Compare commits

...

25 commits

Author SHA1 Message Date
a82ef3c2ca
Version update 2023-10-26 15:09:50 -05:00
23d31d8bec Merge pull request 'Fix Bugs C,D,E from auditing report' (#2) from rev0919 into main
Reviewed-on: #2
2023-10-26 18:57:48 +00:00
ab08d12f2b Fix Bugs C,D,E from auditing report 2023-09-19 16:58:49 -05:00
e7655b2af1
Merge branch 'hotfix1' 2023-07-20 13:51:57 -05:00
9d1d9cc5ae
Fix typo in API call 2023-07-20 13:51:12 -05:00
15584ca7b1
Production release 2023-06-26 10:42:37 -05:00
640911a1e2
Merge branch 'security1' 2023-06-26 10:33:45 -05:00
3dd59c757f
Implement new API callback 2023-06-26 10:09:30 -05:00
53466a6788
Debug callback 2023-06-24 20:54:34 -05:00
46fc016dc7
Format code 2023-06-23 11:49:12 -05:00
1768f700bb
Update ZGo API call to new security parameters 2023-06-23 11:08:17 -05:00
244a2cc80e
Prepare for test server 2023-06-23 10:54:52 -05:00
2e8aaa1f1a
Fix code for deployment 2023-06-23 10:23:52 -05:00
08690a29a5
Remove XSS vulnerabilities 2023-06-23 09:29:08 -05:00
0dd89a0e7f
Harden plugin against SQL injection 2023-06-23 09:09:25 -05:00
c9b077f225
Beta release preparation 2023-01-11 09:45:42 -06:00
60573da2b0 Version 1.0.0 beta - url fixed in process_payment() function 2023-01-10 22:34:53 -05:00
2ae4e3bc4d Version 1.0.0 beta revised version 2023-01-10 22:06:20 -05:00
479390d8ca
Version bump 2023-01-09 09:50:37 -06:00
32f6e3c251 Version 1.0 beta 2023-01-06 16:35:26 -05:00
1a8d06bfcc Add ZGo Pmt Gwy Logo to payments monitor 2023-01-05 22:12:13 -05:00
494b706d4f Add reference text to configuration fields 2023-01-04 15:52:12 -05:00
8b557c1cec Unnecessary files removed from source 2023-01-04 09:22:53 -05:00
059d9f77df
Version bump to 0.9.0 2023-01-03 13:31:42 -06:00
d854778e65
Merge branch 'devjoin' into main 2023-01-03 13:25:17 -06:00
9 changed files with 439 additions and 292 deletions

View file

@ -3,7 +3,29 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased] ## [1.0.2] - 2023-07-20
- Fixed typo in API call
## [1.0.1] - 2023-06-26
- Updates for production release
## [1.0.0] - 2023-06-26
- Security hardening changes to plugin queries.
- Re-design of ZGo API callback to support WooCommerce 7.8.0
## [1.0.0-beta.1] - 2023-01-11
- Adjust production server integration
## [1.0.0-beta] - 2023-01-09
- Production server integration.
- Monitor page look-and-feel enhancements.
## [0.9.0] - 2023-01-03
- Integrate ZGo Payments Monitor - Integrate ZGo Payments Monitor
## [0.8.0] - 2022-12-26 ## [0.8.0] - 2022-12-26

View file

@ -1,4 +1,4 @@
# ZGo Payment Gateway plugin for Woocommerce # ZGo Payment Gateway plugin for WooCommerce
ZGo's payment processing solution for WooCommerce. This plugin implements a payment gateway that allows WooCommerce sellers to accept Zcash as payment while using their existing shop setup. ZGo's payment processing solution for WooCommerce. This plugin implements a payment gateway that allows WooCommerce sellers to accept Zcash as payment while using their existing shop setup.

View file

@ -1,34 +0,0 @@
# Table of Contents
#### What is ZGo Payment Gateway for *WooCommerce*
#### How it Works?
#### System Requirements
#### Installing ZGo Payment Gateway
## What is ZGo Payment Gateway for *WooCommerce*
ZGo Payment Gateway for Woocomerce is a Plugin that allows a WooCommerce based online store, to receive payments using Zcash.
The Plugin connects WooCommerce Online Store with ZGo Backend to provide customers with an easy way to pay using a phone wallet.
## How it Works
The payment flow is showed bellow:
![ZGo PmtService Flow](ZGo_PmtGwy_Flow.png "ZGo PmtService Flow")
Figure 1 ZGo Payment GateWay Flow
The payment flow showed in Figure 1, includes the transaction confirmation and also marking customer's order as paid in WooComerce store database. ZGo Backend monitors the payment transaction and once it detects at least 5 blockchain confirmations, will report this to ZGo Payment Plugin.
## System Requirements
ZGo Business Account
WooComerce Based Online Store
## ZGo Payment Gateway Installation
### Configuring WooCommerce Store

