dolibarr  13.0.2
confirm_payment.php
1 <?php
2 /* Copyright (C) 2009 Laurent Destailleur <eldy@users.sourceforge.net>
3  *
4  * This program is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU General Public License as published by
6  * the Free Software Foundation; either version 3 of the License, or
7  * (at your option) any later version.
8  *
9  * This program is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12  * GNU General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program. If not, see <https://www.gnu.org/licenses/>.
16  */
17 
18 // TODO Do we really need this page. We alread have a ipn.php page !
19 
20 if (!defined('NOLOGIN')) define("NOLOGIN", 1); // This means this output page does not require to be logged.
21 if (!defined('NOCSRFCHECK')) define("NOCSRFCHECK", 1); // We accept to go on this page from external web site.
22 if (!defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
23 if (!defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1');
24 
25 $entity = (!empty($_GET['entity']) ? (int) $_GET['entity'] : (!empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
26 if (is_numeric($entity)) define("DOLENTITY", $entity);
27 
28 require '../../main.inc.php';
29 require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
30 require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
31 require_once DOL_DOCUMENT_ROOT.'/core/class/ccountry.class.php';
32 require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php';
33 require_once DOL_DOCUMENT_ROOT.'/compta/paiement/class/paiement.class.php';
34 require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
35 require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
36 require_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php';
37 require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php';
38 
39 require_once DOL_DOCUMENT_ROOT.'/includes/stripe/stripe-php/init.php';
40 require_once DOL_DOCUMENT_ROOT.'/stripe/class/stripe.class.php';
41 
42 if (empty($conf->stripe->enabled)) accessforbidden('', 0, 0, 1);
43 
44 
45 // You can find your endpoint's secret in your webhook settings
46 if (isset($_GET['connect']))
47 {
48  if (isset($_GET['test']))
49  {
50  $endpoint_secret = $conf->global->STRIPE_TEST_WEBHOOK_CONNECT_KEY;
51  $service = 'StripeTest';
52  $servicestatus = 0;
53  } else {
54  $endpoint_secret = $conf->global->STRIPE_LIVE_WEBHOOK_CONNECT_KEY;
55  $service = 'StripeLive';
56  $servicestatus = 1;
57  }
58 } else {
59  if (isset($_GET['test']))
60  {
61  $endpoint_secret = $conf->global->STRIPE_TEST_WEBHOOK_KEY;
62  $service = 'StripeTest';
63  $servicestatus = 0;
64  } else {
65  $endpoint_secret = $conf->global->STRIPE_LIVE_WEBHOOK_KEY;
66  $service = 'StripeLive';
67  $servicestatus = 1;
68  }
69 }
70 
71 
72 
73 /*
74  * Actions
75  */
76 
77 $langs->load("main");
78 
79 // TODO Do we really need a user in setup just to have an name to fill an email topic when it is a technical system notification email
80 $user = new User($db);
81 $user->fetch($conf->global->STRIPE_USER_ACCOUNT_FOR_ACTIONS);
82 $user->getrights();
83 
84 // list of action
85 $stripe = new Stripe($db);
86 
87 // Subject
88 $societeName = $conf->global->MAIN_INFO_SOCIETE_NOM;
89 if (!empty($conf->global->MAIN_APPLICATION_TITLE)) $societeName = $conf->global->MAIN_APPLICATION_TITLE;
90 
91 
92 dol_syslog("Stripe confirm_payment was called");
93 dol_syslog("GET=".var_export($_GET, true));
94 dol_syslog("POST=".var_export($_POST, true));
95 
96 
97 header('Content-Type: application/json');
98 
99 // retrieve json from POST body
100 $json_str = file_get_contents('php://input');
101 $json_obj = json_decode($json_str);
102 
103 $intent = null;
104 try {
105  if (isset($json_obj->payment_method_id)) {
106  // Create the PaymentIntent
107  $intent = \Stripe\PaymentIntent::create(array(
108  'payment_method' => $json_obj->payment_method_id,
109  'amount' => 1099,
110  'currency' => 'eur',
111  'confirmation_method' => 'manual',
112  'confirm' => true,
113  ));
114  }
115  if (isset($json_obj->payment_intent_id)) {
116  $intent = \Stripe\PaymentIntent::retrieve(
117  $json_obj->payment_intent_id
118  );
119  $intent->confirm();
120  }
121  generatePaymentResponse($intent);
122 } catch (\Stripe\Error\Base $e) {
123  // Display error on client
124  echo json_encode(array(
125  'error' => $e->getMessage()
126  ));
127 }
128 
135 function generatePaymentResponse($intent)
136 {
137  if ($intent->status == 'requires_source_action' &&
138  $intent->next_action->type == 'use_stripe_sdk') {
139  // Tell the client to handle the action
140  echo json_encode(array(
141  'requires_action' => true,
142  'payment_intent_client_secret' => $intent->client_secret
143  ));
144  } elseif ($intent->status == 'succeeded') {
145  // The payment didn’t need any additional actions and completed!
146  // Handle post-payment fulfillment
147 
148  // TODO
149 
150  echo json_encode(array(
151  "success" => true
152  ));
153  } else {
154  // Invalid status
155  http_response_code(500);
156  echo json_encode(array('error' => 'Invalid PaymentIntent status'));
157  }
158 }
User
Class to manage Dolibarr users.
Definition: user.class.php:44
Stripe
Stripe class.
Definition: stripe.class.php:29
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename= '', $restricttologhandler= '', $logcontext=null)
Write log message into outputs.
Definition: functions.lib.php:1208
accessforbidden
accessforbidden($message= '', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program Calling this function terminate execution ...
Definition: security.lib.php:649
Generated on Sat Aug 23 2025 13:17:35 for dolibarr by Doxygen 1.8.5