PageRenderTime 25ms CodeModel.GetById 0ms RepoModel.GetById 0ms app.codeStats 0ms

/catalog/controller/api/payment.php

https://gitlab.com/firstrate/firstrate
PHP | 283 lines | 212 code | 61 blank | 10 comment | 50 complexity | 17e7dff7b78d9db82664c959126093d6 MD5 | raw file
    

  1. <?php
    2. 

  2. class ControllerApiPayment extends Controller {
    3. 

  3. 	public function address() {
    4. 

  4. 		$this->load->language('api/payment');
    5. 

  5. 

  6. 		// Delete old payment address, payment methods and method so not to cause any issues if there is an error
    7. 

  7. 		unset($this->session->data['payment_address']);
    8. 

  8. 		unset($this->session->data['payment_methods']);
    9. 

  9. 		unset($this->session->data['payment_method']);
    10. 

  10. 

  11. 		$json = array();
    12. 

  12. 

  13. 		if (!isset($this->session->data['api_id'])) {
    14. 

  14. 			$json['error']['warning'] = $this->language->get('error_permission');
    15. 

  15. 		} else {
    16. 

  16. 			// Add keys for missing post vars
    17. 

  17. 			$keys = array(
    18. 

  18. 				'firstname',
    19. 

  19. 				'lastname',
    20. 

  20. 				'company',
    21. 

  21. 				'address_1',
    22. 

  22. 				'address_2',
    23. 

  23. 				'postcode',
    24. 

  24. 				'city',
    25. 

  25. 				'zone_id',
    26. 

  26. 				'country_id'
    27. 

  27. 			);
    28. 

  28. 

  29. 			foreach ($keys as $key) {
    30. 

  30. 				if (!isset($this->request->post[$key])) {
    31. 

  31. 					$this->request->post[$key] = '';
    32. 

  32. 				}
    33. 

  33. 			}
    34. 

  34. 

  35. 			if ((utf8_strlen(trim($this->request->post['firstname'])) < 1) || (utf8_strlen(trim($this->request->post['firstname'])) > 32)) {
    36. 

  36. 				$json['error']['firstname'] = $this->language->get('error_firstname');
    37. 

  37. 			}
    38. 

  38. 

  39. 			if ((utf8_strlen(trim($this->request->post['lastname'])) < 1) || (utf8_strlen(trim($this->request->post['lastname'])) > 32)) {
    40. 

  40. 				$json['error']['lastname'] = $this->language->get('error_lastname');
    41. 

  41. 			}
    42. 

  42. 

  43. 			if ((utf8_strlen(trim($this->request->post['address_1'])) < 3) || (utf8_strlen(trim($this->request->post['address_1'])) > 128)) {
    44. 

  44. 				$json['error']['address_1'] = $this->language->get('error_address_1');
    45. 

  45. 			}
    46. 

  46. 

  47. 			if ((utf8_strlen($this->request->post['city']) < 2) || (utf8_strlen($this->request->post['city']) > 32)) {
    48. 

  48. 				$json['error']['city'] = $this->language->get('error_city');
    49. 

  49. 			}
    50. 

  50. 

  51. 			$this->load->model('localisation/country');
    52. 

  52. 

  53. 			$country_info = $this->model_localisation_country->getCountry($this->request->post['country_id']);
    54. 

  54. 

  55. 			if ($country_info && $country_info['postcode_required'] && (utf8_strlen(trim($this->request->post['postcode'])) < 2 || utf8_strlen(trim($this->request->post['postcode'])) > 10)) {
    56. 

  56. 				$json['error']['postcode'] = $this->language->get('error_postcode');
    57. 

  57. 			}
    58. 

  58. 

  59. 			if ($this->request->post['country_id'] == '') {
    60. 

  60. 				$json['error']['country'] = $this->language->get('error_country');
    61. 

  61. 			}
    62. 

  62. 

  63. 			if (!isset($this->request->post['zone_id']) || $this->request->post['zone_id'] == '') {
    64. 

