2017-04-23 02:44:38 +02:00
< ? php
/* Copyright ( C ) 2001 - 2002 Rodolphe Quiedeville < rodolphe @ quiedeville . org >
* Copyright ( C ) 2006 - 2013 Laurent Destailleur < eldy @ users . sourceforge . net >
2018-10-27 14:43:12 +02:00
* Copyright ( C ) 2012 Regis Houssin < regis . houssin @ inodbox . com >
2025-01-09 18:10:18 +01:00
* Copyright ( C ) 2024 - 2025 Frédéric France < frederic . france @ free . fr >
2025-02-11 22:06:34 +01:00
* Copyright ( C ) 2024 - 2025 MDW < mdeweerd @ users . noreply . github . com >
2017-04-23 02:44:38 +02:00
*
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation ; either version 3 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
2019-09-23 21:55:30 +02:00
* along with this program . If not , see < https :// www . gnu . org / licenses />.
2017-04-23 02:44:38 +02:00
*/
/**
* \file htdocs / public / payment / paymentko . php
* \ingroup core
* \brief File to show page after a failed payment .
* This page is called by payment system with url provided to it competed with parameter TOKEN = xxx
2024-01-12 17:55:52 +01:00
* This token can be used to get more information .
2017-04-23 02:44:38 +02:00
*/
2021-02-26 18:58:34 +01:00
if ( ! defined ( 'NOLOGIN' )) {
define ( " NOLOGIN " , 1 ); // This means this output page does not require to be logged.
}
if ( ! defined ( 'NOCSRFCHECK' )) {
define ( " NOCSRFCHECK " , 1 ); // We accept to go on this page from external web site.
}
if ( ! defined ( 'NOIPCHECK' )) {
define ( 'NOIPCHECK' , '1' ); // Do not check IP defined into conf $dolibarr_main_restrict_ip
}
if ( ! defined ( 'NOBROWSERNOTIF' )) {
define ( 'NOBROWSERNOTIF' , '1' );
}
2017-04-23 02:44:38 +02:00
2025-01-08 18:47:31 +01:00
if ( ! defined ( 'XFRAMEOPTIONS_ALLOWALL' )) {
2025-01-21 00:33:58 +01:00
define ( 'XFRAMEOPTIONS_ALLOWALL' , '1' );
2025-01-08 18:47:31 +01:00
}
2017-04-23 02:44:38 +02:00
// For MultiCompany module.
2021-01-21 11:50:15 +01:00
// Do not use GETPOST here, function is not defined and this test must be done before including main.inc.php
2024-03-28 20:19:28 +01:00
// Because 2 entities can have the same ref.
2019-11-13 19:37:08 +01:00
$entity = ( ! empty ( $_GET [ 'e' ]) ? ( int ) $_GET [ 'e' ] : ( ! empty ( $_POST [ 'e' ]) ? ( int ) $_POST [ 'e' ] : 1 ));
2021-02-26 18:58:34 +01:00
if ( is_numeric ( $entity )) {
define ( " DOLENTITY " , $entity );
}
2017-04-23 02:44:38 +02:00
2024-03-24 21:37:26 +01:00
'@phan-var-force CommonObject $object' ;
2022-09-07 20:08:59 +02:00
// Load Dolibarr environment
2017-04-23 02:44:38 +02:00
require '../../main.inc.php' ;
require_once DOL_DOCUMENT_ROOT . '/core/lib/company.lib.php' ;
2017-05-13 14:03:09 +02:00
require_once DOL_DOCUMENT_ROOT . '/core/lib/payments.lib.php' ;
2022-09-25 21:59:46 +02:00
if ( isModEnabled ( 'paypal' )) {
2017-04-23 02:44:38 +02:00
require_once DOL_DOCUMENT_ROOT . '/paypal/lib/paypal.lib.php' ;
require_once DOL_DOCUMENT_ROOT . '/paypal/lib/paypalfunctions.lib.php' ;
}
2024-11-04 23:53:20 +01:00
/**
* @ var Conf $conf
* @ var DoliDB $db
* @ var HookManager $hookmanager
* @ var Societe $mysoc
* @ var Translate $langs
*
* @ var string $dolibarr_main_url_root
*/
2025-02-06 10:48:01 +01:00
// Hook to be used by external payment modules (ie Payzen, ...)
