feat: fix payment ID length

The current value is too small, increasing it to 64 bytes.

src/mollie/callback.php

@@ -1,92 +1,97 @@
 <?php
-use Illuminate\Database\Capsule\Manager as Capsule;
+/**
-use Mollie\Api\MollieApiClient;
+ *
-
+ *    Setting requirements and includes
+ *
+ */
 require_once __DIR__ . '/../../../init.php';
 require_once __DIR__ . '/vendor/autoload.php';
 
 $whmcs->load_function('gateway');
 $whmcs->load_function('invoice');
 
-if ($_SERVER['REQUEST_METHOD'] !== 'POST' || empty($_POST['id'])) {
+/**
-    logTransaction('mollieunknown', $_POST, 'Callback - Failure 0 (Arg mismatch)');
+ *
-    http_response_code(500);
+ *    Check parameters
-    exit('Arg mismatch');
+ *
-}
+ */
+if (isset($_POST['id'])) {
 
-// Find transaction by Mollie payment ID
+    // Get transaction
-$transaction = Capsule::table('gateway_mollie')
+    $transactionQuery = select_query('gateway_mollie', '', array('paymentid' => $_POST['id']), null, null, 1);
-    ->where('paymentid', $_POST['id'])
-    ->first();
 
-if (!$transaction) {
+    if (mysql_num_rows($transactionQuery) != 1) {
-    logTransaction('mollieunknown', $_POST, 'Callback - Failure 2 (Transaction not found)');
+        logTransaction('mollieunknown', $_POST, 'Callback - Failure 2 (Transaction not found)');
-    http_response_code(500);
-    exit('Transaction not found');
-}
 
-$transaction = (array) $transaction;
+        header('HTTP/1.1 500 Transaction not found');
-$method = $transaction['method'] ?: 'checkout';
+        exit();
-
-// Load gateway configuration
-$_GATEWAY = getGatewayVariables('mollie' . $method . '_devapp');
-
-if ($transaction['status'] !== 'open') {
-    logTransaction($_GATEWAY['paymentmethod'], array_merge($transaction, $_POST), 'Callback - Failure 3 (Transaction not open)');
-    http_response_code(500);
-    exit('Transaction not open');
-}
-
-// Load currencies
-$userCurrency = getCurrency($transaction['userid']);
-$transactionCurrency = Capsule::table('tblcurrencies')
-    ->where('id', $transaction['currencyid'])
-    ->first();
-
-$transactionCurrency = (array) $transactionCurrency;
-
-// Init Mollie
-$mollie = new MollieApiClient();
-$mollie->setApiKey($_GATEWAY['key']);
-
-try {
-    $payment = $mollie->payments->get($_POST['id']);
-} catch (Exception $e) {
-    logTransaction($_GATEWAY['paymentmethod'], $_POST, 'Callback - Failure 4 (API Error): ' . $e->getMessage());
-    http_response_code(500);
-    exit('Mollie API error');
-}
-
-// Handle payment status
-if ($payment->isPaid()) {
-    // Currency conversion if needed
-    if ($transactionCurrency['id'] != $userCurrency['id']) {
-        $transaction['amount'] = convertCurrency($transaction['amount'], $transaction['currencyid'], $userCurrency['id']);
     }
 
-    $invoiceid = checkCbInvoiceID($transaction['invoiceid'], $_GATEWAY['paymentmethod']);
+    $transaction = mysql_fetch_assoc($transactionQuery);
-    checkCbTransID($transaction['paymentid']);
-    addInvoicePayment($invoiceid, $transaction['paymentid'], $transaction['amount'], '', $_GATEWAY['paymentmethod']);
 
-    Capsule::table('gateway_mollie')
+    $method = $transaction['method'];
-        ->where('id', $transaction['id'])
-        ->update(['status' => 'paid', 'updated' => date('Y-m-d H:i:s')]);
 
-    logTransaction($_GATEWAY['paymentmethod'], array_merge($transaction, $_POST), 'Callback - Successful (Paid)');
+    if (empty($method)) {
-    http_response_code(200);
+        $method = 'checkout';
-    exit('OK');
+    }
 
-} elseif (!$payment->isOpen()) {
+    $_GATEWAY = getGatewayVariables('mollie' . $method . '_devapp');
-    Capsule::table('gateway_mollie')
-        ->where('id', $transaction['id'])
-        ->update(['status' => 'closed', 'updated' => date('Y-m-d H:i:s')]);
 
-    logTransaction($_GATEWAY['paymentmethod'], array_merge($transaction, $_POST), 'Callback - Successful (Closed)');
+    if ($transaction['status'] != 'open') {
-    http_response_code(200);
+        logTransaction($_GATEWAY['paymentmethod'], array_merge($transaction, $_POST), 'Callback - Failure 3 (Transaction not open)');
-    exit('Closed');
 
