public async Task <IActionResult> addShippingAddress(int userid, [FromBody] AddShippingDto newShipping)
{
var shippingToAdd = new Card();
shippingToAdd.MainCardId = userid;
shippingToAdd.Name = newShipping.name;
shippingToAdd.Company = newShipping.company;
shippingToAdd.Address1 = newShipping.address1;
shippingToAdd.Address2 = newShipping.address2;
shippingToAdd.Address3 = newShipping.address3;
shippingToAdd.City = newShipping.city;
shippingToAdd.Country = newShipping.country;
shippingToAdd.Phone = newShipping.phone;
shippingToAdd.Contact = newShipping.contact;
shippingToAdd.Zip = newShipping.zip;
shippingToAdd.Note = newShipping.note;
shippingToAdd.Email = DateTime.Now.Hour.ToString() + DateTime.Now.Minute.ToString() + DateTime.Now.Second.ToString() + DateTime.Now.Millisecond.ToString();
try
{
await _context.AddAsync(shippingToAdd);
await _context.SaveChangesAsync();
}
catch (Exception e)
{
throw e;
}
return(Ok());
}
public async Task <IActionResult> updateOrderShipping(int?order_id)
{
var orderToUpdate = _context.Orders.Where(o => o.Id == order_id).FirstOrDefault();
if (orderToUpdate == null)
{
return(NotFound());
}
var shippingStatus = orderToUpdate.Status;
if (shippingStatus == 5)
{
orderToUpdate.Status = 6; //from shipping to received
}
else if (shippingStatus == 6)
{
orderToUpdate.Status = 5; //from received to shipping
}
try
{
_context.Update(orderToUpdate);
await _context.SaveChangesAsync();
}
catch (Exception e)
{
throw e;
}
return(NoContent());
}
public async Task <IActionResult> updateDetail(int?id, [FromBody] JsonPatchDocument <UserDto> patchDocUser)
{
if (id == null)
{
return(NotFound());
}
if (patchDocUser == null)
{
return(BadRequest());
}
var SenderToUpdate = _context.Card.Where(c => c.Id == id).FirstOrDefault();
if (SenderToUpdate == null)
{
return(NotFound());
}
var senderToPatch = new UserDto()
{
name = SenderToUpdate.Name,
address1 = SenderToUpdate.Address1,
address2 = SenderToUpdate.Address2,
address3 = SenderToUpdate.Address3,
city = SenderToUpdate.City,
country = SenderToUpdate.Country,
phone = SenderToUpdate.Phone
};
patchDocUser.ApplyTo(senderToPatch, ModelState);
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
SenderToUpdate.Name = senderToPatch.name;
SenderToUpdate.Address1 = senderToPatch.address1;
SenderToUpdate.Address2 = senderToPatch.address2;
SenderToUpdate.Address3 = senderToPatch.address3;
SenderToUpdate.City = senderToPatch.city;
SenderToUpdate.Country = senderToPatch.country;
SenderToUpdate.Phone = senderToPatch.phone;
try
{
await _context.SaveChangesAsync();
return(NoContent());
}
catch (Exception e)
{
throw e;
}
}
public async Task <IActionResult> resetSyncItems(int?branchId, [FromBody] IEnumerable <ResetItemSyncDto> resetItems)
{
var message = "Item shipped : ";
var logger = NLogBuilder.ConfigureNLog("nlog.config").GetCurrentClassLogger();
if (branchId == null)
{
return(NotFound());
}
var items = await _context.UpdatedItem.Where(ui => ui.BranchId == branchId).ToListAsync();
if (items == null || resetItems == null)
{
return(NotFound());
