/**
* Process payment.
*
* @return array
*/
public function process_payment($object_id, $user_id = 0, $payment_type = 'course', $atts = array())
{
if (!$user_id) {
$user_id = get_current_user_id();
}
if (!$user_id) {
return array('status' => '', 'redirect' => home_url('/'));
}
// Add payment.
$payment = edr_get_payment();
$payment->user_id = $user_id;
$payment->payment_type = $payment_type;
$payment->payment_status = 'complete';
$payment->payment_gateway = $this->get_id();
$payment->amount = 0.0;
$payment->currency = ib_edu_get_currency();
if ('course' == $payment_type) {
$payment->course_id = $object_id;
$payment->amount = ib_edu_get_course_price($object_id);
} elseif ('membership' == $payment_type) {
$payment->object_id = $object_id;
$ms = Edr_Memberships::get_instance();
$payment->amount = $ms->get_price($object_id);
}
if (!empty($atts['ip'])) {
$payment->ip = $atts['ip'];
}
if (0.0 == $payment->amount) {
$payment->save();
if ($payment->ID) {
if ('course' == $payment->payment_type) {
// Setup course entry.
$entry = edr_get_entry();
$entry->course_id = $object_id;
$entry->user_id = $user_id;
$entry->payment_id = $payment->ID;
$entry->entry_status = 'inprogress';
$entry->entry_date = date('Y-m-d H:i:s');
$entry->save();
} elseif ('membership' == $payment->payment_type) {
// Setup membership.
$ms->setup_membership($user_id, $object_id);
}
}
}
return array('status' => 'complete', 'redirect' => get_permalink($object_id), 'payment' => $payment);
}
/**
* Cancel student's payment for a course.
*/
public static function cancel_payment()
{
if (!isset($_POST['_wpnonce']) || !wp_verify_nonce($_POST['_wpnonce'], 'ibedu_cancel_payment')) {
return;
}
if (!is_user_logged_in()) {
return;
}
$payment_id = isset($_POST['payment_id']) ? absint($_POST['payment_id']) : 0;
if (!$payment_id) {
return;
}
$payment = edr_get_payment($payment_id);
// User may cancel his/her pending payments only.
if ('pending' == $payment->payment_status && $payment->user_id == get_current_user_id()) {
if ($payment->update_status('cancelled')) {
wp_redirect(ib_edu_get_endpoint_url('edu-message', 'payment-cancelled', get_permalink()));
exit;
}
}
}
/**
* Charge the card using Stripe.
* It's an AJAX action.
*/
public function process_stripe_token()
{
if (!isset($_POST['_wpnonce']) || !wp_verify_nonce($_POST['_wpnonce'], 'ib_educator_stripe_token')) {
exit('0');
}
if (!isset($_POST['token']) || !isset($_POST['payment_id'])) {
exit('0');
}
$user = wp_get_current_user();
if (0 == $user->ID) {
exit('0');
}
$payment = edr_get_payment($_POST['payment_id']);
if (!$payment->ID || $user->ID != $payment->user_id) {
// The payment must exist and it must be associated with the current user.
exit('0');
}
require_once IBEDUCATOR_PLUGIN_DIR . 'lib/Stripe/Stripe.php';
$token = $_POST['token'];
$amount = round((double) $payment->amount, 2);
$description = sprintf(__('Payment #%d', 'ibeducator'), $payment->ID);
if ('course' == $payment->payment_type) {
$description .= ' , ' . get_the_title($payment->course_id);
} elseif ('membership' == $payment->payment_type) {
$description .= ' , ' . get_the_title($payment->object_id);
}
try {
Stripe::setApiKey($this->get_option('secret_key'));
Stripe_Charge::create(array('amount' => $amount * 100, 'currency' => $payment->currency, 'card' => $token, 'description' => $description));
// Update the payment status.
$payment->payment_status = 'complete';
$payment->save();
// Setup course or membership for the student.
IB_Educator::get_instance()->setup_payment_item($payment);
exit('1');
} catch (Exception $e) {
}
exit('0');
}
<?php
if (!defined('ABSPATH')) {
exit;
}
if (!current_user_can('manage_educator')) {
echo '<p>' . __('Access denied', 'ibeducator') . '</p>';
return;
}
$payment_id = isset($_GET['payment_id']) ? absint($_GET['payment_id']) : 0;
$payment = edr_get_payment($payment_id);
$payment_statuses = edr_get_payment_statuses();
$types = edr_get_payment_types();
$api = IB_Educator::get_instance();
$student = null;
$post = null;
if ($payment->ID) {
$student = get_user_by('id', $payment->user_id);
if ('course' == $payment->payment_type) {
$post = get_post($payment->course_id);
} elseif ('membership' == $payment->payment_type) {
$post = get_post($payment->object_id);
}
} else {
if (isset($_POST['payment_type']) && array_key_exists($_POST['payment_type'], $types)) {
$payment->payment_type = $_POST['payment_type'];
} else {
$payment->payment_type = 'course';
}
}
$edu_countries = Edr_Countries::get_instance();
/**
* Delete a payment.
