<?php namespace App\Http\Controllers\Payment\Product; use App\Models\Order; use App\Helpers\Helper; use App\Models\Product; use App\Models\Currency; use App\Models\Shipping; use Illuminate\Support\Str; use App\Models\Emailsetting; use Illuminate\Http\Request; use App\Models\PaymentGatewey; use Illuminate\Support\Carbon; use Barryvdh\DomPDF\Facade as PDF; use PHPMailer\PHPMailer\Exception; use PHPMailer\PHPMailer\PHPMailer; use App\Http\Controllers\Controller; use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Session; class PaytmController extends Controller { public function store(Request $request) { if (Session::has('currency')) { $curr = Currency::find(Session::get('currency')); } else { $curr = Currency::where('is_default', '=', 1)->first(); } $available_currency = array( 'INR' ); if (!in_array($curr->name, $available_currency)) { return redirect()->back()->with('warning', 'Invalid Currency For Paytm.'); } if (!Session::has('cart')) { return view('errors.404'); } $cart = Session::get('cart'); $total = 0; foreach ($cart as $id => $item) { $product = Product::findOrFail($id); if ($product->stock < $item['qty']) { $notification = array( 'messege' => $product->title . ' stock not available', 'alert' => 'error' ); return redirect()->back()->with('notification', $notification); } } if (isset($request->is_ship)) { $request->validate([ 'shipping_name' => 'required', 'shipping_email' => 'required', 'shipping_number' => 'required', 'shipping_address' => 'required', 'shipping_country' => 'required', 'shipping_state' => 'required', 'shipping_zip_code' => 'required', 'billing_name' => 'required', 'billing_email' => 'required', 'billing_number' => 'required', 'billing_address' => 'required', 'billing_country' => 'required', 'billing_state' => 'required', ]); } else { $request->validate([ 'billing_name' => 'required', 'billing_email' => 'required', 'billing_number' => 'required', 'billing_address' => 'required', 'billing_country' => 'required', 'billing_state' => 'required', ]); } // Validation Ends $input = $request->all(); $charge = Shipping::findOrFail($request->shipping_charge); $charge->cost = Helper::showPrice($charge->cost); $input['shipping_charge'] = json_encode($charge, true); $new_shipping_charge = json_decode($input['shipping_charge'], true); $final_shipping_charge = $new_shipping_charge['cost']; $order = new Order(); $order['currency_name'] = $input['currency_code']; $order['currency_sign'] = $input['currency_sign']; $order['currency_value'] = $input['currency_value']; $order['shipping_name'] = $input['shipping_name']; $order['shipping_email'] = $input['shipping_email']; $order['shipping_address'] = $input['shipping_address']; $order['shipping_number'] = $input['shipping_number']; $order['shipping_country'] = $input['shipping_country']; $order['shipping_state'] = $input['shipping_state']; $order['shipping_zip'] = $input['shipping_zip_code']; $order['shipping_state'] = $input['shipping_state']; $order['billing_name'] = $input['billing_name']; $order['billing_email'] = $input['billing_email']; $order['billing_number'] = $input['billing_number']; $order['billing_address'] = $input['billing_address']; $order['billing_country'] = $input['billing_country']; $order['billing_state'] = $input['billing_state']; $order['billing_zip'] = $input['billing_zip_code']; $order['billing_state'] = $input['billing_state']; $order['created_at'] = Carbon::now(); $order['cart'] = json_encode($cart, true); $user = Auth::user(); $order['user_info'] = json_encode($user, true); $order['user_id'] = $user->id; $order['method'] = 'Paytm'; $order['order_number'] = Str::random(5).time(); $order['payment_status'] = 0; $order['order_status'] = 0; $order['shipping_charge_info'] = $input['shipping_charge']; $order['total'] = Helper::Total($final_shipping_charge); $order['qty'] = count($cart); $order['txn_id'] = 'txn_' . Str::random(8) . time(); $order->save(); $order_id = $order->id; foreach ($cart as $id => $item) { $product = Product::findOrFail($id); $stock = $product->stock - $item['qty']; Product::where('id', $id)->update([ 'stock' => $stock ]); } $fileName = Str::random(4) . time() . '.pdf'; $path = 'assets/front/invoices/product/' . $fileName; $data['order'] = $order; $pdf = PDF::loadView('pdf.product', $data)->save($path); Order::where('id', $order_id)->update([ 'invoice_number' => $fileName ]); $item_number = $order_id; $item_amount = Helper::Total($final_shipping_charge); Session::put('item_number', $item_number); Session::put('order_id', $order_id); Session::put('invoice', $fileName); $data_for_request = $this->handlePaytmRequest($item_number, $item_amount); $paytm_txn_url = 'https://securegw.paytm.in/theia/processTransaction'; $paramList = $data_for_request['paramList']; $checkSum = $data_for_request['checkSum']; return view('front.paytm', compact('paytm_txn_url', 'paramList', 'checkSum')); } public function handlePaytmRequest($order_id, $amount) { $data = PaymentGatewey::whereKeyword('paytm')->first(); $paydata = $data->convertAutoData(); // Load all functions of encdec_paytm.php and config-paytm.php $this->getAllEncdecFunc(); // $this->getConfigPaytmSettings(); $checkSum = ""; $paramList = array(); // Create an array having all required parameters for creating checksum. $paramList["MID"] = $paydata['merchant']; $paramList["ORDER_ID"] = $order_id; $paramList["CUST_ID"] = $order_id; $paramList["INDUSTRY_TYPE_ID"] = $paydata['industry']; $paramList["CHANNEL_ID"] = 'WEB'; $paramList["TXN_AMOUNT"] = $amount; $paramList["WEBSITE"] = $paydata['website']; $paramList["CALLBACK_URL"] = route('product.paytm.notify'); $paytm_merchant_key = $paydata['secret']; //Here checksum string will return by getChecksumFromArray() function. $checkSum = getChecksumFromArray($paramList, $paytm_merchant_key); return array( 'checkSum' => $checkSum, 'paramList' => $paramList ); } function getAllEncdecFunc() { function encrypt_e($input, $ky) { $key = html_entity_decode($ky); $iv = "@@@@&&&&####$$$$"; $data = openssl_encrypt($input, "AES-128-CBC", $key, 0, $iv); return $data; } function decrypt_e($crypt, $ky) { $key = html_entity_decode($ky); $iv = "@@@@&&&&####$$$$"; $data = openssl_decrypt($crypt, "AES-128-CBC", $key, 0, $iv); return $data; } function pkcs5_pad_e($text, $blocksize) { $pad = $blocksize - (strlen($text) % $blocksize); return $text . str_repeat(chr($pad), $pad); } function pkcs5_unpad_e($text) { $pad = ord($text[ strlen($text) - 1]); if ($pad > strlen($text)) return false; return substr($text, 0, -1 * $pad); } function generateSalt_e($length) { $random = ""; srand((float) microtime() * 1000000); $data = "AbcDE123IJKLMN67QRSTUVWXYZ"; $data .= "aBCdefghijklmn123opq45rs67tuv89wxyz"; $data .= "0FGH45OP89"; for ($i = 0; $i < $length; $i++) { $random .= substr($data, (rand() % (strlen($data))), 1); } return $random; } function checkString_e($value) { if ($value == 'null') $value = ''; return $value; } function getChecksumFromArray($arrayList, $key, $sort = 1) { if ($sort != 0) { ksort($arrayList); } $str = getArray2Str($arrayList); $salt = generateSalt_e(4); $finalString = $str . "|" . $salt; $hash = hash("sha256", $finalString); $hashString = $hash . $salt; $checksum = encrypt_e($hashString, $key); return $checksum; } function getChecksumFromString($str, $key) { $salt = generateSalt_e(4); $finalString = $str . "|" . $salt; $hash = hash("sha256", $finalString); $hashString = $hash . $salt; $checksum = encrypt_e($hashString, $key); return $checksum; } function verifychecksum_e($arrayList, $key, $checksumvalue) { $arrayList = removeCheckSumParam($arrayList); ksort($arrayList); $str = getArray2StrForVerify($arrayList); $paytm_hash = decrypt_e($checksumvalue, $key); $salt = substr($paytm_hash, -4); $finalString = $str . "|" . $salt; $website_hash = hash("sha256", $finalString); $website_hash .= $salt; $validFlag = "FALSE"; if ($website_hash == $paytm_hash) { $validFlag = "TRUE"; } else { $validFlag = "FALSE"; } return $validFlag; } function verifychecksum_eFromStr($str, $key, $checksumvalue) { $paytm_hash = decrypt_e($checksumvalue, $key); $salt = substr($paytm_hash, -4); $finalString = $str . "|" . $salt; $website_hash = hash("sha256", $finalString); $website_hash .= $salt; $validFlag = "FALSE"; if ($website_hash == $paytm_hash) { $validFlag = "TRUE"; } else { $validFlag = "FALSE"; } return $validFlag; } function getArray2Str($arrayList) { $findme = 'REFUND'; $findmepipe = '|'; $paramStr = ""; $flag = 1; foreach ($arrayList as $key => $value) { $pos = strpos($value, $findme); $pospipe = strpos($value, $findmepipe); if ($pos !== false || $pospipe !== false) { continue; } if ($flag) { $paramStr .= checkString_e($value); $flag = 0; } else { $paramStr .= "|" . checkString_e($value); } } return $paramStr; } function getArray2StrForVerify($arrayList) { $paramStr = ""; $flag = 1; foreach ($arrayList as $key => $value) { if ($flag) { $paramStr .= checkString_e($value); $flag = 0; } else { $paramStr .