| Index: trunk/extensions/DonationInterface/payflowpro_gateway/api_payflowpro_gateway.php |
| — | — | @@ -148,7 +148,7 @@ |
| 149 | 149 | // this try/catch design pattern stolen from ClickTracking/ApiSpecialClickTracking.php |
| 150 | 150 | try { |
| 151 | 151 | // add dynamic elements to result object |
| 152 | | - $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'orderid', $order_id ); |
| | 152 | + $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'order_id', $order_id ); |
| 153 | 153 | $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'token', $token ); |
| 154 | 154 | $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'contribution_tracking_id', $contribution_tracking_id ); |
| 155 | 155 | $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'tracking_data', $tracking_data ); |
| Index: trunk/extensions/DonationInterface/payflowpro_gateway/payflowpro_gateway.body.php |
| — | — | @@ -118,7 +118,7 @@ |
| 119 | 119 | |
| 120 | 120 | // if _cache_ is requested by the user, do not set a session/token; dynamic data will be loaded via ajax |
| 121 | 121 | if ( $wgRequest->getText( '_cache_', false ) ) { |
| 122 | | - self::log( $payflow_data[ 'order_id' ] . " Cache requested", 'payflowpro_gateway', LOG_DEBUG ); |
| | 122 | + self::log( $payflow_data[ 'order_id' ] . " " . $payflow_data[ 'i_order_id' ] . " Cache requested", 'payflowpro_gateway', LOG_DEBUG ); |
| 123 | 123 | $cache = true; |
| 124 | 124 | $token = ''; |
| 125 | 125 | $token_match = false; |
| — | — | @@ -126,7 +126,7 @@ |
| 127 | 127 | // if we have squid caching enabled, set the maxage |
| 128 | 128 | global $wgUseSquid, $wgPayflowSMaxAge; |
| 129 | 129 | if ( $wgUseSquid ) { |
| 130 | | - self::log( $payflow_data[ 'order_id' ] . " Setting s-max-age: " . $wgPayflowSMaxAge, 'payflowpro_gateway', LOG_DEBUG ); |
| | 130 | + self::log( $payflow_data[ 'order_id' ] . " " . $payflow_data[ 'i_order_id' ] . " Setting s-max-age: " . $wgPayflowSMaxAge, 'payflowpro_gateway', LOG_DEBUG ); |
| 131 | 131 | $wgOut->setSquidMaxage( $wgPayflowSMaxAge ); |
| 132 | 132 | } |
| 133 | 133 | } else { |
| — | — | @@ -135,21 +135,21 @@ |
| 136 | 136 | // establish the edit token to prevent csrf |
| 137 | 137 | $token = self::fnPayflowEditToken( $wgPayflowGatewaySalt ); |
| 138 | 138 | |
| 139 | | - self::log( $payflow_data[ 'order_id' ] . " fnPayflowEditToken: " . $token, 'payflowpro_gateway', LOG_DEBUG ); |
| | 139 | + self::log( $payflow_data[ 'order_id' ] . " " . $payflow_data[ 'i_order_id' ] . " fnPayflowEditToken: " . $token, 'payflowpro_gateway', LOG_DEBUG ); |
| 140 | 140 | |
| 141 | 141 | // match token |
| 142 | 142 | $token_check = ( $wgRequest->getText( 'token' ) ) ? $wgRequest->getText( 'token' ) : $token; |
| 143 | 143 | $token_match = $this->fnPayflowMatchEditToken( $token_check, $wgPayflowGatewaySalt ); |
| 144 | 144 | if ( $wgRequest->wasPosted() ) { |
| 145 | | - self::log( $payflow_data[ 'order_id' ] . " Submitted edit token: " . $wgRequest->getText( 'token', 'None' ), 'payflowpro_gateway', LOG_DEBUG); |
| 146 | | - self::log( $payflow_data[ 'order_id' ] . "Token match: " . $token_match ); |
| | 145 | + self::log( $payflow_data[ 'order_id' ] . " " . $payflow_data[ 'i_order_id' ] . " Submitted edit token: " . $wgRequest->getText( 'token', 'None' ), 'payflowpro_gateway', LOG_DEBUG); |
| | 146 | + self::log( $payflow_data[ 'order_id' ] . " " . $payflow_data[ 'i_order_id' ] . " Token match: " . $token_match, 'payflowpro_gateway', LOG_DEBUG ); |
| 147 | 147 | } |
| 148 | 148 | } |
| 149 | 149 | |
| 150 | 150 | $this->setHeaders(); |
| 151 | 151 | |
| 152 | 152 | // Populate form data |
| 153 | | - $data = $this->fnGetFormData( $amount, $numAttempt, $token, $payflow_data['order_id'] ); |
