1.10.3

* Common: Integration of PayFrame to enable use of SAQ A for easier PCI DSS 3.0 compliance. PayFrame We’ve introduced a “payment form” option for easier compliance with PCI requirements. In addition to having a payment form directly integrated in your checkout page, you can use our embedded PayFrame solution to ensure that payment data never touches your website. PayFrame is enabled by default, but you can choose between both options in the plugin settings. Later this year, we’re bringing you the ability to customise the appearance and text content of the PayFrame version. To learn more about the benefits of PayFrame, please visit our FAQ: https://www.paymill.com/en/faq/howdoespaymillspayframesolutionwork
paymill · Jun 28, 2015 · 4ce15ee · 4ce15ee
1 parent 85df76b
commit 4ce15ee
Show file tree

Hide file tree

Showing 27 changed files with 1,017 additions and 694 deletions.
diff --git a/CHANGES.md b/CHANGES.md
@@ -2,6 +2,43 @@
 
 Changelog
 =========
+
+1.10.3
+-----
+* Common: Integration of PayFrame to enable use of SAQ A for easier PCI DSS 3.0 compliance.
+
+PayFrame
+We’ve introduced a “payment form” option for easier compliance with PCI requirements.
+
+In addition to having a payment form directly integrated in your checkout page, you
+can use our embedded PayFrame solution to ensure that payment data never
+touches your website.
+
+PayFrame is enabled by default, but you can choose between both options in the
+plugin settings. Later this year, we’re bringing you the ability to customise the
+appearance and text content of the PayFrame version.
+
+To learn more about the benefits of PayFrame, please visit our FAQ:
+https://www.paymill.com/en/faq/howdoespaymillspayframesolutionwork
+
+1.10.2
+-----
+* Subscriptions: "required_offer_or_amount_and_currency_and_interval" error fixed
+
+1.10.1
+-----
+* WooCommerce: Error Management Fix
+* Common: Checkout Form fix
+
+
+1.10.0
+-----
+* WooCommerce: Error Management on Checkout fixed
+* WooCommerce: Subscription Handling reviewed and optimized
+* Common: Support for PCI DSS 3.0 (iframe-based credit card form)
+* WooCommerce: Several improvements and bugfixes
+
+
 1.9.0
 -----
 * Common: Update to v2.1 Paymill API

diff --git a/README.md b/README.md
@@ -5,9 +5,9 @@ PAYMILL for WordPress
 * Contributors: Matthias Reuter
 * Donate link:
 * Tags: paymill, creditcard, elv, payment, woocommerce, paybutton, ecommerce, debitcard, subscriptions
-* Requires at least: 4.1
-* Tested up to: 4.1.1
-* Stable tag: 1.9
+* Requires at least: 4.2.2
+* Tested up to: 4.2.2
+* Stable tag: 1.10.3
 * License: [GPLv3 or later](http://www.gnu.org/licenses/gpl-3.0.html)
 
 With PAYMILL you are able to provide credit card based payments for your customers.

diff --git a/lib/config.inc.php b/lib/config.inc.php
@@ -113,6 +113,7 @@ public function paymill_register_general_settings(){
 				'api_key_public'	=> __('Paymill PUBLIC API key', 'paymill'),
 				'payments_display'	=> __('Display Payment Types', 'paymill'),
 				'no_default_css'	=> __('Do not load default CSS', 'paymill'),
+				'pci_dss_3'			=> __('Deactivate PCI DSS 3.0 Compatibility', 'paymill'),
 			);
 
