309 lines
11 KiB
PHP
309 lines
11 KiB
PHP
<?php
|
|
namespace Opencart\Catalog\Controller\Extension\Hutko\Payment;
|
|
|
|
class Hutko extends \Opencart\System\Engine\Controller {
|
|
private $checkout_url = 'https://pay.hutko.org/api/checkout/url/';
|
|
|
|
public function index(): string {
|
|
$this->load->language('extension/hutko/payment/hutko');
|
|
return $this->load->view('extension/hutko/payment/hutko', ['language' => $this->config->get('config_language')]);
|
|
}
|
|
|
|
public function confirm(): void {
|
|
$this->load->language('extension/hutko/payment/hutko');
|
|
$this->load->model('checkout/order');
|
|
|
|
$json = [];
|
|
|
|
if (!isset($this->session->data['order_id'])) {
|
|
$json['error'] = 'Session missing';
|
|
$json['redirect'] = $this->url->link('checkout/failure', 'language=' . $this->config->get('config_language'), true);
|
|
} else {
|
|
$order_info = $this->model_checkout_order->getOrder($this->session->data['order_id']);
|
|
|
|
if (!$order_info) {
|
|
$json['error'] = 'Order missing';
|
|
} else {
|
|
$hutko_ref = $order_info['order_id'] . '#' . time();
|
|
|
|
// Call the shared logic method
|
|
$request_data = $this->buildRequest($order_info, $hutko_ref);
|
|
|
|
if (!$request_data) {
|
|
$json['error'] = $this->language->get('error_payment_data_build');
|
|
} else {
|
|
$this->load->model('extension/hutko/payment/hutko');
|
|
$response = $this->api($this->checkout_url, $request_data);
|
|
|
|
if (($response['response']['response_status'] ?? '') === 'success' && !empty($response['response']['checkout_url'])) {
|
|
$url = $response['response']['checkout_url'];
|
|
|
|
$this->model_extension_hutko_payment_hutko->logTransaction(
|
|
$order_info['order_id'],
|
|
$hutko_ref,
|
|
'payment_request',
|
|
'created',
|
|
$request_data['amount'] / 100,
|
|
$request_data['currency'],
|
|
[
|
|
'request_data' => $request_data,
|
|
'checkout_url' => $url,
|
|
'user_agent' => $this->request->server['HTTP_USER_AGENT'] ?? ''
|
|
]
|
|
);
|
|
|
|
if ($order_info['order_status_id'] == 0) {
|
|
$this->model_checkout_order->addHistory($order_info['order_id'], $this->config->get('payment_hutko_new_order_status_id'), $this->language->get('text_initiated_payment'), false);
|
|
}
|
|
|
|
$json['redirect'] = $url;
|
|
} else {
|
|
$err = $response['response']['error_message'] ?? $this->language->get('error_api_communication');
|
|
$json['error'] = $err;
|
|
$this->model_extension_hutko_payment_hutko->logTransaction(
|
|
$order_info['order_id'],
|
|
$hutko_ref,
|
|
'payment_request',
|
|
'failed',
|
|
$request_data['amount'] / 100,
|
|
$request_data['currency'],
|
|
['error' => $err, 'api_response' => $response]
|
|
);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
$this->response->addHeader('Content-Type: application/json');
|
|
$this->response->setOutput(json_encode($json));
|
|
}
|
|
|
|
public function callback(): void {
|
|
$this->load->language('extension/hutko/payment/hutko');
|
|
|
|
$input = file_get_contents("php://input");
|
|
$data = json_decode($input, true);
|
|
|
|
// Basic Validation
|
|
if (!$data || !isset($data['order_id'])) {
|
|
http_response_code(400);
|
|
exit('Invalid Request');
|
|
}
|
|
|
|
// Verify Signature first
|
|
if (!$this->validate($data)) {
|
|
http_response_code(400);
|
|
exit('Invalid Signature');
|
|
}
|
|
|
|
$hutko_ref = $data['order_id']; // e.g., 55#17555555
|
|
$parts = explode('#', $hutko_ref);
|
|
$order_id = (int)$parts[0];
|
|
|
|
$this->load->model('checkout/order');
|
|
$order_info = $this->model_checkout_order->getOrder($order_id);
|
|
|
|
if ($order_info) {
|
|
$this->load->model('extension/hutko/payment/hutko');
|
|
$status = $data['order_status'] ?? '';
|
|
|
|
// 1. Log the RAW callback to our internal table
|
|
$this->model_extension_hutko_payment_hutko->logTransaction(
|
|
$order_id,
|
|