}
var itemsToReset = resetItems.Count();
try
{
foreach (var i in resetItems)
{
var item = await _context.UpdatedItem.FirstOrDefaultAsync(ui => ui.ItemCode == i.Code && ui.BranchId == branchId && BitConverter.ToString(ui.TimeStamp) == i.TimeStamp);
if (item != null)
{
_context.UpdatedItem.Remove(item);
itemsToReset = itemsToReset - 1;
}
else
{
message = message + i.Code + ", ";
}
}
if (itemsToReset > 0)
{
message = itemsToReset + " item(s) skipped!" + "\r\n" + message;
}
else
{
message = "All Done!";
}
}
catch (Exception ex)
{
logger.Info(ex.ToString());
// throw;
}
await _context.SaveChangesAsync();
return(Ok(message));
}
public async Task <IActionResult> createOrder([FromBody] CartDto cart)
{
var newOrder = new Orders();
newOrder.CardId = cart.card_id;
newOrder.PoNumber = cart.po_num;
newOrder.Branch = 1;
newOrder.Freight = (decimal)cart.freight;
newOrder.OrderTotal = (decimal)cart.sub_total;
newOrder.ShippingMethod = (byte)cart.shipping_method;
newOrder.CustomerGst = cart.customer_gst;
newOrder.IsWebOrder = true;
newOrder.WebOrderStatus = 1;
newOrder.Status = 1;
newOrder.Number = newOrder.Id;
using (var dbContextTransaction = _context.Database.BeginTransaction())
{
try
{
await _context.Orders.AddAsync(newOrder);
await _context.SaveChangesAsync();
var newOrderId = newOrder.Id;
var customerGst = newOrder.CustomerGst;
var totalGstInc = Math.Round((decimal)cart.sub_total * (1 + (decimal)customerGst), 2);
await inputOrderItem(cart.cartItems, newOrderId, customerGst);
await _context.SaveChangesAsync();
dbContextTransaction.Commit();
return(Ok());
}
catch (Exception ex)
{
dbContextTransaction.Rollback();
return(BadRequest());
}
}
}
public async Task <IActionResult> sendpw([FromBody] SendPasswordDto sendpw)
{
if (sendpw == null)
{
return(BadRequest("No account found!"));
}
//check if existing user
var login_email = _context.Card;
//if true, generate a new pw, update db, send to user
if (login_email.Any(c => c.Email == sendpw.emailto))
{
Card this_card = _context.Card.Where(c => c.Email == sendpw.emailto).FirstOrDefault();
var card_id = this_card.Id;
string new_pw = Common.GenerateRandomString(8);
string content = "Hi, this is your new password<br>";
content += "<b>NEW PASSWORD</b> is (" + new_pw + ") !!";
MD5 md5Hash = MD5.Create();
byte[] data = md5Hash.ComputeHash(Encoding.UTF8.GetBytes(new_pw));
StringBuilder sBuilder = new StringBuilder();
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data[i].ToString("x2"));
}
string md5password = sBuilder.ToString().ToUpper();
this_card.Password = md5password;
_context.Card.Update(this_card);
await _context.SaveChangesAsync();
try
{
await _imailService.sendEmail(sendpw.emailto, "password", content, null);
return(Ok(new
{
pw = new_pw,
md5password = md5password
}));
}
catch (Exception e)
{
return(BadRequest(e));
}
}
else
{
return(NotFound());
};
}
public async Task <IActionResult> Register([FromBody] RegisterDto newUser)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Card newCard = new Card();
//check email exists or not!
