Viewing file:  Payment.php (41.71 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
use Omnipay\Omnipay;
defined('BASEPATH') or exit('No direct script access allowed');
class Payment extends CI_Controller
{
public function pay_card()
{
if (isset($_GET['payiyocheck'])) {
$this->load->model("payment_model");
$p = $this->db->get_where("payments", array("id" => intval($_GET['payiyocheck'])))->result_array();
echo json_encode([
'confirmed' => isset($p[0]) && $p[0]['status'] == 1
]);
die();
}
if (($this->input->post('phone') && $this->input->post('amount') && (int)$this->input->post('amount') >= (int)get_instance()->config->item("minimum_payment")) || ($this->config->item('payiyo_enabled') == 1 && $this->input->post('payiyo') == 1 && (int)$this->input->post('amount') >= 25) || ($this->config->item('paypal_status') != 'deactive' && !in_array(strtolower($this->config->item('money_sign')), array('₺', 'TRY', 'TL')) && $this->input->post('paypal') == 1 && (int)$this->input->post('amount') >= (int)get_instance()->config->item("minimum_payment"))) {
$this->load->model("payment_model");
$user = $this->payment_model->getUserByEmail($this->session->userdata('login'));
$payment_id = $this->payment_model->insertPayment((int)$this->input->post('amount'), 'card', $user["id"], ($this->input->post('payiyo') == 1));
if ($this->input->post('payiyo') == 1) {
$this->lang->load('panel');
$data["title"] = $this->lang->line("pay_with_btc") . " - " . $this->config->item("site_name");
$data["page"] = "btc";
$data["user"] = $user;
print $this->load->view('theme-' . $this->config->item("theme") . '/panel/header', $data, true);
print '<div class="container my-5"><div class="shadow bg-white p-4">';
$ch = curl_init();
$currency = strtoupper($this->config->item('money_sign'));
switch ($currency) {
case 'TL':
case '₺':
case 'TRY':
$currency = 'TL';
break;
case 'EURO':
case '€':
case 'EUR':
$currency = 'EURO';
break;
case '$':
case 'USD':
$currency = 'USD';
break;
case '':
$currency = 'GBP';
break;
}
$fields = [
'merchant_id' => $this->config->item('payiyo_merchant_id'),
'public_key' => $this->config->item('payiyo_api_key'),
'secret_key' => $this->config->item('payiyo_secret_key'),
'order_id' => time() . 'P' . $payment_id,
'amount' => (int)$this->input->post('amount'),
'currency' => strtolower($currency),
'user_ip' => $_SERVER['REMOTE_ADDR'],
'testmode' => 0
];
curl_setopt_array($ch, [
CURLOPT_URL => 'https://api.payiyo.com/odeme.php',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_HTTPHEADER => [
'X-SECURITY: PayiyoSystemV1',
'X-Public-Key: ' . $this->config->item('payiyo_api_key')
],
CURLOPT_POSTFIELDS => http_build_query($fields),
CURLOPT_SSL_VERIFYPEER => false
]);
$response = curl_exec($ch);
$response = str_replace('\xEF\xBB\xBF', '', $response);
$result = json_decode($response, true);
if (isset($result['btc_address'])) {
?>
<style>
.payiyo-spinner {
-webkit-animation: rotation 1.35s linear infinite;
animation: rotation 1.35s linear infinite;
}
@-webkit-keyframes rotation {
0% {
-webkit-transform: rotate(0);
transform: rotate(0);
}
100% {
-webkit-transform: rotate(270deg);
transform: rotate(270deg);
}
}
@keyframes rotation {
0% {
-webkit-transform: rotate(0);
transform: rotate(0);
}
100% {
-webkit-transform: rotate(270deg);
transform: rotate(270deg);
}
}
