Vergara_Tech/ZGoPmtGwy
2
0
Fork 0
Code Issues Pull requests Projects Releases 6 Packages Wiki Activity

Merge branch 'security1'

Browse source
This commit is contained in:
Rene Vergara 2023-06-26 10:33:45 -05:00
commit 640911a1e2
Signed by: pitmutt
GPG key ID: 65122AD495A7F5B2
3 changed files with 389 additions and 244 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
CHANGELOG.md
View file

@ -3,6 +3,12 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
- Security hardening changes to plugin queries.
- Re-design of ZGo API callback to support WooCommerce 7.8.0
## [1.0.0-beta.1] - 2023-01-11 ## [1.0.0-beta.1] - 2023-01-11
- Adjust production server integration - Adjust production server integration

28
assets/php/zpmt-stats-page.php
View file

@ -35,23 +35,23 @@ class zpmt_stats_page {
$wpdb->query($sql); $wpdb->query($sql);
if ( ! $this->pmtLstRdy() ) { if ( ! $this->pmtLstRdy() ) {
// //
// Calculate first time pagination paramters // Calculate first time pagination paramters
// //
$this->_limit = 10; $this->_limit = 10;
$this->_page = 1; $this->_page = 1;
$this->_offset = 0; $this->_offset = 0;
$this->_npages = intdiv($this->_nrows,$this->_limit); $this->_npages = intdiv($this->_nrows,$this->_limit);
if ( $this->_nrows > ($this->_npages*$this->_limit) ) { if ( $this->_nrows > ($this->_npages*$this->_limit) ) {
$this->_npages++; $this->_npages++;
} }
$sql = 'insert into zgo_pmtlst (pg_ix,pg_page,pg_npages,pg_offset,pg_limit) values (1,' . $sql = 'insert into zgo_pmtlst (pg_ix,pg_page,pg_npages,pg_offset,pg_limit) values (1,' .
$this->_page . ',' . $this->_page . ',' .
$this->_npages . ',' . $this->_npages . ',' .
$this->_offset . ',' . $this->_offset . ',' .
$this->_limit .')'; $this->_limit .')';
$wpdb->query($sql); $wpdb->query($sql);
} else { } else {
// Load last state // Load last state
$params = $this->pmtLstParams(); $params = $this->pmtLstParams();
@ -232,9 +232,9 @@ class zpmt_stats_page {
font-weight: 600;">'; font-weight: 600;">';
} }
$line++; $line++;
print '<td><a href="https://dev.zgo.cash/invoice/' . $row->pmt_orderid . '" target="_blank">' . $row->pmt_orderid . "</a></td>"; print '<td><a href="https://dev.zgo.cash/invoice/' . htmlentities($row->pmt_orderid, ENT_QUOTES) . '" target="_blank">' . htmlentities($row->pmt_orderid, ENT_QUOTES) . "</a></td>";
print "<td>" . $row->pmt_wc_order . "</td>"; print "<td>" . $row->pmt_wc_order . "</td>";
print "<td>" . $row->pmt_wc_custname . "</td>"; print "<td>" . htmlentities($row->pmt_wc_custname, ENT_QUOTES) . "</td>";
print '<td style="text-align:center;">'. $row->pmt_accepted . "</td>"; print '<td style="text-align:center;">'. $row->pmt_accepted . "</td>";
print '<td style="text-align:center;">'.$row->pmt_confirmed ."</td>"; print '<td style="text-align:center;">'.$row->pmt_confirmed ."</td>";
print '<td style="text-align:right;">'. number_format($row->pmt_amount,2) . "</td>"; print '<td style="text-align:right;">'. number_format($row->pmt_amount,2) . "</td>";

591
zgopmtgwy.php
View file

@ -1,35 +1,35 @@
<?php <?php
/** /**
* Plugin Name: ZGo Payment Gateway * Plugin Name: ZGo Payment Gateway
* Plugin URI: https://vergara.tech' * Plugin URI: https://vergara.tech'
* Description: ZGo latest payment processing solution for Woocommerce. Accept payments using Zcash. * Description: ZGo latest payment processing solution for Woocommerce. Accept payments using Zcash.
