Hamza/Siro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update: 2026-06-16 22:44:11

Browse Source
This commit is contained in:
Hamza-Ayed
2026-06-16 22:44:11 +03:00
parent b516fbc4ed
commit 2c3816badb
97 changed files with 10137 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
walletintaleq.intaleq.xyz/v2/main/ride/payMob/wallet/error_log Normal file
View File

@@ -0,0 +1,27 @@
[21-Mar-2025 19:37:11 Europe/Berlin] PHP Notice: Array to string conversion in /home2/seferli1/wallet.sefer.live/seferpw.shop/sefer/ride/payMob/wallet/paymob_webhook.php on line 15
[21-Mar-2025 19:37:11 Europe/Berlin] Data: Array
[21-Mar-2025 19:37:11 Europe/Berlin] ✅ Valid HMAC signature verified.
[21-Mar-2025 19:37:11 Europe/Berlin] ❌ Invalid payment status:
[21-Mar-2025 19:37:11 Europe/Berlin] ❌ فشل الدفع عبر المحفظة!
[21-Mar-2025 19:37:11 Europe/Berlin]
[21-Mar-2025 19:38:41 Europe/Berlin] PHP Notice: Array to string conversion in /home2/seferli1/wallet.sefer.live/seferpw.shop/sefer/ride/payMob/wallet/paymob_webhook.php on line 15
[21-Mar-2025 19:38:41 Europe/Berlin] Data: Array
[21-Mar-2025 19:38:41 Europe/Berlin] ✅ Valid HMAC signature verified.
[21-Mar-2025 19:38:41 Europe/Berlin] ❌ Invalid payment status:
[21-Mar-2025 19:38:41 Europe/Berlin] ❌ فشل الدفع عبر المحفظة!
[21-Mar-2025 19:38:41 Europe/Berlin]
[21-Mar-2025 19:39:40 Europe/Berlin] PHP Notice: Array to string conversion in /home2/seferli1/wallet.sefer.live/seferpw.shop/sefer/ride/payMob/wallet/paymob_webhook.php on line 15
[21-Mar-2025 19:39:40 Europe/Berlin] Data: Array
[21-Mar-2025 19:39:40 Europe/Berlin] ✅ Valid HMAC signature verified.
[21-Mar-2025 19:39:40 Europe/Berlin] ❌ Invalid payment status:
[21-Mar-2025 19:39:40 Europe/Berlin] ❌ فشل الدفع عبر المحفظة!
[21-Mar-2025 19:41:14 Europe/Berlin] ✅ Valid HMAC signature verified.
[21-Mar-2025 19:41:14 Europe/Berlin] ❌ Invalid payment status:
[21-Mar-2025 19:41:14 Europe/Berlin] ❌ فشل الدفع عبر المحفظة!
[21-Mar-2025 19:41:58 Europe/Berlin] ✅ Valid HMAC signature verified.
[21-Mar-2025 19:41:58 Europe/Berlin] ❌ Invalid payment status:
[21-Mar-2025 19:41:59 Europe/Berlin] ❌ فشل الدفع عبر المحفظة!
[21-Mar-2025 19:43:19 Europe/Berlin] redirect_url ishttps://vcheckout.paymobsolutions.com/checkout/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE3NDI1ODI4OTksImlkIjo2MTk5MDYyNzI0fQ.KH7jKKINyVzxJMH9IT2MyiAXRK_yMHVw-f4pIzyHzj0
[22-Mar-2025 15:38:59 Europe/Berlin] ✅ Valid HMAC signature verified.
[22-Mar-2025 15:38:59 Europe/Berlin] ❌ Invalid payment status:
[22-Mar-2025 15:39:00 Europe/Berlin] ❌ فشل الدفع عبر المحفظة!

