forked from Wavyzz/dolibarr
407 lines
14 KiB
PHP
407 lines
14 KiB
PHP
<?php
|
|
/* Copyright (C) 2018 Thibault FOUCART <support@ptibogxiv.net>
|
|
* Copyright (C) 2018 Frédéric France <frederic.france@netlogic.fr>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
define("NOLOGIN", 1); // This means this output page does not require to be logged.
|
|
define("NOCSRFCHECK", 1); // We accept to go on this page from external web site.
|
|
|
|
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
|
|
if (is_numeric($entity)) define("DOLENTITY", $entity);
|
|
|
|
require '../../main.inc.php';
|
|
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
|
|
require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
|
|
require_once DOL_DOCUMENT_ROOT.'/core/class/ccountry.class.php';
|
|
require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php';
|
|
require_once DOL_DOCUMENT_ROOT.'/compta/paiement/class/paiement.class.php';
|
|
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
|
|
require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
|
|
require_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php';
|
|
require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php';
|
|
|
|
require_once DOL_DOCUMENT_ROOT.'/includes/stripe/init.php';
|
|
require_once DOL_DOCUMENT_ROOT.'/stripe/class/stripe.class.php';
|
|
|
|
|
|
if (empty($conf->stripe->enabled)) accessforbidden('', 0, 0, 1);
|
|
|
|
|
|
// You can find your endpoint's secret in your webhook settings
|
|
if (isset($_GET['connect']))
|
|
{
|
|
if (isset($_GET['test']))
|
|
{
|
|
$endpoint_secret = $conf->global->STRIPE_TEST_WEBHOOK_CONNECT_KEY;
|
|
$service = 'StripeTest';
|
|
$servicestatus = 0;
|
|
}
|
|
else
|
|
{
|
|
$endpoint_secret = $conf->global->STRIPE_LIVE_WEBHOOK_CONNECT_KEY;
|
|
$service = 'StripeLive';
|
|
$servicestatus = 1;
|
|
}
|
|
}
|
|
else {
|
|
if (isset($_GET['test']))
|
|
{
|
|
$endpoint_secret = $conf->global->STRIPE_TEST_WEBHOOK_KEY;
|
|
$service = 'StripeTest';
|
|
$servicestatus = 0;
|
|
}
|
|
else
|
|
{
|
|
$endpoint_secret = $conf->global->STRIPE_LIVE_WEBHOOK_KEY;
|
|
$service = 'StripeLive';
|
|
$servicestatus = 1;
|
|
}
|
|
}
|
|
|
|
if (empty($endpoint_secret))
|
|
{
|
|
print 'Error: Setup of module Stripe not complete for mode '.$service.'. The WEBHOOK_KEY is not defined.';
|
|
http_response_code(400); // PHP 5.4 or greater
|
|
exit();
|
|
}
|
|
|
|
|
|
/*
|
|
* Actions
|
|
*/
|
|
|
|
$payload = @file_get_contents("php://input");
|
|
$sig_header = $_SERVER["HTTP_STRIPE_SIGNATURE"];
|
|
$event = null;
|
|
|
|
$error = 0;
|
|
|
|
try {
|
|
$event = \Stripe\Webhook::constructEvent($payload, $sig_header, $endpoint_secret);
|
|
}
|
|
catch(\UnexpectedValueException $e) {
|
|
// Invalid payload
|
|
http_response_code(400); // PHP 5.4 or greater
|
|
exit();
|
|
} catch(\Stripe\Error\SignatureVerification $e) {
|
|
// Invalid signature
|
|
http_response_code(400); // PHP 5.4 or greater
|
|
exit();
|
|
}
|
|
|
|
// Do something with $event
|
|
|
|
$langs->load("main");
|
|
|
|
// TODO Do we really need a user in setup just to have a name to fill an email topic when it is a technical system notification email
|
|
$user = new User($db);
|
|
$user->fetch($conf->global->STRIPE_USER_ACCOUNT_FOR_ACTIONS);