 			foreach($settings as $setting => $description){
@@ -282,7 +283,7 @@ private function print_config_form_fields($args) {
 			$descriptions['products_desc']					= __('Detailed description of the product', 'paymill');
 			$descriptions['products_price']					= __('Gross Price of the product, e.g. 40 or 6.99', 'paymill');
 			$descriptions['products_offer']					= __('If you have created a subscription in your <a href="https://app.paymill.com/de-de#!/offers">Paymill Cockpit</a>, you can select it here. If selected, it will overwrite the following settings for this product. Important: For Performance purposes, subscription plans will be cached. Open this page to recache it.', 'paymill');
-			$descriptions['products_vat']					= __('Value-Added-Tax Rate in % for the product, e.g. 19 or 7', 'paymill');
+			$descriptions['products_vat']					= __('Value-Added-Tax Rate in &#37; for the product, e.g. 19 or 7', 'paymill');
 			$descriptions['products_delivery']				= __('Delivery Time of the product, e.g. 2 Days or 1 Week', 'paymill');
 			$descriptions['products_quantityhide']			= __('Hide quantity select field, quantity will be set to 1', 'paymill');
 			$descriptions['products_freeamount']			= __('Allow free amounts (donation feature)', 'paymill');
@@ -351,7 +352,14 @@ private function print_config_form_fields($args) {
 					value="1"
 					class="regular-text code" '.($value ? 'checked="checked"' : '').' />
 				';
-			}elseif($args['desc'] == 'fields_show'){
+			}elseif($args['desc'] == 'pci_dss_3'){ // pci_dss_3
+				echo '
+					<select name="'.$this->setting_keys[$page].$option.'">
+						<option value="0">'.__('embedded PayFrame (requires PCI SAQ A)', 'paymill').'</option>
+						<option value="1"'.($value ? ' selected="selected"' : '').'>'.__('direct integration (requires PCI SAQ A-EP)', 'paymill').'</option>
+					</select>
+				';
+				}elseif($args['desc'] == 'fields_show'){
 				echo __('You may want to gather some additional information from your customers. Select them here:', 'paymill').'<br />';
 
 				$fields_show = array(
@@ -433,20 +441,21 @@ private function paymill_do_settings_fields($page, $section){
 			$descriptions['thankyou_url']					= __('Redirect URL for custom thank your page.', 'paymill');
 
 			$descriptions['no_default_css']					= __('Advanced users want to fully customize the payment button. Disabling default CSS from Pay Button will make that much easier.', 'paymill');
+			$descriptions['pci_dss_3']						= __('Please ask Paymill customer support for further information.', 'paymill');
 			$descriptions['currency']						= __('Currency, <a href="http://en.wikipedia.org/wiki/ISO_4217#Active_codes" target="_blank">ISO 4217</a> e.g. "EUR" or "GBP"', 'paymill');
-			$descriptions['currency_format']				= __('Currency Format - use the following variables: %n = number, %s = symbol.', 'paymill');
+			$descriptions['currency_format']				= __('Currency Format - use the following variables: &#37;n = number, &#37;s = symbol.', 'paymill');
 			$descriptions['api_key_private']				= __('Insert your Paymill <strong>PRIVATE</strong> API key.', 'paymill');
 			$descriptions['api_key_public']					= __('Insert your Paymill <strong>PUBLIC</strong> API key.', 'paymill');
 
 			$descriptions['flat_shipping_country']			= __('Name of the available delivery country, e.g. England', 'paymill');
 			$descriptions['flat_shipping_costs']			= __('Gross fee for the flat shipping costs., e.g. 7 or 4.90', 'paymill');
-			$descriptions['flat_shipping_vat']				= __('Value-Added-Tax Rate in % for the flat shipping costs., e.g. 19 or 7', 'paymill');
+			$descriptions['flat_shipping_vat']				= __('Value-Added-Tax Rate in &#37; for the flat shipping costs., e.g. 19 or 7', 'paymill');
 
 			$descriptions['products_title']					= __('Name of the product', 'paymill');
 			$descriptions['products_desc']					= __('Detailed description of the product', 'paymill');
 			$descriptions['products_price']					= __('Gross Price of the product, e.g. 40 or 6.99', 'paymill');
 			$descriptions['products_offer']					= __('If you have created a subscription in your Paymill Cockpit, can select it here. If selected, it will overwrite the following settings for this product. Important: For Performance purposes, subscription plans will be cached. Open this page to recache it.', 'paymill');
-			$descriptions['products_vat']					= __('Value-Added-Tax Rate in % for the product, e.g. 19 or 7', 'paymill');
+			$descriptions['products_vat']					= __('Value-Added-Tax Rate in &#37; for the product, e.g. 19 or 7', 'paymill');
 			$descriptions['products_delivery']				= __('Delivery Time of the product, e.g. 2 Days or 1 Week', 'paymill');
 			$descriptions['products_quantityhide']			= __('Hide quantity select field, quantity will be set to 1', 'paymill');
 			$descriptions['products_freeamount']			= __('Allow free amounts (donation feature)', 'paymill');

