Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Magento Payment Review/Suspected Fraud workflow

Tags:

php

status

magento

I'm working on a Magento store where the client has requested a few custom filters on orders so that they can be manually reviewed before being sent off to fulfillment. When these cases come up, the orders are marked with the built in Payment Review / Suspected Fraud state/status.

My problem is that, in the admin interface, you don't seem to be able to do much with an order in the Payment Review state. I added a custom 'Approve'-type button for manual approval of the order, but if it's reviewed and confirmed as fraud, what is the expected action to take? I would think to cancel or refund the order but that doesn't seem to be allowed. Checking canCancel or canCreditmemo on the order returns false. Would it be better to use a Hold state or something over Payment Review for a scenario like this?

like image 846
Chris Forrette Avatar asked Dec 13 '22 14:12

Chris Forrette

1 Answers

Rather than overriding the Mage_Sales_Model_Order object (not really ideal), I've discovered some existing hooks in the Magento toolkit that can enable administrator actions after an Order is flagged using the Suspected Fraud status. To enable these, the following steps are required:

In your payment method (inheriting from Mage_Payment_Model_Method_Abstract), add the following: 

    protected $_canReviewPayment  = true;

    public function acceptPayment(Mage_Payment_Model_Info $payment) {
        parent::acceptPayment($payment);
        //perform gateway actions to remove Fraud flags. Capture should not occur here
        return true;
        //returning true will trigger a capture on any existing invoices, otherwise the admin can manually Invoice the order
    }

    public function denyPayment(Mage_Payment_Model_Info $payment) {
        parent::denyPayment($payment);
        //if your payment gateway supports it, you should probably void any pre-auth
        return true;  
    }

Magento's Order View block will check $order->canReviewPayment() which will look at the _canReviewPayment variable on the payment method, and if true, display two buttons on the Order View : "Accept Payment" and "Deny Payment". When clicked, the two new Payment Method functions we just added above will be called as appropriate.

If you have an Invoice associated with the Order already, that will be either be pay'd or cancel'd. Have a look at Mage_Sales_Model_Order_Payment::registerPaymentReviewAction for more detail.

like image 168
Jonathan Day Avatar answered Dec 23 '22 21:12

Jonathan Day
Sign in to Comment

Related questions

Is there an advantage to this hash for security?
Remove extra space at the end of string using preg_replace
include .phtml zend
Failed to get dynamic instance variables via PHP's reflection
__clone() vs unserialize(serialize())?
Scraping from a website that requires a login?
Is it safe to store a value in a session variable and make queries on the value?
PHP declaring empty arrays?
How can I send push notification to multiple devices in one go in iPhone?
How to send data to a PHP script and imediatelly get data back from the same script
PHP - Transform String to Float
How to generate Intelligent Mail® Barcode (OneCode) via PHP
Possible to manually set ID of new rows with RedBean PHP?
How to escape output in PHP
Why is debug_backtrace() using so much memory?
Is it ok to use £ as delimiter in preg_replace?
Can cookie size affect loading speed? (PHP)
PHP How to assign eval(0 to variable
PHP Thumbnail Image Generator Caching: How to set If-Last-Modified/Max-Age/Last-Modified HEADERS correctly in PHP?
Finding the longest dictionary word at the end of a string

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!