2 /***************************************************************************
3 * Copyright (C) 2003-2010 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
22 /* sort en affichant une erreur */
23 function cb_erreur($text) {
25 $mymail = new PlMailer();
26 $mymail->addTo($globals->money
->email
);
27 $mymail->setFrom("webmaster@" . $globals->mail
->domain
);
28 $mymail->setSubject("erreur lors d'un télépaiement (CyberPaiement)");
29 $mymail->setTxtBody("\n\n".var_export($_REQUEST,true
));
34 /* sort en affichant une erreur */
35 function paypal_erreur($text, $send=true
)
37 global $erreur, $globals;
42 $mymail = new PlMailer();
43 $mymail->addTo($globals->money
->email
);
44 $mymail->setFrom("webmaster@" . $globals->mail
->domain
);
45 $mymail->setSubject("erreur lors d'un télépaiement (PayPal)");
46 $mymail->setTxtBody("\n\n".var_export($_REQUEST,true
));
49 Platal
::page()->trigError($text);
52 /* http://fr.wikipedia.org/wiki/Formule_de_Luhn */
53 function luhn($nombre) {
56 for ($i = 0; $i < strlen($s); $i++
) {
58 $sum +
= ($i %
2) ?
(2*$dgt) %
9 : $dgt;
63 /* calcule la clé d'acceptation a partir de 5 champs */
64 function cle_accept($d1,$d2,$d3,$d4,$d5)
70 $n = $m1 +
$m2 +
$m3 +
$m4;
71 $alpha = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
72 return $alpha{$n-1}.$m1.$m2.$m3.$m4;
75 /* decode the comment */
76 function comment_decode($comment) {
77 $comment = urldecode($comment);
78 if (is_utf8($comment)) {
81 return utf8_encode($comment);
86 class PaymentModule
extends PLModule
91 'payment' => $this->make_hook('payment', AUTH_MDP
),
92 'payment/cyber_return' => $this->make_hook('cyber_return', AUTH_PUBLIC
, 'user', NO_HTTPS
),
93 'payment/cyber2_return' => $this->make_hook('cyber2_return', AUTH_PUBLIC
, 'user', NO_HTTPS
),
94 'payment/paypal_return' => $this->make_hook('paypal_return', AUTH_PUBLIC
, 'user', NO_HTTPS
),
95 '%grp/paiement' => $this->make_hook('xnet_payment', AUTH_MDP
),
96 '%grp/payment' => $this->make_hook('xnet_payment', AUTH_MDP
),
97 '%grp/payment/cyber_return' => $this->make_hook('cyber_return', AUTH_PUBLIC
, 'user', NO_HTTPS
),
98 '%grp/payment/cyber2_return' => $this->make_hook('cyber2_return', AUTH_PUBLIC
, 'user', NO_HTTPS
),
99 '%grp/payment/paypal_return' => $this->make_hook('paypal_return', AUTH_PUBLIC
, 'user', NO_HTTPS
),
100 'admin/payments' => $this->make_hook('admin', AUTH_MDP
, 'admin'),
105 function handler_payment(&$page, $ref = -1)
109 require_once 'profil.func.inc.php' ;
110 $this->load('money.inc.php');
112 if (!empty($GLOBALS['IS_XNET_SITE'])) {
113 if (!$globals->asso('id')) {
116 $res = XDB
::query("SELECT asso_id
118 WHERE asso_id = {?} AND id = {?}",
119 $globals->asso('id'), $ref);
120 if (!$res->numRows()) {
124 $page->changeTpl('payment/index.tpl');
125 $page->setTitle('Télépaiements');
128 $op = Env
::v('op', 'select');
129 $meth = new PayMethod(Env
::i('methode', -1));
130 $pay = new Payment($ref);
132 if($pay->flags
->hasflag('old')){
133 $page->trigError("La transaction selectionnée est périmée.");
134 $pay = new Payment();
136 $val = Env
::v('montant') != 0 ? Env
::v('montant') : $pay->amount_def
;
138 if (($e = $pay->check($val)) !== true
) {
139 $page->trigError($e);
143 $pay->init($val, $meth);
144 $pay->prepareform($pay);
146 $res = XDB
::iterator("SELECT timestamp, amount
147 FROM payment_transactions
148 WHERE uid = {?} AND ref = {?}
149 ORDER BY timestamp DESC",