.payiyo-spinner .circle {
stroke-dasharray: 180;
stroke-dashoffset: 0;
-webkit-transform-origin: center;
-ms-transform-origin: center;
transform-origin: center;
-webkit-animation: turn 1.35s ease-in-out infinite;
animation: turn 1.35s ease-in-out infinite;
}
@-webkit-keyframes turn {
0% {
stroke-dashoffset: 180;
}
50% {
stroke-dashoffset: 45;
-webkit-transform: rotate(135deg);
transform: rotate(135deg);
}
100% {
stroke-dashoffset: 180;
-webkit-transform: rotate(450deg);
transform: rotate(450deg);
}
}
@keyframes turn {
0% {
stroke-dashoffset: 180;
}
50% {
stroke-dashoffset: 45;
-webkit-transform: rotate(135deg);
transform: rotate(135deg);
}
100% {
stroke-dashoffset: 180;
-webkit-transform: rotate(450deg);
transform: rotate(450deg);
}
}
.payiyo-spinner {
stroke: #259b24;
}
.payiyo-check {
fill: #259b24;
}
.payiyo-check,
.payiyo-spinner {
margin-right: 1.25rem;
}
.payiyo-status>div {
display: inline-flex;
align-items: center;
color: #259b24;
font-weight: 700;
margin-top: 1rem;
}
</style>
<div class="row">
<div class="col-md-7 order-2 order-md-1">
<div class="row align-items-center">
<div class="col-auto"><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAYAAACqaXHeAAAABmJLR0QA/wD/AP+gvaeTAAAHGUlEQVR42uVba2wUVRQen4mvHyZAu7MVhBBfqFERNRoThUQFoj8EfOET5OkPYjQqFW0VRZAEYXdbaHmogBQqtiKtBaSGN4QIfQCBlkIa22orUEu73ZnZx1zPmbY7O+3e2e3OvdPdeJObNp3O3HvOPc/vnCsInIc3Z3C67BKflVziZ7JbLJQ84kHJLTbA763wswMmgdkpuZ3n8JnscfwouZwLZHf6eO/yIWlCqg1ChCt8royHgKBFQNipbgITnsCoCsnjWNiZkz4muQlfMugmOL2ZsOlqq0SbzBqfR/ywLXfozclDeM7gG0F0P4XNXeZIeO+Ja2Xh2gMq6t0n3mwj4b1ns+x2zsa92Eq89E36rWDUdg8g4b3nATknY6QtxPtc4ssR1jt5pkdsx71xFXlYKBummnTER0wwkitItnAlW+LzRl8DurY1mQk3uE6IJXDPbIjPHnUt+OLiVCFejx+cP1lmAooSEF+UasSHp0vcYkkd4CNf8dqcf8ccEqwpIv7fPyDyxsc5GkfHwsSIdzmm8jydYE0x0YdK5DX3dG84gzVDVJ/bOaWfJ582HN0KTwao3mad/Iunw39XNj/V9Tdvi8YkpXAii/W8cm7aiLj1HhKZPVwNFJxw5AhWrQs/C+zPNjxTtk1ltW55XBEjGL251hdzktD5XSRwdBlRiicTaeUIo/6D3kcOf9mM8LPQ+Z36g1CASHm3sWT+9NiJDYPYXv7hCWI8YoWEmg6TwJGlwJApJFhXStV/VW7T6W8+zlr6WjBrNbP62Uws/J75JN6hdraEjV6P/veMwLEcDq7RuYCaz7NKadG99XeovguaMTTo/y+v8rBBbVHTaNkjvsNskZyhRNn6HAkcXkzU1jqS6Agc+ZpI+XdwCJWdc6KIv/MEF6sPBlC9VJMwE4i/kwRPrCfy94+w3Ncpg0dAvI1r0HOqIDpxYByRwPjEQSKBfVnM9tS5wjFaP30IF3kyIPTPiej0ny3pUpctE0jg0CKw+hWx+VCZz2pfn+sgh1us5Bb05N8JFi4UXbr3ZPb5f/QEoYYD5lpRNovF3qo14jtWpg3hCXIoJW9SCZE3jaUGUsGTG+keIyJ0tjI7XOmDwfpnTOAp/oGKfIrbu6gRSn131UhDUNSHeavvZoAZpI8XMDDgq//V0fW/riT2uw0H6QzY8BiL/WUJWrmKFwPAhxM1GF2P934cM59QO5poSgASMIrFHjdj+HuIn/6/QT1BDJTMw+lM6ruhCydZIUb7Ba0oyU3/80xi35DmHoNVa4m//H1Ie18hStEkQIpmk2DtthgR4lJWezwv8MT4afpvZaiX6yFFvp0NhO4W/0UGSFwYAJuk6X+iI9RSCSHxw0yLKcgAn936H/jDrUWBCHvFdergDvF7kucW1vv0clOBwPFV0YmRLhn8v7xpHOj0EqK21ZszAbJKeuCUeJUZGVDPRf9bqij+v5Tq9hAqV9sbTSThMqBNTzLtN0AGHLBT//37PjGPztbcS02euuxAhXkE2b+5V8DqCXP93/66Sfw/LnaIuv5RagKlxRCQMDHaawETHFApfoHI343R8/8zWyn636oBn3HVDVrP0rPB3+axYsBHguxyTrSUUKy7HxTb3+2j/6Tqvqb/535NqHDShwHl7zEqoDqeFrAVzZK1P7o8fnQrhv6HJernl0y/gxLHomSGUIA1PDB3uJbWxh3FgatDfA+tfVSMD9Ahf+k0828CjIapMoP2u2OWITFlyzPWAE+lXQM3Qo2HusJmvzfmKxqMxkb/s3RQ1O140BI3wXX5y2aSYPW31hgSD88AP2QCinrEB3pXhZg1OMpr79NEnfVgBYgiBhqlMOKcwxQKP11o3PzBLzQvYAZzmYo+uFa0EWxwAMcMWmG0jVn9v73BEMdHxv697YBZ1oiRHyMUOJwCk6VpN1C6Qtjgg5iyGk7v5AYd6QEozEA/oMZS7jCtooyldCyV+0una+CIvPouDsVRRya9PL4s4zr4p0bL1eHd7xr9/865umoAGBqJCmHdwMbGqb+op6+7RPFt1vqP0WIY6IQqcFi8wfXZ3Dk2Pd6O0B3WcoPJGh6ACI7aWhuh/2ONhrEi307iy+NuqobAaBizJqkIy40RYKTBU0resq+9foU4tH9N0W7xRS4lM8AKlO2vgYSstEv/VaQlsV5Bj/PLlO0S1We21VbZwhQmvsDyZQpSKFyFH0q5ZmmmHeNau3xKScImkN6r/48XJlS4o7iY+YWJPldmOPcRJ+rqfC7H8/ZcmsI4AQKLJCJ+V7/9PJNrcy7HLFj87wEkvAlg/Wm2X5ujXJxss83C471jj2M+yROvT6obpHiREmxEFcercWcAyp43oDdG4xkaxth1W7yCBXyF3+qD4aXKwLoDdmMhEIE9OdiWAj9rsSqNotwzsVuj+1kBqhS+054nDuK9v/8AhmvhA0Mvhi0AAAAASUVORK5CYII=" id="order" data-id="<?php echo $payment_id ?>"></div>
