Merge pull request #6 from appinlet/release/1.0.4

2023-12-11: v1.0.4
DPO-Group · Dec 11, 2023 · 81af45b · 81af45b
2 parents 201487b + 01fe9a3
commit 81af45b
Show file tree

Hide file tree

Showing 9 changed files with 213 additions and 166 deletions.
diff --git a/README.md b/README.md
@@ -1,10 +1,10 @@
 # DPO_WHMCS
-## DPO Group WHMCS plugin v1.0.3 for WHMCS v8.1.3
+## DPO Group WHMCS plugin v1.0.4 for WHMCS v8.8.0
 
 This is the DPO Group plugin for WHMCS. Please feel free to contact the [DPO Group support team](https://dpogroup.com/contact-us/) should you require any assistance.
 
 ## Installation
-Please navigate to the [releases page](https://github.com/DPO-Group/DPO_WHMCS/releases), download the latest release (v1.0.3) and unzip. You will then be able to follow the integration guide which is included in the zip.
+Please navigate to the [releases page](https://github.com/DPO-Group/DPO_WHMCS/releases), download the latest release (v1.0.4) and unzip. You will then be able to follow the integration guide which is included in the zip.
 
 ## Collaboration
 

diff --git a/changelog.txt b/changelog.txt
@@ -2,6 +2,9 @@
 Date	  : Version: Description
 =====================================
 
+2023-12-11: v1.0.4  : Add support for WHMCS 8.8.0 and PHP 8.1.
+                      Decline transactions if the reference and order ID don't match.
+
 2022-04-12: v1.0.3  : Hotfix whitespace issue.
 
 2021-05-19: v1.0.2  : Improve error message handling.

diff --git a/modules/gateways/callback/dpo.php b/modules/gateways/callback/dpo.php
@@ -1,6 +1,6 @@
 <?php
 /*
- * Copyright (c) 2021 DPO Group
+ * Copyright (c) 2023 DPO Group
  *
  * Author: App Inlet (Pty) Ltd
  *
@@ -17,114 +17,120 @@
 require_once '../dpo/lib/constants.php';
 require_once '../dpo/lib/Dpo.php';
 
-if ( !defined( "WHMCS" ) ) {
-    die( "This file cannot be accessed directly" );
+if (!defined("WHMCS")) {
+    die("This file cannot be accessed directly");
 }
 
 use WHMCS\Database\Capsule;
 
-if ( !defined( '_DB_PREFIX_' ) ) {
-    define( '_DB_PREFIX_', 'tbl' );
+if (!defined('_DB_PREFIX_')) {
+    define('_DB_PREFIX_', 'tbl');
 }
 
 /**
  * Check for existence of dpogroupdpo table and create if not
  * In earlier versions this table was named paygatedpo -> rename if necessary
  */
-if ( !function_exists( 'createDPOGroupdpoTable' ) ) {
+if (!function_exists('createDPOGroupdpoTable')) {
     function createDPOGroupdpoTable()
     {
         try {
-            if ( Capsule::schema()->hasTable( _DB_PREFIX_ . 'paygatedpo' ) ) {
-                Capsule::schema()->rename( _DB_PREFIX_ . 'paygatedpo', _DB_PREFIX_ . 'dpogroupdpo' );
+            if (Capsule::schema()->hasTable(_DB_PREFIX_ . 'paygatedpo')) {
+                Capsule::schema()->rename(_DB_PREFIX_ . 'paygatedpo', _DB_PREFIX_ . 'dpogroupdpo');
             }
 
-            if ( !Capsule::schema()->hasTable( _DB_PREFIX_ . 'dpogroupdpo' ) ) {
+            if (!Capsule::schema()->hasTable(_DB_PREFIX_ . 'dpogroupdpo')) {
                 Capsule::schema()->create(
                     _DB_PREFIX_ . 'dpogroupdpo',
-                    function ( $table ) {
-                        $table->increments( 'id' );
-                        $table->string( 'recordtype', 20 );
-                        $table->string( 'recordid', 50 );
-                        $table->string( 'recordval', 50 );
-                        $table->string( 'dbid', 10 )->default( '1' );
+                    function ($table) {
+                        $table->increments('id');
+                        $table->string('recordtype', 20);
+                        $table->string('recordid', 50);
+                        $table->string('recordval', 50);
+                        $table->string('dbid', 10)->default('1');
                     }
                 );
             }
-        } catch ( \Exception $e ) {
+        } catch (\Exception $e) {
         }
     }
 }
 
 createDPOGroupdpoTable();
 
