Implement PayPal payment processing

public_html/authenticators/payment.php

@@ -0,0 +1,40 @@
+<?php
+/*
+ * ReDonate is more free software. It is licensed under the WTFPL, which
+ * allows you to do pretty much anything with it, without having to
+ * ask permission. Commercial use is allowed, and no attribution is
+ * required. We do politely request that you share your modifications
+ * to benefit other developers, but you are under no enforced
+ * obligation to do so :)
+ * 
+ * Please read the accompanying LICENSE document for the full WTFPL
+ * licensing text.
+ */
+
+if(!isset($_APP)) { die("Unauthorized."); }
+
+try
+{
+	$sPaymentRequest = new PaymentRequest($router->uParameters[2]);
+}
+catch (NotFoundException $e)
+{
+	throw new RouterException("No such payment request exists.");
+}
+
+if($sPaymentRequest->sSubscription->uEmailAddress != $router->uParameters[1])
+{
+	throw new RouterException("The given e-mail address does not match the e-mail address for this payment request.");
+}
+
+if($sPaymentRequest->uKey != $router->uParameters[3])
+{
+	throw new RouterException("The given key does not match the key for this payment request.");
+}
+
+if($sPaymentRequest->sPaid === true)
+{
+	throw new RouterException("The payment request was already fulfilled.");
+}
+
+$sRouterAuthenticated = true;

public_html/classes/campaign.php

@@ -94,6 +94,21 @@ class Campaign extends CPHPDatabaseRecordClass
 		return ($this->sOwnerId == $userid);
 	}
 	
+	public function GetPaymentMethod($type)
+	{
+		try
+		{
+			$sPaymentMethod = PaymentMethod::CreateFromQuery("SELECT * FROM payment_methods WHERE `CampaignId` = :CampaignId AND `Type` = :Type", 
+				array(":CampaignId" => $this->sId, ":Type" => $type), 30, true);
+		}
+		catch (NotFoundException $e)
+		{
+			throw new NotFoundException("No valid payment method specified.");
+		}
+		
+		return $sPaymentMethod;
+	}
+	
 	public function UpdateStatistics()
 	{
 		global $database, $cphp_config;

public_html/classes/paymentrequest.php

@@ -0,0 +1,45 @@
+<?php
+/*
+ * ReDonate is more free software. It is licensed under the WTFPL, which
+ * allows you to do pretty much anything with it, without having to
+ * ask permission. Commercial use is allowed, and no attribution is
+ * required. We do politely request that you share your modifications
+ * to benefit other developers, but you are under no enforced
+ * obligation to do so :)
+ * 
+ * Please read the accompanying LICENSE document for the full WTFPL
+ * licensing text.
+ */
+ 
+if(!isset($_APP)) { die("Unauthorized."); }
+
+class PaymentRequest extends CPHPDatabaseRecordClass
+{
+	public $table_name = "payment_requests";
+	public $fill_query = "SELECT * FROM payment_requests WHERE `Id` = :Id";
+	public $verify_query = "SELECT * FROM payment_requests WHERE `Id` = :Id";
+	
+	public $prototype = array(
+		'string' => array(
+			'Currency'		=> "Currency",
+			'Key'			=> "Key"
+		),
+		'numeric' => array(
+			'CampaignId'		=> "CampaignId",
+			'SubscriptionId'	=> "SubscriptionId",
+			'Amount'		=> "Amount"
+		),
+		'boolean' => array(
+			'Paid'			=> "Paid"
+		),
+		'timestamp' => array(
+			'IssueDate'		=> "Date"
+		),
+		'campaign' => array(
+			'Campaign'		=> "CampaignId"
+		),
+		'subscription' => array(
+			'Subscription'		=> "SubscriptionId"
+		)
+	);
+}

public_html/modules/error/nosuchpayment.php

@@ -0,0 +1,16 @@
+<?php
+/*
+ * ReDonate is more free software. It is licensed under the WTFPL, which
+ * allows you to do pretty much anything with it, without having to
+ * ask permission. Commercial use is allowed, and no attribution is
+ * required. We do politely request that you share your modifications
+ * to benefit other developers, but you are under no enforced
+ * obligation to do so :)
+ * 
+ * Please read the accompanying LICENSE document for the full WTFPL
+ * licensing text.
+ */
+
+if(!isset($_APP)) { die("Unauthorized."); }
+
+throw new NotFoundException("No such payment request was found.");

