+14

resources/sql/patches/20130323.phortunepayment.sql

reviewed

··· 1 1 + CREATE TABLE {$NAMESPACE}_phortune.phortune_paymentmethod ( 2 2 + id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY, 3 3 + phid VARCHAR(64) NOT NULL COLLATE utf8_bin, 4 4 + name VARCHAR(255) NOT NULL, 5 5 + status VARCHAR(64) NOT NULL COLLATE utf8_bin, 6 6 + accountPHID VARCHAR(64) NOT NULL COLLATE utf8_bin, 7 7 + authorPHID VARCHAR(64) NOT NULL COLLATE utf8_bin, 8 8 + expiresEpoch INT UNSIGNED, 9 9 + metadata LONGTEXT NOT NULL COLLATE utf8_bin, 10 10 + dateCreated INT UNSIGNED NOT NULL, 11 11 + dateModified INT UNSIGNED NOT NULL, 12 12 + UNIQUE KEY `key_phid` (phid), 13 13 + KEY `key_account` (accountPHID, status) 14 14 + ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

+7 -5

src/__phutil_library_map__.php

reviewed

··· 1359 1359 'PhabricatorStorageManagementUpgradeWorkflow' => 'infrastructure/storage/management/workflow/PhabricatorStorageManagementUpgradeWorkflow.php', 1360 1360 'PhabricatorStorageManagementWorkflow' => 'infrastructure/storage/management/workflow/PhabricatorStorageManagementWorkflow.php', 1361 1361 'PhabricatorStoragePatch' => 'infrastructure/storage/management/PhabricatorStoragePatch.php', 1362 1362 + 'PhabricatorStripeConfigOptions' => 'applications/phortune/option/PhabricatorStripeConfigOptions.php', 1362 1363 'PhabricatorSubscribableInterface' => 'applications/subscriptions/interface/PhabricatorSubscribableInterface.php', 1363 1364 'PhabricatorSubscribersQuery' => 'applications/subscriptions/query/PhabricatorSubscribersQuery.php', 1364 1365 'PhabricatorSubscriptionsEditController' => 'applications/subscriptions/controller/PhabricatorSubscriptionsEditController.php', ··· 1540 1541 'PhortuneLandingController' => 'applications/phortune/controller/PhortuneLandingController.php', 1541 1542 'PhortuneMonthYearExpiryControl' => 'applications/phortune/control/PhortuneMonthYearExpiryControl.php', 1542 1543 'PhortunePaymentMethod' => 'applications/phortune/storage/PhortunePaymentMethod.php', 1544 1544 + 'PhortunePaymentMethodEditController' => 'applications/phortune/controller/PhortunePaymentMethodEditController.php', 1543 1545 'PhortunePaymentMethodListController' => 'applications/phortune/controller/PhortunePaymentMethodListController.php', 1546 1546 + 'PhortunePaymentMethodQuery' => 'applications/phortune/query/PhortunePaymentMethodQuery.php', 1544 1547 'PhortunePaymentMethodViewController' => 'applications/phortune/controller/PhortunePaymentMethodViewController.php', 1545 1548 'PhortuneProduct' => 'applications/phortune/storage/PhortuneProduct.php', 1546 1549 'PhortunePurchase' => 'applications/phortune/storage/PhortunePurchase.php', 1547 1547 - 'PhortuneStripeBaseController' => 'applications/phortune/stripe/controller/PhortuneStripeBaseController.php', 1548 1548 - 'PhortuneStripePaymentFormView' => 'applications/phortune/stripe/view/PhortuneStripePaymentFormView.php', 1549 1549 - 'PhortuneStripeTestPaymentFormController' => 'applications/phortune/stripe/controller/PhortuneStripeTestPaymentFormController.php', 1550 1550 + 'PhortuneStripePaymentFormView' => 'applications/phortune/view/PhortuneStripePaymentFormView.php', 1550 1551 'PhrictionActionConstants' => 'applications/phriction/constants/PhrictionActionConstants.php', 1551 1552 'PhrictionChangeType' => 'applications/phriction/constants/PhrictionChangeType.php', 1552 1553 'PhrictionConstants' => 'applications/phriction/constants/PhrictionConstants.php', ··· 2977 2978 'PhabricatorStorageManagementStatusWorkflow' => 'PhabricatorStorageManagementWorkflow', 2978 2979 'PhabricatorStorageManagementUpgradeWorkflow' => 'PhabricatorStorageManagementWorkflow', 2979 2980 'PhabricatorStorageManagementWorkflow' => 'PhutilArgumentWorkflow', 2981 2981 + 'PhabricatorStripeConfigOptions' => 'PhabricatorApplicationConfigOptions', 2980 2982 'PhabricatorSubscribersQuery' => 'PhabricatorQuery', 2981 2983 'PhabricatorSubscriptionsEditController' => 'PhabricatorController', 2982 2984 'PhabricatorSubscriptionsEditor' => 'PhabricatorEditor', ··· 3194 3196 0 => 'PhortuneDAO', 3195 3197 1 => 'PhabricatorPolicyInterface', 3196 3198 ), 3199 3199 + 'PhortunePaymentMethodEditController' => 'PhortuneController', 3197 3200 'PhortunePaymentMethodListController' => 'PhabricatorController', 3201 3201 + 'PhortunePaymentMethodQuery' => 'PhabricatorCursorPagedPolicyAwareQuery', 3198 3202 'PhortunePaymentMethodViewController' => 'PhabricatorController', 3199 3203 'PhortuneProduct' => 'PhortuneDAO', 3200 3204 'PhortunePurchase' => 'PhortuneDAO', 3201 3201 - 'PhortuneStripeBaseController' => 'PhabricatorController', 3202 3205 'PhortuneStripePaymentFormView' => 'AphrontView', 3203 3203 - 'PhortuneStripeTestPaymentFormController' => 'PhortuneStripeBaseController', 3204 3206 'PhrictionActionConstants' => 'PhrictionConstants', 3205 3207 'PhrictionChangeType' => 'PhrictionConstants', 3206 3208 'PhrictionContent' =>

