commit 6680ba785d609c46855de30b87d513c4d96bdac5
parent 2f309935b8c0b9e78124498fc497841d705c083f
Author: Marcello Stanisci <marcello.stanisci@inria.fr>
Date: Tue, 17 Oct 2017 15:11:06 +0200
adapt PHP shop
Diffstat:
2 files changed, 5 insertions(+), 12 deletions(-)
diff --git a/php/pay.php b/php/pay.php
@@ -13,17 +13,10 @@
$body = json_decode(file_get_contents("php://input"));
$response = post_to_backend("/pay", $body);
- $proposal_data = json_decode($response["body"])->proposal_data;
- /**
- * NOTE: the order id is fetched from the data returned by the
- * backend. This information is then shown in the final page from
- * the fulfillment URL. This way, if a malicious wallet sends a
- * old deposit permission for a new donation, then the user can
- * still detect that, since the old order id would be shown on
- * the fulfillment page.
- */
- $_SESSION["order_id"] = $proposal_data->order_id;
+ $body = json_decode($response["body"]);
+ $_SESSION["order_id"] = $body->contract_terms->order_id;
http_response_code($response["status_code"]);
+ header("Content-Type: application/json");
if (200 != $response["status_code"]){
echo build_error($response,
@@ -33,5 +26,6 @@
}
// Payment went through!
$_SESSION["paid"] = true;
+ echo json_encode($body);
return;
?>
diff --git a/php/track-transaction.php b/php/track-transaction.php
@@ -30,8 +30,7 @@
if (202 == $response["status_code"]){
$pretty_date = get_pretty_date($decoded->details->execution_time);
echo "<p>The exchange accepted the transaction.
- The estimated time for when the related wire transfer
- is to be performed is: $pretty_date</p>";
+ The exchange will attempt the payment on: $pretty_date</p>";
return;
}