129
walletintaleq.intaleq.xyz/v2/main/ride/payMob/wallet/payWithPayMob.php Normal file
View File

@@ -0,0 +1,129 @@
<?php
include "../../../jwtconnect.php";
// 1. احصل على AUTH TOKEN
$api_key = getenv("payMobApiKey1");
$integration_id = getenv("paymobIntegratedIdWallet");
$email = filterRequest("email");
$first_name = filterRequest("first_name");
$last_name = filterRequest("last_name");
$phone_number = filterRequest("phone_number");
$wallet_phone = filterRequest("phone_number");
$amount = filterRequest("amount");
$auth_url = "https://accept.paymob.com/api/auth/tokens";
$auth_data = json_encode(["api_key" => $api_key]);
$response = callAPI("POST", $auth_url, $auth_data);
$auth_token = $response->token ?? null;
if (!$auth_token) {
error_log("❌ فشل الحصول على AUTH TOKEN!");
die("❌ فشل الحصول على AUTH TOKEN!");
}
// 2. أنشئ الطلب ORDER
$order_url = "https://accept.paymob.com/api/ecommerce/orders";
$order_data = [
"auth_token" => $auth_token,
"delivery_needed" => false,
"amount_cents" => $amount,
"currency" => "EGP",
"merchant_order_id" => uniqid(),
"items" => []
];
$response = callAPI("POST", $order_url, json_encode($order_data));
$order_id = $response->id ?? null;
if (!$order_id) {
error_log("❌ فشل إنشاء الطلب!");
die("❌ فشل إنشاء الطلب!");
}
// error_log("orde is" .$order_id);
// 3. احصل على Payment Key
$payment_key_url = "https://accept.paymob.com/api/acceptance/payment_keys";
$payment_key_data = [
"auth_token" => $auth_token,
"amount_cents" => $amount,
"expiration" => 3600,
"order_id" => $order_id,
"billing_data" => [
"first_name" => $first_name,
"last_name" => $last_name,
"email" => $email,
"phone_number" => $phone_number,
"country" => "EG",
"city" => "Cairo",
"state" => "shobra",
"street" => "Test St.",
"building" => "1",
"apartment" => "10",
"floor" => "2",
"postal_code" => "12345",
"shipping_method" => "wallet"
],
"currency" => "EGP",
"integration_id" => $integration_id // إذا كان مضبوط
];
$response = callAPI("POST", $payment_key_url, json_encode($payment_key_data));
$payment_token = $response->token ?? null;
// error_log("payment_token is" .$payment_token);
if (!$payment_token) {
error_log("❌ فشل الحصول على PAYMENT TOKEN!");
die("❌ فشل الحصول على PAYMENT TOKEN!");
}
// error_log("phone wallet is ".$wallet_phone);
// 4. الدفع عبر المحفظة Wallet
$redirect_url = payWithWallet($payment_token, $wallet_phone);
if ($redirect_url) {
printSuccess($redirect_url);
error_log("redirect_url is" .$redirect_url);
} else {
error_log("❌ فشل الدفع عبر المحفظة!");
printFailure("Payment verified, but failed to generate token.");
// die("❌ فشل الدفع عبر المحفظة!");
}
// دالة لطلب API عبر CURL
function callAPI($method, $url, $data)
{
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_CUSTOMREQUEST => $method,
CURLOPT_POSTFIELDS => $data,
CURLOPT_HTTPHEADER => ["Content-Type: application/json"]
]);
$response = curl_exec($curl);
curl_close($curl);
return json_decode($response);
}
// الدالة الخاصة بالدفع بالمحفظة
function payWithWallet($paymentToken, $walletPhone)
{
$url = "https://accept.paymob.com/api/acceptance/payments/pay";
$data = [
"source" => [
"identifier" => $walletPhone,
"subtype" => "WALLET"
],
"payment_token" => $paymentToken
];
// Log the full data being sent to Paymob
// error_log("Data being sent to Paymob: " . json_encode($data));
$response = callAPI("POST", $url, json_encode($data));
// Log the full response for debugging
// error_log("Payment response: " . print_r($response, true));
return $response->redirect_url ?? null;
}

358
walletintaleq.intaleq.xyz/v2/main/ride/payMob/wallet/paymet_verfy.php Normal file
View File

@@ -0,0 +1,358 @@
<?php
include "../../../jwtconnect.php";
define("BASE_URL", "https://wl.tripz-egypt.com/v1/main/ride");
define("LOG_FILE", "../logs/payment_verification.log"); // Define log file path
// Function to write to error log
function logError($step, $message, $data = null) {
$timestamp = date('Y-m-d H:i:s');
$logEntry = "[{$timestamp}] STEP {$step}: {$message}";
if ($data !== null) {
$logEntry .= " | Data: " . json_encode($data);
}
// Ensure log directory exists
$logDir = dirname(LOG_FILE);
if (!is_dir($logDir)) {
mkdir($logDir, 0755, true);
}
// Append to log file
file_put_contents(LOG_FILE, $logEntry . PHP_EOL, FILE_APPEND);
