Hamza/Siro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update: 2026-06-16 22:44:11

Browse Source
This commit is contained in:
Hamza-Ayed
2026-06-16 22:44:11 +03:00
parent b516fbc4ed
commit 2c3816badb
97 changed files with 10137 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
walletintaleq.intaleq.xyz/v2/main/ride/syriatel/archive.zip Executable file
View File

Binary file not shown.

237
walletintaleq.intaleq.xyz/v2/main/ride/syriatel/driver/confirm_payment.php Executable file
View File

@@ -0,0 +1,237 @@
<?php
// /v1/main/ride/syriatel/driver/confirm_payment.php
// يعتمد على jwtconnect.php و syriatel_token_handler.php فقط
include_once "../../../jwtconnect.php";
include_once "./syriatel_token_handler.php";
header('Content-Type: application/json; charset=utf-8');
// ================== Helpers (طباعة/لوج) ==================
if (!function_exists('printSuccess')) {
function printSuccess($data = null, $message = "success") {
echo json_encode(["status" => "success", "message" => $message, "data" => $data], JSON_UNESCAPED_UNICODE);
exit;
}
}
if (!function_exists('printFailure')) {
function printFailure($message = "failure", $code = null) {
$resp = ["status" => "failure", "message" => $message];
if ($code !== null) $resp["code"] = $code;
echo json_encode($resp, JSON_UNESCAPED_UNICODE);
exit;
}
}
define("WALLET_LOG", __DIR__ . "/../logs/payment_verification.log");
function wlog($step, $msg, $data = null) {
$dir = dirname(WALLET_LOG);
if (!is_dir($dir)) { @mkdir($dir, 0755, true); }
$line = "[".date('Y-m-d H:i:s')."] STEP {$step}: {$msg}";
if ($data !== null) $line .= " | Data: ".json_encode($data, JSON_UNESCAPED_UNICODE);
file_put_contents(WALLET_LOG, $line.PHP_EOL, FILE_APPEND);
}
// ================== منطق التوكن/المعرف ==================
function generateToken(PDO $con, string $driverId, float $amount): ?string {
// secretKey يُفترض قادم من connect/env
global $secretKey;
$data = $driverId.$amount.time().($secretKey ?? 'default_secret');
$hash = hash('sha256', $data);
$rand = bin2hex(random_bytes(16));
$token = substr($hash.$rand, 0, 64);
$stmt = $con->prepare("INSERT INTO payment_tokens (token, driverID, dateCreated, amount)
VALUES (:t, :d, NOW(), :a)");
$stmt->execute([':t'=>$token, ':d'=>$driverId, ':a'=>$amount]);
return $stmt->rowCount() ? $token : null;
}
function generatePaymentID(PDO $con, string $driverId, float $amount, string $method): ?string {
$stmt = $con->prepare("INSERT INTO paymentsDriverPoints (amount, payment_method, driverID)
VALUES (:a, :m, :d)");
$stmt->execute([':a'=>$amount, ':m'=>$method, ':d'=>$driverId]);
return $stmt->rowCount() ? $con->lastInsertId() : null;
}
// ================== منطق إنهاء الدفع (مضمَّن) ==================
function finalizeWalletPaymentInline(PDO $con, string $orderRef): void {
// نقفل الصف لمنع السباقات
$stmt = $con->prepare("SELECT * FROM paymentsLogSyriaDriver
WHERE order_ref = :r LIMIT 1 FOR UPDATE");
$stmt->execute([':r'=>$orderRef]);
$payment = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$payment) {
wlog("FINALIZE", "Payment row not found", ['orderRef'=>$orderRef]);
throw new RuntimeException("Payment not found.");
}
// نتأكد من نجاح مزود الدفع
if ((int)$payment['status'] !== 1) {
wlog("FINALIZE", "Payment not completed yet", ['orderRef'=>$orderRef, 'status'=>$payment['status']]);
throw new RuntimeException("Payment not completed.");
}
// حارس التكرار: إذا تمّت معالجة المحفظة سابقاً لا نكرر
if (!empty($payment['processed_wallet']) && (int)$payment['processed_wallet'] === 1) {
wlog("FINALIZE", "Already processed_wallet=1, skip.", ['orderRef'=>$orderRef]);
return; // لا نرمي استثناء؛ العملية سبق احتسابها
}
$driverId = $payment['user_id']; // This is now correctly handled as a string
$originalAmount = (float)$payment['amount'];
$paymentMethod = $payment['payment_method'] ?: 'ecash';
// البونص
$bonusAmount = match ((int)$originalAmount) {
100 => 100.0,
200 => 210.0,
400 => 450.0,
1000 => 1100.0,
default => $originalAmount,
};
// تنفيذ ككل داخل معاملة
$con->beginTransaction();
try {
// توليد التوكنات/المعرف
$tokenDriver = generateToken($con, $driverId, $bonusAmount);
if (!$tokenDriver) throw new RuntimeException("Failed to generate driver token");
$tokenSiro = generateToken($con, $driverId, $originalAmount);
if (!$tokenSiro) throw new RuntimeException("Failed to generate siro token");
