Hamza/Siro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f13faa8c31e2660245e207766e05e1a303caea75
Siro/walletintaleq.intaleq.xyz/v2/main/ride/nabeh/verify_payment.php
Hamza-Ayed f13faa8c31 Update: 2026-06-18 16:46:30
2026-06-18 16:46:30 +03:00

350 lines
15 KiB
PHP
Raw Blame History

<?php
/**
* Nabeh Payment Verification Endpoint
*
* Simplified: uses phone directly to find pending invoice (no S2S resolve_user).
* Added Cliq AI verification with receipt image.
*
* ===============================
* INPUT (JSON body)
* ===============================
* phone (required) — User's phone number
* payment_method (req) — shamcash / cliq / sms / mtn
* receipt_image (opt) — Receipt screenshot for AI verification
* image_mime_type (opt) — Default: image/jpeg
*
* ===============================
* FLOW
* ===============================
* 1. Auth via jwtconnect.php (X-API-Key → NABEH_API_KEY)
* 2. Find latest pending invoice by phone + payment_method
* 3. If shamcash/cliq + receipt_image → Gemini AI verification
* AI confirms → update status → finalize deposit → return success
* 4. Otherwise return invoice status
*
* Auth: X-API-Key header → NABEH_API_KEY (via jwtconnect.php Path 5)
*/
require_once __DIR__ . '/../../jwtconnect.php';
require_once __DIR__ . '/../GeminiAi.php';
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
echo json_encode(['status' => 'failure', 'message' => 'Method not allowed']);
exit;
}
$raw = file_get_contents('php://input');
$data = json_decode($raw, true) ?: $_POST;
$phone = preg_replace('/\D+/', '', $data['phone'] ?? '');
$paymentMethod = strtolower(trim($data['payment_method'] ?? ''));
$receiptImage = $data['receipt_image'] ?? '';
$imageMimeType = $data['image_mime_type'] ?? 'image/jpeg';
if (empty($phone)) {
printFailure('phone is required');
exit;
}
$paymentMethod = $paymentMethod ?: 'shamcash';
// ═══════════════════════════════════════════════════════════════
// HELPER: find pending invoice by phone
// ═══════════════════════════════════════════════════════════════
function findPendingByPhone(PDO $con, string $table, string $phone, string $orderCol = 'created_at'): ?array
{
$stmt = $con->prepare("
SELECT id, invoice_number, amount, status, created_at
FROM $table
WHERE phone = ? AND status = 'pending'
ORDER BY $orderCol DESC
LIMIT 1
");
$stmt->execute([$phone]);
return $stmt->fetch(PDO::FETCH_ASSOC) ?: null;
}
function findLastCompletedByPhone(PDO $con, string $table, string $phone): ?array
{
$stmt = $con->prepare("
SELECT id, invoice_number, amount, status, created_at
FROM $table
WHERE phone = ? AND status = 'completed'
ORDER BY created_at DESC
LIMIT 1
");
$stmt->execute([$phone]);
return $stmt->fetch(PDO::FETCH_ASSOC) ?: null;
}
// ═══════════════════════════════════════════════════════════════
// SHAMCASH — AI Verification
// ═══════════════════════════════════════════════════════════════
if ($paymentMethod === 'shamcash') {
$invoice = findPendingByPhone($con, 'invoices_shamcash', $phone);
if (!$invoice) {
$lastCompleted = findLastCompletedByPhone($con, 'invoices_shamcash', $phone);
if ($lastCompleted) {
echo json_encode([
'status' => 'success',
'verified' => true,
'message' => 'آخر فاتورة لديك مكتملة بالفعل.',
'invoice' => $lastCompleted,
], JSON_UNESCAPED_UNICODE);
exit;
}
echo json_encode([
'status' => 'success',
'verified' => false,
