From 136b5c4431260cb239686d24fcebc6bc485325c6 Mon Sep 17 00:00:00 2001
From: ptibogxiv <ptibogxiv@msn.com>
Date: Mon, 5 Mar 2018 17:26:03 +0100
Subject: [PATCH] New introduce stripeconnect mode

---
 htdocs/public/payment/newpayment.php | 70 ++++++++++++++++------------
 1 file changed, 40 insertions(+), 30 deletions(-)

diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php
index 3f2c2979e00ea..92eb0a5e8564e 100644
--- a/htdocs/public/payment/newpayment.php
+++ b/htdocs/public/payment/newpayment.php
@@ -264,11 +264,12 @@
  * Actions
  */
 
+// Action dopayment is called after choosing the payment mode
 if ($action == 'dopayment')
 {
 	if ($paymentmethod == 'paypal')
 	{
-		$PAYPAL_API_PRICE=price2num(GETPOST("newamount"),'MT');
+		$PAYPAL_API_PRICE=price2num(GETPOST("newamount",'alpha'),'MT');
 		$PAYPAL_PAYMENT_TYPE='Sale';
 
 		$origfulltag=GETPOST("fulltag",'alpha');
@@ -310,6 +311,7 @@
 			dol_syslog("PAYPAL_API_KO: $PAYPAL_API_KO", LOG_DEBUG);
 			dol_syslog("PAYPAL_API_PRICE: $PAYPAL_API_PRICE", LOG_DEBUG);
 			dol_syslog("PAYPAL_API_DEVISE: $PAYPAL_API_DEVISE", LOG_DEBUG);
+			// All those fields may be empty when making a payment for a free amount for example
 			dol_syslog("shipToName: $shipToName", LOG_DEBUG);
 			dol_syslog("shipToStreet: $shipToStreet", LOG_DEBUG);
 			dol_syslog("shipToCity: $shipToCity", LOG_DEBUG);
@@ -327,9 +329,10 @@
 			//$_SESSION["FinalPaymentAmt"]=$PAYPAL_API_PRICE;
 
 			// A redirect is added if API call successfull
-			print_paypal_redirect($PAYPAL_API_PRICE,$PAYPAL_API_DEVISE,$PAYPAL_PAYMENT_TYPE,$PAYPAL_API_OK,$PAYPAL_API_KO, $FULLTAG);
+			$mesg = print_paypal_redirect($PAYPAL_API_PRICE,$PAYPAL_API_DEVISE,$PAYPAL_PAYMENT_TYPE,$PAYPAL_API_OK,$PAYPAL_API_KO, $FULLTAG);
 
-			exit;
+			// If we are here, it means the Paypal redirect was not done, so we show error message
+			$action = '';
 		}
 	}
 
@@ -366,7 +369,7 @@
 
 	if ($paymentmethod == 'stripe')
 	{
-		if (GETPOST('newamount')) $amount = GETPOST('newamount');
+		if (GETPOST('newamount','alpha')) $amount = price2num(GETPOST('newamount','alpha'),'MT');
 		else
 		{
 			setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Amount")), null, 'errors');
@@ -379,10 +382,12 @@
 // Called when choosing Stripe mode, after the 'dopayment'
 if ($action == 'charge')
 {
+	$amountstripe = $amount;
+
 	// Correct the amount according to unit of currency
 	// See https://support.stripe.com/questions/which-zero-decimal-currencies-does-stripe-support
 	$arrayzerounitcurrency=array('BIF', 'CLP', 'DJF', 'GNF', 'JPY', 'KMF', 'KRW', 'MGA', 'PYG', 'RWF', 'VND', 'VUV', 'XAF', 'XOF', 'XPF');
-	if (! in_array($currency, $arrayzerounitcurrency)) $amount=$amount * 100;
+	if (! in_array($currency, $arrayzerounitcurrency)) $amountstripe=$amountstripe * 100;
 
 	dol_syslog("POST keys  : ".join(',', array_keys($_POST)), LOG_DEBUG, 0, '_stripe');
 	dol_syslog("POST values: ".join(',', $_POST), LOG_DEBUG, 0, '_stripe');
@@ -411,7 +416,7 @@
 		dol_syslog("Create charge", LOG_DEBUG, 0, '_stripe');
 		$charge = \Stripe\Charge::create(array(
 		'customer' => $customer->id,
-		'amount'   => price2num($amount, 'MU'),
+		'amount'   => price2num($amountstripe, 'MU'),
 		'currency' => $currency,
 		'description' => 'Stripe payment: '.$FULLTAG,
 		'metadata' => array("FULLTAG" => $FULLTAG, 'Recipient' => $mysoc->name),
@@ -529,7 +534,7 @@
 {
 	dol_htmloutput_mesg($langs->trans('YouAreCurrentlyInSandboxMode','Paypal'),'','warning');
 }
-if (! empty($conf->stripe->enabled) && (empty($conf->global->STRIPE_LIVE) || GETPOST('forcesandbox','alpha')))
+if (! empty($conf->stripe->enabled) && (empty($conf->global->STRIPE_LIVE) || empty($conf->global->STRIPECONNECT_LIVE) || GETPOST('forcesandbox','alpha')))
 {
 	dol_htmloutput_mesg($langs->trans('YouAreCurrentlyInSandboxMode','Stripe'),'','warning');
 }
@@ -647,7 +652,7 @@
 	if (empty($amount) || ! is_numeric($amount))
 	{
 		print '<input type="hidden" name="amount" value="'.GETPOST("amount",'int').'">';
-		print '<input class="flat" size=8 type="text" name="newamount" value="'.GETPOST("newamount","int").'">';
+		print '<input class="flat maxwidth75" type="text" name="newamount" value="'.price2num(GETPOST("newamount","alpha"),'MT').'">';
 	}
 	else {
 		print '<b>'.price($amount).'</b>';
@@ -661,7 +666,7 @@
 
