fixed sales pitxh

This commit is contained in:
Frank Harris 2026-06-16 10:14:41 -05:00
parent e448b415ff
commit 48afc9d770
675 changed files with 248 additions and 83827 deletions

View file

@ -104,8 +104,9 @@ textarea {
.brand-logo, .brand-logo,
.footer-logo { .footer-logo {
width: 42px; width: auto;
height: 42px; height: 44px;
object-fit: contain;
} }
.brand-copy { .brand-copy {
@ -123,6 +124,10 @@ textarea {
font-size: 0.8rem; font-size: 0.8rem;
} }
.brand-copy {
min-width: 0;
}
.primary-nav { .primary-nav {
display: flex; display: flex;
flex-wrap: wrap; flex-wrap: wrap;
@ -443,6 +448,15 @@ textarea {
color: var(--accent-strong); color: var(--accent-strong);
} }
.kicker {
color: #b6d8ff;
font-size: 0.8rem;
font-weight: 700;
letter-spacing: 0.08em;
text-transform: uppercase;
margin-bottom: 10px;
}
.card-actions { .card-actions {
display: flex; display: flex;
flex-wrap: wrap; flex-wrap: wrap;

View file

Before

Width:  |  Height:  |  Size: 1.6 MiB

After

Width:  |  Height:  |  Size: 1.6 MiB

Before After
Before After

View file

@ -2,8 +2,8 @@
return [ return [
'site_name' => 'Gameservers.World', 'site_name' => 'Gameservers.World',
'site_tagline' => 'Virtual private game servers with dedicated resources and full configuration access.', 'site_tagline' => 'Developer-backed game hosting with full server access, mod support, daily backups, and optional custom engineering help through Runlevel Systems.',
'meta_description' => 'Virtual private game servers with dedicated resources, predictable performance, full configuration access, mod support, and real human support.', 'meta_description' => 'Affordable virtual private game servers backed by developers, software engineers, and infrastructure specialists. Launch a standard server or get help with mods, automation, integrations, and custom tooling.',
// Leave null to derive the base path from the current request. // Leave null to derive the base path from the current request.
// Example: '/sales' // Example: '/sales'
@ -36,4 +36,3 @@ return [
['name' => 'Dublin, Ireland', 'region' => 'EU coverage', 'host' => 'dub-game-1.iaregamer.com'], ['name' => 'Dublin, Ireland', 'region' => 'EU coverage', 'host' => 'dub-game-1.iaregamer.com'],
], ],
]; ];

View file

@ -32,8 +32,8 @@ foreach ($websiteConfigFiles as $configFile) {
$websiteDefaults = [ $websiteDefaults = [
'site_name' => 'Gameservers.World', 'site_name' => 'Gameservers.World',
'site_tagline' => 'Virtual private game servers with dedicated resources and full configuration access.', 'site_tagline' => 'Developer-backed game hosting with full server access, mod support, daily backups, and optional custom engineering help through Runlevel Systems.',
'meta_description' => 'Virtual private game servers with dedicated resources, predictable performance, full configuration access, mod support, and real human support.', 'meta_description' => 'Affordable virtual private game servers backed by developers, software engineers, and infrastructure specialists. Launch a standard server or get help with mods, automation, integrations, and custom tooling.',
'base_path' => null, 'base_path' => null,
'public_base_url' => null, 'public_base_url' => null,
'billing_base_url' => '/billing', 'billing_base_url' => '/billing',
@ -442,6 +442,21 @@ function website_fetch_services(int $limit = 0): array
return $rows; return $rows;
} }
function website_custom_project_url(): string
{
$supportUrl = trim((string)website_config('support_url', ''));
if ($supportUrl !== '') {
return $supportUrl;
}
$discordUrl = trim((string)website_config('discord_url', ''));
if ($discordUrl !== '') {
return $discordUrl;
}
return website_url('support.php');
}
function website_fetch_doc_index(): array function website_fetch_doc_index(): array
{ {
$docsRoot = website_billing_docs_root(); $docsRoot = website_billing_docs_root();
@ -503,4 +518,3 @@ function website_render(string $pageTemplate, array $context = []): void
require WEBSITE_ROOT_DIR . '/pages/' . $pageTemplate; require WEBSITE_ROOT_DIR . '/pages/' . $pageTemplate;
require WEBSITE_INCLUDE_DIR . '/footer.php'; require WEBSITE_INCLUDE_DIR . '/footer.php';
} }

View file

@ -11,10 +11,11 @@ $supportEmail = trim((string)website_config('support_email', ''));
<div class="container footer-grid"> <div class="container footer-grid">
<div> <div>
<a class="footer-brand" href="<?= website_escape(website_url('index.php')) ?>"> <a class="footer-brand" href="<?= website_escape(website_url('index.php')) ?>">
<img src="<?= website_escape(website_asset('images/logo-sm.png')) ?>" alt="Gameservers.World logo" class="footer-logo"> <img src="<?= website_escape(website_asset('images/dark-logo.png')) ?>" alt="Gameservers.World logo" class="footer-logo">
<span><?= website_escape(website_config('site_name')) ?></span> <span><?= website_escape(website_config('site_name')) ?></span>
</a> </a>
<p class="footer-copy"><?= website_escape(website_config('site_tagline')) ?></p> <p class="footer-copy"><?= website_escape(website_config('site_tagline')) ?></p>
<p class="footer-copy">Hosting is provided by Gameservers.World. Development, integration, and infrastructure expertise come from Runlevel Systems.</p>
</div> </div>
<div> <div>
<h2>Explore</h2> <h2>Explore</h2>
@ -32,6 +33,7 @@ $supportEmail = trim((string)website_config('support_email', ''));
<li><a href="<?= website_escape(login_url()) ?>">Customer Login</a></li> <li><a href="<?= website_escape(login_url()) ?>">Customer Login</a></li>
<li><a href="<?= website_escape(panel_url()) ?>">Control Panel</a></li> <li><a href="<?= website_escape(panel_url()) ?>">Control Panel</a></li>
<li><a href="<?= website_escape(website_url('docs.php')) ?>">Server Guides</a></li> <li><a href="<?= website_escape(website_url('docs.php')) ?>">Server Guides</a></li>
<li><a href="<?= website_escape(website_custom_project_url()) ?>">Request Custom Work</a></li>
<?php if ($discordUrl !== ''): ?> <?php if ($discordUrl !== ''): ?>
<li><a href="<?= website_escape($discordUrl) ?>" target="_blank" rel="noopener noreferrer">Discord</a></li> <li><a href="<?= website_escape($discordUrl) ?>" target="_blank" rel="noopener noreferrer">Discord</a></li>
<?php endif; ?> <?php endif; ?>
@ -41,12 +43,12 @@ $supportEmail = trim((string)website_config('support_email', ''));
<h2>Need Help?</h2> <h2>Need Help?</h2>
<ul class="footer-links"> <ul class="footer-links">
<?php if ($supportUrl !== ''): ?> <?php if ($supportUrl !== ''): ?>
<li><a href="<?= website_escape($supportUrl) ?>" target="_blank" rel="noopener noreferrer">Support Portal</a></li> <li><a href="<?= website_escape($supportUrl) ?>" target="_blank" rel="noopener noreferrer">Discuss a Custom Project</a></li>
<?php endif; ?> <?php endif; ?>
<?php if ($supportEmail !== ''): ?> <?php if ($supportEmail !== ''): ?>
<li><a href="mailto:<?= website_escape($supportEmail) ?>"><?= website_escape($supportEmail) ?></a></li> <li><a href="mailto:<?= website_escape($supportEmail) ?>"><?= website_escape($supportEmail) ?></a></li>
<?php endif; ?> <?php endif; ?>
<li><a href="<?= website_escape(website_url('support.php')) ?>">Contact Options</a></li> <li><a href="<?= website_escape(website_url('support.php')) ?>">Support and Integration Help</a></li>
</ul> </ul>
</div> </div>
</div> </div>
@ -54,4 +56,3 @@ $supportEmail = trim((string)website_config('support_email', ''));
<script src="<?= website_escape(website_asset('js/site.js')) ?>" defer></script> <script src="<?= website_escape(website_asset('js/site.js')) ?>" defer></script>
</body> </body>
</html> </html>

View file

@ -25,10 +25,9 @@ $bodyClass = $bodyClass ?? '';
<meta name="twitter:title" content="<?= website_escape($pageTitle) ?>"> <meta name="twitter:title" content="<?= website_escape($pageTitle) ?>">
<meta name="twitter:description" content="<?= website_escape($metaDescription) ?>"> <meta name="twitter:description" content="<?= website_escape($metaDescription) ?>">
<meta name="twitter:image" content="<?= website_escape($socialImage) ?>"> <meta name="twitter:image" content="<?= website_escape($socialImage) ?>">
<link rel="icon" type="image/png" href="<?= website_escape(website_asset('images/logo-sm.png')) ?>"> <link rel="icon" type="image/png" href="<?= website_escape(website_asset('images/dark-logo.png')) ?>">
<link rel="stylesheet" href="<?= website_escape(website_asset('css/site.css')) ?>"> <link rel="stylesheet" href="<?= website_escape(website_asset('css/site.css')) ?>">
</head> </head>
<body class="<?= website_escape($bodyClass) ?>"> <body class="<?= website_escape($bodyClass) ?>">
<?php require WEBSITE_INCLUDE_DIR . '/navigation.php'; ?> <?php require WEBSITE_INCLUDE_DIR . '/navigation.php'; ?>
<main class="site-main"> <main class="site-main">

View file

@ -15,10 +15,10 @@ $navLinks = [
<header class="site-header"> <header class="site-header">
<div class="container header-shell"> <div class="container header-shell">
<a class="brand" href="<?= website_escape(website_url('index.php')) ?>"> <a class="brand" href="<?= website_escape(website_url('index.php')) ?>">
<img src="<?= website_escape(website_asset('images/logo-sm.png')) ?>" alt="Gameservers.World logo" class="brand-logo"> <img src="<?= website_escape(website_asset('images/dark-logo.png')) ?>" alt="Gameservers.World logo" class="brand-logo">
<span class="brand-copy"> <span class="brand-copy">
<span class="brand-name"><?= website_escape(website_config('site_name')) ?></span> <span class="brand-name"><?= website_escape(website_config('site_name')) ?></span>
<span class="brand-tagline">Virtual private game servers</span> <span class="brand-tagline">Developer-backed game hosting</span>
</span> </span>
</a> </a>
@ -38,7 +38,7 @@ $navLinks = [
</nav> </nav>
<div class="header-actions" data-header-actions> <div class="header-actions" data-header-actions>
<a class="button button-secondary" href="<?= website_escape(login_url()) ?>">Login</a> <a class="button button-secondary" href="<?= website_escape(website_custom_project_url()) ?>">Custom Projects</a>
<a class="button button-primary" href="<?= website_escape(panel_url()) ?>">Control Panel</a> <a class="button button-primary" href="<?= website_escape(panel_url()) ?>">Control Panel</a>
</div> </div>
</div> </div>

View file

@ -11,11 +11,10 @@ website_render(
'home.php', 'home.php',
[ [
'activePage' => 'home', 'activePage' => 'home',
'pageTitle' => 'Gameservers.World - Virtual private game servers', 'pageTitle' => 'Gameservers.World - Game Hosting Backed by Developers',
'metaDescription' => website_config('meta_description'), 'metaDescription' => website_config('meta_description'),
'canonicalPath' => 'index.php', 'canonicalPath' => 'index.php',
'services' => $services, 'services' => $services,
'locations' => is_array($locations) ? $locations : [], 'locations' => is_array($locations) ? $locations : [],
] ]
); );

View file

@ -9,9 +9,8 @@ website_render(
[ [
'activePage' => 'locations', 'activePage' => 'locations',
'pageTitle' => 'Locations - Gameservers.World', 'pageTitle' => 'Locations - Gameservers.World',
'metaDescription' => 'Current Gameservers.World hosting regions and deployment guidance.', 'metaDescription' => 'Current Gameservers.World hosting regions, deployment guidance, and practical notes for latency-sensitive communities.',
'canonicalPath' => 'locations.php', 'canonicalPath' => 'locations.php',
'locations' => website_config('locations', []), 'locations' => website_config('locations', []),
] ]
); );

View file

@ -18,7 +18,7 @@ foreach ($docIndex as $entry) {
<section class="page-heading"> <section class="page-heading">
<div class="container"> <div class="container">
<h1><?= $docEntry !== null ? website_escape($docEntry['name']) : 'Documentation' ?></h1> <h1><?= $docEntry !== null ? website_escape($docEntry['name']) : 'Documentation' ?></h1>
<p><?= $docEntry !== null ? website_escape((string)($docEntry['description'] ?? '')) : 'Browse customer guides, panel references, and game-specific setup documentation without depending on billing configuration.' ?></p> <p><?= $docEntry !== null ? website_escape((string)($docEntry['description'] ?? '')) : 'Browse server setup guides, GSP references, mod and Workshop help, and troubleshooting material for both ordinary hosting customers and communities doing more specialized work.' ?></p>
</div> </div>
</section> </section>
@ -38,7 +38,7 @@ foreach ($docIndex as $entry) {
<section> <section>
<div class="section-heading"> <div class="section-heading">
<h2><?= website_escape($categoryLabels[$category] ?? ucwords($category)) ?></h2> <h2><?= website_escape($categoryLabels[$category] ?? ucwords($category)) ?></h2>
<p><?= website_escape(($categoryLabels[$category] ?? $category) . ' available through the shared GSP documentation set.') ?></p> <p><?= website_escape(($categoryLabels[$category] ?? $category) . ' to help you configure, troubleshoot, and extend the server you are actually trying to run.') ?></p>
</div> </div>
<div class="doc-grid"> <div class="doc-grid">
<?php foreach ($entries as $entry): ?> <?php foreach ($entries as $entry): ?>
@ -63,9 +63,8 @@ foreach ($docIndex as $entry) {
<?php else: ?> <?php else: ?>
<div class="empty-state"> <div class="empty-state">
<h2>Documentation is unavailable</h2> <h2>Documentation is unavailable</h2>
<p>No documentation source directory was found. Check that the billing module docs directory is present alongside the website module.</p> <p>Documentation is temporarily unavailable. Contact support if you need help with setup, mods, Workshop content, or a custom server configuration.</p>
</div> </div>
<?php endif; ?> <?php endif; ?>
</div> </div>
</section> </section>

View file

@ -7,7 +7,22 @@ $hasBilling = website_billing_available();
<section class="page-heading"> <section class="page-heading">
<div class="container"> <div class="container">
<h1>Game Servers</h1> <h1>Game Servers</h1>
<p>Available services are pulled from the existing billing catalog when the database is configured. This page no longer reaches into billing includes with hardcoded filesystem paths, so it stays up even when billing config is missing.</p> <p>Order a standard hosted server or use the catalog as the starting point for something more customized. Individual servers can be reviewed for mod setups, scripts, automation, integrations, and community-specific requirements.</p>
</div>
</section>
<section class="section">
<div class="container">
<div class="summary-grid">
<article class="summary-card">
<h3>Standard hosting is available</h3>
<p>Use the catalog for ordinary game-server hosting with GSP access, full configuration and file control, monitored capacity, and daily backups.</p>
</article>
<article class="summary-card">
<h3>Need something unusual?</h3>
<p>Custom development, integration, and engineering work can be scoped separately for a reasonable additional fee. No build work starts without an agreed estimate.</p>
</article>
</div>
</div> </div>
</section> </section>
@ -29,7 +44,7 @@ $hasBilling = website_billing_available();
<h3><?= website_escape($serviceName) ?></h3> <h3><?= website_escape($serviceName) ?></h3>
<div class="service-meta"><?= website_escape((string)($service['cfg_game_key'] ?? '')) ?></div> <div class="service-meta"><?= website_escape((string)($service['cfg_game_key'] ?? '')) ?></div>
</header> </header>
<p><?= website_escape($description !== '' ? $description : 'Dedicated resources, full configuration access, and GSP panel management.') ?></p> <p><?= website_escape($description !== '' ? $description : 'Virtual private hosting with full configuration access, mod support, GSP panel management, and optional custom engineering help.') ?></p>
<div class="section-divider"></div> <div class="section-divider"></div>
<div class="service-price"><?= $price > 0 ? '$' . number_format($price, 2) . ' / month' : 'Contact for pricing' ?></div> <div class="service-price"><?= $price > 0 ? '$' . number_format($price, 2) . ' / month' : 'Contact for pricing' ?></div>
<div class="card-actions"> <div class="card-actions">
@ -49,13 +64,12 @@ $hasBilling = website_billing_available();
<p><?= website_escape((string)website_config('admin_notice')) ?></p> <p><?= website_escape((string)website_config('admin_notice')) ?></p>
<div class="card-actions"> <div class="card-actions">
<a class="button button-primary" href="<?= website_escape(website_url('support.php')) ?>">Contact Support</a> <a class="button button-primary" href="<?= website_escape(website_url('support.php')) ?>">Contact Support</a>
<a class="button button-secondary" href="<?= website_escape(website_url('index.php')) ?>">Return Home</a> <a class="button button-secondary" href="<?= website_escape(website_custom_project_url()) ?>">Discuss a Custom Server</a>
</div> </div>
<?php if (!website_billing_config_present()): ?> <?php if (!website_billing_config_present()): ?>
<p class="muted">Billing configuration is missing or unreadable. Public pages still load, but service data cannot be queried until billing or panel database credentials are configured.</p> <p class="muted">If you already know what you want to build, contact support and we can review the request directly even while the public catalog is unavailable.</p>
<?php endif; ?> <?php endif; ?>
</div> </div>
<?php endif; ?> <?php endif; ?>
</div> </div>
</section> </section>

View file

@ -3,41 +3,43 @@
declare(strict_types=1); declare(strict_types=1);
$discordUrl = trim((string)website_config('discord_url', '')); $discordUrl = trim((string)website_config('discord_url', ''));
$customProjectUrl = website_custom_project_url();
?> ?>
<section class="hero"> <section class="hero">
<div class="container hero-layout"> <div class="container hero-layout">
<div> <div>
<div class="eyebrow">Dedicated resources. Full control. Real support.</div> <div class="eyebrow">Game hosting backed by developers</div>
<h1>Virtual private game servers with predictable resources and full configuration access.</h1> <h1>Host it. Mod it. Build it.</h1>
<p><?= website_escape(website_config('site_tagline')) ?> Gameservers.World focuses on stable capacity, older community-favorite titles, mod support, and a control panel that gives customers practical access instead of a stripped-down toy interface.</p> <p>Launch an affordable virtual private game server or work with the team behind Runlevel Systems on the parts that make your community specific: mods, scripts, automation, integrations, admin tools, custom GSP workflows, and unusual server setups that do not fit a generic hosting template.</p>
<div class="hero-actions"> <div class="hero-actions">
<a class="button button-primary" href="<?= website_escape(website_url('serverlist.php')) ?>">View Game Servers</a> <a class="button button-primary" href="<?= website_escape(website_url('serverlist.php')) ?>">View Game Servers</a>
<a class="button button-secondary" href="<?= website_escape(panel_url()) ?>">Open Control Panel</a> <a class="button button-secondary" href="<?= website_escape($customProjectUrl) ?>">Discuss a Custom Project</a>
<a class="button button-ghost" href="<?= website_escape(panel_url()) ?>">Open Control Panel</a>
</div> </div>
<div class="hero-points"> <div class="hero-points">
<div class="hero-point"> <div class="hero-point">
<strong>Never oversold</strong> <strong>Affordable hosting first</strong>
<span class="muted">Dedicated resources stay dedicated. Predictable performance is the product, not an upgrade.</span> <span class="muted">You can order a normal hosted server without custom work, then decide later whether you need help extending it.</span>
</div> </div>
<div class="hero-point"> <div class="hero-point">
<strong>Mod and Workshop support</strong> <strong>Never-oversold capacity</strong>
<span class="muted">Common modding workflows, Workshop content, and file access stay available where the game allows it.</span> <span class="muted">Host systems are actively monitored so customers are not crowded onto overloaded nodes.</span>
</div> </div>
<div class="hero-point"> <div class="hero-point">
<strong>Control and customization</strong> <strong>Real engineering help</strong>
<span class="muted">Startup parameters, configs, backups, and updates are managed through the GSP panel without hiding the important controls.</span> <span class="muted">Developers, software engineers, game developers, and infrastructure specialists are available when a server needs more than a restart button.</span>
</div> </div>
<div class="hero-point"> <div class="hero-point">
<strong>Real people</strong> <strong>Customization is available</strong>
<span class="muted">Documentation exists, but you can still talk to someone when an old modpack or legacy title gets awkward.</span> <span class="muted">Files, configs, startup parameters, supported mods, Workshop content, and custom tooling can be reviewed case by case.</span>
</div> </div>
</div> </div>
</div> </div>
<div class="hero-visual"> <div class="hero-visual">
<img src="<?= website_escape(website_asset('images/banner.png')) ?>" alt="Gameservers.World supported games collage"> <img src="<?= website_escape(website_asset('images/banner.png')) ?>" alt="Gameservers.World supported games collage">
<div class="hero-visual-card"> <div class="hero-visual-card">
<strong>Built for hosted communities that want actual control</strong> <strong>More than hosting</strong>
<p>Use the GSP panel for server start/stop, config editing, Workshop or mod workflows, logs, file access, and routine maintenance without depending on fragile manual shell work.</p> <p>Gameservers.World hosts the server. Runlevel Systems provides the development, integration, and infrastructure expertise behind it.</p>
</div> </div>
</div> </div>
</div> </div>
@ -47,20 +49,20 @@ $discordUrl = trim((string)website_config('discord_url', ''));
<div class="container"> <div class="container">
<div class="stats-grid"> <div class="stats-grid">
<div class="stat-card"> <div class="stat-card">
<strong>Dedicated</strong> <strong>128 GB RAM</strong>
<span>No noisy-neighbor overselling.</span> <span>Host specification, not a per-customer dedicated allocation.</span>
</div> </div>
<div class="stat-card"> <div class="stat-card">
<strong>Full access</strong> <strong>32 CPU cores</strong>
<span>Configs, startup parameters, files, backups, and updates.</span> <span>Capacity is managed for stable game performance and headroom.</span>
</div> </div>
<div class="stat-card"> <div class="stat-card">
<strong>Legacy-friendly</strong> <strong>2 TB SSD</strong>
<span>Older and community-favorite games stay part of the catalog.</span> <span>Fast storage on monitored hosts instead of overloaded bargain nodes.</span>
</div> </div>
<div class="stat-card"> <div class="stat-card">
<strong>Operational help</strong> <strong>Daily backups</strong>
<span>Human support when the docs are not enough.</span> <span>Recover from failed updates, bad changes, or configuration mistakes with help from support.</span>
</div> </div>
</div> </div>
</div> </div>
@ -69,25 +71,26 @@ $discordUrl = trim((string)website_config('discord_url', ''));
<section class="section"> <section class="section">
<div class="container"> <div class="container">
<div class="section-heading"> <div class="section-heading">
<h2>Why Gameservers.World</h2> <div class="kicker">More than hosting</div>
<p>The website now makes the actual sales proposition explicit: dedicated capacity, access to the knobs that matter, and hosting for both current and older multiplayer titles without burying customers behind fragile shared-hosting abstractions.</p> <h2>Gameservers.World can host a standard server or help build something more specific.</h2>
<p>Some customers want a clean server with good support and full access. Others need custom scripts, mod workflows, database connections, Discord integrations, migration help, or tools built around a long-running community. Both use cases belong here.</p>
</div> </div>
<div class="feature-grid"> <div class="feature-grid">
<article class="feature-card"> <article class="feature-card">
<h3>Dedicated resources</h3> <h3>Developer-backed hosting</h3>
<p>Capacity is reserved for the server you pay for. CPU and memory planning are aimed at stable behavior, not squeezing one more tenant onto the node.</p> <p>Runlevel Systems brings development and engineering experience behind the hosting service, not just sales copy and a billing page.</p>
</article> </article>
<article class="feature-card"> <article class="feature-card">
<h3>Mod support</h3> <h3>Custom server builds</h3>
<p>Workshop and addon workflows are supported where the underlying game tooling allows it, with file access and update paths that customers can actually use.</p> <p>Individual servers can be configured around startup parameters, file layouts, admin tooling, automation, or game-specific quirks.</p>
</article> </article>
<article class="feature-card"> <article class="feature-card">
<h3>Panel control</h3> <h3>Mod and Workshop integration</h3>
<p>Customers manage their service through GSP rather than opening tickets for every config tweak, reboot, backup, or startup parameter change.</p> <p>Supported games can use GSP content workflows, dedicated Workshop support, and hands-on help with mod setup or compatibility issues.</p>
</article> </article>
<article class="feature-card"> <article class="feature-card">
<h3>Real support</h3> <h3>Infrastructure expertise</h3>
<p>When an old title, community mod, or provisioning edge case gets weird, support is available through documentation plus direct assistance.</p> <p>Linux, Windows Server, databases, networking, logs, backups, monitoring, and deployment are part of the same practical support surface.</p>
</article> </article>
</div> </div>
</div> </div>
@ -96,17 +99,27 @@ $discordUrl = trim((string)website_config('discord_url', ''));
<section class="section"> <section class="section">
<div class="container"> <div class="container">
<div class="section-heading"> <div class="section-heading">
<h2>Current locations</h2> <div class="kicker">What we can build</div>
<p>Locations are configured data, not marketing filler. These reflect the currently documented host regions from the existing Gameservers.World site content.</p> <h2>Custom work can extend the server beyond the control panel.</h2>
<p>Tell us what you want your server to do. We will review the game, its tools, and the technical limits, then help design a practical solution. Not every request is possible, but unusual requests do not get dismissed out of hand.</p>
</div> </div>
<div class="location-grid"> <div class="feature-grid">
<?php foreach ($locations as $location): ?> <article class="feature-card">
<article class="location-card"> <h3>Server scripts and automation</h3>
<h3><?= website_escape((string)($location['name'] ?? '')) ?></h3> <p>Startup and update automation, scheduled workflows, restart logic, migration helpers, and practical server-side tooling.</p>
<p><?= website_escape((string)($location['region'] ?? '')) ?></p> </article>
<small><?= website_escape((string)($location['host'] ?? '')) ?></small> <article class="feature-card">
</article> <h3>Mods, maps, and content</h3>
<?php endforeach; ?> <p>Mod configuration, Workshop collections, custom maps, custom content packaging, and community-specific content workflows.</p>
</article>
<article class="feature-card">
<h3>Integrations and data</h3>
<p>APIs, web dashboards, Discord integrations, external applications, databases, launchers, and admin utilities.</p>
</article>
<article class="feature-card">
<h3>GSP extensions</h3>
<p>Custom GSP modules, game-specific fixes, monitoring workflows, and operational improvements when a project needs more than the default panel path.</p>
</article>
</div> </div>
</div> </div>
</section> </section>
@ -114,8 +127,49 @@ $discordUrl = trim((string)website_config('discord_url', ''));
<section class="section"> <section class="section">
<div class="container"> <div class="container">
<div class="section-heading"> <div class="section-heading">
<h2>Popular and supported game servers</h2> <div class="kicker">Hosting platform</div>
<p>These cards are driven from the existing billing catalog when configuration is available. The site does not invent fake availability if the billing catalog is offline.</p> <h2>Stable hosting without overcrowded nodes.</h2>
<p>Gameservers.World provides virtual private game servers on carefully managed hosts with 128 GB RAM, 32 CPU cores, and 2 TB SSD storage. Those are host specifications, not dedicated per-customer guarantees. The practical commitment is monitored capacity, performance headroom, and daily backups.</p>
</div>
<div class="summary-grid">
<article class="summary-card">
<h3>Real server access</h3>
<p>Edit files and configurations, adjust startup parameters, manage supported server content, review logs, and run updates or scheduled tasks through GSP.</p>
</article>
<article class="summary-card">
<h3>Windows and Linux experience</h3>
<p>The team works across game servers that expect different operating systems, toolchains, runtime quirks, and documentation quality.</p>
</article>
</div>
</div>
</section>
<section class="section">
<div class="container">
<div class="section-heading">
<div class="kicker">Modding and game development support</div>
<h2>Support for current, older, and community-maintained games.</h2>
<p>Some communities need help with abandoned dedicated-server software, badly documented mod stacks, or workflows that mix game servers, websites, databases, and custom scripts. That is where developer-backed hosting matters.</p>
</div>
<div class="summary-grid">
<article class="summary-card">
<h3>What we understand</h3>
<p>Game development, mod development, PHP, Perl, C#, Unity, Linux, Windows Server, networking, databases, SteamCMD, Steam Workshop, dedicated-server software, automation, deployment, and troubleshooting.</p>
</article>
<article class="summary-card">
<h3>How we approach unusual requests</h3>
<p>We host standard servers every day, but we also help revive older multiplayer titles, evaluate unsupported configurations, and scope custom work when a community needs something more specific.</p>
</article>
</div>
</div>
</section>
<section class="section">
<div class="container">
<div class="section-heading">
<div class="kicker">Supported games and locations</div>
<h2>Live catalog where available, honest fallback where it is not.</h2>
<p>Available games and public pricing come from the active service catalog when configuration is available. The site does not invent availability or publish stale game lists just to fill space.</p>
</div> </div>
<?php if (!empty($services)): ?> <?php if (!empty($services)): ?>
<div class="service-grid"> <div class="service-grid">
@ -131,7 +185,7 @@ $discordUrl = trim((string)website_config('discord_url', ''));
<h3><?= website_escape($serviceName) ?></h3> <h3><?= website_escape($serviceName) ?></h3>
<div class="service-price"><?= $price > 0 ? '$' . number_format($price, 2) . ' / month' : 'Contact for pricing' ?></div> <div class="service-price"><?= $price > 0 ? '$' . number_format($price, 2) . ' / month' : 'Contact for pricing' ?></div>
</header> </header>
<p><?= website_escape(trim((string)($service['description'] ?? 'Dedicated hosting with full configuration access.')) ?: 'Dedicated hosting with full configuration access.') ?></p> <p><?= website_escape(trim((string)($service['description'] ?? 'Virtual private hosting with full configuration access, real support, and optional customization help.')) ?: 'Virtual private hosting with full configuration access, real support, and optional customization help.') ?></p>
<div class="card-actions"> <div class="card-actions">
<a class="button button-primary" href="<?= website_escape($orderUrl) ?>">Order</a> <a class="button button-primary" href="<?= website_escape($orderUrl) ?>">Order</a>
<a class="button button-ghost" href="<?= website_escape(website_url('serverlist.php')) ?>">Catalog</a> <a class="button button-ghost" href="<?= website_escape(website_url('serverlist.php')) ?>">Catalog</a>
@ -141,7 +195,7 @@ $discordUrl = trim((string)website_config('discord_url', ''));
</div> </div>
<?php else: ?> <?php else: ?>
<div class="empty-state"> <div class="empty-state">
<h3>Catalog visibility depends on billing data</h3> <h3>Current game catalog unavailable</h3>
<p><?= website_escape((string)website_config('admin_notice')) ?></p> <p><?= website_escape((string)website_config('admin_notice')) ?></p>
<div class="card-actions"> <div class="card-actions">
<a class="button button-secondary" href="<?= website_escape(website_url('support.php')) ?>">Contact Support</a> <a class="button button-secondary" href="<?= website_escape(website_url('support.php')) ?>">Contact Support</a>
@ -155,24 +209,18 @@ $discordUrl = trim((string)website_config('discord_url', ''));
<section class="section"> <section class="section">
<div class="container"> <div class="container">
<div class="section-heading"> <div class="section-heading">
<h2>How it works</h2> <div class="kicker">Real support</div>
<p>The public site and the control plane are now separated cleanly: the website explains the service, the billing catalog handles order-specific data, and GSP runs the operational lifecycle.</p> <h2>Talk to people who understand what is under the hood.</h2>
<p>Support is not limited to “restart it and send a ticket. Customers can get help with setup, configuration, mods, Workshop, performance troubleshooting, automation questions, and practical recovery from bad changes.</p>
</div> </div>
<div class="flow-grid"> <div class="summary-grid">
<article class="flow-step"> <article class="summary-card">
<span class="flow-step-number">1</span> <h3>Ordinary hosting is available</h3>
<h3>Choose a server</h3> <p>Order a standard server, use the panel, and get practical support without being forced into a custom project.</p>
<p>Browse the supported game catalog, confirm the available plan, and select a region that matches your community.</p>
</article> </article>
<article class="flow-step"> <article class="summary-card">
<span class="flow-step-number">2</span> <h3>Custom help is available too</h3>
<h3>Configure it</h3> <p>If you need scripts, integrations, workflow changes, or development help, we can scope that separately and quote it before work begins.</p>
<p>Use the GSP panel to set startup parameters, edit configs, install supported content, and keep backups or updates under control.</p>
</article>
<article class="flow-step">
<span class="flow-step-number">3</span>
<h3>Manage through GSP</h3>
<p>Operate the service through the panel for lifecycle, monitoring, logs, file access, and routine administrative work.</p>
</article> </article>
</div> </div>
</div> </div>
@ -187,11 +235,11 @@ $discordUrl = trim((string)website_config('discord_url', ''));
<div class="panel-preview-stats"> <div class="panel-preview-stats">
<div class="section-heading"> <div class="section-heading">
<h2>GSP control panel</h2> <h2>GSP control panel</h2>
<p>Customers do not get a fake storefront-only experience. They manage hosted servers through the same GSP platform that handles starts, stops, files, logs, addons, scheduling, and provisioning workflows.</p> <p>Start, stop, and restart servers. Edit files and configurations. Review logs. Install supported content. Manage Workshop workflows where the game allows it. Schedule tasks, run updates, work with backups, and monitor server state from one place.</p>
</div> </div>
<div class="summary-card"> <div class="summary-card">
<h3>Operational access</h3> <h3>Built by the same team</h3>
<p>Start and stop servers, manage files, inspect logs, update Workshop content, and adjust configuration safely from the panel.</p> <p>GSP itself is developed and customized by the same engineering team, which means new workflows or modules can be evaluated when a project calls for them.</p>
</div> </div>
<div class="stack-actions"> <div class="stack-actions">
<a class="button button-primary" href="<?= website_escape(panel_url()) ?>">Open Control Panel</a> <a class="button button-primary" href="<?= website_escape(panel_url()) ?>">Open Control Panel</a>
@ -204,22 +252,36 @@ $discordUrl = trim((string)website_config('discord_url', ''));
<section class="section"> <section class="section">
<div class="container"> <div class="container">
<div class="summary-grid"> <div class="section-heading">
<article class="summary-card"> <div class="kicker">How custom work operates</div>
<h3>Documentation and support</h3> <h2>Simple process, scoped before work begins.</h2>
<p>Game-specific docs, panel guidance, and troubleshooting live in the same repo and can be served without depending on billing configuration.</p> <p>Custom coding and integration work is quoted separately, but the goal is practical, reasonable pricing rather than inflated enterprise consulting rates. No custom work starts without agreement on scope and cost.</p>
<div class="card-actions"> </div>
<a class="button button-secondary" href="<?= website_escape(website_url('docs.php')) ?>">Documentation</a> <div class="flow-grid">
<a class="button button-ghost" href="<?= website_escape(website_url('support.php')) ?>">Support</a> <article class="flow-step">
</div> <span class="flow-step-number">1</span>
<h3>Tell us what you want</h3>
<p>Explain the server, the game, the community, and what you want it to do differently.</p>
</article> </article>
<article class="summary-card"> <article class="flow-step">
<h3>Panel and login routing</h3> <span class="flow-step-number">2</span>
<p>The Control Panel and Login actions are configuration-driven. The public site no longer assumes a fragile `/panel/` path under the marketing domain.</p> <h3>We evaluate the limits</h3>
<div class="card-actions"> <p>We review the game, its tools, the operating requirements, and what is practical to build or integrate.</p>
<a class="button button-primary" href="<?= website_escape(login_url()) ?>">Login</a> </article>
<a class="button button-secondary" href="<?= website_escape(panel_url()) ?>">Control Panel</a> <article class="flow-step">
</div> <span class="flow-step-number">3</span>
<h3>We scope and price it</h3>
<p>Custom coding, integration, or engineering work is discussed up front before any build work begins.</p>
</article>
<article class="flow-step">
<span class="flow-step-number">4</span>
<h3>We build and deploy</h3>
<p>Once approved, we implement, test, and help deploy the agreed changes.</p>
</article>
<article class="flow-step">
<span class="flow-step-number">5</span>
<h3>We maintain if needed</h3>
<p>Ongoing help can be discussed for communities that need support beyond the initial delivery.</p>
</article> </article>
</div> </div>
</div> </div>
@ -229,12 +291,13 @@ $discordUrl = trim((string)website_config('discord_url', ''));
<div class="container"> <div class="container">
<div class="cta-panel"> <div class="cta-panel">
<div> <div>
<h2>Ready to deploy a server?</h2> <h2>Have an idea for your server?</h2>
<p>Browse the current game catalog, confirm the right location, and manage the result through GSP.</p> <p>Whether you need ordinary hosting, a complicated mod setup, or something that has never been packaged into a hosting panel before, tell us what you are trying to build.</p>
</div> </div>
<div class="stack-actions"> <div class="stack-actions">
<a class="button button-primary" href="<?= website_escape(website_url('serverlist.php')) ?>">View Game Servers</a> <a class="button button-primary" href="<?= website_escape(website_url('serverlist.php')) ?>">View Game Servers</a>
<a class="button button-secondary" href="<?= website_escape(panel_url()) ?>">Open Control Panel</a> <a class="button button-secondary" href="<?= website_escape($customProjectUrl) ?>">Request Custom Development</a>
<a class="button button-ghost" href="<?= website_escape(website_url('support.php')) ?>">Contact Support</a>
<?php if ($discordUrl !== ''): ?> <?php if ($discordUrl !== ''): ?>
<a class="button button-ghost" href="<?= website_escape($discordUrl) ?>" target="_blank" rel="noopener noreferrer">Discord</a> <a class="button button-ghost" href="<?= website_escape($discordUrl) ?>" target="_blank" rel="noopener noreferrer">Discord</a>
<?php endif; ?> <?php endif; ?>
@ -242,4 +305,3 @@ $discordUrl = trim((string)website_config('discord_url', ''));
</div> </div>
</div> </div>
</section> </section>

View file

@ -7,7 +7,7 @@ $locations = is_array($locations) ? $locations : [];
<section class="page-heading"> <section class="page-heading">
<div class="container"> <div class="container">
<h1>Locations</h1> <h1>Locations</h1>
<p>Deployment regions are configured data. Large or latency-sensitive communities should choose a region that matches where the players actually are, not just where the cheapest machine happened to be.</p> <p>Choose a region that fits where your players are, what game you run, and how sensitive your mod stack or server software is to latency and host performance. Stable hosting matters more than crowding customers onto the cheapest node.</p>
</div> </div>
</section> </section>
@ -30,13 +30,12 @@ $locations = is_array($locations) ? $locations : [];
<div class="summary-grid"> <div class="summary-grid">
<article class="summary-card"> <article class="summary-card">
<h3>Regional fit matters</h3> <h3>Regional fit matters</h3>
<p>Pick a region based on player distribution and the specific game. Older titles and mod-heavy servers can be more sensitive to latency and disk performance than the average commodity hosting page admits.</p> <p>Older titles, community-maintained games, and mod-heavy servers often react badly to poor latency and overloaded hosts. Pick the region that fits the community, not just the first checkbox in a generic order form.</p>
</article> </article>
<article class="summary-card"> <article class="summary-card">
<h3>Need a different region?</h3> <h3>Need a different region?</h3>
<p>If the catalog does not list the region you need yet, contact support. The site copy now makes this explicit instead of hiding the conversation behind a dead link.</p> <p>If the catalog does not list the region or deployment arrangement you need, ask. Some communities need something unusual, and that can be reviewed directly.</p>
</article> </article>
</div> </div>
</div> </div>
</section> </section>

View file

@ -5,7 +5,7 @@ declare(strict_types=1);
<section class="page-heading"> <section class="page-heading">
<div class="container"> <div class="container">
<h1>Pricing</h1> <h1>Pricing</h1>
<p>Gameservers.World pricing is catalog-driven. The public site does not hardcode fake plan availability; it shows live service rows when the billing catalog is available and falls back to guidance when it is not.</p> <p>Standard hosting prices come from the live game-server catalog. Custom coding, integration, and engineering work are separate so customers only pay for extra build work when they actually need it.</p>
</div> </div>
</section> </section>
@ -13,12 +13,12 @@ declare(strict_types=1);
<div class="container"> <div class="container">
<div class="summary-grid"> <div class="summary-grid">
<article class="summary-card"> <article class="summary-card">
<h3>What you are paying for</h3> <h3>Hosting and support</h3>
<p>Dedicated resources, full configuration access, mod and Workshop support where available, control through GSP, backups, and support from people who know the game hosting side of the product.</p> <p>Standard pricing covers virtual private game hosting, GSP access, full file and configuration control, mod and Workshop help where supported, monitored capacity, and daily backups.</p>
</article> </article>
<article class="summary-card"> <article class="summary-card">
<h3>How pricing is presented</h3> <h3>Custom work is quoted separately</h3>
<p>Plan data comes from the billing catalog. That keeps the marketing site aligned with the actual services table instead of drifting into stale hardcoded prices.</p> <p>Small changes should not get enterprise-consulting pricing, but custom coding is not implied to be free. Scope and price are discussed before work begins.</p>
</article> </article>
</div> </div>
</div> </div>
@ -53,3 +53,17 @@ declare(strict_types=1);
</div> </div>
</section> </section>
<section class="section">
<div class="container">
<div class="summary-grid">
<article class="summary-card">
<h3>Reasonable scoping</h3>
<p>If you want a custom server script, migration helper, integration, monitoring workflow, or game-specific fix, the first step is a practical discussion about what the game allows and what the work should cost.</p>
</article>
<article class="summary-card">
<h3>What is not claimed</h3>
<p>The site does not invent exact prices outside the catalog, promise unlimited development, or pretend every unusual request is technically possible.</p>
</article>
</div>
</div>
</section>