+        header('HTTP/1.1 500 Transaction not open');
+        exit();
+    }
+
+    // Get user and transaction currencies
+    $userCurrency = getCurrency($transaction['userid']);
+    $transactionCurrency = select_query('tblcurrencies', '', array('id' => $transaction['currencyid']));
+    $transactionCurrency = mysql_fetch_assoc($transactionCurrency);
+
+    // Check payment
+    $mollie = new \Mollie\Api\MollieApiClient();
+    $mollie->setApiKey($_GATEWAY['key']);
+
+    $payment = $mollie->payments->get($_POST['id']);
+
+    if ($payment->isPaid()) {
+
+        // Add conversion, when there is need to. WHMCS only supports currencies per user. WHY?!
+        if ($transactionCurrency['id'] != $userCurrency['id']) {
+            $transaction['amount'] = convertCurrency($transaction['amount'], $transaction['currencyid'], $userCurrency['id']);
+        }
+
+        // Check invoice
+        $invoiceid = checkCbInvoiceID($transaction['invoiceid'], $_GATEWAY['paymentmethod']);
+
+        checkCbTransID($transaction['paymentid']);
+
+        // Add invoice
+        addInvoicePayment($invoiceid, $transaction['paymentid'], $transaction['amount'], '', $_GATEWAY['paymentmethod']);
+
+        update_query('gateway_mollie', array('status' => 'paid', 'updated' => date('Y-m-d H:i:s', time())), array('id' => $transaction['id']));
+
+        logTransaction($_GATEWAY['paymentmethod'], array_merge($transaction, $_POST), 'Callback - Successful (Paid)');
+
+        header('HTTP/1.1 200 OK');
+        exit();
+    } else if ($payment->isOpen() == FALSE) {
+        update_query('gateway_mollie', array('status' => 'closed', 'updated' => date('Y-m-d H:i:s', time())), array('id' => $transaction['id']));
+
+        logTransaction($_GATEWAY['paymentmethod'], array_merge($transaction, $_POST), 'Callback - Successful (Closed)');
+
+        header('HTTP/1.1 200 OK');
+        exit();
+    } else {
+        logTransaction($_GATEWAY['paymentmethod'], array_merge($transaction, $_POST), 'Callback - Failure 1 (Payment not open or paid)');
+
+        header('HTTP/1.1 500 Payment not open or paid');
+        exit();
+    }
 } else {
-    logTransaction($_GATEWAY['paymentmethod'], array_merge($transaction, $_POST), 'Callback - Failure 1 (Payment not open or paid)');
+    logTransaction('mollieunknown', $_POST, 'Callback - Failure 0 (Arg mismatch)');
-    http_response_code(500);
+
-    exit('Payment not open or paid');
+    header('HTTP/1.1 500 Arg mismatch');
-}
+    exit();
+}

src/mollie/mollie.php

@@ -41,7 +41,13 @@ function mollie_link($params, $method = Mollie_API_Object_Method::IDEAL)
     $tableCheckQuery = full_query('SHOW TABLES LIKE \'gateway_mollie\'');
 
     if (mysql_num_rows($tableCheckQuery) != 1) {
-        full_query('CREATE TABLE IF NOT EXISTS `gateway_mollie` (`id` int(11) NOT NULL AUTO_INCREMENT, `paymentid` varchar(40), `amount` double NOT NULL, `currencyid` int(11) NOT NULL, `ip` varchar(50) NOT NULL, `userid` int(11) NOT NULL, `invoiceid` int(11) NOT NULL, `status` ENUM(\'open\',\'paid\',\'closed\') NOT NULL DEFAULT \'open\', `method` VARCHAR(25) NOT NULL,  `created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, `updated` timestamp NULL DEFAULT NULL, PRIMARY KEY (`id`), UNIQUE KEY `paymentid` (`paymentid`)) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;');
+        full_query('CREATE TABLE IF NOT EXISTS `gateway_mollie` (`id` int(11) NOT NULL AUTO_INCREMENT, `paymentid` varchar(64), `amount` double NOT NULL, `currencyid` int(11) NOT NULL, `ip` varchar(50) NOT NULL, `userid` int(11) NOT NULL, `invoiceid` int(11) NOT NULL, `status` ENUM(\'open\',\'paid\',\'closed\') NOT NULL DEFAULT \'open\', `method` VARCHAR(25) NOT NULL,  `created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, `updated` timestamp NULL DEFAULT NULL, PRIMARY KEY (`id`), UNIQUE KEY `paymentid` (`paymentid`)) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;');
+    }
+
+    $paymentIdQuery = full_query("SHOW COLUMNS FROM `gateway_mollie` WHERE `Field` = 'paymentid' AND `Type` LIKE '%64%'");
+
+    if (mysql_num_rows($paymentIdQuery) == 0) {
+        full_query("ALTER TABLE `gateway_mollie` CHANGE `paymentid` `paymentid` VARCHAR(64);");
     }
 
     $mollie = new \Mollie\Api\MollieApiClient();
@@ -97,6 +103,7 @@ function mollie_link($params, $method = Mollie_API_Object_Method::IDEAL)
                 'metadata' => array(
                     'invoice_id' => $params['invoiceid'],
                 ),
+                'issuer' => ((isset($_POST['issuer']) && !empty($_POST['issuer'])) ? $_POST['issuer'] : NULL),
                 'dueDate' => (($method == \Mollie\Api\Types\PaymentMethod::BANKTRANSFER) ? date('Y-m-d', strtotime('+100 days')) : NULL),
             ));
 
@@ -107,6 +114,18 @@ function mollie_link($params, $method = Mollie_API_Object_Method::IDEAL)
         } else {
             $return = '<form action="viewinvoice.php?id=' . $params['invoiceid'] . '" method="POST">';
 
+            if ($method == \Mollie\Api\Types\PaymentMethod::IDEAL) {
+                $issuers = $mollie->methods->get('ideal', ['include' => 'issuers'])->issuers;
+
+                $return .= '<label for="issuer">' . $_GATEWAYLANG['selectBank'] . ':</label> ';
+
+                $return .= '<select name="issuer">';
+                foreach ($issuers as $issuer) {
+                    $return .= '<option value=' . htmlspecialchars($issuer->id) . '>' . htmlspecialchars($issuer->name) . '</option>';
+                }
+                $return .= '</select>';
+            }
+
             $return .= '<input type="submit" name="start" value="' . $_GATEWAYLANG['payWith' . ucfirst($method)] . '" /></form>';
 
             return $return;