FIX Checkout redirect when using special char in name or credentials

DoliCloud · Oct 12, 2024 · a7b84d0 · a7b84d0
1 parent 664c6b9
commit a7b84d0
Show file tree

Hide file tree

Showing 4 changed files with 114 additions and 83 deletions.
diff --git a/build/makepack-HelloAsso.conf b/build/makepack-HelloAsso.conf
@@ -0,0 +1,13 @@
+# HelloAssp Module for Dolibarr
+#
+# Goal:    Add HelloAsso Checkout payment inside Dolibarr
+# Author:  Copyright 2024 - Laurent Destailleur (DoliCloud)
+#          DoliCloud is the IT company specialized in Dolibarr - Web: www.dolicloud.com
+# Licence: GPL v3 (See file htdocs/google/gpl-v3.html)
+# Install: Just unpack content of module package into Dolibarr directory.
+# Setup:   Go on Dolibarr setup - modules page to enable HelloAsso module
+#          then edit setup parameters for this module.
+#
+# Files in module
+build/makepack-HelloAsso.conf
+htdocs/helloasso
diff --git a/htdocs/helloasso/admin/setup.php b/htdocs/helloasso/admin/setup.php
@@ -94,6 +94,7 @@
 // Enter here all parameters in your setup page
 
 $item = $formSetup->newItem('HELLOASSO_LIVE')->setAsYesNo();
+$item->fieldParams['forcereload'] = 'forcereload';
 
 $item = $formSetup->newItem('HELLOASSO_TEST_CLIENT_ORGANISATION');
 $item->helpText = $langs->transnoentities('HELLOASSO_TEST_CLIENT_ORGANISATION_HELP');
@@ -540,7 +541,16 @@
 	}
 }
 
-print dolGetButtonAction('',$langs->trans('TestConnectionHelloasso'), 'default', $_SERVER["PHP_SELF"].'?action=testconnect');
+$titlebutton = $langs->trans('TestConnectionHelloasso');
+if ((float) DOL_VERSION >= 21) {
+	if (getDolGlobalString('HELLOASSO_LIVE')) {
+		$titlebutton .= ' (Live)';
+	} else {
+		$titlebutton .= ' (Test)';
+	}
+}
+print dolGetButtonAction('', $titlebutton, 'default', $_SERVER["PHP_SELF"].'?action=testconnect', '', 1, array('attr' => array('class' => 'reposition')));
+
 
 if (empty($setupnotempty)) {
 	print '<br>'.$langs->trans("NothingToSetup");

diff --git a/htdocs/helloasso/class/actions_helloasso.class.php b/htdocs/helloasso/class/actions_helloasso.class.php
@@ -168,7 +168,7 @@ public function doMassActions($parameters, &$object, &$action, $hookmanager)
 	 */
 	public function addMoreMassActions($parameters, &$object, &$action, $hookmanager)
 	{
-		global $conf, $user, $langs;
+		global $langs;
 
 		$error = 0; // Error counter
 		$disabled = 1;
@@ -200,13 +200,7 @@ public function addMoreMassActions($parameters, &$object, &$action, $hookmanager
 	 */
 	public function beforePDFCreation($parameters, &$object, &$action)
 	{
-		global $conf, $user, $langs;
-		global $hookmanager;
-
-		$outputlangs = $langs;
-
 		$ret = 0;
-		$deltemp = array();
 		dol_syslog(get_class($this).'::executeHooks action='.$action);
 
 		/* print_r($parameters); print_r($object); echo "action: " . $action; */
@@ -228,13 +222,7 @@ public function beforePDFCreation($parameters, &$object, &$action)
 	 */
 	public function afterPDFCreation($parameters, &$pdfhandler, &$action)
 	{
-		global $conf, $user, $langs;
-		global $hookmanager;
-
-		$outputlangs = $langs;
-
 		$ret = 0;
-		$deltemp = array();
 		dol_syslog(get_class($this).'::executeHooks action='.$action);
 
 		/* print_r($parameters); print_r($object); echo "action: " . $action; */
@@ -257,7 +245,7 @@ public function afterPDFCreation($parameters, &$pdfhandler, &$action)
 	 */
 	public function loadDataForCustomReports($parameters, &$action, $hookmanager)
 	{
-		global $conf, $user, $langs;
+		global $user, $langs;
 
