once(ADMINPATH . 'languages/paybox/' . $mosConfig_lang . '.php'); } else { if (file_exists(ADMINPATH . 'languages/paybox/french.php')) { require_once(ADMINPATH . 'languages/paybox/french.php'); } } //$this->setDebug(); $this->initModule('paybox', $langvars); } /** * Translator function * @param string Name of the Class Variable * @param boolean Encode String to HTML entities? * @return string The value of $var (as an HTML Entitiy-encoded string if $htmlentities) */ function _($var, $htmlentities = false) { $module = 'paybox'; $key = strtoupper($var); // if language module not yet loaded, load now if (!isset($this->modules[$module])) { $this->load($module); } $text = false; if (isset($this->modules[$module][$key])) { $text = $this->modules[$module][$key]; } elseif (isset($this->modules['common'][$key])) { $text = $this->modules['common'][$key]; $module = 'common'; } if ($text !== false) { if ($htmlentities) { $text = htmlentities($text, ENT_QUOTES, $this->getCharset($module)); // some symbols are not converted correctly... doing manually $text = str_replace(chr(128), '€', $text); // enable the use of HTML tags in language file... is this really good? $text = str_replace('<', '<', $text); $text = str_replace('>', '>', $text); return $text; } else { $text = $this->convert($text, $module); return stripslashes($text); } } elseif ($this->_debug) { return "$var is missing in language file."; } else { return $var; } } } class payboxHelper { static function getHmac($post, $payboxKey) { $msg = ''; $msg = payboxHelper::stringifyArray($post); $hmac = payboxHelper::generateHMAC($msg, $payboxKey); return $hmac; } static function stringifyArray($array) { $string = ''; foreach ($array as $key => $value) { $string .= $key . "=" . $value . '&'; } return substr($string, 0, -1); } /** * @return string */ static function getHashAlgo() { return "SHA512"; } static private function generateHMAC($msg, $payboxKey) { $binKey = pack("H*", $payboxKey); $hmac = strtoupper(hash_hmac(payboxHelper::getHashAlgo(), $msg, $binKey)); return $hmac; } static private function checkIps() { $paybox_ips = array('194.2.122.158', '195.25.7.166', '195.101.99.76'); if (!in_array($_SERVER['REMOTE_ADDR'], $paybox_ips)) { return false; } return true; } static function getLangue() { $langPaybox = array( 'fr' => 'FRA', 'en' => 'GBR', 'es' => 'ESP', 'it' => 'ITA', 'de' => 'DEU', 'nl' => 'NLD', 'se' => 'SWE', 'pt' => 'PRT', ); $lang = JFactory::getLanguage(); $tag = strtolower(substr($lang->get('tag'), 0, 2)); if (array_key_exists($tag, $langPaybox)) { return $langPaybox[$tag]; } else { return $langPaybox['en']; } } /** * Returns Paybox available server URLS * @return string */ static function getPayboxServerUrl($shop_mode) { if ($shop_mode == 'test') { $url = 'https://preprod-tpeweb.paybox.com/php/'; } else { $url = 'https://' . payboxHelper::getPayboxServerAvailable() . '/php/'; } return $url; } static function getPayboxServerAvailable() { $servers = array( 'tpeweb.paybox.com', //serveur primaire 'tpeweb1.paybox.com' //serveur secondaire ); foreach ($servers as $server) { $doc = new DOMDocument(); $doc->loadHTMLFile('https://' . $server . '/load.html'); $server_status = ""; $element = $doc->getElementById('server_status'); if ($element) { $server_status = $element->textContent; } if ($server_status == "OK") { return $server; } } return FALSE; } public function getReturn() { $returnFieldsString = ''; $returnFields = payboxHelper::getReturnFields(); foreach ($returnFields as $returnField) { $returnFieldsString .