public function postWithdraw()
{
$amount = Bitcoin::toSatoshi(floatval(Input::get('amount', 0)));
$address = Input::get('address');
if ($amount < Config::get('bitcoin.minimum_withdrawal')) {
return Redirect::back()->withInput()->with('error', 'Amount is less than the minimum.');
} else {
if ($amount > Auth::user()->getBalance()) {
return Redirect::back()->withInput()->with('error', 'You do not have the required funds.');
}
}
if (!Bitcoin::checkAddress($address)) {
return Redirect::back()->withInput()->with('error', 'Invalid bitcoin address.');
}
$api_url = 'https://blockchain.info/merchant/' . urlencode(Config::get('bitcoin.guid')) . '/payment';
$api_url .= '?password='******'bitcoin.password'));
$api_url .= '&to=' . urlencode($address);
$withdraw_amount = $amount - Config::get('bitcoin.withdrawal_fee');
$api_url .= '&amount=' . urlencode($withdraw_amount);
$response = file_get_contents($api_url);
$response = json_decode($response);
if (!property_exists($response, 'tx_hash')) {
return Redirect::back()->withInput()->with('error', $response->error);
} else {
Auth::user()->subtractFromBalance($amount);
}
$withdraw = new Withdraw();
$withdraw->user_id = Auth::user()->id;
$withdraw->amount = $amount;
$withdraw->btc_address = $address;
$withdraw->transaction_hash = $response->tx_hash;
if (property_exists($response, 'notice')) {
$withdraw->notice = $response->notice;
}
if (property_exists($response, 'message')) {
$withdraw->message = $response->message;
}
if (!$withdraw->save()) {
Notify::alert('Withdraw couldn\'t be saved!');
}
return Redirect::back()->with('success', 'Withdraw processed.');
}
/**
* @param array $input An array of of our unsanitized options.
* @return array An array of sanitized options.
*/
public function validateSettings($input)
{
$safe_input = array();
foreach ($input as $k => $v) {
switch ($k) {
case 'receive_addresses':
if (empty($v)) {
$errmsg = __('Receive addresses cannot be empty.', 'my-two-cents');
add_settings_error($this->prefix . 'settings', 'empty-receive-addresses', $errmsg);
}
$addrs = array();
foreach (explode("\n", $v) as $line) {
$line = trim($line);
if (Bitcoin::checkAddress($line)) {
$addrs[] = $line;
} else {
error_log(sprintf(__('Rejecting invalid BitCoin receive address: %s', 'my-two-cents'), $line));
}
}
if (empty($addrs)) {
$errmsg = __('You must supply at least one valid BitCoin address.', 'my-two-cents');
add_settings_error($this->prefix . 'settings', 'no-valid-receive-addresses', $errmsg);
}
$safe_input[$k] = implode("\n", array_map('sanitize_text_field', $addrs));
break;
case 'secret':
$safe_input[$k] = sanitize_text_field($v);
break;
case 'qr_code_img_size':
case 'use_txs_polling':
case 'min_confirms':
case 'debug':
$safe_input[$k] = intval($v);
break;
}
}
return $safe_input;
}
public static function createOrder($userid, $active, $confirmations, $notifications, $addresses)
{
$db = Database::getInstance();
$db->startTransaction();
$stmt = $db->prepare("INSERT INTO orders (uid, confirmations) VALUES (?, ?)");
$stmt->bind_param("ii", $userid, $confirmations);
$order_id = $db->insert($stmt);
if ($order_id != null) {
$stmt = $db->prepare("INSERT INTO order_notify (order_id, notify_id) VALUES (?, ?)");
foreach ($notifications as $notification) {
$stmt->bind_param("ii", $order_id, $notification);
$db->insert($stmt);
}
$stmt = $db->prepare("INSERT INTO order_address (order_id, address) VALUES (?, ?)");
$bc = new Bitcoin();
foreach ($addresses as $address) {
if ($bc->checkAddress($address)) {
$stmt->bind_param("is", $order_id, $address);
$db->insert($stmt);
}
}
$db->commit();
} else {
$db->rollback();
}
}
/**
* Test Bitcoin::checkAddress() with various good and bad addresses.
