Developing (v7+)

URGENT Possible to 'post' successful order details to a third party for fulfilment?

Permalink May 01, 2014 at 1:33 PM

Hi there guys, any help you can provide is SERIOUSLY INVALUABLE at this time... I won't go into details...

I currently use paypal on my clients site but we require the use of this add-on, however we need to keep the third party fulfilment for the products meaning that we need a successful sale to post its variables to the third party's queue system.

IS IT POSSIBLE TO DO THIS through eCommerce?

The code currently in place (via paypal usage) is attached.

Thank you so, so much.

1 Attachment

mesuva replied on May 4, 2014 at 3:08 am Permalink Best Answer Reply

Yes, it is possible to have concrete5/eCommerce perform additional actions when orders are successfully put through, through the use of concrete5's 'events' system.

It would be a case of utilising the 'core_commerce_change_order_status' event that gets fired when the status of an order gets changed. Your code would check if the status got changed to STATUS_AUTHORIZED and would then fire off your custom code.

Seehttp://www.concrete5.org/documentation/developers/system/events... for an overview of concrete5's built in events, eCommerce just adds more events.

I've used this two times lately: to send additional notification emails (i.e. an email to a warehouse to let them know an order can be dispatched) as well as in a case where a third-party authentication API needed to be hit, to give a customer access to some digital resources.

This requires custom development (in my two cases I built new packages), but fortunately it doesn't require overriding or hacking eCommerce, just hooking into the events.

Here's a generic/stripped version of one of the package controllers I've developed (it's perhaps lazy that I've put the actual behaviour code inside the package controller, but it works fine):

<?php 
defined('C5_EXECUTE') or die(_("Access Denied."));
class CoreCommerceOrderStatusChangePackage extends Package {
   protected $pkgHandle = 'core_commerce_order_status_change';
   protected $appVersionRequired = '5.6.2.1';
   protected $pkgVersion = '0.9.1';
   public function getPackageDescription() {
      return t("Fire custom code when an order status changes");
   }
   public function getPackageName() {
      return t("Fire custom code when an order status changes");
   }
    public function on_start() {
        // extend the order change event here. (refers to a function in this file)
        Events::extend('core_commerce_change_order_status', 'CoreCommerceOrderStatusChangePackage', 'customCode', __FILE__);

Viewing 15 lines of 41 lines. View entire code block.

 
<?php 
defined('C5_EXECUTE') or die(_("Access Denied."));
 
class CoreCommerceOrderStatusChangePackage extends Package {
 
   protected $pkgHandle = 'core_commerce_order_status_change';
   protected $appVersionRequired = '5.6.2.1';
   protected $pkgVersion = '0.9.1';
 
   public function getPackageDescription() {
      return t("Fire custom code when an order status changes");
   }
 
   public function getPackageName() {
      return t("Fire custom code when an order status changes");
   }
 
    public function on_start() {
        // extend the order change event here. (refers to a function in this file)
        Events::extend('core_commerce_change_order_status', 'CoreCommerceOrderStatusChangePackage', 'customCode', __FILE__);
    }
 
    public function customCode($order, $newstatus, $oldstatus) {
       Loader::model('order/model', 'core_commerce'); 
 
       // id the status hasn't changed, return
       if ($newstatus == $oldstatus) {
          return false;   
       }
 
       // if we have moved from an unpaid status to a paid one 
       if ($newstatus == CoreCommerceOrder::STATUS_AUTHORIZED) {
 
          // perhaps handy to fetch as you normally need the product info for the order
            $orderproducts  = $order->getProducts();
 
            // ADD CUSTOM CODE HERE, send emails, hit an API, whatever
 
          }
    }
 
   public function install() {
      $installed = Package::getInstalledHandles();
 
      if( !(is_array($installed) && in_array('core_commerce',$installed)) ) {
         throw new Exception(t('This package requires that at least version 2.8.3 of the <a href="http://www.concrete5.org/marketplace/addons/ecommerce/" target="_blank">eCommerce package</a> is installed<br/>'));   
      }
 
      $pkg = Package::getByHandle('core_commerce');
      if (!is_object($pkg) || version_compare($pkg->getPackageVersion(), '2.8.3', '<')) {
         throw new Exception(t('You must upgrade the eCommerce add-on to version 2.8.3 or higher.'));
      }
 
      $pkg = parent::install();
 
   }
}

One thing to add is that I think it's better to tie this kind of behaviour to the change of status rather than trying to tie it into the actual Paypal payment process - you may down the track want to provide different methods of payment, but you'd still want to trigger off notifications if the order was manually flicked to authorized via the dashboard.