$hookmanager = new HookManager ( $db );
$hookmanager -> initHooks ( array ( 'newpayment' ));
2018-10-01 08:22:23 +02:00
$langs -> loadLangs ( array ( " main " , " other " , " dict " , " bills " , " companies " , " paybox " , " paypal " , " stripe " ));
2025-02-06 10:48:01 +01:00
2024-12-11 20:07:27 +01:00
$PAYPALTOKEN = " " ;
$PAYPALPAYERID = " " ;
2022-09-25 21:59:46 +02:00
if ( isModEnabled ( 'paypal' )) {
2020-09-07 10:18:17 +02:00
$PAYPALTOKEN = GETPOST ( 'TOKEN' );
2021-02-26 18:58:34 +01:00
if ( empty ( $PAYPALTOKEN )) {
$PAYPALTOKEN = GETPOST ( 'token' );
}
2020-09-07 10:18:17 +02:00
$PAYPALPAYERID = GETPOST ( 'PAYERID' );
2021-02-26 18:58:34 +01:00
if ( empty ( $PAYPALPAYERID )) {
$PAYPALPAYERID = GETPOST ( 'PayerID' );
}
2017-05-14 16:17:00 +02:00
}
2025-02-11 22:06:34 +01:00
/*
2022-09-25 21:59:46 +02:00
if ( isModEnabled ( 'paybox' )) {
2017-08-31 02:34:07 +02:00
}
2022-09-25 21:59:46 +02:00
if ( isModEnabled ( 'stripe' )) {
2017-08-31 02:34:07 +02:00
}
2025-02-11 22:06:34 +01:00
*/
2017-05-14 16:17:00 +02:00
2019-11-13 19:37:08 +01:00
$FULLTAG = GETPOST ( 'FULLTAG' );
2021-02-26 18:58:34 +01:00
if ( empty ( $FULLTAG )) {
$FULLTAG = GETPOST ( 'fulltag' );
}
2017-04-23 02:44:38 +02:00
2019-11-13 19:37:08 +01:00
$suffix = GETPOST ( " suffix " , 'aZ09' );
2017-09-01 18:49:55 +02:00
2017-05-14 16:17:00 +02:00
// Detect $paymentmethod
2019-11-13 19:37:08 +01:00
$paymentmethod = '' ;
2020-03-13 03:28:13 +01:00
$reg = array ();
2021-02-26 18:58:34 +01:00
if ( preg_match ( '/PM=([^\.]+)/' , $FULLTAG , $reg )) {
2020-09-07 10:18:17 +02:00
$paymentmethod = $reg [ 1 ];
2017-05-14 16:17:00 +02:00
}
2021-02-26 18:58:34 +01:00
if ( empty ( $paymentmethod )) {
2023-05-11 02:04:25 +02:00
dol_print_error ( null , 'The back url does not contain a parameter fulltag that should help us to find the payment method used' );
2020-09-07 10:18:17 +02:00
exit ;
2020-05-21 15:05:19 +02:00
} else {
2020-09-07 10:18:17 +02:00
dol_syslog ( " paymentmethod= " . $paymentmethod );
2017-05-14 16:17:00 +02:00
}
2024-04-28 17:47:49 +02:00
// Detect $ws
2024-12-27 15:27:11 +01:00
$reg_ws = array ();
2024-04-28 17:47:49 +02:00
$ws = preg_match ( '/WS=([^\.]+)/' , $FULLTAG , $reg_ws ) ? $reg_ws [ 1 ] : 0 ;
if ( $ws ) {
dol_syslog ( " Paymentko.php page is invoked from a website with ref " . $ws . " . It performs actions and then redirects back to this website. A page with ref paymentko must be created for this website. " , LOG_DEBUG , 0 , '_payment' );
}
2017-05-14 16:17:00 +02:00
2024-06-17 16:23:36 +02:00
$validpaymentmethod = getValidOnlinePaymentMethods ( $paymentmethod );
2017-04-23 02:44:38 +02:00
// Security check
2021-02-26 18:58:34 +01:00
if ( empty ( $validpaymentmethod )) {
2022-09-09 13:58:54 +02:00
httponly_accessforbidden ( 'No valid payment mode' );
2021-02-26 18:58:34 +01:00
}
2017-04-23 02:44:38 +02:00
2019-11-13 19:37:08 +01:00
$object = new stdClass (); // For triggers
2024-11-04 23:53:20 +01:00
/** @var CommonObject $object */
2017-05-13 21:10:56 +02:00
2025-01-23 19:36:18 +01:00
$error = 0 ;
// Check if we have redirtodomain to do.
