X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fpayment.php;h=d24ebcfb8a724aa9af43cac4460794a8ad5c4eb0;hb=56cd7aeef7f34f7dec76564821330be5d587b72c;hp=d15281dd98dd327e6088de038dbc18726aaca6db;hpb=69fffc4bfc98948ba2357c3d0b1599e90190965a;p=platal.git diff --git a/modules/payment.php b/modules/payment.php index d15281d..d24ebcf 100644 --- a/modules/payment.php +++ b/modules/payment.php @@ -1,6 +1,6 @@ addTo($globals->money->email); $mymail->setFrom("webmaster@" . $globals->mail->domain); $mymail->setSubject("erreur lors d'un télépaiement (CyberPaiement)"); $mymail->setTxtBody("\n\n".var_export($_REQUEST,true)); $mymail->send(); + echo "Notification sent.\n"; exit; } @@ -54,7 +56,7 @@ function luhn($nombre) { $s = strrev($nombre); $sum = 0; for ($i = 0; $i < strlen($s); $i++) { - $dgt = $s{$i}; + $dgt = $s{$i}; $sum += ($i % 2) ? (2*$dgt) % 9 : $dgt; } return $sum % 10; @@ -88,12 +90,14 @@ class PaymentModule extends PLModule function handlers() { return array( - 'payment' => $this->make_hook('payment', AUTH_MDP), + 'payment' => $this->make_hook('payment', AUTH_MDP, 'payment'), 'payment/cyber_return' => $this->make_hook('cyber_return', AUTH_PUBLIC, 'user', NO_HTTPS), + 'payment/cyber2_return' => $this->make_hook('cyber2_return', AUTH_PUBLIC, 'user', NO_HTTPS), 'payment/paypal_return' => $this->make_hook('paypal_return', AUTH_PUBLIC, 'user', NO_HTTPS), '%grp/paiement' => $this->make_hook('xnet_payment', AUTH_MDP), '%grp/payment' => $this->make_hook('xnet_payment', AUTH_MDP), '%grp/payment/cyber_return' => $this->make_hook('cyber_return', AUTH_PUBLIC, 'user', NO_HTTPS), + '%grp/payment/cyber2_return' => $this->make_hook('cyber2_return', AUTH_PUBLIC, 'user', NO_HTTPS), '%grp/payment/paypal_return' => $this->make_hook('paypal_return', AUTH_PUBLIC, 'user', NO_HTTPS), 'admin/payments' => $this->make_hook('admin', AUTH_MDP, 'admin'), @@ -104,7 +108,6 @@ class PaymentModule extends PLModule { global $globals; - require_once 'profil.func.inc.php' ; $this->load('money.inc.php'); if (!empty($GLOBALS['IS_XNET_SITE'])) { @@ -131,7 +134,7 @@ class PaymentModule extends PLModule $page->trigError("La transaction selectionnée est périmée."); $pay = new Payment(); } - $val = Env::v('montant') != 0 ? Env::v('montant') : $pay->montant_def; + $val = Env::v('montant') != 0 ? Env::v('montant') : $pay->amount_def; if (($e = $pay->check($val)) !== true) { $page->trigError($e); @@ -157,8 +160,6 @@ class PaymentModule extends PLModule $page->assign('meth', $meth); $page->assign('pay', $pay); $page->assign('evtlink', $pay->event()); - - $page->assign('prefix', $globals->money->mpay_tprefix); } function handler_cyber_return(&$page, $uid = null) @@ -219,12 +220,12 @@ class PaymentModule extends PLModule // We check if it is an Xnet payment and then update the related ML. $res = XDB::query('SELECT eid - FROM #groupex#.evenements + FROM group_events WHERE paiement_id = {?}', $ref); if ($eid = $res->fetchOneCell()) { - $this->load('xnetevents.inc.php'); + require_once dirname(__FILE__) . '/xnetevents/xnetevents.inc.php'; $evt = get_event_detail($eid); - subscribe_lists_event(0, $uid, $evt, $montant, true); + subscribe_lists_event($uid, $evt, 1, $montant, true); } /* on genere le mail de confirmation */ @@ -259,6 +260,100 @@ class PaymentModule extends PLModule exit; } + function handler_cyber2_return(&$page, $uid = null) + { + global $globals, $platal; + + /* on vérifie la signature */ + $vads_params = array(); + foreach($_REQUEST as $key => $value) + if(substr($key,0,5) == "vads_") + $vads_params[$key] = $value; + ksort($vads_params); + $signature = sha1(join('+',$vads_params).'