  64. 				$json['error']['zone'] = $this->language->get('error_zone');
    65. 

  65. 			}
    66. 

  66. 

  67. 			// Custom field validation
    68. 

  68. 			$this->load->model('account/custom_field');
    69. 

  69. 

  70. 			$custom_fields = $this->model_account_custom_field->getCustomFields($this->config->get('config_customer_group_id'));
    71. 

  71. 

  72. 			foreach ($custom_fields as $custom_field) {
    73. 

  73. 				if (($custom_field['location'] == 'address') && $custom_field['required'] && empty($this->request->post['custom_field'][$custom_field['custom_field_id']])) {
    74. 

  74. 					$json['error']['custom_field' . $custom_field['custom_field_id']] = sprintf($this->language->get('error_custom_field'), $custom_field['name']);
    75. 

  75. 				}
    76. 

  76. 			}
    77. 

  77. 

  78. 			if (!$json) {
    79. 

  79. 				$this->load->model('localisation/country');
    80. 

  80. 

  81. 				$country_info = $this->model_localisation_country->getCountry($this->request->post['country_id']);
    82. 

  82. 

  83. 				if ($country_info) {
    84. 

  84. 					$country = $country_info['name'];
    85. 

  85. 					$iso_code_2 = $country_info['iso_code_2'];
    86. 

  86. 					$iso_code_3 = $country_info['iso_code_3'];
    87. 

  87. 					$address_format = $country_info['address_format'];
    88. 

  88. 				} else {
    89. 

  89. 					$country = '';
    90. 

  90. 					$iso_code_2 = '';
    91. 

  91. 					$iso_code_3 = '';
    92. 

  92. 					$address_format = '';
    93. 

  93. 				}
    94. 

  94. 

  95. 				$this->load->model('localisation/zone');
    96. 

  96. 

  97. 				$zone_info = $this->model_localisation_zone->getZone($this->request->post['zone_id']);
    98. 

  98. 

  99. 				if ($zone_info) {
    100. 

  100. 					$zone = $zone_info['name'];
    101. 

  101. 					$zone_code = $zone_info['code'];
    102. 

  102. 				} else {
    103. 

  103. 					$zone = '';
    104. 

  104. 					$zone_code = '';
    105. 

  105. 				}
    106. 

  106. 

  107. 				$this->session->data['payment_address'] = array(
    108. 

  108. 					'firstname'      => $this->request->post['firstname'],
    109. 

  109. 					'lastname'       => $this->request->post['lastname'],
    110. 

  110. 					'company'        => $this->request->post['company'],
    111. 

  111. 					'address_1'      => $this->request->post['address_1'],
    112. 

  112. 					'address_2'      => $this->request->post['address_2'],
    113. 

  113. 					'postcode'       => $this->request->post['postcode'],
    114. 

  114. 					'city'           => $this->request->post['city'],
    115. 

  115. 					'zone_id'        => $this->request->post['zone_id'],
    116. 

  116. 					'zone'           => $zone,
    117. 

  117. 					'zone_code'      => $zone_code,
    118. 

  118. 					'country_id'     => $this->request->post['country_id'],
    119. 

  119. 					'country'        => $country,
    120. 

  120. 					'iso_code_2'     => $iso_code_2,
    121. 

  121. 					'iso_code_3'     => $iso_code_3,
    122. 

  122. 					'address_format' => $address_format,
    123. 

  123. 					'custom_field'   => isset($this->request->post['custom_field']) ? $this->request->post['custom_field'] : array()
    124. 

  124. 				);
    125. 

  125. 

  126. 				$json['success'] = $this->language->get('text_address');
    127. 

  127. 

  128. 				unset($this->session->data['payment_method']);
    129. 

  129. 				unset($this->session->data['payment_methods']);
    130. 

  130. 			}
    131. 

  131. 		}
    132. 

  132. 