* Version: 1.0.0 beta * Version: 1.0.0
* Requires at least: 5.2 * Requires at least: 5.2
* Requires PHP: 7.2 * Requires PHP: 7.2
* Author: Vergara Tech LLC * Author: Vergara Tech LLC
* Author URI: https://vergara.tech * Author URI: https://zgo.cash/
* License: GPL v2 or later * License: GPL v2 or later
* License URI: https://www.gnu.org/licenses/gpl-2.0.html * License URI: https://www.gnu.org/licenses/gpl-2.0.html
**/ **/
if ( ! defined( 'ABSPATH' ) ) { if ( ! defined( 'ABSPATH' ) ) {
exit; // Exit if accessed directly exit; // Exit if accessed directly
} }
if ( ! in_array( 'woocommerce/woocommerce.php', if ( ! in_array( 'woocommerce/woocommerce.php',
apply_filters('active_plugins', apply_filters('active_plugins',
get_option('active_plugins') ) ) ) { get_option('active_plugins') ) ) ) {
return; return;
} }
add_action( 'plugins_loaded', 'zgopmt_init' ); add_action( 'plugins_loaded', 'zgopmt_init' );
function zgopmt_init() { function zgopmt_init() {
if ( ! class_exists( 'WC_Payment_Gateway' ) ) { if ( ! class_exists( 'WC_Payment_Gateway' ) ) {
return; return;
} }
class WC_ZGopmt_Gateway extends WC_Payment_Gateway { class WC_ZGopmt_Gateway extends WC_Payment_Gateway {
@ -37,20 +37,20 @@ function zgopmt_init() {
public $zgoownerid; public $zgoownerid;
public $zgotoken; public $zgotoken;
public $siteURL; public $siteURL;
public $zpmtdb; public $zpmtdb;
/** /**
* Constructor for the gateway. * Constructor for the gateway.
*/ */
public function __construct() { public function __construct() {
global $wpdb; global $wpdb;
// //
// Create payments table in WordPress database // Create payments table in WordPress database
// //
$sql = 'create table if not exists zgo_payments (' . $sql = 'create table if not exists zgo_payments (' .
'pmt_orderid varchar(64),' . 'pmt_orderid varchar(64),' .
'pmt_wc_order varchar(20),' . 'pmt_wc_order varchar(20),' .
'pmt_wc_custname varchar(100),' . 'pmt_wc_custname varchar(100),' .
'pmt_accepted varchar(30),' . 'pmt_accepted varchar(30),' .
'pmt_confirmed varchar(30),' . 'pmt_confirmed varchar(30),' .
@ -59,10 +59,10 @@ function zgopmt_init() {
'pmt_zec double (12,8) not null default 0.0,' . 'pmt_zec double (12,8) not null default 0.0,' .
'pmt_wc_paid int not null default 0,' . 'pmt_wc_paid int not null default 0,' .
'unique pmt_orderix (pmt_orderid, pmt_wc_order) )'; 'unique pmt_orderix (pmt_orderid, pmt_wc_order) )';
$wpdb->query($sql); $wpdb->query($sql);
$iconurl = plugin_dir_url( __FILE__ ) . $iconurl = plugin_dir_url( __FILE__ ) .
'assets/img/zgo-icon-full_6pct.png'; 'assets/img/zgo-icon-full_6pct.png';
$this->siteURL = get_site_url(); $this->siteURL = get_site_url();
@ -72,9 +72,9 @@ function zgopmt_init() {
$this->icon = $iconurl; $this->icon = $iconurl;
$this->has_fields = false; $this->has_fields = false;
$this->method_title = __('ZGo Payment', $this->method_title = __('ZGo Payment',
$this->domain); $this->domain);
$this->method_description = __('ZGo Payment - Accept payments using Zcash.', $this->domain); $this->method_description = __('ZGo Payment - Accept payments using Zcash.', $this->domain);
// Load the settings. // Load the settings.
$this->init_form_fields(); $this->init_form_fields();
$this->init_settings(); $this->init_settings();
@ -86,251 +86,266 @@ function zgopmt_init() {
// Actions // Actions
add_action('woocommerce_update_options_payment_gateways_' . add_action('woocommerce_update_options_payment_gateways_' .
