<?php /** * Adds important param elements to inside of object in order to make * things safe. */ class HTMLPurifier_Injector_SafeObject extends HTMLPurifier_Injector { /** * @type string */ public $name = 'SafeObject'; /** * @type array */ public $needed = array('object', 'param'); /** * @type array */ protected $objectStack = array(); /** * @type array */ protected $paramStack = array(); /** * Keep this synchronized with AttrTransform/SafeParam.php. * @type array */ protected $addParam = array( 'allowScriptAccess' => 'never', 'allowNetworking' => 'internal', ); /** * These are all lower-case keys. * @type array */ protected $allowedParam = array( 'wmode' => true, 'movie' => true, 'flashvars' => true, 'src' => true, 'allowfullscreen' => true, // if omitted, assume to be 'false' ); /** * @param HTMLPurifier_Config $config * @param HTMLPurifier_Context $context * @return void */ public function prepare($config, $context) { parent::prepare($config, $context); } /** * @param HTMLPurifier_Token $token */ public function handleElement(&$token) { if ($token->name == 'object') { $this->objectStack[] = $token; $this->paramStack[] = array(); $new = array($token); foreach ($this->addParam as $name => $value) { $new[] = new HTMLPurifier_Token_Empty('param', array('name' => $name, 'value' => $value)); } $token = $new; } elseif ($token->name == 'param') { $nest = count($this->currentNesting) - 1; if ($nest >= 0 && $this->currentNesting[$nest]->name === 'object') { $i = count($this->objectStack) - 1; if (!isset($token->attr['name'])) { $token = false; return; } $n = $token->attr['name']; // We need this fix because YouTube doesn't supply a data // attribute, which we need if a type is specified. This is // *very* Flash specific. if (!isset($this->objectStack[$i]->attr['data']) && ($token->attr['name'] == 'movie' || $token->attr['name'] == 'src') ) { $this->objectStack[$i]->attr['data'] = $token->attr['value']; } // Check if the parameter is the correct value but has not // already been added if (!isset($this->paramStack[$i][$n]) && isset($this->addParam[$n]) && $token->attr['name'] === $this->addParam[$n]) { // keep token, and add to param stack $this->paramStack[$i][$n] = true; } elseif (isset($this->allowedParam[strtolower($n)])) { // keep token, don't do anything to it // (could possibly check for duplicates here) // Note: In principle, parameters should be case sensitive. // But it seems they are not really; so accept any case. } else { $token = false; } } else { // not directly inside an object, DENY! $token = false; } } } public function handleEnd(&$token) { // This is the WRONG way of handling the object and param stacks; // we should be inserting them directly on the relevant object tokens // so that the global stack handling handles it. if ($token->name == 'object') { array_pop($this->objectStack); array_pop($this->paramStack); } } } // vim: et sw=4 sts=4

Initiate Payment

Initiates a new payment transaction.

Endpoint: POST create-order

Parameter	Type	Details
amount	decimal	Your Amount , Must be rounded at 2 precision.
currency	string	Currency Code, Must be in Upper Case (Alpha-3 code)
success_url	string	Enter your return or success URL
cancel_url	string (optional)	Enter your cancel or failed URL

                    
                        Request Example (guzzle)
                        

                        
                            
<?php
                            
 require_once('vendor/autoload.php');
                            
 $client = new \GuzzleHttp\Client();
                            
 $response = $client->request('POST', $base_url.'create-order', [
                            
'headers' => [
                            
  'Authorization' => 'Bearer '. $authorizationToken,
                            
  'accept' => 'application/json',
                            
  'content-type' => 'application/json',
                            
 ],
                            
'form_params' => [
                            
  'amount'        => '$amount',
                            
  'currency'      => 'currency',
                            
  'success_url'   => 'success_url',
                            
  'cancel_url'    => 'cancel_url',
                            
 ],
                            
                            
]);
                            
echo $response->getBody();

                    
                        
**Response: SUCCESS (200 OK)**
                        
{
                        
 "message": {
                        
 "success": [
                        
  "Order created successfully."
                        
 ]
                        
},
                        
"data": {
                            
 "redirect_url":"https://example.com/login/OISADFDFSDFSF",
                            
 "order_details":{
                                
 "amount" : "10",
                                
 "fixed_charge" : 2,
                                
 "percent_charge" : 1,
                                
 "total_charge" : 3,
                                
 "total_payable" : 13,
                                
 "currency" : "USD",
                                
 "expiry_time": "2024-04-25T06:48:35.984285Z",
                                
 "success_url": "http://127.0.0.1/nfcpay/user/transaction/success",
                                
 "cancel_url": "http://127.0.0.1/nfcpay/user/transaction/cancel"
                                
}
                            
},
                        
"type": "success"
                        
}

                    
                        
**Response: ERROR (400 FAILED)**
                        
{
                        
 "message": {
                        
 "error": [
                        
  "Invalid token."
                        
 ]
                        
},
                        
"data": null,
                        
"type": "error"
                        
}