mirror of
https://github.com/itflow-org/itflow
synced 2026-03-06 13:54:51 +00:00
Initial add Stripe Auto-payment with saved card
This commit is contained in:
wrongecho
@@ -108,7 +108,7 @@ if (!$config_stripe_enable || !$config_stripe_publishable || !$config_stripe_sec
|
|||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<ul><li><?php echo "$card_brand card ending in $card_last4 issued to $card_name, expires $card_expires"; ?></li></ul>
|
<ul><li><?php echo "$card_name - $card_brand card ending in $card_last4, expires $card_expires"; ?></li></ul>
|
||||||
|
|
||||||
<hr>
|
<hr>
|
||||||
<b>Actions</b><br>
|
<b>Actions</b><br>
|
||||||
|
|||||||
@@ -436,20 +436,19 @@ if (isset($_POST['create_stripe_customer'])) {
|
|||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Get Stripe vars
|
||||||
|
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
|
||||||
|
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
|
||||||
|
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
|
||||||
|
|
||||||
if (!$config_stripe_enable) {
|
if (!$config_stripe_enable) {
|
||||||
header("Location: autopay.php");
|
header("Location: autopay.php");
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Initialize stripe
|
// Include stripe SDK
|
||||||
require_once '../vendor/stripe-php-10.5.0/init.php';
|
require_once '../vendor/stripe-php-10.5.0/init.php';
|
||||||
|
|
||||||
// Get Stripe vars
|
|
||||||
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
|
|
||||||
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
|
|
||||||
$config_stripe_publishable = nullable_htmlentities($stripe_vars['config_stripe_publishable']);
|
|
||||||
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
|
|
||||||
|
|
||||||
// Get client's StripeID from database (should be none)
|
// Get client's StripeID from database (should be none)
|
||||||
$stripe_client_details = mysqli_fetch_array(mysqli_query($mysqli, "SELECT stripe_id FROM client_stripe WHERE client_id = $session_client_id LIMIT 1"));
|
$stripe_client_details = mysqli_fetch_array(mysqli_query($mysqli, "SELECT stripe_id FROM client_stripe WHERE client_id = $session_client_id LIMIT 1"));
|
||||||
if (!$stripe_client_details) {
|
if (!$stripe_client_details) {
|
||||||
@@ -487,33 +486,35 @@ if (isset($_POST['create_stripe_customer'])) {
|
|||||||
|
|
||||||
if (isset($_GET['create_stripe_checkout'])) {
|
if (isset($_GET['create_stripe_checkout'])) {
|
||||||
|
|
||||||
|
// This page is called by the autopay_setup_stripe.js, it returns a checkout session client secret
|
||||||
|
|
||||||
if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
|
if ($session_contact_primary == 0 && !$session_contact_is_billing_contact) {
|
||||||
header("Location: portal_post.php?logout");
|
header("Location: portal_post.php?logout");
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Get Stripe vars
|
||||||
|
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
|
||||||
|
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
|
||||||
|
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
|
||||||
|
|
||||||
if (!$config_stripe_enable) {
|
if (!$config_stripe_enable) {
|
||||||
header("Location: autopay.php");
|
header("Location: autopay.php");
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
// Initialize stripe
|
// Client Currency
|
||||||
require_once '../vendor/stripe-php-10.5.0/init.php';
|
|
||||||
|
|
||||||
// Get Stripe vars
|
|
||||||
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
|
|
||||||
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
|
|
||||||
$config_stripe_publishable = nullable_htmlentities($stripe_vars['config_stripe_publishable']);
|
|
||||||
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
|
|
||||||
|
|
||||||
// Currency
|
|
||||||
$client_currency_details = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT client_currency_code FROM clients WHERE client_id = $session_client_id LIMIT 1"));
|
