F10420

Table of Contents What ABOUT this functionality identity? WHAT? WHO? What is the POSITION of this functionality? PARENTS? CHILDREN? What is BEFORE? What comes AFTER? What are its FUNCTIONAL REQUIREMENTS? PRECONDITIONS? REQUIREMENTS? POSTCONDITIONS? HOW is this functionality implemented? Brain Snapshot Details Notes Todo

What ABOUT this functionality identity?

• Abstraction level:Medium
• State: In progress

WHAT?

• ID: F10420
• Story: User pays with credit card
• Priority: High
• Development Time: 1 Week
• Maintenance Time: 5h/week

WHO?

• This page was created by Bedhed on 2012.01.05.
• This functionality is being implemented by Bedhed.

What is the POSITION of this functionality?

PARENTS?

• F10410 Everyone buys content
• F20530 User deposits money
• F50730 Artist pays fee

CHILDREN?

What is BEFORE?

• A transaction is initiated ?

What comes AFTER?

• Confirmation
• A transaction is confirmed ?

What are its FUNCTIONAL REQUIREMENTS?

PRECONDITIONS?

• System available from bank (see this)

REQUIREMENTS?

• Inherit security from E-I.
• Keep transaction record (user/IP, date).

POSTCONDITIONS?

• Logged outcoming payment request (EPTOut=Special:ElectronicPayment)
• Logged incoming payment confirmation (EPTBack=Special:EPTBack)
• Recorded transaction

HOW is this functionality implemented?

Brain Snapshot

• Payment Extension: ElectronicPayment
• Transaction Extension: TransactionManager
• We use the CM-CIC online TPE (Electronic Payment Terminal) solution by Euro-Information (E-I).
• General doc (fr): https://www.cmcicpaiement.fr/fr/info/documentations/CM-CIC_paiement_documentation_generale_v3_0.pdf
• Technical doc (fr): https://www.cmcicpaiement.fr/fr/info/documentations/CM-CIC_paiement_documentation_technique_v3_0.pdf
• Mod_Rewrite + Mod_Proxy :

 Entrance for Electronic Payment back interface (EPTBack).The
 bank needs a static .php file with many parameters (phone/mail
 them to change adress). WikiZam needs a special page
 (index.php?title=Special:EPTBack). Mod_rewrite creates a proxy   
 to map bank's needs to WikiZam needs. Flags: P (Proxy, use
 mod_proxy), NE (No Escape [for %]), QSA (Query String Added
 [Passes Query from request to target])
 <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteRule ^/payment/Phase2Retour.php http://papilusion.seizam.com:80/index.php?title=Special:EPTBack [P,NE,QSA]
 </ifmodule>

Details

• Messages between WikiZam & Bank are called ep_message (db table) / EPMessage (php class).
• Data sent and reveived are EPMessage->$epm[]
• Each transaction is recorder as TMRecord->$tmr[] (linked by Hook BeforeTransactionSave).
• epm['epm_o_reference'] = $tmr['tmr_id'].
• When accessing /index.php?title=Special:ElectronicPayment&status=attempt&amount=43, an attempt message is recorded (ep_message.epm_type=out/ EPMessage::$epm['type']='out').
• People click on "access payment interface".
• People reach "CIC payment interface"
• People pays online.
• Bank accesses /index.php?title=Special:ElectronicPayment&action=EPTBack with much parameters. example:

 /index.php?title=Special:ElectronicPayment&action=EPTBack&TPE=6527604&date=26%2f01%2f2012%5fa%5f10%3a48%3a44&montant=42EUR&reference=104827&MAC=FAE2BDA1964DA2E50C1A57728B7F605365B72ACA&texte-libre=%28user%3a+%3c0%3e+ip%3a+%3c109%2e217%2e103%2e6%3e+mail%3a+%3ccontact%40seizam%2ecom%3e+lang%3a+%3cEN%3e%29&code-retour=payetest&cvx=oui&vld=1219&brand=na&status3ds=3&numauto=000000&originecb=00x&bincb=000001&hpancb=A8A7A17B589AB8F2CC96D1CAC0A64950DFFF9308&ipclient=109%2e217%2e103%2e6&originetr=FRA&veres=&pares=

• This request is authenticated and recorded (ep_message.epm_type=in/ EPMessage::$epm['type']='in').

Notes

• Read a line in ep_message :

 /index.php?title=Special:ElectronicPayment&action=read&id=X

Todo

• Layout/View
• Paypal?
• Verbose user return (action=success/fail)