+'.$globals->money->cyperplus_key); + //if($signature != Env::v('signature')) { + // cb_erreur("signature invalide"); + //} + + /* on extrait les informations sur l'utilisateur */ + $user = User::get(Env::v('vads_cust_id')); + if (!$user) { + cb_erreur("uid invalide"); + } + + /* on extrait la reference de la commande */ + if (!ereg('-([0-9]+)$', Env::v('vads_order_id'), $matches)) { + cb_erreur("référence de commande invalide"); + } + + $ref = $matches[1]; + $res = XDB::query("SELECT mail, text, confirmation + FROM payments + WHERE id={?}", $ref); + if (!list($conf_mail, $conf_title, $conf_text) = $res->fetchOneRow()) { + cb_erreur("référence de commande inconnue"); + } + + /* on extrait le montant */ + if (Env::v('vads_currency') != "978") { + cb_erreur("monnaie autre que l'euro"); + } + $montant = sprintf("%.02f", ((float)Env::v('vads_amount'))/100) . " EUR"; + + /* on extrait le code de retour */ + if (Env::v('vads_result') != "00") { + cb_erreur("erreur lors du paiement : ?? (".Env::v('vads_result').")"); + } + + /* on fait l'insertion en base de donnees */ + XDB::execute("INSERT INTO payment_transactions (id, uid, ref, fullref, amount, pkey, comment) + VALUES ({?}, {?}, {?}, {?}, {?}, {?}, {?})", + Env::v('vads_trans_date'), $user->id(), $ref, Env::v('vads_order_id'), $montant, "", Env::v('vads_order_info')); + echo "Paiement stored.\n"; + + // We check if it is an Xnet payment and then update the related ML. + $res = XDB::query('SELECT eid + FROM group_events + WHERE paiement_id = {?}', $ref); + if ($eid = $res->fetchOneCell()) { + require_once dirname(__FILE__) . '/xnetevents/xnetevents.inc.php'; + $evt = get_event_detail($eid); + subscribe_lists_event($user->id(), $evt, 1, $montant, true); + } + + /* on genere le mail de confirmation */ + $conf_text = str_replace( + array('', '', '', '', '', '', 'comment>'), + array($user->firstName(), $user->lastName(), $user->promo(), $montant, + $user->isFemale() ? 'Chère' : 'Cher', $user->isFemale() ? 'Chère' : 'Cher', + Env::v('comment')), $conf_text); + + global $globals; + $mymail = new PlMailer(); + $mymail->setFrom($conf_mail); + $mymail->addCc($conf_mail); + $mymail->setSubject($conf_title); + $mymail->setWikiBody($conf_text); + $mymail->sendTo($user); + + /* on envoie les details de la transaction à telepaiement@ */ + $mymail = new PlMailer(); + $mymail->setFrom("webmaster@" . $globals->mail->domain); + $mymail->addTo($globals->money->email); + $mymail->setSubject($conf_title); + $msg = 'utilisateur : ' . $user->login() . ' (' . $user->id() . ')' . "\n" . + 'mail : ' . $user->forlifeEmail() . "\n\n" . + "paiement : $conf_title ($conf_mail)\n". + "reference : " . Env::v('vads_order_id') . "\n". + "montant : $montant\n\n". + "dump de REQUEST:\n". + var_export($_REQUEST,true); + $mymail->setTxtBody($msg); + $mymail->send(); + echo "Notifications sent.\n"; + exit; + } + function handler_paypal_return(&$page, $uid = null) { $page->changeTpl('payment/retour_paypal.tpl'); @@ -313,12 +408,12 @@ class PaymentModule extends PLModule // We check if it is an Xnet payment and then update the related ML. $res = XDB::query('SELECT eid - FROM #groupex#.evenements + FROM group_events WHERE paiement_id = {?