diff --git a/lib/css/paymill.css b/lib/css/paymill.css
@@ -83,7 +83,6 @@
 	background-image:url('../img/payment_logos.png');
 	background-repeat:no-repeat;
 	background-position:0px 30px;
-	font-size:90%;
 }
 #paymill_framebox img{
 	box-shadow:none !important;
@@ -131,6 +130,9 @@ paymill_#form_credit, paymill_#form_elv{
 .paymill_payment_logos{
 	margin-bottom:10px;
 }
+.paymill_payment_logos img{
+	display:inline;
+}
 
 /* error box */
 .paymill_payment_errors{

diff --git a/lib/img/logos/dc.png b/lib/img/logos/dc.png
diff --git a/lib/img/payment_logos.png b/lib/img/payment_logos.png
diff --git a/lib/integration/cart66.inc.php b/lib/integration/cart66.inc.php
@@ -60,6 +60,8 @@ protected function _buildCheckoutView($gateway) {
 				paymill_form_checkout_id = "#Cart66_paymill_for_wordpress_form";
 				paymill_form_checkout_submit_id = "#Cart66CheckoutButton";
 				paymill_shop_name = "cart66";
+				paymill_pcidss3 = '.((empty($GLOBALS['paymill_settings']->paymill_general_settings['pci_dss_3']) || $GLOBALS['paymill_settings']->paymill_general_settings['pci_dss_3'] != '1') ? 1 : 0).';
+				paymill_pcidss3_lang = "'.substr(apply_filters('plugin_locale', get_locale(), $domain),0,2).'";
 				</script>
 				';
 
@@ -163,7 +165,7 @@ private function processProducts(){
 				));
 
 				$this->transaction_id = $response['body']['data']['id'];
-
+				
 				return true;
 			}else{ // total is zero, so just return true
 
@@ -193,6 +195,7 @@ private function process_payment(){
 				// process subscriptions & products
 				if($this->processProducts()){
 					// success
+					return true;
 				}else{
 					if($GLOBALS['paymill_loader']->paymill_errors->status()){
 						$GLOBALS['paymill_loader']->paymill_errors->getErrors();
@@ -239,16 +242,15 @@ public function getCreditCardTypes() {
 
 		 public function initCheckout($total) {
 			$this->_total = $total;
-			$this->process_payment();
 		 }
 
 		 public function getTransactionResponseDescription() {
 			 return array('errorcode' => '', 'errormessage' => 'No Transaction ID could be generated.');
 		 }
 
 		 public function doSale() {
-			 return $this->transaction_id;
+			$this->process_payment();
+			return $this->transaction_id;
 		 }
-
 	}
 }
diff --git a/lib/integration/magicmembers.inc.php b/lib/integration/magicmembers.inc.php
@@ -1427,6 +1427,8 @@ function process_html_redirect(){
 			paymill_form_checkout_id = ".checkout";
 			paymill_form_checkout_submit_id = "#place_order";
 			paymill_shop_name = "magicmembers";
+			paymill_pcidss3 = '.((empty($GLOBALS['paymill_settings']->paymill_general_settings['pci_dss_3']) || $GLOBALS['paymill_settings']->paymill_general_settings['pci_dss_3'] != '1') ? 1 : 0).';
+			paymill_pcidss3_lang = "'.substr(apply_filters('plugin_locale', get_locale(), $domain),0,2).'";
 			</script>';
 
 			echo '<div id="payment" class="paymill_pay_button paymill_magicmembers"><form action="'. $this->_get_endpoint('return') .'" name="' . $this->code . '_form" method="post" id="' . $this->code . '_form" class="checkout">';

