const config = require("../config/main.js"); const configTpl = require("../views/"+config.theme+"/config/"+config.availableLangs[0]+".js"); const tool = require("../tools/main"); const toolMail = require("../tools/mail"); const txt = require("../lang/"+config.adminLang+"/payment"); const txtUser = require("../lang/"+config.adminLang+"/user"); const txtGeneral = require("../lang/"+config.adminLang+"/general"); const userCtrl = require("./user"); exports.getOneUserPayments = async (req, res, next) => { try { const connectedUser=req.connectedUser; if(connectedUser===false || ["admin","manager"].indexOf(connectedUser.User.status) === -1) res.status(403).json({ errors: txtGeneral.notAllowed }); else { const db = require("../models/index"); const Payments=await db["Payment"].findAll({ where: { UserId: req.params.id }, order: [["createdAt", "DESC"]] }); res.status(200).json(Payments); } next(); } catch(e) { next(e); } } exports.saveUserPaymentInfos = async (req, res, next) => { // exemple d'url : WP-infos.html?dom=NOM_DE_DOMAINE_DU_BOUTON&ref=ID_DU_USER&mt=MONTANT_TTC&cmd=CODE_COMMANDE_WEBPORTAGE&cl=NOM+DU+CLIENT&hKey=le_hash_en_md5 // dom=wikilerni.com&ref=5&mt=24&cmd=de11de&cl=monsieur+dugenoux&hKey=998dccdef52bd27dc0a674941c0e9340 try { require('dotenv').config(); const db = require("../models/index"); const md5 = require("md5"); const montantsAbonnement=["12","24", "60", "120"]; // !! attention req.query enlève les caractères spéciaux comme les "+" des paramètres de l'url. Il vaut donc mieux utiliser req.url pour comparer avec le hash au reste de la chaîne. const testUrl=req.url.slice(req.url.indexOf("?")+1,req.url.lastIndexOf("&")); console.log(testUrl); console.log(md5(testUrl+process.env.MD5_WP)); if(md5(testUrl+process.env.MD5_WP)!==req.query.hKey) // le hashage est effectué après le remplacement des caractères spéciaux dans l'url. throw { message: txt.paymentUrlFail+testUrl }; else if(req.query.ref==="" || montantsAbonnement.indexOf(req.query.mt) === -1) throw { message: txt.paymentDatasFail+testUrl }; else { const client=await userCtrl.searchUserById(req.query.ref); if(!client) throw { message: txt.paymentUserNotFound+testUrl }; else { // Si cet utilisateur a un parrain on le remercie et lui ajoute 30 jours d'abonnement // Cela impacte aussi la durée de l'abonnement commandé par l'utilisateur let numberOfDays=365; if(client.User.GodfatherId) { const parrain=await userCtrl.searchUserById(client.User.GodfatherId); if(parrain) { parrain.Subscription.numberOfDays+=30; numberOfDays+=30; await db["Subscription"].update({ ...parrain.Subscription }, { where: { UserId : client.User.GodfatherId }, fields: ["numberOfDays"], limit:1 }); userCtrl.creaUserJson(client.User.GodfatherId); const mapMail = { USER_NAME: parrain.User.name }; const mailDatas= { mailSubject: txt.mailPaymentThankGodfatherSubject, mailPreheader: txt.mailPaymentThankGodfatherSubject, mailTitle: txt.mailPaymentThankGodfatherSubject, mailHeaderLinkUrl: config.siteUrl+"/"+configTpl.userHomePage, mailHeaderLinkTxt: txt.mailPaymentLinkTxt, mailMainContent: tool.replaceAll(txt.mailPaymentThankGodfatherBodyHTML, mapMail), linksCTA: [{ url:config.siteUrl+"/"+configTpl.userHomePage, txt:txt.mailPaymentLinkTxt }], mailRecipientAddress: parrain.User.email } await toolMail.sendMail(parrain.User.smtp, parrain.User.email, txt.mailPaymentThankGodfatherSubject, tool.replaceAll(txt.mailPaymentThankGodfatherBodyTxt, mapMail), "", mailDatas); } else res.alerte=txt.paymentGodfatherNotFound+client.User.GodfatherId; } const infosClient= { clientName: req.query.cl, amount: req.query.mt, codeCommande: req.query.cmd, UserId: client.User.id, numberOfDays: client.Subscription.numberOfDays+numberOfDays }; await db["Payment"].create({ ...infosClient }, { fields: ["clientName", "amount", "codeCommande", "UserId"] }); await db["Subscription"].update({ ...infosClient }, { where: { UserId : infosClient.UserId }, fields: ["numberOfDays"], limit:1 }); userCtrl.creaUserJson(infosClient.UserId); // mail remerciement abonné const mapMail2 = { SITE_NAME: config.siteName, USER_NAME: client.User.name, NBDAYS: numberOfDays }; const mailDatas2 = { mailSubject: txt.mailPaymentThankSubject, mailPreheader: txt.mailPaymentThankSubject, mailTitle: txt.mailPaymentThankSubject, mailHeaderLinkUrl: config.siteUrl+"/"+configTpl.userHomePage, mailHeaderLinkTxt: txt.mailPaymentLinkTxt, mailMainContent: tool.replaceAll(txt.mailPaymentThankBodyHTML, mapMail2), linksCTA: [{ url:config.siteUrl+"/"+configTpl.userHomePage, txt:txt.mailPaymentLinkTxt }], mailRecipientAddress: client.User.email } await toolMail.sendMail(client.User.smtp, client.User.email, txt.mailPaymentThankSubject, tool.replaceAll(txt.mailPaymentThankBodyTxt, mapMail2), "", mailDatas2); // + info admin site await toolMail.sendMail(0, config.adminEmail, txt.mailPaymentAdminNoticeSubject, txt.mailPaymentAdminNoticeBodyTxt.replace("EMAIL", client.User.email), txt.mailPaymentAdminNoticeBodyHTML.replace("EMAIL", client.User.email)); res.status(200).json(true); } } next(); } catch(e) { next(e); } }