Merge pull request #75 from razorpay/PO-73

PO-73 (No 'merchant_order_id' for few of the transaction on WHMCS plugin)

Author: rohitcbr

modules/gateways/razorpay.php

@@ -1,6 +1,8 @@
 <?php
 
 require_once __DIR__.'/razorpay/razorpay-sdk/Razorpay.php';
+require_once __DIR__.'/razorpay/rzpordermapping.php';
+
 
 use Razorpay\Api\Api;
 use Razorpay\Api\Errors;
@@ -39,6 +41,16 @@ function razorpay_config()
     global $CONFIG;
 
     $webhookUrl = $CONFIG['SystemURL'].'/modules/gateways/razorpay/razorpay-webhook.php';
+    $rzpOrderMapping = new RZPOrderMapping(razorpay_MetaData()['DisplayName']);
+
+    try
+    {
+        $rzpOrderMapping->createTable();
+    }
+    catch (Exception $e)
+    {
+        logTransaction(razorpay_MetaData()['DisplayName'], $e->getMessage(), "Unsuccessful - Create Table");
+    }
 
     return array(
         // the friendly display name for a payment gateway should be
@@ -145,6 +157,28 @@ function createRazorpayOrderId(array $params)
 
     $_SESSION[$sessionKey] = $razorpayOrderId;
 
+    $rzpOrderMapping = new RZPOrderMapping(razorpay_MetaData()['DisplayName']);
+
+    if ((isset($params['invoiceid']) === false) or
+        (isset($razorpayOrderId) === false))
+    {
+        $error = [
+            "invoice_id" => $params['invoiceid'],
+            "razorpay_order_id" => $razorpayOrderId
+        ];
+        logTransaction(razorpay_MetaData()['DisplayName'], $error, "Validation Failure");
+        return;
+    }
+
+    try
+    {
+        $rzpOrderMapping->insertOrder($params['invoiceid'], $razorpayOrderId);
+    }
+    catch (Exception $e)
+    {
+        logTransaction(razorpay_MetaData()['DisplayName'], $e->getMessage(), "Unsuccessful - Insert Order");
+    }
+
     return $razorpayOrderId;
 }
 
@@ -176,7 +210,7 @@ function razorpay_link($params)
     $whmcsVersion = $params['whmcsVersion'];
     $razorpayWHMCSVersion = RAZORPAY_WHMCS_VERSION;
     $checkoutUrl = 'https://checkout.razorpay.com/v1/checkout.js';
-    $callbackUrl = (substr($params['systemurl'], -1) === '/') ? $params['systemurl'] . 'modules/gateways/razorpay/razorpay.php' : $params['systemurl'] . '/modules/gateways/razorpay/razorpay.php';
+    $callbackUrl = (substr($params['systemurl'], -1) === '/') ? $params['systemurl'] . 'modules/gateways/razorpay/razorpay.php?merchant_order_id=' . $invoiceId : $params['systemurl'] . '/modules/gateways/razorpay/razorpay.php?merchant_order_id=' . $invoiceId;
 
     $razorpayOrderId = createRazorpayOrderId($params);
 

modules/gateways/razorpay/razorpay-webhook.php

@@ -108,6 +108,7 @@ function orderPaid(array $data, $gatewayParams)
     // We don't process subscription/invoice payments here
     if (isset($data['payload']['payment']['entity']['invoice_id']) === true)
     {
+        logTransaction($gatewayParams['name'], "returning order.paid webhook", "Invoice ID exists");
         return;
     }
 
@@ -137,6 +138,7 @@ function orderPaid(array $data, $gatewayParams)
     // If it is already marked as paid or failed ignore the event
     if($order['totalresults'] == 0 or $order['orders']['order'][0]['paymentstatus'] === 'Paid')
     {
+        logTransaction($gatewayParams['name'], "order detail not found or already paid or failed", "INFO");
         return;
     }
 

modules/gateways/razorpay/razorpay.php

@@ -12,6 +12,7 @@
 require_once __DIR__ . '/../../../includes/gatewayfunctions.php';
 require_once __DIR__ . '/../../../includes/invoicefunctions.php';
 require_once __DIR__ . '/razorpay-sdk/Razorpay.php';
+require_once __DIR__ . '/rzpordermapping.php';
 
 use Razorpay\Api\Api;
 use Razorpay\Api\Errors;
@@ -29,8 +30,8 @@
 }
 
 // Retrieve data returned in payment gateway callback
-$merchant_order_id   = $_POST["merchant_order_id"];
-$razorpay_payment_id = $_POST["razorpay_payment_id"];
+$merchant_order_id   = (isset($_POST['merchant_order_id']) === true) ? $_POST['merchant_order_id'] : $_GET['merchant_order_id'];
+$razorpay_payment_id = $_POST['razorpay_payment_id'];
 
