Merge pull request #5 from RBAtkins0n/master

2019-11-07: v1.0.3 :

README.md

@@ -1,12 +1,12 @@
 # PayBatch_PayHost_WHMCS
-## PayGate PayBatch (with PayHost tokenization) plugin v1.0.2 for WHMCS v7.7.0
+## PayGate PayBatch (with PayHost tokenization) plugin v1.0.3 for WHMCS v7.7.0
 
 This is the PayGate PayBatch (with PayHost tokenization) for WHMCS. Please feel free to contact the PayGate support team at [email protected] should you require any assistance.
 
 This module is in the first release; we suggest thorough testing with your use case before proceeding to a live enviroment
 
 ## Installation
-Please navigate to the [releases page](https://github.com/PayGate/PayBatch_PayHost_WHMCS/releases), download the latest release (v1.0.2) and unzip. You will them be able to follow the integration guide which is included in the zip.
+Please navigate to the [releases page](https://github.com/PayGate/PayBatch_PayHost_WHMCS/releases), download the latest release (v1.0.3) and unzip. You will them be able to follow the integration guide which is included in the zip.
 
 ## Collaboration
 

modules/gateways/callback/payhostpaybatch.php

@@ -80,6 +80,7 @@ function getQuery( $pgid, $key, $reqid )
         $result = $sc->__soapCall( 'SingleFollowUp', [
             new SoapVar( $soap, XSD_ANYXML ),
         ] );
+
         if ( $result ) {
             $vaultId       = $result->QueryResponse->Status->VaultId;
             $reference     = $result->QueryResponse->Status->Reference;
@@ -145,36 +146,52 @@ function getQuery( $pgid, $key, $reqid )
             }
         } else {
             // Validity not verified
+            // Failed
+            logTransaction( $gatewayModuleName, null, 'failed' );
+            $url = $_SESSION['_PAYHOSTPAYBATCH_SYSTEM_URL'] . 'clientarea.php?action=invoices';
+            header( 'Location: ' . $url );
         }
     } else {
         // Transaction failed
+        // Failed
+        logTransaction( $gatewayModuleName, null, 'failed' );
+        $url = $_SESSION['_PAYHOSTPAYBATCH_SYSTEM_URL'] . 'clientarea.php?action=invoices';
+        header( 'Location: ' . $url );
     }
 
     // Make a request to get the Vault Id
     if ( $verified ) {
         $response      = getQuery( $payHostId, $payHostSecretKey, $payRequestId );
-        $token         = $response['token'];
         $reference     = $response['reference'];
         $transactionId = $response['transactionId'];
 
-        // Store the token
-        $tblpayhostpaybatch = _DB_PREFIX_ . 'payhostpaybatch';
-        $clientExists       = Capsule::table( $tblpayhostpaybatch )
-            ->where( 'recordtype', 'clientdetail' )
-            ->where( 'recordid', $userId )
-            ->value( 'recordval' );
+        // Check for token and valid format
+        $vaultPattern = '/^[0-9a-z]{8}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{4}-[0-9a-z]{12}$/';
+        $token        = !empty( $response['token'] ) ? $response['token'] : null;
+        if ( preg_match( $vaultPattern, $token ) != 1 ) {
+            $token = null;
+        }
 
-        if ( strlen( $clientExists ) > 0 ) {
-            Capsule::table( $tblpayhostpaybatch )
+        // Store the token if valid
+        if ( $token ) {
+            $tblpayhostpaybatch = _DB_PREFIX_ . 'payhostpaybatch';
+            $clientExists       = Capsule::table( $tblpayhostpaybatch )
                 ->where( 'recordtype', 'clientdetail' )
                 ->where( 'recordid', $userId )
-                ->update( ['recordval' => $token] );
-        } else {
-            Capsule::table( $tblpayhostpaybatch )
-                ->insert( ['recordtype' => 'clientdetail',
-                    'recordid'             => $userId,
-                    'recordval'            => $token,
-                ] );
+                ->value( 'recordval' );
+
+            if ( strlen( $clientExists ) > 0 ) {
+                Capsule::table( $tblpayhostpaybatch )
+                    ->where( 'recordtype', 'clientdetail' )
+                    ->where( 'recordid', $userId )
+                    ->update( ['recordval' => $token] );
+            } else {
+                Capsule::table( $tblpayhostpaybatch )
+                    ->insert( ['recordtype' => 'clientdetail',
+                        'recordid'             => $userId,
+                        'recordval'            => $token,
+                    ] );
+            }
         }
 