150 S
::v('uid', -1), $ref);
152 if ($res->total()) $page->assign('transactions', $res);
155 $val = floor($val).".".substr(floor(($val - floor($val))*100+
100),1);
156 $page->assign('montant',$val);
157 $page->assign('comment',Env
::v('comment'));
159 $page->assign('meth', $meth);
160 $page->assign('pay', $pay);
161 $page->assign('evtlink', $pay->event());
164 function handler_cyber_return(&$page, $uid = null
)
166 /* reference banque (numero de transaction) */
167 $champ901 = Env
::s('CHAMP901');
168 /* cle d'acceptation */
169 $champ905 = Env
::s('CHAMP905');
171 $champ906 = Env
::s('CHAMP906');
172 /* email renvoye par la banque */
173 $champ104 = Env
::s('CHAMP104');
174 /* reference complete de la commande */
175 $champ200 = Env
::s('CHAMP200');
176 /* montant de la transaction */
177 $champ201 = Env
::s('CHAMP201');
179 $champ202 = Env
::s('CHAMP202');
180 $montant = "$champ201 $champ202";
182 /* on extrait les informations sur l'utilisateur */
183 $user = User
::get($uid);
185 cb_erreur("uid invalide");
189 /* on extrait la reference de la commande */
190 if (!ereg('-xorg-([0-9]+)$', $champ200, $matches)) {
191 cb_erreur("référence de commande invalide");
194 echo ($ref = $matches[1]);
195 $res = XDB
::query("SELECT mail, text, confirmation
197 WHERE id={?}", $ref);
198 if (!list($conf_mail, $conf_title, $conf_text) = $res->fetchOneRow()) {
199 cb_erreur("référence de commande inconnue");
202 /* on extrait le code de retour */
203 if ($champ906 != "0000") {
204 $res = XDB
::query('SELECT rcb.text, c.id, c.text
205 FROM payment_codeRCB AS rcb
206 LEFT JOIN payment_codeC AS c ON (rcb.codeC = c.id)
207 WHERE rcb.id = {?}', $champ906);
208 if (list($rcb_text, $c_id, $c_text) = $res->fetchOneRow()) {
209 cb_erreur("erreur lors du paiement : $c_text ($c_id)");
211 cb_erreur("erreur inconnue lors du paiement");
215 /* on fait l'insertion en base de donnees */
216 XDB
::execute("INSERT INTO payment_transactions (id, uid, ref, fullref, amount, pkey, comment)
217 VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?})",
218 $champ901, $user->id(), $ref, $champ200, $montant, $champ905, Env
::v('comment'));
220 // We check if it is an Xnet payment and then update the related ML.
221 $res = XDB
::query('SELECT eid
223 WHERE paiement_id = {?}', $ref);
224 if ($eid = $res->fetchOneCell()) {
225 require_once dirname(__FILE__
) . '/xnetevents/xnetevents.inc.php';
226 $evt = get_event_detail($eid);
227 subscribe_lists_event(0, $uid, $evt, $montant, true
);
230 /* on genere le mail de confirmation */
231 $conf_text = str_replace(
232 array('<prenom>', '<nom>', '<promo>', '<montant>', '<salutation>', '<cher>', 'comment>'),
233 array($user->firstName(), $user->lastName(), $user->promo(), $montant,
234 $user->isFemale() ?
'Chère' : 'Cher', $user->isFemale() ?
'Chère' : 'Cher',
235 Env
::v('comment')), $conf_text);
238 $mymail = new PlMailer();
239 $mymail->setFrom($conf_mail);
240 $mymail->addCc($conf_mail);
241 $mymail->setSubject($conf_title);
242 $mymail->setWikiBody($conf_text);
243 $mymail->sendTo($user);
245 /* on envoie les details de la transaction à telepaiement@ */
246 $mymail = new PlMailer();
247 $mymail->setFrom("webmaster@" . $globals->mail
->domain
);
248 $mymail->addTo($globals->money
->email
);
249 $mymail->setSubject($conf_title);
250 $msg = 'utilisateur : ' . $user->login() . ' (' . $user->id() . ')' . "\n" .
