/** * Process payment. * * @return array */ public function process_payment($object_id, $user_id = 0, $payment_type = 'course', $atts = array()) { if (!$user_id) { $user_id = get_current_user_id(); } if (!$user_id) { return array('status' => '', 'redirect' => home_url('/')); } // Add payment. $payment = edr_get_payment(); $payment->user_id = $user_id; $payment->payment_type = $payment_type; $payment->payment_status = 'complete'; $payment->payment_gateway = $this->get_id(); $payment->amount = 0.0; $payment->currency = ib_edu_get_currency(); if ('course' == $payment_type) { $payment->course_id = $object_id; $payment->amount = ib_edu_get_course_price($object_id); } elseif ('membership' == $payment_type) { $payment->object_id = $object_id; $ms = Edr_Memberships::get_instance(); $payment->amount = $ms->get_price($object_id); } if (!empty($atts['ip'])) { $payment->ip = $atts['ip']; } if (0.0 == $payment->amount) { $payment->save(); if ($payment->ID) { if ('course' == $payment->payment_type) { // Setup course entry. $entry = edr_get_entry(); $entry->course_id = $object_id; $entry->user_id = $user_id; $entry->payment_id = $payment->ID; $entry->entry_status = 'inprogress'; $entry->entry_date = date('Y-m-d H:i:s'); $entry->save(); } elseif ('membership' == $payment->payment_type) { // Setup membership. $ms->setup_membership($user_id, $object_id); } } } return array('status' => 'complete', 'redirect' => get_permalink($object_id), 'payment' => $payment); }
/** * Cancel student's payment for a course. */ public static function cancel_payment() { if (!isset($_POST['_wpnonce']) || !wp_verify_nonce($_POST['_wpnonce'], 'ibedu_cancel_payment')) { return; } if (!is_user_logged_in()) { return; } $payment_id = isset($_POST['payment_id']) ? absint($_POST['payment_id']) : 0; if (!$payment_id) { return; } $payment = edr_get_payment($payment_id); // User may cancel his/her pending payments only. if ('pending' == $payment->payment_status && $payment->user_id == get_current_user_id()) { if ($payment->update_status('cancelled')) { wp_redirect(ib_edu_get_endpoint_url('edu-message', 'payment-cancelled', get_permalink())); exit; } } }
/** * Charge the card using Stripe. * It's an AJAX action. */ public function process_stripe_token() { if (!isset($_POST['_wpnonce']) || !wp_verify_nonce($_POST['_wpnonce'], 'ib_educator_stripe_token')) { exit('0'); } if (!isset($_POST['token']) || !isset($_POST['payment_id'])) { exit('0'); } $user = wp_get_current_user(); if (0 == $user->ID) { exit('0'); } $payment = edr_get_payment($_POST['payment_id']); if (!$payment->ID || $user->ID != $payment->user_id) { // The payment must exist and it must be associated with the current user. exit('0'); } require_once IBEDUCATOR_PLUGIN_DIR . 'lib/Stripe/Stripe.php'; $token = $_POST['token']; $amount = round((double) $payment->amount, 2); $description = sprintf(__('Payment #%d', 'ibeducator'), $payment->ID); if ('course' == $payment->payment_type) { $description .= ' , ' . get_the_title($payment->course_id); } elseif ('membership' == $payment->payment_type) { $description .= ' , ' . get_the_title($payment->object_id); } try { Stripe::setApiKey($this->get_option('secret_key')); Stripe_Charge::create(array('amount' => $amount * 100, 'currency' => $payment->currency, 'card' => $token, 'description' => $description)); // Update the payment status. $payment->payment_status = 'complete'; $payment->save(); // Setup course or membership for the student. IB_Educator::get_instance()->setup_payment_item($payment); exit('1'); } catch (Exception $e) { } exit('0'); }
<?php if (!defined('ABSPATH')) { exit; } if (!current_user_can('manage_educator')) { echo '<p>' . __('Access denied', 'ibeducator') . '</p>'; return; } $payment_id = isset($_GET['payment_id']) ? absint($_GET['payment_id']) : 0; $payment = edr_get_payment($payment_id); $payment_statuses = edr_get_payment_statuses(); $types = edr_get_payment_types(); $api = IB_Educator::get_instance(); $student = null; $post = null; if ($payment->ID) { $student = get_user_by('id', $payment->user_id); if ('course' == $payment->payment_type) { $post = get_post($payment->course_id); } elseif ('membership' == $payment->payment_type) { $post = get_post($payment->object_id); } } else { if (isset($_POST['payment_type']) && array_key_exists($_POST['payment_type'], $types)) { $payment->payment_type = $_POST['payment_type']; } else { $payment->payment_type = 'course'; } } $edu_countries = Edr_Countries::get_instance();
/** * Delete a payment. */ public static function delete_payment() { // Verify nonce. if (!isset($_GET['_wpnonce']) || !wp_verify_nonce($_GET['_wpnonce'], 'edr_delete_payment')) { return; } // Check permissions. if (!current_user_can('manage_educator')) { return; } // Get entry. $payment_id = isset($_GET['payment_id']) ? intval($_GET['payment_id']) : null; if (!$payment_id) { return; } $payment = edr_get_payment($payment_id); // Delete payment if it was found. if ($payment->ID && $payment->delete()) { wp_redirect(admin_url('admin.php?page=ib_educator_payments&edr-message=payment_deleted')); exit; } }
