rdcBluepoint_8i_source.html

<?php
function RDCconfig($dbh,&$parms) {
        $parms['UAT'] = (!isset($parms['UAT']) ? 0 : $parms['UAT'] );
        $parms['serviceurl'] = ($parms['UAT'] == 0 ? $parms['ProdURL'] : $parms['UATurl']);
        $parms['acctttl'] = (!isset($parms['acctttl']) ? 'Select account' : $parms['acctttl'] );
        $parms['descttl'] = (!isset($parms['descttl']) ? 'Description' : $parms['descttl'] );
}

function RDCauth($dbh, $HB_ENV, $MC, $parms) {
# requires: $parms['Cu']
#       $parms['rdcvendor']
# Additional values rdcvendor retrieved and decoded from cutrusteddetail
#
# returns:
    # assume we are going to succeed...
    $return['status']['response'] = 'true';
    $return['status']['code'] = '000';
    $return['status']['message'] = 'Success';

    try {
        # If authorizing at HomeCU, is member authorized?
        if ($parms['HomeCUAuth']) {
            $mbr_rdc = Get_RDCSetting($dbh, $HB_ENV, 'RDCBluepoint', $parms['MBRACCT']);
            if ($mbr_rdc['status']['code'] != '000') {
                throw new Exception($mbr_rdc['status']['message'], $mbr_rdc['status']['code']);
            }
            $dl = $mbr_rdc['rdcsetting'];
            if (abs(intval($dl)) == 0) {

                $HB_Notices_ary = Get_NoticeInfo($dbh, $HB_ENV, $MC, 'M', "mblNoRDC", true);
                if ($HB_Notices_ary['status']['code'] == '000') {
                    $noticeData = $HB_Notices_ary["notice"][0]["notice_text"];
                } else {
                    $noticeData = "";
                }
                if (strlen($noticeData)) {
                    $message = $noticeData;
                    $code = 111;
                } else {
                    $message = "Account not permitted for Remote Deposit.  Please contact the Credit Union for more information";
                    $code = 110;
                }
                throw new Exception($message, $code);
            }
        }
        # member authorized, or not authorizing at HomeCU.
        # check if they have any valid accounts
        $parms['Fset2'] = $HB_ENV['Fset2']; # HB_ENV
        $parms['Fset3'] = $HB_ENV['Fset3']; # HB_ENV
        $parms['Uid'] = $HB_ENV['Uid'];
        $hculist = RDCGetAccts($dbh, $parms);

        if ($hculist['status']['response'] == 'false') {
            throw new Exception($hculist['status']['message'], $hculist['status']['code']);
        }

        # got a valid RDC account list

        $parms['RDCAcctList'] = $hculist['data'];
        $parms['deplimit'] = (isset($dl) ? $dl : 0);
                # Check first for valid session key, if not found, start session
                # make sure prior deposit finished before re-using key? No, could just abandon one....
                $newrec=1;
                $session = curdc_read($dbh,array('Cu'=>$parms['Cu'],'Uid' => $HB_ENV['Uid'],'MBRACCT'=>$parms['MBRACCT']));
                $vtime=mktime();
                if ($session['status']['response'] == 'true' &&
                        isset($session['data']['vendorinfo']['Vendortime']) &&
                        ($vtime - $session['data']['vendorinfo']['Vendortime']) < 720) { # less than 12 minutes)
                      if ($session['data']['status'] == 'S' ) {
                          $newrec=0;
                          # session key not used yet for any deposit activity (presumably just history)
                          # use this record instead of building a new one
                          # return info including depmessages
                        $parms['depositid'] = $session['data']['depositid'];
                        $parms['rdcstatus'] = 'S';
                        $parms['vendorinfo'] = $session['data']['vendorinfo'];
                        $return['data']['accounts']=$parms['vendorinfo']['accounts'];
                        $return['data']['terms']=$parms['vendorinfo']['terms'];
                        $return['data']['depmessages']=$parms['vendorinfo']['depmessages'];
                        $return['data']['scanlimit']=$parms['vendorinfo']['scanlimit'];
                      } else {
                          # start a new record
                        $parms['rdcstatus'] = 'S';
                        $parms['vendorinfo'] = array(Vendortime => $session['data']['vendorinfo']['Vendortime'],
                            accounts => $session['data']['vendorinfo']['accounts'],
                            scanlimit => $session['data']['vendorinfo']['scanlimit'],
                            depmessages => $session['data']['vendorinfo']['depmessages'],
                            terms => $session['data']['vendorinfo']['terms']);
                        $return['data']['accounts']=$parms['vendorinfo']['accounts'];
                        $return['data']['terms']=$parms['vendorinfo']['terms'];
                        # return basic info only if we are recycling a session
                      }
                } else {
                    # no session to recycle, or only old sessions
                    # get the Bluepoint ScanLimit
                    # according to Bluepoint, this call also auto-creates a record
                    # for new users.  So call this BEFORE the GetActiveStatus
                    # but still check status in case they were created w/pending status
                    $rdcresult = bluepointGetReviewLimits($parms);
                    # check return values for error
                    if ($rdcresult['status']['response'] == 'false') {
                        throw new Exception("Bluepoint Connection failed \n{$rdcresult['status']['message']}",300);
                    }
                    if ($rdcresult['data']['Limits']['ScanLimit'] <= 0) {
                        # Scan limit negative or zero - don't know if this is even possible, but just in case...
                        throw new Exception('Bluepoint ScanLimit negative or zero',300);
                    }
                    $rdcActiveStatus = bluepointGetActiveStatus($parms);
                    // # if not authorized -
                    if ($rdcActiveStatus['status']['response'] == 'false') {
                        throw new Exception('Bluepoint Connection failed',300);
                    }
                    if ($rdcActiveStatus['data']['Status'] != 'Active') {
                          $HB_Notices_ary = Get_NoticeInfo($dbh, $HB_ENV, $MC, 'M', "mblNoRDC", true);
                          if ($HB_Notices_ary['status']['code'] == '000') {
                            $noticeData = $HB_Notices_ary["notice"][0]["notice_text"];
                          } else {
                            $noticeData = "";
                          }
                          if ( strlen( $noticeData ) ) {
                            $message = $noticeData;
                            $code = 111;
                          } else {
                            $message = "Account not permitted for Remote Deposit.  Please contact the Credit Union for more information";
                            $code = 110;
                          }
                          throw new Exception($message, $code);
                    }

                    $parms['ScanLimit'] = $rdcresult['data']['Limits']['ScanLimit'];
                    // Bluepoint not serving terms so always empty
                    // 12/5/2014 use Custom Content to get terms
                    $rdcterms = array();
                    $parms['rdcstatus'] = 'S';

                    if ($parms['HomeCUterms']) {
                        $rdcterms = hcuGetRDCterms($dbh, $HB_ENV, $MC);

