19 if (!defined(
'NOLOGIN')) {
22 if (!defined(
'NOCSRFCHECK')) {
23 define(
"NOCSRFCHECK", 1);
25 if (!defined(
'NOIPCHECK')) {
26 define(
'NOIPCHECK',
'1');
28 if (!defined(
'NOBROWSERNOTIF')) {
29 define(
'NOBROWSERNOTIF',
'1');
32 $entity = (!empty($_GET[
'entity']) ? (int) $_GET[
'entity'] : (!empty($_POST[
'entity']) ? (int) $_POST[
'entity'] : 1));
33 if (is_numeric($entity)) {
34 define(
"DOLENTITY", $entity);
37 require
'../../main.inc.php';
38 require_once DOL_DOCUMENT_ROOT.
'/core/lib/admin.lib.php';
39 require_once DOL_DOCUMENT_ROOT.
'/user/class/user.class.php';
40 require_once DOL_DOCUMENT_ROOT.
'/core/class/ccountry.class.php';
41 require_once DOL_DOCUMENT_ROOT.
'/commande/class/commande.class.php';
42 require_once DOL_DOCUMENT_ROOT.
'/compta/paiement/class/paiement.class.php';
43 require_once DOL_DOCUMENT_ROOT.
'/compta/facture/class/facture.class.php';
44 require_once DOL_DOCUMENT_ROOT.
'/compta/bank/class/account.class.php';
45 require_once DOL_DOCUMENT_ROOT.
'/societe/class/societe.class.php';
46 require_once DOL_DOCUMENT_ROOT.
'/core/class/CMailFile.class.php';
48 require_once DOL_DOCUMENT_ROOT.
'/includes/stripe/stripe-php/init.php';
49 require_once DOL_DOCUMENT_ROOT.
'/stripe/class/stripe.class.php';
52 if (empty($conf->stripe->enabled)) {
58 if (isset($_GET[
'connect'])) {
59 if (isset($_GET[
'test'])) {
60 $endpoint_secret = $conf->global->STRIPE_TEST_WEBHOOK_CONNECT_KEY;
61 $service =
'StripeTest';
64 $endpoint_secret = $conf->global->STRIPE_LIVE_WEBHOOK_CONNECT_KEY;
65 $service =
'StripeLive';
69 if (isset($_GET[
'test'])) {
70 $endpoint_secret = $conf->global->STRIPE_TEST_WEBHOOK_KEY;
71 $service =
'StripeTest';
74 $endpoint_secret = $conf->global->STRIPE_LIVE_WEBHOOK_KEY;
75 $service =
'StripeLive';
80 if (empty($endpoint_secret)) {
81 print
'Error: Setup of module Stripe not complete for mode '.$service.
'. The WEBHOOK_KEY is not defined.';
82 http_response_code(400);
86 if (!empty($conf->global->STRIPE_USER_ACCOUNT_FOR_ACTIONS)) {
88 $user =
new User($db);
89 $user->fetch($conf->global->STRIPE_USER_ACCOUNT_FOR_ACTIONS);
92 print
'Error: Setup of module Stripe not complete for mode '.$service.
'. The STRIPE_USER_ACCOUNT_FOR_ACTIONS is not defined.';
93 http_response_code(400);
106 $payload = @file_get_contents(
"php://input");
107 $sig_header = $_SERVER[
"HTTP_STRIPE_SIGNATURE"];
113 $event = \Stripe\Webhook::constructEvent($payload, $sig_header, $endpoint_secret);
114 }
catch (\UnexpectedValueException $e) {
116 http_response_code(400);
118 }
catch (\
Stripe\Error\SignatureVerification $e) {
120 http_response_code(400);
126 $langs->load(
"main");
129 if (!empty($conf->multicompany->enabled) && !empty($conf->stripeconnect->enabled) && is_object($mc)) {
130 $sql =
"SELECT entity";
131 $sql .=
" FROM ".MAIN_DB_PREFIX.
"oauth_token";
132 $sql .=
" WHERE service = '".$db->escape($service).
"' and tokenstring LIKE '%".$db->escape($event->account).
"%'";
134 dol_syslog(get_class($db).