<div class="col">
<h3 class="text-dark d-inline"><?php echo $this->lang->line('pay_with_btc') ?></h3>
</div>
</div>
<h4 class="mt-4 text-danger"><?php echo $this->lang->line('payment_amount') ?></h4>
<h4><?php echo sprintf('%f', $result['amount']) ?> BTC</h4>
<h4 class="mt-4 text-danger"><?php echo $this->lang->line('wallet_address') ?></h4>
<h4>
<span id="wallet"><?php echo $result['btc_address'] ?></span>
<a href="#" id="copyWallet" class="d-inline-flex"><svg width="1.25rem" height="1.25rem" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-copy">
<rect x="9" y="9" width="13" height="13" rx="2" ry="2"></rect>
<path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"></path>
</svg></a>
</h4>
<div class="mt-5">
<div id="paymentConfirmed" style="display:none">
<svg enable-background="new 0 0 512 512" width="2rem" height="2rem" class="payiyo-check" viewBox="0 0 512 512" xml:space="preserve">
<path d="m437.02 74.98c-48.352-48.351-112.64-74.98-181.02-74.98-68.381 0-132.67 26.629-181.02 74.98-48.352 48.352-74.98 112.64-74.98 181.02s26.628 132.67 74.98 181.02 112.64 74.981 181.02 74.981c68.38 0 132.67-26.629 181.02-74.981s74.981-112.64 74.981-181.02-26.629-132.67-74.981-181.02zm-181.02 407.02c-124.62 0-226-101.38-226-226s101.38-226 226-226 226 101.38 226 226-101.38 226-226 226z" />
<path d="m378.3 173.86c-5.857-5.856-15.355-5.856-21.212 1e-3l-132.46 132.46-69.727-69.727c-5.857-5.857-15.355-5.857-21.213 0s-5.858 15.355 0 21.213l80.333 80.333c2.929 2.929 6.768 4.393 10.606 4.393s7.678-1.465 10.606-4.393l143.07-143.07c5.858-5.857 5.858-15.355 0-21.213z" />
</svg>
<span><?php echo $this->lang->line('payment_confirmed') ?></span>
</div>
<div id="paymentWaiting">
<svg class="payiyo-spinner" width="2rem" height="2rem" viewBox="0 0 66 66">
<circle class="circle" fill="none" stroke-width="6" stroke-linecap="round" cx="33" cy="33" r="30"></circle>
</svg>
<span><?php echo $this->lang->line('payment_waiting') ?></span>
</div>
</div>
</div>
<div class="col-md-5 text-center text-lg-right order-1 order-md-2">
<img src="data:image/jpeg;base64,<?php echo $result["base64"]; ?>" class="mw-100" height="350">
</div>
</div>
<p class="mt-4"><?php echo $this->lang->line('btc_info_text') ?></p>
<script>
$(function() {
$('#copyWallet').click(function(e) {
e.preventDefault();
var temp = $("<input>");
$('body').append(temp);
temp.val($('#wallet').text()).select();
document.execCommand('copy');
temp.remove();
Swal.fire({
title: '<?php echo $this->lang->line('wallet_copied') ?>',
text: '<?php echo $this->lang->line('wallet_copied_text') ?>.',
icon: 'success',
heightAuto: false
});
});
setInterval(function() {
$.get('<?php echo base_url('panel/pay') ?>/?payiyocheck=' + $('#order').data('id'), function(data) {
if (typeof data !== 'object') {
data = JSON.parse(data);
}
if (data.confirmed) {
$('#paymentWaiting').fadeOut(300);
setTimeout(function() {