$this->id, $this->id,
array( $this, 'process_admin_options' ) ); array( $this, 'process_admin_options' ) );
add_action( 'woocommerce_thankyou_' . $this->id, array( $this, 'thankyou_page' ) ); add_action( 'woocommerce_thankyou_' . $this->id, array( $this, 'thankyou_page' ) );
if ( ! $this->is_valid_for_use() ) if ( ! $this->is_valid_for_use() )
$this->enabled = false; $this->enabled = false;
/** /**
* Add the webhook for payment confirmation from ZGo * Add the webhook for payment confirmation from ZGo
*/ */
add_action( 'woocommerce_api_zpmtcallback', array($this,'zconfirm')); //add_action( 'woocommerce_api_zpmtcallback', array($this,'zconfirm'));
} }
public function register_routes() {
register_rest_route( 'wc/v3', 'zgocallback', array(
'methods' => 'GET',
'callback' => array($this,'zgoapicallback')));
}
public function init_form_fields() { public function init_form_fields() {
$this->form_fields = apply_filters( $this->form_fields = apply_filters(
'woo_zgopmtsrv_fields', array( 'woo_zgopmtsrv_fields', array(
'enabled' => array( 'enabled' => array(
'title' => __('Enable/Disable', 'title' => __('Enable/Disable',
$this->domain ), $this->domain ),
'type' => 'checkbox', 'type' => 'checkbox',
'label' => __('Enable payments with Zcash', $this->domain ), 'label' => __('Enable payments with Zcash', $this->domain ),
'default' => 'yes' 'default' => 'yes'
), ),
'title' => array( 'title' => array(
'title' => __( 'ZGo Payment Service title', 'title' => __( 'ZGo Payment Service title',
$this->domain ), $this->domain ),
'type' => 'text', 'type' => 'text',
'default' => __( 'ZGo Payment Gateway', 'default' => __( 'ZGo Payment Gateway',
$this->domain ), $this->domain ),
'desc_tip' => true, 'desc_tip' => true,
'description' => __( 'Add a new title for the ZGo Payment Service that your customers will see when they are in the checkout page', 'description' => __( 'Add a new title for the ZGo Payment Service that your customers will see when they are in the checkout page',
$this->domain ), $this->domain ),
), ),
'description' => array( 'description' => array(
'title' => __( 'ZGo Payment Service Confirmation', 'title' => __( 'ZGo Payment Service Confirmation',
$this->domain ), $this->domain ),
'type' => 'textarea', 'type' => 'textarea',
'default' => __( '<b>Pay with Zcash</b>, ZGo will report your payment as soon as it gets confirmed. Normally it takes about 5 minutes.<br> <a href="https://zgo.cash" target="_blank">Read more...</a>', 'default' => __( '<b>Pay with Zcash</b>, ZGo will report your payment as soon as it gets confirmed. Normally it takes about 5 minutes.<br> <a href="https://zgo.cash" target="_blank">Read more...</a>',
$this->domain ), $this->domain ),
'desc_tip' => true, 'desc_tip' => true,
'description' => __('Payment confirmation description that the customer will see on your checkout.', 'description' => __('Payment confirmation description that the customer will see on your checkout.',
$this->domain ), $this->domain ),
), ),
'instructions' => array( 'instructions' => array(
'title' => __('Instructions', 'title' => __('Instructions',
$this->domain ), $this->domain ),
'type' => 'textarea', 'type' => 'textarea',
'default' => __('Default instrctions', 'default' => __('Default instrctions',
$this->domain ), $this->domain ),
'desc_tip' => true, 'desc_tip' => true,
'description' => __('Instruction that will be added to the Thank You page and order email', 'description' => __('Instruction that will be added to the Thank You page and order email',
$this->domain ), $this->domain ),
), ),
'zgoownerid' => array( 'zgoownerid' => array(
'title' => __( 'ZGo OwnerId', 'title' => __( 'ZGo OwnerId',
$this->domain ), $this->domain ),
'type' => 'text', 'type' => 'text',
'default' => __( 'Replace this text with your ZGo Owner ID ', 'default' => __( 'Replace this text with your ZGo Owner ID ',
$this->domain ), $this->domain ),
'desc_tip' => true, 'desc_tip' => true,
'description' => __( 'Type or paste your ZGo Account Owner Id (Found in your ZGo Shop Settings)', 'description' => __( 'Type or paste your ZGo Account Owner Id (Found in your ZGo Shop Settings)',
$this->domain ), $this->domain ),
), ),
'zgotoken' => array( 'zgotoken' => array(
'title' => __( 'ZGo Token', 'title' => __( 'ZGo Token',
$this->domain ), $this->domain ),
'type' => 'text', 'type' => 'text',
'default' => __( 'Replace this text with your ZGo Token', 'default' => __( 'Replace this text with your ZGo Token',
$this->domain ), $this->domain ),
'desc_tip' => true, 'desc_tip' => true,
'description' => __( 'Type or paste your ZGo Token (Found in your ZGo Shop Settings)', 'description' => __( 'Type or paste your ZGo Token (Found in your ZGo Shop Settings)',
$this->domain ), $this->domain ),
), ),
) )
); );
} }
/* /*
* Check if configuration is valid * Check if configuration is valid
*/ */
public function is_valid_for_use() { public function is_valid_for_use() {
$isvalid = false; $isvalid = false;
if ( isset($this->zgoownerid) && if ( isset($this->zgoownerid) &&
($this->zgoownerid !== '') ) { ($this->zgoownerid !== '') ) {
$url = 'https://api.zgo.cash//auth?ownerid=' . $url = 'https://test.zgo.cash/auth?ownerid=' .
