Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

phpcs

This commit is contained in:
Mike Jolley 2018-01-11 12:53:47 +00:00
parent 16870a30e7
commit c7a3fd266c
1 changed files with 93 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

147
includes/gateways/paypal/includes/class-wc-gateway-paypal-ipn-handler.php
View File

@ -1,24 +1,34 @@
<?php
/**
* Handles responses from PayPal IPN.
*
* @package WooCommerce/PayPal
* @version 3.3.0
*/
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
include_once( dirname( __FILE__ ) . '/class-wc-gateway-paypal-response.php' );
require_once dirname( __FILE__ ) . '/class-wc-gateway-paypal-response.php';
/**
* Handles responses from PayPal IPN.
* WC_Gateway_Paypal_IPN_Handler class.
*/
class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/** @var string Receiver email address to validate */
/**
* Receiver email address to validate.
*
* @var string Receiver email address.
*/
protected $receiver_email;
/**
* Constructor.
*
* @param bool $sandbox
* @param string $receiver_email
* @param bool $sandbox Use sandbox or not.
* @param string $receiver_email Email to receive IPN from.
*/
public function __construct( $sandbox = false, $receiver_email = '' ) {
add_action( 'woocommerce_api_wc_gateway_paypal', array( $this, 'check_response' ) );
@ -32,8 +42,8 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
* Check for PayPal IPN Response.
*/
public function check_response() {
if ( ! empty( $_POST ) && $this->validate_ipn() ) {
$posted = wp_unslash( $_POST );
if ( ! empty( $_POST ) && $this->validate_ipn() ) { // WPCS: CSRF ok.
$posted = wp_unslash( $_POST ); // WPCS: CSRF ok, input var ok.
// @codingStandardsIgnoreStart
do_action( 'valid-paypal-standard-ipn-request', $posted );
@ -46,10 +56,13 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* There was a valid response.
* @param array $posted Post data after wp_unslash
*
* @param array $posted Post data after wp_unslash.
*/
public function valid_response( $posted ) {
if ( ! empty( $posted['custom'] ) && ( $order = $this->get_paypal_order( $posted['custom'] ) ) ) {
$order = ! empty( $posted['custom'] ) ? $this->get_paypal_order( $posted['custom'] ) : false;
if ( $order ) {
// Lowercase returned variables.
$posted['payment_status'] = strtolower( $posted['payment_status'] );
@ -69,11 +82,11 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
public function validate_ipn() {
WC_Gateway_Paypal::log( 'Checking IPN response is valid' );
// Get received values from post data
$validate_ipn = wp_unslash( $_POST );
// Get received values from post data.
$validate_ipn = wp_unslash( $_POST ); // WPCS: CSRF ok, input var ok.
$validate_ipn['cmd'] = '_notify-validate';
// Send back post vars to paypal
// Send back post vars to paypal.
$params = array(
'body' => $validate_ipn,
'timeout' => 60,
@ -106,12 +119,13 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* Check for a valid transaction type.
* @param string $txn_type
*
* @param string $txn_type Transaction type.
*/
protected function validate_transaction_type( $txn_type ) {
$accepted_types = array( 'cart', 'instant', 'express_checkout', 'web_accept', 'masspay', 'send_money', 'paypal_here' );
if ( ! in_array( strtolower( $txn_type ), $accepted_types ) ) {
if ( ! in_array( strtolower( $txn_type ), $accepted_types, true ) ) {
WC_Gateway_Paypal::log( 'Aborting, Invalid type:' . $txn_type );
exit;
}
@ -119,14 +133,15 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* Check currency from IPN matches the order.
* @param WC_Order $order
* @param string $currency
*
* @param WC_Order $order Order object.
* @param string $currency Currency code.
*/
protected function validate_currency( $order, $currency ) {
if ( $order->get_currency() != $currency ) {
if ( $order->get_currency() !== $currency ) {
WC_Gateway_Paypal::log( 'Payment error: Currencies do not match (sent "' . $order->get_currency() . '" | returned "' . $currency . '")' );
// Put this order on-hold for manual checking.
/* translators: %s: currency code. */
$order->update_status( 'on-hold', sprintf( __( 'Validation error: PayPal currencies do not match (code %s).', 'woocommerce' ), $currency ) );
exit;
}
@ -134,14 +149,15 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* Check payment amount from IPN matches the order.
* @param WC_Order $order
* @param int $amount
*
* @param WC_Order $order Order object.
* @param int $amount Amount to validate.