BIN
assets/img/zgowoo-icon.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 9.5 KiB

View file

@ -35,23 +35,25 @@ class zpmt_stats_page {
$wpdb->query($sql); $wpdb->query($sql);
if ( ! $this->pmtLstRdy() ) { if ( ! $this->pmtLstRdy() ) {
// //
// Calculate first time pagination paramters // Calculate first time pagination paramters
// //
$this->_limit = 10; $this->_limit = 10;
$this->_page = 1; $this->_page = 1;
$this->_offset = 0; $this->_offset = 0;
$this->_npages = intdiv($this->_nrows,$this->_limit); $this->_npages = intdiv($this->_nrows,$this->_limit);
if ( $this->_nrows > ($this->_npages*$this->_limit) ) { if ( $this->_nrows > ($this->_npages*$this->_limit) ) {
$this->_npages++; $this->_npages++;
} }
$sql = 'insert into zgo_pmtlst (pg_ix,pg_page,pg_npages,pg_offset,pg_limit) values (1,' . // $sql = 'insert into zgo_pmtlst (pg_ix,pg_page,pg_npages,pg_offset,pg_limit) values (1,' .
$this->_page . ',' . // $this->_page . ',' .
$this->_npages . ',' . // $this->_npages . ',' .
$this->_offset . ',' . // $this->_offset . ',' .
$this->_limit .')'; // $this->_limit .')';
$wpdb->query($sql);
$sql = $wpdb->prepare('insert into zgo_pmtlst (pg_ix,pg_page,pg_npages,pg_offset,pg_limit) values (1,%d,%d,%d,%d);',$this->_page,$this->_npages,$this->_offset,$this->_limit);
$wpdb->query($sql);
} else { } else {
// Load last state // Load last state
$params = $this->pmtLstParams(); $params = $this->pmtLstParams();
@ -67,7 +69,10 @@ class zpmt_stats_page {
if ( $this->_nrows > ($this->_npages*$this->_limit) ) { if ( $this->_nrows > ($this->_npages*$this->_limit) ) {
$this->_npages++; $this->_npages++;
} }
$sql = 'update zgo_pmtlst set pg_npages=' . $this->_npages . ' where pg_ix=1';
// $sql = 'update zgo_pmtlst set pg_npages=' . $this->_npages . ' where pg_ix=1';
$sql = $wpdb->prepare('update zgo_pmtlst set pg_npages=%d where pg_ix=1;',$this->_npages);
$wpdb->query($sql); $wpdb->query($sql);
} }
} }
@ -149,21 +154,36 @@ class zpmt_stats_page {
// //
// Save new list state // Save new list state
// //
$sql = 'update zgo_pmtlst set pg_page=' . $this->_page .
', pg_npages=' . $this->_npages . // $sql = 'update zgo_pmtlst set pg_page=' . $this->_page .
', pg_offset=' . $this->_offset . ' where pg_ix=1;'; // ', pg_npages=' . $this->_npages .
// ', pg_offset=' . $this->_offset . ' where pg_ix=1;';
$sql = $wpdb->prepare('update zgo_pmtlst set pg_page=%d, pg_npages=
%d, pg_offset=%d where pg_ix=1;',$this->_page,$this->_npages,$this->_offset);
$wpdb->query($sql); $wpdb->query($sql);
} }
?> ?>
<div style="margin-top: 20px; <div style="margin-top: 20px;
margin-bottom: 20px;
font-family: Noto Sans; font-family: Noto Sans;
font-size: 30px; font-size: 30px;
font-weight: 900; font-weight: 900;
text-align: center; text-align: center;
color: navy;"> color: navy;">
ZGo Payment Gateway - Received Payments <table>
<tr>
<td>
<img src= <?php echo '"' . get_site_url() . '/wp-content/plugins/zgopmtgwy/assets/img/zgowoo-icon.png"';
?>
style="width:50px;height:50px;">
</td>
<td>
ZGo Payment Gateway - Received Payments
</td>
</tr>
</table>
</div> </div>
<!-- now output table header --> <!-- now output table header -->
<div width="100%" <div width="100%"
@ -221,15 +241,15 @@ class zpmt_stats_page {
font-weight: 600;">'; font-weight: 600;">';
} }
$line++; $line++;
print '<td><a href="https://dev.zgo.cash/invoice/' . $row->pmt_orderid . '" target="_blank">' . $row->pmt_orderid . "</a></td>"; print '<td><a href="https://dev.zgo.cash/invoice/' . htmlentities($row->pmt_orderid, ENT_QUOTES) . '" target="_blank">' . htmlentities($row->pmt_orderid, ENT_QUOTES) . "</a></td>";
print "<td>" . $row->pmt_wc_order . "</td>"; print "<td>" . htmlwntities($row->pmt_wc_order,ENT_QUOTES) . "</td>";
print "<td>" . $row->pmt_wc_custname . "</td>"; print "<td>" . htmlentities($row->pmt_wc_custname, ENT_QUOTES) . "</td>";
print '<td style="text-align:center;">'. $row->pmt_accepted . "</td>"; print '<td style="text-align:center;">'. htmlentities($row->pmt_accepted,ENT_QUOTES) . "</td>";
print '<td style="text-align:center;">'.$row->pmt_confirmed ."</td>"; print '<td style="text-align:center;">'.htmlentities($row->pmt_confirmed,ENT_QUOTES) ."</td>";
print '<td style="text-align:right;">'. number_format($row->pmt_amount,2) . "</td>"; print '<td style="text-align:right;">'. number_format($row->pmt_amount,2) . "</td>";
print '<td style="text-align:right;">'. number_format($row->pmt_rate,2) . "</td>"; print '<td style="text-align:right;">'. number_format($row->pmt_rate,2) . "</td>";
print '<td style="text-align:right;">'. number_format($row->pmt_zec,8) . "</td>"; print '<td style="text-align:right;">'. number_format($row->pmt_zec,8) . "</td>";
print '<td style="text-align:center;">'.$row->pmt_wc_paid ."</td></tr>"; print '<td style="text-align:center;">'. htmlentities($row->pmt_wc_paid,ENT_QUOTES) ."</td></tr>";
} }
?> ?>
</table> </table>
@ -566,8 +586,8 @@ class zpmt_stats_page {
global $wpdb; global $wpdb;
$sql = 'select ifnull(sum(a.pmt_amount),0) as gTotalAmount, ' . $sql = 'select ifnull(sum(a.pmt_amount),0) as gTotalAmount, ' .
'ifnull(count(*),0) as gTotalPmts, ' . 'ifnull(count(*),0) as gTotalPmts, ' .
'ifnull(sum(a.pmt_zec),0) as gTotalZec ' . 'ifnull(sum(a.pmt_zec),0) as gTotalZec ' .
'from zgo_payments a ' . 'from zgo_payments a ' .
'where a.pmt_wc_paid = 1;' ; 'where a.pmt_wc_paid = 1;' ;
$result = $wpdb->get_row($sql,OBJECT); $result = $wpdb->get_row($sql,OBJECT);