$paymentID = generatePaymentID($con, $driverId, $bonusAmount, $paymentMethod);
if (!$paymentID) throw new RuntimeException("Failed to create payment ID");
// driverWallet
$q = $con->prepare("INSERT INTO driverWallet (driverID, paymentID, amount, paymentMethod)
VALUES (:d, :r, :a, :m)");
$q->execute([
':d'=>$driverId, ':a'=>$bonusAmount,
':m'=>$paymentMethod, ':r'=>$orderRef
]);
if ($q->rowCount() === 0) throw new RuntimeException("Insert driverWallet failed");
// وسم التوكن كمستخدم
$con->prepare("UPDATE payment_tokens SET isUsed = 1 WHERE token = :t")->execute([':t'=>$tokenDriver]);
// siroWallet
$q2 = $con->prepare("INSERT INTO siroWallet (driverId, passengerId, amount, paymentMethod, token, createdAt)
VALUES (:d, :p, :a, :m, :t, CURRENT_TIMESTAMP)");
$q2->execute([
':d'=>$driverId, ':p'=>'driver', ':a'=>$originalAmount,
':m'=>$paymentMethod, ':t'=>$tokenSiro
]);
if ($q2->rowCount() === 0) throw new RuntimeException("Insert siroWallet failed");
$con->prepare("UPDATE payment_tokens SET isUsed = 1 WHERE token = :t")->execute([':t'=>$tokenSiro]);
// تأشير السجل كمنتهٍ للمحفظة
$con->prepare("UPDATE paymentsLogSyriaDriver
SET processed_wallet = 1, updated_at = NOW()
WHERE order_ref = :r")->execute([':r'=>$orderRef]);
$con->commit();
wlog("FINALIZE", "Wallets updated successfully", ['orderRef'=>$orderRef, 'driverId'=>$driverId]);
} catch (Throwable $e) {
$con->rollBack();
wlog("FINALIZE", "Exception: ".$e->getMessage(), ['orderRef'=>$orderRef]);
throw $e;
}
}
// ================== مدخل تأكيد الدفع ==================
$transactionID = filterRequest('transactionID');
$otp = filterRequest('otp');
error_log("Syriatel Confirm: Request for transaction {$transactionID}");
if (!$transactionID || !$otp) {
printFailure("Missing transaction ID or OTP.");
}
// بيئة
$baseUrl = rtrim((string)getenv('SYRIATEL_API_BASE_URL'), '/');
$merchantMSISDN = (string)getenv('SYRIATEL_MERCHANT_MSISDN');
if ($baseUrl === '' || $merchantMSISDN === '') {
error_log("Syriatel Confirm: Missing SYRIATEL envs");
printFailure("Server configuration error.");
}
try {
// 1) Auth token
$token = function_exists('GetSerialToken') ? GetSerialToken() : getSyriatelToken();
if (!$token) { printFailure("Could not authenticate with the payment provider."); }
// 2) Call provider
$body = [
"OTP" => $otp,
"merchantMSISDN" => $merchantMSISDN,
"transactionID" => $transactionID,
"token" => $token
];
$url = "{$baseUrl}/ePaymentExternalModule/paymentConfirmation";
$ch = curl_init($url);
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode($body, JSON_UNESCAPED_UNICODE),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
"Content-Type: application/json",
"Accept: application/json",
"User-Agent: Mozilla/5.0",
],
CURLOPT_CONNECTTIMEOUT => 8,
CURLOPT_TIMEOUT => 40,
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_SSL_VERIFYHOST => 2,
]);
$response = curl_exec($ch);
$errno = curl_errno($ch);
$httpCode = (int)curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
error_log("Syriatel Confirm: HTTP {$httpCode} - ".substr((string)$response, 0, 300));
if ($errno) { printFailure("Payment gateway communication error.", $errno); }
if ($httpCode !== 200 || !$response) { printFailure("Payment gateway communication error (HTTP {$httpCode})."); }
$responseData = json_decode($response, true);
if (!is_array($responseData)) { printFailure("Invalid provider response."); }
$ok = (isset($responseData['errorDesc']) && $responseData['errorDesc'] === "Success");
if ($ok) {
// نحدّث حالة الدفع، ونُتم المحفظة بشكل آمن داخل نفس الطلب
$con->prepare("UPDATE paymentsLogSyriaDriver
SET status = 1, updated_at = NOW()
WHERE order_ref = :r")->execute([':r'=>$transactionID]);
// إنهاء المحفظة (داخلية)
$walletOk = true; $walletMsg = null;
try {
finalizeWalletPaymentInline($con, $transactionID);
} catch (Throwable $ex) {
$walletOk = false; $walletMsg = $ex->getMessage();
}
$payload = [
'message' => 'Payment confirmed.',
'transactionID' => $transactionID,
'provider' => $responseData
];
if (!$walletOk && $walletMsg) {
$payload['walletNotice'] = "Payment successful, but wallet update failed: ".$walletMsg;
}
printSuccess($payload);
}
$errorMessage = $responseData['errorDesc'] ?? 'Unknown provider error';
printFailure($errorMessage);
} catch (Throwable $e) {
error_log("Syriatel Confirm: Exception - ".$e->getMessage());
printFailure("An unexpected server error occurred.");
}

