133 lines
4.8 KiB
PHP
133 lines
4.8 KiB
PHP
<?php
|
|
require_once 'db/config.php';
|
|
require_once 'db/thawani_config.php';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
header('Location: index.php');
|
|
exit;
|
|
}
|
|
|
|
$case_id = (int)$_POST['case_id'];
|
|
$amount = (float)$_POST['amount'];
|
|
$donor_name = $_POST['donor_name'] ?? 'Anonymous';
|
|
$donor_email = $_POST['donor_email'] ?? '';
|
|
$donor_phone = $_POST['donor_phone'] ?? '';
|
|
|
|
// Gift fields
|
|
$is_gift = (int)($_POST['is_gift'] ?? 0);
|
|
$gift_recipient_name = $_POST['gift_recipient_name'] ?? null;
|
|
$gift_recipient_phone = $_POST['gift_recipient_phone'] ?? null;
|
|
$gift_message = $_POST['gift_message'] ?? null;
|
|
|
|
if ($amount <= 0) {
|
|
die("Invalid amount");
|
|
}
|
|
|
|
$pdo = db();
|
|
|
|
// Fetch case details
|
|
$stmt = $pdo->prepare("SELECT * FROM cases WHERE id = ?");
|
|
$stmt->execute([$case_id]);
|
|
$case = $stmt->fetch();
|
|
|
|
if (!$case) {
|
|
die("Case not found");
|
|
}
|
|
|
|
// Create pending donation
|
|
$sql = "INSERT INTO donations (case_id, amount, status, donor_name, donor_email, donor_phone, is_gift, gift_recipient_name, gift_recipient_phone, gift_message)
|
|
VALUES (?, ?, 'pending', ?, ?, ?, ?, ?, ?, ?)";
|
|
$stmt = $pdo->prepare($sql);
|
|
$stmt->execute([$case_id, $amount, $donor_name, $donor_email, $donor_phone, $is_gift, $gift_recipient_name, $gift_recipient_phone, $gift_message]);
|
|
$donation_id = $pdo->lastInsertId();
|
|
|
|
// Thawani Checkout Session Request
|
|
$payload = [
|
|
'client_reference_id' => (string)$donation_id,
|
|
'mode' => 'payment',
|
|
'products' => [
|
|
[
|
|
'name' => ($is_gift ? "Gift Donation: " : "") . $case['title_en'],
|
|
'unit_amount' => (int)($amount * 1000), // Thawani uses OMR baiza (1 OMR = 1000 baiza)
|
|
'quantity' => 1
|
|
]
|
|
],
|
|
'success_url' => 'http://' . $_SERVER['HTTP_HOST'] . '/success.php?session_id={CHECKOUT_SESSION_ID}',
|
|
'cancel_url' => 'http://' . $_SERVER['HTTP_HOST'] . '/index.php',
|
|
'metadata' => [
|
|
'donation_id' => $donation_id,
|
|
'case_id' => $case_id
|
|
]
|
|
];
|
|
|
|
// Check if keys are default/empty
|
|
if (THAWANI_SECRET_KEY === 'rRQ26GcsZ60u9Y9v9876543210' || empty(THAWANI_SECRET_KEY)) {
|
|
// Simulation Mode
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head><title>Simulating Thawani Checkout</title><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css"></head>
|
|
<body class="bg-light p-5 text-center">
|
|
<div class="card mx-auto" style="max-width: 500px;">
|
|
<div class="card-body">
|
|
<img src="https://checkout.thawani.om/logo.png" alt="Thawani" height="50" class="mb-4">
|
|
<h3>Thawani Checkout Simulation</h3>
|
|
<p>Donation ID: #<?= $donation_id ?></p>
|
|
<p>Amount: OMR <?= number_format($amount, 3) ?></p>
|
|
<?php if ($is_gift): ?>
|
|
<div class="alert alert-success small">Gift for: <?= htmlspecialchars($gift_recipient_name) ?> (<?= htmlspecialchars($gift_recipient_phone) ?>)</div>
|
|
<?php endif; ?>
|
|
<div class="alert alert-info small">This is a simulation because no valid Thawani keys are configured in <code>db/thawani_config.php</code>.</div>
|
|
<form action="success.php" method="GET">
|
|
<input type="hidden" name="session_id" value="mock_session_<?= time() ?>">
|
|
<input type="hidden" name="donation_id" value="<?= $donation_id ?>">
|
|
<button type="submit" class="btn btn-success w-100">Simulate Success Payment</button>
|
|
</form>
|
|
<a href="index.php" class="btn btn-link mt-2">Cancel</a>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html>
|
|
<?php
|
|
exit;
|
|
}
|
|
|
|
// REAL CURL CALL
|
|
$ch = curl_init(THAWANI_API_URL . '/checkout/session');
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
curl_setopt($ch, CURLOPT_POST, true);
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($payload));
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, [
|
|
'Content-Type: application/json',
|
|
'thawani-api-key: ' . THAWANI_SECRET_KEY
|
|
]);
|
|
$response = curl_exec($ch);
|
|
$err = curl_error($ch);
|
|
curl_close($ch);
|
|
|
|
if ($err) {
|
|
die("CURL Error: " . $err);
|
|
}
|
|
|
|
$data = json_decode($response, true);
|
|
|
|
if (isset($data['success']) && $data['success'] === true && isset($data['data']['session_id'])) {
|
|
$session_id = $data['data']['session_id'];
|
|
|
|
// Save session_id to donation record
|
|
$stmt = $pdo->prepare("UPDATE donations SET transaction_id = ? WHERE id = ?");
|
|
$stmt->execute([$session_id, $donation_id]);
|
|
|
|
$checkout_url = (THAWANI_ENV === 'sandbox')
|
|
? "https://uatcheckout.thawani.om/pay/" . $session_id . "?key=" . THAWANI_PUBLISHABLE_KEY
|
|
: "https://checkout.thawani.om/pay/" . $session_id . "?key=" . THAWANI_PUBLISHABLE_KEY;
|
|
|
|
header("Location: " . $checkout_url);
|
|
exit;
|
|
} else {
|
|
echo "<h3>Thawani Error</h3>";
|
|
echo "<pre>";
|
|
print_r($data);
|
|
echo "</pre>";
|
|
echo "<a href='index.php'>Go Back</a>";
|
|
}
|