var email = newUser.email;
bool hasemail = _context.Card.Any(e => e.Email == email);
var errorMsg = new { error = "Sorry, this email exists already!!!" };
if (hasemail)
{
return(BadRequest(errorMsg.error));
}
var password = newUser.password;
MD5 md5Hash = MD5.Create();
byte[] data = md5Hash.ComputeHash(Encoding.UTF8.GetBytes(password));
StringBuilder sBuilder = new StringBuilder();
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data[i].ToString("x2"));
}
string md5password = sBuilder.ToString().ToUpper();
newCard.Name = newUser.name;
newCard.Email = newUser.email;
newCard.Password = md5password; //newUser.password;
newCard.Type = 6; // newUser.type;
newCard.AccessLevel = 10; // newUser.accesslevel;
await _context.Card.AddAsync(newCard);
await _context.SaveChangesAsync();
return(Ok(
new { newCard.Name, newCard.Email, newCard.Password, newCard.Type, newCard.AccessLevel }
));
}
public async Task <IActionResult> sendMessage([FromBody] MessageDto message)
{
if (!ModelState.IsValid)
{
return(BadRequest(JsonConvert.SerializeObject(ModelState.Values.Select(e => e.Errors).ToList())));
}
try
{
var receiverEmail = _config["ContactEmail"];
/* add to messageboard table*/
var messageboard = new MessageBoard()
{
Name = message.Name,
Subject = message.Subject,
Content = message.Content,
Email = message.Email
};
await _context.MessageBoard.AddAsync(messageboard);
//update database
await _context.SaveChangesAsync();
/* send email to supplier */
var subject = message.Subject;
var content = "Name :" + message.Name + "<br/>";
content += "Contact Email : " + message.Email + "<br/><br/>";
content += message.Content;
_mail.sendEmail(receiverEmail, subject, content, null);
return(Ok());
}
catch (Exception)
{
throw;
}
}
public async Task <IActionResult> addToCart(int cardid, [FromBody] AddItemToCartDto itemToCart)
{
if (itemToCart == null)
{
return(NotFound());
}
if (_context.Cart.Any(c => c.Code == itemToCart.code &&
c.Name == itemToCart.name &&
c.SupplierCode == itemToCart.supplier_code &&
c.CardId == cardid &&
c.SalesPrice == itemToCart.sales_price.ToString()))
{
//Add new qty to this item
var existingItem = _context.Cart.Where(c => c.Code == itemToCart.code && c.Name == itemToCart.name && c.SupplierCode == itemToCart.supplier_code && c.CardId == cardid && c.SalesPrice == itemToCart.sales_price.ToString()).FirstOrDefault();
var dQuantity = Convert.ToDouble(existingItem.Quantity);
if ((dQuantity + itemToCart.quantity) < 0)
{
return(BadRequest("qty < 0"));
}
dQuantity += itemToCart.quantity;
existingItem.Quantity = dQuantity.ToString();
//if new qty == 0, remove this item from cart
if (dQuantity == 0)
{
// await deleteFromCart(cardid, existingItem.Id);
var itemToRemoveFromCart = new Cart();
itemToRemoveFromCart = _context.Cart.Where(c => c.Id == existingItem.Id && c.CardId == cardid).FirstOrDefault();
if (itemToRemoveFromCart == null)
{
return(NotFound());
}
_context.Remove(itemToRemoveFromCart);
}
await _context.SaveChangesAsync(); //async
return(NoContent());
}
else
{
if (itemToCart.quantity <= 0)
{
return(BadRequest("quantity <= 0"));
}
var newItem = new Cart();
newItem.CardId = itemToCart.card_id;
newItem.Code = itemToCart.code;
newItem.Name = itemToCart.name;
newItem.Barcode = itemToCart.barcode;
newItem.SalesPrice = itemToCart.sales_price.ToString();
newItem.Quantity = itemToCart.quantity.ToString();
newItem.SupplierCode = itemToCart.supplier_code;
newItem.Points = itemToCart.points.ToString();
await _context.AddAsync(newItem);
await _context.SaveChangesAsync();
return(Ok(newItem));
}
}
// [Consumes("application/x-www-form-urlencoded")]
public async Task <IActionResult> GetPaymentResult([FromQuery] string result, [FromQuery] string action, [FromQuery] string orderId)
