admin/38703-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sad

Browse Source
This commit is contained in:
Flatlogic Bot 2026-02-23 15:47:04 +00:00
parent 817751394d
commit e4e5346c0f
13 changed files with 584 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
admin_purchases.php
View File

@ -2,6 +2,9 @@
session_start(); session_start();
require_once __DIR__ . '/db/config.php'; require_once __DIR__ . '/db/config.php';
use App\Repositories\PurchaseRepository;
use App\Repositories\CarRepository;
if (!isset($_SESSION['user_id']) || ($_SESSION['role'] ?? '') !== 'admin') { if (!isset($_SESSION['user_id']) || ($_SESSION['role'] ?? '') !== 'admin') {
header('Location: login.php'); header('Location: login.php');
exit; exit;
@ -9,32 +12,40 @@ if (!isset($_SESSION['user_id']) || ($_SESSION['role'] ?? '') !== 'admin') {
$pdo = db(); $pdo = db();
$message = ''; $message = '';
$purchaseRepo = new PurchaseRepository();
$carRepo = new CarRepository();
if (isset($_POST['action']) && isset($_POST['purchase_id'])) { if (isset($_POST['action']) && isset($_POST['purchase_id'])) {
$purchase_id = $_POST['purchase_id']; $purchase_id = $_POST['purchase_id'];
$action = $_POST['action']; $action = $_POST['action'];
$status = ($action === 'approve') ? 'approved' : 'rejected';
try { try {
$pdo->beginTransaction(); $pdo->beginTransaction();
// Update purchase status if ($action === 'approve') {
$stmt = $pdo->prepare("UPDATE purchases SET status = ? WHERE id = ?"); // Admin verifies -> move to held_in_escrow
$stmt->execute([$status, $purchase_id]); $stmt = $pdo->prepare("UPDATE purchases SET status = 'paid', escrow_status = 'held_in_escrow' WHERE id = ?");
$stmt->execute([$purchase_id]);
if ($status === 'approved') {
// Get car ID // Get car ID and mark as sold
$stmt = $pdo->prepare("SELECT car_id FROM purchases WHERE id = ?"); $stmt = $pdo->prepare("SELECT car_id FROM purchases WHERE id = ?");
$stmt->execute([$purchase_id]); $stmt->execute([$purchase_id]);
$car_id = $stmt->fetchColumn(); $car_id = $stmt->fetchColumn();
$carRepo->markAsSold($car_id);
// Mark car as sold $message = "Transaction verified. Funds are now held in Escrow.";
$stmt = $pdo->prepare("UPDATE cars SET status = 'sold' WHERE id = ?"); } elseif ($action === 'release') {
$stmt->execute([$car_id]); // Admin releases payment to seller
$stmt = $pdo->prepare("UPDATE purchases SET status = 'completed', escrow_status = 'released' WHERE id = ?");
$stmt->execute([$purchase_id]);
$message = "Payment released to seller. Transaction completed.";
} elseif ($action === 'reject') {
$stmt = $pdo->prepare("UPDATE purchases SET status = 'failed', escrow_status = 'cancelled' WHERE id = ?");
$stmt->execute([$purchase_id]);
$message = "Transaction rejected and cancelled.";
} }
$pdo->commit(); $pdo->commit();
$message = "Purchase request " . ($status === 'approved' ? 'approved' : 'rejected') . " successfully.";
} catch (Exception $e) { } catch (Exception $e) {
$pdo->rollBack(); $pdo->rollBack();
$message = "Error: " . $e->getMessage(); $message = "Error: " . $e->getMessage();
@ -43,7 +54,7 @@ if (isset($_POST['action']) && isset($_POST['purchase_id'])) {
// Fetch all purchases with car and user info // Fetch all purchases with car and user info
$stmt = $pdo->query(" $stmt = $pdo->query("
SELECT p.*, c.brand, c.model, c.price, c.year, u.name as buyer_user_name, ci.image_path SELECT p.*, c.brand, c.model, c.year, u.name as buyer_user_name, ci.image_path
FROM purchases p FROM purchases p
JOIN cars c ON p.car_id = c.id JOIN cars c ON p.car_id = c.id
JOIN users u ON p.user_id = u.id JOIN users u ON p.user_id = u.id
@ -57,7 +68,7 @@ $purchases = $stmt->fetchAll();
<head> <head>
<meta charset="UTF-8"> <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Purchase Requests | Admin</title> <title>Enterprise Transactions | Admin</title>
<link rel="stylesheet" href="assets/css/fonts.css"> <link rel="stylesheet" href="assets/css/fonts.css">
<link rel="stylesheet" href="assets/css/style.css?v=<?= time() ?>"> <link rel="stylesheet" href="assets/css/style.css?v=<?= time() ?>">
</head> </head>
@ -65,11 +76,11 @@ $purchases = $stmt->fetchAll();
<div class="dashboard-container"> <div class="dashboard-container">
<!-- Sidebar --> <!-- Sidebar -->
<aside class="sidebar"> <aside class="sidebar">
<a href="index.php" class="sidebar-brand">AFGCARS</a> <a href="index.php" class="sidebar-brand">AFGCARS ENT</a>
<ul class="sidebar-menu"> <ul class="sidebar-menu">
<li><a href="admin_dashboard.php"><span>Dashboard</span></a></li> <li><a href="admin_dashboard.php"><span>Dashboard</span></a></li>
<li><a href="admin_cars.php"><span>Manage Cars</span></a></li> <li><a href="admin_cars.php"><span>Manage Cars</span></a></li>
<li><a href="admin_purchases.php" class="active"><span>Purchase Requests</span></a></li> <li><a href="admin_purchases.php" class="active"><span>Transactions</span></a></li>
<li><a href="admin_users.php"><span>Users</span></a></li> <li><a href="admin_users.php"><span>Users</span></a></li>
<li><a href="admin_messages.php"><span>Messages</span></a></li> <li><a href="admin_messages.php"><span>Messages</span></a></li>
</ul> </ul>
@ -81,8 +92,9 @@ $purchases = $stmt->fetchAll();
<!-- Main Content --> <!-- Main Content -->
<main class="main-content"> <main class="main-content">
<header class="mb-3"> <header class="mb-3">
<h1 class="fw-bold" style="font-size: 2.5rem;">Purchase Requests</h1> <span class="badge badge-primary mb-1">ENTERPRISE MODE</span>
<p class="text-secondary">Verify bank IDs and personal information to approve or reject vehicle transactions.</p> <h1 class="fw-bold" style="font-size: 2.5rem;">Transaction Engine</h1>
<p class="text-secondary">Manage Escrow, verify SHA256 tokens, and release payments for secure car marketplace sales.</p>
</header> </header>
<?php if ($message): ?> <?php if ($message): ?>
@ -96,67 +108,70 @@ $purchases = $stmt->fetchAll();
<table> <table>
<thead> <thead>
<tr> <tr>
<th>Vehicle Details</th> <th>Transaction Ref</th>
