mollienl-ideal-oplossing
Gesponsorde koppelingen
PHP script bestanden
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
<?php
$url = 'http://www.website.nl/iDEAL.php';
$partnerID = 12345; //Of gebruik mijn partnerID 15115 ;)
$testmode = true;
$server = '';
$username = '';
$password = '';
$database = '';
$ipadresses = array ('82.94.203.80', '82.94.203.81', '82.94.203.82', '82.94.203.83', '82.94.203.84', '82.94.203.85', '82.94.203.86');
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
if(mysql_connect($server, $username, $password))
{
if(mysql_select_db($database))
{
if(!empty($_GET['payment_id']) && ctype_alnum($_GET['payment_id']))
{
$payment_id = mysql_real_escape_string($_GET['payment_id']);
$query = "SELECT transaction_id, amount, description, paid FROM payments WHERE payment_id = '".$payment_id."'";
$result = mysql_query($query);
if($result && mysql_num_rows($result) == 1)
{
$transaction = mysql_fetch_assoc($result);
if(!empty($_GET['action']))
{
switch($_GET['action'])
{
case 'start':
if($transaction['paid'] == 0)
{
echo '<p>Er is een betaling aangemaakt voor <b>€ '.number_format($transaction['amount']/100, 2, ', ', '.').'</b> met als beschrijving <b>'.$transaction['description'].'</b>.</p>';
if($testmode)
{
curl_setopt($ch, CURLOPT_URL, "http://www.mollie.nl/xml/ideal?a=banklist&testmode=true");
}else{
curl_setopt($ch, CURLOPT_URL, "http://www.mollie.nl/xml/ideal?a=banklist");
}
$xml = new SimpleXMLElement(curl_exec($ch));
echo '<form method="post" action="?action=redirect&payment_id='.$payment_id.'">';
echo '<label for="bank_id">Uw bank:</label><br />';
echo '<select name="bank_id">';
foreach($xml->bank as $bank)
{
echo '<option value="'.$bank->bank_id.'">'.$bank->bank_name.'</option>';
}
echo '</select>';
echo '<input type="submit" name="verwerken" value="Verwerken"/>';
echo '</form>';
}else{
echo '<p>Sorry, deze transactie is reeds betaald!</p>';
}
break;
case 'redirect':
if($transaction['paid'] == 0)
{
if($_SERVER['REQUEST_METHOD'] == "POST")
{
if(!empty($_POST['bank_id']) && ctype_digit($_POST['bank_id']))
{
curl_setopt($ch, CURLOPT_URL, "http://www.mollie.nl/xml/ideal?a=fetch&partnerid=".$partnerID."&description=".urlencode($transaction['description'])."&reporturl=".urlencode($url.'?action=report&payment_id='.$payment_id)."&returnurl=".urlencode($url.'?action=return&payment_id='.$payment_id)."&amount=".$transaction['amount']."&bank_id=".$_POST['bank_id']."");
$xml = new SimpleXMLElement(curl_exec($ch));
if($xml->order->amount == $transaction['amount'])
{
$query = "UPDATE payments SET transaction_id = '".$xml->order->transaction_id."' WHERE payment_id = '".$payment_id."'";
$result = mysql_query($query);
if($result && mysql_affected_rows() == 1)
{
header('Location: '.$xml->order->URL);
}else{
echo '<p>Sorry, er is iets mis gegaan met het updaten van de database!</p>';
}
}else{
echo '<p>Sorry, er is iets mis gegaan met de aanvraag van deze betaling!</p>';
}
}else{
echo '<p>Sorry, er word een bank_id verwacht en deze dient numeriek te zijn!</p>';
}
}
}else{
echo '<p>Sorry, deze transactie is reeds betaald!</p>';
}
break;
case 'report':
if(in_array($_SERVER['REMOTE_ADDR'], $ipadresses))
{
if(!empty($_GET['transaction_id']) && ctype_alnum($_GET['transaction_id']))
{
if($testmode)
{
curl_setopt($ch, CURLOPT_URL, "http://www.mollie.nl/xml/ideal?a=check&partnerid=".$partnerID."&transaction_id=".$_GET['transaction_id']."&testmode=true");
}else{
