170 lines
7.9 KiB
PHP
170 lines
7.9 KiB
PHP
<?php
|
|
/**
|
|
* TELVERO BACKOFFICE - API PROXY (V8.1 - LOGGING RESTORED)
|
|
*/
|
|
session_start();
|
|
ini_set('display_errors', 0);
|
|
error_reporting(E_ALL);
|
|
|
|
require __DIR__ . '/vendor/autoload.php';
|
|
|
|
if (file_exists(__DIR__ . '/.env')) {
|
|
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__);
|
|
$dotenv->load();
|
|
}
|
|
|
|
use Automattic\WooCommerce\Client;
|
|
use Mollie\Api\MollieApiClient;
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
$db = new mysqli($_ENV['DB_HOST'], $_ENV['DB_USER'], $_ENV['DB_PASS'], $_ENV['DB_NAME']);
|
|
if ($db->connect_error) { die(json_encode(['error' => 'Database connectie mislukt'])); }
|
|
|
|
function writeLog($action, $details) {
|
|
global $db;
|
|
$user = $_SESSION['user'] ?? 'system';
|
|
$stmt = $db->prepare("INSERT INTO sales_logs (username, action, details, created_at) VALUES (?, ?, ?, NOW())");
|
|
$stmt->bind_param("sss", $user, $action, $details);
|
|
$stmt->execute();
|
|
}
|
|
|
|
|
|
$action = $_GET['action'] ?? '';
|
|
|
|
// --- AUTH ---
|
|
if ($action === 'login') {
|
|
$input = json_decode(file_get_contents('php://input'), true);
|
|
$stmt = $db->prepare("SELECT password, full_name FROM sales_users WHERE username = ?");
|
|
$stmt->bind_param("s", $input['username']);
|
|
$stmt->execute();
|
|
$res = $stmt->get_result()->fetch_assoc();
|
|
if ($res && password_verify($input['password'], $res['password'])) {
|
|
$_SESSION['user'] = $input['username'];
|
|
$_SESSION['full_name'] = $res['full_name'];
|
|
writeLog('LOGIN', 'Gebruiker ingelogd');
|
|
session_write_close();
|
|
echo json_encode(['success' => true, 'user' => $res['full_name']]);
|
|
} else {
|
|
http_response_code(401); echo json_encode(['error' => 'Login mislukt']);
|
|
}
|
|
exit;
|
|
}
|
|
|
|
if (!isset($_SESSION['user']) && $action !== 'login') {
|
|
http_response_code(403); exit;
|
|
}
|
|
|
|
$woocommerce = new Client($_ENV['WC_URL'], $_ENV['WC_KEY'], $_ENV['WC_SECRET'], ['version' => 'wc/v3', 'verify_ssl' => false, 'timeout' => 400]);
|
|
|
|
// --- HELPERS ---
|
|
if ($action === 'get_payment_methods') {
|
|
try {
|
|
$gateways = $woocommerce->get('payment_gateways');
|
|
$output = [];
|
|
foreach ($gateways as $gw) {
|
|
if (str_contains($gw->id, 'applepay') || str_contains($gw->id, 'googlepay')) continue;
|
|
if ($gw->enabled && (str_contains($gw->id, 'mollie') || str_contains($gw->id, 'riverty') || str_contains($gw->id, 'klarna'))) {
|
|
$output[] = ['id' => $gw->id, 'title' => $gw->method_title];
|
|
}
|
|
}
|
|
echo json_encode($output);
|
|
} catch (Exception $e) { echo json_encode([]); }
|
|
exit;
|
|
}
|
|
|
|
if ($action === 'get_products') {
|
|
try {
|
|
$products = $woocommerce->get('products', ['status' => 'publish', 'per_page' => 100]);
|
|
$enriched = [];
|
|
foreach ($products as $product) {
|
|
$p = (array)$product;
|
|
$p['variation_details'] = ($product->type === 'variable') ? (array)$woocommerce->get("products/{$product->id}/variations", ['per_page' => 50]) : [];
|
|
$enriched[] = $p;
|
|
}
|
|
echo json_encode($enriched);
|
|
} catch (Exception $e) { echo json_encode([]); }
|
|
exit;
|
|
}
|
|
|
|
if ($action === 'postcode_check') {
|
|
$postcode = str_replace(' ', '', $_GET['postcode']);
|
|
$url = "https://postcode.tech/api/v1/postcode?postcode={$postcode}&number=" . $_GET['number'];
|
|
$ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, ["Authorization: Bearer " . $_ENV['POSTCODE_TECH_KEY']]);
|
|
echo curl_exec($ch); exit;
|
|
}
|
|
|
|
// --- CREATE ORDER (V8.1 - MET LOGGING) ---
|
|
if ($action === 'create_order') {
|
|
$input = json_decode(file_get_contents('php://input'), true);
|
|
try {
|
|
$email = $input['billing']['email'];
|
|
$mediacode = $input['mediacode_internal'] ?? 'Geen';
|
|
$shipping_incl_tax = (float)($input['shipping_total'] ?? 0);
|
|
$wc_gateway_id = $input['payment_method'];
|
|
$mollie_method = str_replace(['mollie_wc_gateway_', 'rve_'], '', $wc_gateway_id);
