public async Task <IActionResult> updateOrderShipping(int?order_id) { var orderToUpdate = _context.Orders.Where(o => o.Id == order_id).FirstOrDefault(); if (orderToUpdate == null) { return(NotFound()); } var shippingStatus = orderToUpdate.Status; if (shippingStatus == 5) { orderToUpdate.Status = 6; //from shipping to received } else if (shippingStatus == 6) { orderToUpdate.Status = 5; //from received to shipping } try { _context.Update(orderToUpdate); await _context.SaveChangesAsync(); } catch (Exception e) { throw e; } return(NoContent()); }
public async Task <IActionResult> updatePayment([FromForm] LatipayPaymentDto paymentInfo) { // data = "merchant_reference=10110&order_id=2017232323345678&amount=12.50¤cy=NZD&payment_method=alipay&pay_time=2017-07-07%2010%3A53%3A50&status=paid&signature=840151e0dc39496e22b410b83058b4ddd633b786936c505ae978fae029a1e0f1"; if (paymentInfo == null) { return(BadRequest("model is null")); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } //string ObjInStr = "{ \r\n"; //string[] newstr = data.Split("&"); //foreach (string ns in newstr) //{ // var index = newstr.ToList().IndexOf(ns); // if (index < newstr.Length - 1) // { // string[] key = ns.Split("="); // ObjInStr += "\""; // ObjInStr += key[0] + "\" : "; // ObjInStr += "\""; // ObjInStr += key[1] + "\", \r\n"; // } // else // { // string[] key = ns.Split("="); // ObjInStr += "\""; // ObjInStr += key[0] + "\" : "; // ObjInStr += "\""; // ObjInStr += key[1] + "\" \r\n"; // } //} //ObjInStr += "}"; //LatipayPaymentDto paymentInfo = JsonConvert.DeserializeObject<LatipayPaymentDto>(ObjInStr); var merchant_reference = paymentInfo.merchant_reference; var order = _context.Orders.Where(o => o.InvoiceNumber == Convert.ToInt32(merchant_reference)).FirstOrDefault(); bool isTran_invoiced = await _context.TranInvoice.AnyAsync(i => i.InvoiceNumber == Convert.ToInt32(merchant_reference)); if (order == null) { return(BadRequest("Can not find this order!")); } var paid = order.WebOrderStatus; if (paid > 1 && isTran_invoiced) { return(Ok("This order is paid!")); } //int latiinvoice_number = Convert.ToInt32(merchant_reference); var latipayment_method = paymentInfo.payment_method; var status = paymentInfo.status; var currenty = paymentInfo.currency; var amount = paymentInfo.amount; var signature = paymentInfo.signature; var order_id = paymentInfo.order_id; string myCheckingString = merchant_reference + latipayment_method + status + currenty + amount; var apikey = Startup.Configuration["Latipay_apiKey"]; byte[] secret = Encoding.UTF8.GetBytes(apikey); byte[] msg = Encoding.UTF8.GetBytes(myCheckingString); MyHMACSHA256 hmacsha256 = new MyHMACSHA256(); byte[] SHA256HMACSignature = hmacsha256.HashHMAC(secret, msg); string mysignature = BitConverter.ToString(SHA256HMACSignature).Replace("-", "").ToLower(); // return Ok(paymentInfo.signature + "////" + mysignature); if (signature != mysignature) { _logger.LogCritical($"error occur when update payment!"); return(BadRequest("error occur when update payment!")); } if (paymentInfo == null) { return(NotFound()); } var connect = _context.Database.GetDbConnection(); var connectstring = _context.Database.GetDbConnection().ConnectionString; connect.Open(); System.Data.Common.DbCommand dbCommand = connect.CreateCommand(); var cardid = _context.Invoice.Where(i => i.InvoiceNumber.ToString() == paymentInfo.merchant_reference).FirstOrDefault().CardId; int paymentmethod = paymentMethodCast(paymentInfo.payment_method); try { var note = dbCommand.CreateParameter(); note.ParameterName = "@note"; note.DbType = System.Data.DbType.String; note.Value = order_id; var shop_branch = dbCommand.CreateParameter(); shop_branch.ParameterName = "@shop_branch"; shop_branch.DbType = System.Data.DbType.Int32; shop_branch.Value = 1032; var Amount = dbCommand.CreateParameter(); Amount.ParameterName = "@Amount"; Amount.DbType = System.Data.DbType.String; Amount.Value = paymentInfo.amount; var nDest = dbCommand.CreateParameter(); nDest.ParameterName = "@nDest"; nDest.DbType = System.Data.DbType.Int32; nDest.Value = "1116"; var staff_id = dbCommand.CreateParameter(); staff_id.ParameterName = "@staff_id"; staff_id.DbType = System.Data.DbType.Int32; staff_id.Value = cardid.ToString(); var card_id = dbCommand.CreateParameter(); card_id.ParameterName = "@card_id"; card_id.DbType = System.Data.DbType.Int32; card_id.Value = cardid.ToString(); var payment_method = dbCommand.CreateParameter(); payment_method.ParameterName = "@payment_method"; payment_method.DbType = System.Data.DbType.Int32; payment_method.Value = paymentmethod; var invoice_number = dbCommand.CreateParameter(); invoice_number.ParameterName = "@invoice_number"; invoice_number.DbType = System.Data.DbType.Int32; invoice_number.Value = Convert.ToInt32(merchant_reference); var amountList = dbCommand.CreateParameter(); amountList.ParameterName = "@amountList"; amountList.DbType = System.Data.DbType.String; amountList.Value = paymentInfo.amount; var return_tran_id = dbCommand.CreateParameter(); return_tran_id.ParameterName = "@return_tran_id"; return_tran_id.Direction = System.Data.ParameterDirection.Output; return_tran_id.DbType = System.Data.DbType.Int32; dbCommand.Parameters.Add(note); dbCommand.Parameters.Add(shop_branch); dbCommand.Parameters.Add(Amount); dbCommand.Parameters.Add(staff_id); dbCommand.Parameters.Add(card_id); dbCommand.Parameters.Add(payment_method); dbCommand.Parameters.Add(invoice_number); dbCommand.Parameters.Add(amountList); dbCommand.Parameters.Add(return_tran_id); dbCommand.CommandText = "eznz_payment"; dbCommand.CommandType = System.Data.CommandType.StoredProcedure; var obj = await dbCommand.ExecuteNonQueryAsync(); // return Ok(return_tran_id.Value); order.WebOrderStatus = 4; _context.Update(order); await _context.SaveChangesAsync(); return(Ok("sent")); } catch (Exception ex) { return(BadRequest(ex)); } finally { connect.Close(); connect.Dispose(); } }