127
walletintaleq.intaleq.xyz/v2/main/ride/syriatel/driver/finalize_wallet_payment.php Executable file
View File

@@ -0,0 +1,127 @@
<?php
// wallet/finalize_wallet_payment.php
// تم حذف include_once من هنا لأنه يُفترض أن ملف الاتصال قد تم تحميله بالفعل
// بواسطة الملف الذي يستدعي هذه الدالة (confirm_payment.php).
// include_once "../../../jwtconnect.php";
define("LOG_FILE", __DIR__ . "/../logs/payment_verification.log");
if (!function_exists('logError')) {
function logError($step, $message, $data = null) {
$logDir = dirname(LOG_FILE);
if (!is_dir($logDir)) { mkdir($logDir, 0755, true); }
$logEntry = "[" . date('Y-m-d H:i:s') . "] STEP {$step}: {$message}";
if ($data !== null) { $logEntry .= " | Data: " . json_encode($data, JSON_UNESCAPED_UNICODE); }
file_put_contents(LOG_FILE, $logEntry . PHP_EOL, FILE_APPEND);
}
}
if (!function_exists('generateToken')) {
function generateToken($con, $driverId, $amount): ?string {
global $secretKey;
$data = $driverId . $amount . time() . ($secretKey ?? 'default_secret');
$hash = hash('sha256', $data);
$randomBytes = bin2hex(random_bytes(16));
$token = substr($hash . $randomBytes, 0, 64);
$stmt = $con->prepare("INSERT INTO payment_tokens (token, driverID, dateCreated, amount) VALUES (:token, :driverID, NOW(), :amount)");
$stmt->execute([':token' => $token, ':driverID' => $driverId, ':amount' => $amount]);
return $stmt->rowCount() > 0 ? $token : null;
}
}
if (!function_exists('generatePaymentID')) {
function generatePaymentID($con, $driverId, $amount, $method): ?string {
$stmt = $con->prepare("INSERT INTO paymentsDriverPoints (`amount`, `payment_method`, `driverID`) VALUES (:amount, :method, :driverID)");
$stmt->execute([':driverID' => $driverId, ':amount' => $amount, ':method' => $method]);
return $stmt->rowCount() > 0 ? $con->lastInsertId() : null;
}
}
if (!function_exists('finalizeWalletPayment')) {
function finalizeWalletPayment($con) {
$orderRef = $_GET['orderRef'] ?? null;
if (empty($orderRef)) {
logError("FINALIZE", "Missing orderRef");
return; // لا نستخدم throw هنا لأن الخطأ داخلي
}
// 1. تحقق من الدفع
$stmt = $con->prepare("SELECT * FROM `paymentsLogSyriaDriver` WHERE order_ref = :order_ref AND status = 1 LIMIT 1");
$stmt->execute([':order_ref' => $orderRef]);
$payment = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$payment) {
logError("FINALIZE", "Payment not found or not completed", ['orderRef' => $orderRef]);
return;
}
// [تحسين] استخدام معاملات لضمان سلامة البيانات
$con->beginTransaction();
try {
$driverId = $payment['user_id'];
$originalAmount = floatval($payment['amount']);
$paymentMethod = $payment['payment_method'] ?? 'ecash';
// حساب المكافأة
$bonusAmount = match ((int)$originalAmount) {
100 => 100.0,
200 => 210.0,
400 => 450.0,
1000 => 1100.0,
default => $originalAmount,
};
// إنشاء التوكنات
$tokenDriver = generateToken($con, $driverId, $bonusAmount);
if (!$tokenDriver) throw new Exception('Failed to generate driver token');
$tokenSiro = generateToken($con, $driverId, $originalAmount);
if (!$tokenSiro) throw new Exception('Failed to generate siro token');
$paymentID = generatePaymentID($con, $driverId, $bonusAmount, $paymentMethod);
if (!$paymentID) throw new Exception('Failed to generate payment ID');
// driverWallet
$insertDriver = $con->prepare("INSERT INTO driverWallet (driverID, paymentID, amount, paymentMethod) VALUES (:driverID, :paymentID, :amount, :paymentMethod)");
$insertDriver->execute([
':driverID' => $driverId,
':paymentID' => $paymentID,
':amount' => $bonusAmount,
':paymentMethod' => $paymentMethod
]);
if ($insertDriver->rowCount() === 0) throw new Exception('Insert to driverWallet failed');
$con->prepare("UPDATE payment_tokens SET isUsed = TRUE WHERE token = :token")->execute([':token' => $tokenDriver]);
// siroWallet
$insertSiro = $con->prepare("INSERT INTO siroWallet (driverId, passengerId, amount, paymentMethod, token, createdAt)
VALUES (:driverId, :passengerId, :amount, :paymentMethod, :token, CURRENT_TIMESTAMP)");
$insertSiro->execute([
':driverId' => $driverId,
':passengerId' => 'driver',
':amount' => $originalAmount,
':paymentMethod' => $paymentMethod,
':token' => $tokenSiro
]);
if ($insertSiro->rowCount() === 0) throw new Exception('Insert to siroWallet failed');
$con->prepare("UPDATE payment_tokens SET isUsed = TRUE WHERE token = :token")->execute([':token' => $tokenSiro]);
// إذا نجحت كل العمليات، قم بتثبيتها في قاعدة البيانات
$con->commit();
logError("FINALIZE", "Wallets updated successfully", ['orderRef' => $orderRef]);
// لا نطبع نجاح هنا، الملف المستدعي هو المسؤول عن إرسال الرد النهائي
} catch (Throwable $e) {
// في حالة حدوث أي خطأ، تراجع عن كل التغييرات
$con->rollBack();
logError("FINALIZE", "Exception during finalization: " . $e->getMessage(), ['orderRef' => $orderRef]);
// نمرر الخطأ للملف الأعلى ليعالجه
throw $e;
}
}
}

141
walletintaleq.intaleq.xyz/v2/main/ride/syriatel/driver/start_payment.php Executable file
View File

