From 561407f3cc0680b28dd058906289bc17ea6c1e17 Mon Sep 17 00:00:00 2001
From: Hillel Coren <hillelcoren@gmail.com>
Date: Mon, 3 Jul 2017 13:15:06 +0300
Subject: [PATCH] Add check for invoice JS amounts

---
 app/Console/Commands/CheckData.php      | 35 +++++++++++++++++++++++++
 resources/views/invoices/view.blade.php | 25 +++++++++++-------
 2 files changed, 51 insertions(+), 9 deletions(-)

diff --git a/app/Console/Commands/CheckData.php b/app/Console/Commands/CheckData.php
index ef44a83ad805..3e9d4b980c6f 100644
--- a/app/Console/Commands/CheckData.php
+++ b/app/Console/Commands/CheckData.php
@@ -3,6 +3,7 @@
 namespace App\Console\Commands;
 
 use Carbon;
+use App\Libraries\CurlUtils;
 use DB;
 use Exception;
 use Illuminate\Console\Command;
@@ -75,6 +76,7 @@ class CheckData extends Command
             $this->checkDraftSentInvoices();
         }
 
+        $this->checkInvoices();
         $this->checkBalances();
         $this->checkContacts();
         $this->checkUserAccounts();
@@ -131,6 +133,39 @@ class CheckData extends Command
         }
     }
 
+    private function checkInvoices()
+    {
+        if (! env('PHANTOMJS_BIN_PATH')) {
+            return;
+        }
+
+        $date = new Carbon();
+        $date = $date->subDays(1)->format('Y-m-d');
+
+        $invoices = Invoice::withTrashed()
+            ->with('invitations')
+            ->where('created_at', '>',  $date)
+            ->orderBy('id')
+            ->get(['id', 'balance']);
+
+        foreach ($invoices as $invoice) {
+            $link = $invoice->getInvitationLink();
+            $this->logMessage('Checking invoice: ' . $invoice->id . ' - ' . $invoice->balance);
+            $result = CurlUtils::phantom('GET', $link . '?phantomjs=true&phantomjs_balances=true&phantomjs_secret=' . env('PHANTOMJS_SECRET'));
+            $result = floatval(strip_tags($result));
+            $this->logMessage('Result: ' . $result);
+
+            if ($result != $invoice->balance) {
+                $this->logMessage("Amounts do not match - PHP: {$invoice->balance}, JS: {$result}");
+                $this->isValid = false;
+            }
+        }
+
+        if ($this->isValid) {
+            $this->logMessage('0 invoices with mismatched PHP/JS balances');
+        }
+    }
+
     private function checkOAuth()
     {
         // check for duplicate oauth ids
diff --git a/resources/views/invoices/view.blade.php b/resources/views/invoices/view.blade.php
index e8bac6f604e8..f2633f66df47 100644
--- a/resources/views/invoices/view.blade.php
+++ b/resources/views/invoices/view.blade.php
@@ -200,15 +200,22 @@
 
 			$(function() {
                 @if (Input::has('phantomjs'))
-                    doc = getPDFString();
-                    doc.getDataUrl(function(pdfString) {
-                        document.write(pdfString);
-                        document.close();
-
-                        if (window.hasOwnProperty('pjsc_meta')) {
-                            window['pjsc_meta'].remainingTasks--;
-                        }
-                    });
+					@if (Input::has('phantomjs_balances'))
+						document.write(calculateAmounts(invoice).total_amount);
+						document.close();
+						if (window.hasOwnProperty('pjsc_meta')) {
+							window['pjsc_meta'].remainingTasks--;
+						}
+					@else
+		                doc = getPDFString();
+		                doc.getDataUrl(function(pdfString) {
+		                    document.write(pdfString);
+		                    document.close();
+		                    if (window.hasOwnProperty('pjsc_meta')) {
+		                        window['pjsc_meta'].remainingTasks--;
+		                    }
+		                });
+					@endif
                 @else
                     refreshPDF();
                 @endif