public function process_ipn() { $debug = 0; $log_file = IBEDUCATOR_PLUGIN_DIR . 'ipn.log'; // Read POST data // reading posted data directly from $_POST causes serialization // issues with array data in POST. Reading raw POST data from input stream instead. $raw_post_data = file_get_contents('php://input'); $raw_post_array = explode('&', $raw_post_data); $myPost = array(); foreach ($raw_post_array as $keyval) { $keyval = explode('=', $keyval); if (2 == count($keyval)) { $myPost[$keyval[0]] = urldecode($keyval[1]); } } // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; if (function_exists('get_magic_quotes_gpc')) { $get_magic_quotes_exists = true; } else { $get_magic_quotes_exists = false; } foreach ($myPost as $key => $value) { if (true == $get_magic_quotes_exists && 1 == get_magic_quotes_gpc()) { $value = urlencode(stripslashes($value)); } else { $value = urlencode($value); } $req .= "&{$key}={$value}"; } // Post IPN data back to PayPal to validate the IPN data is genuine. // Without this step anyone can fake IPN data. if ($this->get_option('test')) { $paypal_url = $this->test_url; } else { $paypal_url = $this->live_url; } $ch = curl_init($paypal_url); if (!$ch) { return; } curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_FORBID_REUSE, 1); if ($debug) { curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLINFO_HEADER_OUT, 1); } // Set TCP timeout to 30 seconds. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close')); $res = curl_exec($ch); if (0 != curl_errno($ch)) { if (true == $debug) { error_log(date('[Y-m-d H:i e] ') . 'Can\'t connect to PayPal to validate IPN message: ' . curl_error($ch) . PHP_EOL, 3, $log_file); } curl_close($ch); exit; } else { // Log the entire HTTP response if debug is switched on. if ($debug) { error_log(date('[Y-m-d H:i e] ') . 'HTTP request of validation request:' . curl_getinfo($ch, CURLINFO_HEADER_OUT) . ' for IPN payload: ' . $req . PHP_EOL, 3, $log_file); error_log(date('[Y-m-d H:i e] ') . 'HTTP response of validation request: ' . $res . PHP_EOL, 3, $log_file); } curl_close($ch); } // Inspect IPN validation result and act accordingly. if (false !== strpos($res, 'VERIFIED')) { if (isset($_POST['payment_status'])) { $payment_id = !isset($_POST['item_number']) ? 0 : absint($_POST['item_number']); $currency = !isset($_POST['mc_currency']) ? '' : $_POST['mc_currency']; $receiver_email = !isset($_POST['receiver_email']) ? '' : $_POST['receiver_email']; $payment_amount = !isset($_POST['mc_gross']) ? '' : $_POST['mc_gross']; if ($receiver_email != $this->get_option('business_email')) { return; } if (0 == $payment_id) { return; } $payment = edr_get_payment($payment_id); if (!$payment->ID) { return; } if ($payment_amount != $payment->amount) { return; } if ($currency != $payment->currency) { return; } switch ($_POST['payment_status']) { case 'Completed': // Update payment status. $payment->payment_status = 'complete'; if (isset($_POST['txn_id'])) { $payment->txn_id = sanitize_text_field($_POST['txn_id']); } $payment->save(); // Setup course or membership for the student. IB_Educator::get_instance()->setup_payment_item($payment); break; case 'Failed': case 'Expired': case 'Denied': case 'Voided': // Update payment status. $payment->payment_status = 'failed'; $payment->save(); break; } } if ($debug) { error_log(date('[Y-m-d H:i e] ') . 'Verified IPN: ' . $req . PHP_EOL, 3, $log_file); } } else { if (0 == strcmp($res, 'INVALID')) { if ($debug) { error_log(date('[Y-m-d H:i e] ') . 'Invalid IPN: ' . $req . PHP_EOL, 3, $log_file); } } } }
if ($payment->ID && $payment->user_id == $user_id) { do_action('ib_educator_thankyou_' . $payment->payment_gateway); } // Show link to the payments page. $payments_page = get_post(ib_edu_page_id('user_payments')); if ($payments_page) { echo '<p>' . sprintf(__('Go to %s page', 'ibeducator'), '<a href="' . esc_url(get_permalink($payments_page->ID)) . '">' . esc_html($payments_page->post_title) . '</a>') . '</p>'; } } else { if ($pay = get_query_var('edu-pay')) { // Can be used for step 2 of the payment process. // PayPal gateway uses it. if (!is_numeric($pay)) { return; } $payment = edr_get_payment($pay); // The payment must exist and it must belong to the current user. if ($payment->ID && $payment->user_id == $user_id) { do_action('ib_educator_pay_' . $payment->payment_gateway); } } else { // Step 1 of the payment process. $object_id = get_query_var('edu-course'); $post = null; if (!is_numeric($object_id) && isset($_POST['course_id'])) { $object_id = intval($_POST['course_id']); } if ($object_id) { $post = get_post($object_id); } else { // No course id? Try to get membership id.
