--- /tmp/dsg/dolibarr/htdocs/public/stripe/github_confirm_payment.php +++ /tmp/dsg/dolibarr/htdocs/public/stripe/client_confirm_payment.php @@ -17,10 +17,8 @@ // TODO Do we really need this page. We alread have a ipn.php page ! -if (!defined('NOLOGIN')) define("NOLOGIN", 1); // This means this output page does not require to be logged. -if (!defined('NOCSRFCHECK')) define("NOCSRFCHECK", 1); // We accept to go on this page from external web site. -if (!defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -if (!defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); +define("NOLOGIN", 1); // This means this output page does not require to be logged. +define("NOCSRFCHECK", 1); // We accept to go on this page from external web site. $entity = (!empty($_GET['entity']) ? (int) $_GET['entity'] : (!empty($_POST['entity']) ? (int) $_POST['entity'] : 1)); if (is_numeric($entity)) define("DOLENTITY", $entity); @@ -50,18 +48,23 @@ $endpoint_secret = $conf->global->STRIPE_TEST_WEBHOOK_CONNECT_KEY; $service = 'StripeTest'; $servicestatus = 0; - } else { + } + else + { $endpoint_secret = $conf->global->STRIPE_LIVE_WEBHOOK_CONNECT_KEY; $service = 'StripeLive'; - $servicestatus = 1; + $servicestatus = 1; } -} else { +} +else { if (isset($_GET['test'])) { $endpoint_secret = $conf->global->STRIPE_TEST_WEBHOOK_KEY; $service = 'StripeTest'; $servicestatus = 0; - } else { + } + else + { $endpoint_secret = $conf->global->STRIPE_LIVE_WEBHOOK_KEY; $service = 'StripeLive'; $servicestatus = 1; @@ -102,28 +105,28 @@ $intent = null; try { - if (isset($json_obj->payment_method_id)) { - // Create the PaymentIntent - $intent = \Stripe\PaymentIntent::create(array( - 'payment_method' => $json_obj->payment_method_id, - 'amount' => 1099, - 'currency' => 'eur', - 'confirmation_method' => 'manual', - 'confirm' => true, - )); - } - if (isset($json_obj->payment_intent_id)) { - $intent = \Stripe\PaymentIntent::retrieve( - $json_obj->payment_intent_id - ); - $intent->confirm(); - } - generatePaymentResponse($intent); + if (isset($json_obj->payment_method_id)) { + // Create the PaymentIntent + $intent = \Stripe\PaymentIntent::create(array( + 'payment_method' => $json_obj->payment_method_id, + 'amount' => 1099, + 'currency' => 'eur', + 'confirmation_method' => 'manual', + 'confirm' => true, + )); + } + if (isset($json_obj->payment_intent_id)) { + $intent = \Stripe\PaymentIntent::retrieve( + $json_obj->payment_intent_id + ); + $intent->confirm(); + } + generatePaymentResponse($intent); } catch (\Stripe\Error\Base $e) { - // Display error on client - echo json_encode(array( - 'error' => $e->getMessage() - )); + // Display error on client + echo json_encode(array( + 'error' => $e->getMessage() + )); } /** @@ -134,25 +137,25 @@ */ function generatePaymentResponse($intent) { - if ($intent->status == 'requires_source_action' && - $intent->next_action->type == 'use_stripe_sdk') { - // Tell the client to handle the action - echo json_encode(array( - 'requires_action' => true, - 'payment_intent_client_secret' => $intent->client_secret - )); - } elseif ($intent->status == 'succeeded') { - // The payment didn’t need any additional actions and completed! - // Handle post-payment fulfillment + if ($intent->status == 'requires_source_action' && + $intent->next_action->type == 'use_stripe_sdk') { + // Tell the client to handle the action + echo json_encode(array( + 'requires_action' => true, + 'payment_intent_client_secret' => $intent->client_secret + )); + } elseif ($intent->status == 'succeeded') { + // The payment didn’t need any additional actions and completed! + // Handle post-payment fulfillment - // TODO + // TODO - echo json_encode(array( - "success" => true - )); - } else { - // Invalid status - http_response_code(500); - echo json_encode(array('error' => 'Invalid PaymentIntent status')); - } + echo json_encode(array( + "success" => true + )); + } else { + // Invalid status + http_response_code(500); + echo json_encode(array('error' => 'Invalid PaymentIntent status')); + } } --- /tmp/dsg/dolibarr/htdocs/public/stripe/github_ipn.php +++ /tmp/dsg/dolibarr/htdocs/public/stripe/client_ipn.php @@ -1,6 +1,6 @@ - * Copyright (C) 2018 Frédéric France +/* Copyright (C) 2018 Thibault FOUCART + * Copyright (C) 2018 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -16,10 +16,8 @@ * along with this program. If not, see . */ -if (!defined('NOLOGIN')) define("NOLOGIN", 1); // This means this output page does not require to be logged. -if (!defined('NOCSRFCHECK')) define("NOCSRFCHECK", 1); // We accept to go on this page from external web site. -if (!defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -if (!defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); +define("NOLOGIN", 1); // This means this output page does not require to be logged. +define("NOCSRFCHECK", 1); // We accept to go on this page from external web site. $entity = (!empty($_GET['entity']) ? (int) $_GET['entity'] : (!empty($_POST['entity']) ? (int) $_POST['entity'] : 1)); if (is_numeric($entity)) define("DOLENTITY", $entity); @@ -50,18 +48,23 @@ $endpoint_secret = $conf->global->STRIPE_TEST_WEBHOOK_CONNECT_KEY; $service = 'StripeTest'; $servicestatus = 0; - } else { + } + else + { $endpoint_secret = $conf->global->STRIPE_LIVE_WEBHOOK_CONNECT_KEY; $service = 'StripeLive'; - $servicestatus = 1; - } -} else { + $servicestatus = 1; + } +} +else { if (isset($_GET['test'])) { $endpoint_secret = $conf->global->STRIPE_TEST_WEBHOOK_KEY; $service = 'StripeTest'; $servicestatus = 0; - } else { + } + else + { $endpoint_secret = $conf->global->STRIPE_LIVE_WEBHOOK_KEY; $service = 'StripeLive'; $servicestatus = 1; @@ -70,9 +73,9 @@ if (empty($endpoint_secret)) { - print 'Error: Setup of module Stripe not complete for mode '.$service.'. The WEBHOOK_KEY is not defined.'; - http_response_code(400); // PHP 5.4 or greater - exit(); + print 'Error: Setup of module Stripe not complete for mode '.$service.'. The WEBHOOK_KEY is not defined.'; + http_response_code(400); // PHP 5.4 or greater + exit(); } @@ -88,7 +91,8 @@ try { $event = \Stripe\Webhook::constructEvent($payload, $sig_header, $endpoint_secret); -} catch (\UnexpectedValueException $e) { +} +catch (\UnexpectedValueException $e) { // Invalid payload http_response_code(400); // PHP 5.4 or greater exit(); @@ -111,7 +115,7 @@ { $sql = "SELECT entity"; $sql .= " FROM ".MAIN_DB_PREFIX."oauth_token"; - $sql .= " WHERE service = '".$db->escape($service)."' and tokenstring LIKE '%".$db->escape($event->account)."%'"; + $sql .= " WHERE service = '".$db->escape($service)."' and tokenstring = '%".$db->escape($event->account)."%'"; dol_syslog(get_class($db)."::fetch", LOG_DEBUG); $result = $db->query($sql); @@ -121,13 +125,17 @@ { $obj = $db->fetch_object($result); $key = $obj->entity; - } else { + } + else { $key = 1; } - } else { + } + else { $key = 1; } $ret = $mc->switchEntity($key); + if (!$res && file_exists("../../main.inc.php")) $res = @include "../../main.inc.php"; + if (!$res) die("Include of main fails"); } // list of action @@ -148,44 +156,47 @@ if ($result > 0) { - $subject = $societeName.' - [NOTIFICATION] Stripe payout scheduled'; - if (!empty($user->email)) { - $sendto = dolGetFirstLastname($user->firstname, $user->lastname)." <".$user->email.">"; - } else { - $sendto = $conf->global->MAIN_INFO_SOCIETE_MAIL.'" <'.$conf->global->MAIN_INFO_SOCIETE_MAIL.'>'; - } - $replyto = $sendto; - $sendtocc = ''; - if (!empty($conf->global->ONLINE_PAYMENT_SENDEMAIL)) { - $sendtocc = $conf->global->ONLINE_PAYMENT_SENDEMAIL.'" <'.$conf->global->ONLINE_PAYMENT_SENDEMAIL.'>'; - } - - $message = "A bank transfer of ".price2num($event->data->object->amount / 100)." ".$event->data->object->currency." should arrive in your account the ".dol_print_date($event->data->object->arrival_date, 'dayhour'); - - $mailfile = new CMailFile( - $subject, - $sendto, - $replyto, - $message, - array(), - array(), - array(), - $sendtocc, - '', - 0, - -1 - ); - - $ret = $mailfile->sendfile(); - - http_response_code(200); // PHP 5.4 or greater - return 1; - } else { + $subject = $societeName.' - [NOTIFICATION] Stripe payout scheduled'; + if (!empty($user->email)) { + $sendto = dolGetFirstLastname($user->firstname, $user->lastname)." <".$user->email.">"; + } else { + $sendto = $conf->global->MAIN_INFO_SOCIETE_MAIL.'" <'.$conf->global->MAIN_INFO_SOCIETE_MAIL.'>'; + } + $replyto = $sendto; + $sendtocc = ''; + if (!empty($conf->global->ONLINE_PAYMENT_SENDEMAIL)) { + $sendtocc = $conf->global->ONLINE_PAYMENT_SENDEMAIL.'" <'.$conf->global->ONLINE_PAYMENT_SENDEMAIL.'>'; + } + + $message = "A bank transfer of ".price2num($event->data->object->amount / 100)." ".$event->data->object->currency." should arrive in your account the ".dol_print_date($event->data->object->arrival_date, 'dayhour'); + + $mailfile = new CMailFile( + $subject, + $sendto, + $replyto, + $message, + array(), + array(), + array(), + $sendtocc, + '', + 0, + -1 + ); + + $ret = $mailfile->sendfile(); + + http_response_code(200); // PHP 5.4 or greater + return 1; + } + else + { $error++; http_response_code(500); // PHP 5.4 or greater return -1; } -} elseif ($event->type == 'payout.paid') { +} +elseif ($event->type == 'payout.paid') { global $conf; $error = 0; $result = dolibarr_set_const($db, $service."