Update pages/callback.php
Signed-off-by: kevinowino869 <kevinowino869@www.codelab.nestict.africa>
This commit is contained in:
parent
d810420370
commit
c3e6e0a5f9
@ -1,4 +1,73 @@
|
||||
<?php
|
||||
// Payment Callback Page
|
||||
echo "Payment Callback Received";
|
||||
?>
|
||||
/**
|
||||
* M-Pesa Payment Module - Payment Processing
|
||||
* Author: NESTICT INFOTECH
|
||||
* Version: 1.0.0
|
||||
*/
|
||||
|
||||
require '../../main.inc.php';
|
||||
require_once DOL_DOCUMENT_ROOT . "/core/lib/admin.lib.php";
|
||||
|
||||
$invoiceId = GETPOST('invoice_id', 'int');
|
||||
$token = GETPOST('token', 'alpha');
|
||||
|
||||
if (!$invoiceId || !$token) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
// Validate token
|
||||
$expectedToken = base64_encode(hash('sha256', $invoiceId . time()));
|
||||
if ($token !== $expectedToken) {
|
||||
accessforbidden();
|
||||
}
|
||||
|
||||
// Process payment submission
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
$phoneNumber = GETPOST('phone_number', 'alpha');
|
||||
$amount = GETPOST('amount', 'int');
|
||||
|
||||
$paybill = dolibarr_get_const($db, "MPESAPAY_PAYBILL");
|
||||
$passkey = dolibarr_get_const($db, "MPESAPAY_PASSKEY");
|
||||
|
||||
$payload = array(
|
||||
"BusinessShortCode" => $paybill,
|
||||
"Password" => base64_encode($paybill . $passkey . time()),
|
||||
"Timestamp" => date('YmdHis'),
|
||||
"TransactionType" => "CustomerPayBillOnline",
|
||||
"Amount" => $amount,
|
||||
"PartyA" => $phoneNumber,
|
||||
"PartyB" => $paybill,
|
||||
"PhoneNumber" => $phoneNumber,
|
||||
"CallBackURL" => DOL_URL_ROOT . "/custom/mpesapay/callback.php",
|
||||
"AccountReference" => $invoiceId,
|
||||
"TransactionDesc" => "Payment for Invoice #$invoiceId"
|
||||
);
|
||||
|
||||
$module = new modMpesapay($db);
|
||||
$response = $module->sendMpesaRequest($payload);
|
||||
|
||||
if ($response && $response['ResponseCode'] == "0") {
|
||||
echo "<p>Payment initiated. Check your phone to complete.</p>";
|
||||
} else {
|
||||
echo "<p>Failed to initiate payment. Please try again.</p>";
|
||||
}
|
||||
} else {
|
||||
// Display payment form
|
||||
$sql = "SELECT ref, total FROM ".MAIN_DB_PREFIX."facture WHERE rowid = $invoiceId";
|
||||
$result = $db->query($sql);
|
||||
if ($result) {
|
||||
$invoice = $db->fetch_object($result);
|
||||
print load_fiche_titre("Pay Invoice #{$invoice->ref}");
|
||||
echo '<form method="POST">';
|
||||
echo '<label>Phone Number (254...): <input type="text" name="phone_number" pattern="^254[0-9]{9}$" required></label><br>';
|
||||
echo '<label>Amount: <input type="number" name="amount" value="'.$invoice->total.'" readonly></label><br>';
|
||||
echo '<button type="submit">Pay Now</button>';
|
||||
echo '</form>';
|
||||
} else {
|
||||
echo "<p>Invoice not found.</p>";
|
||||
}
|
||||
}
|
||||
|
||||
llxFooter();
|
||||
$db->close();
|
||||
?>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user