2018-09-02 17:31:48 +00:00
|
|
|
<?php
|
|
|
|
|
/**
|
|
|
|
|
* @file ordercomplete.pgkcp.php
|
|
|
|
|
* @date 2018-09-03
|
|
|
|
|
* @author Go Namhyeon <gnh1201@gmail.com>
|
|
|
|
|
* @brief KCP PG(Payment Gateway) contoller when complete
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
// detect CSRF attack
|
|
|
|
|
if(check_token_abuse_by_requests("_token", "_POST")) {
|
|
|
|
|
set_error("Access denied. (Expired session or Website attacker)");
|
|
|
|
|
show_errors();
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-02 17:33:27 +00:00
|
|
|
// set token
|
|
|
|
|
set_session_token();
|
|
|
|
|
|
2018-09-13 15:49:19 +00:00
|
|
|
// set redirect variables
|
2018-09-02 17:31:48 +00:00
|
|
|
$redirect_url = get_requested_value("redirect_url");
|
2018-09-23 19:10:32 +00:00
|
|
|
$ordr_idxx = get_requested_value("ordr_idxx");
|
2018-09-13 15:49:19 +00:00
|
|
|
$res_cd = get_requested_value("res_cd");
|
2018-11-10 18:55:42 +00:00
|
|
|
$pay_method_alias = get_requested_value("pay_method_alias");
|
2018-11-10 18:22:29 +00:00
|
|
|
|
|
|
|
|
// set action
|
|
|
|
|
// 0000: completed payment (완료된 결제)
|
|
|
|
|
// A001: free plan (무료)
|
|
|
|
|
// A002: hand-writing payment (수기결제, 무통장입금 등)
|
|
|
|
|
$action = "cancel";
|
|
|
|
|
if(in_array($res_cd, array("0000", "A001")) {
|
|
|
|
|
$action = "complete";
|
|
|
|
|
} elseif(in_array($res_cd, array("A002")) {
|
|
|
|
|
$action = "hold";
|
|
|
|
|
}
|
2018-09-13 15:49:19 +00:00
|
|
|
|
2018-09-23 19:10:32 +00:00
|
|
|
// check ordr_idxx
|
|
|
|
|
if(empty($ordr_idxx)) {
|
|
|
|
|
set_error("ordr_idxx can not empty");
|
|
|
|
|
set_errors();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// write storage file
|
|
|
|
|
$fd = json_encode($requests['_POST']);
|
|
|
|
|
$fw = write_storage_file($fd, array(
|
|
|
|
|
"filename" => get_hashed_text($ordr_idxx) . ".json",
|
|
|
|
|
"storage_type" => "payman"
|
|
|
|
|
));
|
|
|
|
|
|
|
|
|
|
// check write-protected
|
|
|
|
|
if(!$fw) {
|
2018-11-10 18:22:29 +00:00
|
|
|
set_error("maybe, your storage is write-protected.");
|
2018-09-23 19:10:32 +00:00
|
|
|
show_errors();
|
2018-09-13 15:49:19 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// redirect
|
2018-09-02 17:31:48 +00:00
|
|
|
redirect_uri(get_final_link($redirect_url, array(
|
2018-09-02 17:33:27 +00:00
|
|
|
"_token" => get_session_token(),
|
2018-09-13 15:49:19 +00:00
|
|
|
"_route" => get_requested_value("route"),
|
2018-09-23 19:10:32 +00:00
|
|
|
"_action" => $action,
|
2018-11-10 18:22:29 +00:00
|
|
|
"_ordr_idxx" => $ordr_idxx,
|
|
|
|
|
"_res_cd" => $res_cd,
|
|
|
|
|
"_pay_method_alias" => $pay_method_alias
|
2018-09-23 21:00:19 +00:00
|
|
|
), false), array(
|
|
|
|
|
"check_origin" => true
|
|
|
|
|
));
|