{
PxPay WS = new PxPay(sServiceUrl, PxPayUserId, PxPayKey);
ResponseOutput outputQs = WS.ProcessResponse(result);
string DpsTxnRef = outputQs.DpsTxnRef;
string sSuccess = outputQs.Success;
string returnUrl = outputQs.TxnData1;
if (returnUrl == "")
{
returnUrl = "www.google.com";
}
if (result == null)
{
return(NotFound());
}
if (action != "paymentSuccess")
{
return(BadRequest("Sorry, payment unsuccessful. Please try later. "));
}
//1. Check if payment info record
if (await _context.DpsOutput.AnyAsync(d => d.OrderId.ToString() == orderId)) //&& d.TxnId == outputQs.TxnId))
{
//if info recorded
}
else
{
//Record dps payment status
var connectionString = _config.GetConnectionString("rst374_cloud12Context");//_context.Database.GetDbConnection().ConnectionString;
var conn = new SqlConnection(connectionString);
conn.Open();
var comm = new SqlCommand("insert into DpsOutput(OrderId, valid, AmountSettlement, AuthCode,CardName,CardNumber,DateExpiry,DpsTxnRef,Success," +
"ResponseText,DpsBillingId,CardHolderName,CurrencySettlement,TxnData1,TxnData2,TxnData3,TxnType, CurrencyInput,MerchantReference," +
"ClientInfo,TxnId, EmailAddress,BillingId,TxnMac )values('" + orderId + "','" + outputQs.valid + "', " +
" '" + outputQs.AmountSettlement + "', " +
" '" + outputQs.AuthCode + "'," +
" '" + outputQs.CardName + "'," +
" '" + outputQs.CardNumber + "', " +
" '" + outputQs.DateExpiry + "', " +
" '" + outputQs.DpsTxnRef + "', " +
" '" + outputQs.Success + "', " +
" '" + outputQs.ResponseText + "', " +
" '" + outputQs.DpsBillingId + "', " +
" '" + outputQs.CardHolderName + "', " +
" '" + outputQs.CurrencySettlement + "', " +
" '" + outputQs.TxnData1 + "', " +
" '" + outputQs.TxnData2 + "', " +
" '" + outputQs.TxnData3 + "', " +
" '" + outputQs.TxnType + "', " +
" '" + outputQs.CurrencyInput + "', " +
" '" + outputQs.MerchantReference + "', " +
" '" + outputQs.ClientInfo + "', " +
" '" + outputQs.TxnId + "', " +
" '" + outputQs.EmailAddress + "', " +
" '" + outputQs.BillingId + "', " +
" '" + outputQs.TxnMac + "'" +
" )");
try
{
comm.Connection = conn;
comm.ExecuteNonQuery();
}
catch (Exception ex)
{
_logger.LogError(ex.Message + "\r\n" + $"Record dps payment info error, order id: {orderId}.");
return(BadRequest(ex.Message));
}
finally
{
conn.Close();
}
}
var isProcessed = _context.TranDetail.Any(td => td.Note == DpsTxnRef || td.PaymentRef == DpsTxnRef);
if (isProcessed)
{
// return BadRequest("Order " + orderId + " has been processed!");
return(Redirect(returnUrl));
}
PropertyInfo[] properties = outputQs.GetType().GetProperties();
foreach (PropertyInfo oPropertyInfo in properties)
{
if (oPropertyInfo.CanRead)
{
string name = oPropertyInfo.Name;
string value = (string)oPropertyInfo.GetValue(outputQs, null);
}
}
var order = _context.Orders.Where(o => o.Id == Convert.ToInt32(orderId))
.Join(_context.Invoice,
o => o.InvoiceNumber,
i => i.InvoiceNumber,
(o, i) => new { o.InvoiceNumber, o.Id, o.CardId, Total = i.Total ?? 0 }).FirstOrDefault();
int cardId = 0;
decimal orderAmount = 0;
string customerEmail = "";
var customer = await _context.Card.FirstOrDefaultAsync(c => c.Id == order.CardId);
if (customer != null)
{
customerEmail = customer.Email;
}
if (order != null)
{
cardId = order.CardId;
orderAmount = order.Total;
}
int paymentmethod = _isettings.getIdByPaymentMethod("dps");// 14; // paymentMethodCast(paymentInfo.payment_method);
if (sSuccess == "1")
{
var invoiceExists = await _context.TranInvoice.AnyAsync(ti => ti.InvoiceNumber == order.InvoiceNumber);
if (invoiceExists)
{
return(BadRequest($"This order {orderId} has already been processed!"));
}
var connect = _context.Database.GetDbConnection();