@@ -0,0 +1,141 @@
<?php
// /v1/main/ride/syriatel/driver/start_payment.php
include "../../../jwtconnect.php";
include_once "./syriatel_token_handler.php";
header('Content-Type: application/json; charset=utf-8');
/** دوال الطباعة (لو موجودة أصلاً في jwtconnect.php تجاهل هذه) */
if (!function_exists('printSuccess')) {
function printSuccess($data = null, $message = "success") {
echo json_encode(["status"=>"success","message"=>$message,"data"=>$data], JSON_UNESCAPED_UNICODE); exit;
}
}
if (!function_exists('printFailure')) {
function printFailure($message = "failure", $code = null) {
$resp = ["status"=>"failure","message"=>$message]; if ($code!==null) $resp["code"]=$code;
echo json_encode($resp, JSON_UNESCAPED_UNICODE); exit;
}
}
/** مولّد مرجع الطلب (TransactionID) */
function generate_order_ref(): string {
// مرجع مقروء + فريد: INT-YYYYMMDDHHMMSS-6digits
$ts = date('YmdHis');
$rand = str_pad((string)random_int(0, 999999), 6, '0', STR_PAD_LEFT);
return "INT-$ts-$rand";
}
// --- Input Parameters ---
$amount = filterRequest('amount');
$driverId = filterRequest('driverId');
$phone = filterRequest('phone'); // customerMSISDN
$lang = filterRequest('lang') ?? 'ar';
error_log("Syriatel Start: Request received for driver {$driverId} with amount {$amount}");
if (!$amount || !$driverId || !$phone) {
printFailure("Missing required parameters.");
}
// --- Environment Variables ---
$baseUrl = rtrim((string)getenv('SYRIATEL_API_BASE_URL'), '/');
$merchantMSISDN = (string)getenv('SYRIATEL_MERCHANT_MSISDN');
if ($baseUrl === '' || $merchantMSISDN === '') {
error_log("Syriatel Start: Missing SYRIATEL_API_BASE_URL or SYRIATEL_MERCHANT_MSISDN");
printFailure("Server configuration error.");
}
// --- Logic ---
try {
// 1) Token
$token = getSyriatelToken();
error_log("Syriatel Start: token=" . ($token ? substr($token,0,8).'...' : 'NULL'));
if (!$token) {
printFailure("Could not authenticate with the payment provider.");
}
// 2) Transaction ID + log DB
$transactionID = generate_order_ref();
$stmt = $con->prepare(
"INSERT INTO `paymentsLogSyriaDriver` (user_id, amount, status, order_ref, payment_method, created_at)
VALUES (:user_id, :amount, 0, :order_ref, 'syriatel', NOW())"
);
$stmt->execute([
':user_id' => $driverId,
':amount' => $amount,
':order_ref' => $transactionID
]);
error_log("Syriatel Start: Logged transaction {$transactionID} for driver {$driverId}");
// 3) Payment Request → Syriatel
$body = [
"customerMSISDN" => $phone, // مثال: 09xxxxxxxx (حسب وثيقتهم)
"merchantMSISDN" => $merchantMSISDN, // من env
"amount" => $amount,
"transactionID" => $transactionID,
"token" => $token
];
error_log("Syriatel Start: customerMSISDN {$phone} merchantMSISDN {$merchantMSISDN}");
$url = "{$baseUrl}/ePaymentExternalModule/paymentRequest";
$ch = curl_init($url);
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode($body, JSON_UNESCAPED_UNICODE),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
"Content-Type: application/json",
"User-Agent: Mozilla/5.0",
"Accept: application/json"
],
CURLOPT_CONNECTTIMEOUT => 8,
CURLOPT_TIMEOUT => 40,
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_SSL_VERIFYHOST => 2,
]);
$response = curl_exec($ch);
$errno = curl_errno($ch);
$errstr = curl_error($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
error_log("Syriatel Start: paymentRequest HTTP {$httpCode} errno={$errno} resp=" . substr((string)$response,0,300));
if ($errno) {
printFailure("Payment gateway communication error.", $errno);
}
if ($httpCode !== 200) {
printFailure("Payment gateway communication error (HTTP {$httpCode}).");
}
$responseData = json_decode($response, true);
// حسب الدوكيومنت: resultCode = 1 يعني OTP انرسل بنجاح
//errorCode = 0 => Success
if (isset($responseData['errorCode']) && (string)$responseData['errorCode'] === "0") {
printSuccess([
'message' => 'OTP sent successfully.',
'transactionID' => $transactionID,
]);
}
// 2) إذا resultCode = 1 => OTP sent
elseif (isset($responseData['resultCode']) && (int)$responseData['resultCode'] === 1) {
printSuccess([
'message' => 'OTP sent successfully.',
'transactionID' => $transactionID,
]);
}
// 3) أي شيء آخر => فشل
else {
$errorMessage = $responseData['resultDescription']
?? $responseData['errorDesc']
?? 'Failed to initiate payment.';
printFailure($errorMessage);
}
} catch (Throwable $e) {
error_log("Syriatel Start: Exception - " . $e->getMessage());
printFailure("An unexpected server error occurred.");
}

74
walletintaleq.intaleq.xyz/v2/main/ride/syriatel/driver/syriatel_token_handler.php Executable file
View File

