Skip to content

Commit

Permalink
Stripe - Client pays removal
Browse files Browse the repository at this point in the history
- Complete removal of client paying Stripe fees feature
- Add PHP error logging to the Stripe payment process
  • Loading branch information
wrongecho committed Sep 10, 2024
1 parent 760f07e commit 549868e
Show file tree
Hide file tree
Showing 10 changed files with 105 additions and 179 deletions.
12 changes: 9 additions & 3 deletions database_updates.php
Original file line number Diff line number Diff line change
Expand Up @@ -2159,10 +2159,16 @@
mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.8'");
}

// if (CURRENT_DATABASE_VERSION == '1.4.8') {
// // Insert queries here required to update to DB version 1.4.9
if (CURRENT_DATABASE_VERSION == '1.4.8') {
mysqli_query($mysqli, "ALTER TABLE `settings` DROP `config_stripe_client_pays_fees`");

mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.9'");
}

// if (CURRENT_DATABASE_VERSION == '1.4.9') {
// // Insert queries here required to update to DB version 1.5.0
// // Then, update the database to the next sequential version
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.4.9'");
// mysqli_query($mysqli, "UPDATE `settings` SET `config_current_database_version` = '1.5.0'");
// }

} else {
Expand Down
2 changes: 1 addition & 1 deletion database_version.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@
* It is used in conjunction with database_updates.php
*/

DEFINE("LATEST_DATABASE_VERSION", "1.4.8");
DEFINE("LATEST_DATABASE_VERSION", "1.4.9");
1 change: 0 additions & 1 deletion db.sql
Original file line number Diff line number Diff line change
Expand Up @@ -1513,7 +1513,6 @@ CREATE TABLE `settings` (
`config_ai_url` varchar(250) DEFAULT NULL,
`config_ai_api_key` varchar(250) DEFAULT NULL,
`config_stripe_flat_fee` decimal(15,2) NOT NULL DEFAULT 0.30,
`config_stripe_client_pays_fees` tinyint(1) NOT NULL DEFAULT 0,
`config_azure_client_id` varchar(200) DEFAULT NULL,
`config_azure_client_secret` varchar(200) DEFAULT NULL,
`config_module_enable_itdoc` tinyint(1) NOT NULL DEFAULT 1,
Expand Down
1 change: 0 additions & 1 deletion get_settings.php
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,6 @@
$config_stripe_expense_category = intval($row['config_stripe_expense_category']);
$config_stripe_percentage_fee = floatval($row['config_stripe_percentage_fee']);
$config_stripe_flat_fee = floatval($row['config_stripe_flat_fee']);
$config_stripe_client_pays_fees = intval($row['config_stripe_client_pays_fees']);

// AI Provider Details
$config_ai_enable = intval($row['config_ai_enable']);
Expand Down
8 changes: 0 additions & 8 deletions guest_ajax.php
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,6 @@

$config_sql = mysqli_query($mysqli, "SELECT * FROM settings WHERE company_id = 1");
$config_row = mysqli_fetch_array($config_sql);
$config_stripe_client_pays_fees = intval($config_row['config_stripe_client_pays_fees']);
$config_stripe_percentage_fee = floatval($config_row['config_stripe_percentage_fee']);
$config_stripe_flat_fee = floatval($config_row['config_stripe_flat_fee']);

Expand All @@ -68,15 +67,8 @@
$amount_paid = floatval($row['amount_paid']);
$balance_to_pay = $invoice_amount - $amount_paid;

// Check config to see if client pays fees is enabled
if ($config_stripe_client_pays_fees == 1) {
// Calculate the amount to charge the client
$balance_to_pay = ($balance_to_pay + $config_stripe_flat_fee) / (1 - $config_stripe_percentage_fee);
}

$balance_to_pay = round($balance_to_pay, 2);


if (intval($balance_to_pay) == 0) {
exit("No balance outstanding");
}
Expand Down
74 changes: 15 additions & 59 deletions guest_pay_invoice_stripe.php
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,10 @@ function log_to_console($message) {
}

// Define wording
DEFINE("WORDING_PAYMENT_FAILED", "<br><h2>There was an error verifying your payment. Please contact us for more information.</h2>");
DEFINE("WORDING_PAYMENT_FAILED", "<br><h2>There was an error verifying your payment. Please contact us for more information before attempting payment again.</h2>");

