commit f4bcc8022aa57371d8483a99bd1e9b10adb78b7c
parent 94b85f9af291666c8ff2114191acc18aa74d1fd6
Author: Marcello Stanisci <marcello.stanisci@inria.fr>
Date: Fri, 22 Apr 2016 18:42:39 +0200
reconstructing the contract in PHP donation shop (not tested)
Diffstat:
4 files changed, 26 insertions(+), 16 deletions(-)
diff --git a/examples/shop/fulfillment.php b/examples/shop/fulfillment.php
@@ -48,8 +48,11 @@
<?php
include '../../copylib/util.php';
+include "../../copylib/merchants.php";
$receiver = get($_GET["receiver"]);
+$now = new DateTime();
+$now->setTimestamp(intval(get($_GET["timestamp"])));
if (empty($receiver)) {
http_response_code(400);
@@ -70,25 +73,21 @@ if (array() === $my_payment || true !== get($my_payment["is_payed"], false)) {
// restore contract
$contract = generate_contract(array(
- "amount_value" => $_GET['aval'],
- "amount_fraction" => $_GET['afrac'],
+ "amount_value" => intval($_GET['aval']),
+ "amount_fraction" => intval($_GET['afrac']),
"currency" => $_GET['acurr'],
"refund_delta" => 'P3M',
- "transaction_id" => $_GET['tid'],
+ "transaction_id" => intval($_GET['tid']),
"description" => "Donation to " . $receiver,
- "product_id" => $p_id,
+ "product_id" => "unused",
"correlation_id" => "",
"merchant_name" => "Kudos Inc.",
"taxes" => array(),
- "now" => $_GET['timestamp'],
+ "now" => $now,
"fulfillment_url" => get_full_uri())
);
- $json = json_encode(array(
- 'contract' => $contract
- ), JSON_PRETTY_PRINT);
-
- $resp = give_to_backend("backend/contract", $json);
+ $resp = give_to_backend("backend/contract", $contract);
if ($resp->getResponseCode() != 200){
echo json_encode(array(
'error' => "internal error",
@@ -104,6 +103,7 @@ if (array() === $my_payment || true !== get($my_payment["is_payed"], false)) {
echo "<p>you have not payed for this contract: " . $hc . "</p>";
echo "<p>Asking the wallet to re-execute it ... </p>";
echo "<script>taler.executePayment('$hc', '$pay_url', '$offering_url');</script>";
+ return;
}
$news = false;
diff --git a/examples/shop/generate_taler_contract.php b/examples/shop/generate_taler_contract.php
@@ -54,7 +54,6 @@ $fulfillment_url = url_rel("fulfillment.php")
. '&acurr=' . urlencode($currency)
. '&tid=' . $transaction_id;
-
$contract = generate_contract(array(
"amount_value" => $amount_value,
"amount_fraction" => $amount_fraction,
@@ -62,7 +61,7 @@ $contract = generate_contract(array(
"refund_delta" => 'P3M',
"transaction_id" => $transaction_id,
"description" => $desc,
- "product_id" => $p_id,
+ "product_id" => "unused",
"correlation_id" => "",
"merchant_name" => "Kudos Inc.",
"taxes" => array(),
@@ -70,8 +69,6 @@ $contract = generate_contract(array(
"fulfillment_url" => $fulfillment_url)
);
-file_put_contents("/tmp/shit.json", $contract);
-
$resp = give_to_backend("backend/contract", $contract);
// Our response code is the same we got from the backend:
diff --git a/examples/shop/pay.php b/examples/shop/pay.php
@@ -46,8 +46,19 @@ if (null === $my_payment)
$post_body = file_get_contents('php://input');
$deposit_permission = json_decode ($post_body, true);
-// Check if the receiver is actually *mentioned* in the
-// contract
+// Check if the receiver is actually *mentioned* in the contract
+if ($my_payment['hc'] != $deposit_permission['H_contract']) {
+
+ $json = json_encode(
+ array(
+ "error" => "ill behaved wallet",
+ "status" => 400,
+ "detail" => "deposit permission mismatches with reconstructed contract"
+ )
+ );
+ echo $json;
+ die();
+}
/* Craft the HTTP request, note that the backend
diff --git a/src/backend/taler-merchant-httpd_contract.c b/src/backend/taler-merchant-httpd_contract.c
@@ -104,12 +104,14 @@ MH_handler_contract (struct TMH_RequestHandler *rh,
res = TMH_PARSE_json_data (connection,
jcontract,
spec);
+ printf ("parsed\n");
if (GNUNET_NO == res)
return MHD_YES;
if (GNUNET_SYSERR == res)
return TMH_RESPONSE_reply_external_error (connection,
"contract request malformed");
+ printf ("beyond\n");
/* add fields to the contract that the backend should provide */
json_object_set (jcontract,
"exchanges",