$this->zgoownerid . '&token=' . $this->zgoownerid . '&token=' .
$this->zgotoken . '&siteurl=' . $this->zgotoken . '&siteurl=' .
$this->base64url_encode($this->siteURL); $this->base64url_encode($this->siteURL);
$response = wp_remote_get($url); $response = wp_remote_get($url);
$httpcode = wp_remote_retrieve_response_code( $response ); $httpcode = wp_remote_retrieve_response_code( $response );
switch ( $httpcode ) { switch ( $httpcode ) {
case 200: case 200:
$body = wp_remote_retrieve_body( $response ); $body = wp_remote_retrieve_body( $response );
$oid = json_decode($body); $oid = json_decode($body);
$isvalid = $oid->{'authorized'}; $isvalid = $oid->{'authorized'};
break; break;
case 202:git case 202:
$body = wp_remote_retrieve_body($response ); $body = wp_remote_retrieve_body($response );
$oid = json_decode($body); $oid = json_decode($body);
break; break;
default: default:
break; break;
} }
} }
return $isvalid; return $isvalid;
} }
/* /*
* Process Payment * Process Payment
*/ */
public function process_payment( $order_id ) { public function process_payment( $order_id ) {
global $wpdb; global $wpdb;
$order = wc_get_order( $order_id ); $order = wc_get_order( $order_id );
// $wc_order = wc_get_product($order_id); // $wc_order = wc_get_product($order_id);
$wc_order_key = $order->get_order_key(); $wc_order_key = $order->get_order_key();
$url = 'https://api.zgo.cash/woopayment' . $url = 'https://test.zgo.cash/woopayment' .
'?ownerid=' . $this->zgoownerid . '?ownerid=' . $this->zgoownerid .
'&token=' . $this->zgotoken . '&token=' . $this->zgotoken .
'&order_id=' . $order_id . '&order_id=' . $order_id .
'&currency=' . strtolower($order->get_currency()) . '&currency=' . strtolower($order->get_currency()) .
'&amount=' . $order->get_total() . '&amount=' . $order->get_total() .
'&date=' . date_format($order->get_date_created(),'Y-m-d') . '&date=' . date_format($order->get_date_created(),'Y-m-d') .
'&siteurl=' . $this->base64url_encode($this->siteURL) . '&siteurl=' . $this->base64url_encode($this->siteURL) .
'&orderkey=' . $wc_order_key; '&orderkey=' . $wc_order_key;
//'&orderkey=' . ; //'&orderkey=' . ;
$response = wp_remote_get($url); $response = wp_remote_get($url);
$httpcode = wp_remote_retrieve_response_code( $response ); $httpcode = wp_remote_retrieve_response_code( $response );
switch ( $httpcode ) { switch ( $httpcode ) {
case 200: case 200:
wc_add_notice( 'Order on hold, please wait for confirmation'); wc_add_notice( 'Order on hold, please wait for confirmation');
$order->update_status('on_hold',__('Awaiting payment confirmation','woocommerce')); $order->update_status('on_hold',__('Awaiting payment confirmation','woocommerce'));
$body = wp_remote_retrieve_body( $response ); $body = wp_remote_retrieve_body( $response );
$oid = json_decode($body); $oid = json_decode($body);
$zgoOrderid = $oid->{'order'}; $zgoOrderid = $oid->{'order'};
// $zgoOrderToken = $oid->{'token'};
// Save ZGo Order ID and Cart order //
// // Save ZGo Order ID and Cart order
$sql = "replace into zgo_payments (" . //
"pmt_orderid," . $sql3 = $wpdb->prepare('replace into zgo_payments (pmt_orderid, pmt_wc_order, pmt_wc_custname, pmt_accepted, pmt_confirmed, pmt_amount, pmt_rate, pmt_zec, pmt_wc_paid) values (%s, %s, %s, %s, %s, %f, 0, 0, 0);',
"pmt_wc_order," . $zgoOrderid, $order_id, $order->get_billing_first_name() . ' ' . $order->get_billing_last_name(), date('Y-m-d H:i:s'), '', $order->get_total());
"pmt_wc_custname," . //$sql = "replace into zgo_payments (" .