*/
protected function validate_amount( $order, $amount ) {
if ( number_format( $order->get_total(), 2, '.', '' ) != number_format( $amount, 2, '.', '' ) ) {
if ( number_format( $order->get_total(), 2, '.', '' ) !== number_format( $amount, 2, '.', '' ) ) {
WC_Gateway_Paypal::log( 'Payment error: Amounts do not match (gross ' . $amount . ')' );
// Put this order on-hold for manual checking.
/* translators: %s: Amount. */
$order->update_status( 'on-hold', sprintf( __( 'Validation error: PayPal amounts do not match (gross %s).', 'woocommerce' ), $amount ) );
exit;
}
@ -150,14 +166,15 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* Check receiver email from PayPal. If the receiver email in the IPN is different than what is stored in.
* WooCommerce -> Settings -> Checkout -> PayPal, it will log an error about it.
* @param WC_Order $order
* @param string $receiver_email
*
* @param WC_Order $order Order object.
* @param string $receiver_email Email to validate.
*/
protected function validate_receiver_email( $order, $receiver_email ) {
if ( strcasecmp( trim( $receiver_email ), trim( $this->receiver_email ) ) != 0 ) {
if ( strcasecmp( trim( $receiver_email ), trim( $this->receiver_email ) ) !== 0 ) {
WC_Gateway_Paypal::log( "IPN Response is for another account: {$receiver_email}. Your email is {$this->receiver_email}" );
// Put this order on-hold for manual checking.
/* translators: %s: email address . */
$order->update_status( 'on-hold', sprintf( __( 'Validation error: PayPal IPN response from a different email address (%s).', 'woocommerce' ), $receiver_email ) );
exit;
}
@ -165,8 +182,9 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* Handle a completed payment.
* @param WC_Order $order
* @param array $posted
*
* @param WC_Order $order Order object.
* @param array $posted Posted data.
*/
protected function payment_status_completed( $order, $posted ) {
if ( $order->has_status( wc_get_is_paid_statuses() ) ) {
@ -195,6 +213,7 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
if ( 'authorization' === $posted['pending_reason'] ) {
$this->payment_on_hold( $order, __( 'Payment authorized. Change payment status to processing or complete to capture funds.', 'woocommerce' ) );
} else {
/* translators: %s: pending reason. */
$this->payment_on_hold( $order, sprintf( __( 'Payment pending (%s).', 'woocommerce' ), $posted['pending_reason'] ) );
}
}
@ -202,8 +221,9 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* Handle a pending payment.
* @param WC_Order $order
* @param array $posted
*
* @param WC_Order $order Order object.
* @param array $posted Posted data.
*/
protected function payment_status_pending( $order, $posted ) {
$this->payment_status_completed( $order, $posted );
@ -211,17 +231,20 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* Handle a failed payment.
* @param WC_Order $order
* @param array $posted
*
* @param WC_Order $order Order object.
* @param array $posted Posted data.
*/
protected function payment_status_failed( $order, $posted ) {
/* translators: %s: payment status. */
$order->update_status( 'failed', sprintf( __( 'Payment %s via IPN.', 'woocommerce' ), wc_clean( $posted['payment_status'] ) ) );
}
/**
* Handle a denied payment.
* @param WC_Order $order
* @param array $posted
*
* @param WC_Order $order Order object.
* @param array $posted Posted data.
*/
protected function payment_status_denied( $order, $posted ) {
$this->payment_status_failed( $order, $posted );
@ -229,8 +252,9 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* Handle an expired payment.
* @param WC_Order $order
* @param array $posted
*
* @param WC_Order $order Order object.
* @param array $posted Posted data.
*/
protected function payment_status_expired( $order, $posted ) {
$this->payment_status_failed( $order, $posted );
@ -238,8 +262,9 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* Handle a voided payment.
* @param WC_Order $order
* @param array $posted
*
* @param WC_Order $order Order object.
* @param array $posted Posted data.
*/
protected function payment_status_voided( $order, $posted ) {
$this->payment_status_failed( $order, $posted );
@ -248,30 +273,35 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* When a user cancelled order is marked paid.
*
* @param WC_Order $order
* @param array $posted
* @param WC_Order $order Order object.
* @param array $posted Posted data.