$hutko_ref,
|
|
'callback',
|
|
($status === 'approved') ? 'success' : 'failed',
|
|
isset($data['amount']) ? $data['amount'] / 100 : 0,
|
|
$data['currency'] ?? '',
|
|
$data // Save full payload
|
|
);
|
|
|
|
$current_status_id = (int)$order_info['order_status_id'];
|
|
|
|
// 2. Update OpenCart History (Clean Messages Only)
|
|
if ($status === 'approved') {
|
|
if (isset($data['response_status']) && $data['response_status'] == 'success') {
|
|
$target_status_id = (int)$this->config->get('payment_hutko_success_status_id');
|
|
|
|
// Avoid duplicates: Only update if status is different
|
|
if ($current_status_id != $target_status_id) {
|
|
$this->model_checkout_order->addHistory($order_id, $target_status_id, $this->language->get('text_payment_approved'), true);
|
|
}
|
|
echo "OK";
|
|
} else {
|
|
echo "Approved but invalid details";
|
|
}
|
|
} elseif ($status === 'declined') {
|
|
$target_status_id = (int)$this->config->get('payment_hutko_declined_status_id');
|
|
if ($current_status_id != $target_status_id) {
|
|
// Don't notify customer on decline to avoid spam if they retry
|
|
$this->model_checkout_order->addHistory($order_id, $target_status_id, $this->language->get('text_payment_declined'), false);
|
|
}
|
|
echo "Order declined";
|
|
} elseif ($status === 'expired') {
|
|
// Often better not to change order status to "Expired" if you want to allow retries,
|
|
// but if you do, don't notify customer.
|
|
$target_status_id = (int)$this->config->get('payment_hutko_expired_status_id');
|
|
if ($current_status_id != $target_status_id) {
|
|
$this->model_checkout_order->addHistory($order_id, $target_status_id, $this->language->get('text_payment_expired'), false);
|
|
}
|
|
echo "Order expired";
|
|
} else {
|
|
echo "Status received";
|
|
}
|
|
} else {
|
|
http_response_code(404);
|
|
echo "Order not found";
|
|
}
|
|
}
|
|
|
|
|
|
|
|
private function validate($data) {
|
|
$sig = $data['signature'] ?? '';
|
|
unset($data['signature'], $data['response_signature_string']);
|
|
return hash_equals($this->sign($data), $sig);
|
|
}
|
|
|
|
|
|
// =========================================================================
|
|
// SHARED LOGIC START
|
|
// MAINTENANCE WARNING: Keep synchronized with Admin Controller
|
|
// =========================================================================
|
|
|
|
private function buildRequest($order, $hutko_ref) {
|
|
$products_data = $this->getProducts($order['order_id'], $order);
|
|
|
|
$total_products_sum = 0;
|
|
foreach ($products_data as $p) {
|
|
$total_products_sum += $p['total_amount'];
|
|
}
|
|
|
|
$totals_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_total WHERE order_id = '" . (int)$order['order_id'] . "' ORDER BY sort_order ASC");
|
|
$shipping_cost = 0;
|
|
foreach ($totals_query->rows as $t) {
|
|
if ($t['code'] == 'shipping') {
|
|
$shipping_cost += $this->currency->format($t['value'], $order['currency_code'], $order['currency_value'], false);
|
|
}
|
|
}
|
|
|
|
$order_total_val = $this->currency->format($order['total'], $order['currency_code'], $order['currency_value'], false);
|
|
|
|
if ($this->config->get('payment_hutko_include_discount_to_total')) {
|
|
$amount_val = $order_total_val;
|
|
if (!$this->config->get('payment_hutko_shipping_include')) {
|
|
$amount_val -= $shipping_cost;
|
|
}
|
|
} else {
|
|
$amount_val = $total_products_sum;
|
|
}
|
|
|
|
if ($amount_val < 0.01) $amount_val = 0.01;
|
|
$total_cents = (int)round($amount_val * 100);
|
|
|
|
// Catalog side URLs are simple
|
|
$response_url = $this->url->link('checkout/success', 'language=' . $this->config->get('config_language'), true);
|
|
$callback_url = $this->url->link('extension/hutko/payment/hutko.callback', '', true);
|
|
|
|
$reservation_data = [
|
|
"cms_name" => "OpenCart",
|
|
"cms_version" => VERSION,
|
|