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.3 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 18 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 12 KiB

View file

@ -1,35 +1,35 @@
<?php <?php
/** /**
* Plugin Name: ZGo Payment Gateway * Plugin Name: ZGo Payment Gateway
* Plugin URI: https://vergara.tech' * Plugin URI: https://zgo.cash/
* Description: ZGo latest payment processing solution for Woocommerce. Accept payments using Zcash. * Description: ZGo latest payment processing solution for Woocommerce. Accept payments using Zcash.
* Version: 0.9 * Version: 1.1.1
* Requires at least: 5.2 * Requires at least: 5.2
* Requires PHP: 7.2 * Requires PHP: 7.2
* Author: Vergara Tech LLC * Author: Vergara Tech LLC
* Author URI: https://vergara.tech * Author URI: https://zgo.cash/
* License: GPL v2 or later * License: GPL v2 or later
* License URI: https://www.gnu.org/licenses/gpl-2.0.html * License URI: https://www.gnu.org/licenses/gpl-2.0.html
**/ **/
if ( ! defined( 'ABSPATH' ) ) { if ( ! defined( 'ABSPATH' ) ) {
exit; // Exit if accessed directly exit; // Exit if accessed directly
} }
if ( ! in_array( 'woocommerce/woocommerce.php', if ( ! in_array( 'woocommerce/woocommerce.php',
apply_filters('active_plugins', apply_filters('active_plugins',
get_option('active_plugins') ) ) ) { get_option('active_plugins') ) ) ) {
return; return;
} }
add_action( 'plugins_loaded', 'zgopmt_init' ); add_action( 'plugins_loaded', 'zgopmt_init' );
function zgopmt_init() { function zgopmt_init() {
if ( ! class_exists( 'WC_Payment_Gateway' ) ) { if ( ! class_exists( 'WC_Payment_Gateway' ) ) {
return; return;
} }
class WC_ZGopmt_Gateway extends WC_Payment_Gateway { class WC_ZGopmt_Gateway extends WC_Payment_Gateway {
@ -37,20 +37,20 @@ function zgopmt_init() {
public $zgoownerid; public $zgoownerid;
public $zgotoken; public $zgotoken;
public $siteURL; public $siteURL;
public $zpmtdb; public $zpmtdb;
/** /**
* Constructor for the gateway. * Constructor for the gateway.
*/ */
public function __construct() { public function __construct() {
global $wpdb; global $wpdb;
// //
// Create payments table in WordPress database // Create payments table in WordPress database
// //
$sql = 'create table if not exists zgo_payments (' . $sql = 'create table if not exists zgo_payments (' .
'pmt_orderid varchar(64),' . 'pmt_orderid varchar(64),' .
'pmt_wc_order varchar(20),' . 'pmt_wc_order varchar(20),' .
'pmt_wc_custname varchar(100),' . 'pmt_wc_custname varchar(100),' .
'pmt_accepted varchar(30),' . 'pmt_accepted varchar(30),' .
'pmt_confirmed varchar(30),' . 'pmt_confirmed varchar(30),' .
@ -59,10 +59,10 @@ function zgopmt_init() {
'pmt_zec double (12,8) not null default 0.0,' . 'pmt_zec double (12,8) not null default 0.0,' .
'pmt_wc_paid int not null default 0,' . 'pmt_wc_paid int not null default 0,' .
'unique pmt_orderix (pmt_orderid, pmt_wc_order) )'; 'unique pmt_orderix (pmt_orderid, pmt_wc_order) )';
$wpdb->query($sql); $wpdb->query($sql);
$iconurl = plugin_dir_url( __FILE__ ) . $iconurl = plugin_dir_url( __FILE__ ) .
'assets/img/zgo-icon-full_6pct.png'; 'assets/img/zgo-icon-full_6pct.png';
$this->siteURL = get_site_url(); $this->siteURL = get_site_url();
@ -72,9 +72,9 @@ function zgopmt_init() {
$this->icon = $iconurl; $this->icon = $iconurl;
$this->has_fields = false; $this->has_fields = false;
$this->method_title = __('ZGo Payment', $this->method_title = __('ZGo Payment',
$this->domain); $this->domain);
$this->method_description = __('ZGo Payment - Accept payments using Zcash.', $this->domain); $this->method_description = __('ZGo Payment - Accept payments using Zcash.', $this->domain);
// Load the settings. // Load the settings.
$this->init_form_fields(); $this->init_form_fields();
$this->init_settings(); $this->init_settings();
@ -86,275 +86,350 @@ function zgopmt_init() {