<th>Buyer Verification</th> <th>Vehicle</th>
<th>Bank Reference</th> <th>Escrow Status</th>
<th>Transaction Amount</th> <th>Cost Breakdown</th>
<th>Current Status</th> <th>Verification</th>
<th>Action</th> <th>Action</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<?php foreach ($purchases as $p): ?> <?php foreach ($purchases as $p): ?>
<tr> <tr>
<td>
<div class="fw-bold"><?= htmlspecialchars($p['reference_number'] ?: 'LEGACY-'.$p['id']) ?></div>
<div class="text-sm text-secondary" style="font-family: monospace; font-size: 0.7rem;"><?= htmlspecialchars($p['transaction_id'] ?: 'N/A') ?></div>
<div class="text-sm text-secondary"><?= date('M d, H:i', strtotime($p['created_at'])) ?></div>
</td>
<td> <td>
<div style="display: flex; align-items: center; gap: 1.2rem;"> <div style="display: flex; align-items: center; gap: 1.2rem;">
<img src="<?= htmlspecialchars($p['image_path'] ?: 'assets/images/placeholder-car.jpg') ?>" style="width: 90px; height: 60px; object-fit: cover; border-radius: 10px; border: 1px solid var(--glass-border);"> <img src="<?= htmlspecialchars($p['image_path'] ?: 'assets/images/placeholder-car.jpg') ?>" style="width: 70px; height: 50px; object-fit: cover; border-radius: 8px;">
<div> <div>
<div class="fw-bold"><?= htmlspecialchars($p['brand'] . ' ' . $p['model']) ?></div> <div class="fw-bold text-sm"><?= htmlspecialchars($p['brand']) ?></div>
<div class="text-sm text-secondary"><?= $p['year'] ?></div> <div class="text-sm text-secondary"><?= $p['year'] ?></div>
</div> </div>
</div> </div>
</td> </td>
<td> <td>
<div class="fw-bold text-sm"><?= htmlspecialchars($p['buyer_name']) ?></div> <div class="badge badge-<?= $p['escrow_status'] === 'released' ? 'success' : ($p['escrow_status'] === 'cancelled' ? 'danger' : 'warning') ?>" style="display: block; text-align: center; margin-bottom: 0.3rem;">
<div class="text-sm text-secondary"><?= htmlspecialchars($p['buyer_phone']) ?></div> <?= strtoupper(str_replace('_', ' ', $p['escrow_status'] ?: 'awaiting_verification')) ?>
<div class="text-sm text-secondary" style="max-width: 200px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;"><?= htmlspecialchars($p['personal_info']) ?></div> </div>
<span class="text-sm text-secondary">Status: <?= ucfirst($p['status']) ?></span>
</td> </td>
<td> <td>
<code style="background: rgba(255, 255, 255, 0.05); padding: 0.4rem 0.8rem; border-radius: 8px; border: 1px solid rgba(255,255,255,0.1); color: var(--primary-color); font-weight: 700; font-family: monospace;"><?= htmlspecialchars($p['bank_id']) ?></code> <div class="text-sm">Base: <span class="text-white">$<?= number_format($p['base_price'], 0) ?></span></div>
<div class="text-sm">Fee: <span class="text-gold">$<?= number_format($p['marketplace_fee'], 0) ?></span></div>
<div class="text-gold fw-bold" style="font-size: 1.1rem; border-top: 1px solid rgba(255,255,255,0.1); margin-top: 0.3rem; padding-top: 0.3rem;">Total: $<?= number_format($p['total_amount'] ?: $p['base_price'], 0) ?></div>
</td> </td>
<td> <td>
<div class="text-gold fw-bold">$<?= number_format($p['price']) ?></div> <div class="text-sm fw-bold"><?= htmlspecialchars($p['buyer_name']) ?></div>
<div class="text-sm text-secondary">Bank ID: <span class="text-white"><?= htmlspecialchars($p['bank_id'] ?: 'N/A') ?></span></div>
<div class="text-sm text-secondary" title="<?= htmlspecialchars($p['verification_token']) ?>">Token: <span style="font-family: monospace; font-size: 0.6rem;"><?= substr($p['verification_token'], 0, 12) ?>...</span></div>
</td> </td>
<td> <td>
<span class="badge badge-<?= $p['status'] === 'approved' ? 'success' : ($p['status'] === 'rejected' ? 'danger' : 'warning') ?>"> <?php if ($p['escrow_status'] === 'awaiting_verification' || !$p['escrow_status']): ?>
<?= ucfirst($p['status']) ?> <div style="display: flex; gap: 0.8rem; flex-direction: column;">
</span> <form method="POST">
</td>
<td>
<?php if ($p['status'] === 'pending'): ?>
<div style="display: flex; gap: 1rem; align-items: center;">
<form method="POST" style="display: inline;">
<input type="hidden" name="purchase_id" value="<?= $p['id'] ?>"> <input type="hidden" name="purchase_id" value="<?= $p['id'] ?>">
<button type="submit" name="action" value="approve" class="text-gold text-sm fw-bold btn-sm" style="background: none; border: none; cursor: pointer; padding: 0;">Approve</button> <button type="submit" name="action" value="approve" class="btn btn-primary btn-sm" style="width: 100%;">Verify & Hold</button>
</form> </form>
<form method="POST" style="display: inline;"> <form method="POST">
<input type="hidden" name="purchase_id" value="<?= $p['id'] ?>"> <input type="hidden" name="purchase_id" value="<?= $p['id'] ?>">
<button type="submit" name="action" value="reject" class="text-sm fw-bold btn-sm" style="background: none; border: none; cursor: pointer; padding: 0; color: var(--danger);">Reject</button> <button type="submit" name="action" value="reject" class="text-sm fw-bold" style="background: none; border: none; cursor: pointer; color: var(--danger); width: 100%;">Reject</button>
</form> </form>
</div> </div>
<?php elseif ($p['escrow_status'] === 'held_in_escrow'): ?>
<form method="POST">
<input type="hidden" name="purchase_id" value="<?= $p['id'] ?>">
<button type="submit" name="action" value="release" class="btn btn-success btn-sm" style="width: 100%; background-color: #2ed573;">Release Funds</button>
</form>
<?php else: ?> <?php else: ?>
<span class="text-secondary text-sm fw-bold">Verified</span> <span class="text-secondary text-sm fw-bold">COMPLETED</span>
<?php endif; ?> <?php endif; ?>
</td> </td>
</tr> </tr>
<?php endforeach; ?> <?php endforeach; ?>
<?php if (empty($purchases)): ?>
<tr>
<td colspan="6" style="padding: 4rem; text-align: center;">
<p class="text-secondary">No purchase requests waiting for verification.</p>
</td>
</tr>
<?php endif; ?>
</tbody> </tbody>
</table> </table>
</div> </div>
@ -164,4 +179,4 @@ $purchases = $stmt->fetchAll();
</main> </main>
</div> </div>
</body> </body>
</html> </html>