// Setup Stripe
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret, config_stripe_account, config_stripe_expense_vendor, config_stripe_expense_category, config_stripe_percentage_fee, config_stripe_flat_fee, config_stripe_client_pays_fees FROM settings WHERE company_id = 1"));
$stripe_vars = mysqli_fetch_array(mysqli_query($mysqli, "SELECT config_stripe_enable, config_stripe_publishable, config_stripe_secret, config_stripe_account, config_stripe_expense_vendor, config_stripe_expense_category, config_stripe_percentage_fee, config_stripe_flat_fee FROM settings WHERE company_id = 1"));
$config_stripe_enable = intval($stripe_vars['config_stripe_enable']);
$config_stripe_publishable = nullable_htmlentities($stripe_vars['config_stripe_publishable']);
$config_stripe_secret = nullable_htmlentities($stripe_vars['config_stripe_secret']);
Expand All @@ -22,13 +22,12 @@ function log_to_console($message) {
$config_stripe_expense_category = intval($stripe_vars['config_stripe_expense_category']);
$config_stripe_percentage_fee = floatval($stripe_vars['config_stripe_percentage_fee']);
$config_stripe_flat_fee = floatval($stripe_vars['config_stripe_flat_fee']);
$config_stripe_client_pays_fees = intval($stripe_vars['config_stripe_client_pays_fees']);

// Check Stripe is configured
if ($config_stripe_enable == 0 || $config_stripe_account == 0 || empty($config_stripe_publishable) || empty($config_stripe_secret)) {
echo "<br><h2>Stripe payments not enabled/configured</h2>";
require_once 'guest_footer.php';

error_log("Stripe payment error - disabled. Check payments are enabled, Expense account is set, Stripe publishable and secret keys are configured.");
exit();
}

Expand Down Expand Up @@ -56,7 +55,7 @@ function log_to_console($message) {
if (!$sql || mysqli_num_rows($sql) !== 1) {
echo "<br><h2>Oops, something went wrong! Please ensure you have the correct URL and have not already paid this invoice.</h2>";
require_once 'guest_footer.php';

error_log("Stripe payment error - Invoice with ID $invoice_id is unknown/not eligible to be paid.");
exit();
}

Expand Down Expand Up @@ -84,16 +83,6 @@ function log_to_console($message) {
$amount_paid = floatval($row['amount_paid']);
$balance_to_pay = $invoice_amount - $amount_paid;

if ($config_stripe_client_pays_fees == 1) {
$balance_before_fees = $balance_to_pay;
// See here for passing costs on to client https://support.stripe.com/questions/passing-the-stripe-fee-on-to-customers
// Calculate the amount to charge the client
$balance_to_pay = ($balance_to_pay + $config_stripe_flat_fee) / (1 - $config_stripe_percentage_fee);
// Calculate the fee amount
$gateway_fee = round($balance_to_pay - $balance_before_fees, 2);

}

//Round balance to pay to 2 decimal places
$balance_to_pay = round($balance_to_pay, 2);

Expand Down Expand Up @@ -143,14 +132,6 @@ function log_to_console($message) {
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $item_total, $invoice_currency_code); ?></td>
</tr>

<?php }
if ($config_stripe_client_pays_fees == 1) { ?>

<tr>
<td>Gateway Fees</td>
<td class="text-center">-</td>
<td class="text-right"><?php echo numfmt_format_currency($currency_format, $gateway_fee, $invoice_currency_code); ?></td>
</tr>
<?php } ?>


Expand Down Expand Up @@ -215,12 +196,14 @@ function log_to_console($message) {
$pi_obj = \Stripe\PaymentIntent::retrieve($pi_id);

if ($pi_obj->client_secret !== $pi_cs) {
error_log("Stripe payment error - Payment intent ID/Secret mismatch for $pi_id");
exit(WORDING_PAYMENT_FAILED);
} elseif ($pi_obj->status !== "succeeded") {
exit(WORDING_PAYMENT_FAILED);
} elseif ($pi_obj->amount !== $pi_obj->amount_received) {
// The invoice wasn't paid in full
// this should be flagged for manual review as would indicate something weird happening
error_log("Stripe payment error - payment amount does not match amount paid for $pi_id");
exit(WORDING_PAYMENT_FAILED);
}

Expand All @@ -245,6 +228,7 @@ function log_to_console($message) {
LIMIT 1"
);
if (!$invoice_sql || mysqli_num_rows($invoice_sql) !== 1) {
error_log("Stripe payment error - Invoice with ID $invoice_id is unknown/not eligible to be paid. PI $pi_id");
exit(WORDING_PAYMENT_FAILED);
}

Expand Down Expand Up @@ -277,24 +261,8 @@ function log_to_console($message) {
$amount_paid_previously = $row['amount_paid'];
$balance_to_pay = $invoice_amount - $amount_paid_previously;

// Check config to see if client pays fees is enabled or if should expense it
if ($config_stripe_client_pays_fees == 1) {
$balance_before_fees = $balance_to_pay;
// See here for passing costs on to client https://support.stripe.com/questions/passing-the-stripe-fee-on-to-customers
// Calculate the amount to charge the client
$balance_to_pay = ($balance_to_pay + $config_stripe_flat_fee) / (1 - $config_stripe_percentage_fee);
// Calculate the fee amount
$gateway_fee = round($balance_to_pay - $balance_before_fees, 2);

