Update: 2026-05-15 03:09:36

backend/api/rides.php

@@ -55,6 +55,51 @@ $latitude = $input['latitude'] ?? null;
 $longitude = $input['longitude'] ?? null;
 
 try {
+    // --- Subscription Quota Check ---
+    if ($isAccepted === 1) {
+        $today = date('Y-m-d');
+        
+        // Get active subscription
+        $stmt = $pdo->prepare("SELECT plan, expires_at FROM subscriptions WHERE fingerprint = :fingerprint AND is_active = 1 ORDER BY id DESC LIMIT 1");
+        $stmt->execute([':fingerprint' => $fingerprint]);
+        $sub = $stmt->fetch(PDO::FETCH_ASSOC);
+        
+        $plan = 'free';
+        if ($sub) {
+            $plan = $sub['plan'];
+            if ($sub['expires_at'] && strtotime($sub['expires_at']) < time()) {
+                $plan = 'free'; // Expired
+            }
+        }
+
+        // Get daily usage
+        $stmt = $pdo->prepare("SELECT rides_accepted FROM daily_usage WHERE fingerprint = :fingerprint AND usage_date = :today");
+        $stmt->execute([':fingerprint' => $fingerprint, ':today' => $today]);
+        $usage = $stmt->fetch(PDO::FETCH_ASSOC);
+        $ridesToday = $usage ? (int)$usage['rides_accepted'] : 0;
+
+        // Determine limit
+        $limit = 1; // free
+        if ($plan === 'basic') $limit = 10;
+        if ($plan === 'pro' || $plan === 'annual') $limit = -1;
+
+        if ($limit !== -1 && $ridesToday >= $limit) {
+            http_response_code(403);
+            echo json_encode([
+                'success' => false, 
+                'message' => 'Daily limit reached',
+                'plan' => $plan,
+                'upgrade_required' => true
+            ]);
+            exit;
+        }
+        
+        // Update daily usage
+        $stmt = $pdo->prepare("INSERT INTO daily_usage (fingerprint, usage_date, rides_accepted) VALUES (:fingerprint, :today, 1) ON DUPLICATE KEY UPDATE rides_accepted = rides_accepted + 1");
+        $stmt->execute([':fingerprint' => $fingerprint, ':today' => $today]);
+    }
+    // --------------------------------
+
     $sql = "INSERT INTO rides (fingerprint, platform, price, pickup_distance, dropoff_distance, time_to_pickup, pickup_address, dropoff_address, is_accepted, raw_text, latitude, longitude, created_at) 
             VALUES (:fingerprint, :platform, :price, :pickup_distance, :dropoff_distance, :time_to_pickup, :pickup_address, :dropoff_address, :is_accepted, :raw_text, :latitude, :longitude, NOW())";
     