  133. 		if (isset($this->request->server['HTTP_ORIGIN'])) {
    134. 

  134. 			$this->response->addHeader('Access-Control-Allow-Origin: ' . $this->request->server['HTTP_ORIGIN']);
    135. 

  135. 			$this->response->addHeader('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS');
    136. 

  136. 			$this->response->addHeader('Access-Control-Max-Age: 1000');
    137. 

  137. 			$this->response->addHeader('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');
    138. 

  138. 		}
    139. 

  139. 

  140. 		$this->response->addHeader('Content-Type: application/json');
    141. 

  141. 		$this->response->setOutput(json_encode($json));
    142. 

  142. 	}
    143. 

  143. 

  144. 	public function methods() {
    145. 

  145. 		$this->load->language('api/payment');
    146. 

  146. 

  147. 		// Delete past shipping methods and method just in case there is an error
    148. 

  148. 		unset($this->session->data['payment_methods']);
    149. 

  149. 		unset($this->session->data['payment_method']);
    150. 

  150. 

  151. 		$json = array();
    152. 

  152. 

  153. 		if (!isset($this->session->data['api_id'])) {
    154. 

  154. 			$json['error'] = $this->language->get('error_permission');
    155. 

  155. 		} else {
    156. 

  156. 			// Payment Address
    157. 

  157. 			if (!isset($this->session->data['payment_address'])) {
    158. 

  158. 				$json['error'] = $this->language->get('error_address');
    159. 

  159. 			}
    160. 

  160. 

  161. 			if (!$json) {
    162. 

  162. 				// Totals
    163. 

  163. 				$total_data = array();
    164. 

  164. 				$total = 0;
    165. 

  165. 				$taxes = $this->cart->getTaxes();
    166. 

  166. 

  167. 				$this->load->model('extension/extension');
    168. 

  168. 

  169. 				$sort_order = array();
    170. 

  170. 

  171. 				$results = $this->model_extension_extension->getExtensions('total');
    172. 

  172. 

  173. 				foreach ($results as $key => $value) {
    174. 

  174. 					$sort_order[$key] = $this->config->get($value['code'] . '_sort_order');
    175. 

  175. 				}
    176. 

  176. 

  177. 				array_multisort($sort_order, SORT_ASC, $results);
    178. 

  178. 

  179. 				foreach ($results as $result) {
    180. 

  180. 					if ($this->config->get($result['code'] . '_status')) {
    181. 

  181. 						$this->load->model('total/' . $result['code']);
    182. 

  182. 

  183. 						$this->{'model_total_' . $result['code']}->getTotal($total_data, $total, $taxes);
    184. 

  184. 					}
    185. 

  185. 				}
    186. 

  186. 

  187. 				// Payment Methods
    188. 

  188. 				$json['payment_methods'] = array();
    189. 

  189. 

  190. 				$this->load->model('extension/extension');
    191. 

  191. 

  192. 				$results = $this->model_extension_extension->getExtensions('payment');
    193. 

  193. 

  194. 				$recurring = $this->cart->hasRecurringProducts();
    195. 

  195. 

  196. 				foreach ($results as $result) {
    197. 

  197. 					if ($this->config->get($result['code'] . '_status')) {
    198. 

  198. 						$this->load->model('payment/' . $result['code']);
    199. 

  199. 

  200. 						$method = $this->{'model_payment_' . $result['code']}->getMethod($this->session->data['payment_address'], $total);
    201. 

  201. 

  202. 						if ($method) {
    203. 

  203. 							if ($recurring) {
    204. 

  204. 								if (method_exists($this->{'model_payment_' . $result['code']}, 'recurringPayments') && $this->{'model_payment_' . $result['code']}->recurringPayments()) {
    205. 

  205. 									$json['payment_methods'][$result['code']] = $method;
    206. 

  206. 								}
    207. 

  207. 							} else {
    208. 

  208. 								$json['payment_methods'][$result['code']] = $method;
    209. 

  209. 							}
    210. 

