diff --git a/payment/uc_paypal/src/Controller/EcController.php b/payment/uc_paypal/src/Controller/EcController.php index 0495e35..719d21a 100644 --- a/payment/uc_paypal/src/Controller/EcController.php +++ b/payment/uc_paypal/src/Controller/EcController.php @@ -23,22 +23,24 @@ class EcController extends ControllerBase { */ public function ecReviewRedirect() { $paypal_config = $this->config('uc_paypal.settings'); - if (!isset($_SESSION['TOKEN']) || !($order = Order::load($_SESSION['cart_order']))) { - unset($_SESSION['cart_order']); - unset($_SESSION['have_details']); - unset($_SESSION['TOKEN'], $_SESSION['PAYERID']); + $session = \Drupal::service('session'); + if (!$session->has('TOKEN') || !($order = Order::load($session->get('cart_order')))) { + $session->remove('cart_order'); + $session->remove('have_details'); + $session->remove('TOKEN'); + $session->remove('PAYERID'); drupal_set_message($this->t('An error has occurred in your PayPal payment. Please review your cart and try again.')); $this->redirect('uc_cart.cart'); } $nvp_request = array( 'METHOD' => 'GetExpressCheckoutDetails', - 'TOKEN' => $_SESSION['TOKEN'], + 'TOKEN' => $session->get('TOKEN'), ); $nvp_response = uc_paypal_api_request($nvp_request, $paypal_config->get('wpp_server')); - $_SESSION['PAYERID'] = $nvp_response['PAYERID']; + $session->set('PAYERID', $nvp_response['PAYERID']); $this->redirect('uc_cart.checkout_review'); } @@ -51,23 +53,29 @@ class EcController extends ControllerBase { */ public function ecReview() { $paypal_config = $this->config('uc_paypal.settings'); - if (!isset($_SESSION['TOKEN']) || !($order = Order::load($_SESSION['cart_order']))) { - unset($_SESSION['cart_order']); - unset($_SESSION['have_details']); - unset($_SESSION['TOKEN'], $_SESSION['PAYERID']); + $session = \Drupal::service('session'); + if (!$session->has('TOKEN') || !($order = Order::load($session->get('cart_order')))) { + $session->remove('cart_order'); + $session->remove('have_details'); + $session->remove('TOKEN'); + $session->remove('PAYERID'); drupal_set_message($this->t('An error has occurred in your PayPal payment. Please review your cart and try again.')); return $this->redirect('uc_cart.cart'); } - if (!isset($_SESSION['have_details'][$order->id()])) { + $details = array(); + if ($session->has('have_details')) { + $details = $session->get('have_details'); + } + if (!isset($details[$order->id()])) { $nvp_request = array( 'METHOD' => 'GetExpressCheckoutDetails', - 'TOKEN' => $_SESSION['TOKEN'], + 'TOKEN' => $session->get('TOKEN'), ); $nvp_response = uc_paypal_api_request($nvp_request, $paypal_config->get('uc_paypal_wpp_server')); - $_SESSION['PAYERID'] = $nvp_response['PAYERID']; + $session->set('PAYERID', $nvp_response['PAYERID']); $shipname = SafeMarkup::checkPlain($nvp_response['SHIPTONAME']); if (strpos($shipname, ' ') > 0) { @@ -97,7 +105,8 @@ class EcController extends ControllerBase { $order->save(); - $_SESSION['have_details'][$order->id()] = TRUE; + $details[$order->id()] = TRUE; + $session->set('have_details', $details); } $build['instructions'] = array( @@ -116,9 +125,11 @@ class EcController extends ControllerBase { * A redirect to the cart or a build array. */ public function ecSubmit() { - if (!isset($_SESSION['TOKEN']) || !($order = Order::load($_SESSION['cart_order']))) { - unset($_SESSION['cart_order'], $_SESSION['have_details']); - unset($_SESSION['TOKEN'], $_SESSION['PAYERID']); + if (!$session->has('TOKEN') || !