Updated code for latest version

paytm · Oct 16, 2018 · 1d8146f · 1d8146f
1 parent 4ebb53a
commit 1d8146f
Show file tree

Hide file tree

Showing 18 changed files with 2,136 additions and 0 deletions.
diff --git a/PaytmCommerceV7.x/README.md b/PaytmCommerceV7.x/README.md
@@ -0,0 +1,37 @@
+# Installation Steps
+ 1. Upload the contents of the folder named commerce_paytm into ../sites/all/modules/
+ 2. Enable the module at ../admin/build/modules
+ 3. Open ../sites/all/modules/commerce_paytm/posttopaytm.php then enter 
+ 4. Your secret key in the file.
+ 5. Enable Paytm as a payment method
+ 6. Enter your Paytm Merchant id and Secret key
+ 7. Set the Paytm payment mode to either one of the following:
+   - Live(Value = 1)
+   - Test(Value = 0)
+ 8. Save the changes.
+
+# PLUGIN FILE DESCRIPTION:
+
+The plugin has the following files.
+ - commerce_paytm.info
+ - commerce_paytm.module
+ - posttopaytm.php
+ - checksum.php
+
+These are simple PHP files with different extensions 
+ * commerce_paytm.info - This is simple file which has information about the payment module.
+ * commerce_paytm.module - This is the core file which includes all the funcionalities for the module like posting cart information to Paytm with checksum and getting the response etc ..,  
+ * posttopaytm.php - This is the php file which is responsible for posting the form to the Paytm API.
+ * checksum.php - Cotains general functions to find checksum.
+
+# SPECIAL NOTE
+ Create a custom field for phone number named "phone number" and provide its machine name as "field_phone_number" at the checkout page. 
+
+# Paytm PG URL Details
+	staging	
+		Transaction URL             => https://securegw-stage.paytm.in/theia/processTransaction
+		Transaction Status Url      => https://securegw-stage.paytm.in/merchant-status/getTxnStatus
+
+	Production
+		Transaction URL             => https://securegw.paytm.in/theia/processTransaction
+		Transaction Status Url      => https://securegw.paytm.in/merchant-status/getTxnStatus
diff --git a/PaytmCommerceV7.x/commerce_paytm/LICENSE.txt b/PaytmCommerceV7.x/commerce_paytm/LICENSE.txt
diff --git a/PaytmCommerceV7.x/commerce_paytm/Readme.txt b/PaytmCommerceV7.x/commerce_paytm/Readme.txt
@@ -0,0 +1,49 @@
+
+Payment Module : Paytm
+*****************************
+
+	 Paytm - Simplifying payments in India 
+
+		Our aim is to solve the payment pain points for eCommerce in India.
+
+**************************************************************************************		
+
+An installation procedure for the module:
+
+		- Get a merchant account from Paytm
+		- Unzip the contents of the module (or upload the unzipped folder named commerce_paytm) at 
+		   ../sites/all/modules/commerce/modules/payment/
+		- Enable the module at ../admin/build/modules
+		- open ../sites/all/modules/commerce/modules/payment/commerce_paytm/posttopaytm.php and  ../sites/all/modules/commerce/modules/payment/commerce_paytm/response.php .Then, enter 
+		  your secret key in both the files.
+		- Enable Paytm as a payment method
+		- Enter your Paytm Merchant id and Secret key, set the Paytm payment mode 
+		   to Live(Value = 1) or Test(Value = 0) and save the changes.
+
+**********************************************************************************************************		
+
+DESCRIPTION :
+
+		When you Extract the zip file, it has five files
+				- commerce_paytm.info
+				- commerce_paytm.module
+				- posttopaytm.php
+				- checksum.php
+
+		These are simple PHP files with different extensions 
+
+			* commerce_paytm.info - This is simple file which has information about the payment module.
+			* commerce_paytm.module - This is the core file which includes all the funcionalities for the 
+										module like posting cart information to Paytm with checksum and 
+										getting the response etc ..,  
+			* posttopaytm.php - This is the php file which is responsible for posting the form to the Paytm API.
+			* checksum.php - Cotains general functions to find checksum.
+
+***************************************************************************************************************************
+
+SPECIAL NOTES :
+
+- Create a custom field for phone number named "phone number" name its machine name as "field_phone_number" at checkout page. 
