CE-Phoenix distribution: Added logic to validate the public and private keys upon saving.

Author: MichaelRotaru

README.md

@@ -41,15 +41,15 @@ Released under the GPL V3 license: https://opensource.org/licenses/GPL-3.0
       ```
       require_once('includes/modules/payment/paylike/errors.php');
       ```
-      Before 'require('includes/application_top.php');' line;
+      Before require('includes/application_top.php'); line;
 
       7.2.Add:
       ```
       require_once('includes/modules/payment/paylike/validate.php');
       ```
-      After 'reset($HTTP_POST_VARS['configuration']);' line;
+      After reset($HTTP_POST_VARS['configuration']); line;
 
-      7.3.Replace 'tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . $value . "' where configuration_key = '" . $key . "'");' line with:
+      7.3.Replace tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . $value . "' where configuration_key = '" . $key . "'"); line with:
       ```
       if(sizeof($errors) === 0 || array_search($key, $validation_keys) === FALSE){
         tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . $value . "' where configuration_key = '" . $key . "'");
@@ -62,13 +62,13 @@ Released under the GPL V3 license: https://opensource.org/licenses/GPL-3.0
         tep_redirect(tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $HTTP_GET_VARS['module'] . '&action=edit'));
       }
       ```
-      Before 'tep_redirect(tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $HTTP_GET_VARS['module']));' line;
+      Before tep_redirect(tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $HTTP_GET_VARS['module'])); line;
 
       7.5.Add:
       ```
       if(isset($errorHandler))$errorHandler->display();
       ```
-      After 'case 'edit':' line.
+      After case 'edit': line.
   8. Install the Paylike module from modules -> payment in the admin  
   9. Insert the app key and your public key in the settings and enable the plugin
 

README_CE-Phoenix-2341-Frozen.md

@@ -42,13 +42,13 @@ Released under the GPL V3 license: https://opensource.org/licenses/GPL-3.0
       ```
       require_once('includes/modules/payment/paylike/errors.php');
       ```
-      Before 'require('includes/application_top.php');' line;
+      Before require('includes/application_top.php'); line;
 
       7.2.Add:
       ```
       require_once('includes/modules/payment/paylike/validate.php');
       ```
-      After 'case 'save':' line;
+      After case 'save': line;
 
       7.3.Replace 'tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . $value . "' where configuration_key = '" . $key . "'");' line with:
       ```
@@ -63,13 +63,13 @@ Released under the GPL V3 license: https://opensource.org/licenses/GPL-3.0
         tep_redirect(tep_href_link('modules.php', 'set=' . $set . '&module=' . $HTTP_GET_VARS['module'] . '&action=edit'));
       }
       ```
-      Before 'tep_redirect(tep_href_link('modules.php', 'set=' . $set . '&module=' . $_GET['module']));' line;
+      Before tep_redirect(tep_href_link('modules.php', 'set=' . $set . '&module=' . $_GET['module'])); line;
 
       7.5.Add:
       ```
       if(isset($errorHandler))$errorHandler->display();
       ```
-      After 'case 'edit':' line.
+      After case 'edit': line.
   8. Install the Paylike module from modules -> payment in the admin  
   9. Insert the app key and your public key in the settings and enable the plugin
 

README_Phoenix.md

@@ -5,7 +5,6 @@ available by a user.
 
 Released under the GPL V3 license: https://opensource.org/licenses/GPL-3.0
 
-
 ## Supported osCommerce versions
 
 *The plugin has been tested with osCommerce v.2.3.4.1 and osCommerce CE Phoenix
@@ -25,8 +24,8 @@ Released under the GPL V3 license: https://opensource.org/licenses/GPL-3.0
                 <script src="https://sdk.paylike.io/3.js"></script>
                 <script src= "includes/javascript/paylike.js"></script>
                 <?php
-    	        }
-    	    ?>
+              }
+          ?>
         ```
      Anywhere betwen the `head` tags.
   6. In: `includes/.htaccess` add:
@@ -37,9 +36,41 @@ Released under the GPL V3 license: https://opensource.org/licenses/GPL-3.0
 