"pmt_accepted," . //"pmt_orderid," .
"pmt_confirmed," . //"pmt_wc_order," .
"pmt_amount," . //"pmt_wc_custname," .
"pmt_rate," . //"pmt_accepted," .
"pmt_zec," . //"pmt_confirmed," .
"pmt_wc_paid) values ('" . //"pmt_amount," .
$zgoOrderid . "','" . //"pmt_rate," .
$order_id . "','" . //"pmt_zec," .
$order->get_billing_first_name() . " " . //"pmt_wc_paid) values ('" .
$order->get_billing_last_name() . "','" . //$zgoOrderid . "','" .
date('Y-m-d H:i:s') . "','',". //$order_id . "','" .
$order->get_total() . //$order->get_billing_first_name() . " " .
",0,0,0)"; //$order->get_billing_last_name() . "','" .
$wpdb->query($sql); //date('Y-m-d H:i:s') . "','',".
//$order->get_total() .
//",0,0,0)";
$wpdb->query($sql3);
// Remove cart. // Remove cart.
WC()->cart->empty_cart(); WC()->cart->empty_cart();
return array( return array(
'result' => 'success', 'result' => 'success',
'redirect' => 'https://app.zgo.cash/invoice/' . $zgoOrderid, 'redirect' => 'https://dev.zgo.cash/invoice/' . $zgoOrderid . '?token=' . $zgoOrderToken,
); );
break; break;
case 202: case 202:
$body = wp_remote_retrieve_body( $response ); $body = wp_remote_retrieve_body( $response );
$msg = json_decode($body); $msg = json_decode($body);
$order->update_status('failed',__('Order ' . $order_id . ' -> ZGo Order Generation Error : ' . $msg->{'message'},'woocommerce')); $order->update_status('failed',__('Order ' . $order_id . ' -> ZGo Order Generation Error : ' . $msg->{'message'},'woocommerce'));
break; break;
default: default:
return; return;
} }
} }
/** /**
* Confirm payment and complete order * Confirm payment and complete order
*/ */
public function zconfirm() { //public function zconfirm() {
global $wpdb; //global $wpdb;
$token = $_GET['token']; //$token = $_GET['token'];
$zgoOrderid = $_GET['orderid']; //$zgoOrderid = $_GET['orderid'];
$orderid = $_GET['wc_orderid']; //$orderid = $_GET['wc_orderid'];
$totalzec = $_GET['totalzec']; //$totalzec = $_GET['totalzec'];
$rate = $_GET['rate']; //$rate = $_GET['rate'];
$order = wc_get_order( $orderid ); //$order = wc_get_order( $orderid );
$sql = "select * from zgo_payments where pmt_wc_order = '" . $orderid . "';"; //$sql = $wpdb->prepare('select * from zgo_payments where pmt_wc_order = %s ;', $orderid);
$result = $wpdb->get_row($sql,OBJECT); ////$sql = "select * from zgo_payments where pmt_wc_order = '" . $orderid . "';";
if ( ! is_null($result) ) { //$result = $wpdb->get_row($sql,OBJECT);
//if ( ! is_null($result) ) {
if ( ( $token == $this->zgotoken ) //if ( ($token == $this->zgotoken )
&& ( $result->pmt_orderid == $zgoOrderid ) //&& ( $result->pmt_orderid == $zgoOrderid )
&& ( $result->pmt_wc_paid == '0' ) ) { //&& ( $result->pmt_wc_paid == '0' ) ) {
switch ( $order->get_status() ) { //switch ( $order->get_status() ) {
case 'pending': //case 'pending':
case 'failed': //case 'failed':
$order->payment_complete(); //$order->payment_complete();
$order->reduce_order_stock(); //$order->reduce_order_stock();
// ////
// Mark order as completed in ZGo DB //// Mark order as completed in ZGo DB
// ////
$sql = "update zgo_payments set " . ////$sql = "update zgo_payments set " .