                        if ($rdcterms['status']['response'] == 'false') {
                            $e = "HCU GetTerms call failed ({$rdcterms['status']['code']} {$rdcterms['status']['message']}";
                            throw new Exception($e ,301);
                        }
                        if ($rdcterms['data']['notice_popup'] == 1) {
                          $parms['rdcstatus'] = 'T';
                        } else {
                          $rdcterms = array();
                          $parms['rdcstatus'] = 'S';
                        }
                    }
                    $return = RDCPresentAccounts($parms, $hculist, $rdcresult, $rdcterms);

                    if ($return['status']['response'] == 'false') {
                        # error send fail
                        throw new Exception($return['status']['message'], $return['status']['code']);
                    }
                    $depmessages=array();
                    if ($parms['ShowScanlimit']) {
                        $depmessages[] = array("MessageTextCd" => "HCU1","LocalizedText" => "Deposit Limit is " . sprintf("%.2f","{$rdcresult['data']['Limits']['ScanLimit']}"));
                    }
                    $parms['vendorinfo'] = array('Vendortime' => mktime(),
                        'userAgent' => $_SERVER['HTTP_USER_AGENT'],
                        'userIP' => $_SERVER['REMOTE_ADDR'],
                        'accounts' => $return['data']['accounts'],
                        'scanlimit' => $rdcresult['data']['Limits']['ScanLimit'],
                        'depmessages' => $depmessages,
                        'terms' => HCU_array_key_value('terms',$return['data']));
                }
                if ($newrec) {
                    # start curdc record, return depositid as part of result
                    $depostat = curdc_start($dbh, $parms);
                    if ($depostat['status']['response'] == 'false') {
                        # error send fail
                        throw new Exception('HomeCU Start Deposit Failed', 200);
                    }
                    $parms['depositid'] = $depostat['data']['depositid'];
    //                $parms['vendorinfo']['raw']=json_encode($rdcresult);
                }
                $return['data']['depositid'] = $parms['depositid'];
                $return['data']['depmessages']=$parms['vendorinfo']['depmessages'];

                $depostat = curdc_setvinfo($dbh, array('Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
                    'vendorinfo' => json_encode($parms['vendorinfo'])));
                if ($depostat['status']['response'] == 'false') {
                    # error send fail
                    throw new Exception($depostat['status']['message'], $depostat['status']['code']);
                }
    } catch (Exception $e) {
        $return['status']['response'] = 'false';
        $return['status']['code'] = $e->getCode();
        $return['status']['message'] = "(" . $e->getLine() . ") " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8', FALSE);
    }
    return $return;
}

function RDCaccept($dbh, $HB_ENV, $MC, $parms) {
# requires: $parms['Cu']
#       $parms['depositid']
# Additional values retrieved and decoded from cutrusteddetail
# or from curdcstatus record using depositid as key
# returns:
    # assume we are going to succeed...
    $return['status']['response'] = 'true';
    $return['status']['code'] = '000';
    $return['status']['message'] = 'Success';

    try {
        if (!isset($parms['Cu']) || !isset($parms['depositid'])) {
            throw new Exception('Missing Parameters',100);
        }
        # look up depositid
        # decode vendorinfo
        $depo = curdc_read($dbh, $parms);
        if ($depo['status']['response'] == 'false') {
            throw new Exception('HomeCU DepositID not found',205);
        }

                # look up rdcTerms doc and then update to show acceptance
                // get any notice text
                $noticeInfo = Get_NoticeInfo($dbh, $HB_ENV, $MC, "P", "rdcTerms", false);
                if ($noticeInfo["status"]["code"] == "000" && HCU_array_item_count('notice',$noticeInfo)
                    && intval($noticeInfo['notice'][0]['notice_id']) > 0) {
                                   # action P post so set up the HCUPOST array
                    $HB_ENV['HCUPOST']['notice_id'] = $noticeInfo['notice'][0]['notice_id'];
                    $HB_ENV['HCUPOST']['notice_type'] = $noticeInfo['notice'][0]['notice_type'];
                    $HB_ENV['HCUPOST']['notice_device'] = 'P';
                    $HB_ENV["HCUPOST"]['notice_response'] = array("answer" => 1);    // something non-zero but numeric
                    # not sure if the next two are needed -
                    $HB_ENV["HCUPOST"]['notice_cancel'] = "0";
                    $HB_ENV['HCUPOST']['notice_msg_show'] = 1;
                    $noticeUpd = Update_NoticeInfo($dbh, $HB_ENV, $MC);

                $return['status']['message'] = 'Accept Terms OK';
                $vendorinfo = $depo['vendorinfo'];
                $vendorinfo['terms']='';
                $vendorinfo['Vendortime'] = mktime();
                $parms['vendorinfo'] = $vendorinfo;

                }

        # update curdcstatus record
        $parms['rdcstatus'] = 'O';

        $depostat = curdc_setvinfo($dbh, array('Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
            'rdcstatus' => $parms['rdcstatus'],'vendorinfo' => json_encode($parms['vendorinfo'])));
        if ($depostat['status']['response'] == 'false') {
            # error send fail
            throw new Exception($depostat['status']['message'], $depostat['status']['code']);
        }

    } catch (Exception $e) {
        $return['status']['response'] = 'false';
        $return['status']['code'] = $e->getCode();
        $return['status']['message'] = "(" . $e->getLine() . ") " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8', FALSE);
    }
    return $return;
}
function RDChistorylist($dbh, $parms) {
# requires: $parms['Cu']
#       $parms['depositid']
# Additional values retrieved and decoded from cutrusteddetail
# or from curdcstatus record using depositid as key
# returns:
    # assume we are going to succeed...
    $return['status']['response'] = 'true';
    $return['status']['code'] = '000';
    $return['status']['message'] = 'Success';

    try {
        if (!isset($parms['Cu']) || !isset($parms['depositid'])) {
            throw new Exception('Missing Parameters',100);
        }
        # look up depositid
        # decode vendorinfo
        $depo = curdc_read($dbh, $parms);
        if ($depo['status']['response'] == 'false') {
            throw new Exception("HomeCU DepositID not found [{$parms['depositid']}]",205);
        }
                $rdcresult = bluepointGetCustomerHistory($parms);
                if ($rdcresult['status']['response'] == 'false') {
                    throw new Exception('Bluepoint Get History List call failed',305);
                }
                foreach ($rdcresult['data']['ItemList'] as $histkey =>$aval) {
                    foreach($aval as $ikey => $ival) {
                        $histitem = array();
                        foreach($ival as $zkey => $zval) {
                            $histitem[$zval['Parameter']] = $zval['Value'];
                        }
                    }
                    // set return values using ensenta names, just because
                    // they were first and OFXRequest expects those names
                    $rdcresult['data']['TransactionList'][$histkey]['ReceiptReferenceNo']=$histitem['ItemRecID'];
                    $rdcresult['data']['TransactionList'][$histkey]['transactionid']=$histitem['ItemRecID'];
                    $rdcresult['data']['TransactionList'][$histkey]['transactiondttm']=$histitem['ScannedDate'];
                    $rdcresult['data']['TransactionList'][$histkey]['submittedamount']=sprintf('%.2f',floatval($histitem['ItemAmount']));
                    $rdcresult['data']['TransactionList'][$histkey]['currentamount']=sprintf('%.2f',floatval($histitem['AcceptedAmount']));
                    $rdcresult['data']['TransactionList'][$histkey]['status']=$histitem['Status'];
                    $rdcresult['data']['TransactionList'][$histkey]['statusdescr']=$histitem['Status'];
                    $rdcresult['data']['TransactionList'][$histkey]['accountnumber']=$histitem['Account'];
                }
                $return['status']['message'] = 'Bluepoint History List OK';
                $vendorinfo = (HCU_array_key_exists('vendorinfo',$depo) ? $depo['vendorinfo'] : array() );
                $vendorinfo['Vendortime'] = mktime();
                $parms['vendorinfo'] = $vendorinfo;