curl_setopt($ch, CURLOPT_URL, "http://www.mollie.nl/xml/ideal?a=check&partnerid=".$partnerID."&transaction_id=".$_GET['transaction_id']."");
}
$xml = new SimpleXMLElement(curl_exec($ch));
if((string) $xml->order->payed == 'true')
{
$query = "UPDATE payments SET paid = 1 WHERE payment_id = '".$payment_id."' AND transaction_id = '".mysql_real_escape_string($_GET['transaction_id'])."'";
$result = mysql_query($query);
}
}
}
break;
case 'return':
if(!empty($_GET['transaction_id']) && ctype_alnum($_GET['transaction_id']))
{
$query = "SELECT paid FROM payments WHERE payment_id = '".$payment_id."' AND transaction_id = '".mysql_real_escape_string($_GET['transaction_id'])."' AND paid = 1";
$result = mysql_query($query);
if($result && mysql_num_rows($result) == 1)
{
echo '<p>Gelukt! De betaling is succesvol ontvangen!</p>';
}else{
echo '<p>Sorry, de betaling is niet succesvol ontvangen!</p>';
}
}else{
echo '<p>Sorry, er word een transaction_id verwacht en deze dient alphanumeriek te zijn!</p>';
}
break;
default:
echo 'Sorry, deze actie word niet herkend!';
break;
}
}else{
echo '<p>Sorry, er word een actie verwacht!</p>';
}
}else{
echo '<p>Sorry, dit payment_id bestaat niet!</p>';
}
}else{
//echo '<p>Sorry, er word een payment_id verwacht en deze dient alphanumeriek te zijn!</p>';
$code = md5(rand(000000,999999).microtime());
$query = "INSERT INTO payments (payment_id, amount, description, ipadress) VALUES ('".$code."', ".rand(1000,2500).", 'Dit is een omschrijving!', '".$_SERVER['REMOTE_ADDR']."')";
$result = mysql_query($query);
if($result && mysql_affected_rows() == 1)
{
header('Location: '.$url.'?action=start&payment_id='.$code.'');
}
}
}else{
echo '<p>Sorry, er kon geen verbinding gemaakt worden met de database!</p>';
}
}else{
echo '<p>Sorry, er kon geen verbinding gemaakt worden met de databaseserver!</p>';
}
curl_close($ch);
?>
$url = 'http://www.website.nl/iDEAL.php';
$partnerID = 12345; //Of gebruik mijn partnerID 15115 ;)
$testmode = true;
$server = '';
$username = '';
$password = '';
$database = '';
$ipadresses = array ('82.94.203.80', '82.94.203.81', '82.94.203.82', '82.94.203.83', '82.94.203.84', '82.94.203.85', '82.94.203.86');
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
if(mysql_connect($server, $username, $password))
{
if(mysql_select_db($database))
{
if(!empty($_GET['payment_id']) && ctype_alnum($_GET['payment_id']))
{
$payment_id = mysql_real_escape_string($_GET['payment_id']);
$query = "SELECT transaction_id, amount, description, paid FROM payments WHERE payment_id = '".$payment_id."'";
$result = mysql_query($query);
if($result && mysql_num_rows($result) == 1)
{
$transaction = mysql_fetch_assoc($result);
if(!empty($_GET['action']))
{
switch($_GET['action'])
{
case 'start':
if($transaction['paid'] == 0)
{
echo '<p>Er is een betaling aangemaakt voor <b>€ '.number_format($transaction['amount']/100, 2, ', ', '.').'</b> met als beschrijving <b>'.$transaction['description'].'</b>.</p>';
if($testmode)
{
curl_setopt($ch, CURLOPT_URL, "http://www.mollie.nl/xml/ideal?a=banklist&testmode=true");
}else{
curl_setopt($ch, CURLOPT_URL, "http://www.mollie.nl/xml/ideal?a=banklist");
}
$xml = new SimpleXMLElement(curl_exec($ch));
echo '<form method="post" action="?action=redirect&payment_id='.$payment_id.'">';
echo '<label for="bank_id">Uw bank:</label><br />';
echo '<select name="bank_id">';
foreach($xml->bank as $bank)
{
echo '<option value="'.$bank->bank_id.'">'.$bank->bank_name.'</option>';
}
echo '</select>';
echo '<input type="submit" name="verwerken" value="Verwerken"/>';