+
+
+****************************************************************************************************************************************
diff --git a/PaytmCommerceV7.x/commerce_paytm/checksum.php b/PaytmCommerceV7.x/commerce_paytm/checksum.php
@@ -0,0 +1,186 @@
+<?php
+Class Checksum {
+	public static function calculateChecksum($secret_key, $all) {
+		$hash = hash_hmac('sha256', $all , $secret_key);
+		$checksum = $hash;
+		return $checksum;
+	}
+
+	public static function getAllParams() {
+		//ksort($_POST);
+		$all = '';
+		foreach($_POST as $key => $value)	{
+			if($key != 'checksum') {
+				$all .= "'";
+				if ($key == 'returnUrl') {
+					$all .= Checksum::sanitizedURL($value);
+				} else {	
+					$all .= Checksum::sanitizedParam($value);
+				}
+				$all .= "'";
+			}
+		}
+		return $all;
+	}
+
+	public static function outputForm($checksum) {
+		//ksort($_POST);
+		foreach($_POST as $key => $value) {
+			if ($key == 'returnUrl') {
+				echo '<input type="hidden" name="'.$key.'" value="'.Checksum::sanitizedURL($value).'" />'."\n";
+			} else {
+				echo '<input type="hidden" name="'.$key.'" value="'.Checksum::sanitizedParam($value).'" />'."\n";
+			}
+		}
+		echo '<input type="hidden" name="checksum" value="'.$checksum.'" />'."\n";
+	}
+
+	public static function verifyChecksum($checksum, $all, $secret) {
+		$cal_checksum = Checksum::calculateChecksum($secret, $all);
+		$bool = 0;
+		if($checksum == $cal_checksum)	{
+			$bool = 1;
+		}
+
+		return $bool;
+	}
+
+	public static function sanitizedParam($param) {
+		$pattern[0] = "%,%";
+	        $pattern[1] = "%#%";
+	        $pattern[2] = "%\(%";
+       		$pattern[3] = "%\)%";
+	        $pattern[4] = "%\{%";
+	        $pattern[5] = "%\}%";
+	        $pattern[6] = "%<%";
+	        $pattern[7] = "%>%";
+	        $pattern[8] = "%`%";
+	        $pattern[9] = "%!%";
+	        $pattern[10] = "%\\$%";
+	        $pattern[11] = "%\%%";
+	        $pattern[12] = "%\^%";
+	        $pattern[13] = "%=%";
+	        $pattern[14] = "%\+%";
+	        $pattern[15] = "%\|%";
+	        $pattern[16] = "%\\\%";
+	        $pattern[17] = "%:%";
+	        $pattern[18] = "%'%";
+	        $pattern[19] = "%\"%";
+	        $pattern[20] = "%;%";
+	        $pattern[21] = "%~%";
+	        $pattern[22] = "%\[%";
+	        $pattern[23] = "%\]%";
+	        $pattern[24] = "%\*%";
+	        $pattern[25] = "%&%";
+        	$sanitizedParam = preg_replace($pattern, "", $param);
+		return $sanitizedParam;
+	}
+
+	public static function sanitizedURL($param) {
+		$pattern[0] = "%,%";
+	        $pattern[1] = "%\(%";
+       		$pattern[2] = "%\)%";
+	        $pattern[3] = "%\{%";
+	        $pattern[4] = "%\}%";
+	        $pattern[5] = "%<%";
+	        $pattern[6] = "%>%";
+	        $pattern[7] = "%`%";
+	        $pattern[8] = "%!%";
+	        $pattern[9] = "%\\$%";
+	        $pattern[10] = "%\%%";
+	        $pattern[11] = "%\^%";
+	        $pattern[12] = "%\+%";
+	        $pattern[13] = "%\|%";
+	        $pattern[14] = "%\\\%";
+	        $pattern[15] = "%'%";
+	        $pattern[16] = "%\"%";
+	        $pattern[17] = "%;%";
+	        $pattern[18] = "%~%";
+	        $pattern[19] = "%\[%";
+	        $pattern[20] = "%\]%";
+	        $pattern[21] = "%\*%";
+        	$sanitizedParam = preg_replace($pattern, "", $param);
+		return $sanitizedParam;
+	}
+
+	public static function outputResponse($bool) {
+		foreach($_POST as $key => $value) {
+			if ($bool == TRUE) {
