1
14
15 package com.liferay.portlet.shopping.action;
16
17 import com.liferay.portal.kernel.io.unsync.UnsyncBufferedReader;
18 import com.liferay.portal.kernel.log.Log;
19 import com.liferay.portal.kernel.log.LogFactoryUtil;
20 import com.liferay.portal.kernel.util.HttpUtil;
21 import com.liferay.portal.kernel.util.ParamUtil;
22 import com.liferay.portal.util.PortalUtil;
23 import com.liferay.portlet.shopping.NoSuchOrderException;
24 import com.liferay.portlet.shopping.model.ShoppingOrder;
25 import com.liferay.portlet.shopping.service.ShoppingOrderLocalServiceUtil;
26 import com.liferay.portlet.shopping.util.ShoppingPreferences;
27 import com.liferay.portlet.shopping.util.ShoppingUtil;
28
29 import java.io.InputStreamReader;
30 import java.io.PrintWriter;
31
32 import java.net.URL;
33 import java.net.URLConnection;
34
35 import java.util.Enumeration;
36
37 import javax.servlet.http.HttpServletRequest;
38 import javax.servlet.http.HttpServletResponse;
39
40 import org.apache.struts.action.Action;
41 import org.apache.struts.action.ActionForm;
42 import org.apache.struts.action.ActionForward;
43 import org.apache.struts.action.ActionMapping;
44
45
50 public class PayPalNotificationAction extends Action {
51
52 public ActionForward execute(
53 ActionMapping mapping, ActionForm form, HttpServletRequest request,
54 HttpServletResponse response)
55 throws Exception {
56
57 String invoice = null;
58
59 try {
60 if (_log.isDebugEnabled()) {
61 _log.debug("Receiving notification from PayPal");
62 }
63
64 String query = "cmd=_notify-validate";
65
66 Enumeration<String> enu = request.getParameterNames();
67
68 while (enu.hasMoreElements()) {
69 String name = enu.nextElement();
70
71 String value = request.getParameter(name);
72
73 query = query + "&" + name + "=" + HttpUtil.encodeURL(value);
74 }
75
76 if (_log.isDebugEnabled()) {
77 _log.debug("Sending response to PayPal " + query);
78 }
79
80 URL url = new URL("https://www.paypal.com/cgi-bin/webscr");
81
82 URLConnection urlc = url.openConnection();
83
84 urlc.setDoOutput(true);
85 urlc.setRequestProperty(
86 "Content-Type","application/x-www-form-urlencoded");
87
88 PrintWriter pw = new PrintWriter(urlc.getOutputStream());
89
90 pw.println(query);
91
92 pw.close();
93
94 UnsyncBufferedReader unsyncBufferedReader =
95 new UnsyncBufferedReader(
96 new InputStreamReader(urlc.getInputStream()));
97
98 String payPalStatus = unsyncBufferedReader.readLine();
99
100 unsyncBufferedReader.close();
101
102 String itemName = ParamUtil.getString(request, "item_name");
103 String itemNumber = ParamUtil.getString(request, "item_number");
104 invoice = ParamUtil.getString(request, "invoice");
105 String txnId = ParamUtil.getString(request, "txn_id");
106 String paymentStatus = ParamUtil.getString(
107 request, "payment_status");
108 double paymentGross = ParamUtil.getDouble(request, "mc_gross");
109 String receiverEmail = ParamUtil.getString(
110 request, "receiver_email");
111 String payerEmail = ParamUtil.getString(request, "payer_email");
112
113 if (_log.isDebugEnabled()) {
114 _log.debug("Receiving response from PayPal");
115 _log.debug("Item name " + itemName);
116 _log.debug("Item number " + itemNumber);
117 _log.debug("Invoice " + invoice);
118 _log.debug("Transaction ID " + txnId);
119 _log.debug("Payment status " + paymentStatus);
120 _log.debug("Payment gross " + paymentGross);
121 _log.debug("Receiver email " + receiverEmail);
122 _log.debug("Payer email " + payerEmail);
123 }
124
125 if (payPalStatus.equals("VERIFIED") && validate(request)) {
126 ShoppingOrderLocalServiceUtil.completeOrder(
127 invoice, txnId, paymentStatus, paymentGross, receiverEmail,
128 payerEmail, true);
129 }
130 else if (payPalStatus.equals("INVALID")) {
131 }
132
133 return null;
134 }
135 catch (Exception e) {
136 PortalUtil.sendError(e, request, response);
137
138 return null;
139 }
140 }
141
142 protected boolean validate(HttpServletRequest request) throws Exception {
143
144
146 String ppInvoice = ParamUtil.getString(request, "invoice");
147
148 ShoppingOrder order = ShoppingOrderLocalServiceUtil.getOrder(
149 ppInvoice);
150
151 ShoppingPreferences shoppingPrefs = ShoppingPreferences.getInstance(
152 order.getCompanyId(), order.getGroupId());
153
154
156 String ppReceiverEmail = ParamUtil.getString(
157 request, "receiver_email");
158
159 String payPalEmailAddress = shoppingPrefs.getPayPalEmailAddress();
160
161 if (!payPalEmailAddress.equals(ppReceiverEmail)) {
162 return false;
163 }
164
165
167 double ppGross = ParamUtil.getDouble(request, "mc_gross");
168
169 double orderTotal = ShoppingUtil.calculateTotal(order);
170
171 if (orderTotal != ppGross) {
172 return false;
173 }
174
175
177 String ppCurrency = ParamUtil.getString(request, "mc_currency");
178
179 String currencyId = shoppingPrefs.getCurrencyId();
180
181 if (!currencyId.equals(ppCurrency)) {
182 return false;
183 }
184
185
187 String ppTxnId = ParamUtil.getString(request, "txn_id");
188
189 try {
190 ShoppingOrderLocalServiceUtil.getPayPalTxnIdOrder(ppTxnId);
191
192 return false;
193 }
194 catch (NoSuchOrderException nsoe) {
195 }
196
197 return true;
198 }
199
200 private static Log _log = LogFactoryUtil.getLog(
201 PayPalNotificationAction.class);
202
203 }