View file

@ -10,7 +10,7 @@ $loginUnavailable = $loginUnavailable ?? false;
<section class="page-heading"> <section class="page-heading">
<div class="container"> <div class="container">
<h1>Support</h1> <h1>Support</h1>
<p>Documentation should handle the routine cases. Support exists for the ones that are still operationally messy: mods, legacy engines, provisioning issues, and the inevitable edge cases around community-maintained titles.</p> <p>Support covers ordinary hosting questions, but it also extends to mod setups, Workshop issues, configuration mistakes, migration work, automation ideas, unusual server requirements, and the kinds of problems that appear when a community wants more than a stock setup.</p>
</div> </div>
</section> </section>
@ -18,34 +18,34 @@ $loginUnavailable = $loginUnavailable ?? false;
<div class="container"> <div class="container">
<?php if ($loginUnavailable): ?> <?php if ($loginUnavailable): ?>
<div class="alert"> <div class="alert">
Login URL is not configured for this deployment. Set <code>login_url</code> in the website config to route customers to the active panel login. Customer login routing is not configured for this deployment yet. Use the support options below and the panel URL can be provided directly.
</div> </div>
<?php endif; ?> <?php endif; ?>
<div class="support-grid"> <div class="support-grid">
<article class="support-card"> <article class="support-card">
<h3>Customer login</h3> <h3>Hosting support</h3>
<p>Access existing servers, files, logs, and administrative workflows through the configured GSP panel login.</p> <p>Get help with setup, configuration, files, logs, backups, updates, startup parameters, and routine server administration through the configured GSP panel.</p>
<div class="card-actions"> <div class="card-actions">
<a class="button button-primary" href="<?= website_escape(login_url()) ?>">Login</a> <a class="button button-primary" href="<?= website_escape(login_url()) ?>">Login</a>
<a class="button button-secondary" href="<?= website_escape(panel_url()) ?>">Panel</a> <a class="button button-secondary" href="<?= website_escape(panel_url()) ?>">Panel</a>
</div> </div>
</article> </article>
<article class="support-card"> <article class="support-card">
<h3>Documentation</h3> <h3>Modding and troubleshooting</h3>
<p>Server guides, panel references, and troubleshooting content are available even if billing configuration is missing.</p> <p>Use the documentation set for server guides, panel workflows, Workshop help, and technical troubleshooting across current and older multiplayer games.</p>
<div class="card-actions"> <div class="card-actions">
<a class="button button-primary" href="<?= website_escape(website_url('docs.php')) ?>">Open Docs</a> <a class="button button-primary" href="<?= website_escape(website_url('docs.php')) ?>">Open Docs</a>
</div> </div>
</article> </article>
<article class="support-card"> <article class="support-card">
<h3>Direct help</h3> <h3>Custom development and integration</h3>
<p>Use Discord, a support portal, or email depending on what is configured for this deployment.</p> <p>Need custom scripts, dashboards, GSP extensions, automation, database work, Discord integration, monitoring, or a review of an unusual server idea? Start the conversation here and we can scope it honestly.</p>
<div class="card-actions"> <div class="card-actions">
<?php if ($discordUrl !== ''): ?> <?php if ($discordUrl !== ''): ?>
<a class="button button-primary" href="<?= website_escape($discordUrl) ?>" target="_blank" rel="noopener noreferrer">Discord</a> <a class="button button-primary" href="<?= website_escape($discordUrl) ?>" target="_blank" rel="noopener noreferrer">Discord</a>
<?php endif; ?> <?php endif; ?>
<?php if ($supportUrl !== ''): ?> <?php if ($supportUrl !== ''): ?>
<a class="button button-secondary" href="<?= website_escape($supportUrl) ?>" target="_blank" rel="noopener noreferrer">Support Portal</a> <a class="button button-secondary" href="<?= website_escape($supportUrl) ?>" target="_blank" rel="noopener noreferrer">Request Help</a>
<?php endif; ?> <?php endif; ?>
<?php if ($supportEmail !== ''): ?> <?php if ($supportEmail !== ''): ?>
<a class="button button-ghost" href="mailto:<?= website_escape($supportEmail) ?>">Email</a> <a class="button button-ghost" href="mailto:<?= website_escape($supportEmail) ?>">Email</a>
@ -55,4 +55,3 @@ $loginUnavailable = $loginUnavailable ?? false;
</div> </div>
</div> </div>
</section> </section>

View file

@ -9,9 +9,8 @@ website_render(
[ [
'activePage' => 'pricing', 'activePage' => 'pricing',
'pageTitle' => 'Pricing - Gameservers.World', 'pageTitle' => 'Pricing - Gameservers.World',
'metaDescription' => 'Pricing guidance and available game server plans for Gameservers.World.', 'metaDescription' => 'Standard game hosting pricing plus honest guidance on separately quoted custom development and integration work.',
'canonicalPath' => 'pricing.php', 'canonicalPath' => 'pricing.php',
'services' => website_fetch_services(), 'services' => website_fetch_services(),
] ]
); );

View file

@ -11,9 +11,8 @@ website_render(
[ [
'activePage' => 'servers', 'activePage' => 'servers',
'pageTitle' => 'Game Servers - Gameservers.World', 'pageTitle' => 'Game Servers - Gameservers.World',
'metaDescription' => 'Browse supported game server packages, locations, and ordering options for Gameservers.World.', 'metaDescription' => 'Browse supported game servers, live pricing where available, and developer-backed hosting options with mod, automation, and custom integration help.',
'canonicalPath' => 'serverlist.php', 'canonicalPath' => 'serverlist.php',
'services' => $services, 'services' => $services,
] ]
); );

View file

@ -9,8 +9,7 @@ website_render(
[ [
'activePage' => 'support', 'activePage' => 'support',
'pageTitle' => 'Support - Gameservers.World', 'pageTitle' => 'Support - Gameservers.World',
'metaDescription' => 'Support, Discord, documentation, and control panel access for Gameservers.World customers.', 'metaDescription' => 'Get help with hosting, mods, Workshop, automation, integrations, and custom server development for Gameservers.World projects.',
'canonicalPath' => 'support.php', 'canonicalPath' => 'support.php',
] ]
); );

View file

@ -1,242 +0,0 @@
# Billing Invoice/Order Flow - Fix Summary
## Problem Statement
The billing system had several critical issues:
1. **JSON Error**: "Failed to execute 'json' on 'Response': Unexpected end of JSON input" when returning from PayPal payment
2. **Cart not clearing**: Items remained in cart after payment (invoices stayed as status='due')
3. **No order creation**: Orders were not being created after successful payment
4. **Missing renewal flow**: Renewal invoices (linked to existing orders) were not handled
5. **Free button errors**: The free/claim button was also experiencing errors
## Invoice-First Flow (Intended Design)
The system uses an invoice-first architecture:
1. **Add to Cart**: Creates INVOICE with status='due', order_id=0 (no order yet)
2. **View Cart**: Shows all invoices WHERE status='due'
3. **Payment**:
- For NEW orders (order_id=0): Mark invoice paid + CREATE new order
- For RENEWALS (order_id>0): Mark invoice paid + EXTEND existing order's end_date
4. **Provisioning**: Separate step that provisions servers for paid orders
## Root Causes Identified
### 1. Missing Function
- `process_payment_record()` was called but never defined
- Referenced in webhook.php, cart.php (free button), but didn't exist
- This prevented any payment processing from completing
### 2. JSON Response Corruption
- `capture_order.php` had PHP errors/warnings during DB operations
- These were being output to the response, corrupting the JSON
- JavaScript couldn't parse the malformed JSON → "Unexpected end of JSON input"
### 3. Incomplete Payment Processing
- `capture_order.php` was supposed to:
- Mark invoices as paid (status: 'due' → 'paid')
- Create new orders OR extend existing orders
- Link invoices to orders
- But the logic was incomplete and had issues
### 4. Session Compatibility
- capture_order.php used `$_SESSION['user_id']`
- cart.php used `$_SESSION['website_user_id']`
- This mismatch meant user couldn't be identified for payment processing
### 5. Hardcoded Table Names
- capture_order.php used hardcoded "ogp_billing_invoices" and "ogp_billing_orders"
- Should use `$table_prefix . "billing_invoices"` for flexibility
- Could cause failures if table prefix is different
## Solutions Implemented
### 1. Created payment_processor.php Helper
**File**: `modules/billing/includes/payment_processor.php`
**Function**: `process_payment_record($record)`
- Accepts payment record from webhook or direct capture
- Finds invoices to process by custom_id (invoice_id) or invoice reference
- For each invoice:
- Marks invoice as paid (status='due' → 'paid')
- If NEW order (order_id=0): Creates new order with calculated end_date
- If RENEWAL (order_id>0): Extends existing order's end_date by invoice duration
- Links invoice to order
- Returns true/false and logs all operations
- No HTML output (safe to require from webhook/API endpoints)
### 2. Fixed capture_order.php
**File**: `modules/billing/api/capture_order.php`
**Changes**:
- **Disabled error display**: `ini_set('display_errors', '0')` to prevent JSON corruption
- **Session compatibility**: Checks both `website_user_id` and `user_id`
- **Proper JSON errors**: Returns structured JSON on DB connection failure
- **Table prefix usage**: Uses `$table_prefix` instead of hardcoded names
- **Complete invoice processing**:
- Marks all due invoices as paid
- Handles both NEW orders and RENEWALS
- Proper end_date calculation (months from qty + invoice_duration)
- Links invoices to orders
### 3. Fixed payment_success.php
**File**: `modules/billing/payment_success.php`
**Changes**:
- Requires `payment_processor.php` helper
- Displays payment confirmation page
- Shows user's recent orders
- No longer contains duplicate/incomplete function definitions
### 4. Fixed webhook.php
**File**: `modules/billing/webhook.php`
**Changes**:
- Uses `payment_processor.php` instead of requiring full payment_success.php
- Prevents HTML output that would interfere with webhook response
- Processes payment record after verification
### 5. Fixed cart.php Free Button
**File**: `modules/billing/cart.php`
**Changes**:
- Uses `payment_processor.php` for consistent processing
- Free button now properly:
- Marks invoice as paid
- Creates order record
- Calculates end_date
- Processes payment record through shared function
## Payment Flow (After Fixes)
### PayPal Payment Flow
```
1. User clicks "Pay with PayPal" in cart.php
2. JavaScript calls api/create_order.php
→ Creates PayPal order with custom_id = invoice_id
3. User approves payment on PayPal
4. JavaScript calls api/capture_order.php
→ PayPal captures payment
→ capture_order.php:
a) Marks invoices as paid (status='due' → 'paid')
b) For NEW: Creates order in billing_orders
c) For RENEW: Extends existing order's end_date
d) Links invoice to order (sets invoice.order_id)
→ Returns JSON: { status: "COMPLETED", ... }
5. JavaScript redirects to payment_success.php
→ Shows confirmation page
→ Displays order details
6. PayPal sends webhook to webhook.php (parallel)
→ Verifies signature
→ Calls process_payment_record()
→ Same processing as step 4 (idempotent)
7. Cart is empty (invoices now have status='paid', not shown)
```
### Free/Claim Flow
```
1. User clicks "Claim (Free)" button in cart.php
2. Cart.php POST handler:
→ Marks invoice as paid
→ Creates order record with calculated end_date
→ Links invoice to order
→ Creates simulated webhook file
→ Calls process_payment_record() for consistency
3. Redirects to return.php
→ Shows payment confirmation
4. Cart is empty (invoice marked paid)
```
### Renewal Flow
```
1. User has existing order (order_id > 0)
2. System creates renewal invoice:
→ status = 'due'
→ order_id = <existing_order_id>
→ qty = renewal months
3. Invoice appears in cart
4. User pays (PayPal or Free)
5. process_payment_record():
→ Detects order_id > 0 (renewal)
→ Fetches current end_date from existing order
→ Calculates new end_date:
- If current end_date > now: extend from current end_date
- Otherwise: extend from now
→ Updates order with new end_date
→ Marks invoice as paid
6. Order subscription extended by renewal period
```
## Testing Checklist
Before deployment, verify:
- [ ] Config setup: Copy `config.inc.php.orig` to `config.inc.php` and configure
- [ ] Database: Ensure `ogp_billing_invoices` and `ogp_billing_orders` tables exist
- [ ] Test NEW order flow:
- [ ] Add item to cart (creates invoice with status='due')
- [ ] View cart (item appears)
- [ ] Click "Claim (Free)" for $0 item (creates order, clears cart)
- [ ] Verify order created in billing_orders
- [ ] Verify invoice marked paid, linked to order
- [ ] Test PayPal flow:
- [ ] Add paid item to cart
- [ ] Click PayPal button
- [ ] Complete payment on PayPal sandbox
- [ ] Verify returns to payment_success.php without errors
- [ ] Verify order created
- [ ] Verify invoice marked paid
- [ ] Verify cart is empty
- [ ] Test RENEWAL flow:
- [ ] Create renewal invoice for existing order
- [ ] Pay renewal invoice
- [ ] Verify order end_date extended correctly
- [ ] Verify invoice marked paid
## Security Considerations
All code changes maintain or improve security:
1. **SQL Injection Protection**: Uses prepared statements where possible
2. **Input Validation**: Validates all user inputs (invoice_id, user_id, etc.)
3. **Session Security**: Maintains separate website/panel sessions
4. **Webhook Verification**: PayPal signature verification still in place
5. **Error Logging**: Errors logged, not displayed to users (prevents information leakage)
6. **Database Credentials**: Configuration file outside web root (best practice)
## Files Changed
1. `modules/billing/includes/payment_processor.php` - NEW
2. `modules/billing/api/capture_order.php` - MODIFIED
3. `modules/billing/payment_success.php` - MODIFIED
4. `modules/billing/webhook.php` - MODIFIED
5. `modules/billing/cart.php` - MODIFIED
## Known Limitations
1. **Config file required**: System requires `includes/config.inc.php` to be created from .orig template
2. **Multi-item cart matching**: If cart has multiple items, all are processed together (could improve to match specific invoice_id)
3. **No transaction rollback**: If order creation fails, invoice may still be marked paid (could improve with DB transactions)
## Future Enhancements
1. Add database transactions for atomic invoice→order operations
2. Improve invoice matching in process_payment_record (more specific matching)
3. Add unit tests for payment processing logic
4. Add admin UI for viewing/managing invoice-order relationships
5. Add email notifications for payment confirmations

View file

@ -1,110 +0,0 @@
# Column Rename: finish_date → end_date
## Overview
Renamed the `finish_date` column to `end_date` across the entire billing module for better semantic clarity. The column represents when a server's subscription ends/expires, so "end_date" is more descriptive.
## Files Modified
### Database Schema
1. **module.php** - Line 77
- Updated schema definition: `finish_date` DATETIME NULL → `end_date` DATETIME NULL
2. **migration_to_invoices.sql**
- Line 26: Updated AFTER clause in ADD COLUMN statement
- Lines 49-60: Updated column conversion logic from VARCHAR to DATETIME
- All references to the column name updated
### PHP Application Code
3. **cron-shop.php** (19 occurrences)
- Lines 78-80: Updated query conditions checking end_date IS NOT NULL
- Lines 97, 121, 124: Updated email notification date formatting
- Lines 142, 150-151: Updated suspension query conditions
- Lines 218, 226-227: Updated deletion query conditions
- Lines 283, 288: Updated legacy code comments and queries
- Lines 301, 304: Updated developer notes
- Lines 336, 341: Updated suspension logic
- Line 395: Updated final cleanup query
4. **cart.php** (14 occurrences)
- Lines 89-106: Updated variable names from $finish_date to $end_date
- Line 111: Updated column existence check
- Lines 117, 119, 121, 127: Updated SQL UPDATE statements
- Line 148-149: Updated audit logging
5. **my_account.php** (4 occurrences)
- Line 128: Updated SELECT query field
- Line 328: Updated display formatting (3 references in same line)
6. **my_servers.php** (2 occurrences)
- Line 43: Updated SQL comment
- Line 44: Updated column alias
7. **admin_invoices.php** (1 occurrence)
- Line 99: Updated display column
8. **add_to_cart.php** (10 occurrences)
- Lines 134-151: Updated variable names, column checks, INSERT queries, logging
9. **create_servers.php** (12 occurrences)
- Line 244: Updated condition check
- Lines 295-296: Updated comments
- Lines 301-330: Updated variable names in date calculation logic
- Line 342: Updated SET clause in UPDATE query (2 references)
10. **payment_success.php** (11 occurrences)
- Lines 35-102: Updated all references in payment processing logic
- Variable renamed: $finish_date_val → $end_date_val
- Updated column existence checks and SQL generation
### Documentation
11. **INVOICE_SYSTEM.md** (6 occurrences)
- Line 27: Updated field description
- Line 67: Updated workflow documentation
- Line 74: Updated renewal process
- Line 84: Updated expiration logic
- Line 113: Updated payment completion notes
- Line 124: Updated My Account display notes
12. **MIGRATION_SUMMARY.md** (4 occurrences)
- Line 11: Updated changelog entry
- Line 18: Updated bug fix description
- Lines 30, 36: Updated cron process descriptions
- Line 87: Updated SQL schema example
- Line 141: Updated verification notes
## Database Impact
### For Fresh Installations
- New installations will create the `ogp_billing_orders` table with `end_date` DATETIME NULL
### For Existing Installations
- Run the updated `migration_to_invoices.sql` script
- The script will handle the column rename automatically using dynamic SQL:
```sql
-- Checks if column exists as 'finish_date' and renames to 'end_date'
-- Then converts data type from VARCHAR to DATETIME
```
## Testing Checklist
- [x] Module schema updated (module.php)
- [x] Migration script updated (migration_to_invoices.sql)
- [x] All PHP files using the column updated
- [x] All SQL queries updated
- [x] All variable names updated
- [x] All comments and documentation updated
- [x] Verified no remaining `finish_date` references (except log files)
## Backwards Compatibility
⚠️ **BREAKING CHANGE**: This rename requires running the migration script on existing databases.
**Migration Path:**
1. Backup database
2. Run updated `migration_to_invoices.sql`
3. The script will automatically rename `finish_date` to `end_date`
4. Verify column exists: `SHOW COLUMNS FROM ogp_billing_orders LIKE 'end_date';`
## Notes
- Log files may still contain old references to `finish_date` - this is expected and harmless
- The semantic meaning of the column is unchanged (server expiration date)
- All date calculations remain identical
- No functional changes, only naming improvement for clarity

View file

@ -1,364 +0,0 @@
# Coupon System Documentation
## Overview
The billing module now includes a comprehensive coupon system that allows administrators to create discount codes that customers can apply to their orders. The system supports:
- **Percentage-based discounts** (e.g., 10%, 25%, 50% off)
- **One-time or permanent discounts** (one-time applies to first invoice only, permanent applies to all renewals)
- **Game-specific filtering** (apply coupons to all games or specific games only)
- **Usage limits** (optional maximum number of uses per coupon)
- **Expiration dates** (optional expiry date for time-limited promotions)
- **Automatic usage tracking** (system tracks how many times each coupon has been used)
## Database Schema
### Table: `ogp_billing_coupons`
The main coupon table stores all coupon definitions:
```sql
CREATE TABLE `ogp_billing_coupons` (
`coupon_id` INT(11) NOT NULL AUTO_INCREMENT,
`code` VARCHAR(50) NOT NULL UNIQUE,
`name` VARCHAR(255) NOT NULL DEFAULT '',
`description` TEXT,
`discount_percent` DECIMAL(5,2) NOT NULL DEFAULT 0.00,
`usage_type` ENUM('one_time', 'permanent') NOT NULL DEFAULT 'one_time',
`game_filter_type` ENUM('all_games', 'specific_games') NOT NULL DEFAULT 'all_games',
`game_filter_list` TEXT COMMENT 'JSON array of game keys',
`max_uses` INT(11) DEFAULT NULL COMMENT 'NULL for unlimited',
`current_uses` INT(11) NOT NULL DEFAULT 0,
`expires` DATETIME DEFAULT NULL,
`created_date` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`created_by` INT(11) DEFAULT NULL,
`is_active` TINYINT(1) NOT NULL DEFAULT 1,
PRIMARY KEY (`coupon_id`),
UNIQUE KEY `idx_code` (`code`)
);
```
### Updated Tables
#### `ogp_billing_invoices`
Added columns:
- `coupon_id` INT(11) - Links to the coupon used
- `discount_amount` DECIMAL(10,2) - Actual discount amount applied
#### `ogp_billing_orders`
Added columns:
- `coupon_id` INT(11) - Links to the coupon used (for permanent discounts)
- `discount_amount` DECIMAL(10,2) - Discount amount for renewals
## Installation
1. **Run the SQL migration:**
```bash
mysql -u [username] -p [database_name] < modules/billing/create_coupons_table.sql
```
2. **Verify installation:**
- Check that the `ogp_billing_coupons` table exists
- Verify that `coupon_id` and `discount_amount` columns were added to both `ogp_billing_invoices` and `ogp_billing_orders`
## Admin Interface
### Accessing Coupon Management
1. Log in as an administrator
2. Navigate to `/modules/billing/admin.php`
3. Click on "Manage Coupons" button
4. Or go directly to `/modules/billing/admin_coupons.php`
### Creating a New Coupon
1. On the Manage Coupons page, scroll to "Add New Coupon" section
2. Fill in the required fields:
- **Coupon Code**: Unique alphanumeric code (e.g., "SUMMER2025", "WELCOME10")
- **Display Name**: User-friendly name shown in admin interface
- **Description**: Internal notes about the coupon
- **Discount Percentage**: Number between 0-100 (e.g., 25 for 25% off)
- **Usage Type**:
- **One Time**: Discount applies only to the first invoice
- **Permanent**: Discount applies to initial order AND all future renewals
- **Apply To**:
- **All Games**: Works for any game server
- **Specific Games**: Works only for selected games
- **Maximum Uses**: Optional limit on total uses (blank = unlimited)
- **Expiration Date**: Optional expiry date (blank = never expires)
3. Click "Add Coupon" to save
### Example Coupons
#### Welcome Discount (One-Time, All Games)
```
Code: WELCOME10
Name: Welcome 10% Off
Discount: 10%
Usage Type: One Time
Apply To: All Games
Max Uses: (unlimited)
Expires: (none)
```
#### Arma Series Promotion (Permanent, Specific Games)
```
Code: ARMA25
Name: Arma Series 25% Off
Discount: 25%
Usage Type: Permanent
Apply To: Specific Games
- arma2_win32
- arma2oa_win32
- arma3_linux32
- arma3_linux64
- arma3_win64
- arma-reforger_linux64
- arma-reforger_win64
Max Uses: 100
Expires: 2025-12-31
```
### Editing Coupons
1. On the Manage Coupons page, find the coupon in the list
2. Click the "Edit" button
3. Modify any fields (except code uniqueness is enforced)
4. Click "Save Changes"
### Deactivating Coupons
1. Click "Edit" on the coupon
2. Uncheck the "Active" checkbox
3. Click "Save Changes"
Note: Deactivating prevents new uses but doesn't affect existing orders.
### Deleting Coupons
1. Find the coupon in the list
2. Click "Delete" button
3. Confirm the deletion
Warning: This permanently removes the coupon. Orders that used it will retain the discount but lose the coupon reference.
## Customer Usage
### Applying a Coupon
1. Customer adds items to cart at `/modules/billing/cart.php`
2. In the coupon section, enter coupon code in the input field
3. Click "Apply Coupon"
4. If valid, a success message appears showing:
- Coupon code
- Discount percentage
- Whether it's one-time or permanent
5. Cart totals update automatically with discounted prices
6. Proceed to checkout with PayPal as normal
### Coupon Validation
The system validates:
- ✅ Code exists and is active
- ✅ Coupon hasn't expired
- ✅ Usage limit hasn't been reached
- ✅ Game matches filter (if game-specific)
Error messages shown if:
- ❌ Code is invalid or expired
- ❌ Usage limit reached
- ❌ Coupon doesn't apply to games in cart
### Removing a Coupon
1. On cart page, click "Remove" button next to active coupon
2. Cart prices revert to original amounts
## Coupon Behavior
### One-Time Coupons
- Applied to the initial invoice only
- When order is renewed, renewal invoice uses original price
- Coupon is cleared from session after first payment
- Example: "WELCOME10" gives 10% off first month only
### Permanent Coupons
- Applied to initial invoice AND stored in order record
- When order is renewed, the discount is automatically applied to renewal invoices
- Coupon stays associated with the order forever
- Example: "VIP50" gives 50% off forever for that specific server
### Game Filtering
#### All Games
- Coupon applies to any game server in the cart
- All cart items receive the discount
#### Specific Games
- Coupon checks each cart item's `home_name` field
- Only matching games receive the discount
- Uses partial string matching (e.g., "arma3" matches "arma3_linux64")
- Non-matching games show original price
Example:
```
Cart contains:
1. Arma 3 Server → ARMA25 coupon applies (25% off)
2. Minecraft Server → ARMA25 doesn't apply (full price)
3. Arma Reforger → ARMA25 applies (25% off)
Total discount = 25% off Arma servers only
```
## Technical Implementation
### Session Storage
Coupons are stored in `$_SESSION['applied_coupon']` when applied:
```php
$_SESSION['applied_coupon'] = [
'coupon_id' => 1,
'code' => 'ARMA25',
'discount_percent' => 25.00,
'usage_type' => 'permanent',
'game_filter_type' => 'specific_games',
'game_filter_list' => '["arma3_linux64","arma2_win32"]',
// ... other fields
];
```
### Cart Calculation
In `cart.php`, the `couponAppliesTo()` function checks if a coupon applies to a specific game:
```php
function couponAppliesTo($coupon, $game_name) {
if (!$coupon || $coupon['game_filter_type'] === 'all_games') {
return true;
}
if ($coupon['game_filter_type'] === 'specific_games') {
$allowed_games = json_decode($coupon['game_filter_list'], true);
foreach ($allowed_games as $allowed_game) {
if (stripos($game_name, $allowed_game) !== false) {
return true;
}
}
}
return false;
}
```
Discount calculation:
```php
$rowtotal = $row['amount'] * $row['qty'] * $row['max_players'];
if ($applied_coupon && couponAppliesTo($applied_coupon, $row['home_name'])) {
$discountPercent = floatval($applied_coupon['discount_percent']);
$itemDiscount = ($rowtotal * $discountPercent) / 100;
$rowtotal = $rowtotal - $itemDiscount;
}
```
### Payment Processing
In `api/capture_order.php`, when PayPal payment completes:
1. Coupon info is retrieved from session
2. Invoices are updated with `coupon_id`
3. Coupon usage count is incremented
4. For one-time coupons, cleared from session
5. For permanent coupons, stored in order record
```php
// Update invoice with coupon
UPDATE ogp_billing_invoices
SET status='paid', coupon_id=?, discount_amount=?
WHERE user_id=? AND status='due'
// Increment usage count
UPDATE ogp_billing_coupons
SET current_uses = current_uses + 1
WHERE coupon_id = ?
// For permanent coupons, store in order
INSERT INTO ogp_billing_orders (
..., coupon_id, discount_amount
) VALUES (
..., ?, ?
)
```
## Display
### Cart Page
- Shows applied coupon with code and percentage
- Displays success/error messages
- Updates prices in real-time
### My Servers Page
- Shows original price (strikethrough)
- Shows discounted price (bold)
- Shows coupon code and percentage (green text)
### Admin Invoices Page
- Same display as My Servers
- Visible to administrators for all orders
## Troubleshooting
### Coupon not applying
- Check if code is typed correctly (case-sensitive)
- Verify coupon is active in admin panel
- Check expiration date hasn't passed
- Verify usage limit hasn't been reached
- For game-specific coupons, ensure game matches filter
### Discount not showing after payment
- Check `discount_amount` column exists in both tables
- Verify coupon_id was saved to invoice/order
- Clear browser cache and refresh page
### Permanent coupon not applying to renewals
- Verify `usage_type` is set to "permanent"
- Check order record has `coupon_id` populated
- Ensure renewal invoice creation copies coupon from order
## Security Considerations
1. **Code uniqueness**: System enforces unique coupon codes
2. **Usage tracking**: Prevents abuse by tracking total uses
3. **Expiration**: Automatic validation prevents expired coupon use
4. **Admin-only creation**: Only admins can create/edit coupons
5. **SQL injection protection**: All inputs are sanitized with `mysqli_real_escape_string()`
6. **CSRF protection**: Admin forms include CSRF tokens
## Future Enhancements
Potential features for future development:
- Minimum purchase amount requirements
- First-time customer restrictions
- User-specific coupons (assign to individual users)
- Combination rules (allow/prevent stacking)
- Auto-generated unique codes for campaigns
- Email notification when coupon is used
- Analytics dashboard for coupon performance
- Referral system integration
## Support
For issues or questions:
1. Check the troubleshooting section above
2. Review error logs in `/modules/billing/logs/`
3. Verify database schema matches documentation
4. Contact system administrator
---
**Last Updated**: 2025-10-29
**Version**: 1.0
**Module**: Billing/Coupons

View file

@ -1,248 +0,0 @@
# Billing Module Fixes - Complete Report
**Date**: November 10, 2025
**Branch**: copilot/fix-billing-module-errors
**Status**: ✅ COMPLETE
## Issues Resolved
### 1. Critical Syntax Error in cart.php ✅
**Problem**:
- cart.php had a missing closing brace on line 98 (coupon validation logic)
- This caused a complete failure of the cart page
- PHP parser error: "Unclosed '{' on line 98"
- Even debug mode (cart.php?debug_cart=1) failed
**Root Cause**:
- The `else` block starting at line 107 (handling database connection for coupon validation) was not properly closed
- The if statement on line 113 (`if ($coupon_result && mysqli_num_rows($coupon_result) === 1)`) was inside the else block
- Missing closing brace after the coupon validation logic completed
**Fix Applied**:
- Added missing closing brace at line 181
- Properly closes the else block from line 107
- Brace structure now balances correctly (22 opening, 22 closing)
**Verification**:
```bash
$ php -l cart.php
No syntax errors detected in cart.php
```
```bash
$ cat data/debug_cart.log
[2025-11-10 03:16:07] SHUTDOWN: no error
```
---
### 2. VS Code "Undefined Variable" Warnings ✅
**Problem**:
- VS Code showed warnings: "$table_prefix is unassigned"
- Similar warnings for $db_host, $db_user, $db_pass, $db_name
- These warnings appeared even though config.inc.php was properly included
- Affected developer experience and code review
**Root Cause**:
- IDEs like VS Code don't trace through dynamic `require_once` includes
- Variables defined in config.inc.php were not visible to static analysis
- This is a limitation of IDE static analysis, not an actual code error
**Fix Applied**:
- Added PHPDoc `@var` annotations after config.inc.php includes
- Annotations help IDEs understand variable scope
- Pattern used:
```php
// Variables from config.inc.php (helps IDEs understand scope)
/** @var string $db_host Database host */
/** @var string $db_user Database user */
/** @var string $db_pass Database password */
/** @var string $db_name Database name */
/** @var string $table_prefix Table prefix for database tables */
```
**Files Updated** (16 total):
**Main Website Files**:
1. cart.php
2. add_to_cart.php
3. admin_coupons.php
4. my_servers.php
5. my_account.php
6. renew_server.php
7. forgot_password.php
8. reset_password.php
9. login.php
10. register.php
11. serverlist.php
12. payment_success.php
13. order.php
**Include Files**:
14. includes/admin_auth.php
15. includes/payment_processor.php
16. includes/menu.php
**Coverage**: 16 out of 25 files using $table_prefix now have PHPDoc annotations (64%)
---
### 3. Housekeeping ✅
**Added to .gitignore**:
- `modules/billing/data/*.log` - Prevents debug logs from being committed
---
## Validation Results
### Syntax Validation
- ✅ All 36 PHP files in modules/billing/ pass syntax check
- ✅ No parse errors detected
- ✅ All brace pairs balanced correctly
### Functional Testing
- ✅ cart.php loads without errors
- ✅ Debug mode (cart.php?debug_cart=1) works correctly
- ✅ Debug log shows "no error" status
- ✅ Shutdown function executes properly
### Code Quality
- ✅ PHPDoc annotations added for IDE support
- ✅ All key user-facing files updated
- ✅ No changes to business logic
- ✅ Minimal, surgical changes only
---
## Files Modified
### Commit 1: Fix cart.php syntax error and add PHPDoc hints
- modules/billing/cart.php (syntax fix + PHPDoc)
- modules/billing/add_to_cart.php (PHPDoc)
- modules/billing/admin_coupons.php (PHPDoc)
- modules/billing/my_servers.php (PHPDoc)
- modules/billing/my_account.php (PHPDoc)
- modules/billing/renew_server.php (PHPDoc)
- modules/billing/forgot_password.php (PHPDoc)
- modules/billing/reset_password.php (PHPDoc)
### Commit 2: Add PHPDoc hints to additional files
- modules/billing/login.php (PHPDoc)
- modules/billing/register.php (PHPDoc)
- modules/billing/serverlist.php (PHPDoc)
- modules/billing/payment_success.php (PHPDoc)
- modules/billing/order.php (PHPDoc)
- modules/billing/includes/admin_auth.php (PHPDoc)
- modules/billing/includes/payment_processor.php (PHPDoc)
- modules/billing/includes/menu.php (PHPDoc)
### Commit 3: Add billing data logs to gitignore
- .gitignore (added modules/billing/data/*.log)
**Total Files Changed**: 17 files
**Total Lines Changed**: ~120 lines (mostly documentation)
**Breaking Changes**: None
**Business Logic Changes**: None
---
## Testing Recommendations
To fully test the cart functionality in a live environment:
1. **Configure Database Connection**:
- Edit `modules/billing/includes/config.inc.php`
- Set correct database credentials
- Ensure $table_prefix matches your panel installation
2. **Test Basic Cart Access**:
```
http://yoursite.com/modules/billing/cart.php
```
- Should redirect to login if not authenticated
- Should show cart after login
3. **Test Debug Mode**:
```
http://yoursite.com/modules/billing/cart.php?debug_cart=1
```
- Should display detailed error messages
- Check data/debug_cart.log for shutdown messages
4. **Test Coupon Functionality**:
- Add items to cart
- Apply a test coupon code
- Verify discount calculation
- Verify coupon validation (expiry, usage limits, game filters)
5. **Test PayPal Integration**:
- Complete checkout flow
- Verify PayPal buttons render
- Test payment capture
---
## Notes for Developers
### About $table_prefix Variable
- Defined in `modules/billing/includes/config.inc.php`
- Default value: `"gsp_"`
- Used for database table prefixes
- Must match the panel installation's table prefix
### About PHPDoc Annotations
- These are ONLY for IDE support
- Do NOT change runtime behavior
- Safe to add to all files that include config.inc.php
- Pattern is consistent across all files
### Standalone Architecture
The billing module is designed to be standalone and relocatable:
- Uses ONLY standard PHP libraries (mysqli, json, curl, session)
- Does NOT include panel files (like includes/functions.php)
- Connects directly to MySQL using mysqli_connect()
- Can be deployed on same machine as panel OR external web host
- Sessions are separate: "opengamepanel_web" namespace
---
## Additional Notes
### Files That Could Benefit from PHPDoc (Not Critical)
These files use $table_prefix but don't have PHPDoc annotations yet:
- admin_invoices.php (4 uses)
- adminserverlist.php (8 uses)
- cart_old.php (4 uses)
- check_table.php (4 uses)
- create_servers.php (4 uses) - NOTE: This is a panel module, uses OGP_DB_PREFIX
- cron-shop.php (30 uses) - NOTE: This is a panel cron job
- server_status.php (4 uses)
- test_db_connection.php (9 uses)
These can be updated in a future enhancement if needed.
### create_servers.php Note
This file is actually a PANEL module (not a standalone billing website file):
- Uses panel's $db object
- Includes panel files (includes/lib_remote.php)
- Uses OGP_DB_PREFIX placeholder in some queries
- Inconsistently uses {$table_prefix} in a few places
- Should eventually be updated to use OGP_DB_PREFIX consistently
---
## Conclusion
✅ **All issues resolved successfully**
The billing module is now functional with:
1. cart.php working correctly (syntax error fixed)
2. VS Code warnings suppressed (PHPDoc added)
3. Debug logging configured properly
4. All files validated for syntax correctness
The changes are minimal, surgical, and follow the repository guidelines for standalone billing module architecture.

View file

@ -1,137 +0,0 @@
# Game Documentation TODO System - Quick Reference
## System Overview
All game documentation folders now have a "complete" status field. Incomplete documentation displays with "TODO: " prefix on the docs.php page for easy visual identification.
## Current Status (December 19, 2024)
### ✅ Complete Documentation (1 game)
- **Minecraft Server** - Full comprehensive documentation with all sections
### ❌ Incomplete Documentation (146 games)
All other games display with "TODO: " prefix and need comprehensive research
## Priority Order for Completion
### PHASE 2: ARMA Family + DayZ (NEXT - HIGH PRIORITY)
1. **Arma 3** - Modern ARMA platform, highly popular
2. **Arma 2: Operation Arrowhead** - Required for DayZ Mod
3. **Arma 2** - Base game (if separate from OA)
4. **Arma 2: Combined Operations** - ARMA2 + OA combo for DayZ Mod
5. **DayZ Standalone** - Standalone survival game
6. **DayZ Mod** (if exists) - Original mod version
**Research Sources for ARMA/DayZ:**
- Bohemia Interactive Wiki (https://community.bistudio.com/wiki)
- LGSM scripts (LinuxGSM game configs)
- r/arma, r/dayzservers Reddit communities
- BI Forums (https://forums.bohemia.net/)
- DayZ Forums (https://forums.dayz.com/)
- Steam Community Guides (highly-rated)
### PHASE 3: Popular Multiplayer Games
**Batch 1 (Counter-Strike Family):**
- Counter-Strike 1.6
- Counter-Strike: Source
- Counter-Strike 2
- Counter-Strike: Global Offensive
**Batch 2 (Survival/Building Games):**
- Rust
- Terraria
- Valheim
- Garry's Mod
- ARK: Survival Evolved
- 7 Days to Die
**Batch 3 (Co-op Shooters):**
- Left 4 Dead
- Left 4 Dead 2
- Killing Floor
- Killing Floor 2
- Team Fortress 2
**Batch 4 (Tactical Shooters):**
- Insurgency
- Insurgency: Sandstorm
- Squad
### PHASE 4: Remaining Games (50+ games)
All other game folders in alphabetical order
## Documentation Template Requirements
Each game must include (following Minecraft template):
### Required Sections:
1. **Navigation Box** - Quick links to all sections with emoji icons
2. **Quick Info** - Game overview and key details in styled box
3. **Comprehensive Ports Table:**
- Port number
- Protocol (TCP/UDP)
- Purpose/Description
- Required or Optional status
4. **Firewall Configuration Examples:**
- UFW (Ubuntu/Debian)
- FirewallD (CentOS/RHEL)
- Windows Firewall
- iptables (generic Linux)
5. **Startup Parameters Section:**
- Command syntax
- Parameter explanations
- Common configurations
- Examples with descriptions
6. **Troubleshooting Section:**
- Server won't start
- Connection issues
- Performance problems
- Mod/plugin conflicts (if applicable)
- Common error messages with solutions
7. **Performance Optimization**
8. **Security Best Practices**
9. **Additional Resources** - Links to official docs, wikis, community guides
10. **Important Notes** - Warning box with critical information
### Research Requirements:
- Search official game wikis
- Check LGSM scripts for accurate port/parameter info
- Review Steam Community guides (highly-rated)
- Check Reddit communities (r/gameservers, game-specific subs)
- Look for GitHub repos with server configs
- Include user-contributed solutions from forums
- Cite all sources used
## How to Mark Documentation Complete
When a game's documentation is finished:
1. **Edit metadata.json** in the game folder:
```json
{
"name": "Game Name",
"description": "Description",
"category": "game",
"order": 10,
"complete": true
}
```
2. **Change** `"complete": false` to `"complete": true`
3. **Verify** on docs.php - game name should no longer show "TODO: " prefix
## Estimated Time Per Game
- **Research:** 15-30 minutes (official docs, wikis, LGSM, Reddit, Steam)
- **Writing:** 20-30 minutes (following template structure)
- **Testing/Review:** 5-10 minutes
- **Total:** 40-70 minutes per game for comprehensive documentation
## Files Modified in TODO System Implementation
- `modules/billing/docs.php` - Added TODO prefix logic
- `modules/billing/docs/*/metadata.json` - Added complete field to 146 files
- `update_metadata_complete.ps1` - Batch update script
- `RECENT_FIXES_SUMMARY.md` - Updated with TODO system details
- `GAME_DOCS_TODO_REFERENCE.md` - This reference file
## Next Immediate Action
Begin Phase 2: Research and complete ARMA family + DayZ documentation (6 games total)

View file

@ -1,190 +0,0 @@
# Invoice-First Billing Flow
## Overview
The billing system now follows an **invoice-first** workflow where invoices are created BEFORE orders. Orders are only created after successful payment.
## Workflow
### 1. Add to Cart (order.php → add_to_cart.php)
**What happens:**
- User clicks "Add to Cart" button on order page
- System creates a **billing_invoices** record with:
- `status` = 'due'
- `order_id` = 0 (no order exists yet)
- All server details (service_id, home_name, ip, max_players, passwords, etc.)
- Customer details (name, email from ogp_users)
- Pricing (amount, qty, invoice_duration)
- `due_date` = now + 3 days
**Database changes:**
- INSERT into `ogp_billing_invoices`
- NO changes to `ogp_billing_orders` (order doesn't exist yet)
### 2. Cart Display (cart.php)
**What shows:**
- Query: `SELECT * FROM ogp_billing_invoices WHERE status = 'due' AND user_id = ?`
- Displays all **unpaid invoices** (status='due')
- Shows invoice_id, home_name, ip, max_players, amount, qty
- Free items show "Claim (Free)" button
- Paid items show PayPal button
**Actions available:**
- Delete invoice (removes from cart, no order cleanup needed)
- Pay invoice (via PayPal or Free button)
### 3. Payment (PayPal or Free)
#### 3a. Free/Claim Flow (cart.php POST handler)
**When:** User clicks "Claim (Free)" or admin clicks "Create (Free)"
**What happens:**
1. Mark invoice as paid:
- UPDATE `ogp_billing_invoices` SET status='paid', paid_date=NOW()
2. Create order record:
- Calculate end_date (qty * invoice_duration)
- INSERT into `ogp_billing_orders` with status='paid'
- Get new order_id from INSERT
3. Link invoice to order:
- UPDATE `ogp_billing_invoices` SET order_id=? WHERE invoice_id=?
**Database changes:**
- UPDATE `ogp_billing_invoices`: status='due' → 'paid', paid_date=NOW(), order_id=(new)
- INSERT `ogp_billing_orders`: New record with status='paid', end_date calculated
#### 3b. PayPal Flow (api/capture_order.php)
**When:** User pays via PayPal
**What should happen:**
1. PayPal sends capture webhook
2. System marks invoice as paid (same as Free flow)
3. System creates order record (same as Free flow)
4. System links invoice to order (same as Free flow)
**Database changes:** (Same as Free flow above)
### 4. Server Provisioning (create_servers.php)
**What happens:**
- Cron job or manual trigger finds orders with status='paid'
- Creates actual game server (home_id)
- Updates order: status='paid' → 'installed', home_id=(assigned)
**Database changes:**
- UPDATE `ogp_billing_orders`: status='paid' → 'installed', home_id=(assigned)
## Status Values
### Invoice Status
- **'due'** - Unpaid invoice (shows in cart)
- **'paid'** - Paid invoice (payment confirmed)
- **'cancelled'** - Deleted/cancelled invoice
### Order Status
- **'paid'** - Payment confirmed, awaiting provisioning
- **'installed'** - Server provisioned and running
- **'suspended'** - Server stopped for non-payment
- **'expired'** - Service ended
## Database Schema
### ogp_billing_invoices (INVOICE-FIRST)
```sql
invoice_id INT AUTO_INCREMENT PRIMARY KEY
order_id INT DEFAULT 0 -- Links to order AFTER payment (0 = not yet paid)
user_id INT NOT NULL
service_id INT NOT NULL -- Server package being purchased
home_name VARCHAR(255) -- Server name
ip INT -- IP assignment
max_players INT -- Player count
remote_control_password VARCHAR(255) -- Server RCON password
ftp_password VARCHAR(255) -- FTP password
customer_name VARCHAR(255) -- Billing name
customer_email VARCHAR(255) -- Billing email
amount FLOAT(15,2) -- Total price
currency VARCHAR(3) DEFAULT 'USD'
status VARCHAR(16) DEFAULT 'due' -- 'due', 'paid', 'cancelled'
invoice_date DATETIME DEFAULT NOW()
due_date DATETIME -- Payment deadline
paid_date DATETIME -- When paid
payment_txid VARCHAR(255) -- PayPal transaction ID
payment_method VARCHAR(50) -- 'paypal', 'free', etc.
description VARCHAR(500) -- Invoice description
invoice_duration VARCHAR(16) DEFAULT 'month' -- 'month', 'year', 'day'
qty INT DEFAULT 1 -- Quantity/duration multiplier
```
### ogp_billing_orders (ORDER-AFTER-PAYMENT)
```sql
order_id INT AUTO_INCREMENT PRIMARY KEY
user_id INT NOT NULL
service_id INT NOT NULL
home_name VARCHAR(255)
home_id VARCHAR(255) -- Panel game server ID (after provisioning)
ip INT
max_players INT
qty INT
invoice_duration VARCHAR(16)
price FLOAT(15,2)
remote_control_password VARCHAR(255)
ftp_password VARCHAR(255)
status VARCHAR(16) DEFAULT 'paid' -- 'paid', 'installed', 'suspended', 'expired'
order_date DATETIME DEFAULT NOW()
end_date DATETIME -- Subscription expiration
payment_txid VARCHAR(255)
paid_ts DATETIME
```
## Key Differences from Old Flow
### OLD (Order-First)
1. Add to cart → Create ORDER (status='in-cart')
2. View cart → Show orders WHERE status='in-cart'
3. Pay → UPDATE order status='in-cart' → 'paid'
4. Provision → UPDATE order status='paid' → 'installed'
### NEW (Invoice-First)
1. Add to cart → Create INVOICE (status='due', order_id=0)
2. View cart → Show invoices WHERE status='due'
3. Pay → Mark invoice paid + CREATE ORDER (status='paid') + Link invoice to order
4. Provision → UPDATE order status='paid' → 'installed'
## Benefits
1. **Clean Separation:** Invoices = payment requests, Orders = actual services
2. **Better Audit Trail:** Invoice IDs never change, order IDs created only after payment
3. **Renewal Support:** Can create multiple invoices for same order (renewals)
4. **Cart Simplicity:** Cart only shows unpaid invoices (single source of truth)
5. **Payment History:** All payments have invoice records, even free ones
## Migration Notes
**Existing orders with status='in-cart' need to be migrated:**
```sql
-- Convert existing cart items to invoices
INSERT INTO ogp_billing_invoices (
order_id, user_id, service_id, home_name, ip, max_players,
remote_control_password, ftp_password, customer_name, customer_email,
amount, status, invoice_duration, qty, description
)
SELECT
0, -- No order exists yet
o.user_id,
o.service_id,
o.home_name,
o.ip,
o.max_players,
o.remote_control_password,
o.ftp_password,
CONCAT(u.users_fname, ' ', u.users_lname),
u.users_email,
o.price,
'due', -- Convert 'in-cart' to 'due'
o.invoice_duration,
o.qty,
CONCAT('Migrated cart item: ', o.home_name)
FROM ogp_billing_orders o
LEFT JOIN ogp_users u ON o.user_id = u.user_id
WHERE o.status = 'in-cart';
-- Delete old cart items (now converted to invoices)
DELETE FROM ogp_billing_orders WHERE status = 'in-cart';
```