@@ -0,0 +1,74 @@
<?php // syriatel_token_handler
function getSyriatelToken(): ?string {
// اضبط البيئة: prod أو stage (افتراضي prod)
$env = getenv("SYRIATEL_ENV") ?: "prod";
// Base URLs من Postman
$baseStage = "https://merchants.syriatel.sy:1443/ePayment_external_Json_test/rs/ePaymentExternalModule";
$baseProd = "https://merchants.syriatel.sy:1443/ePayment_external_Json/rs/ePaymentExternalModule";
$baseUrl = ($env === "stage") ? $baseStage : $baseProd;
$url = $baseUrl . "/getToken";
// ⚠️ لا تضع قيم افتراضية حساسة Hardcoded
$username = getenv("SYRIATEL_USERNAME");
$password = getenv("SYRIATEL_PASSWORD");
if (!$username || !$password) {
error_log("[GetSyriatelToken] Missing credentials in ENV");
printFailure("Payment provider credentials are missing.");
return null;
}
error_log("[GetSyriatelToken] Env={$env} | URL={$url} | user={$username}");
$payload = [
"username" => $username,
"password" => $password
];
$ch = curl_init($url);
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
"Content-Type: application/json",
"User-Agent: Mozilla/5.0",
],
CURLOPT_POSTFIELDS => json_encode($payload, JSON_UNESCAPED_UNICODE),
CURLOPT_CONNECTTIMEOUT => 8,
CURLOPT_TIMEOUT => 40,
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_SSL_VERIFYHOST => 2,
]);
$response = curl_exec($ch);
$errno = curl_errno($ch);
$errstr = curl_error($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($errno) {
error_log("[GetSyriatelToken] cURL error {$errno}: {$errstr}");
printFailure("Could not connect to the payment provider.", $errno);
return null;
}
if ($httpCode !== 200 || !$response) {
error_log("[GetSyriatelToken] HTTP {$httpCode} | Empty/invalid response");
printFailure("Could not authenticate with the payment provider.");
return null;
}
$data = json_decode($response, true);
$token = $data["token"] ?? null;
if (!$token) {
error_log("[GetSyriatelToken] Token not found in response: " . substr($response, 0, 300));
printFailure("Could not authenticate with the payment provider.");
return null;
}
error_log("[GetSyriatelToken] Token received successfully");
return $token;
}

25
walletintaleq.intaleq.xyz/v2/main/ride/syriatel/logs/payment_verification.log Normal file
View File

@@ -0,0 +1,25 @@
[2025-11-04 11:16:27] STEP FINALIZE: Exception: SQLSTATE[42S22]: Column not found: 1054 Unknown column 'orderRef' in 'field list' | Data: {"orderRef":"INT-20251104111538-994380"}
[2025-11-05 11:36:24] STEP FINALIZE: Exception: SQLSTATE[HY093]: Invalid parameter number: parameter was not defined | Data: {"orderRef":"INT-20251105113557-052588"}
[2025-11-08 07:24:27] STEP FINALIZE: Exception: generateToken(): Argument #2 ($driverId) must be of type int, string given, called in /home/intaleq-wallet/htdocs/walletintaleq.intaleq.xyz/v1/main/ride/syriatel/driver/confirm_payment.php on line 98 | Data: {"orderRef":"INT-20251108072402-591731"}
[2025-11-15 03:12:44] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251115031225-211431","driverId":"1031b1b342a9a9e20b95"}
[2025-11-16 23:34:48] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251116233429-590104","driverId":"048e59b0737d7ad85370"}
[2025-11-17 07:48:33] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251117074803-798991","driverId":"28b3b16129d555cafb9b"}
[2025-11-22 16:35:44] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251122163518-755824","driverId":"986bf7b2242410647d05"}
[2025-11-25 11:50:26] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251125114917-921160","driverId":"7b437f291b5330536488"}
[2025-11-25 22:53:31] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251125225306-092996","driverId":"aec6f1335b72b5976dea"}
[2025-11-25 23:38:09] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251125233750-436593","driverId":"aec6f1335b72b5976dea"}
[2025-11-26 16:24:04] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251126162327-487255","driverId":"7a30afbb9b33d68a8b78"}
[2025-11-27 11:13:43] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251127111247-519577","driverId":"92e2fd19f4be30c3c727"}
[2025-11-27 16:48:44] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251127164535-525644","driverId":"e49604074b0b27710516"}
[2025-11-29 17:23:58] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251129172343-124569","driverId":"2870ec487be28f0929c7"}
[2025-11-30 21:34:28] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251130213350-345293","driverId":"3de8047aee520ff6555f"}
[2025-12-02 14:52:41] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251202145224-318083","driverId":"590c719b3aaefb07d001"}
[2025-12-13 13:33:03] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251213133220-085952","driverId":"94973848bd46ab517fa4"}
[2025-12-14 21:59:36] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251214215921-864193","driverId":"e0d0a6a92804240482fc"}
[2025-12-16 20:05:03] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251216200446-674525","driverId":"793ebf9e18327a828c55"}
[2025-12-18 11:20:20] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251218111954-420209","driverId":"df4e0e0cb135ac836e68"}
[2025-12-18 11:22:21] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251218112152-679624","driverId":"df4e0e0cb135ac836e68"}
[2025-12-18 21:25:11] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251218212432-696061","driverId":"64bfc098a99342c0c729"}
[2025-12-21 13:03:16] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251221130240-780780","driverId":"527c0a89cdf35841e4eb"}
[2025-12-21 13:14:09] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251221131302-717915","driverId":"527c0a89cdf35841e4eb"}
[2025-12-31 10:56:16] STEP FINALIZE: Wallets updated successfully | Data: {"orderRef":"INT-20251231105523-483044","driverId":"d881d416c9d712c9b222"}

201
walletintaleq.intaleq.xyz/v2/main/ride/syriatel/passenger/confirm_payment.php Executable file
View File

