Files
citrus/app/Http/Controllers/PaymentController.php
T
2026-02-18 11:53:39 +03:00

203 lines
8.3 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
namespace App\Http\Controllers;
use App\Models\Page;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Validator;
class PaymentController extends Controller
{
public function process(Request $request)
{
$validator = Validator::make($request->all(), [
'name' => 'required|string|max:255',
'surname' => 'required|string|max:255',
'email' => 'required|email|max:255',
'phone' => 'required|string|max:20',
'price' => 'required|numeric|min:1',
'address' => 'nullable|string',
'agreement' => 'accepted',
], [
'name.required' => 'Lütfen adınızı giriniz.',
'surname.required' => 'Lütfen soyadınızı giriniz.',
'email.required' => 'Lütfen e-posta adresinizi giriniz.',
'email.email' => 'Geçerli bir e-posta adresi giriniz.',
'phone.required' => 'Lütfen telefon numaranızı giriniz.',
'price.required' => 'Lütfen ödeme tutarını giriniz.',
'price.min' => 'Ödeme tutarı en az 1 TL olmalıdır.',
'address.required' => 'Lütfen ödeme açıklamasını giriniz.',
'agreement.accepted' => 'Lütfen sözleşmeyi onaylayınız.',
]);
if ($validator->fails()) {
Log::info('Payment Validation Failed', $validator->errors()->toArray());
return back()->withErrors($validator)->withInput();
}
$merchant_id = '127117';
$merchant_key = 's9GH5FMuxFtqjxyJ';
$merchant_salt = 'qTHTx3j4FjieXPP3';
$price = $request->input('price') * 100; // Krş cinsinden
// Get user IP (handling Cloudflare or standard)
if (isset($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
$user_ip = $ip;
$merchant_oid = time(); // Benzersiz sipariş no
$email = $request->input('email');
$payment_amount = $price;
$currency = 'TL'; // Default
$test_mode = 0; // Canlı mod
$user_name = $request->input('name').' '.$request->input('surname');
$user_address = $request->input('address') ?: 'Adres Belirtilmemiş'; // Fallback if not provided
$user_phone = $request->input('phone');
// Callbacks should ideally be routes we define, but user provided specific URLs.
// We will use routes relative to current domain or the ones user specified if they are absolute?
// The user script had: "https://www.truncgil.com.tr/pay.php?ok"
// I should probably use the current app's URL.
$merchant_ok_url = route('payment.success');
$merchant_fail_url = route('payment.fail');
$user_basket = base64_encode(json_encode([
['Web / Mobil Yazılım', $payment_amount, 1],
]));
$no_installment = 0;
$max_installment = 9;
$debug_on = 1;
$timeout_limit = 30;
$hash_str = $merchant_id.$user_ip.$merchant_oid.$email.$payment_amount.$user_basket.$no_installment.$max_installment.$currency.$test_mode;
$paytr_token = base64_encode(hash_hmac('sha256', $hash_str.$merchant_salt, $merchant_key, true));
$post_vals = [
'merchant_id' => $merchant_id,
'user_ip' => $user_ip,
'merchant_oid' => $merchant_oid,
'email' => $email,
'lang' => 'tr',
'payment_amount' => $payment_amount,
'paytr_token' => $paytr_token,
'user_basket' => $user_basket,
'debug_on' => $debug_on,
'no_installment' => $no_installment,
'max_installment' => $max_installment,
'user_name' => $user_name,
'user_address' => $user_address,
'user_phone' => $user_phone,
'merchant_ok_url' => $merchant_ok_url,
'merchant_fail_url' => $merchant_fail_url,
'timeout_limit' => $timeout_limit,
'currency' => $currency,
'test_mode' => $test_mode,
];
// Log request for debugging
Log::info('PayTR Request', [
'merchant_id' => $merchant_id,
'merchant_oid' => $merchant_oid,
'email' => $email,
'payment_amount' => $payment_amount,
'user_ip' => $user_ip,
]);
// Curl request
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.paytr.com/odeme/api/get-token');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_vals);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 20);
$result = curl_exec($ch);
$curlError = curl_error($ch);
$curlErrno = curl_errno($ch);
curl_close($ch);
if ($curlErrno) {
Log::error('PayTR cURL error', ['errno' => $curlErrno, 'error' => $curlError]);
return back()->with('error', 'PAYTR bağlantı hatası. Lütfen tekrar deneyin.');
}
if ($result === false || empty($result)) {
Log::error('PayTR returned empty response');
return back()->with('error', 'Ödeme sisteminden yanıt alınamadı. Lütfen tekrar deneyin.');
}
// Log the raw response for debugging
Log::info('PayTR Raw Response', ['response' => $result]);
$result = json_decode($result, 1);
// Check if result is valid
if (!$result || !is_array($result)) {
Log::error('PayTR API returned invalid response', ['response' => $result]);
return back()->with('error', 'Ödeme sisteminden geçersiz yanıt alındı. Lütfen tekrar deneyin.');
}
if (!isset($result['status'])) {
Log::error('PayTR API response missing status', ['response' => $result]);
return back()->with('error', 'Ödeme sisteminden beklenmeyen yanıt alındı. Lütfen tekrar deneyin.');
}
if ($result['status'] == 'success') {
$token = $result['token'];
// Re-render the online-payment page but with the token
// We need to fetch the page content again
// Assuming the slug is 'online-odeme' or similar, or we can just pass a dummy page object
// if we are lazy, but correct way is to fetch the page associated with the route.
// Since we are POSTing here, we don't know the Page model context unless we fetch it.
// Let's try to assume 'online-odeme' which is common.
$page = Page::where('template', 'online-payment')->orWhere('slug', 'online-odeme')->first();
if (! $page) {
$page = new Page(['title' => 'Online Ödeme', 'content' => '', 'excerpt' => 'Please complete your payment below.']);
}
return view('templates.corporate.online-payment', [
'page' => $page,
'paytr_token' => $token,
]);
} else {
return back()->with('error', 'PAYTR failed. reason:'.$result['reason']);
}
}
public function success(Request $request)
{
$page = Page::where('template', 'online-payment')->orWhere('slug', 'online-odeme')->first();
if ($page) {
return redirect()->route('page.show', $page->slug)->with('success', 'Your payment has been charged successfully. This will appear on your credit card statement as "PAYTR ODEME HIZMETLERI"');
}
return redirect()->route('home')->with('success', 'Your payment has been charged successfully.');
}
public function fail(Request $request)
{
$page = Page::where('template', 'online-payment')->orWhere('slug', 'online-odeme')->first();
if ($page) {
return redirect()->route('page.show', $page->slug)->with('error', 'Your payment has not been charged successfully! Please check your credit card information.');
}
return redirect()->route('home')->with('error', 'Your payment has not been charged successfully! Please check your credit card information.');
}
}