Merge pull request #4 from appinlet/release/1.0.2

1.0.2

changelog.txt

@@ -1,6 +1,11 @@
-= 1.0.1 - March 01, 2020 =
-* Add Currency Options and Logging for development and testing.
-* Minor fixes and improvements.
+=====================================
+Date	  : Version: Description
+=====================================
 
-= 1.0.0 - December 21, 2019 =
-* Initial Release.
+2022-05-06: v1.0.2 : Add reCAPTCHA to help protect stop bots and other automated attacks.
+                     Remove use of session.
+
+2020-03-01: v1.0.1 : Add Currency Options and Logging for development and testing.
+                     Minor fixes and improvements.
+
+2019-12-21: v1.0.0 : Initial release.

public_html/classes/paygate.payweb3.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * Copyright (c) 2020 PayGate (Pty) Ltd
+ * Copyright (c) 2021 PayGate (Pty) Ltd
  *
  * Author: App Inlet (Pty) Ltd
  *

public_html/classes/paygate_currencies.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * Copyright (c) 2020 PayGate (Pty) Ltd
+ * Copyright (c) 2021 PayGate (Pty) Ltd
  *
  * Author: App Inlet (Pty) Ltd
  *

public_html/composer.json

@@ -1,4 +1,5 @@
 {
+    "name": "paygate/payweb-standalone",
     "require": {
         "monolog/monolog": "^2.0"
     }

public_html/includes/footer.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * Copyright (c) 2020 PayGate (Pty) Ltd
+ * Copyright (c) 2021 PayGate (Pty) Ltd
  *
  * Author: App Inlet (Pty) Ltd
  *

public_html/includes/header.php

@@ -1,14 +1,13 @@
 <?php
 /*
- * Copyright (c) 2020 PayGate (Pty) Ltd
+ * Copyright (c) 2021 PayGate (Pty) Ltd
  *
  * Author: App Inlet (Pty) Ltd
  *
  * Released under the GNU General Public License
  */
 
-// Sessions used here only because we can't get the PayGate ID, Transaction reference and secret key on the result page.
-session_name( 'paygate_payweb3_testing_sample' );
+// Sessions used here only for the sticky page
 session_start();
 require_once 'includes/_env.php';
 

public_html/index.php

@@ -1,10 +1,10 @@
 <?php
 /*
- * Copyright (c) 2019 PayGate (Pty) Ltd
+ * Copyright (c) 2021 PayGate (Pty) Ltd
  *
  * Author: App Inlet (Pty) Ltd
  * URI: https://github.com/PayGate/PayWeb_Standalone_Payment_Portal
- * Version: 1.0.0
+ * Version: 1.0.2
  *
  * Released under the GNU General Public License
  */
@@ -81,7 +81,7 @@
     $content = <<<'CONTENT'
 <?php
 /*
- * Copyright (c) 2019 PayGate (Pty) Ltd
+ * Copyright (c) 2021 PayGate (Pty) Ltd
  *
  * Author: App Inlet (Pty) Ltd
  *
@@ -194,6 +194,11 @@
     <input type="text" class="form-control" id="encryption_key" name="encryption_key" aria-describedby="encryption_key" placeholder="Enter your encryption key" required>
     <small id="encryption_keyHelp" class="form-text text-muted">This is your encryption key, e.g. secret.</small>
   </div>
+  
+  <div class="form-group">
+    <label for="recaptcha_key">Recaptcha Key</label>
+    <input type="text" class="form-control" id="recaptcha_key" name="recaptcha_key" aria-describedby="recaptcha_key" placeholder="Enter your recaptcha_key" required>
+  </div>
   <div class="form-group">
     <label for="expiry_date">Expiry Date</label>
     <input type="date" class="form-control" id="expiry_date" name="expiry_date" aria-describedby="expiry_date" placeholder="Enter your site's expiry date" value="2050-12-31"required>
@@ -371,6 +376,12 @@ function prepare_final_install_page()
     }
 }
 echo <<<EOT
+                <script src="https://www.google.com/recaptcha/api.js"></script>
+                 <script>
+                   function onSubmit(token) {
+                     document.getElementById("payweb-standalone-form").submit();
+                   }
+                 </script>
                 <h2>Create Transaction</h2>
                     <form action="redirect" method="post" name="paygate_initiate_form">
                         <div class="form-group">
@@ -398,7 +409,8 @@ function prepare_final_install_page()
                         <input type="hidden" name="TRANSACTION_DATE" id="TRANSACTION_DATE" value="\$today_formatted"/>
                         <input type="hidden" name="LOCALE" id="LOCALE" value="en-za" hidden/>
                         <input type="hidden" name="COUNTRY" id="COUNTRY" value="ZAF" hidden/>
-                        <input type="submit" name="btnSubmit" class="btn btn-success btn-block" id="check-sum" value="Pay Now"/>
+                        <input type="submit" name="btnSubmit" class="btn btn-success btn-block g-recaptcha" data-sitekey="$recaptcha_key" 
+        data-callback='onSubmit' data-action='submit' id="check-sum" value="Pay Now"/>
                         <input type="hidden" name="submitted" value="TRUE"/>
 