echo '</form>';
}else{
echo '<p>Sorry, deze transactie is reeds betaald!</p>';
}
break;
case 'redirect':
if($transaction['paid'] == 0)
{
if($_SERVER['REQUEST_METHOD'] == "POST")
{
if(!empty($_POST['bank_id']) && ctype_digit($_POST['bank_id']))
{
curl_setopt($ch, CURLOPT_URL, "http://www.mollie.nl/xml/ideal?a=fetch&partnerid=".$partnerID."&description=".urlencode($transaction['description'])."&reporturl=".urlencode($url.'?action=report&payment_id='.$payment_id)."&returnurl=".urlencode($url.'?action=return&payment_id='.$payment_id)."&amount=".$transaction['amount']."&bank_id=".$_POST['bank_id']."");
$xml = new SimpleXMLElement(curl_exec($ch));
if($xml->order->amount == $transaction['amount'])
{
$query = "UPDATE payments SET transaction_id = '".$xml->order->transaction_id."' WHERE payment_id = '".$payment_id."'";
$result = mysql_query($query);
if($result && mysql_affected_rows() == 1)
{
header('Location: '.$xml->order->URL);
}else{
echo '<p>Sorry, er is iets mis gegaan met het updaten van de database!</p>';
}
}else{
echo '<p>Sorry, er is iets mis gegaan met de aanvraag van deze betaling!</p>';
}
}else{
echo '<p>Sorry, er word een bank_id verwacht en deze dient numeriek te zijn!</p>';
}
}
}else{
echo '<p>Sorry, deze transactie is reeds betaald!</p>';
}
break;
case 'report':
if(in_array($_SERVER['REMOTE_ADDR'], $ipadresses))
{
if(!empty($_GET['transaction_id']) && ctype_alnum($_GET['transaction_id']))
{
if($testmode)
{
curl_setopt($ch, CURLOPT_URL, "http://www.mollie.nl/xml/ideal?a=check&partnerid=".$partnerID."&transaction_id=".$_GET['transaction_id']."&testmode=true");
}else{
curl_setopt($ch, CURLOPT_URL, "http://www.mollie.nl/xml/ideal?a=check&partnerid=".$partnerID."&transaction_id=".$_GET['transaction_id']."");
}
$xml = new SimpleXMLElement(curl_exec($ch));
if((string) $xml->order->payed == 'true')
{
$query = "UPDATE payments SET paid = 1 WHERE payment_id = '".$payment_id."' AND transaction_id = '".mysql_real_escape_string($_GET['transaction_id'])."'";
$result = mysql_query($query);
}
}
}
break;
case 'return':
if(!empty($_GET['transaction_id']) && ctype_alnum($_GET['transaction_id']))
{
$query = "SELECT paid FROM payments WHERE payment_id = '".$payment_id."' AND transaction_id = '".mysql_real_escape_string($_GET['transaction_id'])."' AND paid = 1";
$result = mysql_query($query);
if($result && mysql_num_rows($result) == 1)
{
echo '<p>Gelukt! De betaling is succesvol ontvangen!</p>';
}else{
echo '<p>Sorry, de betaling is niet succesvol ontvangen!</p>';
}
}else{
echo '<p>Sorry, er word een transaction_id verwacht en deze dient alphanumeriek te zijn!</p>';
}
break;
default:
echo 'Sorry, deze actie word niet herkend!';
break;
}
}else{
echo '<p>Sorry, er word een actie verwacht!</p>';
}
}else{
echo '<p>Sorry, dit payment_id bestaat niet!</p>';
}
}else{
//echo '<p>Sorry, er word een payment_id verwacht en deze dient alphanumeriek te zijn!</p>';
$code = md5(rand(000000,999999).microtime());
$query = "INSERT INTO payments (payment_id, amount, description, ipadress) VALUES ('".$code."', ".rand(1000,2500).", 'Dit is een omschrijving!', '".$_SERVER['REMOTE_ADDR']."')";
$result = mysql_query($query);
if($result && mysql_affected_rows() == 1)
{
header('Location: '.$url.'?action=start&payment_id='.$code.'');
}
}
}else{
echo '<p>Sorry, er kon geen verbinding gemaakt worden met de database!</p>';
}
}else{
echo '<p>Sorry, er kon geen verbinding gemaakt worden met de databaseserver!</p>';
}
curl_close($ch);
?>