+				if ($key == "RESPCODE") {
+					echo '<tr><td width="50%" align="center" valign="middle">'.$key.'</td>
+						<td width="50%" align="center" valign="middle"><font color=Red>***</font></td></tr>';
+				} else if ($key == "RESPMSG") {
+					echo '<tr><td width="50%" align="center" valign="middle">'.$key.'</td>
+						<td width="50%" align="center" valign="middle"><font color=Red>This response is compromised.</font></td></tr>';
+				} else {
+					echo '<tr><td width="50%" align="center" valign="middle">'.$key.'</td>
+						<td width="50%" align="center" valign="middle">'.$value.'</td></tr>';
+				}
+			} else {
+				echo '<tr><td width="50%" align="center" valign="middle">'.$key.'</td>
+					<td width="50%" align="center" valign="middle">'.$value.'</td></tr>';
+			}
+		}
+		echo '<tr><td width="50%" align="center" valign="middle">Checksum Verified?</td>';
+		if($bool == TRUE) {
+			echo '<td width="50%" align="center" valign="middle">Yes</td></tr>';
+			}
+		else {
+			echo '<td width="50%" align="center" valign="middle"><font color=Red>No</font></td></tr>';
+		}
+	}
+
+
+
+// validate payment
+function paytm_redirect_form_validate($order, $payment_method, $checksum_check) {
+  echo $checksum_check;
+  $bool= $checksum_check;
+
+  $orderId =  $_REQUEST['ORDERID'];
+  $responseCode = $_REQUEST['RESPCODE'];
+  $responseDescription = $_REQUEST['RESPMSG'];
+  $recd_checksum = $_REQUEST['CHECKSUMHASH'];
+//$secret_key = $payment_method['settings']['secret_key'];
+ echo "BBBBBBBBBBBBBBBB".$bool;
+
+  $message = t('Security error ip Address was: @ip', array('@ip' => ip_address()));
+  if ( $bool == TRUE && $responseCode == "01" ) {
+     echo "CCCCCCCCCCCCCCC";
+	return drupal_set_message(t('Thank you for shopping with us. Your account has been charged and your transaction is successful.'));
+    echo "DDDDDDDDDDDDDDDDDDD";
+	commerce_paytm_transaction($order, $payment_method);
+  } 
+  elseif ( $bool == TRUE && $responseCode != "01" ) {
+    return drupal_set_message(('Thank you for shopping with us.However,the transaction has been declined.'));
+    commerce_paytm_transaction($order, $payment_method);
+  } 
+
+  else {
+    return drupal_set_message(t('Security Error. Illegal access detected. We will store your IP address.'), ERROR );
+    watchdog('commerce_paytm', $message, NULL, WATCHDOG_ERROR);
+  }
+}
+
+function commerce_paytm_transaction($order, $payment_method) {
+// ask results from verify function
+
+  $wrapper = entity_metadata_wrapper('commerce_order', $order);
+  $currency = $wrapper->commerce_order_total->currency_code->value();
+  $amount = $wrapper->commerce_order_total->amount->value();
+  $transaction->instance_id = $payment_method['instance_id'];
+  $transaction->amount = $amount;
+  $transaction->currency_code = $currency;
+  $transaction->remote_status = t('Success');
+  $transaction->status = COMMERCE_PAYMENT_STATUS_SUCCESS;
+  $transaction->message = t('Payment received at') . ' ' . date("d-m-Y H:i:s", REQUEST_TIME);
+  commerce_payment_transaction_save($transaction);
+}
+
+
+// helper functions.. 
+
+
+
+}
+?>
diff --git a/PaytmCommerceV7.x/commerce_paytm/commerce_paytm.info b/PaytmCommerceV7.x/commerce_paytm/commerce_paytm.info
@@ -0,0 +1,10 @@
+name = paytm
+description = Commerce paytm Payment Gateway Module
+package = Commerce (contrib)
+dependencies[] = commerce
+dependencies[] = commerce_payment
+dependencies[] = commerce_ui
+dependencies[] = commerce_order
+core = 7.x
+
+