{source}<?php
//// CONSTANTS ////
$api_url = 'https://subscriptions.zoho.com/api/v1/hostedpages/newsubscription';
$refresh_url = 'https://accounts.zoho.com/oauth/v2/token';
$client_details = array(
'client_id' => '1000.EEYW3JIJI6P0NC22CW1AV3NXNXB3WF',
'client_secret' => 'a72429d9659f1694c0d8837db42d0793714b070879'
);
// Six active refresh tokens should allow for 60 access tokens per 10 minutes
$refresh_tokens = array(
'1000.2683414a3c5e14403b7b84cd66e68df0.282e3ad1d24f893fc5ae22d80e736af0',
'1000.ad37121dfc02de11befcc9324e9e1aad.a2fd280a3915fb316f558afd26c1fcfd',
'1000.42fa375dbafc3f810ffb1adbbdd191f6.83b43ad8fd088eeb0f18b8d3efa0fd42',
'1000.4704428419ef541fa8741293d21d6d77.76d7b4820d83777ee885a72191a5ee2a',
'1000.0abe50dccafd74523c1cfae3660a5282.092a2d5622dda3493a340a56e4d15a17',
'1000.af060f09fdf179d82decb3135e26133a.29dd5aff7845e43b73b76268670d41c3'
);
$front_names_by_empl = array(
'medmen' => 'MedMen',
'pharmacann' => 'PharmaCann',
'vireo' => 'Vireo',
'curaleaf' => 'Curaleaf',
'nycanna' => 'NYCanna',
'cresco' => 'Cresco'
);
//// FUNCTIONS ////
// Makes API call to ZoHo OAuth API to get an access token from specified refresh token
function getAccessFromRefresh($refresh_token, $client_details, $refresh_url) {
// Collect parameters
$refresh_parameters = $client_details;
$refresh_parameters['grant_type'] = 'refresh_token';
$refresh_parameters['refresh_token'] = $refresh_token;
// Make API call
$query_url = $refresh_url . '?' . http_build_query($refresh_parameters);
$ch = curl_init($query_url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$result = curl_exec($ch);
curl_close($ch);
return $result;
}
//// MAIN ////
// USER SUBSCRIPTION
// Validate input from LOCAL 338 MEMBER PAY FORM
$first_name = filter_input(INPUT_GET, 'first_name', FILTER_SANITIZE_STRING);
$last_name = filter_input(INPUT_GET, 'last_name', FILTER_SANITIZE_STRING);
$address = filter_input(INPUT_GET, 'billing_street', FILTER_SANITIZE_STRING);
$city = filter_input(INPUT_GET, 'billing_city', FILTER_SANITIZE_STRING);
$state = filter_input(INPUT_GET,'billing_state',FILTER_SANITIZE_STRING);
$zip = filter_input(INPUT_GET,'billing_zip',FILTER_SANITIZE_STRING);
$email = filter_input(INPUT_GET,'email',FILTER_SANITIZE_STRING);
$ssn_end = filter_input(INPUT_GET, 'ssn_end', FILTER_SANITIZE_STRING);
$rwd_num = filter_input(INPUT_GET, 'rwdsu_number', FILTER_SANITIZE_STRING);
$phone = filter_input(INPUT_GET,'phone',FILTER_SANITIZE_STRING);
$employer = filter_input(INPUT_GET,'employer',FILTER_SANITIZE_STRING);
$work_site = filter_input(INPUT_GET, 'work_site', FILTER_SANITIZE_STRING);
$employment_type = filter_input(INPUT_GET, 'employment_type', FILTER_SANITIZE_STRING);
$date_of_hire = filter_input(INPUT_GET, 'date_of_hire', FILTER_SANITIZE_STRING);
// Validate value of 'employer'
if (!array_key_exists($employer, $front_names_by_empl)) {
echo 'Invalid employer: ' . $employer;
die(1);
}
// Validate value of 'employment_type'
if ($employment_type != 'partTime' && $employment_type != 'fullTime') {
echo 'Invalid employment type: ' . $employment_type;
die(1);
}
// Validate value of 'date_of_hire'
try {
$date_of_hire = new DateTime($date_of_hire);
} catch (Exception $e) {
echo 'Invalid hire date';
die(1);
}
if ($date_of_hire == FALSE) {
echo 'Invalid hire date';
die(1);
}
if ($date_of_hire > new DateTime('now')) {
echo 'Invalid date: ' . $date_of_hire->format('m/d/Y');
die(1);
}
// AUTHENTICATION
// Get access token from whichever refresh token works first
$access_token = NULL;
foreach($refresh_tokens as $ref_tok) {
$result = getAccessFromRefresh($ref_tok, $client_details, $refresh_url);