"::fetch", LOG_DEBUG);
135 $result = $db->query($sql);
137 if ($db->num_rows($result)) {
138 $obj = $db->fetch_object($result);
146 $ret = $mc->switchEntity($key);
150 $stripe =
new Stripe($db);
153 $societeName = $conf->global->MAIN_INFO_SOCIETE_NOM;
154 if (!empty($conf->global->MAIN_APPLICATION_TITLE)) {
155 $societeName = $conf->global->MAIN_APPLICATION_TITLE;
159 dol_syslog(
"***** Stripe IPN was called with event->type = ".$event->type);
162 if ($event->type ==
'payout.created') {
165 $result =
dolibarr_set_const($db, $service.
"_NEXTPAYOUT", date(
'Y-m-d H:i:s', $event->data->object->arrival_date),
'chaine', 0,
'', $conf->entity);
168 $subject = $societeName.
' - [NOTIFICATION] Stripe payout scheduled';
169 if (!empty($user->email)) {
172 $sendto = $conf->global->MAIN_INFO_SOCIETE_MAIL.
'" <'.$conf->global->MAIN_INFO_SOCIETE_MAIL.
'>';
176 if (!empty($conf->global->ONLINE_PAYMENT_SENDEMAIL)) {
177 $sendtocc = $conf->global->ONLINE_PAYMENT_SENDEMAIL.
'" <'.$conf->global->ONLINE_PAYMENT_SENDEMAIL.
'>';
180 $message =
"A bank transfer of ".price2num($event->data->object->amount / 100).
" ".$event->data->object->currency.
" should arrive in your account the ".
dol_print_date($event->data->object->arrival_date,
'dayhour');
196 $ret = $mailfile->sendfile();
198 http_response_code(200);
202 http_response_code(500);
205 } elseif ($event->type ==
'payout.paid') {
208 $result =
dolibarr_set_const($db, $service.
"_NEXTPAYOUT",
null,
'chaine', 0,
'', $conf->entity);
210 $langs->load(
"errors");
213 $label = $event->data->object->description;
214 $amount = $event->data->object->amount / 100;
215 $amount_to = $event->data->object->amount / 100;
216 require_once DOL_DOCUMENT_ROOT.
'/compta/bank/class/account.class.php';
218 $accountfrom =
new Account($db);
219 $accountfrom->fetch($conf->global->STRIPE_BANK_ACCOUNT_FOR_PAYMENTS);
222 $accountto->fetch($conf->global->STRIPE_BANK_ACCOUNT_FOR_BANKTRANSFERS);
224 if (($accountto->id != $accountfrom->id) && empty($error)) {
225 $bank_line_id_from = 0;
226 $bank_line_id_to = 0;
234 $bank_line_id_from = $accountfrom->addline($dateo, $typefrom, $label, -1 *
price2num($amount),
'',
'', $user);
236 if (!($bank_line_id_from > 0)) {
240 $bank_line_id_to = $accountto->addline($dateo, $typeto, $label,
price2num($amount),
'',
'', $user);
242 if (!($bank_line_id_to > 0)) {
247 $result = $accountfrom->add_url_line($bank_line_id_from, $bank_line_id_to, DOL_URL_ROOT.
'/compta/bank/line.php?rowid=',
'(banktransfert)',
'banktransfert');
249 if (!($result > 0)) {
253 $result = $accountto->add_url_line($bank_line_id_to, $bank_line_id_from, DOL_URL_ROOT.
'/compta/bank/line.php?rowid=',
'(banktransfert)',
'banktransfert');
255 if (!($result > 0)) {
260 $subject = $societeName.
' - [NOTIFICATION] Stripe payout done';
261 if (!empty($user->email)) {
264 $sendto = $conf->global->MAIN_INFO_SOCIETE_MAIL.
'" <'.$conf->global->MAIN_INFO_SOCIETE_MAIL.
'>';
268 if (!empty($conf->global->ONLINE_PAYMENT_SENDEMAIL)) {
269 $sendtocc = $conf->global->ONLINE_PAYMENT_SENDEMAIL.
'" <'.$conf->global->ONLINE_PAYMENT_SENDEMAIL.
'>';
272 $message =
"A bank transfer of ".price2num($event->data->object->amount / 100).
" ".$event->data->object->currency.