+3 -6

src/applications/phortune/application/PhabricatorApplicationPhortune.php

reviewed

··· 32 32 '' => 'PhortuneLandingController', 33 33 '(?P<accountID>\d+)/' => array( 34 34 '' => 'PhortuneAccountViewController', 35 35 + 'paymentmethod/' => array( 36 36 + 'edit/' => 'PhortunePaymentMethodEditController', 37 37 + ), 35 38 ), 36 36 - 37 39 'account/' => array( 38 40 '' => 'PhortuneAccountListController', 39 41 'edit/(?:(?P<id>\d+)/)?' => 'PhortuneAccountEditController', 40 40 - ), 41 41 - 'paymentmethod/' => array( 42 42 - '' => 'PhortunePaymentMethodListController', 43 43 - 'view/(?P<id>\d+)/' => 'PhortunePaymentMethodViewController', 44 44 - 'edit/(?:(?P<id>\d+)/)?' => 'PhortunePaymentMethodEditController', 45 42 ), 46 43 'stripe/' => array( 47 44 'testpaymentform/' => 'PhortuneStripeTestPaymentFormController',

+34

src/applications/phortune/controller/PhortuneAccountViewController.php

reviewed

··· 95 95 ->setNoDataString( 96 96 pht('No payment methods associated with this account.')); 97 97 98 98 + $methods = id(new PhortunePaymentMethodQuery()) 99 99 + ->setViewer($user) 100 100 + ->withAccountPHIDs(array($account->getPHID())) 101 101 + ->withStatus(PhortunePaymentMethodQuery::STATUS_OPEN) 102 102 + ->execute(); 103 103 + 104 104 + if ($methods) { 105 105 + $this->loadHandles(mpull($methods, 'getAuthorPHID')); 106 106 + } 107 107 + 108 108 + foreach ($methods as $method) { 109 109 + $item = new PhabricatorObjectItemView(); 110 110 + $item->setHeader($method->getName()); 111 111 + 112 112 + switch ($method->getStatus()) { 113 113 + case PhortunePaymentMethod::STATUS_ACTIVE: 114 114 + $item->addAttribute(pht('Active')); 115 115 + $item->setBarColor('green'); 116 116 + break; 117 117 + } 118 118 + 119 119 + $item->addAttribute( 120 120 + pht( 121 121 + 'Added %s by %s', 122 122 + phabricator_datetime($method->getDateCreated(), $user), 123 123 + $this->getHandle($method->getAuthorPHID())->renderLink())); 124 124 + 125 125 + if ($method->getExpiresEpoch() < time() + (60 * 60 * 24 * 30)) { 126 126 + $item->addAttribute(pht('Expires Soon!')); 127 127 + } 128 128 + 129 129 + $list->addItem($item); 130 130 + } 131 131 + 98 132 return array( 99 133 $header, 100 134 $actions,