@@ -0,0 +1,201 @@
<?php
// /v1/main/ride/syriatel/passenger/confirm_payment.php
include "../../../jwtconnect.php";
include_once __DIR__ . "/syriatel_token_handler.php";
header('Content-Type: application/json; charset=utf-8');
/** Helpers **/
function mlog(string $msg) { error_log($msg); }
// تعريف دالة توليد التوكن محلياً (نفس منطق السائق ولكن للراكب)
if (!function_exists('generateLocalToken')) {
function generateLocalToken($con, $userId, $amount) {
// مفتاح سري بسيط للتشفير (يمكنك تغييره أو جلبه من ملف الإعدادات)
$secretKey = 'Tripz_Passenger_Secret_Key';
$data = $userId . $amount . time() . $secretKey;
$hash = hash('sha256', $data);
$randomBytes = bin2hex(random_bytes(16));
$token = substr($hash . $randomBytes, 0, 64);
$stmt = $con->prepare("INSERT INTO payment_tokens (token, passengerID, dateCreated, amount) VALUES (:token, :passengerID, NOW(), :amount)");
// لاحظ: استخدمنا passengerID هنا بدلاً من driverID بناء على الجدول، إذا كان الجدول موحداً استخدم العمود المناسب
// غالباً الجدول يحتوي user_id أو يتم استخدام driverID للكل.
// سأفترض هنا أن الجدول يقبل التوكن، وسأقوم بربطه بالراكب.
// إذا كان عمود driverID هو الوحيد الموجود، يمكن تمرير الراكب فيه أو تعديل الجدول.
// **للتوافق مع السائق:** سأستخدم الحقل العام أو أتجاوز الـ foreign key إذا وجد.
// لكن الأضمن:
$stmt->execute([':token' => $token, ':passengerID' => $userId, ':amount' => $amount]);
return $stmt->rowCount() > 0 ? $token : null;
}
}
// --- المدخلات ---
$transactionID = filterRequest('transactionID'); // يقابل order_ref
$otp = filterRequest('otp'); // كود التأكيد
$lang = filterRequest('lang'); // اختياري
mlog("Syriatel Confirm (Passenger): Start tx={$transactionID}");
if (!$transactionID || !$otp) {
printFailure($lang === 'ar' ? "رقم العملية أو رمز OTP مفقود." : "Missing transaction ID or OTP.");
exit;
}
// --- المتغيرات البيئية ---
$baseUrl = rtrim(getenv('SYRIATEL_API_BASE_URL'), '/');
$merchantMSISDN = getenv('SYRIATEL_MERCHANT_MSISDN');
if (!$baseUrl || !$merchantMSISDN) {
printFailure($lang === 'ar' ? "خطأ في إعدادات الخادم." : "Server configuration error.");
exit;
}
try {
// 1) توكن المصادقة من Syriatel
$token = getSyriatelToken();
if (!$token) {
printFailure($lang === 'ar' ? "تعذّر المصادقة مع مزوّد الدفع." : "Could not authenticate with the payment provider.");
exit;
}
// 2) تحضير وإرسال طلب التأكيد لشركة سيريتل
$body = [
"OTP" => $otp,
"merchantMSISDN" => $merchantMSISDN,
"transactionID" => $transactionID,
"token" => $token
];
$ch = curl_init("{$baseUrl}/ePaymentExternalModule/paymentConfirmation");
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode($body, JSON_UNESCAPED_UNICODE),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => ["Content-Type: application/json"],
CURLOPT_TIMEOUT => 25,
]);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
$res = json_decode($response ?: '{}', true);
if (!is_array($res)) { $res = []; }
$errCode = isset($res['errorCode']) ? (string)$res['errorCode'] : null;
// التحقق من رد سيريتل
if ($httpCode !== 200 || $errCode !== "0") {
$errText = $res['errorDesc'] ?? $res['resultDescription'] ?? 'Payment failed';
mlog("Syriatel Confirm (Passenger): Failed - " . json_encode($res, JSON_UNESCAPED_UNICODE));
printFailure(['message' => $errText, 'syriatel' => $res]);
exit;
}
// ============================================================
// ✅ هنا يبدأ التعديل: التحديث المباشر لقاعدة البيانات (بدون cURL)
// ============================================================
global $con;
// 4) التحقق من السجل في قاعدة البيانات