        # update curdcstatus record

        $depostat = curdc_setvinfo($dbh, array('Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
            'vendorinfo' => json_encode($parms['vendorinfo'])));
        if ($depostat['status']['response'] == 'false') {
            # error send fail
            throw new Exception($depostat['status']['message'], $depostat['status']['code']);
        }
        $return['data']=$rdcresult['data'];
        $return['data']['rdcvendor']=$depo['data']['rdcvendor'];

    } catch (Exception $e) {
        $return['status']['response'] = 'false';
        $return['status']['code'] = $e->getCode();
        $return['status']['message'] = "(" . $e->getLine() . ") " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8', FALSE);
    }

    return $return;
}
function RDChistorydetl($dbh, $parms) {
    # coded for Ensenta only?
# requires: $parms['Cu']
#       $parms['transactionid']
# Additional values retrieved and decoded from cutrusteddetail
# or from curdcstatus record using depositid as key
# returns:
    # assume we are going to succeed...
    $return['status']['response'] = 'true';
    $return['status']['code'] = '000';
    $return['status']['message'] = 'Success';

    try {
        if (!isset($parms['Cu']) || !isset($parms['transactionid']) || !isset($parms['depositid'])) {
            throw new Exception('Missing Parameters',100);
        }
        # look up depositid
        # decode vendorinfo
        $depo = curdc_read($dbh, $parms);
        if ($depo['status']['response'] == 'false') {
            throw new Exception('HomeCU DepositID not found',205);
        }
        # update curdcstatus record
        $depostat = curdc_setvinfo($dbh, array('Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
            'vendorinfo' => json_encode($parms['vendorinfo'])));
        if ($depostat['status']['response'] == 'false') {
            # error send fail
            throw new Exception($depostat['status']['message'], $depostat['status']['code']);
        }
        $return['data']=$rdcresult['data'];
//        $return['data']['depmessages'] = $depostat['data']['vendorinfo']['depmessages'];

    } catch (Exception $e) {
        $return['status']['response'] = 'false';
        $return['status']['code'] = $e->getCode();
        $return['status']['message'] = "(" . $e->getLine() . ") " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8', FALSE);
    }
    return $return;
}

function RDCdeposit($dbh, $parms) {
# requires: $parms['Cu']
#       $parms['depositid']
#       $parms['amount']
#       $parms['acctid']
# Additional values retrieved and decoded from cutrusteddetail
# or from curdcstatus record using depositid as key
# returns:
    # assume we are going to succeed...
    $return['status']['response'] = 'true';
    $return['status']['code'] = '000';
    $return['status']['message'] = 'Success';
    try {
        if (!isset($parms['Cu']) || !isset($parms['depositid']) ||
                !isset($parms['amount']) || !isset($parms['acctid']) ) {
            throw new Exception('Missing Parameters', 100);
        }
        /*
         * need to use $parms['acctid'] to retrieve info about receiving account
         * get from vendorinfo['accounts'] stored in deposit record, as that includes
         * vendor-returned info
         */

        # look up depositid
        $depo = curdc_read($dbh, $parms);
        if ($depo['status']['response'] == 'false') {
            throw new Exception('HomeCU DepositID not found', 205);
        }
        $fail='';
        switch ($depo['data']['status']) {
            case 'T':
                $fail='Must accept terms of use before depositing funds';
                break;
            case 'R':
                $fail='Deposit has been rejected';
                break;
            case 'C':
                $fail='Deposit already completed';
                break;
            case 'B':
            case 'F':
                if (!isset($parms['POSTAWAY'])) {
                    $fail='Deposit requires override confirmation';
                }
                break;
        }
        if ("$fail" != '') {
            throw new Exception($fail,229);
        }
        if (is_null($depo['data']['frontpath']) || is_null($depo['data']['backpath'])
                || !getimagesize($depo['data']['frontpath']) || !getimagesize($depo['data']['backpath'])) {
            throw new Exception('Check Images not found', 220);
        }
        $vendorinfo = $depo['data']['vendorinfo'];

        // Store amount, selected account in curdcstatus table
        $depostat = curdc_update($dbh, array('Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
            'amount' => $parms['amount'], 'acctid' => $parms['acctid']));
        if ($depostat['status']['response'] == 'false') {
            throw new Exception('HomeCU Update Deposit Amount Failed', 225);
        }

                $acctid = $parms['acctid'];
                $hculist = RDCGetAccts($dbh, $parms, $acctid);

                if ($hculist['status']['response'] !== 'true') {
                    throw new Exception('Invalid Deposit Account', 230);
                }
                if ( $vendorinfo['scanlimit'] < ($parms['amount'] * .01)) {
                    throw new Exception("Deposit Amount Exceeds Deposit Limit (" .
                        sprintf('%.2f',$vendorinfo['scanlimit']) . ")",231);
                }
                $parms['AccountNumber'] = $vendorinfo['accounts'][$acctid]['suffix'];
                # set default AccountType, then override if configured
                $parms['AccountType'] = $vendorinfo['accounts'][$acctid]['rdcdesc'];
                switch ($vendorinfo['accounts'][$acctid]['rdcdesc']) {
                    case 'Checking':
                        if (isset($parms['Ck_rdctype'])) {
                            $parms['AccountType'] = $parms['Ck_rdctype'];
                        }
                        break;
                    case 'Savings':
                        if (isset($parms['Sv_rdctype'])) {
                            $parms['AccountType'] = $parms['Sv_rdctype'];
                        }
                        break;
                    default:
                        $parms['AccountType'] = $vendorinfo['accounts'][$acctid]['rdcdesc'];
                        break;
                }

                $parms['CheckFront'] = base64_encode(file_get_contents($depo['data']['frontpath']));
                $parms['CheckBack'] = base64_encode(file_get_contents($depo['data']['backpath']));
                $rdcresult = bluepointDepositItem($parms);
                if ($rdcresult['status']['response'] == 'false') {
                    throw new Exception('DepositItem call failed', 242);
                }
                    # if no DepositStatus use Result instead
                $rstat = ("{$rdcresult['data']['DepositStatus']}" == "" ? $rdcresult['data']['Result'] : $rdcresult['data']['DepositStatus']);
                # check return values for error
                switch ($rstat) {
                    case "IQAFailed":
                    case "LimitExceeded":
                    case "SystemError":
                    case "TimeoutExceeded":
                    case "InvalidAdminCredentials":
                    case "InvalidCredentials":
                    case "UserUnauthorized":
                    case "InvalidRequestdata":
                    case "HubConnectionDown":
                    case "MitekConnectionDown":
                    case "DuplicateMicrNotAllowed":
                        $parms['rdcstatus'] = 'R';
                        $vendorinfo['Vendortime'] = mktime();
                        $vendorinfo['DepositStatus'] = $rstat;
                        $vendorinfo['Message'] = $rdcresult['data']['Message'];
                        $vendorinfo['DepositTime'] = date('YmdHis');
                        $depostat = curdc_setvinfo($dbh, array('Cu' => $parms['Cu'], 'depositid' => $parms['depositid'],
                            'rdcstatus' => $parms['rdcstatus'], 'vendorinfo' => json_encode($vendorinfo)));
                        if ($depostat['status']['response'] == 'false') {
                            throw new Exception('HomeCU Update Vendorinfo Failed', 240);
                        }
                        throw new Exception($rdcresult['data']['DepositStatus'] . ' ' . $rdcresult['data']['Message'] . ' Deposit Cannot be processed as submitted', 241);
                        break;

