1 | <?php |
||||||
2 | /* For license terms, see /license.txt */ |
||||||
3 | |||||||
4 | /** |
||||||
5 | * Process purchase confirmation script for the Buy Courses plugin. |
||||||
6 | * |
||||||
7 | * @package chamilo.plugin.buycourses |
||||||
8 | */ |
||||||
9 | require_once '../config.php'; |
||||||
10 | |||||||
11 | $plugin = BuyCoursesPlugin::create(); |
||||||
12 | |||||||
13 | $saleId = $_SESSION['bc_sale_id']; |
||||||
14 | $couponId = $_SESSION['bc_coupon_id']; |
||||||
15 | |||||||
16 | if (empty($saleId)) { |
||||||
17 | api_not_allowed(true); |
||||||
18 | } |
||||||
19 | |||||||
20 | $sale = $plugin->getSubscriptionSale($saleId); |
||||||
21 | |||||||
22 | if (!empty($couponId)) { |
||||||
23 | $coupon = $plugin->getCoupon($couponId, $sale['product_type'], $sale['product_id']); |
||||||
24 | } |
||||||
25 | |||||||
26 | $userInfo = api_get_user_info($sale['user_id']); |
||||||
27 | |||||||
28 | if (empty($sale)) { |
||||||
29 | api_not_allowed(true); |
||||||
30 | } |
||||||
31 | |||||||
32 | $currency = $plugin->getCurrency($sale['currency_id']); |
||||||
33 | $globalParameters = $plugin->getGlobalParameters(); |
||||||
34 | |||||||
35 | switch ($sale['payment_type']) { |
||||||
36 | case BuyCoursesPlugin::PAYMENT_TYPE_PAYPAL: |
||||||
37 | $paypalParams = $plugin->getPaypalParams(); |
||||||
38 | |||||||
39 | $pruebas = $paypalParams['sandbox'] == 1; |
||||||
40 | $paypalUsername = $paypalParams['username']; |
||||||
41 | $paypalPassword = $paypalParams['password']; |
||||||
42 | $paypalSignature = $paypalParams['signature']; |
||||||
43 | |||||||
44 | require_once "paypalfunctions.php"; |
||||||
45 | |||||||
46 | $i = 0; |
||||||
47 | $extra = "&L_PAYMENTREQUEST_0_NAME0={$sale['product_name']}"; |
||||||
48 | $extra .= "&L_PAYMENTREQUEST_0_AMT0={$sale['price']}"; |
||||||
49 | $extra .= "&L_PAYMENTREQUEST_0_QTY0=1"; |
||||||
50 | |||||||
51 | $expressCheckout = CallShortcutExpressCheckout( |
||||||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||||||
52 | $sale['price'], |
||||||
53 | $currency['iso_code'], |
||||||
54 | 'paypal', |
||||||
55 | api_get_path(WEB_PLUGIN_PATH).'buycourses/src/success.php', |
||||||
56 | api_get_path(WEB_PLUGIN_PATH).'buycourses/src/error.php', |
||||||
57 | $extra |
||||||
58 | ); |
||||||
59 | |||||||
60 | if ($expressCheckout["ACK"] !== 'Success') { |
||||||
61 | $erroMessage = vsprintf( |
||||||
62 | $plugin->get_lang('ErrorOccurred'), |
||||||
63 | [$expressCheckout['L_ERRORCODE0'], $expressCheckout['L_LONGMESSAGE0']] |
||||||
64 | ); |
||||||
65 | Display::addFlash( |
||||||
66 | Display::return_message($erroMessage, 'error', false) |
||||||
67 | ); |
||||||
68 | header('Location: ../index.php'); |
||||||
69 | exit; |
||||||
70 | } |
||||||
71 | |||||||
72 | if (!empty($globalParameters['sale_email'])) { |
||||||
73 | $messageConfirmTemplate = new Template(); |
||||||
74 | $messageConfirmTemplate->assign('user', $userInfo); |
||||||
75 | $messageConfirmTemplate->assign( |
||||||
76 | 'sale', |
||||||
77 | [ |
||||||
78 | 'date' => $sale['date'], |
||||||
79 | 'product' => $sale['product_name'], |
||||||
80 | 'currency' => $currency['iso_code'], |
