diff --git a/app/Console/Commands/ServicesInit.php b/app/Console/Commands/ServicesInit.php index 7e84829..cfaeb35 100644 --- a/app/Console/Commands/ServicesInit.php +++ b/app/Console/Commands/ServicesInit.php @@ -58,6 +58,7 @@ class ServicesInit extends Command $s->available = true; $s->save(); + /* $s = new Service; $s->name = 'Language Targeted Views'; $s->type = 'views'; @@ -88,6 +89,7 @@ class ServicesInit extends Command $s->available = true; $s->description = 'Real impressionss and profile visits'; $s->save(); + */ $s = new Service; $s->name = 'Likes'; diff --git a/app/Http/Controllers/BillingController.php b/app/Http/Controllers/BillingController.php index f2ba8df..24f83c7 100644 --- a/app/Http/Controllers/BillingController.php +++ b/app/Http/Controllers/BillingController.php @@ -158,10 +158,13 @@ class BillingController extends Controller $allowed = ['185.71.65.92', '185.71.65.189', '149.202.17.210']; $ipAddress = $request->ip(); - if ($ipAddress !in_array($allowed)){ + if (!in_array($ipAddress, $allowed)){ abort(401); } + Log::debug('Processing Payeer payment'); + Log::debug($request); + $secret = config('services.payeer.secret'); $arHash = [$request->m_operation_id, $request->m_operation_ps, @@ -210,4 +213,63 @@ class BillingController extends Controller $user->save(); $transaction->save(); } + + public function pm(Request $request) { + $user = Auth::user(); + $account = config('services.pm.account'); + $transaction = $this->attempt($request->packs); + $total = $transaction->credits/100 + + $transaction->credits_extra/100; + $description = "You will receive $total credits."; + return ['account' => $account, 'transaction' => $transaction->id, + 'amount' => $transaction->charge/100, 'description' => $description]; + } + + //Handler run after PM payment succeds + public function processPM(Request $request) { + $allowed = ['77.109.141.170', '91.205.41.208', '94.242.216.60', + '78.41.203.75']; + $transaction = Transaction::find($request->PAYMENT_ID); + $secret = config('services.pm.secret'); + + //Check that sender is PM and account the amount was paid to is mine. + if (!in_array($request->ip(), $allowed)){ + abort(401); + } else if ($request->PAYEE_ACCOUNT != config('services.pm.account')) { + abort(422); + } else if (!$transaction->complete) { + abort(422); + } + + Log::debug('Processing PM payment'); + Log::debug($request); + + //Would need to be changed if baggage fields are used + $arHash = [$request->PAYMENT_ID, + $request->PAYEE_ACCOUNT, + $request->PAYMENT_AMOUNT, + $request->PAYMENT_UNITS, + $request->PAYMENT_BATCH_NUMBER, + $request->PAYER_ACCOUNT, + strtoupper(md5($secret)), + $request->TIMESTAMPGMT, + ]; + + $signature = strtoupper(md5(implode(':', $arHash))); + + if ($signature == $request->V2_HASH){ + $this->creditUser((int) $transaction->id); + } else { + abort(422, 'Bad hash'); + } + } + + public function completePM(Request $request) { + return redirect('/panel/#transaction-complete'); + } + + public function failPM(Request $request) { + return redirect('/panel/#transaction-failed'); + } + } diff --git a/config/services.php b/config/services.php index d054620..d4e6314 100644 --- a/config/services.php +++ b/config/services.php @@ -41,4 +41,9 @@ return [ 'id' => env('PAYEER_ID'), ], + 'pm' => [ + 'account' => env('PM_ACCOUNT'), + 'secret' => env('PM_SECRET'), + ] + ]; diff --git a/resources/js/panel/credits.vue b/resources/js/panel/credits.vue index 41a61bb..66451cc 100644 --- a/resources/js/panel/credits.vue +++ b/resources/js/panel/credits.vue @@ -111,7 +111,7 @@ function payPayeer() { }).then(response => {return response.json()}).then(data => { let form = document.createElement('form') document.body.appendChild(form) - form.method = 'post' + form.method = 'POST' form.action = 'https://payeer.com/merchant/' form.appendChild(this.makeInput('m_shop', data.shop)) form.appendChild(this.makeInput('m_orderid', data.transaction)) @@ -128,7 +128,34 @@ function payPayeer() { } function payPm() { - + fetch('/panel/pm', { + method: 'POST', + headers: {'Content-Type': 'application/json', + 'Accept': 'application/json', + 'X-XSRF-TOKEN': this.token}, + body: JSON.stringify({'packs': this.packs}) + }).then(response => {return response.json()}).then(data => { + let form = document.createElement('form') + document.body.appendChild(form) + form.method = 'POST' + form.action = 'https://perfectmoney.is/api/step1.asp' + form.appendChild(this.makeInput('PAYEE_ACCOUNT', data.account)) + form.appendChild(this.makeInput('PAYEE_NAME', 'Trendplays Network')) + form.appendChild(this.makeInput('PAYMENT_AMOUNT', data.amount)) + form.appendChild(this.makeInput('PAYMENT_UNITS', 'USD')) + form.appendChild(this.makeInput('PAYMENT_ID', data.transaction)) + form.appendChild(this.makeInput('STATUS_URL', + 'https://trendplays.com/hooks/pm-transaction')) + form.appendChild(this.makeInput('PAYMENT_URL', + 'https://trendplays.com/panel/pm-complete')) + form.appendChild(this.makeInput('PAYMENT_URL_METHOD', 'POST')) + form.appendChild(this.makeInput('NOPAYMENT_URL', + 'https://trendplays.com/panel/pm-fail')) + form.appendChild(this.makeInput('NOPAYMENT_URL_METHOD', 'GET')) + form.appendChild(this.makeInput('SUGGESTED_MEMO', data.description)) + form.appendChild(this.makeInput('SUGGESTED_MEMO_NOCHANGE', true)) + form.submit() + }) } function ready() { diff --git a/routes/web.php b/routes/web.php index c8693f2..6ed7090 100644 --- a/routes/web.php +++ b/routes/web.php @@ -116,6 +116,16 @@ Route::post('/panel/secret', [BillingController::class, Route::post('/panel/payeer', [BillingController::class, 'payeer'])->middleware([ 'auth', 'verified' ]); +//Initiate a Perfect Money payment +Route::post('/panel/pm', [BillingController::class, + 'pm'])->middleware([ 'auth', 'verified' ]); + +Route::post('/panel/pm-complete', [BillingController::class, + 'completePM'])->middleware([ 'auth', 'verified' ]); + +Route::post('/panel/pm-fail', [BillingController::class, + 'failPM'])->middleware([ 'auth', 'verified' ]); + Route::get('/panel/cards', [BillingController::class, 'getCards'])->middleware([ 'auth', 'verified' ]); @@ -127,6 +137,11 @@ Route::post('/hooks/charge', Route::post('/hooks/payeer-transaction', [BillingController::class, 'processPayeer']); +//PM handler function +Route::post('/hooks/pm-transaction', + [BillingController::class, 'processPM']); + //Payment attempt is over Route::get('/panel/clear-paying', [UserController::class, 'clearPaying']); +