Update: 2026-05-09 17:43:20

2026-05-09 17:43:20 +03:00
parent d7c7920b4a
commit 8780054553
2 changed files with 52 additions and 2 deletions
--- a/app/modules_app/payments/upload_receipt.php
+++ b/app/modules_app/payments/upload_receipt.php
@@ -20,10 +20,16 @@ if (!in_array($decoded['role'], ['admin', 'accountant'])) {
 }

 $paymentId = $_POST['payment_id'] ?? null;
+$bankRef   = trim($_POST['bank_reference'] ?? '');
+
 if (!$paymentId) {
    json_error('معرف طلب الدفع مطلوب.', 422);
 }

+if (!$bankRef) {
+    json_error('رقم مرجع الحوالة مطلوب للتفعيل الآلي.', 422);
+}
+
 if (!isset($_FILES['receipt']) || $_FILES['receipt']['error'] !== UPLOAD_ERR_OK) {
    json_error('صورة وصل الدفع مطلوبة.', 422);
 }
@@ -32,7 +38,7 @@ $db = Database::getInstance();
 $tenantId = $decoded['tenant_id'];

 try {
-    // 1. Verify payment request exists and belongs to this tenant
+    // 1. Verify payment request exists
    $stmt = $db->prepare("SELECT * FROM payment_requests WHERE id = ? AND tenant_id = ? AND status IN ('pending','uploaded')");
    $stmt->execute([$paymentId, $tenantId]);
    $payment = $stmt->fetch();
@@ -41,7 +47,39 @@ try {
        json_error('طلب الدفع غير موجود أو تم معالجته بالفعل.', 404);
    }

-    // 2. Save receipt image
+    // Update the payment request with the provided bank reference
+    $stmt = $db->prepare("UPDATE payment_requests SET bank_reference = ? WHERE id = ?");
+    $stmt->execute([$bankRef, $paymentId]);
+    $payment['bank_reference'] = $bankRef;
+
+    // 2. Immediate Check: Has the bot already received this transaction?
+    $stmt = $db->prepare("SELECT * FROM bank_transactions WHERE bank_reference = ? AND is_claimed = 0 LIMIT 1");
+    $stmt->execute([$bankRef]);
+    $transaction = $stmt->fetch();
+
+    if ($transaction) {
+        $expectedAmount = (float)$payment['amount_jod'];
+        $actualAmount   = (float)$transaction['amount'];
+
+        if (abs($expectedAmount - $actualAmount) < 0.01) {
+            // MATCH FOUND! Auto activate.
+            activateSubscription($db, $payment, $decoded['user_id']);
+
+            $stmt = $db->prepare("UPDATE payment_requests SET status = 'approved', verified_at = NOW() WHERE id = ?");
+            $stmt->execute([$paymentId]);
+
+            $stmt = $db->prepare("UPDATE bank_transactions SET is_claimed = 1 WHERE id = ?");
+            $stmt->execute([$transaction['id']]);
+
+            json_success([
+                'status' => 'approved',
+                'auto_verified' => true,
+                'message' => 'تم العثور على الحوالة وتفعيل اشتراكك فوراً! شكراً لك.'
+            ], 'تم تفعيل الاشتراك بنجاح');
+        }
+    }
+
+    // 3. If no immediate match, save the receipt and wait for AI/Bot backup
    $uploadDir = STORAGE_PATH . '/receipts/' . $tenantId;
    if (!is_dir($uploadDir)) {
        mkdir($uploadDir, 0750, true);