opac/opac-account-pay.pl

   1 #!/usr/bin/perl
   2
   3 # Copyright ByWater Solutions 2015
   4 #
   5 # This file is part of Koha.
   6 #
   7 # Koha is free software; you can redistribute it and/or modify it under the
   8 # terms of the GNU General Public License as published by the Free Software
   9 # Foundation; either version 3 of the License, or (at your option) any later
  10 # version.
  11 #
  12 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
  13 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
  14 # A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
  15 #
  16 # You should have received a copy of the GNU General Public License along
  17 # with Koha; if not, write to the Free Software Foundation, Inc.,
  18 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  19
  20 use utf8;
  21
  22 use Modern::Perl;
  23
  24 use CGI;
  25 use HTTP::Request::Common;
  26 use LWP::UserAgent;
  27 use URL::Encode qw(url_encode url_params_mixed);
  28 use URI;
  29
  30 use C4::Auth;
  31 use C4::Output;
  32 use C4::Context;
  33 use C4::Budgets qw(GetCurrency);
  34 use Koha::Database;
  35
  36 my $cgi = new CGI;
  37
  38 unless ( C4::Context->preference('EnablePayPalOpacPayments') ) {
  39     print $cgi->redirect("/cgi-bin/koha/errors/404.pl");
  40     exit;
  41 }
  42
  43 my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
  44     {
  45         template_name   => "opac-account-pay-error.tt",
  46         query           => $cgi,
  47         type            => "opac",
  48         authnotrequired => 0,
  49         debug           => 1,
  50     }
  51 );
  52
  53 my $payment_method = $cgi->param('payment_method');
  54 my @accountlines = $cgi->param('accountline');
  55
  56 my $amount_to_pay =
  57   Koha::Database->new()->schema()->resultset('Accountline')->search( { accountlines_id => { -in => \@accountlines } } )
  58   ->get_column('amountoutstanding')->sum();
  59 $amount_to_pay = sprintf( "%.2f", $amount_to_pay );
  60
  61 my $active_currency = GetCurrency();
  62
  63 my $error = 0;
  64 if ( $payment_method eq 'paypal' ) {
  65     my $ua = LWP::UserAgent->new;
  66
  67     my $amount = url_encode($amount_to_pay);
  68
  69     my $url =
  70       C4::Context->preference('PayPalSandboxMode')
  71       ? 'https://api-3t.sandbox.paypal.com/nvp'
  72       : 'https://api-3t.paypal.com/nvp';
  73
  74     my $opac_base_url = C4::Context->preference('OPACBaseURL');
  75
  76     my $return_url = URI->new( $opac_base_url . "/cgi-bin/koha/opac-account-pay-paypal-return.pl" );
  77     $return_url->query_form( { amount => $amount, accountlines => \@accountlines } );
  78
  79     my $cancel_url = URI->new( $opac_base_url . "/cgi-bin/koha/opac-account.pl" );
  80
  81     my $nvp_params = {
  82         'USER'      => C4::Context->preference('PayPalUser'),
  83         'PWD'       => C4::Context->preference('PayPalPwd'),
  84         'SIGNATURE' => C4::Context->preference('PayPalSignature'),
  85
  86         # API Version and Operation
  87         'METHOD'  => 'SetExpressCheckout',
  88         'VERSION' => '82.0',
  89
  90         # API specifics for SetExpressCheckout
  91         'NOSHIPPING'                            => 1,
  92         'REQCONFIRMSHIPPING'                    => 0,
  93         'ALLOWNOTE'                             => 0,
  94         'BRANDNAME'                             => C4::Context->preference('LibraryName'),
  95         'CANCELURL'                             => $cancel_url->as_string(),
  96         'RETURNURL'                             => $return_url->as_string(),
  97         'PAYMENTREQUEST_0_CURRENCYCODE'         => $active_currency->{currency},
  98         'PAYMENTREQUEST_0_AMT'                  => $amount_to_pay,
  99         'PAYMENTREQUEST_0_PAYMENTACTION'        => 'Sale',
 100         'PAYMENTREQUEST_0_ALLOWEDPAYMENTMETHOD' => 'InstantPaymentOnly',
 101         'PAYMENTREQUEST_0_DESC'                 => C4::Context->preference('PayPalChargeDescription'),
 102     };
 103
 104     my $response = $ua->request( POST $url, $nvp_params );
 105
 106     if ( $response->is_success ) {
 107         my $params = url_params_mixed( $response->decoded_content );
 108
 109         if ( $params->{ACK} eq "Success" ) {
 110             my $token = $params->{TOKEN};
 111
 112             my $redirect_url =
 113               C4::Context->preference('PayPalSandboxMode')
 114               ? "https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token="
 115               : "https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=";
 116             print $cgi->redirect( $redirect_url . $token );
 117
 118         }
 119         else {
 120             $template->param( error => "PAYPAL_ERROR_PROCESSING" );
 121             $error = 1;
 122         }
 123
 124     }
 125     else {
 126         $template->param( error => "PAYPAL_UNABLE_TO_CONNECT" );
 127         $error = 1;
 128     }
 129 }
 130
 131 output_html_with_http_headers( $cgi, $cookie, $template->output ) if $error;