// Add as line item to client Invoice
mysqli_query($mysqli,"INSERT INTO invoice_items SET item_name = 'Gateway Fees', item_description = 'Payment Gateway Fees', item_quantity = 1, item_price = $gateway_fee, item_subtotal = $gateway_fee, item_total = $gateway_fee, item_order = 999, item_invoice_id = $invoice_id");
// Update the Amount on the invoice to include the gateway fee
$new_invoice_amount = $invoice_amount + $gateway_fee;
mysqli_query($mysqli,"UPDATE invoices SET invoice_amount = $new_invoice_amount WHERE invoice_id = $invoice_id");
}

// Check to see if Expense Fields are configured and client pays fee is off then create expense
if ($config_stripe_client_pays_fees == 0 && $config_stripe_expense_vendor > 0 && $config_stripe_expense_category > 0) {
// Check to see if Expense Fields are configured to create Stripe payment expense
if ($config_stripe_expense_vendor > 0 && $config_stripe_expense_category > 0) {
// Calculate gateway expense fee
$gateway_fee = round($balance_to_pay * $config_stripe_percentage_fee + $config_stripe_flat_fee, 2);

Expand All @@ -307,7 +275,8 @@ function log_to_console($message) {

// Sanity check that the amount paid is exactly the invoice outstanding balance
if (intval($balance_to_pay) !== intval($pi_amount_paid)) {
exit("Something went wrong confirming this payment. Please get in touch.");
error_log("Stripe payment error - Invoice balance does not match amount paid for $pi_id");
exit(WORDING_PAYMENT_FAILED);
}

// Apply payment
Expand All @@ -319,11 +288,6 @@ function log_to_console($message) {
mysqli_query($mysqli, "INSERT INTO payments SET payment_date = '$pi_date', payment_amount = $pi_amount_paid, payment_currency_code = '$pi_currency', payment_account_id = $config_stripe_account, payment_method = 'Stripe', payment_reference = 'Stripe - $pi_id', payment_invoice_id = $invoice_id");
mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Paid', history_description = 'Payment added - $ip - $os - $browser', history_invoice_id = $invoice_id");

// Add Gateway fees to history if applicable
if ($config_stripe_client_pays_fees == 1) {
mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Paid', history_description = 'Gateway fees of $gateway_fee has been billed', history_invoice_id = $invoice_id");
}

// Notify
mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Invoice Paid', notification = 'Invoice $invoice_prefix$invoice_number has been paid - $ip - $os - $browser', notification_action = 'invoice.php?invoice_id=$invoice_id', notification_client_id = $pi_client_id");

Expand All @@ -332,9 +296,7 @@ function log_to_console($message) {
if (!$pi_livemode) {
$extended_log_desc = '(DEV MODE)';
}
if ($config_stripe_client_pays_fees == 1) {
$extended_log_desc .= ' (Client Pays Fees [' . numfmt_format_currency($currency_format, $gateway_fee, $invoice_currency_code) . ']])';
}

mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Payment', log_action = 'Create', log_description = 'Stripe payment of $pi_currency $pi_amount_paid against invoice $invoice_prefix$invoice_number - $pi_id $extended_log_desc', log_ip = '$ip', log_user_agent = '$user_agent', log_client_id = $pi_client_id");


Expand Down Expand Up @@ -369,22 +331,16 @@ function log_to_console($message) {
];
$mail = addToMailQueue($mysqli, $data);

// Email Logging
if ($mail === true) {
mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Emailed Receipt!', history_invoice_id = $invoice_id");
} else {
mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Email Receipt Failed!', history_invoice_id = $invoice_id");
// Email logging
mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Emailed Receipt!', history_invoice_id = $invoice_id");

mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email'");
mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Mail', log_action = 'Error', log_description = 'Failed to send email to $contact_email regarding $subject. $mail'");
}
}

// Redirect user to invoice
header('Location: //' . $config_base_url . '/guest_view_invoice.php?invoice_id=' . $pi_invoice_id . '&url_key=' . $invoice_url_key);

} else {
echo "<br><h2>Oops, something went wrong! Please raise a ticket if you believe this is an error.</h2>";
exit(WORDING_PAYMENT_FAILED);
}


Expand Down
13 changes: 1 addition & 12 deletions guest_view_invoice.php
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,6 @@
$config_stripe_enable = intval($row['config_stripe_enable']);
$config_stripe_percentage_fee = floatval($row['config_stripe_percentage_fee']);
$config_stripe_flat_fee = floatval($row['config_stripe_flat_fee']);
$config_stripe_client_pays_fees = intval($row['config_stripe_client_pays_fees']);