$('#paymentConfirmed').fadeIn(300);
}, 300);
setTimeout(function() {
window.location.href = '/panel';
}, 1500);
}
});
}, 10000);
});
</script>
<?php
} else {
echo 'Payiyo Error: ' . $response;
}
print '</div></div>';
print $this->load->view('theme-' . $this->config->item("theme") . '/panel/footer', $data, true);
exit;
}
if ($this->config->item("payment_method") == "shopier") {
$this->load->library("shopier", array(
'api_key' => $this->config->item("shopier_api_key"),
'api_secret' => $this->config->item("shopier_api_secret"),
'index' => $this->config->item("shopier_site_index")
));
$Shopier = $this->shopier;
$name = explode(" ", $user["name"]);
$fname = $name[0];
$lname = count($name) > 1 ? $name[1] : "A";
$Shopier->setBuyer([
'id' => $user["id"],
'first_name' => $fname,
'last_name' => $lname,
'email' => $this->session->userdata("login"),
'phone' => $this->input->post('phone')
]);
$Shopier->setOrderBilling([
'billing_address' => "İstanbul Kadiköy",
'billing_city' => "stanbul",
'billing_country' => "Türkiye",
'billing_postcode' => "340001",
]);
$Shopier->setOrderShipping([
'shipping_address' => "İstanbul Kadiköy",
'shipping_city' => "İstanbul",
'shipping_country' => "Türkiye",
'shipping_postcode' => "340001",
]);
$callback_url = dirname(dirname($uri = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'])) . "/panel/pay/callback";
die($Shopier->run($payment_id, (int)$this->input->post('amount') * 1.186, $callback_url));
} else if ($this->config->item("payment_method") == "shipy") {
$returnID = $payment_id;
$usrIp = $_SERVER['REMOTE_ADDR'];
$amount = (int)$this->input->post('amount');
$currency = "TRY";
$apiKey = $this->config->item("shipy_api_key");
$usrName = $user["name"];
$usrAddress = "Istanbul Kadikoy 34001";
$usrPhone = $this->input->post('phone');
$usrEmail = $user["email"];
$pageLang = "TR";
$mailLang = "TR";
$installment = 0;
$fields = array(
"usrIp" => $usrIp,
"usrName" => $usrName,
"usrAddress" => $usrAddress,
"usrPhone" => $usrPhone,
"usrEmail" => $usrEmail,
"amount" => $amount,
"returnID" => $returnID,
"currency" => $currency,
"pageLang" => $pageLang,
"mailLang" => $mailLang,
"installment" => $installment,
"apiKey" => $apiKey
);
$postvars = http_build_query($fields);
$ch = curl_init();
curl_setopt_array($ch, array(
CURLOPT_URL => "https://api.shipy.dev/pay/credit_card",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => http_build_query($fields),
));
$result = curl_exec($ch);
$result = json_decode($result, true);
if ($result['status'] == "success") {
$link = $result['link'];
header("Location: $link");
} else print("Ödeme işlemi sırasında bir hata oluştu: " . $result["message"]);
curl_close($ch);
} else if ($this->config->item("payment_method") == "weepay") {
if (empty($user['city']) || empty($user['address'])) {
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title></title>
<link rel="stylesheet" href="/assets/css/sweetalert2.min.css">
</head>
<body style="font-family:sans-serif">
<script src="/assets/js/sweetalert2.all.min.js"></script>
<script>
Swal.fire('Boş Alanlar Bulundu!', 'İşleme devam etmek için lütfen Profilim sayfasından şehir ve adres bilgisini girin.', 'error').then(function() {
location.href = '/panel/profile';
});
</script>
</body>
</html>
<?php
die;
}
$name = explode(" ", $user["name"]);