diff --git a/lib/integration/marketpress.inc.php b/lib/integration/marketpress.inc.php
@@ -201,6 +201,8 @@ function payment_form($global_cart, $shipping_info) {
 			paymill_form_checkout_id = "#mp_payment_form";
 			paymill_form_checkout_submit_id = "#mp_payment_confirm";
 			paymill_shop_name = "marketpress";
+			paymill_pcidss3 = '.((empty($GLOBALS['paymill_settings']->paymill_general_settings['pci_dss_3']) || $GLOBALS['paymill_settings']->paymill_general_settings['pci_dss_3'] != '1') ? 1 : 0).';
+			paymill_pcidss3_lang = "'.substr(apply_filters('plugin_locale', get_locale(), $domain),0,2).'";
 			</script>';
 
 			echo do_shortcode($mp->get_setting('gateways->paymill-for-wordpress->instructions'));

diff --git a/lib/integration/pay_button.inc.php b/lib/integration/pay_button.inc.php
@@ -304,6 +304,8 @@ function widget($args, $instance){
 					paymill_form_checkout_id = ".checkout";
 					paymill_form_checkout_submit_id = "#place_order";
 					paymill_shop_name = "paybutton";
+					paymill_pcidss3 = '.((empty($GLOBALS['paymill_settings']->paymill_general_settings['pci_dss_3']) || $GLOBALS['paymill_settings']->paymill_general_settings['pci_dss_3'] != '1') ? 1 : 0).';
+					paymill_pcidss3_lang = "'.substr(apply_filters('plugin_locale', get_locale(), $domain),0,2).'";
 					</script>';
 
 					if($this->subscriptions === false){
@@ -365,9 +367,11 @@ function form($instance) {
 					<select class="widefat" style="width:220px;overflow:hidden;" id="'.$this->get_field_id('products').'" name="'.$this->get_field_name('products').'[]" multiple>
 						<option value=""'.((!is_array($products_whitelist) || $products_whitelist[0] == '') ? ' selected="selected"' : '').'>'.__('All Products', 'paymill').'</option>
 ';
-						foreach($GLOBALS['paymill_settings']->paymill_pay_button_settings['products'] as $id => $product){
-							if(strlen($product['products_title']) > 0){
-								echo '<option value="'.$id.'"'.(is_array(unserialize($instance['products'])) && in_array($id,unserialize($instance['products'])) ? ' selected="selected"' : '').'>'.$product['products_title'].'</option>';
+						if(isset($GLOBALS['paymill_settings']->paymill_pay_button_settings['products']) && is_array($GLOBALS['paymill_settings']->paymill_pay_button_settings['products']) && count($GLOBALS['paymill_settings']->paymill_pay_button_settings['products']) > 0){
+							foreach($GLOBALS['paymill_settings']->paymill_pay_button_settings['products'] as $id => $product){
+								if(strlen($product['products_title']) > 0){
+									echo '<option value="'.$id.'"'.(is_array(unserialize($instance['products'])) && in_array($id,unserialize($instance['products'])) ? ' selected="selected"' : '').'>'.$product['products_title'].'</option>';
+								}
 							}
 						}
 echo '

diff --git a/lib/integration/shopplugin.inc.php b/lib/integration/shopplugin.inc.php
@@ -66,6 +66,8 @@ function form(){
 			paymill_form_checkout_id = "#checkout";
 			paymill_form_checkout_submit_id = "#checkout-button";
 			paymill_shop_name = "shopplugin";
+			paymill_pcidss3 = '.((empty($GLOBALS['paymill_settings']->paymill_general_settings['pci_dss_3']) || $GLOBALS['paymill_settings']->paymill_general_settings['pci_dss_3'] != '1') ? 1 : 0).';
+			paymill_pcidss3_lang = "'.substr(apply_filters('plugin_locale', get_locale(), $domain),0,2).'";
 			</script>';
 
 			// html / icons

diff --git a/lib/integration/subscriptions.inc.php b/lib/integration/subscriptions.inc.php
@@ -227,14 +227,17 @@ public function offerCreate($params){
 			$GLOBALS['paymill_loader']->request_offer->setTrialPeriodDays($params['trial_period_days']);
 
