<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=utf-8″ />
<title>Untitled Document</title>
</head>
<body>
<form method=”post” action=”https://www.alertpay.com/PayProcess.aspx” >
<input type=”hidden” name=”ap_purchasetype” value=”item”/>
<input type=”hidden” name=”ap_merchant” value=”apdevforum@gmail.com”/>
<input type=”hidden” name=”ap_currency” value=”USD”/>
<input type=”hidden” name=”ap_itemname_1″ value=”Item 01″/>
<input type=”hidden” name=”ap_itemname_2″ value=”Item 02″/>
<input type=”hidden” name=”ap_itemname_3″ value=”Item 03″/>
<input type=”hidden” name=”ap_description_1″ value=”Lorem ipsum”/>
<input type=”hidden” name=”ap_description_2″ value=”Na misnet par”/>
<input type=”hidden” name=”ap_description_3″ value=”Lun der ter”/>
<input type=”hidden” name=”ap_itemcode_1″ value=”7462″/>
<input type=”hidden” name=”ap_itemcode_2″ value=”5955″/>
<input type=”hidden” name=”ap_itemcode_3″ value=”8943″/>
<input type=”hidden” name=”ap_quantity_1″ value=”1″/>
<input type=”hidden” name=”ap_quantity_2″ value=”4″/>
<input type=”hidden” name=”ap_quantity_3″ value=”2″/>
<input type=”hidden” name=”ap_amount_1″ value=”35.00″/>
<input type=”hidden” name=”ap_amount_2″ value=”24.00″/>
<input type=”hidden” name=”ap_amount_3″ value=”67.00″/>
<input type=”hidden” name=”ap_returnurl” value=”https://www.alertpay.com”/>
<input type=”hidden” name=”ap_cancelurl” value=”https://www.alertpay.com”/>
<input type=”image” name=”ap_image” src=”https://www.alertpay.com//PayNow/26A48DF6D2F949489CF7E6DBDDBF4544a.gif”/>
</form>
</body>
</html>
Blow is the class file of alertpay, create new class file “alertpay.class.php”
<?php
/*
Created by Nikunj Kansara
(email : nikunjkansara@gmail.com)
*/
class Web_Invoice_AlertPay {
var $invoice;
var $ip;
var $int_ip;
var $ap_custemailaddress;
var $ap_custfirstname;
var $ap_custlastname;
var $ap_custaddress;
var $ap_custcity;
var $ap_custstate;
var $ap_custcountry;
var $ap_custzip;
var $ap_merchant;
var $ap_referencenumber;
var $ap_totalamount;
var $ap_currency;
var $ap_status;
var $ap_securitycode;
var $ap_amount;
var $ap_test;
function Web_Invoice_AlertPay($invoice_id) {
$this->invoice = new Web_Invoice_GetInfo($invoice_id);
}
function _logFailure($ref) {
web_invoice_update_log($this->invoice->id,'alertpay_api_fail',"Failed AlertPay API request from {$this->ip}. REF: {$ref}. Serialized object ".serialize($this));
}
function _logSuccess($ref) {
web_invoice_update_log($this->invoice->id,'alertpay_api_success',"Successful AlertPay API request from {$this->ip}. REF: {$ref}");
}
function _quadIpToInt($ip) {
$ip_parts = preg_split('/./', $ip);
$numeric_ip = 0;
foreach ($ip_parts as $ip_part) {
$numeric_ip=($numeric_ip*256)+intval($ip_part);
}
return $numeric_ip;
}
function _allowedIp() {
$allowed_ips = get_option('web_invoice_alertpay_ip');
$this->int_ip = $this->_quadIpToInt($this->ip);
$ip_ranges = preg_split('/,/', $allowed_ips);
foreach ($ip_ranges as $ip_range) {
list($start_ips,$end_ips) = preg_split('/-/', $ip_range);
$start_ip = $this->_quadIpToInt($start_ips);
$end_ip = $this->_quadIpToInt($end_ips);
if (($this->int_ip >= $start_ip) && ($end_ip >= $this->int_ip)) {
return true;
}
if ($end_ip == 0 && $start_ip == $this->int_ip) return true;
}
return false;
}
function updateContactInfo() {
$user_id = $this->invoice->recipient('user_id');
$updated = false;
if (!empty($this->ap_custaddress)) {
update_usermeta($user_id, 'streetaddress', $this->ap_custaddress);
$updated = true;
}
if (!empty($this->ap_custfirstname)) {
update_usermeta($user_id, 'first_name', $this->ap_custfirstname);
$updated = true;
}
if (!empty($this->ap_custlastname)) {