$fname = $name[0];
$lname = count($name) > 1 ? $name[1] : "A";
$data = [
'Auth' => [
'bayiId' => $this->config->item("weepay_bayiid"),
'apiKey' => $this->config->item("weepay_api_key"),
'secretKey' => $this->config->item("weepay_secret_key"),
],
'Data' => [
'orderId' => $payment_id,
'currency' => 'TL',
'locale' => 'tr',
'paidPrice' => (int)$this->input->post('amount'),
'ipAddress' => $_SERVER['REMOTE_ADDR'],
'installmentNumber' => 0,
'description' => 'Bakiye Yükleme',
'callBackUrl' => base_url("panel/pay/callback"),
],
'Customer' => [
'customerId' => $user['id'],
'customerName' => $fname,
'customerSurname' => $lname,
'gsmNumber' => $this->input->post("phone"),
'email' => $user['email'],
'identityNumber' => 11111111111,
'city' => $user['city'],
'country' => 'Turkey',
],
'BillingAddress' => [
'contactName' => $user['name'],
'address' => $user['address'],
'city' => $user['city'],
'country' => 'Turkey',
'zipCode' => 34164,
],
'ShippingAddress' => [
'contactName' => $user['name'],
'address' => $user['address'],
'city' => $user['city'],
'country' => 'Turkey',
'zipCode' => 34164,
],
'Products' => [
0 => [
'productId' => '101',
'name' => 'ürün üç',
'productPrice' => 2.3,
'itemType' => 'VIRTUAL',
],
],
];
$ch = curl_init('https://api.weepay.co/Payment/PaymentCreate');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
$response = json_decode(curl_exec($ch), 1);
if ($response["status"] == "success") {
?>
<html>
<head>
<title>Güvenli Ödeme</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body style="display:flex;align-items:center;justify-content:center;">
<div>
<h3 style="text-align:center;font-family:sans-serif;">Kredi/Banka Kartıyla Güvenli Ödeme</h3>
<p style="text-align:center;font-family:sans-serif;">Kredi veya banka kartınızla kolayca ödeme yapabilirsiniz. Ödeme sonrasında 1-2 dk sonra bakiyeniz hesabınıza geçecektir.</p>
<div id='weePay-checkout-form' class='responsive'><?php echo $response["CheckoutFormData"]; ?></div>
</div>
</body>
</html>
<?php
}
} else if ($this->input->post('paypal') == 1) {
include './application/libraries/paypal/autoload.php';
$currency = strtoupper($this->config->item('money_sign'));
switch ($currency) {
case 'TL':
case '₺':
case 'TRY':
$currency = 'TL';
break;
case 'EURO':
case '€':
case 'EUR':
$currency = 'EUR';
break;
case '$':
case 'USD':
$currency = 'USD';
break;
}
$PayPal = Omnipay::create('PayPal_Rest');
$PayPal->setClientId($this->config->item('paypal_client_id'));
$PayPal->setSecret($this->config->item('paypal_client_secret'));
$PayPal->setTestMode($this->config->item('paypal_status') == 'sandbox');
$response = $PayPal->purchase(array(
'amount' => (int)$this->input->post('amount'),
'currency' => $currency,
'returnUrl' => base_url('panel/pay/callback'),
'cancelUrl' => base_url('panel/balance'),
))->send();
$_SESSION['PayPal-' . $response->getData()['id']] = (int)$this->input->post('amount');
if ($response->isRedirect()) {
$response->redirect();
} else {
echo $response->getMessage();
}
exit;
} else if ($this->config->item("payment_method") == "paytr") {
$user_ip = $_SERVER["REMOTE_ADDR"];
$merchant_id = $this->config->item("paytr_merchant_id");
$merchant_key = $this->config->item("paytr_merchant_key");
$merchant_salt = $this->config->item("paytr_merchant_salt");
$email = $user["email"];
