|
Server IP : 217.21.85.138 / Your IP : 216.73.216.103 Web Server : LiteSpeed System : Linux in-mum-web906.main-hosting.eu 4.18.0-553.37.1.lve.el8.x86_64 #1 SMP Mon Feb 10 22:45:17 UTC 2025 x86_64 User : u915722082 ( 915722082) PHP Version : 7.4.33 Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail MySQL : OFF | cURL : ON | WGET : ON | Perl : OFF | Python : OFF Directory (0755) : /home/u915722082/public_html/vendor/../projects/admin/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
session_start();
require_once '../config/config.php';
require_once '../vendor/autoload.php';
use Razorpay\Api\Api;
use Razorpay\Api\Errors\SignatureVerificationError;
$con = getDatabaseConnection();
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
header("Location: domain_portfolio.php");
exit;
}
// Get payment details
$razorpay_payment_id = $_POST['razorpay_payment_id'];
$razorpay_order_id = $_POST['razorpay_order_id'];
$razorpay_signature = $_POST['razorpay_signature'];
$order_id = (int)$_POST['order_id'];
// Get Razorpay credentials
$settings_query = "SELECT setting_key, setting_value FROM tbl_domain_settings WHERE setting_key IN ('razorpay_key_id', 'razorpay_key_secret')";
$settings_result = mysqli_query($con, $settings_query);
$settings = [];
while ($row = mysqli_fetch_assoc($settings_result)) {
$settings[$row['setting_key']] = $row['setting_value'];
}
$razorpay_key_id = $settings['razorpay_key_id'];
$razorpay_key_secret = $settings['razorpay_key_secret'];
// Verify signature
$api = new Api($razorpay_key_id, $razorpay_key_secret);
try {
$attributes = [
'razorpay_order_id' => $razorpay_order_id,
'razorpay_payment_id' => $razorpay_payment_id,
'razorpay_signature' => $razorpay_signature
];
$api->utility->verifyPaymentSignature($attributes);
// Signature verified - Payment is legitimate
// Fetch order details
$order_query = "SELECT * FROM tbl_domain_orders WHERE order_id = $order_id";
$order_result = mysqli_query($con, $order_query);
$order = mysqli_fetch_assoc($order_result);
// Update order status
$update_query = "UPDATE tbl_domain_orders SET
payment_status = 'completed',
payment_method = 'razorpay',
payment_id = '$razorpay_payment_id',
razorpay_payment_id = '$razorpay_payment_id',
razorpay_signature = '$razorpay_signature',
paid_at = NOW(),
updated_at = NOW()
WHERE order_id = $order_id";
mysqli_query($con, $update_query);
// Insert transaction record
$tx_query = "INSERT INTO tbl_domain_transactions (
order_id, transaction_type, amount, payment_gateway,
gateway_transaction_id, status, response_data, created_at
) VALUES (
$order_id, 'payment', {$order['total_amount']}, 'razorpay',
'$razorpay_payment_id', 'success',
'" . mysqli_real_escape_string($con, json_encode($_POST)) . "',
NOW()
)";
mysqli_query($con, $tx_query);
// Generate invoice
$invoice_number = 'INV-' . date('Ymd') . '-' . str_pad($order_id, 5, '0', STR_PAD_LEFT);
$invoice_date = date('Y-m-d');
$subtotal = $order['price_per_year'] * $order['renewal_years'];
$tax_amount = $order['total_amount'] - $subtotal;
$invoice_query = "INSERT INTO tbl_domain_invoices (
order_id, invoice_number, invoice_date,
subtotal, tax_amount, total_amount, created_at
) VALUES (
$order_id, '$invoice_number', '$invoice_date',
$subtotal, $tax_amount, {$order['total_amount']},
NOW()
)";
mysqli_query($con, $invoice_query);
$invoice_id = mysqli_insert_id($con);
// Send confirmation email
sendPaymentConfirmationEmail($con, $order, $invoice_number);
// Redirect to success page
$_SESSION['success'] = "Payment successful! Your domain has been renewed.";
header("Location: payment_success.php?order_id=$order_id&invoice_id=$invoice_id");
exit;
} catch (SignatureVerificationError $e) {