View file

@ -1,133 +0,0 @@
# Billing System - Invoice-Based Architecture
## Overview
The billing system now uses a **dual-table architecture** separating orders (ongoing services) from invoices (payment records).
## Database Tables
### 1. `ogp_billing_services`
**Purpose:** Available game server packages/products
**Key Fields:**
- `service_id` - Unique identifier
- `service_name` - Display name
- `remote_server_id` - Target server(s)
- `price_monthly`, `price_year` - Pricing tiers
- `enabled` - Availability flag
### 2. `ogp_billing_orders` (formerly just cart items)
**Purpose:** Active game server instances (ongoing services)
**Key Fields:**
- `order_id` - Unique identifier
- `user_id` - Owner
- `service_id` - Product reference
- `home_id` - Panel game home ID (after provisioning)
- `home_name` - Server name
- `status` - Current state (see Status Flow below)
- `order_date` - When created
- `end_date` - Expiration date
- `payment_txid` - Last payment transaction
- `paid_ts` - Last payment timestamp
**Status Values:**
- `in-cart` - User added to cart, not yet paid
- `paid` - Payment received, awaiting provisioning
- `installed` - ✅ Server provisioned and running
- `suspended` - Server stopped due to non-payment
- `expired` - Service ended
- `renew` - Renewal pending in cart
### 3. `ogp_billing_invoices` (NEW)
**Purpose:** Payment records (one invoice per payment)
**Key Fields:**
- `invoice_id` - Unique identifier
- `order_id` - Links to the server order
- `user_id` - Customer
- `customer_name` - Full name
- `customer_email` - Email address
- `amount` - Total due
- `currency` - USD, EUR, etc.
- `status` - `unpaid` or `paid`
- `invoice_date` - When created
- `due_date` - Payment deadline
- `paid_date` - When paid
- `payment_txid` - PayPal/Stripe transaction ID
- `payment_method` - PayPal, Stripe, etc.
- `description` - Invoice line items
- `invoice_duration` - Billing period (month/year)
- `qty` - Quantity/duration multiplier
## Workflow
### Initial Purchase
1. User selects game server package → Creates row in `billing_orders` (status: `in-cart`)
2. System creates `billing_invoices` entry (status: `unpaid`, linked to order_id)
3. Cart page shows unpaid invoices
4. User pays → Invoice status becomes `paid`, order status becomes `paid`
5. Provisioning happens → Order status becomes `installed`
6. Server is active until `end_date`
### Renewal Process
1. User clicks "Renew" on active server (My Account page)
2. System creates NEW invoice in `billing_invoices` (status: `unpaid`, same order_id)
3. Cart shows the unpaid renewal invoice
4. User pays → Invoice status becomes `paid`
5. Order `end_date` is extended by the renewal period
### Cron Automation (`cron-shop.php`)
The cron job checks invoice status to manage servers:
**7 days before expiration:**
- Check if order has unpaid invoice for upcoming period
- If NO unpaid invoice exists → Create one (status: `unpaid`)
- Email customer about upcoming renewal
**On expiration (end_date reached):**
- Check if order has unpaid invoice
- If YES → Suspend server (stop, disable FTP, unassign from user)
- Order status → `suspended`
**7 days after suspension:**
- If still unpaid → Delete server permanently
- Order status → `expired`
## Key Advantages
1. **Clear Payment History:** Each invoice represents one payment
2. **Audit Trail:** Can track when/how much each renewal cost
3. **Flexible Pricing:** Can adjust price per renewal (discounts, promotions)
4. **Multi-Payment Support:** One order can have many invoices
5. **Accurate Status:** Order status reflects server state, invoice status reflects payment
6. **No Race Conditions:** Webhook updates invoice, provisioning updates order
## Cart Logic
**Cart page displays:**
- All invoices with `status = 'unpaid'` for the current user
- Groups by order_id to show which server each invoice is for
- Total amount = SUM of all unpaid invoice amounts
**After payment:**
- Invoice `status``paid`
- Invoice `paid_date` → NOW()
- Invoice `payment_txid` → transaction ID from PayPal/Stripe
- Order `status``paid` (if new order) or `end_date` extended (if renewal)
## My Account Logic
**Show Invoices Section:**
- Group invoices by status (unpaid, paid, overdue)
- Display invoice_date, amount, status
- Link to view invoice details
**Show Current Servers Section:**
- Display orders with `status = 'installed'`
- Show end_date (expiration)
- "Renew" button creates new invoice
## Migration Notes
- Run `migration_to_invoices.sql` on existing installations
- Creates `billing_invoices` table
- Adds missing columns to `billing_orders`
- Migrates existing paid orders to have invoices
- Removes obsolete `billing_carts` table

View file

@ -1,223 +0,0 @@
# PayPal Payment Flow Logging Enhancement - Summary
## Problem Addressed
Users were experiencing intermittent errors when clicking "Pay from PayPal" button:
- **JSON parsing errors**
- **HTTP ERROR 500**
- **"Currently unable to handle this request"** errors
These errors would "flip-flop" between different types, making diagnosis difficult without proper logging.
## Solution Implemented
Added comprehensive logging throughout the entire PayPal payment flow to capture:
- All request/response data
- Error details with full context
- Unique request IDs for tracking
- Database operations and results
- Client-side JavaScript errors
## What Changed
### Modified Files
1. **`api/create_order.php`** - Enhanced with comprehensive logging
- Logs every step of order creation
- Captures request data, OAuth process, PayPal API calls
- Returns request IDs in error messages for tracking
- Logs to: `logs/paypal_create_order.log`
2. **`api/capture_order.php`** - Enhanced existing logging
- Logs payment capture process
- Tracks database operations (invoice updates, order creation)
- Captures all error conditions
- Logs to: `logs/paypal_capture.log`
3. **`cart.php`** - Improved client-side error handling
- Better error messages with reference IDs
- Enhanced console logging for debugging
- Sends errors to server for centralized logging
- Better user feedback during payment process
4. **`api/log_error.php`** - NEW: Client error logging endpoint
- Captures JavaScript errors from browser
- Logs to: `logs/client_errors.log`
### New Files
1. **`PAYPAL_DEBUGGING_GUIDE.md`** - Comprehensive debugging guide
- How to read logs
- Common issues and solutions
- Request flow documentation
- Monitoring commands
2. **`QUICK_DEBUG_REFERENCE.md`** - Quick reference card
- Common commands
- Error patterns
- Quick fixes
- Troubleshooting checklist
## How to Use
### When an error occurs:
1. **User will see an error message with a reference ID**, for example:
```
Failed to create order: API error 500 (Ref: req_abc123)
```
2. **Search the logs for that reference ID**:
```bash
cd /home/runner/work/GSP/GSP/modules/billing/logs
grep "req_abc123" paypal_create_order.log
```
3. **Review the full request flow** to identify where it failed
4. **Refer to the debugging guide** for common solutions
### Monitor logs in real-time:
```bash
cd /home/runner/work/GSP/GSP/modules/billing/logs
tail -f paypal_*.log
```
### Check for errors:
```bash
cd /home/runner/work/GSP/GSP/modules/billing/logs
grep -i error paypal_create_order.log
grep -i failed paypal_capture.log
```
## Log Files
All logs are written to: `/modules/billing/logs/`
| Log File | Purpose | When Created |
|----------|---------|--------------|
| `paypal_create_order.log` | Order creation requests | When user clicks "Pay with PayPal" |
| `paypal_capture.log` | Payment capture process | After PayPal approval, during payment capture |
| `client_errors.log` | JavaScript/browser errors | When browser encounters errors |
## Request Tracking
Each request has a unique ID:
- **Create order**: `req_XXXXXXXXXXXXX`
- **Capture order**: `cap_XXXXXXXXXXXXX`
These IDs:
- Appear in error messages shown to users
- Are logged in every log entry for that request
- Can be used to track a request through the entire flow
## Log Entry Format
```
[TIMESTAMP] [REQUEST_ID] LOG_LABEL
key => value
key => value
--------------------------------------------------------------------------------
```
Example:
```
[2025-10-29 21:30:00] [req_abc123] OAUTH_SUCCESS
token_length => 1024
--------------------------------------------------------------------------------
```
## What Gets Logged
### Create Order Flow (`api/create_order.php`):
- ✓ Incoming request data (amount, currency, items)
- ✓ JSON parsing status
- ✓ OAuth token acquisition
- ✓ PayPal order creation request/response
- ✓ All error conditions with full details
### Capture Order Flow (`api/capture_order.php`):
- ✓ Payment capture request
- ✓ OAuth process
- ✓ Database connection status
- ✓ Invoice update queries and results
- ✓ Order creation/renewal operations
- ✓ All error conditions with full details
### Client-Side (`cart.php``log_error.php`):
- ✓ JavaScript errors
- ✓ PayPal SDK errors
- ✓ Network failures
- ✓ JSON parsing errors
## Benefits
1. **Full Visibility**: Every step of payment flow is now logged
2. **Easy Troubleshooting**: Request IDs link user reports to log entries
3. **Root Cause Analysis**: Can identify exactly where and why failures occur
4. **Pattern Detection**: Can identify if errors are consistent or intermittent
5. **Better User Experience**: Users get reference IDs to report issues
## Next Steps
1. **Monitor the logs** after deploying this change
2. **Analyze error patterns** to identify the root cause
3. **Review common errors** in the debugging guide
4. **Fix underlying issues** once identified
## Documentation
- **Full Guide**: `PAYPAL_DEBUGGING_GUIDE.md`
- **Quick Reference**: `QUICK_DEBUG_REFERENCE.md`
- **This Summary**: `LOGGING_CHANGES_SUMMARY.md`
## Testing
The logging system has been tested and verified to work correctly. All components:
- ✓ Write to correct log files
- ✓ Include proper timestamps and request IDs
- ✓ Format data correctly
- ✓ Handle errors gracefully
## Maintenance
### Log Rotation
Logs will grow over time. Consider setting up log rotation:
```bash
# Manual rotation
cd /home/runner/work/GSP/GSP/modules/billing/logs
gzip paypal_create_order.log
mv paypal_create_order.log.gz paypal_create_order.$(date +%Y%m%d).log.gz
touch paypal_create_order.log
```
Or use `logrotate` (see `PAYPAL_DEBUGGING_GUIDE.md` for details).
### Monitoring
Set up automated monitoring to alert on:
- High error rates
- Specific error patterns (OAuth failures, DB connection issues)
- Unusual request volumes
## Support
If you encounter issues or need help interpreting logs:
1. Check `PAYPAL_DEBUGGING_GUIDE.md` for common issues
2. Review `QUICK_DEBUG_REFERENCE.md` for quick fixes
3. Provide log excerpts (with request IDs) when asking for help
## Changes Made By
- Enhanced logging system - Added 2025-10-29
- Documentation created - 2025-10-29
- Testing completed - 2025-10-29
---
**The intermittent JSON/HTTP 500 errors should now be fully traceable and debuggable with this comprehensive logging system.**

View file

@ -1,201 +0,0 @@
# Billing System Migration Summary
## Files Modified
### 1. `module.php` - Database Schema
**Changes:**
- Removed all legacy `ALTER TABLE` migration queries (db_version reset to 1)
- Updated to single clean install with current schema
- Added `ogp_billing_invoices` table definition
- Added missing columns to `billing_orders`: `order_date`, `payment_txid`, `paid_ts`
- Changed `end_date` from VARCHAR to DATETIME
- Removed obsolete columns: `cart_id`, `extended`
- Removed `billing_carts` table (replaced by invoices)
- Added proper indexes for performance
### 2. `cron-shop.php` - Server Lifecycle Automation
**Fixed Logic Errors:**
- OLD BUG: Was deleting servers with `status='paid'` or `status='installed'` if end_date was close
- NEW: Only processes servers based on **invoice payment status**, not just order status
- Now uses `billing_invoices` table to determine if payment is due
**New 3-Step Process:**
1. **Create Renewal Invoices** (7 days before expiration)
- Find `installed` servers expiring soon
- Check if unpaid invoice exists
- If not, create renewal invoice
- Send email reminder
2. **Suspend Servers** (on expiration with unpaid invoice)
- Find `installed` servers past end_date
- Check if they have unpaid invoices
- Stop server, disable FTP, unassign from user
- Status → `suspended`
3. **Delete Servers** (7 days after suspension)
- Find `suspended` servers 7+ days past end_date
- Still have unpaid invoices
- Permanently delete files and database
- Status → `deleted`
## New Files Created
### 1. `migration_to_invoices.sql`
**Purpose:** Upgrade existing installations
**What it does:**
- Adds new columns to `billing_orders`
- Creates `billing_invoices` table
- Migrates existing paid orders to have invoice records
- Removes obsolete `billing_carts` table
- Adds performance indexes
### 2. `INVOICE_SYSTEM.md`
**Purpose:** Documentation
**Contents:**
- Table schemas explained
- Workflow diagrams
- Status field definitions
- Cron automation logic
- Migration instructions
## SQL for Fresh Install
The `module.php` now contains clean CREATE TABLE statements for:
### ogp_billing_services
```sql
CREATE TABLE `ogp_billing_services` (
service_id INT AUTO_INCREMENT PRIMARY KEY,
service_name VARCHAR(255),
remote_server_id VARCHAR(255),
price_monthly FLOAT(15,4),
enabled INT DEFAULT 1,
... [other fields]
);
```
### ogp_billing_orders
```sql
CREATE TABLE `ogp_billing_orders` (
order_id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT NOT NULL,
service_id INT NOT NULL,
home_name VARCHAR(255),
home_id VARCHAR(255),
status VARCHAR(16) DEFAULT 'in-cart',
order_date DATETIME DEFAULT CURRENT_TIMESTAMP,
end_date DATETIME NULL,
payment_txid VARCHAR(255) NULL,
paid_ts DATETIME NULL,
... [other fields]
KEY (user_id),
KEY (status),
KEY (home_id)
);
```
### ogp_billing_invoices (NEW)
```sql
CREATE TABLE `ogp_billing_invoices` (
invoice_id INT AUTO_INCREMENT PRIMARY KEY,
order_id INT NOT NULL,
user_id INT NOT NULL,
customer_name VARCHAR(255),
customer_email VARCHAR(255),
amount FLOAT(15,2),
currency VARCHAR(3) DEFAULT 'USD',
status VARCHAR(16) DEFAULT 'unpaid',
invoice_date DATETIME DEFAULT CURRENT_TIMESTAMP,
due_date DATETIME NULL,
paid_date DATETIME NULL,
payment_txid VARCHAR(255),
payment_method VARCHAR(50),
description VARCHAR(500),
invoice_duration VARCHAR(16),
qty INT DEFAULT 1,
KEY (order_id),
KEY (user_id),
KEY (status),
KEY (due_date)
);
```
## Migration Steps for Existing Installations
1. **Backup Database**
```bash
mysqldump -u root -p ogp_panel > backup_before_invoice_migration.sql
```
2. **Run Migration Script**
```bash
mysql -u root -p ogp_panel < modules/billing/migration_to_invoices.sql
```
3. **Verify Tables**
```sql
SHOW TABLES LIKE 'ogp_billing%';
-- Should show: billing_services, billing_orders, billing_invoices
DESCRIBE ogp_billing_orders;
-- Should have: order_date, payment_txid, paid_ts, end_date (DATETIME)
DESCRIBE ogp_billing_invoices;
-- Should exist with all invoice fields
```
4. **Test Cron Job**
```bash
cd /path/to/ogp/web
php modules/billing/cron-shop.php
```
5. **Check Logs**
```sql
SELECT * FROM ogp_logger WHERE type LIKE '%BILLING-CRON%' ORDER BY date DESC LIMIT 20;
```
## Key Improvements
1. **Accurate Server Management**
- Servers only suspended if they have **unpaid invoices**
- Active paid servers are never touched
- Clear separation between order state and payment state
2. **Audit Trail**
- Every payment creates an invoice record
- Can track payment history per server
- Know exactly when/why server was suspended
3. **Flexible Pricing**
- Each renewal can have different price
- Support for discounts and promotions
- Currency per invoice (multi-currency support ready)
4. **Better Customer Experience**
- Clear invoice emails with due dates
- 7-day warning before expiration
- 7-day grace period before deletion
## Status Field Values Reference
### billing_orders.status
- `in-cart` - Initial state, unpaid
- `paid` - Payment received, awaiting provisioning
- `installed` - Server active and running ✅
- `suspended` - Stopped due to non-payment
- `deleted` - Permanently removed
- `expired` - Service ended
- `renew` - Renewal in cart (legacy, now uses invoices)
### billing_invoices.status
- `unpaid` - Invoice created, awaiting payment
- `paid` - Invoice paid successfully
## Next Steps for Implementation
1. Update cart.php to show invoices instead of orders
2. Update my_account.php "Renew" button to create invoices
3. Update payment success flow to mark invoices paid
4. Add invoice viewing page
5. Test full workflow: order → pay → renew → pay renewal

View file

@ -1,300 +0,0 @@
# GSP Billing Module - Panel Integration Complete
## Overview
The GSP billing module has been successfully integrated with the panel-side provisioning system. The standalone website handles public orders and payments, while the panel manages server provisioning.
## Changes Made
### 1. Navigation Configuration (`navigation.xml`)
**File:** `modules/billing/navigation.xml`
Created XML configuration to expose billing pages in the panel:
- `provision_servers``create_servers.php` (admin,user)
- `my_orders``my_orders_panel.php` (admin,user)
- `admin_orders``admin_orders.php` (admin only)
**Access URLs:**
- `home.php?m=billing&p=provision_servers` - Provision paid servers
- `home.php?m=billing&p=my_orders` - View user's orders
- `home.php?m=billing&p=admin_orders` - Admin order management
### 2. User Order Management (`my_orders_panel.php`)
**File:** `modules/billing/my_orders_panel.php`
User-facing page displaying paid but unprovisioned orders:
- Shows order details (service name, players, price, duration)
- "Provision Server" button for individual orders
- "Provision All My Servers" button for bulk provisioning
- Admin view includes username column
- Filters to show only `status='paid'` orders
### 3. Server Provisioning Updates (`create_servers.php`)
**File:** `modules/billing/create_servers.php`
Enhanced provisioning script to handle multiple workflows:
**NEW: provision_all Support**
```php
if (isset($_POST['provision_all'])) {
// Query all paid orders for user
// Process each in foreach loop
}
```
**NEW: provision_single Support**
```php
if (isset($_POST['provision_single']) && $_POST['order_id']) {
// Query specific order_id
// Process single order
}
```
**Improvements:**
- Added provisioning counters (`$provisioned_count`, `$failed_count`)
- Success message shows count of provisioned servers
- Auto-redirect to game monitor after 3 seconds
- Better error handling for missing order_id
- Clear feedback messages for all scenarios
### 4. Admin Order Management (`admin_orders.php`)
**File:** `modules/billing/admin_orders.php`
Comprehensive admin interface for managing all orders:
**Features:**
- View all orders across all users
- Filter by status (in-cart, paid, installed, invoiced, suspended, deleted)
- Search by order ID, username, email, server name
- Bulk actions:
- Provision multiple servers at once
- Activate (set to paid)
- Suspend orders
- Delete orders
- Quick links to provision or view active servers
- Order statistics summary (count and total value by status)
**Display Columns:**
- Order ID, Username, Email
- Server Name, Game Service, Players
- Price, Duration, Status
- Order Date, End Date, Home ID
- Action buttons
## Multi-Server Cart Support
The system already supports multiple servers in a single cart:
**How it works:**
1. Customer adds multiple services to cart on standalone website
2. Payment processed, all items marked `status='paid'`
3. User logs into panel → navigates to "My Orders"
4. Clicks "Provision All My Servers" button
5. `create_servers.php` queries all `WHERE status='paid' AND user_id=X`
6. `foreach ($orders as $order)` loop processes each:
- Creates game_home
- Assigns IP:Port
- Installs files via Steam/rsync/manual
- Calculates end_date based on duration
- Updates `status='installed'`, saves `home_id`, sets `end_date`
- Sends email and Discord notifications
7. All servers appear in Game Monitor as active
**Database Flow:**
```
billing_orders table:
status='in-cart' → (payment) → status='paid' → (provision) → status='installed'
(renewal invoice) → status='invoiced'
(non-payment) → status='suspended'
```
## Testing Workflow
### User Perspective:
1. Order servers on standalone website at `example.com/modules/billing/`
2. Complete payment (PayPal, Stripe, etc.)
3. Orders marked `status='paid'` in database
4. Log into panel at `panel.example.com/`
5. Navigate to `home.php?m=billing&p=my_orders`
6. Click "Provision Server" for individual order OR "Provision All" for bulk
7. Wait for provisioning (creates server, installs files)
8. Redirected to Game Monitor showing active servers
### Admin Perspective:
1. Log into panel with admin account
2. Navigate to `home.php?m=billing&p=admin_orders`
3. View all orders across all users
4. Filter by status or search for specific orders
5. Select multiple orders with checkboxes
6. Choose bulk action (provision, suspend, activate, delete)
7. Click individual "Provision" buttons for specific orders
8. Monitor order statistics at bottom of page
## Order Status Lifecycle
```
in-cart → User shopping, not paid yet
paid → Payment received, awaiting provisioning
installed → Server created and active
invoiced → Renewal invoice generated
suspended → Server suspended (non-payment, violation)
deleted → Order soft-deleted
```
## Database Schema Reference
### billing_orders Table (Key Fields)
- `order_id` - Primary key
- `user_id` - Links to ogp_users.user_id
- `service_id` - Links to billing_services.service_id
- `home_id` - Links to game_homes.home_id (after provisioning)
- `status` - Current order status (in-cart, paid, installed, etc.)
- `home_name` - Display name for server
- `max_players` - Player slot limit
- `price` - Order amount paid
- `qty` - Duration quantity (e.g., 3 for "3 months")
- `invoice_duration` - Duration unit (day, month, year)
- `order_date` - When order was created
- `end_date` - When service expires (calculated after provisioning)
- `extended` - Boolean flag for renewals vs new orders
- `ip` - Contains remote_server_id (target node)
### billing_services Table
- `service_id` - Primary key
- `service_name` - Display name (e.g., "Minecraft 25 Players")
- `home_cfg_id` - Links to game configs
- `mod_cfg_id` - Specific mod/version
- `install_method` - steam, rsync, manual
- `manual_url` - Direct download URL for manual installs
## Key Files Overview
```
modules/billing/
├── navigation.xml [NEW] - Panel page routing
├── my_orders_panel.php [NEW] - User order list
├── admin_orders.php [NEW] - Admin order management
├── create_servers.php [UPDATED] - Server provisioning
├── module.php [EXISTING] - Module metadata & schema
├── index.php [STANDALONE SITE] - Public storefront
├── cart.php [STANDALONE SITE] - Shopping cart
├── order.php [STANDALONE SITE] - Order checkout
├── payment_success.php [STANDALONE SITE] - Payment return
└── ... [STANDALONE SITE] - Other public pages
```
## Access Control
**User (admin,user):**
- Can provision their own paid orders
- View only their own orders
- Cannot manage other users' orders
**Admin (admin):**
- Full access to all pages
- Can provision any user's orders
- View and manage all orders across all users
- Bulk actions on multiple orders
- Access to order statistics
## Next Steps
1. **Test provisioning workflow:**
- Create test order with `status='paid'` in database
- Log in as that user
- Navigate to My Orders page
- Click "Provision Server" and verify server creation
2. **Test multi-server scenario:**
- Create multiple orders for same user with `status='paid'`
- Use "Provision All" button
- Verify all servers created and statuses updated
3. **Admin testing:**
- Log in as admin
- Access admin_orders page
- Test filters and search
- Test bulk actions
- Verify order statistics display
4. **Optional: Add menu items**
Edit `modules/billing/module.php` to add navigation menu:
```php
$module_menus = array(
array('subpage' => 'my_orders', 'name'=>'My Orders', 'group'=>'user'),
array('subpage' => 'admin_orders', 'name'=>'Manage Orders', 'group'=>'admin')
);
```
## Troubleshooting
**Issue: "No paid orders found"**
- Check database: `SELECT * FROM billing_orders WHERE status='paid'`
- Verify user_id matches logged-in user
- Ensure order_id is correct if using provision_servers directly
**Issue: Provisioning fails**
- Check create_servers.php for errors
- Verify remote_server_id (stored in ip field) is valid
- Ensure install_method is configured correctly (steam, rsync, manual)
- Check manual_url is accessible if using manual install
**Issue: Page not accessible**
- Verify navigation.xml is in `modules/billing/` directory
- Check XML syntax is valid
- Ensure file permissions allow reading
- Verify includes/navig.php is loading the module correctly
**Issue: "Access Denied"**
- Check user session: `$_SESSION['users_group']` must match page access
- admin_orders requires `$_SESSION['users_group'] = 'admin'`
- Regular pages need 'admin' or 'user' group
## Architecture Notes
**Separation of Concerns:**
- Standalone website: Public ordering, payment processing, cart management
- Panel: Server provisioning, lifecycle management, admin controls
- Database: Shared MySQL tables for order/service data
**Module Loading Pattern:**
1. User requests `home.php?m=billing&p=my_orders`
2. `includes/navig.php` validates module exists
3. Loads `modules/billing/navigation.xml`
4. Finds page with `key="my_orders"`
5. Checks user access against `access="admin,user"`
6. Includes `modules/billing/my_orders_panel.php`
7. Calls `exec_ogp_module()` function
8. Renders output in panel layout
**Multi-Server Processing:**
The `foreach ($orders as $order)` loop in create_servers.php handles multiple servers naturally:
- Query returns all paid orders for user
- Loop processes each order sequentially
- Each iteration creates one game_home
- Each iteration updates one order to 'installed'
- No special cart logic needed - works automatically
## Success Criteria Checklist
✅ navigation.xml created with 3 page definitions
✅ my_orders_panel.php displays user's paid orders
✅ Provision buttons link to create_servers.php with order_id
✅ create_servers.php handles provision_all and provision_single
✅ Multi-server support via foreach loop (already existed)
✅ admin_orders.php provides comprehensive order management
✅ Bulk actions for admin (provision, suspend, activate, delete)
✅ Status updates: paid → installed with end_date calculation
✅ home_id saved back to billing_orders after provisioning
✅ Success messages and auto-redirect after provisioning
✅ Access control enforced via navigation.xml attributes
## Conclusion
The GSP billing module is now fully integrated with the panel provisioning system. Users can order servers on the standalone website, then log into the panel to provision them. Admins have comprehensive tools to manage all orders. The multi-server cart functionality works automatically via the existing foreach loop.
**Panel URLs:**
- User Orders: `home.php?m=billing&p=my_orders`
- Admin Orders: `home.php?m=billing&p=admin_orders`
- Provision: `home.php?m=billing&p=provision_servers&order_id=X`

View file

@ -1,282 +0,0 @@
# Payment System Implementation Summary
**Date:** November 5, 2025
**Status:** ✅ COMPLETED - Ready for Testing
## What Was Done
### 1. **Updated Copilot Instructions**
- Added explicit standalone/relocatable requirements for `modules/billing/`
- Emphasized: NEVER include panel files, use only standard PHP mysqli
- Documented that billing module can be deployed on separate web host
- All URLs must be root-relative (no `/modules/billing/` in runtime paths)
### 2. **Documented Status Values**
**Invoice Status** (`ogp_billing_invoices.status`):
- `due` - Unpaid invoice, awaiting payment
- `paid` - Invoice paid, order created
- `pending` - Legacy status (some admin pages use this)
- `renew` - Renewal invoice
**Order Status** (`ogp_billing_orders.status`):
- `paid` - Payment received, awaiting server provisioning (panel auto-creates and marks `active`)
- `active` - Server provisioned and running
- `suspended` - Payment overdue, server stopped (grace period)
- `deleted` - Server permanently removed
- `renew` - Active but needs renewal payment
### 3. **Rebuilt Cart System**
**File:** `modules/billing/cart.php`
**Features:**
- Displays all unpaid invoices (`status='due'`) for logged-in user
- Shows: Game type, server name, duration, quantity, price
- Professional table layout with totals
- PayPal JS SDK integration (client-side payment)
- Calls `/api/capture_order.php` backend after PayPal approval
- Handles empty cart gracefully
- Uses only standard mysqli (standalone compatible)
**Payment Flow:**
1. User clicks PayPal button
2. PayPal JS SDK creates order and processes payment
3. On approval, calls our `/api/capture_order.php` with order_id
4. Backend marks invoices paid, creates orders
5. Redirects to `/payment_success.php`
### 4. **Rewrote Payment Capture Backend**
**File:** `modules/billing/api/capture_order.php` (old version backed up as `.backup`)
**Features:**
- Simplified from 461 lines to ~250 lines
- Clean output buffering (prevents JSON corruption)
- Comprehensive logging to `logs/payment_capture.log`
- Verifies PayPal order capture
- Marks all `due` invoices as `paid`
- Creates `billing_orders` records with `status='paid'`
- Stores full PayPal response JSON in `paypal_data` column
- Returns minimal JSON response (no truncation issues)
**Security:**
- No output before JSON response
- Validates session user_id
- Logs all steps for debugging/audit trail
- Stores PayPal transaction ID for refunds
### 5. **Enhanced Success Page**
**File:** `modules/billing/payment_success.php`
**Features:**
- Professional confirmation page with success icon
- Shows recent orders with details
- Explains next steps (panel auto-provisioning)
- Links to account management and order pages
- Uses only standard mysqli (standalone compatible)
## Database Schema
### Required Tables (Already Exist)
- ✅ `ogp_billing_invoices` - Stores invoices (due/paid)
- ✅ `ogp_billing_orders` - Stores orders (paid/active/suspended/deleted)
- ✅ `ogp_billing_services` - Game server packages/pricing
- ✅ `ogp_billing_coupons` - Discount coupons
### New Column Required
**Run this SQL:**
```sql
ALTER TABLE `ogp_billing_orders`
ADD COLUMN `paypal_data` TEXT NULL AFTER `payment_txid`
COMMENT 'Full PayPal API response JSON for tracking/refunds';
```
**File:** `modules/billing/add_paypal_data_column.sql`
## Payment Flow Diagram
```
User → order.php (select server)
add_to_cart.php (create invoice with status='due')
cart.php (show unpaid invoices + PayPal button)
PayPal Checkout (user pays)
api/capture_order.php (backend processing):
- Verify PayPal payment
- Mark invoices status='paid'
- Create orders with status='paid'
- Store PayPal JSON data
payment_success.php (confirmation)
User logs into Panel
Panel auto-provisions servers (paid → active)
```
## Configuration
### PayPal Credentials
**Location:** `modules/billing/api/capture_order.php` (lines 44-45)
```php
$sandbox = true; // Set to false for live
$client_id = 'YOUR_CLIENT_ID';
$client_secret = 'YOUR_CLIENT_SECRET';
```
**Also update in:** `modules/billing/cart.php` (line 47)
### Database Connection
**Location:** `modules/billing/includes/config.inc.php`
```php
$db_host = "your_host";
$db_user = "your_user";
$db_pass = "your_password";
$db_name = "panel";
$table_prefix = "ogp_";
```
## Testing Checklist
### Pre-Test Setup
- [ ] Run SQL: `add_paypal_data_column.sql`
- [ ] Verify PayPal sandbox credentials are set
- [ ] Confirm database connection works
- [ ] Ensure user is logged in (session has `website_user_id`)
### Test Flow
1. **Order Creation**
- [ ] Go to `/order.php`
- [ ] Select a game server
- [ ] Configure settings
- [ ] Click "Add to Cart"
- [ ] Verify invoice created in `ogp_billing_invoices` with `status='due'`
2. **Cart Display**
- [ ] Go to `/cart.php`
- [ ] Verify invoice(s) displayed with correct details
- [ ] Verify total amount is correct
- [ ] Verify PayPal button appears
3. **Payment Processing**
- [ ] Click PayPal button
- [ ] Complete sandbox payment
- [ ] Check `logs/payment_capture.log` for processing details
- [ ] Verify no JSON errors in browser console
- [ ] Verify redirected to `/payment_success.php`
4. **Database Verification**
- [ ] Check `ogp_billing_invoices`: `status='paid'`, `payment_txid` set
- [ ] Check `ogp_billing_orders`: New record with `status='paid'`
- [ ] Check `paypal_data` column contains JSON
- [ ] Verify `order_id` in invoice links to order
5. **Success Page**
- [ ] Verify order(s) displayed
- [ ] Verify correct amounts shown
- [ ] Verify all links work
6. **Panel Provisioning** (Future - Not Implemented Yet)
- [ ] Log into panel
- [ ] Panel detects orders with `status='paid'`
- [ ] Panel creates game server homes
- [ ] Panel updates order `status='active'`
## What's NOT Done Yet (Todo)
### High Priority
- [ ] **Email Notifications** - Send confirmation email after payment
- [ ] **Invoice History Page** - Show user's paid invoices (`my_invoices.php`)
- [ ] **Suspended Status Support** - Verify cron job handles suspended orders correctly
### Medium Priority
- [ ] **Refund System** - Admin interface to issue PayPal refunds using stored JSON data
- [ ] **Webhook Support** - Add PayPal webhook handler for payment verification (more secure than client-side)
- [ ] **Coupon Application** - Apply discount coupons during checkout
### Low Priority
- [ ] **Multi-currency Support** - Currently USD only
- [ ] **Tax Calculation** - Add tax/VAT support
- [ ] **Payment Plans** - Recurring subscriptions via PayPal
## Files Modified
### Core Payment Files
- ✅ `modules/billing/cart.php` - Complete rewrite
- ✅ `modules/billing/api/capture_order.php` - Simplified rewrite (old backed up)
- ✅ `modules/billing/payment_success.php` - Enhanced with order display
### Configuration
- ✅ `.github/copilot-instructions.md` - Added standalone/relocatable requirements
### Database
- ✅ `modules/billing/add_paypal_data_column.sql` - New migration file
### Existing Files (Not Modified)
- `modules/billing/add_to_cart.php` - Already working correctly
- `modules/billing/order.php` - Already working correctly
- `modules/billing/includes/config.inc.php` - Config file (no changes needed)
## Troubleshooting
### Issue: JSON Parse Error
**Cause:** Output before JSON response (whitespace, errors, warnings)
**Fix:** Check `logs/payment_capture.log` for errors. Ensure `ob_start()` at top of `capture_order.php`
### Issue: No Orders Created
**Cause:** User not logged in or session lost
**Fix:** Verify session contains `website_user_id` or `user_id`
### Issue: Invoices Not Marked Paid
**Cause:** Database connection failed or SQL error
**Fix:** Check `logs/payment_capture.log` for database errors
### Issue: PayPal Button Doesn't Appear
**Cause:** Empty cart or JS error
**Fix:** Check browser console. Verify invoices exist with `status='due'`
### Issue: 500 Error on capture_order.php
**Cause:** PHP error in capture script
**Fix:** Check `logs/payment_capture.log` and PHP error logs
## Deployment Notes
### Same Host Deployment
Files already at correct location: `modules/billing/`
### External Host Deployment
1. Copy entire `modules/billing/` directory to external web host
2. Deploy at website root (not in subdirectory)
3. Update `includes/config.inc.php` with panel database credentials
4. Ensure external host can connect to panel database (firewall/network)
5. Update PayPal return URLs to external domain
## Security Considerations
✅ **Implemented:**
- Output buffering prevents JSON corruption
- SQL injection protection (mysqli_real_escape_string)
- Session validation (user_id required)
- PayPal OAuth token authentication
- Comprehensive audit logging
⚠️ **Recommended (Not Implemented):**
- CSRF token validation on payment endpoints
- Rate limiting on API endpoints
- PayPal webhook signature verification
- IP whitelisting for admin functions
## Support & Maintenance
### Log Files
- `modules/billing/logs/payment_capture.log` - Payment processing log
- `modules/billing/logs/add_to_cart.log` - Cart/invoice creation log
- `modules/billing/logs/site.log` - General site log
### Key Functions
- `capture_order.php::log_payment()` - Payment logging function
- Database schema in `create_invoices_table.sql`
### Contact
For issues or questions, refer to:
- GitHub repo: `GameServerPanel/GSP` branch `Panel-unstable`
- This summary: `modules/billing/PAYMENT_IMPLEMENTATION_SUMMARY.md`