// Actions // Actions
add_action('woocommerce_update_options_payment_gateways_' . add_action('woocommerce_update_options_payment_gateways_' .
$this->id, $this->id,
array( $this, 'process_admin_options' ) ); array( $this, 'process_admin_options' ) );
add_action( 'woocommerce_thankyou_' . $this->id, array( $this, 'thankyou_page' ) ); add_action( 'woocommerce_thankyou_' . $this->id, array( $this, 'thankyou_page' ) );
if ( ! $this->is_valid_for_use() ) if ( ! $this->is_valid_for_use() )
$this->enabled = false; $this->enabled = false;
/** /**
* Add the webhook for payment confirmation from ZGo * Add the webhook for payment confirmation from ZGo
*/ */
add_action( 'woocommerce_api_zpmtcallback', array($this,'zconfirm')); //add_action( 'woocommerce_api_zpmtcallback', array($this,'zconfirm'));
} }
public function register_routes() {
register_rest_route( 'wc/v3', 'zgocallback', array(
'methods' => 'GET',
'callback' => array($this,'zgoapicallback')));
}
public function init_form_fields() { public function init_form_fields() {
$this->form_fields = apply_filters( $this->form_fields = apply_filters(
'woo_zgopmtsrv_fields', array( 'woo_zgopmtsrv_fields', array(
'enabled' => array( 'enabled' => array(
'title' => __('Enable/Disable', 'title' => __('Enable/Disable',
$this->domain ), $this->domain ),
'type' => 'checkbox', 'type' => 'checkbox',
'label' => __('Enable payments with Zcash', $this->domain ), 'label' => __('Enable payments with Zcash', $this->domain ),
'default' => 'yes' 'default' => 'yes'
), ),
'title' => array( 'title' => array(
'title' => __( 'ZGo Payment Service title', 'title' => __( 'ZGo Payment Service title',
$this->domain ), $this->domain ),
'type' => 'text', 'type' => 'text',
'default' => __( 'ZGo Payment Gateway', 'default' => __( 'ZGo Payment Gateway',
$this->domain ), $this->domain ),
'desc_tip' => true, 'desc_tip' => true,
'description' => __( 'Add a new title for the ZGo Payment Service that your customers will see when they are in the checkout page', 'description' => __( 'Add a new title for the ZGo Payment Service that your customers will see when they are in the checkout page',
$this->domain ), $this->domain ),
), ),
'description' => array( 'description' => array(
'title' => __( 'ZGo Payment Service Confirmation', 'title' => __( 'ZGo Payment Service Confirmation',
$this->domain ), $this->domain ),
'type' => 'textarea', 'type' => 'textarea',
'default' => __( '<b>Pay with Zcash</b>, ZGo will report your payment as soon as it gets confirmed. Normally it takes about 5 minutes.<br> <a href="https://zgo.cash" target="_blank">Read more...</a>', 'default' => __( '<b>Pay with Zcash</b>, ZGo will report your payment as soon as it gets confirmed. Normally it takes about 5 minutes.<br> <a href="https://zgo.cash" target="_blank">Read more...</a>',
$this->domain ), $this->domain ),
'desc_tip' => true, 'desc_tip' => true,
'description' => __('Payment confirmation description that the customer will see on your checkout.', 'description' => __('Payment confirmation description that the customer will see on your checkout.',
$this->domain ), $this->domain ),
), ),
'instructions' => array( 'instructions' => array(
'title' => __('Instructions', 'title' => __('Instructions',
$this->domain ), $this->domain ),
'type' => 'textarea', 'type' => 'textarea',
'default' => __('Default instrctions', 'default' => __('Default instrctions',
$this->domain ), $this->domain ),
'desc_tip' => true, 'desc_tip' => true,
'description' => __('Instruction that will be added to the Thank You page and order email', 'description' => __('Instruction that will be added to the Thank You page and order email',
$this->domain ), $this->domain ),
), ),
'zgoownerid' => array( 'zgoownerid' => array(
'title' => __( 'ZGo OwnerId', 'title' => __( 'ZGo OwnerId',
$this->domain ), $this->domain ),