+298

src/applications/phortune/controller/PhortunePaymentMethodEditController.php

reviewed

··· 1 1 + <?php 2 2 + 3 3 + final class PhortunePaymentMethodEditController 4 4 + extends PhortuneController { 5 5 + 6 6 + private $accountID; 7 7 + 8 8 + public function willProcessRequest(array $data) { 9 9 + $this->accountID = $data['accountID']; 10 10 + } 11 11 + 12 12 + /** 13 13 + * @phutil-external-symbol class Stripe_Token 14 14 + * @phutil-external-symbol class Stripe_Customer 15 15 + */ 16 16 + public function processRequest() { 17 17 + $request = $this->getRequest(); 18 18 + $user = $request->getUser(); 19 19 + 20 20 + $stripe_publishable_key = PhabricatorEnv::getEnvConfig( 21 21 + 'stripe.publishable-key'); 22 22 + if (!$stripe_publishable_key) { 23 23 + throw new Exception( 24 24 + "Stripe publishable API key (`stripe.publishable-key`) is ". 25 25 + "not configured."); 26 26 + } 27 27 + 28 28 + $stripe_secret_key = PhabricatorEnv::getEnvConfig('stripe.secret-key'); 29 29 + if (!$stripe_secret_key) { 30 30 + throw new Exception( 31 31 + "Stripe secret API kye (`stripe.secret-key`) is not configured."); 32 32 + } 33 33 + 34 34 + $account = id(new PhortuneAccountQuery()) 35 35 + ->setViewer($user) 36 36 + ->withIDs(array($this->accountID)) 37 37 + ->executeOne(); 38 38 + if (!$account) { 39 39 + return new Aphront404Response(); 40 40 + } 41 41 + 42 42 + $account_uri = $this->getApplicationURI($account->getID().'/'); 43 43 + 44 44 + $e_card_number = true; 45 45 + $e_card_cvc = true; 46 46 + $e_card_exp = true; 47 47 + 48 48 + $errors = array(); 49 49 + if ($request->isFormPost()) { 50 50 + $card_errors = $request->getStr('cardErrors'); 51 51 + $stripe_token = $request->getStr('stripeToken'); 52 52 + if ($card_errors) { 53 53 + $raw_errors = json_decode($card_errors); 54 54 + list($e_card_number, 55 55 + $e_card_cvc, 56 56 + $e_card_exp, 57 57 + $messages) = $this->parseRawErrors($raw_errors); 58 58 + $errors = array_merge($errors, $messages); 59 59 + } else if (!$stripe_token) { 60 60 + $errors[] = pht('There was an unknown error processing your card.'); 61 61 + } 62 62 + 63 63 + if (!$errors) { 64 64 + $root = dirname(phutil_get_library_root('phabricator')); 65 65 + require_once $root.'/externals/stripe-php/lib/Stripe.php'; 66 66 + 67 67 + try { 68 68 + // First, make sure the token is valid. 69 69 + $info = id(new Stripe_Token()) 70 70 + ->retrieve($stripe_token, $stripe_secret_key); 71 71 + 72 72 + // Then, we need to create a Customer in order to be able to charge 73 73 + // the card more than once. We create one Customer for each card; 74 74 + // they do not map to PhortuneAccounts because we allow an account to 75 75 + // have more than one active card. 76 76 + $customer = Stripe_Customer::create( 77 77 + array( 78 78 + 'card' => $stripe_token, 79 79 + 'description' => $account->getPHID().':'.$user->getUserName(), 80 80 + ), $stripe_secret_key); 81 81 + 82 82 + $card = $info->card; 83 83 + } catch (Exception $ex) { 84 84 + phlog($ex); 85 85 + $errors[] = pht( 86 86 + 'There was an error communicating with the payments backend.'); 87 87 + } 88 88 + 89 89 + if (!$errors) { 90 90 + $payment_method = id(new PhortunePaymentMethod()) 91 91 + ->setAccountPHID($account->getPHID()) 92 92 + ->setAuthorPHID($user->getPHID()) 93 93 + ->setName($card->type.' / '.