created routes, but json parse error ate the end of transaction

plugins/fipfcard_plugin/php/images/image-edit.php

@@ -1,4 +1,13 @@
 <?php
+
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
+
 /**
  * WordPress Image Editor
  *

plugins/fipfcard_plugin/php/images/image_edit_shortcode.php

@@ -1,5 +1,12 @@
 <?php
 
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
 /*
 function fipfcard_image_editor()
 {

plugins/fipfcard_plugin/php/menu/example_menu.php

@@ -1,5 +1,12 @@
 <?php
 
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
 function fipfcard_plugin_content() {
 	$fipfcard = new PLGNTLS_class();
 

plugins/fipfcard_plugin/php/paypal/paypal.php

@@ -1,6 +1,16 @@
 <?php
 
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
+
+include_once(PLGNTLS_class::get_path() . '/php/paypal/route_api_utils.php');
 include_once(PLGNTLS_class::get_path() . '/php/paypal/route_api_orders.php');
+include_once(PLGNTLS_class::get_path() . '/php/paypal/route_api_orders_capture.php');
 
 
 
@@ -57,4 +67,23 @@ function paypal_shortcode_content()
 }
 
 
+// handling routes and endpoints
+// diff routes and endpoints : https://stackoverflow.com/q/56075017/9497573
+function fipf_routes_endpoints()
+{
+	$base_rest_route = "fipf_plugin/api/v1";
+	register_rest_route($base_rest_route, '/orders', array(
+		'methods' => 'POST',
+		'callback' => 'handle_orders_request',
+	));
+	// https://local_fipfcard_plugin.com/wp-json/fipf_plugin/api/v1/orders/21T129305J264761D/capture
+	register_rest_route($base_rest_route, '/orders/(?P<orderID>[a-zA-Z0-9]+)/capture', array(
+		'methods' => 'POST',
+		'callback' => 'handle_orders_capture_request',
+	));
+};
+add_action('rest_api_init', 'fipf_routes_endpoints');
+
+
+
 ?>

plugins/fipfcard_plugin/php/paypal/route_api_orders.php

@@ -1,50 +1,17 @@
 <?php
 
-include_once(PLGNTLS_class::get_path() . '/php/paypal/route_api_utils.php');
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
 
 
 /**
  * @see https://developer.paypal.com/docs/checkout/standard/integrate/#link-integratebackend
  */
-function fipfcard_paypal_orders()
-{
-	// not a good error handling
-	if ($_SERVER['REQUEST_METHOD'] !== 'POST')
-		return;
-	try
-	{
-		// json decode from JSON.stringify : https://stackoverflow.com/q/15986235/9497573
-		$data_received = json_decode( html_entity_decode( stripslashes( $_POST['data'] ) ) );
-
-		// use the cart information passed from the front-end to calculate the order amount details
-		$cart = $data_received->cart;
-		$order_response = create_order($cart);
-		error_log( "order_response[json_response]" );
-		error_log( json_encode( $order_response['json_response'] ) );
-
-		wp_send_json_success($order_response['json_response'], $order_response['http_status_code']);
-	}
-	catch (Exception $err)
-	{
-		error_log('Failed to create order: ' . $err->getMessage());
-		wp_send_json_error(array('error' => 'Failed to create order'));
-	}
-
-}
-add_action( 'wp_ajax_paypal_api_orders', 'fipfcard_paypal_orders' );
-
-
-
-// Endpoints for handling routes
-function fipf_routes_endpoints()
-{
-	register_rest_route('fipf-plugin/v1', '/orders', array(
-		'methods' => 'POST',
-		'callback' => 'handle_orders_request',
-	));
-};
-add_action('rest_api_init', 'fipf_routes_endpoints');
-// Callback function for handling orders
 function handle_orders_request($request_data) {
     try {
         // Extract cart information from request body
@@ -74,8 +41,6 @@ function create_order( $cart )
   // use the cart information passed from the front-end to calculate the purchase unit details
 
 	$access_token = generate_access_token();
-	error_log("access_token:");
-	error_log($access_token);
 
 	$url = PAYPAL_API_BASE_URL . '/v2/checkout/orders';
 	$payload = array(
@@ -90,6 +55,15 @@ function create_order( $cart )
 		),
 	);
 	
