7 * @link http://www.open-emr.org
8 * @author Jerry Padgett <sjpadgett@gmail.com>
9 * @author Brady Miller <brady.g.miller@gmail.com>
10 * @copyright Copyright (c) 2016-2019 Jerry Padgett <sjpadgett@gmail.com>
11 * @copyright Copyright (c) 2019 Brady Miller <brady.g.miller@gmail.com>
12 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
15 // Will start the (patient) portal OpenEMR session/cookie.
16 require_once(dirname(__FILE__
) . "/../../src/Common/Session/SessionUtil.php");
17 OpenEMR\Common\Session\SessionUtil
::portalSessionStart();
19 if (isset($_SESSION['pid']) && isset($_SESSION['patient_portal_onsite_two'])) {
20 $pid = $_SESSION['pid'];
21 $ignoreAuth_onsite_portal = true;
22 require_once(dirname(__FILE__
) . "/../../interface/globals.php");
24 OpenEMR\Common\Session\SessionUtil
::portalSessionCookieDestroy();
26 require_once(dirname(__FILE__
) . "/../../interface/globals.php");
27 if (!isset($_SESSION['authUserID'])) {
28 $landingpage = "index.php";
29 header('Location: ' . $landingpage);
34 require_once("./appsql.class.php");
36 use OpenEMR\Billing\PaymentGateway
;
37 use OpenEMR\Common\Crypto\CryptoGen
;
39 if ($_SESSION['portal_init'] !== true) {
40 $_SESSION['whereto'] = 'paymentcard';
43 $_SESSION['portal_init'] = false;
45 if ($_POST['mode'] == 'AuthorizeNet') {
46 $form_pid = $_POST['form_pid'];
47 $pay = new PaymentGateway("AuthorizeNetApi_Api");
48 $transaction['amount'] = $_POST['payment'];
49 $transaction['currency'] = "USD";
50 $transaction['opaqueDataDescriptor'] = $_POST['dataDescriptor'];
51 $transaction['opaqueDataValue'] = $_POST['dataValue'];
53 $response = $pay->submitPaymentToken($transaction);
54 if (is_string($response)) {
58 $r = $response->getParsedData();
60 $cc["cardHolderName"] = $_POST["cardHolderName"];
61 $cc['status'] = $response->getMessage();
62 $cc['authCode'] = $r->transactionResponse
->authCode
;
63 $cc['transId'] = $r->transactionResponse
->transId
;
64 $cc['cardNumber'] = $r->transactionResponse
->accountNumber
;
65 $cc['cc_type'] = $r->transactionResponse
->accountType
;
66 $cc['zip'] = $_POST["zip"];
67 $ccaudit = json_encode($cc);
68 $invoice = isset($_POST['invValues']) ?
$_POST['invValues'] : '';
69 } catch (\Exception
$ex) {
70 return $ex->getMessage();
73 $_SESSION['whereto'] = 'paymentcard';
74 if (!$response->isSuccessful()) {
78 $s = SaveAudit($form_pid, $invoice, $ccaudit);
83 if ($_POST['mode'] == 'Stripe') {
84 $form_pid = $_POST['form_pid'];
85 $pay = new PaymentGateway("Stripe");
86 $transaction['amount'] = $_POST['payment'];
87 $transaction['currency'] = "USD";
88 $transaction['token'] = $_POST['stripeToken'];
90 $response = $pay->submitPaymentToken($transaction);
91 if (is_string($response)) {
95 $r = $response->getSource();
97 $cc["cardHolderName"] = $_POST["cardHolderName"];
98 $cc['status'] = $response->isSuccessful() ?
"Payment Successful" : "Failed";
99 $cc['authCode'] = $r['fingerprint'];
100 $cc['transId'] = $response->getTransactionReference();
101 $cc['cardNumber'] = "******** " . $r['last4'];
102 $cc['cc_type'] = $r['brand'];
103 $cc['zip'] = $r->address_zip
;
104 $ccaudit = json_encode($cc);
105 $invoice = isset($_POST['invValues']) ?
$_POST['invValues'] : '';
106 } catch (\Exception
$ex) {
107 echo $ex->getMessage();
110 $_SESSION['whereto'] = 'paymentcard';
111 if (!$response->isSuccessful()) {
115 $s = SaveAudit($form_pid, $invoice, $ccaudit);
120 if ($_POST['mode'] == 'portal-save') {
121 $form_pid = $_POST['form_pid'];
122 $form_method = trim($_POST['form_method']);
123 $form_source = trim($_POST['form_source']);
124 $upay = isset($_POST['form_upay']) ?
$_POST['form_upay'] : '';
125 $cc = isset($_POST['extra_values']) ?
$_POST['extra_values'] : '';
126 $amts = isset($_POST['inv_values']) ?
$_POST['inv_values'] : '';
127 $s = SaveAudit($form_pid, $amts, $cc);
134 } elseif ($_POST['mode'] == 'review-save') {
135 $form_pid = $_POST['form_pid'];
136 $form_method = trim($_POST['form_method']);
137 $form_source = trim($_POST['form_source']);
138 $upay = isset($_POST['form_upay']) ?
$_POST['form_upay'] : '';
139 $cc = isset($_POST['extra_values']) ?
$_POST['extra_values'] : '';
140 $amts = isset($_POST['inv_values']) ?
$_POST['inv_values'] : '';
141 $s = CloseAudit($form_pid, $amts, $cc);
150 function SaveAudit($pid, $amts, $cc)
152 $appsql = new ApplicationTable();
155 $audit['patient_id'] = $pid;
156 $audit['activity'] = "payment";
157 $audit['require_audit'] = "1";
158 $audit['pending_action'] = "review";
159 $audit['action_taken'] = "";
160 $audit['status'] = "waiting";
161 $audit['narrative'] = "Authorize online payment.";
162 $audit['table_action'] = '';
163 $audit['table_args'] = $amts;
164 $audit['action_user'] = "0";
165 $audit['action_taken_time'] = "";
166 $cryptoGen = new CryptoGen();
167 $audit['checksum'] = $cryptoGen->encryptStandard($cc);
169 $edata = $appsql->getPortalAudit($pid, 'review', 'payment');
170 $audit['date'] = $edata['date'];
171 if ($edata['id'] > 0) {
172 $appsql->portalAudit('update', $edata['id'], $audit);
174 $appsql->portalAudit('insert', '', $audit);
176 } catch (Exception
$ex) {
183 function CloseAudit($pid, $amts, $cc, $action = 'payment posted', $paction = 'notify patient')
185 $appsql = new ApplicationTable();
188 $audit['patient_id'] = $pid;
189 $audit['activity'] = "payment";
190 $audit['require_audit'] = "1";
191 $audit['pending_action'] = $paction;//'review';//
192 $audit['action_taken'] = $action;
193 $audit['status'] = "closed";//'waiting';
194 $audit['narrative'] = "Payment authorized.";
195 $audit['table_action'] = "update";
196 $audit['table_args'] = $amts;
197 $audit['action_user'] = isset($_SESSION['authUserID']) ?
$_SESSION['authUserID'] : "0";
198 $audit['action_taken_time'] = date("Y-m-d H:i:s");
199 $cryptoGen = new CryptoGen();
200 $audit['checksum'] = $cryptoGen->encryptStandard($cc);
202 $edata = $appsql->getPortalAudit($pid, 'review', 'payment');
203 $audit['date'] = $edata['date'];
204 if ($edata['id'] > 0) {
205 $appsql->portalAudit('update', $edata['id'], $audit);
207 } catch (Exception
$ex) {