$ws_virtuelhost = null ;
$doactionsthenredirect = 0 ;
if ( $ws ) {
$doactionsthenredirect = 1 ;
include_once DOL_DOCUMENT_ROOT . '/website/class/website.class.php' ;
$website = new Website ( $db );
$result = $website -> fetch ( 0 , $ws );
if ( $result > 0 ) {
$ws_virtuelhost = $website -> virtualhost ;
}
}
2017-04-23 02:44:38 +02:00
/*
* Actions
*/
2024-03-20 17:45:49 +01:00
// None
2017-04-23 02:44:38 +02:00
/*
* View
*/
2019-11-13 19:37:08 +01:00
dol_syslog ( " Callback url when an online payment is refused or canceled. query_string= " . ( empty ( $_SERVER [ " QUERY_STRING " ]) ? '' : $_SERVER [ " QUERY_STRING " ]) . " script_uri= " . ( empty ( $_SERVER [ " SCRIPT_URI " ]) ? '' : $_SERVER [ " SCRIPT_URI " ]), LOG_DEBUG , 0 , '_payment' );
2017-04-23 02:44:38 +02:00
$tracepost = " " ;
2021-02-26 18:58:34 +01:00
foreach ( $_POST as $k => $v ) {
2023-03-31 12:10:48 +02:00
if ( is_scalar ( $k ) && is_scalar ( $v )) {
2023-05-01 14:33:08 +02:00
$tracepost .= " $k - $v\n " ;
2023-03-31 12:10:48 +02:00
}
2021-02-26 18:58:34 +01:00
}
2017-04-23 02:44:38 +02:00
dol_syslog ( " POST= " . $tracepost , LOG_DEBUG , 0 , '_payment' );
2022-10-18 23:31:32 +02:00
// Set $appli for emails title
$appli = $mysoc -> name ;
2024-11-04 23:53:20 +01:00
$error = 0 ;
2025-02-11 22:06:34 +01:00
$FinalPaymentAmt = 0 ;
2022-10-18 23:31:32 +02:00
2021-02-26 18:58:34 +01:00
if ( ! empty ( $_SESSION [ 'ipaddress' ])) { // To avoid to make action twice
2020-09-07 10:18:17 +02:00
// Get on url call
$fulltag = $FULLTAG ;
$onlinetoken = empty ( $PAYPALTOKEN ) ? $_SESSION [ 'onlinetoken' ] : $PAYPALTOKEN ;
$payerID = empty ( $PAYPALPAYERID ) ? $_SESSION [ 'payerID' ] : $PAYPALPAYERID ;
// Set by newpayment.php
$paymentType = $_SESSION [ 'PaymentType' ];
$currencyCodeType = $_SESSION [ 'currencyCodeType' ];
$FinalPaymentAmt = $_SESSION [ 'FinalPaymentAmt' ];
// From env
$ipaddress = $_SESSION [ 'ipaddress' ];
$errormessage = $_SESSION [ 'errormessage' ];
if ( is_object ( $object ) && method_exists ( $object , 'call_trigger' )) {
2024-08-19 02:05:27 +02:00
// Call trigger @phan-suppress-next-line PhanUndeclaredMethod
2020-09-07 10:18:17 +02:00
$result = $object -> call_trigger ( 'PAYMENTONLINE_PAYMENT_KO' , $user );
2021-02-26 18:58:34 +01:00
if ( $result < 0 ) {
$error ++ ;
}
2020-09-07 10:18:17 +02:00
// End call triggers
}
// Send an email
2024-03-20 17:45:49 +01:00
$sendemail = getDolGlobalString ( 'ONLINE_PAYMENT_SENDEMAIL' );
2020-09-07 10:18:17 +02:00
// Send warning of error to administrator
2021-02-26 18:58:34 +01:00
if ( $sendemail ) {
2025-01-20 15:41:20 +01:00
// Get default language to use for the company for supervision emails
2025-01-21 00:33:58 +01:00
$myCompanyDefaultLang = ( string ) $mysoc -> default_lang ;
2025-01-20 15:41:20 +01:00
if ( empty ( $myCompanyDefaultLang ) || $myCompanyDefaultLang === 'auto' ) {
// We must guess the language from the company country. We must not use the language of the visitor. This is a technical email for supervision
// so it must always be into the same language.
