1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
#!/usr/bin/perl -T
#!/usr/bin/perl -Tw
use strict;
use vars qw( $cgi $self_url $error
$collect_html $collect_template
);
use subs qw( print_redirect print_collect collect_default );
use CGI;
use Text::Template;
use Business::CreditCard;
my $redirect_url = "http://127.0.0.1/selfservice/verify.cgi";
$collect_html = -e 'collect.html'
? 'collect.html'
: '/usr/local/freeside/collect.html';
if ( -e $collect_html ) {
my $collect_txt = Text::Template::_load_text($collect_html)
or die $Text::Template::ERROR;
$collect_txt =~ /^(.*)$/s; #untaint the template source - it's trusted
$collect_txt = $1;
$collect_template = new Text::Template ( TYPE => 'STRING',
SOURCE => $collect_txt,
DELIMITERS => [ '<%=', '%>' ],
)
or die $Text::Template::ERROR;
} else {
$collect_template = new Text::Template ( TYPE => 'STRING',
SOURCE => &collect_default,
DELIMITERS => [ '<%=', '%>' ],
)
or die $Text::Template::ERROR;
}
$cgi = new CGI;
if ( defined($cgi->param('magic')) && $cgi->param('magic') eq 'process' ) {
$error = '';
$cgi->param('paydate' => $cgi->param( 'month' ). '-'.
$cgi->param( 'year' )
);
my $payinfo = $cgi->param('payinfo');
$payinfo =~ s/\D//g;
$payinfo =~ /^(\d{13,16})$/ or $error ||= "Invalid card";
$payinfo = $1;
validate($payinfo) or $error ||= "Invalid card";
my %rv = ( map { $_ => scalar($cgi->param($_)) } qw( reference amount ) );
unless ( $error ) {
$error = '_decline' unless $payinfo eq '4111111111111111';
}
if ( $error eq '_decline' ) {
$rv{status} = '01';
$rv{message} = 'Declined';
print_redirect( %rv );
} elsif ( $error eq '_collect' ) {
print_collect();
} elsif ( $error ) {
print_collect();
} else {
$rv{status} = '00';
$rv{message} = 'Approved';
print_redirect( %rv );
}
} else {
$error = '';
print_collect();
}
sub print_collect {
$error = "Error: $error" if $error;
my $r = { $cgi->Vars, 'error' => $error };
$r->{self_url} = $cgi->self_url;
print $cgi->header( '-expires' => 'now' ),
$collect_template->fill_in( PACKAGE => 'FS::SelfService::_signupcgi',
HASH => $r
);
}
use Data::Dumper;
sub print_redirect {
my %param = @_;
my $param = join('&', map { "$_=". $param{$_} } keys %param );
warn Dumper($param);
print $cgi->redirect( '-uri' => $redirect_url. '?'. $param );
}
sub collect_default { #html to use if there is a collect phase
<<'END';
<HTML><HEAD><TITLE>Pay now</TITLE></HEAD>
<BODY BGCOLOR="#e8e8e8"><FONT SIZE=7>Pay now</FONT><BR><BR>
<FONT SIZE="+1" COLOR="#FF00000"><%= $error %></FONT><BR>
You are about to contact our payment processor to pay <%= $amount %> for
<%= $pkg %>.<BR><BR>
Your transaction reference number is <%= $reference %><BR><BR>
<FORM NAME="collect_popper" method="post" action="<%= $self_url %>">
<INPUT NAME="magic" TYPE="hidden" VALUE="process">
<INPUT NAME="amount" TYPE="hidden" VALUE="<%= $amount %>">
<INPUT NAME="reference" TYPE="hidden" VALUE="<%= $reference %>">
Card Number:<INPUT NAME="payinfo" TYPE="text" VALUE=""><BR>
<INPUT NAME="submit" type="submit" value="Pay now">
</FORM>
</BODY></HTML>
END
}
# subs for the templates...
package FS::SelfService::_signupcgi;
use HTML::Entities;
|