if ($result !== false) {
$result = json_decode($result, 1);
if(array_key_exists('access_token', $result)) {
$access_token = $result['access_token'];
break;
}
}
}
// If no refresh token provides an access token, cry quietly and contact IT dept
if ($access_token == NULL) {
echo 'Error: denied access token. Please contact the Local 338 IT Department. ';
die(1);
}
// PLAN SELECTION
// Initialize array of parameters to be used in Subscriptions API call
$output_params = array(
'expiring_time' => '2029-10-25',
);
// Determine if member was hired before or after 10/1/2021
$INIT_DATE = new DateTime('10/01/2021');
if ($date_of_hire >= $INIT_DATE) { // After YES INIT FEE
if ($employment_type == 'fullTime') {
$output_params['plan'] = array(
'plan_code' => 'MBR-FT',
'plan_description' => 'Membership for full time members hired on or after ' . $INIT_DATE->format('m/d/Y')
);
} else {
$output_params['plan'] = array(
'plan_code' => 'MBR-PT',
'plan_description' => 'Membership for part time members hired on or after ' . $INIT_DATE->format('m/d/Y')
);
}
} else { // Before NO INITIATION FEE
if ($employment_type == 'fullTime') {
$output_params['plan'] = array(
'plan_code' => 'MBR-FT-INITIAL',
'plan_description' => 'Membership for full time members hired before ' . $INIT_DATE->format('m/d/Y')
);
} else {
$output_params['plan'] = array(
'plan_code' => 'MBR-PT-INITIAL',
'plan_description' => 'Membership for part time members hired before ' . $INIT_DATE->format('m/d/Y')
);
}
}
// Correct for my ADHD
if ($employment_type == 'fullTime') {
$employment_type = 'Full Time';
} else {
$employment_type = 'Part Time';
}
// Quantity of plans to apply
$output_params['quantity'] = 1;
// Customer data
$output_params['customer'] = array(
'display_name' => $first_name . ' ' . $last_name,
'first_name' => $first_name,
'last_name' => $last_name,
'email' => $email,
'billing_address' => array(
'street' => $address,
'city' => $city,
'state' => $state,
'country' => 'U.S.A.',
'zip' => $zip
),
// Custom fields to be stored in CUSTOMER record
'custom_fields' => array(
array('label' => 'Employment Type', 'value' => $employment_type),
array('label' => 'Employer', 'value' => $front_names_by_empl[$employer]),
array('label' => 'Work Site Location', 'value' => $work_site),
array('label' => 'Last 4 Digits of Social Security', 'value' => $ssn_end),
array('label' => 'RWDSU Number (if known)', 'value' => $rwd_num)
)
);
// Custom fields to be stored in record
$output_params['custom_fields'] = array(
array('label' => 'Employment Status', 'value' => $employment_type),
array('label' => 'Employer', 'value' => $front_names_by_empl[$employer]),
array('label' => 'Employer Location', 'value' => $work_site),
array('label' => 'Last4SS', 'value' => $ssn_end),
array('label' => 'RWDSU Number', 'value' => $rwd_num)
);
// Build HTTP POST request to ZoHo hostedpages API endpoint
$payload = json_encode($output_params);
$headers = array(
'Authorization: Zoho-oauthtoken ' . $access_token,
'X-com-zoho-subscriptions-organizationid: 695868134',
'Content-Type: application/json;charset=UTF-8'
);
// Execute HTTP POST API call
$ch = curl_init($api_url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
curl_close($ch);
// Error handling
if ($result === FALSE) {
echo 'Error: API unreachable';
die();
}
$result = json_decode($result, true);
if ($result['code'] != 0) {
echo 'API Error (' . $result['code'] . '): ' . $result['message'];
var_dump($output_params);
die();
}
// Navigate user to hostedpage's URL
$hosted_url = $result['hostedpage']['url'];
header('Location: ' . $hosted_url);
exit();
?>{/source}