2025-02-11 22:06:34 +01:00
$myCompanyDefaultLang = ( string ) getLanguageCodeFromCountryCode ( $mysoc -> country_code );
2025-01-20 15:41:20 +01:00
}
2020-09-07 10:18:17 +02:00
$companylangs = new Translate ( '' , $conf );
2025-01-20 15:41:20 +01:00
$companylangs -> setDefaultLang ( $myCompanyDefaultLang );
2024-04-04 11:00:35 +02:00
$companylangs -> loadLangs ( array ( 'main' , 'members' , 'bills' , 'paypal' , 'paybox' , 'stripe' ));
2020-09-07 10:18:17 +02:00
2025-01-08 21:31:07 +01:00
$from = getDolGlobalString ( " MAIN_MAIL_EMAIL_FROM " );
2020-09-07 10:18:17 +02:00
$sendto = $sendemail ;
$urlback = $_SERVER [ " REQUEST_URI " ];
$topic = '[' . $appli . '] ' . $companylangs -> transnoentitiesnoconv ( " NewOnlinePaymentFailed " );
$content = " " ;
2021-10-05 10:01:37 +02:00
$content .= '<span style="color: orange">' . $companylangs -> transnoentitiesnoconv ( " ValidationOfOnlinePaymentFailed " ) . " </span> \n " ;
2020-09-07 10:18:17 +02:00
$content .= " <br><br> \n " ;
$content .= '<u>' . $companylangs -> transnoentitiesnoconv ( " TechnicalInformation " ) . " :</u><br> \n " ;
$content .= $companylangs -> transnoentitiesnoconv ( " OnlinePaymentSystem " ) . ': <strong>' . $paymentmethod . " </strong><br> \n " ;
$content .= $companylangs -> transnoentitiesnoconv ( " ReturnURLAfterPayment " ) . ': ' . $urlback . " <br> \n " ;
$content .= $companylangs -> transnoentitiesnoconv ( " Error " ) . ': ' . $errormessage . " <br> \n " ;
$content .= " <br> \n " ;
$content .= " tag= " . $fulltag . " token= " . $onlinetoken . " paymentType= " . $paymentType . " currencycodeType= " . $currencyCodeType . " payerId= " . $payerID . " ipaddress= " . $ipaddress . " FinalPaymentAmt= " . $FinalPaymentAmt ;
$ishtml = dol_textishtml ( $content ); // May contain urls
require_once DOL_DOCUMENT_ROOT . '/core/class/CMailFile.class.php' ;
2024-07-08 21:45:35 +02:00
$mailfile = new CMailFile ( $topic , $sendto , $from , $content , array (), array (), array (), '' , '' , 0 , $ishtml ? 1 : 0 );
2020-09-07 10:18:17 +02:00
$result = $mailfile -> sendfile ();
2021-02-26 18:58:34 +01:00
if ( $result ) {
2020-09-07 10:18:17 +02:00
dol_syslog ( " EMail sent to " . $sendto , LOG_DEBUG , 0 , '_payment' );
} else {
dol_syslog ( " Failed to send EMail to " . $sendto , LOG_ERR , 0 , '_payment' );
}
}
unset ( $_SESSION [ 'ipaddress' ]);
2017-04-23 02:44:38 +02:00
}
2024-03-20 17:45:49 +01:00
// Show answer page
2024-04-28 17:49:37 +02:00
if ( empty ( $doactionsthenredirect )) {
2024-03-20 17:45:49 +01:00
$head = '' ;
if ( getDolGlobalString ( 'ONLINE_PAYMENT_CSS_URL' )) {