'message' => 'لا توجد فاتورة معلقة. يرجى إنشاء فاتورة عبر تطبيق Siro أولاً.',
], JSON_UNESCAPED_UNICODE);
exit;
}
if (empty($receiptImage)) {
echo json_encode([
'status' => 'success',
'verified' => false,
'requires_image' => true,
'message' => "تم العثور على فاتورة رقم {$invoice['invoice_number']} بمبلغ {$invoice['amount']} ل.س. يرجى إرسال صورة الإيصال.",
'invoice' => $invoice,
], JSON_UNESCAPED_UNICODE);
exit;
}
// ── AI verify ───────────────────────────────────────────
$geminiKey = getenv('GEMINI_API_KEY');
if (empty($geminiKey)) {
printFailure('AI verification service not configured');
exit;
}
try {
$gemini = new GeminiAi($geminiKey);
$aiResult = $gemini->verifyPayment(
$invoice['invoice_number'],
$invoice['amount'],
'ShamCash',
'',
$receiptImage
);
if (!empty($aiResult['verified'])) {
$con->beginTransaction();
$upd = $con->prepare("
UPDATE invoices_shamcash
SET status = 'processing'
WHERE id = ? AND status = 'pending'
");
$upd->execute([$invoice['id']]);
if ($upd->rowCount() > 0) {
require_once __DIR__ . '/../shamcash/finalize_deposit.php';
$finalized = finalizeShamCashDeposit($con, $invoice['id']);
if ($finalized) {
$con->commit();
echo json_encode([
'status' => 'success',
'verified' => true,
'message' => '✅ تم التحقق من عملية الدفع بنجاح! تم تحديث رصيد حسابك.',
'invoice' => [
'invoice_number' => $invoice['invoice_number'],
'amount' => $invoice['amount'],
'status' => 'completed',
],
'ai_reason' => $aiResult['reason'] ?? null,
], JSON_UNESCAPED_UNICODE);
} else {
$con->rollBack();
echo json_encode([
'status' => 'error',
'message' => 'Verification passed but wallet update failed. Contact support.',
], JSON_UNESCAPED_UNICODE);
}
} else {
$con->rollBack();
echo json_encode([
'status' => 'success',
'verified' => false,
'message' => 'These funds have already been credited.',
], JSON_UNESCAPED_UNICODE);
}
} else {
$reason = $aiResult['reason'] ?? 'لم يتم التأكيد';
echo json_encode([
'status' => 'success',
'verified' => false,
'message' => "⚠️ $reason",
'ai_reason' => $reason,
], JSON_UNESCAPED_UNICODE);
}
} catch (Exception $e) {
error_log("[Nabeh ShamCash AI] " . $e->getMessage());
printFailure('AI verification service error');
}
exit;
}
// ═══════════════════════════════════════════════════════════════
// CLIQ — AI Verification (same pattern as ShamCash)
// ═══════════════════════════════════════════════════════════════
if ($paymentMethod === 'cliq') {
$invoice = findPendingByPhone($con, 'cliq_invoices', $phone);
if (!$invoice) {
$lastCompleted = findLastCompletedByPhone($con, 'cliq_invoices', $phone);
if ($lastCompleted) {
echo json_encode([
'status' => 'success',
'verified' => true,
'message' => 'آخر فاتورة لديك مكتملة بالفعل.',
'invoice' => $lastCompleted,
], JSON_UNESCAPED_UNICODE);
exit;
}
echo json_encode([
'status' => 'success',
'verified' => false,
'message' => 'لا توجد فاتورة معلقة. يرجى إنشاء فاتورة عبر تطبيق Siro أولاً.',
], JSON_UNESCAPED_UNICODE);
exit;
}
if (empty($receiptImage)) {
echo json_encode([
'status' => 'success',
'verified' => false,
'requires_image' => true,
'message' => "تم العثور على فاتورة رقم {$invoice['invoice_number']} بمبلغ {$invoice['amount']} دينار. يرجى إرسال صورة الإيصال.",
'invoice' => $invoice,
], JSON_UNESCAPED_UNICODE);
exit;
}
// ── AI verify ───────────────────────────────────────────
$geminiKey = getenv('GEMINI_API_KEY');
if (empty($geminiKey)) {
printFailure('AI verification service not configured');
