-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathmollie.php
109 lines (95 loc) · 3.77 KB
/
mollie.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
<?php
require_once __DIR__ . "/vendor/autoload.php";
include('config.php');
$mollie = new \Mollie\Api\MollieApiClient();
if ($mollie_test || isset($_POST["test"])) {
$mollie->setApiKey($mollie_apikey_test);
} else {
$mollie->setApiKey($mollie_apikey_live);
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (isset($_POST["id"])) {
// client is revbank plugin
$id = $_POST["id"];
if (! preg_match("/^tr_\\w+\\z/", $id)) die("Nope");
header("Content-Type: application/json; charset=US-ASCII");
try {
$payment = $mollie->payments->get($id);
} catch (\Mollie\Api\Exceptions\ApiException $e) {
print json_encode(["ok" => false, "message" => (
$e->getCode() == 404 ? "not found" : "API communication error"
)]);
exit();
}
if (! $payment->isPaid()) {
print json_encode(["ok" => false, "message" => "payment " . $payment->status]);
exit();
}
if (! $payment->metadata->revbank_status) {
print json_encode(["ok" => false, "message" => "not a RevBank transaction"]);
exit();
}
if ($payment->amount->currency != "EUR") {
print json_encode(["ok" => false, "status" => "unknown currency (shouldn't happen)"]);
exit();
}
if (isset($_POST["action"])) {
if ($_POST["action"] == "abort") {
if ($payment->metadata->revbank_status != "pending") {
print json_encode(["ok" => false, "message" => "can't cancel non-pending"]);
exit();
}
$payment->metadata = ["revbank_status" => "unspent"];
$payment->update();
print json_encode(["ok" => true]);
exit();
}
if ($_POST["action"] == "finalize") {
$payment->metadata = ["revbank_status" => "spent"];
$payment->update();
print json_encode(["ok" => true]);
exit();
}
die("Unsupported action.");
}
if ($payment->metadata->revbank_status != "unspent") {
print json_encode(["ok" => false, "message" => "already spent"]);
exit();
}
$payment->metadata = ["revbank_status" => "pending"];
$payment->update();
$amount = $payment->amount->value;
if ($amount < 0) die("Negative?!");
if ($payment->mode == "test") {
print json_encode(["ok" => true, "amount" => "0.00", "test_amount" => $amount]);
} else {
print json_encode(["ok" => true, "amount" => $amount]);
}
exit();
} else {
// client is user
$amount = $_POST["amount"];
$ignore_limits = preg_match("/!$limit_backdoor$/", $amount);
if ($ignore_limits) {
$amount = preg_replace("/!$limit_backdoor$/", "", $amount);
}
if (! preg_match("/^[0-9]+(?:[,.][0-9]{2})?\\z/", $amount)) die("Invalid amount");
$amount = preg_replace("/,/", ".", $amount);
if (! preg_match("/\\./", $amount)) $amount .= ".00";
if (!$ignore_limits) {
if ($amount < $limit_min) die("Minimum $limit_min");
if ($amount > $limit_max) die("Maximum $limit_max");
}
$payment = $mollie->payments->create([
"amount" => [ "value" => $amount, "currency" => "EUR" ],
"description" => "RevBank deposit",
"redirectUrl" => "https://deposit.revspace.nl/?id=",
"metadata" => [ "revbank_status" => "unspent" ],
]);
$payment->redirectUrl .= $payment->id;
$payment->update();
header("Location: " . $payment->getCheckoutUrl(), true, 303);
exit();
}
}
?>