// Also log to PHP error log for server monitoring
// error_log("PAYMENT_VERIFICATION: {$logEntry}");
}
// Receive parameters from GET request
$user_id = filterRequest("user_id");
$passengerId = filterRequest("passengerId");
$paymentMethod = filterRequest("paymentMethod");
// Log initial request
// logError("0", "Request received", [
// "user_id" => $user_id,
// "passengerId" => $passengerId
// ]);
// Validate user_id and passengerId
if (!$user_id || !$passengerId) {
// logError("1", "Invalid parameters", [
// "user_id" => $user_id,
// "passengerId" => $passengerId
// ]);
printFailure("Invalid user ID or passenger ID.");
exit;
}
try {
// Step 1: Get the latest successful payment
// logError("1", "Querying latest payment", ["user_id" => $user_id]);
$stmt = $con->prepare("SELECT * FROM paymentsLog WHERE user_id = :user_id AND created_at >= DATE_SUB(NOW(), INTERVAL 2 MINUTE)
ORDER BY created_at DESC
LIMIT 1");
$stmt->bindParam(':user_id', $user_id, PDO::PARAM_STR);
$stmt->execute();
$payment = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$payment) {
logError("1", "No payment found", ["user_id" => $user_id]);
printFailure("No payment data found.");
exit;
}
// logError("1", "Payment found", [
// "payment_id" => $payment['id'] ?? 'unknown',
// "status" => $payment['status'],
// "amount" => $payment['amount']/100 ?? 'unknown'
// ]);
// Step 2: Check payment status
if ($payment['status'] != 1) {
// logError("2", "Payment not successful", ["status" => $payment['status']]);
printFailure("Payment is not successful yet.");
exit;
}
// logError("2", "Payment status verified", ["status" => $payment['status']]);
$amount = $payment['amount']/100; // Paid amount
// Step 3: Calculate bonus based on the paid amount
// logError("3", "Calculating bonus", ["amount" => $amount]);
$finalAmount = calculateBonus($amount);
if ($finalAmount <= 0) {
// logError("3", "Bonus calculation failed", [
// "original_amount" => $amount,
// "calculated_amount" => $finalAmount
// ]);
printFailure("Invalid amount for bonus calculation.");
exit;
}
// logError("3", "Bonus calculated", [
// "original_amount" => $amount,
// "final_amount" => $finalAmount
// ]);
// // Step 4: Generate payment token
// logError("4", "Generating payment token", [
// "passengerId" => $passengerId,
// "amount" => $finalAmount
// ]);
$token = generatePaymentToken($passengerId, $finalAmount);
if (!$token) {
// logError("4", "Token generation failed");
printFailure("Payment verified, but failed to generate token.");
exit;
}
// logError("4", "Token generated successfully", ["token_length" => strlen($token)]);
// // Step 5: Add balance to passenger's wallet
// logError("5", "Adding balance to passenger wallet", [
// "passengerId" => $passengerId,
// "amount" => $finalAmount
// ]);
$walletResult = addToPassengerWallet($passengerId, $finalAmount, $token);
if (!$walletResult || !isset($walletResult['status']) || $walletResult['status'] != "success") {
// logError("5", "Failed to add balance to passenger wallet", $walletResult);
printFailure("Payment verified, but failed to add balance to passenger wallet.");
exit;
}
// logError("5", "Balance added to passenger wallet", $walletResult);
// Step 6: Add balance to Siro wallet
// logError("6", "Adding balance to Siro wallet", [
// "passengerId" => $passengerId,
// "amount" => $finalAmount,
// "paymentMethod" => $paymentMethod
// ]);
$token = generatePaymentToken($passengerId, $finalAmount);
if (!$token) {
// logError("4", "Token generation failed");
printFailure("Payment verified, but failed to generate token.");
exit;
}
// logError("4", "Token generated successfully", ["token_length" => strlen($token)]);
$siroWalletResult = addToSiroWallet($passengerId, $amount, $paymentMethod);
if (!$siroWalletResult || !isset($siroWalletResult['status']) || $siroWalletResult['status'] != "success") {
// logError("6", "Failed to add balance to Siro wallet", $siroWalletResult);
printFailure("Payment verified, but failed to add balance to Siro wallet.");
exit;
}
// logError("6", "Balance added to Siro wallet", $siroWalletResult);
// // Final success
// logError("7", "Process completed successfully", [
// "payment_id" => $payment['id'] ?? 'unknown',
// "amount" => $finalAmount,
// "passengerId" => $passengerId