*/
public function testCheckAddress()
{
$this->assertTrue(Bitcoin::checkAddress("1pA14Ga5dtzA1fbeFRS74Ri32dQjkdKe5"));
$this->assertTrue(Bitcoin::checkAddress("1MU97wyf7msCVdaapneW2dW1uXP7oEQsFA"));
$this->assertTrue(Bitcoin::checkAddress("1F417eczAAbh41V4oLGNf3DqXLY72hsM73"));
$this->assertTrue(Bitcoin::checkAddress("1ASgNrpNNejRJVfqK2jHmfJ3ZQnMSUJkwJ"));
$this->assertFalse(Bitcoin::checkAddress("1ASgNrpNNejRJVfqK2jHmfJ3ZQnMSUJ"));
$this->assertFalse(Bitcoin::checkAddress("1111111fnord"));
}
public function setAddresses($addresses)
{
$db = Database::getInstance();
$stmt = $db->prepare("DELETE FROM order_address WHERE order_id = ?");
$stmt->bind_param("i", $this->orderid);
$db->update($stmt);
$stmt = $db->prepare("INSERT IGNORE INTO order_address (order_id, address) VALUES (?, ?)");
$bc = new Bitcoin();
foreach ($addresses as $address) {
if ($bc->checkAddress($address)) {
$stmt->bind_param("is", $this->orderid, $address);
$db->update($stmt);
}
}
$this->addresses = $addresses;
}
/**
* Process Bitcoin checkout.
*
* @param string $separator
* @param integer $sessionid
* @todo Document better
*/
function gateway_bitcoin($separator, $sessionid)
{
global $wpdb, $wpsc_cart;
include_once "library/bitcoin.inc";
$bitcoin_client = new BitcoinClient(get_option("bitcoin_scheme"), get_option("bitcoin_username"), get_option("bitcoin_password"), get_option("bitcoin_address"), get_option("bitcoin_port"), get_option("bitcoin_certificate_path"));
if (TRUE !== ($fault = $bitcoin_client->can_connect())) {
bitcoin_checkout_fail($session, 'The Bitcoin server is presently unavailable. Please contact the site administrator.', $fault);
return;
}
$row = $wpdb->get_row("SELECT id,totalprice FROM " . WPSC_TABLE_PURCHASE_LOGS . " WHERE sessionid=" . $sessionid);
$label = $row->id . " " . $row->totalprice;
try {
$address = $bitcoin_client->query("getnewaddress", $label);
} catch (BitcoinClientException $e) {
bitcoin_checkout_fail($session, 'The Bitcoin server is presently unavailable. Please contact the site administrator.', $e->getMessage());
return;
}
if (!Bitcoin::checkAddress($address)) {
bitcoin_checkout_fail($session, 'The Bitcoin server returned an invalid address. Please contact the site administrator.', $e->getMessage());
return;
}
//var_dump($_SESSION);
unset($_SESSION['WpscGatewayErrorMessage']);
// Set the transaction to pending payment and log the Bitcoin address as its transaction ID
$wpdb->query("UPDATE " . WPSC_TABLE_PURCHASE_LOGS . " SET processed='1', transactid='" . $address . "' WHERE sessionid=" . $sessionid);
$_SESSION['bitcoin'] = 'success';
$_SESSION['bitcoin_address_display'] = $address;
$_SESSION['bitcoin_address_mail'] = $address;
header("Location: " . get_option('transact_url') . $separator . "sessionid=" . $sessionid);
exit;
}
$addr = $_SESSION["bitcoin_address"];
$oid = $db->f("order_id");
$addrinfo = "To make your payment and complete your order, please send BTC " . $tot . " to Bitcoin address " . $addr;
$confirminfo = "Your payment will be confirmed when " . BITCOIN_CONFIRMS . " confirmation";
if (BITCOIN_CONFIRMS != 1) {
$confirminfo .= "s";
}
$confirminfo .= " of the transaction ha";
if (BITCOIN_CONFIRMS != 1) {
$confirminfo .= "ve";
} else {
$confirminfo .= "s";
}
$confirminfo .= " been received.";
$confirminfo .= " If payment is not received within " . BITCOIN_TIMEOUT . " hours, your order will be canceled automatically.";
if (Bitcoin::checkAddress($addr)) {
$q = "UPDATE #__vm_order_payment SET order_payment_name='" . $addr . "' WHERE order_id='" . $oid . "'";
$db->query($q);
echo "<p><strong>" . $addrinfo . "</strong><p>";
echo "<p>" . $confirminfo . "</p>";
$d['include_comment'] = "Y";
$d['order_comment'] = $addrinfo . ". " . $confirminfo;
$d['current_order_status'] = "P";
$d['order_status'] = "P";
$d['notify_customer'] = "Y";
$d['order_id'] = $oid;
$order = new ps_order();
// TODO: hackish but it gets the info to the customer. revisit.