($order = Order::load($session->get('cart_order')))) { + $session->remove('cart_order'); + $session->remove('have_details'); + $session->remove('TOKEN'); + $session->remove('PAYERID'); drupal_set_message($this->t('An error has occurred in your PayPal payment. Please review your cart and try again.')); $this->redirect('uc_cart.cart'); } diff --git a/payment/uc_paypal/src/Controller/PayPalController.php b/payment/uc_paypal/src/Controller/PayPalController.php index 3bd30e2..64daa9c 100644 --- a/payment/uc_paypal/src/Controller/PayPalController.php +++ b/payment/uc_paypal/src/Controller/PayPalController.php @@ -33,6 +33,7 @@ class PayPalController extends ControllerBase { return new Response(); } $paypal_config = $this->config('uc_paypal.settings'); + $session = \Drupal::service('session'); if (strpos($request->request->get('invoice'), '-') > 0) { list($order_id, $cart_id) = explode('-', $request->request->get('invoice')); @@ -43,7 +44,7 @@ class PayPalController extends ControllerBase { if (!empty($cart_id)) { // Needed later by uc_complete_sale to empty the correct cart - $_SESSION['uc_cart_id'] = $cart_id; + $session->set('uc_cart_id', $cart_id); } } else { diff --git a/payment/uc_paypal/src/Controller/WpsController.php b/payment/uc_paypal/src/Controller/WpsController.php index 38a1fd9..a58980c 100644 --- a/payment/uc_paypal/src/Controller/WpsController.php +++ b/payment/uc_paypal/src/Controller/WpsController.php @@ -29,7 +29,8 @@ class WpsController extends ControllerBase { // user tried to adjust the order on this side while at PayPal. If it was a // legitimate checkout, the IPN will still come in from PayPal so the order // gets processed correctly. We'll leave an ambiguous message just in case. - if (!isset($_SESSION['cart_order']) || intval($_SESSION['cart_order']) != $order->id()) { + $session = \Drupal::service('session'); + if (!$session->has('cart_order') || intval($session->get('cart_order')) != $order->id()) { drupal_set_message($this->t('Thank you for your order! PayPal will notify us once your payment has been processed.')); $this->redirect('uc_cart.cart'); } @@ -39,8 +40,14 @@ class WpsController extends ControllerBase { $this->redirect('uc_cart.cart'); } + $complete = array(); + if ($session->has('uc_checkout')) { + $complete = $session->get('uc_checkout'); + } // This lets us know it's a legitimate access of the complete page. - $_SESSION['uc_checkout'][$_SESSION['cart_order']]['do_complete'] = TRUE; + $complete[$session->get('cart_order')]['do_complete'] = TRUE; + $session->set('uc_checkout', $complete); + $this->redirect('uc_cart.checkout_complete'); } @@ -52,8 +59,9 @@ class WpsController extends ControllerBase { */ public function wpsCancel() { $paypal_config = $this->config('uc_paypal.settings'); + $session = \Drupal::service('session'); - unset($_SESSION['cart_order']); + $session->remove('cart_order'); drupal_set_message($this->t('Your PayPal payment was canceled. Please feel free to continue shopping or contact us for assistance.')); diff --git a/payment/uc_paypal/src/Form/EcCartButtonForm.php b/payment/uc_paypal/src/Form/EcCartButtonForm.php index 5534048..acec3d5 100644 --- a/payment/uc_paypal/src/Form/EcCartButtonForm.php +++ b/payment/uc_paypal/src/Form/EcCartButtonForm.php @@ -81,15 +81,16 @@ class EcCartButtonForm extends FormBase { return; } - $_SESSION['cart_order'] = $order->id(); - $_SESSION['TOKEN'] = $nvp_response['TOKEN']; + $session = \Drupal::service('session'); + $session->set('cart_order', $order->id()); + $session->set('TOKEN', $nvp_response['TOKEN']); $sandbox = ''; if (strpos($paypal_config->get('wpp_server'), 'sandbox') > 0) { $sandbox = 'sandbox.'; } - header('Location: https://www.' . $sandbox . 'paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=' . $_SESSION['TOKEN']); + header('Location: https://www.' . $sandbox . 'paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=' . $session->get('TOKEN')); exit(); } diff --git a/payment/uc_paypal/src/Form/EcReviewForm.php b/payment/uc_paypal/src/Form/EcReviewForm.php index bf93d0b..cd918d1 100644 --- a/payment/uc_paypal/src/Form/EcReviewForm.php +++ b/payment/uc_paypal/src/Form/EcReviewForm.php @@ -96,7 +96,8 @@ class EcReviewForm extends FormBase { */ public function submitForm(array &$form, FormStateInterface $form_state) { $paypal_config = $this->config('uc_paypal.settings'); - $order = Order::load($_SESSION['cart_order']); + $session = \Drupal::service('session'); + $order = Order::load($session->get('cart_order')); if (!