dolibarr 21.0.0-beta
ajax.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2021 Thibault FOUCART <support@ptibogxiv.net>
3 * Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
4 * Copyright (C) 2024 Frédéric France <frederic.france@free.fr>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <https://www.gnu.org/licenses/>.
18 */
19
30if (!defined('NOTOKENRENEWAL')) {
31 define('NOTOKENRENEWAL', '1');
32}
33if (!defined('NOREQUIREMENU')) {
34 define('NOREQUIREMENU', '1');
35}
36if (!defined('NOREQUIREHTML')) {
37 define('NOREQUIREHTML', '1');
38}
39if (!defined('NOREQUIREAJAX')) {
40 define('NOREQUIREAJAX', '1');
41}
42if (!defined('NOBROWSERNOTIF')) {
43 define('NOBROWSERNOTIF', '1');
44}
45
46// Load Dolibarr environment
47require '../../main.inc.php'; // Load $user and permissions
48require_once DOL_DOCUMENT_ROOT.'/includes/stripe/stripe-php/init.php';
49require_once DOL_DOCUMENT_ROOT.'/stripe/class/stripe.class.php';
50require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
51
60$action = GETPOST('action', 'aZ09');
61$location = GETPOST('location', 'alphanohtml');
62$stripeacc = GETPOST('stripeacc', 'alphanohtml');
63$servicestatus = GETPOSTINT('servicestatus');
64$amount = GETPOSTINT('amount');
65
66if (!$user->hasRight('takepos', 'run')) {
67 accessforbidden('Not allowed to use TakePOS');
68}
69
70$usestripeterminals = getDolGlobalString('STRIPE_LOCATION');
71if (! $usestripeterminals) {
72 accessforbidden('Feature to use Stripe terminals not enabled');
73}
74
75
76/*
77 * View
78 */
79
80top_httphead('application/json');
81
82if ($action == 'getConnexionToken') {
83 try {
84 // Be sure to authenticate the endpoint for creating connection tokens.
85 // Force to use the correct API key
86 global $stripearrayofkeysbyenv;
87 \Stripe\Stripe::setApiKey($stripearrayofkeysbyenv[$servicestatus]['secret_key']);
88 // The ConnectionToken's secret let's you connect to any Stripe Terminal reader
89 // and take payments with your Stripe account.
90 $array = array();
91 if (isset($location) && !empty($location)) {
92 $array['location'] = $location;
93 }
94 if (empty($stripeacc)) { // If the Stripe connect account not set, we use common API usage
95 $connectionToken = \Stripe\Terminal\ConnectionToken::create($array);
96 } else {
97 $connectionToken = \Stripe\Terminal\ConnectionToken::create($array, array("stripe_account" => $stripeacc));
98 }
99 echo json_encode(array('secret' => $connectionToken->secret));
100 } catch (Error $e) {
101 http_response_code(500);
102 echo json_encode(['error' => $e->getMessage()]);
103 }
104} elseif ($action == 'createPaymentIntent') {
105 try {
106 $json_str = file_get_contents('php://input');
107 $json_obj = json_decode($json_str);
108
109 // For Terminal payments, the 'payment_method_types' parameter must include
110 // 'card_present' and the 'capture_method' must be set to 'manual'
111 $object = new Facture($db);
112 $object->fetch($json_obj->invoiceid);
113 $object->fetch_thirdparty();
114
115 $fulltag = 'INV='.$object->id.'.CUS='.$object->thirdparty->id;
116 $tag = null;
117 $fulltag = dol_string_unaccent($fulltag);
118
119 $stripe = new Stripe($db);
120 $customer = $stripe->customerStripe($object->thirdparty, $stripeacc, $servicestatus, 1);
121
122 $intent = $stripe->getPaymentIntent($json_obj->amount, $object->multicurrency_code, '', 'Stripe payment: '.$fulltag.(is_object($object) ? ' ref='.$object->ref : ''), $object, $customer, $stripeacc, $servicestatus, 1, 'terminal', false, null, 0, 1);
123
124 echo json_encode(array('client_secret' => $intent->client_secret));
125 } catch (Error $e) {
126 http_response_code(500);
127 echo json_encode(['error' => $e->getMessage()]);
128 }
129} elseif ($action == 'capturePaymentIntent') {
130 try {
131 // retrieve JSON from POST body
132 $json_str = file_get_contents('php://input');
133 $json_obj = json_decode($json_str);
134 if (empty($stripeacc)) { // If the Stripe connect account not set, we use common API usage
135 $intent = \Stripe\PaymentIntent::retrieve($json_obj->id);
136 } else {
137 $intent = \Stripe\PaymentIntent::retrieve($json_obj->id, array("stripe_account" => $stripeacc));
138 }
139 $intent = $intent->capture();
140
141 echo json_encode($intent);
142 } catch (Error $e) {
143 http_response_code(500);
144 echo json_encode(['error' => $e->getMessage()]);
145 }
146}
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition card.php:66
Class to manage invoices.
Stripe class @TODO No reason to extends CommonObject.
GETPOSTINT($paramname, $method=0)
Return the value of a $_GET or $_POST supervariable, converted into integer.
dol_string_unaccent($str)
Clean a string from all accent characters to be used as ref, login or by dol_sanitizeFileName.
GETPOST($paramname, $check='alphanohtml', $method=0, $filter=null, $options=null, $noreplace=0)
Return value of a param into GET or POST supervariable.
getDolGlobalString($key, $default='')
Return a Dolibarr global constant string value.
if(!defined( 'NOREQUIREMENU')) if(!empty(GETPOST('seteventmessages', 'alpha'))) if(!function_exists("llxHeader")) top_httphead($contenttype='text/html', $forcenocache=0)
Show HTTP header.
accessforbidden($message='', $printheader=1, $printfooter=1, $showonlymessage=0, $params=null)
Show a message to say access is forbidden and stop program.