 		$langs->load("helloasso@helloasso");
 
@@ -327,7 +315,7 @@ public function restrictedArea($parameters, &$action, $hookmanager)
 	 */
 	public function completeTabsHead(&$parameters, &$object, &$action, $hookmanager)
 	{
-		global $langs, $conf, $user;
+		global $langs, $user;
 
 		if (!isset($parameters['object']->element)) {
 			return 0;
@@ -380,7 +368,7 @@ public function completeTabsHead(&$parameters, &$object, &$action, $hookmanager)
 	 */
 	public function doAddButton($parameters, &$object, &$action, $hookmanager)
 	{
-		global $conf, $user, $langs;
+		global $user, $langs;
 
 		$error = 0; // Error counter
 		$resprints = "";
@@ -460,7 +448,7 @@ public function getValidPayment($parameters, &$object, &$action, $hookmanager)
 	 */
 	public function doPayment($parameters, &$object, &$action, $hookmanager)
 	{
-		global $conf, $user, $langs,$db;
+		global $conf, $user, $langs, $db;
 
 		dol_include_once('helloasso/lib/helloasso.lib.php');
 
@@ -549,12 +537,14 @@ public function doPayment($parameters, &$object, &$action, $hookmanager)
 			if (!empty($SECUREKEY)) {
 				$urlback .= 'securekey='.urlencode($SECUREKEY).'&';
 			}
+			/*
 			if (!empty($entity)) {
 				$urlback .= 'e='.urlencode($entity).'&';
 			}
 			if (!empty($getpostlang)) {
 				$urlback .= 'lang='.urlencode($getpostlang).'&';
 			}
+			*/
 			$urlback .= 'action=returnDoPaymentHelloAsso';
 
 			$result = helloassoDoConnection();
@@ -569,6 +559,7 @@ public function doPayment($parameters, &$object, &$action, $hookmanager)
 			if (!$error) {
 				$payerarray = array();
 				helloassoGetDataFromObjects($source, $ref, 'payer', $payerarray);
+
 				$fulltag = $FULLTAG;
 				$FinalPaymentAmt = $_SESSION["FinalPaymentAmt"];
 				$amounttotest = $amount;
@@ -614,25 +605,29 @@ public function doPayment($parameters, &$object, &$action, $hookmanager)
 							if (!empty($payerarray)) {
 								$jsontosenddata .= '
 									"payer": {
-										'.(!empty($payerarray['firstName']) ? '"firstName": "'.$payerarray['firstName'].'",' : '' ).'
-										'.(!empty($payerarray['lastName']) ? '"lastName": "'.$payerarray['lastName'].'",' : '' ).'
-										'.(!empty($payerarray['email']) ? '"email": "'.$payerarray['email'].'",' : '' ).'
-										'.(!empty($payerarray['dateOfBirth']) ? '"dateOfBirth": "'.$payerarray['dateOfBirth'].'",' : '' ).'
-										'.(!empty($payerarray['address']) ? '"address": "'.$payerarray['address'].'",' : '' ).'
-										'.(!empty($payerarray['city']) ? '"city": "'.$payerarray['city'].'",' : '' ).'
-										'.(!empty($payerarray['zipCode']) ? '"zipCode": "'.$payerarray['zipCode'].'",' : '' ).'
-										'.(!empty($payerarray['country']) ? '"country": "'.$payerarray['country'].'",' : '' ).'
-										'.(!empty($payerarray['companyName']) ? '"companyName": "'.$payerarray['companyName'].'",' : '' ).'
+										'.(!empty($payerarray['firstName']) ? '"firstName": "'.dol_escape_js($payerarray['firstName']).'",' : '' ).'
+										'.(!empty($payerarray['lastName']) ? '"lastName": "'.dol_escape_js($payerarray['lastName']).'",' : '' ).'
+										'.(!empty($payerarray['email']) ? '"email": "'.dol_escape_js($payerarray['email']).'",' : '' ).'
+										'.(!empty($payerarray['dateOfBirth']) ? '"dateOfBirth": "'.dol_escape_js($payerarray['dateOfBirth']).'",' : '' ).'
+										'.(!empty($payerarray['address']) ? '"address": "'.dol_escape_js($payerarray['address']).'",' : '' ).'
+										'.(!empty($payerarray['city']) ? '"city": "'.dol_escape_js($payerarray['city']).'",' : '' ).'
+										'.(!empty($payerarray['zipCode']) ? '"zipCode": "'.dol_escape_js($payerarray['zipCode']).'",' : '' ).'
+										'.(!empty($payerarray['country']) ? '"country": "'.dol_escape_js($payerarray['country']).'",' : '' ).'
+										'.(!empty($payerarray['companyName']) ? '"companyName": "'.dol_escape_js($payerarray['companyName']).'",' : '' ).'
 									},';
 							}
 						$jsontosenddata .= '
 							"metadata": {
 								"source": "'.dol_escape_js($source).'",
-								"ref": "'.dol_escape_js($ref).'"
+								"ref": "'.dol_escape_js($ref).'",
+								"ip": "'.dol_escape_js(getUserRemoteIP()).'"
 							}';
 						$jsontosenddata .= '}';
+						//var_dump($jsontosenddata);exit;
+
+						$assoslug = str_replace('_', '-', dol_string_nospecial(strtolower(dol_string_unaccent($client_organisation)), '-'));
 
