Fix webhook: add checkout.session.completed; propagate metadata to payment intent

This commit is contained in:
2026-05-29 16:32:37 +00:00
parent 0d481f8feb
commit e39df89a95
2 changed files with 45 additions and 24 deletions
+31 -11
View File
@@ -9,7 +9,7 @@ require_once __DIR__ . '/../includes/stripe.php';
header('Content-Type: application/json'); header('Content-Type: application/json');
$payload = file_get_contents('php://input'); $payload = file_get_contents('php://input');
$sigHeader = $_SERVER['HTTP_STRIPE_SIGNATURE'] ?? ''; $sigHeader = $_SERVER['HTTP_STRIPE_SIGNATURE'] ?? '';
// Verify webhook signature (if secret is configured) // Verify webhook signature (if secret is configured)
@@ -31,24 +31,44 @@ if (!empty(STRIPE_WEBHOOK_SECRET) && STRIPE_WEBHOOK_SECRET !== 'whsec_your_webho
} }
$eventType = $event['type'] ?? ''; $eventType = $event['type'] ?? '';
$data = $event['data']['object'] ?? []; $data = $event['data']['object'] ?? [];
switch ($eventType) { switch ($eventType) {
case 'payment_intent.succeeded':
$paymentIntentId = $data['id'] ?? '';
$orderId = $data['metadata']['order_id'] ?? '';
if ($orderId) { case 'checkout.session.completed':
// Stripe Checkout (hosted page) — metadata is on the session
$orderId = $data['metadata']['order_id'] ?? '';
$paymentIntentId = $data['payment_intent'] ?? '';
if ($orderId && ($data['payment_status'] ?? '') === 'paid') {
db()->update('orders', db()->update('orders',
[ [
'payment_status' => 'paid', 'payment_status' => 'paid',
'order_status' => 'confirmed' 'order_status' => 'confirmed',
'stripe_payment_intent' => $paymentIntentId,
], ],
'order_id = :id', 'order_id = :id',
['id' => $orderId] ['id' => $orderId]
); );
$order = db()->fetch("SELECT * FROM orders WHERE order_id = :id", ['id' => $orderId]);
if ($order) {
sendOrderConfirmationEmail($order);
}
}
break;
// Send confirmation email case 'payment_intent.succeeded':
// Payment Intent flow (embedded checkout) — metadata.order_id set directly on PI
$paymentIntentId = $data['id'] ?? '';
$orderId = $data['metadata']['order_id'] ?? '';
if ($orderId) {
db()->update('orders',
[
'payment_status' => 'paid',
'order_status' => 'confirmed',
],
'order_id = :id',
['id' => $orderId]
);
$order = db()->fetch("SELECT * FROM orders WHERE order_id = :id", ['id' => $orderId]); $order = db()->fetch("SELECT * FROM orders WHERE order_id = :id", ['id' => $orderId]);
if ($order) { if ($order) {
sendOrderConfirmationEmail($order); sendOrderConfirmationEmail($order);
@@ -73,7 +93,7 @@ switch ($eventType) {
db()->update('orders', db()->update('orders',
[ [
'payment_status' => 'refunded', 'payment_status' => 'refunded',
'order_status' => 'refunded' 'order_status' => 'refunded',
], ],
'stripe_payment_intent = :pi', 'stripe_payment_intent = :pi',
['pi' => $paymentIntentId] ['pi' => $paymentIntentId]
@@ -89,7 +109,7 @@ echo json_encode(['received' => true]);
* Send order confirmation email * Send order confirmation email
*/ */
function sendOrderConfirmationEmail($order) { function sendOrderConfirmationEmail($order) {
$items = json_decode($order['items'], true) ?? []; $items = json_decode($order['items'], true) ?? [];
$shippingAddress = json_decode($order['shipping_address'], true) ?? []; $shippingAddress = json_decode($order['shipping_address'], true) ?? [];
$itemsHtml = ''; $itemsHtml = '';
+1
View File
@@ -121,6 +121,7 @@ class StripeAPI {
if (!empty($options['metadata'])) { if (!empty($options['metadata'])) {
foreach ($options['metadata'] as $key => $value) { foreach ($options['metadata'] as $key => $value) {
$data["metadata[$key]"] = $value; $data["metadata[$key]"] = $value;
$data["payment_intent_data[metadata][$key]"] = $value;
} }
} }