'type' => 'text', 'type' => 'text',
'default' => __( ' ', 'default' => __( 'Replace this text with your ZGo Owner ID ',
$this->domain ), $this->domain ),
'desc_tip' => true, 'desc_tip' => true,
'description' => __( 'Type or paste your ZGo Account Owner Id (Found in your ZGo Shop Settings)', 'description' => __( 'Type or paste your ZGo Account Owner Id (Found in your ZGo Shop Settings)',
$this->domain ), $this->domain ),
), ),
'zgotoken' => array( 'zgotoken' => array(
'title' => __( 'ZGo Token', 'title' => __( 'ZGo Token',
$this->domain ), $this->domain ),
'type' => 'text', 'type' => 'text',
'default' => __( ' ', 'default' => __( 'Replace this text with your ZGo Token',
$this->domain ), $this->domain ),
'desc_tip' => true, 'desc_tip' => true,
'description' => __( 'Type or paste your ZGo Token (Found in your ZGo Shop Settings)', 'description' => __( 'Type or paste your ZGo Token (Found in your ZGo Shop Settings)',
$this->domain ), $this->domain ),
), ),
) )
); );
} }
/* /*
* Check if configuration is valid * Check if configuration is valid
*/ */
public function is_valid_for_use() { public function is_valid_for_use() {
$isvalid = false;
if ( isset($this->zgoownerid) && $isvalid = false;
($this->zgoownerid !== '') ) {
$url = 'https://test.zgo.cash/auth?ownerid=' . if ( isset($this->zgoownerid) &&
$this->zgoownerid . '&token=' . ($this->zgoownerid !== '') ) {
$this->zgotoken . '&siteurl=' .
$this->base64url_encode($this->siteURL); $url = 'https://api.zgo.cash/auth?ownerid=' .
$this->zgoownerid . '&token=' .
$this->zgotoken . '&siteurl=' .
$this->base64url_encode($this->siteURL);
$response = wp_remote_get($url); $response = wp_remote_get($url);
$httpcode = wp_remote_retrieve_response_code( $response );
switch ( $httpcode ) { $httpcode = wp_remote_retrieve_response_code( $response );
switch ( $httpcode ) {
case 200: case 200:
$body = wp_remote_retrieve_body( $response ); $body = wp_remote_retrieve_body( $response );
$oid = json_decode($body); $oid = json_decode($body);
$isvalid = $oid->{'authorized'}; $isvalid = $oid->{'authorized'};
break; break;
case 202: case 202:
$body = wp_remote_retrieve_body($response ); $body = wp_remote_retrieve_body($response );
$oid = json_decode($body); $oid = json_decode($body);
break; break;
default: default:
break; break;
} }
} }
return $isvalid; return $isvalid;
} }
/* /*
* Process Payment * Process Payment
*/ */
public function process_payment( $order_id ) { public function process_payment( $order_id ) {
global $wpdb; global $wpdb;
$order = wc_get_order( $order_id ); $order = wc_get_order( $order_id );
// $wc_order = wc_get_product($order_id); // $wc_order = wc_get_product($order_id);
$wc_order_key = $order->get_order_key(); $wc_order_key = $order->get_order_key();
$url = 'https://test.zgo.cash/woopayment' . $url = 'https://api.zgo.cash/woopayment' .
'?ownerid=' . $this->zgoownerid . '?ownerid=' . $this->zgoownerid .
'&token=' . $this->zgotoken . '&token=' . $this->zgotoken .
'&order_id=' . $order_id . '&order_id=' . $order_id .
'&currency=' . strtolower($order->get_currency()) . '&currency=' . strtolower($order->get_currency()) .
'&amount=' . $order->get_total() . '&amount=' . $order->get_total() .
'&date=' . date_format($order->get_date_created(),'Y-m-d') . '&date=' . date_format($order->get_date_created(),'Y-m-d') .
'&siteurl=' . $this->base64url_encode($this->siteURL) . '&siteurl=' . $this->base64url_encode($this->siteURL) .
'&orderkey=' . $wc_order_key; '&orderkey=' . $wc_order_key;
//'&orderkey=' . ; //'&orderkey=' . ;
$response = wp_remote_get($url); $response = wp_remote_get($url);
$httpcode = wp_remote_retrieve_response_code( $response ); $httpcode = wp_remote_retrieve_response_code( $response );
switch ( $httpcode ) { switch ( $httpcode ) {
case 200: case 200:
