36716-vm/purchase-package-success.php

<?php
require_once 'db/config.php';
require_once 'stripe/init.php';

session_start();

if (!isset($_SESSION['user_id']) || $_SESSION['user_type'] !== 'client') {
    header('Location: login.php');
    exit;
}

if (!isset($_GET['session_id'])) {
    header('Location: dashboard.php?error=missing_session');
    exit;
}

$checkout_session_id = $_GET['session_id'];

try {
    $checkout_session = 	Stripe	Checkout	Session::retrieve($checkout_session_id, ['expand' => ['subscription']]);

    $package_id = $checkout_session->metadata->package_id;
    $client_id = $checkout_session->metadata->client_id;
    $is_gift = $checkout_session->metadata->is_gift ?? false;

    if ($is_gift) {
        header('Location: purchase-gift-success.php?session_id=' . $checkout_session_id);
        exit;
    }

    // Check if this purchase has already been processed
    if ($checkout_session->mode === 'payment') {
        $check_stmt = db()->prepare('SELECT id FROM client_packages WHERE stripe_checkout_session_id = ?');
        $check_stmt->execute([$checkout_session_id]);
        if ($check_stmt->fetch()) {
            header('Location: dashboard.php?purchase=already_processed');
            exit;
        }
    } elseif ($checkout_session->mode === 'subscription') {
        $check_stmt = db()->prepare('SELECT id FROM client_subscriptions WHERE stripe_subscription_id = ?');
        $check_stmt->execute([$checkout_session->subscription->id]);
        if ($check_stmt->fetch()) {
            header('Location: dashboard.php?purchase=already_processed');
            exit;
        }
    }

            if ($checkout_session->payment_status === 'paid') {
                if (isset($checkout_session->metadata->coupon_code) && $checkout_session->metadata->coupon_code) {
                    $coupon_code = $checkout_session->metadata->coupon_code;
                    $stmt = db()->prepare('UPDATE discounts SET times_used = times_used + 1 WHERE code = ?');
                    $stmt->execute([$coupon_code]);
                }
            if ($checkout_session->mode === 'payment') {
            $stmt = db()->prepare('SELECT SUM(quantity) as total_sessions FROM package_service_items WHERE package_id = ? AND service_type IN (	'one_on_one',	'group_session	')');
            $stmt->execute([$package_id]);
            $result = $stmt->fetch();
            $total_sessions = $result['total_sessions'] ?? 0;

            $insert_stmt = db()->prepare(
                'INSERT INTO client_packages (client_id, package_id, sessions_remaining, stripe_checkout_session_id) VALUES (?, ?, ?, ?)'
            );
            $insert_stmt->execute([$client_id, $package_id, $total_sessions, $checkout_session_id]);
        } elseif ($checkout_session->mode === 'subscription') {
            $subscription = $checkout_session->subscription;

            $insert_stmt = db()->prepare(
                'INSERT INTO client_subscriptions (client_id, package_id, stripe_subscription_id, stripe_product_id, status, start_date, end_date) VALUES (?, ?, ?, ?, ?, FROM_UNIXTIME(?), NULL)'
            );
            $insert_stmt->execute([
                $client_id, 
                $package_id,
                $subscription->id, 
                $subscription->items->data[0]->price->product, 
                $subscription->status,
                $subscription->current_period_start
            ]);

            // Also create a client_packages record for the initial set of sessions
            $stmt = db()->prepare('SELECT SUM(quantity) as total_sessions FROM package_service_items WHERE package_id = ? AND service_type IN (	'one_on_one',	'group_session	')');
            $stmt->execute([$package_id]);
            $result = $stmt->fetch();
            $total_sessions = $result['total_sessions'] ?? 0;

            $insert_stmt = db()->prepare(
                'INSERT INTO client_packages (client_id, package_id, sessions_remaining, stripe_checkout_session_id) VALUES (?, ?, ?, ?)'
            );
            $insert_stmt->execute([$client_id, $package_id, $total_sessions, $checkout_session_id]);
        }

        header('Location: dashboard.php?purchase=success');
        exit;
    } else {
        header('Location: dashboard.php?error=payment_not_successful');
        exit;
    }
} catch (	Stripe	Exception	ApiErrorException $e) {
    header('Location: dashboard.php?error=stripe_error&message=' . urlencode($e->getMessage()));
    exit;
} catch (PDOException $e) {
    header('Location: dashboard.php?error=db_error&message=' . urlencode($e->getMessage()));
    exit;
}