From f6dafb048ca80c4f80bb403e4b3ff3c4e02aaa62 Mon Sep 17 00:00:00 2001
From: Marcus Hill <bcf8c9f2@opayq.com>
Date: Tue, 7 Feb 2023 18:32:21 +0000
Subject: [PATCH] Stripe integration

---
 database_updates.php     |  2 --
 guest_stripe_payment.php | 40 +++++++++++++++++++++-------------------
 post.php                 |  4 ++--
 3 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/database_updates.php b/database_updates.php
index 4874d157..6b3e0445 100644
--- a/database_updates.php
+++ b/database_updates.php
@@ -846,8 +846,6 @@ if (LATEST_DATABASE_VERSION > CURRENT_DATABASE_VERSION) {
         mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '0.4.1'");
     }
 
-    // TODO: ALTER TABLE `settings` ADD `config_stripe_account` TINYINT(1) NOT NULL DEFAULT '0' AFTER `config_stripe_secret`;
-
     if (CURRENT_DATABASE_VERSION == '0.4.1') {
         mysqli_query($mysqli, "ALTER TABLE settings ADD `config_stripe_account` TINYINT(1) NOT NULL DEFAULT '0' AFTER config_stripe_secret");
         //Insert queries here required to update to DB version 0.4.2
diff --git a/guest_stripe_payment.php b/guest_stripe_payment.php
index 06562ba2..c9ac4a3e 100644
--- a/guest_stripe_payment.php
+++ b/guest_stripe_payment.php
@@ -185,15 +185,12 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent
 
     // Get details from PI
 
-
     $pi_date = date('Y-m-d', $pi_obj->created);
     $pi_invoice_id = intval($pi_obj->metadata->itflow_invoice_id);
     $pi_client_id = intval($pi_obj->metadata->itflow_client_id);
     $pi_amount_paid = floatval(($pi_obj->amount_received / 100));
     $pi_currency = mysqli_real_escape_string($mysqli, $pi_obj->currency);
-
-
-    //echo ("Payment received for ID: $pi_invoice_id. Client ID: $pi_client_id. Amount: $pi_amount_paid ($pi_currency)");
+    $pi_livemode = $pi_obj->livemode;
 
     // Get/Check invoice (& client/primary contact)
     $invoice_sql = mysqli_query($mysqli, "SELECT * FROM invoices 
@@ -251,7 +248,11 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent
     mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Paid', history_description = 'Payment added - $ip - $os - $browser', history_invoice_id = $invoice_id, company_id = $invoice_company_id");
 
     // Logging
-    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Create', log_description = 'Stripe payment of $pi_currency $pi_amount_paid against invoice $invoice_prefix$invoice_number - $pi_id', log_ip = '$ip', log_user_agent = '$user_agent', log_client_id = $pi_client_id, company_id = $invoice_company_id");
+    $extended_log_desc = '';
+    if (!$pi_livemode) {
+        $extended_log_desc = '(DEV MODE)';
+    }
+    mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Payment', log_action = 'Create', log_description = 'Stripe payment of $pi_currency $pi_amount_paid against invoice $invoice_prefix$invoice_number - $pi_id $extended_log_desc', log_ip = '$ip', log_user_agent = '$user_agent', log_client_id = $pi_client_id, company_id = $invoice_company_id");
 
     // Send email receipt
     $sql_settings = mysqli_query($mysqli,"SELECT * FROM settings WHERE company_id = $invoice_company_id");
@@ -267,25 +268,26 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent
     $config_invoice_from_name = $row['config_invoice_from_name'];
     $config_invoice_from_email = $row['config_invoice_from_email'];
 
-    $subject = "Payment Received - Invoice $invoice_prefix$invoice_number";
-    $body    = "Hello $contact_name,<br><br>We have recieved your payment in the amount of " . $pi_currency . $pi_amount_paid . " for invoice <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $pi_amount_paid, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, '0', $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone";
+    if(!empty($config_smtp_host)) {
+        $subject = "Payment Received - Invoice $invoice_prefix$invoice_number";
+        $body    = "Hello $contact_name,<br><br>We have received your payment in the amount of " . $pi_currency . $pi_amount_paid . " for invoice <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $pi_amount_paid, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, '0', $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone";
 
-    $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
-        $config_invoice_from_email, $config_invoice_from_name,
-        $contact_email, $contact_name,
-        $subject, $body);
+        $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
+            $config_invoice_from_email, $config_invoice_from_name,
+            $contact_email, $contact_name,
+            $subject, $body);
 
-    // Email Logging
-    if ($mail === true) {
-        mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Emailed Receipt!', history_invoice_id = $invoice_id, company_id = $invoice_company_id");
-    } else {
-        mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Email Receipt Failed!', history_invoice_id = $invoice_id, company_id = $invoice_company_id");
+        // Email Logging
+        if ($mail === true) {
+            mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Emailed Receipt!', history_invoice_id = $invoice_id, company_id = $invoice_company_id");
+        } else {
+            mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Email Receipt Failed!', history_invoice_id = $invoice_id, company_id = $invoice_company_id");
 
-        mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $invoice_company_id");
-        mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', log_ip = '$ip', log_user_agent = '$user_agent', company_id = $invoice_company_id");
+            mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email', notification_timestamp = NOW(), company_id = $invoice_company_id");
+            mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail', log_ip = '$ip', log_user_agent = '$user_agent', company_id = $invoice_company_id");
+        }
     }
 
-
     // Redirect user to invoice
     header('Location: //' . $config_base_url . '/guest_view_invoice.php?invoice_id=' . $pi_invoice_id . '&url_key=' . $invoice_url_key);
 
diff --git a/post.php b/post.php
index 33a21df7..8eecff91 100644
--- a/post.php
+++ b/post.php
@@ -4219,8 +4219,8 @@ if(isset($_POST['add_payment'])){
             if($email_receipt == 1){
 
 
-                $subject = "Payment Recieved - Invoice $invoice_prefix$invoice_number";
-                $body    = "Hello $contact_name,<br><br>We have recieved your payment in the amount of " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . " for invoice <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, $invoice_balance, $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone";
+                $subject = "Payment Received - Invoice $invoice_prefix$invoice_number";
+                $body    = "Hello $contact_name,<br><br>We have received your payment in the amount of " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . " for invoice <a href='https://$config_base_url/guest_view_invoice.php?invoice_id=$invoice_id&url_key=$invoice_url_key'>$invoice_prefix$invoice_number</a>. Please keep this email as a receipt for your records.<br><br>Amount: " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . "<br>Balance: " . numfmt_format_currency($currency_format, $invoice_balance, $invoice_currency_code) . "<br><br>Thank you for your business!<br><br><br>~<br>$company_name<br>Billing Department<br>$config_invoice_from_email<br>$company_phone";
 
                 $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port,
                       $config_invoice_from_email, $config_invoice_from_name,