$head = '<link rel="stylesheet" type="text/css" href="' . getDolGlobalString ( 'ONLINE_PAYMENT_CSS_URL' ) . '?lang=' . $langs -> defaultlang . '">' . " \n " ;
}
2017-04-23 02:44:38 +02:00
2024-03-20 17:45:49 +01:00
$conf -> dol_hide_topmenu = 1 ;
$conf -> dol_hide_leftmenu = 1 ;
2017-05-13 15:19:35 +02:00
2024-03-20 17:45:49 +01:00
$replacemainarea = ( empty ( $conf -> dol_hide_leftmenu ) ? '<div>' : '' ) . '<div>' ;
llxHeader ( $head , $langs -> trans ( " PaymentForm " ), '' , '' , 0 , 0 , '' , '' , '' , 'onlinepaymentbody' , $replacemainarea );
2017-04-23 02:44:38 +02:00
2024-03-20 17:45:49 +01:00
// Show ko message
print '<span id="dolpaymentspan"></span>' . " \n " ;
print '<div id="dolpaymentdiv" align="center">' . " \n " ;
2017-09-01 18:49:55 +02:00
2024-03-20 17:45:49 +01:00
// Show logo (search order: logo defined by PAYMENT_LOGO_suffix, then PAYMENT_LOGO, then small company logo, large company logo, theme logo, common logo)
// Define logo and logosmall
$logosmall = $mysoc -> logo_small ;
$logo = $mysoc -> logo ;
$paramlogo = 'ONLINE_PAYMENT_LOGO_' . $suffix ;
2024-07-03 20:05:29 +02:00
if ( getDolGlobalString ( $paramlogo )) {
2024-03-20 17:45:49 +01:00
$logosmall = getDolGlobalString ( $paramlogo );
} elseif ( getDolGlobalString ( 'ONLINE_PAYMENT_LOGO' )) {
$logosmall = getDolGlobalString ( 'ONLINE_PAYMENT_LOGO' );
}
//print '<!-- Show logo (logosmall='.$logosmall.' logo='.$logo.') -->'."\n";
// Define urllogo
$urllogo = '' ;
$urllogofull = '' ;
if ( ! empty ( $logosmall ) && is_readable ( $conf -> mycompany -> dir_output . '/logos/thumbs/' . $logosmall )) {
$urllogo = DOL_URL_ROOT . '/viewimage.php?modulepart=mycompany&entity=' . $conf -> entity . '&file=' . urlencode ( 'logos/thumbs/' . $logosmall );
$urllogofull = $dolibarr_main_url_root . '/viewimage.php?modulepart=mycompany&entity=' . $conf -> entity . '&file=' . urlencode ( 'logos/thumbs/' . $logosmall );
} elseif ( ! empty ( $logo ) && is_readable ( $conf -> mycompany -> dir_output . '/logos/' . $logo )) {
$urllogo = DOL_URL_ROOT . '/viewimage.php?modulepart=mycompany&entity=' . $conf -> entity . '&file=' . urlencode ( 'logos/' . $logo );
$urllogofull = $dolibarr_main_url_root . '/viewimage.php?modulepart=mycompany&entity=' . $conf -> entity . '&file=' . urlencode ( 'logos/' . $logo );
}
2020-03-13 03:28:13 +01:00
2024-03-20 17:45:49 +01:00
// Output html code for logo
if ( $urllogo ) {
print '<div class="backgreypublicpayment">' ;
print '<div class="logopublicpayment">' ;
print '<img id="dolpaymentlogo" src="' . $urllogo . '"' ;
print '>' ;
print '</div>' ;
if ( ! getDolGlobalString ( 'MAIN_HIDE_POWERED_BY' )) {
