File: /var/www/vhosts/sethsawariyabizmart.com/httpdocs/masterAir/masterCheckout/ipn-status.php
<?php
error_reporting(E_ALL);
ini_set('display_errors', '1');
include('../db.php');
include('../functions.php');
include('../cred-config.php');
session_start();
$contentType = isset($_SERVER["CONTENT_TYPE"]) ? trim($_SERVER["CONTENT_TYPE"]) : '';
// Initialize request array
$request = [];
// Case 1: JSON
if (stripos($contentType, "application/json") === 0) {
$rawInput = file_get_contents("php://input");
$decoded = json_decode($rawInput, true);
if (json_last_error() === JSON_ERROR_NONE) {
$request = $decoded;
} else {
$request = ['_raw' => $rawInput]; // fallback if bad JSON
}
}
// Case 2: Form data
elseif (
stripos($contentType, "application/x-www-form-urlencoded") === 0 ||
stripos($contentType, "multipart/form-data") === 0
) {
$request = $_POST;
}
$cred = airPayCredByMercId($request['MERCID']);
logRequestData(['Raw_callback' => $request], $cred['bank']);
if (!isset($request['RRN']) || trim($request['RRN']) === '') {
// RRN missing or empty
echo json_encode(['status' => "SUCCESS"]);
exit;
}
// ✅ Only proceed if SUCCESS
if (isset($request['TRANSACTIONPAYMENTSTATUS'], $request['TRANSACTIONSTATUS'])) {
try {
if ($request['TRANSACTIONPAYMENTSTATUS'] === "SUCCESS" && $request['TRANSACTIONSTATUS'] === "200") {
$data = [
'mercid' => $request['MERCID'],
'order_id' => $request['TRANSACTIONID'],
'utr' => $request['RRN'],
'payment_status' => $request['TRANSACTIONPAYMENTSTATUS'],
'txn_status' => $request['TRANSACTIONSTATUS'],
'amount' => $request['AMOUNT'],
'customer_vpa' => $request['CUSTOMERVPA'],
'message' => $request['MESSAGE']
];
// ✅ Insert into ipn_orders
$stmt = $conn->prepare("INSERT INTO master_ipn (mercid, order_id, utr, payment_status, txn_status, amount, customer_vpa, message) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param(
"sssssiss",
$data['mercid'],
$data['order_id'],
$data['utr'],
$data['payment_status'],
$data['txn_status'],
$data['amount'],
$data['customer_vpa'],
$data['message']
);
$stmt->execute();
}
// ✅ 1st CURL: fetch link
$ch = curl_init();
curl_setopt_array($ch, [
CURLOPT_URL => $apURL . "/api/v1/private/payin/generate/link/" . $request['TRANSACTIONID'],
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 30,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_HTTPHEADER => [
"email: " . $mEmail,
"Content-Type: application/json"
],
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_POSTFIELDS => json_encode(['is_any' => "false"]),
]);
$response = curl_exec($ch);
curl_close($ch);
$dd = json_decode($response, true);
if (!$dd || !isset($dd['success']) || $dd['success'] != true) {
logRequestData(['request' => $request, 'error' => $dd, 'errorMessage' => "Ipn Status link fetch failed"], $cred['bank']);
if (!$dd['success'] && $dd['error'] == "Payin link not found." && $request['TRANSACTIONPAYMENTSTATUS'] === "SUCCESS") {
$lateData = [
'order_id' => $request['TRANSACTIONID'],
'utr' => $request['RRN'],
'vpa' => null,
'amount' => $request['AMOUNT'],
'customer_vpa' => $request['CUSTOMERVPA'] ?? null,
'provider_id' => $cred['providerId'],
'callback_at' => date('Y-m-d H:i:s'),
];
lateCallback($lateData);
}
echo json_encode(['status' => "SUCCESS"]);
exit;
}
// ✅ 2nd CURL: store payin transaction
$payload = [
"merchant_id" => $dd['data']['merchant_id'],
"user_id" => $dd['data']['user_id'],
"order_id" => $dd['data']['order_id'],
"transaction_id" => $request['RRN'] ?? null,
"amount" => $request['AMOUNT'] ?? $dd['data']['amount'],
"method" => $dd['data']['method'],
"provider_id" => $dd['data']['provider_id'],
"customer_vpa" => $request['CUSTOMERVPA'] ?? null,
"airpay_id" => $request['APTRANSACTIONID'] ?? null,
];
if ($request['TRANSACTIONPAYMENTSTATUS'] === "REFUNDED" && $request['TRANSACTIONSTATUS'] === "200") {
$payload['status'] = "Rejected";
$payload['comments'] = "Refunded";
echo json_encode(['status' => "SUCCESS"]);
exit;
}
if ($request['TRANSACTIONPAYMENTSTATUS'] === "SUCCESS" && $request['TRANSACTIONSTATUS'] === "200") {
$payload['status'] = "Approved";
} else if ($request['TRANSACTIONPAYMENTSTATUS'] === "FAIL" && $request['TRANSACTIONSTATUS'] === "400") {
$payload['status'] = "Rejected";
$payload['comments'] = $request['REASON'] ?? "Auto Rejected";
} else {
logRequestData(['Invalid_Status' => ['ucode' => $request['TRANSACTIONID'], 'message' => 'Invalid transaction status recevied.']], $cred['bank']);
echo json_encode(['status' => "SUCCESS"]);
exit;
}
$ch2 = curl_init();
curl_setopt_array($ch2, [
CURLOPT_URL => $apURL . "/api/v1/private/payin/transaction/store",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 30,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_HTTPHEADER => [
"email: " . $mEmail,
"Content-Type: application/json"
],
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_POSTFIELDS => json_encode($payload),
]);
$dpresponse = curl_exec($ch2);
curl_close($ch2);
$dx = json_decode($dpresponse, true);
if (!$dx || !isset($dx['success']) || $dx['success'] != true) {
logRequestData(['request' => $request, 'error' => $dx, 'errorMessage' => "Ipn Status payin store failed"], $cred['bank']);
} else {
logRequestData(['request' => $request, 'response' => $dx, 'storedMessage' => "Ipn Status payin stored"], $cred['bank']);
}
$ucode = $request['TRANSACTIONID'];
$vpa = $request['CUSTOMERVPA'] ?? null;
sendEntryVpa($ucode, $vpa);
echo json_encode(['status' => "SUCCESS"]);
exit;
} catch (Exception $e) {
logRequestData(['request' => $request, 'error' => $e->getMessage(), 'errorMessage' => "Ipn Status Save Failed"], $cred['bank']);
}
}
echo json_encode(['status' => "SUCCESS"]);
exit;