34
app/Controllers/PurchaseController.php Normal file
View File

@ -0,0 +1,34 @@
<?php
namespace App\Controllers;
use App\Services\PurchaseService;
use App\Repositories\CarRepository;
use Exception;
class PurchaseController {
protected $purchaseService;
protected $carRepo;
public function __construct() {
$this->purchaseService = new PurchaseService();
$this->carRepo = new CarRepository();
}
public function reserve($carId, $userId) {
try {
$this->purchaseService->reserveCar($carId, $userId);
return ['success' => true, 'message' => 'Car reserved successfully for 15 minutes.'];
} catch (Exception $e) {
return ['success' => false, 'message' => $e->getMessage()];
}
}
public function checkout($carId, $userId, $buyerData) {
try {
$transactionId = $this->purchaseService->initiatePurchase($carId, $userId, $buyerData);
return ['success' => true, 'transaction_id' => $transactionId];
} catch (Exception $e) {
return ['success' => false, 'message' => $e->getMessage()];
}
}
}

19
app/Helpers/Autoloader.php Normal file
View File

@ -0,0 +1,19 @@
<?php
spl_autoload_register(function ($class) {
// Map namespace/class to directory structure
// e.g., App\Controllers\PurchaseController -> app/Controllers/PurchaseController.php
// Remove 'App\' prefix if present
if (strpos($class, 'App\\') === 0) {
$class = substr($class, 4);
}
$file = __DIR__ . '/../' . str_replace('\\', '/', $class) . '.php';
if (file_exists($file)) {
require_once $file;
return true;
}
return false;
});

22
app/Repositories/BaseRepository.php Normal file
View File

@ -0,0 +1,22 @@
<?php
namespace App\Repositories;
abstract class BaseRepository {
protected $db;
public function __construct() {
$this->db = db();
}
public function beginTransaction() {
return $this->db->beginTransaction();
}
public function commit() {
return $this->db->commit();
}
public function rollBack() {
return $this->db->rollBack();
}
}

44
app/Repositories/CarRepository.php Normal file
View File

@ -0,0 +1,44 @@
<?php
namespace App\Repositories;
class CarRepository extends BaseRepository {
public function find($id, $lock = false) {
$sql = "SELECT * FROM cars WHERE id = :id";
if ($lock) {
$sql .= " FOR UPDATE";
}
$stmt = $this->db->prepare($sql);
$stmt->execute(['id' => $id]);
return $stmt->fetch();
}
public function reserve($carId, $userId, $minutes = 15) {
$expiresAt = date('Y-m-d H:i:s', strtotime("+$minutes minutes"));
$sql = "UPDATE cars SET
reserved_by = :user_id,
reserved_at = NOW(),
reservation_expires_at = :expires_at
WHERE id = :id";
$stmt = $this->db->prepare($sql);
return $stmt->execute([
'user_id' => $userId,
'expires_at' => $expiresAt,
'id' => $carId
]);
}
public function markAsSold($id) {
$stmt = $this->db->prepare("UPDATE cars SET status = 'sold' WHERE id = :id");
return $stmt->execute(['id' => $id]);
}
public function isAvailable($id) {
$sql = "SELECT * FROM cars WHERE id = :id
AND status = 'approved'
AND (reserved_by IS NULL OR reservation_expires_at < NOW())";
$stmt = $this->db->prepare($sql);
$stmt->execute(['id' => $id]);
return $stmt->fetch();
}
}

54
app/Repositories/PurchaseRepository.php Normal file
View File

@ -0,0 +1,54 @@
<?php
namespace App\Repositories;
class PurchaseRepository extends BaseRepository {
public function create($data) {
$sql = "INSERT INTO purchases (
transaction_id, reference_number, verification_token,
car_id, user_id, buyer_name, buyer_email, buyer_phone,
base_price, marketplace_fee, tax, total_amount,
status, escrow_status, payment_method, expires_at
) VALUES (
:transaction_id, :reference_number, :verification_token,
:car_id, :user_id, :buyer_name, :buyer_email, :buyer_phone,
:base_price, :marketplace_fee, :tax, :total_amount,
:status, :escrow_status, :payment_method, :expires_at
)";
$stmt = $this->db->prepare($sql);
$stmt->execute($data);
return $this->db->lastInsertId();
}
public function findByTransactionId($transactionId) {
$stmt = $this->db->prepare("SELECT * FROM purchases WHERE transaction_id = :id");
$stmt->execute(['id' => $transactionId]);
return $stmt->fetch();
}
public function updateStatus($id, $status, $escrowStatus = null) {
$sql = "UPDATE purchases SET status = :status";
$params = ['id' => $id, 'status' => $status];
if ($escrowStatus) {
$sql .= ", escrow_status = :escrow_status";
$params['escrow_status'] = $escrowStatus;
}
$sql .= " WHERE id = :id";
$stmt = $this->db->prepare($sql);
return $stmt->execute($params);
}
public function generateUniqueReference() {
$ref = 'REF-' . strtoupper(substr(md5(uniqid()), 0, 8));
// Check if exists
$stmt = $this->db->prepare("SELECT id FROM purchases WHERE reference_number = :ref");
$stmt->execute(['ref' => $ref]);
if ($stmt->fetch()) {
return $this->generateUniqueReference();
}
return $ref;
}
}

12
app/Repositories/SettingRepository.php Normal file
View File

@ -0,0 +1,12 @@
<?php
namespace App\Repositories;
class SettingRepository extends BaseRepository {
public function get($key, $default = null) {
$stmt = $this->db->prepare("SELECT value FROM settings WHERE `key` = :key");
$stmt->execute(['key' => $key]);
$row = $stmt->fetch();
return $row ? $row['value'] : $default;
}
}

29
app/Services/PaymentService.php Normal file
View File

@ -0,0 +1,29 @@
<?php
namespace App\Services;
class PaymentService {
public function generateUUID() {
return sprintf('%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
mt_rand(0, 0xffff), mt_rand(0, 0xffff),
mt_rand(0, 0xffff),
mt_rand(0, 0x0fff) | 0x4000,
mt_rand(0, 0x3fff) | 0x8000,
mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
);
}
public function generateVerificationToken($transactionId, $amount) {
return hash('sha256', $transactionId . $amount . 'SECRET_SALT_2026');
}
public function processPayment($method, $amount) {
// Offline Simulation
// In a real scenario, this would call a gateway API
return [
'success' => true,
'transaction_id' => $this->generateUUID(),
'status' => 'paid'
];
}
}