= $returnField . ":" . $returnField . ';'; } return substr($returnFieldsString, 0, -1); } public function getReturnFields() { $fields = array( 'M', 'R', 'T', 'A', 'B', 'P', 'C', 'S', 'Y', 'E', 'D', 'I', 'N', 'J', 'H', 'G', 'O', 'F', 'W', 'Z', 'K', // MUST BE THE LAST ONE ); return $fields; } static function isPayboxResponseValid($paybox_data, $checkIps = false, $useQuery = false) { $checkIps = false; if ($checkIps) { if (($msg = payboxHelper::checkIps()) !== true) { return FALSE; } } $unsetNonPayboxData = true; if (payboxHelper::checkSignature($paybox_data, $unsetNonPayboxData, $useQuery) != 1) { $msg = 'Got a Paybox request with invalid signature'; return FALSE; } else { } return true; } /** * @param $paybox_data * @param bool $unsetNonPayboxData * @param bool $useQuery * @return bool */ static private function checkSignature($paybox_data, $unsetNonPayboxData = true, $useQuery = true) { if (!$useQuery) { $query_string = payboxHelper::stringifyArray($paybox_data); } else { $query_string = $_SERVER['QUERY_STRING']; } $keyFile = payboxHelper::getKeyFileName(); $pbxIsValidSignature = payboxHelper::pbxIsValidSignature($keyFile, $query_string); return $pbxIsValidSignature; } /** * @param $keyfile * @param $queryString * @return bool */ public function pbxIsValidSignature($keyfile, $queryString) { //return true; $key = payboxHelper::loadKey($keyfile); if (!$key) { return false; } $sig = ''; $queryStringNoSig = ""; payboxHelper::GetSignedData($queryString, $queryStringNoSig, $sig); $sigURLDecoded = payboxHelper::getSignatureDecoded($sig, true); $sigURLNotDecoded = payboxHelper::getSignatureDecoded($sig, false); $verifySigURLDecoded = openssl_verify($queryStringNoSig, $sigURLDecoded, $key); $verifySigURLNotDecoded = openssl_verify($queryStringNoSig, $sigURLNotDecoded, $key); openssl_free_key($key); // openssl_verify: verification : 1 si valide, 0 si invalide, -1 si erreur if ($verifySigURLDecoded or $verifySigURLNotDecoded) { return true; } return false; } /** * @param $keyfile * @param bool $pub * @param string $pass * @return bool|resource */ private function loadKey($keyfile, $public_key = TRUE, $pass = '') { $fp = $filedata = $key = FALSE; // initialisation variables $fsize = filesize($keyfile); // taille du fichier if (!$fsize) { $this->pbxError('loadKey :' . 'Key File:' . $keyfile . ' not found'); return FALSE; } $fp = fopen($keyfile, 'r'); // ouverture fichier if (!$fp) { $this->pbxError('Cannot open Key File' . $keyfile); return FALSE; } $filedata = fread($fp, $fsize); fclose($fp); if (!$filedata) { $this->pbxError('Empty Key File' . $keyfile); return FALSE; } if ($public_key) { $key = openssl_pkey_get_public($filedata); } // recuperation de la cle publique else // ou recuperation de la cle privee { $key = openssl_pkey_get_private(array($filedata, $pass)); } return $key; // renvoi cle ( ou erreur ) } /** * renvoi les donnes signees et la signature * @param $qrystr * @param $data * @param $sig */ public function GetSignedData($qrystr, &$data, &$sig) { $pos = strrpos($qrystr, '&'); $data = substr($qrystr, 0, $pos); $pos = strpos($qrystr, '=', $pos) + 1; $sig = substr($qrystr, $pos); } /** * @param $sig * @param $doDecode * @return string */ function getSignatureDecoded($sig, $doDecode) { if ($doDecode) { $sig = urldecode($sig); } else { } $sig = base64_decode($sig); //decodage Base 64 return $sig; } /** * @return string */ static function getKeyFileName() { $path = CLASSPATH . "payment/paybox/key/pubkey.pem"; return $path; } function getTime() { return date("c"); } } ?>