public_html/modules/payment/notify_done.php

@@ -0,0 +1,20 @@
+<?php
+/*
+ * ReDonate is more free software. It is licensed under the WTFPL, which
+ * allows you to do pretty much anything with it, without having to
+ * ask permission. Commercial use is allowed, and no attribution is
+ * required. We do politely request that you share your modifications
+ * to benefit other developers, but you are under no enforced
+ * obligation to do so :)
+ * 
+ * Please read the accompanying LICENSE document for the full WTFPL
+ * licensing text.
+ */
+
+if(!isset($_APP)) { die("Unauthorized."); }
+
+$sPaymentRequest->uPaid = true;
+$sPaymentRequest->InsertIntoDatabase();
+
+$sPageTitle = "Thanks!";
+$sPageContents = NewTemplater::Render("payment/done", $locale->strings, array());

public_html/modules/payment/paypal.php

@@ -0,0 +1,40 @@
+<?php
+/*
+ * ReDonate is more free software. It is licensed under the WTFPL, which
+ * allows you to do pretty much anything with it, without having to
+ * ask permission. Commercial use is allowed, and no attribution is
+ * required. We do politely request that you share your modifications
+ * to benefit other developers, but you are under no enforced
+ * obligation to do so :)
+ * 
+ * Please read the accompanying LICENSE document for the full WTFPL
+ * licensing text.
+ */
+
+if(!isset($_APP)) { die("Unauthorized."); }
+
+try
+{
+	$sPaymentMethod = $sPaymentRequest->sCampaign->GetPaymentMethod(PaymentMethod::PAYPAL);
+}
+catch (NotFoundException $e)
+{
+	throw new RouterException("No such payment method found.");
+}
+
+if($sPaymentRequest->sCurrency == "btc")
+{
+	$sCurrency = urlencode("USD");
+	$sAmount = Currency::Convert("usd", "btc", $sPaymentRequest->sAmount);
+}
+else
+{
+	$sCurrency = urlencode(strtoupper($sPaymentRequest->sCurrency));
+	$sAmount = urlencode($sPaymentRequest->sAmount);
+}
+
+$sQuotedRecipient = urlencode($sPaymentMethod->sAddress);
+$sQuotedName = urlencode("{$sPaymentRequest->sCampaign->sName} (via ReDonate.net)");
+$sQuotedNumber = urlencode("{$sPaymentRequest->sId}");
+$sQuotedReturnUrl = urlencode("http://redonate.net/pay/{$sPaymentRequest->sSubscription->sEmailAddress}/{$sPaymentRequest->sId}/{$sPaymentRequest->sKey}/paypal/done");
+redirect("https://www.paypal.com/cgi-bin/webscr?business={$sQuotedRecipient}&cmd=_donations&item_name={$sQuotedName}&item_number={$sQuotedNumber}&currency_code={$sCurrency}&amount={$sAmount}&return={$sQuotedReturnUrl}");

public_html/rewrite.php

@@ -58,6 +58,26 @@ $router->routes = array(
 			'authenticator' => "authenticators/user.php",
 			'auth_error' => "modules/error/guest.php"
 		),
+		"^/pay/(.+)/([0-9]+)/([a-zA-Z0-9]+)/(.+)/done$"		=> array(
+			'target' => "modules/payment/notify_done.php",
+			'authenticator' => "authenticators/payment.php",
+			'auth_error' => "modules/error/nosuchpayment.php"
+		),
+		"^/pay/(.+)/([0-9]+)/([a-zA-Z0-9]+)/paypal$"		=> array(
+			'target' => "modules/payment/paypal.php",
+			'authenticator' => "authenticators/payment.php",
+			'auth_error' => "modules/error/nosuchpayment.php"
+		),
+		"^/pay/(.+)/([0-9]+)/([a-zA-Z0-9]+)/bitcoin$"		=> array(
+			'target' => "modules/payment/bitcoin.php",
+			'authenticator' => "authenticators/payment.php",
+			'auth_error' => "modules/error/nosuchpayment.php"
+		),
+		"^/pay/(.+)/([0-9]+)/([a-zA-Z0-9]+)/([0-9]+)$"		=> array(
+			'target' => "modules/payment/other.php",
+			'authenticator' => "authenticators/payment.php",
+			'auth_error' => "modules/error/nosuchpayment.php"
+		),
 		"^/campaign/([a-zA-Z0-9-]+)$"				=> "modules/landing.php",
 		"^/campaign/([a-zA-Z0-9-]+)/subscribe$"			=> "modules/subscribe.php"
 	)

public_html/templates/payment/done.tpl

@@ -0,0 +1,5 @@
+<h2>Thanks for donating!</h2>
+
+<p>
+	Thank you for your contribution. You can close this page now.
+</p>