View file

@ -1,316 +0,0 @@
# PayPal Payment Flow Debugging Guide
## Overview
This guide explains how to diagnose and troubleshoot PayPal payment errors using the comprehensive logging system that has been added to the payment flow.
## Problem Being Addressed
Users were experiencing intermittent errors when clicking "Pay from PayPal" button:
- JSON parsing errors
- HTTP ERROR 500
- "Currently unable to handle this request" errors
These errors would "flip-flop" between different error types, making it difficult to diagnose the root cause.
## Log Files Location
All logs are stored in: `/modules/billing/logs/`
### Available Log Files
1. **`paypal_create_order.log`** - Logs all PayPal order creation requests
- When: Created when user clicks "Pay with PayPal" button
- Contains: Request data, OAuth tokens, PayPal API responses
2. **`paypal_capture.log`** - Logs all payment capture attempts
- When: Created when PayPal redirects user back after approving payment
- Contains: Capture requests, database operations, order creation
3. **`client_errors.log`** - Logs JavaScript errors from browser
- When: Created when browser encounters errors during checkout
- Contains: Client-side errors, PayPal SDK issues, network failures
## How to Debug Payment Issues
### Step 1: Identify the Request
Each request has a unique ID for tracking:
- Create order requests: `req_XXXXX`
- Capture order requests: `cap_XXXXX`
Look for these IDs in error messages shown to users.
### Step 2: Check the Logs
#### For "Failed to create order" errors:
```bash
tail -100 /modules/billing/logs/paypal_create_order.log
```
Look for:
- `JSON_DECODE_ERROR` - Invalid input from cart.php
- `OAUTH_CURL_ERROR` or `OAUTH_HTTP_ERROR` - Can't connect to PayPal
- `CREATE_ORDER_HTTP_ERROR` - PayPal rejected the order
#### For "Payment capture failed" errors:
```bash
tail -100 /modules/billing/logs/paypal_capture.log
```
Look for:
- `OAUTH_*_ERROR` - Authentication issues
- `CAPTURE_HTTP_ERROR` - PayPal rejected capture
- `DB_CONNECTION_FAILED` - Database issues
- `UPDATE_INVOICES_FAILED` - Can't mark invoices as paid
- `ORDER_CREATE_FAILED` - Can't create order record
#### For client-side errors:
```bash
tail -100 /modules/billing/logs/client_errors.log
```
Look for:
- Network errors (fetch failed)
- PayPal SDK errors
- JSON parsing errors
### Step 3: Common Issues and Solutions
#### Issue: OAuth fails (OAUTH_HTTP_ERROR)
**Log entry example:**
```
[2025-10-29 21:30:00] [req_12345] OAUTH_HTTP_ERROR
http_code => 401
```
**Cause:** Invalid PayPal credentials
**Solution:** Check that `$client_id` and `$client_secret` in `api/create_order.php` and `api/capture_order.php` are correct.
---
#### Issue: JSON decode error
**Log entry example:**
```
[2025-10-29 21:30:00] [req_12345] JSON_DECODE_ERROR
error => Syntax error
```
**Cause:** Malformed JSON from cart.php or corrupted request
**Solution:**
1. Check the `RAW_INPUT` entry before the error
2. Verify cart.php is sending valid JSON
3. Check for PHP errors that might corrupt the output
---
#### Issue: PayPal returns error creating order
**Log entry example:**
```
[2025-10-29 21:30:00] [req_12345] CREATE_ORDER_HTTP_ERROR
http_code => 400
response => {"name":"INVALID_REQUEST","details":[{"issue":"..."}]}
```
**Cause:** Invalid order data sent to PayPal
**Solution:**
1. Look at `PAYPAL_ORDER_PAYLOAD` entry to see what was sent
2. Common issues:
- Invalid amount format (must be 2 decimals)
- Invalid currency code
- Malformed items array
- Invalid URLs (return_url, cancel_url must be absolute URLs)
---
#### Issue: Database connection failed
**Log entry example:**
```
[2025-10-29 21:30:00] [cap_12345] DB_CONNECTION_FAILED
error => Access denied for user
```
**Cause:** Can't connect to database
**Solution:**
1. Check database credentials in `includes/config.inc.php`
2. Verify database server is running
3. Check database permissions
---
#### Issue: Invoice update failed
**Log entry example:**
```
[2025-10-29 21:30:00] [cap_12345] UPDATE_INVOICES_FAILED
error => Table 'ogp_billing_invoices' doesn't exist
```
**Cause:** Database schema issue
**Solution:**
1. Verify table exists and has correct name
2. Check `$table_prefix` variable in config
3. Run database migrations if needed
## Log Entry Structure
Each log entry includes:
```
[TIMESTAMP] [REQUEST_ID] LOG_LABEL
key => value
key => value
--------------------------------------------------------------------------------
```
- **TIMESTAMP**: When the event occurred (Y-m-d H:i:s format)
- **REQUEST_ID**: Unique identifier for tracking the request
- **LOG_LABEL**: What happened (e.g., OAUTH_SUCCESS, CREATE_ORDER_FAILED)
- **Data**: Relevant data for the event (arrays/objects pretty-printed)
## Request Flow with Logging
### Creating an Order
1. User clicks "Pay with PayPal" in cart.php
2. JavaScript calls `api/create_order.php`
3. Logs generated:
- `REQUEST_START` - Initial request info
- `RAW_INPUT` - What was received
- `PARSED_INPUT` - Decoded data
- `OAUTH_REQUEST_START` - Starting OAuth
- `OAUTH_RESPONSE` - OAuth result
- `OAUTH_SUCCESS` or `OAUTH_*_ERROR`
- `CREATE_ORDER_REQUEST_START` - Sending to PayPal
- `CREATE_ORDER_RESPONSE` - PayPal's response
- `CREATE_ORDER_SUCCESS` or `CREATE_ORDER_*_ERROR`
### Capturing Payment
1. User approves payment on PayPal
2. PayPal redirects back to site
3. JavaScript calls `api/capture_order.php`
4. Logs generated:
- `REQUEST_START` - Initial request
- `RAW_INPUT` - Order ID received
- `PARSED_INPUT` - Decoded data
- `OAUTH_*` - Authentication steps
- `CAPTURE_REQUEST_START` - Starting capture
- `CAPTURE_RESPONSE` - PayPal's response
- `CAPTURE_SUCCESS` or `CAPTURE_*_ERROR`
- `PAYMENT_DETAILS` - Extracted transaction info
- `STARTING_DB_PROCESSING` - Beginning database work
- `DB_CONNECTED` - Database ready
- `SESSION_INFO` - User session details
- `PROCESSING_INVOICES` - Starting invoice processing
- `UPDATE_INVOICES_*` - Invoice update results
- `PROCESSING_INVOICE` - For each invoice
- `NEW_ORDER_DETECTED` or `RENEWAL_DETECTED`
- `ORDER_CREATE_*` or `ORDER_EXTENDED_*`
- `PROCESSING_COMPLETE` - Done
## Monitoring Tips
### Watch logs in real-time
```bash
# Watch create order logs
tail -f /modules/billing/logs/paypal_create_order.log
# Watch capture logs
tail -f /modules/billing/logs/paypal_capture.log
# Watch all logs
tail -f /modules/billing/logs/*.log
```
### Filter for errors only
```bash
grep -i error /modules/billing/logs/paypal_create_order.log
grep -i failed /modules/billing/logs/paypal_capture.log
```
### Find specific request by ID
```bash
grep "req_abc123" /modules/billing/logs/paypal_create_order.log
grep "cap_xyz789" /modules/billing/logs/paypal_capture.log
```
### Count successful vs failed requests
```bash
grep -c "CREATE_ORDER_SUCCESS" /modules/billing/logs/paypal_create_order.log
grep -c "CREATE_ORDER.*ERROR" /modules/billing/logs/paypal_create_order.log
```
## Log Rotation
Logs will grow over time. Consider implementing log rotation:
```bash
# Archive old logs
cd /modules/billing/logs
gzip paypal_create_order.log
mv paypal_create_order.log.gz paypal_create_order.$(date +%Y%m%d).log.gz
touch paypal_create_order.log
```
Or use logrotate:
```
/path/to/modules/billing/logs/*.log {
daily
rotate 7
compress
delaycompress
notifempty
create 0644 www-data www-data
}
```
## Error Messages to Users
When errors occur, users now see messages with request IDs:
- "Failed to create order: API error 500 (Ref: req_abc123)"
- "Payment capture failed: oauth_fail (Ref: cap_xyz789)"
Use these reference IDs to search the logs for the full details.
## Getting Help
When reporting issues, include:
1. The exact error message shown to user (including Ref ID)
2. Relevant log entries (search by Ref ID)
3. What the user was trying to do
4. Whether it's consistent or intermittent
5. Browser console output (F12 → Console tab)
## Additional Resources
- PayPal API Documentation: https://developer.paypal.com/api/rest/
- PayPal Sandbox Testing: https://developer.paypal.com/developer/accounts/
- PayPal Error Codes: https://developer.paypal.com/api/rest/reference/orders/v2/errors/
## Changelog
### 2025-10-29
- Added comprehensive logging to create_order.php
- Enhanced logging in capture_order.php
- Added client-side error logging
- Created debugging guide

View file

@ -1,149 +0,0 @@
# Phase 1 Complete: Visual TODO System Implementation
## Date: December 19, 2024
## Summary
Successfully implemented a comprehensive visual identification system for incomplete game documentation. All 146 game folders now have completion tracking, with "TODO: " prefix displayed for incomplete documentation.
## What Was Accomplished
### 1. PowerShell Automation Script Created
**File:** `update_metadata_complete.ps1`
- Scans all game documentation folders
- Adds "complete" field to metadata.json files
- Marks Minecraft as complete (true), all others as incomplete (false)
- Executed successfully: 146 files updated, 2 skipped (already had field)
### 2. Documentation Display System Enhanced
**File:** `modules/billing/docs.php`
- Added logic to read "complete" status from metadata
- Automatically prefixes "TODO: " to incomplete game names
- No visual change for complete documentation
- Maintains proper sorting and categorization
### 3. Metadata Files Updated
**Files Modified:** 146 metadata.json files
- `minecraft/metadata.json` - complete: true ✅
- All other games - complete: false (displays with TODO prefix)
### 4. Documentation Created
- `RECENT_FIXES_SUMMARY.md` - Updated with Phase 1 details
- `GAME_DOCS_TODO_REFERENCE.md` - Complete reference guide for next phases
## Visual Result
### Before:
```
Game Servers (148)
├── 7 Days to Die
├── Aliens vs Predator
├── Arma 3
├── DayZ
├── Minecraft Server
├── Rust
└── ...
```
### After:
```
Game Servers (148)
├── TODO: 7 Days to Die
├── TODO: Aliens vs Predator
├── TODO: Arma 3
├── TODO: DayZ
├── Minecraft Server (✓ complete)
├── TODO: Rust
└── ...
```
## Benefits
1. **Instant Visibility** - Users/developers immediately see which games lack comprehensive docs
2. **Progress Tracking** - As games are completed, TODO prefix disappears
3. **Quality Control** - Clear standard (Minecraft template) vs incomplete stubs
4. **Systematic Completion** - Easy to prioritize and track remaining work
## Minecraft Template Reference (Complete Documentation Standard)
The only game marked complete serves as the template for all others:
- ✅ Comprehensive ports table (ALL ports with purposes)
- ✅ Firewall configurations (4 platforms)
- ✅ Startup parameters (detailed explanations)
- ✅ Troubleshooting sections (specific common issues)
- ✅ Performance optimization
- ✅ Security best practices
- ✅ Resource links with citations
- ✅ ~550 lines of comprehensive content
## Next Phase: ARMA Family + DayZ Documentation
### Priority Games (Phase 2):
1. Arma 3
2. Arma 2: Operation Arrowhead
3. Arma 2
4. Arma 2: Combined Operations (DayZ Mod base)
5. DayZ Standalone
6. DayZ Mod
### Research Sources:
- Bohemia Interactive Wiki
- LGSM (LinuxGSM) scripts and configs
- Reddit: r/arma, r/dayzservers
- BI Forums, DayZ Forums
- Steam Community Guides (highly-rated)
- GitHub repositories with server configurations
- User comments and community solutions
### Time Estimate:
- 6 games × 60 minutes average = ~6 hours total
- Each game: 15-30 min research + 20-30 min writing + 5-10 min review
## Technical Implementation Details
### Metadata Structure:
```json
{
"name": "Game Name",
"description": "Brief description",
"category": "game",
"order": 10,
"complete": false
}
```
### Display Logic (docs.php):
```php
$isComplete = isset($metadata['complete']) ? (bool)$metadata['complete'] : false;
$displayName = $metadata['name'] ?? ucfirst($folder);
if (!$isComplete) {
$displayName = 'TODO: ' . $displayName;
}
```
### Marking Complete:
When documentation is finished, change in metadata.json:
```json
"complete": true
```
## Files Modified Summary
- ✅ `modules/billing/docs.php` - Display logic
- ✅ `modules/billing/update_metadata_complete.ps1` - Automation script
- ✅ `modules/billing/docs/*/metadata.json` - 146 files updated
- ✅ `modules/billing/RECENT_FIXES_SUMMARY.md` - Updated
- ✅ `modules/billing/GAME_DOCS_TODO_REFERENCE.md` - Created
- ✅ `modules/billing/PHASE1_COMPLETE_SUMMARY.md` - This file
## Success Metrics
- ✅ 146 games marked with completion status
- ✅ Visual TODO system working on docs.php
- ✅ 1 complete game (Minecraft) serves as template
- ✅ Clear reference documentation for next phases
- ✅ Systematic approach established for remaining 146 games
## Approval & Sign-off
Phase 1 is complete and ready for Phase 2 (ARMA family research and documentation).
---
**Prepared by:** GitHub Copilot
**Date:** December 19, 2024
**Status:** Phase 1 Complete ✅

View file

@ -1,186 +0,0 @@
# PayPal Payment Flow - Quick Debug Reference
## Quick Commands
### View recent errors:
```bash
cd /home/runner/work/GSP/GSP/modules/billing/logs
# Last 50 lines of create order log
tail -50 paypal_create_order.log
# Last 50 lines of capture log
tail -50 paypal_capture.log
# Last 50 lines of client errors
tail -50 client_errors.log
```
### Watch logs live:
```bash
# In terminal, run:
tail -f /home/runner/work/GSP/GSP/modules/billing/logs/paypal_*.log
```
### Search for specific error:
```bash
# Find all OAuth errors
grep "OAUTH.*ERROR" paypal_create_order.log paypal_capture.log
# Find database errors
grep "DB.*FAILED" paypal_capture.log
# Find a specific request by ID
grep "req_12345" paypal_create_order.log
```
## Common Error Patterns
### ❌ "JSON error" or "unable to handle this request"
**What to check:**
1. Browser console (F12 → Console tab) for JavaScript errors
2. `client_errors.log` for client-side issues
3. `paypal_create_order.log` for `JSON_DECODE_ERROR`
**Quick fix:**
- Check if cart items are valid
- Verify amount calculations are correct
- Look for PHP errors that might corrupt JSON output
---
### ❌ HTTP ERROR 500
**What to check:**
1. `paypal_create_order.log` for `CREATE_ORDER_HTTP_ERROR`
2. `paypal_capture.log` for `CAPTURE_HTTP_ERROR`
3. Look for `OAUTH.*ERROR` entries
**Quick fix:**
- Verify PayPal credentials are correct
- Check PayPal API status: https://www.paypal-status.com/
- Verify sandbox vs live mode settings match credentials
---
### ❌ Payment seems successful but no order created
**What to check:**
1. `paypal_capture.log` for `DB_CONNECTION_FAILED`
2. Look for `UPDATE_INVOICES_FAILED`
3. Check `ORDER_CREATE_FAILED`
**Quick fix:**
- Verify database connection settings
- Check if `ogp_billing_invoices` table exists
- Verify `ogp_billing_orders` table exists
- Check table permissions
---
### ❌ Intermittent failures (works sometimes, fails sometimes)
**What to check:**
1. Compare successful vs failed requests in logs
2. Look for timeout errors (`CURL.*ERROR`)
3. Check for database connection pool exhaustion
**Quick fix:**
- Check server load/resources
- Verify network connectivity to PayPal API
- Check for rate limiting
## Log File Locations
```
/home/runner/work/GSP/GSP/modules/billing/logs/
├── paypal_create_order.log # Order creation (when clicking "Pay")
├── paypal_capture.log # Payment capture (after PayPal approval)
└── client_errors.log # JavaScript/browser errors
```
## Request ID Format
- Create order: `req_XXXXXXXXXXXXX`
- Capture order: `cap_XXXXXXXXXXXXX`
When user sees an error with `(Ref: req_abc123)`, search logs for that ID.
## Important Log Labels
### Create Order Flow:
- `REQUEST_START``RAW_INPUT``PARSED_INPUT`
- `OAUTH_REQUEST_START``OAUTH_SUCCESS`
- `CREATE_ORDER_REQUEST_START``CREATE_ORDER_SUCCESS`
### Capture Order Flow:
- `REQUEST_START``PARSED_INPUT`
- `OAUTH_SUCCESS``CAPTURE_SUCCESS`
- `DB_CONNECTED``PROCESSING_INVOICES`
- `ORDER_CREATED_SUCCESS` or `ORDER_EXTENDED_SUCCESS`
### Error Labels:
- `*_ERROR` - Something went wrong
- `*_FAILED` - Operation failed
- `INVALID_*` - Invalid input/data
## Browser Console Debugging
1. Open cart page
2. Press F12 to open DevTools
3. Go to Console tab
4. Click "Pay with PayPal"
5. Watch for:
- Red error messages
- `PayPal Error:` logs
- Network errors (check Network tab)
## Testing Checklist
When testing payments:
- [ ] Check browser console for errors
- [ ] Note the Ref ID if error occurs
- [ ] Check `paypal_create_order.log` for the request
- [ ] Check `paypal_capture.log` if got past order creation
- [ ] Verify database tables exist and have data
- [ ] Check PayPal sandbox account activity
## Need More Help?
See full guide: `PAYPAL_DEBUGGING_GUIDE.md`
## Key Configuration Files
- PayPal credentials: `api/create_order.php` and `api/capture_order.php`
- Lines 5-6: `$client_id` and `$client_secret`
- Line 4: `$sandbox` (true/false)
- Database config: `includes/config.inc.php`
- `$db_host`, `$db_user`, `$db_pass`, `$db_name`
- `$table_prefix`
## Status Checklist for Issues
When user reports error:
1. **Get details:**
- [ ] What error message did they see?
- [ ] What was the Ref ID (if shown)?
- [ ] Can they reproduce it?
2. **Check logs:**
- [ ] Find the request by Ref ID
- [ ] Look for ERROR or FAILED labels
- [ ] Check surrounding context (before/after)
3. **Verify config:**
- [ ] PayPal credentials valid?
- [ ] Database connection working?
- [ ] Correct sandbox/live mode?
4. **Test:**
- [ ] Try creating test order
- [ ] Watch logs in real-time
- [ ] Check database for created records

View file

@ -1,261 +0,0 @@
# Quick Start Guide - GSP Billing Panel Integration
## What Was Completed
✅ Created `navigation.xml` - Routes panel URLs to billing pages
✅ Created `my_orders_panel.php` - User view of paid orders
✅ Updated `create_servers.php` - Enhanced provisioning with multi-server support
✅ Created `admin_orders.php` - Admin order management interface
✅ Created `test_integration.php` - Integration testing tool
✅ Created `PANEL_INTEGRATION.md` - Complete documentation
## How to Test Right Now
### Step 1: Test Integration
1. Log into your GSP panel
2. Navigate to: `home.php?m=billing&p=test_integration`
3. Review all checks - everything should show green ✓
### Step 2: Create a Test Order (Database)
If you don't have paid orders yet, create one in the database:
```sql
INSERT INTO billing_orders
(user_id, service_id, home_name, max_players, price, qty, invoice_duration, status, order_date)
VALUES
(1, 1, 'Test Minecraft Server', 25, 9.99, 1, 'month', 'paid', NOW());
```
Replace:
- `user_id = 1` with your actual user ID
- `service_id = 1` with a valid service_id from billing_services table
### Step 3: View Your Orders
Navigate to: `home.php?m=billing&p=my_orders`
You should see:
- Table with your paid orders
- "Provision Server" button for each order
- "Provision All My Servers" button if multiple orders
### Step 4: Provision a Server
Click "Provision Server" button
Expected behavior:
- Redirects to provision_servers page
- Creates game_home entry
- Assigns IP and port
- Installs game files (Steam/rsync/manual)
- Updates order status to 'installed'
- Shows success message
- Auto-redirects to Game Monitor after 3 seconds
### Step 5: Admin Testing (Admin Only)
Navigate to: `home.php?m=billing&p=admin_orders`
Features to test:
- View all orders across all users
- Filter by status dropdown
- Search by username/order ID/server name
- Select multiple orders with checkboxes
- Bulk actions dropdown
- Individual provision/view buttons
## Multi-Server Cart Testing
### Setup:
Create multiple paid orders for the same user:
```sql
INSERT INTO billing_orders
(user_id, service_id, home_name, max_players, price, qty, invoice_duration, status, order_date)
VALUES
(1, 1, 'Minecraft Server 1', 25, 9.99, 1, 'month', 'paid', NOW()),
(1, 2, 'Minecraft Server 2', 50, 14.99, 1, 'month', 'paid', NOW()),
(1, 3, 'ARK Server', 100, 19.99, 1, 'month', 'paid', NOW());
```
### Test:
1. Navigate to: `home.php?m=billing&p=my_orders`
2. Click "Provision All My Servers (3)" button
3. Wait for provisioning to complete
4. Verify all 3 orders changed to status='installed'
5. Check Game Monitor - all 3 servers should appear
## Panel URLs Reference
| Page | URL | Access | Purpose |
|------|-----|--------|---------|
| Test Integration | `home.php?m=billing&p=test_integration` | user, admin | Verify setup |
| My Orders | `home.php?m=billing&p=my_orders` | user, admin | View paid orders |
| Provision Servers | `home.php?m=billing&p=provision_servers&order_id=X` | user, admin | Create servers |
| Admin Orders | `home.php?m=billing&p=admin_orders` | admin only | Manage all orders |
## Common Issues & Solutions
### "No paid orders found"
**Problem:** No orders with status='paid' in database
**Solution:** Check database: `SELECT * FROM billing_orders WHERE status='paid'`
**Fix:** Update test order: `UPDATE billing_orders SET status='paid' WHERE order_id=X`
### "Page not found" / 404 error
**Problem:** navigation.xml not loaded or file missing
**Solution 1:** Verify navigation.xml exists in `modules/billing/`
**Solution 2:** Check file permissions (must be readable by web server)
**Solution 3:** Verify XML syntax is valid (no typos)
### "Access Denied"
**Problem:** User group doesn't match page access requirements
**Solution:** Check `$_SESSION['users_group']` matches navigation.xml access attribute
**Fix for admin pages:** Only 'admin' group can access admin_orders
### Provisioning fails silently
**Problem:** create_servers.php encounters error but doesn't show it
**Solution:** Check PHP error logs
**Common causes:**
- Invalid remote_server_id (stored in ip field)
- Missing game server files
- SteamCMD not configured
- Permissions issues on game directories
### Multiple servers provision but some fail
**Problem:** Foreach loop continues even if one fails
**Solution:** Check individual order details in admin_orders
**Fix:** Provision failed orders individually to see specific error
## Architecture Quick Reference
### Order Status Flow
```
in-cart → paid → installed → invoiced → suspended/deleted
↑ ↑
| |
(payment) (renewal or non-payment)
```
### Provisioning Flow
```
User orders on website → Payment processed → status='paid'
User logs into panel → My Orders → Click "Provision Server"
create_servers.php → Query WHERE status='paid' → foreach order
Create game_home → Assign IP:Port → Install files → Update status='installed'
Email + Discord notification → Redirect to Game Monitor
```
### File Locations
```
modules/billing/
├── navigation.xml [Panel routing config]
├── my_orders_panel.php [User order list]
├── admin_orders.php [Admin management]
├── create_servers.php [Server provisioning]
├── test_integration.php [Testing tool]
├── PANEL_INTEGRATION.md [Full documentation]
└── QUICK_START.md [This file]
```
## Next Steps After Testing
### 1. Optional: Add Menu Items
Edit `modules/billing/module.php` around line 20:
```php
$module_menus = array(
array('subpage' => 'my_orders', 'name'=>'My Orders', 'group'=>'user'),
array('subpage' => 'admin_orders', 'name'=>'Manage Orders', 'group'=>'admin')
);
```
This adds menu items to panel sidebar navigation.
### 2. Customize Success Messages
Edit `create_servers.php` around line 385 to customize redirect behavior:
- Change auto-redirect delay (currently 3 seconds)
- Add custom success messages
- Modify redirect destination
### 3. Add Email Templates
Enhance email notifications in create_servers.php:
- Custom HTML email templates
- Include server connection details
- Add next steps for users
### 4. Discord Webhook Formatting
Improve Discord notifications with:
- Rich embeds with server details
- Color coding by status
- Direct links to Game Monitor
### 5. Production Deployment
Before going live:
- Test with real payment gateway (PayPal/Stripe)
- Verify SteamCMD and game installs work
- Test with multiple concurrent users
- Set up monitoring and logging
- Configure backup system
## Support & Troubleshooting
### Debug Mode
To see detailed errors, enable PHP error reporting temporarily:
In `create_servers.php` at the top of exec_ogp_module():
```php
error_reporting(E_ALL);
ini_set('display_errors', 1);
```
### Database Debugging
Check order details:
```sql
SELECT o.*, s.service_name, u.users_login
FROM billing_orders o
LEFT JOIN billing_services s ON o.service_id = s.service_id
LEFT JOIN users u ON o.user_id = u.user_id
WHERE o.status = 'paid';
```
### Log Files to Check
- PHP error log: `/var/log/php_errors.log` (or server equivalent)
- Apache/Nginx error log: `/var/log/apache2/error.log`
- OGP agent log: Check agent output for remote commands
- Game server logs: In each game_home directory
## Questions?
Refer to:
- `PANEL_INTEGRATION.md` - Complete technical documentation
- `test_integration.php` - Run diagnostics: `home.php?m=billing&p=test_integration`
- OGP documentation - For panel-specific questions
- `create_servers.php` - Source code with comments
## Success Checklist
Before considering integration complete:
- [ ] test_integration.php shows all green checks
- [ ] Can view orders at my_orders page
- [ ] Can provision single order successfully
- [ ] Can provision multiple orders at once
- [ ] Orders update to status='installed' in database
- [ ] home_id saved correctly after provisioning
- [ ] end_date calculated and saved
- [ ] Servers appear in Game Monitor
- [ ] Admin can view all orders
- [ ] Admin can filter and search orders
- [ ] Bulk actions work (provision multiple)
- [ ] Email notifications sent (if configured)
- [ ] Discord webhooks work (if configured)
---
**Integration Status: COMPLETE**
**Multi-Server Support: FUNCTIONAL**
**Admin Tools: READY**
**Testing Tool: AVAILABLE**
Start with: `home.php?m=billing&p=test_integration`

View file

@ -1,178 +0,0 @@
# GameServers.World - Billing Module
## Overview
The billing module is a complete standalone website for selling game servers. It can be deployed on the same machine as the GSP panel or on a completely separate external web host.
## Documentation System
### Visual TODO System ✅
As of December 19, 2024, all game documentation includes completion tracking:
- **Complete Documentation:** Displays with normal name (e.g., "Minecraft Server")
- **Incomplete Documentation:** Displays with "TODO: " prefix (e.g., "TODO: Arma 3")
### Current Status
- **Complete:** 1 game (Minecraft - comprehensive template)
- **Incomplete:** 146 games (marked with TODO prefix)
### Documentation Template Standard
All complete documentation should match the Minecraft template:
- Comprehensive ports table (ALL ports with purposes)
- Firewall configurations (UFW, FirewallD, Windows, iptables)
- Startup parameters with detailed explanations
- Troubleshooting sections with specific solutions
- Performance optimization tips
- Security best practices
- Resource links with citations
### Viewing Documentation
- Browse to `docs.php` to see all game documentation
- Games with "TODO: " prefix need comprehensive research and writing
- Click any game to view its documentation page
### Marking Documentation Complete
When game documentation is finished:
1. Edit `docs/{game}/metadata.json`
2. Change `"complete": false` to `"complete": true`
3. The TODO prefix will automatically disappear
## Recent Updates
### December 19, 2024 - Visual TODO System
- ✅ Implemented completion tracking for all 148 game folders
- ✅ Created PowerShell automation script (`update_metadata_complete.ps1`)
- ✅ Updated docs.php with automatic TODO prefix display
- ✅ Minecraft documentation completed as template example
### November 10, 2025 - Critical Fixes
- ✅ Fixed PayPal payment capture session issue
- ✅ Removed cart debug logging code
- ✅ Fixed cart page header/footer consistency
- ✅ Implemented AJAX invoice removal with Font Awesome icons
## Key Files
### Documentation System
- `docs.php` - Documentation browser with TODO system
- `docs/*/index.php` - Individual game documentation pages
- `docs/*/metadata.json` - Game metadata with completion status
- `update_metadata_complete.ps1` - Batch metadata update script
### Reference Documents
- `PHASE1_COMPLETE_SUMMARY.md` - Phase 1 implementation summary
- `GAME_DOCS_TODO_REFERENCE.md` - Complete reference for documentation system
- `RECENT_FIXES_SUMMARY.md` - All recent fixes and enhancements
### Payment Integration
- `api/capture_order.php` - PayPal payment capture (fixed session handling)
- `payment_success.php` - Payment success redirect
- `payment_cancel.php` - Payment cancellation handler
### Shopping Cart
- `cart.php` - Shopping cart UI with PayPal integration (cleaned up)
- `add_to_cart.php` - Add items to cart
- `remove_from_cart.php` - AJAX removal endpoint
## Development Guidelines
### Adding New Game Documentation
1. Create folder: `docs/{game-slug}/`
2. Create `metadata.json`:
```json
{
"name": "Game Name",
"description": "Brief description",
"category": "game",
"order": 100,
"complete": false
}
```
3. Create `index.php` following Minecraft template
4. Add optional `icon.png` or `icon.jpg`
5. When complete, set `"complete": true` in metadata
### Research Sources for Game Documentation
- Official game wikis and documentation
- LGSM (LinuxGSM) scripts and configuration files
- Steam Community Guides (highly-rated)
- Reddit communities (r/gameservers, game-specific)
- GitHub repositories with server configurations
- Official game forums
- User-contributed solutions and fixes
### Documentation Quality Standards
- **Comprehensive Ports:** List ALL ports with purposes (TCP/UDP)
- **Startup Parameters:** Full parameter explanations with examples
- **Troubleshooting:** Specific common issues with tested solutions
- **Firewall Configs:** Multiple platform examples (Linux + Windows)
- **Citations:** Link to all sources used in research
- **Testing:** Verify all commands and configurations are accurate
## Next Priorities
### Phase 2: ARMA Family + DayZ (HIGH PRIORITY)
1. Arma 3
2. Arma 2: Operation Arrowhead
3. Arma 2: Combined Operations
4. DayZ Standalone
5. DayZ Mod
### Phase 3: Popular Multiplayer Games
- Counter-Strike family (1.6, Source, CS2, CS:GO)
- Survival/Building (Rust, Terraria, Valheim, ARK)
- Co-op Shooters (L4D series, Killing Floor series, TF2)
- Tactical Shooters (Insurgency series, Squad)
### Phase 4: Remaining Games
- All other 50+ game folders in alphabetical order
## Testing Checklist
### PayPal Integration
- [ ] User can add servers to cart
- [ ] PayPal checkout button works
- [ ] Payment completes successfully
- [ ] Success page displays correctly
- [ ] No `NO_USER_SESSION` errors in logs
### Documentation System
- [ ] docs.php displays all games correctly
- [ ] TODO prefix shows for incomplete docs
- [ ] Complete docs show without TODO prefix
- [ ] Individual game pages load correctly
- [ ] Navigation links work within documentation
### Cart Functionality
- [ ] Cart displays all items correctly
- [ ] Remove button deletes items (AJAX)
- [ ] Header and footer display consistently
- [ ] Fonts match other billing pages
## Technical Notes
### Session Management
- **CRITICAL:** Always use `session_name("opengamepanel_web")` before `session_start()`
- Sessions are separate from panel sessions
- User authentication stored in `$_SESSION['website_user_id']`
### Database Connection
- Uses mysqli with credentials from `includes/config.inc.php`
- All database operations use native mysqli functions
- Never use panel-specific functions
### Standalone Design
- Module must work on external hosting
- No dependencies on panel files
- All paths use `__DIR__` relative references
- MySQL connection direct (not through panel)
## Support & Resources
- Main project: GameServerPanel/GSP
- Branch: Panel-unstable
- Documentation: Browse `docs.php` for game-specific guides
- Issues: Check logs in `modules/billing/logs/`
---
**Last Updated:** December 19, 2024
**Version:** 2.0 (with Visual TODO System)

View file

@ -1,287 +0,0 @@
# Billing Module Standalone & Coupon System - Implementation Summary
## Overview
This update addresses two major requirements:
1. **Standalone Billing Module**: The billing module can now operate independently from the panel, either on the same server or on a separate web host.
2. **Enhanced Coupon System**: A comprehensive coupon system with game filters, usage tracking, and permanent/one-time discount options.
## Changes Made
### 1. Standalone Database Connection (Critical Fix)
**Problem**: The billing module was trying to use panel database functions that don't exist when deployed on a separate server, causing PayPal payment processing to fail with "Unexpected end of JSON input" error.
**Solution**:
- Removed all `require_once` statements that reference panel files like `includes/database_mysqli.php`
- Replaced panel database functions with native mysqli functions
- Created standalone `config.inc.php` file for database credentials
- Updated `api/capture_order.php` to use `mysqli_connect()` instead of `createDatabaseConnection()`
**Files Modified**:
- `.github/copilot-instructions.md` - Added standalone requirement documentation
- `modules/billing/includes/config.inc.php` - Created from template (should be gitignored in production)
- `modules/billing/api/capture_order.php` - Fixed database connection
### 2. Enhanced Coupon System
**Features Implemented**:
- ✅ Create, edit, delete coupons through admin interface
- ✅ Percentage-based discounts (0-100%)
- ✅ One-time vs. permanent discount types
- ✅ Game-specific filtering (all games or specific games)
- ✅ Usage limits and tracking
- ✅ Expiration dates
- ✅ Coupon application in cart with real-time price updates
- ✅ Automatic discount application on payment
- ✅ Discount display in My Servers and Admin Invoices views
**Files Created**:
- `modules/billing/create_coupons_table.sql` - Database schema
- `modules/billing/admin_coupons.php` - Admin management interface
- `modules/billing/COUPON_SYSTEM.md` - Comprehensive documentation
**Files Modified**:
- `modules/billing/admin.php` - Added "Manage Coupons" link
- `modules/billing/cart.php` - Added coupon application form and discount logic
- `modules/billing/api/capture_order.php` - Apply coupons on payment, track usage
- `modules/billing/my_servers.php` - Display discount information
- `modules/billing/admin_invoices.php` - Display discount information
### 3. Database Schema Updates
**New Table**: `ogp_billing_coupons`
```sql
- coupon_id (primary key)
- code (unique)
- name, description
- discount_percent
- usage_type (one_time/permanent)
- game_filter_type (all_games/specific_games)
- game_filter_list (JSON array of game keys)
- max_uses, current_uses
- expires, is_active
```
**Updated Tables**:
- `ogp_billing_invoices`: Added `coupon_id`, `discount_amount`
- `ogp_billing_orders`: Added `coupon_id`, `discount_amount`
## Installation Instructions
### Prerequisites
- MySQL/MariaDB database
- PHP 7.4 or higher
- Existing billing module installation
### Step 1: Create Configuration File
If deploying on a separate server (not co-located with panel):
```bash
cd modules/billing/includes/
cp config.inc.php.orig config.inc.php
```
Edit `config.inc.php` with your database credentials:
```php
$db_host = "your-db-host";
$db_user = "your-db-user";
$db_pass = "your-db-password";
$db_name = "your-db-name";
$table_prefix = "ogp_";
```
**Important**: Add `config.inc.php` to `.gitignore` to prevent committing sensitive credentials.
### Step 2: Run Database Migration
```bash
mysql -u [username] -p [database] < modules/billing/create_coupons_table.sql
```
Or import via phpMyAdmin.
### Step 3: Verify Installation
1. Log in as admin: `/modules/billing/admin.php`
2. Click "Manage Coupons"
3. You should see the coupon management interface with 2 sample coupons
### Step 4: Test Coupon System
1. Create a test coupon or use existing "WELCOME10"
2. Add a server to cart: `/modules/billing/order.php`
3. View cart: `/modules/billing/cart.php`
4. Apply coupon code
5. Verify discount is calculated correctly
6. Complete payment (or use free server button if admin)
7. Check My Servers page for discount display
## Usage
### For Administrators
**Create a Coupon**:
1. Navigate to Admin → Manage Coupons
2. Scroll to "Add New Coupon" form
3. Fill in details:
- Code (e.g., "SUMMER25")
- Discount percentage (e.g., 25 for 25% off)
- Usage type (one-time or permanent)
- Game filter (all games or specific)
4. Click "Add Coupon"
**Monitor Usage**:
- View current uses vs. max uses in coupon list
- Edit or deactivate coupons as needed
- Delete expired or unused coupons
### For Customers
**Apply a Coupon**:
1. Add servers to cart
2. On cart page, find "Have a coupon code?" section
3. Enter coupon code
4. Click "Apply Coupon"
5. Prices update automatically
6. Proceed to PayPal checkout
**View Discounts**:
- Cart page shows applied discount
- My Servers page shows original price (strikethrough) and discounted price
- Coupon code displayed with percentage
## Coupon Types Explained
### One-Time Coupons
- Applied to first invoice only
- Renewals use original price
- Example: "WELCOME10" for new customers
### Permanent Coupons
- Applied to initial purchase AND all renewals
- Discount stored in order record
- Example: "VIP50" for permanent 50% off
### Game Filters
**All Games**:
- Coupon applies to any game in cart
- Simplest option for general promotions
**Specific Games**:
- Define list of game keys
- Only matching games get discount
- Uses partial matching (e.g., "arma3" matches "arma3_linux64")
- Example: Arma-only promotion
## Troubleshooting
### PayPal Payment Returns JSON Error
**Symptom**: "Unexpected end of JSON input" on cart page after PayPal payment
**Cause**: Missing `config.inc.php` or incorrect database credentials
**Fix**:
1. Check `/modules/billing/includes/config.inc.php` exists
2. Verify credentials are correct
3. Test database connection: `/modules/billing/test_db_connection.php`
4. Check error logs: `/modules/billing/logs/` and server error log
### Coupon Not Applying
**Checks**:
- Code is correct (case-sensitive)
- Coupon is active
- Not expired
- Usage limit not reached
- Game matches filter (for game-specific coupons)
### Discount Not Showing After Payment
**Checks**:
- Database schema includes `discount_amount` columns
- `coupon_id` was saved to invoice/order
- Clear browser cache
## Security Notes
1. **Sensitive Files**: Add `modules/billing/includes/config.inc.php` to `.gitignore`
2. **Database Credentials**: Use read-only credentials if possible (billing only needs read/write to billing tables)
3. **CSRF Protection**: All admin forms include CSRF tokens
4. **Input Sanitization**: All user inputs are sanitized with `mysqli_real_escape_string()`
5. **SQL Injection**: Parameterized queries or escaped strings throughout
## File Structure
```
modules/billing/
├── api/
│ ├── capture_order.php (Modified - standalone DB connection)
│ └── create_order.php
├── includes/
│ ├── config.inc.php (Created - DB config)
│ └── config.inc.php.orig (Template)
├── admin_coupons.php (Created - Coupon management UI)
├── admin_invoices.php (Modified - Show discounts)
├── cart.php (Modified - Coupon application)
├── my_servers.php (Modified - Show discounts)
├── admin.php (Modified - Added coupon link)
├── create_coupons_table.sql (Created - DB schema)
└── COUPON_SYSTEM.md (Created - Documentation)
```
## Testing Checklist
- [ ] Database migration ran successfully
- [ ] Admin can access coupon management page
- [ ] Can create new coupon (all games)
- [ ] Can create game-specific coupon
- [ ] Can edit existing coupon
- [ ] Can delete coupon
- [ ] Customer can apply coupon in cart
- [ ] Cart prices update with discount
- [ ] Free server creation works (if admin)
- [ ] PayPal payment processes successfully
- [ ] Coupon usage count increments
- [ ] One-time coupon clears after payment
- [ ] Permanent coupon stays in order
- [ ] Discount shows on My Servers page
- [ ] Discount shows on Admin Invoices page
- [ ] Expired coupons are rejected
- [ ] Max uses limit is enforced
- [ ] Game filter works correctly
## Known Limitations
1. Coupons are percentage-based only (no fixed-amount discounts)
2. No minimum purchase requirement
3. No user-specific targeting (all users can use any active coupon)
4. No coupon stacking (one coupon per order)
5. Game matching uses partial string match (may need refinement)
## Future Enhancements
- Fixed-amount coupons (e.g., $5 off)
- Minimum purchase requirements
- User-specific or group-specific coupons
- Referral system integration
- Automatic coupon generation for campaigns
- Analytics dashboard
- Email notifications on coupon usage
## Support & Documentation
- Full documentation: `modules/billing/COUPON_SYSTEM.md`
- Copilot instructions: `.github/copilot-instructions.md`
- Issue tracker: GitHub Issues
---
**Version**: 1.0
**Date**: October 29, 2025
**Author**: Copilot Agent
**Tested**: Manual testing completed