         // Check the reference validity

modules/gateways/payhostpaybatch.php

@@ -12,6 +12,11 @@
  *
  */
 
+// Require libraries needed for gateway module functions
+require_once __DIR__ . '/../../init.php';
+require_once __DIR__ . '/../../includes/gatewayfunctions.php';
+require_once __DIR__ . '/../../includes/invoicefunctions.php';
+
 require_once 'payhostpaybatch/lib/constants.php';
 require_once 'payhostpaybatch/lib/payhostsoap.class.php';
 
@@ -44,6 +49,11 @@ function createPayhostpaybatchTable()
 
 createPayhostpaybatchTable();
 
+if ( isset( $_POST['INITIATE'] ) && $_POST['INITIATE'] == 'initiate' ) {
+    $params = json_decode( base64_decode( $_POST['jparams'] ), true );
+    payhostpaybatch_initiate( $params );
+}
+
 /**
  * Define module related meta data
  *
@@ -144,6 +154,27 @@ function payhostpaybatch_config()
  * @return string
  */
 function payhostpaybatch_link( $params )
+{
+    $jparams = base64_encode( json_encode( $params ) );
+    $html    = <<<HTML
+    <form method="post" action="modules/gateways/payhostpaybatch.php">
+    <input type="hidden" name="INITIATE" value="initiate">
+    <input type="hidden" name="jparams" value="$jparams">
+    <input type="submit" value="Pay using PayHost">
+</form>
+HTML;
+
+    return $html;
+}
+
+/**
+ * Payment process
+ *
+ * Process payment to PayHost
+ *
+ * @return string
+ */
+function payhostpaybatch_initiate( $params )
 {
     // Check if test mode or not
     $testMode = $params['testMode'];
@@ -233,8 +264,13 @@ function payhostpaybatch_link( $params )
     $data['retUrl']        = $returnUrl;
     $data['notifyURL']     = $notifyUrl;
     $data['recurring']     = $usePayBatch;
-    $data['vaulting']      = $vaulting;
-    $data['vaultId']       = $vaultId;
+    if ( $vaulting ) {
+        $data['vaulting'] = true;
+    }
+    if ( $vaultId != '' && $vaulting ) {
+        $data['vaultId'] = $vaultId;
+    }
+
     $payhostSoap->setData( $data );
 
     $xml = $payhostSoap->getSOAP();
@@ -273,18 +309,17 @@ function payhostpaybatch_link( $params )
         <input type="hidden" name="{$inputs[2]->key}" value="{$inputs[2]->value}" />
         <input type="hidden" name="{$inputs[3]->key}" value="{$inputs[3]->value}" />
         </form>
-        <script type="text/javascript">
-        document.forms['payhost'].submit();
-</script>
+        <script type="text/javascript"> document.forms['payhost'].submit();</script>
 HTML;
+                echo $html;
             }
         } else {
             // Process response - doesn't happen
         }
     } catch ( SoapFault $f ) {
         var_dump( $f );
     }
-    return $html;
+    echo $html;
 }
 
 /**

modules/gateways/payhostpaybatch/changelog.txt

@@ -7,4 +7,6 @@ Date	  : Version: Description
                      Added redirect to PayBatch as well.
                      Added redirect to client invoices on failure.
                      Added PayBatch notify.
-2019-10-31: v1.0.2 : Better recurring handling using dedicated PayBatch cron scripts.
+2019-10-31: v1.0.2 : Better recurring handling using dedicated PayBatch cron scripts.
+2019-11-07: v1.0.3 : Added check for valid token format in callback.
+                     Added "Pay" button to invoicing.

modules/gateways/payhostpaybatch/lib/constants.php

@@ -15,7 +15,7 @@
 define( "PAYBATCHAPI", 'https://secure.paygate.co.za/paybatch/1.2/process.trans' );
 define( "PAYBATCHAPIWSDL", 'https://secure.paygate.co.za/paybatch/1.2/PayBatch.wsdl' );
 define( "PAYGATETESTID", '10011072130' );
-define( "PAYGATETESTKEY", 'secret' );
+define( "PAYGATETESTKEY", 'test' );
 define( "GATEWAY", 'payhostpaybatch' );
 
 $docroot = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['SERVER_NAME'];