/** * Process payment. * * @return array */ public function process_payment($object_id, $user_id = 0, $payment_type = 'course', $atts = array()) { if (!$user_id) { $user_id = get_current_user_id(); } if (!$user_id) { return array('status' => '', 'redirect' => home_url('/')); } // Add payment. $payment = IB_Educator_Payment::get_instance(); $payment->user_id = $user_id; $payment->payment_type = $payment_type; $payment->payment_status = 'complete'; $payment->payment_gateway = $this->get_id(); $payment->amount = 0.0; $payment->currency = ib_edu_get_currency(); if ('course' == $payment_type) { $payment->course_id = $object_id; $payment->amount = ib_edu_get_course_price($object_id); } elseif ('membership' == $payment_type) { $payment->object_id = $object_id; $ms = IB_Educator_Memberships::get_instance(); $payment->amount = $ms->get_price($object_id); } if (!empty($atts['ip'])) { $payment->ip = $atts['ip']; } if (0.0 == $payment->amount) { $payment->save(); if ($payment->ID) { if ('course' == $payment->payment_type) { // Setup course entry. $entry = IB_Educator_Entry::get_instance(); $entry->course_id = $object_id; $entry->user_id = $user_id; $entry->payment_id = $payment->ID; $entry->entry_status = 'inprogress'; $entry->entry_date = date('Y-m-d H:i:s'); $entry->save(); } elseif ('membership' == $payment->payment_type) { // Setup membership. $ms->setup_membership($user_id, $object_id); } } } return array('status' => 'complete', 'redirect' => get_permalink($object_id), 'payment' => $payment); }
/** * Cancel student's payment for a course. */ public static function cancel_payment() { if (!isset($_POST['_wpnonce']) || !wp_verify_nonce($_POST['_wpnonce'], 'ibedu_cancel_payment')) { return; } if (!is_user_logged_in()) { return; } $payment_id = isset($_POST['payment_id']) ? absint($_POST['payment_id']) : 0; if (!$payment_id) { return; } $payment = IB_Educator_Payment::get_instance($payment_id); // User may cancel his/her pending payments only. if ('pending' == $payment->payment_status && $payment->user_id == get_current_user_id()) { if ($payment->update_status('cancelled')) { wp_redirect(ib_edu_get_endpoint_url('edu-message', 'payment-cancelled', get_permalink())); exit; } } }
/** * Add course entry. */ public function addEntry($data) { $payment = IB_Educator_Payment::get_instance($data['payment_id']); $entry = IB_Educator_Entry::get_instance(); $entry->course_id = $data['course_id']; $entry->user_id = $payment->user_id; $entry->payment_id = $payment->ID; $entry->entry_status = $data['entry_status']; $entry->entry_date = date('Y-m-d H:i:s'); $entry->save(); return $entry->ID; }
if ($payment->ID && $payment->user_id == $user_id) { do_action('ib_educator_thankyou_' . $payment->payment_gateway); } // Show link to the payments page. $payments_page = get_post(ib_edu_page_id('user_payments')); if ($payments_page) { echo '<p>' . sprintf(esc_html__('Go to %s page', 'training'), '<a href="' . esc_url(get_permalink($payments_page->ID)) . '">' . esc_html($payments_page->post_title) . '</a>') . '</p>'; } } else { if ($pay = get_query_var('edu-pay')) { // Can be used for step 2 of the payment process. // PayPal gateway uses it. if (!is_numeric($pay)) { return; } $payment = IB_Educator_Payment::get_instance($pay); // The payment must exist and it must belong to the current user. if ($payment->ID && $payment->user_id == $user_id) { do_action('ib_educator_pay_' . $payment->payment_gateway); } } else { // Step 1 of the payment process. $object_id = get_query_var('edu-course'); $post = null; if (!is_numeric($object_id) && isset($_POST['course_id'])) { $object_id = intval($_POST['course_id']); } if ($object_id) { $post = get_post($object_id); } else { // No course id? Try to get membership id.
