Changeset 6601 for sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments/includes/sponsor-payment-stripe.php
- Timestamp:
- 02/12/2018 05:39:13 PM (7 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments/includes/sponsor-payment-stripe.php
r6067 r6601 5 5 6 6 namespace WordCamp\Budgets\Sponsor_Payment_Stripe; 7 use WordCamp_Budgets; 7 8 8 9 defined( 'WPINC' ) or die(); 9 10 10 const STEP_SELECT_INVOICE = 1;11 const STEP_SELECT_INVOICE = 1; 11 12 const STEP_PAYMENT_DETAILS = 2; 12 13 const STEP_PAYMENT_SUCCESS = 3; 13 const CSS_VERSION = 1;14 const CSS_VERSION = 1; 14 15 15 16 /** … … 20 21 */ 21 22 function render() { 22 23 // Make sure we have Stripe keys and an HMAC.24 23 $keys = _get_keys(); 25 if ( empty( $keys['publishable'] ) || empty( $keys['secret'] ) || empty( $keys['hmac_key'] ) ) 24 25 if ( empty( $keys['publishable'] ) || empty( $keys['secret'] ) || empty( $keys['hmac_key'] ) ) { 26 26 return; 27 28 // Make sure WordCamp_Budgets is available. 27 } 28 29 29 require_once( __DIR__ . '/wordcamp-budgets.php' ); 30 30 31 31 $data = array( 32 'keys' => $keys,33 'step' => STEP_SELECT_INVOICE,34 'wordcamps' => _get_wordcamps(),35 'currencies' => \WordCamp_Budgets::get_currencies(),36 'errors' => array(),32 'keys' => $keys, 33 'step' => STEP_SELECT_INVOICE, 34 'wordcamps' => _get_wordcamps(), 35 'currencies' => WordCamp_Budgets::get_currencies(), 36 'errors' => array(), 37 37 ); 38 38 … … 54 54 // Stripe API credentials. 55 55 'publishable' => '', 56 'secret' => '',56 'secret' => '', 57 57 58 58 // An HMAC key used to sign some data in between requests. 59 'hmac_key' => '',59 'hmac_key' => '', 60 60 ) ); 61 61 } … … 71 71 if ( ! isset( $wordcamps ) ) { 72 72 $wordcamps = get_posts( array( 73 'post_type' => 'wordcamp', 74 'post_status' => \WordCamp_Loader::get_public_post_statuses(), 75 'posts_per_page' => -1, 76 'orderby' => 'title', 77 'order' => 'asc', 78 'meta_query' => array( array( 79 'key' => 'Start Date (YYYY-mm-dd)', 80 'value' => strtotime( '-3 months' ), 81 'compare' => '>' 82 ) ) 73 'post_type' => 'wordcamp', 74 'post_status' => \WordCamp_Loader::get_public_post_statuses(), 75 'posts_per_page' => - 1, 76 'orderby' => 'title', 77 'order' => 'asc', 78 79 'meta_query' => array( 80 array( 81 'key' => 'Start Date (YYYY-mm-dd)', 82 'value' => strtotime( '-3 months' ), 83 'compare' => '>' 84 ) 85 ) 83 86 ) ); 84 87 } … … 100 103 101 104 switch ( $_POST['step'] ) { 105 // An invoice, event, currency and amount have been selected. 102 106 case STEP_SELECT_INVOICE: 103 // An invoice, event, currency and amount have been selected.104 105 107 if ( empty( $_POST['currency'] ) ) { 106 108 $data['errors'][] = 'Please select a currency.'; … … 132 134 // Make sure the selected WordCamp is valid. 133 135 $wordcamp_id = absint( $_POST['wordcamp_id'] ); 134 $valid_ids = wp_list_pluck( _get_wordcamps(), 'ID' );136 $valid_ids = wp_list_pluck( _get_wordcamps(), 'ID' ); 135 137 136 138 if ( ! in_array( $wordcamp_id, $valid_ids ) ) { … … 144 146 } 145 147 146 $invoice_id = absint( $_POST['invoice_id'] );148 $invoice_id = absint( $_POST['invoice_id'] ); 147 149 $wordcamp_site_id = get_wordcamp_site_id( get_post( $wordcamp_id ) ); 148 150 if ( empty( $wordcamp_site_id ) ) { … … 152 154 153 155 // Next step is to collect the card details via Stripe. 154 $data['step'] = STEP_PAYMENT_DETAILS;156 $data['step'] = STEP_PAYMENT_DETAILS; 155 157 $data['payment'] = array( 156 'currency' => $currency,157 'amount' => $amount,158 'currency' => $currency, 159 'amount' => $amount, 158 160 'wordcamp_id' => $wordcamp_id, 159 'invoice_id' => $invoice_id,161 'invoice_id' => $invoice_id, 160 162 ); 161 163 162 164 // Passed through to the charge step. 163 $data['payment_data_json'] = json_encode( $data['payment'] );165 $data['payment_data_json'] = json_encode( $data['payment'] ); 164 166 $data['payment_data_signature'] = hash_hmac( 'sha256', $data['payment_data_json'], $data['keys']['hmac_key'] ); 165 167 … … 168 170 break; 169 171 172 // The card details have been entered and Stripe has submitted our form. 170 173 case STEP_PAYMENT_DETAILS: 171 // The card details have been entered and Stripe has submitted our form.172 173 174 if ( empty( $_POST['stripeToken'] ) ) { 174 175 $data['errors'][] = 'Stripe token not found.'; … … 178 179 // Make sure our data hasn't been altered. 179 180 $payment_data_str = wp_unslash( $_POST['payment_data_json'] ); 180 $payment_data = json_decode( $payment_data_str, true );181 $payment_data = json_decode( $payment_data_str, true ); 181 182 if ( ! hash_equals( hash_hmac( 'sha256', $payment_data_str, $data['keys']['hmac_key'] ), $_POST['payment_data_signature'] ) ) { 182 183 $data['errors'][] = 'Could not verify payload signature.'; … … 184 185 } 185 186 186 $wordcamp_obj = get_post( $payment_data['wordcamp_id'] );187 $wordcamp_site_id = get_wordcamp_site_id( $wordcamp_obj );187 $wordcamp_obj = get_post( $payment_data['wordcamp_id'] ); 188 $wordcamp_site_id = get_wordcamp_site_id( $wordcamp_obj ); 188 189 $wordcamp_site_url = set_url_scheme( esc_url_raw( get_blog_option( $wordcamp_site_id, 'home', '' ) ), 'https' ); 189 190 … … 193 194 try { 194 195 $charge = \Stripe\Charge::create( array( 195 'amount' => round( $payment_data['amount'], 2 ) * 100,196 'currency' => $payment_data['currency'],197 'source' => $_POST['stripeToken'],196 'amount' => round( $payment_data['amount'], 2 ) * 100, 197 'currency' => $payment_data['currency'], 198 'source' => $_POST['stripeToken'], 198 199 'description' => 'WordCamp Sponsorship: ' . $wordcamp_obj->post_title, 199 'metadata' => array(200 'invoice_id' => $payment_data['invoice_id'],201 'wordcamp_id' => $payment_data['wordcamp_id'],200 'metadata' => array( 201 'invoice_id' => $payment_data['invoice_id'], 202 'wordcamp_id' => $payment_data['wordcamp_id'], 202 203 'wordcamp_site_id' => $wordcamp_site_id, 203 'wordcamp_url' => $wordcamp_site_url,204 'wordcamp_url' => $wordcamp_site_url, 204 205 ), 205 206 ) );
Note: See TracChangeset
for help on using the changeset viewer.