X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;ds=sidebyside;f=modules%2Fpayment.php;h=e183dc89677ea4eaebc522d4bd128de90ed55098;hb=8af607ead9a244d0e83c9312c2c8a946c696d0b6;hp=3c94da0e3ff58fb8bf0d8dc1c0cba286df1b192c;hpb=6643b3f0c3bff229c0b12b373adf8445881f1879;p=platal.git diff --git a/modules/payment.php b/modules/payment.php index 3c94da0..e183dc8 100644 --- a/modules/payment.php +++ b/modules/payment.php @@ -108,8 +108,8 @@ class PaymentModule extends PLModule 'payment' => $this->make_hook('payment', AUTH_PUBLIC, 'user'), 'payment/cyber2_return' => $this->make_hook('cyber2_return', AUTH_PUBLIC, 'user', NO_HTTPS), 'payment/paypal_return' => $this->make_hook('paypal_return', AUTH_PUBLIC, 'user', NO_HTTPS), - '%grp/paiement' => $this->make_hook('xnet_payment', AUTH_PASSWD, 'user'), - '%grp/payment' => $this->make_hook('xnet_payment', AUTH_PASSWD, 'user'), + '%grp/paiement' => $this->make_hook('xnet_payment', AUTH_PUBLIC, 'user'), + '%grp/payment' => $this->make_hook('xnet_payment', AUTH_PUBLIC, 'user'), '%grp/payment/csv' => $this->make_hook('payment_csv', AUTH_PASSWD, 'groupadmin'), '%grp/payment/cyber2_return' => $this->make_hook('cyber2_return', AUTH_PUBLIC, 'user', NO_HTTPS), '%grp/payment/paypal_return' => $this->make_hook('paypal_return', AUTH_PUBLIC, 'user', NO_HTTPS), @@ -142,6 +142,9 @@ class PaymentModule extends PLModule $page->kill('La transaction selectionnée est périmée.'); } + if (Env::has('montant')) { + $pay->amount_def = Env::v('montant'); + } $val = (Post::v('amount') != 0) ? Post::v('amount') : $pay->amount_def; if (($error = $pay->check($val)) !== true) { @@ -162,6 +165,7 @@ class PaymentModule extends PLModule } else { $pay->init($val, $meth); $pay->prepareform($user); + $page->assign('full_name', $user->fullName(true)); $page->assign('sex', $user->isFemale()); } } elseif (S::logged()) { @@ -277,7 +281,7 @@ class PaymentModule extends PLModule list($eid, $asso_id) = $res->fetchOneRow(); require_once dirname(__FILE__) . '/xnetevents/xnetevents.inc.php'; $evt = get_event_detail($eid, false, $asso_id); - subscribe_lists_event($user->id(), $evt['short_name'], 1, $amount, true); + subscribe_lists_event($user->id(), $evt['short_name'], 1, $montant, true); } /* on genere le mail de confirmation */ @@ -368,12 +372,13 @@ class PaymentModule extends PLModule $no_transaction, $user->id(), $ref, $fullref, $montant, $clef, Env::v('comment'), Get::i('display')); // We check if it is an Xnet payment and then update the related ML. - $res = XDB::query('SELECT eid + $res = XDB::query('SELECT eid, asso_id FROM group_events WHERE paiement_id = {?}', $ref); - if ($eid = $res->fetchOneCell()) { + if ($res->numRows() == 1) { + list($eid, $asso_id) = $res->fetchOneRow(); require_once dirname(__FILE__) . '/xnetevents/xnetevents.inc.php'; - $evt = get_event_detail($eid); + $evt = get_event_detail($eid, false, $asso_id); subscribe_lists_event($user->id(), $evt['short_name'], 1, $montant, true); } @@ -415,7 +420,7 @@ class PaymentModule extends PLModule global $globals; $perms = S::v('perms'); - if (!$perms->hasFlag('groupmember')) { + if (!(S::identified() && $perms->hasFlag('groupmember'))) { if (is_null($pid)) { return PL_FORBIDDEN; } @@ -424,7 +429,12 @@ class PaymentModule extends PLModule INNER JOIN group_event_participants AS ep ON (ep.eid = e.eid AND ep.uid = {?}) WHERE e.paiement_id = {?} AND e.asso_id = {?}", S::i('uid'), $pid, $globals->asso('id')); - if ($res->numRows() == 0) { + $public = XDB::query("SELECT 1 + FROM payments AS p + INNER JOIN group_events AS g ON (g.paiement_id = p.id) + WHERE g.asso_id = {?} AND p.id = {?} AND FIND_IN_SET('public', p.flags)", + $globals->asso('id'), $pid); + if ($res->numRows() == 0 && $public->numRows() == 0) { return PL_FORBIDDEN; } } @@ -445,7 +455,7 @@ class PaymentModule extends PLModule $trans = array(); $event = array(); if (may_update()) { - static $orders = array('timestamp' => 'p', 'directory_name' => 'a', 'promo' => 'pd', 'comment' => 'p', 'amount' => 'p'); + static $orders = array('ts_confirmed' => 'p', 'directory_name' => 'a', 'promo' => 'pd', 'comment' => 'p', 'amount' => 'p'); if (Get::has('order_id') && Get::has('order') && array_key_exists(Get::v('order'), $orders)) { $order_id = Get::i('order_id'); @@ -538,17 +548,17 @@ class PaymentModule extends PLModule $users = User::getBulkUsersWithUIDs($res, 'uid', 'user'); $sum = 0; - pl_cached_content_headers('text/x-csv', 1); + pl_cached_content_headers('text/x-csv', 'iso-8859-1', 1); $csv = fopen('php://output', 'w'); - fputcsv($csv, array('Date', 'Nom', 'Prénom', 'Sexe', 'Promotion', 'Email', 'Commentaire', 'Montant'), ';'); + fputcsv($csv, array('Date', 'Nom', utf8_decode('Prénom'), 'Sexe', 'Promotion', 'Email', 'Commentaire', 'Montant'), ';'); foreach ($users as $item) { $user = $item['user']; $sum += $item['amount']; - fputcsv($csv, array(format_datetime($item['date'], '%d/%m/%y'), $user->lastName(), $user->firstName(), + fputcsv($csv, array(format_datetime($item['date'], '%d/%m/%y'), utf8_decode($user->lastName()), utf8_decode($user->firstName()), ($user->isFemale()) ? 'F' : 'M', $user->promo(), $user->ForlifeEmail(), - $item['comment'], strtr($item['amount'],'.',',').' €' ), ';'); + utf8_decode($item['comment']), strtr($item['amount'], '.', ',') . ' EUR' ), ';'); } - fputcsv($csv, array(date('d/m/y'), 'Total', '', '', '' , '', '', strtr($sum,'.',',').' €'), ';'); + fputcsv($csv, array(date('d/m/y'), 'Total', '', '', '' , '', '', strtr($sum, '.', ',') . ' EUR'), ';'); fclose($csv); exit;