/** * Edit payment action. */ public static function edit_payment() { $payment_id = isset($_GET['payment_id']) ? absint($_GET['payment_id']) : 0; $payment = IB_Educator_Payment::get_instance($payment_id); $errors = array(); if (count($_POST)) { // Verify nonce. check_admin_referer('ib_educator_edit_payment_' . $payment_id); // Capability check. if (!current_user_can('manage_educator')) { return; } // Payment type. if (isset($_POST['payment_type']) && array_key_exists($_POST['payment_type'], IB_Educator_Payment::get_types())) { $payment->payment_type = $_POST['payment_type']; } // Student ID. if (empty($payment->user_id)) { if (!empty($_POST['student_id']) && is_numeric($_POST['student_id'])) { $payment->user_id = $_POST['student_id']; } else { $errors[] = 'empty_student_id'; } } // Course ID. if (empty($payment->course_id)) { if (!empty($_POST['course_id']) && is_numeric($_POST['course_id'])) { $payment->course_id = $_POST['course_id']; } elseif ('course' == $payment->payment_type) { $errors[] = 'empty_course_id'; } } // Object ID. if (isset($_POST['object_id']) && is_numeric($_POST['object_id'])) { $payment->object_id = $_POST['object_id']; } // Tax. if (isset($_POST['tax']) && is_numeric($_POST['tax'])) { $payment->tax = $_POST['tax']; } // Amount. if (isset($_POST['amount']) && is_numeric($_POST['amount'])) { $payment->amount = $_POST['amount']; } if (isset($_POST['currency'])) { $payment->currency = sanitize_text_field($_POST['currency']); } // Transaction ID. if (isset($_POST['txn_id'])) { $payment->txn_id = sanitize_text_field($_POST['txn_id']); } // Payment status. if (isset($_POST['payment_status']) && array_key_exists($_POST['payment_status'], IB_Educator_Payment::get_statuses())) { $payment->payment_status = $_POST['payment_status']; } // Payment gateway. if (isset($_POST['payment_gateway'])) { $payment->payment_gateway = sanitize_title($_POST['payment_gateway']); } // First Name. if (isset($_POST['first_name'])) { $payment->first_name = sanitize_text_field($_POST['first_name']); } // Last Name. if (isset($_POST['last_name'])) { $payment->last_name = sanitize_text_field($_POST['last_name']); } // Address. if (isset($_POST['address'])) { $payment->address = sanitize_text_field($_POST['address']); } // Address Line 2. if (isset($_POST['address_2'])) { $payment->address_2 = sanitize_text_field($_POST['address_2']); } // City. if (isset($_POST['city'])) { $payment->city = sanitize_text_field($_POST['city']); } // Postcode. if (isset($_POST['postcode'])) { $payment->postcode = sanitize_text_field($_POST['postcode']); } // State / Province. if (isset($_POST['state'])) { $payment->state = sanitize_text_field($_POST['state']); } // Country. if (isset($_POST['country'])) { $payment->country = sanitize_text_field($_POST['country']); } if (!empty($errors)) { ib_edu_message('edit_payment_errors', $errors); return; } if ($payment->save()) { // Update payment meta. if (isset($_POST['line_id']) && is_array($_POST['line_id'])) { foreach ($_POST['line_id'] as $key => $line_id) { if (!is_numeric($line_id)) { continue; } $payment->update_line(array('ID' => $line_id, 'object_id' => isset($_POST['line_object_id'][$key]) ? intval($_POST['line_object_id'][$key]) : 0, 'line_type' => isset($_POST['line_type'][$key]) ? sanitize_text_field($_POST['line_type'][$key]) : '', 'amount' => isset($_POST['line_amount'][$key]) ? sanitize_text_field($_POST['line_amount'][$key]) : 0.0, 'tax' => isset($_POST['line_tax'][$key]) ? sanitize_text_field($_POST['line_tax'][$key]) : 0.0, 'name' => isset($_POST['line_name'][$key]) ? sanitize_text_field($_POST['line_name'][$key]) : '')); } } $api = IB_Educator::get_instance(); $entry_saved = true; // Create entry for the student. // Implemented for the "course" payment type. if (isset($_POST['create_entry']) && !$api->get_entry(array('payment_id' => $payment->ID))) { $entry = IB_Educator_Entry::get_instance(); $entry->course_id = $payment->course_id; $entry->user_id = $payment->user_id; $entry->payment_id = $payment->ID; $entry->entry_status = 'inprogress'; $entry->entry_date = date('Y-m-d H:i:s'); $entry_saved = $entry->save(); if ($entry_saved) { // Send notification email to the student. $student = get_user_by('id', $payment->user_id); $course = get_post($payment->course_id, OBJECT, 'display'); if ($student && $course) { ib_edu_send_notification($student->user_email, 'student_registered', array('course_title' => $course->post_title), array('student_name' => $student->display_name, 'course_title' => $course->post_title, 'course_excerpt' => $course->post_excerpt)); } } } // Setup membership for the student. if (isset($_POST['setup_membership']) && 'membership' == $payment->payment_type) { $ms = IB_Educator_Memberships::get_instance(); // Setup membership. $ms->setup_membership($payment->user_id, $payment->object_id); // Send notification email. $student = get_user_by('id', $payment->user_id); $membership = $ms->get_membership($payment->object_id); if ($student && $membership) { $user_membership = $ms->get_user_membership($student->ID); $membership_meta = $ms->get_membership_meta($membership->ID); $expiration = $user_membership ? $user_membership['expiration'] : 0; ib_edu_send_notification($student->user_email, 'membership_register', array(), array('student_name' => $student->display_name, 'membership' => $membership->post_title, 'expiration' => $expiration ? date_i18n(get_option('date_format'), $expiration) : __('None', 'ibeducator'), 'price' => $ms->format_price($membership_meta['price'], $membership_meta['duration'], $membership_meta['period'], false))); } } if ($entry_saved) { wp_redirect(admin_url('admin.php?page=ib_educator_payments&edu-action=edit-payment&payment_id=' . $payment->ID . '&edu-message=saved')); exit; } } } }
/** * Charge the card using Stripe. * It's an AJAX action. */ public function process_stripe_token() { if (!isset($_POST['_wpnonce']) || !wp_verify_nonce($_POST['_wpnonce'], 'ib_educator_stripe_token')) { exit('0'); } if (!isset($_POST['token']) || !isset($_POST['payment_id'])) { exit('0'); } $user = wp_get_current_user(); if (0 == $user->ID) { exit('0'); } $payment = IB_Educator_Payment::get_instance($_POST['payment_id']); if (!$payment->ID || $user->ID != $payment->user_id) { // The payment must exist and it must be associated with the current user. exit('0'); } require_once IBEDUCATOR_PLUGIN_DIR . 'lib/Stripe/Stripe.php'; $token = $_POST['token']; $amount = round((double) $payment->amount, 2); $description = sprintf(__('Payment #%d', 'ibeducator'), $payment->ID); if ('course' == $payment->payment_type) { $description .= ' , ' . get_the_title($payment->course_id); } elseif ('membership' == $payment->payment_type) { $description .= ' , ' . get_the_title($payment->object_id); } try { Stripe::setApiKey($this->get_option('secret_key')); Stripe_Charge::create(array('amount' => $amount * 100, 'currency' => $payment->currency, 'card' => $token, 'description' => $description)); // Update the payment status. $payment->payment_status = 'complete'; $payment->save(); // Setup course or membership for the student. IB_Educator::get_instance()->setup_payment_item($payment); exit('1'); } catch (Exception $e) { } exit('0'); }
/** * Save payment to database. * * @param array $data * @return IB_Educator_Payment */ public function add_payment($data) { $payment = IB_Educator_Payment::get_instance(); if (!empty($data['course_id'])) { $payment->course_id = $data['course_id']; } $payment->user_id = $data['user_id']; if (!empty($data['object_id'])) { $payment->object_id = $data['object_id']; } $payment->payment_type = $data['payment_type']; $payment->payment_gateway = $data['payment_gateway']; $payment->payment_status = $data['payment_status']; $payment->amount = $data['amount']; $payment->currency = $data['currency']; if (!empty($data['tax'])) { $payment->tax = $data['tax']; } $payment->save(); return $payment; }
/** * Create payment. * * @param int $object_id ID of the object the payment is to be associated with. * @param int $user_id * @param string $payment_type * @return IB_Educator_Payment */ public function create_payment($object_id, $user_id, $payment_type, $atts = array()) { $payment = IB_Educator_Payment::get_instance(); $payment->user_id = $user_id; $payment->payment_type = $payment_type; $payment->payment_status = 'pending'; $payment->payment_gateway = $this->get_id(); $payment->currency = ib_edu_get_currency(); if ('course' == $payment_type) { $payment->course_id = $object_id; $payment->amount = ib_edu_get_course_price($object_id); } elseif ('membership' == $payment_type) { $payment->object_id = $object_id; $payment->amount = IB_Educator_Memberships::get_instance()->get_price($object_id); } $tax_data = null; if (ib_edu_collect_billing_data($object_id)) { // Save billing data. $billing = get_user_meta($user_id, '_ib_educator_billing', true); if (!is_array($billing)) { $billing = array(); } $payment->first_name = get_user_meta($user_id, 'first_name', true); $payment->last_name = get_user_meta($user_id, 'last_name', true); $payment->address = isset($billing['address']) ? $billing['address'] : ''; $payment->address_2 = isset($billing['address_2']) ? $billing['address_2'] : ''; $payment->city = isset($billing['city']) ? $billing['city'] : ''; $payment->state = isset($billing['state']) ? $billing['state'] : ''; $payment->postcode = isset($billing['postcode']) ? $billing['postcode'] : ''; $payment->country = isset($billing['country']) ? $billing['country'] : ''; // Calculate tax. $edu_tax = IB_Educator_Tax::get_instance(); $tax_data = $edu_tax->calculate_tax($edu_tax->get_tax_class_for($object_id), $payment->amount, $payment->country, $payment->state); $payment->tax = $tax_data['tax']; $payment->amount = $tax_data['total']; } if (!empty($atts['ip'])) { $payment->ip = $atts['ip']; } $payment->save(); // Save tax data. if ($tax_data) { foreach ($tax_data['taxes'] as $tax) { $payment->update_line(array('object_id' => $tax->ID, 'line_type' => 'tax', 'amount' => $tax->amount, 'name' => $tax->name)); } } return $payment; }