|
|
$user->getrights();
|
|
|
|
if (! empty($conf->multicompany->enabled) && ! empty($conf->stripeconnect->enabled) && is_object($mc))
|
|
{
|
|
$sql = "SELECT entity";
|
|
$sql.= " FROM ".MAIN_DB_PREFIX."oauth_token";
|
|
$sql.= " WHERE service = '".$db->escape($service)."' and tokenstring = '%".$db->escape($event->account)."%'";
|
|
|
|
dol_syslog(get_class($db) . "::fetch", LOG_DEBUG);
|
|
$result = $db->query($sql);
|
|
if ($result)
|
|
{
|
|
if ($db->num_rows($result))
|
|
{
|
|
$obj = $db->fetch_object($result);
|
|
$key=$obj->entity;
|
|
}
|
|
else {
|
|
$key=1;
|
|
}
|
|
}
|
|
else {
|
|
$key=1;
|
|
}
|
|
$ret=$mc->switchEntity($key);
|
|
if (! $res && file_exists("../../main.inc.php")) $res=@include "../../main.inc.php";
|
|
if (! $res) die("Include of main fails");
|
|
}
|
|
|
|
// list of action
|
|
$stripe=new Stripe($db);
|
|
|
|
// Subject
|
|
$societeName = $conf->global->MAIN_INFO_SOCIETE_NOM;
|
|
if (! empty($conf->global->MAIN_APPLICATION_TITLE)) $societeName = $conf->global->MAIN_APPLICATION_TITLE;
|
|
|
|
|
|
dol_syslog("***** Stripe IPN was called with event->type = ".$event->type);
|
|
|
|
|
|
if ($event->type == 'payout.created') {
|
|
$error=0;
|
|
|
|
$result=dolibarr_set_const($db, $service."_NEXTPAYOUT", date('Y-m-d H:i:s', $event->data->object->arrival_date), 'chaine', 0, '', $conf->entity);
|
|
|
|
if ($result > 0)
|
|
{
|
|
$subject = $societeName.' - [NOTIFICATION] Stripe payout scheduled';
|
|
if (!empty($user->email)) {
|
|
$sendto = dolGetFirstLastname($user->firstname, $user->lastname) . " <".$user->email.">";
|
|
} else {
|
|
$sendto = $conf->global->MAIN_INFO_SOCIETE_MAIL.'" <'.$conf->global->MAIN_INFO_SOCIETE_MAIL.'>';
|
|
}
|
|
$replyto = $sendto;
|
|
$sendtocc = '';
|
|
if (!empty($conf->global->ONLINE_PAYMENT_SENDEMAIL)) {
|
|
$sendtocc = $conf->global->ONLINE_PAYMENT_SENDEMAIL.'" <'.$conf->global->ONLINE_PAYMENT_SENDEMAIL.'>';
|
|
}
|
|
|
|
$message = "A bank transfer of ".price2num($event->data->object->amount/100)." ".$event->data->object->currency." should arrive in your account the ".dol_print_date($event->data->object->arrival_date, 'dayhour');
|
|
|
|
$mailfile = new CMailFile(
|
|
$subject,
|
|
$sendto,
|
|
$replyto,
|
|
$message,
|
|
array(),
|
|
array(),
|
|
array(),
|
|
$sendtocc,
|
|
'',
|
|
0,
|
|
-1
|
|
);
|
|
|
|
$ret = $mailfile->sendfile();
|
|
|
|
http_response_code(200); // PHP 5.4 or greater
|
|
return 1;
|
|
}
|
|
else
|
|
{
|
|
$error++;
|
|
http_response_code(500); // PHP 5.4 or greater
|
|
return -1;
|
|
}
|
|
}
|
|
elseif ($event->type == 'payout.paid') {
|
|
global $conf;
|
|
$error=0;
|
|
$result=dolibarr_set_const($db, $service."_NEXTPAYOUT", null, 'chaine', 0, '', $conf->entity);
|
|
if ($result)
|
|
{
|
|
$langs->load("errors");
|
|
|
|
$dateo = dol_now();
|
|
$label = $event->data->object->description;
|
|
$amount= $event->data->object->amount/100;
|
|
$amount_to= $event->data->object->amount/100;
|
|
require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
|
|
|
|
$accountfrom=new Account($db);
|
|
$accountfrom->fetch($conf->global->STRIPE_BANK_ACCOUNT_FOR_PAYMENTS);
|
|
|
|
$accountto=new Account($db);
|
|
$accountto->fetch($conf->global->STRIPE_BANK_ACCOUNT_FOR_BANKTRANSFERS);