-						$urlforcheckout = "https://".urlencode($helloassourl)."/v5/organizations/".urlencode($client_organisation)."/checkout-intents";
+						$urlforcheckout = "https://".urlencode($helloassourl)."/v5/organizations/".urlencode($assoslug)."/checkout-intents";
 
 						dol_syslog("Send Post to url=".$urlforcheckout." with session FinalPaymentAmt = ".$FinalPaymentAmt." currencyCodeType = ".$_SESSION["currencyCodeType"], LOG_DEBUG);
 

diff --git a/htdocs/helloasso/lib/helloasso.lib.php b/htdocs/helloasso/lib/helloasso.lib.php
@@ -79,7 +79,7 @@ function helloassoAdminPrepareHead()
 
 /**
  * Refresh connection token
- * 
+ *
  * @throws Exception
  * @return TokenInterface|int	Token if OK
  */
@@ -89,7 +89,7 @@ function helloassoRefreshToken($storage, $service, $tokenobj, $client_id, $urlto
 	dol_syslog('HelloAsso::helloassoRefreshToken clientid='.$client_id.', service='.$service);
 
 	$refreshtoken = $tokenobj->getRefreshToken();
-	$ret = getURLContent($urltocall, 'POST', 'grant_type=refresh_token&client_id='.$client_id.'&refresh_token='.$refreshtoken, 1, array('content-type: application/x-www-form-urlencoded'));
+	$ret = getURLContent($urltocall, 'POST', 'grant_type=refresh_token&client_id='.urlencode($client_id).'&refresh_token='.urlencode($refreshtoken), 1, array('content-type: application/x-www-form-urlencoded'));
 
 	if ($ret["http_code"] == 200) {
 		$jsondata = $ret["content"];
@@ -153,7 +153,9 @@ function helloassoDoConnection()
 		}
 		$result = array("token_type" => $tokenobj->getExtraParams()["token_type"], "access_token" => $tokenobj->getAccessToken());
 	} catch (Exception $e) {
-		$ret = getURLContent($url, 'POST', 'grant_type=client_credentials&client_id='.$client_id.'&client_secret='.$client_id_secret, 1, array('content-type: application/x-www-form-urlencoded'));
+		//var_dump($url.' - '.$client_id.' - '.$client_id_secret);
+		$ret = getURLContent($url, 'POST', 'grant_type=client_credentials&client_id='.urlencode($client_id).'&client_secret='.urlencode($client_id_secret), 1, array('content-type: application/x-www-form-urlencoded'));
+		//var_dump($ret);
 
 		if ($ret["http_code"] == 200) {
 			$jsondata = $ret["content"];
@@ -182,12 +184,12 @@ function helloassoDoConnection()
 
 /**
  * Get data form an object
- * 
+ *
  * @param	$source 		The type of the object
  * @param	$ref			The ref of the object
  * @param	$mode			The mode to use for the function (amount or payer)
  * @param	$payerarray		An array to fill the payer informations (Must be set with payer mode)
- * 
+ *
  * @return	int				The amount to pay if mode amount or fill $payerarray for payer mode
  */
 