Hope that helps

jem1516 replied on May 6, 2014 at 9:08 am Permalink Reply

This is INSANELY helpful, so my initial thanks.

However, I am by no means brilliant with php, let me, if I may include the code I need to execute (taken from it's current working form from my clients site):-

<?php
$req = 'cmd=_notify-validate';
$username = "********";
$password = "********";
$hostname = "********";
$dbhl = mysql_connect($hostname, $username, $password)
   or die("Unable to connect to MySQL");
$dbl = mysql_select_db("logging",$dbhl)
   or die("Could not select logging");
$sql = "SET NAMES 'utf8'";
mysql_query($sql);
foreach ($_POST as $key => $value)
{
   $value = urlencode(stripslashes($value));
   $req .= "&$key=$value";

Viewing 15 lines of 175 lines. View entire code block.

<?php
$req = 'cmd=_notify-validate';
 
$username = "********";
$password = "********";
$hostname = "********";
$dbhl = mysql_connect($hostname, $username, $password)
   or die("Unable to connect to MySQL");
$dbl = mysql_select_db("logging",$dbhl)
   or die("Could not select logging");
$sql = "SET NAMES 'utf8'";
mysql_query($sql);
 
foreach ($_POST as $key => $value)
{
   $value = urlencode(stripslashes($value));
   $req .= "&$key=$value";
}
 
$sql = "INSERT INTO transdermal (dt,detail) VALUES (NOW(),'PAYPAL RETURNED : ".addslashes($req)."')";
mysql_query($sql) or die("Error writing logging information ".mysql_error());
// post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header.= "Content-Type: application/x-www-form-urlencoded\r\n";
$header.= "Content-Length: " . strlen($req) . "\r\n\r\n";
// test validate
$sql = "INSERT INTO transdermal (dt,detail) VALUES (NOW(),'Opening paypal socket')";
mysql_query($sql) or die("Error writing logging information".mysql_error());
//$fp = fsockopen ('www.sandbox.paypal.com', 80, $errno, $errstr, 30);
// live validate
$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
//-> uncomment when using paypal
$sql = "INSERT INTO transdermal (dt,detail) VALUES (NOW(),'Checking response from socket open')";
mysql_query($sql) or die("Error writing logging information".mysql_error());
if (!$fp) // HTTP ERROR Failed to connect
{
   $sql = "INSERT INTO transdermal (dt,detail) VALUES (NOW(),'HTTP ERROR from paypal post')";
   mysql_query($sql) or die("Error writing logging information".mysql_error());
   die("HTTP ERROR");
}
else
{
   $sql = "INSERT INTO transdermal (dt,detail) VALUES (NOW(),'Posting paypal response : ".addslashes($req)."')";
   mysql_query($sql) or die("Error writing logging information".mysql_error());
   fputs ($fp, $header . $req);
   while (!feof($fp))
   {
      $res = fgets ($fp, 1024);
      $sql = "INSERT INTO transdermal (dt,detail) VALUES (NOW(),'Paypal response returned : ".addslashes($res)."')";
      mysql_query($sql) or die("Error writing logging information".mysql_error());
      if (substr($res,0,8) == "VERIFIED")
      {
//         $item_name = $_REQUEST['item_name'];
//         $item_number = $_REQUEST['item_number'];
         $cid = $_REQUEST['custom'];
         $payment_status = $_REQUEST['payment_status'];
         $payment_amount = $_REQUEST['mc_gross'];         //full amount of payment. payment_gross in US
         $payment_currency = $_REQUEST['mc_currency'];
         $txn_id = $_REQUEST['txn_id'];                   //unique transaction id
         $receiver_email = $_REQUEST['receiver_email'];
         $payer_email = $_REQUEST['payer_email'];
         if ($payment_status == 'Completed') 
         {
            // Order done
            // This is where we will post it to iQue and do whatever else we want
            $url = "https://www.ique.co.uk/order_process/index.php";
            $customer_ref = $_REQUEST["custom"];
            $product_codes = "";
            $quantities = "";
            // check for up to 10 items
            for ($i=1;$i<11;$i++)
            {
               $item_name = $_REQUEST["item_name".$i];
               $product_code = $_REQUEST["item_number".$i];
               $quantity = $_REQUEST["quantity".$i];
               if ($item_name != "")
               {
                  $product_codes.= $product_code."|";
                  $quantities.= $quantity."|";
               }
            }
            $product_codes = substr($product_codes,0,strlen($product_codes)-1);
            $quantities = substr($quantities,0,strlen($quantities)-1);
            $ique_key = "vkek-lamx-kngh-rjlb";
            $fname = urldecode($_REQUEST["first_name"]);
            $sname = urldecode($_REQUEST["last_name"]);
 
