Приём к оплате карт Visa, MasterCard через интернет-эквайринг банка Авангард

<?php
/*
   Bank Avangard module for HostCMS

*/

class Shop_Payment_System_Handler33 extends Shop_Payment_System_Handler
{
   private
      $_shopId       = XXXXX,
      $_shopPasswd    = 'XXXXXXX',
      $_baseBackUrl   = 'http://beregusha.com/shop/cart/';

   protected $_rub_currency_id = 1;

   /* Вызывается на 4-ом шаге оформления заказа*/
   public function execute() {
      parent::execute();

      $this->printNotification();

      return $this;
   }

   // Обработка ответа банка
   public function paymentProcessing() {
      //var_dump($_REQUEST); var_dump($_SESSION['avangard_order']);

      if (isset($_REQUEST['result_code'])) $this->processResult();
      else $this->showFailMessage(); // показываем страницу результата отплаты

      return true;
   }

   protected function _processOrder()
   {
      parent::_processOrder();

      // Установка XSL-шаблонов в соответствии с настройками в узле структуры
      $this->setXSLs();

      // Отправка писем клиенту и пользователю
      $this->send();

      return $this;
   }

   // Работа с заказом в магазине
   function processResult() {
      $orderId = intval( $_SESSION['avangard_order']['order_id'] );
      $order = Core_Entity::factory('Shop_Order')->find($orderId);

      // Если не найден или оплачен
      if (is_null($order->id) || $order->paid) {
         $this->showFailMessage();
         return false;
      }

      // Проверка статуса заказа в банке
      $backUrl = $this->_baseBackUrl.'?avangard_result&order_id='.$this->_shopOrder->id;
      $avangard = new VX_BankAvangard($this->_shopId, $this->_shopPasswd, $backUrl);
      if ( $avangard->remoteOrderSuccess($_SESSION['avangard_order']['ticket']) ) {
         $this->shopOrder($order)->shopOrderBeforeAction(clone $order);

         $order->system_information = "Товар оплачен через Bank Avangard.\n";
         $order->paid();
         $this->setXSLs();
         $this->send();
         ob_start();
         $this->changedOrder('changeStatusPaid');
         ob_get_clean();

         $this->showSuccessMessage();
      } else {
         $this->showFailMessage();
      }

   }

   public function showSuccessMessage() {
      echo "<div style='color: #0f0'><h1>Заказ оплачен!</h1>
      <p>Оплата прошла успешно.</p></div>
      <script>setTimeout(function () {document.location.href='/shop/cart/'}, 5000);</script>";
   }

   public function showFailMessage() {
      echo "<div style='color: red'><h1>Оплата не проведена:</h1>
      <p>Отказ банка - эмитента карты.<br>Ошибка в процессе оплаты, указаны неверные данные карты.</p></div>
      <script>setTimeout(function () {document.location.href='/shop/cart/'}, 5000);</script>";
   }

   // Выводит форму оплаты
   public function getNotification() {
      $backUrl = $this->_baseBackUrl.'?avangard_result&order_id='.$this->_shopOrder->id;
      $avangard = new VX_BankAvangard($this->_shopId, $this->_shopPasswd, $backUrl);

      $order = $this->getShopOrder();
      $amount = $this->getTotalAmount();

        $params = array(
           'fullname'   => $order->surname .' '. $order->name . $order->patronymic,
           'address'   => $order->postcode.', '.$order->address,
           'phone'      => $order->phone,
           'order_id'   => $order->id,
           'email'      => $order->email,
           'amount'   => $amount
        );

      $url = $avangard->paymentGateUrl($params);

      echo "<script>document.location.href='$url';</script>";
   }

   public function getInvoice() {
      return $this->getNotification();
   }

   // Вычисление стоимости товаров заказа
   public function getTotalAmount() {
      return Shop_Controller::instance()->round(($this->_rub_currency_id > 0
            && $this->_shopOrder->shop_currency_id > 0
         ? Shop_Controller::instance()->getCurrencyCoefficientInShopCurrency(
            $this->_shopOrder->Shop_Currency,
            Core_Entity::factory('Shop_Currency', $this->_rub_currency_id)
         )
         : 0) * $this->_shopOrder->getAmount() );
   }

}

#####################################################################################################################################################

class VX_BankAvangard {
   protected $shopId, $shopPasswd, $backUrl;
   protected $httpHeaders;

   public function __construct($shopId, $passwd, $backUrl) {
      $this->shopId       = $shopId;
      $this->shopPasswd    = $passwd;
      $this->backUrl       = $backUrl;

      $this->httpHeaders = array(
         'Expect'       => '',
         'User-Agent'    => 'PHP',
         'Content-type'    => 'application/x-www-form-urlencoded; charset=UTF-8'
      );
   }

   public function checkDbOrderStatus() { }

   // Проверка статуса оплаты по ордеру
   public function remoteOrderSuccess($ticket) {
      $requestXML = "<?xml version='1.0' encoding='utf-8'?>
<get_order_info>
    <ticket>$ticket</ticket>
    <shop_id>{$this->shopId}</shop_id>
    <shop_passwd>{$this->shopPasswd}</shop_passwd>
</get_order_info>";