98
app/Services/PurchaseService.php Normal file
View File

@ -0,0 +1,98 @@
<?php
namespace App\Services;
use App\Repositories\CarRepository;
use App\Repositories\PurchaseRepository;
use App\Repositories\SettingRepository;
use Exception;
class PurchaseService {
protected $carRepo;
protected $purchaseRepo;
protected $settingRepo;
protected $paymentService;
public function __construct() {
$this->carRepo = new CarRepository();
$this->purchaseRepo = new PurchaseRepository();
$this->settingRepo = new SettingRepository();
$this->paymentService = new PaymentService();
}
public function reserveCar($carId, $userId) {
$this->carRepo->beginTransaction();
try {
$car = $this->carRepo->find($carId, true); // Lock for update
if (!$car) throw new Exception("Car not found.");
if ($car['status'] !== 'approved') throw new Exception("Car is not available for sale.");
if ($car['user_id'] == $userId) throw new Exception("You cannot buy your own car.");
// Check if already reserved by someone else and not expired
if ($car['reserved_by'] && $car['reserved_by'] != $userId && strtotime($car['reservation_expires_at']) > time()) {
throw new Exception("This car is currently reserved by another buyer.");
}
$this->carRepo->reserve($carId, $userId);
$this->carRepo->commit();
return true;
} catch (Exception $e) {
$this->carRepo->rollBack();
throw $e;
}
}
public function calculateFees($price) {
$feePercent = $this->settingRepo->get('marketplace_fee_percentage', 5);
$taxPercent = $this->settingRepo->get('tax_percentage', 10);
$fee = ($price * $feePercent) / 100;
$tax = ($price * $taxPercent) / 100;
$total = $price + $fee + $tax;
return [
'base_price' => $price,
'fee' => $fee,
'tax' => $tax,
'total' => $total
];
}
public function initiatePurchase($carId, $userId, $buyerData) {
$this->purchaseRepo->beginTransaction();
try {
$car = $this->carRepo->find($carId, true);
if (!$car) throw new Exception("Car not found.");
$costs = $this->calculateFees($car['price']);
$transactionId = $this->paymentService->generateUUID();
$ref = $this->purchaseRepo->generateUniqueReference();
$token = $this->paymentService->generateVerificationToken($transactionId, $costs['total']);
$purchaseId = $this->purchaseRepo->create([
'transaction_id' => $transactionId,
'reference_number' => $ref,
'verification_token' => $token,
'car_id' => $carId,
'user_id' => $userId,
'buyer_name' => $buyerData['name'],
'buyer_email' => $buyerData['email'],
'buyer_phone' => $buyerData['phone'],
'base_price' => $costs['base_price'],
'marketplace_fee' => $costs['fee'],
'tax' => $costs['tax'],
'total_amount' => $costs['total'],
'status' => 'initiated',
'escrow_status' => 'awaiting_verification',
'payment_method' => $buyerData['payment_method'],
'expires_at' => date('Y-m-d H:i:s', strtotime("+1 hour"))
]);
$this->purchaseRepo->commit();
return $transactionId;
} catch (Exception $e) {
$this->purchaseRepo->rollBack();
throw $e;
}
}
}

3
db/config.php
View File

@ -15,3 +15,6 @@ function db() {
} }
return $pdo; return $pdo;
} }
// Global Autoloader for Enterprise Architecture
require_once __DIR__ . '/../app/Helpers/Autoloader.php';

38
db/migrations/20260223_enterprise_buy_sell.sql Normal file
View File

@ -0,0 +1,38 @@
-- Enterprise Buy/Sell/Payment Module Migration
-- Update cars table for reservations
ALTER TABLE `cars`
ADD COLUMN `reserved_by` INT NULL,
ADD COLUMN `reserved_at` TIMESTAMP NULL,
ADD COLUMN `reservation_expires_at` TIMESTAMP NULL,
ADD CONSTRAINT `fk_cars_reserved_by` FOREIGN KEY (`reserved_by`) REFERENCES `users`(`id`) ON DELETE SET NULL;
-- Update purchases table for Enterprise Flow
-- We need to check if existing purchases exist and handle them.
-- Since this is an upgrade, we'll allow NULL for new columns temporarily if needed,
-- but the requirement asks for NOT NULL UNIQUE, so we'll be careful.
ALTER TABLE `purchases`
ADD COLUMN `transaction_id` CHAR(36) NULL AFTER `id`,
ADD COLUMN `reference_number` VARCHAR(50) NULL AFTER `transaction_id`,
ADD COLUMN `verification_token` VARCHAR(64) NULL AFTER `reference_number`,
ADD COLUMN `base_price` DECIMAL(10,2) NOT NULL DEFAULT 0.00,
ADD COLUMN `marketplace_fee` DECIMAL(10,2) NOT NULL DEFAULT 0.00,
ADD COLUMN `tax` DECIMAL(10,2) NOT NULL DEFAULT 0.00,
ADD COLUMN `total_amount` DECIMAL(10,2) NOT NULL DEFAULT 0.00,
ADD COLUMN `payment_method` ENUM('card', 'bank_transfer', 'wallet') NULL,
ADD COLUMN `escrow_status` ENUM('awaiting_verification', 'held_in_escrow', 'released', 'cancelled') DEFAULT 'awaiting_verification',
ADD COLUMN `expires_at` TIMESTAMP NULL;
ALTER TABLE `purchases`
MODIFY COLUMN `status` ENUM('initiated', 'processing', 'paid', 'failed', 'refunded', 'chargeback', 'reserved', 'completed', 'cancelled', 'pending', 'approved', 'rejected') DEFAULT 'initiated';
-- Settings table for configurable marketplace values
CREATE TABLE IF NOT EXISTS `settings` (
`key` VARCHAR(50) PRIMARY KEY,
`value` VARCHAR(255) NOT NULL,
`updated_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
INSERT IGNORE INTO `settings` (`key`, `value`) VALUES
('marketplace_fee_percentage', '5'),
('tax_percentage', '10');