$card->last4) 94 94 + ->setStatus(PhortunePaymentMethod::STATUS_ACTIVE) 95 95 + ->setExpiresEpoch(strtotime($card->exp_year.'-'.$card->exp_month)) 96 96 + ->setMetadata( 97 97 + array( 98 98 + 'type' => 'stripe.customer', 99 99 + 'stripeCustomerID' => $customer->id, 100 100 + 'stripeTokenID' => $stripe_token, 101 101 + )) 102 102 + ->save(); 103 103 + 104 104 + $save_uri = new PhutilURI($account_uri); 105 105 + $save_uri->setFragment('payment'); 106 106 + 107 107 + return id(new AphrontRedirectResponse())->setURI($save_uri); 108 108 + } 109 109 + } 110 110 + 111 111 + $dialog = id(new AphrontDialogView()) 112 112 + ->setUser($user) 113 113 + ->setTitle(pht('Error Adding Card')) 114 114 + ->appendChild(id(new AphrontErrorView())->setErrors($errors)) 115 115 + ->addCancelButton($request->getRequestURI()); 116 116 + 117 117 + return id(new AphrontDialogResponse())->setDialog($dialog); 118 118 + } 119 119 + 120 120 + if ($errors) { 121 121 + $errors = id(new AphrontErrorView()) 122 122 + ->setErrors($errors); 123 123 + } 124 124 + 125 125 + $header = id(new PhabricatorHeaderView()) 126 126 + ->setHeader(pht('Add New Payment Method')); 127 127 + 128 128 + $form_id = celerity_generate_unique_node_id(); 129 129 + require_celerity_resource('stripe-payment-form-css'); 130 130 + require_celerity_resource('aphront-tooltip-css'); 131 131 + Javelin::initBehavior('phabricator-tooltips'); 132 132 + 133 133 + $form = id(new AphrontFormView()) 134 134 + ->setID($form_id) 135 135 + ->setUser($user) 136 136 + ->setWorkflow(true) 137 137 + ->setAction($request->getRequestURI()) 138 138 + ->appendChild( 139 139 + id(new AphrontFormMarkupControl()) 140 140 + ->setLabel('') 141 141 + ->setValue( 142 142 + javelin_tag( 143 143 + 'div', 144 144 + array( 145 145 + 'class' => 'credit-card-logos', 146 146 + 'sigil' => 'has-tooltip', 147 147 + 'meta' => array( 148 148 + 'tip' => 'We support Visa, Mastercard, American Express, '. 149 149 + 'Discover, JCB, and Diners Club.', 150 150 + 'size' => 440, 151 151 + ) 152 152 + )))) 153 153 + ->appendChild( 154 154 + id(new AphrontFormTextControl()) 155 155 + ->setLabel('Card Number') 156 156 + ->setDisableAutocomplete(true) 157 157 + ->setSigil('number-input') 158 158 + ->setError($e_card_number)) 159 159 + ->appendChild( 160 160 + id(new AphrontFormTextControl()) 161 161 + ->setLabel('CVC') 162 162 + ->setDisableAutocomplete(true) 163 163 + ->setSigil('cvc-input') 164 164 + ->setError($e_card_cvc)) 165 165 + ->appendChild( 166 166 + id(new PhortuneMonthYearExpiryControl()) 167 167 + ->setLabel('Expiration') 168 168 + ->setUser($user) 169 169 + ->setError($e_card_exp)) 170 170 + ->appendChild( 171 171 + javelin_tag( 172 172 + 'input', 173 173 + array( 174 174 + 'hidden' => true, 175 175 + 'name' => 'stripeToken', 176 176 + 'sigil' => 'stripe-token-input', 177 177 + ))) 178 178 + ->appendChild( 179 179 + javelin_tag( 180 180 + 'input', 181 181 + array( 182 182 + 'hidden' => true, 183 183 + 'name' => 'cardErrors', 184 184 + 'sigil' => 'card-errors-input' 185 185 + ))) 186 186 + ->appendChild( 187 187 + phutil_tag( 188 188 + 'input', 189 189 + array( 190 190 + 'hidden' => true, 191 191 + 'name' => 'stripeKey', 192 192 + 'value' => $stripe_publishable_key, 193 