wc_add_notice( 'Order on hold, please wait for confirmation'); wc_add_notice( 'Order on hold, please wait for confirmation');
$order->update_status('on_hold',__('Awaiting payment confirmation','woocommerce')); $order->update_status('on_hold',__('Awaiting payment confirmation','woocommerce'));
$body = wp_remote_retrieve_body( $response ); $body = wp_remote_retrieve_body( $response );
$oid = json_decode($body); $oid = json_decode($body);
$zgoOrderid = $oid->{'order'}; $zgoOrderid = $oid->{'order'};
// $zgoOrderToken = $oid->{'token'};
// Save ZGo Order ID and Cart order //
// // Save ZGo Order ID and Cart order
$sql = "replace into zgo_payments (" . //
"pmt_orderid," . $sql3 = $wpdb->prepare('replace into zgo_payments (pmt_orderid, pmt_wc_order, pmt_wc_custname, pmt_accepted, pmt_confirmed, pmt_amount, pmt_rate, pmt_zec, pmt_wc_paid) values (%s, %s, %s, %s, %s, %f, 0, 0, 0);',
"pmt_wc_order," . $zgoOrderid, $order_id, $order->get_billing_first_name() . ' ' . $order->get_billing_last_name(), date('Y-m-d H:i:s'), '', $order->get_total());
"pmt_wc_custname," . //$sql = "replace into zgo_payments (" .
"pmt_accepted," . //"pmt_orderid," .
"pmt_confirmed," . //"pmt_wc_order," .
"pmt_amount," . //"pmt_wc_custname," .
"pmt_rate," . //"pmt_accepted," .
"pmt_zec," . //"pmt_confirmed," .
"pmt_wc_paid) values ('" . //"pmt_amount," .
$zgoOrderid . "','" . //"pmt_rate," .
$order_id . "','" . //"pmt_zec," .
$order->get_billing_first_name() . " " . //"pmt_wc_paid) values ('" .
$order->get_billing_last_name() . "','" . //$zgoOrderid . "','" .
date('Y-m-d H:i:s') . "','',". //$order_id . "','" .
$order->get_total() . //$order->get_billing_first_name() . " " .
",0,0,0)"; //$order->get_billing_last_name() . "','" .
$wpdb->query($sql); //date('Y-m-d H:i:s') . "','',".
//$order->get_total() .
//",0,0,0)";
$wpdb->query($sql3);
// Remove cart. // Remove cart.
WC()->cart->empty_cart(); WC()->cart->empty_cart();
return array( return array(
'result' => 'success', 'result' => 'success',
'redirect' => 'https://dev.zgo.cash/invoice/' . $zgoOrderid, 'redirect' => 'https://app.zgo.cash/invoice/' . $zgoOrderid . '?token=' . $zgoOrderToken,
); );
break; break;
case 202: case 202:
$body = wp_remote_retrieve_body( $response ); $body = wp_remote_retrieve_body( $response );
$msg = json_decode($body); $msg = json_decode($body);
$order->update_status('failed',__('Order ' . $order_id . ' -> ZGo Order Generation Error : ' . $msg->{'message'},'woocommerce')); $order->update_status('failed',__('Order ' . $order_id . ' -> ZGo Order Generation Error : ' . $msg->{'message'},'woocommerce'));
break; break;
default: default:
return; return;
} }
} }
/** /**
* Confirm payment and complete order * Confirm payment and complete order
*/ */
public function zconfirm() { //public function zconfirm() {
global $wpdb; //global $wpdb;
$token = $_GET['token'];
$zgoOrderid = $_GET['orderid'];
$orderid = $_GET['wc_orderid'];
$totalzec = $_GET['totalzec'];
$rate = $_GET['rate'];
$order = wc_get_order( $orderid );
$sql = "select * from zgo_payments where pmt_wc_order = '" . $orderid . "';"; //$token = $_GET['token'];
$result = $wpdb->get_row($sql,OBJECT); //$zgoOrderid = $_GET['orderid'];
if ( ! is_null($result) ) { //$orderid = $_GET['wc_orderid'];
//$totalzec = $_GET['totalzec'];
//$rate = $_GET['rate'];
//$order = wc_get_order( $orderid );
if ( ( $token == $this->zgotoken ) //$sql = $wpdb->prepare('select * from zgo_payments where pmt_wc_order = %s ;', $orderid);
&& ( $result->pmt_orderid == $zgoOrderid ) ////$sql = "select * from zgo_payments where pmt_wc_order = '" . $orderid . "';";
&& ( $result->pmt_wc_paid == '0' ) ) { //$result = $wpdb->get_row($sql,OBJECT);
switch ( $order->get_status() ) { //if ( ! is_null($result) ) {
case 'pending':
case 'failed':
$order->payment_complete();
$order->reduce_order_stock();
//
// Mark order as completed in ZGo DB
