Jump to content

prevent users from change there default payment method


AladdinJ

Recommended Posts

Hello

the problem is we have set specific payment methods to each product group 

but the clients was able to bypass this , 

 

when client make order , the invoice will show only allowed payment methods , but then customer goes to his profile => change his default payment method to any mithod he wants => boom! the unpaid invoice payment gateway changed to one customer choosed as default 


is there any one can help me fixing or find solution for this ?


Thanks in advance

Edited by AladdinJ
Link to comment
Share on other sites

hello @Kian 

first thanks for your reply , I appreciate your efforts and I follow you , I agree with your thoughts about WHMCS

 

I am littler expert at whmcs I have created some hooks

and I already use some of yours 

 

my problem here is I already use hook to limit the payment methods when invoice created or invoce change gateway hook



but the problem here is :
when client change his default payment gateway ==> this lead to unpaid invoice gateway changed => but the problem this hook not fired "InvoiceChangeGateway" 


I also created ticket to WHMCS support to tell them that this hook shoud fired when client changed theie dafualt gateway - but they say this is not a bug

I am searching to find way to fix this , if there any way make us call hook manually or something  ?

 

Edited by AladdinJ
Link to comment
Share on other sites

Incidentally I am working on an action hook where I need to remove specific payment methods from payment method dropdown (the one accessible from viewinvoice.php) depending on clients' groups. It is almost what you need. Basically there's an array like this one.

define('kt_companies', [

    1 => [

        'tax_exempt' => true,
        'invoice_header' => 'Ferrari S.p.A.' . PHP_EOL . 'Via Emilia Est 1163' . PHP_EOL . '41121 Modena - Italia',
        'allowed_payment_gateways' => [

            'paypalcheckout'
        ]
    ],
    2 => [

        'tax_exempt' => false,
        'invoice_header' => 'Juventus S.p.A.' . PHP_EOL . 'Via Druento 175' . PHP_EOL . '10151 Torino - Italia',
        'allowed_payment_gateways' => [

            'banktransfer', // The first gateway is always used as default to override restricted gateways (the ones not listed here) on open invoices (not in Paid, Collections, Refund, Payment Pending status)
            'katamaze_nexi'
        ]
    ]
]);

The keys (1 and 2) correspond to WHMCS client group. If a customer belongs to group id 2 (the second element of the array), I read allowed_payment_gateways array where I store payment gateways that the customer beloning to this group is allowed to use. I compare this array against all payment gateways available on WHMCS to find the the ones that the group is not allowed to use.

Here's an example. WHMCS has gateway X, Y and Z. Group id 2 can only use X and Y. As a consequence Z is the gateway I need to restrict. Okay now I do 2 things.

First. I remove Z from payment method dropdown (viewinvoice.php page).

Second. I update all open invoices (not in Paid, Collections, Refund and Payment Pending status) of the client in question replacing Z (if present) with the first payment gateway in my allowed_payment_gateways array.

If you can wait, I can extract the part that you need from the hook that I am finishing (btw I'll post that too). If you can't wait that's how I remove gateways from the dropdown.

<?php

// Apply kt_companies settings when a client is viewing an invoice
add_hook('ClientAreaPageViewInvoice', 1, function($vars) {

    $data = kt_LoadCompanySettings($vars['userid']);

    // There are no restrictions on payment gateways for the client. There's no need to continue. The standard "Payment method" dropdown of WHMCS is good
    if (!isset($data['settings']['restricted_gateways'])) {

        return;
    }

    // At least one payment gateway is restricted to client. I parse $vars['gatewaydropdown'] (it contains the entire HTML of the "Payment method" dropdown accessible from viewinvoice.php) as HTML
    $dom = new DOMDocument();
    $dom->loadHTML($vars['gatewaydropdown']);

    // I need to use xPath to read all the "<option></option>" tags of the "<select></select>" as an array
    $xpath = new DomXPath($dom);

    // I use this array to store xPath select conditions. I need this to communicate to xPath that for example I don't want "paypal" and "banktransfer" inside "Payment method" dropdown
    $xpath_conditions = [];

    // Looping every restricted payment gateway
    foreach ($data['settings']['restricted_gateways'] as $v) {

        $xpath_conditions[] = '@value="' . $v . '"';
    }

    // Imploding condition by " or " as xPath is expecting
    $xpath_conditions = implode($xpath_conditions, ' or ');

    // Looping every "<option></option>" to detect restricted payment gateways and remove them from "Payment method" dropdown
    foreach($xpath->query('//select/option[(' . $xpath_conditions . ')]') as $node) {

        // Removing the restricted payment gateway
        $node->parentNode->removeChild($node);
    }

    return [

        'gatewaydropdown' => $dom->saveXml() // Overriding default WHMCS dropdown with mine
    ];
});

You should change the $data = kt_LoadCompanySettings($vars['userid']); part with this:

$data['settings']['restricted_gateways'] = [
	
	// Gateways you want to restrict
	'paypaycheckout',
	'banktrasnfer'
]

Keep in mind that I'm still working on this code. It works for me but I still haven't tested everything.

Edited by Kian
Link to comment
Share on other sites

@Kian Thanks for your help, Thank God I have reached to solution 

add_hook('ClientEdit', 1, function($vars) {
    $client = Menu::context('client');
    $activeorders = $client->orders->where('status','Active')->count();
    if (!is_null($client))
    {
        $id = $vars["client_id"];
        $defaultgateway = Capsule::table('tblclients')->where('id',$id )->first()->defaultgateway;

        $disallowed = getnotsafepayment();
        
        if(in_array($defaultgateway,$disallowed))
        {
            $command = 'GetInvoices';
            $postData = array(
                'userid' => $id,
                'status' => 'unpaid',
            );
            $results = localAPI($command, $postData);
            if($results["totalresults"]> 0)
            {
                foreach ($results['invoices']['invoice'] as $inv)
                {
                    $invid = $inv['id'];
                    $allowed_arr =get_allowed_payment_methods_for_invoice($invid,$client);
                    // edit to first of the allowed payment 
                    $command = 'UpdateInvoice';
                    $postData = array(
                        'invoiceid' => $invid,
                        'paymentmethod' => array_values($allowed_arr)[0]['module'],
                    );
                    $results = localAPI($command, $postData);
                }
            }
        }
    }
});

 

this hook I have written if any one face the same problem ,


====

@Kian


by the way about the code you mentiond to edit html code in "gatewaydropdown"

as I tested and worked for me , edit "availableGateways" is Enough


 

    $availableGateways = $vars['availableGateways'];
	foreach ($availableGateways as $key => $value) {if (in_array($key,$dis)) unset($availableGateways[$key]);}
    return array("availableGateways" => $availableGateways);


====
Thanks for your help

Edited by AladdinJ
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated