Home Verkennen Help
Inloggen
nightflyza
/
Ubilling
spiegel van https://github.com/nightflyza/Ubilling.git
Volgen 1
Ster 1
Vork 0
Bestanden Kwesties Wiki
Boom: f2d36c616d
Aftakkingen Labels
Ubilling
/
docs
/
openpayz
/
frontend
/
concordpay
/
index.php

index.php 5.1 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218 
  1. <?php
    2. 

  2. 

  3. // Frontend for accepting payments ConcordPay
    4. 

  4. // https://pay.concord.ua/docs/docs/ru/dispatcher.html
    5. 

  5. 

  6. // Connecting OpenPayz API.
    7. 

  7. include("../../libs/api.openpayz.php");
    8. 

  8. // Connecting ConcordPay API.
    9. 

  9. include("../../backend/concordpay/ConcordPay.php");
    10. 

  10. 

  11. // Debug mode with logging.
    12. 

  12. $debug = false;
    13. 

  13. 

  14. // Load config.
    15. 

  15. $conf_concordpay = parse_ini_file("../../backend/concordpay/config/concordpay.ini");
    16. 

  16. 

  17. // Get response JSON.
    18. 

  18. $rawRequest = file_get_contents("php://input");
    19. 

  19. $response   = json_decode($rawRequest, true);
    20. 

  20. 

  21. /**
    22. 

  22.  * Check for POST have needed variables
    23. 

  23.  *
    24. 

  24.  * @param $response
    25. 

  25.  * @return  bool
    26. 

  26.  */
    27. 

  27. function cp_CheckResponse($response)
    28. 

  28. {
    29. 

  29.     $requiredParameters = array(
    30. 

  30.         'merchantAccount',
    31. 

  31.         'orderReference',
    32. 

  32.         'amount',
    33. 

  33.         'currency',
    34. 

  34.         'merchantSignature',
    35. 

  35.         'transactionStatus',
    36. 

  36.         'type'
    37. 

  37.     );
    38. 

  38. 

  39.     $result = true;
    40. 

  40.     if (empty($response)) {
    41. 

  41.         return false;
    42. 

  42.     }
    43. 

  43. 

  44.     foreach ($requiredParameters as $param) {
    45. 

  45.         if (!isset($response[$param]) || empty($response[$param])) {
    46. 

  46.             $result = false;
    47. 

  47.             break;
    48. 

  48.         }
    49. 

  49.     }
    50. 

  50. 

  51.     return $result;
    52. 

  52. }
    53. 

  53. 

  54. /**
    55. 

  55.  * @return ConcordPay
    56. 

  56.  */
    57. 

  57. function cp_GetConcordpayInstance()
    58. 

  58. {
    59. 

  59.     global $conf_concordpay;
    60. 

  60.     if (isset($conf_concordpay['cp_instance']) && $conf_concordpay['cp_instance'] instanceof ConcordPay) {
    61. 

  61.         return $conf_concordpay['cp_instance'];
    62. 

  62.     }
    63. 

  63.     $conf_concordpay['cp_instance'] = new ConcordPay($conf_concordpay['SECRET_KEY']);
    64. 

  64. 

  65.     return $conf_concordpay['cp_instance'];
    66. 

  66. }
    67. 

  67. 

  68. /**
    69. 

  69.  * @param array $response
    70. 

  70.  * @return bool
    71. 

  71.  */
    72. 

  72. function cp_CheckSignature($response)
    73. 

  73. {
    74. 

  74.     $sign = cp_GetConcordpayInstance()->cp_GenerateResponseSignature($response);
    75. 

  75. 

  76.     return ($sign === $response['merchantSignature']);
    77. 

  77. }
    78. 

  78. 

  79. /**
    80. 

  80.  * @param $response
    81. 

  81.  * @return bool
    82. 

  82.  */
    83. 

  83. function cp_CheckOperationType($response)
    84. 

  84. {
    85. 

  85.     if (!isset($response['type']) || !in_array($response['type'], cp_GetConcordpayInstance()->cp_GetOperationTypes())) {
    86. 

  86.         return false;
    87. 

  87.     }
    88. 

  88.     return true;
    89. 

  89. }
    90. 

  90. 

  91. /**
    92. 

  92.  * @param $response
    93. 

  93.  * @return bool
    94. 

  94.  */
    95. 

  95. function cp_CheckTransactionStatus($response)
    96. 

  96. {
    97. 

  97.     if (!isset($response['transactionStatus'])
    98. 

  98.         || !in_array($response['transactionStatus'], array(ConcordPay::TRANSACTION_APPROVED, ConcordPay::TRANSACTION_DECLINED))
    99. 

  99.     ) {
    100. 

  100.         return false;
    101. 

  101.     }
    102. 

  102.     return true;
    103. 

  103. }
    104. 

  104. 

  105. /**
    106. 

  106.  * @return bool
    107. 

  107.  */
    108. 

  108. function cp_CheckCustomerid()
    109. 

  109. {
    110. 

  110.     $customerId=trim($_GET['customer_id']);
    111. 

  111.     if (!isset($_GET['customer_id']) || empty($customerId)) {
    112. 

  112.         return false;
    113. 

  113.     }
    114. 

  114. 

