admin/34968-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34968-vm/paypal-capture.php
Flatlogic Bot 727b6fcf29 V10
2025-10-15 04:02:50 +00:00

109 lines
3.8 KiB
PHP
Raw Blame History

<?php
session_start();
require_once 'db/config.php';
require_once 'includes/api_keys.php';
header('Content-Type: application/json');
if (!isset($_SESSION['user_id']) || !isset($_POST['orderID'])) {
echo json_encode(['error' => 'Invalid request.']);
exit();
}
$orderID = $_POST['orderID'];
$user_id = $_SESSION['user_id'];
// Helper function to get PayPal access token
function get_paypal_access_token($clientId, $secret, $apiBase) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "$apiBase/v1/oauth2/token");
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, "$clientId:$secret");
curl_setopt($ch, CURLOPT_POSTFIELDS, "grant_type=client_credentials");
$result = curl_exec($ch);
curl_close($ch);
if (empty($result)) return null;
$json = json_decode($result);
return $json->access_token ?? null;
}
$accessToken = get_paypal_access_token($paypalClientId, $paypalSecret, $paypalApiBase);
if (!$accessToken) {
echo json_encode(['error' => 'Could not authenticate with PayPal.']);
exit();
}
// Capture payment
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "$paypalApiBase/v2/checkout/orders/$orderID/capture");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
"Content-Type: application/json",
"Authorization: Bearer $accessToken"
]);
$result = curl_exec($ch);
curl_close($ch);
$details = json_decode($result);
if (isset($details->status) && $details->status == 'COMPLETED') {
$pdo = db();
// Fetch user's address
$stmt = $pdo->prepare("SELECT address FROM users WHERE id = ?");
$stmt->execute([$user_id]);
$user = $stmt->fetch();
$delivery_address = $user ? $user['address'] : 'N/A';
// Fetch cart items
$stmt = $pdo->prepare("SELECT c.*, mi.price, mi.restaurant_id FROM cart c JOIN menu_items mi ON c.menu_item_id = mi.id WHERE c.user_id = ?");
$stmt->execute([$user_id]);
$cart_items = $stmt->fetchAll();
if (empty($cart_items)) {
echo json_encode(['error' => 'Your cart is empty.']);
exit();
}
$total_price = $_SESSION['total_price'] ?? 0;
$discount_amount = $_SESSION['discount_amount'] ?? 0;
$coupon_id = $_SESSION['coupon_id'] ?? null;
$restaurant_id = $cart_items[0]['restaurant_id']; // Assuming order from one restaurant
// Create order
$stmt = $pdo->prepare("INSERT INTO orders (user_id, restaurant_id, total_price, status, stripe_session_id, delivery_address, coupon_id, discount_amount) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->execute([$user_id, $restaurant_id, $total_price, 'paid', $orderID, $delivery_address, $coupon_id, $discount_amount]);
$order_id = $pdo->lastInsertId();
// Insert order items
$stmt = $pdo->prepare("INSERT INTO order_items (order_id, menu_item_id, quantity, price) VALUES (?, ?, ?, ?)");
foreach ($cart_items as $item) {
$stmt->execute([$order_id, $item['menu_item_id'], $item['quantity'], $item['price']]);
}
// Clear cart
$stmt = $pdo->prepare("DELETE FROM cart WHERE user_id = ?");
$stmt->execute([$user_id]);
// Clear coupon session variables
unset($_SESSION['coupon_id']);
unset($_SESSION['coupon_code']);
unset($_SESSION['discount_percentage']);
unset($_SESSION['total_price']);
unset($_SESSION['discount_amount']);
unset($_SESSION['subtotal']);
$_SESSION['order_id'] = $order_id;
echo json_encode(['success' => true, 'order_id' => $order_id]);
} else {
error_log('PayPal Capture Failed: ' . print_r($details, true));
echo json_encode(['error' => 'Payment failed. Please try again.']);
}
Reference in New Issue View Git Blame Copy Permalink