*/
public static function delete_payment()
{
// Verify nonce.
if (!isset($_GET['_wpnonce']) || !wp_verify_nonce($_GET['_wpnonce'], 'edr_delete_payment')) {
return;
}
// Check permissions.
if (!current_user_can('manage_educator')) {
return;
}
// Get entry.
$payment_id = isset($_GET['payment_id']) ? intval($_GET['payment_id']) : null;
if (!$payment_id) {
return;
}
$payment = edr_get_payment($payment_id);
// Delete payment if it was found.
if ($payment->ID && $payment->delete()) {
wp_redirect(admin_url('admin.php?page=ib_educator_payments&edr-message=payment_deleted'));
exit;
}
}
public function process_ipn()
{
$debug = 0;
$log_file = IBEDUCATOR_PLUGIN_DIR . 'ipn.log';
// Read POST data
// reading posted data directly from $_POST causes serialization
// issues with array data in POST. Reading raw POST data from input stream instead.
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode('=', $keyval);
if (2 == count($keyval)) {
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
}
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
if (function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
} else {
$get_magic_quotes_exists = false;
}
foreach ($myPost as $key => $value) {
if (true == $get_magic_quotes_exists && 1 == get_magic_quotes_gpc()) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&{$key}={$value}";
}
// Post IPN data back to PayPal to validate the IPN data is genuine.
// Without this step anyone can fake IPN data.
if ($this->get_option('test')) {
$paypal_url = $this->test_url;
} else {
$paypal_url = $this->live_url;
}
$ch = curl_init($paypal_url);
if (!$ch) {
return;
}
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
if ($debug) {
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLINFO_HEADER_OUT, 1);
}
// Set TCP timeout to 30 seconds.
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
$res = curl_exec($ch);
if (0 != curl_errno($ch)) {
if (true == $debug) {
error_log(date('[Y-m-d H:i e] ') . 'Can\'t connect to PayPal to validate IPN message: ' . curl_error($ch) . PHP_EOL, 3, $log_file);
}
curl_close($ch);
exit;
} else {
// Log the entire HTTP response if debug is switched on.
if ($debug) {
error_log(date('[Y-m-d H:i e] ') . 'HTTP request of validation request:' . curl_getinfo($ch, CURLINFO_HEADER_OUT) . ' for IPN payload: ' . $req . PHP_EOL, 3, $log_file);
error_log(date('[Y-m-d H:i e] ') . 'HTTP response of validation request: ' . $res . PHP_EOL, 3, $log_file);
}
curl_close($ch);
}
// Inspect IPN validation result and act accordingly.
if (false !== strpos($res, 'VERIFIED')) {
if (isset($_POST['payment_status'])) {
$payment_id = !isset($_POST['item_number']) ? 0 : absint($_POST['item_number']);
$currency = !isset($_POST['mc_currency']) ? '' : $_POST['mc_currency'];
$receiver_email = !isset($_POST['receiver_email']) ? '' : $_POST['receiver_email'];
$payment_amount = !isset($_POST['mc_gross']) ? '' : $_POST['mc_gross'];
if ($receiver_email != $this->get_option('business_email')) {
return;
}
if (0 == $payment_id) {
return;
}
$payment = edr_get_payment($payment_id);
if (!$payment->ID) {
return;
}
if ($payment_amount != $payment->amount) {
return;
}
if ($currency != $payment->currency) {
return;
}
switch ($_POST['payment_status']) {
case 'Completed':
// Update payment status.
$payment->payment_status = 'complete';
if (isset($_POST['txn_id'])) {
$payment->txn_id = sanitize_text_field($_POST['txn_id']);
}
$payment->save();
// Setup course or membership for the student.
IB_Educator::get_instance()->setup_payment_item($payment);
break;
case 'Failed':
case 'Expired':
case 'Denied':
case 'Voided':
// Update payment status.
$payment->payment_status = 'failed';
$payment->save();
break;
}
}
if ($debug) {
error_log(date('[Y-m-d H:i e] ') . 'Verified IPN: ' . $req . PHP_EOL, 3, $log_file);
}
} else {
if (0 == strcmp($res, 'INVALID')) {
if ($debug) {
error_log(date('[Y-m-d H:i e] ') . 'Invalid IPN: ' . $req . PHP_EOL, 3, $log_file);
}
}
}
}
if ($payment->ID && $payment->user_id == $user_id) {
do_action('ib_educator_thankyou_' . $payment->payment_gateway);
}
// Show link to the payments page.