|
|
|
|
if (($accountto->id != $accountfrom->id) && empty($error))
|
|
{
|
|
$bank_line_id_from=0;
|
|
$bank_line_id_to=0;
|
|
$result=0;
|
|
|
|
// By default, electronic transfert from bank to bank
|
|
$typefrom='PRE';
|
|
$typeto='VIR';
|
|
|
|
if (! $error) $bank_line_id_from = $accountfrom->addline($dateo, $typefrom, $label, -1*price2num($amount), '', '', $user);
|
|
if (! ($bank_line_id_from > 0)) $error++;
|
|
if (! $error) $bank_line_id_to = $accountto->addline($dateo, $typeto, $label, price2num($amount), '', '', $user);
|
|
if (! ($bank_line_id_to > 0)) $error++;
|
|
|
|
if (! $error) $result=$accountfrom->add_url_line($bank_line_id_from, $bank_line_id_to, DOL_URL_ROOT.'/compta/bank/line.php?rowid=', '(banktransfert)', 'banktransfert');
|
|
if (! ($result > 0)) $error++;
|
|
if (! $error) $result=$accountto->add_url_line($bank_line_id_to, $bank_line_id_from, DOL_URL_ROOT.'/compta/bank/line.php?rowid=', '(banktransfert)', 'banktransfert');
|
|
if (! ($result > 0)) $error++;
|
|
}
|
|
|
|
$subject = $societeName.' - [NOTIFICATION] Stripe payout done';
|
|
if (!empty($user->email)) {
|
|
$sendto = dolGetFirstLastname($user->firstname, $user->lastname) . " <".$user->email.">";
|
|
} else {
|
|
$sendto = $conf->global->MAIN_INFO_SOCIETE_MAIL.'" <'.$conf->global->MAIN_INFO_SOCIETE_MAIL.'>';
|
|
}
|
|
$replyto = $sendto;
|
|
$sendtocc = '';
|
|
if (!empty($conf->global->ONLINE_PAYMENT_SENDEMAIL)) {
|
|
$sendtocc = $conf->global->ONLINE_PAYMENT_SENDEMAIL.'" <'.$conf->global->ONLINE_PAYMENT_SENDEMAIL.'>';
|
|
}
|
|
|
|
$message = "A bank transfer of ".price2num($event->data->object->amount/100)." ".$event->data->object->currency." has been done to your account the ".dol_print_date($event->data->object->arrival_date, 'dayhour');
|
|
|
|
$mailfile = new CMailFile(
|
|
$subject,
|
|
$sendto,
|
|
$replyto,
|
|
$message,
|
|
array(),
|
|
array(),
|
|
array(),
|
|
$sendtocc,
|
|
'',
|
|
0,
|
|
-1
|
|
);
|
|
|
|
$ret = $mailfile->sendfile();
|
|
|
|
http_response_code(200); // PHP 5.4 or greater
|
|
return 1;
|
|
}
|
|
else
|
|
{
|
|
$error++;
|
|
http_response_code(500); // PHP 5.4 or greater
|
|
return -1;
|
|
}
|
|
}
|
|
elseif ($event->type == 'customer.source.created') {
|
|
//TODO: save customer's source
|
|
}
|
|
elseif ($event->type == 'customer.source.updated') {
|
|
//TODO: update customer's source
|
|
}
|
|
elseif ($event->type == 'customer.source.delete') {
|
|
//TODO: delete customer's source
|
|
}
|
|
elseif ($event->type == 'customer.deleted') {
|
|
$db->begin();
|
|
$sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_account WHERE key_account = '".$db->escape($event->data->object->id)."' and site='stripe'";
|
|
$db->query($sql);
|
|
$db->commit();
|
|
}
|
|
elseif ($event->type == 'payment_intent.succeeded') { // Called when making payment with PaymentIntent method ($conf->global->STRIPE_USE_NEW_CHECKOUT is on).
|
|
// TODO: create fees
|
|
// TODO: Redirect to paymentok.php
|
|
}
|
|
elseif ($event->type == 'payment_intent.payment_failed') {
|
|
// TODO: Redirect to paymentko.php
|
|
}
|
|
elseif ($event->type == 'checkout.session.completed') // Called when making payment with new Checkout method ($conf->global->STRIPE_USE_NEW_CHECKOUT is on).