$payment_amount = (int)$this->input->post("amount") * 100;
$merchant_oid = $payment_id;
$user_name = $user["name"];
$user_address = "Istanbul Kadikoy 34001";
$user_phone = $this->input->post("phone");
$merchant_ok_url = base_url("panel");
$merchant_fail_url = base_url("panel");
$user_basket = base64_encode("BALANCE: " . $merchant_oid);
$debug_on = 0;
$test_mode = 0;
$no_installment = 0;
$max_installment = 0;
$currency = $this->config->item("paytr_currency");
$hash_str = $merchant_id . $user_ip . $merchant_oid . $email . $payment_amount . $user_basket . $no_installment . $max_installment . $currency . $test_mode;
$paytr_token = base64_encode(hash_hmac('sha256', $hash_str . $merchant_salt, $merchant_key, true));
$post_vals = array(
'merchant_id' => $merchant_id,
'user_ip' => $user_ip,
'merchant_oid' => $merchant_oid,
'email' => $email,
'payment_amount' => $payment_amount,
'paytr_token' => $paytr_token,
'user_basket' => $user_basket,
'debug_on' => $debug_on,
'no_installment' => $no_installment,
'max_installment' => $max_installment,
'user_name' => $user_name,
'user_address' => $user_address,
'user_phone' => $user_phone,
'merchant_ok_url' => $merchant_ok_url,
'merchant_fail_url' => $merchant_fail_url,
'timeout_limit' => '30',
'currency' => $currency,
'test_mode' => $test_mode
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.paytr.com/odeme/api/get-token");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_vals);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 20);
$result = @curl_exec($ch);
if (curl_errno($ch))
die("PAYTR IFRAME connection error. err:" . curl_error($ch));
curl_close($ch);
$result = json_decode($result, 1);
if ($result['status'] == 'success') {
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>PayTR Safe Payment</title>
</head>
<body>
<script src="https://www.paytr.com/js/iframeResizer.min.js"></script>
<iframe src="https://www.paytr.com/odeme/guvenli/<?php echo $result["token"]; ?>" id="paytriframe" frameborder="0" scrolling="no" style="width: 100%;height:100%;"></iframe>
<script>
iFrameResize({}, '#paytriframe');
</script>
</body>
</html>
<?php
}
} else if ($this->config->item("payment_method") == "paylith") {
$this->load->library("paylith", array("api_key" => $this->config->item("paylith_api_key"), "api_secret" => $this->config->item("paylith_api_secret")));
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$user_ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$user_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$user_ip = $_SERVER['REMOTE_ADDR'];
}
$user_email = $user["email"];
$user_id = $user["id"];
$amount = (int)$this->input->post('amount');
$user_phone = $this->input->post("phone");
$res = $this->paylith->createProductLink($payment_id, $user_id, $user_email, $user_ip, "Site Bakiyesi $amount", $amount * 100, $user_phone);
$res = json_decode($res, true);
if ($res["status"] == "success") {
header("Location: " . stripcslashes($res["paymentLink"]));
} else {
echo json_encode($res);
}
}
}
}
public function pay_card_callback()
{
if (isset($_GET['PayerID']) && isset($_GET['paymentId']) && isset($_SESSION['PayPal-' . $_GET['paymentId']])) {
include './application/libraries/paypal/autoload.php';
$PayPal = Omnipay::create('PayPal_Rest');
$PayPal->setClientId($this->config->item('paypal_client_id'));