||||||
81 | 'price' => $sale['price'], |
||||||
82 | 'reference' => $sale['reference'], |
||||||
83 | ] |
||||||
84 | ); |
||||||
85 | |||||||
86 | api_mail_html( |
||||||
87 | '', |
||||||
88 | $globalParameters['sale_email'], |
||||||
89 | $plugin->get_lang('bc_subject'), |
||||||
90 | $messageConfirmTemplate->fetch('buycourses/view/message_confirm.tpl') |
||||||
91 | ); |
||||||
92 | } |
||||||
93 | |||||||
94 | RedirectToPayPal($expressCheckout["TOKEN"]); |
||||||
0 ignored issues
–
show
The function
RedirectToPayPal was not found. Maybe you did not declare it correctly or list all dependencies?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
95 | break; |
||||||
96 | case BuyCoursesPlugin::PAYMENT_TYPE_TRANSFER: |
||||||
97 | $buyingCourse = false; |
||||||
98 | $buyingSession = false; |
||||||
99 | |||||||
100 | switch ($sale['product_type']) { |
||||||
101 | case BuyCoursesPlugin::PRODUCT_TYPE_COURSE: |
||||||
102 | $buyingCourse = true; |
||||||
103 | $course = $plugin->getSubscriptionCourseInfo($sale['product_id'], $coupon); |
||||||
104 | break; |
||||||
105 | case BuyCoursesPlugin::PRODUCT_TYPE_SESSION: |
||||||
106 | $buyingSession = true; |
||||||
107 | $session = $plugin->getSubscriptionSessionInfo($sale['product_id'], $coupon); |
||||||
108 | break; |
||||||
109 | } |
||||||
110 | |||||||
111 | $transferAccounts = $plugin->getTransferAccounts(); |
||||||
112 | $infoEmailExtra = $plugin->getTransferInfoExtra()['tinfo_email_extra']; |
||||||
113 | |||||||
114 | $form = new FormValidator( |
||||||
115 | 'success', |
||||||
116 | 'POST', |
||||||
117 | api_get_self(), |
||||||
118 | null, |
||||||
119 | null, |
||||||
120 | FormValidator::LAYOUT_INLINE |
||||||
121 | ); |
||||||
122 | |||||||
123 | if ($form->validate()) { |
||||||
124 | $formValues = $form->getSubmitValues(); |
||||||
125 | |||||||
126 | if (isset($formValues['cancel'])) { |
||||||
127 | $plugin->cancelSubscriptionSale($sale['id']); |
||||||
128 | |||||||
129 | unset($_SESSION['bc_sale_id']); |
||||||
130 | unset($_SESSION['bc_coupon_id']); |
||||||
131 | |||||||
132 | header('Location: '.api_get_path(WEB_PLUGIN_PATH).'buycourses/index.php'); |
||||||
133 | exit; |
||||||
134 | } |
||||||
135 | |||||||
136 | $messageTemplate = new Template(); |
||||||
137 | $messageTemplate->assign('user', $userInfo); |
||||||
138 | $messageTemplate->assign( |
||||||
139 | 'sale', |
||||||
140 | [ |
||||||
141 | 'date' => $sale['date'], |
||||||
142 | 'product' => $sale['product_name'], |
||||||
143 | 'currency' => $currency['iso_code'], |
||||||
144 | 'price' => $sale['price'], |
||||||
145 | 'reference' => $sale['reference'], |
||||||
146 | ] |
||||||
147 | ); |
||||||
148 | $messageTemplate->assign('transfer_accounts', $transferAccounts); |
||||||
149 | $messageTemplate->assign('info_email_extra', $infoEmailExtra); |
||||||
150 | |||||||
151 | MessageManager::send_message_simple( |
||||||
152 | $userInfo['user_id'], |
||||||
153 | $plugin->get_lang('bc_subject'), |
||||||
154 | $messageTemplate->fetch('buycourses/view/message_transfer.tpl') |
||||||
155 | ); |
||||||
156 | |||||||
157 | if (!empty($globalParameters['sale_email'])) { |
