ishukshin · May 8, 2016 05:16
diff --git a/config.php b/config.php
 $configs = [
  'shopId' => '12345',
  'ShopPassword' => 'abcdefgh',
  'scId' => '3456',
 ];
diff --git a/description.md b/description.md
diff --git a/form.phtml b/form.phtml
 <form action="https://demomoney.yandex.ru/eshop.xml" method="post">
    <input name="shopId" value="<?=$this->yandexConfig['shopId']?>" type="hidden"/>
    <input name="scid" value="<?=$this->yandexConfig['scId']?>" type="hidden"/>
    <input name="sum" value="<?=$price?>" type="hidden">
    <input type="hidden" name="CustomerNumber" value="<?=$user->getId();?>">
    <input name="paymentType" value="AC" type="hidden"/> <!-- а тут можно задать типы оплаты через select, если нужно что-то, кроме карт  -->
    <input name="orderNumber" value="<?=$order->getId();?>" type="hidden"/>
    <input name="cps_email" value="<?=$this->escape($user->getEmail());?>" type="hidden"/>
    <input name="shopSuccessURL" type="hidden" value="http://site.ru/payd/"/>
    <input name="shopFailURL" type="hidden" value="http://site.ru/fail/"/>
  <input type="submit" value="Заплатить" />
 </form>
diff --git a/YandexKassa.php b/YandexKassa.php
 <?php 

 class YK{
  /* ... */ 
  /**
   * проверка заказа
   * @param array $params параметры от яндекса
   */
  public function check($params){
      $code = 0;
      $message = '';
      
      if(!isset($params['orderNumber']) or !$params['orderNumber']){
          $code = 100;
          $message = 'no number';
      } else {
          $order = $this->entityManager->find($params['orderNumber']);
       
          if(!$order){
              $message = 'no such order';
              $code = 100;
          }
      }
      
      if($order and $order->getProviderPrice() != $params['orderSumAmount']){
          $message = 'Wrong sum. Price should be the same as was placed via placeOrder()';
          $order->setStatus('error');
          $order->setPaydDetails($params);
          
          $this->entityManager->persist($order);
          $this->entityManager->flush();
          
          $code = 100;
      }
      
      if(!$code) {
          $hash = md5($params['action'] . ';' . $params['orderSumAmount'] . ';' . $params['orderSumCurrencyPaycash'] . ';' . $params['orderSumBankPaycash'] . ';' . $this->configs['shopId'] . ';' . $params['invoiceId'] . ';' . $params['customerNumber'] . ';' . $this->configs['ShopPassword']);
          if (strtolower($hash) != strtolower($params['md5'])) {
              $code = 1;
          }
          // $code = 0; // REMOVE IT
      }
      $ret = '<?xml version="1.0" encoding="UTF-8"?>';
      $ret.= '<checkOrderResponse performedDatetime="' . $params['requestDatetime'] . '" message="'.$message.'" code="' . $code . '"' . ' invoiceId="' . $params['invoiceId'] . '" shopId="' . $this->configs['shopId'] . '"/>';
      
      echo $ret;
  }
  
  /**
   * проведение платежа успешно, отмечаем отмеченность
   * @param array $params
   */
  public function aviso($params) {
      $code = 0;
      $message = '';
      
      if(!isset($params['orderNumber']) or !$params['orderNumber']){
          $code = 200;
          $message = 'no number';
      } else {
          $order = $this->entityManager->find($params['orderNumber']);
       
          if(!$order){
              $message = 'no such order';
              $code = 200;
          }
      }
      
      if(!$code){
          $hash = md5($params['action'] . ';' . $params['orderSumAmount'] . ';' . $params['orderSumCurrencyPaycash'] . ';' . $params['orderSumBankPaycash'] . ';' . $this->configs['shopId'] . ';' . $params['invoiceId'] . ';' . $params['customerNumber'] . ';' . $this->configs['ShopPassword']);
          if (strtolower($hash) != strtolower($params['md5'])) {
              $code = 1;
          } else {
              $code = 0;
          }
          
          # отмечаем оплаченность и сохраняем детали
          $order->setIspayd(true);
          $order->setStatus('work'); // new не бывает у ispayd=true
          $order->setPaydDetails($params);
          