       ```
       After the last line.
-  7. Install the Paylike module from modules -> payment in the admin  
-  8. Insert the app key and your public key in the settings and enable the plugin
+  7. In: `admin/modules.php`
+      7.1.Add:
+      ```
+      require_once('includes/modules/payment/paylike/errors.php');
+      ```
+      Before require 'includes/application_top.php'; line;
+
+      7.2.Add:
+      ```
+      require_once('includes/modules/payment/paylike/validate.php');
+      ```
+      After case 'save': line;
+
+      7.3.Replace tep_db_query("UPDATE configuration SET configuration_value = '" . tep_db_input($value) . "' WHERE configuration_key = '" . tep_db_input($key) . "'"); line with:
+      ```
+      if(sizeof($errors) === 0 || array_search($key, $validation_keys) === FALSE){
+        tep_db_query("UPDATE configuration SET configuration_value = '" . tep_db_input($value) . "' WHERE configuration_key = '" . tep_db_input($key) . "'");
+      }
+      ```
 
+      7.4.Add:
+      ```
+      if(sizeof($errors)){
+	       tep_redirect(tep_href_link('modules.php', 'set=' . $set . '&module=' . $_GET['module'] . '&action=edit'));
+	    }
+      ```
+      Before tep_redirect(tep_href_link('modules.php', 'set=' . $set . '&module=' . $_GET['module'])); line;
+
+      7.5.Add:
+      ```
+      <?php if(isset($errorHandler))$errorHandler->display(); ?>
+      ```
+      Before <div class="row no-gutters"> line.
+  8. Install the Paylike module from modules -> payment in the admin  
+  9. Insert the app key and your public key in the settings and enable the plugin
 
 ## Updating settings
 

upload_ce_phoenix/admin/includes/modules/payment/paylike/composer.json

@@ -0,0 +1,18 @@
+{
+  "name": "esparks/module-paylike",
+  "description": "Paylike integration with payment gateway prestashop",
+  "type": "prestashop-module",
+  "version": "1.0.6",
+  "license": [
+      "GPL-3.0-or-later"
+  ],
+  "authors": [
+    {
+      "name": "Ionut Calara",
+      "email": "ionut.calara@gmail.com"
+    }
+  ],
+  "require": {
+    "paylike/php-api": "^1.0.3"
+  }
+}

upload_ce_phoenix/admin/includes/modules/payment/paylike/composer.lock

@@ -0,0 +1,4 @@
+<?php
+/* Initialize errors object */
+require_once('helpers/Paylike_Errors.php');
+$errorHandler = new PaylikeErrors();

upload_ce_phoenix/admin/includes/modules/payment/paylike/errors.php

@@ -0,0 +1,50 @@
+<?php
+/* Security class check */
+if (! class_exists('PaylikeErrors')) :
+    /**
+     * Helper class that handles errors via cookies
+     */
+    class PaylikeErrors
+    {
+        public $errors = '';
+        private $cookieName = 'validation_errors';
+
+        public function __construct()
+        {
+            /* Load current cookie value */
+            $this->loadCookieErrors();
+        }
+        /**
+         * Dispay errors as HTML list
+         */
+        public function display()
+        {
+            if ($this->errors && sizeof($this->errors)) {
+                echo '<div class="validation_error">';
+                echo '<ul>';
+                echo '<li>' . implode('</li><li>', $this->errors) . '</li>';
+                echo '</ul></div>';
+            }
+        }
+        /**
+         * Set cookie with list of given values
+         *
+         * @param array $list - the list o errors to be stored
+         */
+        public function setCookieErrors($list)
+        {
+            setcookie($this->cookieName, json_encode($list), time()+3600);
+        }
+
+        /**
+         * Read and store cookie value
+         */
+        public function loadCookieErrors()
+        {
+            if(isset($_COOKIE[$this->cookieName])){
+              $this->errors = json_decode($_COOKIE[$this->cookieName], true);
+              setcookie($this->cookieName, '', time()-3600);
+            }
+        }
+    }
+endif; /* End if class_exists. */

upload_ce_phoenix/admin/includes/modules/payment/paylike/helpers/Paylike_Errors.php