var connectstring = _context.Database.GetDbConnection().ConnectionString;
connect.Open();
System.Data.Common.DbCommand dbCommand = connect.CreateCommand();
// using (var dbContextTransaction = connect.BeginTransaction())
{
//input payment info
try
{
var note = dbCommand.CreateParameter();
note.ParameterName = "@note";
note.DbType = System.Data.DbType.String;
note.Value = DpsTxnRef; //insert dps ref to tran_detail tables
var Payment_Ref = dbCommand.CreateParameter();
Payment_Ref.ParameterName = "@payment_ref";
Payment_Ref.DbType = System.Data.DbType.String;
Payment_Ref.Value = DpsTxnRef;
var shop_branch = dbCommand.CreateParameter();
shop_branch.ParameterName = "@shop_branch";
shop_branch.DbType = System.Data.DbType.Int32;
shop_branch.Value = _isettings.getOnlineShopId();
var Amount = dbCommand.CreateParameter();
Amount.ParameterName = "@Amount";
Amount.DbType = System.Data.DbType.String;
Amount.Value = order.Total;
var nDest = dbCommand.CreateParameter();
nDest.ParameterName = "@nDest";
nDest.DbType = System.Data.DbType.Int32;
nDest.Value = "1116";
var staff_id = dbCommand.CreateParameter();
staff_id.ParameterName = "@staff_id";
staff_id.DbType = System.Data.DbType.Int32;
staff_id.Value = order.CardId.ToString();
var card_id = dbCommand.CreateParameter();
card_id.ParameterName = "@card_id";
card_id.DbType = System.Data.DbType.Int32;
card_id.Value = order.CardId.ToString();
var payment_method = dbCommand.CreateParameter();
payment_method.ParameterName = "@payment_method";
payment_method.DbType = System.Data.DbType.Int32;
payment_method.Value = paymentmethod;
var invoice_number = dbCommand.CreateParameter();
invoice_number.ParameterName = "@invoice_number";
invoice_number.DbType = System.Data.DbType.Int32;
invoice_number.Value = Convert.ToInt32(order.InvoiceNumber);
var amountList = dbCommand.CreateParameter();
amountList.ParameterName = "@amountList";
amountList.DbType = System.Data.DbType.String;
amountList.Value = orderAmount;
var return_tran_id = dbCommand.CreateParameter();
return_tran_id.ParameterName = "@return_tran_id";
return_tran_id.Direction = System.Data.ParameterDirection.Output;
return_tran_id.DbType = System.Data.DbType.Int32;
var return_exist_trans = dbCommand.CreateParameter();
return_exist_trans.ParameterName = "@return_exist_trans";
return_exist_trans.Direction = System.Data.ParameterDirection.Output;
return_exist_trans.DbType = System.Data.DbType.Boolean;
dbCommand.Parameters.Add(note);
dbCommand.Parameters.Add(Payment_Ref);
dbCommand.Parameters.Add(shop_branch);
dbCommand.Parameters.Add(Amount);
dbCommand.Parameters.Add(staff_id);
dbCommand.Parameters.Add(card_id);
dbCommand.Parameters.Add(payment_method);
dbCommand.Parameters.Add(invoice_number);
dbCommand.Parameters.Add(amountList);
dbCommand.Parameters.Add(return_tran_id);
dbCommand.Parameters.Add(return_exist_trans);
dbCommand.CommandText = "eznz_payment";
dbCommand.CommandType = System.Data.CommandType.StoredProcedure;
var obj = await dbCommand.ExecuteNonQueryAsync();
//if trans exists, do not send invoice and order
string sExist_trans = return_exist_trans.Value.ToString();//dbCommand.Parameters["@return_exist_trans"].Value.ToString();
if (sExist_trans == null || sExist_trans == "0" || sExist_trans == "")
{
try
{
//create invoice pdf
var host = "http://" + HttpContext.Request.Host;
string host1 = _config["ApiUrl"]; // "http://api171.gpos.nz";
var currentSite = _config["CurrentSite"];
try
{
using (var client = new HttpClient())
{
client.BaseAddress = new Uri(host1);
var responseTask = client.GetAsync(currentSite + "/api/invoice/pdf/" + orderId);
responseTask.Wait();
var getResult = responseTask.Result;
if (getResult.IsSuccessStatusCode)
{
//send order to customer by email
