htacces update

.env copy

@@ -1,42 +0,0 @@
-# Database Configuration
-DB_HOST=mysql-db
-DB_USER=app
-DB_PASS=4wdcsa2025!
-DB_NAME=4wdcsa
-SALT=4wdcsa
-HOST=https://beta.4wdcsa.co.za
-
-ENFORCE_HTTPS=true
-
-# Mailjet Email Service
-MAILJET_API_KEY=1a44f8d5e847537dbb8d3c76fe73a93c
-MAILJET_API_SECRET=ec98b45c53a7694c4f30d09eee9ad280
-MAILJET_FROM_EMAIL=info@4wdcsa.co.za
-MAILJET_FROM_NAME=4WDCSA
-ADMIN_EMAIL=info@4wdcsa.co.za
-FINANCE_EMAIL=louiseb@global.co.za
-POP_NOTIFICATION_EMAILS=chrispintoza@gmail.com,chrispintoza+pop@gmail.com,chrispintoza+4wdcsapop@gmail.com
-NOTIFICATION_ADDR=chrispintoza@gmail.com
-
-# Google OAuth
-GOOGLE_CLIENT_ID=948441222188-8qhboq2urr8o9n35mc70s5h2nhd52v0m.apps.googleusercontent.com
-GOOGLE_CLIENT_SECRET=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
-
-# Instagram (optional)
-INSTAGRAM_ACCESS_TOKEN=your-instagram-token
-
-# Application Settings
-APP_ENV=development
-APP_DEBUG=true
-APP_URL=https://beta.4wdcsa.co.za
-
-IKHOKHA_APP_ID=IKFLESZTKFM4HWWS76131L8HK9BYF96P
-IKHOKHA_APP_SECRET=gfoQTvXRXuzq6ArPHUS2CBFxtHtH1bxM
-IKHOKHA_ENDPOINT=https://api.ikhokha.com/public-api/v1/api/payment
-IKHOKHA_EXTERNAL_ENTITY_ID=4WDCSA
-IKHOKHA_CALLBACK_URL=https://beta.4wdcsa.co.za/src/api/ikhokha_webhook.php
-IKHOKHA_SUCCESS_URL=https://beta.4wdcsa.co.za/success
-IKHOKHA_FAILURE_URL=https://beta.4wdcsa.co.za/failure
-IKHOKHA_CANCEL_URL=https://beta.4wdcsa.co.za/cancel
-IKHOKHA_MODE=live
-IKHOKHA_BYPASS_SIGNATURE=true

.env.example

@@ -1,42 +0,0 @@
-# Database Configuration
-DB_HOST=mysql-db
-DB_USER=app
-DB_PASS=4wdcsa2025!
-DB_NAME=4wdcsa
-SALT=4wdcsa
-HOST=https://4wdcsa.co.za
-
-ENFORCE_HTTPS=true
-
-# Mailjet Email Service
-MAILJET_API_KEY=1a44f8d5e847537dbb8d3c76fe73a93c
-MAILJET_API_SECRET=ec98b45c53a7694c4f30d09eee9ad280
-MAILJET_FROM_EMAIL=info@4wdcsa.co.za
-MAILJET_FROM_NAME=4WDCSA
-ADMIN_EMAIL=info@4wdcsa.co.za
-FINANCE_EMAIL=louiseb@global.co.za
-POP_NOTIFICATION_EMAILS=chrispintoza@gmail.com,chrispintoza+pop@gmail.com,chrispintoza+4wdcsapop@gmail.com
-NOTIFICATION_ADDR=info@4wdcsa.co.za
-
-# Google OAuth
-GOOGLE_CLIENT_ID=948441222188-8qhboq2urr8o9n35mc70s5h2nhd52v0m.apps.googleusercontent.com
-GOOGLE_CLIENT_SECRET=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
-
-# Instagram (optional)
-INSTAGRAM_ACCESS_TOKEN=your-instagram-token
-
-# Application Settings
-APP_ENV=development
-APP_DEBUG=true
-APP_URL=https://4wdcsa.co.za
-
-IKHOKHA_APP_ID=IKFLESZTKFM4HWWS76131L8HK9BYF96P
-IKHOKHA_APP_SECRET=gfoQTvXRXuzq6ArPHUS2CBFxtHtH1bxM
-IKHOKHA_ENDPOINT=https://api.ikhokha.com/public-api/v1/api/payment
-IKHOKHA_EXTERNAL_ENTITY_ID=4WDCSA
-IKHOKHA_CALLBACK_URL=https://4wdcsa.co.za/src/api/ikhokha_webhook.php
-IKHOKHA_SUCCESS_URL=https://4wdcsa.co.za/success
-IKHOKHA_FAILURE_URL=https://4wdcsa.co.za/failure
-IKHOKHA_CANCEL_URL=https://4wdcsa.co.za/cancel
-IKHOKHA_MODE=live
-IKHOKHA_BYPASS_SIGNATURE=true