|
|
{
|
|
// TODO: create fees
|
|
// TODO: Redirect to paymentok.php
|
|
}
|
|
elseif ($event->type == 'payment_method.attached') {
|
|
require_once DOL_DOCUMENT_ROOT.'/societe/class/companypaymentmode.class.php';
|
|
require_once DOL_DOCUMENT_ROOT.'/societe/class/societeaccount.class.php';
|
|
$societeaccount = new SocieteAccount($db);
|
|
|
|
$companypaymentmode = new CompanyPaymentMode($db);
|
|
|
|
$idthirdparty = $societeaccount->getThirdPartyID($db->escape($event->data->object->customer), 'stripe', $servicestatus);
|
|
if ($idthirdparty > 0) // If the payment mode is on an external customer that is known in societeaccount, we can create the payment mode
|
|
{
|
|
$companypaymentmode->stripe_card_ref = $db->escape($event->data->object->id);
|
|
$companypaymentmode->fk_soc = $idthirdparty;
|
|
$companypaymentmode->bank = null;
|
|
$companypaymentmode->label = null;
|
|
$companypaymentmode->number = $db->escape($event->data->object->id);
|
|
$companypaymentmode->last_four = $db->escape($event->data->object->card->last4);
|
|
$companypaymentmode->card_type = $db->escape($event->data->object->card->branding);
|
|
$companypaymentmode->proprio = $db->escape($event->data->object->billing_details->name);
|
|
$companypaymentmode->exp_date_month = $db->escape($event->data->object->card->exp_month);
|
|
$companypaymentmode->exp_date_year = $db->escape($event->data->object->card->exp_year);
|
|
$companypaymentmode->cvn = null;
|
|
$companypaymentmode->datec = $db->escape($event->data->object->created);
|
|
$companypaymentmode->default_rib = 0;
|
|
$companypaymentmode->type = $db->escape($event->data->object->type);
|
|
$companypaymentmode->country_code = $db->escape($event->data->object->card->country);
|
|
$companypaymentmode->status = $servicestatus;
|
|
|
|
$db->begin();
|
|
if (! $error)
|
|
{
|
|
$result = $companypaymentmode->create($user);
|
|
if ($result < 0)
|
|
{
|
|
$error++;
|
|
}
|
|
}
|
|
if (! $error)
|
|
{
|
|
$db->commit();
|
|
}
|
|
else
|
|
{
|
|
$db->rollback();
|
|
}
|
|
}
|
|
}
|
|
elseif ($event->type == 'payment_method.updated') {
|
|
require_once DOL_DOCUMENT_ROOT.'/societe/class/companypaymentmode.class.php';
|
|
$companypaymentmode = new CompanyPaymentMode($db);
|
|
$companypaymentmode->fetch(0, '', 0, '', " AND stripe_card_ref = '".$db->escape($event->data->object->id)."'");
|
|
$companypaymentmode->bank = null;
|
|
$companypaymentmode->label = null;
|
|
$companypaymentmode->number = $db->escape($event->data->object->id);
|
|
$companypaymentmode->last_four = $db->escape($event->data->object->card->last4);
|
|
$companypaymentmode->proprio = $db->escape($event->data->object->billing_details->name);
|
|
$companypaymentmode->exp_date_month = $db->escape($event->data->object->card->exp_month);
|
|
$companypaymentmode->exp_date_year = $db->escape($event->data->object->card->exp_year);
|
|
$companypaymentmode->cvn = null;
|
|
$companypaymentmode->datec = $db->escape($event->data->object->created);
|
|
$companypaymentmode->default_rib = 0;
|
|
$companypaymentmode->type = $db->escape($event->data->object->type);
|
|
$companypaymentmode->country_code = $db->escape($event->data->object->card->country);
|
|
$companypaymentmode->status = $servicestatus;
|
|
|
|
$db->begin();
|
|
if (! $error)
|
|
{
|
|
$result = $companypaymentmode->update($user);
|
|
if ($result < 0)
|
|
{
|
|
$error++;
|
|
}
|
|
}
|
|
if (! $error)
|
|
{
|
|
$db->commit();
|
|
}
|
|
else
|
|
{
|
|
$db->rollback();
|
|
}
|
|
}
|
|
elseif ($event->type == 'payment_method.detached') {
|
|
$db->begin();
|
|
$sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_rib WHERE ref = '".$db->escape($event->data->object->id)."' and status = ".$servicestatus;
|
|
$db->query($sql);
|
|
$db->commit();
|
|
}
|
|
elseif ($event->type == 'charge.succeeded') {
|
|
// TODO: create fees
|
|
// TODO: Redirect to paymentok.php
|
|
}
|
|
elseif ($event->type == 'charge.failed') {
|
|
// TODO: Redirect to paymentko.php
|
|
}
|
|
elseif (($event->type == 'source.chargeable') && ($event->data->object->type == 'three_d_secure') && ($event->data->object->three_d_secure->authenticated==true)) {
|
|
// This event is deprecated.
|
|
}
|
|
|
|
http_response_code(200); // PHP 5.4 or greater
|