hcuTransfer.data

<?php

/*
 * File: hcuTransfer.data
 * Purpose: This script will handle all the interaction with a transfer.
 *            Validate Transfer
 *            Complete Transfer
 *            Create Repeating Transfer when necessary
 *
 * NOTE:
 *   The creation of a confirmation code relies on the <cu>tranhdr.processed by to have the following values:
 *      (The first two are literal strings, including the "*" character; the 3rd is the admin users name as it is in the database.)
 *      *sched*  - if a scheduled transfer and the background scheduler handled it.
 *      *immed* - If an immediate, internal transfer and the transfer posted right away.
 *      AdminName - The name of the admin user that processed the ach transaction.
 */

  // ** SET HOMECU FLAGS
  $serviceShowInfo = false;
  $serviceLoadMenu = false;
  $serviceShowMenu = false;
  $serviceAllowReadonly = false;

  // ** INCLUDE MAIN GLOBAL SCRIPT -- Handles security / global variable values
  require_once(dirname(__FILE__) . '/../library/hcuService.i');

  // ** INCLUDE to access shared transfer functions
  require_once(dirname(__FILE__) . '/../library/hcuTransfer.i');

  // ** INCLUDE to access scheduled transfer functions
  require_once(dirname(__FILE__) . '/../library/hcuTransferScheduled.i');

  // ** INCLUDE to access external/member to member functions
  require_once(dirname(__FILE__) . '/../library/hcuExternalAccts.i');

  $retStatusAry = Array(
    'homecuInfo' => '',
    'homecuErrors' => Array(),
    'homecuData' => ''
  );
  /*
   * Returned Errors Structure
   *
   * homecuInfo => An informational message to report to the user.
   *
   * The existence of Errors is proof of an error, if homecuErrors is NOT found or
   *  empty then success is assumed
   *
   * 'homecuErrors' element will contain an array of the following object
   *    'id' => the element id of the error, this is useful so the client side can
   *                highlight the affected element
   *    'message' => the error message to be displayed back to the member.  For
   *                   summary only information, leave the 'id' field blank and
   *                   enter the message here
   *
   * 'homecuData' element will return information to display for the member.
   *      'transfer' - this will be an array made up of 'label', 'caption' that
   *                  will be used to define the confirmation information for the user
   *      'repeat' -  array of 'label', 'caption', used to success of the message.
   *                  the 'label', element maybe be empty, the 'caption' will be set to the
   *                  message to be displayed to the member
   *      'posted' - This will be a text string that lets the user know the transfer was posted
   *                  and is awaiting approval.
   */
try {
  // ** There are different types of transfers
  // ** First check the refer script -- This will be used to ensure proper usage later
  // * as errors may be returned differently
  $parseRefer = parse_url($_SERVER['HTTP_REFERER']);
  $referScript = basename($parseRefer['path']);

  if (!in_array($referScript, array('hcuTransfer.prg', 'hcuTransferSchedule.prg'))) {
    // ** Wrong script calling this data routine
    throw new Exception ( $MC->msg('Feature Unavailable', HCU_DISPLAY_AS_RAW) );
  }

  // ** IMPORT - variables for use in both scripts
  $inputVars = array();
  $varOk = array(
    "form" => array('filter' => FILTER_SANITIZE_STRING),
    "action" => array('filter' => FILTER_SANITIZE_STRING),
    "txId" => array('filter' => FILTER_SANITIZE_STRING),
    "txCode" => array('filter' => FILTER_SANITIZE_STRING),
    "txFromSuffix" => array('filter' => FILTER_SANITIZE_STRING),
    "txFromDesc" => array('filter' => FILTER_SANITIZE_STRING),
    "txFromMember" => array('filter' => FILTER_SANITIZE_STRING),
    "txToSuffix" => array('filter' => FILTER_SANITIZE_STRING),
    "txMemAccount" => array('filter' => FILTER_SANITIZE_STRING),
    "txMemName" => array('filter' => FILTER_SANITIZE_STRING),
    "txMemType" => array('filter' => FILTER_SANITIZE_STRING),
    "txToDesc" => array('filter' => FILTER_SANITIZE_STRING),
    "txToMember" => array('filter' => FILTER_SANITIZE_STRING),
    "txAmount" => array('filter' => FILTER_SANITIZE_NUMBER_FLOAT, 'options' => array( "flags" => FILTER_FLAG_ALLOW_FRACTION ) ),
    "txMemo" => array('filter' => FILTER_SANITIZE_STRING, 'options' => array( "flags" => FILTER_FLAG_NO_ENCODE_QUOTES)),
    "txFrequency" => array('filter' => FILTER_SANITIZE_STRING),
    "txFrequencyCount" => array('filter' => FILTER_SANITIZE_STRING),
    "txDateStart" => array('filter' => FILTER_SANITIZE_STRING),
    "txDateEnd" => array('filter' => FILTER_SANITIZE_STRING),
    "txDateNext" => array('filter' => FILTER_SANITIZE_STRING),
    "txStatus" => array('filter' => FILTER_SANITIZE_STRING),
    "txContinue" => array('filter' => FILTER_SANITIZE_STRING),
    "paymentComment" => array("filter" => FILTER_SANITIZE_STRING, 'options' => array("flags" => FILTER_FLAG_NO_ENCODE_QUOTES)),
    "transferFrom" => array("filter" => FILTER_SANITIZE_STRING) // hcuTransferSchedule.prg's equivalent of "txFromSuffix."
  );

  HCU_ImportVars( $inputVars, "", $varOk );

