Fix capture_order.php to use table_prefix and prevent JSON corruption
Co-authored-by: iaretechnician <2749183+iaretechnician@users.noreply.github.com>
This commit is contained in:
parent
4e73997a4b
commit
58bd9b9ae4
1 changed files with 10 additions and 6 deletions
|
|
@ -5,6 +5,10 @@ $sandbox = true; // flip to false for Live
|
||||||
$client_id = 'AfvY_C2zA_hTHxHq7TIhtOeub4xBdySYrt_Hjj3d_WYQwjWI9NfOAVOTeResx2rgZ_nP5tOoxQSAHw8c';
|
$client_id = 'AfvY_C2zA_hTHxHq7TIhtOeub4xBdySYrt_Hjj3d_WYQwjWI9NfOAVOTeResx2rgZ_nP5tOoxQSAHw8c';
|
||||||
$client_secret = 'EJ216np9cAj9n7KSddez3fLVxGe-zi4oKKKl1YGqPp88XIikr4Qzbxh0XW2as-V6LgdX-upjtQAg9dC0';
|
$client_secret = 'EJ216np9cAj9n7KSddez3fLVxGe-zi4oKKKl1YGqPp88XIikr4Qzbxh0XW2as-V6LgdX-upjtQAg9dC0';
|
||||||
|
|
||||||
|
// Ensure all errors are logged, not output (to prevent JSON corruption)
|
||||||
|
ini_set('display_errors', '0');
|
||||||
|
error_reporting(E_ALL);
|
||||||
|
|
||||||
header('Content-Type: application/json');
|
header('Content-Type: application/json');
|
||||||
$in = json_decode(file_get_contents('php://input'), true) ?: [];
|
$in = json_decode(file_get_contents('php://input'), true) ?: [];
|
||||||
$order_id = $in['order_id'] ?? null;
|
$order_id = $in['order_id'] ?? null;
|
||||||
|
|
@ -95,13 +99,13 @@ if ($captureStatus === 'COMPLETED' && $custom_id) {
|
||||||
$now = date('Y-m-d H:i:s');
|
$now = date('Y-m-d H:i:s');
|
||||||
$esc_txid = mysqli_real_escape_string($db, $txid);
|
$esc_txid = mysqli_real_escape_string($db, $txid);
|
||||||
|
|
||||||
$updateInvoices = "UPDATE ogp_billing_invoices
|
$updateInvoices = "UPDATE {$table_prefix}billing_invoices
|
||||||
SET status='paid', paid_date='$now', payment_txid='$esc_txid', payment_method='paypal'
|
SET status='paid', paid_date='$now', payment_txid='$esc_txid', payment_method='paypal'
|
||||||
WHERE user_id=$user_id AND status='due'";
|
WHERE user_id=$user_id AND status='due'";
|
||||||
mysqli_query($db, $updateInvoices);
|
mysqli_query($db, $updateInvoices);
|
||||||
|
|
||||||
// Get all invoices we just marked paid
|
// Get all invoices we just marked paid
|
||||||
$getInvoices = "SELECT * FROM ogp_billing_invoices WHERE user_id=$user_id AND payment_txid='$esc_txid'";
|
$getInvoices = "SELECT * FROM {$table_prefix}billing_invoices WHERE user_id=$user_id AND payment_txid='$esc_txid'";
|
||||||
$invoicesResult = mysqli_query($db, $getInvoices);
|
$invoicesResult = mysqli_query($db, $getInvoices);
|
||||||
|
|
||||||
// For each invoice, either create a new order or extend existing one (renewal)
|
// For each invoice, either create a new order or extend existing one (renewal)
|
||||||
|
|
@ -133,7 +137,7 @@ if ($captureStatus === 'COMPLETED' && $custom_id) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get current end_date and extend it
|
// Get current end_date and extend it
|
||||||
$getEndDate = "SELECT end_date FROM ogp_billing_orders WHERE order_id=$existing_order_id LIMIT 1";
|
$getEndDate = "SELECT end_date FROM {$table_prefix}billing_orders WHERE order_id=$existing_order_id LIMIT 1";
|
||||||
$endDateResult = mysqli_query($db, $getEndDate);
|
$endDateResult = mysqli_query($db, $getEndDate);
|
||||||
if ($endDateResult && mysqli_num_rows($endDateResult) === 1) {
|
if ($endDateResult && mysqli_num_rows($endDateResult) === 1) {
|
||||||
$endRow = mysqli_fetch_assoc($endDateResult);
|
$endRow = mysqli_fetch_assoc($endDateResult);
|
||||||
|
|
@ -148,7 +152,7 @@ if ($captureStatus === 'COMPLETED' && $custom_id) {
|
||||||
$new_end_date = $dt->format('Y-m-d H:i:s');
|
$new_end_date = $dt->format('Y-m-d H:i:s');
|
||||||
|
|
||||||
// Update order with new end_date and mark as paid/active
|
// Update order with new end_date and mark as paid/active
|
||||||
$updateOrder = "UPDATE ogp_billing_orders
|
$updateOrder = "UPDATE {$table_prefix}billing_orders
|
||||||
SET end_date='$new_end_date', status='paid', payment_txid='$esc_txid', paid_ts='$now'
|
SET end_date='$new_end_date', status='paid', payment_txid='$esc_txid', paid_ts='$now'
|
||||||
WHERE order_id=$existing_order_id";
|
WHERE order_id=$existing_order_id";
|
||||||
if (mysqli_query($db, $updateOrder)) {
|
if (mysqli_query($db, $updateOrder)) {
|
||||||
|
|
@ -163,7 +167,7 @@ if ($captureStatus === 'COMPLETED' && $custom_id) {
|
||||||
$end_date = date('Y-m-d H:i:s', strtotime("+$qty $duration"));
|
$end_date = date('Y-m-d H:i:s', strtotime("+$qty $duration"));
|
||||||
|
|
||||||
// Insert order
|
// Insert order
|
||||||
$insertOrder = "INSERT INTO ogp_billing_orders (
|
$insertOrder = "INSERT INTO {$table_prefix}billing_orders (
|
||||||
user_id, service_id, home_name, ip, max_players, qty, invoice_duration,
|
user_id, service_id, home_name, ip, max_players, qty, invoice_duration,
|
||||||
price, remote_control_password, ftp_password, status, order_date, end_date,
|
price, remote_control_password, ftp_password, status, order_date, end_date,
|
||||||
payment_txid, paid_ts
|
payment_txid, paid_ts
|
||||||
|
|
@ -177,7 +181,7 @@ if ($captureStatus === 'COMPLETED' && $custom_id) {
|
||||||
$new_order_id = mysqli_insert_id($db);
|
$new_order_id = mysqli_insert_id($db);
|
||||||
|
|
||||||
// Link invoice to order
|
// Link invoice to order
|
||||||
$linkInvoice = "UPDATE ogp_billing_invoices SET order_id=$new_order_id WHERE invoice_id=$invoice_id";
|
$linkInvoice = "UPDATE {$table_prefix}billing_invoices SET order_id=$new_order_id WHERE invoice_id=$invoice_id";
|
||||||
mysqli_query($db, $linkInvoice);
|
mysqli_query($db, $linkInvoice);
|
||||||
|
|
||||||
error_log("capture_order.php: Created order $new_order_id for invoice $invoice_id");
|
error_log("capture_order.php: Created order $new_order_id for invoice $invoice_id");
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue