small updates

2025-12-02 18:17:20 +02:00
parent b69f8f5f1b
commit 062dc46ffd
22 changed files with 304 additions and 275 deletions
--- a/submit_pop.php
+++ b/submit_pop.php
@@ -1,5 +1,7 @@
 <?php include_once('header02.php');
 checkUserSession();
+umask(002); // At the top of the PHP script, before move_uploaded_file()
+

 $user_id = $_SESSION['user_id'] ?? null;

@@ -50,6 +52,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        }

        if (move_uploaded_file($file['tmp_name'], $target_file)) {
+            chmod($target_file, 0664);
            // Update EFT and booking status
            $payment_type = $_POST['payment_type'] ?? 'booking';

@@ -73,43 +76,33 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                $stmt2->execute();
            }

-            // Notify n8n and send the path to the uploaded file
-            $webhook_url = 'https://n8n.4wdcsa.co.za/webhook/process-pop';
+            // Send notification email using sendPOP()
+        $fullname = getFullName($user_id); // Assuming this returns "First Last"
+        
+        $eftDetails = getEFTDetails($eft_id);
+        $modified = str_replace(' ', '_', $eft_id);

-            $postData = [
-                'eft_id' => $eft_id,  
-                'payment_type' => $payment_type,              
-            ];
-
-            $ch = curl_init($webhook_url);
-            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-            curl_setopt($ch, CURLOPT_POST, true);
-            curl_setopt($ch, CURLOPT_HTTPHEADER, [
-                'Content-Type: application/json'
-            ]);
-            curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($postData));
-
-            $response = curl_exec($ch);
-            $error = curl_error($ch);
-            $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
-            curl_close($ch);
-
-            if ($error) {
-                error_log("Webhook Error: $error");
-                $_SESSION['message'] = $error;
-                header("Location: bookings.php");
-            } else {
-                $_SESSION['message'] = "Thank you! We are busy processing your payment!";
-                header("Location: bookings.php");
-            }
-            
-            exit;
+        if ($eftDetails) {
+            $amount = "R" . number_format($eftDetails['amount'], 2);
+            $description = $eftDetails['description'];
        } else {
-            echo "<div class='alert alert-danger'>Unable to move uploaded file.</div>";
-            echo "<pre>Tmp file exists? " . (file_exists($file['tmp_name']) ? "Yes" : "No") . "</pre>";
-            echo "<pre>Tmp file path: " . htmlspecialchars($file['tmp_name']) . "</pre>";
-            exit;
+            $amount = "R0.00";
+            $description = "Payment"; // fallback
        }
+
+
+        if (sendPOP($fullname, $modified, $amount, $description)) {
+            $_SESSION['message'] = "Thank you! Your payment proof has been uploaded and notification sent.";
+        } else {
+            $_SESSION['message'] = "Payment uploaded, but notification email could not be sent.";
+        }
+
+        header("Location: bookings.php");
+        exit;
+
+    } else {
+        echo "<div class='alert alert-danger'>Unable to move uploaded file.</div>";
+        exit;
    }
 }