|
|
|
|
// 1. ACCOUNT SYNC
|
|
$existing_customers = $woocommerce->get('customers', ['email' => $email]);
|
|
$input['customer_id'] = !empty($existing_customers) ? $existing_customers[0]->id : 0;
|
|
|
|
// 2. SHIPPING TAX FIX
|
|
if ($shipping_incl_tax > 0) {
|
|
$shipping_ex_tax = $shipping_incl_tax / 1.21;
|
|
$input['shipping_lines'] = [['method_id' => 'flat_rate', 'method_title' => 'Verzendkosten', 'total' => number_format($shipping_ex_tax, 4, '.', '')]];
|
|
}
|
|
|
|
$input['payment_method'] = $wc_gateway_id;
|
|
$input['customer_note'] = "Agent: {$_SESSION['user']} | Mediacode: $mediacode";
|
|
|
|
// 3. ATTRIBUTION METADATA
|
|
$input['meta_data'][] = ['key' => '_wc_order_attribution_source_type', 'value' => 'utm'];
|
|
$input['meta_data'][] = ['key' => '_wc_order_attribution_utm_source', 'value' => 'SalesPanel'];
|
|
$input['meta_data'][] = ['key' => '_wc_order_attribution_utm_campaign', 'value' => $mediacode];
|
|
$input['meta_data'][] = ['key' => 'Mediacode', 'value' => $mediacode];
|
|
|
|
// ORDER AANMAKEN
|
|
$order = $woocommerce->post('orders', $input);
|
|
|
|
// 4. TERMIJN CHECK
|
|
if (in_array($mollie_method, ['in3', 'klarna', 'klarnapaylater', 'klarnasliceit', 'riverty']) && (float)$order->total < 100.00) {
|
|
$woocommerce->delete("orders/{$order->id}", ['force' => true]);
|
|
throw new Exception("Termijnbetaling pas vanaf €100,-");
|
|
}
|
|
|
|
// 5. MOLLIE PAYMENT
|
|
$mollie = new MollieApiClient();
|
|
$mollie->setApiKey($_ENV['MOLLIE_KEY']);
|
|
|
|
$paymentData = [
|
|
"amount" => ["currency" => "EUR", "value" => number_format((float)$order->total, 2, '.', '')],
|
|
"description" => "Order #{$order->id} [$mediacode]",
|
|
"redirectUrl" => $_ENV['WC_URL'] . "/checkout/order-received/{$order->id}/?key={$order->order_key}&order_id={$order->id}&utm_source=SalesPanel&utm_campaign=" . urlencode($mediacode),
|
|
"webhookUrl" => $_ENV['WC_URL'] . "/wc-api/{$wc_gateway_id}/?key={$order->order_key}&order_id={$order->id}",
|
|
"method" => $mollie_method,
|
|
"metadata" => ["order_id" => (string)$order->id, "mediacode" => $mediacode]
|
|
];
|
|
|
|
if (in_array($mollie_method, ['in3', 'klarna', 'klarnapaylater', 'klarnasliceit', 'riverty'])) {
|
|
if ($mollie_method === 'riverty') $paymentData["captureMode"] = "manual";
|
|
$paymentData["billingAddress"] = ["givenName" => $input['billing']['first_name'], "familyName" => $input['billing']['last_name'], "email" => $input['billing']['email'], "streetAndNumber" => $input['billing']['address_1'], "city" => $input['billing']['city'], "postalCode" => $input['billing']['postcode'], "country" => "NL"];
|
|
$paymentData["lines"] = [["name" => "Bestelling #" . $order->id, "quantity" => 1, "unitPrice" => ["currency" => "EUR", "value" => number_format((float)$order->total, 2, '.', '')], "totalAmount" => ["currency" => "EUR", "value" => number_format((float)$order->total, 2, '.', '')], "vatRate" => "21.00", "vatAmount" => ["currency" => "EUR", "value" => number_format((float)$order->total_tax, 2, '.', '')]]];
|
|
}
|
|
|
|
$payment = $mollie->payments->create($paymentData);
|
|
|
|
// 7. FINISH ORDER
|
|
$woocommerce->put("orders/{$order->id}", ['meta_data' => [['key' => '_mollie_payment_id', 'value' => $payment->id], ['key' => '_transaction_id', 'value' => $payment->id]]]);
|
|
$woocommerce->post("orders/{$order->id}/notes", ['note' => "Voltooi de betaling of keur de incasso z.s.m. goed via de volgende link: <br/> " . $payment->getCheckoutUrl(), 'customer_note' => true]);
|
|
writeLog('ORDER_CREATED', "Order #{$order->id} voor {$input['billing']['email']}");
|
|
|
|
echo json_encode(['payment_url' => $payment->getCheckoutUrl()]);
|
|
} catch (Exception $e) {
|
|
writeLog('ERROR', $e->getMessage());
|
|
http_response_code(422); echo json_encode(['error' => $e->getMessage()]);
|
|
}
|
|
exit;
|
|
}
|
|
|
|
if ($action === 'logout') { session_destroy(); echo json_encode(['success' => true]); exit; } |