1
14
15 package com.liferay.portlet.shopping.action;
16
17 import com.liferay.portal.kernel.io.unsync.UnsyncBufferedReader;
18 import com.liferay.portal.kernel.io.unsync.UnsyncPrintWriter;
19 import com.liferay.portal.kernel.log.Log;
20 import com.liferay.portal.kernel.log.LogFactoryUtil;
21 import com.liferay.portal.kernel.util.HttpUtil;
22 import com.liferay.portal.kernel.util.ParamUtil;
23 import com.liferay.portal.util.PortalUtil;
24 import com.liferay.portlet.shopping.NoSuchOrderException;
25 import com.liferay.portlet.shopping.model.ShoppingOrder;
26 import com.liferay.portlet.shopping.service.ShoppingOrderLocalServiceUtil;
27 import com.liferay.portlet.shopping.util.ShoppingPreferences;
28 import com.liferay.portlet.shopping.util.ShoppingUtil;
29
30 import java.io.InputStreamReader;
31 import java.io.PrintWriter;
32
33 import java.net.URL;
34 import java.net.URLConnection;
35
36 import java.util.Enumeration;
37
38 import javax.servlet.http.HttpServletRequest;
39 import javax.servlet.http.HttpServletResponse;
40
41 import org.apache.struts.action.Action;
42 import org.apache.struts.action.ActionForm;
43 import org.apache.struts.action.ActionForward;
44 import org.apache.struts.action.ActionMapping;
45
46
51 public class PayPalNotificationAction extends Action {
52
53 public ActionForward execute(
54 ActionMapping mapping, ActionForm form, HttpServletRequest request,
55 HttpServletResponse response)
56 throws Exception {
57
58 String invoice = null;
59
60 try {
61 if (_log.isDebugEnabled()) {
62 _log.debug("Receiving notification from PayPal");
63 }
64
65 String query = "cmd=_notify-validate";
66
67 Enumeration<String> enu = request.getParameterNames();
68
69 while (enu.hasMoreElements()) {
70 String name = enu.nextElement();
71
72 String value = request.getParameter(name);
73
74 query = query + "&" + name + "=" + HttpUtil.encodeURL(value);
75 }
76
77 if (_log.isDebugEnabled()) {
78 _log.debug("Sending response to PayPal " + query);
79 }
80
81 URL url = new URL("https://www.paypal.com/cgi-bin/webscr");
82
83 URLConnection urlc = url.openConnection();
84
85 urlc.setDoOutput(true);
86 urlc.setRequestProperty(
87 "Content-Type","application/x-www-form-urlencoded");
88
89 PrintWriter pw = new UnsyncPrintWriter(urlc.getOutputStream());
90
91 pw.println(query);
92
93 pw.close();
94
95 UnsyncBufferedReader unsyncBufferedReader =
96 new UnsyncBufferedReader(
97 new InputStreamReader(urlc.getInputStream()));
98
99 String payPalStatus = unsyncBufferedReader.readLine();
100
101 unsyncBufferedReader.close();
102
103 String itemName = ParamUtil.getString(request, "item_name");
104 String itemNumber = ParamUtil.getString(request, "item_number");
105 invoice = ParamUtil.getString(request, "invoice");
106 String txnId = ParamUtil.getString(request, "txn_id");
107 String paymentStatus = ParamUtil.getString(
108 request, "payment_status");
109 double paymentGross = ParamUtil.getDouble(request, "mc_gross");
110 String receiverEmail = ParamUtil.getString(
111 request, "receiver_email");
112 String payerEmail = ParamUtil.getString(request, "payer_email");
113
114 if (_log.isDebugEnabled()) {
115 _log.debug("Receiving response from PayPal");
116 _log.debug("Item name " + itemName);
117 _log.debug("Item number " + itemNumber);
118 _log.debug("Invoice " + invoice);
119 _log.debug("Transaction ID " + txnId);
120 _log.debug("Payment status " + paymentStatus);
121 _log.debug("Payment gross " + paymentGross);
122 _log.debug("Receiver email " + receiverEmail);
123 _log.debug("Payer email " + payerEmail);
124 }
125
126 if (payPalStatus.equals("VERIFIED") && validate(request)) {
127 ShoppingOrderLocalServiceUtil.completeOrder(
128 invoice, txnId, paymentStatus, paymentGross, receiverEmail,
129 payerEmail, true);
130 }
131 else if (payPalStatus.equals("INVALID")) {
132 }
133
134 return null;
135 }
136 catch (Exception e) {
137 PortalUtil.sendError(e, request, response);
138
139 return null;
140 }
141 }
142
143 protected boolean validate(HttpServletRequest request) throws Exception {
144
145
147 String ppInvoice = ParamUtil.getString(request, "invoice");
148
149 ShoppingOrder order = ShoppingOrderLocalServiceUtil.getOrder(
150 ppInvoice);
151
152 ShoppingPreferences shoppingPrefs = ShoppingPreferences.getInstance(
153 order.getCompanyId(), order.getGroupId());
154
155
157 String ppReceiverEmail = ParamUtil.getString(
158 request, "receiver_email");
159
160 String payPalEmailAddress = shoppingPrefs.getPayPalEmailAddress();
161
162 if (!payPalEmailAddress.equals(ppReceiverEmail)) {
163 return false;
164 }
165
166
168 double ppGross = ParamUtil.getDouble(request, "mc_gross");
169
170 double orderTotal = ShoppingUtil.calculateTotal(order);
171
172 if (orderTotal != ppGross) {
173 return false;
174 }
175
176
178 String ppCurrency = ParamUtil.getString(request, "mc_currency");
179
180 String currencyId = shoppingPrefs.getCurrencyId();
181
182 if (!currencyId.equals(ppCurrency)) {
183 return false;
184 }
185
186
188 String ppTxnId = ParamUtil.getString(request, "txn_id");
189
190 try {
191 ShoppingOrderLocalServiceUtil.getPayPalTxnIdOrder(ppTxnId);
192
193 return false;
194 }
195 catch (NoSuchOrderException nsoe) {
196 }
197
198 return true;
199 }
200
201 private static Log _log = LogFactoryUtil.getLog(
202 PayPalNotificationAction.class);
203
204 }