193 + ))) 194 194 + ->appendChild( 195 195 + id(new AphrontFormSubmitControl()) 196 196 + ->setValue('Add Payment Method') 197 197 + ->addCancelButton($account_uri)); 198 198 + 199 199 + Javelin::initBehavior( 200 200 + 'stripe-payment-form', 201 201 + array( 202 202 + 'stripePublishKey' => $stripe_publishable_key, 203 203 + 'root' => $form_id, 204 204 + )); 205 205 + 206 206 + $title = pht('Add Payment Method'); 207 207 + 208 208 + $crumbs = $this->buildApplicationCrumbs(); 209 209 + $crumbs->addCrumb( 210 210 + id(new PhabricatorCrumbView()) 211 211 + ->setName(pht('Account')) 212 212 + ->setHref($account_uri)); 213 213 + $crumbs->addCrumb( 214 214 + id(new PhabricatorCrumbView()) 215 215 + ->setName(pht('Payment Methods')) 216 216 + ->setHref($request->getRequestURI())); 217 217 + 218 218 + return 219 219 + $this->buildStandardPageResponse( 220 220 + array( 221 221 + $crumbs, 222 222 + $header, 223 223 + $errors, 224 224 + $form, 225 225 + ), 226 226 + array( 227 227 + 'title' => $title, 228 228 + 'device' => true, 229 229 + 'dust' => true, 230 230 + )); 231 231 + } 232 232 + 233 233 + /** 234 234 + * Stripe JS and calls to Stripe handle all errors with processing this 235 235 + * form. This function takes the raw errors - in the form of an array 236 236 + * where each elementt is $type => $message - and figures out what if 237 237 + * any fields were invalid and pulls the messages into a flat object. 238 238 + * 239 239 + * See https://stripe.com/docs/api#errors for more information on possible 240 240 + * errors. 241 241 + */ 242 242 + private function parseRawErrors($errors) { 243 243 + $card_number_error = null; 244 244 + $card_cvc_error = null; 245 245 + $card_expiration_error = null; 246 246 + $messages = array(); 247 247 + foreach ($errors as $index => $error) { 248 248 + $type = key($error); 249 249 + $msg = reset($error); 250 250 + $messages[] = $msg; 251 251 + switch ($type) { 252 252 + case 'number': 253 253 + case 'invalid_number': 254 254 + case 'incorrect_number': 255 255 + $card_number_error = pht('Invalid'); 256 256 + break; 257 257 + case 'cvc': 258 258 + case 'invalid_cvc': 259 259 + case 'incorrect_cvc': 260 260 + $card_cvc_error = pht('Invalid'); 261 261 + break; 262 262 + case 'expiry': 263 263 + case 'invalid_expiry_month': 264 264 + case 'invalid_expiry_year': 265 265 + $card_expiration_error = pht('Invalid'); 266 266 + break; 267 267 + case 'card_declined': 268 268 + case 'expired_card': 269 269 + case 'duplicate_transaction': 270 270 + case 'processing_error': 271 271 + // these errors don't map well to field(s) being bad 272 272 + break; 273 273 + case 'invalid_amount': 274 274 + case 'missing': 275 275 + default: 276 276 + // these errors only happen if we (not the user) messed up so log it 277 277 + $error = sprintf( 278 278 + 'error_type: %s error_message: %s', 279 279 + $type, 280 280 + $msg); 281 281 + $this->logStripeError($error); 282 282 + break; 283 283 + } 284 284 + } 285 285 + 286 286 + return array( 287 287 + $card_number_error, 288 288 + $card_cvc_error, 289 289 + $card_expiration_error, 290 290 + $messages 291 291 + ); 292 292 + } 293 293 + 294 294 + private function logStripeError($message) { 295 295 + phlog('STRIPE-ERROR '.$message); 296 296 + } 297 297 + 298 298 + }

