$this->load->model('checkout/order');
$order_info = $this->model_checkout_order->getOrder($this->request->post['cart_order_id']);
if (!$this->config->get('twocheckout_test')) {
$order_number = $this->request->post['order_number'];
} else {
$order_number = '1';
}
if (strtoupper(md5($this->config->get('twocheckout_secret') . $this->config->get('twocheckout_account') . $order_number . $this->request->post['total'])) == $this->request->post['key']) {
if ($this->currency->format($order_info['total'], $order_info['currency_code'], $order_info['currency_value'], false) == $this->request->post['total']) {
$this->model_checkout_order->confirm($this->request->post['cart_order_id'], $this->config->get('twocheckout_order_status_id'));
} else {
$this->model_checkout_order->confirm($this->request->post['cart_order_id'], $this->config->get('config_order_status_id'));// Ugh. Some one've faked the sum. What should we do? Probably drop a mail to the shop owner?
}
// We can't use $this->redirect() here, because of 2CO behavior. It fetches this page
// on behalf of the user and thus user (and his browser) see this as located at 2checkout.com
// domain. So user's cookies are not here and he will see empty basket and probably other
// weird things.
echo '<html>' . "\n";
echo '<head>' . "\n";
echo ' <meta http-equiv="Refresh" content="0; url=' . $this->url->link('checkout/success') . '">' . "\n";
echo '</head>'. "\n";
echo '<body>' . "\n";
echo ' <p>Please follow <a href="' . $this->url->link('checkout/success') . '">link</a>!</p>' . "\n";
echo '</body>' . "\n";
echo '</html>' . "\n";
exit();
} else {
echo 'The response from 2checkout.com can\'t be parsed. Contact site administrator, please!';
}