// ]);
printSuccess( "Payment data saved successfully");
} catch (PDOException $e) {
logError("ERROR", "Database error: " . $e->getMessage());
printFailure("Database error occurred.");
} catch (Exception $e) {
logError("ERROR", "General error: " . $e->getMessage());
printFailure("An error occurred during payment verification.");
}
// 🎯 Function to generate payment token with error logging
function generatePaymentToken($passengerId, $amount) {
$url = BASE_URL . "/passengerWallet/addPaymentTokenPassenger.php";
$postData = [
'passengerId' => $passengerId,
'amount' => $amount
];
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postData));
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$curlError = curl_error($ch);
curl_close($ch);
if ($curlError) {
logError("4.1", "cURL error in token generation", [
"error" => $curlError,
"url" => $url
]);
return null;
}
if ($httpCode != 200) {
logError("4.2", "HTTP error in token generation", [
"http_code" => $httpCode,
"response" => $response
]);
return null;
}
$data = json_decode($response, true);
if (!$data || !isset($data['message'])) {
logError("4.3", "Invalid response format in token generation", [
"response" => $response
]);
return null;
}
return $data['message']; // ✅ Return token
}
// 🎯 Function to add balance to passenger's wallet with error logging
function addToPassengerWallet($passengerId, $amount, $token) {
$url = BASE_URL . "/passengerWallet/add.php";
$postData = [
'passenger_id' => $passengerId,
'balance' => $amount,
'token' => $token
];
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postData));
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$curlError = curl_error($ch);
curl_close($ch);
if ($curlError) {
logError("5.1", "cURL error in passenger wallet update", [
"error" => $curlError,
"url" => $url
]);
return null;
}
if ($httpCode != 200) {
logError("5.2", "HTTP error in passenger wallet update", [
"http_code" => $httpCode,
"response" => $response
]);
return null;
}
$data = json_decode($response, true);
if (!$data) {
logError("5.3", "Invalid response format in passenger wallet update", [
"response" => $response
]);
return null;
}
return $data; // ✅ Return result
}
// 🎯 Function to add balance to Siro wallet with error logging
function addToSiroWallet($passengerId, $amount, $paymentMethod) {
// Generate a new token specifically for the Siro wallet
$siroToken = generatePaymentToken($passengerId, $amount);
if (!$siroToken) {
logError("6.0.1", "Failed to generate Siro token");
return null;
}
logError("6.0.2", "Generated new Siro token", [
"token_length" => ($siroToken)
]);
$url = BASE_URL . "/siroWallet/add.php";
$postData = [
'amount' => $amount,
'paymentMethod' => $paymentMethod,
'passengerId' => $passengerId,
'token' => $siroToken, // Use the new Siro-specific token
'driverId' => 'passenger'
];
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postData));
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$curlError = curl_error($ch);
curl_close($ch);
if ($curlError) {
logError("6.1", "cURL error in Siro wallet update", [
"error" => $curlError,
"url" => $url
]);
return null;
}
if ($httpCode != 200) {
logError("6.2", "HTTP error in Siro wallet update", [
"http_code" => $httpCode,
"response" => $response
]);
return null;
}
$data = json_decode($response, true);
if (!$data) {
logError("6.3", "Invalid response format in Siro wallet update", [
"response" => $response
]);
return null;
}
return $data; // ✅ Return result
}
// 🎯 Function to calculate bonus
function calculateBonus($amount) {
logError("3.1", "Bonus calculation input", ["amount" => $amount]);
$result = 0;
if ($amount == 100) $result = 100;
else if ($amount == 200) $result = 215;
else if ($amount == 400) $result = 450;
else if ($amount == 1000) $result = 1140;
logError("3.2", "Bonus calculation result", [
"input" => $amount,
"output" => $result
]);
return $result;
}
?>

137
walletintaleq.intaleq.xyz/v2/main/ride/payMob/wallet/paymob_webhook.php Normal file
View File

@@ -0,0 +1,137 @@
<?php
include "../../../jwtconnect.php";
// ------------------------------
// قراءة HMAC من الهيدر أو من الـ query
// ------------------------------
$received_hmac = $_SERVER['HTTP_HMAC'] ?? ($_GET['hmac'] ?? '');
$received_hmac = trim($received_hmac);