$PayPal->setSecret($this->config->item('paypal_client_secret'));
$PayPal->setTestMode($this->config->item('paypal_status') == 'sandbox');
$response = $PayPal->completePurchase(array(
'payer_id' => $_GET['PayerID'],
'transactionReference' => $_GET['paymentId']
))->send();
if ($response->isSuccessful()) {
$amount = (int)$_SESSION['PayPal-' . $_GET['paymentId']];
$this->load->model("payment_model");
$user = $this->payment_model->getUserByEmail($this->session->userdata('login'));
$payment_id = $this->payment_model->insertPayment($amount, 'card', $user["id"], false, true);
$payment = $this->payment_model->getPendingPayment($payment_id);
$this->payment_model->acceptPayment($payment["id"], $payment["amount"], "card", $payment["user"], false, true);
header("Location: " . base_url("panel"));
}
unset($_SESSION['PayPal-' . $_GET['paymentId']]);
exit;
}
$payiyoIpAddress = ['95.217.203.169', '2a01:4f9:4a:46aa::2'];
$ip = !empty($_SERVER['HTTP_CLIENT_IP']) ? $_SERVER['HTTP_CLIENT_IP'] : (!empty($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']);
if (in_array($ip, $payiyoIpAddress)) {
if ($_POST['merchant_id'] == $this->config->item('payiyo_merchant_id') && $_POST['public_key'] == $this->config->item('payiyo_api_key') && $_POST['secret_key'] == $this->config->item('payiyo_secret_key') && $_POST['status'] == 'OK') {
$orderId = intval(explode('P', $_POST['order_id'])[1]);
$this->load->model("payment_model");
$payment = $this->payment_model->getPendingPayment($orderId);
$this->payment_model->acceptPayment($payment["id"], $payment["amount"], "card", $payment["user"], true);
die('OK');
}
}
if ($this->config->item("payment_method") == "shopier") {
$this->load->library("shopier", array(
'api_key' => $this->config->item("shopier_api_key"),
'api_secret' => $this->config->item("shopier_api_secret"),
'index' => $this->config->item("shopier_site_index")
));
$Shopier = $this->shopier;
if ($Shopier->verifyShopierSignature($_POST)) {
$this->load->model("payment_model");
$user = $this->payment_model->getUserByEmail($this->session->userdata('login'));
$payment = $this->payment_model->getPendingPayment($this->input->post("platform_order_id"));
$this->payment_model->acceptPayment($payment["id"], $payment["amount"], "card", $user["id"]);
}
} else if ($this->config->item("payment_method") == "shipy") {
if (isset($_SERVER["HTTP_CLIENT_IP"])) {
$ip = $_SERVER["HTTP_CLIENT_IP"];
} else if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} else if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$ip = $_SERVER["HTTP_CF_CONNECTING_IP"];
} else {
$ip = $_SERVER["REMOTE_ADDR"];
}
if ($ip != "144.91.111.2") {
exit("SHIPY: Request sent by wrong IP: " . $ip);
}
if (
!isset($_POST["returnID"]) || !isset($_POST["paymentType"]) || !isset($_POST["paymentAmount"]) ||
!isset($_POST["paymentHash"]) || !isset($_POST["paymentID"]) || !isset($_POST["paymentCurrency"])
) {
exit("SHIPY: Missing value sent.");
}
$apiKey = $this->config->item("shipy_api_key");
$returnID = $_POST["returnID"];
$paymentID = $_POST["paymentID"];
$paymentType = $_POST["paymentType"];
$paymentAmount = $_POST["paymentAmount"];
$paymentCurrency = $_POST["paymentCurrency"];
$paymentHash = $_POST["paymentHash"];
$hashtr = $paymentID . $returnID . $paymentType . $paymentAmount . $paymentCurrency . $apiKey;