" has been done to your account the ".
dol_print_date($event->data->object->arrival_date,
'dayhour');
288 $ret = $mailfile->sendfile();
290 http_response_code(200);
294 http_response_code(500);
297 } elseif ($event->type ==
'customer.source.created') {
299 } elseif ($event->type ==
'customer.source.updated') {
301 } elseif ($event->type ==
'customer.source.delete') {
303 } elseif ($event->type ==
'customer.deleted') {
305 $sql =
"DELETE FROM ".MAIN_DB_PREFIX.
"societe_account WHERE key_account = '".$db->escape($event->data->object->id).
"' and site='stripe'";
308 } elseif ($event->type ==
'payment_intent.succeeded') {
311 } elseif ($event->type ==
'payment_intent.payment_failed') {
313 } elseif ($event->type ==
'checkout.session.completed') {
316 } elseif ($event->type ==
'payment_method.attached') {
317 require_once DOL_DOCUMENT_ROOT.
'/societe/class/companypaymentmode.class.php';
318 require_once DOL_DOCUMENT_ROOT.
'/societe/class/societeaccount.class.php';
323 $idthirdparty = $societeaccount->getThirdPartyID($db->escape($event->data->object->customer),
'stripe', $servicestatus);
324 if ($idthirdparty > 0) {
325 $companypaymentmode->stripe_card_ref = $db->escape($event->data->object->id);
326 $companypaymentmode->fk_soc = $idthirdparty;
327 $companypaymentmode->bank =
null;
328 $companypaymentmode->label =
null;
329 $companypaymentmode->number = $db->escape($event->data->object->id);
330 $companypaymentmode->last_four = $db->escape($event->data->object->card->last4);
331 $companypaymentmode->card_type = $db->escape($event->data->object->card->branding);
332 $companypaymentmode->proprio = $db->escape($event->data->object->billing_details->name);
333 $companypaymentmode->exp_date_month = $db->escape($event->data->object->card->exp_month);
334 $companypaymentmode->exp_date_year = $db->escape($event->data->object->card->exp_year);
335 $companypaymentmode->cvn =
null;
336 $companypaymentmode->datec = $db->escape($event->data->object->created);
337 $companypaymentmode->default_rib = 0;
338 $companypaymentmode->type = $db->escape($event->data->object->type);
339 $companypaymentmode->country_code = $db->escape($event->data->object->card->country);
340 $companypaymentmode->status = $servicestatus;
344 $result = $companypaymentmode->create($user);
355 } elseif ($event->type ==
'payment_method.updated') {
356 require_once DOL_DOCUMENT_ROOT.
'/societe/class/companypaymentmode.class.php';
358 $companypaymentmode->fetch(0,
'', 0,
'',
" AND stripe_card_ref = '".$db->escape($event->data->object->id).
"'");
359 $companypaymentmode->bank =
null;
360 $companypaymentmode->label =
null;
361 $companypaymentmode->number = $db->escape($event->data->object->id);
362 $companypaymentmode->last_four = $db->escape($event->data->object->card->last4);
363 $companypaymentmode->proprio = $db->escape($event->data->object->billing_details->name);
364 $companypaymentmode->exp_date_month = $db->escape($event->data->object->card->exp_month);
365 $companypaymentmode->exp_date_year = $db->escape($event->data->object->card->exp_year);
366 $companypaymentmode->cvn =
null;
367 $companypaymentmode->datec = $db->escape($event->data->object->created);
368 $companypaymentmode->default_rib = 0;
369 $companypaymentmode->type = $db->escape($event->data->object->type);
370 $companypaymentmode->country_code = $db->escape($event->data->object->card->country);
371 $companypaymentmode->status = $servicestatus;
375 $result = $companypaymentmode->update($user);
385 } elseif ($event->type ==
'payment_method.detached') {
387 $sql =
"DELETE FROM ".MAIN_DB_PREFIX.
"societe_rib WHERE number = '".$db->escape($event->data->object->id).
"' and status = ".((int) $servicestatus);
390 } elseif ($event->type ==
'charge.succeeded') {
393 } elseif ($event->type ==
'charge.failed') {
395 } elseif (($event->type ==
'source.chargeable') && ($event->data->object->type ==
'three_d_secure') && ($event->data->object->three_d_secure->authenticated ==
true)) {
399 http_response_code(200);