 	// Tag
 	print '<tr class="CTableRow'.($var?'1':'2').'"><td class="CTableRow'.($var?'1':'2').'">'.$langs->trans("PaymentCode");
-	print '</td><td class="CTableRow'.($var?'1':'2').'"><b>'.$fulltag.'</b>';
+	print '</td><td class="CTableRow'.($var?'1':'2').'"><b style="word-break: break-all;">'.$fulltag.'</b>';
 	print '<input type="hidden" name="tag" value="'.$tag.'">';
 	print '<input type="hidden" name="fulltag" value="'.$fulltag.'">';
 	print '</td></tr>'."\n";
@@ -738,7 +743,7 @@
 	if (empty($amount) || ! is_numeric($amount))
 	{
 		print '<input type="hidden" name="amount" value="'.GETPOST("amount",'int').'">';
-		print '<input class="flat" size=8 type="text" name="newamount" value="'.GETPOST("newamount","int").'">';
+		print '<input class="flat maxwidth75" type="text" name="newamount" value="'.price2num(GETPOST("newamount","alpha"),'MT').'">';
 	}
 	else {
 		print '<b>'.price($amount).'</b>';
@@ -752,7 +757,7 @@
 
 	// Tag
 	print '<tr class="CTableRow'.($var?'1':'2').'"><td class="CTableRow'.($var?'1':'2').'">'.$langs->trans("PaymentCode");
-	print '</td><td class="CTableRow'.($var?'1':'2').'"><b>'.$fulltag.'</b>';
+	print '</td><td class="CTableRow'.($var?'1':'2').'"><b style="word-break: break-all;">'.$fulltag.'</b>';
 	print '<input type="hidden" name="tag" value="'.$tag.'">';
 	print '<input type="hidden" name="fulltag" value="'.$fulltag.'">';
 	print '</td></tr>'."\n";
@@ -850,7 +855,7 @@
 	print '</td></tr>'."\n";
 
 	// Amount
-	print '<tr class="CTableRow'.($var?'1':'2').'"><td class="CTableRow'.($var?'1':'2').'">'.$langs->trans("Amount");
+	print '<tr class="CTableRow'.($var?'1':'2').'"><td class="CTableRow'.($var?'1':'2').'">'.$langs->trans("PaymentAmount");
 	if (empty($amount) && empty($object->paye)) print ' ('.$langs->trans("ToComplete").')';
 	print '</td><td class="CTableRow'.($var?'1':'2').'">';
 	if (empty($object->paye))
@@ -858,7 +863,7 @@
 		if (empty($amount) || ! is_numeric($amount))
 		{
 			print '<input type="hidden" name="amount" value="'.GETPOST("amount",'int').'">';
-			print '<input class="flat" size=8 type="text" name="newamount" value="'.GETPOST("newamount","int").'">';
+			print '<input class="flat maxwidth75" type="text" name="newamount" value="'.price2num(GETPOST("newamount","alpha"), 'MT').'">';
 		}
 		else {
 			print '<b>'.price($amount).'</b>';
@@ -877,7 +882,7 @@
 
 	// Tag
 	print '<tr class="CTableRow'.($var?'1':'2').'"><td class="CTableRow'.($var?'1':'2').'">'.$langs->trans("PaymentCode");
-	print '</td><td class="CTableRow'.($var?'1':'2').'"><b>'.$fulltag.'</b>';
+	print '</td><td class="CTableRow'.($var?'1':'2').'"><b style="word-break: break-all;">'.$fulltag.'</b>';
 	print '<input type="hidden" name="tag" value="'.$tag.'">';
 	print '<input type="hidden" name="fulltag" value="'.$fulltag.'">';
 	print '</td></tr>'."\n";
@@ -1079,7 +1084,7 @@
 	if (empty($amount) || ! is_numeric($amount))
 	{
 		print '<input type="hidden" name="amount" value="'.GETPOST("amount",'int').'">';
-		print '<input class="flat" size=8 type="text" name="newamount" value="'.GETPOST("newamount","int").'">';
+		print '<input class="flat maxwidth75" type="text" name="newamount" value="'.price2num(GETPOST("newamount","alpha"),'MT').'">';
 	}
 	else {
 		print '<b>'.price($amount).'</b>';
@@ -1093,7 +1098,7 @@
 