$chk = $con->prepare("SELECT status, user_id, amount, payment_method FROM paymentsLogSyria WHERE order_ref = :ref LIMIT 1");
$chk->execute([':ref' => $transactionID]);
$payment = $chk->fetch(PDO::FETCH_ASSOC);
if (!$payment) {
printFailure($lang === 'ar' ? "لم يتم العثور على السجل." : "Payment row not found");
exit;
}
if ((int)$payment['status'] === 1) {
printSuccess(['message' => 'Already confirmed', 'data' => ['order_ref' => $transactionID]]);
exit;
}
// بدء المعاملة (Transaction)
$con->beginTransaction();
try {
// أ) تحديث حالة الدفع في السجل
$stmtUpdate = $con->prepare("UPDATE `paymentsLogSyria` SET status = 1, updated_at = NOW() WHERE order_ref = :ref");
$stmtUpdate->execute([':ref' => $transactionID]);
$passengerId = $payment['user_id'];
$originalAmount = floatval($payment['amount']);
$paymentMethod = $payment['payment_method'] ?? 'syriatel';
// ب) حساب المكافأة (نفس المنطق القديم)
$bonusAmount = match ((int)$originalAmount) {
500 => 530.0,
1000 => 1070.0,
2000 => 2180.0,
5000 => 5700.0,
default => $originalAmount,
};
// ج) إنشاء التوكنات مباشرة (بدون دالة خارجية)
// 1. توكن لمحفظة الراكب (بالمبلغ مع البونص)
$tokenPassenger = generateLocalToken($con, $passengerId, $bonusAmount);
if (!$tokenPassenger) throw new Exception('Failed to generate passenger token');
// 2. توكن لمحفظة السفر/الإيرادات (بالمبلغ الأصلي)
$tokenSiro = generateLocalToken($con, $passengerId, $originalAmount);
if (!$tokenSiro) throw new Exception('Failed to generate siro token');
// د) الإضافة إلى passengerWallet مباشرة
// ملاحظة: تأكد من أسماء الأعمدة في جدول passengerWallet
$insertPassWallet = $con->prepare("INSERT INTO passengerWallet (passenger_id, balance, token, created_at) VALUES (:pid, :amount, :token, NOW())");
$insertPassWallet->execute([
':pid' => $passengerId,
':amount' => $bonusAmount,
':token' => $tokenPassenger
]);
if ($insertPassWallet->rowCount() === 0) throw new Exception('Insert to passengerWallet failed');
// هـ) الإضافة إلى siroWallet مباشرة
// ملاحظة: في الراكب، يكون driverId عادة هو 'passenger' لتمييز أن الدفع جاء من تطبيق الراكب
$insertSiro = $con->prepare("INSERT INTO siroWallet (driverId, passengerId, amount, paymentMethod, token, createdAt)
VALUES (:did, :pid, :amount, :method, :token, NOW())");
$insertSiro->execute([
':did' => 'passenger', // كما في السكربت القديم
':pid' => $passengerId,
':amount' => $originalAmount,
':method' => $paymentMethod,
':token' => $tokenSiro
]);
if ($insertSiro->rowCount() === 0) throw new Exception('Insert to siroWallet failed');
// و) تحديث التوكنات لتصبح مستخدمة (isUsed = TRUE)
$updateToken = $con->prepare("UPDATE payment_tokens SET isUsed = TRUE WHERE token = :token");
$updateToken->execute([':token' => $tokenPassenger]);
$updateToken->execute([':token' => $tokenSiro]);
// ز) تثبيت المعاملة
$con->commit();
mlog("Syriatel Confirm (Passenger): Success DB Transaction for user {$passengerId}");
// إرجاع رد النجاح
printSuccess([
'message' => 'Syriatel Confirm Success',
'data' => [
'order_ref' => $transactionID,
'finalAmount' => $bonusAmount,
'syriatel' => $res
]
]);
exit;
} catch (Throwable $e) {
// في حال حدوث خطأ، تراجع عن كل شيء
$con->rollBack();
mlog("Syriatel Confirm (Passenger): Transaction Error - " . $e->getMessage());
printFailure($lang === 'ar' ? "فشل تحديث المحفظة." : "Wallet update failed.");
exit;
}
} catch (Throwable $e) {
mlog("Syriatel Confirm (Passenger): General Exception - " . $e->getMessage());
printFailure($lang === 'ar' ? "خطأ في الخادم." : "Server error");
exit;
}
?>