View file

@ -1,326 +0,0 @@
# Recent Fixes & Enhancements Summary
**Date:** December 19, 2024 (Updated)
## Phase 1: Visual TODO System Implementation ✅ **NEW**
### Overview
Implemented comprehensive system to visually identify incomplete game documentation across the entire billing website. All game documentation folders now have completion tracking.
### Changes Made
#### 1. Metadata Enhancement System
- **Created:** `update_metadata_complete.ps1` - PowerShell script for batch metadata updates
- **Updated:** 146 metadata.json files across all game documentation folders
- **New Field:** Added `"complete": false` to mark documentation status
- **Exception:** Minecraft marked as `"complete": true` (serves as complete template)
#### 2. Documentation Display Logic
- **File:** `modules/billing/docs.php`
- **Enhancement:** Added automatic "TODO: " prefix for incomplete documentation
- **Logic:**
```php
$isComplete = isset($metadata['complete']) ? (bool)$metadata['complete'] : false;
if (!$isComplete) {
$displayName = 'TODO: ' . $displayName;
}
```
- **Result:** Users immediately see which games need comprehensive documentation
#### 3. Visual Impact on docs.php
**Complete Documentation (no prefix):**
- ✅ Minecraft Server
**Incomplete Documentation (TODO prefix):**
- ❌ TODO: Arma 3
- ❌ TODO: Arma 2: Operation Arrowhead
- ❌ TODO: Arma 2: Combined Operations
- ❌ TODO: DayZ
- ❌ TODO: Rust
- ❌ TODO: Counter-Strike: Global Offensive
- ❌ TODO: Garry's Mod
- ❌ TODO: Valheim
- ❌ TODO: Terraria
- ❌ TODO: Left 4 Dead 2
- ❌ TODO: Team Fortress 2
- ❌ TODO: ARK: Survival Evolved
- ...and 134 more games
### Minecraft Documentation Template (Complete Example)
**File:** `modules/billing/docs/minecraft/index.php`
**Status:** Complete (~550 lines)
**Includes:**
- 📚 Navigation with anchor links
- 🔌 Comprehensive ports table (all ports with purposes)
- ⚙️ Startup parameters (JVM flags, optimizations)
- 🔧 Troubleshooting sections (specific solutions)
- 🔥 Firewall configs (UFW, FirewallD, Windows, iptables)
- 🔒 Security best practices
- ⚡ Performance optimization tips
- 🔗 Resource links with citations
---
## Critical Fixes Completed ✅
### 1. PayPal Payment Capture Session Issue (FIXED)
**Problem:** Payment capture was failing with `NO_USER_SESSION` error even though user was logged in.
**Root Cause:** The `api/capture_order.php` file was calling `session_start()` without setting the session name first, so it couldn't access the `opengamepanel_web` session where the user_id is stored.
**Solution:** Added `session_name("opengamepanel_web")` before `session_start()` in `capture_order.php`.
**File Modified:** `modules/billing/api/capture_order.php` (line ~148)
**Test Steps:**
1. Log into the billing site
2. Add a server to cart
3. Click PayPal checkout button
4. Complete payment in PayPal sandbox
5. Verify payment completes successfully and redirects to success page
6. Check `modules/billing/logs/payment_capture.log` - should no longer show `NO_USER_SESSION` error
---
### 2. Cart Page Debug Logging Removed (COMPLETED)
**What Was Removed:**
- Shutdown function that logged to `data/debug_cart.log`
- `?debug_cart=1` parameter handling
- Debug error display code
**File Modified:** `modules/billing/cart.php` (lines 1-30)
**Result:** Cart page now runs in production mode without debug overhead.
---
### 3. Cart Page Header/Footer Consistency (FIXED)
**Problem:** Cart page had different fonts and styling than other billing pages; missing footer entirely.
**Solutions Applied:**
1. Added `include(__DIR__ . '/includes/top.php');` before menu
2. Added `include(__DIR__ . '/includes/footer.php');` at page end
3. Removed global `font-family` and `background` override from inline CSS
4. Added favicon links to match other pages
**Files Modified:**
- `modules/billing/cart.php` (head section and body closing)
**Result:** Cart page now has consistent header/menu/footer with rest of billing module.
---
## Documentation Enhancements Started 📚
### 4. Minecraft Documentation Updated (TEMPLATE CREATED)
**What Was Added:**
- Comprehensive **Ports section** with table showing all ports (TCP 25565, UDP 25565, TCP 25575, UDP 19132)
- Port purposes clearly explained
- Firewall configuration examples for multiple platforms
- Security notes for RCON and port protection
- Enhanced navigation with icons (🔌 Ports, ⚙️ Startup Parameters, 🔧 Troubleshooting)
**File Modified:** `modules/billing/docs/minecraft/index.php`
**Template Pattern Established:**
- ✅ Quick Info section (at top)
- ✅ Ports section with complete table
- ✅ Installation steps
- ✅ Configuration examples
- ✅ Startup Parameters section (already excellent)
- ✅ Troubleshooting section (already comprehensive)
- ✅ Performance optimization
- ✅ Security best practices
---
## Remaining Documentation Work 📋
### Games Needing Full Port/Parameter/Troubleshooting Docs
The following games need their `docs/{game}/index.php` files updated with the Minecraft template pattern:
#### High Priority Games (Popular):
1. **Counter-Strike: Global Offensive** (`csgo/`)
2. **Team Fortress 2** (`tf2/`)
3. **Garry's Mod** (`garrysmod/`)
4. **Rust** (`rust/`)
5. **ARK: Survival Evolved** (`arkse/`)
6. **Terraria** (`terraria/`)
7. **Valheim** (`valheim/`)
8. **7 Days to Die** (`7daystodie/`)
9. **DayZ** (`dayz/`)
10. **Left 4 Dead 2** (`left4dead2/`)
#### Medium Priority:
11. Counter-Strike Source (`css/`)
12. Arma 3 (`arma3/`)
13. Squad (`squad/`)
14. Insurgency Sandstorm (`insurgencysandstorm/`)
15. Space Engineers (`space_engineers/`)
16. Conan Exiles (`conanexiles/`)
17. The Forest (`theforest/`)
18. Don't Starve Together (`dontstarvetogether/`)
19. Factorio (`factorio/`)
20. TeamSpeak 3 (`teamspeak3/`)
#### Lower Priority (Legacy/Niche):
21. All remaining games in `modules/billing/docs/`
---
### Research Needed Per Game
For each game, research and document:
1. **All Network Ports:**
- Game port (TCP/UDP)
- Query port
- RCON/Admin port
- Voice chat ports (if applicable)
- Steam port (if Steam-based)
- Additional service ports (web interfaces, etc.)
2. **Startup Parameters:**
- Command-line flags
- Memory allocation
- Server configuration switches
- Performance optimization flags
3. **Common Issues (from internet research):**
- "Server won't start" specific to that game
- Connection problems
- Performance/lag issues specific to game engine
- Mod/plugin conflicts
- Save corruption issues
- Update/patch problems
4. **Game-Specific Configuration:**
- Main config file locations
- Critical settings
- Player limits
- World/map settings
---
### Documentation Template Structure
Each game's `index.php` should follow this structure:
```php
<?php
/**
* {Game Name} Server Documentation
*/
?>
<!-- Navigation with icons -->
<div style="background: #1e3a5f...">
<h3>📚 Quick Navigation</h3>
<div>
<a href="#quick-info">Quick Info</a>
<a href="#ports">🔌 Ports</a>
<a href="#installation">Installation</a>
<a href="#configuration">Configuration</a>
<a href="#parameters">⚙️ Startup Parameters</a>
<a href="#troubleshooting">🔧 Troubleshooting</a>
<a href="#performance">Performance</a>
</div>
</div>
<h1>{Game Name} Server Hosting Guide</h1>
<h2 id="quick-info">Quick Info</h2>
<!-- Key stats in styled box -->
<h2 id="ports">🔌 Network Ports Used</h2>
<!-- Table with all ports, protocols, purposes, required/optional -->
<!-- Firewall examples -->
<!-- Port security notes -->
<h2 id="installation">Installation & Setup</h2>
<!-- Step-by-step installation -->
<h2 id="configuration">Server Configuration</h2>
<!-- Config file examples -->
<h2 id="parameters">⚙️ Startup Parameters</h2>
<!-- Command-line flags -->
<!-- Parameter explanations -->
<h2 id="troubleshooting">🔧 Troubleshooting</h2>
<!-- Common Issues section -->
<!-- Server Won't Start -->
<!-- Connection Problems -->
<!-- Performance Issues -->
<!-- Game-specific problems -->
<h2 id="performance">Performance Optimization</h2>
<!-- Optimization tips -->
<!-- Additional Resources -->
<!-- Important Notes -->
```
---
## Testing Checklist
### PayPal Payment Flow:
- [ ] Log into billing site
- [ ] Add server to cart
- [ ] Apply coupon (optional)
- [ ] Click PayPal button
- [ ] Complete sandbox payment
- [ ] Verify success page loads
- [ ] Check invoice marked as paid in database
- [ ] Verify no `NO_USER_SESSION` in `logs/payment_capture.log`
### Cart Page:
- [ ] Cart page loads with correct header/menu (same font as index.php)
- [ ] Footer appears with timestamp
- [ ] Favicon displays in browser tab
- [ ] Remove item (trash icon) works via AJAX
- [ ] Cart refreshes without full page reload after removal
- [ ] Database row hard-deleted (invoice removed from table)
### Documentation:
- [ ] Navigate to `/docs.php` (or docs index)
- [ ] Click on Minecraft documentation
- [ ] Verify new Ports section displays correctly
- [ ] Verify navigation links jump to correct sections
- [ ] Test on mobile/tablet for responsive layout
---
## Next Steps (Priority Order)
1. **Test PayPal payment flow end-to-end** (sandbox environment)
2. **Verify cart removal functionality** (AJAX + database deletion)
3. **Begin documentation expansion:**
- Start with top 10 popular games
- Research ports/parameters/issues for each
- Update docs using Minecraft template
- Test navigation and layout
4. **Consider automation:**
- Script to validate all game docs have required sections
- Port information database/reference
- Common troubleshooting template generator
---
## Files Modified in This Session
1. `modules/billing/api/capture_order.php` - Fixed session name issue
2. `modules/billing/cart.php` - Removed debug logging, fixed header/footer
3. `modules/billing/docs/minecraft/index.php` - Added ports section, enhanced navigation
## Files to Review
- `modules/billing/logs/payment_capture.log` - Check for successful captures
- `modules/billing/data/debug_cart.log` - Should no longer be written to
- Database table `{$table_prefix}billing_invoices` - Verify removals are hard-deleted
---
**End of Summary**

View file

@ -1,176 +0,0 @@
# Billing Module Status Report
**Date:** November 7, 2025
**Branch:** copilot/update-billing-table-prefix
## ✅ Completed Tasks
### 1. Table Prefix Updates
- **Status:** ✅ COMPLETE
- **Changes:**
- All SQL files updated to use hardcoded `gsp_` prefix
- `config.inc.php` default changed from `ogp_` to `gsp_`
- Panel tables (like `ogp_users`) correctly left unchanged
- All references properly updated in:
- create_invoices_table.sql
- create_coupons_table.sql
- migration_to_invoices.sql
- add_paypal_data_column.sql
- add_service_id_column.sql
- fix_invoices_table_columns.sql
### 2. Documentation System
- **Status:** ✅ COMPLETE
- **Implementation:**
- New `/modules/billing/docs.php` browser created
- Category-based organization (game, panel, mods, troubleshooting, other)
- Each doc folder contains:
- `index.php` - Documentation content
- `metadata.json` - Category, name, description, order
- `icon.png/jpg` - Visual icon
- Smart sorting by category and order number
- Clean, dark-themed UI matching site design
- Back button navigation
- "Documentation" link added to main menu
- Old docs preserved in `/docs_old/` for reference
- Complete README.md with instructions
**Example Documentation Created:**
- Minecraft Server Guide (game category)
- Getting Started (panel category)
- Common Issues & Solutions (troubleshooting category)
### 3. PayPal Integration
- **Status:** ✅ COMPLETE (Core Functionality)
- **Components:**
- `api/create_order.php` - Creates PayPal orders with comprehensive logging
- `api/capture_order.php` - Captures payments and marks invoices paid
- `webhook.php` - Handles PayPal webhooks with signature verification
- All use standalone mysqli (no panel dependencies)
- Full logging system for debugging
- Secure error handling
**Payment Flow:**
1. User views cart with unpaid invoices
2. Clicks PayPal button → creates order via API
3. Completes payment on PayPal
4. capture_order.php marks invoices paid, creates orders
5. Webhook confirms payment asynchronously
6. Success page shows confirmation
## ⚠️ Partially Complete
### Coupon System
- **Status:** ⚠️ BACKEND READY, FRONTEND MISSING
- **What Exists:**
- ✅ Database schema (`gsp_billing_coupons` table)
- ✅ Admin interface (`admin_coupons.php`)
- ✅ Coupon CRUD operations
- ✅ Fields in invoices/orders for coupon tracking
- ✅ Comprehensive documentation (COUPON_SYSTEM.md)
- **What's Missing:**
- ❌ Coupon input/validation in cart.php
- ❌ Discount calculation in checkout
- ❌ Session storage of applied coupons
- ❌ Coupon usage tracking on payment
**Impact:** Coupons can be created by admins but customers cannot apply them during checkout.
**Recommendation:** The problem statement asks to "verify all the paypal payment works and is complete with coupons". The PayPal payment WORKS but coupon integration in the checkout flow needs to be implemented to match the COUPON_SYSTEM.md documentation.
## 📋 Other Findings
### Inconsistencies Found
1. **Mixed URL Patterns**
- Some files use absolute URLs correctly
- create_order.php has hardcoded site base URL instead of using config
- Recommendation: Use `$SITE_BASE_URL` from config consistently
2. **Session Namespaces**
- Most files use `website_user_id` session variable
- Some fallback to `user_id`
- Recommendation: Standardize on `website_user_id`
3. **Error Handling**
- Most files have good error handling
- A few older files could use try/catch blocks
- Recommendation: Audit older PHP files for error handling
4. **Documentation Markdown Files**
- Multiple .md files in root of billing module
- Could be consolidated or moved to docs folder
- Recommendation: Create a `/docs/developer/` category for technical docs
### SQL Files Status
All SQL files properly use `gsp_` prefix:
- ✅ create_invoices_table.sql
- ✅ create_coupons_table.sql
- ✅ migration_to_invoices.sql
- ✅ add_paypal_data_column.sql
- ✅ add_service_id_column.sql
- ✅ fix_invoices_table_columns.sql
### Configuration Files
- ✅ `config.inc.php` - Default prefix is `gsp_`
- ✅ Standalone compatible (no panel includes)
- ✅ Database connection using mysqli
## 🎯 Recommended Next Steps
### Priority 1: Complete Coupon Integration
To match COUPON_SYSTEM.md documentation, implement in cart.php:
1. Add coupon input field
2. AJAX endpoint to validate and apply coupons
3. Discount calculation in cart totals
4. Store applied coupon in session
5. Pass coupon to payment processor
6. Update invoices with coupon_id on payment
7. Increment usage counter
8. Handle one-time vs permanent coupons
### Priority 2: Testing
1. Test PayPal sandbox end-to-end
2. Test invoice creation → cart → payment → success
3. Test webhook signature verification
4. Test error scenarios (payment failure, timeout, etc.)
5. Once coupons implemented, test coupon application
### Priority 3: Documentation
1. Move developer .md files to `/docs/developer/` category
2. Create user-facing coupon documentation in docs system
3. Add payment troubleshooting guide
### Priority 4: Code Quality
1. Audit older PHP files for error handling
2. Standardize session variable names
3. Use config SITE_BASE_URL consistently
4. Add input validation where missing
## 📊 Summary
### What Works Now
- ✅ Table prefixes corrected to `gsp_`
- ✅ Documentation system fully functional
- ✅ PayPal payment processing complete
- ✅ Coupon admin management ready
- ✅ Standalone deployment compatible
### What Needs Work
- ❌ Coupon checkout integration
- ⚠️ Some minor inconsistencies (URLs, sessions)
- ⚠️ Testing needed for full payment flow
### Files Modified in This PR
- SQL files (6 files) - table prefix updates
- config.inc.php - default prefix change
- docs.php (new) - documentation browser
- docs/ folder - restructured with examples
- includes/menu.php - added Documentation link
- STATUS_REPORT.md (this file)
### Files in docs_old/ (preserved for reference)
- 206 game markdown files
- Old docs.php, server.php, game.php
- all_hostable_games_union.csv

View file

@ -1,339 +0,0 @@
# Testing Checklist for Billing Invoice/Order Flow Fixes
## Prerequisites
1. **Database Setup**
- [ ] Verify `ogp_billing_invoices` table exists
- [ ] Verify `ogp_billing_orders` table exists
- [ ] Verify tables have all required columns (see create_invoices_table.sql)
2. **Configuration**
- [ ] Copy `modules/billing/includes/config.inc.php.orig` to `modules/billing/includes/config.inc.php`
- [ ] Update database credentials in config.inc.php
- [ ] Verify `$table_prefix` is set correctly (default: "ogp_")
- [ ] Verify `$SITE_DATA_DIR` path is writable
3. **PayPal Configuration**
- [ ] Verify sandbox client_id and client_secret in api/create_order.php
- [ ] Verify sandbox client_id and client_secret in api/capture_order.php
- [ ] Verify webhook_id in webhook.php
## Test 1: Add to Cart (Invoice Creation)
**Test NEW Order Flow**
1. Navigate to order.php
2. Select a game server configuration
3. Set price to $0.00 for testing (or use regular price)
4. Fill in all required fields
5. Click "Add to Cart"
**Expected Results:**
- [ ] Redirects to cart.php
- [ ] Item appears in cart
- [ ] Database check: Invoice created in `ogp_billing_invoices`
- [ ] status = 'due'
- [ ] order_id = 0 (no order yet)
- [ ] user_id matches logged-in user
- [ ] amount, qty, service_id populated correctly
**Verification SQL:**
```sql
SELECT * FROM ogp_billing_invoices WHERE status='due' ORDER BY invoice_id DESC LIMIT 5;
```
## Test 2: Free Button (Manual Order Creation)
**Test Free/Claim Flow**
1. Ensure you have item in cart with amount = 0.00
2. Click "Claim (Free)" button
**Expected Results:**
- [ ] Redirects to return.php
- [ ] Shows payment confirmation
- [ ] Invoice marked as paid
- [ ] Order created
- [ ] Cart is empty
**Verification SQL:**
```sql
-- Check invoice was marked paid
SELECT invoice_id, status, paid_date, order_id FROM ogp_billing_invoices
WHERE status='paid' ORDER BY invoice_id DESC LIMIT 1;
-- Check order was created
SELECT order_id, user_id, status, end_date, payment_txid FROM ogp_billing_orders
ORDER BY order_id DESC LIMIT 1;
-- Verify link
SELECT i.invoice_id, i.order_id, o.order_id
FROM ogp_billing_invoices i
LEFT JOIN ogp_billing_orders o ON i.order_id = o.order_id
WHERE i.status='paid' ORDER BY i.invoice_id DESC LIMIT 5;
```
**Check Logs:**
```bash
tail -50 modules/billing/logs/site.log | grep -E "(payment|free_create)"
```
## Test 3: PayPal Payment Flow
**Test PayPal Checkout**
1. Add paid item to cart (e.g., $5.00)
2. Click PayPal button in cart
3. Should redirect to PayPal sandbox
4. Login with sandbox buyer account
5. Approve payment
6. Should return to payment_success.php
**Expected Results:**
- [ ] PayPal button renders correctly
- [ ] Creates PayPal order (check browser console for order ID)
- [ ] Redirects to PayPal sandbox
- [ ] After approval, returns to payment_success.php
- [ ] No JavaScript errors in console
- [ ] No "Unexpected end of JSON input" error
- [ ] Invoice marked as paid
- [ ] Order created
- [ ] Cart is empty
**Browser Console Checks:**
```
Look for:
✓ "PayPal cart debug: ..." - Shows cart data
✓ "Creating order..." - Order creation started
✓ "Order created." - Order creation succeeded
✓ "Capturing payment..." - Capture started
✗ Any errors - Should be none
```
**Verification SQL:**
```sql
-- Check invoice
SELECT invoice_id, status, paid_date, payment_txid, payment_method, order_id
FROM ogp_billing_invoices
WHERE payment_method='paypal'
ORDER BY invoice_id DESC LIMIT 1;
-- Check order
SELECT order_id, user_id, status, price, end_date, payment_txid
FROM ogp_billing_orders
WHERE payment_txid LIKE '%'
ORDER BY order_id DESC LIMIT 1;
```
**Check API Logs:**
```bash
# Check create_order.php payload
cat modules/billing/data/create_order_payload.log
# Check corrected URLs
cat modules/billing/data/corrected_urls.log
# Check for errors
cat modules/billing/data/create_order_errors.log
```
## Test 4: Webhook Processing
**Test Webhook Handler**
1. Trigger a PayPal payment (from Test 3)
2. PayPal will send webhook to webhook.php
**Expected Results:**
- [ ] Webhook receives POST from PayPal
- [ ] Signature verification succeeds
- [ ] Payment record processed
- [ ] Invoice marked paid (if not already)
- [ ] Order created/updated (if not already)
**Verification:**
```bash
# Check webhook log
tail -50 modules/billing/data/webhook.log
# Check for payment processing
grep "process_payment" modules/billing/data/webhook.log
```
**Check Data Files:**
```bash
ls -lah modules/billing/data/*.json
cat modules/billing/data/INV-*.json # Check payment record format
```
## Test 5: Renewal Flow
**Setup Renewal Invoice**
1. Create a test order manually:
```sql
INSERT INTO ogp_billing_orders (
user_id, service_id, home_name, ip, max_players, qty, invoice_duration,
price, remote_control_password, ftp_password, status, order_date, end_date,
payment_txid, paid_ts
) VALUES (
1, 1, 'Test Server', 1, 10, 1, 'month',
5.00, 'rconpass', 'ftppass', 'paid', NOW(), DATE_ADD(NOW(), INTERVAL 1 MONTH),
'TEST-INITIAL', NOW()
);
```
2. Get the order_id from the insert:
```sql
SELECT LAST_INSERT_ID();
```
3. Create renewal invoice:
```sql
INSERT INTO ogp_billing_invoices (
order_id, user_id, service_id, home_name, ip, max_players, qty, invoice_duration,
amount, status, customer_name, customer_email, due_date, description
) VALUES (
LAST_INSERT_ID(), -- Use order_id from step 2
1, 1, 'Test Server', 1, 10, 1, 'month',
5.00, 'due', 'Test User', 'test@test.com', DATE_ADD(NOW(), INTERVAL 3 DAY),
'Renewal invoice'
);
```
**Test Renewal Payment**
1. Log in as user who owns the order
2. View cart - should show renewal invoice
3. Pay using free button or PayPal
**Expected Results:**
- [ ] Invoice marked as paid
- [ ] Original order's end_date extended by 1 month
- [ ] No duplicate order created
- [ ] Invoice.order_id still points to original order
**Verification SQL:**
```sql
-- Check order end_date was extended
SELECT order_id, end_date, status, payment_txid
FROM ogp_billing_orders
WHERE order_id = <order_id_from_step_2>;
-- Should show end_date = original end_date + 1 month
-- Check invoice
SELECT invoice_id, order_id, status, paid_date
FROM ogp_billing_invoices
WHERE order_id = <order_id_from_step_2>;
-- Should show paid invoice linked to same order_id
```
## Test 6: Error Handling
**Test Invalid Scenarios**
1. **Missing session**: Try to pay without being logged in
- [ ] Should redirect to login or show error
2. **Database connection failure**: Temporarily break DB config
- [ ] capture_order.php should return JSON error, not crash
- [ ] Error should be logged
3. **PayPal API failure**: Use invalid credentials
- [ ] Should show error in console
- [ ] Should log error
- [ ] Should not corrupt database
## Common Issues and Solutions
### Issue: "Config file not found"
**Solution**: Copy config.inc.php.orig to config.inc.php
### Issue: "Table doesn't exist"
**Solution**: Run create_invoices_table.sql
### Issue: "Permission denied writing to data/"
**Solution**:
```bash
chmod 775 modules/billing/data
chown www-data:www-data modules/billing/data # Or your web server user
```
### Issue: "PayPal button doesn't render"
**Solution**: Check browser console for errors, verify client_id
### Issue: "Unexpected end of JSON input"
**Solution**:
- Check PHP error log: `tail -f /var/log/php/error.log`
- Verify display_errors=0 in capture_order.php
- Check for syntax errors: `php -l api/capture_order.php`
### Issue: "Cart still shows items after payment"
**Solution**:
- Check if invoice status changed to 'paid'
- Check if process_payment_record was called
- Check logs for errors
## Performance Testing
**Test with Multiple Items**
1. Add 5 items to cart
2. Pay with PayPal
3. Verify all 5 invoices marked paid
4. Verify all 5 orders created
5. Verify all linked correctly
**Test Concurrent Payments**
1. Add item to cart in two different browsers (same user)
2. Attempt to pay both simultaneously
3. Verify both process correctly
4. Check for race conditions
## Security Testing
**Test SQL Injection**
1. Try adding special characters to form fields
2. Try manipulating invoice_id in POST requests
3. Verify all inputs are sanitized/escaped
**Test Session Hijacking**
1. Try accessing cart with invalid session
2. Try paying for someone else's invoice
3. Verify proper authorization checks
**Test Webhook Signature**
1. Send fake webhook without valid signature
2. Verify it's rejected
3. Check logs for security events
## Cleanup
After testing, clean up test data:
```sql
-- Remove test invoices
DELETE FROM ogp_billing_invoices WHERE customer_email = 'test@test.com';
-- Remove test orders
DELETE FROM ogp_billing_orders WHERE remote_control_password = 'rconpass';
```
## Sign-off
- [ ] All tests passed
- [ ] No errors in logs
- [ ] Documentation reviewed
- [ ] Security checks completed
- [ ] Ready for production deployment
**Tested by**: _______________
**Date**: _______________
**Environment**: _______________ (Dev/Staging/Production)
**Notes**: _______________

View file

@ -1,165 +0,0 @@
# Website Configuration Guide
## Overview
The `_website` folder is now a standalone site with centralized database configuration. All database connection settings are managed in a single location: `includes/config.inc.php`.
## Directory Structure
```
_website/
├── includes/
│ ├── config.inc.php # Central database configuration
│ └── README.md # Documentation for includes directory
├── db.php # Database connection (loads config.inc.php)
├── login.php # Uses db.php
├── logout.php # Uses db.php
├── cart.php # Uses db.php
├── order.php # Uses db.php
├── serverlist.php # Uses db.php
└── ...other files
```
## Configuration File
### Location
`_website/includes/config.inc.php`
### Contents
```php
<?php
$db_host="localhost"; // Database server hostname
$db_user="localuser"; // Database username
$db_pass="password"; // Database password
$db_name="panel"; // Database name
$table_prefix="ogp_"; // Table prefix
$db_type="mysql"; // Database type
?>
```
## How It Works
1. **Configuration Loading**
- Website files include `db.php`
- `db.php` loads `includes/config.inc.php`
- Configuration variables are available to all files
2. **Configuration Flow**
```
includes/config.inc.php → db.php → website files
```
3. **Database Connection**
- `db.php` uses the configuration variables to establish a connection
- Returns `$db` variable containing the mysqli connection
## Setup Instructions
### For Standalone Use
1. **Copy the _website folder** to your web server
2. **Edit configuration**:
```bash
nano _website/includes/config.inc.php
```
3. **Update database credentials**:
- Set `$db_host` to your database server
- Set `$db_user` to your database username
- Set `$db_pass` to your database password
- Set `$db_name` to your database name
4. **Verify permissions**:
```bash
chmod 600 _website/includes/config.inc.php
```
### For Panel Integration
The configuration in `_website/includes/config.inc.php` should match the panel's configuration in `/includes/config.inc.php` to ensure both the website and panel access the same database.
## Security Best Practices
1. **File Permissions**: Set `config.inc.php` to read-only for the web server user
```bash
chmod 600 includes/config.inc.php
```
2. **Web Server Configuration**: Ensure the `includes/` directory is not directly accessible via HTTP
```apache
<Directory "/path/to/_website/includes">
Require all denied
</Directory>
```
3. **Backup Configuration**: Keep a secure backup of your configuration file
## Troubleshooting
### Connection Errors
If you see database connection errors:
1. **Verify credentials** in `includes/config.inc.php`
2. **Check database server** is running
3. **Verify database exists**
4. **Check user permissions** in the database
### File Not Found Errors
If you see errors about missing `config.inc.php`:
1. **Verify the file exists** at `_website/includes/config.inc.php`
2. **Check file permissions** are readable by the web server
3. **Verify path** in `db.php` uses `__DIR__` for relative paths
### Include Errors
If website files can't include `db.php`:
1. **Check file paths** are correct
2. **Verify `db.php`** exists in the `_website/` root
3. **Check PHP include paths** in php.ini if needed
## Migration from Old Configuration
The old `db.php` had hardcoded credentials:
```php
// OLD (hardcoded)
$servername = "panel.iaregamer.com";
$username = "remoteuser";
```
The new `db.php` uses centralized config:
```php
// NEW (centralized)
require_once(__DIR__ . '/includes/config.inc.php');
$servername = $db_host;
$username = $db_user;
```
**No changes needed** to files that include `db.php` - they work automatically with the new configuration.
## Files Using Database Connection
The following files include `db.php` and use the centralized configuration:
- `login.php` - User authentication
- `logout.php` - Session termination
- `cart.php` - Shopping cart
- `order.php` - Order processing
- `serverlist.php` - Server listings
- `adminserverlist.php` - Admin server management
- `test_db_connection.php` - Database testing
## Benefits
1. **Single Source of Truth**: All database settings in one file
2. **Easy Configuration**: Change settings in one place
3. **Portable**: Copy folder and update one config file
4. **Secure**: Configuration separate from code
5. **Maintainable**: Easy to update and manage
## Support
For issues or questions about the configuration, please refer to:
- `includes/README.md` - Detailed information about includes directory
- Main project documentation
- Panel configuration at `/includes/config.inc.php`

View file

@ -1,383 +0,0 @@
# Website Features Documentation
This document describes the new features added to the GameServers.World website (_website folder).
## Table of Contents
1. [Password Reset System](#password-reset-system)
2. [My Servers Dashboard](#my-servers-dashboard)
3. [Server Status Page](#server-status-page)
4. [UI Improvements](#ui-improvements)
5. [Apache Configuration](#apache-configuration)
---
## Password Reset System
A complete password reset workflow has been implemented to allow users to recover their accounts.
### Files Created
- **forgot_password.php** - Request password reset
- **reset_password.php** - Reset password with token
### How It Works
1. User visits the login page and clicks "Forgot Password?"
2. User enters their username or email on `forgot_password.php`
3. System generates a secure token and stores it in `ogp_password_reset_tokens` table
4. Email is sent with reset link (falls back to displaying link if email fails)
5. User clicks link and is taken to `reset_password.php?token=XXX`
6. User enters new password (min 8 characters)
7. Password is updated using both MD5 (panel compatibility) and modern hash (if shadow column exists)
8. Token is marked as used
### Database Table
The system automatically creates this table if it doesn't exist:
```sql
CREATE TABLE ogp_password_reset_tokens (
id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT NOT NULL,
token VARCHAR(64) NOT NULL,
expires DATETIME NOT NULL,
used TINYINT(1) DEFAULT 0,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
INDEX idx_token (token),
INDEX idx_user_id (user_id)
)
```
### Security Features
- Tokens expire after 1 hour
- Tokens can only be used once
- Secure random token generation (64 hex characters)
- Password requirements enforced (min 8 chars)
- Passwords hashed with both MD5 (panel) and bcrypt (modern)
- User enumeration protection (doesn't reveal if account exists)
### Email Configuration
The system uses PHP's `mail()` function. For production:
1. Configure your server's mail system (sendmail, postfix, etc.)
2. Or integrate with an email service (SendGrid, Mailgun, etc.)
3. Update the email headers in `forgot_password.php` as needed
---
## My Servers Dashboard
A user dashboard showing all active game servers with renewal options.
### File Created
- **my_servers.php** - User's server management dashboard
- **renew_server.php** - Server renewal page
### Features
- **Server List**: Shows all servers owned by logged-in user
- **Server Details**: Name, game type, location, status
- **Expiration Tracking**: Shows expiration date for each server
- **Status Indicators**: Active, Inactive, Expired
- **Renewal Links**: Quick access to renew each server
- **Empty State**: Helpful message when user has no servers
### Access
- Menu link "My Servers" appears when user is logged in
- Requires authentication via `login_required.php`
### Database Query
Joins multiple tables:
- `ogp_home` - Server instances
- `ogp_remote_servers` - Server locations
- `ogp_game_configs` - Game information
- `ogp_billing_orders` - Order/expiration data
- `ogp_billing_services` - Service pricing
---
## Server Status Page
Public page showing real-time status of all game server infrastructure.
### File Created
- **server_status.php** - Server infrastructure status
### Features
- **Real-time Status**: Online, Offline, Maintenance, Unknown
- **Resource Usage**: CPU, Memory, Disk usage percentages
- **Uptime Display**: How long each server has been running
- **Last Updated**: Time since last status update
- **Color-coded Badges**: Visual status indicators
- **Notes Support**: Display maintenance or status messages
### Database Table
Automatically creates table if it doesn't exist:
```sql
CREATE TABLE ogp_server_status (
status_id INT AUTO_INCREMENT PRIMARY KEY,
remote_server_id INT NOT NULL,
server_name VARCHAR(255) NOT NULL,
ip_address VARCHAR(45),
status ENUM('online', 'offline', 'maintenance') DEFAULT 'offline',
cpu_usage DECIMAL(5,2),
memory_usage DECIMAL(5,2),
disk_usage DECIMAL(5,2),
uptime VARCHAR(50),
last_updated TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
notes TEXT,
INDEX idx_remote_server (remote_server_id),
UNIQUE KEY unique_server (remote_server_id)
)
```
### Server Updates
The page displays data from `ogp_server_status`. Servers should update this table:
```php
// Example server update code (run on each server periodically)
$stmt = $db->prepare("INSERT INTO ogp_server_status
(remote_server_id, server_name, ip_address, status, cpu_usage, memory_usage, disk_usage, uptime, notes)
VALUES (?, ?, ?, 'online', ?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE
status = VALUES(status),
cpu_usage = VALUES(cpu_usage),
memory_usage = VALUES(memory_usage),
disk_usage = VALUES(disk_usage),
uptime = VALUES(uptime),
notes = VALUES(notes),
last_updated = NOW()");
```
### Access
- Link in footer: "Server Status"
- Public page (no login required)
---
## UI Improvements
### Server List Page
**Before**: "Order Server" was a plain link
**After**: Styled as a button with gradient background
```html
<a href="order.php?service_id=X" class="gsw-btn"
style="display:inline-block;padding:12px 24px;background:linear-gradient(135deg,#667eea 0%,#764ba2 100%);color:white;text-decoration:none;border-radius:8px;font-weight:600;transition:transform 0.2s;">
Order Now
</a>
```
### Order Page
**Fixed**: Game images now display correctly
- Changed from `src="<?php echo $img_url; ?>"`
- To `src="../<?php echo $img_url; ?>"`
- Assumes images are stored relative to panel root
### Login Page
**Added**: "Forgot Password?" link next to Register link
### Navigation Menu
**Added**: "My Servers" link for logged-in users
- Only visible when user is authenticated
- Positioned between "Game Servers" and "Cart"
### Footer
**Added**: "Server Status" link
- Public access to infrastructure status
- Positioned in footer with other utility links
---
## Apache Configuration
Three Apache virtual host configuration files have been created in the GSP root directory.
### Files Created
- **panel.conf** - Panel dashboard configuration
- **website.conf** - Storefront website configuration
- **fileserver.conf** - File server configuration
- **APACHE_SETUP.md** - Detailed installation guide
### panel.conf
Main Open Game Panel dashboard:
- Domain: panel.yourdomain.com
- Document Root: /var/www/GSP
- PHP settings optimized for panel operations
- Security headers enabled
### website.conf
GameServers.World storefront:
- Domain: gameservers.world
- Document Root: /var/www/GSP/_website
- Protected includes and data directories
- Static asset caching
- Compression enabled
- Separate session handling
### fileserver.conf
Game file distribution:
- Domain: files.yourdomain.com
- Document Root: /var/www/fileserver
- Directory browsing enabled
- Large file support
- Script execution disabled in uploads
- Bandwidth limiting support (optional)
### Installation
See `APACHE_SETUP.md` for complete installation instructions including:
- Copying configuration files
- Enabling sites and modules
- SSL/HTTPS setup with Let's Encrypt
- DNS configuration
- Firewall rules
- Troubleshooting
---
## Testing
### Password Reset
1. Visit `login.php`
2. Click "Forgot Password?"
3. Enter username or email
4. Check email or view on-screen link (development mode)
5. Click reset link
6. Enter new password (min 8 chars)
7. Confirm password matches
8. Submit and verify redirect to login
### My Servers
1. Login as a user with servers
2. Click "My Servers" in navigation
3. Verify all servers are listed
4. Check expiration dates
5. Click "Renew" on a server
6. Verify renewal page displays correctly
### Server Status
1. Visit footer link "Server Status"
2. Verify all remote servers are displayed
3. Check status badges (color coding)
4. Verify "Last Updated" formatting
5. Confirm public access (no login required)
### UI Changes
1. Visit `serverlist.php`
2. Verify "Order Now" displays as styled button
3. Click button to go to `order.php`
4. Verify game images display correctly
5. Check footer has "Server Status" link
6. Login and verify "My Servers" appears in menu
---
## Security Considerations
### Password Reset
- ✅ Tokens expire after 1 hour
- ✅ One-time use tokens
- ✅ Secure random generation
- ✅ User enumeration protection
- ✅ Password strength requirements
- ⚠️ Email delivery depends on server mail config
### My Servers
- ✅ Login required
- ✅ User can only see own servers
- ✅ SQL injection prevention with prepared statements
- ✅ XSS prevention with htmlspecialchars()
### Server Status
- ✅ Read-only public page
- ✅ No sensitive information exposed
- ✅ SQL injection prevention
- Server updates should be authenticated (implement separately)
### Apache Configs
- ✅ Security headers enabled
- ✅ Sensitive directories protected
- ✅ Directory listing disabled (except fileserver)
- ✅ HTTPS configurations ready
- ⚠️ Update domain names before deployment
- ⚠️ Configure SSL certificates for production
---
## Future Enhancements
### Password Reset
- Email template customization
- Integration with email service provider
- Rate limiting for reset requests
- SMS/2FA backup recovery
### My Servers
- Server control buttons (start/stop/restart)
- Real-time server metrics
- Configuration editor
- File manager integration
- Console access
- Backup/restore functionality
### Server Status
- Automated server monitoring agent
- Alert notifications
- Historical uptime graphs
- Incident history
- Scheduled maintenance display
- Status API for external monitoring
### General
- User profile management
- Invoice history
- Support ticket system
- Knowledge base integration
- Multi-language support
- Dark/light theme toggle
---
## Support
For issues or questions:
1. Check the main GSP documentation
2. Review Apache configuration in `APACHE_SETUP.md`
3. Check PHP error logs
4. Verify database connectivity
5. Ensure proper file permissions
## License
All new features follow the same license as the main Open Game Panel project.

View file

@ -1,181 +0,0 @@
# Website Login Implementation - Summary
## Task Completed
Successfully implemented login functionality for the website (_website/) that authenticates users against the panel database (ogp_users table) while maintaining separate sessions.
## Files Created
### 1. `_website/login.php` (NEW - 223 lines)
Full-featured login page with:
- Modern, responsive UI design
- Authentication against panel DB using MD5 (panel-compatible)
- Separate website session: `opengamepanel_web`
- Input validation and sanitization
- Error and success message display
- Automatic redirect after successful login
- Login attempt logging
- Already-logged-in detection and redirect
**Key Features:**
- SQL injection prevention via `mysqli_real_escape_string()`
- XSS prevention via `htmlspecialchars()` in output
- Password verification using MD5 (matching panel's method)
- Clean separation from panel session
- Responsive design that works on mobile and desktop
### 2. `_website/logout.php` (NEW - 23 lines)
Clean logout functionality:
- Destroys website session properly
- Clears session cookies
- Logs logout events
- Redirects to homepage
### 3. `_website/index.php` (MODIFIED)
Updated homepage with:
- Session management initialization
- Header with login status display
- "Welcome, [username]!" message when logged in
- Login/Logout button in header
- Maintains original design with minimal changes
**Changes Made:**
- Added session initialization at top (4 lines)
- Added proper HTML structure (DOCTYPE, html, head tags)
- Added header section with login/logout UI (19 lines)
- Converted from heredoc to regular HTML output
- All styling preserved with additions for header
### 4. `_website/README_LOGIN.md` (NEW - Documentation)
Comprehensive documentation covering:
- Overview of implementation
- File descriptions
- Session management details
- Security features
- Database requirements
- Usage instructions for users and developers
- Future enhancement suggestions
- Alignment with project guidelines
### 5. `_website/test_db_connection.php` (NEW - Test Script)
Database testing utility that checks:
- Database connection status
- ogp_users table existence
- Table structure verification
- User count
- Required columns presence
- MD5 hashing functionality
- Session functionality
**⚠️ Warning in file:** Must be deleted before production deployment
## Technical Details
### Session Management
- **Website Session Name:** `opengamepanel_web`
- **Panel Session Name:** `opengamepanel_web` (unchanged)
- **Complete separation:** Users can be logged into one without the other
### Session Variables Set on Login
```php
$_SESSION['website_user_id'] // User ID from ogp_users
$_SESSION['website_username'] // Username
$_SESSION['website_user_role'] // User role (admin, user, etc.)
$_SESSION['website_user_email'] // User email
$_SESSION['website_login_time'] // Timestamp of login
```
### Database Requirements
- Access to `ogp_users` table
- Required fields: `user_id`, `users_login`, `users_passwd`, `users_role`, `users_email`
- Uses existing `db.php` connection
### Security Measures Implemented
1. **SQL Injection Prevention:** `mysqli_real_escape_string()` on all user input
2. **XSS Prevention:** `htmlspecialchars()` on all output
3. **Session Isolation:** Separate session name prevents conflicts
4. **Password Compatibility:** MD5 hashing matches panel's method
5. **Logging:** All login/logout events logged via `logger()` function
6. **Input Validation:** Empty field checking
7. **Already-Logged-In Check:** Prevents duplicate sessions
### Code Quality
- All files pass PHP syntax validation (`php -l`)
- Follows existing code conventions
- Minimal changes to existing files
- Clean, readable code with comments
- Responsive design
## Testing Performed
### Automated Testing
✅ PHP syntax validation on all files
✅ File structure verification
✅ Git commit verification
### Manual Testing Required
⚠️ Requires live database connection:
- Login with valid credentials
- Login with invalid credentials
- Already-logged-in redirect
- Logout functionality
- Session persistence across page loads
- Use `test_db_connection.php` to verify database setup
## Alignment with Project Guidelines
From `.github/copilot-instructions.md`:
**Website ↔ Panel on same host:** Uses panel DB for authentication
**Sessions remain separate:** Different session names
**Auth compatibility:** MD5 hashing matches panel
**No-Code Planning:** Documented approach before implementation
**Repository-first:** Reused existing `db.php`, `logger()` function
**Minimal changes:** Surgical modifications to index.php only
**Security considerations:** SQL injection, XSS prevention
## File Size Summary
- `login.php`: 7,282 bytes (223 lines)
- `logout.php`: 567 bytes (23 lines)
- `index.php`: Modified from 3,961 to 5,381 bytes (+1,420 bytes, +37 lines)
- `README_LOGIN.md`: 4,041 bytes (documentation)
- `test_db_connection.php`: 4,970 bytes (test utility)
- `IMPLEMENTATION_SUMMARY.md`: This file (documentation)
**Total New Code:** ~17,000 bytes across 3 new PHP files
## Next Steps
### For Testing
1. Run `test_db_connection.php` to verify database connectivity
2. Test login with valid panel credentials
3. Verify session persistence
4. Test logout functionality
5. **Delete `test_db_connection.php` after testing**
### For Production
1. Remove or restrict access to `test_db_connection.php`
2. Consider adding rate limiting for failed login attempts
3. Optional: Add CSRF token protection
4. Optional: Implement modern password hashing with transparent upgrade
5. Monitor `logfile.txt` for login activity
### Future Enhancements (Optional)
- Password hashing upgrade (bcrypt/argon2)
- CSRF protection
- Rate limiting (IP-based, like panel's ban_list)
- "Remember Me" functionality
- Two-factor authentication
- Password reset flow integration
- Session timeout management
## Conclusion
The implementation successfully provides a clean, secure login system for the website that authenticates against the panel database while maintaining complete session separation. The code follows best practices, includes comprehensive documentation, and is ready for testing with a live database connection.
All requirements from the problem statement have been met:
✅ Clone index page structure
✅ Create login page
✅ Authenticate against panel DB
✅ Create separate login session
✅ Maintain panel compatibility

View file

@ -1,110 +0,0 @@
# Website Login Implementation
## Overview
This implementation adds login functionality to the website that authenticates users against the panel's database (ogp_users table) while maintaining separate sessions for the website and panel.
## Files Created/Modified
### 1. `_website/login.php` (NEW)
- Full-featured login page with modern UI
- Authenticates against panel DB using MD5 password hashing (panel-compatible)
- Creates separate website session using `opengamepanel_web` session name
- Logs all login attempts via logger() function
- Session variables set:
- `$_SESSION['website_user_id']` - User ID from ogp_users
- `$_SESSION['website_username']` - Username
- `$_SESSION['website_user_role']` - User role (admin, user, etc.)
- `$_SESSION['website_user_email']` - User email
- `$_SESSION['website_login_time']` - Timestamp of login
### 2. `_website/logout.php` (NEW)
- Cleanly destroys website session
- Logs logout events
- Redirects to homepage after logout
- Properly clears session cookies
### 3. `_website/index.php` (MODIFIED)
- Added session management at the top
- Added header with Login/Logout button and user greeting
- Shows "Welcome, [username]!" when logged in
- Maintains same visual design with added header
## Session Management
### Separate Sessions
- **Website Session**: `opengamepanel_web` (this implementation)
- **Panel Session**: `opengamepanel_web` (existing panel)
These sessions are completely separate - users can be logged into one without being logged into the other.
## Security Features
1. **SQL Injection Prevention**: Uses `mysqli_real_escape_string()` for input sanitization
2. **Password Hashing**: Compatible with panel's MD5 hashing (legacy but matches panel)
3. **Session Isolation**: Separate session name prevents conflicts with panel
4. **XSS Prevention**: Uses `htmlspecialchars()` for output escaping
5. **Logging**: All login/logout events are logged via logger() function
## Database Requirements
Requires connection to panel database with access to:
- `ogp_users` table (fields: user_id, users_login, users_passwd, users_role, users_email)
- Connection configured in `db.php`
## Usage
### For Users:
1. Visit `_website/login.php` to login
2. Enter panel credentials (username/password)
3. After successful login, redirected to homepage with session active
4. Click "Logout" button to end session
### For Developers:
Check if user is logged in:
```php
session_name("opengamepanel_web");
session_start();
if (isset($_SESSION['website_user_id']) && !empty($_SESSION['website_user_id'])) {
// User is logged in
$username = $_SESSION['website_username'];
$user_id = $_SESSION['website_user_id'];
$user_role = $_SESSION['website_user_role'];
}
```
## Future Enhancements (Optional)
1. **Password Hashing Upgrade**: Implement modern bcrypt/argon2 with transparent upgrade on login
2. **CSRF Protection**: Add CSRF tokens to login form
3. **Rate Limiting**: Add IP-based login attempt limiting (similar to panel's ban_list)
4. **Remember Me**: Add persistent login cookie option
5. **Password Reset**: Integrate with panel's password reset flow
6. **Two-Factor Auth**: Optional 2FA for enhanced security
## Testing
All files pass PHP syntax validation:
```bash
php -l _website/index.php
php -l _website/login.php
php -l _website/logout.php
```
## Alignment with Copilot Instructions
This implementation follows the no-code planning guidelines from `.github/copilot-instructions.md`:
✅ Website uses panel DB for authentication
✅ Sessions remain separate (website ≠ panel)
✅ Auth compatibility maintained (MD5 hash for panel users)
✅ Minimal changes to existing code
✅ Repository-first approach (reused existing db.php, logger function)
✅ Security considerations (SQL injection prevention, session isolation)
## Notes
- Login credentials are the same as panel login (same user table)
- Website session does not grant access to panel - separate login required
- Logger function from db.php creates logfile.txt for audit trail

