function ea_text_field_shared_stripe_key_render()
{
$tSharedStripeKey = get_shared_stripe_key();
?>
<input type='text' name='ea_settings[ea_text_field_shared_stripe_key]'
value='<?php
echo $tSharedStripeKey;
?>
'>
<?php
}
function ea_donation_sent_shortcode()
{
ob_start();
//++++++++++++++++++++++++++++++++++++++++
// Set your secret key: remember to change this to your live secret key in production.
// See your keys here https://dashboard.stripe.com/account
Stripe::setApiKey(get_shared_stripe_key());
// Get the credit card details submitted by the form
$tStripeTokenSg = $_POST['stripeToken'];
//-Not escaped since it will only be used by Stripe
// TODO: change to dynamic.
$tAmountCentsNr = $_POST['amountCents'];
if (is_numeric($tAmountCentsNr) === false) {
handleError("Amount of cents from POST variable included non-numeric characters or was empty - possible SQL injection attempt");
}
$tDbTokenSg = esc_sql($_POST['dbToken']);
// Check that we have gotten here through the form action in donation-for_sc.php.
// If so, withdraw the amount sent in the previous page.
if (isset($tStripeTokenSg) == true) {
// Note that:
// 1) The amount is given in cents.
// 2) The amount is given two times: once on the client side and also once here on
// the server side.
// 3) The amount is not transferred automatically (as long as we use the "custom"
// https://stripe.com/docs/checkout#integration-custom checkout button), which
// means that the value stated in the Stripe dialogue != the value actually
// charged from the user's credit card.
// TODO: remove this?
$descr = getEmpathizerUserNameByDbToken($tDbTokenSg);
//"test description";
// Create the charge on Stripe's servers - this will charge the user's card.
$tSuccess = false;
try {
$charge = Stripe_Charge::create(array("amount" => $tAmountCentsNr, "currency" => "usd", "card" => $tStripeTokenSg, "description" => $descr));
$tSuccess = true;
} catch (Stripe_CardError $e) {
// The card has been declined.
echo "<h4>Card has been declined</h4>";
} catch (Stripe_InvalidRequestError $e) {
// Invalid parameters were supplied to Stripe's API (very critical if this appears).
echo "<h4>Error: Invalid Request</h4>";
} catch (Stripe_AuthenticationError $e) {
// Authentication with Stripe's API failed.
echo "<h4>Error: Internal Stripe API Error</h4>";
} catch (Stripe_ApiConnectionError $e) {
// Network communication with Stripe failed.
// This is the error we get when the connection speed for the website is slow.
echo "<h4>Error: Failed to communicate with Stripe</h4>";
} catch (Stripe_Error $e) {
// Generic stripe error.
echo "<h4>Error: Internal Stripe Error </h4>";
} catch (Exception $e) {
echo "<h4>Error: " + $e->getMessage() + "</h4>";
}
if ($tSuccess === true) {
$tAmountDollarsNr = floor($tAmountCentsNr / 100);
echo "<h3>Success! Charged {$tAmountDollarsNr} dollars</h3>";
db_write_actual_donation($tDbTokenSg, $tAmountDollarsNr);
} else {
// TODO: details needed here or elsewhere.
echo "<h4>Some failure occured</h4>";
}
}
$tmp_content = ob_get_contents();
//++++++++++++++++++++++++++++++++++++++++
ob_end_clean();
return $tmp_content;
}
