admin/38394-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
38394-vm/checkout.php
Flatlogic Bot 852ef148fa adding search bar
2026-02-13 08:14:05 +00:00

123 lines
4.2 KiB
PHP
Raw Blame History

<?php
require_once 'db/config.php';
require_once 'db/thawani_config.php';
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
header('Location: index.php');
exit;
}
$case_id = (int)$_POST['case_id'];
$amount = (float)$_POST['amount'];
$donor_name = $_POST['donor_name'] ?? 'Anonymous';
$donor_email = $_POST['donor_email'] ?? '';
$donor_phone = $_POST['donor_phone'] ?? '';
if ($amount <= 0) {
die("Invalid amount");
}
$pdo = db();
// Fetch case details
$stmt = $pdo->prepare("SELECT * FROM cases WHERE id = ?");
$stmt->execute([$case_id]);
$case = $stmt->fetch();
if (!$case) {
die("Case not found");
}
// Create pending donation
$stmt = $pdo->prepare("INSERT INTO donations (case_id, amount, status, donor_name, donor_email, donor_phone) VALUES (?, ?, 'pending', ?, ?, ?)");
$stmt->execute([$case_id, $amount, $donor_name, $donor_email, $donor_phone]);
$donation_id = $pdo->lastInsertId();
// Thawani Checkout Session Request
$payload = [
'client_reference_id' => (string)$donation_id,
'mode' => 'payment',
'products' => [
[
'name' => $case['title_en'],
'unit_amount' => (int)($amount * 1000), // Thawani uses OMR baiza (1 OMR = 1000 baiza)
'quantity' => 1
]
],
'success_url' => 'http://' . $_SERVER['HTTP_HOST'] . '/success.php?session_id={CHECKOUT_SESSION_ID}',
'cancel_url' => 'http://' . $_SERVER['HTTP_HOST'] . '/index.php',
'metadata' => [
'donation_id' => $donation_id,
'case_id' => $case_id
]
];
// Check if keys are default/empty
if (THAWANI_SECRET_KEY === 'rRQ26GcsZ60u9Y9v9876543210' || empty(THAWANI_SECRET_KEY)) {
// Simulation Mode
?>
<!DOCTYPE html>
<html>
<head><title>Simulating Thawani Checkout</title><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css"></head>
<body class="bg-light p-5 text-center">
<div class="card mx-auto" style="max-width: 500px;">
<div class="card-body">
<img src="https://checkout.thawani.om/logo.png" alt="Thawani" height="50" class="mb-4">
<h3>Thawani Checkout Simulation</h3>
<p>Donation ID: #<?= $donation_id ?></p>
<p>Amount: OMR <?= number_format($amount, 3) ?></p>
<div class="alert alert-info small">This is a simulation because no valid Thawani keys are configured in <code>db/thawani_config.php</code>.</div>
<form action="success.php" method="GET">
<input type="hidden" name="session_id" value="mock_session_<?= time() ?>">
<input type="hidden" name="donation_id" value="<?= $donation_id ?>">
<button type="submit" class="btn btn-success w-100">Simulate Success Payment</button>
</form>
<a href="index.php" class="btn btn-link mt-2">Cancel</a>
</div>
</div>
</body>
</html>
<?php
exit;
}
// REAL CURL CALL
$ch = curl_init(THAWANI_API_URL . '/checkout/session');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($payload));
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Content-Type: application/json',
'thawani-api-key: ' . THAWANI_SECRET_KEY
]);
$response = curl_exec($ch);
$err = curl_error($ch);
curl_close($ch);
if ($err) {
die("CURL Error: " . $err);
}
$data = json_decode($response, true);
if (isset($data['success']) && $data['success'] === true && isset($data['data']['session_id'])) {
$session_id = $data['data']['session_id'];
// Save session_id to donation record
$stmt = $pdo->prepare("UPDATE donations SET transaction_id = ? WHERE id = ?");
$stmt->execute([$session_id, $donation_id]);
$checkout_url = (THAWANI_ENV === 'sandbox')
? "https://uatcheckout.thawani.om/pay/" . $session_id . "?key=" . THAWANI_PUBLISHABLE_KEY
: "https://checkout.thawani.om/pay/" . $session_id . "?key=" . THAWANI_PUBLISHABLE_KEY;
header("Location: " . $checkout_url);
exit;
} else {
echo "<h3>Thawani Error</h3>";
echo "<pre>";
print_r($data);
echo "</pre>";
echo "<a href='index.php'>Go Back</a>";
}
Reference in New Issue View Git Blame Copy Permalink