-
Notifications
You must be signed in to change notification settings - Fork 0
/
order_process.php
executable file
·264 lines (193 loc) · 8.39 KB
/
order_process.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
<?php
session_start();
require_once "../../config.php";
define('CLIENT_ID', 'AczIJVqg1MPK3ItForTYH_o9A-G8fIUb8nDbcoN7tPHeK2m5ec6Fu78dA-yFiuDfc_o314DP1KGcnev5'); //your PayPal client ID
define('CLIENT_SECRET', 'ED8dxaMsZcwfP0FBq4Mk34GAhgozzYCMSJJBCtps4JjCMlwrykbMI0CmFN1UW_2gQNCjYVwJWZ_B0veK'); //PayPal Secret
define('RETURN_URL', "http://www.".$title."/dashboard/pages/order_process.php"); //return URL where PayPal redirects user
define('CANCEL_URL', "http://www.".$title."/dashboard/pages/index.php"); //cancel URL
define('PP_CURRENCY', 'USD'); //Currency code
define('PP_CONFIG_PATH', 'sdk_config.ini'); //PayPal config path (sdk_config.ini)
include_once __DIR__ . "/vendor/autoload.php"; //include PayPal SDK
include_once __DIR__ . "/functions.inc.php"; //our PayPal functions
#### Prepare for Payment ####
$email = $_SESSION["sessemail"];
if(isset($_POST["item_code"])){
$item_name = $_POST["item_name"]; //get item code
$item_code = $_POST["item_code"]; //get item code
$item_price = $_POST["item_price"]; //get item price
if ($item_price < 2)
{
die ("wrong price");
}
if (!(ctype_digit($item_price)))
{
die ("wrong type price");
}
$item_qty = $_POST["qty"]; //get quantity
/*
Note: DO NOT rely on item_price you get from products page, in production mode get only "item code"
from the products page and then fetch its actual price from Database.
Example :
$results = $mysqli->query("SELECT item_name, item_price FROM products WHERE item_code= '$item_code'");
while($row = $results->fetch_object()) {
$item_name = $row->item_name;
$item_price = item_price ;
}
*/
//set array of items you are selling, single or multiple
$items = array(
array('name'=> $item_name, 'quantity'=> $item_qty, 'price'=> $item_price, 'sku'=> $item_code, 'currency'=>PP_CURRENCY)
);
//calculate total amount of all quantity.
$total_amount = ($item_qty * $item_price);
try{ // try a payment request
//if payment method is paypal
$result = create_paypal_payment($total_amount, PP_CURRENCY, '', $items, RETURN_URL, CANCEL_URL);
//if payment method was PayPal, we need to redirect user to PayPal approval URL
if($result->state == "created" && $result->payer->payment_method == "paypal"){
$_SESSION["payment_id"] = $result->id; //set payment id for later use, we need this to execute payment
header("location: ". $result->links[1]->href); //after success redirect user to approval URL
exit();
}
}catch(PPConnectionException $ex) {
echo parseApiError($ex->getData());
} catch (Exception $ex) {
echo $ex->getMessage();
}
}
### After PayPal payment method confirmation, user is redirected back to this page with token and Payer ID ###
if(isset($_GET["token"]) && isset($_GET["PayerID"]) && isset($_SESSION["payment_id"])){
try{
$result = execute_payment($_SESSION["payment_id"], $_GET["PayerID"]); //call execute payment function.
if($result->state == "approved"){ //if state = approved continue..