124
walletintaleq.intaleq.xyz/v2/main/ride/syriatel/passenger/start_payment.php Executable file
View File

@@ -0,0 +1,124 @@
<?php
// /v1/main/ride/syriatel/passenger/start_payment.php
include "../../../jwtconnect.php";
include_once "./syriatel_token_handler.php";
header('Content-Type: application/json; charset=utf-8');
// --- Input Parameters ---
$amount = filterRequest('amount');
$passengerId = filterRequest('passengerId'); // بدل driverId
$phone = filterRequest('phone'); // رقم الراكب (customerMSISDN)
$lang = filterRequest('lang') ?? 'ar';
error_log("Syriatel Start (Passenger): Request received for passenger {$passengerId} with amount {$amount}");
if (!$amount || !$passengerId || !$phone) {
printFailure($lang === 'ar' ? "بيانات ناقصة." : "Missing required parameters.");
exit;
}
function generate_order_ref(): string {
// مرجع مقروء + فريد: INT-YYYYMMDDHHMMSS-6digits
$ts = date('YmdHis');
$rand = str_pad((string)random_int(0, 999999), 6, '0', STR_PAD_LEFT);
return "INT-$ts-$rand";
}
// --- Environment Variables ---
$baseUrl = rtrim(getenv('SYRIATEL_API_BASE_URL'), '/');
$merchantMSISDN = getenv('SYRIATEL_MERCHANT_MSISDN');
if (!$baseUrl || !$merchantMSISDN) {
error_log("Syriatel Start (Passenger): Missing SYRIATEL_API_BASE_URL or SYRIATEL_MERCHANT_MSISDN env variables.");
printFailure($lang === 'ar' ? "خطأ إعدادات الخادم." : "Server configuration error.");
exit;
}
try {
// 1) Get Authentication Token
$token = getSyriatelToken();
error_log("Syriatel Start (Passenger):token= .$token");
if (!$token) {
printFailure($lang === 'ar' ? "تعذّر المصادقة مع مزوّد الدفع." : "Could not authenticate with the payment provider.");
exit;
}
// 2) Generate transaction ID + log
$transactionID = generate_order_ref(); // موجود لديك مسبقًا
// ملاحظة: استخدم جدول منفصل للركاب، أو وحّد الجدول مع حقل user_type. هنا نفترض جدول خاص بالراكب.
$stmt = $con->prepare(
"INSERT INTO `paymentsLogSyria`
(user_id, amount, status, order_ref, payment_method, created_at)
VALUES
(:user_id, :amount, 0, :order_ref, 'syriatel', NOW())"
);
$stmt->execute([
':user_id' => $passengerId,
':amount' => $amount,
':order_ref' => $transactionID
]);
error_log("Syriatel Start (Passenger): Logged transaction {$transactionID} for passenger {$passengerId}");
// 3) Call Syriatel paymentRequest
$body = [
"customerMSISDN" => $phone, // هاتف الراكب
"merchantMSISDN" => $merchantMSISDN, // هاتف التاجر (المحفظة)
"amount" => $amount,
"transactionID" => $transactionID,
"token" => $token
];
$ch = curl_init("{$baseUrl}/ePaymentExternalModule/paymentRequest");
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode($body, JSON_UNESCAPED_UNICODE),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => ["Content-Type: application/json"],
CURLOPT_TIMEOUT => 25,
]);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$curlErr = curl_error($ch);
curl_close($ch);
if ($curlErr) {
error_log("Syriatel Start (Passenger): cURL Error - {$curlErr}");
}
error_log("Syriatel Start (Passenger): API Response HTTP {$httpCode} - {$response}");
if ($httpCode !== 200) {
printFailure($lang === 'ar' ? "خطأ اتصال ببوابة الدفع." : "Payment gateway communication error.");
exit;
}
$responseData = json_decode($response, true);
// حسب الدوكيومنت: resultCode = 1 يعني OTP انرسل بنجاح
//errorCode = 0 => Success
if (isset($responseData['errorCode']) && (string)$responseData['errorCode'] === "0") {
printSuccess([
'message' => 'OTP sent successfully.',
'transactionID' => $transactionID,
]);
}
// 2) إذا resultCode = 1 => OTP sent
elseif (isset($responseData['resultCode']) && (int)$responseData['resultCode'] === 1) {
printSuccess([
'message' => 'OTP sent successfully.',
'transactionID' => $transactionID,
]);
}
// 3) أي شيء آخر => فشل
else {
$errorMessage = $responseData['resultDescription']
?? $responseData['errorDesc']
?? 'Failed to initiate payment.';
printFailure($errorMessage);
}
} catch (Throwable $e) {
error_log("Syriatel Start: Exception - " . $e->getMessage());
printFailure("An unexpected server error occurred.");
}

1
walletintaleq.intaleq.xyz/v2/main/ride/syriatel/passenger/syriatel_token.cache Normal file
View File

@@ -0,0 +1 @@
{"token":"E964A84D88C9A2306016886254475A49BE2BC95AFB6F4C30CD24857F5EFACDD2173D59A4B951CCEEE311AEFD3E40ABBF3E70BD2B1B8B3F0703E094C419E6291A6CFEA5C3CCD3B57E093FD58E6BB09ECF","expires_at":1759998218}

74
walletintaleq.intaleq.xyz/v2/main/ride/syriatel/passenger/syriatel_token_handler.php Executable file
View File

@@ -0,0 +1,74 @@
<?php // syriatel_token_handler
function getSyriatelToken(): ?string {
// اضبط البيئة: prod أو stage (افتراضي prod)
$env = getenv("SYRIATEL_ENV") ?: "prod";
// Base URLs من Postman
$baseStage = "https://merchants.syriatel.sy:1443/ePayment_external_Json_test/rs/ePaymentExternalModule";
$baseProd = "https://merchants.syriatel.sy:1443/ePayment_external_Json/rs/ePaymentExternalModule";
$baseUrl = ($env === "stage") ? $baseStage : $baseProd;
$url = $baseUrl . "/getToken";
// ⚠️ لا تضع قيم افتراضية حساسة Hardcoded
$username = getenv("SYRIATEL_USERNAME");
$password = getenv("SYRIATEL_PASSWORD");
if (!$username || !$password) {
error_log("[GetSyriatelToken] Missing credentials in ENV");
printFailure("Payment provider credentials are missing.");
return null;
}
error_log("[GetSyriatelToken] Env={$env} | URL={$url} | user={$username}");
$payload = [
"username" => $username,
"password" => $password
];
$ch = curl_init($url);
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
"Content-Type: application/json",
"User-Agent: Mozilla/5.0",
],
CURLOPT_POSTFIELDS => json_encode($payload, JSON_UNESCAPED_UNICODE),
CURLOPT_CONNECTTIMEOUT => 8,
CURLOPT_TIMEOUT => 40,
CURLOPT_SSL_VERIFYPEER => true,
CURLOPT_SSL_VERIFYHOST => 2,
]);
$response = curl_exec($ch);
$errno = curl_errno($ch);
$errstr = curl_error($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($errno) {
error_log("[GetSyriatelToken] cURL error {$errno}: {$errstr}");
printFailure("Could not connect to the payment provider.", $errno);
return null;
}
if ($httpCode !== 200 || !$response) {
error_log("[GetSyriatelToken] HTTP {$httpCode} | Empty/invalid response");
printFailure("Could not authenticate with the payment provider.");
return null;
}
$data = json_decode($response, true);
$token = $data["token"] ?? null;
if (!$token) {
error_log("[GetSyriatelToken] Token not found in response: " . substr($response, 0, 300));
printFailure("Could not authenticate with the payment provider.");
return null;
}
error_log("[GetSyriatelToken] Token received successfully");
return $token;
}