You are here

Home » API reference » Ubercart 8.4 » CreditCardPaymentMethodBase.php » CreditCardPaymentMethodBase

public function CreditCardPaymentMethodBase::cartProcess in Ubercart 8.4

Called when checkout is submitted with this payment method selected.

Use this method to process any form elements output by the cartDetails() method.

Parameters

\Drupal\uc_order\OrderInterface $order: The order which is being processed.

array $form: The checkout form array.

\Drupal\Core\Form\FormStateInterface $form_state: The checkout form state array.

Return value

bool Return FALSE to abort the checkout process, or any other value to continue the checkout process.

Overrides PaymentMethodPluginBase::cartProcess

File

payment/uc_credit/src/CreditCardPaymentMethodBase.php, line 451

Class

CreditCardPaymentMethodBase
Defines a base credit card payment method plugin implementation.

Namespace

Drupal\uc_credit

Code

public function cartProcess(OrderInterface $order, array $form, FormStateInterface $form_state) {
  if (!$form_state
    ->hasValue([
    'panes',
    'payment',
    'details',
    'cc_number',
  ])) {
    return;
  }
  $fields = $this
    ->getEnabledFields();

  // Fetch the CC details from the $_POST directly.
  $cc_data = $form_state
    ->getValue([
    'panes',
    'payment',
    'details',
  ]);
  $cc_data['cc_number'] = str_replace(' ', '', $cc_data['cc_number']);

  // Recover cached CC data in form state, if it exists.
  if (isset($cc_data['payment_details_data'])) {
    $cache = uc_credit_cache(base64_decode($cc_data['payment_details_data']));
    unset($cc_data['payment_details_data']);
  }

  // Account for partial CC numbers when masked by the system.
  if (substr($cc_data['cc_number'], 0, strlen(t('(Last4)'))) == $this
    ->t('(Last4)')) {

    // Recover the number from the encrypted data in the form if truncated.
    if (isset($cache['cc_number'])) {
      $cc_data['cc_number'] = $cache['cc_number'];
    }
    else {
      $cc_data['cc_number'] = '';
    }
  }

  // Account for masked CVV numbers.
  if (!empty($cc_data['cc_cvv']) && $cc_data['cc_cvv'] == str_repeat('-', strlen($cc_data['cc_cvv']))) {

    // Recover the number from the encrypted data in $_POST if truncated.
    if (isset($cache['cc_cvv'])) {
      $cc_data['cc_cvv'] = $cache['cc_cvv'];
    }
    else {
      $cc_data['cc_cvv'] = '';
    }
  }

  // Go ahead and put the CC data in the payment details array.
  $order->payment_details = $cc_data;

  // Default our value for validation.
  $return = TRUE;

  // Make sure an owner value was entered.
  if (!empty($fields['owner']) && empty($cc_data['cc_owner'])) {
    $form_state
      ->setErrorByName('panes][payment][details][cc_owner', $this
      ->t('Enter the owner name as it appears on the card.'));
    $return = FALSE;
  }

  // Validate the credit card number.
  if (!$this
    ->validateCardNumber($cc_data['cc_number'])) {
    $form_state
      ->setErrorByName('panes][payment][details][cc_number', $this
      ->t('You have entered an invalid credit card number.'));
    $return = FALSE;
  }

  // Validate the start date (if entered).
  if (!empty($fields['start']) && !$this
    ->validateStartDate($cc_data['cc_start_month'], $cc_data['cc_start_year'])) {
    $form_state
      ->setErrorByName('panes][payment][details][cc_start_month', $this
      ->t('The start date you entered is invalid.'));
    $form_state
      ->setErrorByName('panes][payment][details][cc_start_year');
    $return = FALSE;
  }

  // Validate the card expiration date.
  if (!$this
    ->validateExpirationDate($cc_data['cc_exp_month'], $cc_data['cc_exp_year'])) {
    $form_state
      ->setErrorByName('panes][payment][details][cc_exp_month', $this
      ->t('The credit card you entered has expired.'));
    $form_state
      ->setErrorByName('panes][payment][details][cc_exp_year');
    $return = FALSE;
  }

  // Validate the issue number (if entered). With issue numbers, '01' is
  // different from '1', but is_numeric() is still appropriate.
  if (!empty($fields['issue']) && !$this
    ->validateIssueNumber($cc_data['cc_issue'])) {
    $form_state
      ->setErrorByName('panes][payment][details][cc_issue', $this
      ->t('The issue number you entered is invalid.'));
    $return = FALSE;
  }

  // Validate the CVV number if enabled.
  if (!empty($fields['cvv']) && !$this
    ->validateCvv($cc_data['cc_cvv'])) {
    $form_state
      ->setErrorByName('panes][payment][details][cc_cvv', $this
      ->t('You have entered an invalid CVV number.'));
    $return = FALSE;
  }

  // Validate the bank name if enabled.
  if (!empty($fields['bank']) && empty($cc_data['cc_bank'])) {
    $form_state
      ->setErrorByName('panes][payment][details][cc_bank', $this
      ->t('You must enter the issuing bank for that card.'));
    $return = FALSE;
  }

  // Initialize the encryption key and class.
  $key = uc_credit_encryption_key();
  $crypt = \Drupal::service('uc_store.encryption');

  // Store the encrypted details in the session for the next pageload.
  // We are using base64_encode() because the encrypt function works with a
  // limited set of characters, not supporting the full Unicode character
  // set or even extended ASCII characters that may be present.
  // base64_encode() converts everything to a subset of ASCII, ensuring that
  // the encryption algorithm does not mangle names.
  $session = \Drupal::service('session');
  $session
    ->set('sescrd', $crypt
    ->encrypt($key, base64_encode(serialize($order->payment_details))));

  // Log any errors to the watchdog.
  uc_store_encryption_errors($crypt, 'uc_credit');
  return $return;
}