251 'mail : ' . $user->forlifeEmail() . "\n\n" .
252 "paiement : $conf_title ($conf_mail)\n".
253 "reference : $champ200\n".
254 "montant : $montant\n\n".
255 "dump de REQUEST:\n".
256 var_export($_REQUEST,true
);
257 $mymail->setTxtBody($msg);
262 function handler_cyber2_return(&$page, $uid = null
)
264 global $globals, $platal;
266 /* on vérifie la signature */
267 $vads_params = array();
268 foreach($_REQUEST as $key => $value)
269 if(substr($key,0,5) == "vads_")
270 $vads_params[$key] = $value;
272 $signature = sha1(join('+',$vads_params).'+'.$globals->money
->cyperplus_key
);
273 //if($signature != Env::v('signature')) {
274 // cb_erreur("signature invalide");
277 /* on extrait les informations sur l'utilisateur */
278 $user = User
::get(Env
::v('vads_cust_id'));
280 cb_erreur("uid invalide");
283 /* on extrait la reference de la commande */
284 if (!ereg('-([0-9]+)$', Env
::v('vads_order_id'), $matches)) {
285 cb_erreur("référence de commande invalide");
288 echo ($ref = $matches[1]);
289 $res = XDB
::query("SELECT mail, text, confirmation
291 WHERE id={?}", $ref);
292 if (!list($conf_mail, $conf_title, $conf_text) = $res->fetchOneRow()) {
293 cb_erreur("référence de commande inconnue");
296 /* on extrait le montant */
297 if (Env
::v('vads_currency') != "978") {
298 cb_erreur("monnaie autre que l'euro");
300 $montant = sprintf("%.02f", ((float)Env
::v('vads_amount'))/100) . " EUR";
302 /* on extrait le code de retour */
303 if (Env
::v('vads_result') != "00") {
304 cb_erreur("erreur lors du paiement : ?? (".Env
::v('vads_result').")");
307 /* on fait l'insertion en base de donnees */
308 XDB
::execute("INSERT INTO payment_transactions (id, uid, ref, fullref, amount, pkey, comment)
309 VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?})",
310 Env
::v('vads_trans_date'), $user->id(), $ref, Env
::v('vads_order_id'), $montant, "", Env
::v('vads_order_info'));
312 // We check if it is an Xnet payment and then update the related ML.
313 $res = XDB
::query('SELECT eid
315 WHERE paiement_id = {?}', $ref);
316 if ($eid = $res->fetchOneCell()) {
317 require_once dirname(__FILE__
) . '/xnetevents/xnetevents.inc.php';
318 $evt = get_event_detail($eid);
319 subscribe_lists_event(0, $uid, $evt, $montant, true
);
322 /* on genere le mail de confirmation */
323 $conf_text = str_replace(
324 array('<prenom>', '<nom>', '<promo>', '<montant>', '<salutation>', '<cher>', 'comment>'),
325 array($user->firstName(), $user->lastName(), $user->promo(), $montant,
326 $user->isFemale() ?
'Chère' : 'Cher', $user->isFemale() ?
'Chère' : 'Cher',
327 Env
::v('comment')), $conf_text);
330 $mymail = new PlMailer();
331 $mymail->setFrom($conf_mail);
332 $mymail->addCc($conf_mail);
333 $mymail->setSubject($conf_title);
334 $mymail->setWikiBody($conf_text);
335 $mymail->sendTo($user);
337 /* on envoie les details de la transaction à telepaiement@ */
338 $mymail = new PlMailer();
339 $mymail->setFrom("webmaster@" . $globals->mail
->domain
);
340 $mymail->addTo($globals->money
->email
);
341 $mymail->setSubject($conf_title);
342 $msg = 'utilisateur : ' . $user->login() . ' (' . $user->id() . ')' . "\n" .
343 'mail : ' . $user->forlifeEmail() . "\n\n" .
344 "paiement : $conf_title ($conf_mail)\n".
345 "reference : $champ200\n".
346 "montant : $montant\n\n".
347 "dump de REQUEST:\n".