View file

@ -1,317 +0,0 @@
# Visual Guide - New Website Features
This document provides a visual description of the new features and UI changes.
## 1. Login Page Updates
### Before
```
┌─────────────────────────────────────┐
│ Welcome Back │
│ Sign in to your GameServers account│
│ │
│ Username: [____________] │
│ Password: [____________] │
│ │
│ [ Sign In ] │
│ │
│ Register │
│ ─── or ─── │
│ Back to Home | Panel Login │
└─────────────────────────────────────┘
```
### After
```
┌─────────────────────────────────────┐
│ Welcome Back │
│ Sign in to your GameServers account│
│ │
│ Username: [____________] │
│ Password: [____________] │
│ │
│ [ Sign In ] │
│ │
│ Register | Forgot Password? ←NEW │
│ ─── or ─── │
│ Back to Home | Panel Login │
└─────────────────────────────────────┘
```
## 2. Forgot Password Page (NEW)
```
┌─────────────────────────────────────┐
│ Forgot Password │
│ Enter your username or email to │
│ reset your password │
│ │
│ Username or Email: │
│ [_____________________________] │
│ │
│ [ Request Password Reset ] │
│ │
│ Back to Login | Home │
└─────────────────────────────────────┘
```
After submission (success):
```
┌─────────────────────────────────────┐
│ ✓ Password reset instructions have │
│ been sent to your email address. │
└─────────────────────────────────────┘
```
## 3. Reset Password Page (NEW)
```
┌─────────────────────────────────────┐
│ Reset Password │
│ Enter your new password │
│ │
│ New Password: │
│ [_____________________________] │
│ Must be at least 8 characters long │
│ │
│ Confirm Password: │
│ [_____________________________] │
│ │
│ [ Reset Password ] │
│ │
│ Back to Login | Home │
└─────────────────────────────────────┘
```
## 4. Navigation Menu Updates
### Before (Not Logged In)
```
┌──────────────────────────────────────────────────────────┐
│ GameServers.World [Login] │
│ Home | Game Servers | Cart │
└──────────────────────────────────────────────────────────┘
```
### After (Logged In)
```
┌──────────────────────────────────────────────────────────┐
│ GameServers.World Welcome, username! [Logout] │
│ Home | Game Servers | My Servers ←NEW | Cart │
└──────────────────────────────────────────────────────────┘
```
## 5. Server List Page
### Before
```
┌────────────────────────────┐
│ [Game Image] │
│ Counter-Strike 2 │
│ $15.99 Monthly │
│ │
│ Order Server (link) │
└────────────────────────────┘
```
### After
```
┌────────────────────────────┐
│ [Game Image] │
│ Counter-Strike 2 │
│ $15.99 Monthly │
│ │
│ ┌────────────┐ │
│ │ Order Now │ ←BUTTON │
│ └────────────┘ │
└────────────────────────────┘
```
Button styling:
- Gradient background (purple/blue)
- Rounded corners
- Hover effect (lift up)
- Better visibility
## 6. My Servers Page (NEW)
```
┌────────────────────────────────────────────────────────────────────────┐
│ My Game Servers │
├────────────────────────────────────────────────────────────────────────┤
│ Server Name │ Game │ Location │ Status │ Expires │ Price │ Action│
├──────────────┼─────────┼──────────┼────────┼────────────┼───────┼───────┤
│ My CS2 Srv │ CS2 │ US East │ Active │ Nov 22,2025│ $15.99│[Renew]│
│ Rust Server │ Rust │ US West │ Active │ Dec 5, 2025│ $19.99│[Renew]│
│ Minecraft │ MC │ EU │ Expired│ Oct 1, 2025│ $12.99│[Renew]│
└──────────────┴─────────┴──────────┴────────┴────────────┴───────┴───────┘
Status indicators:
- Active: Green badge
- Inactive: Red badge
- Expired: Red badge
```
Empty state (no servers):
```
┌────────────────────────────────────┐
│ My Game Servers │
├────────────────────────────────────┤
│ │
│ You don't have any game servers │
│ yet. │
│ │
│ ┌──────────────────────┐ │
│ │ Browse Game Servers │ │
│ └──────────────────────┘ │
└────────────────────────────────────┘
```
## 7. Renew Server Page (NEW)
```
┌─────────────────────────────────────┐
│ Renew Server │
├─────────────────────────────────────┤
│ Counter-Strike 2 Server │
│ │
│ ○ 1 Month - $15.99 │
│ ○ 1 Year - $159.99 │
│ │
│ ┌──────────────────────┐ Cancel │
│ │ Proceed to Payment │ │
│ └──────────────────────┘ │
└─────────────────────────────────────┘
```
## 8. Server Status Page (NEW)
```
┌────────────────────────────────────────────────────────────────────────────┐
│ Server Status │
│ Real-time status of our game server infrastructure │
├────────────────────────────────────────────────────────────────────────────┤
│ Server │Location/IP │Status │CPU │Memory│Disk │Uptime │Updated│
├─────────────┼─────────────┼────────────┼──────┼──────┼──────┼───────┼───────┤
│ US-East-1 │192.168.1.10 │ [Online] │45.2% │72.1% │38.5% │30 days│2m ago │
│ US-West-1 │192.168.1.11 │ [Online] │32.8% │65.3% │42.1% │15 days│1m ago │
│ EU-Central-1│192.168.1.12 │[Maintenance]│N/A │N/A │N/A │N/A │Never │
│ Asia-1 │192.168.1.13 │ [Offline] │N/A │N/A │N/A │N/A │2h ago │
└─────────────┴─────────────┴────────────┴──────┴──────┴──────┴───────┴───────┘
Server status is updated automatically every 5 minutes.
If you experience any issues, please contact support.
```
Status badge colors:
- Online: Green
- Offline: Red
- Maintenance: Orange
- Unknown: Gray
## 9. Footer Updates
### Before
```
┌────────────────────────────────────────────────┐
│ Privacy | TOS | Worlddomination.dev │
└────────────────────────────────────────────────┘
```
### After
```
┌────────────────────────────────────────────────────────┐
│ Privacy | TOS | Server Status ←NEW | Worlddomination.dev│
└────────────────────────────────────────────────────────┘
```
## 10. Order Page Image Fix
### Before (Broken)
```
┌────────────────────────────┐
│ [X] Image not found │
│ Counter-Strike 2 │
│ Description... │
└────────────────────────────┘
```
### After (Fixed)
```
┌────────────────────────────┐
│ [✓] ┌──────────┐ │
│ │ CS2 Image│ │
│ └──────────┘ │
│ Counter-Strike 2 │
│ Description... │
└────────────────────────────┘
```
Image path changed from `images/game.png` to `../images/game.png`
## Color Scheme
All pages use consistent styling:
### Primary Colors
- Purple/Blue Gradient: `#667eea` to `#764ba2`
- White backgrounds: `#ffffff`
- Dark backgrounds: `#0b1020`
### Status Colors
- Success/Active: `#10b981` (Green)
- Error/Expired: `#ef4444` (Red)
- Warning/Maintenance: `#f59e0b` (Orange)
- Info/Unknown: `#6b7280` (Gray)
### Typography
- Font: System fonts (-apple-system, Segoe UI, Roboto, Arial)
- Headings: Bold, 1.8rem
- Body: 1rem
- Small text: 0.9rem
### Buttons
- Primary: Gradient purple/blue
- Hover: Lift effect (translateY -2px)
- Border radius: 8px
- Padding: 12px 24px
## Responsive Design
All pages are mobile-responsive:
### Desktop (> 768px)
- Full navigation menu
- Side-by-side layouts
- Larger form fields
### Mobile (< 768px)
- Stacked navigation
- Single column layouts
- Touch-friendly buttons
- Larger tap targets
## Accessibility Features
- Semantic HTML elements
- Proper form labels
- Keyboard navigation support
- Focus indicators
- Alt text for images
- ARIA labels where needed
## Browser Compatibility
Tested and compatible with:
- Chrome/Edge (latest)
- Firefox (latest)
- Safari (latest)
- Mobile browsers (iOS Safari, Chrome Mobile)
## Performance
- Compressed CSS/JS
- Optimized images
- Cached static assets
- Minimal database queries
- Prepared statements for security and speed

View file

@ -1,16 +0,0 @@
Archived files from _website on 2025-10-23 14:20:00
This folder contains a snapshot of removed documentation and test artifacts moved from the active `_website/` tree.
Files moved here (original paths):
- VISUAL_GUIDE.md
- README_LOGIN.md
- FEATURES.md
- IMPLEMENTATION_SUMMARY.md
- CONFIGURATION.md
- test_db_connection.php
- tools/simulate_webhook.php
- ai.php
- data/SIMULATED-WEBHOOK-20251022-101500.json
If you need to restore any of these, copy them back to the original paths.

View file

@ -1,3 +0,0 @@
The detailed game docs under `_website/docs/games/` were intentionally left in place (they are product-facing).
Top-level documentation (VISUAL_GUIDE.md, FEATURES.md, IMPLEMENTATION_SUMMARY.md, CONFIGURATION.md, README_LOGIN.md) were archived here and removed from the active site to reduce clutter.

View file

@ -1,75 +0,0 @@
{
"moved_at": "2025-10-23T20:25:00Z",
"kept": {
"logs": "_website/logs/",
"docs": "_website/docs/"
},
"files": [
{
"original": "_website/ai.php",
"archived": "_website/_archived/removed-20251023-202500/ai.php",
"size_bytes": null,
"note": "archived sample and tools; size omitted"
},
{
"original": "_website/test_db_connection.php",
"archived": "_website/_archived/removed-20251023-202500/test_db_connection.php",
"size_bytes": null
},
{
"original": "_website/tools/simulate_webhook.php",
"archived": "_website/_archived/removed-20251023-202500/tools/simulate_webhook.php",
"size_bytes": null
},
{
"original": "_website/tools/check_db_user.php",
"archived": "_website/_archived/removed-20251023-202500/tools/check_db_user.php",
"size_bytes": null
},
{
"original": "_website/tools/check_invoices_redirect.php",
"archived": "_website/_archived/removed-20251023-202500/tools/check_invoices_redirect.php",
"size_bytes": null
},
{
"original": "_website/tools/debug_invoices_redirect.php",
"archived": "_website/_archived/removed-20251023-202500/tools/debug_invoices_redirect.php",
"size_bytes": null
},
{
"original": "_website/tools/check_logout_redirect.php",
"archived": "_website/_archived/removed-20251023-202500/tools/check_logout_redirect.php",
"size_bytes": null
},
{
"original": "_website/data/SIMULATED-WEBHOOK-20251022-101500.json",
"archived": "_website/_archived/removed-20251023-202500/data/SIMULATED-WEBHOOK-20251022-101500.json",
"size_bytes": null
},
{
"original": "_website/data/NO-INVOICE.json",
"archived": "_website/_archived/removed-20251023-202500/data/NO-INVOICE.json",
"size_bytes": null
},
{
"original": "_website/data/INV-20250825-174311-0a7993.json",
"archived": "_website/_archived/removed-20251023-202500/data/INV-20250825-174311-0a7993.json",
"size_bytes": null
},
{
"original": "_website/data/INV-20250825-170438-e37518.json",
"archived": "_website/_archived/removed-20251023-202500/data/INV-20250825-170438-e37518.json",
"size_bytes": null
},
{
"original": "_website/data/FREE-549-1761246925.json",
"archived": "_website/_archived/removed-20251023-202500/data/FREE-549-1761246925.json",
"size_bytes": null
},
{
"original": "_website/data/FREE-548-1761171178.json",
"archived": "_website/_archived/removed-20251023-202500/data/FREE-548-1761171178.json",
"size_bytes": null
}
]
}

View file

@ -1,325 +0,0 @@
<?php
/***********************
* Assistant Chat (Full History) PHP + cURL
* - Persistent thread in session
* - Full history render with Question / Answer labels
* - SSL verification disabled (your hosting constraint)
* - Citations: filename + page (when available)
***********************/
// Debug (disable on production)
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
/* ------------------- CONFIG ------------------- */
$OPENAI_API_KEY = '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';
$ASSISTANT_ID = 'asst_RAhtGzcy6higJeMwomZSqVjM'; // <-- set to your existing assistant
$OPENAI_BASE_URL = 'https://api.openai.com/v1';
$OPENAI_BETA_HDR = 'assistants=v2'; // required for Assistants v2
$REQUEST_TIMEOUT = 30; // seconds for cURL calls
$RUN_POLL_DELAY = 500000; // microseconds between run polls (0.5s)
$RUN_POLL_MAX = 40; // max polls (~20s total); adjust as needed
/* ---------------------------------------------- */
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
if (!isset($_SESSION['thread_id'])) {
$_SESSION['thread_id'] = null;
}
/** HTML escape helper */
function h($v) { return htmlspecialchars((string)$v, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'); }
/** Low-level OpenAI request helper */
function openai_request($method, $endpoint, $payload = null, $query = []) {
global $OPENAI_API_KEY;
$url = "https://api.openai.com/v1" . $endpoint;
if (!empty($query)) $url .= '?' . http_build_query($query);
$headers = [
"Content-Type: application/json",
"Authorization: Bearer {$OPENAI_API_KEY}",
"OpenAI-Beta: assistants=v2"
];
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, strtoupper($method));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
// Host requires SSL verification disabled
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
if (!is_null($payload)) curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($payload));
$resp = curl_exec($ch);
if ($resp === false) {
$err = curl_error($ch);
curl_close($ch);
throw new RuntimeException("cURL error: {$err}");
}
$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
$data = json_decode($resp, true);
if ($code >= 400) {
$msg = isset($data['error']['message']) ? $data['error']['message'] : 'Unknown API error';
throw new RuntimeException("OpenAI API error ({$code}): {$msg}");
}
return is_array($data) ? $data : [];
}
/** Create or reuse a per-visitor thread */
function ensure_thread_id() {
if (!empty($_SESSION['thread_id'])) return $_SESSION['thread_id'];
$created = openai_request('POST', '/threads', ['metadata' => ['site' => $_SERVER['HTTP_HOST'] ?? 'unknown']]);
$tid = $created['id'] ?? null;
if (!$tid) throw new RuntimeException('Failed to create thread.');
$_SESSION['thread_id'] = $tid;
return $tid;
}
/** Add a user message */
function add_user_message($thread_id, $text) {
openai_request('POST', "/threads/{$thread_id}/messages", [
'role' => 'user',
'content' => $text,
]);
}
/** Start a run */
function start_run($thread_id, $assistant_id) {
$run = openai_request('POST', "/threads/{$thread_id}/runs", [
'assistant_id' => $assistant_id,
]);
$run_id = $run['id'] ?? null;
if (!$run_id) throw new RuntimeException('Failed to start run.');
return $run_id;
}
/** Wait for completion (or fail/timeout) */
function wait_for_run($thread_id, $run_id, $max_tries, $delay_us) {
$terminal = ['completed', 'failed', 'requires_action', 'cancelled', 'expired'];
for ($i = 0; $i < $max_tries; $i++) {
usleep($delay_us);
$run = openai_request('GET', "/threads/{$thread_id}/runs/{$run_id}");
$status = $run['status'] ?? '';
if (in_array($status, $terminal, true)) return $run;
}
return ['status' => 'timeout'];
}
/** Cache of file_id => filename (per request) */
$_FILE_NAME_CACHE = [];
/** Resolve file name from file_id (API returns "filename" or sometimes "display_name") */
function get_file_name_by_id($file_id) {
global $_FILE_NAME_CACHE;
if (isset($_FILE_NAME_CACHE[$file_id])) return $_FILE_NAME_CACHE[$file_id];
$file = openai_request('GET', "/files/{$file_id}");
$name = $file['filename'] ?? ($file['display_name'] ?? ($file['name'] ?? $file_id));
$_FILE_NAME_CACHE[$file_id] = $name;
return $name;
}
/**
* Extract message text + citations (filename + page if available).
* Returns an array of entries: ['role' => 'user|assistant', 'text' => '...', 'refs' => [['filename'=>'','page'=>'','file_id'=>'']]]
*/
function normalize_messages($messages) {
$out = [];
if (empty($messages['data']) || !is_array($messages['data'])) return $out;
// The API returns newest first by default if not specifying; we request 'asc' in fetch.
foreach ((array)$messages['data'] as $m) {
$role = $m['role'] ?? '';
if (!in_array($role, ['user', 'assistant', 'system'], true)) continue;
if (empty($m['content']) || !is_array($m['content'])) continue;
$all_text = [];
$refs = [];
foreach ((array)$m['content'] as $part) {
if (($part['type'] ?? '') === 'text' && !empty($part['text']['value'])) {
$all_text[] = $part['text']['value'];
// Parse annotations for citations (file_citation)
$anns = $part['text']['annotations'] ?? [];
if (is_array($anns)) {
foreach ((array)$anns as $ann) {
if (($ann['type'] ?? '') === 'file_citation' && !empty($ann['file_citation']['file_id'])) {
$fid = $ann['file_citation']['file_id'];
$page = null;
// Page can appear under different shapes depending on backend. Try common keys:
if (isset($ann['file_citation']['page'])) {
$page = $ann['file_citation']['page'];
} elseif (isset($ann['file_citation']['page_range']) && is_array($ann['file_citation']['page_range'])) {
// Example: ['start' => 5, 'end' => 6]
$start = $ann['file_citation']['page_range']['start'] ?? null;
$end = $ann['file_citation']['page_range']['end'] ?? null;
if ($start && $end && $start !== $end) $page = "{$start}-{$end}";
elseif ($start) $page = (string)$start;
}
// Fetch filename
try {
$filename = get_file_name_by_id($fid);
} catch (Throwable $e) {
$filename = $fid;
}
$refs[] = [
'file_id' => $fid,
'filename' => $filename,
'page' => $page ?? 'n/a',
];
}
}
}
}
}
if (!empty($all_text)) {
$out[] = [
'role' => $role,
'text' => implode("\n", $all_text),
'refs' => $refs,
];
}
}
return $out;
}
/** Fetch conversation (ascending) */
function fetch_history($thread_id) {
$messages = openai_request('GET', "/threads/{$thread_id}/messages", null, ['order' => 'asc', 'limit' => 50]);
return normalize_messages($messages);
}
/* ------------------- HANDLE POST ------------------- */
$error = null;
$history = [];
try {
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!empty($_POST['reset_thread'])) {
$_SESSION['thread_id'] = null;
} elseif (isset($_POST['user_input'])) {
$user_text = trim((string)$_POST['user_input']);
if ($user_text !== '') {
$thread_id = ensure_thread_id();
add_user_message($thread_id, $user_text);
$run_id = start_run($thread_id, $ASSISTANT_ID);
$run = wait_for_run($thread_id, $run_id, $POLL_MAX_TRIES, $RUN_POLL_DELAY);
if (($run['status'] ?? '') === 'failed') {
$error = 'Assistant run failed.';
} elseif (($run['status'] ?? '') === 'requires_action') {
// If you later support tool calls, handle them here then submit outputs.
} elseif (($run['status'] ?? '') === 'timeout') {
$error = 'Assistant timed out. Please try again.';
}
}
}
}
if (!empty($_SESSION['thread_id'])) {
$history = fetch_history($_SESSION['thread_id']);
}
} catch (Throwable $e) {
$error = $e->getMessage();
}
?>
<?php
// Include top and menu for website UI (session already started above)
include(__DIR__ . '/includes/top.php');
include(__DIR__ . '/includes/menu.php');
?>
<!-- UI -->
<div class="ai-container">
<h3>Site Assistant</h3>
<p>Type a question below. Press <b>Enter</b> to send, <b>Shift+Enter</b> for a new line.</p>
<?php if ($error): ?>
<div class="ai-alert" style="border:1px solid #c00;">
<strong>Error:</strong> <?php echo h($error); ?>
</div>
<?php endif; ?>
<?php if (!empty($_SESSION['thread_id'])): ?>
<div class="ai-msg-meta">Thread: <?php echo h($_SESSION['thread_id']); ?></div>
<?php endif; ?>
<form id="chat-form" method="post" style="margin:12px 0;">
<textarea id="chat-input" name="user_input" rows="3" class="ai-textarea" placeholder="Ask your question..."></textarea>
<div style="margin-top:8px; display:flex; gap:8px;">
<button type="submit">Send</button>
<button type="submit" name="reset_thread" value="1">Reset Conversation</button>
</div>
</form>
<?php if (!empty($history) && is_array($history)): ?>
<div style="margin-top:16px; padding:10px; border:1px solid #ccc; border-radius:8px;">
<?php foreach ((array)$history as $msg):
// Label mapping: user => Question, assistant => Answer, system => (optional)
$role = $msg['role'] ?? 'assistant';
if ($role === 'user') $label = 'Question';
elseif ($role === 'assistant') $label = 'Answer';
else $label = ucfirst($role); // e.g., System
$text = str_replace("\r\n", "\n", $msg['text'] ?? '');
$refs = $msg['refs'] ?? [];
?>
<div style="margin-bottom:14px;">
<div style="font-weight:bold;"><?php echo h($label); ?></div>
<div style="white-space:pre-wrap;"><?php echo nl2br(h($text)); ?></div>
<?php if (!empty($refs)): ?>
<div style="margin-top:6px; font-size:12px;">
<em>References:</em>
<ul style="margin:6px 0 0 18px; padding:0;">
<?php foreach ((array)$refs as $r):
$fname = $r['filename'] ?? 'file';
$page = $r['page'] ?? 'n/a';
// If you have your own document links, replace '#' with a real URL.
?>
<li>
<a href="#" title="file_id: <?php echo h($r['file_id']); ?>">
<?php echo h($fname); ?> — page <?php echo h($page); ?>
</a>
</li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
</div>
<?php endforeach; ?>
</div>
<?php else: ?>
<div style="margin-top:10px; color:#666;">No messages yet.</div>
<?php endif; ?>
<div style="margin-top:10px; font-size:12px; color:#555;">
Conversation persists until you click “Reset Conversation”.
</div>
</div>
<!-- Submit on Enter (Shift+Enter = newline) -->
<script>
(function(){
var form = document.getElementById('chat-form');
var input = document.getElementById('chat-input');
input.addEventListener('keydown', function(e){
if (e.key === 'Enter') {
if (!e.shiftKey) {
e.preventDefault();
form.submit();
}
// if Shift+Enter, allow newline
}
});
})();
</script>

View file

@ -1,12 +0,0 @@
{
"event_type": "PAYMENT.CAPTURE.COMPLETED",
"status": "PAID",
"amount": 0,
"currency": "USD",
"payer": "iaretechnician@gmail.com",
"invoice": "FREE-548-1761171178",
"custom": "admin_free_create_order_548",
"resource_id": "FREE-439c594e1e65",
"items": [],
"ts": "2025-10-23T00:12:58+02:00"
}

View file

@ -1,12 +0,0 @@
{
"event_type": "PAYMENT.CAPTURE.COMPLETED",
"status": "PAID",
"amount": 0,
"currency": "USD",
"payer": "iaretechnician@gmail.com",
"invoice": "FREE-549-1761246925",
"custom": "admin_free_create_order_549",
"resource_id": "FREE-439c594e1e65",
"items": [],
"ts": "2025-10-23T00:12:58+02:00"
}

View file

@ -1,11 +0,0 @@
{
"event_type": "PAYMENT.CAPTURE.COMPLETED",
"status": "PAID",
"amount": "19.99",
"currency": "USD",
"payer": null,
"invoice": "INV-20250825-170438-e37518",
"custom": "user_1234_order_5678",
"resource_id": "2V315801FX904340P",
"ts": "2025-08-25T17:05:27-04:00"
}

View file

@ -1,11 +0,0 @@
{
"event_type": "PAYMENT.CAPTURE.COMPLETED",
"status": "PAID",
"amount": "19.99",
"currency": "USD",
"payer": null,
"invoice": "INV-20250825-174311-0a7993",
"custom": "user_1234_order_5678",
"resource_id": "2V315801FX904340P",
"ts": "2025-08-25T17:05:27-04:00"
}

View file

@ -1,10 +0,0 @@
{
"event_type": "PAYMENT.SALE.COMPLETED",
"status": "PAID",
"amount": "0.48",
"currency": "USD",
"payer": null,
"invoice": null,
"custom": null,
"ts": "2025-08-25T16:46:11-04:00"
}

View file

@ -1,10 +0,0 @@
{
"event_type": "PAYMENT.CAPTURE.COMPLETED",
"status": "PAID",
"amount": "9.99",
"currency": "USD",
"invoice": "INV-20251022-101500-TEST",
"resource_id": "SIMULATED12345",
"ts": "2025-10-22T10:15:00-04:00",
"note": "Simulated webhook write for testing"
}

View file

@ -1,11 +0,0 @@
<?php
function website_billing_runtime_file(string $relative): string
{
$target = realpath(__DIR__ . '/../Panel/modules/billing/' . ltrim($relative, '/'));
if ($target === false || strpos($target, realpath(__DIR__ . '/../Panel/modules/billing')) !== 0) {
http_response_code(500);
echo 'Billing runtime file not found.';
exit;
}
return $target;
}

View file

@ -1,25 +0,0 @@
-- DEPRECATED: This file is no longer needed.
--
-- The gsp_billing_service_remote_servers mapping table has been removed.
-- Server availability per game/service is now stored in gsp_billing_services.remote_server_id
-- as a comma-separated list of numeric server IDs (e.g. "1,3,7").
-- The module migration (db_version 4) drops the mapping table automatically.
--
-- The original content of this file is kept below for historical reference only.
-- Do NOT run this script on new installations.
--
-- Migration: add override_price to billing_service_remote_servers
-- Run once on existing installs that already have the mapping table (db_version 2)
-- but are missing the override_price column (added in db_version 3 / module v3.1).
--
-- Replace 'gsp_' with your actual table prefix if it differs.
--
-- This statement is safe to run multiple times only if your MySQL version supports
-- ADD COLUMN IF NOT EXISTS (MySQL 8.0.3+). On older versions, check first:
-- SHOW COLUMNS FROM gsp_billing_service_remote_servers LIKE 'override_price';
ALTER TABLE `gsp_billing_service_remote_servers`
ADD COLUMN IF NOT EXISTS `override_price` DECIMAL(10,2) NULL AFTER `enabled`;
-- If your MySQL is older than 8.0.3, use the conditional form instead:
-- ALTER TABLE `gsp_billing_service_remote_servers` ADD COLUMN `override_price` DECIMAL(10,2) NULL AFTER `enabled`;

View file

@ -1,10 +0,0 @@
-- Add paypal_data column to billing_orders table
-- This stores the full PayPal response JSON for admin/refund tracking
-- Table prefix is hardcoded to gsp_ for standalone billing module
ALTER TABLE `gsp_billing_orders`
ADD COLUMN `paypal_data` TEXT NULL AFTER `payment_txid`;
-- Update comment
ALTER TABLE `gsp_billing_orders`
MODIFY COLUMN `paypal_data` TEXT NULL COMMENT 'Full PayPal API response JSON for tracking/refunds';

View file

@ -1,41 +0,0 @@
-- DEPRECATED: This file is no longer needed.
--
-- The billing module no longer references an `enabled` column on gsp_remote_servers.
-- gsp_remote_servers is the server inventory table only.
-- Server availability per game/service is stored in gsp_billing_services.remote_server_id
-- as a comma-separated list of numeric server IDs (e.g. "1,3,7").
--
-- The original content of this file is kept below for historical reference only.
-- Do NOT run this script on new installations.
--
-- Migration: add `enabled` column to gsp_remote_servers
--
-- The original panel schema (panel.sql / ogp_remote_servers) includes an `enabled`
-- INT(11) column. Installations that were created from an older schema, or whose
-- table was renamed without carrying the column forward, may be missing it.
--
-- Run this once against your panel database (replace `gsp_` with your prefix if
-- different). Safe to skip if the column already exists — just check with:
-- SHOW COLUMNS FROM `gsp_remote_servers` LIKE 'enabled';
--
-- Usage:
-- mysql -u <user> -p <db_name> < modules/billing/add_remote_server_enabled_column.sql
SET @table_name = 'gsp_remote_servers';
SET @col_name = 'enabled';
SET @sql = IF(
(
SELECT COUNT(*)
FROM INFORMATION_SCHEMA.COLUMNS
WHERE TABLE_SCHEMA = DATABASE()
AND TABLE_NAME = @table_name
AND COLUMN_NAME = @col_name
) = 0,
CONCAT('ALTER TABLE `', @table_name, '` ADD COLUMN `enabled` INT(11) NOT NULL DEFAULT 1'),
'SELECT "Column already exists — nothing to do" AS note'
);
PREPARE stmt FROM @sql;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;

View file

@ -1,10 +0,0 @@
-- Add missing service_id column to gsp_billing_invoices table
-- This column is required to track which service/game plan was purchased
-- Table prefix is hardcoded to gsp_ for standalone billing module
ALTER TABLE `gsp_billing_invoices`
ADD COLUMN `service_id` INT(11) NOT NULL AFTER `user_id`;
-- Add index for better query performance
ALTER TABLE `gsp_billing_invoices`
ADD KEY `service_id` (`service_id`);

View file

@ -1,3 +0,0 @@
<?php
require_once __DIR__ . '/_compat_include.php';
require website_billing_runtime_file('add_to_cart.php');

View file

@ -1,3 +0,0 @@
<?php
require_once __DIR__ . '/_compat_include.php';
require website_billing_runtime_file('admin.php');