| | 153 | + $data = $this->fnGetFormData( $amount, $numAttempt, $token, $payflow_data['order_id'], $payflow_data['i_order_id'] ); |
| 154 | 154 | |
| 155 | 155 | /** |
| 156 | 156 | * handle PayPal redirection |
| — | — | @@ -953,7 +953,7 @@ |
| 954 | 954 | * Provides a way to prepopulate the form with test data using $wgPayflowGatewayTest |
| 955 | 955 | * @return array |
| 956 | 956 | */ |
| 957 | | - public function fnGetFormData( $amount, $numAttempt, $token, $order_id ) { |
| | 957 | + public function fnGetFormData( $amount, $numAttempt, $token, $order_id, $i_order_id=0 ) { |
| 958 | 958 | global $wgPayflowGatewayTest, $wgRequest; |
| 959 | 959 | |
| 960 | 960 | // fetch ID for the url reference for OWA tracking |
| — | — | @@ -1006,6 +1006,7 @@ |
| 1007 | 1007 | 'currency' => 'USD', |
| 1008 | 1008 | 'payment_method' => $wgRequest->getText( 'payment_method' ), |
| 1009 | 1009 | 'order_id' => $order_id, |
| | 1010 | + 'i_order_id' => $i_order_id, |
| 1010 | 1011 | 'numAttempt' => $numAttempt, |
| 1011 | 1012 | 'referrer' => 'http://www.baz.test.com/index.php?action=foo&action=bar', |
| 1012 | 1013 | 'utm_source' => self::getUtmSource(), |
| — | — | @@ -1053,6 +1054,7 @@ |
| 1054 | 1055 | 'currency' => $wgRequest->getText( 'currency_code' ), |
| 1055 | 1056 | 'payment_method' => $wgRequest->getText( 'payment_method' ), |
| 1056 | 1057 | 'order_id' => $order_id, |
| | 1058 | + 'i_order_id' => $i_order_id, |
| 1057 | 1059 | 'numAttempt' => $numAttempt, |
| 1058 | 1060 | 'referrer' => ( $wgRequest->getVal( 'referrer' ) ) ? $wgRequest->getVal( 'referrer' ) : $wgRequest->getHeader( 'referer' ), |
| 1059 | 1061 | 'utm_source' => self::getUtmSource(), |
| Index: trunk/extensions/DonationInterface/payflowpro_gateway/forms/Form.php |
| — | — | @@ -358,7 +358,8 @@ |
| 359 | 359 | 'process' => 'CreditCard', |
| 360 | 360 | 'payment_method' => 'processed', |
| 361 | 361 | 'token' => $this->form_data[ 'token' ], |
| 362 | | - 'orderid' => $this->form_data[ 'order_id' ], |
| | 362 | + 'order_id' => $this->form_data[ 'order_id' ], |
| | 363 | + 'i_order_id' => $this->form_data[ 'i_order_id' ], |
| 363 | 364 | 'numAttempt' => $this->form_data[ 'numAttempt' ], |
| 364 | 365 | 'contribution_tracking_id' => $this->form_data[ 'contribution_tracking_id' ], |
| 365 | 366 | 'data_hash' => $this->form_data[ 'data_hash' ], |
| Index: trunk/extensions/DonationInterface/payflowpro_gateway/forms/html/demo.html |
| — | — | @@ -148,7 +148,7 @@ |
| 149 | 149 | <input type="hidden" value="CreditCard" name="process" /> |
| 150 | 150 | <input type="hidden" value="processed" name="payment_method" /> |
| 151 | 151 | <input type="hidden" value="@token" name="token" /> |
| 152 | | - <input type="hidden" value="@orderid" name="orderid" /> |
| | 152 | + <input type="hidden" value="@order_id" name="order_id" /> |
| 153 | 153 | <input type="hidden" value="@numAttempt" name="numAttempt" /> |
| 154 | 154 | <input type="hidden" value="@contribution_tracking_id" name="contribution_tracking_id" /> |
| 155 | 155 | <input type="hidden" value="@data_hash" name="data_hash" /> |
| Index: trunk/extensions/DonationInterface/payflowpro_gateway/forms/RapidHtml.php |
| — | — | @@ -33,7 +33,7 @@ |
| 34 | 34 | '@cvv', // => $wgRequest->getText( 'cvv' ), |
| 35 | 35 | '@currency_code', //'currency' => $wgRequest->getText( 'currency_code' ), |
| 36 | 36 | '@payment_method', // => $wgRequest->getText( 'payment_method' ), |
| 37 | | - '@orderid', // => $order_id, |
| | 37 | + '@order_id', // => $order_id, |
| 38 | 38 | '@numAttempt', // => $numAttempt, |
| 39 | 39 | '@referrer', // => ( $wgRequest->getVal( 'referrer' ) ) ? $wgRequest->getVal( 'referrer' ) : $wgRequest->getHeader( 'referer' ), |
| 40 | 40 | '@utm_source', // => self::getUtmSource(), |
