yanis/html
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
a94de6a72f734b72c8863b1a1ed502682aaf96cf
html/api/create-custom-payment.php
WEVIA b9b1c1c75c reinit-after-reset
2026-04-12 22:57:03 +02:00

155 lines
4.2 KiB
PHP
Raw Blame History

<?php
/**
* Stripe Custom Payment API - Sans dépendance PHP
* Utilise curl pour appeler l'API Stripe directement
*/
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(200);
exit;
}
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
echo json_encode(['error' => 'Method not allowed']);
exit;
}
// Clé secrète Stripe (à configurer)
$stripe_secret_key = getenv('STRIPE_SECRET_KEY');
// Lire données POST
$input = file_get_contents('php://input');
$data = json_decode($input, true);
// Validation
if (!$data || !isset($data['product_name']) || !isset($data['amount']) || !isset($data['currency'])) {
http_response_code(400);
echo json_encode(['error' => 'Missing required fields: product_name, amount, currency']);
exit;
}
$product_name = trim($data['product_name']);
$amount = (int)$data['amount']; // Déjà en centimes
$currency = strtolower(trim($data['currency']));
$email = isset($data['email']) ? trim($data['email']) : null;
// Validation montant
if ($amount < 50) { // Minimum 0.50 EUR
http_response_code(400);
echo json_encode(['error' => 'Montant minimum: 0.50 ' . strtoupper($currency)]);
exit;
}
// Validation devise
$allowed_currencies = ['eur', 'usd', 'mad'];
if (!in_array($currency, $allowed_currencies)) {
http_response_code(400);
echo json_encode(['error' => 'Devise non supportée']);
exit;
}
// Préparer données pour Stripe API
$stripe_data = [
'payment_method_types' => ['card'],
'line_items' => [[
'price_data' => [
'currency' => $currency,
'product_data' => [
'name' => $product_name,
'description' => 'Huawei Cloud - ' . $product_name
],
'unit_amount' => $amount
],
'quantity' => 1
]],
'mode' => 'payment',
'success_url' => 'https://weval-consulting.com/products/huawei-success.html?session_id={CHECKOUT_SESSION_ID}',
'cancel_url' => 'https://weval-consulting.com/products/huawei-cloud.html',
'metadata' => [
'provider' => 'huawei_cloud',
'partner' => 'weval_consulting',
'product_name' => $product_name
]
];
// Ajouter email si fourni
if ($email) {
$stripe_data['customer_email'] = $email;
}
// Appeler API Stripe via curl
try {
$ch = curl_init('https://api.stripe.com/v1/checkout/sessions');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => http_build_query(flatten_array($stripe_data)),
CURLOPT_HTTPHEADER => [
'Authorization: Bearer ' . $stripe_secret_key,
'Content-Type: application/x-www-form-urlencoded'
],
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_TIMEOUT => 30
]);
$response = curl_exec($ch);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$curl_error = curl_error($ch);
curl_close($ch);
if ($curl_error) {
throw new Exception('Curl error: ' . $curl_error);
}
$result = json_decode($response, true);
if ($http_code !== 200) {
$error_message = isset($result['error']['message'])
? $result['error']['message']
: 'Stripe API error';
throw new Exception($error_message);
}
// Succès
echo json_encode([
'sessionId' => $result['id'],
'url' => $result['url']
]);
} catch (Exception $e) {
http_response_code(500);
echo json_encode([
'error' => 'Payment error',
'message' => $e->getMessage()
]);
}
/**
* Aplatir tableau pour http_build_query avec tableaux imbriqués
*/
function flatten_array($array, $prefix = '') {
$result = [];
foreach ($array as $key => $value) {
$new_key = $prefix === '' ? $key : $prefix . '[' . $key . ']';
if (is_array($value)) {
$result = array_merge($result, flatten_array($value, $new_key));
} else {
$result[$new_key] = $value;
}
}
return $result;
}
Reference in New Issue View Git Blame Copy Permalink