update_usermeta($user_id, 'last_name', $this->ap_custlastname);
$updated = true;
}
if (!empty($this->ap_custzip)) {
update_usermeta($user_id, 'zip', $this->ap_custzip);
$updated = true;
}
if (!empty($this->ap_custstate)) {
update_usermeta($user_id, 'state', $this->ap_custstate);
$updated = true;
}
if (!empty($this->ap_custcity)) {
update_usermeta($user_id, 'city', $this->ap_custcity);
$updated = true;
}
if (!empty($this->ap_custcountry)) {
update_usermeta($user_id, 'country', web_invoice_map_country3_to_country($this->ap_custcountry));
$updated = true;
}
if ($updated) {
$this->_logSuccess('Updated user information with details from AlertPay');
}
}
function processRequest($ip, $request) {
$this->ip = $ip;
$this->ap_custemailaddress = $request['ap_custemailaddress'];
$this->ap_custfirstname = $request['ap_custfirstname'];
$this->ap_custlastname = $request['ap_custlastname'];
$this->ap_custaddress = $request['ap_custaddress'];
$this->ap_custcity = $request['ap_custcity'];
$this->ap_custstate = $request['ap_custstate'];
$this->ap_custcountry = $request['ap_custcountry'];
$this->ap_custzip = $request['ap_custzip'];
$this->ap_merchant = $request['ap_merchant'];
$this->ap_referencenumber = $request['ap_referencenumber'];
$this->ap_totalamount = $request['ap_totalamount'];
$this->ap_currency = $request['ap_currency'];
$this->ap_amount = $request['ap_amount'];
$this->ap_itemname = $request['ap_itemname'];
$this->ap_securitycode = $request['ap_securitycode'];
$this->ap_status = $request['ap_status'];
$this->ap_test = $request['ap_test'];
if (!$this->_allowedIp()) {
$this->_logFailure('Invalid IP');
header('HTTP/1.0 403 Forbidden');
header('Content-type: text/plain; charset=UTF-8');
print 'We were unable to authenticate the request';
exit(0);
}
if (!$this->invoice->id) {
$this->_logFailure('Invoice not found');
header('HTTP/1.0 404 Not Found');
header('Content-type: text/plain; charset=UTF-8');
print 'Invoice not found';
exit(0);
}
if (($this->ap_currency != web_invoice_meta($this->invoice->id, 'web_invoice_currency_code'))) {
$this->_logFailure('Invalid currency');
header('HTTP/1.0 400 Bad Request');
header('Content-type: text/plain; charset=UTF-8');
print 'We were not expecting you. REF: AP0';
exit(0);
}
if (($this->ap_totalamount != $this->invoice->display('amount'))) {
$this->_logFailure('Invalid amount');
header('HTTP/1.0 400 Bad Request');
header('Content-type: text/plain; charset=UTF-8');
print 'We were not expecting you. REF: AP1';
exit(0);
}
if (($this->ap_merchant != get_option('web_invoice_alertpay_address'))) {
$this->_logFailure('Invalid pay_to_email');
header('HTTP/1.0 400 Bad Request');
header('Content-type: text/plain; charset=UTF-8');
print 'We were not expecting you. REF: AP2';
exit(0);
}
if ($this->ap_securitycode != get_option('web_invoice_alertpay_secret')) {
$this->_logFailure('Invalid security code');
header('HTTP/1.0 403 Forbidden');
header('Content-type: text/plain; charset=UTF-8');
print 'We were unable to authenticate the request';
exit(0);
}
if (strtolower($this->ap_status) != "success") {
$this->_logSuccess('Payment failed (status)');
header('HTTP/1.0 200 OK');
header('Content-type: text/plain; charset=UTF-8');
print 'Thank you very much for letting us know. REF: Not success';
exit(0);
}
if ($this->ap_test == 1) {
if (get_option('web_invoice_alertpay_test_mode') == 'TRUE') {
$this->_logFailure('Test payment');
$this->updateContactInfo();
}
} else {
$this->updateContactInfo();
web_invoice_mark_as_paid($this->invoice->id);
}
header('HTTP/1.0 200 OK');
header('Content-type: text/plain; charset=UTF-8');
print 'Thank you very much for letting us know';
exit(0);
}
}