myron/tomsjavajive
1
0
Fork 0
mirror of https://github.com/myronblair/tomsjavajive synced 2026-06-30 17:50:32 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
f89362528aff937f18f5225101b3c8e5234ad633
tomsjavajive/api/create-checkout-session.php
T
myron f89362528a Fix loyalty system: load tiers from DB, award points on payment 
- LoyaltyProgram now loads tiers from loyalty_tiers DB table in constructor
  with fallback to hardcoded defaults if table is empty
- awardPoints() accepts order_id param with duplicate-prevention check so
  points cannot be double-awarded for the same order
- Inserts balance_after into loyalty_transactions for accurate history
- payment-status.php: award points after Stripe checkout session or
  PaymentIntent confirmed as paid
- create-checkout-session.php: award points in demo mode payment path

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-14 20:58:37 +00:00

130 lines
3.3 KiB
PHP
Raw Blame History

<?php
/**
* Tom's Java Jive - Create Stripe Checkout Session API
* Uses hosted checkout page (redirects to Stripe)
*/
require_once __DIR__ . '/../includes/functions.php';
require_once __DIR__ . '/../includes/stripe.php';
require_once __DIR__ . '/../includes/loyalty.php';
header('Content-Type: application/json');
// Only accept POST
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
jsonResponse(['error' => 'Method not allowed'], 405);
}
$input = json_decode(file_get_contents('php://input'), true);
$orderId = $input['order_id'] ?? '';
$originUrl = $input['origin_url'] ?? '';
if (empty($orderId)) {
jsonResponse(['error' => 'Order ID required'], 400);
}
if (empty($originUrl)) {
$originUrl = SITE_URL;
}
// Get order
$order = db()->fetch(
"SELECT * FROM orders WHERE order_id = :id",
['id' => $orderId]
);
if (!$order) {
jsonResponse(['error' => 'Order not found'], 404);
}
if ($order['payment_status'] === 'paid') {
jsonResponse(['error' => 'Order already paid'], 400);
}
// Check if Stripe is configured
if (!isStripeConfigured()) {
// Demo mode - simulate successful payment
db()->update('orders',
[
'payment_status' => 'paid',
'order_status' => 'confirmed',
'stripe_payment_intent' => 'demo_' . bin2hex(random_bytes(8))
],
'order_id = :id',
['id' => $orderId]
);
if (!empty($order['customer_id'])) {
loyalty()->awardPoints(
$order['customer_id'],
(float) $order['total'],
'Order #' . $order['order_number'],
$orderId
);
}
jsonResponse([
'demo_mode' => true,
'message' => 'Payment simulated (Stripe not configured)',
'redirect' => '/order-confirmation.php?order=' . $orderId
]);
}
// Build line items from order
$items = json_decode($order['items'], true) ?? [];
$lineItems = [];
foreach ($items as $item) {
$lineItems[] = [
'name' => $item['name'],
'price' => floatval($item['price']),
'quantity' => intval($item['quantity']),
'currency' => 'usd'
];
}
// Add shipping if applicable
if ($order['shipping_cost'] > 0) {
$lineItems[] = [
'name' => 'Shipping',
'price' => floatval($order['shipping_cost']),
'quantity' => 1,
'currency' => 'usd'
];
}
// Build success/cancel URLs
$successUrl = rtrim($originUrl, '/') . '/order-confirmation.php?order=' . $orderId . '&session_id={CHECKOUT_SESSION_ID}';
$cancelUrl = rtrim($originUrl, '/') . '/payment.php?order=' . $orderId . '&cancelled=1';
try {
$session = stripe()->createCheckoutSession(
$lineItems,
$successUrl,
$cancelUrl,
[
'customer_email' => $order['customer_email'],
'metadata' => [
'order_id' => $orderId,
'order_number' => $order['order_number']
]
]
);
// Store checkout session ID
db()->update('orders',
['stripe_session_id' => $session['id']],
'order_id = :id',
['id' => $orderId]
);
jsonResponse([
'url' => $session['url'],
'session_id' => $session['id']
]);
} catch (Exception $e) {
error_log('Stripe Checkout error: ' . $e->getMessage());
jsonResponse(['error' => 'Failed to create checkout session: ' . $e->getMessage()], 500);
}
Reference in New Issue View Git Blame Copy Permalink