$client_currency_details = mysqli_fetch_assoc(mysqli_query($mysqli, "SELECT client_currency_code FROM clients WHERE client_id = $session_client_id LIMIT 1"));
|
||||||
$client_currency = $client_currency_details['client_currency_code'];
|
$client_currency = $client_currency_details['client_currency_code'];
|
||||||
|
|
||||||
|
// Initialize stripe
|
||||||
|
require_once '../vendor/stripe-php-10.5.0/init.php';
|
||||||
$stripe = new \Stripe\StripeClient($config_stripe_secret);
|
$stripe = new \Stripe\StripeClient($config_stripe_secret);
|
||||||
|
|
||||||
|
// Define return URL that user is redirected to once payment method is verified by Stripe
|
||||||
$return_url = "$config_base_url/portal/portal_post.php?stripe_save_card&session_id={CHECKOUT_SESSION_ID}";
|
$return_url = "$config_base_url/portal/portal_post.php?stripe_save_card&session_id={CHECKOUT_SESSION_ID}";
|
||||||
|
|
||||||
|
// Create checkout session (server side)
|
||||||
$checkout_session = $stripe->checkout->sessions->create([
|
$checkout_session = $stripe->checkout->sessions->create([
|
||||||
'currency' => $client_currency,
|
'currency' => $client_currency,
|
||||||
'mode' => 'setup',
|
'mode' => 'setup',
|
||||||
@@ -521,8 +522,10 @@ if (isset($_GET['create_stripe_checkout'])) {
|
|||||||
'return_url' => $return_url,
|
'return_url' => $return_url,
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
// Return the client secret to the js script
|
||||||
echo json_encode(array('clientSecret' => $checkout_session->client_secret));
|
echo json_encode(array('clientSecret' => $checkout_session->client_secret));
|
||||||
|
|
||||||
|
// No redirect & no point logging this
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_GET['stripe_save_card'])) {
|
if (isset($_GET['stripe_save_card'])) {
|
||||||
@@ -532,6 +535,11 @@ if (isset($_GET['stripe_save_card'])) {
|
|||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Get Stripe vars
|
||||||
|
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
|
||||||
|
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
|
||||||
|
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
|
||||||
|
|
||||||
if (!$config_stripe_enable) {
|
if (!$config_stripe_enable) {
|
||||||
header("Location: autopay.php");
|
header("Location: autopay.php");
|
||||||
exit();
|
exit();
|
||||||
@@ -540,20 +548,12 @@ if (isset($_GET['stripe_save_card'])) {
|
|||||||
// Get session ID from URL
|
// Get session ID from URL
|
||||||
$checkout_session_id = sanitizeInput($_GET['session_id']);
|
$checkout_session_id = sanitizeInput($_GET['session_id']);
|
||||||
|
|
||||||
// Initialize stripe
|
|
||||||
require_once '../vendor/stripe-php-10.5.0/init.php';
|
|
||||||
|
|
||||||
// Get Stripe vars
|
|
||||||
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
|
|
||||||
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
|
|
||||||
$config_stripe_publishable = nullable_htmlentities($stripe_vars['config_stripe_publishable']);
|
|
||||||
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
|
|
||||||
|
|
||||||
// Get client's StripeID from database
|
// Get client's StripeID from database
|
||||||
$stripe_client_details = mysqli_fetch_array(mysqli_query($mysqli, "SELECT stripe_id FROM client_stripe WHERE client_id = $session_client_id LIMIT 1"));
|
$stripe_client_details = mysqli_fetch_array(mysqli_query($mysqli, "SELECT stripe_id FROM client_stripe WHERE client_id = $session_client_id LIMIT 1"));
|
||||||
$client_stripe_id = sanitizeInput($stripe_client_details['stripe_id']);
|
$client_stripe_id = sanitizeInput($stripe_client_details['stripe_id']);
|
||||||
|
|
||||||
// Initialize
|
// Initialize stripe
|
||||||
|
require_once '../vendor/stripe-php-10.5.0/init.php';
|
||||||
$stripe = new \Stripe\StripeClient($config_stripe_secret);
|
$stripe = new \Stripe\StripeClient($config_stripe_secret);
|
||||||
|
|
||||||
// Retrieve checkout session
|
// Retrieve checkout session
|
||||||
@@ -574,7 +574,7 @@ if (isset($_GET['stripe_save_card'])) {
|
|||||||