 // Validate Callback Invoice ID.
 $merchant_order_id = checkCbInvoiceID($merchant_order_id, $gatewayParams['name']);
@@ -99,8 +100,34 @@ function verifySignature(int $order_no, array $response, $gatewayParams)
     );
 
     $sessionKey = getOrderSessionKey($order_no);
-
-    $attributes[RAZORPAY_ORDER_ID] = $_SESSION[$sessionKey];
-
+    $razorpayOrderId = "";
+
+    if (isset($_SESSION[$sessionKey]) === true)
+    {
+        $razorpayOrderId = $_SESSION[$sessionKey];
+    }
+    else
+    {
+        logTransaction($gatewayParams['name'], $sessionKey, "Session not found");
+        try
+        {
+            if (isset($order_no) === true)
+            {
+                $rzpOrderMapping = new RZPOrderMapping($gatewayParams['name']);
+                $razorpayOrderId = $rzpOrderMapping->getRazorpayOrderID($order_no);
+            }
+            else
+            {
+                $error = "merchant_order_id is not set";
+                logTransaction($gatewayParams['name'], $error, "Validation Failure");
+            }
+        }
+        catch (Exception $e)
+        {
+            logTransaction($gatewayParams['name'], $e->getMessage(), "Unsuccessful - Fetch Order");
+        }
+    }
+
+    $attributes[RAZORPAY_ORDER_ID] = $razorpayOrderId;
     $api->utility->verifyPaymentSignature($attributes);
 }

modules/gateways/razorpay/rzpordermapping.php

@@ -0,0 +1,86 @@
+<?php
+
+use Illuminate\Database\Capsule\Manager as Capsule;
+
+class RZPOrderMapping
+{
+    private $name;
+
+    function __construct($name)
+    {
+        $this->name = $name;
+    }
+
+    function createTable()
+    {
+        if (!Capsule::schema()->hasTable('tblrzpordermapping'))
+        {
+            Capsule::schema()->create('tblrzpordermapping', function($table) {
+                $table->increments('id');
+                $table->string('merchant_order_id', 20);
+                $table->string('razorpay_order_id', 20);
+            });
+        }
+    }
+
+    function insertOrder($merchant_order_id, $razorpay_order_id)
+    {
+        $merchant_order_id = stripcslashes($merchant_order_id);
+        $razorpay_order_id = stripcslashes($razorpay_order_id);
+
+        if (($this->validateMerchantOrderID($merchant_order_id) === false) or
+            ($this->validateRazorpayOrderID($razorpay_order_id) === false))
+        {
+            $error = [
+                "merchant_order_id" => $merchant_order_id,
+                "razorpay_order_id" => $razorpay_order_id
+            ];
+
+            logTransaction($this->name, $error, 'Validation Failure');
+
+            return;
+        }
+        $insert_array = [
+            "merchant_order_id" => $merchant_order_id,
+            "razorpay_order_id" => $razorpay_order_id
+        ];
+
+        Capsule::table('tblrzpordermapping')->insert($insert_array);
+    }
+
+    function getRazorpayOrderID($merchant_order_id)
+    {
+        $merchant_order_id = stripcslashes($merchant_order_id);
+
+        if (($this->validateMerchantOrderID($merchant_order_id)) === false)
+        {
+            $error = [
+                "merchant_order_id" => $merchant_order_id
+            ];
+
+            logTransaction($this->name, $error, 'Validation Failure');
+
+            return;
+        }
+        $result = Capsule::table('tblrzpordermapping')
+            ->select('razorpay_order_id')
+            ->where('merchant_order_id', '=', $merchant_order_id)
+            ->orderBy('id', 'desc')
+            ->first();
+
+        return $result->razorpay_order_id;
+    }
+
+    function validateMerchantOrderID($merchant_order_id)
+    {
+        $pattern = '(^[0-9]+$)';
+        return (preg_match($pattern, (string) $merchant_order_id) === 1) ? true : false;
+    }
+
+    function validateRazorpayOrderID($razorpay_order_id)
+    {
+        $pattern = '(^order_[a-zA-Z0-9]+$)';
+        return ((preg_match($pattern, (string) $razorpay_order_id) === 1)
+        and (strlen(substr($razorpay_order_id, 6)) === 14)) ? true : false;
+    }
+}