$order->order_status_update($d);
} else {
$vmLogger->err("Shopping cart expired.");
$checksig = sha1($event.$username.$order.$addresses.$user->secret);
if ($sig != $checksig)
{
die("BADSIG");
} else {
//go
$order = new Order($order);
if ($order != NULL && $order->userid == $user->userid)
{
$bc = new Bitcoin();
foreach (explode(",",$addresses) as $address)
{
if ($bc->checkAddress($address))
{
switch ($event)
{
case "addAddress":
$order->addAddress($address);
break;
case "removeAddress":
$order->removeAddress($address);
break;
}
} else {
die("ERROR");
}
}
/**
* Make sure an address is correct (length, network availability)
* note: if in offline mode it will only check the length and chars
*
* @param string $address
* @param boolean $isMine (defaults to null): false => has to be foreign, true => has to be own
* @return boolean Success
*/
public function validateAddress($address, $isMine = null)
{
/*
if (!preg_match('/^[a-z0-9]{33,34}$/i', $address)) {
return false;
}
*/
if (!Bitcoin::checkAddress($address)) {
return false;
}
if (!$this->settings['daemon']) {
return true;
}
$res = $this->C->validateaddress($address);
if (empty($res['isvalid'])) {
return false;
}
if ($isMine !== null) {
return $res['ismine'] == $isMine;
}
return true;
}
/**
* Process the payment
* @param string $order_number
* @param float $order_total
* @param array $d
* @return boolean true if bitcoin
*/
function process_payment($order_number, $order_total, &$d)
{
include_once CLASSPATH . "payment/ps_bitcoin.cfg.php";
// TODO: handle conversions via to-be-written converter script
// it's also available as global $vendor_currency
//"currency_code" => $_SESSION['vendor_currency'],
global $vmLogger;
$bitcoin_client = new BitcoinClient(BITCOIN_SCHEME, BITCOIN_USERNAME, BITCOIN_PASSWORD, BITCOIN_HOST, BITCOIN_PORT, BITCOIN_CERTIFICATE);
if (TRUE !== ($fault = $bitcoin_client->can_connect())) {
$vmLogger->err("The Bitcoin server is presently unavailable. Please contact the site administrator.");
return false;
}
// stuff the (long) order number, the total order price and a timestamp into the bitcoin address's label
$label = $order_number . " " . number_format($order_total, 2, ".", "") . " " . time();
try {
$address = $bitcoin_client->query("getnewaddress", $label);
} catch (BitcoinClientException $e) {
$vmLogger->err("The Bitcoin server was unable to generate an address for your payment. Please contact the site administrator.");
return false;
}
if (!Bitcoin::checkAddress($address)) {
$vmLogger->err("The Bitcoin server returned an invalid address. Please contact the site administrator.");
return false;
}
// stuff the payment address into the session so the "extra info" code can access it
// TODO: There's gotta be a better way...
$_SESSION["bitcoin_address"] = $address;
$d['include_comment'] = "Y";
$d['order_comment'] = "Please send your payment to Bitcoin address " . $address;
return true;
}
public function testgetaddressWithLabel()
{
if ($this->skipIf(WINDOWS, '%s does not work on windows')) {
return;
}
$address = $this->c->getnewaddress("test label");
$this->assertTrue(Bitcoin::checkAddress($address));
$this->assertEquals($this->c->getlabel($address), "test label");
}