  210. 						}
    211. 

  211. 					}
    212. 

  212. 				}
    213. 

  213. 

  214. 				$sort_order = array();
    215. 

  215. 

  216. 				foreach ($json['payment_methods'] as $key => $value) {
    217. 

  217. 					$sort_order[$key] = $value['sort_order'];
    218. 

  218. 				}
    219. 

  219. 

  220. 				array_multisort($sort_order, SORT_ASC, $json['payment_methods']);
    221. 

  221. 

  222. 				if ($json['payment_methods']) {
    223. 

  223. 					$this->session->data['payment_methods'] = $json['payment_methods'];
    224. 

  224. 				} else {
    225. 

  225. 					$json['error'] = $this->language->get('error_no_payment');
    226. 

  226. 				}
    227. 

  227. 			}
    228. 

  228. 		}
    229. 

  229. 

  230. 		if (isset($this->request->server['HTTP_ORIGIN'])) {
    231. 

  231. 			$this->response->addHeader('Access-Control-Allow-Origin: ' . $this->request->server['HTTP_ORIGIN']);
    232. 

  232. 			$this->response->addHeader('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS');
    233. 

  233. 			$this->response->addHeader('Access-Control-Max-Age: 1000');
    234. 

  234. 			$this->response->addHeader('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');
    235. 

  235. 		}
    236. 

  236. 

  237. 		$this->response->addHeader('Content-Type: application/json');
    238. 

  238. 		$this->response->setOutput(json_encode($json));
    239. 

  239. 	}
    240. 

  240. 

  241. 	public function method() {
    242. 

  242. 		$this->load->language('api/payment');
    243. 

  243. 

  244. 		// Delete old payment method so not to cause any issues if there is an error
    245. 

  245. 		unset($this->session->data['payment_method']);
    246. 

  246. 

  247. 		$json = array();
    248. 

  248. 

  249. 		if (!isset($this->session->data['api_id'])) {
    250. 

  250. 			$json['error'] = $this->language->get('error_permission');
    251. 

  251. 		} else {
    252. 

  252. 			// Payment Address
    253. 

  253. 			if (!isset($this->session->data['payment_address'])) {
    254. 

  254. 				$json['error'] = $this->language->get('error_address');
    255. 

  255. 			}
    256. 

  256. 

  257. 			// Payment Method
    258. 

  258. 			if (empty($this->session->data['payment_methods'])) {
    259. 

  259. 				$json['error'] = $this->language->get('error_no_payment');
    260. 

  260. 			} elseif (!isset($this->request->post['payment_method'])) {
    261. 

  261. 				$json['error'] = $this->language->get('error_method');
    262. 

  262. 			} elseif (!isset($this->session->data['payment_methods'][$this->request->post['payment_method']])) {
    263. 

  263. 				$json['error'] = $this->language->get('error_method');
    264. 

  264. 			}
    265. 

  265. 

  266. 			if (!$json) {
    267. 

  267. 				$this->session->data['payment_method'] = $this->session->data['payment_methods'][$this->request->post['payment_method']];
    268. 

  268. 

  269. 				$json['success'] = $this->language->get('text_method');
    270. 

  270. 			}
    271. 

  271. 		}
    272. 

  272. 

  273. 		if (isset($this->request->server['HTTP_ORIGIN'])) {
    274. 

  274. 			$this->response->addHeader('Access-Control-Allow-Origin: ' . $this->request->server['HTTP_ORIGIN']);
    275. 

  275. 			$this->response->addHeader('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS');
    276. 

  276. 			$this->response->addHeader('Access-Control-Max-Age: 1000');
    277. 

  277. 			$this->response->addHeader('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');
    278. 

  278. 		}
    279. 

  279. 

  280. 		$this->response->addHeader('Content-Type: application/json');
    281. 

  281. 		$this->response->setOutput(json_encode($json));
    282. 

  282. 	}
    283. 

  283. }
    284. 

  284.