                    case "Passed":
                    default:
                        $receipt = ("{$rdcresult['data']['ItemRecID']}" == "" ? $rdcresult['data']['BatchID'] . "-" . $rdcresult['data']['BatchRecID'] : $rdcresult['data']['ItemRecID']);
                        $parms['rdcstatus'] = 'C';
                        $vendorinfo['Vendortime'] = mktime();
                        $vendorinfo['DepositStatus'] = $rstat;
                        $vendorinfo['Message'] = $rdcresult['data']['Message'];
                        $vendorinfo['Review'] = $rdcresult['data']['SentToReview'];
                        $vendorinfo['TransactionReceiptNumber'] = $receipt;
                        $vendorinfo['TransactionDateTime'] = date('c');
//                    $vendorinfo['raw']=$rdcresult['data']['raw'];
                        $depostat = curdc_setvinfo($dbh, array('Cu' => $parms['Cu'], 'depositid' => $parms['depositid'], 'frontaccept' => 'Y',
                            'backaccept' => 'Y','rdcstatus' => $parms['rdcstatus'], 'vendorinfo' => json_encode($vendorinfo)));
                        if ($depostat['status']['response'] == 'false') {
                            throw new Exception('HomeCU Update Vendorinfo Failed', 240);
                        }
                        $return['status']['response'] = 'true';
                        $return['status']['message'] = 'Bluepoint Deposit Complete';
                        # this returns everything from Ensenta, but that will be a problem if we add other vendors
                        # pick a list of stuff to return and be consistent for everyone?
                        $return['data'] = $rdcresult['data'];
                        $return['data']['depositid'] = $parms['depositid'];
                        $return['data']['rdcstatus'] = $parms['rdcstatus'];
                        # use the Ensenta names for values the apps look for --
                        $return['data']['TransactionReceiptNumber'] = $receipt;
                        $return['data']['TransactionDateTime'] = date('c');
                        $return['data']['MaskedAccountholderNumber'] = $vendorinfo['accounts'][$acctid]['suffix'];

                        if ("{$rdcresult['data']['ItemRecID']}" == "" ) {
                            $hcumessage = "Your deposit request for account {$vendorinfo['accounts'][$acctid]['suffix']} has been received pending review";
                        } else {

                        $hcumessage = "Your deposit request for account {$vendorinfo['accounts'][$acctid]['suffix']} has been received";
                        if ($rdcresult['data']['SentToReview'] == 'true') {
                            $hcumessage .= " pending review";
                        }
                        $hcumessage .= ". Your confirmation number is '{$rdcresult['data']['ItemRecID']}'. ";
                        $hcumessage .= "Please save this number and refer to it if you need to contact the credit union regarding this transaction. ";
//                        if (!empty($vendorinfo['fundsavailable'])) {
//                            $hcumessage .= $vendorinfo['fundsavailable'];
//                        }
                        }
                         if ($parms['live'] && $parms['postHomeCU']) {
                            if ($rdcresult['data']['DepositStatus'] == 'Passed' && $rdcresult['data']['SentToReview'] != 'true') {
                                # post live transaction
                                list($statcode, $statdesc, $confcode) = post_pkt_track(
                                    $vendorinfo['accounts'][$acctid]['tomember'], 'ED', $vendorinfo['accounts'][$acctid]['suffix'],
                                    $rdcresult['data']['ItemRecID'], $parms['Ml'], '', $vendorinfo['accounts'][$acctid]['tomember'],
                                    $parms['amount'], $parms['MBRACCT'], '');
                            }
                        }

                        $return['data']['HCUReceiptMessage'] = $hcumessage;

                }
    } catch (Exception $e) {
        $return['status']['response'] = 'false';
        $return['status']['code'] = $e->getCode();
        $return['status']['message'] = "(" . $e->getLine() . ") " . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8', FALSE);
    }

    return $return;
}
function RDCGetAccts($dbh, $parms, $Acctid="") {
    $AcctList=array();

    if (!isset($parms['Cu']) || !isset($parms['Uid']) || !isset($parms['MBRACCT'])) {
//        RDC_response('910', array('Settings Error'), 'ERROR'); # RDCGetAccts not enough info provided
        $AcctList['status']['response'] = 'false';
        $AcctList['status']['code'] = '910';
        $AcctList['status']['message'] = 'Missing RDC Account Parameters'; # RDCGetAccts missing Cu/Uid/MBRACCT

        return ($AcctList);

    }

    $Cu = $parms['Cu'];
    $Uid = $parms['Uid'];
    $Fset2 = $parms['Fset2'];
    $Fset3 = $parms['Fset3'];
    $balwhere = $parms['balwhere'];
    $lnwhere = $parms['lnwhere'];
    $MBRACCT = $parms['MBRACCT'];

# default allow deposit, loan pmt, credit card pmt
    $rtxn = ( HCU_array_item_count('rtxn',$parms) == 0 ?
                    array('AT' => 1, 'LP' => 1, 'CP' => 1) :
                    json_decode($parms['rtxn'],TRUE) );
    $savingsql = (!isset($parms['savingsql']) ?
                    "trim(accounttype)" :
                    $parms['savingsql'] );
    $draftsql = (!isset($parms['draftsql']) ?
                    "trim(accounttype)" :
                    $parms['draftsql'] );
    $loansql = (!isset($parms['loansql']) ?
                    "trim(loannumber)" :
                    $parms['loansql'] );
    $mbrsql = (!isset($parms['mbrsql']) ?
                    "trim(accountnumber)" :
                    $parms['mbrsql'] );


# fetch transactions types

    $sql = "select ht.trancode, trim(t.trandesc), trim(ht.cudesc), t.specialproc
               from cutrans t, cuhavetrans ht
              where ht.cu='$Cu'
              and ht.trancode = t.trancode\n";

    $sth = db_query($sql, $dbh);
    #
    #  Return a line for each allowed transaction type.
    #
  $txncodes = array();
    for ($row = 0; list($code, $desc, $cudesc, $spec) = db_fetch_array($sth, $row); $row++) {
        $txncodes{$code} = array($desc, $spec, $cudesc);
    }
    db_free_result($sth);

    $sql = "";
    $verb = "";