@@ -214,6 +216,9 @@ function helloassoGetDataFromObjects($source, $ref, $mode = 'amount', &$payerarr
 	$contractline = new ContratLigne($db);
 	$order = new Commande($db);
 
+	$error = 0;
+	$errors = array();
+
 	if ($source == "membersubscription") {
 		$source = 'member';
 	}
@@ -250,8 +255,10 @@ function helloassoGetDataFromObjects($source, $ref, $mode = 'amount', &$payerarr
 			} else {
 				if ($mode == 'amount') {
 					$member->fetch_thirdparty();
+
 					$subscription = new Subscription($db);
 					$adht->fetch($member->typeid);
+
 					$amount = $subscription->total_ttc;
 					if (GETPOST("amount", 'alpha')) {
 						$amount = GETPOST("amount", 'alpha');
@@ -267,6 +274,7 @@ function helloassoGetDataFromObjects($source, $ref, $mode = 'amount', &$payerarr
 				} else if($mode == 'payer' && !is_null($payerarray)) {
 					$payerarray['firstName'] = $member->firstname;
 					$payerarray['lastName'] = $member->lastname;
+					$payerarray['companyName'] = $member->societe;
 					$payerarray['email'] = $member->email;
 					$payerarray['dateOfBirth'] = dol_print_date($member->birth, 'dayrfc');
 				}
@@ -294,22 +302,25 @@ function helloassoGetDataFromObjects($source, $ref, $mode = 'amount', &$payerarr
 
