diff options
author | Marcello Stanisci <marcello.stanisci@inria.fr> | 2017-03-27 22:46:27 +0200 |
---|---|---|
committer | Marcello Stanisci <marcello.stanisci@inria.fr> | 2017-03-27 22:46:27 +0200 |
commit | b7b5532fccc12bbe9a71e8ab97e891b20601e3c3 (patch) | |
tree | 88389ad7be5b2f7a7697b6467e5c98a34c0005b2 | |
parent | 7830e8bab3954e3aac8195854224d972a9b38f9e (diff) | |
download | merchant-frontend-examples-b7b5532fccc12bbe9a71e8ab97e891b20601e3c3.tar.gz merchant-frontend-examples-b7b5532fccc12bbe9a71e8ab97e891b20601e3c3.tar.bz2 merchant-frontend-examples-b7b5532fccc12bbe9a71e8ab97e891b20601e3c3.zip |
php example shows order id in fulfillment page
-rw-r--r-- | php/fulfillment.php | 2 | ||||
-rw-r--r-- | php/generate-order.php | 2 | ||||
-rw-r--r-- | php/pay.php | 25 |
3 files changed, 12 insertions, 17 deletions
diff --git a/php/fulfillment.php b/php/fulfillment.php index 3c0ecef..ce4174d 100644 --- a/php/fulfillment.php +++ b/php/fulfillment.php @@ -7,7 +7,7 @@ if(pull($_SESSION, 'paid', false)){ echo sprintf("<p>Thanks for your donation!</p> - <br><p>The order ID is: %s; use it to + <br><p>The order ID is: <b>%s</b>; use it to <a href=\"backoffice.html\">track</a> your money, or make <a href=\"/\">another donation!</a></p>", $_SESSION['order_id']); diff --git a/php/generate-order.php b/php/generate-order.php index 4d57998..017780f 100644 --- a/php/generate-order.php +++ b/php/generate-order.php @@ -5,7 +5,7 @@ include 'backend.php'; include 'error.php'; - $order_id = rand(1,90000); // simplified, do not do this! + $order_id = "tutorial-" . dechex(rand(0,99999999)) . date("-H_i_s"); session_start(); $_SESSION["order_id"] = $order_id; // this variable is the JSON of a contract proposal, diff --git a/php/pay.php b/php/pay.php index 25b2d6a..921cc70 100644 --- a/php/pay.php +++ b/php/pay.php @@ -1,34 +1,29 @@ <?php // This file is in the public domain. - include 'backend.php'; - include 'error.php'; + include "backend.php"; + include "error.php"; session_start(); - if(!isset($_SESSION['paid'])){ + if(!isset($_SESSION["paid"])){ echo "<p>No session active. Aborting.</p>"; return; } // Get coins. - $body = json_decode(file_get_contents('php://input')); - - if ($_SESSION["order_id"] != $body->order_id){ - echo build_error($response, - "Mismatch between the product ordered and the one attempted to be paid", - 406); - return; - } + $body = json_decode(file_get_contents("php://input")); $response = post_to_backend("/pay", $body); - http_response_code($response['status_code']); + $proposal_data = json_decode($response["body"])->proposal_data; + $_SESSION["order_id"] = $proposal_data->order_id; + http_response_code($response["status_code"]); - if (200 != $response['status_code']){ + if (200 != $response["status_code"]){ echo build_error($response, "Could not send payment to backend", - $response['status_code']); + $response["status_code"]); return; } // Payment went through! - $_SESSION['paid'] = true; + $_SESSION["paid"] = true; return; ?> |