= "|" . checkString_e($value); } } return $paramStr; } function redirect2PG($paramList, $key) { $hashString = getchecksumFromArray($paramList, $key); $checksum = encrypt_e($hashString, $key); } function removeCheckSumParam($arrayList) { if (isset($arrayList["CHECKSUMHASH"])) { unset($arrayList["CHECKSUMHASH"]); } return $arrayList; } function getTxnStatus($requestParamList) { return callAPI(PAYTM_STATUS_QUERY_URL, $requestParamList); } function getTxnStatusNew($requestParamList) { return callNewAPI(PAYTM_STATUS_QUERY_NEW_URL, $requestParamList); } function initiateTxnRefund($requestParamList) { $CHECKSUM = getRefundChecksumFromArray($requestParamList, PAYTM_MERCHANT_KEY, 0); $requestParamList["CHECKSUM"] = $CHECKSUM; return callAPI(PAYTM_REFUND_URL, $requestParamList); } function callAPI($apiURL, $requestParamList) { $jsonResponse = ""; $responseParamList = array(); $JsonData = json_encode($requestParamList); $postData = 'JsonData=' . urlencode($JsonData); $ch = curl_init($apiURL); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); curl_setopt($ch, CURLOPT_POSTFIELDS, $postData); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt( $ch, CURLOPT_HTTPHEADER, array( 'Content-Type: application/json', 'Content-Length: ' . strlen($postData) ) ); $jsonResponse = curl_exec($ch); $responseParamList = json_decode($jsonResponse, true); return $responseParamList; } function callNewAPI($apiURL, $requestParamList) { $jsonResponse = ""; $responseParamList = array(); $JsonData = json_encode($requestParamList); $postData = 'JsonData=' . urlencode($JsonData); $ch = curl_init($apiURL); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); curl_setopt($ch, CURLOPT_POSTFIELDS, $postData); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt( $ch, CURLOPT_HTTPHEADER, array( 'Content-Type: application/json', 'Content-Length: ' . strlen($postData) ) ); $jsonResponse = curl_exec($ch); $responseParamList = json_decode($jsonResponse, true); return $responseParamList; } function getRefundChecksumFromArray($arrayList, $key, $sort = 1) { if ($sort != 0) { ksort($arrayList); } $str = getRefundArray2Str($arrayList); $salt = generateSalt_e(4); $finalString = $str . "|" . $salt; $hash = hash("sha256", $finalString); $hashString = $hash . $salt; $checksum = encrypt_e($hashString, $key); return $checksum; } function getRefundArray2Str($arrayList) { $findmepipe = '|'; $paramStr = ""; $flag = 1; foreach ($arrayList as $key => $value) { $pospipe = strpos($value, $findmepipe); if ($pospipe !== false) { continue; } if ($flag) { $paramStr .= checkString_e($value); $flag = 0; } else { $paramStr .= "|" . checkString_e($value); } } return $paramStr; } function callRefundAPI($refundApiURL, $requestParamList) { $jsonResponse = ""; $responseParamList = array(); $JsonData = json_encode($requestParamList); $postData = 'JsonData=' . urlencode($JsonData); $ch = curl_init($refundApiURL); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_URL, $refundApiURL); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $postData); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $headers = array(); $headers[] = 'Content-Type: application/json'; curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); $jsonResponse = curl_exec($ch); $responseParamList = json_decode($jsonResponse, true); return $responseParamList; } } public function notify(Request $request) { if ('TXN_SUCCESS' === $request['STATUS']) { $orderid = Session::get('order_id'); $po = Order::findOrFail($orderid); $po->payment_status = 1; $po->save(); // Send Mail to Buyer $mail = new PHPMailer(true); $user = Auth::user(); $em = Emailsetting::first(); if ($em->is_smtp == 1) { try { $mail->isSMTP(); $mail->Host = $em->smtp_host; $mail->SMTPAuth = true; $mail->Username = $em->smtp_user; $mail->Password = $em->smtp_pass; $mail->SMTPSecure = $em->email_encryption; $mail->Port = $em->smtp_port; //Recipients $mail->setFrom($em->from_email, $em->from_name); $mail->addAddress($user->email, $user->name); // Attachments $mail->addAttachment('assets/front/invoices/product/' . Session::get("invoice")); // Content $mail->isHTML(true); $mail->Subject = "Order placed for Product"; $mail->Body = 'Hello <strong>' . $user->name . '</strong>,<br/>Your order has been placed successfully. We have attached an invoice in this mail.<br/>Thank you.'; $mail->send(); } catch (Exception $e) { // die($e->getMessage()); } } else { try { //Recipients $mail->setFrom($em->from_mail, $em->from_name); $mail->addAddress($user->email, $user->name); // Attachments $mail->addAttachment('assets/front/invoices/product/' . Session::get("invoice")); // Content $mail->isHTML(true); $mail->Subject = "Order placed for Product"; $mail->Body = 'Hello <strong>' . $user->name . '</strong>,<br/>Your order has been placed successfully. We have attached an invoice in this mail.<br/>Thank you.'; $mail->send(); } catch (Exception $e) { // die($e->getMessage()); } } Session::forget('invoice'); Session::forget('order_id'); Session::forget('cart'); $success_url = action('Payment\Product\PaypalController@payreturn'); return redirect($success_url); } else if ('TXN_FAILURE' === $request['STATUS']) { //return view( 'payment-failed' ); $po = Order::findOrFail(Session::get('item_number')); $po->delete(); return redirect(route('product.payment.cancle')); } } }