"pmt_confirmed='" . date('Y-m-d H:i:s') . ////"pmt_confirmed='" . date('Y-m-d H:i:s') .
"', pmt_rate=" . $rate . ////"', pmt_rate=" . $rate .
", pmt_zec=" . $totalzec . ////", pmt_zec=" . $totalzec .
", pmt_wc_paid=1 " . ////", pmt_wc_paid=1 " .
" where pmt_wc_order='" . $orderid . "';"; ////" where pmt_wc_order='" . $orderid . "';";
$wpdb->query($sql); //$sql2 = $wpdb->prepare('update zgo_payments set pmt_confirmed = %s, pmt_rate = %f, pmt_zec = %f, pmt_wc_paid = 1 where pmt_wc_order = %s;', date('Y-m-d H:i:s'), $rate, $totalzec, $orderid );
//$wpdb->query($sql2);
update_option('webhook_debug', $_GET); //update_option('webhook_debug', $_GET);
break; //break;
default: //default:
// $this->console_log('Order ' . $orderid . ' already paid or cancelled...'); ////$this->console_log('Order ' . $orderid . ' already paid or cancelled...');
break; //return array("message" => 'Order ' . $orderid . ' already paid or cancelled...');
} //break;
} else { //}
// $this->console_log('Invalid parameters...'); //} else {
} ////$this->console_log('Invalid parameters...');
} else { //return array("message" => 'Invalid parameters...');
// $this->console_log('Database error...'); //}
} //} else {
} ////$this->console_log('Database error...');
//return array("message" => 'Database error...');
//}
//}
public function thankyou_page () { public function thankyou_page () {
if ( $description = $this->get_description() ) { if ( $description = $this->get_description() ) {
echo wpautop( wptexturize( $description ) ); echo wpautop( wptexturize( $description ) );
} }
} }
public function console_log($data) { public function console_log($data) {
@ -342,19 +357,79 @@ function zgopmt_init() {
public function base64url_encode($data) { public function base64url_encode($data) {
$edata = str_replace('=','',strtr(base64_encode($data), '+/', '-_')); $edata = str_replace('=','',strtr(base64_encode($data), '+/', '-_'));
return $edata; return $edata;
} }
} public function zgoapicallback($request) {
global $wpdb;
//$token = $_GET['token'];
//$zgoOrderid = $_GET['orderid'];
//$orderid = $_GET['wc_orderid'];
//$totalzec = $_GET['totalzec'];
//$rate = $_GET['rate'];
$token = $request->get_param('token');
$zgoOrderid = $request->get_param('orderid');
$orderid = $request->get_param('wc_orderid');
$totalzec = $request->get_param('totalzec');
$rate = $request->get_param('rate');
$order = wc_get_order( $orderid );
$sql = $wpdb->prepare('select * from zgo_payments where pmt_wc_order = %s ;', $orderid);
//$sql = "select * from zgo_payments where pmt_wc_order = '" . $orderid . "';";
$result = $wpdb->get_row($sql,OBJECT);
if ( ! is_null($result) ) {
if ( (hash('sha256',$token) == hash('sha256',$this->zgotoken) )
&& ( $result->pmt_orderid == $zgoOrderid )
&& ( $result->pmt_wc_paid == '0' ) ) {
switch ( $order->get_status() ) {
case 'pending':
case 'failed':
$order->payment_complete();
$order->reduce_order_stock();
//
// Mark order as completed in ZGo DB
//
//$sql = "update zgo_payments set " .
//"pmt_confirmed='" . date('Y-m-d H:i:s') .
//"', pmt_rate=" . $rate .
//", pmt_zec=" . $totalzec .
//", pmt_wc_paid=1 " .