+25

src/applications/phortune/option/PhabricatorStripeConfigOptions.php

reviewed

··· 1 1 + <?php 2 2 + 3 3 + final class PhabricatorStripeConfigOptions 4 4 + extends PhabricatorApplicationConfigOptions { 5 5 + 6 6 + public function getName() { 7 7 + return pht("Integration with Stripe"); 8 8 + } 9 9 + 10 10 + public function getDescription() { 11 11 + return pht("Configure Stripe payments."); 12 12 + } 13 13 + 14 14 + public function getOptions() { 15 15 + return array( 16 16 + $this->newOption('stripe.publishable-key', 'string', null) 17 17 + ->setDescription( 18 18 + pht('Stripe publishable key.')), 19 19 + $this->newOption('stripe.secret-key', 'string', null) 20 20 + ->setDescription( 21 21 + pht('Stripe secret key.')), 22 22 + ); 23 23 + } 24 24 + 25 25 + }

+117

src/applications/phortune/query/PhortunePaymentMethodQuery.php

reviewed

··· 1 1 + <?php 2 2 + 3 3 + final class PhortunePaymentMethodQuery 4 4 + extends PhabricatorCursorPagedPolicyAwareQuery { 5 5 + 6 6 + private $ids; 7 7 + private $phids; 8 8 + private $accountPHIDs; 9 9 + 10 10 + const STATUS_ANY = 'status-any'; 11 11 + const STATUS_OPEN = 'status-open'; 12 12 + private $status = self::STATUS_ANY; 13 13 + 14 14 + public function withIDs(array $ids) { 15 15 + $this->ids = $ids; 16 16 + return $this; 17 17 + } 18 18 + 19 19 + public function withPHIDs(array $phids) { 20 20 + $this->phids = $phids; 21 21 + return $this; 22 22 + } 23 23 + 24 24 + public function withAccountPHIDs(array $phids) { 25 25 + $this->accountPHIDs = $phids; 26 26 + return $this; 27 27 + } 28 28 + 29 29 + public function withStatus($status) { 30 30 + $this->status = $status; 31 31 + return $this; 32 32 + } 33 33 + 34 34 + protected function loadPage() { 35 35 + $table = new PhortunePaymentMethod(); 36 36 + $conn = $table->establishConnection('r'); 37 37 + 38 38 + $rows = queryfx_all( 39 39 + $conn, 40 40 + 'SELECT * FROM %T %Q %Q %Q', 41 41 + $table->getTableName(), 42 42 + $this->buildWhereClause($conn), 43 43 + $this->buildOrderClause($conn), 44 44 + $this->buildLimitClause($conn)); 45 45 + 46 46 + return $table->loadAllFromArray($rows); 47 47 + } 48 48 + 49 49 + protected function willFilterPage(array $methods) { 50 50 + if (!$methods) { 51 51 + return array(); 52 52 + } 53 53 + 54 54 + $accounts = id(new PhortuneAccountQuery()) 55 55 + ->setViewer($this->getViewer()) 56 56 + ->withPHIDs(mpull($methods, 'getAccountPHID')) 57 57 + ->execute(); 58 58 + $accounts = mpull($accounts, null, 'getPHID'); 59 59 + 60 60 + foreach ($methods as $key => $method) { 61 61 + $account = idx($accounts, $method->getAccountPHID()); 62 62 + if (!$account) { 63 63 + unset($methods[$key]); 64 64 + continue; 65 65 + } 66 66 + $method->attachAccount($account); 67 67 + } 68 68 + 69 69 + return $methods; 70 70 + } 71 71 + 72 72 + private function buildWhereClause(AphrontDatabaseConnection $conn) { 73 73 + $where = array(); 74 74 + 75 75 + if ($this->ids) { 76 76 + $where[] = qsprintf( 77 77 + $conn, 78 78 + 'id IN (%Ld)', 79 79 + $this->ids); 80 80 + } 81 81 + 82 82 + if ($this->phids) { 83 83 + $where[] = qsprintf( 84 84 + $conn, 85 85 + 'phid IN (%Ls)', 86 86 + $this->phids); 87 87 + } 88 88 + 89 89 + if ($this->accountPHIDs) { 90 90 + $where[] = qsprintf( 91 91 + $conn, 92 92 + 'accountPHID IN (%Ls)', 93 93 + $this->accountPHIDs); 94 94 + } 95 95 + 96 96 + switch ($this->status) { 97 97 + case self::STATUS_ANY; 98 98 + break; 99 99 + case self::STATUS_OPEN: 100 100 + $where[] = qsprintf( 101 101 + $conn, 102 102 + 'status in (%Ls)', 103 103 + array( 104 104 + PhortunePaymentMethod::STATUS_ACTIVE, 105 105 + PhortunePaymentMethod::STATUS_FAILED, 106 106 + )); 107 107 + break; 108 108 + default: 109 109 + throw new Exception("Unknown status '{$this->status}'!"); 110 110 + } 111 111 + 112 112 + $where[] = $this->buildPagingClause($conn); 113 113 + 114 114 + return $this->formatWhereClause($where); 115 115 + } 116 116 + 117 117 + }

+6

src/applications/phortune/storage/PhortunePaymentMethod.php

reviewed

··· 7 7 final class PhortunePaymentMethod extends PhortuneDAO 8 8 implements PhabricatorPolicyInterface { 9 9 10 10 + const STATUS_ACTIVE = 'payment:active'; 11 11 + const STATUS_FAILED = 'payment:failed'; 12 12 + const STATUS_REMOVED = 'payment:removed'; 13 13 + 10 14 protected $name; 15 15 + protected $status; 11 16 protected $accountPHID; 12 17 protected $authorPHID; 18 18 + protected $expiresEpoch; 13 19 protected $metadata; 14 20 15 21 private $account;