var myAttachment = new Attachment(_config["PdfPath"] + orderId + ".pdf");
await _mail.sendEmail(customerEmail, "Invoice", "DoNotReply! <br><br> Dear customer: <br>Thank you for your order from<a href='http://dollaritems.co.nz/ecom'> dollaritems.co.nz</a><br> Your order invoice is in attachment.", myAttachment);
}
}
}
catch (Exception ex)
{
_logger.LogError(ex.Message + "\r\n" + $"Send pdf to customer order unsuccessful, order id: {orderId}.");
return(BadRequest(ex.Message));
}
var manage = _config["Management"];
if (manage == "true")
{
//if payment susseed, send order to supplier
try
{
using (var client = new HttpClient())
{
client.BaseAddress = new Uri(host1);
var responseTask = client.GetAsync(currentSite + "/api/order/SendOrderToSupplier/" + orderId);
responseTask.Wait();
var getResult = responseTask.Result;
if (getResult.IsSuccessStatusCode)
{
//set a key, if order send to supplier successfully
var currentOrderDpsOutput = await _context.DpsOutput.FirstOrDefaultAsync(d => d.OrderId.ToString() == orderId);
if (currentOrderDpsOutput == null)
{
_logger.LogError($"Cannot find this order, when send order to supplier, order id: {orderId}.");
return(NotFound());
}
currentOrderDpsOutput.OrderSent = true;
_context.DpsOutput.Update(currentOrderDpsOutput);
await _context.SaveChangesAsync();
}
}
}
catch (Exception ex)
{
_logger.LogError(ex.Message + "\r\n" + $"Send order to supplier unsuccessful, order id: {orderId}.");
BadRequest(ex);
}
}
}
catch (Exception ex)
{
_logger.LogError(ex.Message + "\r\n" + $"Send order to supplier unsuccessful, order id: {orderId}.");
BadRequest(ex.Message);
}
}
else
{
_logger.LogError($"Transcation for this order exists, order id: {orderId}.");
}
}
catch (Exception ex)
{
// dbContextTransaction.Rollback();
_logger.LogError(ex.Message + "\r\n" + $"Insert transaction into Db unsuccessful, order id: {orderId}.");
return(BadRequest(ex));
}
finally
{
connect.Close();
connect.Dispose();
}
}
}
else
{
_logger.LogError($"Payment for order {orderId} unsuccessful.");
}
return(Redirect(returnUrl));
}
public async Task <IActionResult> updatePayment([FromForm] LatipayPaymentDto paymentInfo)
{
// data = "merchant_reference=10110&order_id=2017232323345678&amount=12.50¤cy=NZD&payment_method=alipay&pay_time=2017-07-07%2010%3A53%3A50&status=paid&signature=840151e0dc39496e22b410b83058b4ddd633b786936c505ae978fae029a1e0f1";
if (paymentInfo == null)
{
return(BadRequest("model is null"));
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
//string ObjInStr = "{ \r\n";
//string[] newstr = data.Split("&");
//foreach (string ns in newstr)
//{
// var index = newstr.ToList().IndexOf(ns);
// if (index < newstr.Length - 1)
// {
// string[] key = ns.Split("=");
// ObjInStr += "\"";
// ObjInStr += key[0] + "\" : ";
// ObjInStr += "\"";
// ObjInStr += key[1] + "\", \r\n";
// }
// else
// {
// string[] key = ns.Split("=");
// ObjInStr += "\"";
// ObjInStr += key[0] + "\" : ";
// ObjInStr += "\"";
// ObjInStr += key[1] + "\" \r\n";
// }
//}
//ObjInStr += "}";
//LatipayPaymentDto paymentInfo = JsonConvert.DeserializeObject<LatipayPaymentDto>(ObjInStr);
var merchant_reference = paymentInfo.merchant_reference;
var order = _context.Orders.Where(o => o.InvoiceNumber == Convert.ToInt32(merchant_reference)).FirstOrDefault();
bool isTran_invoiced = await _context.TranInvoice.AnyAsync(i => i.InvoiceNumber == Convert.ToInt32(merchant_reference));
if (order == null)
{
return(BadRequest("Can not find this order!"));
}
var paid = order.WebOrderStatus;
if (paid > 1 && isTran_invoiced)
{
return(Ok("This order is paid!"));
}
//int latiinvoice_number = Convert.ToInt32(merchant_reference);
var latipayment_method = paymentInfo.payment_method;
var status = paymentInfo.status;