    $sv_rdctype = (!isset($parms['sv_rdctype']) ? '0' : $parms['sv_rdctype']);
    $ck_rdctype = (!isset($parms['ck_rdctype']) ? '1' : $parms['ck_rdctype']);
    $ln_rdctype = (!isset($parms['ln_rdctype']) ? '128' : $parms['ln_rdctype']);
    $sv_rdctype =  (str_word_count ( $sv_rdctype , 0 , '0123456789' ) > 1 ? $sv_rdctype : "'$sv_rdctype'");
    $ck_rdctype =  (str_word_count ( $ck_rdctype , 0 , '0123456789' ) > 1 ? $ck_rdctype : "'$ck_rdctype'");
    $ln_rdctype =  (str_word_count ( $ln_rdctype , 0 , '0123456789' ) > 1 ? $ln_rdctype : "'$ln_rdctype'");

# find out how many valid accounts the member has:
$sql = "WITH accountlist as (
    SELECT ab.accountnumber,
            ua.display_name,
            description,
            ua.accounttype as accounttype,
            ua.certnumber as certnumber,
            ua.recordtype,
            ua.view_balances,
            ua.view_transactions,
            ab.deposittype,
            'DP' as cbtype, amount as currentbalance,
            ua.display_order,
            trim(ab.micraccount) as micraccount
            FROM {$Cu}useraccounts as ua
            INNER JOIN {$Cu}accountbalance as ab ON ab.accountnumber = ua.accountnumber
              AND ab.accounttype = ua.accounttype
              AND ua.certnumber = ua.certnumber
            WHERE ua.user_id = $Uid
              AND ua.accountnumber = '{$MBRACCT}'
              AND ua.recordtype = 'D'
              AND ab.may_deposit = true
            UNION
    SELECT lb.accountnumber,
            ua.display_name,
            description,
            ua.accounttype,
            ua.certnumber,
            ua.recordtype,
            ua.view_balances,
            ua.view_transactions,
            'L' as deposittype,
            lb.cbtype, currentbalance as currentbalance,
            ua.display_order,
            ''
            FROM {$Cu}useraccounts as ua
            INNER JOIN {$Cu}loanbalance as lb ON lb.accountnumber = ua.accountnumber
              AND lb.loannumber = ua.accounttype
            WHERE ua.user_id =$Uid
              AND ua.accountnumber = '{$MBRACCT}'
              AND ua.recordtype = 'L'
              AND lb.may_payment = true ) ";

    if (HCU_array_key_exists('AT',$txncodes) && HCU_array_key_exists('AT',$rtxn)) {
# $txncodes is configured list @HCU - $rtxn is allowed list for RDC


        $sql .= "SELECT recordtype as tbl,
                    $mbrsql as rdcmember, trim(description) as description,
                    trim(display_name) as display_name,
                    trim(accounttype) as accounttype, $savingsql as suffix,
                    certnumber as certnumber, $sv_rdctype as rdctype,
                    display_order, trim(accountnumber) as accountnumber
                    FROM accountlist
                    WHERE recordtype = 'D' $balwhere
                    AND upper(deposittype) in ('S','N')
            UNION
                    SELECT recordtype, $mbrsql as rdcmember,
                    trim(description), trim(display_name),
                    trim(accounttype), $draftsql,
                    certnumber, $ck_rdctype, display_order,
                    trim(accountnumber)
                    FROM accountlist
                    WHERE recordtype = 'D' $balwhere
                    AND upper(deposittype) = 'Y' ";

        $verb = " UNION ";
    }
    if (HCU_array_key_exists('LP',$txncodes) && HCU_array_key_exists('LP',$rtxn)) {

        $sql .= "$verb
                    SELECT 'L', $mbrsql as rdcmember,
                    trim(description), trim(display_name),
                    trim(accounttype), $loansql,'0', $ln_rdctype, display_order,
                    trim(accountnumber)
                    FROM accountlist
                    WHERE recordtype = 'L' $lnwhere
                    AND currentbalance > 0 ";
        if ($Fset2 & GetFlagsetValue("CU2_SPEC18")) {
            $sql .= " and (cbtype <> '18' or cbtype is null) ";
            if (HCU_array_key_exists('CP',$rtxn)) {
                $sql .= "UNION
                    SELECT 'C', $mbrsql as rdcmember,
                    trim(description), trim(display_name),
                    trim(loannumber), $loansql, '0', $ln_rdctype, display_order,
                    trim(accountnumber)
                    FROM accountlist
                    WHERE recordtype='L' $lnwhere
          AND type = '18' ";
                if (!($Fset2 & GetFlagsetValue("CU2_CC18SHOWZERO"))) {
                    $sql .= " and currentbalance > 0 ";
                }
            }
        }
    }
    $sql .= " order by 6,2,3";
    $acct_rs = db_query($sql, $dbh);

    if (db_num_rows($acct_rs) == 0) {
//        RDC_response('920', array('No Eligible Accounts'), 'ERROR'); # RDCGetAccts no valid accounts
        $AcctList['status']['response'] = 'false';
        $AcctList['status']['code'] = '920';
        $AcctList['status']['message'] = htmlspecialchars('No Eligible RDC <test>Accounts', ENT_QUOTES,'UTF-8',FALSE); # RDCGetAccts no valid accounts
        $AcctList['status']['sql'] = $sql;
    } else {

        $AcctList['status']['response'] = 'true';
        $AcctList['status']['code'] = '000';
        $AcctList['status']['message'] = 'Success';
        for ($row = 0; $drow = db_fetch_array($acct_rs, $row); $row++) {
            $tbl = $drow['tbl'];
            $accounttype = $drow['accounttype'];
            $suffix = $drow['suffix'];
            $cert = $drow['certnumber'];
            $rdctype = $drow['rdctype'];
            switch ($rdctype) {
                case '0':
                    $rdcdesc='Savings';
                    break;
                case '1':
                    $rdcdesc='Checking';
                    break;
                case '32':
                    $rdcdesc='LOC';
                    break;
                case '64':
                    $rdcdesc='CreditCard';
                    break;
                case '128':
                    $rdcdesc='Loan';
                    break;
                case '256':
                    $rdcdesc='Mortgage';
                    break;
                default:
                    $rdcdesc='Savings';
                    break;
            }
            $rdcmember = $drow['rdcmember'];
            if (strpos($accounttype, "@")) {
                list($jtype,$jacct) = explode("@",$accounttype);
                $trust = 'joint';
            } else {
                $jtype=$accounttype;
                $jacct=$MBRACCT;
                $trust = 'primary';
            }
            $tokn = sha1("${Uid}${accounttype}${Cu}${rdctype}obl1vi0u5");


            $desc = getAccountDescription($dbh, $Cu, $drow['accountnumber'], $drow['description'], $drow['accounttype'], $drow['display_name'], $Fset3, $drow['certnumber'], false, false);
            $desc = htmlspecialchars($desc, ENT_QUOTES,'UTF-8',FALSE);
            $displaydesc = $desc;

