Generate and process PM transactions

app/Console/Commands/ServicesInit.php

@@ -58,6 +58,7 @@ class ServicesInit extends Command
 		$s->available = true;
 		$s->save();
 
+		/*
     	$s = new Service;
 		$s->name = 'Language Targeted Views';
 		$s->type = 'views';
@@ -88,6 +89,7 @@ class ServicesInit extends Command
 		$s->available = true;
 		$s->description = 'Real impressionss and profile visits';
 		$s->save();
+		 */
 
     	$s = new Service;
 		$s->name = 'Likes';

app/Http/Controllers/BillingController.php

@@ -158,10 +158,13 @@ class BillingController extends Controller
 		$allowed = ['185.71.65.92', '185.71.65.189', '149.202.17.210'];
 		$ipAddress = $request->ip();
 
-		if ($ipAddress !in_array($allowed)){
+		if (!in_array($ipAddress, $allowed)){
 			abort(401);
 		}
 
+		Log::debug('Processing Payeer payment');
+		Log::debug($request);
+
 		$secret = config('services.payeer.secret');
 		$arHash = [$request->m_operation_id,
 			$request->m_operation_ps,
@@ -210,4 +213,63 @@ class BillingController extends Controller
 		$user->save();
 		$transaction->save();
 	}
+
+	public function pm(Request $request) {
+		$user = Auth::user();
+		$account = config('services.pm.account');
+		$transaction = $this->attempt($request->packs);
+		$total = $transaction->credits/100 +
+			$transaction->credits_extra/100;
+		$description =  "You will receive $total credits.";
+		return ['account' => $account, 'transaction' => $transaction->id,
+			'amount' => $transaction->charge/100, 'description' => $description];
+	}
+
+	//Handler run after PM payment succeds
+	public function processPM(Request $request) {
+		$allowed = ['77.109.141.170', '91.205.41.208', '94.242.216.60',
+			'78.41.203.75'];
+		$transaction = Transaction::find($request->PAYMENT_ID);
+		$secret = config('services.pm.secret');
+
+		//Check that sender is PM and account the amount was paid to is mine.
+		if (!in_array($request->ip(), $allowed)){
+			abort(401);
+		} else if ($request->PAYEE_ACCOUNT != config('services.pm.account')) {
+			abort(422);
+		} else if (!$transaction->complete) {
+			abort(422);
+		}
+
+		Log::debug('Processing PM payment');
+		Log::debug($request);
+
+		//Would need to be changed if baggage fields are used
+		$arHash = [$request->PAYMENT_ID,
+			$request->PAYEE_ACCOUNT,
+			$request->PAYMENT_AMOUNT,
+			$request->PAYMENT_UNITS,
+			$request->PAYMENT_BATCH_NUMBER,
+			$request->PAYER_ACCOUNT,
+			strtoupper(md5($secret)),
+			$request->TIMESTAMPGMT,
+		];
+
+		$signature = strtoupper(md5(implode(':', $arHash)));
+
+		if ($signature == $request->V2_HASH){
+			$this->creditUser((int) $transaction->id);
+		} else {
+			abort(422, 'Bad hash');
+		}
+	}
+
+	public function completePM(Request $request) {
+		return redirect('/panel/#transaction-complete');
+	}
+
+	public function failPM(Request $request) {
+		return redirect('/panel/#transaction-failed');
+	}
+
 }

config/services.php

@@ -41,4 +41,9 @@ return [
 		'id' => env('PAYEER_ID'),
 	],
 
+	'pm' => [
+		'account' => env('PM_ACCOUNT'),
+		'secret' => env('PM_SECRET'),
+	]
+
 ];

resources/js/panel/credits.vue

@@ -111,7 +111,7 @@ function payPayeer() {
 		}).then(response => {return response.json()}).then(data => {
 			let form = document.createElement('form')
 			document.body.appendChild(form)
-			form.method = 'post'
+			form.method = 'POST'
 			form.action = 'https://payeer.com/merchant/'
 			form.appendChild(this.makeInput('m_shop', data.shop))
 			form.appendChild(this.makeInput('m_orderid', data.transaction))
@@ -128,7 +128,34 @@ function payPayeer() {
 }
 
 function payPm() {
-
+	fetch('/panel/pm', {
+		method: 'POST',
+		headers: {'Content-Type': 'application/json',
+			'Accept': 'application/json',
+		'X-XSRF-TOKEN': this.token},
+		body: JSON.stringify({'packs': this.packs})
+		}).then(response => {return response.json()}).then(data => {
+			let form = document.createElement('form')
+			document.body.appendChild(form)
+			form.method = 'POST'
+			form.action = 'https://perfectmoney.is/api/step1.asp'
+			form.appendChild(this.makeInput('PAYEE_ACCOUNT', data.account))
+			form.appendChild(this.makeInput('PAYEE_NAME', 'Trendplays Network'))
+			form.appendChild(this.makeInput('PAYMENT_AMOUNT', data.amount))
+			form.appendChild(this.makeInput('PAYMENT_UNITS', 'USD'))
+			form.appendChild(this.makeInput('PAYMENT_ID', data.transaction))
+			form.appendChild(this.makeInput('STATUS_URL',
+			'https://trendplays.com/hooks/pm-transaction'))
+			form.appendChild(this.makeInput('PAYMENT_URL',
+			'https://trendplays.com/panel/pm-complete'))
+			form.appendChild(this.makeInput('PAYMENT_URL_METHOD', 'POST'))
+			form.appendChild(this.makeInput('NOPAYMENT_URL',
+			'https://trendplays.com/panel/pm-fail'))
+			form.appendChild(this.makeInput('NOPAYMENT_URL_METHOD', 'GET'))
+			form.appendChild(this.makeInput('SUGGESTED_MEMO', data.description))
+			form.appendChild(this.makeInput('SUGGESTED_MEMO_NOCHANGE', true))
+			form.submit()
+		})
 }
 
 function ready() {

routes/web.php

@@ -116,6 +116,16 @@ Route::post('/panel/secret', [BillingController::class,
 Route::post('/panel/payeer', [BillingController::class,
 	'payeer'])->middleware([ 'auth', 'verified' ]);
 
+//Initiate a Perfect Money payment
+Route::post('/panel/pm', [BillingController::class,
+	'pm'])->middleware([ 'auth', 'verified' ]);
+
+Route::post('/panel/pm-complete', [BillingController::class,
+	'completePM'])->middleware([ 'auth', 'verified' ]);
+
+Route::post('/panel/pm-fail', [BillingController::class,
+	'failPM'])->middleware([ 'auth', 'verified' ]);
+
 Route::get('/panel/cards', [BillingController::class,
 	'getCards'])->middleware([ 'auth', 'verified' ]);
 
@@ -127,6 +137,11 @@ Route::post('/hooks/charge',
 Route::post('/hooks/payeer-transaction',
 	[BillingController::class, 'processPayeer']);
 
+//PM handler function
+Route::post('/hooks/pm-transaction',
+	[BillingController::class, 'processPM']);
+
 //Payment attempt is over
 Route::get('/panel/clear-paying',
 	[UserController::class, 'clearPaying']);
+