_NEXTPAYOUT", null, 'chaine', 0, '', $conf->entity); @@ -240,7 +251,7 @@ $message = "A bank transfer of ".price2num($event->data->object->amount / 100)." ".$event->data->object->currency." has been done to your account the ".dol_print_date($event->data->object->arrival_date, 'dayhour'); - $mailfile = new CMailFile( + $mailfile = new CMailFile( $subject, $sendto, $replyto, @@ -258,32 +269,42 @@ http_response_code(200); // PHP 5.4 or greater return 1; - } else { + } + else + { $error++; http_response_code(500); // PHP 5.4 or greater return -1; } -} elseif ($event->type == 'customer.source.created') { +} +elseif ($event->type == 'customer.source.created') { //TODO: save customer's source -} elseif ($event->type == 'customer.source.updated') { +} +elseif ($event->type == 'customer.source.updated') { //TODO: update customer's source -} elseif ($event->type == 'customer.source.delete') { +} +elseif ($event->type == 'customer.source.delete') { //TODO: delete customer's source -} elseif ($event->type == 'customer.deleted') { - $db->begin(); - $sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_account WHERE key_account = '".$db->escape($event->data->object->id)."' and site='stripe'"; - $db->query($sql); - $db->commit(); -} elseif ($event->type == 'payment_intent.succeeded') { // Called when making payment with PaymentIntent method ($conf->global->STRIPE_USE_NEW_CHECKOUT is on). +} +elseif ($event->type == 'customer.deleted') { + $db->begin(); + $sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_account WHERE key_account = '".$db->escape($event->data->object->id)."' and site='stripe'"; + $db->query($sql); + $db->commit(); +} +elseif ($event->type == 'payment_intent.succeeded') { // Called when making payment with PaymentIntent method ($conf->global->STRIPE_USE_NEW_CHECKOUT is on). // TODO: create fees // TODO: Redirect to paymentok.php -} elseif ($event->type == 'payment_intent.payment_failed') { - // TODO: Redirect to paymentko.php -} elseif ($event->type == 'checkout.session.completed') // Called when making payment with new Checkout method ($conf->global->STRIPE_USE_NEW_CHECKOUT is on). +} +elseif ($event->type == 'payment_intent.payment_failed') { + // TODO: Redirect to paymentko.php +} +elseif ($event->type == 'checkout.session.completed') // Called when making payment with new Checkout method ($conf->global->STRIPE_USE_NEW_CHECKOUT is on). { // TODO: create fees // TODO: Redirect to paymentok.php -} elseif ($event->type == 'payment_method.attached') { +} +elseif ($event->type == 'payment_method.attached') { require_once DOL_DOCUMENT_ROOT.'/societe/class/companypaymentmode.class.php'; require_once DOL_DOCUMENT_ROOT.'/societe/class/societeaccount.class.php'; $societeaccount = new SocieteAccount($db); @@ -322,11 +343,14 @@ if (!$error) { $db->commit(); - } else { + } + else + { $db->rollback(); } } -} elseif ($event->type == 'payment_method.updated') { +} +elseif ($event->type == 'payment_method.updated') { require_once DOL_DOCUMENT_ROOT.'/societe/class/companypaymentmode.class.php'; $companypaymentmode = new CompanyPaymentMode($db); $companypaymentmode->fetch(0, '', 0, '', " AND stripe_card_ref = '".$db->escape($event->data->object->id)."'"); @@ -356,20 +380,26 @@ if (!$error) { $db->commit(); - } else { + } + else + { $db->rollback(); } -} elseif ($event->type == 'payment_method.detached') { +} +elseif ($event->type == 'payment_method.detached') { $db->begin(); - $sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_rib WHERE number = '".$db->escape($event->data->object->id)."' and status = ".$servicestatus; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_rib WHERE ref = '".$db->escape($event->data->object->id)."' and status = ".$servicestatus; $db->query($sql); $db->commit(); -} elseif ($event->type == 'charge.succeeded') { - // TODO: create fees - // TODO: Redirect to paymentok.php -} elseif ($event->type == 'charge.failed') { - // TODO: Redirect to paymentko.php -} elseif (($event->type == 'source.chargeable') && ($event->data->object->type == 'three_d_secure') && ($event->data->object->three_d_secure->authenticated == true)) { +} +elseif ($event->type == 'charge.succeeded') { + // TODO: create fees + // TODO: Redirect to paymentok.php +} +elseif ($event->type == 'charge.failed') { + // TODO: Redirect to paymentko.php +} +elseif (($event->type == 'source.chargeable') && ($event->data->object->type == 'three_d_secure') && ($event->data->object->three_d_secure->authenticated == true)) { // This event is deprecated. }