            $Accts["$tbl|$jacct|$jtype|$cert"]['accounttype'] = $accounttype;
            $Accts["$tbl|$jacct|$jtype|$cert"]['suffix'] = $suffix;
            $Accts["$tbl|$jacct|$jtype|$cert"]['certnumber'] = $cert;
            $Accts["$tbl|$jacct|$jtype|$cert"]['acctclass'] = $tbl;
            $Accts["$tbl|$jacct|$jtype|$cert"]['description'] = $desc;
            $Accts["$tbl|$jacct|$jtype|$cert"]['tokn'] = "$tokn";
            $Accts["$tbl|$jacct|$jtype|$cert"]['Uid'] = "$Uid";
            $Accts["$tbl|$jacct|$jtype|$cert"]['trust'] = "$trust";
            $Accts["$tbl|$jacct|$jtype|$cert"]['displaydesc'] = "$displaydesc";
            $Accts["$tbl|$jacct|$jtype|$cert"]['rdctype'] = $rdctype;
            $Accts["$tbl|$jacct|$jtype|$cert"]['rdcdesc'] = $rdcdesc;
            $Accts["$tbl|$jacct|$jtype|$cert"]['rdcmember'] = $rdcmember;
        }
    }
    if (!empty($Acctid)) {
        # got an account identifier - return one only
        $AcctList['data'][$Acctid]=$Accts[$Acctid];
    } else {
        $AcctList['data']=$Accts;
    }

     return ($AcctList);
}

/**
 *
 * @param array $parms
 * @param array $hculist
 *          valid RDC accounts on record at HomeCU
 * @param type $rdcsent
 *          valid RDC accounts returned from vendor
 * @param type $rdcterms
 *          terms of use returned from vendor
 * @return array
 *  ['data']['accounts'] list of valid accounts
 * each entry looks like this:
 *                    ['D|666665|50|0'] => Array
                        (
                            ['suffix'] => 50
                            ['certnumber'] => 0
                            ['acctclass'] => D
                            ['description'] => REGULAR SHARES - 50
                            ['tokn'] => a9a525ac33035b7c3845809443c5eed626297e0f
                            ['member'] => 666665
                            ['tomember'] => 666665
                            ['trust'] => primary
                            ['displaydesc'] => REGULAR SHARES - 50
                            ['rdctype'] => 0
                            ['rdcdesc'] =>
 *  RDCAcctId is used by Ensenta only - comes back from shared branching call
                            ['RDCAcctId'] => 1
                        )
 * Note that for Ensenta we pass a list of accounts on the 'start session' call
 * if the client uses shared branching, Ensenta returns list of shared branching
 * accounts, or if batch they return the same list we sent.
 * We need to parse through the list they send to record the account identifier
 * they will recognize & which we are required to use when making the deposit.
 *
 *  ['data']['terms'] terms of use (if any) returned from rdc vendor
 *  ['data'] array also contains any values returned from rdc vendor on
 *              start session call.  For Ensenta, these include:
 *           ['ResponseCode'] => 00
 *           ['SessionStateId'] => 55121227-e3ea-4524-8e34-dec9b199a3f3
 *           ['IsTermsAcceptanceRequired'] => false
 *           ['IsBlackListed'] => false
 *           ['ReceiptEmail'] =>
 *           ['accounts'] => Array
 *
 */
function RDCPresentAccounts($parms, $hculist, $rdcsent, $rdcterms) {
            # build array list to send to app
            # include depositid
            # include terms to be accepted if they are provided
            # include labels acctttl, descttl
            $pass_along = $rdcsent; # GetReviewLimits result
            $pass_along['data']['accounts']=$hculist['data'];
            # Bluepoint doesn't filter accounts, just pass what we got from DB
            # Bluepoint doesn't serve terms 12/5/2014 now serving from HCU
            if (sizeof($rdcterms) > 0)
                $pass_along['data']['terms'] = $rdcterms['data']['terms'];
            $pass_along['status']['response'] = 'true';
            $pass_along['status']['code'] = '000';
            $pass_along['status']['message'] = 'Success';
    return $pass_along;
}

function bluepointGetActiveStatus($parms) {
# uses: $parms['UIN']
#       $parms['AdminID']
#       $parms['AdminPass']
#       $parms['RTN']
#       $parms['MBRACCT']
#
    try {
        if (!isset($parms['UIN']) || !isset($parms['serviceurl']) ||
            !isset($parms['AdminID']) ||
            !isset($parms['AdminPass']) ||
            !isset($parms['RTN']) ||
            !isset($parms['MBRACCT'])) {
            throw new Exception("Missing Parameters");
        }
        $parms['AdminPass'] = htmlentities($parms['AdminPass'],ENT_COMPAT | ENT_XML1);

        $soapString = '<?xml version="1.0" encoding="utf-8"?>';


        $soapString .= "\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:blu=\"http://bluepoint.com/\">";
        $soapString .= "\n<soapenv:Header/>";
        $soapString .= "\n<soapenv:Body>";
        $soapString .= "<blu:GetCustomerActiveStatus>
         <blu:request>
            <blu:UIN>{$parms['UIN']}</blu:UIN>
            <blu:AdminID>{$parms['AdminID']}</blu:AdminID>
            <blu:AdminPassword>{$parms['AdminPass']}</blu:AdminPassword>
            <blu:RTN>{$parms['RTN']}</blu:RTN>
            <blu:UserID>{$parms['MBRACCT']}</blu:UserID>
         </blu:request>
      </blu:GetCustomerActiveStatus>
   </soapenv:Body>
</soapenv:Envelope>\n";

        $cmd = "/usr/bin/curl --silent --data-binary '$soapString' -H 'Content-Type: text/xml; charset=utf-8'";
        $cmd .= " -H 'SOAPAction: \"http://bluepoint.com/IMobileVendorService/GetCustomerActiveStatus\"'";
        $cmd .= " {$parms['serviceurl']}";
//        $response = getcurl($cmd);

        $soapHeaders = array();
        $soapHeaders[] = "Content-Type: text/xml; charset=utf-8";
        $soapHeaders[] = 'SOAPAction: "http://bluepoint.com/IMobileVendorService/GetCustomerActiveStatus"';
        $response = embcurl($soapString, $soapHeaders, $parms['serviceurl']);


    if ($parms["logging"] == "enabled") {
        $logParms = $parms["environment"];                      // get the environment info passed in
        $logParms["SSOVendor"] = $parms['rdcvendor'];
        $logParms["token"] = HCU_array_key_value('Token',$parms);                   // the id used across all communications in session
        $logParms["txnId"] = time();                            // the id for this transaction
        $logParms["logPoint"] = "GetActiveStatus";                 // this action in a readable form
        $logParms["request"] = $cmd;                            // the request
        $logParms["reply"] = $response;                         // the response
        LogSSOActivity($logParms);
    }
        $pos = strpos ( $response , 'HCUERROR: ' );
        if ($pos !== false ) {
            throw new Exception(substr($response,$pos));
        }
        if (empty($response)) {
            throw new Exception("Empty Response");
        }
        # call parse function to format response array
        $xmlreturn = bluepointGetXMLResponse($response, 'GetCustomerActiveStatusResult', 'http://bluepoint.com/');
        if (!is_array($xmlreturn)) {
            throw new Exception("RDC Invalid XML Response");
        }
        if (HCU_array_key_value('faultcode',$xmlreturn)) {
            throw new Exception("RDC Fault {$xmlreturn['faultcode']} " . HCU_array_key_value('faultstring',$xmlreturn));
        }
        $return['status']['response'] = 'true';
        $return['status']['code'] = '000';
        $return['status']['message'] = 'Success';
        $return['data'] = $xmlreturn[0];

