Update pages/callback.php
Signed-off-by: kevinowino869 <kevinowino869@www.codelab.nestict.africa>
This commit is contained in:
parent
d810420370
commit
c3e6e0a5f9
@ -1,4 +1,73 @@
|
|||||||
<?php
|
<?php
|
||||||
// Payment Callback Page
|
/**
|
||||||
echo "Payment Callback Received";
|
* M-Pesa Payment Module - Payment Processing
|
||||||
?>
|
* Author: NESTICT INFOTECH
|
||||||
|
* Version: 1.0.0
|
||||||
|
*/
|
||||||
|
|
||||||
|
require '../../main.inc.php';
|
||||||
|
require_once DOL_DOCUMENT_ROOT . "/core/lib/admin.lib.php";
|
||||||
|
|
||||||
|
$invoiceId = GETPOST('invoice_id', 'int');
|
||||||
|
$token = GETPOST('token', 'alpha');
|
||||||
|
|
||||||
|
if (!$invoiceId || !$token) {
|
||||||
|
accessforbidden();
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate token
|
||||||
|
$expectedToken = base64_encode(hash('sha256', $invoiceId . time()));
|
||||||
|
if ($token !== $expectedToken) {
|
||||||
|
accessforbidden();
|
||||||
|
}
|
||||||
|
|
||||||
|
// Process payment submission
|
||||||
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||||
|
$phoneNumber = GETPOST('phone_number', 'alpha');
|
||||||
|
$amount = GETPOST('amount', 'int');
|
||||||
|
|
||||||
|
$paybill = dolibarr_get_const($db, "MPESAPAY_PAYBILL");
|
||||||
|
$passkey = dolibarr_get_const($db, "MPESAPAY_PASSKEY");
|
||||||
|
|
||||||
|
$payload = array(
|
||||||
|
"BusinessShortCode" => $paybill,
|
||||||
|
"Password" => base64_encode($paybill . $passkey . time()),
|
||||||
|
"Timestamp" => date('YmdHis'),
|
||||||
|
"TransactionType" => "CustomerPayBillOnline",
|
||||||
|
"Amount" => $amount,
|
||||||
|
"PartyA" => $phoneNumber,
|
||||||
|
"PartyB" => $paybill,
|
||||||
|
"PhoneNumber" => $phoneNumber,
|
||||||
|
"CallBackURL" => DOL_URL_ROOT . "/custom/mpesapay/callback.php",
|
||||||
|
"AccountReference" => $invoiceId,
|
||||||
|
"TransactionDesc" => "Payment for Invoice #$invoiceId"
|
||||||
|
);
|
||||||
|
|
||||||
|
$module = new modMpesapay($db);
|
||||||
|
$response = $module->sendMpesaRequest($payload);
|
||||||
|
|
||||||
|
if ($response && $response['ResponseCode'] == "0") {
|
||||||
|
echo "<p>Payment initiated. Check your phone to complete.</p>";
|
||||||
|
} else {
|
||||||
|
echo "<p>Failed to initiate payment. Please try again.</p>";
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
// Display payment form
|
||||||
|
$sql = "SELECT ref, total FROM ".MAIN_DB_PREFIX."facture WHERE rowid = $invoiceId";
|
||||||
|
$result = $db->query($sql);
|
||||||
|
if ($result) {
|
||||||
|
$invoice = $db->fetch_object($result);
|
||||||
|
print load_fiche_titre("Pay Invoice #{$invoice->ref}");
|
||||||
|
echo '<form method="POST">';
|
||||||
|
echo '<label>Phone Number (254...): <input type="text" name="phone_number" pattern="^254[0-9]{9}$" required></label><br>';
|
||||||
|
echo '<label>Amount: <input type="number" name="amount" value="'.$invoice->total.'" readonly></label><br>';
|
||||||
|
echo '<button type="submit">Pay Now</button>';
|
||||||
|
echo '</form>';
|
||||||
|
} else {
|
||||||
|
echo "<p>Invoice not found.</p>";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
llxFooter();
|
||||||
|
$db->close();
|
||||||
|
?>
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user