[platal.git] / htdocs / paiement / paypal_retour.php

<?php
/***************************************************************************
 *  Copyright (C) 2003-2006 Polytechnique.org                              *
 *  http://opensource.polytechnique.org/                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/

require_once("xorg.inc.php");
new_skinned_page('paiement/retour_paypal.tpl', AUTH_MDP);
require_once("diogenes/diogenes.hermes.inc.php");

/* sort en affichant une erreur */
function erreur($text, $send=true) {
    global $page, $erreur;
    if ($erreur) return;
    $erreur = $text;
    if (!$send) return;

    $mymail = new HermesMailer();
    $mymail->addTo("telepaiement@polytechnique.org");
    $mymail->setFrom("webmaster@polytechnique.org");
    $mymail->setSubject("erreur lors d'un t�l�paiement (PayPal)");
    $mymail->setTxtBody("\n\n".var_export($_REQUEST,true));
    $mymail->send();

    $page->trig($text);
}

/* user id */
$uid = clean_request('uid');
/* reference banque (numero de transaction) */
$no_transaction = clean_request('tx');
/* token a renvoyer pour avoir plus d'information */
$clef = clean_request('sig');
/* code retour */
$status = clean_request('st');
/* raison */
$reason = ($status == 'Pending')?clean_request('pending_reason'):clean_request('reason_code');
/* reference complete de la commande */
$fullref = clean_request('cm');
/* montant de la transaction */
$montant_nb = clean_request('amt');
/* devise */
$montant_dev = clean_request('cc');
$montant = "$montant_nb $montant_dev";

/* on extrait le code de retour */
if ($status != "Completed") {
	if ($status)
		erreur("erreur lors du paiement : $status - $reason");
	else
		erreur("Paiement annul�", false);
}

/* on extrait les informations sur l'utilisateur */
$res = $globals->xdb->query("
    SELECT  a.prenom,a.nom,a.promo,l.alias,FIND_IN_SET(a.flags,'femme')
      FROM  auth_user_md5 AS a
INNER JOIN  aliases       AS l ON (a.user_id=l.id AND type!='homonyme')
     WHERE  a.user_id={?}", $uid);
if (!list($prenom,$nom,$promo,$forlife,$femme) = $res->fetchOneRow()) {
    erreur("uid invalide");
}

/* on extrait la reference de la commande */
if (!ereg('-xorg-([0-9]+)$',$fullref,$matches)) {
    erreur("r�f�rence de commande invalide");
}

$ref = $matches[1];
$res = $globals->xdb->query("SELECT mail,text,confirmation FROM paiement.paiements WHERE id={?}", $ref);
if (!list($conf_mail,$conf_title,$conf_text) = $res->fetchOneRow()) {
    erreur("r�f�rence de commande inconnue");
}

/* on fait l'insertion en base de donnees */
$globals->xdb->execute("INSERT INTO  paiement.transactions (id,uid,ref,fullref,montant,cle)
                             VALUES  ({?},{?},{?},{?},{?},{?})",
                        $no_transaction, $uid, $ref, $fullref, $montant, $clef);

/* on genere le mail de confirmation */
$conf_text = str_replace("<prenom>",$prenom,$conf_text);
$conf_text = str_replace("<nom>",$nom,$conf_text);
$conf_text = str_replace("<promo>",$promo,$conf_text);
$conf_text = str_replace("<montant>",$montant,$conf_text);
$conf_text = str_replace("<salutation>",$femme ? "Ch�re" : "Cher",$conf_text);
$conf_text = str_replace("<cher>",$femme ? "Ch�re" : "Cher",$conf_text);

$mymail = new HermesMailer();
$mymail->setFrom($conf_mail);
$mymail->addTo("\"$prenom $nom\" <$forlife@polytechnique.org>");
$mymail->addCc($conf_mail);
$mymail->setSubject($conf_title);
$mymail->setTxtBody($conf_text);
$mymail->send();

/* on envoie les details de la transaction � telepaiement@ */
$mymail = new HermesMailer();
$mymail->setFrom("webmaster@polytechnique.org");
$mymail->addTo("telepaiement@polytechnique.org");
$mymail->setSubject($conf_title);
$msg = "utilisateur : $prenom $nom ($uid)\n".
       "mail : $forlife@polytechnique.org\n\n".
       "paiement : $conf_title ($conf_mail)\n".
       "reference : $no_transaction\n".
       "montant : $montant\n\n".
       "dump de REQUEST:\n".
       var_export($_REQUEST,true);
$mymail->setTxtBody($msg);
$mymail->send();