    } catch (Exception $e) {
        $return['status']['response'] = 'false';
        $return['status']['message'] = $e->getMessage();
    }
    return $return;
}
function bluepointGetCustomerHistory($parms) {
# uses: $parms['UIN']
#       $parms['AdminID']
#       $parms['AdminPass']
#       $parms['RTN']
#       $parms['MBRACCT']
#
try {
    if (!isset($parms['UIN']) || !isset($parms['serviceurl']) ||
            !isset($parms['AdminID']) ||
            !isset($parms['AdminPass']) ||
            !isset($parms['RTN']) ||
            !isset($parms['MBRACCT']) ) {
                throw new Exception("Missing Parameters");
    }

    $parms['AdminPass'] = htmlentities($parms['AdminPass'],ENT_COMPAT | ENT_XML1);


    $soapString = '<?xml version="1.0" encoding="utf-8"?>';
    $soapString .= "\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:blu=\"http://bluepoint.com/\">";
    $soapString .= "\n<soapenv:Header/>";
    $soapString .= "\n<soapenv:Body>";
    $soapString .= "<blu:GetCustomerHistory>
         <blu:request>
            <blu:UIN>{$parms['UIN']}</blu:UIN>
            <blu:AdminID>{$parms['AdminID']}</blu:AdminID>
            <blu:AdminPassword>{$parms['AdminPass']}</blu:AdminPassword>
            <blu:RTN>{$parms['RTN']}</blu:RTN>
            <blu:UserID>{$parms['MBRACCT']}</blu:UserID>
         </blu:request>
      </blu:GetCustomerHistory>
   </soapenv:Body>
</soapenv:Envelope>\n";

    $cmd = "/usr/bin/curl --silent --data-binary '$soapString' -H 'Content-Type: text/xml; charset=utf-8'";
    $cmd .= " -H 'SOAPAction: \"http://bluepoint.com/IMobileVendorService/GetCustomerHistory\"'";
    $cmd .= " {$parms['serviceurl']}";

//    $response = getcurl($cmd);

        $soapHeaders = array();
        $soapHeaders[] = "Content-Type: text/xml; charset=utf-8";
        $soapHeaders[] = 'SOAPAction: "http://bluepoint.com/IMobileVendorService/GetCustomerHistory"';
        $response = embcurl($soapString, $soapHeaders, $parms['serviceurl']);

    if ($parms["logging"] == "enabled") {
        $logParms = $parms["environment"];                      // get the environment info passed in
        $logParms["SSOVendor"] = $parms['rdcvendor'];
        $logParms["token"] = HCU_array_key_value('Token',$parms);                   // the id used across all communications in session
        $logParms["txnId"] = time();                            // the id for this transaction
        $logParms["logPoint"] = "GetCustomerHistory";                 // this action in a readable form
        $logParms["request"] = $cmd;                            // the request
        $logParms["reply"] = $response;                         // the response
        LogSSOActivity($logParms);
    }

    $pos = strpos ( $response , 'HCUERROR: ' );
    if ($pos !== false ) {
        throw new Exception(substr($response,$pos));
    }
    if (empty($response)) {
             throw new Exception("RDC No Response");
        }

        # call parse function to format response array
        $xmlreturn = bluepointGetXMLResponse($response, 'GetCustomerHistoryResult', 'http://bluepoint.com/');
        if (!is_array($xmlreturn)) {
            throw new Exception("RDC Invalid XML Response");
        }
        if (HCU_array_key_value('faultcode',$xmlreturn)) {
            throw new Exception("RDC Fault {$xmlreturn['faultcode']} " . HCU_array_key_value('faultstring',$xmlreturn));
        }

        $return['data']=$xmlreturn[0];
        // bluepoint returns empty message array -
        // no example so don't know what to do with it
        // ignore for now
//        $xmlitems = bluepointGetXMLResponse($response, 'Messages', 'http://bluepoint.com/');
//        if (!is_array($xmlitems)) {
//            throw new Exception("RDC Invalid Messages List");
//        }
//        $return['data']['Messages']=$xmlitems;
//        $xmlitems = bluepointGetLimitList($response, 'ItemInfo', 'http://bluepoint.com/');
        $xmlitems = bluepointGetXMLResponse($response, 'ItemInfo', 'http://bluepoint.com/');
        if (!is_array($xmlitems)) {
            throw new Exception("RDC Invalid ItemInfo");
        }
        if (HCU_array_key_value('faultcode',$xmlitems)) {
            throw new Exception("RDC Fault {$xmlitems['faultcode']} " . HCU_array_key_value('faultstring',$xmlitems));
        }

        $return['status']['response'] = 'true';
        $return['status']['code'] = '000';
        $return['status']['message'] = 'Success';
        $return['data']['ItemList']=$xmlitems;
        $return['data']['raw']=$response;
//        $return['request']=$soapString;

    } catch (Exception $e) {
        $return['status']['response'] = 'false';
        $return['status']['message'] = $e->getMessage();
        $return['data'] = array();
    }
    return $return;
}

function bluepointGetReviewLimits($parms) {
# uses: $parms['UIN']
#       $parms['AdminID']
#       $parms['AdminPass']
#       $parms['RTN']
#       $parms['MBRACCT']
#
try {
    if (!isset($parms['UIN']) || !isset($parms['serviceurl']) ||
            !isset($parms['AdminID']) ||
            !isset($parms['AdminPass']) ||
            !isset($parms['RTN']) ||
            !isset($parms['MBRACCT']) ) {
                 throw new Exception("Missing Parameters");
        }

        $parms['AdminPass'] = htmlentities($parms['AdminPass'],ENT_COMPAT | ENT_XML1);

    $soapString = '<?xml version="1.0" encoding="utf-8"?>';
    $soapString .= "\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:blu=\"http://bluepoint.com/\">";
    $soapString .= "\n<soapenv:Header/>";
    $soapString .= "\n<soapenv:Body>";
    $soapString .= "<blu:GetReviewLimits>
         <blu:request>
            <blu:UIN>{$parms['UIN']}</blu:UIN>
            <blu:AdminID>{$parms['AdminID']}</blu:AdminID>
            <blu:AdminPassword>{$parms['AdminPass']}</blu:AdminPassword>
            <blu:RTN>{$parms['RTN']}</blu:RTN>
            <blu:UserID>{$parms['MBRACCT']}</blu:UserID>
         </blu:request>
      </blu:GetReviewLimits>
   </soapenv:Body>
</soapenv:Envelope>\n";

//    $cmd = "/usr/bin/curl --sslv3 --trace /tmp/bptrx --data-binary '$soapString' -H 'Content-Type: text/xml; charset=utf-8'";
    $cmd = "/usr/bin/curl --silent --data-binary '$soapString' -H 'Content-Type: text/xml; charset=utf-8'";
    $cmd .= " -H 'SOAPAction: \"http://bluepoint.com/IMobileVendorService/GetReviewLimits\"'";
    $cmd .= " {$parms['serviceurl']}";
//    $response = getcurl($cmd);

    $soapHeaders = array();
    $soapHeaders[] = "Content-Type: text/xml; charset=utf-8";
    $soapHeaders[] = 'SOAPAction: "http://bluepoint.com/IMobileVendorService/GetReviewLimits"';