          $this->entityManager->persist($order);
          $this->entityManager->flush();
      }
      $ret = '<?xml version="1.0" encoding="UTF-8"?>';
      $ret.= '<paymentAvisoResponse performedDatetime="' . $params['requestDatetime'] . '" code="' . $code . '" invoiceId="' . $params['invoiceId'] . '" shopId="' . $this->configs['shopId'] . '"/>';
      
      echo $ret;
  }
 }
	$configs = [
	'shopId' => '12345',
	'ShopPassword' => 'abcdefgh',
	'scId' => '3456',
	];
	<form action="https://demomoney.yandex.ru/eshop.xml" method="post">
	<input name="shopId" value="<?=$this->yandexConfig['shopId']?>" type="hidden"/>
	<input name="scid" value="<?=$this->yandexConfig['scId']?>" type="hidden"/>
	<input name="sum" value="<?=$price?>" type="hidden">
	<input type="hidden" name="CustomerNumber" value="<?=$user->getId();?>">
	<input name="paymentType" value="AC" type="hidden"/> <!-- а тут можно задать типы оплаты через select, если нужно что-то, кроме карт -->
	<input name="orderNumber" value="<?=$order->getId();?>" type="hidden"/>
	<input name="cps_email" value="<?=$this->escape($user->getEmail());?>" type="hidden"/>
	<input name="shopSuccessURL" type="hidden" value="http://site.ru/payd/"/>
	<input name="shopFailURL" type="hidden" value="http://site.ru/fail/"/>
	<input type="submit" value="Заплатить" />
	</form>
	<?php

	class YK{
	/* ... */
	/**
	* проверка заказа
	* @param array $params параметры от яндекса
	*/
	public function check($params){
	$code = 0;
	$message = '';

	if(!isset($params['orderNumber']) or !$params['orderNumber']){
	$code = 100;
	$message = 'no number';
	} else {
	$order = $this->entityManager->find($params['orderNumber']);

	if(!$order){
	$message = 'no such order';
	$code = 100;
	}
	}

	if($order and $order->getProviderPrice() != $params['orderSumAmount']){
	$message = 'Wrong sum. Price should be the same as was placed via placeOrder()';
	$order->setStatus('error');
	$order->setPaydDetails($params);

	$this->entityManager->persist($order);
	$this->entityManager->flush();

	$code = 100;
	}

	if(!$code) {
	$hash = md5($params['action'] . ';' . $params['orderSumAmount'] . ';' . $params['orderSumCurrencyPaycash'] . ';' . $params['orderSumBankPaycash'] . ';' . $this->configs['shopId'] . ';' . $params['invoiceId'] . ';' . $params['customerNumber'] . ';' . $this->configs['ShopPassword']);
	if (strtolower($hash) != strtolower($params['md5'])) {
	$code = 1;
	}
	// $code = 0; // REMOVE IT
	}
	$ret = '<?xml version="1.0" encoding="UTF-8"?>';
	$ret.= '<checkOrderResponse performedDatetime="' . $params['requestDatetime'] . '" message="'.$message.'" code="' . $code . '"' . ' invoiceId="' . $params['invoiceId'] . '" shopId="' . $this->configs['shopId'] . '"/>';

	echo $ret;
	}

	/**
	* проведение платежа успешно, отмечаем отмеченность
	* @param array $params
	*/
	public function aviso($params) {
	$code = 0;
	$message = '';

	if(!isset($params['orderNumber']) or !$params['orderNumber']){
	$code = 200;
	$message = 'no number';
	} else {
	$order = $this->entityManager->find($params['orderNumber']);

	if(!$order){
	$message = 'no such order';
	$code = 200;
	}
	}

	if(!$code){
	$hash = md5($params['action'] . ';' . $params['orderSumAmount'] . ';' . $params['orderSumCurrencyPaycash'] . ';' . $params['orderSumBankPaycash'] . ';' . $this->configs['shopId'] . ';' . $params['invoiceId'] . ';' . $params['customerNumber'] . ';' . $this->configs['ShopPassword']);
	if (strtolower($hash) != strtolower($params['md5'])) {
	$code = 1;
	} else {
	$code = 0;
	}

	# отмечаем оплаченность и сохраняем детали
	$order->setIspayd(true);
	$order->setStatus('work'); // new не бывает у ispayd=true
	$order->setPaydDetails($params);

	$this->entityManager->persist($order);
	$this->entityManager->flush();
	}
	$ret = '<?xml version="1.0" encoding="UTF-8"?>';
	$ret.= '<paymentAvisoResponse performedDatetime="' . $params['requestDatetime'] . '" code="' . $code . '" invoiceId="' . $params['invoiceId'] . '" shopId="' . $this->configs['shopId'] . '"/>';

	echo $ret;
	}
	}