                     </form>

public_html/redirect.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * Copyright (c) 2020 PayGate (Pty) Ltd
+ * Copyright (c) 2021 PayGate (Pty) Ltd
  *
  * Author: App Inlet (Pty) Ltd
  *
@@ -13,12 +13,13 @@
 require_once 'classes/paygate.payweb3.php';
 
 // Prepare PayGate PayWeb Data.
+$reference = filter_var( $_POST['REFERENCE'], FILTER_SANITIZE_STRING );
 $data = array(
     'PAYGATE_ID'       => $paygate_id,
-    'REFERENCE'        => filter_var( $_POST['REFERENCE'], FILTER_SANITIZE_STRING ),
+    'REFERENCE'        => $reference,
     'AMOUNT'           => filter_var( $_POST['AMOUNT'] * 100, FILTER_SANITIZE_NUMBER_INT ),
     'CURRENCY'         => filter_var( $_POST['CURRENCY'], FILTER_SANITIZE_STRING ),
-    'RETURN_URL'       => filter_var( $_POST['RETURN_URL'], FILTER_SANITIZE_URL ),
+    'RETURN_URL'       => filter_var( $_POST['RETURN_URL'], FILTER_SANITIZE_URL ) . '?reference=' . $reference,
     'TRANSACTION_DATE' => filter_var( $_POST['TRANSACTION_DATE'], FILTER_SANITIZE_STRING ),
     'LOCALE'           => filter_var( $_POST['LOCALE'], FILTER_SANITIZE_STRING ),
     'COUNTRY'          => filter_var( $_POST['COUNTRY'], FILTER_SANITIZE_STRING ),

public_html/result.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * Copyright (c) 2020 PayGate (Pty) Ltd
+ * Copyright (c) 2021 PayGate (Pty) Ltd
  *
  * Author: App Inlet (Pty) Ltd
  *
@@ -15,12 +15,14 @@
 // Get current time.
 $time = $_SERVER['REQUEST_TIME'];
 
+$reference = filter_var($_GET['reference'], FILTER_SANITIZE_STRING);
+
 // Insert the returned data as well as the merchant specific data PAYGATE_ID and REFERENCE in array.
 $data = array(
     'PAYGATE_ID'         => $paygate_id,
     'PAY_REQUEST_ID'     => isset( $_POST['PAY_REQUEST_ID'] ) ? $_POST['PAY_REQUEST_ID'] : '',
     'TRANSACTION_STATUS' => isset( $_POST['TRANSACTION_STATUS'] ) ? $_POST['TRANSACTION_STATUS'] : '',
-    'REFERENCE'          => isset( $_SESSION['reference'] ) ? $_SESSION['reference'] : '',
+    'REFERENCE'          => isset( $reference ) ? $reference : '',
     'CHECKSUM'           => isset( $_POST['CHECKSUM'] ) ? $_POST['CHECKSUM'] : '',
 );
 