View file

@ -1,896 +0,0 @@
<?php
/**
* Admin Config Editor
*
* Provides two ways to edit modules/billing/includes/config.inc.php:
* A. Interactive form (top) fields for each billing-specific setting.
* B. Raw PHP editor (bottom) direct file content textarea (advanced).
*
* Both methods create a timestamped backup before saving and apply the
* $SITE_CONFIG_BACKUP_RETENTION limit (default 5) after writing.
* A post-save php -l syntax check rolls back the file on parse errors.
*
* Database settings (db_host, db_port, db_user, db_pass, db_name, table_prefix)
* are shown as read-only when the module is installed inside a GSP panel tree.
* They are managed via the panel and synced automatically by config_loader.php.
*/
require_once(__DIR__ . '/includes/admin_auth.php');
require_once(__DIR__ . '/includes/config_loader.php');
include(__DIR__ . '/includes/top.php');
include(__DIR__ . '/includes/menu.php');
if (session_status() === PHP_SESSION_NONE) {
session_name('opengamepanel_web');
session_start();
}
if (empty($_SESSION['admin_csrf'])) {
$_SESSION['admin_csrf'] = bin2hex(random_bytes(16));
}
$csrf = $_SESSION['admin_csrf'];
$cfgPath = __DIR__ . '/includes/config.inc.php';
$bakDir = dirname($cfgPath) . '/backups';
function h(string $s): string
{
return htmlspecialchars($s, ENT_QUOTES, 'UTF-8');
}
// ---------------------------------------------------------------------------
// Helper: apply backup retention — delete oldest .bak files beyond the limit.
// Only touches files with names matching *.bak inside the expected backup dir.
// ---------------------------------------------------------------------------
function billing_admin_apply_retention(string $dir, int $retention): void
{
$retention = max(1, min(10, $retention));
if (!is_dir($dir)) {
return;
}
$files = glob($dir . '/*.bak');
if (!is_array($files) || count($files) <= $retention) {
return;
}
// Sort oldest first (by file modification time)
usort($files, static function (string $a, string $b): int {
return filemtime($a) <=> filemtime($b);
});
$toDelete = count($files) - $retention;
for ($i = 0; $i < $toDelete; $i++) {
@unlink($files[$i]);
}
}
// ---------------------------------------------------------------------------
// Helper: create a backup of the config file; returns backup filename or ''.
// ---------------------------------------------------------------------------
function billing_admin_create_backup(string $cfgPath, string $bakDir): string
{
@mkdir($bakDir, 0775, true);
$bakName = $bakDir . '/config.inc.php.' . date('Ymd-His') . '.' . bin2hex(random_bytes(4)) . '.bak';
if (!copy($cfgPath, $bakName)) {
return '';
}
return $bakName;
}
// ---------------------------------------------------------------------------
// Helper: run php -l on a file and return [ok, output].
// ---------------------------------------------------------------------------
function billing_admin_lint(string $filePath): array
{
$phpExec = PHP_BINARY ?: null;
if (!$phpExec) {
return [true, 'PHP executable not found; skipping syntax check.'];
}
$cmd = escapeshellarg($phpExec) . ' -l ' . escapeshellarg($filePath);
$out = [];
$rc = 0;
@exec($cmd . ' 2>&1', $out, $rc);
return [$rc === 0, implode("\n", $out)];
}
// ---------------------------------------------------------------------------
// Helper: generate canonical config.inc.php content from an array of values.
// DB settings are preserved from the existing file; only billing fields change.
// ---------------------------------------------------------------------------
function billing_admin_build_config(string $existingContent, array $vals): string
{
// Extract current DB settings from existing file content so we never lose them.
$dbLines = [];
foreach (['db_host', 'db_port', 'db_user', 'db_pass', 'db_name', 'table_prefix', 'db_type'] as $var) {
if (preg_match('/^\s*\$' . preg_quote($var, '/') . '\s*=.*$/m', $existingContent, $m)) {
$dbLines[$var] = rtrim($m[0]);
}
}
$q = static function (string $v): string {
return '"' . addslashes($v) . '"';
};
$mode = (strtolower($vals['paypal_mode'] ?? 'sandbox') === 'live') ? 'live' : 'sandbox';
$retention = max(1, min(10, (int)($vals['backup_retention'] ?? 5)));
$baseUrl = rtrim(trim($vals['SITE_BASE_URL'] ?? ''), '/');
$bg = trim($vals['SITE_BACKGROUND'] ?? 'images/dark.jpg');
$dataDir = trim($vals['SITE_DATA_DIR'] ?? '');
$wh_path = '/' . ltrim(trim($vals['paypal_webhook_path'] ?? '/paypal/webhook.php'), '/');
// Sandbox credentials — never erase existing secret if field was left blank
$sb_id = trim($vals['paypal_sandbox_client_id'] ?? '');
$sb_sec = trim($vals['paypal_sandbox_client_secret'] ?? '');
$sb_wh = trim($vals['paypal_sandbox_webhook_id'] ?? '');
// Live credentials — never erase existing secret if field was left blank
$lv_id = trim($vals['paypal_live_client_id'] ?? '');
$lv_sec = trim($vals['paypal_live_client_secret'] ?? '');
$lv_wh = trim($vals['paypal_live_webhook_id'] ?? '');
$dbBlock = '';
foreach (['db_host', 'db_port', 'db_user', 'db_pass', 'db_name', 'table_prefix', 'db_type'] as $var) {
if (isset($dbLines[$var])) {
$dbBlock .= $dbLines[$var] . "\n";
}
}
$dataDirLine = ($dataDir !== '' && $dataDir !== 'auto')
? '$SITE_DATA_DIR = ' . $q($dataDir) . ';'
: "\$SITE_DATA_DIR = realpath(__DIR__ . '/..') . DIRECTORY_SEPARATOR . 'data';";
return '<?php' . "\n"
. '###############################################' . "\n"
. '# Website Database Configuration' . "\n"
. '# This file contains the database connection' . "\n"
. '# settings for the billing website.' . "\n"
. '#' . "\n"
. '# Managed via Admin > Edit Config.' . "\n"
. '###############################################' . "\n"
. $dbBlock
. "\n"
. '// Optional: base URL without trailing slash (e.g. https://gameservers.world).' . "\n"
. '// Leave empty to use relative paths.' . "\n"
. '$SITE_BASE_URL = ' . $q($baseUrl) . ';' . "\n"
. '$SITE_BASE_URL = rtrim(trim((string)$SITE_BASE_URL), \'/\');' . "\n"
. "\n"
. '// Site-wide background image (relative to site root).' . "\n"
. '$SITE_BACKGROUND = ' . $q($bg) . ';' . "\n"
. '$SITE_BACKGROUND = trim((string)$SITE_BACKGROUND);' . "\n"
. "\n"
. '// Data directory for persisted payment webhook JSON files.' . "\n"
. $dataDirLine . "\n"
. "\n"
. '// ---------------------------------------------------------------------------' . "\n"
. '// PayPal configuration' . "\n"
. '// ---------------------------------------------------------------------------' . "\n"
. '$paypal_mode = ' . $q($mode) . '; // \'sandbox\' or \'live\'' . "\n"
. "\n"
. '// Sandbox credentials (PayPal Developer Dashboard → sandbox app)' . "\n"
. '$paypal_sandbox_client_id = ' . $q($sb_id) . ';' . "\n"
. '$paypal_sandbox_client_secret = ' . $q($sb_sec) . ';' . "\n"
. '$paypal_sandbox_webhook_id = ' . $q($sb_wh) . ';' . "\n"
. "\n"
. '// Live credentials (leave blank until ready for production)' . "\n"
. '$paypal_live_client_id = ' . $q($lv_id) . ';' . "\n"
. '$paypal_live_client_secret = ' . $q($lv_sec) . ';' . "\n"
. '$paypal_live_webhook_id = ' . $q($lv_wh) . ';' . "\n"
. "\n"
. '// Webhook path (relative to billing site root, must start with /)' . "\n"
. '// Full public URL = $SITE_BASE_URL + $paypal_webhook_path' . "\n"
. '$paypal_webhook_path = ' . $q($wh_path) . ';' . "\n"
. "\n"
. '// Admin config backup retention: how many backups to keep (110). Default 5.' . "\n"
. '$SITE_CONFIG_BACKUP_RETENTION = ' . $retention . ';' . "\n"
. '?>' . "\n";
}
// ---------------------------------------------------------------------------
// Read current values from config (already loaded by config_loader above).
// ---------------------------------------------------------------------------
$cfgVals = [
'SITE_BASE_URL' => $SITE_BASE_URL ?? '',
'SITE_BACKGROUND' => $SITE_BACKGROUND ?? 'images/dark.jpg',
'SITE_DATA_DIR' => $SITE_DATA_DIR ?? '',
'paypal_mode' => $paypal_mode ?? 'sandbox',
'paypal_sandbox_client_id' => $paypal_sandbox_client_id ?? '',
'paypal_sandbox_client_secret' => $paypal_sandbox_client_secret ?? '',
'paypal_sandbox_webhook_id' => $paypal_sandbox_webhook_id ?? '',
'paypal_live_client_id' => $paypal_live_client_id ?? '',
'paypal_live_client_secret' => $paypal_live_client_secret ?? '',
'paypal_live_webhook_id' => $paypal_live_webhook_id ?? '',
'paypal_webhook_path' => $paypal_webhook_path ?? '/paypal/webhook.php',
'backup_retention' => $SITE_CONFIG_BACKUP_RETENTION ?? 5,
];
// Computed full webhook URL for display
$computedWebhookUrl = function_exists('gsp_paypal_get_full_webhook_url')
? gsp_paypal_get_full_webhook_url()
: rtrim($cfgVals['SITE_BASE_URL'], '/') . $cfgVals['paypal_webhook_path'];
// Detect panel-mode (DB settings are managed by the panel)
$panelMode = defined('BILLING_PANEL_CONFIG_PATH');
$panelCfgPath = $panelMode ? BILLING_PANEL_CONFIG_PATH : null;
$status = '';
$statusType = 'info'; // 'success' | 'error' | 'info'
// ---------------------------------------------------------------------------
// POST: Save interactive form
// ---------------------------------------------------------------------------
if ($_SERVER['REQUEST_METHOD'] === 'POST' && ($_POST['action'] ?? '') === 'save_form') {
$token = $_POST['csrf'] ?? '';
if (!hash_equals($csrf, (string)$token)) {
$status = 'Invalid CSRF token.';
$statusType = 'error';
} elseif (!is_writable($cfgPath)) {
$status = 'Config file is not writable: ' . h($cfgPath);
$statusType = 'error';
} else {
// Collect and validate form values
$formVals = [
'SITE_BASE_URL' => trim($_POST['SITE_BASE_URL'] ?? ''),
'SITE_BACKGROUND' => trim($_POST['SITE_BACKGROUND'] ?? 'images/dark.jpg'),
'SITE_DATA_DIR' => trim($_POST['SITE_DATA_DIR'] ?? ''),
'paypal_mode' => (strtolower(trim($_POST['paypal_mode'] ?? 'sandbox')) === 'live') ? 'live' : 'sandbox',
'paypal_sandbox_client_id' => trim($_POST['paypal_sandbox_client_id'] ?? ''),
'paypal_live_client_id' => trim($_POST['paypal_live_client_id'] ?? ''),
'paypal_sandbox_webhook_id' => trim($_POST['paypal_sandbox_webhook_id'] ?? ''),
'paypal_live_webhook_id' => trim($_POST['paypal_live_webhook_id'] ?? ''),
'paypal_webhook_path' => trim($_POST['paypal_webhook_path'] ?? '/paypal/webhook.php'),
'backup_retention' => (int)($_POST['backup_retention'] ?? 5),
];
// Client secrets: only update if a non-blank value was submitted (never erase existing).
$sbSecPost = trim($_POST['paypal_sandbox_client_secret'] ?? '');
$formVals['paypal_sandbox_client_secret'] = ($sbSecPost !== '') ? $sbSecPost : ($cfgVals['paypal_sandbox_client_secret'] ?? '');
$lvSecPost = trim($_POST['paypal_live_client_secret'] ?? '');
$formVals['paypal_live_client_secret'] = ($lvSecPost !== '') ? $lvSecPost : ($cfgVals['paypal_live_client_secret'] ?? '');
// Validate
$validationError = '';
if ($formVals['backup_retention'] < 1 || $formVals['backup_retention'] > 10) {
$validationError = 'Backup retention must be a number between 1 and 10.';
}
if ($validationError) {
$status = $validationError;
$statusType = 'error';
} else {
$existingContent = (string)file_get_contents($cfgPath);
$newContent = billing_admin_build_config($existingContent, $formVals);
// Backup before write.
// Note: the backup copy and subsequent file_put_contents are not covered by a
// single atomic lock. This is acceptable for an admin-only operation where
// concurrent writes are not expected.
$bakName = billing_admin_create_backup($cfgPath, $bakDir);
if (!$bakName) {
$status = 'Failed to create backup. Aborting save.';
$statusType = 'error';
} else {
if (file_put_contents($cfgPath, $newContent, LOCK_EX) === false) {
$status = 'Failed to write config file.';
$statusType = 'error';
} else {
// Syntax check
[$lintOk, $lintOut] = billing_admin_lint($cfgPath);
if (!$lintOk) {
@copy($bakName, $cfgPath); // rollback
$status = 'Syntax error in generated config; rolled back. Lint: ' . h($lintOut);
$statusType = 'error';
} else {
// Apply backup retention
$retention = max(1, min(10, $formVals['backup_retention']));
billing_admin_apply_retention($bakDir, $retention);
$cfgVals = $formVals; // update displayed values
$computedWebhookUrl = rtrim($formVals['SITE_BASE_URL'], '/') . ('/' . ltrim($formVals['paypal_webhook_path'] ?? '/paypal/webhook.php', '/'));
$status = 'Config saved successfully. Backup: ' . basename($bakName);
$statusType = 'success';
}
}
}
}
}
}
// ---------------------------------------------------------------------------
// POST: Save raw editor
// ---------------------------------------------------------------------------
if ($_SERVER['REQUEST_METHOD'] === 'POST' && ($_POST['action'] ?? '') === 'save_raw') {
$token = $_POST['csrf'] ?? '';
if (!hash_equals($csrf, (string)$token)) {
$status = 'Invalid CSRF token.';
$statusType = 'error';
} elseif (!is_writable($cfgPath)) {
$status = 'Config file is not writable: ' . h($cfgPath);
$statusType = 'error';
} else {
$newRaw = $_POST['config_text'] ?? '';
if (strpos(trim($newRaw), '<?php') !== 0) {
$status = 'Config must start with <?php';
$statusType = 'error';
} else {
// Backup then write (admin-only operation; concurrent writes are not expected).
$bakName = billing_admin_create_backup($cfgPath, $bakDir);
if (!$bakName) {
$status = 'Failed to create backup. Aborting save.';
$statusType = 'error';
} else {
if (file_put_contents($cfgPath, $newRaw, LOCK_EX) === false) {
$status = 'Failed to write config file.';
$statusType = 'error';
} else {
[$lintOk, $lintOut] = billing_admin_lint($cfgPath);
if (!$lintOk) {
@copy($bakName, $cfgPath); // rollback
$status = 'Syntax error detected; changes rolled back. Lint: ' . h($lintOut);
$statusType = 'error';
} else {
// Apply backup retention from config
$retentionNow = max(1, min(10, (int)($SITE_CONFIG_BACKUP_RETENTION ?? 5)));
billing_admin_apply_retention($bakDir, $retentionNow);
$status = 'Config saved successfully. Backup: ' . basename($bakName);
$statusType = 'success';
}
}
}
}
}
}
// Always read current raw content from disk for the raw editor
$currentText = '';
if (is_readable($cfgPath)) {
$currentText = file_get_contents($cfgPath);
}
// List current backups for display
$bakFiles = is_dir($bakDir) ? (array)glob($bakDir . '/*.bak') : [];
rsort($bakFiles); // newest first
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Admin Edit Config</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="css/header.css">
<style>
.cfg-section { background:#fff; border:1px solid #ddd; border-radius:6px; padding:20px 24px; margin-bottom:28px; }
.cfg-section h2 { margin-top:0; color:#333; border-bottom:2px solid #eee; padding-bottom:8px; }
.field-group { margin-bottom:18px; }
.field-group label { display:block; font-weight:600; color:#333; margin-bottom:4px; }
.field-help { font-size:0.85em; color:#666; margin-bottom:6px; }
.field-group input[type=text],
.field-group input[type=password],
.field-group input[type=number],
.field-group select { width:100%; max-width:520px; padding:8px 10px; border:1px solid #ccc;
border-radius:4px; font-size:1em; box-sizing:border-box; }
.field-group .pw-wrap { display:flex; gap:6px; align-items:center; max-width:520px; }
.field-group .pw-wrap input { flex:1; }
.btn-show { padding:8px 14px; font-size:0.9em; border:1px solid #aaa; border-radius:4px;
background:#f5f5f5; cursor:pointer; white-space:nowrap; }
.status-box { padding:12px 16px; border-radius:4px; margin-bottom:18px; font-weight:600; }
.status-success { background:#d4edda; color:#155724; border:1px solid #c3e6cb; }
.status-error { background:#f8d7da; color:#721c24; border:1px solid #f5c6cb; }
.status-info { background:#d1ecf1; color:#0c5460; border:1px solid #bee5eb; }
.panel-badge { background:#e8f4fd; border:1px solid #9ec8f0; color:#1a5276; padding:10px 14px;
border-radius:4px; margin-bottom:18px; font-size:0.9em; }
.readonly-field { background:#f4f4f4; color:#555; cursor:not-allowed; }
.warn-box { background:#fff3cd; border:1px solid #ffc107; color:#856404; padding:10px 14px;
border-radius:4px; margin-bottom:14px; font-size:0.9em; }
.save-row { margin:14px 0; }
.save-row button { padding:10px 24px; font-size:1em; font-weight:600; }
.bak-list { font-size:0.85em; color:#555; margin-top:4px; }
</style>
</head>
<body>
<div class="container-wide panel">
<h1>Edit Site Config</h1>
<?php if ($status): ?>
<div class="status-box status-<?php echo h($statusType); ?>"><?php echo h($status); ?></div>
<?php endif; ?>
<?php if (!empty($billing_config_warning)): ?>
<div class="warn-box">⚠️ <?php echo h($billing_config_warning); ?></div>
<?php endif; ?>
<!-- ===================================================================
SECTION A: Interactive form
==================================================================== -->
<div class="cfg-section">
<h2>Site Settings</h2>
<?php if ($panelMode): ?>
<div class="panel-badge">
<strong>Panel-integrated mode.</strong>
Database settings are managed by the panel and synced automatically from
<code><?php echo h($panelCfgPath); ?></code>.
They are shown below for reference only.
</div>
<?php endif; ?>
<form method="post" action="">
<input type="hidden" name="csrf" value="<?php echo h($csrf); ?>">
<input type="hidden" name="action" value="save_form">
<!-- DB read-only info (panel mode) -->
<?php if ($panelMode): ?>
<div class="field-group">
<label>Database Host</label>
<div class="field-help">Managed by the panel config. Edit the panel's <code>includes/config.inc.php</code> to change.</div>
<input type="text" class="readonly-field" value="<?php echo h((string)($db_host ?? '')); ?>" readonly>
</div>
<div class="field-group">
<label>Database Name</label>
<input type="text" class="readonly-field" value="<?php echo h((string)($db_name ?? '')); ?>" readonly>
</div>
<div class="field-group">
<label>Table Prefix</label>
<input type="text" class="readonly-field" value="<?php echo h((string)($table_prefix ?? '')); ?>" readonly>
</div>
<?php endif; ?>
<!-- Site Base URL -->
<div class="field-group">
<label for="cfg_base_url">Site Base URL</label>
<div class="field-help">
Full base URL <strong>without trailing slash</strong> (e.g. <code>https://gameservers.world</code>).
Leave empty to use relative paths. Used to compute the full public PayPal webhook URL.
</div>
<input type="text" id="cfg_base_url" name="SITE_BASE_URL"
value="<?php echo h((string)$cfgVals['SITE_BASE_URL']); ?>"
placeholder="https://example.com">
</div>
<!-- Site Background -->
<div class="field-group">
<label for="cfg_bg">Site Background Image</label>
<div class="field-help">
Path to background image relative to the billing site root (e.g. <code>images/dark.jpg</code>).
</div>
<input type="text" id="cfg_bg" name="SITE_BACKGROUND"
value="<?php echo h((string)$cfgVals['SITE_BACKGROUND']); ?>"
placeholder="images/dark.jpg">
</div>
<!-- Data Directory -->
<div class="field-group">
<label for="cfg_datadir">Site Data Directory</label>
<div class="field-help">
Absolute path where payment webhook JSON files are stored.
Leave empty to use the default: <code>modules/billing/data/</code>.
</div>
<input type="text" id="cfg_datadir" name="SITE_DATA_DIR"
value="<?php echo h((string)$cfgVals['SITE_DATA_DIR']); ?>"
placeholder="(default: billing/data/)">
</div>
<hr style="border:none;border-top:1px solid #eee;margin:24px 0;">
<h3 style="margin-top:0;color:#333;">PayPal Configuration</h3>
<?php
$isSandboxMode = ($cfgVals['paypal_mode'] ?? 'sandbox') !== 'live';
$modeLabel = $isSandboxMode ? '🟡 Sandbox (test mode)' : '🟢 Live (real payments)';
$modeBadgeClass = $isSandboxMode ? 'status-info' : 'status-success';
?>
<div class="status-box <?php echo h($modeBadgeClass); ?>" style="margin-bottom:14px;font-size:0.95em;">
Currently active PayPal mode: <strong><?php echo h($modeLabel); ?></strong>
</div>
<!-- PayPal Mode -->
<div class="field-group">
<label for="cfg_mode">PayPal Mode</label>
<div class="field-help">
<strong>Sandbox</strong> uses test credentials and the PayPal sandbox API safe for development.
<strong>Live</strong> processes real payments. Switch only after configuring live credentials.
</div>
<select id="cfg_mode" name="paypal_mode">
<option value="sandbox" <?php echo $isSandboxMode ? 'selected' : ''; ?>>Sandbox (test mode)</option>
<option value="live" <?php echo !$isSandboxMode ? 'selected' : ''; ?>>Live (real payments)</option>
</select>
</div>
<!-- Sandbox credentials -->
<h4 style="color:#555;margin:20px 0 8px;">Sandbox Credentials</h4>
<div class="field-group">
<label for="cfg_sb_id">Sandbox Client ID</label>
<div class="field-help">Found in PayPal Developer Dashboard sandbox app. Safe to expose in browser JS.</div>
<input type="text" id="cfg_sb_id" name="paypal_sandbox_client_id"
value="<?php echo h((string)$cfgVals['paypal_sandbox_client_id']); ?>"
placeholder="AfvY_... or sandbox client ID">
</div>
<div class="field-group">
<label for="cfg_sb_sec">Sandbox Client Secret</label>
<div class="field-help"><strong>Server-side only</strong> never sent to the browser. Leave blank to keep existing value.</div>
<div class="pw-wrap">
<input type="password" id="cfg_sb_sec" name="paypal_sandbox_client_secret"
placeholder="<?php echo $cfgVals['paypal_sandbox_client_secret'] !== '' ? '(set — leave blank to keep)' : '(not set)'; ?>"
autocomplete="new-password">
<button type="button" class="btn-show"
onclick="var f=document.getElementById('cfg_sb_sec');f.type=f.type==='password'?'text':'password';this.textContent=f.type==='password'?'Show':'Hide';">Show</button>
</div>
</div>
<div class="field-group">
<label for="cfg_sb_wh">Sandbox Webhook ID</label>
<div class="field-help">
Webhook ID from your PayPal sandbox app (for signature verification).
Leave empty to skip verification in sandbox mode (OK for initial setup).
</div>
<input type="text" id="cfg_sb_wh" name="paypal_sandbox_webhook_id"
value="<?php echo h((string)$cfgVals['paypal_sandbox_webhook_id']); ?>"
placeholder="Sandbox Webhook ID">
</div>
<!-- Live credentials -->
<h4 style="color:#555;margin:20px 0 8px;">Live Credentials</h4>
<div class="field-group">
<label for="cfg_lv_id">Live Client ID</label>
<div class="field-help">From your PayPal live app. Leave blank until ready for production.</div>
<input type="text" id="cfg_lv_id" name="paypal_live_client_id"
value="<?php echo h((string)$cfgVals['paypal_live_client_id']); ?>"
placeholder="Live Client ID">
</div>
<div class="field-group">
<label for="cfg_lv_sec">Live Client Secret</label>
<div class="field-help"><strong>Server-side only.</strong> Leave blank to keep existing value.</div>
<div class="pw-wrap">
<input type="password" id="cfg_lv_sec" name="paypal_live_client_secret"
placeholder="<?php echo $cfgVals['paypal_live_client_secret'] !== '' ? '(set — leave blank to keep)' : '(not set)'; ?>"
autocomplete="new-password">
<button type="button" class="btn-show"
onclick="var f=document.getElementById('cfg_lv_sec');f.type=f.type==='password'?'text':'password';this.textContent=f.type==='password'?'Show':'Hide';">Show</button>
</div>
</div>
<div class="field-group">
<label for="cfg_lv_wh">Live Webhook ID</label>
<div class="field-help">Webhook ID from your PayPal live app (for signature verification).</div>
<input type="text" id="cfg_lv_wh" name="paypal_live_webhook_id"
value="<?php echo h((string)$cfgVals['paypal_live_webhook_id']); ?>"
placeholder="Live Webhook ID">
</div>
<!-- Webhook path + computed URL -->
<h4 style="color:#555;margin:20px 0 8px;">Webhook Endpoint</h4>
<div class="field-help" style="margin-bottom:10px;">
PayPal requires a <strong>full public HTTPS URL</strong> to deliver webhook events.
Set your Site Base URL above, then copy the computed URL below into your PayPal app's webhook configuration.
</div>
<div class="field-group">
<label for="cfg_wh_path">Webhook Path</label>
<div class="field-help">Path relative to the billing site root (must start with <code>/</code>). Default: <code>/paypal/webhook.php</code></div>
<input type="text" id="cfg_wh_path" name="paypal_webhook_path"
value="<?php echo h((string)$cfgVals['paypal_webhook_path']); ?>"
placeholder="/paypal/webhook.php"
oninput="updateWebhookUrl()">
</div>
<div class="field-group">
<label>Computed Full Webhook URL <small style="font-weight:normal;color:#888;">(read-only paste this into PayPal)</small></label>
<div class="field-help">
This is the URL PayPal will POST webhook events to.
It must be publicly accessible over HTTPS before enabling live mode.
</div>
<input type="text" id="computed_webhook_url"
class="readonly-field"
value="<?php echo h($computedWebhookUrl); ?>"
readonly
style="font-family:monospace;color:#333;background:#f0f4ff;">
<button type="button" id="copy_webhook_url_btn" class="btn-show" style="margin-top:4px;"
onclick="var u=document.getElementById('computed_webhook_url');if(u){navigator.clipboard.writeText(u.value).then(function(){var b=document.getElementById('copy_webhook_url_btn');b.textContent='Copied!';setTimeout(function(){b.textContent='Copy';},2000);});}">Copy</button>
</div>
<script>
function updateWebhookUrl() {
var base = document.getElementById('cfg_base_url');
var path = document.getElementById('cfg_wh_path');
var out = document.getElementById('computed_webhook_url');
if (!base || !path || !out) return;
var b = base.value.replace(/\/+$/, '');
var p = path.value.replace(/^([^\/])/, '/$1');
out.value = b + p;
}
document.addEventListener('DOMContentLoaded', function() {
var base = document.getElementById('cfg_base_url');
if (base) base.addEventListener('input', updateWebhookUrl);
});
</script>
<hr style="border:none;border-top:1px solid #eee;margin:24px 0;">
<h3 style="margin-top:0;color:#333;">Backup Settings</h3>
<!-- Backup Retention -->
<div class="field-group">
<label for="cfg_retention">Config Backup Retention</label>
<div class="field-help">
Number of config backups to keep (110). The oldest backup beyond this limit is
deleted after each save. Backups are stored in
<code><?php echo h($bakDir); ?></code>.
</div>
<input type="number" id="cfg_retention" name="backup_retention"
value="<?php echo (int)$cfgVals['backup_retention']; ?>"
min="1" max="10" style="max-width:100px;">
</div>
<div class="save-row">
<button type="submit">💾 Save Settings</button>
</div>
</form>
</div>
<!-- ===================================================================
SECTION B: PayPal Diagnostics
==================================================================== -->
<?php
// Gather diagnostics data
$diag_mode = $cfgVals['paypal_mode'] ?? 'sandbox';
$diag_is_sandbox = $diag_mode !== 'live';
$diag_sb_id_set = ($cfgVals['paypal_sandbox_client_id'] ?? '') !== '';
$diag_sb_sec_set = ($cfgVals['paypal_sandbox_client_secret'] ?? '') !== '';
$diag_sb_wh_set = ($cfgVals['paypal_sandbox_webhook_id'] ?? '') !== '';
$diag_lv_id_set = ($cfgVals['paypal_live_client_id'] ?? '') !== '';
$diag_lv_sec_set = ($cfgVals['paypal_live_client_secret'] ?? '') !== '';
$diag_lv_wh_set = ($cfgVals['paypal_live_webhook_id'] ?? '') !== '';
$diag_wh_path = '/' . ltrim((string)($cfgVals['paypal_webhook_path'] ?? '/paypal/webhook.php'), '/');
$diag_wh_full_url = $computedWebhookUrl;
$diag_wh_file = rtrim(__DIR__, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . ltrim($diag_wh_path, '/');
$diag_wh_exists = file_exists($diag_wh_file);
// Active mode credential check
$diag_active_id_set = $diag_is_sandbox ? $diag_sb_id_set : $diag_lv_id_set;
$diag_active_sec_set = $diag_is_sandbox ? $diag_sb_sec_set : $diag_lv_sec_set;
$diag_active_wh_set = $diag_is_sandbox ? $diag_sb_wh_set : $diag_lv_wh_set;
function diag_badge(bool $ok, string $yes = 'Yes', string $no = 'No'): string {
$cls = $ok ? 'background:#d4edda;color:#155724;border:1px solid #c3e6cb;' : 'background:#f8d7da;color:#721c24;border:1px solid #f5c6cb;';
$label = $ok ? $yes : $no;
return '<span style="' . $cls . 'padding:2px 8px;border-radius:3px;font-size:0.85em;font-weight:600;display:inline-block;word-break:break-word;">' . htmlspecialchars($label, ENT_QUOTES, 'UTF-8') . '</span>';
}
// Last webhook events + recent PayPal errors
$diag_recent_events = [];
$diag_recent_errors = [];
$diag_errors_warning = '';
try {
$port_int = intval($db_port ?? 3306) ?: 3306;
$diag_db = @mysqli_connect($db_host ?? 'localhost', $db_user ?? '', $db_pass ?? '', $db_name ?? '', $port_int);
if ($diag_db) {
$pfx_diag = $table_prefix ?? 'gsp_';
mysqli_set_charset($diag_db, 'utf8mb4');
$res = @mysqli_query($diag_db, "SELECT paypal_event_id, event_type, processing_status, created_at FROM `{$pfx_diag}billing_paypal_webhook_events` ORDER BY id DESC LIMIT 5");
if ($res) {
while ($row = mysqli_fetch_assoc($res)) {
$diag_recent_events[] = $row;
}
}
// Recent PayPal errors — use BillingRepository for safe table creation
require_once __DIR__ . '/classes/BillingRepository.php';
$diag_repo = new BillingRepository($diag_db, $pfx_diag);
if ($diag_repo->ensureBillingPaypalErrorsTable()) {
$diag_recent_errors = $diag_repo->getRecentPaypalErrors(10);
} else {
$diag_errors_warning = 'Could not create billing_paypal_errors table. Check DB permissions.';
}
mysqli_close($diag_db);
}
} catch (Throwable $e) {
$diag_errors_warning = 'Diagnostics DB query failed: ' . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8');
}
?>
<style>
.diag-grid { display:grid; grid-template-columns:1fr; gap:8px; font-size:0.9em; }
@media (min-width:600px) { .diag-grid { grid-template-columns:220px 1fr; } }
.diag-row { display:contents; }
.diag-label { color:#555; font-weight:600; padding:6px 0; border-bottom:1px solid #f0f0f0; word-break:break-word; }
.diag-value { padding:6px 0; border-bottom:1px solid #f0f0f0; word-break:break-all; }
.diag-sub { font-size:0.85em; color:#888; margin-top:4px; }
.diag-sep { grid-column:1/-1; border-top:2px solid #e9ecef; margin:6px 0 2px; }
.recent-errors-table { width:100%; border-collapse:collapse; font-size:0.85em; overflow-x:auto; display:block; }
.recent-errors-table th { background:#f8f9fa; padding:6px 8px; text-align:left; border-bottom:2px solid #dee2e6; white-space:nowrap; }
.recent-errors-table td { padding:5px 8px; border-bottom:1px solid #eee; word-break:break-word; }
</style>
<div class="cfg-section">
<h2>PayPal Diagnostics</h2>
<!-- Self-check button -->
<form method="post" style="margin-bottom:16px;">
<input type="hidden" name="csrf" value="<?php echo h($csrf); ?>">
<input type="hidden" name="action" value="self_check">
<button type="submit" class="btn-show" style="padding:9px 18px;font-size:0.95em;">🔍 Run Billing Self-Check</button>
</form>
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST' && ($_POST['action'] ?? '') === 'self_check') {
$token = $_POST['csrf'] ?? '';
if (hash_equals($csrf, (string)$token)):
?>
<div class="status-box status-info" style="font-size:0.9em;">
<strong>Self-Check Results:</strong><br>
&bull; Mode: <strong><?php echo h($diag_mode ?: '(unknown)'); ?></strong><br>
&bull; Active Client ID: <?php echo $diag_active_id_set ? '✅ configured' : '❌ missing'; ?><br>
&bull; Active Client Secret: <?php echo $diag_active_sec_set ? '✅ configured' : '❌ missing'; ?><br>
&bull; Active Webhook ID: <?php echo $diag_active_wh_set ? '✅ configured' : '⚠️ missing (signature verification skipped)'; ?><br>
&bull; Webhook file: <?php echo $diag_wh_exists ? '✅ exists' : '❌ not found'; ?> — <code style="word-break:break-all"><?php echo h($diag_wh_file); ?></code><br>
&bull; Logs directory: <?php $logDir = __DIR__ . '/logs'; echo (is_dir($logDir) && is_writable($logDir)) ? '✅ writable' : '⚠️ ' . (is_dir($logDir) ? 'not writable' : 'missing'); ?><br>
&bull; Data directory: <?php echo (is_dir($SITE_DATA_DIR ?? '') && is_writable($SITE_DATA_DIR ?? '')) ? '✅ writable' : '⚠️ check path'; ?><br>
&bull; Config file: <?php echo is_writable($cfgPath) ? '✅ writable' : '⚠️ read-only'; ?><br>
</div>
<?php endif; } ?>
<div class="diag-grid">
<div class="diag-row">
<div class="diag-label">Current mode</div>
<div class="diag-value">
<strong><?php echo h($diag_mode !== '' ? $diag_mode : '(not set)'); ?></strong>
<?php if ($diag_mode === 'sandbox'): ?>
<span style="background:#fff3cd;color:#856404;border:1px solid #ffc107;padding:1px 7px;border-radius:3px;font-size:0.8em;margin-left:6px;">test</span>
<?php elseif ($diag_mode === 'live'): ?>
<span style="background:#d4edda;color:#155724;border:1px solid #c3e6cb;padding:1px 7px;border-radius:3px;font-size:0.8em;margin-left:6px;">live</span>
<?php endif; ?>
</div>
</div>
<div class="diag-sep"></div>
<div class="diag-row">
<div class="diag-label">Active Client ID</div>
<div class="diag-value"><?php echo diag_badge($diag_active_id_set); ?></div>
</div>
<div class="diag-row">
<div class="diag-label">Active Client Secret</div>
<div class="diag-value"><?php echo diag_badge($diag_active_sec_set); ?></div>
</div>
<div class="diag-row">
<div class="diag-label">Active Webhook ID</div>
<div class="diag-value"><?php echo diag_badge($diag_active_wh_set, 'Yes', 'No — signature verification skipped'); ?></div>
</div>
<div class="diag-sep"></div>
<div class="diag-row">
<div class="diag-label">Sandbox Client ID</div>
<div class="diag-value"><?php echo diag_badge($diag_sb_id_set); ?></div>
</div>
<div class="diag-row">
<div class="diag-label">Sandbox Client Secret</div>
<div class="diag-value"><?php echo diag_badge($diag_sb_sec_set); ?></div>
</div>
<div class="diag-row">
<div class="diag-label">Sandbox Webhook ID</div>
<div class="diag-value"><?php echo diag_badge($diag_sb_wh_set); ?></div>
</div>
<div class="diag-sep"></div>
<div class="diag-row">
<div class="diag-label">Live Client ID</div>
<div class="diag-value"><?php echo diag_badge($diag_lv_id_set); ?></div>
</div>
<div class="diag-row">
<div class="diag-label">Live Client Secret</div>
<div class="diag-value"><?php echo diag_badge($diag_lv_sec_set); ?></div>
</div>
<div class="diag-row">
<div class="diag-label">Live Webhook ID</div>
<div class="diag-value"><?php echo diag_badge($diag_lv_wh_set); ?></div>
</div>
<div class="diag-sep"></div>
<div class="diag-row">
<div class="diag-label">Webhook path</div>
<div class="diag-value"><code><?php echo h($diag_wh_path); ?></code></div>
</div>
<div class="diag-row">
<div class="diag-label">Full public webhook URL</div>
<div class="diag-value">
<code><?php echo h($diag_wh_full_url !== '' ? $diag_wh_full_url : '(Site Base URL not configured)'); ?></code>
</div>
</div>
<div class="diag-row">
<div class="diag-label">Webhook file on disk</div>
<div class="diag-value">
<?php echo diag_badge($diag_wh_exists, 'Found', 'Not found'); ?>
<div class="diag-sub"><code><?php echo h($diag_wh_file); ?></code></div>
</div>
</div>
</div>
<?php if (!empty($diag_recent_events)): ?>
<h4 style="margin-top:22px;color:#555;">Recent Webhook Events</h4>
<div style="overflow-x:auto;">
<table class="recent-errors-table">
<thead><tr>
<th>PayPal Event ID</th>
<th>Type</th>
<th>Status</th>
<th>Received</th>
</tr></thead>
<tbody>
<?php foreach ($diag_recent_events as $ev): ?>
<tr>
<td><code><?php echo h($ev['paypal_event_id'] ?: '—'); ?></code></td>
<td><?php echo h($ev['event_type']); ?></td>
<td><?php echo diag_badge($ev['processing_status'] === 'processed', $ev['processing_status'], $ev['processing_status']); ?></td>
<td><?php echo h($ev['created_at']); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php else: ?>
<p style="color:#888;font-size:0.9em;margin-top:12px;">No webhook events recorded yet. Events will appear here after PayPal delivers the first webhook to <code><?php echo h($diag_wh_full_url ?: $diag_wh_path); ?></code>.</p>
<?php endif; ?>
<h4 style="margin-top:22px;color:#555;">Recent PayPal Errors</h4>
<?php if ($diag_errors_warning): ?>
<div class="warn-box"><?php echo h($diag_errors_warning); ?></div>
<?php elseif (empty($diag_recent_errors)): ?>
<p style="color:#888;font-size:0.9em;">No PayPal errors logged yet.</p>
<?php else: ?>
<div style="overflow-x:auto;">
<table class="recent-errors-table">
<thead><tr>
<th>Time</th><th>Context</th><th>Error Code</th><th>Message</th>
<th>Debug ID</th><th>Order ID</th><th>User</th>
</tr></thead>
<tbody>
<?php foreach ($diag_recent_errors as $er): ?>
<tr>
<td style="white-space:nowrap"><?php echo h($er['created_at']); ?></td>
<td><?php echo h($er['context']); ?></td>
<td><code><?php echo h($er['error_code']); ?></code></td>
<td><?php echo h($er['message']); ?></td>
<td><code><?php echo h($er['paypal_debug_id'] ?? '—'); ?></code></td>
<td><code><?php echo h($er['order_id'] ?? '—'); ?></code></td>
<td><?php echo h($er['user_id'] ?? '—'); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php endif; ?>
</div>
<!-- ===================================================================
SECTION C: Raw PHP editor
==================================================================== -->
<div class="cfg-section">
<h2>Advanced: Raw Config Editor</h2>
<div class="warn-box">
⚠️ <strong>Warning:</strong> Manually editing the raw PHP file can break the billing
website if you introduce a syntax error or remove required variables.
A backup is created automatically before saving, and a syntax check runs after.
The file is rolled back if a parse error is detected.
</div>
<form method="post" action="">
<input type="hidden" name="csrf" value="<?php echo h($csrf); ?>">
<input type="hidden" name="action" value="save_raw">
<div class="save-row"><button type="submit">💾 Save Raw Config</button></div>
<textarea name="config_text" rows="28"
style="width:100%;font-family:monospace;font-size:0.9em;border:1px solid #ccc;border-radius:4px;padding:10px;box-sizing:border-box;"
><?php echo h((string)$currentText); ?></textarea>
<div class="save-row"><button type="submit">💾 Save Raw Config</button></div>
</form>
<p style="margin-top:16px;">
<strong>Backup directory:</strong> <code><?php echo h($bakDir); ?></code>
<?php if ($bakFiles): ?>
<br><span class="bak-list">
<?php echo count($bakFiles); ?> backup(s) stored.
Most recent: <code><?php echo h(basename($bakFiles[0])); ?></code>
</span>
<?php else: ?>
<br><span class="bak-list">No backups yet.</span>
<?php endif; ?>
</p>
</div>
</div>
<?php include(__DIR__ . '/includes/footer.php'); ?>
</body>
</html>

View file

@ -1,537 +0,0 @@
<?php
// Admin coupon management page - standalone billing module
require_once(__DIR__ . '/includes/admin_auth.php');
require_once(__DIR__ . '/includes/config_loader.php');
// Variables from config.inc.php (helps IDEs understand scope)
/** @var string $db_host Database host */
/** @var string $db_user Database user */
/** @var string $db_pass Database password */
/** @var string $db_name Database name */
/** @var string $table_prefix Table prefix for database tables */
// Start session if not already started by admin_auth
if (session_status() === PHP_SESSION_NONE) session_start();
if (empty($_SESSION['admin_csrf'])) {
// generate a CSRF token with a safe fallback for older PHP builds
try {
$token = function_exists('random_bytes') ? bin2hex(random_bytes(16)) : null;
} catch (Exception $e) {
$token = null;
}
if (empty($token)) {
if (function_exists('openssl_random_pseudo_bytes')) {
$token = bin2hex(openssl_random_pseudo_bytes(16));
} else {
$token = bin2hex(bin2hex(substr(sha1(uniqid((string)microtime(true), true)), 0, 16)));
}
}
$_SESSION['admin_csrf'] = $token;
}
$csrf = $_SESSION['admin_csrf'];
function h($s){ return htmlspecialchars((string)$s, ENT_QUOTES, 'UTF-8'); }
// Connect to database (graceful failure)
$db = false;
try {
// suppress direct output; we'll log errors and show a friendly message
$db = @mysqli_connect($db_host, $db_user, $db_pass, $db_name, isset($db_port) ? (int)$db_port : null);
} catch (Throwable $e) {
error_log('[admin_coupons] mysqli_connect exception: ' . $e->getMessage());
$db = false;
}
if (!$db) {
$error = 'Database connection failed. Please check your configuration.';
error_log('[admin_coupons] DB connect failed for host=' . ($db_host ?? 'unknown') . ' user=' . ($db_user ?? 'unknown') . ' db=' . ($db_name ?? 'unknown') . ' - ' . mysqli_connect_error());
}
$status = '';
$error = '';
// Handle form submissions
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$token = $_POST['csrf'] ?? '';
if (!hash_equals($csrf, (string)$token)) {
$error = 'Invalid CSRF token.';
} else {
// Add new coupon
if (isset($_POST['add_coupon'])) {
$code = mysqli_real_escape_string($db, trim($_POST['code']));
$name = mysqli_real_escape_string($db, trim($_POST['name']));
$description = mysqli_real_escape_string($db, trim($_POST['description']));
$discount_percent = floatval($_POST['discount_percent']);
$usage_type = mysqli_real_escape_string($db, $_POST['usage_type']);
$game_filter_type = mysqli_real_escape_string($db, $_POST['game_filter_type']);
$game_filter_list = isset($_POST['game_filter_list']) && $_POST['game_filter_type'] === 'specific_games'
? mysqli_real_escape_string($db, json_encode($_POST['game_filter_list']))
: 'NULL';
$max_uses = !empty($_POST['max_uses']) ? intval($_POST['max_uses']) : 'NULL';
$expires = !empty($_POST['expires']) ? "'" . mysqli_real_escape_string($db, $_POST['expires']) . "'" : 'NULL';
// Validate code is unique
$check = mysqli_query($db, "SELECT coupon_id FROM {$table_prefix}billing_coupons WHERE code = '$code'");
if (mysqli_num_rows($check) > 0) {
$error = "Coupon code '$code' already exists.";
} else {
$sql = "INSERT INTO {$table_prefix}billing_coupons
(code, name, description, discount_percent, usage_type, game_filter_type, game_filter_list, max_uses, expires, is_active)
VALUES ('$code', '$name', '$description', $discount_percent, '$usage_type', '$game_filter_type', " .
($game_filter_list === 'NULL' ? 'NULL' : "'$game_filter_list'") . ", $max_uses, $expires, 1)";
if (mysqli_query($db, $sql)) {
$status = "Coupon '$code' added successfully.";
} else {
$error = "Error adding coupon: " . mysqli_error($db);
}
}
}
// Update existing coupon
elseif (isset($_POST['update_coupon'])) {
$coupon_id = intval($_POST['coupon_id']);
$code = mysqli_real_escape_string($db, trim($_POST['code']));
$name = mysqli_real_escape_string($db, trim($_POST['name']));
$description = mysqli_real_escape_string($db, trim($_POST['description']));
$discount_percent = floatval($_POST['discount_percent']);
$usage_type = mysqli_real_escape_string($db, $_POST['usage_type']);
$game_filter_type = mysqli_real_escape_string($db, $_POST['game_filter_type']);
$game_filter_list = isset($_POST['game_filter_list']) && $_POST['game_filter_type'] === 'specific_games'
? mysqli_real_escape_string($db, json_encode($_POST['game_filter_list']))
: 'NULL';
$max_uses = !empty($_POST['max_uses']) ? intval($_POST['max_uses']) : 'NULL';
$expires = !empty($_POST['expires']) ? "'" . mysqli_real_escape_string($db, $_POST['expires']) . "'" : 'NULL';
$is_active = isset($_POST['is_active']) ? 1 : 0;
$sql = "UPDATE {$table_prefix}billing_coupons SET
code = '$code',
name = '$name',
description = '$description',
discount_percent = $discount_percent,
usage_type = '$usage_type',
game_filter_type = '$game_filter_type',
game_filter_list = " . ($game_filter_list === 'NULL' ? 'NULL' : "'$game_filter_list'") . ",
max_uses = $max_uses,
expires = $expires,
is_active = $is_active
WHERE coupon_id = $coupon_id";
if (mysqli_query($db, $sql)) {
$status = "Coupon updated successfully.";
} else {
$error = "Error updating coupon: " . mysqli_error($db);
}
}
// Delete coupon
elseif (isset($_POST['delete_coupon'])) {
$coupon_id = intval($_POST['coupon_id']);
if (mysqli_query($db, "DELETE FROM {$table_prefix}billing_coupons WHERE coupon_id = $coupon_id")) {
$status = "Coupon deleted successfully.";
} else {
$error = "Error deleting coupon: " . mysqli_error($db);
}
}
}
}
// Get all available games from server configs
$game_options = [];
$games_dir = __DIR__ . '/../../config_games/server_configs/';
if (is_dir($games_dir)) {
$files = scandir($games_dir);
foreach ((array)$files as $file) {
if (pathinfo($file, PATHINFO_EXTENSION) === 'xml' && strpos($file, '.bak') === false) {
$game_key = str_replace('.xml', '', $file);
$game_options[] = $game_key;
}
}
sort($game_options);
}
// Get all coupons
$coupons_result = mysqli_query($db, "SELECT * FROM {$table_prefix}billing_coupons ORDER BY created_date DESC");
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Admin Coupon Management</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="css/header.css">
<style>
/* Coupon admin — dark-theme overrides */
.coupon-form {
background: rgba(0,0,0,0.35);
border: 1px solid rgba(255,255,255,0.1);
padding: 20px;
margin: 20px 0;
border-radius: 8px;
}
.form-group { margin-bottom: 15px; }
.form-group label {
display: block;
margin-bottom: 6px;
font-weight: 600;
color: #e8e8e8;
}
.form-group input,
.form-group select,
.form-group textarea {
width: 100%;
padding: 9px 10px;
box-sizing: border-box;
background: #11141f;
color: #f0f0f0;
border: 1px solid rgba(255,255,255,0.18);
border-radius: 5px;
font-size: 0.97rem;
}
.form-group input::placeholder,
.form-group textarea::placeholder {
color: rgba(255,255,255,0.4);
}
.form-group input:focus,
.form-group select:focus,
.form-group textarea:focus {
outline: none;
border-color: #667eea;
box-shadow: 0 0 0 2px rgba(102,126,234,0.25);
}
.form-group textarea { min-height: 60px; }
.game-checkboxes {
max-height: 200px;
overflow-y: auto;
border: 1px solid rgba(255,255,255,0.15);
padding: 10px;
background: rgba(0,0,0,0.4);
border-radius: 5px;
}
.game-checkboxes label {
display: block;
margin: 5px 0;
font-weight: normal;
color: #d0d0d0;
cursor: pointer;
}
.game-checkboxes input[type="checkbox"] {
width: auto;
margin-right: 6px;
background: #11141f;
border: 1px solid rgba(255,255,255,0.25);
}
.coupon-table {
width: 100%;
border-collapse: collapse;
margin: 20px 0;
}
.coupon-table th,
.coupon-table td {
border: 1px solid rgba(255,255,255,0.1);
padding: 10px 12px;
text-align: left;
color: #e8e8e8;
}
.coupon-table th { background: rgba(76,175,80,0.25); color: #fff; }
.coupon-table tr:nth-child(even) td { background: rgba(255,255,255,0.03); }
.coupon-table tr:hover td { background: rgba(255,255,255,0.06); }
.btn { padding: 8px 16px; margin: 2px; cursor: pointer; border: none; border-radius: 4px; font-weight: 600; }
.btn-primary { background: linear-gradient(135deg,#667eea,#764ba2); color: #fff; }
.btn-warning { background: #ff9800; color: #fff; }
.btn-danger { background: #f44336; color: #fff; }
.status { padding: 10px 14px; margin: 10px 0; border-radius: 5px; }
.status.success { background: rgba(40,167,69,0.2); color: #8dffb0; border: 1px solid rgba(40,167,69,0.35); }
.status.error { background: rgba(220,53,69,0.2); color: #ffb3b8; border: 1px solid rgba(220,53,69,0.35); }
.badge { padding: 3px 8px; border-radius: 3px; font-size: 0.85em; font-weight: 600; }
.badge-active { background: #28a745; color: #fff; }
.badge-inactive { background: #6c757d; color: #fff; }
.badge-onetime { background: #17a2b8; color: #fff; }
.badge-permanent { background: #ffc107; color: #000; }
/* Inline select/option elements inside table rows */
.coupon-table select { background: #11141f; color: #f0f0f0; border: 1px solid rgba(255,255,255,0.18); border-radius: 4px; padding: 4px 6px; }
/* Mobile: stack table cells */
@media (max-width: 768px) {
.coupon-table, .coupon-table thead, .coupon-table tbody,
.coupon-table th, .coupon-table td, .coupon-table tr { display: block; }
.coupon-table thead tr { display: none; }
.coupon-table td {
position: relative;
padding-left: 45%;
border: none;
border-bottom: 1px solid rgba(255,255,255,0.07);
}
.coupon-table td::before {
position: absolute;
left: 10px;
width: 40%;
white-space: nowrap;
font-weight: 600;
color: rgba(255,255,255,0.55);
font-size: 0.82rem;
content: attr(data-label);
}
.coupon-table tr { border: 1px solid rgba(255,255,255,0.1); border-radius: 6px; margin-bottom: 12px; }
}
</style>
<script>
function toggleGameFilter(selectEl) {
const gameList = document.getElementById('game_filter_list_container');
if (selectEl.value === 'specific_games') {
gameList.style.display = 'block';
} else {
gameList.style.display = 'none';
}
}
function editCoupon(couponId) {
document.getElementById('edit-form-' + couponId).style.display = 'block';
document.getElementById('view-row-' + couponId).style.display = 'none';
}
function cancelEdit(couponId) {
document.getElementById('edit-form-' + couponId).style.display = 'none';
document.getElementById('view-row-' + couponId).style.display = 'table-row';
}
</script>
</head>
<body>
<?php
include(__DIR__ . '/includes/top.php');
include(__DIR__ . '/includes/menu.php');
?>
<div class="container-wide panel">
<h1>Coupon Management</h1>
<?php if ($status): ?>
<div class="status success"><?php echo h($status); ?></div>
<?php endif; ?>
<?php if ($error): ?>
<div class="status error"><?php echo h($error); ?></div>
<?php endif; ?>
<!-- Add New Coupon Form -->
<h2>Add New Coupon</h2>
<form method="POST" class="coupon-form">
<input type="hidden" name="csrf" value="<?php echo h($csrf); ?>">
<div class="form-group">
<label for="code">Coupon Code *</label>
<input type="text" id="code" name="code" required maxlength="50" placeholder="e.g., SUMMER2025">
</div>
<div class="form-group">
<label for="name">Display Name *</label>
<input type="text" id="name" name="name" required maxlength="255" placeholder="e.g., Summer Sale 2025">
</div>
<div class="form-group">
<label for="description">Description</label>
<textarea id="description" name="description" placeholder="Optional description for internal use"></textarea>
</div>
<div class="form-group">
<label for="discount_percent">Discount Percentage * (0-100)</label>
<input type="number" id="discount_percent" name="discount_percent" required min="0" max="100" step="0.01" value="10">
</div>
<div class="form-group">
<label for="usage_type">Usage Type *</label>
<select id="usage_type" name="usage_type" required>
<option value="one_time">One Time (applies to first invoice only)</option>
<option value="permanent">Permanent (applies to all renewals)</option>
</select>
</div>
<div class="form-group">
<label for="game_filter_type">Apply To *</label>
<select id="game_filter_type" name="game_filter_type" required onchange="toggleGameFilter(this)">
<option value="all_games">All Games</option>
<option value="specific_games">Specific Games</option>
</select>
</div>
<div id="game_filter_list_container" class="form-group" style="display:none;">
<label>Select Games</label>
<div class="game-checkboxes">
<?php foreach ((array)$game_options as $game): ?>
<label>
<input type="checkbox" name="game_filter_list[]" value="<?php echo h($game); ?>">
<?php echo h($game); ?>
</label>
<?php endforeach; ?>
</div>
</div>
<div class="form-group">
<label for="max_uses">Maximum Uses (leave empty for unlimited)</label>
<input type="number" id="max_uses" name="max_uses" min="1" placeholder="Unlimited">
</div>
<div class="form-group">
<label for="expires">Expiration Date (leave empty for no expiration)</label>
<input type="datetime-local" id="expires" name="expires">
</div>
<button type="submit" name="add_coupon" class="btn btn-primary">Add Coupon</button>
</form>
<!-- Existing Coupons Table -->
<h2>Existing Coupons</h2>
<?php if ($coupons_result && mysqli_num_rows($coupons_result) > 0): ?>
<table class="coupon-table">
<thead>
<tr>
<th>Code</th>
<th>Name</th>
<th>Discount</th>
<th>Type</th>
<th>Game Filter</th>
<th>Uses</th>
<th>Expires</th>
<th>Status</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php while ($coupon = mysqli_fetch_assoc($coupons_result)):
$games_filtered = $coupon['game_filter_type'] === 'specific_games'
? json_decode($coupon['game_filter_list'], true)
: [];
?>
<!-- View Row -->
<tr id="view-row-<?php echo $coupon['coupon_id']; ?>">
<td data-label="Code"><strong><?php echo h($coupon['code']); ?></strong></td>
<td data-label="Name"><?php echo h($coupon['name']); ?></td>
<td data-label="Discount"><?php echo h($coupon['discount_percent']); ?>%</td>
<td data-label="Type">
<span class="badge badge-<?php echo $coupon['usage_type'] === 'permanent' ? 'permanent' : 'onetime'; ?>">
<?php echo h(ucfirst(str_replace('_', ' ', $coupon['usage_type']))); ?>
</span>
</td>
<td data-label="Games">
<?php if ($coupon['game_filter_type'] === 'all_games'): ?>
All Games
<?php else: ?>
<?php echo count((array)$games_filtered); ?> specific games
<?php endif; ?>
</td>
<td data-label="Uses">
<?php if ($coupon['max_uses']): ?>
<?php echo h($coupon['current_uses']); ?> / <?php echo h($coupon['max_uses']); ?>
<?php else: ?>
<?php echo h($coupon['current_uses']); ?> (unlimited)
<?php endif; ?>
</td>
<td data-label="Expires"><?php echo $coupon['expires'] ? h($coupon['expires']) : 'Never'; ?></td>
<td data-label="Status">
<span class="badge badge-<?php echo $coupon['is_active'] ? 'active' : 'inactive'; ?>">
<?php echo $coupon['is_active'] ? 'Active' : 'Inactive'; ?>
</span>
</td>
<td data-label="Actions">
<button onclick="editCoupon(<?php echo $coupon['coupon_id']; ?>)" class="btn btn-warning">Edit</button>
<form method="POST" style="display:inline;" onsubmit="return confirm('Delete this coupon?');">
<input type="hidden" name="csrf" value="<?php echo h($csrf); ?>">
<input type="hidden" name="coupon_id" value="<?php echo $coupon['coupon_id']; ?>">
<button type="submit" name="delete_coupon" class="btn btn-danger">Delete</button>
</form>
</td>
</tr>
<!-- Edit Form Row (hidden by default) -->
<tr id="edit-form-<?php echo $coupon['coupon_id']; ?>" style="display:none;">
<td colspan="9">
<form method="POST" class="coupon-form">
<input type="hidden" name="csrf" value="<?php echo h($csrf); ?>">
<input type="hidden" name="coupon_id" value="<?php echo $coupon['coupon_id']; ?>">
<div class="form-group">
<label>Coupon Code</label>
<input type="text" name="code" required value="<?php echo h($coupon['code']); ?>">
</div>
<div class="form-group">
<label>Display Name</label>
<input type="text" name="name" required value="<?php echo h($coupon['name']); ?>">
</div>
<div class="form-group">
<label>Description</label>
<textarea name="description"><?php echo h($coupon['description']); ?></textarea>
</div>
<div class="form-group">
<label>Discount Percentage</label>
<input type="number" name="discount_percent" required min="0" max="100" step="0.01" value="<?php echo h($coupon['discount_percent']); ?>">
</div>
<div class="form-group">
<label>Usage Type</label>
<select name="usage_type" required>
<option value="one_time" <?php echo $coupon['usage_type'] === 'one_time' ? 'selected' : ''; ?>>One Time</option>
<option value="permanent" <?php echo $coupon['usage_type'] === 'permanent' ? 'selected' : ''; ?>>Permanent</option>
</select>
</div>
<div class="form-group">
<label>Apply To</label>
<select name="game_filter_type" required onchange="toggleGameFilter(this)">
<option value="all_games" <?php echo $coupon['game_filter_type'] === 'all_games' ? 'selected' : ''; ?>>All Games</option>
<option value="specific_games" <?php echo $coupon['game_filter_type'] === 'specific_games' ? 'selected' : ''; ?>>Specific Games</option>
</select>
</div>
<div class="form-group" style="display:<?php echo $coupon['game_filter_type'] === 'specific_games' ? 'block' : 'none'; ?>;">
<label>Select Games</label>
<div class="game-checkboxes">
<?php foreach ((array)$game_options as $game): ?>
<label>
<input type="checkbox" name="game_filter_list[]" value="<?php echo h($game); ?>"
<?php echo in_array($game, $games_filtered) ? 'checked' : ''; ?>>
<?php echo h($game); ?>
</label>
<?php endforeach; ?>
</div>
</div>
<div class="form-group">
<label>Maximum Uses</label>
<input type="number" name="max_uses" min="1" value="<?php echo h($coupon['max_uses']); ?>" placeholder="Unlimited">
</div>
<div class="form-group">
<label>Expiration Date</label>
<input type="datetime-local" name="expires" value="<?php echo $coupon['expires'] ? date('Y-m-d\TH:i', strtotime($coupon['expires'])) : ''; ?>">
</div>
<div class="form-group">
<label>
<input type="checkbox" name="is_active" <?php echo $coupon['is_active'] ? 'checked' : ''; ?>>
Active
</label>
</div>
<button type="submit" name="update_coupon" class="btn btn-primary">Save Changes</button>
<button type="button" onclick="cancelEdit(<?php echo $coupon['coupon_id']; ?>)" class="btn">Cancel</button>
</form>
</td>
</tr>
<?php endwhile; ?>
</tbody>
</table>
<?php else: ?>
<p>No coupons found. Add your first coupon above.</p>
<?php endif; ?>
</div>
<?php include(__DIR__ . '/includes/footer.php'); ?>
</body>
</html>
<?php
if ($db) mysqli_close($db);
?>