var currenty = paymentInfo.currency;
var amount = paymentInfo.amount;
var signature = paymentInfo.signature;
var order_id = paymentInfo.order_id;
string myCheckingString = merchant_reference + latipayment_method + status + currenty + amount;
var apikey = Startup.Configuration["Latipay_apiKey"];
byte[] secret = Encoding.UTF8.GetBytes(apikey);
byte[] msg = Encoding.UTF8.GetBytes(myCheckingString);
MyHMACSHA256 hmacsha256 = new MyHMACSHA256();
byte[] SHA256HMACSignature = hmacsha256.HashHMAC(secret, msg);
string mysignature = BitConverter.ToString(SHA256HMACSignature).Replace("-", "").ToLower();
// return Ok(paymentInfo.signature + "////" + mysignature);
if (signature != mysignature)
{
_logger.LogCritical($"error occur when update payment!");
return(BadRequest("error occur when update payment!"));
}
if (paymentInfo == null)
{
return(NotFound());
}
var connect = _context.Database.GetDbConnection();
var connectstring = _context.Database.GetDbConnection().ConnectionString;
connect.Open();
System.Data.Common.DbCommand dbCommand = connect.CreateCommand();
var cardid = _context.Invoice.Where(i => i.InvoiceNumber.ToString() == paymentInfo.merchant_reference).FirstOrDefault().CardId;
int paymentmethod = paymentMethodCast(paymentInfo.payment_method);
try
{
var note = dbCommand.CreateParameter();
note.ParameterName = "@note";
note.DbType = System.Data.DbType.String;
note.Value = order_id;
var shop_branch = dbCommand.CreateParameter();
shop_branch.ParameterName = "@shop_branch";
shop_branch.DbType = System.Data.DbType.Int32;
shop_branch.Value = 1032;
var Amount = dbCommand.CreateParameter();
Amount.ParameterName = "@Amount";
Amount.DbType = System.Data.DbType.String;
Amount.Value = paymentInfo.amount;
var nDest = dbCommand.CreateParameter();
nDest.ParameterName = "@nDest";
nDest.DbType = System.Data.DbType.Int32;
nDest.Value = "1116";
var staff_id = dbCommand.CreateParameter();
staff_id.ParameterName = "@staff_id";
staff_id.DbType = System.Data.DbType.Int32;
staff_id.Value = cardid.ToString();
var card_id = dbCommand.CreateParameter();
card_id.ParameterName = "@card_id";
card_id.DbType = System.Data.DbType.Int32;
card_id.Value = cardid.ToString();
var payment_method = dbCommand.CreateParameter();
payment_method.ParameterName = "@payment_method";
payment_method.DbType = System.Data.DbType.Int32;
payment_method.Value = paymentmethod;
var invoice_number = dbCommand.CreateParameter();
invoice_number.ParameterName = "@invoice_number";
invoice_number.DbType = System.Data.DbType.Int32;
invoice_number.Value = Convert.ToInt32(merchant_reference);
var amountList = dbCommand.CreateParameter();
amountList.ParameterName = "@amountList";
amountList.DbType = System.Data.DbType.String;
amountList.Value = paymentInfo.amount;
var return_tran_id = dbCommand.CreateParameter();
return_tran_id.ParameterName = "@return_tran_id";
return_tran_id.Direction = System.Data.ParameterDirection.Output;
return_tran_id.DbType = System.Data.DbType.Int32;
dbCommand.Parameters.Add(note);
dbCommand.Parameters.Add(shop_branch);
dbCommand.Parameters.Add(Amount);
dbCommand.Parameters.Add(staff_id);
dbCommand.Parameters.Add(card_id);
dbCommand.Parameters.Add(payment_method);
dbCommand.Parameters.Add(invoice_number);
dbCommand.Parameters.Add(amountList);
dbCommand.Parameters.Add(return_tran_id);
dbCommand.CommandText = "eznz_payment";
dbCommand.CommandType = System.Data.CommandType.StoredProcedure;
var obj = await dbCommand.ExecuteNonQueryAsync();
// return Ok(return_tran_id.Value);
order.WebOrderStatus = 4;
_context.Update(order);
await _context.SaveChangesAsync();
return(Ok("sent"));
}
catch (Exception ex)
{
return(BadRequest(ex));
}
finally
{
connect.Close();
connect.Dispose();
}
}