-$transId = filter_var( $_GET['TransID'], FILTER_SANITIZE_STRING );
+$transId = filter_var($_GET['TransID'], FILTER_SANITIZE_STRING);
 
 // Get test mode from db
-$tbl      = _DB_PREFIX_ . 'dpogroupdpo';
-$testMode = (bool) Capsule::table( $tbl )
-    ->where( 'recordtype', 'dpotest' )
-    ->where( 'recordid', $transId )
-    ->value( 'recordval' );
-
-$companyToken = Capsule::table( $tbl )
-    ->where( 'recordtype', 'dpoclient' )
-    ->where( 'recordid', $transId )
-    ->value( 'recordval' );
-
-$dpo                  = new DPOGroup\Dpo( $testMode );
-$data                 = [];
-$data['transToken']   = $transId;
+$tbl = _DB_PREFIX_ . 'dpogroupdpo';
+$testMode = (bool)Capsule::table($tbl)
+    ->where('recordtype', 'dpotest')
+    ->where('recordid', $transId)
+    ->value('recordval');
+
+$companyToken = Capsule::table($tbl)
+    ->where('recordtype', 'dpoclient')
+    ->where('recordid', $transId)
+    ->value('recordval');
+
+$dpo = new DPOGroup\Dpo($testMode);
+$data = [];
+$data['transToken'] = $transId;
 $data['companyToken'] = $companyToken;
 
-$verify = $dpo->verifyToken( $data );
+$verify = $dpo->verifyToken($data);
 
-if ( $verify != '' ) {
-    $verify = new \SimpleXMLElement( $verify );
+if ($verify != '') {
+    $verify = new \SimpleXMLElement($verify);
 
-    if ( $verify->Result->__toString() === '000' ) {
-        // Transaction paid
-        $invoiceId = Capsule::table( $tbl )
-            ->where( 'recordid', $transId )
-            ->where( 'recordtype', 'dporef' )
-            ->value( 'recordval' );
+    try {
+        $invoiceId = Capsule::table($tbl)
+            ->where('recordid', $transId)
+            ->where('recordtype', 'dporef')
+            ->value('recordval');
+    } catch (Exception $e) {
+        throw new \UnexpectedValueException('Error Exception: Undefined $transId and $invoiceId');
+    }
 
+    if ($verify->Result->__toString() === '000' && !empty((string)$invoiceId) == $verify->CompanyRef->__toString()) {
+        // Transaction paid
         // Delete records for this invoice
-        $recordids = Capsule::table( $tbl )
-            ->select( 'recordid' )
-            ->where( 'recordval', $invoiceId )
+        $recordids = Capsule::table($tbl)
+            ->select('recordid')
+            ->where('recordval', $invoiceId)
             ->get();
 
         $recs = [];
-        foreach ( $recordids as $recordid ) {
+        foreach ($recordids as $recordid) {
             $recs[] = $recordid->recordid;
         }
 
-        Capsule::table( $tbl )
-            ->whereIn( 'recordid', $recs )
+        Capsule::table($tbl)
+            ->whereIn('recordid', $recs)
             ->delete();
 
         // Detect module name from filename
-        $gatewayModuleName = basename( __FILE__, '.php' );
+        $gatewayModuleName = basename(__FILE__, '.php');
 
         $command = 'AddInvoicePayment';
-        $data    = [
+        $data = [
             'invoiceid' => $invoiceId,
-            'transid'   => $transId,
-            'gateway'   => $gatewayModuleName,
+            'transid' => $transId,
+            'gateway' => $gatewayModuleName,
         ];
-        $result = localAPI( $command, $data );
-        callback3DSecureRedirect( $invoiceId, true );
+        $result = localAPI($command, $data);
+        callback3DSecureRedirect($invoiceId, true);
     } else {
-        $systemUrl = Capsule::table( $tbl )
-            ->where( 'recordtype', 'systemurl' )
-            ->where( 'recordid', $transId )
-            ->value( 'recordval' );
+        $systemUrl = Capsule::table($tbl)
+            ->where('recordtype', 'systemurl')
+            ->where('recordid', $transId)
+            ->value('recordval');
 
-        Capsule::table( $tbl )
-            ->where( 'recordid', $transId )
+        Capsule::table($tbl)
+            ->where('recordid', $transId)
             ->delete();
 
-        header( 'Location: ' . $systemUrl . 'clientarea.php?action=invoices' );
+        header('Location: ' . $systemUrl . 'clientarea.php?action=invoices');
     }
+
+
 }