}', $ref); if ($eid = $res->fetchOneCell()) { - $this->load('xnetevents.inc.php'); + require_once dirname(__FILE__) . '/xnetevents/xnetevents.inc.php'; $evt = get_event_detail($eid); - subscribe_lists_event(0, $uid, $evt, $montant, true); + subscribe_lists_event($user->id(), $evt, 1, $montant, true); } /* on genere le mail de confirmation */ @@ -364,8 +459,8 @@ class PaymentModule extends PLModule return PL_FORBIDDEN; } $res = XDB::query("SELECT 1 - FROM #groupex#.evenements AS e - INNER JOIN #groupex#.evenements_participants AS ep ON (ep.eid = e.eid AND uid = {?}) + FROM group_events AS e + INNER JOIN group_event_participants AS ep ON (ep.eid = e.eid AND uid = {?}) WHERE e.paiement_id = {?} AND e.asso_id = {?}", S::i('uid'), $pid, $globals->asso('id')); if ($res->numRows() == 0) { @@ -380,7 +475,7 @@ class PaymentModule extends PLModule $res = XDB::query( "SELECT id, text, url - FROM {$globals->money->mpay_tprefix}paiements + FROM payments WHERE asso_id = {?} AND NOT FIND_IN_SET('old', flags) ORDER BY id DESC", $globals->asso('id')); $tit = $res->fetchAllAssoc(); @@ -393,22 +488,22 @@ class PaymentModule extends PLModule foreach($tit as $foo) { $pid = $foo['id']; if (may_update()) { - $res = XDB::query('SELECT t.uid, timestamp AS `date`, t.comment, montant - FROM ' . $globals->money->mpay_tprefix . 'transactions AS t + $res = XDB::query('SELECT t.uid, timestamp AS `date`, t.comment, amount + FROM payment_transactions AS t WHERE t.ref = {?}', $pid); $trans[$pid] = User::getBulkUsersWithUIDs($res->fetchAllAssoc(), 'uid', 'user'); $sum = 0; foreach ($trans[$pid] as $i => $t) { - $sum += strtr(substr($t['montant'], 0, strpos($t['montant'], 'EUR')), ',', '.'); - $trans[$pid][$i]['montant'] = str_replace('EUR', '€', $t['montant']); + $sum += strtr(substr($t['amount'], 0, strpos($t['amount'], 'EUR')), ',', '.'); + $trans[$pid][$i]['amount'] = str_replace('EUR', '€', $t['amount']); } $trans[$pid][] = array('nom' => 'somme totale', - 'montant' => strtr($sum, '.', ',').' €'); + 'amount' => strtr($sum, '.', ',').' €'); } $res = XDB::iterRow("SELECT e.eid, e.short_name, e.intitule, ep.nb, ei.montant, ep.paid - FROM #groupex#.evenements AS e - LEFT JOIN #groupex#.evenements_participants AS ep ON (ep.eid = e.eid AND uid = {?}) - INNER JOIN #groupex#.evenements_items AS ei ON (ep.eid = ei.eid AND ep.item_id = ei.item_id) + FROM group_events AS e + LEFT JOIN group_event_participants AS ep ON (ep.eid = e.eid AND uid = {?}) + INNER JOIN group_event_items AS ei ON (ep.eid = ei.eid AND ep.item_id = ei.item_id) WHERE e.paiement_id = {?}", S::v('uid'), $pid); $event[$pid] = array(); @@ -424,8 +519,8 @@ class PaymentModule extends PLModule $event[$pid]['paid'] = $paid; } } - $res = XDB::query("SELECT montant - FROM {$globals->money->mpay_tprefix}transactions AS t + $res = XDB::query("SELECT amount + FROM payment_transactions AS t WHERE ref = {?} AND uid = {?}", $pid, S::v('uid')); $montants = $res->fetchColumn(); @@ -454,6 +549,11 @@ class PaymentModule extends PLModule $table_editor->describe('amount_max','montant maximum',false); $table_editor->describe('mail','email contact',true); $table_editor->describe('confirmation','message confirmation',false); + + // adds a column with the start date of the linked event if there is one + $table_editor->add_option_table('group_events','group_events.paiement_id = t.id'); + $table_editor->add_option_field('group_events.debut', 'related_event', 'évènement', 'timestamp'); + $table_editor->apply($page, $action, $id); } }