print '<div class="poweredbypublicpayment opacitymedium right"><a class="poweredbyhref" href="https://www.dolibarr.org?utm_medium=website&utm_source=poweredby" target="dolibarr" rel="noopener">' . $langs -> trans ( " PoweredBy " ) . '<br><img class="poweredbyimg" src="' . DOL_URL_ROOT . '/theme/dolibarr_logo.svg" width="80px"></a></div>' ;
}
print '</div>' ;
}
if ( getDolGlobalString ( 'MAIN_IMAGE_PUBLIC_PAYMENT' )) {
print '<div class="backimagepublicpayment">' ;
print '<img id="idMAIN_IMAGE_PUBLIC_PAYMENT" src="' . getDolGlobalString ( 'MAIN_IMAGE_PUBLIC_PAYMENT' ) . '">' ;
print '</div>' ;
2020-03-13 03:28:13 +01:00
}
2017-09-01 18:49:55 +02:00
2020-03-13 03:28:13 +01:00
2024-03-20 17:45:49 +01:00
print '<br><br>' ;
2020-03-13 03:28:13 +01:00
2024-03-20 17:45:49 +01:00
print $langs -> trans ( " YourPaymentHasNotBeenRecorded " ) . " <br><br> " ;
2017-04-23 02:44:38 +02:00
2024-03-20 17:45:49 +01:00
$key = 'ONLINE_PAYMENT_MESSAGE_KO' ;
2024-07-03 20:05:29 +02:00
if ( getDolGlobalString ( $key )) {
2024-03-20 17:45:49 +01:00
print $conf -> global -> $key ;
}
2017-09-09 10:03:09 +02:00
2024-03-20 17:45:49 +01:00
$type = GETPOST ( 's' , 'alpha' );
$ref = GETPOST ( 'ref' , 'alphanohtml' );
$tag = GETPOST ( 'tag' , 'alpha' );
require_once DOL_DOCUMENT_ROOT . '/core/lib/payments.lib.php' ;
if ( $type || $tag ) {
$urlsubscription = getOnlinePaymentUrl ( 0 , ( $type ? $type : 'free' ), $ref , $FinalPaymentAmt , $tag );
2019-08-01 03:54:54 +02:00
2024-03-20 17:45:49 +01:00
print $langs -> trans ( " ClickHereToTryAgain " , $urlsubscription );
}
2019-08-01 03:54:54 +02:00
2024-03-20 17:45:49 +01:00
print " \n </div> \n " ;
2017-04-23 02:44:38 +02:00
2024-03-20 17:45:49 +01:00
htmlPrintOnlineFooter ( $mysoc , $langs , 0 , $suffix );
2017-04-23 02:44:38 +02:00
2024-03-20 17:45:49 +01:00
llxFooter ( '' , 'public' );
}
2017-04-23 02:44:38 +02:00
$db -> close ();
2024-03-20 17:45:49 +01:00
// If option to do a redirect somewhere else is defined.
2024-04-28 17:49:37 +02:00
if ( ! empty ( $doactionsthenredirect )) {
2024-04-28 17:47:49 +02:00
// Redirect to an error page
// Paymentko page must be created for the specific website
2025-01-23 19:36:18 +01:00
if ( ! defined ( 'USEDOLIBARRSERVER' ) && ! empty ( $ws_virtuelhost )) {
2025-01-23 19:42:50 +01:00
$ext_urlko = $ws_virtuelhost . '/paymentko.php?fulltag=' . $FULLTAG ;
2025-01-23 19:36:18 +01:00
} else {
$ext_urlko = DOL_URL_ROOT . '/public/website/index.php?website=' . urlencode ( $ws ) . '&pageref=paymentko&fulltag=' . $FULLTAG ;
}
2024-05-01 17:27:56 +02:00
print " <script>window.top.location.href = ' " . dol_escape_js ( $ext_urlko ) . " ';</script> " ;
2024-03-20 17:45:49 +01:00
}