||||||
158 | $messageConfirmTemplate = new Template(); |
||||||
159 | $messageConfirmTemplate->assign('user', $userInfo); |
||||||
160 | $messageConfirmTemplate->assign( |
||||||
161 | 'sale', |
||||||
162 | [ |
||||||
163 | 'date' => $sale['date'], |
||||||
164 | 'product' => $sale['product_name'], |
||||||
165 | 'currency' => $currency['iso_code'], |
||||||
166 | 'price' => $sale['price'], |
||||||
167 | 'reference' => $sale['reference'], |
||||||
168 | ] |
||||||
169 | ); |
||||||
170 | |||||||
171 | api_mail_html( |
||||||
172 | '', |
||||||
173 | $globalParameters['sale_email'], |
||||||
174 | $plugin->get_lang('bc_subject'), |
||||||
175 | $messageConfirmTemplate->fetch('buycourses/view/message_confirm.tpl') |
||||||
176 | ); |
||||||
177 | } |
||||||
178 | |||||||
179 | Display::addFlash( |
||||||
180 | Display::return_message( |
||||||
181 | sprintf( |
||||||
182 | $plugin->get_lang('PurchaseStatusX'), |
||||||
183 | $plugin->get_lang('PendingReasonByTransfer') |
||||||
184 | ), |
||||||
185 | 'success', |
||||||
186 | false |
||||||
187 | ) |
||||||
188 | ); |
||||||
189 | |||||||
190 | unset($_SESSION['bc_sale_id']); |
||||||
191 | unset($_SESSION['bc_coupon_id']); |
||||||
192 | header('Location: '.api_get_path(WEB_PLUGIN_PATH).'buycourses/src/course_catalog.php'); |
||||||
193 | exit; |
||||||
194 | } |
||||||
195 | |||||||
196 | $form->addButton( |
||||||
197 | 'confirm', |
||||||
198 | $plugin->get_lang('ConfirmOrder'), |
||||||
199 | 'check', |
||||||
200 | 'success', |
||||||
201 | 'default', |
||||||
202 | null, |
||||||
203 | ['id' => 'confirm'] |
||||||
204 | ); |
||||||
205 | $form->addButtonCancel($plugin->get_lang('CancelOrder'), 'cancel'); |
||||||
206 | |||||||
207 | $template = new Template(); |
||||||
208 | |||||||
209 | if ($buyingCourse) { |
||||||
210 | $template->assign('course', $course); |
||||||
211 | } elseif ($buyingSession) { |
||||||
212 | $template->assign('session', $session); |
||||||
213 | } |
||||||
214 | |||||||
215 | $template->assign('buying_course', $buyingCourse); |
||||||
216 | $template->assign('buying_session', $buyingSession); |
||||||
217 | $template->assign('terms', $globalParameters['terms_and_conditions']); |
||||||
218 | $template->assign('title', $sale['product_name']); |
||||||
219 | $template->assign('price', $sale['price']); |
||||||
220 | $template->assign('currency', $sale['currency_id']); |
||||||
221 | $template->assign('user', $userInfo); |
||||||
222 | $template->assign('transfer_accounts', $transferAccounts); |
||||||
223 | $template->assign('form', $form->returnForm()); |
||||||
224 | $template->assign('is_bank_transfer', true); |
||||||
225 | |||||||
226 | $content = $template->fetch('buycourses/view/subscription_process_confirm.tpl'); |
||||||
227 | |||||||
228 | $template->assign('content', $content); |
||||||
229 | $template->display_one_col_template(); |
||||||
230 | break; |
||||||
231 | case BuyCoursesPlugin::PAYMENT_TYPE_CULQI: |
||||||
232 | // We need to include the main online script, acording to the Culqi documentation the JS needs to be loeaded |
||||||
233 | // directly from the main url "https://integ-pago.culqi.com" because a local copy of this JS is not supported |