127
purchase.php
View File

@ -1,38 +1,61 @@
<?php <?php
require_once __DIR__ . '/includes/header.php'; require_once __DIR__ . '/includes/header.php';
use App\Controllers\PurchaseController;
use App\Services\PurchaseService;
use App\Repositories\CarRepository;
if (!isset($_SESSION['user_id'])) { if (!isset($_SESSION['user_id'])) {
header('Location: login.php'); header('Location: login.php');
exit; exit;
} }
$pdo = db(); $controller = new PurchaseController();
$purchaseService = new PurchaseService();
$carRepo = new CarRepository();
$id = $_GET['id'] ?? 0; $id = $_GET['id'] ?? 0;
$userId = $_SESSION['user_id'];
$stmt = $pdo->prepare("SELECT c.*, ci.image_path FROM cars c LEFT JOIN car_images ci ON c.id = ci.car_id AND ci.is_main = 1 WHERE c.id = ? AND c.status = 'approved'"); // Step 1: Try to reserve the car
$stmt->execute([$id]); $reservation = $controller->reserve($id, $userId);
$car = $stmt->fetch();
if (!$car) { if (!$reservation['success']) {
header('Location: cars.php'); $_SESSION['error'] = $reservation['message'];
header('Location: car_detail.php?id=' . $id);
exit; exit;
} }
$car = $carRepo->find($id);
// Fetch main image manually since find() doesn't JOIN images (standard repository pattern)
$stmt = db()->prepare("SELECT image_path FROM car_images WHERE car_id = ? AND is_main = 1");
$stmt->execute([$id]);
$mainImage = $stmt->fetch();
$car['image_path'] = $mainImage ? $mainImage['image_path'] : 'assets/images/placeholder-car.jpg';
$costs = $purchaseService->calculateFees($car['price']);
$success = false; $success = false;
$error = ''; $error = '';
$transactionId = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$name = $_POST['buyer_name'] ?? ''; $buyerData = [
$phone = $_POST['buyer_phone'] ?? ''; 'name' => $_POST['buyer_name'] ?? '',
$bank_id = $_POST['bank_id'] ?? ''; 'phone' => $_POST['buyer_phone'] ?? '',
$personal_info = $_POST['personal_info'] ?? ''; 'email' => $_SESSION['user_email'] ?? '',
$email = $_SESSION['user_email'] ?? ''; 'bank_id' => $_POST['bank_id'] ?? '',
'personal_info' => $_POST['personal_info'] ?? '',
'payment_method' => $_POST['payment_method'] ?? 'bank_transfer'
];
$stmt = $pdo->prepare("INSERT INTO purchases (car_id, user_id, buyer_name, buyer_email, buyer_phone, bank_id, personal_info, status) VALUES (?, ?, ?, ?, ?, ?, ?, 'pending')"); $result = $controller->checkout($id, $userId, $buyerData);
if ($stmt->execute([$id, $_SESSION['user_id'], $name, $email, $phone, $bank_id, $personal_info])) {
if ($result['success']) {
$success = true; $success = true;
$transactionId = $result['transaction_id'];
} else { } else {
$error = "Failed to submit request. Please try again."; $error = $result['message'];
} }
} }
?> ?>
@ -41,29 +64,53 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
<?php if ($success): ?> <?php if ($success): ?>
<div class="box text-center" style="padding: 6rem;"> <div class="box text-center" style="padding: 6rem;">
<div style="font-size: 6rem; margin-bottom: 2.5rem; filter: drop-shadow(0 10px 20px rgba(0,0,0,0.3));">🚀</div> <div style="font-size: 6rem; margin-bottom: 2.5rem; filter: drop-shadow(0 10px 20px rgba(0,0,0,0.3));">🚀</div>
<h1 class="text-gold fw-black mb-1" style="font-size: 3.5rem;">Purchase Request Sent!</h1> <h1 class="text-gold fw-black mb-1" style="font-size: 3.5rem;">Purchase Initiated!</h1>
<p class="text-secondary mb-3" style="font-size: 1.3rem; max-width: 750px; margin-left: auto; margin-right: auto; line-height: 1.8; font-weight: 600;"> <p class="text-secondary mb-3" style="font-size: 1.3rem; max-width: 750px; margin-left: auto; margin-right: auto; line-height: 1.8; font-weight: 600;">
Your verification request for the <strong class="text-gold"><?= htmlspecialchars($car['brand'] . ' ' . $car['model']) ?></strong> with Bank Reference <strong class="text-gold"><?= htmlspecialchars($bank_id) ?></strong> has been successfully submitted to our verification team. Your secure transaction <strong class="text-gold"><?= htmlspecialchars($transactionId) ?></strong> has been created.
The car is reserved for you. Please proceed with payment verification.
</p> </p>
<div class="flex justify-center gap-1 mt-3"> <div class="flex justify-center gap-1 mt-3">
<a href="dashboard.php" class="btn btn-primary btn-lg">View Request Status</a> <a href="receipt.php?tx=<?= $transactionId ?>" class="btn btn-primary btn-lg">View Invoice</a>
<a href="cars.php" class="btn btn-outline btn-lg">Back to Marketplace</a> <a href="dashboard.php" class="btn btn-outline btn-lg">Go to Dashboard</a>
</div> </div>
</div> </div>
<?php else: ?> <?php else: ?>
<div class="grid" style="grid-template-columns: 1fr 1.6fr; gap: 4rem; align-items: start;"> <div class="grid" style="grid-template-columns: 1fr 1.6fr; gap: 4rem; align-items: start;">
<div class="glass" style="padding: 2.5rem; position: sticky; top: 120px; border-top: 5px solid var(--primary-color);"> <div class="glass" style="padding: 2.5rem; position: sticky; top: 120px; border-top: 5px solid var(--primary-color);">
<h3 class="fw-black mb-2 text-gold" style="text-transform: uppercase; letter-spacing: 2px; font-size: 1rem;">Transaction Summary</h3> <h3 class="fw-black mb-2 text-gold" style="text-transform: uppercase; letter-spacing: 2px; font-size: 1rem;">Enterprise Checkout</h3>
<div class="mb-2" style="width: 100%; height: 220px; background-image: url('<?= htmlspecialchars($car['image_path'] ?: 'assets/images/placeholder-car.jpg') ?>'); background-size: cover; background-position: center; border-radius: 20px; border: 1px solid var(--glass-border);"></div> <div class="mb-2" style="width: 100%; height: 220px; background-image: url('<?= htmlspecialchars($car['image_path']) ?>'); background-size: cover; background-position: center; border-radius: 20px; border: 1px solid var(--glass-border);"></div>
<h2 class="fw-black mb-1" style="font-size: 1.8rem; color: #fff;"><?= htmlspecialchars($car['brand'] . ' ' . $car['model']) ?></h2> <h2 class="fw-black mb-1" style="font-size: 1.8rem; color: #fff;"><?= htmlspecialchars($car['brand'] . ' ' . $car['model']) ?></h2>
<p class="text-secondary mb-2 fw-bold" style="font-size: 1.1rem;"><?= $car['year'] ?> Model • <?= $car['city'] ?></p> <p class="text-secondary mb-2 fw-bold" style="font-size: 1.1rem;"><?= $car['year'] ?> Model • <?= $car['city'] ?></p>
<div class="flex justify-between align-center mt-2 pt-2" style="border-top: 1px solid var(--glass-border);">