  // these are needed to determine the feature for permissions checking
  $fromScheduledPage = $referScript == "hcuTransferSchedule.prg";
  $txFromSuffix = HCU_array_key_value("txFromSuffix", $inputVars);
  $txFromSuffix = $txFromSuffix === false ? HCU_array_key_value("transferFrom", $inputVars) : $txFromSuffix;
  $txFromSuffix = $txFromSuffix === false ? "" : trim($txFromSuffix);
  $sourceParts = explode( "|", $txFromSuffix ); // eg "D|1103|10|0
  $destParts = isset( $inputVars["txToSuffix"] ) ? explode( "|", $inputVars["txToSuffix"] ) : array();
  $txFromMember = HCU_array_key_value("txFromMember", $inputVars);
  $txToMember = HCU_array_key_value("txToMember", $inputVars);

  $txFromMember = $txFromMember === false ? "" : trim($txFromMember);
  $txToMember = $txToMember === false ? "" : trim($txToMember);

  if (HCU_array_key_value("action", $inputVars) === "GetTransferToOptions") {

    $results = GetTransferToOptions($HB_ENV, $sourceParts, $txFromMember, $fromScheduledPage);
    $return = array("data" => $results["transferToList"], "info" => "", "errors" => $results["error"]);
  } else {
    // check if feature is regular, external, M2M or ACH transfer
    // The checks for ACHPMT / ACHCOL are required because these transfers
    // may be viewed and altered on the scheduled tranfer screen.
    if ( (isset( $sourceParts[0] ) && $sourceParts[0] === "X") ||
         (isset( $destParts[0] ) && $destParts[0] === "X") ) {
      $transferFeatureCode = FEATURE_EXTERNAL_TRANSFERS;
    } else if ( isset( $destParts[0] ) && $destParts[0] === "M" ) {
      $transferFeatureCode = FEATURE_M2M_TRANSFERS;
    } else if ( (isset( $sourceParts[0] ) && $sourceParts[0] === "AC") ) {
      $transferFeatureCode = FEATURE_ACH_COLLECTIONS;
    } else if ( (isset( $destParts[0] ) && $destParts[0] === "AP") ) {
      $transferFeatureCode = FEATURE_ACH_PAYMENTS;
    } else {
      $transferFeatureCode = FEATURE_TRANSFERS;
    }

    // save the feature code for use elsewhere
    $inputVars["feature_code"] = $transferFeatureCode;

    /*
     * ** CHECK USER FEATURE PERMISSIONS **
     * NOTE: DO NOT AUTO-REDIR.  Handle perm error here
     */
    if (!PermCheckFeatureScreen($dbh, $HB_ENV, $MC, $transferFeatureCode, 'create', false)) {
      throw new Exception ( $MC->msg('Rights not set', HCU_DISPLAY_AS_HTML) );
    }


    $return = array(
      "data" => "",
      "info" => "",
      "errors" => ""
    );

    // ** CHECK - form coming from hcuTransferShedule.prg
    if (isset( $inputVars['form'] ) && ($inputVars['form'] === "schedule")) {
      // PerformTransferScheduled does all the transactional work, so we just need to return what it returns
      $results = PerformTransferScheduled( $HB_ENV, $inputVars, $MC );

      // results from PerformTransferScheduled are passed straight back to the return structure below
      $return["data"] = $results["data"];
      $return["info"] = $results["info"];
      $return["errors"] = $results["status"]["errors"];
    } else {
        // PerformTransfer does all the transactional work, so we just need to return what it returns
        $results = PerformTransfer( $HB_ENV, $inputVars, $MC );

        if ($results['status']['code'] === "000") {

          if ( HCU_array_key_exists( "txn", $results["data"] ) ) {
            // Return the information to display to the user. Use the Posted date and confirmation regardless if needed confirmation or not.
            $submitResults = $results["data"]["txn"];
            $retData = Array(
              Array("label" => $MC->msg('Date', HCU_DISPLAY_AS_RAW), 'caption' => $submitResults["data_date"]),
              Array("label" => $MC->msg('Action', HCU_DISPLAY_AS_RAW), 'caption' => $submitResults["data_action"]),
              Array("label" => $MC->msg('From', HCU_DISPLAY_AS_RAW), 'caption' => $submitResults["data_from"]),
              Array("label" => $MC->msg('To', HCU_DISPLAY_AS_RAW), 'caption' => $submitResults["data_to"]),
              Array("label" => $MC->msg('Amount', HCU_DISPLAY_AS_RAW), 'caption' => "$" . mobile_formatnumber($submitResults["data_amount"]), ","),
              Array("label" => $MC->msg('Confirmation', HCU_DISPLAY_AS_RAW), 'caption' => $submitResults["data_confirm"])
            );

            $return["data"]["transfer"] = $retData;
          }

          if ( HCU_array_key_exists( "posted", $results["data"] ) ) {
            $return["data"]["posted"] = $results["data"]["posted"];
          }

          if ( HCU_array_key_exists( "repeat", $results["data"] ) ) {
            $return["data"]["repeat"] = $results["data"]["repeat"];
          }
        }

        // this will pick up any errors
        $return["errors"] = $results["status"]["errors"];
      }
  }

  $retStatusAry["homecuData"] = $return["data"];
  $retStatusAry["homecuInfo"] = $return["info"];   // special for this function because could have a partial completion
  $retStatusAry["homecuErrors"] = $return["errors"];

}
catch(Exception $ex)
{
  // NOTE: We need to return any data that was set up because the initial transfer may have worked but the recurring schedule failed.
  $retStatusAry['homecuErrors'] = $ex->getMessage();
}

  header('Content-type: application/json');

  print HCU_JsonEncode(Array("Results" => Array($retStatusAry)));

  // NO MORE OUTPUT AFTER THIS POINT!