$hashbytes = mb_convert_encoding($hashtr, "ISO-8859-9");
$hash = base64_encode(sha1($hashbytes, true));
if ($hash != $paymentHash) {
http_response_code(403);
exit(json_encode(array("status" => "error", "message" => "paymentHash is not valid.")));
}
$this->load->model("payment_model");
$payment = $this->payment_model->getPendingPayment($returnID);
$this->payment_model->acceptPayment($payment["id"], $payment["amount"], "card", $payment["user"]);
echo "OK";
} else if ($this->config->item("payment_method") == "weepay") {
if ($this->input->post("isSuccessful") == "True" && $this->input->post("secretKey") == $this->config->item("weepay_secret_key")) {
$payment_id = $this->input->post("orderId");
$weepayArray = array();
$weepayArray['Aut'] = array(
'bayi-id' => $this->config->item("weepay_bayiid"),
'api-key' => $this->config->item("weepay_api_key"),
'secret-key' => $this->config->item("weepay_secret_key")
);
$weepayArray['Data'] = array(
'OrderID' => $this->input->post("paymentId")
);
$endPointUrl = "https://api.weepay.co/Payment/GetPaymentDetail";
$payload = json_encode($weepayArray);
$ch = curl_init($endPointUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Content-Length: ' . strlen($payload)
));
$response = json_decode(curl_exec($ch), true);
curl_close($ch);
if ($response["Data"]["PaymentDetail"]["PaymentStatus"] == 2 && $response["Data"]["PaymentDetail"]["TrxStatus"] == 1) {
$this->load->model("payment_model");
$payment = $this->payment_model->getPendingPayment($payment_id);
$this->payment_model->acceptPayment($payment["id"], $payment["amount"], "card", $payment["user"]);
}
}
} else if ($this->config->item("payment_method") == "paytr") {
$merchant_key = $this->config->item("paytr_merchant_key");
$merchant_salt = $this->config->item("paytr_merchant_salt");
$post = $_POST;
$this->load->model("payment_model");
$hash = base64_encode(hash_hmac('sha256', $post['merchant_oid'] . $merchant_salt . $post['status'] . $post['total_amount'], $merchant_key, true));
if ($hash != $post['hash']) {
die('PAYTR notification failed: bad hash');
}
if ($post['status'] == 'success') {
$payment = $this->payment_model->getPendingPayment($post['merchant_oid']);
$this->payment_model->acceptPayment($payment["id"], $payment["amount"], "card", $payment["user"]);
}
echo "OK";
} else if ($this->config->item("payment_method") == "paylith") {
$this->load->model("payment_model");
$conversationId = $_POST["conversationId"];
$payment = $this->payment_model->getPendingPayment($conversationId);
$paylith_key = $this->config->item('paylith_api_key');
$paylith_secret = $this->config->item('paylith_api_secret');
//Some data start
$userId = $_POST['userId'];
$orderId = $_POST["orderId"];
$paymentAmount = $_POST["paymentAmount"];
$status = $_POST["status"];
//Some data end
$hash = hash_hmac('md5', hash_hmac('sha256', "$conversationId|$orderId|$paymentAmount|$status|$userId" . $paylith_secret, $paylith_key), $paylith_key);
//$this->payment_model->acceptPayment($payment["id"], $payment["amount"], "card", $payment["user"]);
if ($_POST["status"] === "SUCCESS" && $hash == $_POST["hash"]) {
$this->payment_model->acceptPayment($payment["id"], $payment["amount"], "card", $payment["user"]);
} else {
die("Payment fail: bad hash.");
}
echo "OK";
}
header("Location: /panel");
}
}
|