payfrit/payfrit-api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
payfrit-api/api/tabs/increaseAuth.php
John Mizerek 1f81d98c52 Initial PHP API migration from CFML 
Complete port of all 163 API endpoints from Lucee/CFML to PHP 8.3.
Shared helpers in api/helpers.php (DB, auth, request/response, security).
PDO prepared statements throughout. Same JSON response shapes as CFML.
2026-03-14 14:26:59 -07:00

52 lines
2.5 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/../helpers.php';
require_once __DIR__ . '/../config/stripe.php';
runAuth();
try {
$data = readJsonBody();
$tabID = (int) ($data['TabID'] ?? 0);
$userID = (int) ($data['UserID'] ?? 0);
$newAuthAmount = (float) ($data['NewAuthAmount'] ?? 0);
if ($tabID === 0) apiAbort(['OK' => false, 'ERROR' => 'missing_TabID']);
if ($userID === 0) apiAbort(['OK' => false, 'ERROR' => 'missing_UserID']);
if ($newAuthAmount <= 0) apiAbort(['OK' => false, 'ERROR' => 'missing_NewAuthAmount']);
$qTab = queryOne("
SELECT t.ID, t.OwnerUserID, t.StatusID, t.AuthAmountCents, t.StripePaymentIntentID,
b.TabMaxAuthAmount
FROM Tabs t JOIN Businesses b ON b.ID = t.BusinessID
WHERE t.ID = ? LIMIT 1
", [$tabID]);
if (!$qTab) apiAbort(['OK' => false, 'ERROR' => 'tab_not_found']);
if ((int) $qTab['StatusID'] !== 1) apiAbort(['OK' => false, 'ERROR' => 'tab_not_open']);
if ((int) $qTab['OwnerUserID'] !== $userID) apiAbort(['OK' => false, 'ERROR' => 'not_owner']);
$newAuthCents = round($newAuthAmount * 100);
$maxCents = round((float) ($qTab['TabMaxAuthAmount'] ?? 0) * 100);
if ($newAuthCents <= (int) $qTab['AuthAmountCents']) apiAbort(['OK' => false, 'ERROR' => 'not_an_increase', 'MESSAGE' => 'New amount must be higher than current authorization.']);
if ($maxCents > 0 && $newAuthCents > $maxCents) apiAbort(['OK' => false, 'ERROR' => 'exceeds_max', 'MESSAGE' => "Maximum authorization is \$" . number_format((float) $qTab['TabMaxAuthAmount'], 2) . "."]);
// Update Stripe PI amount
$updateData = stripeRequest('POST', "https://api.stripe.com/v1/payment_intents/{$qTab['StripePaymentIntentID']}", [
'amount' => $newAuthCents,
]);
if (isset($updateData['id']) && (int) ($updateData['amount'] ?? 0) === $newAuthCents) {
queryTimed("UPDATE Tabs SET AuthAmountCents = ? WHERE ID = ?", [$newAuthCents, $tabID]);
jsonResponse([
'OK' => true,
'AUTH_AMOUNT_CENTS' => $newAuthCents,
'PREVIOUS_AUTH_CENTS' => (int) $qTab['AuthAmountCents'],
]);
} else {
$errMsg = $updateData['error']['message'] ?? 'Authorization increase declined';
apiAbort(['OK' => false, 'ERROR' => 'increase_declined', 'MESSAGE' => $errMsg, 'CURRENT_AUTH_CENTS' => (int) $qTab['AuthAmountCents']]);
}
} catch (Exception $e) {
jsonResponse(['OK' => false, 'ERROR' => 'server_error', 'MESSAGE' => $e->getMessage()]);
}
Reference in a new issue View git blame Copy permalink