348 var_export($_REQUEST,true
);
349 $mymail->setTxtBody($msg);
354 function handler_paypal_return(&$page, $uid = null
)
356 $page->changeTpl('payment/retour_paypal.tpl');
358 /* reference banque (numero de transaction) */
359 $no_transaction = Env
::s('tx');
360 /* token a renvoyer pour avoir plus d'information */
361 $clef = Env
::s('sig');
363 $status = Env
::s('st');
365 $reason = ($status == 'Pending')? Env
::s('pending_reason'): Env
::s('reason_code');
366 /* reference complete de la commande */
367 $fullref = Env
::s('cm');
368 /* montant de la transaction */
369 $montant_nb = Env
::s('amt');
371 $montant_dev = Env
::s('cc');
372 $montant = "$montant_nb $montant_dev";
374 /* on extrait le code de retour */
375 if ($status != "Completed") {
377 paypal_erreur("erreur lors du paiement : $status - $reason");
379 paypal_erreur("Paiement annulé", false
);
382 /* on extrait les informations sur l'utilisateur */
383 $user = User
::get($uid);
385 paypal_erreur("uid invalide");
388 /* on extrait la reference de la commande */
389 if (!ereg('-xorg-([0-9]+)$', $fullref, $matches)) {
390 paypal_erreur("référence de commande invalide");
394 $res = XDB
::query("SELECT mail, text, confirmation
396 WHERE id = {?}", $ref);
397 if (!list($conf_mail,$conf_title,$conf_text) = $res->fetchOneRow()) {
398 paypal_erreur("référence de commande inconnue");
401 /* on fait l'insertion en base de donnees */
402 XDB
::execute("INSERT INTO payment_transactions (id, uid, ref, fullref, amount, pkey, comment)
403 VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?})",
404 $no_transaction, $user->id(), $ref, $fullref, $montant, $clef, Env
::v('comment'));
406 // We check if it is an Xnet payment and then update the related ML.
407 $res = XDB
::query('SELECT eid
409 WHERE paiement_id = {?}', $ref);
410 if ($eid = $res->fetchOneCell()) {
411 require_once dirname(__FILE__
) . '/xnetevents/xnetevents.inc.php';
412 $evt = get_event_detail($eid);
413 subscribe_lists_event(0, $uid, $evt, $montant, true
);
416 /* on genere le mail de confirmation */
417 $conf_text = str_replace(array('<prenom>', '<nom>', '<promo>', '<montant>', '<salutation>', '<cher>'),
418 array($user->firstName(), $user->lastName(), $user->promo(), $montant,
419 $user->isFemale() ?
'Chère' : 'Cher',
420 $user->isFemale() ?
'Chère' : 'Cher'), $conf_text);
423 $mymail = new PlMailer();
424 $mymail->setFrom($conf_mail);
425 $mymail->addCc($conf_mail);
426 $mymail->setSubject($conf_title);
427 $mymail->setWikiBody($conf_text);
428 $mymail->sendTo($user);
430 /* on envoie les details de la transaction à telepaiement@ */
431 $mymail = new PlMailer();
432 $mymail->setFrom("webmaster@" . $globals->mail
->domain
);
433 $mymail->addTo($globals->money
->email
);
434 $mymail->setSubject($conf_title);
435 $msg = 'utilisateur : ' . $user->login() . ' (' . $user->id() . ')' . "\n" .
436 'mail : ' . $user->forlifeEmail() . "\n\n" .
437 "paiement : $conf_title ($conf_mail)\n".
438 "reference : $champ200\n".
439 "montant : $montant\n\n".
440 "dump de REQUEST:\n".