"shop_domain" => preg_replace("(^https?://)", "", HTTP_SERVER),
|
|
"phonemobile" => $order['telephone'],
|
|
"customer_address" => $order['payment_address_1'] . ' ' . $order['payment_address_2'],
|
|
"customer_country" => $order['shipping_iso_code_2'],
|
|
"customer_name" => $order['firstname'] . ' ' . $order['lastname'],
|
|
"customer_email" => $order['email'],
|
|
"products" => $products_data
|
|
];
|
|
|
|
$data = [
|
|
'order_id' => $hutko_ref,
|
|
'merchant_id' => $this->config->get('payment_hutko_merchant_id'),
|
|
'amount' => $total_cents,
|
|
'currency' => $order['currency_code'],
|
|
'order_desc' => 'Order #' . $order['order_id'],
|
|
'response_url' => $response_url,
|
|
'server_callback_url' => $callback_url,
|
|
'sender_email' => $order['email'],
|
|
'reservation_data' => base64_encode(json_encode($reservation_data))
|
|
];
|
|
|
|
$data['signature'] = $this->sign($data);
|
|
return $data;
|
|
}
|
|
|
|
private function getProducts(int $order_id, array $order_info): array {
|
|
$products_data = [];
|
|
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "order_product` WHERE `order_id` = '" . (int)$order_id . "'");
|
|
|
|
foreach ($query->rows as $product) {
|
|
$unit_price = $this->currency->format($product['price'] + $product['tax'], $order_info['currency_code'], $order_info['currency_value'], false);
|
|
$total_price = $this->currency->format($product['total'] + ($product['tax'] * $product['quantity']), $order_info['currency_code'], $order_info['currency_value'], false);
|
|
|
|
$products_data[] = [
|
|
"id" => $product['product_id'],
|
|
"name" => $product['name'] . ' ' . $product['model'],
|
|
"price" => round((float)$unit_price, 2),
|
|
"total_amount" => round((float)$total_price, 2),
|
|
"quantity" => (int)$product['quantity'],
|
|
];
|
|
}
|
|
|
|
if ($this->config->get('payment_hutko_shipping_include')) {
|
|
$totals = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_total WHERE order_id = '" . (int)$order_id . "' AND code = 'shipping'");
|
|
if ($totals->num_rows) {
|
|
$shipping_val = $this->currency->format($totals->row['value'], $order_info['currency_code'], $order_info['currency_value'], false);
|
|
if ($shipping_val > 0) {
|
|
$products_data[] = [
|
|
"id" => $this->config->get('payment_hutko_shipping_product_code') ?: 'SHIPPING',
|
|
"name" => $this->config->get('payment_hutko_shipping_product_name') ?: 'Shipping',
|
|
"price" => round((float)$shipping_val, 2),
|
|
"total_amount" => round((float)$shipping_val, 2),
|
|
"quantity" => 1,
|
|
];
|
|
}
|
|
}
|
|
}
|
|
return $products_data;
|
|
}
|
|
|
|
private function sign($data) {
|
|
$key = $this->config->get('payment_hutko_secret_key');
|
|
$arr = array_filter($data, function($v){ return $v !== '' && $v !== null; });
|
|
ksort($arr);
|
|
$str = $key;
|
|
foreach($arr as $v) $str .= '|' . $v;
|
|
return sha1($str);
|
|
}
|
|
|
|
private function api($url, $data) {
|
|
if ($this->config->get('payment_hutko_save_logs')) $this->logOC('Req: ' . json_encode($data));
|
|
|
|
$ch = curl_init($url);
|
|
curl_setopt($ch, CURLOPT_POST, 1);
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode(['request' => $data]));
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
|
|
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
|
|
|
|
$res = curl_exec($ch);
|
|
$error = curl_error($ch);
|
|
curl_close($ch);
|
|
|
|
if ($this->config->get('payment_hutko_save_logs')) {
|
|
$this->logOC('Res: ' . $res);
|
|
if ($error) $this->logOC('Curl Error: ' . $error);
|
|
}
|
|
|
|
return json_decode($res, true) ?: [];
|
|
}
|
|
|
|
private function logOC($msg) {
|
|
$this->log->write("Hutko Payment: " . $msg);
|
|
}
|
|
// =========================================================================
|
|
// SHARED LOGIC END
|
|
// =========================================================================
|
|
} |