/** * Add course entry. */ public function addEntry($data) { $payment = edr_get_payment($data['payment_id']); $entry = edr_get_entry(); $entry->course_id = $data['course_id']; $entry->user_id = $payment->user_id; $entry->payment_id = $payment->ID; $entry->entry_status = $data['entry_status']; $entry->entry_date = date('Y-m-d H:i:s'); $entry->save(); return $entry->ID; }
/** * Create payment. * * @param int $object_id ID of the object the payment is to be associated with. * @param int $user_id * @param string $payment_type * @return IB_Educator_Payment */ public function create_payment($object_id, $user_id, $payment_type, $atts = array()) { $payment = edr_get_payment(); $payment->user_id = $user_id; $payment->payment_type = $payment_type; $payment->payment_status = 'pending'; $payment->payment_gateway = $this->get_id(); $payment->currency = ib_edu_get_currency(); if ('course' == $payment_type) { $payment->course_id = $object_id; $payment->amount = ib_edu_get_course_price($object_id); } elseif ('membership' == $payment_type) { $payment->object_id = $object_id; $payment->amount = Edr_Memberships::get_instance()->get_price($object_id); } $tax_data = null; if (ib_edu_collect_billing_data($object_id)) { // Save billing data. $billing = get_user_meta($user_id, '_ib_educator_billing', true); if (!is_array($billing)) { $billing = array(); } $payment->first_name = get_user_meta($user_id, 'first_name', true); $payment->last_name = get_user_meta($user_id, 'last_name', true); $payment->address = isset($billing['address']) ? $billing['address'] : ''; $payment->address_2 = isset($billing['address_2']) ? $billing['address_2'] : ''; $payment->city = isset($billing['city']) ? $billing['city'] : ''; $payment->state = isset($billing['state']) ? $billing['state'] : ''; $payment->postcode = isset($billing['postcode']) ? $billing['postcode'] : ''; $payment->country = isset($billing['country']) ? $billing['country'] : ''; // Calculate tax. $edu_tax = Edr_TaxManager::get_instance(); $tax_data = $edu_tax->calculate_tax($edu_tax->get_tax_class_for($object_id), $payment->amount, $payment->country, $payment->state); $payment->tax = $tax_data['tax']; $payment->amount = $tax_data['total']; } if (!empty($atts['ip'])) { $payment->ip = $atts['ip']; } $payment->save(); // Save tax data. if ($tax_data) { foreach ($tax_data['taxes'] as $tax) { $payment->update_line(array('object_id' => $tax->ID, 'line_type' => 'tax', 'amount' => $tax->amount, 'name' => $tax->name)); } } return $payment; }
/** * Save payment to database. * * @param array $data * @return IB_Educator_Payment */ public function add_payment($data) { $payment = edr_get_payment(); if (!empty($data['course_id'])) { $payment->course_id = $data['course_id']; } $payment->user_id = $data['user_id']; if (!empty($data['object_id'])) { $payment->object_id = $data['object_id']; } $payment->payment_type = $data['payment_type']; $payment->payment_gateway = $data['payment_gateway']; $payment->payment_status = $data['payment_status']; $payment->amount = $data['amount']; $payment->currency = $data['currency']; if (!empty($data['tax'])) { $payment->tax = $data['tax']; } $payment->save(); return $payment; }
/** * Process bulk actions. */ public function process_bulk_action() { $ids = isset($_POST['payment']) ? $_POST['payment'] : null; if (!is_array($ids) || empty($ids)) { return; } $action = $this->current_action(); foreach ($ids as $id) { if ('delete' === $action) { $payment = edr_get_payment($id); if ($payment->ID) { $payment->delete(); } } } }