 	// Tag
 	print '<tr class="CTableRow'.($var?'1':'2').'"><td class="CTableRow'.($var?'1':'2').'">'.$langs->trans("PaymentCode");
-	print '</td><td class="CTableRow'.($var?'1':'2').'"><b>'.$fulltag.'</b>';
+	print '</td><td class="CTableRow'.($var?'1':'2').'"><b style="word-break: break-all;">'.$fulltag.'</b>';
 	print '<input type="hidden" name="tag" value="'.$tag.'">';
 	print '<input type="hidden" name="fulltag" value="'.$fulltag.'">';
 	print '</td></tr>'."\n";
@@ -1202,7 +1207,7 @@
 		print '</td><td class="CTableRow'.($var?'1':'2').'">'.price($member->last_subscription_amount);
 		print '</td></tr>'."\n";
 
-		if (empty($amount) && ! GETPOST('newamount')) $_GET['newamount']=$member->last_subscription_amount;
+		if (empty($amount) && ! GETPOST('newamount','alpha')) $_GET['newamount']=$member->last_subscription_amount;
 	}
 
 	// Amount
@@ -1215,27 +1220,31 @@
 		if (empty($conf->global->MEMBER_NEWFORM_AMOUNT)) print ')';
 	}
 	print '</td><td class="CTableRow'.($var?'1':'2').'">';
+	$valtoshow='';
 	if (empty($amount) || ! is_numeric($amount))
 	{
-		$valtoshow=GETPOST("newamount",'int');
+		$valtoshow=price2num(GETPOST("newamount",'alpha'),'MT');
 		// force default subscription amount to value defined into constant...
-		if (! empty($conf->global->MEMBER_NEWFORM_EDITAMOUNT)) {
-			if (! empty($conf->global->MEMBER_NEWFORM_AMOUNT)) {
-				$valtoshow = $conf->global->MEMBER_NEWFORM_AMOUNT;
+		if (empty($valtoshow))
+		{
+			if (! empty($conf->global->MEMBER_NEWFORM_EDITAMOUNT)) {
+				if (! empty($conf->global->MEMBER_NEWFORM_AMOUNT)) {
+					$valtoshow = $conf->global->MEMBER_NEWFORM_AMOUNT;
+				}
 			}
-		}
-		else {
-			if (! empty($conf->global->MEMBER_NEWFORM_AMOUNT)) {
-				$amount = $conf->global->MEMBER_NEWFORM_AMOUNT;
+			else {
+				if (! empty($conf->global->MEMBER_NEWFORM_AMOUNT)) {
+					$amount = $conf->global->MEMBER_NEWFORM_AMOUNT;
+				}
 			}
 		}
 	}
 	if (empty($amount) || ! is_numeric($amount))
 	{
-		//$valtoshow=GETPOST("newamount",'int');
+		//$valtoshow=price2num(GETPOST("newamount",'alpha'),'MT');
 		if (! empty($conf->global->MEMBER_MIN_AMOUNT) && $valtoshow) $valtoshow=max($conf->global->MEMBER_MIN_AMOUNT,$valtoshow);
 		print '<input type="hidden" name="amount" value="'.GETPOST("amount",'int').'">';
-		print '<input class="flat" size="8" type="text" name="newamount" value="'.$valtoshow.'">';
+		print '<input class="flat maxwidth75" type="text" name="newamount" value="'.$valtoshow.'">';
 	}
 	else {
 		$valtoshow=$amount;
@@ -1252,7 +1261,7 @@
 	// Tag
 
 	print '<tr class="CTableRow'.($var?'1':'2').'"><td class="CTableRow'.($var?'1':'2').'">'.$langs->trans("PaymentCode");
-	print '</td><td class="CTableRow'.($var?'1':'2').'"><b>'.$fulltag.'</b>';
+	print '</td><td class="CTableRow'.($var?'1':'2').'"><b style="word-break: break-all;">'.$fulltag.'</b>';
 	print '<input type="hidden" name="tag" value="'.$tag.'">';
 	print '<input type="hidden" name="fulltag" value="'.$fulltag.'">';
 	print '</td></tr>'."\n";
@@ -1428,7 +1437,7 @@ class="stripe-button"
 
 	    <div class="form-row left">
 	    <label for="card-element">
-	    Credit or debit card
+	    '.$langs->trans("CreditOrDebitCard").'
 	    </label>
 	    <div id="card-element">
 	    <!-- a Stripe Element will be inserted here. -->
@@ -1438,7 +1447,7 @@ class="stripe-button"
 	    <div id="card-errors" role="alert"></div>
 	    </div>
 	    <br>
-	    <button class="button" id="buttontopay">'.$langs->trans("ToPay").'</button>
+	    <button class="butAction" id="buttontopay">'.$langs->trans("ValidatePayment").'</button>
 	    <img id="hourglasstopay" class="hidden" src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/working.gif'.'">
 	    </td></tr></tbody></table>
 
@@ -1537,3 +1546,4 @@ function stripeTokenHandler(token) {
 llxFooter('', 'public');
 
 $db->close();
+