 						$amount = $pu_ttc;
 					}
-				} else if($mode == 'payer' && !is_null($payerarray)) {
-					$invoice->fetch_thirdparty();
-					if ($invoice->thirdparty->isACompany()) {
-						$payerarray['companyName'] = $invoice->thirdparty->name;
-						$payerarray['address'] = $invoice->thirdparty->address;
-						$payerarray['zipCode'] = $invoice->thirdparty->zip;
-						$payerarray['city'] = $invoice->thirdparty->town;
-					} else {
-						$result = $member->fetch(0, '', $invoice->thirdparty->id);
-						if ($resut > 0) {
-							$payerarray['firstName'] = $member->firstname;
-							$payerarray['lastName'] = $member->lastname;
-							$payerarray['dateOfBirth'] = dol_print_date($member->birth, 'dayrfc');
-						}
+				} else if ($mode == 'payer' && !is_null($payerarray)) {
+					$contract = new Contrat($db);
+					$contract->fetch($contractline->fk_contrat);
+					$contract->fetch_thirdparty();
+
+					if ($contract->thirdparty->isACompany()) {
+						$payerarray['companyName'] = $contract->thirdparty->name;
 					}
-					$payerarray['email'] = $invoice->thirdparty->email;
+					$payerarray['address'] = $contract->thirdparty->address;
+					$payerarray['zipCode'] = $contract->thirdparty->zip;
+					$payerarray['city'] = $contract->thirdparty->town;
+
+					$result = $member->fetch(0, '', $contract->thirdparty->id);
+					if ($result > 0) {
+						$payerarray['firstName'] = $member->firstname;
+						$payerarray['lastName'] = $member->lastname;
+						$payerarray['dateOfBirth'] = dol_print_date($member->birth, 'dayrfc');
+					}
+					$payerarray['email'] = $contract->thirdparty->email;
 				}
 			}
 			break;
@@ -325,20 +336,21 @@ function helloassoGetDataFromObjects($source, $ref, $mode = 'amount', &$payerarr
 					if (GETPOST("amount", 'alpha')) {
 						$amount = GETPOST("amount", 'alpha');
 					}
-				} else if($mode == 'payer' && !is_null($payerarray)) {
+				} else if ($mode == 'payer' && !is_null($payerarray)) {
 					$invoice->fetch_thirdparty();
+
 					if ($invoice->thirdparty->isACompany()) {
 						$payerarray['companyName'] = $invoice->thirdparty->name;
-						$payerarray['address'] = $invoice->thirdparty->address;
-						$payerarray['zipCode'] = $invoice->thirdparty->zip;
-						$payerarray['city'] = $invoice->thirdparty->town;
-					} else {
-						$result = $member->fetch(0, '', $invoice->thirdparty->id);
-						if ($result > 0) {
-							$payerarray['firstName'] = $member->firstname;
-							$payerarray['lastName'] = $member->lastname;
-							$payerarray['dateOfBirth'] = dol_print_date($member->birth, 'dayrfc');
-						}
+					}
+					$payerarray['address'] = $invoice->thirdparty->address;
+					$payerarray['zipCode'] = $invoice->thirdparty->zip;
+					$payerarray['city'] = $invoice->thirdparty->town;
+
+					$result = $member->fetch(0, '', $invoice->thirdparty->id);
+					if ($result > 0) {
+						$payerarray['firstName'] = $member->firstname;
+						$payerarray['lastName'] = $member->lastname;
+						$payerarray['dateOfBirth'] = dol_print_date($member->birth, 'dayrfc');
 					}
 					$payerarray['email'] = $invoice->thirdparty->email;
 				}
@@ -356,20 +368,21 @@ function helloassoGetDataFromObjects($source, $ref, $mode = 'amount', &$payerarr
 					if (GETPOST("amount", 'alpha')) {
 						$amount = GETPOST("amount", 'alpha');
 					}
-				} else if($mode == 'payer' && !is_null($payerarray)) {
+				} else if ($mode == 'payer' && !is_null($payerarray)) {
 					$order->fetch_thirdparty();
+
 					if ($order->thirdparty->isACompany()) {
 						$payerarray['companyName'] = $order->thirdparty->name;
-						$payerarray['address'] = $order->thirdparty->address;
-						$payerarray['zipCode'] = $order->thirdparty->zip;
-						$payerarray['city'] = $order->thirdparty->town;
-					} else {
-						$result = $member->fetch(0, '', $order->thirdparty->id);
-						if ($resut > 0) {
-							$payerarray['firstName'] = $member->firstname;
-							$payerarray['lastName'] = $member->lastname;
-							$payerarray['dateOfBirth'] = dol_print_date($member->birth, 'dayrfc');
-						}
+					}
+					$payerarray['address'] = $order->thirdparty->address;
+					$payerarray['zipCode'] = $order->thirdparty->zip;
+					$payerarray['city'] = $order->thirdparty->town;
+
+					$result = $member->fetch(0, '', $order->thirdparty->id);
+					if ($result > 0) {
+						$payerarray['firstName'] = $member->firstname;
+						$payerarray['lastName'] = $member->lastname;
+						$payerarray['dateOfBirth'] = dol_print_date($member->birth, 'dayrfc');
 					}
 					$payerarray['email'] = $order->thirdparty->email;
 				}
@@ -384,21 +397,21 @@ function helloassoGetDataFromObjects($source, $ref, $mode = 'amount', &$payerarr
 			} else {
 				if ($mode == 'amount') {
 					$amount = $invoice->total_ttc;
-				} else if($mode == 'payer' && !is_null($payerarray)) {
-					$invoice->fetch_thirdparty();
+				} else if ($mode == 'payer' && !is_null($payerarray)) {
 					$invoice->fetch_thirdparty();
+
 					if ($invoice->thirdparty->isACompany()) {
 						$payerarray['companyName'] = $invoice->thirdparty->name;
-						$payerarray['address'] = $invoice->thirdparty->address;
-						$payerarray['zipCode'] = $invoice->thirdparty->zip;
-						$payerarray['city'] = $invoice->thirdparty->town;
-					} else {
-						$result = $member->fetch(0, '', $invoice->thirdparty->id);
-						if ($resut > 0) {
-							$payerarray['firstName'] = $member->firstname;
-							$payerarray['lastName'] = $member->lastname;
-							$payerarray['dateOfBirth'] = dol_print_date($member->birth, 'dayrfc');
-						}
+					}
+					$payerarray['address'] = $invoice->thirdparty->address;
+					$payerarray['zipCode'] = $invoice->thirdparty->zip;
+					$payerarray['city'] = $invoice->thirdparty->town;
+
+					$result = $member->fetch(0, '', $invoice->thirdparty->id);
+					if ($result > 0) {
+						$payerarray['firstName'] = $member->firstname;
+						$payerarray['lastName'] = $member->lastname;
+						$payerarray['dateOfBirth'] = dol_print_date($member->birth, 'dayrfc');
 					}
 					$payerarray['email'] = $invoice->thirdparty->email;
 				}