+	$headers = array(
+		"Content-Type: application/json",
+		"Authorization: Bearer " . $access_token
+		// Uncomment one of these to force an error for negative testing (in sandbox mode only). Documentation:
+		// https://developer.paypal.com/tools/sandbox/negative-testing/request-headers/
+		// "PayPal-Mock-Response": '{"mock_application_codes": "MISSING_REQUIRED_PARAMETER"}'
+		// "PayPal-Mock-Response": '{"mock_application_codes": "PERMISSION_DENIED"}'
+		// "PayPal-Mock-Response": '{"mock_application_codes": "INTERNAL_SERVER_ERROR"}'
+	);
 	// Initialize cURL session
 	$ch = curl_init();
 	// Set cURL options
@@ -97,15 +71,7 @@ function create_order( $cart )
 	curl_setopt($ch, CURLOPT_POST, true);
 	curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($payload));
 	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-	curl_setopt($ch, CURLOPT_HTTPHEADER, array(
-		'Content-Type: application/json',
-		'Authorization: Bearer ' . $access_token,
-		// Uncomment one of these to force an error for negative testing (in sandbox mode only). Documentation:
-		// https://developer.paypal.com/tools/sandbox/negative-testing/request-headers/
-		// "PayPal-Mock-Response": '{"mock_application_codes": "MISSING_REQUIRED_PARAMETER"}'
-		// "PayPal-Mock-Response": '{"mock_application_codes": "PERMISSION_DENIED"}'
-		// "PayPal-Mock-Response": '{"mock_application_codes": "INTERNAL_SERVER_ERROR"}'
-	));
+	curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
 
 	// Execute cURL session and get the response
 	$response = curl_exec($ch);
@@ -122,51 +88,4 @@ function create_order( $cart )
 
 
 
-/**
- * Generate an OAuth 2.0 access token for authenticating with PayPal REST APIs.
- * @see https://developer.paypal.com/docs/checkout/standard/integrate/#link-integratebackend
- * @see https://developer.paypal.com/api/rest/authentication/
- */
-function generate_access_token()
-{
-	try
-	{
-		if ( !PAYPAL_CLIENT_ID || !PAYPAL_CLIENT_SECRET ) {
-			throw new Exception( "MISSING_API_CREDENTIALS" );
-		}
-		$credentials = PAYPAL_CLIENT_ID . ":" . PAYPAL_CLIENT_SECRET;
-		$auth = base64_encode($credentials);
-
-		$url = PAYPAL_API_BASE_URL . '/v1/oauth2/token';
-		$body = http_build_query(array('grant_type' => 'client_credentials'));
-		// Initialize curl
-		$ch = curl_init();
-		// Set curl options
-		curl_setopt($ch, CURLOPT_URL, $url);
-		curl_setopt($ch, CURLOPT_POST, true);
-		curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
-		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-		curl_setopt($ch, CURLOPT_HTTPHEADER, array(
-			'Authorization: Basic ' . $auth,
-		));
-		// Execute curl and get the response
-		$data_json = curl_exec($ch);
-
-		if ( $data_json === false)
-			throw new Exception('cURL error: ' . curl_error($ch));
-		// Close curl
-		curl_close($ch);
-
-		$data = json_decode($data_json);
-
-    return $data->access_token;
-  }
-	catch (Exception $error)
-	{
-    error_log("Failed to generate Access Token:");
-    error_log($error->getMessage());
-  }
-};
-
-
 ?>