$page->assign('texte', $conf_text);
$page->assign('erreur', $erreur);
$page->run();
?>
Commit	Line	Data
0337d704	1	<?php
0337d704	2	/***************************************************************************
50a40a33	3	* Copyright (C) 2003-2006 Polytechnique.org *
0337d704	4	* http://opensource.polytechnique.org/ *
	5	* *
	6	* This program is free software; you can redistribute it and/or modify *
	7	* it under the terms of the GNU General Public License as published by *
	8	* the Free Software Foundation; either version 2 of the License, or *
	9	* (at your option) any later version. *
	10	* *
	11	* This program is distributed in the hope that it will be useful, *
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
	14	* GNU General Public License for more details. *
	15	* *
	16	* You should have received a copy of the GNU General Public License *
	17	* along with this program; if not, write to the Free Software *
	18	* Foundation, Inc., *
	19	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
	20	***************************************************************************/
	21
	22	require_once("xorg.inc.php");
	23	new_skinned_page('paiement/retour_paypal.tpl', AUTH_MDP);
	24	require_once("diogenes/diogenes.hermes.inc.php");
	25
	26	/* sort en affichant une erreur */
	27	function erreur($text, $send=true) {
	28	global $page, $erreur;
	29	if ($erreur) return;
	30	$erreur = $text;
	31	if (!$send) return;
	32
	33	$mymail = new HermesMailer();
	34	$mymail->addTo("telepaiement@polytechnique.org");
	35	$mymail->setFrom("webmaster@polytechnique.org");
	36	$mymail->setSubject("erreur lors d'un t�l�paiement (PayPal)");
	37	$mymail->setTxtBody("\n\n".var_export($_REQUEST,true));
	38	$mymail->send();
	39
	40	$page->trig($text);
	41	}
	42
	43	/* user id */
	44	$uid = clean_request('uid');
	45	/* reference banque (numero de transaction) */
	46	$no_transaction = clean_request('tx');
	47	/* token a renvoyer pour avoir plus d'information */
	48	$clef = clean_request('sig');
	49	/* code retour */
	50	$status = clean_request('st');
	51	/* raison */
	52	$reason = ($status == 'Pending')?clean_request('pending_reason'):clean_request('reason_code');
	53	/* reference complete de la commande */
	54	$fullref = clean_request('cm');
	55	/* montant de la transaction */
	56	$montant_nb = clean_request('amt');
	57	/* devise */
	58	$montant_dev = clean_request('cc');
	59	$montant = "$montant_nb $montant_dev";
	60
	61	/* on extrait le code de retour */
	62	if ($status != "Completed") {
	63	if ($status)
	64	erreur("erreur lors du paiement : $status - $reason");
	65	else
	66	erreur("Paiement annul�", false);
	67	}
68
69	/* on extrait les informations sur l'utilisateur */
70	$res = $globals->xdb->query("
71	SELECT a.prenom,a.nom,a.promo,l.alias,FIND_IN_SET(a.flags,'femme')
72	FROM auth_user_md5 AS a
73	INNER JOIN aliases AS l ON (a.user_id=l.id AND type!='homonyme')
74	WHERE a.user_id={?}", $uid);
75	if (!list($prenom,$nom,$promo,$forlife,$femme) = $res->fetchOneRow()) {
76	erreur("uid invalide");
77	}
78
79	/* on extrait la reference de la commande */
80	if (!ereg('-xorg-([0-9]+)$',$fullref,$matches)) {
81	erreur("r�f�rence de commande invalide");
82	}
83
84	$ref = $matches[1];
85	$res = $globals->xdb->query("SELECT mail,text,confirmation FROM paiement.paiements WHERE id={?}", $ref);
86	if (!list($conf_mail,$conf_title,$conf_text) = $res->fetchOneRow()) {
87	erreur("r�f�rence de commande inconnue");
88	}
89
90	/* on fait l'insertion en base de donnees */
91	$globals->xdb->execute("INSERT INTO paiement.transactions (id,uid,ref,fullref,montant,cle)
92	VALUES ({?},{?},{?},{?},{?},{?})",
93	$no_transaction, $uid, $ref, $fullref, $montant, $clef);
94
95	/* on genere le mail de confirmation */
96	$conf_text = str_replace("<prenom>",$prenom,$conf_text);
97	$conf_text = str_replace("<nom>",$nom,$conf_text);
98	$conf_text = str_replace("<promo>",$promo,$conf_text);
99	$conf_text = str_replace("<montant>",$montant,$conf_text);
100	$conf_text = str_replace("<salutation>",$femme ? "Ch�re" : "Cher",$conf_text);
101	$conf_text = str_replace("<cher>",$femme ? "Ch�re" : "Cher",$conf_text);
102
103	$mymail = new HermesMailer();
104	$mymail->setFrom($conf_mail);
105	$mymail->addTo("\"$prenom $nom\" <$forlife@polytechnique.org>");
106	$mymail->addCc($conf_mail);
107	$mymail->setSubject($conf_title);
108	$mymail->setTxtBody($conf_text);
109	$mymail->send();
110
111	/* on envoie les details de la transaction � telepaiement@ */
112	$mymail = new HermesMailer();
113	$mymail->setFrom("webmaster@polytechnique.org");
114	$mymail->addTo("telepaiement@polytechnique.org");
115	$mymail->setSubject($conf_title);
116	$msg = "utilisateur : $prenom $nom ($uid)\n".
117	"mail : $forlife@polytechnique.org\n\n".
118	"paiement : $conf_title ($conf_mail)\n".
119	"reference : $no_transaction\n".
120	"montant : $montant\n\n".
121	"dump de REQUEST:\n".
122	var_export($_REQUEST,true);
123	$mymail->setTxtBody($msg);
124	$mymail->send();
125
126	$page->assign('texte', $conf_text);
127	$page->assign('erreur', $erreur);
128	$page->run();
129	?>