||||||
234 | $htmlHeadXtra[] = '<script src="//integ-pago.culqi.com/js/v1"></script>'; |
||||||
235 | |||||||
236 | $buyingCourse = false; |
||||||
237 | $buyingSession = false; |
||||||
238 | |||||||
239 | switch ($sale['product_type']) { |
||||||
240 | case BuyCoursesPlugin::PRODUCT_TYPE_COURSE: |
||||||
241 | $buyingCourse = true; |
||||||
242 | $course = $plugin->getSubscriptionCourseInfo($sale['product_id'], $coupon); |
||||||
243 | break; |
||||||
244 | case BuyCoursesPlugin::PRODUCT_TYPE_SESSION: |
||||||
245 | $buyingSession = true; |
||||||
246 | $session = $plugin->getSubscriptionSessionInfo($sale['product_id'], $coupon); |
||||||
247 | break; |
||||||
248 | } |
||||||
249 | |||||||
250 | $form = new FormValidator( |
||||||
251 | 'success', |
||||||
252 | 'POST', |
||||||
253 | api_get_self(), |
||||||
254 | null, |
||||||
255 | null, |
||||||
256 | FormValidator::LAYOUT_INLINE |
||||||
257 | ); |
||||||
258 | |||||||
259 | if ($form->validate()) { |
||||||
260 | $formValues = $form->getSubmitValues(); |
||||||
261 | |||||||
262 | if (isset($formValues['cancel'])) { |
||||||
263 | $plugin->cancelSubscriptionSale($sale['id']); |
||||||
264 | |||||||
265 | unset($_SESSION['bc_sale_id']); |
||||||
266 | unset($_SESSION['bc_coupon_id']); |
||||||
267 | |||||||
268 | Display::addFlash( |
||||||
269 | Display::return_message( |
||||||
270 | $plugin->get_lang('OrderCanceled'), |
||||||
271 | 'warning', |
||||||
272 | false |
||||||
273 | ) |
||||||
274 | ); |
||||||
275 | |||||||
276 | header('Location: '.api_get_path(WEB_PLUGIN_PATH).'buycourses/index.php'); |
||||||
277 | exit; |
||||||
278 | } |
||||||
279 | } |
||||||
280 | $form->addButton( |
||||||
281 | 'confirm', |
||||||
282 | $plugin->get_lang('ConfirmOrder'), |
||||||
283 | 'check', |
||||||
284 | 'success', |
||||||
285 | 'default', |
||||||
286 | null, |
||||||
287 | ['id' => 'confirm'] |
||||||
288 | ); |
||||||
289 | $form->addButton( |
||||||
290 | 'cancel', |
||||||
291 | $plugin->get_lang('CancelOrder'), |
||||||
292 | 'times', |
||||||
293 | 'danger', |
||||||
294 | 'default', |
||||||
295 | null, |
||||||
296 | ['id' => 'cancel'] |
||||||
297 | ); |
||||||
298 | |||||||
299 | $template = new Template(); |
||||||
300 | |||||||
301 | if ($buyingCourse) { |
||||||
302 | $template->assign('course', $course); |
||||||
303 | } elseif ($buyingSession) { |
||||||
304 | $template->assign('session', $session); |
||||||
305 | } |
||||||
306 | |||||||
307 | $template->assign('buying_course', $buyingCourse); |
||||||
308 | $template->assign('buying_session', $buyingSession); |
||||||
309 | $template->assign('terms', $globalParameters['terms_and_conditions']); |
||||||
310 | $template->assign('title', $sale['product_name']); |
||||||
311 | $template->assign('price', floatval($sale['price'])); |
||||||
312 | $template->assign('currency', $plugin->getSelectedCurrency()); |
||||||
313 | $template->assign('user', $userInfo); |
||||||
314 | $template->assign('sale', $sale); |
||||||
315 | $template->assign('form', $form->returnForm()); |
||||||
316 | $template->assign('is_culqi_payment', true); |
||||||