<span class="text-secondary fw-black" style="text-transform: uppercase; font-size: 0.85rem;">Total Amount Due</span> <div class="mt-2 pt-2" style="border-top: 1px solid var(--glass-border);">
<span class="price-tag" style="font-size: 1.8rem;">$<?= number_format($car['price']) ?></span> <div class="flex justify-between mb-1">
<span class="text-secondary">Car Price</span>
<span class="text-white fw-bold">$<?= number_format($costs['base_price'], 2) ?></span>
</div>
<div class="flex justify-between mb-1">
<span class="text-secondary">Marketplace Fee (<?= $purchaseService->calculateFees($car['price'])['fee'] / $car['price'] * 100 ?>%)</span>
<span class="text-white fw-bold">$<?= number_format($costs['fee'], 2) ?></span>
</div>
<div class="flex justify-between mb-1">
<span class="text-secondary">Tax (<?= $purchaseService->calculateFees($car['price'])['tax'] / $car['price'] * 100 ?>%)</span>
<span class="text-white fw-bold">$<?= number_format($costs['tax'], 2) ?></span>
</div>
<div class="flex justify-between align-center mt-1 pt-1" style="border-top: 2px dashed var(--glass-border);">
<span class="text-gold fw-black" style="text-transform: uppercase; font-size: 0.85rem;">Total Payable</span>
<span class="price-tag" style="font-size: 1.8rem;">$<?= number_format($costs['total'], 2) ?></span>
</div>
</div>
<div class="mt-2 p-1 text-center" style="background: rgba(255,0,0,0.1); border-radius: 10px;">
<p class="text-sm text-white m-0">Reservation expires in: <span id="timer">15:00</span></p>
</div> </div>
</div> </div>
<div class="glass" style="padding: 4.5rem;"> <div class="glass" style="padding: 4.5rem;">
<div class="flex align-center gap-1 mb-2">
<span class="badge badge-primary">ESCROW PROTECTION ACTIVE</span>
<span class="text-secondary text-sm">Transaction ID: Securely Generated</span>
</div>
<h1 class="fw-black mb-1" style="font-size: 3rem; color: #fff;">Buyer Verification</h1> <h1 class="fw-black mb-1" style="font-size: 3rem; color: #fff;">Buyer Verification</h1>
<p class="text-secondary mb-3" style="font-size: 1.15rem; font-weight: 500;">Provide your legal documentation and banking details to proceed with this secure purchase.</p> <p class="text-secondary mb-3" style="font-size: 1.15rem; font-weight: 500;">Provide your legal documentation and banking details to proceed with this secure purchase.</p>
@ -75,7 +122,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
<div class="grid grid-2"> <div class="grid grid-2">
<div class="form-group"> <div class="form-group">
<label>Full Legal Name (as on ID Card)</label> <label>Full Legal Name (as on ID Card)</label>
<input type="text" name="buyer_name" class="form-control" value="<?= htmlspecialchars($_SESSION['user_name']) ?>" required placeholder="Enter your full name"> <input type="text" name="buyer_name" class="form-control" value="<?= htmlspecialchars($_SESSION['user_name'] ?? '') ?>" required placeholder="Enter your full name">
</div> </div>
<div class="form-group"> <div class="form-group">
<label>Phone Number</label> <label>Phone Number</label>
@ -83,6 +130,15 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
</div> </div>
</div> </div>
<div class="form-group">
<label>Payment Method</label>
<select name="payment_method" class="form-control" required>
<option value="bank_transfer">Bank Transfer (Escrow Mode)</option>
<option value="card">Credit/Debit Card</option>
<option value="wallet">Digital Wallet</option>
</select>
</div>
<div class="form-group"> <div class="form-group">
<label>Bank Reference ID / Account Number</label> <label>Bank Reference ID / Account Number</label>
<input type="text" name="bank_id" class="form-control" required placeholder="Azizi Bank / Kabul Bank Transaction ID"> <input type="text" name="bank_id" class="form-control" required placeholder="Azizi Bank / Kabul Bank Transaction ID">
@ -96,13 +152,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
<div class="mt-3 mb-3" style="padding: 2.5rem; background: rgba(212, 175, 55, 0.05); border-left: 5px solid var(--primary-color); border-radius: 20px;"> <div class="mt-3 mb-3" style="padding: 2.5rem; background: rgba(212, 175, 55, 0.05); border-left: 5px solid var(--primary-color); border-radius: 20px;">
<p class="text-secondary text-sm" style="line-height: 1.8; margin: 0; font-weight: 600;"> <p class="text-secondary text-sm" style="line-height: 1.8; margin: 0; font-weight: 600;">
<strong class="text-gold" style="font-size: 1.1rem; display: block; margin-bottom: 0.5rem;">IMPORTANT SECURITY NOTICE:</strong> <strong class="text-gold" style="font-size: 1.1rem; display: block; margin-bottom: 0.5rem;">ENTERPRISE ESCROW SYSTEM:</strong>
Your personal data is encrypted. Submission of fraudulent bank IDs will result in account suspension and legal action under Afghanistan's automotive marketplace regulations. Your payment will be held securely in Escrow. Funds are only released to the seller once you confirm receipt of the vehicle and the admin verifies all documentation.
</p> </p>
</div> </div>
<div class="flex align-center gap-1 mt-3"> <div class="flex align-center gap-1 mt-3">
<button type="submit" class="btn btn-primary btn-lg" style="flex: 2; font-weight: 900; letter-spacing: 1px;">SUBMIT SECURE PURCHASE REQUEST</button> <button type="submit" class="btn btn-primary btn-lg" style="flex: 2; font-weight: 900; letter-spacing: 1px;">SECURE CHECKOUT & PAY</button>
<a href="car_detail.php?id=<?= $id ?>" class="btn btn-outline btn-lg" style="flex: 1; font-weight: 700;">CANCEL</a> <a href="car_detail.php?id=<?= $id ?>" class="btn btn-outline btn-lg" style="flex: 1; font-weight: 700;">CANCEL</a>
</div> </div>
</form> </form>
@ -111,4 +167,21 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
<?php endif; ?> <?php endif; ?>
</div> </div>
<script>
let timeLeft = 15 * 60;
const timerElement = document.getElementById('timer');
const countdown = setInterval(() => {
if (timeLeft <= 0) {
clearInterval(countdown);
alert('Reservation expired. Please refresh the page to try again.');
window.location.reload();
} else {
const minutes = Math.floor(timeLeft / 60);
const seconds = timeLeft % 60;
timerElement.innerText = `${minutes}:${seconds < 10 ? '0' : ''}${seconds}`;
timeLeft--;
}
}, 1000);
</script>
<?php require_once __DIR__ . '/includes/footer.php'; ?> <?php require_once __DIR__ . '/includes/footer.php'; ?>