$form_state->isValueEmpty('shippable')) { $quote_option = explode('---', $form_state->getValue(['quotes', 'quote_option'])); diff --git a/payment/uc_paypal/uc_paypal.module b/payment/uc_paypal/uc_paypal.module index eb8edf3..bf1bcc5 100644 --- a/payment/uc_paypal/uc_paypal.module +++ b/payment/uc_paypal/uc_paypal.module @@ -56,7 +56,8 @@ function uc_paypal_form_uc_cart_checkout_form_alter(&$form, &$form_state, $form_ * Implements hook_form_FORM_ID_alter() for uc_cart_checkout_review_form(). */ function uc_paypal_form_uc_cart_checkout_review_form_alter(&$form, &$form_state, $form_id) { - if (!empty($_SESSION['TOKEN'])) { + $session = \Drupal::service('session'); + if ($session->has('TOKEN')) { $form['#submit'][] = 'uc_paypal_ec_submit_form_submit'; } } @@ -113,12 +114,13 @@ function uc_paypal_ec_checkout($form, FormStateInterface $form_state) { } $paypal_config = \Drupal::config('uc_paypal.settings'); - $order_id = intval($_SESSION['cart_order']); + + $session = \Drupal::service('session'); + $order_id = intval($session->get('cart_order')); $order = Order::load($order_id); if (!$order || $order->getStateId() != 'in_checkout') { - $_SESSION['cart_order'] = NULL; - unset($_SESSION['cart_order']); + $session->remove('cart_order'); // @todo: when this goes into a controller or form, use $this ... // $this->redirect('uc_cart.cart'); return new RedirectResponse(Url::fromRoute('uc_cart.cart')->toString()); @@ -164,13 +166,13 @@ function uc_paypal_ec_checkout($form, FormStateInterface $form_state) { return new RedirectResponse(Url::fromRoute('uc_cart.checkout')->toString()); } - $_SESSION['TOKEN'] = $nvp_response['TOKEN']; + $session->set('TOKEN', $nvp_response['TOKEN']); if (strpos($paypal_config->get('wpp_server'), 'sandbox') > 0) { $sandbox = 'sandbox.'; } - header('Location: https://www.' . $sandbox . 'paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=' . $_SESSION['TOKEN']); + header('Location: https://www.' . $sandbox . 'paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=' . $session->get('TOKEN')); exit(); } @@ -181,7 +183,8 @@ function uc_paypal_ec_checkout($form, FormStateInterface $form_state) { */ function uc_paypal_ec_submit_form_submit($form, &$form_state) { $paypal_config = \Drupal::config('uc_paypal.settings'); - $order = Order::load($_SESSION['cart_order']); + $session = \Drupal::service('session'); + $order = Order::load($session->get('cart_order')); list($desc, $subtotal) = _uc_paypal_product_details($order->products); @@ -205,9 +208,9 @@ function uc_paypal_ec_submit_form_submit($form, &$form_state) { $nvp_request = array( 'METHOD' => 'DoExpressCheckoutPayment', - 'TOKEN' => $_SESSION['TOKEN'], + 'TOKEN' => $session->get('TOKEN'), 'PAYMENTACTION' => $paypal_config->get('uc_pg_paypal_wpp_cc_txn_type') == 'authorize' ? 'Authorization' : 'Sale', - 'PAYERID' => $_SESSION['PAYERID'], + 'PAYERID' => $session->get('PAYERID'), 'AMT' => uc_currency_format($order->getTotal(), FALSE, FALSE, '.'), 'DESC' => substr($desc, 0, 127), 'INVNUM' => $order->id() . '-' . REQUEST_TIME, @@ -221,8 +224,14 @@ function uc_paypal_ec_submit_form_submit($form, &$form_state) { $nvp_response = uc_paypal_api_request($nvp_request, $paypal_config->get('wpp_server')); - unset($_SESSION['TOKEN'], $_SESSION['PAYERID']); - $_SESSION['uc_checkout'][$_SESSION['cart_order']]['do_complete'] = TRUE; + $session->remove('TOKEN'); + $session->remove('PAYERID'); + $complete = array(); + if ($session->has('uc_checkout')) { + $complete = $session->get('uc_checkout'); + } + $complete[$session->get('cart_order')]['do_complete'] = TRUE; + $session->set('uc_checkout', $complete); $form_state->setRedirect('uc_cart.checkout_complete'); }