317 | $template->assign('culqi_params', $culqiParams = $plugin->getCulqiParams()); |
||||||
318 | |||||||
319 | $content = $template->fetch('buycourses/view/subscription_process_confirm.tpl'); |
||||||
320 | |||||||
321 | $template->assign('content', $content); |
||||||
322 | $template->display_one_col_template(); |
||||||
323 | |||||||
324 | break; |
||||||
325 | case BuyCoursesPlugin::PAYMENT_TYPE_TPV_REDSYS: |
||||||
326 | $tpvRedsysParams = $plugin->getTpvRedsysParams(); |
||||||
327 | |||||||
328 | require_once '../resources/apiRedsys.php'; |
||||||
329 | $tpv = new RedsysAPI(); |
||||||
330 | |||||||
331 | $merchantcode = $tpvRedsysParams['merchantcode']; |
||||||
332 | $terminal = $tpvRedsysParams['terminal']; |
||||||
333 | $currency = $tpvRedsysParams['currency']; |
||||||
334 | $transactionType = "0"; |
||||||
335 | $urlMerchant = api_get_path(WEB_PLUGIN_PATH).'buycourses/src/tpv_response.php'; |
||||||
336 | $urlSuccess = api_get_path(WEB_PLUGIN_PATH).'buycourses/src/tpv_success.php'; |
||||||
337 | $urlFailed = api_get_path(WEB_PLUGIN_PATH).'buycourses/src/tpv_error.php'; |
||||||
338 | $order = str_pad(strval($saleId), 4, "0", STR_PAD_LEFT); |
||||||
339 | $amount = $sale['price'] * 100; |
||||||
340 | $description = $plugin->get_lang('OrderReference').": ".$sale['reference']; |
||||||
341 | $tpv->setParameter("DS_MERCHANT_AMOUNT", $amount); |
||||||
342 | $tpv->setParameter("DS_MERCHANT_ORDER", $order); |
||||||
343 | $tpv->setParameter("DS_MERCHANT_MERCHANTCODE", $merchantcode); |
||||||
344 | $tpv->setParameter("DS_MERCHANT_CURRENCY", $currency); |
||||||
345 | $tpv->setParameter("DS_MERCHANT_TRANSACTIONTYPE", $transactionType); |
||||||
346 | $tpv->setParameter("DS_MERCHANT_TERMINAL", $terminal); |
||||||
347 | $tpv->setParameter("DS_MERCHANT_MERCHANTURL", $urlMerchant); |
||||||
348 | $tpv->setParameter("DS_MERCHANT_URLOK", $urlSuccess); |
||||||
349 | $tpv->setParameter("DS_MERCHANT_URLKO", $urlFailed); |
||||||
350 | $tpv->setParameter("DS_MERCHANT_PRODUCTDESCRIPTION", $description); |
||||||
351 | |||||||
352 | $version = "HMAC_SHA256_V1"; |
||||||
353 | $kc = $tpvRedsysParams['kc']; |
||||||
354 | |||||||
355 | $urlTpv = $tpvRedsysParams['url_redsys']; |
||||||
356 | $sandboxFlag = $tpvRedsysParams['sandbox'] == 1; |
||||||
357 | if ($sandboxFlag === true) { |
||||||
358 | $urlTpv = $tpvRedsysParams['url_redsys_sandbox']; |
||||||
359 | } |
||||||
360 | |||||||
361 | $params = $tpv->createMerchantParameters(); |
||||||
362 | $signature = $tpv->createMerchantSignature($kc); |
||||||
363 | |||||||
364 | echo '<form name="tpv_chamilo" action="'.$urlTpv.'" method="POST">'; |
||||||
365 | echo '<input type="hidden" name="Ds_SignatureVersion" value="'.$version.'" />'; |
||||||
366 | echo '<input type="hidden" name="Ds_MerchantParameters" value="'.$params.'" />'; |
||||||
367 | echo '<input type="hidden" name="Ds_Signature" value="'.$signature.'" />'; |
||||||
368 | echo '</form>'; |
||||||
369 | |||||||
370 | echo '<SCRIPT language=javascript>'; |
||||||
371 | echo 'document.tpv_chamilo.submit();'; |
||||||
372 | echo '</script>'; |
||||||
373 | |||||||
374 | break; |
||||||
375 | } |
||||||
376 |