$payments_page = get_post(ib_edu_page_id('user_payments'));
if ($payments_page) {
echo '<p>' . sprintf(__('Go to %s page', 'ibeducator'), '<a href="' . esc_url(get_permalink($payments_page->ID)) . '">' . esc_html($payments_page->post_title) . '</a>') . '</p>';
}
} else {
if ($pay = get_query_var('edu-pay')) {
// Can be used for step 2 of the payment process.
// PayPal gateway uses it.
if (!is_numeric($pay)) {
return;
}
$payment = edr_get_payment($pay);
// The payment must exist and it must belong to the current user.
if ($payment->ID && $payment->user_id == $user_id) {
do_action('ib_educator_pay_' . $payment->payment_gateway);
}
} else {
// Step 1 of the payment process.
$object_id = get_query_var('edu-course');
$post = null;
if (!is_numeric($object_id) && isset($_POST['course_id'])) {
$object_id = intval($_POST['course_id']);
}
if ($object_id) {
$post = get_post($object_id);
} else {
// No course id? Try to get membership id.
/**
* Add course entry.
*/
public function addEntry($data)
{
$payment = edr_get_payment($data['payment_id']);
$entry = edr_get_entry();
$entry->course_id = $data['course_id'];
$entry->user_id = $payment->user_id;
$entry->payment_id = $payment->ID;
$entry->entry_status = $data['entry_status'];
$entry->entry_date = date('Y-m-d H:i:s');
$entry->save();
return $entry->ID;
}
/**
* Create payment.
*
* @param int $object_id ID of the object the payment is to be associated with.
* @param int $user_id
* @param string $payment_type
* @return IB_Educator_Payment
*/
public function create_payment($object_id, $user_id, $payment_type, $atts = array())
{
$payment = edr_get_payment();
$payment->user_id = $user_id;
$payment->payment_type = $payment_type;
$payment->payment_status = 'pending';
$payment->payment_gateway = $this->get_id();
$payment->currency = ib_edu_get_currency();
if ('course' == $payment_type) {
$payment->course_id = $object_id;
$payment->amount = ib_edu_get_course_price($object_id);
} elseif ('membership' == $payment_type) {
$payment->object_id = $object_id;
$payment->amount = Edr_Memberships::get_instance()->get_price($object_id);
}
$tax_data = null;
if (ib_edu_collect_billing_data($object_id)) {
// Save billing data.
$billing = get_user_meta($user_id, '_ib_educator_billing', true);
if (!is_array($billing)) {
$billing = array();
}
$payment->first_name = get_user_meta($user_id, 'first_name', true);
$payment->last_name = get_user_meta($user_id, 'last_name', true);
$payment->address = isset($billing['address']) ? $billing['address'] : '';
$payment->address_2 = isset($billing['address_2']) ? $billing['address_2'] : '';
$payment->city = isset($billing['city']) ? $billing['city'] : '';
$payment->state = isset($billing['state']) ? $billing['state'] : '';
$payment->postcode = isset($billing['postcode']) ? $billing['postcode'] : '';
$payment->country = isset($billing['country']) ? $billing['country'] : '';
// Calculate tax.
$edu_tax = Edr_TaxManager::get_instance();
$tax_data = $edu_tax->calculate_tax($edu_tax->get_tax_class_for($object_id), $payment->amount, $payment->country, $payment->state);
$payment->tax = $tax_data['tax'];
$payment->amount = $tax_data['total'];
}
if (!empty($atts['ip'])) {
$payment->ip = $atts['ip'];
}
$payment->save();
// Save tax data.
if ($tax_data) {
foreach ($tax_data['taxes'] as $tax) {
$payment->update_line(array('object_id' => $tax->ID, 'line_type' => 'tax', 'amount' => $tax->amount, 'name' => $tax->name));
}
}
return $payment;
}
/**
* Save payment to database.
*
* @param array $data
* @return IB_Educator_Payment
*/
public function add_payment($data)
{
$payment = edr_get_payment();
if (!empty($data['course_id'])) {
$payment->course_id = $data['course_id'];
}
$payment->user_id = $data['user_id'];
if (!empty($data['object_id'])) {
$payment->object_id = $data['object_id'];
}
$payment->payment_type = $data['payment_type'];
$payment->payment_gateway = $data['payment_gateway'];
$payment->payment_status = $data['payment_status'];
$payment->amount = $data['amount'];
$payment->currency = $data['currency'];
if (!empty($data['tax'])) {
$payment->tax = $data['tax'];
}
$payment->save();
return $payment;
}
/**
* Process bulk actions.
*/
public function process_bulk_action()
{
$ids = isset($_POST['payment']) ? $_POST['payment'] : null;
if (!is_array($ids) || empty($ids)) {
return;
}
$action = $this->current_action();
foreach ($ids as $id) {
if ('delete' === $action) {
$payment = edr_get_payment($id);
if ($payment->ID) {
$payment->delete();
}
}
}
}