plugins/fipfcard_plugin/php/paypal/route_api_orders_capture.php

@@ -0,0 +1,71 @@
+<?php
+
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
+function handle_orders_capture_request($request) {
+	$order_id = $request['orderID'];
+	error_log("order_id");
+	error_log($order_id);
+
+	try {
+		// Implement captureOrder function logic here
+		// Make sure you implement captureOrder function similar to the Node.js code
+
+		$response_data = captureOrder($order_id);
+		$response_data = null;
+		$http_status_code = $response_data['httpStatusCode'];
+		$json_response = $response_data['jsonResponse'];
+
+		return new WP_REST_Response($json_response, $http_status_code);
+	} catch (Exception $e) {
+		error_log('Failed to capture order: ' . $e->getMessage());
+		return new WP_REST_Response(array('error' => 'Failed to capture order.'), 500);
+	}
+}
+
+
+/**
+ * Capture payment for the created order to complete the transaction.
+ * @see https://developer.paypal.com/docs/api/orders/v2/#orders_capture
+ */
+function captureOrder($orderID) {
+  $access_token = generate_access_token();
+	$url = PAYPAL_API_BASE_URL . '/v2/checkout/orders/' . $orderID . '/capture';
+
+	$headers = array(
+			"Content-Type: application/json",
+			"Authorization: Bearer " . $access_token
+			// Uncomment one of these to force an error for negative testing (in sandbox mode only). Documentation:
+			// https://developer.paypal.com/tools/sandbox/negative-testing/request-headers/
+			// 'PayPal-Mock-Response: {"mock_application_codes": "INSTRUMENT_DECLINED"}',
+			// 'PayPal-Mock-Response: {"mock_application_codes": "TRANSACTION_REFUSED"}',
+			// 'PayPal-Mock-Response: {"mock_application_codes": "INTERNAL_SERVER_ERROR"}'
+	);
+	// Initialize cURL session
+	$ch = curl_init();
+	// Set cURL options
+	curl_setopt($ch, CURLOPT_URL, $url);
+	curl_setopt($ch, CURLOPT_POST, true);
+	curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
+	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+
+	// Execute cURL session and get the response
+	$response = curl_exec($ch);
+
+	if ($response === false)
+		throw new Exception('cURL error: ' . curl_error($ch));
+	// Close cURL session
+	curl_close($ch);
+
+	// in utils
+  return handle_response(response);
+};
+
+
+
+?>

plugins/fipfcard_plugin/php/paypal/route_api_utils.php

@@ -1,5 +1,12 @@
 <?php
 
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
 
 
 /**
@@ -41,4 +48,51 @@ async function handleResponse(response) {
 */
 
 
+
+/**
+ * Generate an OAuth 2.0 access token for authenticating with PayPal REST APIs.
+ * @see https://developer.paypal.com/docs/checkout/standard/integrate/#link-integratebackend
+ * @see https://developer.paypal.com/api/rest/authentication/
+ */
+function generate_access_token()
+{
+	try
+	{
+		if ( !PAYPAL_CLIENT_ID || !PAYPAL_CLIENT_SECRET ) {
+			throw new Exception( "MISSING_API_CREDENTIALS" );
+		}
+		$credentials = PAYPAL_CLIENT_ID . ":" . PAYPAL_CLIENT_SECRET;
+		$auth = base64_encode($credentials);
+
+		$url = PAYPAL_API_BASE_URL . '/v1/oauth2/token';
+		$body = http_build_query(array('grant_type' => 'client_credentials'));
+		// Initialize curl
+		$ch = curl_init();
+		// Set curl options
+		curl_setopt($ch, CURLOPT_URL, $url);
+		curl_setopt($ch, CURLOPT_POST, true);
+		curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+		curl_setopt($ch, CURLOPT_HTTPHEADER, array(
+			'Authorization: Basic ' . $auth,
+		));
+		// Execute curl and get the response
+		$data_json = curl_exec($ch);
+
+		if ( $data_json === false)
+			throw new Exception('cURL error: ' . curl_error($ch));
+		// Close curl
+		curl_close($ch);
+
+		$data = json_decode($data_json);
+
+    return $data->access_token;
+  }
+	catch (Exception $error)
+	{
+    error_log("Failed to generate Access Token:");
+    error_log($error->getMessage());
+  }
+};
+
 ?>

plugins/fipfcard_plugin/php/test_cache.php

@@ -1,5 +1,14 @@
 <?php
 
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
+
+
 function prevent_page_caching( $headers ) {
 	error_log("in prevent_page_caching");
 	if (is_page('test-form-modals')) {

plugins/fipfcard_plugin/php/test_class_tools.php

@@ -1,5 +1,12 @@
 <?php
 
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
 
 function fipfcard_test_class_tools()
 {

plugins/fipfcard_plugin/php/utils/add_to_front.php

@@ -1,5 +1,12 @@
 <?php
 
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
 
 
 /*

plugins/fipfcard_plugin/php/utils/console_log.php

@@ -1,5 +1,12 @@
 <?php
 
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
 /*
  * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
 https://stackify.com/how-to-log-to-console-in-php/

plugins/fipfcard_plugin/php/utils/create_html.php

@@ -1,5 +1,12 @@
 <?php
 
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
 /*
  * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
 @param two arguments :

plugins/fipfcard_plugin/php/utils/globals.php

@@ -1,5 +1,12 @@
 <?php
 
+/**
+ * it means someone outside wp is accessing the file, in this case kill it.
+ */
+if (!defined('ABSPATH')) {
+	die('You can not access this file!');
+}
+
 /*
  * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
 globals variables