htdocs/paiement/paypal_retour.php

   1 <?php
   2 /***************************************************************************
   3  *  Copyright (C) 2003-2006 Polytechnique.org                              *
   4  *  http://opensource.polytechnique.org/                                   *
   5  *                                                                         *
   6  *  This program is free software; you can redistribute it and/or modify   *
   7  *  it under the terms of the GNU General Public License as published by   *
   8  *  the Free Software Foundation; either version 2 of the License, or      *
   9  *  (at your option) any later version.                                    *
  10  *                                                                         *
  11  *  This program is distributed in the hope that it will be useful,        *
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
  14  *  GNU General Public License for more details.                           *
  15  *                                                                         *
  16  *  You should have received a copy of the GNU General Public License      *
  17  *  along with this program; if not, write to the Free Software            *
  18  *  Foundation, Inc.,                                                      *
  19  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
  20  ***************************************************************************/
  21
  22 require_once("xorg.inc.php");
  23 new_skinned_page('paiement/retour_paypal.tpl', AUTH_MDP);
  24 require_once("diogenes/diogenes.hermes.inc.php");
  25
  26 /* sort en affichant une erreur */
  27 function erreur($text, $send=true) {
  28     global $page, $erreur;
  29     if ($erreur) return;
  30     $erreur = $text;
  31     if (!$send) return;
  32
  33     $mymail = new HermesMailer();
  34     $mymail->addTo("telepaiement@polytechnique.org");
  35     $mymail->setFrom("webmaster@polytechnique.org");
  36     $mymail->setSubject("erreur lors d'un télépaiement (PayPal)");
  37     $mymail->setTxtBody("\n\n".var_export($_REQUEST,true));
  38     $mymail->send();
  39
  40     $page->trig($text);
  41 }
  42
  43 /* user id */
  44 $uid = clean_request('uid');
  45 /* reference banque (numero de transaction) */
  46 $no_transaction = clean_request('tx');
  47 /* token a renvoyer pour avoir plus d'information */
  48 $clef = clean_request('sig');
  49 /* code retour */
  50 $status = clean_request('st');
  51 /* raison */
  52 $reason = ($status == 'Pending')?clean_request('pending_reason'):clean_request('reason_code');
  53 /* reference complete de la commande */
  54 $fullref = clean_request('cm');
  55 /* montant de la transaction */
  56 $montant_nb = clean_request('amt');
  57 /* devise */
  58 $montant_dev = clean_request('cc');
  59 $montant = "$montant_nb $montant_dev";
  60
  61 /* on extrait le code de retour */
  62 if ($status != "Completed") {
  63         if ($status)
  64                 erreur("erreur lors du paiement : $status - $reason");
  65         else
  66                 erreur("Paiement annulé", false);
  67 }
  68
  69 /* on extrait les informations sur l'utilisateur */
  70 $res = $globals->xdb->query("
  71     SELECT  a.prenom,a.nom,a.promo,l.alias,FIND_IN_SET(a.flags,'femme')
  72       FROM  auth_user_md5 AS a
  73 INNER JOIN  aliases       AS l ON (a.user_id=l.id AND type!='homonyme')
  74      WHERE  a.user_id={?}", $uid);
  75 if (!list($prenom,$nom,$promo,$forlife,$femme) = $res->fetchOneRow()) {
  76     erreur("uid invalide");
  77 }
  78
  79 /* on extrait la reference de la commande */
  80 if (!ereg('-xorg-([0-9]+)$',$fullref,$matches)) {
  81     erreur("référence de commande invalide");
  82 }
  83
  84 $ref = $matches[1];
  85 $res = $globals->xdb->query("SELECT mail,text,confirmation FROM paiement.paiements WHERE id={?}", $ref);
  86 if (!list($conf_mail,$conf_title,$conf_text) = $res->fetchOneRow()) {
  87     erreur("référence de commande inconnue");
  88 }
  89
  90 /* on fait l'insertion en base de donnees */
  91 $globals->xdb->execute("INSERT INTO  paiement.transactions (id,uid,ref,fullref,montant,cle)
  92                              VALUES  ({?},{?},{?},{?},{?},{?})",
  93                         $no_transaction, $uid, $ref, $fullref, $montant, $clef);
  94
  95 /* on genere le mail de confirmation */
  96 $conf_text = str_replace("<prenom>",$prenom,$conf_text);
  97 $conf_text = str_replace("<nom>",$nom,$conf_text);
  98 $conf_text = str_replace("<promo>",$promo,$conf_text);
  99 $conf_text = str_replace("<montant>",$montant,$conf_text);
 100 $conf_text = str_replace("<salutation>",$femme ? "Chère" : "Cher",$conf_text);
 101 $conf_text = str_replace("<cher>",$femme ? "Chère" : "Cher",$conf_text);
 102
 103 $mymail = new HermesMailer();
 104 $mymail->setFrom($conf_mail);
 105 $mymail->addTo("\"$prenom $nom\" <$forlife@polytechnique.org>");
 106 $mymail->addCc($conf_mail);
 107 $mymail->setSubject($conf_title);
 108 $mymail->setTxtBody($conf_text);
 109 $mymail->send();
 110
 111 /* on envoie les details de la transaction à telepaiement@ */
 112 $mymail = new HermesMailer();
 113 $mymail->setFrom("webmaster@polytechnique.org");
 114 $mymail->addTo("telepaiement@polytechnique.org");
 115 $mymail->setSubject($conf_title);
 116 $msg = "utilisateur : $prenom $nom ($uid)\n".
 117        "mail : $forlife@polytechnique.org\n\n".
 118        "paiement : $conf_title ($conf_mail)\n".
 119        "reference : $no_transaction\n".
 120        "montant : $montant\n\n".
 121        "dump de REQUEST:\n".
 122        var_export($_REQUEST,true);
 123 $mymail->setTxtBody($msg);
 124 $mymail->send();
 125
 126 $page->assign('texte', $conf_text);
 127 $page->assign('erreur', $erreur);
 128 $page->run();
 129 ?>