<?php
include ("../serive/samparka.php");

// Get parameters from Fastzix callback
$transaction_id = isset($_POST['transaction_id']) ? mysqli_real_escape_string($conn, $_POST['transaction_id']) : '';
$order_id = isset($_POST['order_id']) ? mysqli_real_escape_string($conn, $_POST['order_id']) : '';
$status = isset($_POST['status']) ? mysqli_real_escape_string($conn, $_POST['status']) : '';
$amount = isset($_POST['amount']) ? mysqli_real_escape_string($conn, $_POST['amount']) : '';
$userId = isset($_POST['customer_id']) ? mysqli_real_escape_string($conn, $_POST['customer_id']) : '';
$token = isset($_POST['token']) ? mysqli_real_escape_string($conn, $_POST['token']) : '';

// Verify required parameters
if(empty($transaction_id)  empty($status) || empty($amount)) {
    die("Invalid request parameters");
}

// Verify the payment with Fastzix API
$verify_url = "https://fastzix.in/api/v1/payment/verify";
$api_key = "oNL9zOk3yu2a6ntpA0KSY5wFFqlcpi4b";

$post_data = [
    'api_key' => $api_key,
    'order_id' => $order_id,
    'transaction_id' => $transaction_id
];

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $verify_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);

$response_data = json_decode($response, true);

if($response_data['status'] == 'success' && $response_data['data']['status'] == 'success') {
    // Payment successful - update database
    $sql = "INSERT INTO deposits (user_id, amount, transaction_id, order_id, status, payment_method, created_at) 
            VALUES ('$userId', '$amount', '$transaction_id', '$order_id', 'completed', 'fastzix', NOW())";
    
    if(mysqli_query($conn, $sql)) {
        // Update user balance
        $update_sql = "UPDATE users SET balance = balance + $amount WHERE id = $userId";
        mysqli_query($conn, $update_sql);
        
        // Redirect to success page
        header("Location: payment_success.php?order_id=$order_id");
    } else {
        header("Location: payment_error.php?message=Database+update+failed");
    }
} else {
    // Payment failed
    $error_msg = urlencode($response_data['message'] ?? 'Payment verification failed');
    header("Location: payment_error.php?message=$error_msg");
}
?>