<?php
/*
 * @version			$Id: index.php 10381 2008-06-01 03:35:53Z $
 * @package			Carteasy
 * @copyright		Copyright (C) 2005 - 2011 Wlanium
 * @license			proprietary
 * @author			Thomas Bartelt
 * Carteasy is a web shop system
 */

include_once './core/config.class.php';

// TODO: add error url
class PayPalExpressCheckout {

	private $version;
	private $api_url;
	private $return_url;
	private $cancel_url;
	private $currency;
	private $order_toal;
	private $return_array;

	private $postfields;

	private $paypal_api_signature;
	private $paypal_api_user;
	private $paypal_api_password;

	public function __construct($return_url, $cancel_url, $order_toal) {
		global $DEVMODE;

		$this->version = '64.0';
		$this->api_url = 'https://api-3t.paypal.com/nvp'; // production
		$this->return_url = $return_url;
		$this->cancel_url = $cancel_url;
		$this->currency = 'EUR';
		$this->order_toal = round($order_toal, 2);

		$this->paypal_api_signature = false;
		if (Config::has_key('paypal_api_signature')) {
			if (Config::is_set('paypal_api_signature')) {
				$this->paypal_api_signature = Config::get_value('paypal_api_signature');
			}
		}

		$this->paypal_api_user = false;
		if (Config::has_key('paypal_api_user')) {
			if (Config::is_set('paypal_api_user')) {
				$this->paypal_api_user = Config::get_value('paypal_api_user');
			}
		}

		$this->paypal_api_password = false;
		if (Config::has_key('paypal_api_password')) {
			if (Config::is_set('paypal_api_password')) {
				$this->paypal_api_password = Config::get_value('paypal_api_password');
			}
		}

		if ($DEVMODE) {
			$this->api_url = 'https://api-3t.sandbox.paypal.com/nvp'; // sandbox
			$this->paypal_api_signature = 'AQU0e5vuZCvSg-XJploSa.sGUDlpAiVewZsIqHUPhDVRs0dqRGVEiYLk';
			$this->paypal_api_user = 'seller_1278426179_biz_api1.ta-edv.de';
			$this->paypal_api_password = '1278426184';
		}
	} // end __construct

	private function do_post_action($method, $postfields) {
		$ch = curl_init($this->api_url);

		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
		curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/3.0 (compatible; MSIE 5.01; Windows NT 5.0)");
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
		curl_setopt($ch, CURLOPT_HEADER, 0);
		curl_setopt($ch, CURLOPT_POST, 1);
		curl_setopt($ch, CURLOPT_POSTFIELDS, "METHOD=".$method."&".$postfields);
		curl_setopt($ch, CURLOPT_AUTOREFERER, true);
		curl_setopt($ch, CURLOPT_TIMEOUT, 40);

		$data = curl_exec($ch);
		curl_close($ch);

		$data = urldecode($data);
		$data_array = explode('&', $data);

		foreach ($data_array as $value) {
			$temp = explode('=', $value);
			$return_array[$temp[0]] = $temp[1];
		}

		$this->return_array = $return_array;

		return $return_array;
	} // end do_post_action

	public function get_return_array() {
		return $this->return_array;
	} // end get_return_array

	public function get_error() {
		if ($this->return_array['ACK'] != 'Success') {
			return array(
				'ERRORCODE' => $this->return_array['L_ERRORCODE0'],
				'SHORTMESSAGE' => $this->return_array['L_SHORTMESSAGE0'],
				'LONGMESSAGE' => $this->return_array['L_LONGMESSAGE0'],
				'RAWDATA' => $this->return_array,
				'POSTFIELDS' => $this->postfields
			);
		}

		return false;
	}

	// TODO get rid of this function and give link as result in set_express_checkout on success
	public function get_link() {
		global $DEVMODE;

		if ($DEVMODE) {
			return 'https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token='.$this->return_array['TOKEN']; // sandbox
		} else {
			return 'https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token='.$this->return_array['TOKEN']; // production
		}
	} // end get_link

	public function get_token() {
		return $this->return_array['TOKEN'];
	} // end get_token

	public function set_express_checkout() {
		$this->postfields =
			"USER=".$this->paypal_api_user
			."&PWD=".$this->paypal_api_password
			."&SIGNATURE=".$this->paypal_api_signature
			."&VERSION=".$this->version
			."&PAYMENTREQUEST_0_PAYMENTACTION="."Sale"
			."&PAYMENTREQUEST_0_AMT=".$this->order_toal
			."&RETURNURL=".$this->return_url
			."&CANCELURL=".$this->cancel_url
			."&LOCALECODE=".'DE'
			."&PAYMENTREQUEST_0_CURRENCYCODE=".$this->currency
			."&NOSHIPPING="."1"
			."&ALLOWNOTE="."1"
		;

		$return = $this->do_post_action('SetExpressCheckout', $this->postfields);

		/*echo "in set express checkout<br /><pre>";
		print_r($return);
		exit();*/

		if ($return['ACK'] == 'Success') {
			return true;
		}

		return false;
	} // end set_express_checkout

	public function get_express_checkout_details($token) {
		$this->postfields =
			"USER=".$this->paypal_api_user
			."&PWD=".$this->paypal_api_password
			."&SIGNATURE=".$this->paypal_api_signature
			."&VERSION=".$this->version
			."&TOKEN=".$token
		;

		$return = $this->do_post_action('GetExpressCheckoutDetails', $this->postfields);

		/*echo "in get express checkout details<br /><pre>";
		print_r($return);
		exit();*/

		if ($return['ACK'] == 'Success') {
			return true;
		}

		return false;
	} // end get_express_checkout_details

	public function do_express_checkout_payment($token, $payer_id) {
		$this->postfields =
			"USER=".$this->paypal_api_user
			."&PWD=".$this->paypal_api_password
			."&SIGNATURE=".$this->paypal_api_signature
			."&VERSION=".$this->version
			."&PAYMENTREQUEST_0_PAYMENTACTION=Sale"
			."&PAYERID=".$payer_id
			."&TOKEN=".$token
			."&PAYMENTREQUEST_0_AMT=".$this->order_toal
			."&PAYMENTREQUEST_0_CURRENCYCODE=".$this->currency

		;

		$return = $this->do_post_action('DoExpressCheckoutPayment', $this->postfields);

		/*echo "in do express checkout payment";
		print_r($return);
		exit();*/

		if ($return['ACK'] == 'Success') {
			return true;
		}

		return false;
	} // end do_express_checkout_payment
}