    $response = embcurl($soapString,$soapHeaders,$parms['serviceurl']);

    if ($parms["logging"] == "enabled") {
        $logParms = $parms["environment"];                      // get the environment info passed in
        $logParms["SSOVendor"] = $parms['rdcvendor'];
        $logParms["token"] = HCU_array_key_value('Token',$parms);                   // the id used across all communications in session
        $logParms["txnId"] = time();                            // the id for this transaction
        $logParms["logPoint"] = "GetReviewLimits";                 // this action in a readable form
        $logParms["request"] = $cmd;                            // the request
        $logParms["reply"] = $response;                         // the response
        LogSSOActivity($logParms);
    }

    $pos = strpos ( $response , 'HCUERROR: ' );
    if ($pos !== false ) {
        throw new Exception(substr($response,$pos));
    }
    if (empty($response)) {
        throw new Exception("RDC No Response");
    }
        # call parse function to format response array
        $xmlreturn = bluepointGetXMLResponse($response, 'LimitValue', 'http://bluepoint.com/');
        if (!is_array($xmlreturn)) {
            throw new Exception("RDC Invalid LimitValue Response");
        }
        if (HCU_array_key_value('faultcode',$xmlreturn)) {
            throw new Exception("RDC Fault {$xmlreturn['faultcode']} " . HCU_array_key_value('faultstring',$xmlreturn));
        }

        $return['status']['response'] = 'true';
        $return['status']['code'] = '000';
        $return['status']['message'] = 'Success';
        foreach ($xmlreturn as $val) {
           $return['data']['Limits'][$val['Limit']] = $val['Value'];
        }

    } catch (Exception $e) {
        $return['status']['response'] = 'false';
        $return['status']['message'] = $e->getMessage();
        $return['data'] = array();
    }
    return $return;
}

function bluepointDepositItem($parms) {
# uses: $parms['partnerid']
#       $parms['serviceurl']
#       $parms['certfile']
#       $parms['SessionStateId']
#       $parms['amount']

    try {
        if (!isset($parms['UIN']) || !isset($parms['serviceurl']) ||
            !isset($parms['AdminID']) || !isset($parms['AdminPass']) ||
            !isset($parms['RTN']) || !isset($parms['AccountNumber']) ||
            !isset($parms['CheckFront']) || !isset($parms['CheckBack']) ||
            !isset($parms['amount'])) {
                throw new Exception("Missing Parameters");
        }

        $deposittime = date('c');

        $parms['AdminPass'] = htmlentities($parms['AdminPass'],ENT_COMPAT | ENT_XML1);

        $soapString = '<?xml version="1.0" encoding="utf-8"?>';
        $soapString .= "\n<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:blu=\"http://bluepoint.com/\">
   <soapenv:Header/>
   <soapenv:Body>
   <blu:DepositItem>
         <blu:request>
            <blu:UIN>{$parms['UIN']}</blu:UIN>
            <blu:AdminID>{$parms['AdminID']}</blu:AdminID>
            <blu:AdminPassword>{$parms['AdminPass']}</blu:AdminPassword>
            <blu:RTN>{$parms['RTN']}</blu:RTN>
            <blu:Amount>{$parms['amount']}</blu:Amount>
            <blu:AccountNumber>{$parms['AccountNumber']}</blu:AccountNumber>
            <blu:UserID>{$parms['MBRACCT']}</blu:UserID>
            <blu:Base64FrontImage>{$parms['CheckFront']}</blu:Base64FrontImage>
            <blu:Base64BackImage>{$parms['CheckBack']}</blu:Base64BackImage>
            <blu:AccountType>{$parms['AccountType']}</blu:AccountType>
         </blu:request>
      </blu:DepositItem>
   </soapenv:Body>
</soapenv:Envelope>\n";


        $cmd = "/usr/bin/curl --silent --data-binary '$soapString' -H 'Content-Type: text/xml; charset=utf-8'";
        $cmd .= " -H 'SOAPAction: \"http://bluepoint.com/IMobileVendorService/DepositItem\"'";
        $cmd .= " {$parms['serviceurl']}";
//    $response = getcurl($cmd);
        /*
         * rolling out to command-line curl with images to upload causes 'argument list too long' error from curl.  So use embedded curl instead
         */
        $soapHeaders = array();
        $soapHeaders[] = "Content-Type: text/xml; charset=utf-8";
        $soapHeaders[] = 'SOAPAction: "http://bluepoint.com/IMobileVendorService/DepositItem"';
        $response = embcurl($soapString, $soapHeaders, $parms['serviceurl']);

    if ($parms["logging"] == "enabled") {
        $logParms = $parms["environment"];                      // get the environment info passed in
        $logParms["SSOVendor"] = $parms['rdcvendor'];
        $logParms["token"] = $parms['Token'];                   // the id used across all communications in session
        $logParms["txnId"] = time();                            // the id for this transaction
        $logParms["logPoint"] = "DepositItem";                 // this action in a readable form
        $logParms["request"] = $cmd;                            // the request
        $logParms["reply"] = $response;                         // the response
        LogSSOActivity($logParms);
    }

        $pos = strpos ( $response , 'HCUERROR: ' );
        if ($pos !== false ) {
            throw new Exception(substr($response,$pos));
        }
        if (empty($response)) {
            throw new Exception("RDC No Response");
        }
        # call parse function to format response array

        $xmlreturn = bluepointGetXMLResponse($response, 'DepositItemResult', 'http://bluepoint.com/');
        if (!is_array($xmlreturn)) {
            throw new Exception("RDC Invalid XML Response");
        }
        if (HCU_array_key_value('faultcode',$xmlreturn)) {
            throw new Exception("RDC Fault {$xmlreturn['faultcode']} " . HCU_array_key_value('faultstring',$xmlreturn));
        }
        $return['status']['response'] = 'true';
        $return['status']['code'] = '000';
        $return['status']['message'] = 'Success';
        $return['data'] = $xmlreturn[0];

    } catch (Exception $e) {
        $return['status']['response'] = 'false';
        $return['status']['message'] = $e->getMessage();
        $return['data'] = array();
    }
    return $return;
}

function bluepointGetXMLResponse($rdcXML, $rdcCONT, $rdcNS) {
    try {
        $xml = simplexml_load_string($rdcXML,"SimpleXMLElement",LIBXML_NOWARNING);
        if (!is_object($xml)) {
            throw new Exception("Invalid XML");
        }

        $xml->registerXPathNamespace('s', "http://schemas.xmlsoap.org/soap/envelope/");
        $errorresponse = $xml->xpath("//s:Fault");
        if(is_array($errorresponse) && count($errorresponse)) {
            $resp_arr = array('faultcode' => $errorresponse[0]->faultcode,
                              'faultstring' => $errorresponse[0]->faultstring);
         } else {
        $xml->registerXPathNamespace('rdc', $rdcNS);
        $dataresponse = $xml->xpath("//rdc:$rdcCONT");
        $resp_arr = objectToArray($dataresponse);
        }

    } catch (Exception $e) {
        $resp_arr = false;
    }
    return $resp_arr;
}

?>