  115.     $allCustomers = op_CustomersGetAll();
    116. 

  116.     if (!array_key_exists(trim($_GET['customer_id']), $allCustomers)) {
    117. 

  117.         return false;
    118. 

  118.     }
    119. 

  119. 

  120.     return true;
    121. 

  121. }
    122. 

  122. 

  123. /**
    124. 

  124.  * Check is transaction unique?
    125. 

  125.  *
    126. 

  126.  * @param $hash - transaction hash
    127. 

  127.  *
    128. 

  128.  * @return bool
    129. 

  129.  */
    130. 

  130. function cp_CheckTransaction($hash)
    131. 

  131. {
    132. 

  132.     $hash = mysql_real_escape_string($hash);
    133. 

  133.     $query = "SELECT `id` from `op_transactions` WHERE `hash`='" . $hash . "'";
    134. 

  134.     $data = simple_query($query);
    135. 

  135.     if (!empty($data)) {
    136. 

  136.         return false;
    137. 

  137.     }
    138. 

  138.     return true;
    139. 

  139. }
    140. 

  140. 

  141. /**
    142. 

  142.  * Reports some error
    143. 

  143.  *
    144. 

  144.  * @param string $data
    145. 

  145.  *
    146. 

  146.  * @return void
    147. 

  147.  */
    148. 

  148. function cp_reportError($data)
    149. 

  149. {
    150. 

  150.     global $debug;
    151. 

  151.     header('HTTP/1.1 400 ' . $data . '"', true, 400);
    152. 

  152.     if ($debug) {
    153. 

  153.         file_put_contents('./debug.log', date("Y-m-d H:i:s") . ': ' . $data . "\n", FILE_APPEND);
    154. 

  154.         file_put_contents('./debug.log', print_r($_POST, true) . "\n", FILE_APPEND);
    155. 

  155.         file_put_contents('./debug.log', '=========================' . "\n", FILE_APPEND);
    156. 

  156.     }
    157. 

  157.     die($data);
    158. 

  158. }
    159. 

  159. 

  160. /**
    161. 

  161.  * Reports some success
    162. 

  162.  *
    163. 

  163.  * @param string $data
    164. 

  164.  *
    165. 

  165.  * @return void
    166. 

  166.  */
    167. 

  167. function cp_reportSuccess($data)
    168. 

  168. {
    169. 

  169.     global $debug;
    170. 

  170.     header('HTTP/1.1 200 ' . $data . '"', true, 200);
    171. 

  171.     if ($debug) {
    172. 

  172.         file_put_contents('./debug.log', date("Y-m-d H:i:s") . ': ' . $data . "\n", FILE_APPEND);
    173. 

  173.     }
    174. 

  174.     die($data);
    175. 

  175. }
    176. 

  176. 

  177. if (cp_CheckResponse($response) !== true) {
    178. 

  178.     cp_reportError($conf_concordpay['ERROR_NO_RESPONSE_DATA']);
    179. 

  179. }
    180. 

  180. 

  181. if (cp_CheckSignature($response) !== true) {
    182. 

  182.     cp_reportError($conf_concordpay['ERROR_WRONG_SIGNATURE']);
    183. 

  183. }
    184. 

  184. 

  185. if (cp_CheckOperationType($response) !== true) {
    186. 

  186.     cp_reportError($conf_concordpay['ERROR_WRONG_OPERATION_TYPE']);
    187. 

  187. }
    188. 

  188. 

  189. if (cp_CheckTransactionStatus($response) !== true) {
    190. 

  190.     cp_reportError($conf_concordpay['ERROR_WRONG_TRANSACTION_STATUS']);
    191. 

  191. }
    192. 

  192. 

  193. if (cp_CheckCustomerid() !== true) {
    194. 

  194.     cp_reportError($conf_concordpay['ERROR_UNKNOWN_CUSTOMER']);
    195. 

  195. }
    196. 

  196. 

  197. $hash       = $response['orderReference'];
    198. 

  198. $customerid = htmlspecialchars(trim($_GET['customer_id']));
    199. 

  199. $summ       = $response['amount'];
    200. 

  200. $paysys     = 'CONCORDPAY';
    201. 

  201. $note       = 'Transaction ID: ' . $response['transactionId'];
    202. 

  202. 

  203. if (cp_CheckTransaction($hash) !== true) {
    204. 

  204.     cp_reportError($conf_concordpay['ERROR_DOUBLE_PAYMENT']);
    205. 

  205. }
    206. 

  206. 

  207. if ($response['transactionStatus'] === ConcordPay::TRANSACTION_APPROVED) {
    208. 

  208.     if ($response['type'] === ConcordPay::RESPONSE_TYPE_PAYMENT) {
    209. 

  209.         // Ordinary payment.
    210. 

  210.         // Register a new transaction.
    211. 

  211.         op_TransactionAdd($hash, $summ, $customerid, $paysys, $note);
    212. 

  212.         // Calling the raw transaction handlers.
    213. 

  213.         op_ProcessHandlers();
    214. 

  214.         // Finish the work.
    215. 

  215.         cp_reportSuccess($conf_concordpay['TRANSACTION_SUCCESSFUL']);
    216. 

  216.     }
    217. 

  217. }
    218. 

  218.