-17

src/applications/phortune/stripe/controller/PhortuneStripeBaseController.php

reviewed

··· 1 1 - <?php 2 2 - 3 3 - abstract class PhortuneStripeBaseController extends PhabricatorController { 4 4 - 5 5 - public function buildStandardPageResponse($view, array $data) { 6 6 - $page = $this->buildStandardPageView(); 7 7 - 8 8 - $page->setApplicationName('Phortune - Stripe'); 9 9 - $page->setBaseURI('/phortune/stripe/'); 10 10 - $page->setTitle(idx($data, 'title')); 11 11 - $page->appendChild($view); 12 12 - 13 13 - $response = new AphrontWebpageResponse(); 14 14 - return $response->setContent($page->render()); 15 15 - } 16 16 - 17 17 - }

-146

src/applications/phortune/stripe/controller/PhortuneStripeTestPaymentFormController.php

reviewed

··· 1 1 - <?php 2 2 - 3 3 - final class PhortuneStripeTestPaymentFormController 4 4 - extends PhortuneStripeBaseController { 5 5 - public function processRequest() { 6 6 - $request = $this->getRequest(); 7 7 - $user = $request->getUser(); 8 8 - $title = 'Test Payment Form'; 9 9 - $error_view = null; 10 10 - $card_number_error = null; 11 11 - $card_cvc_error = null; 12 12 - $card_expiration_error = null; 13 13 - $stripe_key = $request->getStr('stripeKey'); 14 14 - if (!$stripe_key) { 15 15 - $error_view = id(new AphrontErrorView()) 16 16 - ->setTitle('Missing stripeKey parameter in URI'); 17 17 - } 18 18 - 19 19 - if (!$error_view && $request->isFormPost()) { 20 20 - $card_errors = $request->getStr('cardErrors'); 21 21 - $stripe_token = $request->getStr('stripeToken'); 22 22 - if ($card_errors) { 23 23 - $raw_errors = json_decode($card_errors); 24 24 - list($card_number_error, 25 25 - $card_cvc_error, 26 26 - $card_expiration_error, 27 27 - $messages) = $this->parseRawErrors($raw_errors); 28 28 - $error_view = id(new AphrontErrorView()) 29 29 - ->setTitle('There were errors processing your card.') 30 30 - ->setErrors($messages); 31 31 - } else if (!$stripe_token) { 32 32 - // this shouldn't happen, so show the user a very generic error 33 33 - // message and log that this error occurred...! 34 34 - $error_view = id(new AphrontErrorView()) 35 35 - ->setTitle('There was an unknown error processing your card.') 36 36 - ->setErrors(array('Please try again.')); 37 37 - $error = 'payment form submitted but no stripe token and no errors'; 38 38 - $this->logStripeError($error); 39 39 - } else { 40 40 - // success -- do something with $stripe_token!! 41 41 - } 42 42 - } else if (!$error_view) { 43 43 - $error_view = id(new AphrontErrorView()) 44 44 - ->setSeverity(AphrontErrorView::SEVERITY_NOTICE) 45 45 - ->setTitle( 46 46 - 'If you are using a test stripe key, use 4242424242424242, '. 47 47 - 'any three digits for CVC, and any valid expiration date to '. 48 48 - 'test!'); 49 49 - } 50 50 - 51 51 - $view = id(new AphrontPanelView()) 52 52 - ->setWidth(AphrontPanelView::WIDTH_FORM) 53 53 - ->setHeader($title); 54 54 - 55 55 - $form = id(new PhortuneStripePaymentFormView()) 56 56 - ->setUser($user) 57 57 - ->setStripeKey($stripe_key) 58 58 - ->setCardNumberError($card_number_error) 59 59 - ->setCardCVCError($card_cvc_error) 60 60 - ->setCardExpirationError($card_expiration_error); 61 61 - 62 62 - $view->appendChild($form); 63 63 - 64 64 - return 65 65 - $this->buildStandardPageResponse( 66 66 - array( 67 67 - $error_view, 68 68 - $view, 69 69 - ), 70 70 - array( 71 71 - 'title' => $title, 72 72 - )); 73 73 - } 74 74 - 75 75 - /** 76 76 - * Stripe JS and calls to Stripe handle all errors with processing this 77 77 - * form. This function takes the raw errors - in the form of an array 78 78 - * where each elementt is $type => $message - and figures out what if 79 79 - * any fields were invalid and pulls the messages into a flat object. 80 80 - * 81 81 - * See https://stripe.com/docs/api#errors for more information on possible 82 82 - * errors. 83 83 - */ 84 84 - private function parseRawErrors($errors) { 85 85 - $card_number_error = null; 86 86 - $card_cvc_error = null; 87 87 - $card_expiration_error = null; 88 88 - $messages = array(); 89 89 - foreach ($errors as $index => $error) { 90 90 - $type = key($error); 91 91 - $msg = reset($error); 92 92 - $messages[] = $msg; 93 93 - switch ($type) { 94 94 - case 'number': 95 95 - case 'invalid_number': 96 96 - case 'incorrect_number': 97 97 - $card_number_error = true; 98 98 - break; 99 99 - case 'cvc': 100 100 - case 'invalid_cvc': 101 101 - case 'incorrect_cvc': 102 102 - $card_cvc_error = true; 103 103 - break; 104 104 - case 'expiry': 105 105 - case 'invalid_expiry_month': 106 106 - case 'invalid_expiry_year': 107 107 - $card_expiration_error = true; 108 108 - break; 109 109 - case 'card_declined': 110 110 - case 'expired_card': 111 111 - case 'duplicate_transaction': 112 112 - case 'processing_error': 113 113 - // these errors don't map well to field(s) being bad 114 114 - break; 115 115 - case 'invalid_amount': 116 116 - case 'missing': 117 117 - default: 118 118 - // these errors only happen if we (not the user) messed up so log it 119 119 - $error = sprintf( 120 120 - 'error_type: %s error_message: %s', 121 121 - $type, 122 122 - $msg); 123 123 - $this->logStripeError($error); 124 124 - break; 125 125 - } 126 126 - } 127 127 - 128 128 - // append a helpful "fix this" to the messages to be displayed to the user 129 129 - $messages[] = pht( 130 130 - 'Please fix these errors and try again.', 131 131 - count($messages)); 132 132 - 133 133 - return array( 134 134 - $card_number_error, 135 135 - $card_cvc_error, 136 136 - $card_expiration_error, 137 137 - $messages 138 138 - ); 139 139 - } 140 140 - 141 141 - private function logStripeError($message) { 142 142 - phlog('STRIPE-ERROR '.$message); 143 143 - } 144 144 - 145 145 - 146 146 - }