// Update ITFlow
|
// Update ITFlow
|
||||||
mysqli_query($mysqli, "UPDATE client_stripe SET stripe_pm = '$payment_method' WHERE client_id = $session_client_id LIMIT 1");
|
mysqli_query($mysqli, "UPDATE client_stripe SET stripe_pm = '$payment_method' WHERE client_id = $session_client_id LIMIT 1");
|
||||||
|
|
||||||
// Get some card details for the email/logging
|
// Get some card/payment method details for the email/logging
|
||||||
$payment_method_details = $stripe->paymentMethods->retrieve($payment_method);
|
$payment_method_details = $stripe->paymentMethods->retrieve($payment_method);
|
||||||
$card_info = sanitizeInput($payment_method_details->card->display_brand) . " " . sanitizeInput($payment_method_details->card->last4);
|
$card_info = sanitizeInput($payment_method_details->card->display_brand) . " " . sanitizeInput($payment_method_details->card->last4);
|
||||||
|
|
||||||
@@ -589,7 +589,6 @@ if (isset($_GET['stripe_save_card'])) {
|
|||||||
$config_smtp_password = $row['config_smtp_password'];
|
$config_smtp_password = $row['config_smtp_password'];
|
||||||
$config_invoice_from_name = sanitizeInput($row['config_invoice_from_name']);
|
$config_invoice_from_name = sanitizeInput($row['config_invoice_from_name']);
|
||||||
$config_invoice_from_email = sanitizeInput($row['config_invoice_from_email']);
|
$config_invoice_from_email = sanitizeInput($row['config_invoice_from_email']);
|
||||||
$config_invoice_paid_notification_email = sanitizeInput($row['config_invoice_paid_notification_email']);
|
|
||||||
|
|
||||||
$config_base_url = sanitizeInput($config_base_url);
|
$config_base_url = sanitizeInput($config_base_url);
|
||||||
|
|
||||||
@@ -628,6 +627,11 @@ if (isset($_GET['stripe_remove_card'])) {
|
|||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Get Stripe vars
|
||||||
|
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
|
||||||
|
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
|
||||||
|
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
|
||||||
|
|
||||||
if (!$config_stripe_enable) {
|
if (!$config_stripe_enable) {
|
||||||
header("Location: autopay.php");
|
header("Location: autopay.php");
|
||||||
exit();
|
exit();
|
||||||
@@ -637,22 +641,15 @@ if (isset($_GET['stripe_remove_card'])) {
|
|||||||
|
|
||||||
// Initialize stripe
|
// Initialize stripe
|
||||||
require_once '../vendor/stripe-php-10.5.0/init.php';
|
require_once '../vendor/stripe-php-10.5.0/init.php';
|
||||||
|
|
||||||
// Get Stripe vars
|
|
||||||
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret FROM settings WHERE company_id = 1"));
|
|
||||||
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
|
|
||||||
$config_stripe_publishable = nullable_htmlentities($stripe_vars['config_stripe_publishable']);
|
|
||||||
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
|
|
||||||
|
|
||||||
$stripe = new \Stripe\StripeClient($config_stripe_secret);
|
$stripe = new \Stripe\StripeClient($config_stripe_secret);
|
||||||
|
|
||||||
// Detach PM
|
// Detach PM
|
||||||
$stripe->paymentMethods->detach($payment_method, []);
|
$stripe->paymentMethods->detach($payment_method, []);
|
||||||
|
|
||||||
// Remove from ITFlow
|
// Remove payment method from ITFlow
|
||||||
mysqli_query($mysqli, "UPDATE client_stripe SET stripe_pm = NULL WHERE client_id = $session_client_id LIMIT 1");
|
mysqli_query($mysqli, "UPDATE client_stripe SET stripe_pm = NULL WHERE client_id = $session_client_id LIMIT 1");
|
||||||
|
|
||||||
//Logging & Redirect
|
// Logging & Redirect
|
||||||
logAction("Stripe", "Update", "$session_contact_name deleted saved card (PM: $payment_method)", $session_client_id, $session_client_id);
|
logAction("Stripe", "Update", "$session_contact_name deleted saved card (PM: $payment_method)", $session_client_id, $session_client_id);
|
||||||
|
|
||||||
$_SESSION['alert_message'] = "Card removed";
|
$_SESSION['alert_message'] = "Card removed";
|
||||||
|
|||||||
Reference in New Issue
Block a user