//" where pmt_wc_order='" . $orderid . "';";
$sql2 = $wpdb->prepare('update zgo_payments set pmt_confirmed = %s, pmt_rate = %f, pmt_zec = %f, pmt_wc_paid = 1 where pmt_wc_order = %s;', date('Y-m-d H:i:s'), $rate, $totalzec, $orderid );
$wpdb->query($sql2);
//update_option('webhook_debug', $_GET);
return array('message' => 'Order '. $orderid . ' mark as paid correctly.');
break;
default:
//$this->console_log('Order ' . $orderid . ' already paid or cancelled...');
return array("message" => 'Order ' . $orderid . ' already paid or cancelled...');
break;
}
} else {
//$this->console_log('Invalid parameters...');
return array("message" => 'Invalid parameters...');
}
} else {
//$this->console_log('Database error...');
return array("message" => 'Database error...');
}
//return array( 'custom' => 'Data', "request" => $data->get_params() );
}
}
add_filter( 'woocommerce_payment_gateways', add_filter( 'woocommerce_payment_gateways',
'add_custom_gateway_class' ); 'add_custom_gateway_class' );
function add_custom_gateway_class( $methods ) { function add_custom_gateway_class( $methods ) {
if ( ! in_array('WC_ZGopmt_Gateway', $methods) ) { if ( ! in_array('WC_ZGopmt_Gateway', $methods) ) {
$methods[] = 'WC_ZGopmt_Gateway'; $methods[] = 'WC_ZGopmt_Gateway';
} }
return $methods; return $methods;
} }
} }
@ -366,8 +441,72 @@ foreach ( glob( plugin_dir_path( __FILE__ ) . 'assets/php/*.php' ) as $file ) {
add_action( 'plugins_loaded', 'zgopmtlist_plugin' ); add_action( 'plugins_loaded', 'zgopmtlist_plugin' );
function zgopmtlist_plugin() { function zgopmtlist_plugin() {
$path = plugin_dir_path( __FILE__ ); $path = plugin_dir_path( __FILE__ );
$plugin = new zpmt_stats( new zpmt_stats_page($path) ); $plugin = new zpmt_stats( new zpmt_stats_page($path) );
$plugin->init(); $plugin->init();
} }
function get_custom($data) {
global $wpdb;
//$token = $_GET['token'];
//$zgoOrderid = $_GET['orderid'];
//$orderid = $_GET['wc_orderid'];
//$totalzec = $_GET['totalzec'];
//$rate = $_GET['rate'];
$token = $data->get_param('token');
$zgoOrderid = $data->get_param('orderid');
$orderid = $data->get_param('wc_orderid');
$totalzec = $data->get_param('totalzec');
$rate = $data->get_param('rate');
$order = wc_get_order( $orderid );
$sql = $wpdb->prepare('select * from zgo_payments where pmt_wc_order = %s ;', $orderid);
//$sql = "select * from zgo_payments where pmt_wc_order = '" . $orderid . "';";
$result = $wpdb->get_row($sql,OBJECT);
if ( ! is_null($result) ) {
if ( ($token == $this->zgotoken )
&& ( $result->pmt_orderid == $zgoOrderid )
&& ( $result->pmt_wc_paid == '0' ) ) {
switch ( $order->get_status() ) {
case 'pending':
case 'failed':
$order->payment_complete();
$order->reduce_order_stock();
//
// Mark order as completed in ZGo DB
//
//$sql = "update zgo_payments set " .
//"pmt_confirmed='" . date('Y-m-d H:i:s') .
//"', pmt_rate=" . $rate .
//", pmt_zec=" . $totalzec .
//", pmt_wc_paid=1 " .
//" where pmt_wc_order='" . $orderid . "';";
$sql2 = $wpdb->prepare('update zgo_payments set pmt_confirmed = %s, pmt_rate = %f, pmt_zec = %f, pmt_wc_paid = 1 where pmt_wc_order = %s;', date('Y-m-d H:i:s'), $rate, $totalzec, $orderid );
$wpdb->query($sql2);
//update_option('webhook_debug', $_GET);
break;
default:
//$this->console_log('Order ' . $orderid . ' already paid or cancelled...');
return array("message" => 'Order ' . $orderid . ' already paid or cancelled...');
break;
}
} else {
//$this->console_log('Invalid parameters...');
return array("message" => 'Invalid parameters...');
}
} else {
//$this->console_log('Database error...');
return array("message" => 'Database error...');
}
//return array( 'custom' => 'Data', "request" => $data->get_params() );
}
function plugin_register_rest_apis() {
$zgoPlugin = new WC_ZGopmt_Gateway();
$zgoPlugin->register_routes();
}
add_action( 'rest_api_init', 'plugin_register_rest_apis');