            // now send to iQue
            $sql = "INSERT INTO transdermal (dt,detail) VALUES (NOW(),'Posting to iQue : ".addslashes($param)."')";
            mysql_query($sql) or die("Error writing logging information".mysql_error());
 
            $url = 'http://www.ique.co.uk/order_process/index.php';
            $fields = array(
                  'ique_key' => urlencode($ique_key),
                  'product_codes' => urlencode($product_codes),
                  'quantities' => urlencode($quantities),
                  'total_price' => urlencode(urldecode($_POST["mc_gross"])),
                  'total_shipping' => urlencode(urldecode($_POST["mc_shipping"])),
                  'allow_backorder' => "Y",
                  'customer_forename' => urlencode($fname),
                  'customer_surname' => urlencode($sname),
                  'address_1' => urlencode(urldecode($_POST["address_street"])),
                  'town' => urlencode(urldecode($_POST["address_city"])),
                  'county' => urlencode(urldecode($_POST["address_state"])),
                  'postcode' => urlencode(urldecode($_POST["address_zip"])),
                  'country' => urlencode(urldecode($_POST["address_country_code"])),
                  'customer_email' => urlencode(urldecode($_POST["payer_email"])),
                  'customer_ref' => urlencode($txn_id)
            );
            //url-ify the data for the POST
            foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
            rtrim($fields_string, '&');
            $sql = "INSERT INTO transdermal (dt,detail) VALUES (NOW(),'Fields for CURL : ".addslashes($fields_string)."')";
            mysql_query($sql) or die("Error writing logging information".mysql_error());
            //open connection
            $ch = curl_init();
            //set the url, number of POST vars, POST data
            curl_setopt($ch,CURLOPT_URL, $url);
            curl_setopt($ch,CURLOPT_POST, count($fields));
            curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);
            curl_setopt($ch,CURLOPT_RETURNTRANSFER, true);
 
            //execute post
            $result = curl_exec($ch);
 
            //if (strpos($result,'error') !== false) {
               // The message
               $message = $result;   
               // In case any of our lines are larger than 70 characters, we should use wordwrap()
               $message = wordwrap($message, 70, "\r\n");
               // Send
               mail('transdermaltechnology@gmail.com', 'Paypal Order', $message);
            //}
 
            //close connection
            curl_close($ch);            
            $sql = "INSERT INTO transdermal (dt,detail) VALUES (NOW(),'After iQue POST : ".addslashes($result)."')";
            mysql_query($sql) or die("Error writing logging information".mysql_error());
 
            //header("Location: ".$url."?".$param);
            exit();
//--> uncomment when using paypal
         }
         else
         {
            $sql = "INSERT INTO transdermal (dt,detail) VALUES (NOW(),'Order failed (No Verified in paypal response')";
            mysql_query($sql) or die("Error writing logging information".mysql_error());
            // Order failed - handle it here
            //IPN status not completed or security check fail
         }
      }         
   }
   fclose ($fp);
//--->
}
function new_voucher($pref="")
{
   $str = "";
   for ($i = 0;$i<10;$i++)
   {
      $num[$i] = 0;
      while (($num[$i] == 0) || ($num[$i] == 73) || ($num[$i] == 79))
      {
         $num[$i] = mt_rand(65,90);
      }
      $str.= chr($num[$i]);
   }
   $cd1 = 0;
   // calc checksum
   for ($j=0;$j<10;$j++)
   {
      $cd1+= $j * $num[$j];
   }
   $cd2 = $cd1 % 10;
   $str.= chr($cd2+80);
   $cd3 = 0;
   for ($j=0;$j<10;$j++)
   {
      $cd3+= $j * ord(substr($str,$j,1));
   }
   $cd4 = $cd3 % 10;
   return $pref.$str;
   //   return substr($str,0,4)."-".substr($str,4,4)."-".substr($str,8,3);
}

The above is obviously in place to use paypal, however as you state, I do want this code to be fired at the ecommerce top level and not payment gateway level - it needs to send the required information to the third party fulfilment company's system, 'iQue'.

Any further help you could provide would be invaluable, I have posted in the jobs section but to no avail... obviously I am more than happy to pay for your services if you could assist! I have been let down by 2 developers now.

Thank you so much.

Forums

Developing (v7+)

URGENT Possible to 'post' successful order details to a third party for fulfilment?

Code

Post Reply

Delete Post

Mark Post as Spam

Destroy Spammer

Sign In?