backend/api/subscription/activate.php

@@ -0,0 +1,70 @@
+<?php
+require_once __DIR__ . '/../../config/db.php';
+
+header('Content-Type: application/json');
+
+if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
+    http_response_code(405);
+    echo json_encode(['success' => false, 'message' => 'Method Not Allowed']);
+    exit;
+}
+
+$input = json_decode(file_get_contents('php://input'), true);
+$fingerprint = $input['fingerprint'] ?? null;
+$plan = $input['plan'] ?? null;
+$paymentRef = $input['payment_ref'] ?? null;
+
+if (!$fingerprint || !$plan) {
+    http_response_code(400);
+    echo json_encode(['success' => false, 'message' => 'Missing fingerprint or plan']);
+    exit;
+}
+
+$validPlans = ['free', 'basic', 'pro', 'annual'];
+if (!in_array($plan, $validPlans)) {
+    http_response_code(400);
+    echo json_encode(['success' => false, 'message' => 'Invalid plan type']);
+    exit;
+}
+
+// Calculate expiration date based on plan
+$expiresAt = null;
+if ($plan === 'basic' || $plan === 'pro') {
+    $expiresAt = date('Y-m-d H:i:s', strtotime('+30 days'));
+} elseif ($plan === 'annual') {
+    $expiresAt = date('Y-m-d H:i:s', strtotime('+365 days'));
+}
+
+try {
+    $pdo->beginTransaction();
+
+    // Deactivate previous active subscriptions for this device
+    $stmt = $pdo->prepare("UPDATE subscriptions SET is_active = 0 WHERE fingerprint = :fingerprint");
+    $stmt->execute([':fingerprint' => $fingerprint]);
+
+    // Insert new subscription
+    $stmt = $pdo->prepare("INSERT INTO subscriptions (fingerprint, plan, expires_at, payment_ref, is_active) 
+                           VALUES (:fingerprint, :plan, :expires_at, :payment_ref, 1)");
+    $stmt->execute([
+        ':fingerprint' => $fingerprint,
+        ':plan' => $plan,
+        ':expires_at' => $expiresAt,
+        ':payment_ref' => $paymentRef
+    ]);
+
+    $pdo->commit();
+
+    echo json_encode([
+        'success' => true,
+        'message' => 'Subscription activated successfully',
+        'plan' => $plan,
+        'expires_at' => $expiresAt
+    ]);
+
+} catch (PDOException $e) {
+    if ($pdo->inTransaction()) {
+        $pdo->rollBack();
+    }
+    http_response_code(500);
+    echo json_encode(['success' => false, 'message' => 'Database error: ' . $e->getMessage()]);
+}

backend/api/subscription/check.php

@@ -0,0 +1,68 @@
+<?php
+require_once __DIR__ . '/../../config/db.php';
+
+header('Content-Type: application/json');
+
+if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
+    http_response_code(405);
+    echo json_encode(['success' => false, 'message' => 'Method Not Allowed']);
+    exit;
+}
+
+$input = json_decode(file_get_contents('php://input'), true);
+$fingerprint = $input['fingerprint'] ?? null;
+
+if (!$fingerprint) {
+    http_response_code(400);
+    echo json_encode(['success' => false, 'message' => 'Missing fingerprint']);
+    exit;
+}
+
+try {
+    // 1. Get Subscription Status
+    $stmt = $pdo->prepare("SELECT * FROM subscriptions WHERE fingerprint = :fingerprint AND is_active = 1 ORDER BY id DESC LIMIT 1");
+    $stmt->execute([':fingerprint' => $fingerprint]);
+    $sub = $stmt->fetch(PDO::FETCH_ASSOC);
+
+    $plan = $sub ? $sub['plan'] : 'free';
+    $expiresAt = $sub ? $sub['expires_at'] : null;
+
+    // Check expiration
+    if ($expiresAt && strtotime($expiresAt) < time()) {
+        // Expired, revert to free
+        $stmt = $pdo->prepare("UPDATE subscriptions SET is_active = 0 WHERE id = :id");
+        $stmt->execute([':id' => $sub['id']]);
+        $plan = 'free';
+        $expiresAt = null;
+    }
+
+    // 2. Get Daily Usage
+    $today = date('Y-m-d');
+    $stmt = $pdo->prepare("SELECT rides_accepted FROM daily_usage WHERE fingerprint = :fingerprint AND usage_date = :today");
+    $stmt->execute([
+        ':fingerprint' => $fingerprint,
+        ':today' => $today
+    ]);
+    $usage = $stmt->fetch(PDO::FETCH_ASSOC);
+    $ridesToday = $usage ? (int)$usage['rides_accepted'] : 0;
+
+    // 3. Determine limits
+    $limit = 1; // Default for free
+    if ($plan === 'basic') $limit = 10;
+    if ($plan === 'pro' || $plan === 'annual') $limit = -1; // Unlimited
+
+    $canAccept = ($limit === -1) || ($ridesToday < $limit);
+
+    echo json_encode([
+        'success' => true,
+        'plan' => $plan,
+        'expires_at' => $expiresAt,
+        'rides_today' => $ridesToday,
+        'rides_limit' => $limit,
+        'can_accept' => $canAccept
+    ]);
+
+} catch (PDOException $e) {
+    http_response_code(500);
+    echo json_encode(['success' => false, 'message' => 'Database error: ' . $e->getMessage()]);
+}