      $resp = file_get_contents('https://www.avangard.ru/iacq/h2h/get_order_info?xml='.urlencode($requestXML));

      if ($respXML = simplexml_load_string($resp)) {
         if ( $respXML->response_code == 0 && $respXML->status_code == 3 ) return $resp;
      }

      return false;
   }

   // Настройки: fullname, address, phone, order_id, email, amount
   public function paymentGateUrl($opts) {
      $fullname = $opts['fullname'];
      $address = $opts['address'];
      $phone = $opts['phone'];
      $description = "Order #{$opts['order_id']}";

      $resp = $this->requestTicket($opts['order_id'], $fullname, $address, $phone, $opts['email'], $opts['amount'], $description, $_SERVER['REMOTE_ADDR']);

      return $resp['url'];
   }

   public function ticketXML($id, $fullname, $address, $phone, $email, $amount, $desc, $ip) {
      $amount = (int) ($amount * 100);
      $backUrl = $this->backUrl;
      if ( ($pos = strpos($this->backUrl, '?')) !== false ) $backUrl = substr($this->backUrl, 0, $pos);


      $xml = "<?xml version='1.0' encoding='UTF-8'?>
<new_order>
   <shop_id>{$this->shopId}</shop_id>
   <shop_passwd>{$this->shopPasswd}</shop_passwd>
   <amount>$amount</amount>
   <order_number>".quotemeta($id)."</order_number>
   <order_description>".htmlentities($this->translit($desc))."</order_description>
   <language>ru</language>
   <back_url>$backUrl</back_url>
   <client_name>".htmlentities($this->translit($fullname))."</client_name>
   <client_address>".htmlentities($this->translit($address))."</client_address>
   <client_email>".$email."</client_email>
   <client_phone>".$phone."</client_phone>
   <client_ip>".$ip."</client_ip>
</new_order>";

      return preg_replace('#[\r\n\t]+#ims', '', $xml);
   }

   // Запрос тикета
   public function requestTicket($id, $fullname, $address, $phone, $email, $amount, $desc, $ip) {
      $xml = $this->ticketXML($id, $fullname, $address, $phone, $email, $amount, $desc, $ip);

      $resp = $this->post( 'https://www.avangard.ru/iacq/h2h/reg', array('xml' => $xml) );

      if ($respXML = simplexml_load_string($resp)) {
         if ($respXML->response_code == 0 && !empty($respXML->ticket)) {
            $url = "https://www.avangard.ru/iacq/pay?ticket={$respXML->ticket}";

            // Сохраняем в сессии
            $data = $_SESSION['avangard_order'] = $HTTP_SESSION_VARS['avangard_order'] = array(
               'form'          => $_POST,
               'order_id'       => $id,
               'ticket'       => (string) $respXML->ticket,
               'ok_code'       => (string) $respXML->ok_code,
               'failure_code'    => (string) $respXML->failure_code
            );

            return array('url' => $url, 'response' => $resp, 'data' => $data);
         }
      }

      return false;
   }

   public function post($url, $params = array(), $headers = array()) {
      if (empty($headers)) $headers = $this->httpHeaders;

      $header = '';
      foreach ($headers as $k => $v) $header .= "$k: $v\r\n";

      $curl = curl_init();

      curl_setopt($curl, CURLOPT_URL, $url);
      curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
      curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
      curl_setopt($curl, CURLOPT_POST, 1);
      curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
      curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
      curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($params));

      $content = curl_exec($curl);

      curl_close($curl);

      return $content;
   }

   public function translit($string) {
      $charlist = array(
         "А"=>"A","Б"=>"B","В"=>"V","Г"=>"G",
         "Д"=>"D","Е"=>"E","Ж"=>"J","З"=>"Z","И"=>"I",
         "Й"=>"Y","К"=>"K","Л"=>"L","М"=>"M","Н"=>"N",
         "О"=>"O","П"=>"P","Р"=>"R","С"=>"S","Т"=>"T",
         "У"=>"U","Ф"=>"F","Х"=>"H","Ц"=>"Ts","Ч"=>"Ch",
         "Ш"=>"Sh","Щ"=>"Sch","Ъ"=>"`","Ы"=>"Yi","Ь"=>"'",
         "Э"=>"E","Ю"=>"Yu","Я"=>"Ya","а"=>"a","б"=>"b",
         "в"=>"v","г"=>"g","д"=>"d","е"=>"e","ж"=>"j",
         "з"=>"z","и"=>"i","й"=>"y","к"=>"k","л"=>"l",
         "м"=>"m","н"=>"n","о"=>"o","п"=>"p","р"=>"r",
         "с"=>"s","т"=>"t","у"=>"u","ф"=>"f","х"=>"h",
         "ц"=>"ts","ч"=>"ch","ш"=>"sh","щ"=>"sch","ъ"=>"y",
         "ы"=>"yi","ь"=>"","э"=>"e","ю"=>"yu","я"=>"ya"
      );

      return strtr($string, $charlist);
    }

}