//
$sql = "update zgo_payments set " .
"pmt_confirmed='" . date('Y-m-d H:i:s') .
"', pmt_rate=" . $rate .
", pmt_zec=" . $totalzec .
", pmt_wc_paid=1 " .
" where pmt_wc_order='" . $orderid . "';";
$wpdb->query($sql);
update_option('webhook_debug', $_GET); //if ( ($token == $this->zgotoken )
break; //&& ( $result->pmt_orderid == $zgoOrderid )
default: //&& ( $result->pmt_wc_paid == '0' ) ) {
// $this->console_log('Order ' . $orderid . ' already paid or cancelled...'); //switch ( $order->get_status() ) {
break; //case 'pending':
} //case 'failed':
} else { //$order->payment_complete();
// $this->console_log('Invalid parameters...'); //$order->reduce_order_stock();
} ////
} else { //// Mark order as completed in ZGo DB
// $this->console_log('Database error...'); ////
} ////$sql = "update zgo_payments set " .
} ////"pmt_confirmed='" . date('Y-m-d H:i:s') .
////"', pmt_rate=" . $rate .
////", pmt_zec=" . $totalzec .
////", pmt_wc_paid=1 " .
////" where pmt_wc_order='" . $orderid . "';";
//$sql2 = $wpdb->prepare('update zgo_payments set pmt_confirmed = %s, pmt_rate = %f, pmt_zec = %f, pmt_wc_paid = 1 where pmt_wc_order = %s;', date('Y-m-d H:i:s'), $rate, $totalzec, $orderid );
//$wpdb->query($sql2);
//update_option('webhook_debug', $_GET);
//break;
//default:
////$this->console_log('Order ' . $orderid . ' already paid or cancelled...');
//return array("message" => 'Order ' . $orderid . ' already paid or cancelled...');
//break;
//}
//} else {
////$this->console_log('Invalid parameters...');
//return array("message" => 'Invalid parameters...');
//}
//} else {
////$this->console_log('Database error...');
//return array("message" => 'Database error...');
//}
//}
public function thankyou_page () { public function thankyou_page () {
if ( $description = $this->get_description() ) { if ( $description = $this->get_description() ) {
echo wpautop( wptexturize( $description ) ); echo wpautop( wptexturize( $description ) );
} }
} }
public function console_log($data) { public function console_log($data) {
$file = plugin_dir_path( __DIR__ ) . '/zgopmtgwy/assets/log/console.log'; $file = plugin_dir_path( __DIR__ ) . '/zgopmtgwy/assets/log/console.log';
file_put_contents($file, $data . chr(0x0D) . chr(0x0A), FILE_TEXT | FILE_APPEND | LOCK_EX ); file_put_contents($file, $data . chr(0x0D) . chr(0x0A), FILE_TEXT | FILE_APPEND | LOCK_EX );
} }
public function base64url_encode($data) { public function base64url_encode($data) {
$edata = str_replace('=','',strtr(base64_encode($data), '+/', '-_')); $edata = str_replace('=','',strtr(base64_encode($data), '+/', '-_'));
return $edata; return $edata;
} }
} public function zgoapicallback($request) {
global $wpdb;
//$token = $_GET['token'];
//$zgoOrderid = $_GET['orderid'];
//$orderid = $_GET['wc_orderid'];
//$totalzec = $_GET['totalzec'];
//$rate = $_GET['rate'];
$token = $request->get_param('token');
$zgoOrderid = $request->get_param('orderid');
$orderid = $request->get_param('wc_orderid');
$totalzec = $request->get_param('totalzec');
$rate = $request->get_param('rate');
$order = wc_get_order( $orderid );
$sql = $wpdb->prepare('select * from zgo_payments where pmt_wc_order = %s ;', $orderid);
//$sql = "select * from zgo_payments where pmt_wc_order = '" . $orderid . "';";
$result = $wpdb->get_row($sql,OBJECT);
if ( ! is_null($result) ) {
if ( (hash('sha256',$token) == hash('sha256',$this->zgotoken) )
&& ( $result->pmt_orderid == $zgoOrderid )
&& ( $result->pmt_wc_paid == '0' ) ) {
switch ( $order->get_status() ) {
case 'pending':
case 'failed':
$order->payment_complete();
$order->reduce_order_stock();
//
// Mark order as completed in ZGo DB
//
//$sql = "update zgo_payments set " .
//"pmt_confirmed='" . date('Y-m-d H:i:s') .
//"', pmt_rate=" . $rate .
//", pmt_zec=" . $totalzec .
//", pmt_wc_paid=1 " .
//" where pmt_wc_order='" . $orderid . "';";