| Index: trunk/extensions/DonationInterface/payflowpro_gateway/includes/payflowUser.inc |
| — | — | @@ -26,6 +26,7 @@ |
| 27 | 27 | 'verbosity' => 'MEDIUM', // level of detail in Payflow response |
| 28 | 28 | 'user_ip' => ( $wgPayflowGatewayTest ) ? '12.12.12.12' : wfGetIP(), // current user's IP address |
| 29 | 29 | 'order_id' => payflowGetOrderId(), |
| | 30 | + 'i_order_id' => payflowGetInternalOrderId(), |
| 30 | 31 | ); |
| 31 | 32 | |
| 32 | 33 | return $payflow_data; |
| — | — | @@ -33,28 +34,46 @@ |
| 34 | 35 | |
| 35 | 36 | /** |
| 36 | 37 | * Fetch and return the 'order_id' for a transaction |
| | 38 | + * |
| | 39 | + * Since transactions to PayPal are initially matched internally on their end |
| | 40 | + * with the 'order_id' field, but we don't actually care what the order id is, |
| | 41 | + * we generate a sufficiently random number to avoid duplication. |
| | 42 | + * |
| | 43 | + * We go ahead and always generate a random order id becuse if PayPal detects |
| | 44 | + * the same order_id more than once, it considers the request a duplicate, even |
| | 45 | + * if the data is completely different. |
| | 46 | + * |
| 37 | 47 | * @return int |
| 38 | 48 | */ |
| 39 | 49 | function payflowGetOrderId() { |
| | 50 | + return generateOrderId(); |
| | 51 | +} |
| | 52 | + |
| | 53 | +/** |
| | 54 | + * Generate an internal order id |
| | 55 | + * |
| | 56 | + * This is only used internally for tracking a user's 'session' with the credit |
| | 57 | + * card form. I mean 'session' in the sense of the moment a credit card page |
| | 58 | + * is loaded for the first time (nothing posted to it - a discrete donation |
| | 59 | + * session) as opposed to the $_SESSION - as the $_SESSION id could potentially |
| | 60 | + * not change between contribution attempts. |
| | 61 | + */ |
| | 62 | +function payflowGetInternalOrderId() { |
| 40 | 63 | global $wgRequest; |
| 41 | 64 | |
| 42 | 65 | // is an order_id already set? |
| 43 | | - $order_id = $wgRequest->getText( 'orderid', 0 ); |
| | 66 | + $i_order_id = $wgRequest->getText( 'i_order_id', 0 ); |
| 44 | 67 | |
| 45 | 68 | // if the form was not just posted OR there's no order_id set, generate one. |
| 46 | | - if ( !$wgRequest->wasPosted() || !$order_id ) { |
| 47 | | - $order_id = generateOrderId(); |
| | 69 | + if ( !$wgRequest->wasPosted() || !$i_order_id ) { |
| | 70 | + $i_order_id = generateOrderId(); |
| 48 | 71 | } |
| 49 | | - |
| 50 | | - return $order_id; |
| | 72 | + |
| | 73 | + return $i_order_id; |
| 51 | 74 | } |
| 52 | 75 | |
| 53 | 76 | /** |
| 54 | 77 | * Generate an order id |
| 55 | | - * |
| 56 | | - * Since transactions to PayPal are initially matched internally on their end |
| 57 | | - * with the 'order_id' field, but we don't actually care what the order id is, |
| 58 | | - * we generate a sufficiently random number to avoid duplication. |
| 59 | 78 | */ |
| 60 | 79 | function generateOrderId() { |
| 61 | 80 | return (double) microtime() * 1000000 . mt_rand(); |
| Index: trunk/extensions/DonationInterface/payflowpro_gateway/pfp_api_controller.js |
| — | — | @@ -3,7 +3,7 @@ |
| 4 | 4 | var tracking_data = {"url": escape(window.location), "pageref": escape(document.referrer)}; |
| 5 | 5 | |
| 6 | 6 | var processFormElements = function (data, status){ |
| 7 | | - $('input[name=orderid]').val(data['dynamic_form_elements']['orderid']); |
| | 7 | + $('input[name=order_id]').val(data['dynamic_form_elements']['order_id']); |
| 8 | 8 | $('input[name=token]').val(data['dynamic_form_elements']['token']); |
| 9 | 9 | $('input[name=contribution_tracking_id]').val(data['dynamic_form_elements']['contribution_tracking_id']); |
| 10 | 10 | $('input[name=utm_source]').val(data['dynamic_form_elements']['tracking_data']['utm_source']); |