Merge branch 'hotfix/1.16.4'

CHANGELOG.md

@@ -1,3 +1,8 @@
+1.16.4, 2024-01-25:
+- Bug fix: ignore abandoned payments in IPN calls for already saved orders.
+- Improve IPN errors management.
+- Improve order statuses management.
+
 1.16.3, 2023-12-26:
 - [technical] Improve features management by plugin variant.
 

COPYING.md

@@ -1,4 +1,4 @@
-Copyright © 2014-2023 Lyra Network.
+Copyright © 2014-2024 Lyra Network.
 
 NOTICE OF LICENSE
 

payzen/classes/Lyranetwork/Payzen/Sdk/Form/Api.php

@@ -258,7 +258,6 @@ public static function getSuccessStatuses()
     {
         return array(
             'AUTHORISED',
-            'AUTHORISED_TO_VALIDATE', // TODO is this a pending status?
             'CAPTURED',
             'ACCEPTED',
             'PARTIALLY_AUTHORISED'
@@ -279,6 +278,8 @@ public static function getPendingStatuses()
             'UNDER_VERIFICATION',
             'PRE_AUTHORISED',
             'WAITING_FOR_PAYMENT',
+            'AUTHORISED_TO_VALIDATE',
+            'SUSPENDED',
             'PENDING'
         );
     }
@@ -289,7 +290,11 @@ public static function getPendingStatuses()
      */
     public static function getCancelledStatuses()
     {
-        return array('ABANDONED');
+        return array(
+            'ABANDONED',
+            'NOT_CREATED',
+            'CANCELLED'
+        );
     }
 
     /**
@@ -298,7 +303,10 @@ public static function getCancelledStatuses()
      */
     public static function getToValidateStatuses()
     {
-        return array('WAITING_AUTHORISATION_TO_VALIDATE', 'AUTHORISED_TO_VALIDATE');
+        return array(
+            'WAITING_AUTHORISATION_TO_VALIDATE', 
+            'AUTHORISED_TO_VALIDATE'
+        );
     }
 
     /**

payzen/classes/PayzenTools.php

@@ -33,7 +33,7 @@ class PayzenTools
 
     private static $CMS_IDENTIFIER = 'PrestaShop_1.5-8.x';
     private static $SUPPORT_EMAIL = '[email protected]';
-    private static $PLUGIN_VERSION = '1.16.3';
+    private static $PLUGIN_VERSION = '1.16.4';
     private static $GATEWAY_VERSION = 'V2';
 
     const ORDER_ID_REGEX = '#^[a-zA-Z0-9]{1,9}$#';

payzen/payzen.php

@@ -33,7 +33,7 @@ public function __construct()
     {
         $this->name = 'payzen';
         $this->tab = 'payments_gateways';
-        $this->version = '1.16.3';
+        $this->version = '1.16.4';
         $this->author = 'Lyra Network';
         $this->controllers = array('redirect', 'submit', 'rest', 'iframe');
         $this->module_key = 'f3e5d07f72a9d27a5a09196d54b9648e';

payzen/validation.php

@@ -21,6 +21,7 @@
 $logger = PayzenTools::getLogger();
 
 $save_on_failure = true;
+$header_error_500 = 'HTTP/1.1 500 Internal Server Error';
 
 if (PayzenTools::checkRestIpnValidity()) {
     // Use direct post content to avoid stipslashes from json data.
@@ -29,6 +30,8 @@
     $answer = json_decode($data['kr-answer'], true);
     if (! is_array($answer)) {
         $logger->logError('Invalid REST IPN request received. Content of kr-answer: ' . $data['kr-answer']);
+
+        header($header_error_500, true, 500);
         die('<span style="display:none">KO-Invalid IPN request received.' . "\n" . '</span>');
     }
 
@@ -57,6 +60,8 @@
         PayzenTools::rebuildContext($cart);
     } catch (Exception $e) {
         $logger->logError($e->getMessage() . ' Cart ID: #' . $cart->id);
+
+        header($header_error_500, true, 500);
         die('<span style="display:none">KO-' . $e->getMessage(). "\n" . '</span>');
     }
 
@@ -66,6 +71,8 @@
     if (! PayzenTools::checkHash($_POST, $sha_key)) {
         $ip = Tools::getRemoteAddr();
         $logger->logError("{$ip} tries to access validation.php page without valid signature with data: " . print_r($_POST, true));
+
+        header($header_error_500, true, 500);
         die('<span style="display:none">KO-An error occurred while computing the signature.' . "\n" . '</span>');
     }
 
@@ -84,6 +91,8 @@
         PayzenTools::rebuildContext($cart);
     } catch (Exception $e) {
         $logger->logError($e->getMessage() . " Cart ID: #{$cart->id}.");
+
+        header($header_error_500, true, 500);
         die('<span style="display:none">KO-' . $e->getMessage(). "\n" . '</span>');
     }
 
@@ -102,10 +111,13 @@
         $logger->logError("{$ip} tries to access validation.php page without valid signature with data: " . print_r($_POST, true));
         $logger->logError('Signature algorithm selected in module settings must be the same as one selected in gateway Back Office.');
 
+        header($header_error_500, true, 500);
         die($response->getOutputForGateway('auth_fail'));
     }
 } else {
     $logger->logError('Invalid IPN request received. Content: ' . print_r($_POST, true));
+
+    header($header_error_500, true, 500);
     die('<span style="display:none">KO-Invalid IPN request received.' . "\n" . '</span>');
 }
 
@@ -130,7 +142,8 @@
             $msg .= " Order is in a failed state, cart #$cart_id.";
             $logger->logWarning($msg);
 
-            die($response->getOutputForGateway('ko', 'Total paid is different from order amount.'));
+            header($header_error_500, true, 500);
+            die($response->getOutputForGateway('amount_error'));
         } else {
             // Response to server.
             die($response->getOutputForGateway('payment_ok'));
@@ -155,6 +168,13 @@
     // Order already registered.
     $logger->logInfo("Order #$order_id already registered for cart #$cart_id.");
 
+    // Ignore IPN on cancelation for already registered orders.
+    if ($response->getTransStatus() === 'ABANDONED') {
+        $logger->logWarning('Server call on cancelation for cart #' . $cart_id . '. No order will be updated.');
+
+        die('<span style="display:none">KO-Payment abandoned.' . "\n" . '</span>');
+    }
+
     $order = new Order((int) $order_id);
     $old_state = (int) $order->getCurrentState();
 
@@ -212,6 +232,8 @@
         (! Payzen::isStateInArray($new_state, $consistent_states) || ($response->get('url_check_src') === 'PAY'))) {
         // Order cannot move from final paid state to not completed states.
         $logger->logInfo("Order is successfully registered for cart #$cart_id but platform returns a payment error, transaction status is {$response->getTransStatus()}.");
+
+        header($header_error_500, true, 500);
         die($response->getOutputForGateway('payment_ko_on_order_ok'));
     } elseif (! $old_state || Payzen::isStateInArray($old_state, Payzen::getManagedStates())) {
         if (($old_state === Configuration::get('PS_OS_ERROR')) && $response->isAcceptedPayment() &&
@@ -220,7 +242,9 @@
             $msg = "Error: amount paid {$order->total_paid_real} is not equal to initial amount {$order->total_paid}.";
             $msg .= " Order is in a failed state, cart #$cart_id.";
             $logger->logWarning($msg);
-            die($response->getOutputForGateway('ko', 'Total paid is different from order amount.'));
+
+            header($header_error_500, true, 500);
+            die($response->getOutputForGateway('amount_error'));
         }
 
         if (! $old_state) {