public function process_ipn() { $debug = 0; $log_file = IBEDUCATOR_PLUGIN_DIR . 'ipn.log'; // Read POST data // reading posted data directly from $_POST causes serialization // issues with array data in POST. Reading raw POST data from input stream instead. $raw_post_data = file_get_contents('php://input'); $raw_post_array = explode('&', $raw_post_data); $myPost = array(); foreach ($raw_post_array as $keyval) { $keyval = explode('=', $keyval); if (2 == count($keyval)) { $myPost[$keyval[0]] = urldecode($keyval[1]); } } // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; if (function_exists('get_magic_quotes_gpc')) { $get_magic_quotes_exists = true; } else { $get_magic_quotes_exists = false; } foreach ($myPost as $key => $value) { if (true == $get_magic_quotes_exists && 1 == get_magic_quotes_gpc()) { $value = urlencode(stripslashes($value)); } else { $value = urlencode($value); } $req .= "&{$key}={$value}"; } // Post IPN data back to PayPal to validate the IPN data is genuine. // Without this step anyone can fake IPN data. if ($this->get_option('test')) { $paypal_url = $this->test_url; } else { $paypal_url = $this->live_url; } $ch = curl_init($paypal_url); if (!$ch) { return; } curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_FORBID_REUSE, 1); if ($debug) { curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLINFO_HEADER_OUT, 1); } // Set TCP timeout to 30 seconds. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close')); $res = curl_exec($ch); if (0 != curl_errno($ch)) { if (true == $debug) { error_log(date('[Y-m-d H:i e] ') . 'Can\'t connect to PayPal to validate IPN message: ' . curl_error($ch) . PHP_EOL, 3, $log_file); } curl_close($ch); exit; } else { // Log the entire HTTP response if debug is switched on. if ($debug) { error_log(date('[Y-m-d H:i e] ') . 'HTTP request of validation request:' . curl_getinfo($ch, CURLINFO_HEADER_OUT) . ' for IPN payload: ' . $req . PHP_EOL, 3, $log_file); error_log(date('[Y-m-d H:i e] ') . 'HTTP response of validation request: ' . $res . PHP_EOL, 3, $log_file); } curl_close($ch); } // Inspect IPN validation result and act accordingly. if (false !== strpos($res, 'VERIFIED')) { if (isset($_POST['payment_status'])) { $payment_id = !isset($_POST['item_number']) ? 0 : absint($_POST['item_number']); $currency = !isset($_POST['mc_currency']) ? '' : $_POST['mc_currency']; $receiver_email = !isset($_POST['receiver_email']) ? '' : $_POST['receiver_email']; $payment_amount = !isset($_POST['mc_gross']) ? '' : $_POST['mc_gross']; if ($receiver_email != $this->get_option('business_email')) { return; } if (0 == $payment_id) { return; } $payment = IB_Educator_Payment::get_instance($payment_id); if (!$payment->ID) { return; } if ($payment_amount != $payment->amount) { return; } if ($currency != $payment->currency) { return; } switch ($_POST['payment_status']) { case 'Completed': // Update payment status. $payment->payment_status = 'complete'; if (isset($_POST['txn_id'])) { $payment->txn_id = sanitize_text_field($_POST['txn_id']); } $payment->save(); // Setup course or membership for the student. IB_Educator::get_instance()->setup_payment_item($payment); break; case 'Failed': case 'Expired': case 'Denied': case 'Voided': // Update payment status. $payment->payment_status = 'failed'; $payment->save(); break; } } if ($debug) { error_log(date('[Y-m-d H:i e] ') . 'Verified IPN: ' . $req . PHP_EOL, 3, $log_file); } } else { if (0 == strcmp($res, 'INVALID')) { if ($debug) { error_log(date('[Y-m-d H:i e] ') . 'Invalid IPN: ' . $req . PHP_EOL, 3, $log_file); } } } }
/** * AJAX: delete payment. */ public static function admin_payments_delete() { if (!current_user_can('manage_educator')) { exit; } $payment_id = isset($_POST['payment_id']) ? absint($_POST['payment_id']) : 0; if (!isset($_POST['_wpnonce']) || !wp_verify_nonce($_POST['_wpnonce'], 'ib_educator_delete_payment_' . $payment_id)) { exit; } $response = ''; $payment = IB_Educator_Payment::get_instance($payment_id); if ($payment && $payment->delete()) { $response = 'success'; } else { $response = 'failure'; } echo $response; exit; }