@@ -0,0 +1,90 @@
+<?php
+/* Security class check */
+if (! class_exists('PaylikeValidator')) :
+    /**
+     * Helper class that validates module keys via Paylike API
+     */
+    class PaylikeValidator
+    {
+        public $validationPublicKeys = array('Live'=>array(),'Test'=>array());
+        /**
+         * Validate the App key.
+         *
+         * @param string $value - the value of the input.
+         * @param string $mode - the transaction mode 'test' | 'live'.
+         *
+         * @return string - the error message
+         */
+        public function validateAppKeyField($value, $mode)
+        {
+            /** Check if the key value is empty **/
+            if (! $value) {
+                return sprintf(ERROR_APP_KEY, $mode);
+            }
+            /** Load the client from API**/
+            $paylikeClient = new \Paylike\Paylike($value);
+            try {
+                /** Load the identity from API**/
+                $identity = $paylikeClient->apps()->fetch();
+            } catch (\Paylike\Exception\ApiException $exception) {
+                $this->logMessage(sprintf(ERROR_APP_KEY_INVALID, $mode));
+                return sprintf(ERROR_APP_KEY_INVALID, $mode);
+            }
+
+            try {
+                /** Load the merchants public keys list corresponding for current identity **/
+                $merchants = $paylikeClient->merchants()->find($identity['id']);
+                if ($merchants) {
+                    foreach ($merchants as $merchant) {
+                        /** Check if the key mode is the same as the transaction mode **/
+                        if (($mode == 'Test' && $merchant['test']) || ($mode != 'Test' && !$merchant['test'])) {
+                            $this->validationPublicKeys[$mode][] = $merchant['key'];
+                        }
+                    }
+                }
+            } catch (\Paylike\Exception\ApiException $exception) {
+                $this->logMessage(sprintf(ERROR_APP_KEY_INVALID, $mode));
+            }
+            /** Check if public keys array for the current mode is populated **/
+            if (empty($this->validationPublicKeys[$mode])) {
+                /** Generate the error based on the current mode **/
+                $error = sprintf(ERROR_APP_KEY_INVALID_MODE, $mode, array_values(array_diff(array_keys($this->validationPublicKeys), array($mode)))[0]);
+                $this->logMessage($error);
+                return $error;
+            }
+        }
+
+        /**
+         * Validate the Public key.
+         *
+         * @param string $value - the value of the input.
+         * @param string $mode - the transaction mode 'test' | 'live'.
+         *
+         * @return string - the error message
+         */
+        public function validatePublicKeyField($value, $mode)
+        {
+            /** Check if the key value is not empty **/
+            if (! $value) {
+                return sprintf(ERROR_PUBLIC_KEY, $mode);
+            }
+            /** Check if the local stored public keys array is empty OR the key is not in public keys list **/
+            if (empty($this->validationPublicKeys[$mode]) || ! in_array($value, $this->validationPublicKeys[$mode])) {
+                $error = sprintf(ERROR_PUBLIC_KEY_INVALID, $mode);
+                $this->logMessage($error);
+                return $error;
+            }
+        }
+
+        /**
+         * log message to default logger
+         *
+         * @param string $message
+         *
+         */
+        public static function logMessage($message)
+        {
+            error_log('[Paylike] ' . $message);
+        }
+    }
+endif; /* End if class_exists. */

upload_ce_phoenix/admin/includes/modules/payment/paylike/helpers/Paylike_Keys_Validator.php

@@ -0,0 +1,21 @@
+.validation_error {
+  background: pink;
+  width: 100%;
+  margin-bottom: 10px;
+}
+
+.validation_error ul {
+  padding: 5px 10px;
+  display: inline-block;
+  margin-bottom: 0;
+}
+
+.validation_error ul li {
+  list-style: none;
+  padding: 0;
+}
+
+*:disabled, .disabled {
+  opacity: 0.4;
+  pointer-events: none;
+}