441 var_export($_REQUEST,true
);
442 $mymail->setTxtBody($msg);
445 $page->assign('texte', $conf_text);
446 $page->assign('erreur', $erreur);
449 function handler_xnet_payment(&$page, $pid = null
)
453 $perms = S
::v('perms');
454 if (!$perms->hasFlag('groupmember')) {
458 $res = XDB
::query("SELECT 1
459 FROM group_events AS e
460 INNER JOIN group_event_participants AS ep ON (ep.eid = e.eid AND uid = {?})
461 WHERE e.paiement_id = {?} AND e.asso_id = {?}",
462 S
::i('uid'), $pid, $globals->asso('id'));
463 if ($res->numRows() == 0) {
468 if (!is_null($pid)) {
469 return $this->handler_payment($page, $pid);
471 $page->changeTpl('payment/xnet.tpl');
474 "SELECT id, text, url
476 WHERE asso_id = {?} AND NOT FIND_IN_SET('old', flags)
477 ORDER BY id DESC", $globals->asso('id'));
478 $tit = $res->fetchAllAssoc();
479 $page->assign('titres', $tit);
482 // TODO: replug sort.
485 foreach($tit as $foo) {
488 $res = XDB
::query('SELECT t.uid, timestamp AS `date`, t.comment, amount
489 FROM payment_transactions AS t
490 WHERE t.ref = {?}', $pid);
491 $trans[$pid] = User
::getBulkUsersWithUIDs($res->fetchAllAssoc(), 'uid', 'user');
493 foreach ($trans[$pid] as $i => $t) {
494 $sum +
= strtr(substr($t['amount'], 0, strpos($t['amount'], 'EUR')), ',', '.');
495 $trans[$pid][$i]['amount'] = str_replace('EUR', '€', $t['amount']);
497 $trans[$pid][] = array('nom' => 'somme totale',
498 'amount' => strtr($sum, '.', ',').' €');
500 $res = XDB
::iterRow("SELECT e.eid, e.short_name, e.intitule, ep.nb, ei.montant, ep.paid
501 FROM group_events AS e
502 LEFT JOIN group_event_participants AS ep ON (ep.eid = e.eid AND uid = {?})
503 INNER JOIN group_event_items AS ei ON (ep.eid = ei.eid AND ep.item_id = ei.item_id)
504 WHERE e.paiement_id = {?}",
506 $event[$pid] = array();
507 $event[$pid]['paid'] = 0;
509 $event[$pid]['topay'] = 0;
510 while(list($eid, $shortname, $title, $nb, $montant, $paid) = $res->next()) {
511 $event[$pid]['topay'] +
= ($nb * $montant);
512 $event[$pid]['eid'] = $eid;
513 $event[$pid]['shortname'] = $shortname;
514 $event[$pid]['title'] = $title;
515 $event[$pid]['ins'] = !is_null($nb);
516 $event[$pid]['paid'] = $paid;
519 $res = XDB
::query("SELECT amount
520 FROM payment_transactions AS t
521 WHERE ref = {?} AND uid = {?}", $pid, S
::v('uid'));
522 $montants = $res->fetchColumn();
524 foreach ($montants as $m) {
525 $p = strtr(substr($m, 0, strpos($m, 'EUR')), ',', '.');
526 $event[$pid]['paid'] +
= trim($p);
529 $page->register_modifier('decode_comment', 'decode_comment');
530 $page->assign('trans', $trans);
531 $page->assign('event', $event);
534 function handler_admin(&$page, $action = 'list', $id = null
) {
535 $page->setTitle('Administration - Paiements');
536 $page->assign('title', 'Gestion des télépaiements');
537 $table_editor = new PLTableEditor('admin/payments','payments','id');
538 $table_editor->add_join_table('payment_transactions','ref',true
);
539 $table_editor->add_sort_field('flags');
540 $table_editor->add_sort_field('id', true
, true
);
541 $table_editor->on_delete("UPDATE payments SET flags = 'old' WHERE id = {?}", "Le paiement a été archivé");
542 $table_editor->describe('text','intitulé',true
);
543 $table_editor->describe('url','site web',false
);
544 $table_editor->describe('amount_def','montant par défaut',false
);
545 $table_editor->describe('amount_min','montant minimum',false
);
546 $table_editor->describe('amount_max','montant maximum',false
);
547 $table_editor->describe('mail','email contact',true
);
548 $table_editor->describe('confirmation','message confirmation',false
);
550 // adds a column with the start date of the linked event if there is one
551 $table_editor->add_option_table('group_events','group_events.paiement_id = t.id');
552 $table_editor->add_option_field('group_events.debut', 'related_event', 'évènement', 'timestamp');
554 $table_editor->apply($page, $action, $id);
558 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: