OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
cream
/
quiz
/
assets
/
payment
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
02/15/2025 11:20:33 AM
rwxr-xr-x
📄
checkout.php
1.04 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
composer.json
62 bytes
02/15/2025 11:21:46 AM
rw-r--r--
📄
composer.lock
5.6 KB
02/15/2025 11:21:46 AM
rw-r--r--
📄
payment_success.php
7.77 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
test.html
257 bytes
02/15/2025 11:21:46 AM
rw-r--r--
📁
vendor
-
05/19/2025 10:07:16 AM
rwxr-xr-x
📄
verify_payment.php
3.91 KB
05/19/2025 10:07:16 AM
rw-r--r--
Editing: verify_payment.php
Close
<?php include '../php/validate.logged.php'; ini_set('display_startup_errors', 1); require 'vendor/autoload.php'; // Include Razorpay PHP SDK use Razorpay\Api\Api; include '../php/db_config.php'; // Collect payment data from POST request $razorpayOrderId = $_POST['order_id']; $razorpayPaymentId = $_POST['payment_id']; $razorpaySignature = $_POST['signature']; $email = $_POST['userEmail'] ?? $gUserEmail; if (!$email || !$razorpayOrderId || !$razorpayPaymentId || !$razorpaySignature) { echo json_encode(['error' => 'Required fields are missing']); exit; } // Attributes to verify signature $attributes = [ 'razorpay_order_id' => $razorpayOrderId, 'razorpay_payment_id' => $razorpayPaymentId, 'razorpay_signature' => $razorpaySignature ]; $paymentData = [ 'orderId' => $razorpayOrderId, 'paymentId' => $razorpayPaymentId, 'rzpSignature' => $razorpaySignature, 'userEmail' => $_POST['userEmail'], 'userName' => $_POST['userName'] ?? null, 'userMobile' => $_POST['userPhone'] ?? null, 'quizId' => $_POST['quizId'] ?? null, 'amount' => $_POST['amount'] ?? null, ]; // print_r($paymentData); // or // var_dump($paymentData); $response = verify_payment($attributes, $paymentData); if ($response['status']) { $innerResponse = capture_quiz_status($paymentData); if ($innerResponse['status']) { ?> <script> alert("Payment successful"); </script> <? echo "<script type='text/javascript'>window.location.href = 'payment_success.php?payment=success';</script>"; } else { ?> <?= $innerResponse['error_message'] ?> <? } } else { ?> <?= $response['error_message'] ?> <? } // Close the database connection $conn->close(); function verify_payment($attributes, $paymentData) { $response = ['status' => false]; global $conn, $gUserId; try { $api = new Api('rzp_live_7lW7YYdRevsBbo', 'ZSdtQlvmcLp7a2U4CQYoLH5s'); $api->utility->verifyPaymentSignature($attributes); $sql = "INSERT INTO payment_details (user_id, order_id, payment_id, signature, status, recipient, email, phone,quiz_id, amount) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; $stmt = $conn->prepare($sql); $status = 'Y'; // If preparation fails, print the error if ($stmt === false) { throw new Exception('MySQL prepare error: ' . $conn->error); } // Bind the parameters $stmt->bind_param( "isssssssss", $gUserId, $paymentData['orderId'], $paymentData['paymentId'], $paymentData['rzpSignature'], $status, $paymentData['userName'], $paymentData['userEmail'], $paymentData['userMobile'], $paymentData['quizId'], $paymentData['amount'] ); // Execute the statement if ($stmt->execute()) { $response['status'] = true; return $response; } else { throw new Exception("Payment successful but failed to capture. Error: " . $stmt->error); } } catch (Exception $e) { $response['status'] = false; $response['error_message'] = $e->getMessage(); return $response; } } function capture_quiz_status($paymentData) { $response = ['status' => false]; global $conn, $gUserId; try { $payStatus="Y"; $stmt = $conn->prepare("INSERT INTO quiz_status (user_id, quiz_id, quiz_fee) VALUES (?, ?, ?)"); $stmt->bind_param("iis", $gUserId, $paymentData['quizId'], $payStatus); $stmt->execute(); $response['status'] = true; return $response; } catch (Exception $e) { $response['status'] = false; $response['error_message'] = $e->getMessage(); return $response; } } ?>