94
receipt.php
View File

@ -1,47 +1,55 @@
<?php <?php
require_once __DIR__ . '/includes/header.php'; require_once __DIR__ . '/includes/header.php';
use App\Repositories\PurchaseRepository;
use App\Services\PaymentService;
if (!isset($_SESSION['user_id'])) { if (!isset($_SESSION['user_id'])) {
header('Location: login.php'); header('Location: login.php');
exit; exit;
} }
$pdo = db(); $txId = $_GET['tx'] ?? '';
$purchase_id = $_GET['id'] ?? 0; $purchaseRepo = new PurchaseRepository();
$paymentService = new PaymentService();
// Fetch purchase details (must be approved and belong to the user or admin) // Fetch purchase details
$stmt = $pdo->prepare(" $stmt = db()->prepare("
SELECT p.*, c.brand, c.model, c.year, c.price, c.city, u.name as seller_name, u.phone as seller_phone SELECT p.*, c.brand, c.model, c.year, c.city, u.name as seller_name, u.phone as seller_phone
FROM purchases p FROM purchases p
JOIN cars c ON p.car_id = c.id JOIN cars c ON p.car_id = c.id
JOIN users u ON c.user_id = u.id JOIN users u ON c.user_id = u.id
WHERE p.id = ? AND p.status = 'approved' AND (p.user_id = ? OR ?) WHERE p.transaction_id = ? AND (p.user_id = ? OR ?)
"); ");
$isAdmin = isset($_SESSION['role']) && $_SESSION['role'] === 'admin'; $isAdmin = isset($_SESSION['role']) && $_SESSION['role'] === 'admin';
$stmt->execute([$purchase_id, $_SESSION['user_id'], $isAdmin]); $stmt->execute([$txId, $_SESSION['user_id'], $isAdmin]);
$data = $stmt->fetch(); $data = $stmt->fetch();
if (!$data) { if (!$data) {
echo "<div class='container' style='padding: 5rem; text-align: center;'><h1>Receipt not found or not approved.</h1><a href='dashboard.php' class='btn btn-primary'>Back to Dashboard</a></div>"; echo "<div class='container' style='padding: 5rem; text-align: center;'><h1>Invoice not found.</h1><a href='dashboard.php' class='btn btn-primary'>Back to Dashboard</a></div>";
require_once __DIR__ . '/includes/footer.php'; require_once __DIR__ . '/includes/footer.php';
exit; exit;
} }
// Generate verification hash if missing (for legacy or just-in-time check)
$verificationHash = $data['verification_token'] ?: $paymentService->generateVerificationToken($data['transaction_id'], $data['total_amount']);
?> ?>
<div class="container" style="max-width: 900px; padding: 4rem 0;"> <div class="container" style="max-width: 900px; padding: 4rem 0;">
<div id="receipt" class="glass receipt-box" style="padding: 4rem; background: #fff; color: #1a1a1a; position: relative; overflow: hidden; border-radius: 0; border: 1px solid #ddd;"> <div id="receipt" class="glass receipt-box" style="padding: 4rem; background: #fff; color: #1a1a1a; position: relative; overflow: hidden; border-radius: 0; border: 1px solid #ddd; box-shadow: 0 20px 50px rgba(0,0,0,0.1);">
<!-- Watermark --> <!-- Watermark -->
<div class="receipt-watermark" style="position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%) rotate(-45deg); font-size: 8rem; font-weight: 900; color: rgba(46, 213, 115, 0.08); pointer-events: none; z-index: 0; white-space: nowrap;">PAID & VERIFIED</div> <div class="receipt-watermark" style="position: absolute; top: 50%; left: 50%; transform: translate(-50%, -50%) rotate(-45deg); font-size: 8rem; font-weight: 900; color: rgba(46, 213, 115, 0.08); pointer-events: none; z-index: 0; white-space: nowrap;">ENTERPRISE VERIFIED</div>
<div class="flex justify-between align-center mb-3" style="position: relative; z-index: 1; border-bottom: 2px solid #f0f0f0; padding-bottom: 2rem;"> <div class="flex justify-between align-center mb-3" style="position: relative; z-index: 1; border-bottom: 2px solid #f0f0f0; padding-bottom: 2rem;">
<div> <div>
<h1 class="fw-black text-gold" style="font-size: 2.5rem; margin: 0; filter: brightness(0.8);">AfgCars</h1> <h1 class="fw-black text-gold" style="font-size: 2.5rem; margin: 0; filter: brightness(0.8);">AfgCars Enterprise</h1>
<p style="color: #666; font-weight: 600; letter-spacing: 1px; text-transform: uppercase; font-size: 0.8rem; margin-top: 0.5rem;">Premium Vehicle Marketplace</p> <p style="color: #666; font-weight: 600; letter-spacing: 1px; text-transform: uppercase; font-size: 0.8rem; margin-top: 0.5rem;">Secure Vehicle Transaction Module</p>
</div> </div>
<div style="text-align: right;"> <div style="text-align: right;">
<h2 class="fw-black" style="margin: 0; color: #333;">OFFICIAL RECEIPT</h2> <h2 class="fw-black" style="margin: 0; color: #333;">OFFICIAL INVOICE</h2>
<p style="color: #888; font-weight: 700; margin-top: 0.5rem;">Receipt #: <span style="color: #333;">RC-<?= str_pad($data['id'], 6, '0', STR_PAD_LEFT) ?></span></p> <p style="color: #888; font-weight: 700; margin-top: 0.5rem;">Invoice #: <span style="color: #333;"><?= htmlspecialchars($data['reference_number'] ?: 'INV-'.$data['id']) ?></span></p>
<p style="color: #888; font-weight: 700;">Date: <span style="color: #333;"><?= date('M d, Y', strtotime($data['created_at'])) ?></span></p> <p style="color: #888; font-weight: 700;">Date: <span style="color: #333;"><?= date('M d, Y', strtotime($data['created_at'])) ?></span></p>
<p style="color: #888; font-weight: 700;">Status: <span class="badge badge-primary"><?= strtoupper($data['status']) ?></span></p>
</div> </div>
</div> </div>
@ -51,7 +59,7 @@ if (!$data) {
<p class="fw-black" style="font-size: 1.2rem; margin-bottom: 0.5rem; color: #333;"><?= htmlspecialchars($data['buyer_name']) ?></p> <p class="fw-black" style="font-size: 1.2rem; margin-bottom: 0.5rem; color: #333;"><?= htmlspecialchars($data['buyer_name']) ?></p>
<p style="margin-bottom: 0.3rem; color: #666; font-weight: 500;"><?= htmlspecialchars($data['buyer_email']) ?></p> <p style="margin-bottom: 0.3rem; color: #666; font-weight: 500;"><?= htmlspecialchars($data['buyer_email']) ?></p>
<p style="margin-bottom: 0.3rem; color: #666; font-weight: 500;"><?= htmlspecialchars($data['buyer_phone']) ?></p> <p style="margin-bottom: 0.3rem; color: #666; font-weight: 500;"><?= htmlspecialchars($data['buyer_phone']) ?></p>
<p class="fw-black" style="color: var(--primary-color); margin-top: 1.5rem; filter: brightness(0.8);">Bank Verification ID: <?= htmlspecialchars($data['bank_id']) ?></p> <p class="fw-black" style="color: var(--primary-color); margin-top: 1.5rem; filter: brightness(0.8);">Transaction ID: <br><span style="font-size: 0.8rem; font-family: monospace;"><?= htmlspecialchars($data['transaction_id']) ?></span></p>
</div> </div>
<div> <div>
<h4 style="border-bottom: 1px solid #eee; padding-bottom: 0.5rem; margin-bottom: 1.5rem; color: #aaa; font-size: 0.75rem; text-transform: uppercase; letter-spacing: 2px; font-weight: 800;">Seller Information</h4> <h4 style="border-bottom: 1px solid #eee; padding-bottom: 0.5rem; margin-bottom: 1.5rem; color: #aaa; font-size: 0.75rem; text-transform: uppercase; letter-spacing: 2px; font-weight: 800;">Seller Information</h4>
@ -66,35 +74,67 @@ if (!$data) {