// ------------------------------
// قراءة البيانات القادمة من Paymob
// ------------------------------
$raw_body = file_get_contents("php://input");
$data = json_decode($raw_body, true);
// ------------------------------
// المفتاح السري
// ------------------------------
$secret_key = getenv('hmacPaymob');
// ------------------------------
// دالة لتحويل القيم إلى النصوص
// ------------------------------
function normalize($value) {
if ($value === true) return 'true';
if ($value === false) return 'false';
if (is_null($value)) return '';
return (string)$value;
}
// ------------------------------
// التحقق من صحة HMAC
// ------------------------------
function isValidHmac($data, $secret_key, $received_hmac) {
if (!isset($data['obj'])) return false;
$obj = $data['obj'];
// دمج جميع الحقول بشكل متسلسل
$fields = [
normalize($obj['amount_cents'] ?? ''),
normalize($obj['created_at'] ?? ''),
normalize($obj['currency'] ?? ''),
normalize($obj['error_occured'] ?? false),
normalize($obj['has_parent_transaction'] ?? false),
normalize($obj['id'] ?? ''),
normalize($obj['integration_id'] ?? ''),
normalize($obj['is_3d_secure'] ?? false),
normalize($obj['is_auth'] ?? false),
normalize($obj['is_capture'] ?? false),
normalize($obj['is_refunded'] ?? false),
normalize($obj['is_standalone_payment'] ?? false),
normalize($obj['is_voided'] ?? false),
normalize($obj['order']['id'] ?? ''),
normalize($obj['owner'] ?? ''),
normalize($obj['pending'] ?? false),
normalize($obj['source_data']['pan'] ?? ''),
normalize($obj['source_data']['sub_type'] ?? ''),
normalize($obj['source_data']['type'] ?? ''),
normalize($obj['success'] ?? false)
];
// دمج الحقول في رسالة واحدة
$message = implode('', $fields);
// حساب HMAC باستخدام المفتاح السري
$calculated_hmac = hash_hmac('sha512', $message, $secret_key);
// طباعة الرسائل لأغراض التصحيح
// error_log("🔐 Message used for HMAC: " . $message);
// error_log("🔐 Calculated HMAC: " . $calculated_hmac);
// error_log("📩 Received HMAC: " . $received_hmac);
// error_log("Calculated HMAC length: " . strlen($calculated_hmac));
// error_log("Received HMAC length: " . strlen($received_hmac));
// التحقق من تطابق HMAC
if (hash_equals($calculated_hmac, $received_hmac)) {
error_log("✅ Valid HMAC signature verified.");
return $calculated_hmac;
} else {
http_response_code(401);
echo json_encode(["error" => "Unauthorized Invalid HMAC"]);
exit;
}
}
isValidHmac($data, $secret_key, $received_hmac);
// ------------------------------
// إذا كانت HMAC صحيحة، نتابع العملية
// ------------------------------
if ($data && isset($data['obj'])) {
$transaction = $data['obj'];
$payment_id = $transaction['id'] ?? null;
$amount = $transaction['amount_cents'] ?? 0;
$status = $transaction['success'] ?? false;
$is_voided = $transaction['is_voided'] ?? false;
$is_refunded = $transaction['is_refunded'] ?? false;
$order_id = $transaction['order']['id'] ?? null;
$merchant_order_id = $transaction['order']['merchant_order_id'] ?? null;
$payment_method = $transaction['source_data']['type'] ?? 'unknown';
$card_last4 = $transaction['source_data']['pan'] ?? '****';
$transaction_type = $transaction['data']['migs_transaction']['type'] ?? 'UNKNOWN';
$created_at = $transaction['created_at'] ?? date("Y-m-d H:i:s");
$user_id = $transaction['order']['shipping_data']['phone_number'];
// التحقق من حالة الدفع
if (!$status) {
error_log("❌ Invalid payment status: " . $status);
echo json_encode(["error" => "Invalid payment status"]);
exit;
}
// إضافة البيانات إلى قاعدة البيانات
$query = "INSERT INTO paymentsLog (`payment_id`, `user_id`, `amount`, `status`)
VALUES (:payment_id, :user_id, :amount, :status)";
$stmt = $con->prepare($query);
$stmt->bindParam(':payment_id', $payment_id);
$stmt->bindParam(':user_id', $user_id);
$stmt->bindParam(':amount', $amount);
$stmt->bindParam(':status', $status);
try {
$stmt->execute();
if ($stmt->rowCount() > 0) {
http_response_code(200);
echo json_encode(["success" => true, "message" => "Payment data saved successfully"]);
} else {
http_response_code(200);
echo json_encode(["success" => false, "message" => "Payment data already up to date."]);
}
} catch (PDOException $e) {
http_response_code(500);
echo json_encode(["error" => "Failed to execute the query: " . $e->getMessage()]);
}
}
?>