$sql2 = $wpdb->prepare('update zgo_payments set pmt_confirmed = %s, pmt_rate = %f, pmt_zec = %f, pmt_wc_paid = 1 where pmt_wc_order = %s;', date('Y-m-d H:i:s'), $rate, $totalzec, $orderid );
$wpdb->query($sql2);
//update_option('webhook_debug', $_GET);
return array('message' => 'Order '. $orderid . ' mark as paid correctly.');
break;
default:
//$this->console_log('Order ' . $orderid . ' already paid or cancelled...');
return array("message" => 'Order ' . $orderid . ' already paid or cancelled...');
break;
}
} else {
//$this->console_log('Invalid parameters...');
return array("message" => 'Invalid parameters...');
}
} else {
//$this->console_log('Database error...');
return array("message" => 'Database error...');
}
//return array( 'custom' => 'Data', "request" => $data->get_params() );
}
}
add_filter( 'woocommerce_payment_gateways', add_filter( 'woocommerce_payment_gateways',
'add_custom_gateway_class' ); 'add_custom_gateway_class' );
function add_custom_gateway_class( $methods ) { function add_custom_gateway_class( $methods ) {
if ( ! in_array('WC_ZGopmt_Gateway', $methods) ) { if ( ! in_array('WC_ZGopmt_Gateway', $methods) ) {
$methods[] = 'WC_ZGopmt_Gateway'; $methods[] = 'WC_ZGopmt_Gateway';
} }
return $methods; return $methods;
} }
} }
@ -366,8 +441,72 @@ foreach ( glob( plugin_dir_path( __FILE__ ) . 'assets/php/*.php' ) as $file ) {
add_action( 'plugins_loaded', 'zgopmtlist_plugin' ); add_action( 'plugins_loaded', 'zgopmtlist_plugin' );
function zgopmtlist_plugin() { function zgopmtlist_plugin() {
$path = plugin_dir_path( __FILE__ ); $path = plugin_dir_path( __FILE__ );
$plugin = new zpmt_stats( new zpmt_stats_page($path) ); $plugin = new zpmt_stats( new zpmt_stats_page($path) );
$plugin->init(); $plugin->init();
} }
function get_custom($data) {
global $wpdb;
//$token = $_GET['token'];
//$zgoOrderid = $_GET['orderid'];
//$orderid = $_GET['wc_orderid'];
//$totalzec = $_GET['totalzec'];
//$rate = $_GET['rate'];
$token = $data->get_param('token');
$zgoOrderid = $data->get_param('orderid');
$orderid = $data->get_param('wc_orderid');
$totalzec = $data->get_param('totalzec');
$rate = $data->get_param('rate');
$order = wc_get_order( $orderid );
$sql = $wpdb->prepare('select * from zgo_payments where pmt_wc_order = %s ;', $orderid);
//$sql = "select * from zgo_payments where pmt_wc_order = '" . $orderid . "';";
$result = $wpdb->get_row($sql,OBJECT);
if ( ! is_null($result) ) {
if ( ($token == $this->zgotoken )
&& ( $result->pmt_orderid == $zgoOrderid )
&& ( $result->pmt_wc_paid == '0' ) ) {
switch ( $order->get_status() ) {
case 'pending':
case 'failed':
$order->payment_complete();
$order->reduce_order_stock();
//
// Mark order as completed in ZGo DB
//
//$sql = "update zgo_payments set " .
//"pmt_confirmed='" . date('Y-m-d H:i:s') .
//"', pmt_rate=" . $rate .
//", pmt_zec=" . $totalzec .
//", pmt_wc_paid=1 " .
//" where pmt_wc_order='" . $orderid . "';";
$sql2 = $wpdb->prepare('update zgo_payments set pmt_confirmed = %s, pmt_rate = %f, pmt_zec = %f, pmt_wc_paid = 1 where pmt_wc_order = %s;', date('Y-m-d H:i:s'), $rate, $totalzec, $orderid );
$wpdb->query($sql2);
//update_option('webhook_debug', $_GET);
break;
default:
//$this->console_log('Order ' . $orderid . ' already paid or cancelled...');
return array("message" => 'Order ' . $orderid . ' already paid or cancelled...');
break;
}
} else {
//$this->console_log('Invalid parameters...');
return array("message" => 'Invalid parameters...');
}
} else {
//$this->console_log('Database error...');
return array("message" => 'Database error...');
}
//return array( 'custom' => 'Data', "request" => $data->get_params() );
}
function plugin_register_rest_apis() {
$zgoPlugin = new WC_ZGopmt_Gateway();
$zgoPlugin->register_routes();
}
add_action( 'rest_api_init', 'plugin_register_rest_apis');