load->language('extension/hutko/payment/hutko'); return $this->load->view('extension/hutko/payment/hutko', ['language' => $this->config->get('config_language')]); } public function confirm(): void { $this->load->language('extension/hutko/payment/hutko'); $this->load->model('checkout/order'); $json = []; if (!isset($this->session->data['order_id'])) { $json['error'] = 'Session missing'; $json['redirect'] = $this->url->link('checkout/failure', 'language=' . $this->config->get('config_language'), true); } else { $order_info = $this->model_checkout_order->getOrder($this->session->data['order_id']); if (!$order_info) { $json['error'] = 'Order missing'; } else { $hutko_ref = $order_info['order_id'] . '#' . time(); // Call the shared logic method $request_data = $this->buildRequest($order_info, $hutko_ref); if (!$request_data) { $json['error'] = $this->language->get('error_payment_data_build'); } else { $this->load->model('extension/hutko/payment/hutko'); $response = $this->api($this->checkout_url, $request_data); if (($response['response']['response_status'] ?? '') === 'success' && !empty($response['response']['checkout_url'])) { $url = $response['response']['checkout_url']; $this->model_extension_hutko_payment_hutko->logTransaction( $order_info['order_id'], $hutko_ref, 'payment_request', 'created', $request_data['amount'] / 100, $request_data['currency'], [ 'request_data' => $request_data, 'checkout_url' => $url, 'user_agent' => $this->request->server['HTTP_USER_AGENT'] ?? '' ] ); if ($order_info['order_status_id'] == 0) { $this->model_checkout_order->addHistory($order_info['order_id'], $this->config->get('payment_hutko_new_order_status_id'), $this->language->get('text_initiated_payment'), false); } $json['redirect'] = $url; } else { $err = $response['response']['error_message'] ?? $this->language->get('error_api_communication'); $json['error'] = $err; $this->model_extension_hutko_payment_hutko->logTransaction( $order_info['order_id'], $hutko_ref, 'payment_request', 'failed', $request_data['amount'] / 100, $request_data['currency'], ['error' => $err, 'api_response' => $response] ); } } } } $this->response->addHeader('Content-Type: application/json'); $this->response->setOutput(json_encode($json)); } public function callback(): void { $this->load->language('extension/hutko/payment/hutko'); $input = file_get_contents("php://input"); $data = json_decode($input, true); // Basic Validation if (!$data || !isset($data['order_id'])) { http_response_code(400); exit('Invalid Request'); } // Verify Signature first if (!$this->validate($data)) { http_response_code(400); exit('Invalid Signature'); } $hutko_ref = $data['order_id']; // e.g., 55#17555555 $parts = explode('#', $hutko_ref); $order_id = (int)$parts[0]; $this->load->model('checkout/order'); $order_info = $this->model_checkout_order->getOrder($order_id); if ($order_info) { $this->load->model('extension/hutko/payment/hutko'); $status = $data['order_status'] ?? ''; // 1. Log the RAW callback to our internal table $this->model_extension_hutko_payment_hutko->logTransaction( $order_id, $hutko_ref, 'callback', ($status === 'approved') ? 'success' : 'failed', isset($data['amount']) ? $data['amount'] / 100 : 0, $data['currency'] ?? '', $data // Save full payload ); $current_status_id = (int)$order_info['order_status_id']; // 2. Update OpenCart History (Clean Messages Only) if ($status === 'approved') { if (isset($data['response_status']) && $data['response_status'] == 'success') { $target_status_id = (int)$this->config->get('payment_hutko_success_status_id'); // Avoid duplicates: Only update if status is different if ($current_status_id != $target_status_id) { $this->model_checkout_order->addHistory($order_id, $target_status_id, $this->language->get('text_payment_approved'), true); } echo "OK"; } else { echo "Approved but invalid details"; } } elseif ($status === 'declined') { $target_status_id = (int)$this->config->get('payment_hutko_declined_status_id'); if ($current_status_id != $target_status_id) { // Don't notify customer on decline to avoid spam if they retry $this->model_checkout_order->addHistory($order_id, $target_status_id, $this->language->get('text_payment_declined'), false); } echo "Order declined"; } elseif ($status === 'expired') { // Often better not to change order status to "Expired" if you want to allow retries, // but if you do, don't notify customer. $target_status_id = (int)$this->config->get('payment_hutko_expired_status_id'); if ($current_status_id != $target_status_id) { $this->model_checkout_order->addHistory($order_id, $target_status_id, $this->language->get('text_payment_expired'), false); } echo "Order expired"; } else { echo "Status received"; } } else { http_response_code(404); echo "Order not found"; } } private function validate($data) { $sig = $data['signature'] ?? ''; unset($data['signature'], $data['response_signature_string']); return hash_equals($this->sign($data), $sig); } // ========================================================================= // SHARED LOGIC START // MAINTENANCE WARNING: Keep synchronized with Admin Controller // ========================================================================= private function buildRequest($order, $hutko_ref) { $products_data = $this->getProducts($order['order_id'], $order); $total_products_sum = 0; foreach ($products_data as $p) { $total_products_sum += $p['total_amount']; } $totals_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_total WHERE order_id = '" . (int)$order['order_id'] . "' ORDER BY sort_order ASC"); $shipping_cost = 0; foreach ($totals_query->rows as $t) { if ($t['code'] == 'shipping') { $shipping_cost += $this->currency->format($t['value'], $order['currency_code'], $order['currency_value'], false); } } $order_total_val = $this->currency->format($order['total'], $order['currency_code'], $order['currency_value'], false); if ($this->config->get('payment_hutko_include_discount_to_total')) { $amount_val = $order_total_val; if (!$this->config->get('payment_hutko_shipping_include')) { $amount_val -= $shipping_cost; } } else { $amount_val = $total_products_sum; } if ($amount_val < 0.01) $amount_val = 0.01; $total_cents = (int)round($amount_val * 100); // Catalog side URLs are simple $response_url = $this->url->link('checkout/success', 'language=' . $this->config->get('config_language'), true); $callback_url = $this->url->link('extension/hutko/payment/hutko.callback', '', true); $reservation_data = [ "cms_name" => "OpenCart", "cms_version" => VERSION, "shop_domain" => preg_replace("(^https?://)", "", HTTP_SERVER), "phonemobile" => $order['telephone'], "customer_address" => $order['payment_address_1'] . ' ' . $order['payment_address_2'], "customer_country" => $order['shipping_iso_code_2'], "customer_name" => $order['firstname'] . ' ' . $order['lastname'], "customer_email" => $order['email'], "products" => $products_data ]; $data = [ 'order_id' => $hutko_ref, 'merchant_id' => $this->config->get('payment_hutko_merchant_id'), 'amount' => $total_cents, 'currency' => $order['currency_code'], 'order_desc' => 'Order #' . $order['order_id'], 'response_url' => $response_url, 'server_callback_url' => $callback_url, 'sender_email' => $order['email'], 'reservation_data' => base64_encode(json_encode($reservation_data)) ]; $data['signature'] = $this->sign($data); return $data; } private function getProducts(int $order_id, array $order_info): array { $products_data = []; $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "order_product` WHERE `order_id` = '" . (int)$order_id . "'"); foreach ($query->rows as $product) { $unit_price = $this->currency->format($product['price'] + $product['tax'], $order_info['currency_code'], $order_info['currency_value'], false); $total_price = $this->currency->format($product['total'] + ($product['tax'] * $product['quantity']), $order_info['currency_code'], $order_info['currency_value'], false); $products_data[] = [ "id" => $product['product_id'], "name" => $product['name'] . ' ' . $product['model'], "price" => round((float)$unit_price, 2), "total_amount" => round((float)$total_price, 2), "quantity" => (int)$product['quantity'], ]; } if ($this->config->get('payment_hutko_shipping_include')) { $totals = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_total WHERE order_id = '" . (int)$order_id . "' AND code = 'shipping'"); if ($totals->num_rows) { $shipping_val = $this->currency->format($totals->row['value'], $order_info['currency_code'], $order_info['currency_value'], false); if ($shipping_val > 0) { $products_data[] = [ "id" => $this->config->get('payment_hutko_shipping_product_code') ?: 'SHIPPING', "name" => $this->config->get('payment_hutko_shipping_product_name') ?: 'Shipping', "price" => round((float)$shipping_val, 2), "total_amount" => round((float)$shipping_val, 2), "quantity" => 1, ]; } } } return $products_data; } private function sign($data) { $key = $this->config->get('payment_hutko_secret_key'); $arr = array_filter($data, function($v){ return $v !== '' && $v !== null; }); ksort($arr); $str = $key; foreach($arr as $v) $str .= '|' . $v; return sha1($str); } private function api($url, $data) { if ($this->config->get('payment_hutko_save_logs')) $this->logOC('Req: ' . json_encode($data)); $ch = curl_init($url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(['request' => $data])); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); curl_setopt($ch, CURLOPT_TIMEOUT, 30); $res = curl_exec($ch); $error = curl_error($ch); curl_close($ch); if ($this->config->get('payment_hutko_save_logs')) { $this->logOC('Res: ' . $res); if ($error) $this->logOC('Curl Error: ' . $error); } return json_decode($res, true) ?: []; } private function logOC($msg) { $this->log->write("Hutko Payment: " . $msg); } // ========================================================================= // SHARED LOGIC END // ========================================================================= }