exit;
}
try {
$gemini = new GeminiAi($geminiKey);
$aiResult = $gemini->verifyPayment(
$invoice['invoice_number'],
$invoice['amount'],
'Cliq',
'',
$receiptImage
);
if (!empty($aiResult['verified'])) {
$con->beginTransaction();
$upd = $con->prepare("
UPDATE cliq_invoices
SET status = 'completed', updated_at = NOW()
WHERE id = ? AND status = 'pending'
");
$upd->execute([$invoice['id']]);
if ($upd->rowCount() > 0) {
require_once __DIR__ . '/../cliq/finalize_payment.php';
$finalized = finalizeClickPayment($con, $invoice['id']);
if ($finalized['success']) {
$con->commit();
echo json_encode([
'status' => 'success',
'verified' => true,
'message' => '✅ تم التحقق من عملية الدفع بنجاح! تم تحديث رصيد حسابك.',
'invoice' => [
'invoice_number' => $invoice['invoice_number'],
'amount' => $invoice['amount'],
'status' => 'completed',
],
'ai_reason' => $aiResult['reason'] ?? null,
], JSON_UNESCAPED_UNICODE);
} else {
$con->rollBack();
echo json_encode([
'status' => 'error',
'message' => 'Verification passed but wallet update failed. Contact support.',
], JSON_UNESCAPED_UNICODE);
}
} else {
$con->rollBack();
echo json_encode([
'status' => 'success',
'verified' => false,
'message' => 'These funds have already been credited.',
], JSON_UNESCAPED_UNICODE);
}
} else {
$reason = $aiResult['reason'] ?? 'لم يتم التأكيد';
echo json_encode([
'status' => 'success',
'verified' => false,
'message' => "⚠️ $reason",
'ai_reason' => $reason,
], JSON_UNESCAPED_UNICODE);
}
} catch (Exception $e) {
error_log("[Nabeh Cliq AI] " . $e->getMessage());
printFailure('AI verification service error');
}
exit;
}
// ═══════════════════════════════════════════════════════════════
// SMS / SYRIATEL — Status query by phone
// ═══════════════════════════════════════════════════════════════
if ($paymentMethod === 'sms' || $paymentMethod === 'syriatel') {
$stmt = $con->prepare("
SELECT id, invoice_number, user_phone AS method_phone, amount, status, created_at, ? AS payment_method
FROM invoices_sms
WHERE phone = ? AND status = 'pending'
ORDER BY created_at DESC
LIMIT 5
");
$stmt->execute([$paymentMethod, $phone]);
$invoices = $stmt->fetchAll();
echo json_encode([
'status' => 'success',
'verified' => !empty($invoices),
'message' => empty($invoices) ? 'لا توجد فواتير معلقة.' : null,
'invoices' => $invoices,
], JSON_UNESCAPED_UNICODE);
exit;
}
// ═══════════════════════════════════════════════════════════════
// MTN — Status query by phone
// ═══════════════════════════════════════════════════════════════
if ($paymentMethod === 'mtn') {
$stmt = $con->prepare("
SELECT id, invoice_number, mtn_phone AS method_phone, amount, status,
mtn_transaction_id AS transaction_id, created_at, updated_at AS paid_at, ? AS payment_method
FROM mtn_invoices
WHERE phone = ? AND status = 'pending'
ORDER BY created_at DESC
LIMIT 5
");
$stmt->execute([$paymentMethod, $phone]);
$invoices = $stmt->fetchAll();
echo json_encode([
'status' => 'success',
'verified' => !empty($invoices),
'message' => empty($invoices) ? 'لا توجد فواتير معلقة.' : null,
'invoices' => $invoices,
], JSON_UNESCAPED_UNICODE);
exit;
}
// ═══════════════════════════════════════════════════════════════
// UNKNOWN METHOD
// ═══════════════════════════════════════════════════════════════
printFailure("Invalid payment method: $paymentMethod");
Reference in New Issue View Git Blame Copy Permalink