opac/opac-account-pay.pl

   1 #!/usr/bin/perl
   2
   3 # Copyright ByWater Solutions 2015
   4 #
   5 # This file is part of Koha.
   6 #
   7 # Koha is free software; you can redistribute it and/or modify it
   8 # under the terms of the GNU General Public License as published by
   9 # the Free Software Foundation; either version 3 of the License, or
  10 # (at your option) any later version.
  11 #
  12 # Koha is distributed in the hope that it will be useful, but
  13 # WITHOUT ANY WARRANTY; without even the implied warranty of
  14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15 # GNU General Public License for more details.
  16 #
  17 # You should have received a copy of the GNU General Public License
  18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
  19
  20 use utf8;
  21
  22 use Modern::Perl;
  23
  24 use CGI;
  25 use HTTP::Request::Common;
  26 use LWP::UserAgent;
  27 use URI;
  28
  29 use C4::Auth;
  30 use C4::Output;
  31 use C4::Context;
  32 use Koha::Acquisition::Currencies;
  33 use Koha::Database;
  34 use Koha::Plugins::Handler;
  35
  36 my $cgi = CGI->new;
  37 my $payment_method = $cgi->param('payment_method');
  38 my @accountlines   = $cgi->multi_param('accountline');
  39
  40 my $use_plugin;
  41 if ( $payment_method ne 'paypal' ) {
  42     $use_plugin = Koha::Plugins::Handler->run(
  43         {
  44             class  => $payment_method,
  45             method => 'opac_online_payment',
  46             cgi    => $cgi,
  47         }
  48     );
  49 }
  50
  51 unless ( C4::Context->preference('EnablePayPalOpacPayments') || $use_plugin ) {
  52     print $cgi->redirect("/cgi-bin/koha/errors/404.pl");
  53     exit;
  54 }
  55
  56 my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
  57     {
  58         template_name   => "opac-account-pay-error.tt",
  59         query           => $cgi,
  60         type            => "opac",
  61         debug           => 1,
  62     }
  63 );
  64
  65 my $amount_to_pay =
  66   Koha::Database->new()->schema()->resultset('Accountline')->search( { accountlines_id => { -in => \@accountlines } } )
  67   ->get_column('amountoutstanding')->sum();
  68 $amount_to_pay = sprintf( "%.2f", $amount_to_pay );
  69
  70 my $active_currency = Koha::Acquisition::Currencies->get_active;
  71
  72 my $error = 0;
  73 if ( $payment_method eq 'paypal' ) {
  74     my $ua = LWP::UserAgent->new;
  75
  76     my $url =
  77       C4::Context->preference('PayPalSandboxMode')
  78       ? 'https://api-3t.sandbox.paypal.com/nvp'
  79       : 'https://api-3t.paypal.com/nvp';
  80
  81     my $opac_base_url =
  82       C4::Context->preference('PayPalReturnURL') eq 'BaseURL'
  83       ? C4::Context->preference('OPACBaseURL')
  84       : $cgi->url(-base=>1);
  85
  86     my $return_url = URI->new( $opac_base_url . "/cgi-bin/koha/opac-account-pay-paypal-return.pl" );
  87     $return_url->query_form( { amount => $amount_to_pay, accountlines => \@accountlines } );
  88
  89     my $cancel_url = URI->new( $opac_base_url . "/cgi-bin/koha/opac-account.pl" );
  90
  91     my $nvp_params = {
  92         'USER'      => C4::Context->preference('PayPalUser'),
  93         'PWD'       => C4::Context->preference('PayPalPwd'),
  94         'SIGNATURE' => C4::Context->preference('PayPalSignature'),
  95
  96         # API Version and Operation
  97         'METHOD'  => 'SetExpressCheckout',
  98         'VERSION' => '82.0',
  99
 100         # API specifics for SetExpressCheckout
 101         'NOSHIPPING'                            => 1,
 102         'REQCONFIRMSHIPPING'                    => 0,
 103         'ALLOWNOTE'                             => 0,
 104         'BRANDNAME'                             => C4::Context->preference('LibraryName'),
 105         'CANCELURL'                             => $cancel_url->as_string(),
 106         'RETURNURL'                             => $return_url->as_string(),
 107         'PAYMENTREQUEST_0_CURRENCYCODE'         => $active_currency->currency,
 108         'PAYMENTREQUEST_0_AMT'                  => $amount_to_pay,
 109         'PAYMENTREQUEST_0_PAYMENTACTION'        => 'Sale',
 110         'PAYMENTREQUEST_0_ALLOWEDPAYMENTMETHOD' => 'InstantPaymentOnly',
 111         'PAYMENTREQUEST_0_DESC'                 => C4::Context->preference('PayPalChargeDescription'),
 112         'SOLUTIONTYPE'                          => 'Sole',
 113     };
 114
 115     my $response = $ua->request( POST $url, $nvp_params );
 116
 117     if ( $response->is_success ) {
 118
 119         my $urlencoded = $response->content;
 120         my %params = URI->new( "?$urlencoded" )->query_form;
 121
 122         if ( $params{ACK} eq "Success" ) {
 123             my $token = $params{TOKEN};
 124
 125             my $redirect_url =
 126               C4::Context->preference('PayPalSandboxMode')
 127               ? "https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token="
 128               : "https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=";
 129             print $cgi->redirect( $redirect_url . $token );
 130
 131         }
 132         else {
 133             $template->param( error => "PAYPAL_ERROR_PROCESSING" );
 134             $error = 1;
 135         }
 136
 137     }
 138     else {
 139         $template->param( error => "PAYPAL_UNABLE_TO_CONNECT" );
 140         $error = 1;
 141     }
 142
 143     output_html_with_http_headers( $cgi, $cookie, $template->output, undef, { force_no_caching => 1 } ) if $error;
 144 }
 145 else {
 146     Koha::Plugins::Handler->run(
 147         {
 148             class  => $payment_method,
 149             method => 'opac_online_payment_begin',
 150             cgi    => $cgi,
 151         }
 152     );
 153 }