//SUCESS
unset($_SESSION["payment_id"]); //unset payment_id, it is no longer needed
//get transaction details
$transaction_id = $result->transactions[0]->related_resources[0]->sale->id;
$transaction_time = $result->transactions[0]->related_resources[0]->sale->create_time;
$transaction_currency = $result->transactions[0]->related_resources[0]->sale->amount->currency;
$transaction_amount = $result->transactions[0]->related_resources[0]->sale->amount->total;
$transaction_method = $result->payer->payment_method;
$transaction_state = $result->transactions[0]->related_resources[0]->sale->state;
//get payer details
$payer_first_name = $result->payer->payer_info->first_name;
$payer_last_name = $result->payer->payer_info->last_name;
$payer_email = $result->payer->payer_info->email;
$payer_id = $result->payer->payer_info->payer_id;
//get shipping details
$shipping_recipient = $result->transactions[0]->item_list->shipping_address->recipient_name;
$shipping_line1 = $result->transactions[0]->item_list->shipping_address->line1;
$shipping_line2 = $result->transactions[0]->item_list->shipping_address->line2;
$shipping_city = $result->transactions[0]->item_list->shipping_address->city;
$shipping_state = $result->transactions[0]->item_list->shipping_address->state;
$shipping_postal_code = $result->transactions[0]->item_list->shipping_address->postal_code;
$shipping_country_code = $result->transactions[0]->item_list->shipping_address->country_code;
/*
#### AT THIS POINT YOU CAN SAVE INFO IN YOUR DATABASE ###
//see (http://www.sanwebe.com/2013/03/basic-php-mysqli-usage) for mysqli usage
//Open a new connection to the MySQL server
$mysqli = new mysqli('host','username','password','database_name');
//Output any connection error
if ($mysqli->connect_error) {
die('Error : ('. $mysqli->connect_errno .') '. $mysqli->connect_error);
}
$insert_row = $mysqli->query("INSERT INTO transactions (payer_id, payer_name, payer_email, transaction_id)
VALUES ('payer_first_name' , '$payer_email' , '$transaction_id')");
*/
//Set session for later use, print_r($result); to see what is returned
$_SESSION["results"] = array(
'transaction_id' => $transaction_id,
'transaction_time' => $transaction_time,
'transaction_currency' => $transaction_currency,
'transaction_amount' => $transaction_amount,
'transaction_method' => $transaction_method,
'transaction_state' => $transaction_state
);
header("location: ". RETURN_URL); //$_SESSION["results"] is set, redirect back to order_process.php
exit();
}
}catch(PPConnectionException $ex) {
$ex->getData();
} catch (Exception $ex) {
echo $ex->getMessage();
}
}
### Display order confirmation if $_SESSION["results"] is set ####
if(isset($_SESSION["results"]))
{
$content = <<<EOD
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Payment gateway</title>
<style type="text/css">
.transaction_info {margin:0px auto; background:#F2FCFF;; max-width: 750px; color:#555;font-size: 13px;font-family: Arial, sans-serif;}
.transaction_info thead {background: #BCE4FA;font-weight: bold;}
.transaction_info thead tr th {border-bottom: 1px solid #ddd;}
</style>
</head>
<body>
<div align="center"><h2>Payment Success</h2></div>
<table border="0" cellpadding="10" cellspacing="0" class="transaction_info">
<thead><tr>
<td>Transaction ID</td>
<td>Date</td><td>Currency</td>
<td>Amount</td><td>Method</td>
<td>State</td></tr></thead>
<tbody>
<tr>
<td>{$_SESSION["results"]["transaction_id"]}</td>
<td>{$_SESSION["results"]["transaction_time"]}</td>
<td>{$_SESSION["results"]["transaction_currency"]}</td>
<td>{$_SESSION["results"]["transaction_amount"]}</td>
<td>{$_SESSION["results"]["transaction_method"]}</td>
<td>{$_SESSION["results"]["transaction_state"]}</td></tr><tr>
<td colspan="6">
<div align="center">
<a href="index.php">Back to Products Page</a></div></td></tr></tbody></table>
</body></html>
</body>
</html>
EOD;
}
print $content;
//echo "<h1>".$_SESSION["results"]["transaction_amount"]."</h1>";
$balance = $_SESSION["results"]["transaction_amount"];
//echo $balance;
if (is_numeric($balance) && $balance >= 2) {
$con = new MongoClient();
if($con){
$db = $con->$tb_payment;
$selection = $db->$myusers_tb_payment;
$document = array("email" => $email);
$result = $selection->findOne($document);
if($result){
$res = $selection->find($document);
foreach ($res as $doc)
{
//echo $doc["_id"] ."<br />";
//echo $doc["email"] ."<br />";
//echo $doc["balance"] ."<br />";
}
$selection->update(array("_id"=>$doc["_id"]),
array('$set'=>array("balance"=>"$balance")));
//echo "Document updated successfully";
foreach ($res as $doc)
{
//echo $doc["_id"] ."<br />";
//echo $doc["email"] ."<br />";
//echo $doc["balance"] ."<br />";
}
}
else{ die("user does not exist , or user / password is incorrect");}
}
else{ die("Mongo DB not installed");}
}
else {
include_once "errorglobal.php";
$obj = new error;
$obj->error_danger("oOps error occured");
}
unset($_SESSION["results"]);
?>