*/
protected function payment_status_paid_cancelled_order( $order, $posted ) {
$this->send_ipn_email_notification(
/* translators: %s: order link. */
sprintf( __( 'Payment for cancelled order %s received', 'woocommerce' ), '<a class="link" href="' . esc_url( admin_url( 'post.php?post=' . $order->get_id() . '&action=edit' ) ) . '">' . $order->get_order_number() . '</a>' ),
sprintf( __( 'Order #%1$s has been marked paid by PayPal IPN, but was previously cancelled. Admin handling required.', 'woocommerce' ), $order->get_order_number() )
/* translators: %s: order ID. */
sprintf( __( 'Order #%s has been marked paid by PayPal IPN, but was previously cancelled. Admin handling required.', 'woocommerce' ), $order->get_order_number() )
);
}
/**
* Handle a refunded order.
* @param WC_Order $order
* @param array $posted
*
* @param WC_Order $order Order object.
* @param array $posted Posted data.
*/
protected function payment_status_refunded( $order, $posted ) {
// Only handle full refunds, not partial.
if ( $order->get_total() == ( $posted['mc_gross'] * -1 ) ) {
if ( $order->get_total() === wc_format_decimal( $posted['mc_gross'] * -1 ) ) {
// Mark order as refunded.
/* translators: %s: payment status. */
$order->update_status( 'refunded', sprintf( __( 'Payment %s via IPN.', 'woocommerce' ), strtolower( $posted['payment_status'] ) ) );
$this->send_ipn_email_notification(
/* translators: %s: order link. */
sprintf( __( 'Payment for order %s refunded', 'woocommerce' ), '<a class="link" href="' . esc_url( admin_url( 'post.php?post=' . $order->get_id() . '&action=edit' ) ) . '">' . $order->get_order_number() . '</a>' ),
/* translators: %1$s: order ID, %2$s: reason code. */
sprintf( __( 'Order #%1$s has been marked as refunded - PayPal reason code: %2$s', 'woocommerce' ), $order->get_order_number(), $posted['reason_code'] )
);
}
@ -279,34 +309,42 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* Handle a reversal.
* @param WC_Order $order
* @param array $posted
*
* @param WC_Order $order Order object.
* @param array $posted Posted data.
*/
protected function payment_status_reversed( $order, $posted ) {
/* translators: %s: payment status. */
$order->update_status( 'on-hold', sprintf( __( 'Payment %s via IPN.', 'woocommerce' ), wc_clean( $posted['payment_status'] ) ) );
$this->send_ipn_email_notification(
/* translators: %s: order link. */
sprintf( __( 'Payment for order %s reversed', 'woocommerce' ), '<a class="link" href="' . esc_url( admin_url( 'post.php?post=' . $order->get_id() . '&action=edit' ) ) . '">' . $order->get_order_number() . '</a>' ),
/* translators: %1$s: order ID, %2$s: reason code. */
sprintf( __( 'Order #%1$s has been marked on-hold due to a reversal - PayPal reason code: %2$s', 'woocommerce' ), $order->get_order_number(), wc_clean( $posted['reason_code'] ) )
);
}
/**
* Handle a cancelled reversal.
* @param WC_Order $order
* @param array $posted
*
* @param WC_Order $order Order object.
* @param array $posted Posted data.
*/
protected function payment_status_canceled_reversal( $order, $posted ) {
$this->send_ipn_email_notification(
/* translators: %s: order link. */
sprintf( __( 'Reversal cancelled for order #%s', 'woocommerce' ), $order->get_order_number() ),
/* translators: %1$s: order ID, %2$s: order link. */
sprintf( __( 'Order #%1$s has had a reversal cancelled. Please check the status of payment and update the order status accordingly here: %2$s', 'woocommerce' ), $order->get_order_number(), esc_url( admin_url( 'post.php?post=' . $order->get_id() . '&action=edit' ) ) )
);
}
/**
* Save important data from the IPN to the order.
* @param WC_Order $order
* @param array $posted
*
* @param WC_Order $order Order object.
* @param array $posted Posted data.
*/
protected function save_paypal_meta_data( $order, $posted ) {
if ( ! empty( $posted['payer_email'] ) ) {
@ -331,15 +369,16 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
/**
* Send a notification to the user handling orders.
* @param string $subject
* @param string $message
*
* @param string $subject Email subject.
* @param string $message Email message.
*/
protected function send_ipn_email_notification( $subject, $message ) {
$new_order_settings = get_option( 'woocommerce_new_order_settings', array() );
$mailer = WC()->mailer();
$message = $mailer->wrap_message( $subject, $message );
$woocommerce_paypal_settings = get_option('woocommerce_paypal_settings');
$woocommerce_paypal_settings = get_option( 'woocommerce_paypal_settings' );
if ( ! empty( $woocommerce_paypal_settings['ipn_notification'] ) && 'no' === $woocommerce_paypal_settings['ipn_notification'] ) {
return;
}