<table style="width: 100%; border-collapse: collapse; border: 1px solid #eee;"> <table style="width: 100%; border-collapse: collapse; border: 1px solid #eee;">
<thead> <thead>
<tr style="background: #fcfcfc; text-align: left;"> <tr style="background: #fcfcfc; text-align: left;">
<th style="padding: 1.2rem; border-bottom: 2px solid #eee; color: #333;">Transaction Description</th> <th style="padding: 1.2rem; border-bottom: 2px solid #eee; color: #333;">Item Description</th>
<th style="padding: 1.2rem; border-bottom: 2px solid #eee; text-align: right; color: #333;">Price (USD)</th> <th style="padding: 1.2rem; border-bottom: 2px solid #eee; text-align: right; color: #333;">Amount (USD)</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td style="padding: 2rem 1.2rem; border-bottom: 1px solid #eee;"> <td style="padding: 1.5rem 1.2rem; border-bottom: 1px solid #eee;">
<div class="fw-black" style="font-size: 1.3rem; color: #333;"><?= htmlspecialchars($data['brand'] . ' ' . $data['model']) ?></div> <div class="fw-black" style="font-size: 1.3rem; color: #333;"><?= htmlspecialchars($data['brand'] . ' ' . $data['model']) ?></div>
<div style="color: #888; font-size: 0.9rem; margin-top: 0.5rem; font-weight: 500;"><?= $data['year'] ?> Model Vehicle - Secured Transaction</div> <div style="color: #888; font-size: 0.9rem; margin-top: 0.5rem; font-weight: 500;"><?= $data['year'] ?> Model Vehicle - Base Price</div>
</td> </td>
<td style="padding: 2rem 1.2rem; border-bottom: 1px solid #eee; text-align: right; font-weight: 800; font-size: 1.3rem; color: #333;">$<?= number_format($data['price']) ?></td> <td style="padding: 1.5rem 1.2rem; border-bottom: 1px solid #eee; text-align: right; font-weight: 800; font-size: 1.3rem; color: #333;">$<?= number_format($data['base_price'], 2) ?></td>
</tr>
<tr>
<td style="padding: 1rem 1.2rem; border-bottom: 1px solid #eee;">
<div style="color: #666; font-weight: 600;">Marketplace Service Fee</div>
</td>
<td style="padding: 1rem 1.2rem; border-bottom: 1px solid #eee; text-align: right; font-weight: 700; color: #333;">$<?= number_format($data['marketplace_fee'], 2) ?></td>
</tr>
<tr>
<td style="padding: 1rem 1.2rem; border-bottom: 1px solid #eee;">
<div style="color: #666; font-weight: 600;">Automotive Sales Tax</div>
</td>
<td style="padding: 1rem 1.2rem; border-bottom: 1px solid #eee; text-align: right; font-weight: 700; color: #333;">$<?= number_format($data['tax'], 2) ?></td>
</tr> </tr>
</tbody> </tbody>
<tfoot> <tfoot>
<tr style="background: #fafafa;"> <tr style="background: #fafafa;">
<td style="padding: 2.5rem 1.2rem; text-align: right; font-weight: 700; font-size: 1.2rem; color: #666;">Total Transaction Amount</td> <td style="padding: 2.5rem 1.2rem; text-align: right; font-weight: 700; font-size: 1.2rem; color: #666;">Total Payable Amount</td>
<td style="padding: 2.5rem 1.2rem; text-align: right; font-weight: 900; font-size: 2.2rem; color: var(--primary-color); filter: brightness(0.8);">$<?= number_format($data['price']) ?></td> <td style="padding: 2.5rem 1.2rem; text-align: right; font-weight: 900; font-size: 2.2rem; color: var(--primary-color); filter: brightness(0.8);">$<?= number_format($data['total_amount'], 2) ?></td>
</tr> </tr>
</tfoot> </tfoot>
</table> </table>
</div> </div>
<div class="grid" style="grid-template-columns: 1fr 3fr; gap: 2rem; margin-top: 3rem; position: relative; z-index: 1;">
<div style="background: #f9f9f9; padding: 1.5rem; display: flex; align-items: center; justify-content: center; border: 1px solid #eee; border-radius: 10px;">
<!-- Placeholder for QR Code -->
<div style="text-align: center;">
<div style="width: 120px; height: 120px; background: #333; padding: 10px; border-radius: 5px; position: relative;">
<div style="width: 100%; height: 100%; background: #fff; border: 5px solid #333; display: grid; grid-template-columns: repeat(4, 1fr);">
<?php for($i=0;$i<16;$i++): ?>
<div style="background: <?= rand(0,1) ? '#000' : '#fff' ?>;"></div>
<?php endfor; ?>
</div>
</div>
<p style="font-size: 0.6rem; margin-top: 0.5rem; color: #888; font-weight: 700; text-transform: uppercase;">Scan to Verify</p>
</div>
</div>
<div style="display: flex; flex-direction: column; justify-content: center;">
<h5 style="margin: 0 0 0.5rem 0; color: #aaa; text-transform: uppercase; font-size: 0.7rem; letter-spacing: 1px; font-weight: 800;">SHA256 Verification Code</h5>
<p style="font-family: monospace; font-size: 0.75rem; word-break: break-all; color: #666; margin: 0; padding: 1rem; background: #f0f0f0; border-radius: 5px;"><?= $verificationHash ?></p>
</div>
</div>
<div class="mt-3 text-center" style="border-top: 2px dashed #eee; padding-top: 2.5rem; color: #aaa; font-size: 0.85rem; font-weight: 600; position: relative; z-index: 1; letter-spacing: 0.5px;"> <div class="mt-3 text-center" style="border-top: 2px dashed #eee; padding-top: 2.5rem; color: #aaa; font-size: 0.85rem; font-weight: 600; position: relative; z-index: 1; letter-spacing: 0.5px;">
<p style="margin-bottom: 0.5rem;">This official document is computer-generated and verified by AfgCars Security Systems.</p> <p style="margin-bottom: 0.5rem;">This official document is computer-generated and verified by AfgCars Enterprise Systems.</p>
<p style="color: #ccc;">NATIONAL AUTOMOTIVE REGISTRY OF AFGHANISTAN SECURE MARKETPLACE VERIFICATION</p> <p style="color: #ccc;">ESCROW STATUS: <?= strtoupper($data['escrow_status'] ?: 'held_in_escrow') ?> • PAYMENT METHOD: <?= strtoupper($data['payment_method'] ?: 'bank_transfer') ?></p>
</div> </div>
<!-- Paid Badge --> <!-- Status Badge -->
<div style="position: absolute; bottom: 80px; right: 60px; border: 6px double #2ed573; color: #2ed573; padding: 15px 30px; font-size: 2.5rem; font-weight: 900; transform: rotate(-15deg); border-radius: 12px; opacity: 0.6; pointer-events: none;">PAID</div> <div style="position: absolute; bottom: 120px; right: 60px; border: 6px double #2ed573; color: #2ed573; padding: 15px 30px; font-size: 2.5rem; font-weight: 900; transform: rotate(-15deg); border-radius: 12px; opacity: 0.6; pointer-events: none; text-transform: uppercase;"><?= $data['status'] ?></div>
</div> </div>
<div class="mt-3 flex justify-center gap-1"> <div class="mt-3 flex justify-center gap-1">
@ -108,7 +148,7 @@ if (!$data) {
nav, footer, .btn, .nav-actions { display: none !important; } nav, footer, .btn, .nav-actions { display: none !important; }
body { background: #fff !important; color: #000 !important; } body { background: #fff !important; color: #000 !important; }
.container { max-width: 100% !important; padding: 0 !important; margin: 0 !important; } .container { max-width: 100% !important; padding: 0 !important; margin: 0 !important; }
.glass { border: none !important; box-shadow: none !important; background: #fff !important; } .glass { border: none !important; box-shadow: none !important; background: #fff !important; border-radius: 0 !important; }
} }
</style> </style>