1
19
20 package com.liferay.portlet.shopping.action;
21
22 import com.liferay.portal.kernel.log.Log;
23 import com.liferay.portal.kernel.log.LogFactoryUtil;
24 import com.liferay.portal.kernel.util.HttpUtil;
25 import com.liferay.portal.kernel.util.ParamUtil;
26 import com.liferay.portal.util.PortalUtil;
27 import com.liferay.portlet.shopping.NoSuchOrderException;
28 import com.liferay.portlet.shopping.model.ShoppingOrder;
29 import com.liferay.portlet.shopping.service.ShoppingOrderLocalServiceUtil;
30 import com.liferay.portlet.shopping.util.ShoppingPreferences;
31 import com.liferay.portlet.shopping.util.ShoppingUtil;
32
33 import java.io.BufferedReader;
34 import java.io.InputStreamReader;
35 import java.io.PrintWriter;
36
37 import java.net.URL;
38 import java.net.URLConnection;
39
40 import java.util.Enumeration;
41
42 import javax.servlet.http.HttpServletRequest;
43 import javax.servlet.http.HttpServletResponse;
44
45 import org.apache.struts.action.Action;
46 import org.apache.struts.action.ActionForm;
47 import org.apache.struts.action.ActionForward;
48 import org.apache.struts.action.ActionMapping;
49
50
56 public class PayPalNotificationAction extends Action {
57
58 public ActionForward execute(
59 ActionMapping mapping, ActionForm form, HttpServletRequest request,
60 HttpServletResponse response)
61 throws Exception {
62
63 String invoice = null;
64
65 try {
66 if (_log.isDebugEnabled()) {
67 _log.debug("Receiving notification from PayPal");
68 }
69
70 String query = "cmd=_notify-validate";
71
72 Enumeration<String> enu = request.getParameterNames();
73
74 while (enu.hasMoreElements()) {
75 String name = enu.nextElement();
76
77 String value = request.getParameter(name);
78
79 query = query + "&" + name + "=" + HttpUtil.encodeURL(value);
80 }
81
82 if (_log.isDebugEnabled()) {
83 _log.debug("Sending response to PayPal " + query);
84 }
85
86 URL url = new URL("https://www.paypal.com/cgi-bin/webscr");
87
88 URLConnection urlc = url.openConnection();
89
90 urlc.setDoOutput(true);
91 urlc.setRequestProperty(
92 "Content-Type","application/x-www-form-urlencoded");
93
94 PrintWriter pw = new PrintWriter(urlc.getOutputStream());
95
96 pw.println(query);
97
98 pw.close();
99
100 BufferedReader br = new BufferedReader(
101 new InputStreamReader(urlc.getInputStream()));
102
103 String payPalStatus = br.readLine();
104
105 br.close();
106
107 String itemName = ParamUtil.getString(request, "item_name");
108 String itemNumber = ParamUtil.getString(request, "item_number");
109 invoice = ParamUtil.getString(request, "invoice");
110 String txnId = ParamUtil.getString(request, "txn_id");
111 String paymentStatus = ParamUtil.getString(
112 request, "payment_status");
113 double paymentGross = ParamUtil.getDouble(request, "mc_gross");
114 String receiverEmail = ParamUtil.getString(
115 request, "receiver_email");
116 String payerEmail = ParamUtil.getString(request, "payer_email");
117
118 if (_log.isDebugEnabled()) {
119 _log.debug("Receiving response from PayPal");
120 _log.debug("Item name " + itemName);
121 _log.debug("Item number " + itemNumber);
122 _log.debug("Invoice " + invoice);
123 _log.debug("Transaction ID " + txnId);
124 _log.debug("Payment status " + paymentStatus);
125 _log.debug("Payment gross " + paymentGross);
126 _log.debug("Receiver email " + receiverEmail);
127 _log.debug("Payer email " + payerEmail);
128 }
129
130 if (payPalStatus.equals("VERIFIED") && validate(request)) {
131 ShoppingOrderLocalServiceUtil.completeOrder(
132 invoice, txnId, paymentStatus, paymentGross, receiverEmail,
133 payerEmail, true);
134 }
135 else if (payPalStatus.equals("INVALID")) {
136 }
137
138 return null;
139 }
140 catch (Exception e) {
141 PortalUtil.sendError(e, request, response);
142
143 return null;
144 }
145 }
146
147 protected boolean validate(HttpServletRequest request) throws Exception {
148
149
151 String ppInvoice = ParamUtil.getString(request, "invoice");
152
153 ShoppingOrder order = ShoppingOrderLocalServiceUtil.getOrder(
154 ppInvoice);
155
156 ShoppingPreferences shoppingPrefs = ShoppingPreferences.getInstance(
157 order.getCompanyId(), order.getGroupId());
158
159
161 String ppReceiverEmail = ParamUtil.getString(
162 request, "receiver_email");
163
164 String payPalEmailAddress = shoppingPrefs.getPayPalEmailAddress();
165
166 if (!payPalEmailAddress.equals(ppReceiverEmail)) {
167 return false;
168 }
169
170
172 double ppGross = ParamUtil.getDouble(request, "mc_gross");
173
174 double orderTotal = ShoppingUtil.calculateTotal(order);
175
176 if (orderTotal != ppGross) {
177 return false;
178 }
179
180
182 String ppCurrency = ParamUtil.getString(request, "mc_currency");
183
184 String currencyId = shoppingPrefs.getCurrencyId();
185
186 if (!currencyId.equals(ppCurrency)) {
187 return false;
188 }
189
190
192 String ppTxnId = ParamUtil.getString(request, "txn_id");
193
194 try {
195 ShoppingOrderLocalServiceUtil.getPayPalTxnIdOrder(ppTxnId);
196
197 return false;
198 }
199 catch (NoSuchOrderException nsoe) {
200 }
201
202 return true;
203 }
204
205 private static Log _log =
206 LogFactoryUtil.getLog(PayPalNotificationAction.class);
207
208 }