+2 -2

src/applications/phortune/stripe/view/PhortuneStripePaymentFormView.php src/applications/phortune/view/PhortuneStripePaymentFormView.php

reviewed

··· 39 39 } 40 40 41 41 public function render() { 42 42 - $form_id = celerity_generate_unique_node_id(); 42 42 + $form_id = celerity_generate_unique_node_id(); 43 43 require_celerity_resource('stripe-payment-form-css'); 44 44 require_celerity_resource('aphront-tooltip-css'); 45 45 Javelin::initBehavior('phabricator-tooltips'); ··· 105 105 ))) 106 106 ->appendChild( 107 107 id(new AphrontFormSubmitControl()) 108 108 - ->setValue('Submit Payment')); 108 108 + ->setValue('Add Payment Method')); 109 109 110 110 Javelin::initBehavior( 111 111 'stripe-payment-form',

+4

src/infrastructure/storage/patch/PhabricatorBuiltinPatchList.php

reviewed

··· 1206 1206 'type' => 'sql', 1207 1207 'name' => $this->getPatchPath('20130322.phortune.sql'), 1208 1208 ), 1209 1209 + '20130323.phortunepayment.sql' => array( 1210 1210 + 'type' => 'sql', 1211 1211 + 'name' => $this->getPatchPath('20130323.phortunepayment.sql'), 1212 1212 + ), 1209 1213 ); 1210 1214 } 1211 1215

+11 -8

webroot/rsrc/js/application/phortune/behavior-stripe-payment-form.js

reviewed

··· 3 3 * @requires javelin-behavior 4 4 * javelin-dom 5 5 * javelin-json 6 6 + * javelin-workflow 6 7 * stripe-core 7 8 */ 8 9 ··· 73 74 } 74 75 if (errors.length != 0) { 75 76 cardErrors.value = JX.JSON.stringify(errors); 76 76 - root.submit(); 77 77 - return true; 77 77 + 78 78 + JX.Workflow.newFromForm(root) 79 79 + .start(); 80 80 + 81 81 + return; 78 82 } 79 83 80 84 // no errors detected so contact Stripe asynchronously ··· 110 114 // success - we can use the token to create a customer object with 111 115 // Stripe and let the billing commence! 112 116 var token = response['id']; 117 117 + cardErrors.value = '[]'; 113 118 stripeToken.value = token; 114 119 } 115 115 - root.submit(); 120 120 + 121 121 + JX.Workflow.newFromForm(root) 122 122 + .start(); 116 123 } 117 124 118 118 - JX.DOM.listen( 119 119 - root, 120 120 - 'submit', 121 121 - null, 122 122 - onsubmit); 125 125 + JX.DOM.listen(root, 'submit', null, onsubmit); 123 126 });