app/controllers/effective/providers/moneris.rb in effective_orders-3.2.3 vs app/controllers/effective/providers/moneris.rb in effective_orders-4.0.0beta1

@@ -15,42 +15,36 @@
         # Delete the Purchased and Declined Redirect URLs
         purchased_url = params.delete(:rvar_purchased_url)
         declined_url = params.delete(:rvar_declined_url)
 
         if @order.purchased?  # Fallback to a success condition of the Order is already purchased
-          return order_purchased(details: params, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
+          order_purchased(details: params, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
+          return
         end
 
-        # Invalid Result
-        if params[:result].to_s != '1' || params[:transactionKey].blank?
-          return order_declined(details: params, provider: 'moneris', card: params[:card], declined_url: declined_url)
-        end
+        if params[:result].to_s == '1' && params[:transactionKey].present?
+          verify_params = parse_moneris_response(send_moneris_verify_request(params[:transactionKey])) || {}
 
-        payment = params.merge(verify_moneris_transaction(params[:transactionKey]))
-        valid = (1..49).include?(payment[:response_code].to_i)  # Must be > 0 and < 50 to be valid. Sometimes we get the string 'null'
+          response_code = verify_params[:response_code].to_i # Sometimes moneris sends us the string 'null'
 
-        if valid == false
-          return order_declined(details: payment, provider: 'moneris', card: params[:card], declined_url: declined_url)
+          if response_code > 0 && response_code < 50  # Less than 50 means a successful validation
+            order_purchased(details: params.merge(verify_params), provider: 'moneris', card: params[:card], purchased_url: purchased_url)
+          else
+            order_declined(details: params.merge(verify_params), provider: 'moneris', card: params[:card], declined_url: declined_url)
+          end
+        else
+          order_declined(details: params, provider: 'moneris', card: params[:card], declined_url: declined_url)
         end
-
-        order_purchased(details: payment, provider: 'moneris', card: params[:card], purchased_url: purchased_url)
       end
 
       private
 
-      def verify_moneris_transaction(transactionKey)
-        # Send a verification POST request
-        uri = URI.parse(EffectiveOrders.moneris[:verify_url])
-        params = { ps_store_id: EffectiveOrders.moneris[:ps_store_id], hpp_key: EffectiveOrders.moneris[:hpp_key], transactionKey: transactionKey }
-        headers = { 'Referer': effective_orders.orders_url }
+      def parse_moneris_response(text)
+        text.split("<br>").inject(Hash.new()) { |h, i| h[i.split(' ').first.to_sym] = i.split(' ').last ; h } rescue {response: text}
+      end
 
-        http = Net::HTTP.new(uri.host, uri.port)
-        http.use_ssl = true
-
-        body = http.post(uri.path, params.to_query, headers).body
-
-        # Parse response into a Hash
-        body.split('<br>').inject({}) { |h, i| h[i.split(' ').first.to_sym] = i.split(' ').last; h }
+      def send_moneris_verify_request(verify_key)
+        `curl -F ps_store_id='#{EffectiveOrders.moneris[:ps_store_id]}' -F hpp_key='#{EffectiveOrders.moneris[:hpp_key]}' -F transactionKey='#{verify_key}' --referer #{effective_orders.moneris_postback_orders_url} #{EffectiveOrders.moneris[:verify_url]}`
       end
 
     end
   end
 end