//Set Currency Format
$currency_format = numfmt_create($company_locale, NumberFormatter::CURRENCY);
Expand Down Expand Up @@ -113,16 +112,6 @@
// Calculate the balance owed
$balance = $invoice_amount - $amount_paid;

// Calculate Gateway Fee
if ($config_stripe_client_pays_fees == 1) {
$balance_before_fees = $balance;
// See here for passing costs on to client https://support.stripe.com/questions/passing-the-stripe-fee-on-to-customers
// Calculate the amount to charge the client
$balance_to_pay = ($balance + $config_stripe_flat_fee) / (1 - $config_stripe_percentage_fee);
// Calculate the fee amount
$gateway_fee = round($balance_to_pay - $balance_before_fees, 2);
}

//check to see if overdue
$invoice_color = $invoice_badge_color; // Default
if ($invoice_status !== "Paid" && $invoice_status !== "Draft" && $invoice_status !== "Cancelled") {
Expand Down Expand Up @@ -170,7 +159,7 @@
<a class="btn btn-default" href="#" onclick="pdfMake.createPdf(docDefinition).download('<?php echo strtoAZaz09(html_entity_decode("$invoice_date-$company_name-Invoice-$invoice_prefix$invoice_number")); ?>');"><i class="fa fa-fw fa-download mr-2"></i>Download</a>
<?php
if ($invoice_status !== "Paid" && $invoice_status !== "Cancelled" && $invoice_status !== "Draft" && $config_stripe_enable == 1) { ?>
<a class="btn btn-success" href="guest_pay_invoice_stripe.php?invoice_id=<?php echo $invoice_id; ?>&url_key=<?php echo $url_key; ?>"><i class="fa fa-fw fa-credit-card mr-2"></i>Pay Now <?php if($config_stripe_client_pays_fees == 1) { echo "(Gateway Fee: " . numfmt_format_currency($currency_format, $gateway_fee, $invoice_currency_code) . ")"; } ?></a>
<a class="btn btn-success" href="guest_pay_invoice_stripe.php?invoice_id=<?php echo $invoice_id; ?>&url_key=<?php echo $url_key; ?>"><i class="fa fa-fw fa-credit-card mr-2"></i>Pay Now </a>
<?php } ?>
</div>
</div>
Expand Down
3 changes: 3 additions & 0 deletions post/invoice.php
Original file line number Diff line number Diff line change
Expand Up @@ -931,6 +931,9 @@

$_SESSION['alert_type'] = "error";
$_SESSION['alert_message'] = "Payment deleted";
if ($config_stripe_enable) {
$_SESSION['alert_message'] = "Payment deleted - Stripe payments must be manually refunded in Stripe";
}

header("Location: " . $_SERVER["HTTP_REFERER"]);

Expand Down
3 changes: 1 addition & 2 deletions post/setting.php
Original file line number Diff line number Diff line change
Expand Up @@ -458,9 +458,8 @@
$config_stripe_expense_category = intval($_POST['config_stripe_expense_category']);
$config_stripe_percentage_fee = floatval($_POST['config_stripe_percentage_fee']) / 100;
$config_stripe_flat_fee = floatval($_POST['config_stripe_flat_fee']);
$config_stripe_client_pays_fees = intval($_POST['config_stripe_client_pays_fees']);

mysqli_query($mysqli,"UPDATE settings SET config_stripe_enable = $config_stripe_enable, config_stripe_publishable = '$config_stripe_publishable', config_stripe_secret = '$config_stripe_secret', config_stripe_account = $config_stripe_account, config_stripe_expense_vendor = $config_stripe_expense_vendor, config_stripe_expense_category = $config_stripe_expense_category, config_stripe_percentage_fee = $config_stripe_percentage_fee, config_stripe_flat_fee = $config_stripe_flat_fee, config_stripe_client_pays_fees = $config_stripe_client_pays_fees WHERE company_id = 1");
mysqli_query($mysqli,"UPDATE settings SET config_stripe_enable = $config_stripe_enable, config_stripe_publishable = '$config_stripe_publishable', config_stripe_secret = '$config_stripe_secret', config_stripe_account = $config_stripe_account, config_stripe_expense_vendor = $config_stripe_expense_vendor, config_stripe_expense_category = $config_stripe_expense_category, config_stripe_percentage_fee = $config_stripe_percentage_fee, config_stripe_flat_fee = $config_stripe_flat_fee WHERE company_id = 1");

//Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Settings', log_action = 'Modify', log_description = '$session_name modified online payment settings', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id");
Expand Down
Loading

0 comments on commit 549868e

Please sign in to comment.