// Signature verification failed
// Update order status to failed
mysqli_query($con, "UPDATE tbl_domain_orders SET payment_status = 'failed', updated_at = NOW() WHERE order_id = $order_id");
// Insert failed transaction
mysqli_query($con, "INSERT INTO tbl_domain_transactions (
order_id, transaction_type, amount, payment_gateway,
status, response_data, created_at
) VALUES (
$order_id, 'payment', 0, 'razorpay',
'failed', '" . mysqli_real_escape_string($con, $e->getMessage()) . "', NOW()
)");
$_SESSION['error'] = "Payment verification failed. Please contact support.";
header("Location: payment_failed.php?order_id=$order_id");
exit;
}
function sendPaymentConfirmationEmail($con, $order, $invoice_number) {
require_once '../vendor/autoload.php';
use PHPMailer\PHPMailer\PHPMailer;
try {
$mail = new PHPMailer(true);
$mail->isSMTP();
$mail->Host = SMTP_HOST;
$mail->SMTPAuth = true;
$mail->Username = SMTP_USERNAME;
$mail->Password = SMTP_PASSWORD;
$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS;
$mail->Port = SMTP_PORT;
$mail->CharSet = 'UTF-8';
$mail->setFrom(SMTP_FROM_EMAIL, SMTP_FROM_NAME);
$mail->addAddress(ADMIN_EMAIL, 'Admin');
$mail->isHTML(true);
$mail->Subject = '✅ Domain Renewal Payment Successful - ' . $order['domain_name'];
$mail->Body = "
<!DOCTYPE html>
<html>
<head>
<meta charset='UTF-8'>
<style>
body { font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; line-height: 1.6; }
.container { max-width: 600px; margin: 0 auto; }
.header { background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); color: white; padding: 30px; text-align: center; border-radius: 10px 10px 0 0; }
.content { background: #ffffff; padding: 30px; border-left: 5px solid #667eea; }
.order-box { background: #f8f9fa; padding: 20px; margin: 20px 0; border-radius: 5px; }
.success-badge { background: #28a745; color: white; padding: 8px 16px; border-radius: 20px; display: inline-block; margin: 10px 0; }
.footer { background: #f8f9fa; padding: 20px; text-align: center; color: #666; font-size: 14px; border-radius: 0 0 10px 10px; }
</style>
</head>
<body>
<div class='container'>
<div class='header'>
<h1 style='margin: 0; font-size: 28px;'>✅ Payment Successful!</h1>
<p style='margin: 10px 0 0 0; opacity: 0.9;'>Domain Renewal Confirmed</p>
</div>
<div class='content'>
<span class='success-badge'>Payment Completed</span>
<h2 style='color: #333; margin-top: 20px;'>Order Details</h2>
<div class='order-box'>
<p><strong>Order Number:</strong> {$order['order_number']}</p>
<p><strong>Invoice Number:</strong> $invoice_number</p>
<p><strong>Domain Name:</strong> {$order['domain_name']}</p>
<p><strong>Renewal Period:</strong> {$order['renewal_years']} Year(s)</p>
<p><strong>Amount Paid:</strong> {$order['currency']} " . number_format($order['total_amount'], 2) . "</p>
<p><strong>Payment Date:</strong> " . date('F j, Y, g:i a') . "</p>
<p><strong>New Expiry Date:</strong> " . date('F j, Y', strtotime($order['new_expiry'])) . "</p>
</div>
<p style='color: #666; margin-top: 30px;'>
Your domain renewal has been processed successfully.
The domain will be renewed shortly.
</p>
<p style='margin-top: 20px;'>
Best regards,<br>
<strong>TheDotStudios Team</strong>
</p>
</div>
<div class='footer'>
<p style='margin: 5px 0;'>© " . date('Y') . " TheDotStudios. All rights reserved.</p>
</div>
</div>
</body>
</html>
";
$mail->AltBody = "Payment Successful!\n\nOrder: {$order['order_number']}\nInvoice: $invoice_number\nDomain: {$order['domain_name']}\nAmount: {$order['currency']} " . number_format($order['total_amount'], 2);
$mail->send();
} catch (Exception $e) {
error_log("Email send failed: " . $e->getMessage());
}
}
?>