public_html/terms.php

@@ -1,6 +1,6 @@
 <?php
 /*
- * Copyright (c) 2020 PayGate (Pty) Ltd
+ * Copyright (c) 2021 PayGate (Pty) Ltd
  *
  * Author: App Inlet (Pty) Ltd
  *

public_html/vendor/autoload.php

@@ -4,4 +4,4 @@
 
 require_once __DIR__ . '/composer/autoload_real.php';
 
-return ComposerAutoloaderInita7cf7068d21e2ad6dfa360e68a1e6560::getLoader();
+return ComposerAutoloaderInitf4f9ceee581bf9a60933ba548c368355::getLoader();

public_html/vendor/composer/autoload_real.php

@@ -2,7 +2,7 @@
 
 // autoload_real.php @generated by Composer
 
-class ComposerAutoloaderInita7cf7068d21e2ad6dfa360e68a1e6560
+class ComposerAutoloaderInitf4f9ceee581bf9a60933ba548c368355
 {
     private static $loader;
 
@@ -19,15 +19,15 @@ public static function getLoader()
             return self::$loader;
         }
 
-        spl_autoload_register(array('ComposerAutoloaderInita7cf7068d21e2ad6dfa360e68a1e6560', 'loadClassLoader'), true, true);
+        spl_autoload_register(array('ComposerAutoloaderInitf4f9ceee581bf9a60933ba548c368355', 'loadClassLoader'), true, true);
         self::$loader = $loader = new \Composer\Autoload\ClassLoader();
-        spl_autoload_unregister(array('ComposerAutoloaderInita7cf7068d21e2ad6dfa360e68a1e6560', 'loadClassLoader'));
+        spl_autoload_unregister(array('ComposerAutoloaderInitf4f9ceee581bf9a60933ba548c368355', 'loadClassLoader'));
 
         $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
         if ($useStaticLoader) {
             require_once __DIR__ . '/autoload_static.php';
 
-            call_user_func(\Composer\Autoload\ComposerStaticInita7cf7068d21e2ad6dfa360e68a1e6560::getInitializer($loader));
+            call_user_func(\Composer\Autoload\ComposerStaticInitf4f9ceee581bf9a60933ba548c368355::getInitializer($loader));
         } else {
             $map = require __DIR__ . '/autoload_namespaces.php';
             foreach ($map as $namespace => $path) {

public_html/vendor/composer/autoload_static.php

@@ -4,7 +4,7 @@
 
 namespace Composer\Autoload;
 
-class ComposerStaticInita7cf7068d21e2ad6dfa360e68a1e6560
+class ComposerStaticInitf4f9ceee581bf9a60933ba548c368355
 {
     public static $prefixLengthsPsr4 = array (
         'P' => 
@@ -31,8 +31,8 @@ class ComposerStaticInita7cf7068d21e2ad6dfa360e68a1e6560
     public static function getInitializer(ClassLoader $loader)
     {
         return \Closure::bind(function () use ($loader) {
-            $loader->prefixLengthsPsr4 = ComposerStaticInita7cf7068d21e2ad6dfa360e68a1e6560::$prefixLengthsPsr4;
-            $loader->prefixDirsPsr4 = ComposerStaticInita7cf7068d21e2ad6dfa360e68a1e6560::$prefixDirsPsr4;
+            $loader->prefixLengthsPsr4 = ComposerStaticInitf4f9ceee581bf9a60933ba548c368355::$prefixLengthsPsr4;
+            $loader->prefixDirsPsr4 = ComposerStaticInitf4f9ceee581bf9a60933ba548c368355::$prefixDirsPsr4;
 
         }, null, ClassLoader::class);
     }