 			$output			= $GLOBALS['paymill_loader']->request->create($GLOBALS['paymill_loader']->request_offer);
+
 			$offerID		= $output->getId();
+
 			$this->offerGetList(true);
-			$output			= $this->offerGetDetailByID($offerID);
+			//$output			= $this->offerGetDetailByID($offerID);
+			$output			= $offerID;
 		}catch(Exception $e){
 			$GLOBALS['paymill_loader']->paymill_errors->setError(__($e->getMessage(),'paymill'));
 			$output			= false;
 		}
-		
+
 		if(paymill_BENCHMARK)paymill_doBenchmark(false,'paymill_subscription_offerCreate'); // benchmark
 		return $output;
 	}

diff --git a/lib/integration/woocommerce.inc.php b/lib/integration/woocommerce.inc.php
@@ -333,7 +333,7 @@ function woo_cancelled_subscription_paymill($order, $product_id){
 
 		$subscriptions		= new paymill_subscriptions('woocommerce');
 		$subscriptions->remove($client_cache[0]['paymill_sub_id']);
-		$wpdb->query($wpdb->prepare('DELETE FROM '.$wpdb->prefix.'paymill_subscriptions WHERE woo_user_id=%s AND woo_offer_id=%s',array($user,$subscription_key)));
+		$wpdb->query($wpdb->prepare('DELETE FROM '.$wpdb->prefix.'paymill_subscriptions WHERE woo_user_id=%s AND woo_offer_id=%s',array($order->user_id,$order->id.'_'.$product_id)));
 	}
 	function woo_updated_subscription_paymill($user,$subscription_details){
 		// @todo: implement support for changing/creating offer later
@@ -545,14 +545,14 @@ private function processSubscriptions(){
 											'trial_period_days'	=> intval($trial_time)
 										);
 										$offer = $this->subscriptions->offerCreate($params);
+
 										if($GLOBALS['paymill_loader']->paymill_errors->status()){
 											$GLOBALS['paymill_loader']->paymill_errors->getErrors();
 											return false;
 										}
 									}
-
 									// create user subscription
-									$user_sub = $this->subscriptions->create($this->client->getId(), $offer['id'], $this->paymentClass->getPaymentID(),(isset($_POST['paymill_delivery_date']) ? $_POST['paymill_delivery_date'] : false),$periodOfValidity);
+									$user_sub = $this->subscriptions->create($this->client->getId(), $offer, $this->paymentClass->getPaymentID(),(isset($_POST['paymill_delivery_date']) ? $_POST['paymill_delivery_date'] : false),$periodOfValidity);
 
 									if($GLOBALS['paymill_loader']->paymill_errors->status()){
 										$GLOBALS['paymill_loader']->paymill_errors->getErrors();
@@ -568,8 +568,8 @@ private function processSubscriptions(){
 										// subscription successful
 										do_action('paymill_woocommerce_subscription_created', array(
 											'product_id'	=> $product['product_id'],
-											'offer_id'		=> $offer['id'],
-											'offer_data'	=> $offer
+											'offer_id'		=> $offer,
+											//'offer_data'	=> $offer
 										));
 
 										return true;
@@ -714,7 +714,7 @@ public function validate_fields(){
 					global $woocommerce;
 					// check Paymill payment
 					if(empty($_POST['paymillToken'])){
-						$woocommerce->add_error(__('Token not Found','paymill'));
+						wc_add_notice(__('Token not Found','paymill'));
 						return false;
 					}
 					return true;
@@ -736,6 +736,8 @@ public function payment_fields(){
 						paymill_form_checkout_id = "form.checkout, form#order_review";
 						paymill_form_checkout_submit_id = "#place_order";
 						paymill_shop_name = "woocommerce";
+						paymill_pcidss3 = '.((empty($GLOBALS['paymill_settings']->paymill_general_settings['pci_dss_3']) || $GLOBALS['paymill_settings']->paymill_general_settings['pci_dss_3'] != '1') ? 1 : 0).';
+						paymill_pcidss3_lang = "'.substr(apply_filters('plugin_locale', get_locale(), $domain),0,2).'";
 						</script>';