Update: 2026-06-11 18:22:57
This commit is contained in:
Hamza-Ayed
91
walletintaleq.intaleq.xyz/v2/main/ride/ecash/passenger/ecash_webhook.php
Executable file
91
walletintaleq.intaleq.xyz/v2/main/ride/ecash/passenger/ecash_webhook.php
Executable file
@@ -0,0 +1,91 @@
|
||||
<?php
|
||||
// استخدام ملف اتصال خاص بالـ Webhook لا يحتوي على أي تحقق من الهوية
|
||||
include "../../../jwtconnect.php";
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| ملف Webhook النهائي الخاص بـ eCash (مع تسجيل إضافي للتصحيح)
|
||||
|--------------------------------------------------------------------------
|
||||
*/
|
||||
|
||||
// --- الإعدادات ---
|
||||
$ecash_merchant_id = getenv('ECASH_MERCHANT_ID');
|
||||
$ecash_merchant_secret = getenv('ECASH_MERCHANT_SECRET');
|
||||
|
||||
// --- إعداد ملف اللوج (Log File) ---
|
||||
$log_dir = __DIR__ . '/../logs';
|
||||
$log_file = $log_dir . '/ecash_production.log';
|
||||
|
||||
if (!is_dir($log_dir)) {
|
||||
mkdir($log_dir, 0755, true);
|
||||
}
|
||||
|
||||
// --- قراءة البيانات القادمة من eCash ---
|
||||
$raw_body = file_get_contents("php://input");
|
||||
$data = json_decode($raw_body, true);
|
||||
|
||||
// --- تسجيل الـ Callback كاملاً لأغراض المراقبة ---
|
||||
file_put_contents($log_file, "--- NEW WEBHOOK ---\n" . date('Y-m-d H:i:s') . " - RAW BODY: " . $raw_body . PHP_EOL, FILE_APPEND);
|
||||
|
||||
if (!$data || !isset($data['Token'])) {
|
||||
http_response_code(400);
|
||||
exit;
|
||||
}
|
||||
|
||||
// --- استخراج البيانات ---
|
||||
$isSuccess = $data['IsSuccess'] ?? false;
|
||||
$transactionNo = $data['TransactionNo'] ?? '';
|
||||
$amount = $data['Amount'] ?? '';
|
||||
$orderRef = $data['OrderRef'] ?? '';
|
||||
$receivedToken = $data['Token'];
|
||||
|
||||
// --- **تصحيح الأخطاء: بناء وتسجيل سلسلة التحقق** ---
|
||||
$verification_string = $ecash_merchant_id . $ecash_merchant_secret . $transactionNo . $amount . $orderRef;
|
||||
$expectedToken = strtoupper(md5($verification_string));
|
||||
|
||||
// تسجيل السلسلة المستخدمة في التوقيع والقيم الفردية
|
||||
$debug_log = "VERIFICATION STRING: " . $verification_string . PHP_EOL;
|
||||
$debug_log .= " - Merchant ID Used: " . $ecash_merchant_id . PHP_EOL;
|
||||
$debug_log .= " - TransactionNo Used: " . $transactionNo . PHP_EOL;
|
||||
$debug_log .= " - Amount Used: " . $amount . PHP_EOL;
|
||||
$debug_log .= " - OrderRef Used: " . $orderRef . PHP_EOL;
|
||||
$debug_log .= "CALCULATED TOKEN: " . $expectedToken . PHP_EOL;
|
||||
$debug_log .= "RECEIVED TOKEN: " . $receivedToken . PHP_EOL;
|
||||
|
||||
file_put_contents($log_file, $debug_log, FILE_APPEND);
|
||||
|
||||
|
||||
// --- التحقق من صحة الـ Token ---
|
||||
if (!hash_equals($expectedToken, $receivedToken)) {
|
||||
http_response_code(401);
|
||||
file_put_contents($log_file, "TOKEN MISMATCH! Process stopped." . PHP_EOL, FILE_APPEND);
|
||||
exit;
|
||||
}
|
||||
|
||||
// --- تحديث حالة الدفعة في قاعدة البيانات ---
|
||||
file_put_contents($log_file, "TOKEN MATCH! Proceeding to update database." . PHP_EOL, FILE_APPEND);
|
||||
$payment_status = $isSuccess ? 1 : 0;
|
||||
|
||||
try {
|
||||
$stmt = $con->prepare(
|
||||
"UPDATE `paymentsLogSyria` SET status = :status, updated_at = NOW() WHERE order_ref = :order_ref AND status = 2"
|
||||
);
|
||||
$stmt->execute([
|
||||
':status' => $payment_status,
|
||||
|
||||
':order_ref' => $orderRef
|
||||
]);
|
||||
|
||||
if ($stmt->rowCount() > 0) {
|
||||
http_response_code(200);
|
||||
file_put_contents($log_file, "SUCCESS: Database updated." . PHP_EOL, FILE_APPEND);
|
||||
} else {
|
||||
http_response_code(200);
|
||||
file_put_contents($log_file, "INFO: Order not found or already processed." . PHP_EOL, FILE_APPEND);
|
||||
}
|
||||
|
||||
} catch (PDOException $e) {
|
||||
http_response_code(500);
|
||||
file_put_contents($log_file, "FATAL: Database update failed: " . $e->getMessage() . PHP_EOL, FILE_APPEND);
|
||||
}
|
||||
?>
|
||||
Reference in New Issue
Block a user