all(), [ 'name' => 'required|string|max:255', 'surname' => 'required|string|max:255', 'email' => 'required|email|max:255', 'phone' => 'required|string|max:20', 'price' => 'required|numeric|min:1', 'address' => 'required|string', 'agreement' => 'accepted', ], [ 'name.required' => 'Lütfen adınızı giriniz.', 'surname.required' => 'Lütfen soyadınızı giriniz.', 'email.required' => 'Lütfen e-posta adresinizi giriniz.', 'email.email' => 'Geçerli bir e-posta adresi giriniz.', 'phone.required' => 'Lütfen telefon numaranızı giriniz.', 'price.required' => 'Lütfen ödeme tutarını giriniz.', 'price.min' => 'Ödeme tutarı en az 1 TL olmalıdır.', 'address.required' => 'Lütfen ödeme açıklamasını giriniz.', 'agreement.accepted' => 'Lütfen sözleşmeyi onaylayınız.', ]); if ($validator->fails()) { Log::info('Payment Validation Failed', $validator->errors()->toArray()); return back()->withErrors($validator)->withInput(); } $merchant_id = '127117'; $merchant_key = 's9GH5FMuxFtqjxyJ'; $merchant_salt = 'qTHTx3j4FjieXPP3'; $price = $request->input('price') * 100; // Krş cinsinden // Get user IP (handling Cloudflare or standard) if (isset($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } $user_ip = $ip; $merchant_oid = time(); // Benzersiz sipariş no $email = $request->input('email'); $payment_amount = $price; $currency = 'TL'; // Default $test_mode = 0; // Canlı mod $user_name = $request->input('name').' '.$request->input('surname'); $user_address = $request->input('address'); // Note field used as address $user_phone = $request->input('phone'); // Callbacks should ideally be routes we define, but user provided specific URLs. // We will use routes relative to current domain or the ones user specified if they are absolute? // The user script had: "https://www.truncgil.com.tr/pay.php?ok" // I should probably use the current app's URL. $merchant_ok_url = route('payment.success'); $merchant_fail_url = route('payment.fail'); $user_basket = base64_encode(json_encode([ ['Web / Mobil Yazılım', $payment_amount, 1], ])); $no_installment = 0; $max_installment = 9; $debug_on = 1; $timeout_limit = 30; $hash_str = $merchant_id.$user_ip.$merchant_oid.$email.$payment_amount.$user_basket.$no_installment.$max_installment.$currency.$test_mode; $paytr_token = base64_encode(hash_hmac('sha256', $hash_str.$merchant_salt, $merchant_key, true)); $post_vals = [ 'merchant_id' => $merchant_id, 'user_ip' => $user_ip, 'merchant_oid' => $merchant_oid, 'email' => $email, 'lang' => 'tr', 'payment_amount' => $payment_amount, 'paytr_token' => $paytr_token, 'user_basket' => $user_basket, 'debug_on' => $debug_on, 'no_installment' => $no_installment, 'max_installment' => $max_installment, 'user_name' => $user_name, 'user_address' => $user_address, 'user_phone' => $user_phone, 'merchant_ok_url' => $merchant_ok_url, 'merchant_fail_url' => $merchant_fail_url, 'timeout_limit' => $timeout_limit, 'currency' => $currency, 'test_mode' => $test_mode, ]; // Curl request $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'https://www.paytr.com/odeme/api/get-token'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post_vals); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_FRESH_CONNECT, true); curl_setopt($ch, CURLOPT_TIMEOUT, 20); $result = @curl_exec($ch); if (curl_errno($ch)) { return back()->with('error', 'PAYTR connection error. err:'.curl_error($ch)); } curl_close($ch); $result = json_decode($result, 1); if ($result['status'] == 'success') { $token = $result['token']; // Re-render the online-payment page but with the token // We need to fetch the page content again // Assuming the slug is 'online-odeme' or similar, or we can just pass a dummy page object // if we are lazy, but correct way is to fetch the page associated with the route. // Since we are POSTing here, we don't know the Page model context unless we fetch it. // Let's try to assume 'online-odeme' which is common. $page = Page::where('template', 'online-payment')->orWhere('slug', 'online-odeme')->first(); if (! $page) { $page = new Page(['title' => 'Online Ödeme', 'content' => '', 'excerpt' => 'Please complete your payment below.']); } return view('templates.corporate.online-payment', [ 'page' => $page, 'paytr_token' => $token, ]); } else { return back()->with('error', 'PAYTR failed. reason:'.$result['reason']); } } public function success(Request $request) { $page = Page::where('template', 'online-payment')->orWhere('slug', 'online-odeme')->first(); if ($page) { return redirect()->route('page.show', $page->slug)->with('success', 'Your payment has been charged successfully. This will appear on your credit card statement as "PAYTR ODEME HIZMETLERI"'); } return redirect()->route('home')->with('success', 'Your payment has been charged successfully.'); } public function fail(Request $request) { $page = Page::where('template', 'online-payment')->orWhere('slug', 'online-odeme')->first(); if ($page) { return redirect()->route('page.show', $page->slug)->with('error', 'Your payment has not been charged successfully! Please check your credit card information.'); } return redirect()->route('home')->with('error', 'Your payment has not been charged successfully! Please check your credit card information.'); } }