.htaccess

@@ -156,7 +156,7 @@ RewriteRule ^autosave$ src/processors/blog/autosave.php [L]
 
 </IfModule>
 
-php_flag display_errors On
+php_flag display_errors Off
 # php_value error_reporting -1
 RedirectMatch 403 ^/\.well-known
 Options -Indexes

test.php

@@ -1,56 +0,0 @@
-<?php
-require_once("./src/config/env.php");
-require_once("./src/config/functions.php");
-
-$callbackUrl = $_ENV['IKHOKHA_CALLBACK_URL'] ?? '';
-$secret      = $_ENV['IKHOKHA_APP_SECRET'] ?? '';
-$path        = '/src/api/ikhokha_webhook.php';
-
-// Simulated raw webhook body (EXACT)
-$raw = '{"paylinkID":"ys5225k4z56x0mm","status":"SUCCESS","externalTransactionID":"693efeaca71a9","responseCode":"00","text":null}';
-
-// Simulated header signature from iKhokha
-$ikSignFromWebhook = 'bb1702d488a40091ebd5414bc6f524e203e2c5e36b24a1b86e243dad440bb557';
-
-// Simulated raw webhook body (EXACT)
-$raw = '{"paylinkID":"ys5225k4z56x0mm","status":"SUCCESS","externalTransactionID":"693efeaca71a9","responseCode":"00","text":null}';
-
-// Simulated header signature from iKhokha
-$ikSignFromWebhook = 'bb1702d488a40091ebd5414bc6f524e203e2c5e36b24a1b86e243dad440bb557';
-
-// Decode JSON string into array
-$bodyArray = json_decode($raw, true);
-
-// Remove `text` key exactly like JS
-unset($bodyArray['text']);
-
-// Re-encode JSON (no double-encoding)
-$cleanBody = json_encode($bodyArray, JSON_UNESCAPED_SLASHES);
-
-// Now sign the SAME payload JS signs
-$payloadToSign = createPayloadToSign($callbackUrl, $cleanBody);
-
-$ikSign = generateSignature($payloadToSign, $secret);
-?>
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <title>iKhokha Signature Debug (JS)</title>
-</head>
-<body>
-
-<h3>IK-SIGN FROM WEBHOOK:</h3>
-<pre><?= htmlspecialchars($ikSignFromWebhook) ?></pre>
-
-<h3>DEBUG INFO</h3>
-<p><strong>Callback URL:</strong> <?= htmlspecialchars($callbackUrl) ?></p>
-
-<h3>Payload to Sign (Un-escaped):</h3>
-
-<pre><?= $payloadToSign ?></pre>
-
-<h3>EXPECTED SIGNATURE (JS):</h3>
-
-<pre><?= $ikSign ?></pre>
-

test2.php

@@ -1,5 +0,0 @@
-<?php
-require_once("./src/config/env.php");
-require_once("./src/config/functions.php");
-
-echo getIkhokhaTransactionHistory('2025-01-01', '2025-12-31');