View file

@ -1,173 +0,0 @@
<?php
// Admin invoices management
if (session_status() === PHP_SESSION_NONE) {
session_name('opengamepanel_web');
session_start();
}
require_once __DIR__ . '/bootstrap.php';
require_once __DIR__ . '/includes/admin_auth.php';
require_once __DIR__ . '/classes/BillingRepository.php';
require_once __DIR__ . '/classes/BillingService.php';
require_once __DIR__ . '/classes/GatewayFactory.php';
function h($s) { return htmlspecialchars((string)$s, ENT_QUOTES, 'UTF-8'); }
$db = mysqli_connect($db_host, $db_user, $db_pass, $db_name, isset($db_port) ? (int)$db_port : null);
if (!$db) die('DB connection failed');
mysqli_set_charset($db, 'utf8mb4');
$prefix = $table_prefix ?? 'gsp_';
$repo = new BillingRepository($db, $prefix);
$svc = new BillingService($repo);
$message = '';
$msgType = 'success';
// Handle POST: mark as paid (manual), cancel, or refund
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'], $_POST['invoice_id'])) {
$invId = intval($_POST['invoice_id']);
$action = $_POST['action'];
$now = date('Y-m-d H:i:s');
// Fetch invoice to verify it exists
$invRow = null;
$stmt = $db->prepare("SELECT * FROM `{$prefix}billing_invoices` WHERE invoice_id = ? LIMIT 1");
if ($stmt) {
$stmt->bind_param('i', $invId);
$stmt->execute();
$invRow = $stmt->get_result()->fetch_assoc();
$stmt->close();
}
if (!$invRow) {
$message = "Invoice #{$invId} not found.";
$msgType = 'error';
} elseif ($action === 'mark_paid') {
$gateway = GatewayFactory::make('manual');
$captureResult = $gateway->handleCallback([
// total_due is the new schema field; amount is the legacy column during migration
'amount' => $invRow['total_due'] ?? $invRow['amount'] ?? 0,
'currency' => $invRow['currency'] ?? 'USD',
]);
$captureResult['payment_method'] = 'manual';
$homeId = intval($invRow['home_id'] ?? 0);
$result = $svc->processPaymentSuccess($captureResult, $invId, intval($invRow['user_id']), $homeId, $invRow);
$message = $result['success'] ? "Invoice #{$invId} marked as paid (manual)." : "Failed to mark invoice #{$invId} as paid.";
if (!$result['success']) $msgType = 'error';
} elseif ($action === 'cancel') {
$stmt = $db->prepare("UPDATE `{$prefix}billing_invoices` SET payment_status='cancelled' WHERE invoice_id=? LIMIT 1");
if ($stmt) { $stmt->bind_param('i', $invId); $stmt->execute(); $stmt->close(); }
$message = "Invoice #{$invId} cancelled.";
} elseif ($action === 'refund') {
$stmt = $db->prepare("UPDATE `{$prefix}billing_invoices` SET payment_status='refunded' WHERE invoice_id=? LIMIT 1");
if ($stmt) { $stmt->bind_param('i', $invId); $stmt->execute(); $stmt->close(); }
$message = "Invoice #{$invId} marked as refunded.";
}
if (!headers_sent()) {
header('Location: admin_invoices.php?msg=' . urlencode($message) . '&type=' . $msgType);
mysqli_close($db);
$db = null;
exit;
}
}
// Fetch invoices
$invoices = [];
$res = $db->query(
"SELECT i.*, u.users_login, u.users_email
FROM `{$prefix}billing_invoices` i
LEFT JOIN `{$prefix}users` u ON u.user_id = i.user_id
ORDER BY i.invoice_id DESC
LIMIT 500"
);
if ($res) $invoices = $res->fetch_all(MYSQLI_ASSOC);
mysqli_close($db);
$db = null;
if (isset($_GET['msg'])) $message = $_GET['msg'];
if (isset($_GET['type'])) $msgType = $_GET['type'];
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Admin Invoices</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="css/header.css">
<style>
.status-badge { display:inline-block; padding:2px 8px; border-radius:3px; font-size:12px; font-weight:600; }
.status-paid { background:#d4edda; color:#155724; }
.status-unpaid { background:#fff3cd; color:#856404; }
.status-cancelled { background:#e2e3e5; color:#383d41; }
.status-refunded { background:#f8d7da; color:#721c24; }
.action-btn { padding:3px 8px; font-size:12px; border:none; border-radius:3px; cursor:pointer; }
.btn-pay { background:#28a745; color:#fff; }
.btn-cancel { background:#6c757d; color:#fff; }
.btn-refund { background:#dc3545; color:#fff; }
</style>
</head>
<body>
<?php include __DIR__ . '/includes/top.php'; include __DIR__ . '/includes/menu.php'; ?>
<div class="container-wide panel">
<h1>Admin All Invoices</h1>
<?php if ($message): ?>
<div style="background:<?= $msgType==='error' ? '#f8d7da' : '#d4edda' ?>;padding:10px;margin-bottom:15px;border-radius:3px;color:<?= $msgType==='error' ? '#721c24' : '#155724' ?>;">
<?= h($message) ?>
</div>
<?php endif; ?>
<table class="cart-table">
<thead>
<tr>
<th>#</th><th>User</th><th>Server</th><th>Service</th>
<th>Rate</th><th>Players</th><th>Period</th>
<th>Total</th><th>Status</th><th>Method</th><th>Txn ID</th><th>Actions</th>
</tr>
</thead>
<tbody>
<?php if (empty($invoices)): ?>
<tr><td colspan="12" style="text-align:center">No invoices found.</td></tr>
<?php else: foreach ($invoices as $inv): ?>
<tr>
<td><?= h($inv['invoice_id']) ?></td>
<td><?= h($inv['users_login'] ?? $inv['user_id']) ?></td>
<td><?= h($inv['home_id'] ?: '—') ?></td>
<td><?= h($inv['service_id']) ?></td>
<td><?= h($inv['rate_type'] ?? '—') ?></td>
<td><?= h($inv['players'] ?? '—') ?></td>
<td style="font-size:11px"><?= h(substr($inv['period_start'] ?? '', 0, 10)) ?> <?= h(substr($inv['period_end'] ?? '', 0, 10)) ?></td>
<td><?= h(number_format((float)($inv['total_due'] ?? $inv['amount'] ?? 0), 2)) ?></td>
<td><span class="status-badge status-<?= h(in_array($inv['payment_status'] ?? '', ['unpaid','paid','cancelled','refunded']) ? $inv['payment_status'] : 'unpaid') ?>"><?= h($inv['payment_status'] ?? 'unpaid') ?></span></td>
<td><?= h($inv['payment_method'] ?? '—') ?></td>
<td style="font-size:11px;max-width:120px;overflow:hidden"><?= h($inv['payment_txid'] ?? '—') ?></td>
<td>
<?php if (($inv['payment_status'] ?? '') !== 'paid'): ?>
<form method="post" style="display:inline">
<input type="hidden" name="invoice_id" value="<?= intval($inv['invoice_id']) ?>">
<input type="hidden" name="action" value="mark_paid">
<button type="submit" class="action-btn btn-pay">Mark Paid</button>
</form>
<?php endif; ?>
<?php if (!in_array($inv['payment_status'] ?? '', ['cancelled','refunded'])): ?>
<form method="post" style="display:inline" onsubmit="return confirm('Cancel this invoice?')">
<input type="hidden" name="invoice_id" value="<?= intval($inv['invoice_id']) ?>">
<input type="hidden" name="action" value="cancel">
<button type="submit" class="action-btn btn-cancel">Cancel</button>
</form>
<?php endif; ?>
<?php if (($inv['payment_status'] ?? '') === 'paid'): ?>
<form method="post" style="display:inline" onsubmit="return confirm('Mark as refunded?')">
<input type="hidden" name="invoice_id" value="<?= intval($inv['invoice_id']) ?>">
<input type="hidden" name="action" value="refund">
<button type="submit" class="action-btn btn-refund">Refund</button>
</form>
<?php endif; ?>
</td>
</tr>
<?php endforeach; endif; ?>
</tbody>
</table>
</div>
<?php include __DIR__ . '/includes/footer.php'; ?>
</body>
</html>

View file

@ -1,241 +0,0 @@
<?php
/*
* Admin page to manage all billing orders
* Allows admins to view, provision, suspend, and delete orders
*/
function exec_ogp_module()
{
global $db, $view;
$user_id = $_SESSION['user_id'];
$isAdmin = $db->isAdmin($user_id);
if (!$isAdmin) {
echo "<div class='failure'><p>Access Denied: Admin privileges required.</p></div>";
return;
}
// Handle bulk actions
if (isset($_POST['bulk_action']) && isset($_POST['selected_orders'])) {
$action = $_POST['bulk_action'];
$selected = $_POST['selected_orders'];
foreach ((array)$selected as $order_id) {
$order_id = $db->realEscapeSingle($order_id);
switch ($action) {
case 'provision':
// Redirect to provision page for each order
header("Location: home.php?m=billing&p=provision_servers&order_id=".$order_id);
exit;
break;
case 'expire':
$db->query("UPDATE OGP_DB_PREFIXbilling_orders SET status='Expired' WHERE order_id=".$order_id);
break;
case 'activate':
$db->query("UPDATE OGP_DB_PREFIXbilling_orders SET status='Active' WHERE order_id=".$order_id);
break;
case 'invoice':
$db->query("UPDATE OGP_DB_PREFIXbilling_orders SET status='Invoiced' WHERE order_id=".$order_id);
break;
}
}
echo "<div class='success'><p>Bulk action completed for ".count((array)$selected)." order(s).</p></div>";
}
// Get filter parameters
$status_filter = isset($_GET['status']) ? $_GET['status'] : 'all';
$search = isset($_GET['search']) ? $_GET['search'] : '';
echo "<h2>Manage All Orders (Admin)</h2>";
// Filter form
echo "<form method='get' action='home.php' style='margin-bottom: 20px;'>";
echo "<input type='hidden' name='m' value='billing'>";
echo "<input type='hidden' name='p' value='admin_orders'>";
echo "Status: <select name='status' onchange='this.form.submit()'>";
echo "<option value='all' ".($status_filter == 'all' ? 'selected' : '').">All Orders</option>";
echo "<option value='Active' ".($status_filter == 'Active' ? 'selected' : '').">Active</option>";
echo "<option value='Invoiced' ".($status_filter == 'Invoiced' ? 'selected' : '').">Invoiced</option>";
echo "<option value='Expired' ".($status_filter == 'Expired' ? 'selected' : '').">Expired</option>";
echo "</select> ";
echo "Search: <input type='text' name='search' value='".$search."' placeholder='Order ID, username, server name...'> ";
echo "<button type='submit' class='btn'>Filter</button>";
echo "</form>";
// Build query
$query = "SELECT o.*, s.service_name, u.users_login, u.users_email
FROM OGP_DB_PREFIXbilling_orders o
LEFT JOIN OGP_DB_PREFIXbilling_services s ON o.service_id = s.service_id
LEFT JOIN OGP_DB_PREFIXusers u ON o.user_id = u.user_id
WHERE 1=1";
if ($status_filter != 'all') {
$query .= " AND o.status = '".$db->realEscapeSingle($status_filter)."'";
}
if (!empty($search)) {
$search_escaped = $db->realEscapeSingle($search);
$query .= " AND (o.order_id LIKE '%".$search_escaped."%'
OR o.home_name LIKE '%".$search_escaped."%'
OR u.users_login LIKE '%".$search_escaped."%'
OR u.users_email LIKE '%".$search_escaped."%')";
}
$query .= " ORDER BY o.order_date DESC";
$orders = $db->resultQuery($query);
if (empty($orders)) {
echo "<div class='info'><p>No orders found matching your filters.</p></div>";
return;
}
echo "<form method='post' action='home.php?m=billing&p=admin_orders'>";
echo "<div style='margin-bottom: 10px;'>";
echo "With selected: ";
echo "<select name='bulk_action'>";
echo "<option value=''>-- Choose Action --</option>";
echo "<option value='provision'>Provision Servers</option>";
echo "<option value='activate'>Set Active</option>";
echo "<option value='invoice'>Set Invoiced</option>";
echo "<option value='expire'>Set Expired</option>";
echo "</select> ";
echo "<button type='submit' class='btn'>Apply</button>";
echo "</div>";
echo "<table class='tablesorter'>";
echo "<thead><tr>";
echo "<th><input type='checkbox' id='select_all' onclick='toggleAll(this)'></th>";
echo "<th>Order ID</th>";
echo "<th>Username</th>";
echo "<th>Server Name</th>";
echo "<th>Game Service</th>";
echo "<th>Players</th>";
echo "<th>Price</th>";
echo "<th>Duration</th>";
echo "<th>Status</th>";
echo "<th>Order Date</th>";
echo "<th>End Date</th>";
echo "<th>Home ID</th>";
echo "<th>Actions</th>";
echo "</tr></thead><tbody>";
foreach ((array)$orders as $order) {
$status_class = '';
switch ($order['status']) {
case 'Active': $status_class = 'label-success'; break;
case 'Invoiced': $status_class = 'label-warning'; break;
case 'Expired': $status_class = 'label-danger'; break;
default: $status_class = 'label-info';
}
echo "<tr>";
echo "<td><input type='checkbox' name='selected_orders[]' value='".$order['order_id']."'></td>";
echo "<td>".$order['order_id']."</td>";
echo "<td>".$order['users_login']."<br><small>".$order['users_email']."</small></td>";
echo "<td>".$order['home_name']."</td>";
echo "<td>".$order['service_name']."</td>";
echo "<td>".$order['max_players']."</td>";
echo "<td>$".number_format($order['price'], 2)."</td>";
echo "<td>".$order['qty']." ".$order['invoice_duration']."(s)</td>";
echo "<td><span class='label ".$status_class."'>".$order['status']."</span></td>";
echo "<td>".date('Y-m-d H:i', strtotime($order['order_date']))."</td>";
echo "<td>".($order['end_date'] ? date('Y-m-d', strtotime($order['end_date'])) : 'N/A')."</td>";
echo "<td>".($order['home_id'] ? $order['home_id'] : 'N/A')."</td>";
echo "<td>";
if ($order['status'] == 'Active' && !$order['home_id']) {
echo "<a href='home.php?m=billing&p=provision_servers&order_id=".$order['order_id']."' class='btn btn-sm'>Provision</a> ";
}
if ($order['status'] == 'Active' && $order['home_id']) {
echo "<a href='home.php?m=gamemanager&p=game_monitor&home_id-mod_id-ip=".$order['home_id']."' class='btn btn-sm'>View Server</a> ";
}
echo "<a href='#' onclick='viewOrder(".$order['order_id'].")' class='btn btn-sm'>Details</a>";
echo "</td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "</form>";
// JavaScript for checkbox toggle
echo "<script>
function toggleAll(checkbox) {
var checkboxes = document.getElementsByName('selected_orders[]');
for (var i = 0; i < checkboxes.length; i++) {
checkboxes[i].checked = checkbox.checked;
}
}
function viewOrder(orderId) {
alert('Order details for #' + orderId + '\\n\\nFull order details feature coming soon.');
return false;
}
</script>";
// Summary stats
$stats = $db->resultQuery("SELECT status, COUNT(*) as count, SUM(price) as total
FROM OGP_DB_PREFIXbilling_orders
GROUP BY status");
echo "<div style='margin-top: 30px;'>";
echo "<h3>Order Statistics</h3>";
echo "<table class='tablesorter' style='width: auto;'>";
echo "<thead><tr><th>Status</th><th>Count</th><th>Total Value</th></tr></thead><tbody>";
foreach ((array)$stats as $stat) {
echo "<tr>";
echo "<td>".$stat['status']."</td>";
echo "<td>".$stat['count']."</td>";
echo "<td>$".number_format($stat['total'], 2)."</td>";
echo "</tr>";
}
echo "</tbody></table>";
echo "</div>";
// Orphaned home_id diagnostics —————————————————————————————————————————
// Find billing_orders rows where home_id != 0 but no matching gsp_server_homes
// record exists. These indicate provisioning failures or stale data, and they
// are the reason the game monitor may show "No expiration date found".
$orphans = $db->resultQuery(
"SELECT o.order_id, o.user_id, o.home_name, o.home_id, o.status, o.end_date
FROM OGP_DB_PREFIXbilling_orders o
LEFT JOIN OGP_DB_PREFIXserver_homes sh ON sh.home_id = o.home_id
WHERE o.home_id != '0'
AND o.home_id != ''
AND sh.home_id IS NULL
ORDER BY o.order_id ASC"
);
echo "<div style='margin-top: 30px;'>";
echo "<h3>Orphaned home_id Diagnostics</h3>";
echo "<p style='color:#666;'>Billing orders that reference a <code>home_id</code> which no longer exists in <code>gsp_server_homes</code>. ";
echo "These orders will not show an expiration date on the game monitor. ";
echo "Reset <code>home_id</code> to <code>0</code> or re-provision these orders to fix them. ";
echo "Run <code>normalize_billing_order_status.sql</code> to standardize any legacy status values.</p>";
if (empty($orphans)) {
echo "<p style='color:green;'>&#10003; No orphaned billing orders found.</p>";
} else {
echo "<table class='tablesorter' style='width:100%;'>";
echo "<thead><tr><th>Order ID</th><th>User ID</th><th>Server Name</th><th>home_id (missing)</th><th>Status</th><th>End Date</th></tr></thead><tbody>";
foreach ($orphans as $row) {
echo "<tr>";
echo "<td>".intval($row['order_id'])."</td>";
echo "<td>".intval($row['user_id'])."</td>";
echo "<td>".htmlspecialchars($row['home_name'] ?? '')."</td>";
echo "<td style='color:red;'>".htmlspecialchars($row['home_id'] ?? '')."</td>";
echo "<td>".htmlspecialchars($row['status'] ?? '')."</td>";
echo "<td>".htmlspecialchars($row['end_date'] ?? 'NULL')."</td>";
echo "</tr>";
}
echo "</tbody></table>";
}
echo "</div>";
}
?>

View file

@ -1,97 +0,0 @@
<?php
// Admin payment transaction log viewer
if (session_status() === PHP_SESSION_NONE) {
session_name('opengamepanel_web');
session_start();
}
require_once __DIR__ . '/bootstrap.php';
require_once __DIR__ . '/includes/admin_auth.php';
require_once __DIR__ . '/classes/BillingRepository.php';
function h($s) { return htmlspecialchars((string)$s, ENT_QUOTES, 'UTF-8'); }
$db = mysqli_connect($db_host, $db_user, $db_pass, $db_name, isset($db_port) ? (int)$db_port : null);
$transactions = [];
$errorMsg = '';
if (!$db) {
$errorMsg = 'Database connection failed.';
} else {
mysqli_set_charset($db, 'utf8mb4');
$prefix = $table_prefix ?? 'gsp_';
$repo = new BillingRepository($db, $prefix);
// Build filter from GET params
$filter = [];
if (!empty($_GET['user_id'])) $filter['user_id'] = intval($_GET['user_id']);
if (!empty($_GET['home_id'])) $filter['home_id'] = intval($_GET['home_id']);
if (!empty($_GET['payment_method'])) $filter['payment_method'] = trim($_GET['payment_method']);
try {
$transactions = $repo->getTransactions($filter, 200, 0);
} catch (Throwable $e) {
$errorMsg = 'Could not load transactions: ' . htmlspecialchars($e->getMessage(), ENT_QUOTES, 'UTF-8');
}
mysqli_close($db);
$db = null;
}
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Admin Payment Transactions</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="css/header.css">
</head>
<body>
<?php include __DIR__ . '/includes/top.php'; include __DIR__ . '/includes/menu.php'; ?>
<div class="container-wide panel">
<h1>Payment Transaction Log</h1>
<?php if ($errorMsg): ?><div class="alert alert-error"><?= h($errorMsg) ?></div><?php endif; ?>
<form method="get" style="margin-bottom:15px;">
<label>User ID: <input name="user_id" value="<?= h($_GET['user_id'] ?? '') ?>" style="width:80px"></label>
<label>Server ID: <input name="home_id" value="<?= h($_GET['home_id'] ?? '') ?>" style="width:80px"></label>
<label>Method:
<select name="payment_method">
<option value="">All</option>
<option value="paypal" <?= ($_GET['payment_method'] ?? '') === 'paypal' ? 'selected' : '' ?>>PayPal</option>
<option value="stripe" <?= ($_GET['payment_method'] ?? '') === 'stripe' ? 'selected' : '' ?>>Stripe</option>
<option value="manual" <?= ($_GET['payment_method'] ?? '') === 'manual' ? 'selected' : '' ?>>Manual</option>
</select>
</label>
<button type="submit" class="gsw-btn">Filter</button>
<a href="admin_payments.php" class="gsw-btn-secondary">Clear</a>
</form>
<?php if (empty($transactions)): ?>
<p>No transactions found<?= (!empty($filter) ? ' matching filters' : '') ?>.</p>
<?php else: ?>
<table class="cart-table">
<thead>
<tr>
<th>#</th><th>Invoice</th><th>User</th><th>Server</th>
<th>Method</th><th>Txn ID</th><th>Amount</th><th>Status</th><th>Date</th>
</tr>
</thead>
<tbody>
<?php foreach ($transactions as $t): ?>
<tr>
<td><?= h($t['transaction_id']) ?></td>
<td><?= h($t['invoice_id']) ?></td>
<td><?= h($t['users_login'] ?? $t['user_id']) ?></td>
<td><?= $t['home_id'] ? h($t['home_id']) : '—' ?></td>
<td><?= h($t['payment_method']) ?></td>
<td style="font-size:11px;max-width:160px;overflow:hidden;text-overflow:ellipsis"><?= h($t['transaction_external_id']) ?></td>
<td><?= h($t['currency'] . ' ' . number_format((float)$t['amount'], 2)) ?></td>
<td><span class="status-badge status-<?= h(ucfirst($t['status'])) ?>"><?= h($t['status']) ?></span></td>
<td><?= h($t['created_at']) ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php endif; ?>
</div>
<?php include __DIR__ . '/includes/footer.php'; ?>
</body>
</html>

View file

@ -1,161 +0,0 @@
<?php
require_once(__DIR__ . '/includes/admin_auth.php');
require_once(__DIR__ . '/includes/config_loader.php');
include(__DIR__ . '/includes/top.php');
include(__DIR__ . '/includes/menu.php');
$serverConfigDir = realpath(__DIR__ . '/../config_games/server_configs');
if ($serverConfigDir === false || !is_dir($serverConfigDir)) {
die('Server config directory not found.');
}
$messages = [];
$errors = [];
$availableFiles = [];
$directoryIterator = new DirectoryIterator($serverConfigDir);
foreach ((array)$directoryIterator as $fileInfo) {
if ($fileInfo->isFile() && strtolower($fileInfo->getExtension()) === 'xml') {
$availableFiles[] = $fileInfo->getFilename();
}
}
sort($availableFiles, SORT_NATURAL | SORT_FLAG_CASE);
$selectedFile = '';
$fileContents = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$postedFile = $_POST['file'] ?? '';
$postedFile = basename(trim((string)$postedFile));
if ($postedFile === '' || !in_array($postedFile, $availableFiles, true)) {
$errors[] = 'Invalid file selected.';
} else {
$fullPath = $serverConfigDir . DIRECTORY_SEPARATOR . $postedFile;
if (!is_file($fullPath) || !is_readable($fullPath)) {
$errors[] = 'Selected file is missing or unreadable.';
} elseif (!is_writable($fullPath)) {
$errors[] = 'Selected file is not writable.';
} else {
$newContents = $_POST['xml_contents'] ?? '';
$backupDir = $serverConfigDir . DIRECTORY_SEPARATOR . '_backups';
if (!is_dir($backupDir)) {
@mkdir($backupDir, 0775, true);
}
$timestamp = date('Ymd-His');
$backupPath = $backupDir . DIRECTORY_SEPARATOR . $postedFile . '.' . $timestamp . '.bak';
$original = file_get_contents($fullPath);
if ($original === false) {
$errors[] = 'Unable to read original file for backup.';
} elseif (@file_put_contents($backupPath, $original) === false) {
$errors[] = 'Failed to create backup copy before saving.';
} elseif (@file_put_contents($fullPath, $newContents) === false) {
$errors[] = 'Failed to write new XML contents.';
} else {
$messages[] = 'Saved changes to ' . htmlspecialchars($postedFile, ENT_QUOTES, 'UTF-8') . ' (backup: ' . basename($backupPath) . ').';
$selectedFile = $postedFile;
$fileContents = $newContents;
}
}
}
}
if ($selectedFile === '') {
$queryFile = $_GET['file'] ?? '';
$queryFile = basename(trim((string)$queryFile));
if ($queryFile !== '' && in_array($queryFile, $availableFiles, true)) {
$selectedFile = $queryFile;
}
}
if ($selectedFile !== '' && $fileContents === '') {
$fullPath = $serverConfigDir . DIRECTORY_SEPARATOR . $selectedFile;
if (is_file($fullPath) && is_readable($fullPath)) {
$fileContents = file_get_contents($fullPath);
if ($fileContents === false) {
$errors[] = 'Unable to read the selected file.';
$fileContents = '';
}
} else {
$errors[] = 'Selected file is missing or unreadable.';
$selectedFile = '';
}
}
function billing_render_flash(array $items, string $cssClass): void {
if (!$items) {
return;
}
echo '<div class="panel ' . $cssClass . '" style="margin-bottom:12px">';
foreach ((array)$items as $item) {
echo '<div>' . $item . '</div>';
}
echo '</div>';
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Admin XML Config Editor</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="css/header.css">
<style>
.editor-wrapper { max-width: 1100px; margin: 30px auto; background: rgba(0,0,0,0.6); padding: 24px; border-radius: 10px; }
.editor-wrapper h1 { margin-top: 0; color: #fff; }
.editor-layout { display: flex; flex-wrap: wrap; gap: 20px; }
.file-list { flex: 1 1 240px; max-height: 520px; overflow-y: auto; background: rgba(0,0,0,0.35); border: 1px solid rgba(255,255,255,0.1); border-radius: 8px; padding: 16px; }
.file-list h2 { margin-top: 0; font-size: 1rem; color: #a5b4fc; }
.file-list a { display: block; color: #7fb3ff; text-decoration: none; padding: 6px 4px; border-radius: 6px; }
.file-list a:hover { background: rgba(102, 126, 234, 0.25); }
.file-list a.active { background: rgba(102, 126, 234, 0.45); color: #fff; }
.editor-form { flex: 3 1 500px; }
textarea { width: 100%; min-height: 480px; font-family: "SFMono-Regular", Consolas, "Liberation Mono", Menlo, monospace; font-size: 14px; line-height: 1.4; padding: 12px; color: #e5e7eb; background: rgba(15, 23, 42, 0.85); border: 1px solid rgba(148, 163, 184, 0.4); border-radius: 8px; }
textarea:focus { outline: none; border-color: #667eea; box-shadow: 0 0 0 2px rgba(102, 126, 234, 0.35); }
.editor-actions { margin-top: 16px; display: flex; gap: 12px; align-items: center; }
.editor-actions button { padding: 10px 18px; border: none; border-radius: 6px; background: #667eea; color: #fff; font-weight: 600; cursor: pointer; }
.editor-actions button:hover { background: #5563d6; }
.hint { color: #cbd5f5; font-size: 0.85rem; }
.panel.error div { color: #f87171; }
.panel.success div { color: #34d399; }
</style>
</head>
<body>
<div class="editor-wrapper">
<h1>XML Config Editor</h1>
<p class="hint">Editing files in <code><?php echo htmlspecialchars($serverConfigDir, ENT_QUOTES, 'UTF-8'); ?></code>. Each save creates a backup under <code>_backups/</code>.</p>
<?php billing_render_flash($messages, 'success'); ?>
<?php billing_render_flash($errors, 'error'); ?>
<div class="editor-layout">
<div class="file-list">
<h2>Server Config XML Files</h2>
<?php if (!$availableFiles): ?>
<p style="color:#e5e7eb;">No XML files found.</p>
<?php else: ?>
<?php foreach ((array)$availableFiles as $fileName): ?>
<?php $isActive = ($fileName === $selectedFile); ?>
<a href="admin_xml_editor.php?file=<?php echo urlencode($fileName); ?>" class="<?php echo $isActive ? 'active' : ''; ?>"><?php echo htmlspecialchars($fileName, ENT_QUOTES, 'UTF-8'); ?></a>
<?php endforeach; ?>
<?php endif; ?>
</div>
<div class="editor-form">
<?php if ($selectedFile === ''): ?>
<p style="color:#e5e7eb;">Select an XML file from the list to begin editing.</p>
<?php else: ?>
<form method="post" action="admin_xml_editor.php">
<input type="hidden" name="file" value="<?php echo htmlspecialchars($selectedFile, ENT_QUOTES, 'UTF-8'); ?>">
<textarea name="xml_contents" spellcheck="false"><?php echo htmlspecialchars($fileContents, ENT_QUOTES, 'UTF-8'); ?></textarea>
<div class="editor-actions">
<button type="submit">Save Changes</button>
<span class="hint">Backup created before each save.</span>
</div>
</form>
<?php endif; ?>
</div>
</div>
</div>
<?php include(__DIR__ . '/includes/footer.php'); ?>
</body>
</html>

View file

@ -1,3 +0,0 @@
<?php
require_once __DIR__ . '/_compat_include.php';
require website_billing_runtime_file('adminserverlist.php');

View file

@ -1,326 +0,0 @@
<?php
/***********************
* Assistant Chat (Full History) PHP + cURL
* - Persistent thread in session
* - Full history render with Question / Answer labels
* - SSL verification disabled (your hosting constraint)
* - Citations: filename + page (when available)
***********************/
// Debug (disable on production)
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
/* ------------------- CONFIG ------------------- */
$OPENAI_API_KEY = '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';
$ASSISTANT_ID = 'asst_RAhtGzcy6higJeMwomZSqVjM'; // <-- set to your existing assistant
$OPENAI_BASE_URL = 'https://api.openai.com/v1';
$OPENAI_BETA_HDR = 'assistants=v2'; // required for Assistants v2
$REQUEST_TIMEOUT = 30; // seconds for cURL calls
$RUN_POLL_DELAY = 500000; // microseconds between run polls (0.5s)
$RUN_POLL_MAX = 40; // max polls (~20s total); adjust as needed
/* ---------------------------------------------- */
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
if (!isset($_SESSION['thread_id'])) {
$_SESSION['thread_id'] = null;
}
/** HTML escape helper */
function h($v) { return htmlspecialchars((string)$v, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'); }
/** Low-level OpenAI request helper */
function openai_request($method, $endpoint, $payload = null, $query = []) {
global $OPENAI_API_KEY;
$url = "https://api.openai.com/v1" . $endpoint;
if (!empty($query)) $url .= '?' . http_build_query($query);
$headers = [
"Content-Type: application/json",
"Authorization: Bearer {$OPENAI_API_KEY}",
"OpenAI-Beta: assistants=v2"
];
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, strtoupper($method));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
// Host requires SSL verification disabled
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
if (!is_null($payload)) curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($payload));
$resp = curl_exec($ch);
if ($resp === false) {
$err = curl_error($ch);
curl_close($ch);
throw new RuntimeException("cURL error: {$err}");
}
$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
$data = json_decode($resp, true);
if ($code >= 400) {
$msg = isset($data['error']['message']) ? $data['error']['message'] : 'Unknown API error';
throw new RuntimeException("OpenAI API error ({$code}): {$msg}");
}
return is_array($data) ? $data : [];
}
/** Create or reuse a per-visitor thread */
function ensure_thread_id() {
if (!empty($_SESSION['thread_id'])) return $_SESSION['thread_id'];
$created = openai_request('POST', '/threads', ['metadata' => ['site' => $_SERVER['HTTP_HOST'] ?? 'unknown']]);
$tid = $created['id'] ?? null;
if (!$tid) throw new RuntimeException('Failed to create thread.');
$_SESSION['thread_id'] = $tid;
return $tid;
}
/** Add a user message */
function add_user_message($thread_id, $text) {
openai_request('POST', "/threads/{$thread_id}/messages", [
'role' => 'user',
'content' => $text,
]);
}
/** Start a run */
function start_run($thread_id, $assistant_id) {
$run = openai_request('POST', "/threads/{$thread_id}/runs", [
'assistant_id' => $assistant_id,
]);
$run_id = $run['id'] ?? null;
if (!$run_id) throw new RuntimeException('Failed to start run.');
return $run_id;
}
/** Wait for completion (or fail/timeout) */
function wait_for_run($thread_id, $run_id, $max_tries, $delay_us) {
$terminal = ['completed', 'failed', 'requires_action', 'cancelled', 'expired'];
for ($i = 0; $i < $max_tries; $i++) {
usleep($delay_us);
$run = openai_request('GET', "/threads/{$thread_id}/runs/{$run_id}");
$status = $run['status'] ?? '';
if (in_array($status, $terminal, true)) return $run;
}
return ['status' => 'timeout'];
}
/** Cache of file_id => filename (per request) */
$_FILE_NAME_CACHE = [];
/** Resolve file name from file_id (API returns "filename" or sometimes "display_name") */
function get_file_name_by_id($file_id) {
global $_FILE_NAME_CACHE;
if (isset($_FILE_NAME_CACHE[$file_id])) return $_FILE_NAME_CACHE[$file_id];
$file = openai_request('GET', "/files/{$file_id}");
$name = $file['filename'] ?? ($file['display_name'] ?? ($file['name'] ?? $file_id));
$_FILE_NAME_CACHE[$file_id] = $name;
return $name;
}
/**
* Extract message text + citations (filename + page if available).
* Returns an array of entries: ['role' => 'user|assistant', 'text' => '...', 'refs' => [['filename'=>'','page'=>'','file_id'=>'']]]
*/
function normalize_messages($messages) {
$out = [];
if (empty($messages['data']) || !is_array($messages['data'])) return $out;
// The API returns newest first by default if not specifying; we request 'asc' in fetch.
foreach ((array)$messages['data'] as $m) {
$role = $m['role'] ?? '';
if (!in_array($role, ['user', 'assistant', 'system'], true)) continue;
if (empty($m['content']) || !is_array($m['content'])) continue;
$all_text = [];
$refs = [];
foreach ((array)$m['content'] as $part) {
if (($part['type'] ?? '') === 'text' && !empty($part['text']['value'])) {
$all_text[] = $part['text']['value'];
// Parse annotations for citations (file_citation)
$anns = $part['text']['annotations'] ?? [];
if (is_array($anns)) {
foreach ((array)$anns as $ann) {
if (($ann['type'] ?? '') === 'file_citation' && !empty($ann['file_citation']['file_id'])) {
$fid = $ann['file_citation']['file_id'];
$page = null;
// Page can appear under different shapes depending on backend. Try common keys:
if (isset($ann['file_citation']['page'])) {
$page = $ann['file_citation']['page'];
} elseif (isset($ann['file_citation']['page_range']) && is_array($ann['file_citation']['page_range'])) {
// Example: ['start' => 5, 'end' => 6]
$start = $ann['file_citation']['page_range']['start'] ?? null;
$end = $ann['file_citation']['page_range']['end'] ?? null;
if ($start && $end && $start !== $end) $page = "{$start}-{$end}";
elseif ($start) $page = (string)$start;
}
// Fetch filename
try {
$filename = get_file_name_by_id($fid);
} catch (Throwable $e) {
$filename = $fid;
}
$refs[] = [
'file_id' => $fid,
'filename' => $filename,
'page' => $page ?? 'n/a',
];
}
}
}
}
}
if (!empty($all_text)) {
$out[] = [
'role' => $role,
'text' => implode("\n", $all_text),
'refs' => $refs,
];
}
}
return $out;
}
/** Fetch conversation (ascending) */
function fetch_history($thread_id) {
$messages = openai_request('GET', "/threads/{$thread_id}/messages", null, ['order' => 'asc', 'limit' => 50]);
return normalize_messages($messages);
}
/* ------------------- HANDLE POST ------------------- */
$error = null;
$history = [];
try {
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!empty($_POST['reset_thread'])) {
$_SESSION['thread_id'] = null;
} elseif (isset($_POST['user_input'])) {
$user_text = trim((string)$_POST['user_input']);
if ($user_text !== '') {
$thread_id = ensure_thread_id();
add_user_message($thread_id, $user_text);
$run_id = start_run($thread_id, $ASSISTANT_ID);
$run = wait_for_run($thread_id, $run_id, $POLL_MAX_TRIES, $POLL_DELAY_US);
if (($run['status'] ?? '') === 'failed') {
$error = 'Assistant run failed.';
} elseif (($run['status'] ?? '') === 'requires_action') {
// If you later support tool calls, handle them here then submit outputs.
} elseif (($run['status'] ?? '') === 'timeout') {
$error = 'Assistant timed out. Please try again.';
}
}
}
}
if (!empty($_SESSION['thread_id'])) {
$history = fetch_history($_SESSION['thread_id']);
}
} catch (Throwable $e) {
$error = $e->getMessage();
}
?>
<?php
// Include top and menu for website UI (session already started above)
include(__DIR__ . '/includes/top.php');
include(__DIR__ . '/includes/menu.php');
?>
<!-- UI -->
<div class="ai-container">
<h3>Site Assistant</h3>
<p>Type a question below. Press <b>Enter</b> to send, <b>Shift+Enter</b> for a new line.</p>
<?php if ($error): ?>
<div class="ai-alert" style="border:1px solid #c00;">
<strong>Error:</strong> <?php echo h($error); ?>
</div>
<?php endif; ?>
<?php if (!empty($_SESSION['thread_id'])): ?>
<div class="ai-msg-meta">Thread: <?php echo h($_SESSION['thread_id']); ?></div>
<?php endif; ?>
<form id="chat-form" method="post" style="margin:12px 0;">
<textarea id="chat-input" name="user_input" rows="3" class="ai-textarea" placeholder="Ask your question..."></textarea>
<div style="margin-top:8px; display:flex; gap:8px;">
<button type="submit">Send</button>
<button type="submit" name="reset_thread" value="1">Reset Conversation</button>
</div>
</form>
<?php if (!empty($history) && is_array($history)): ?>
<div style="margin-top:16px; padding:10px; border:1px solid #ccc; border-radius:8px;">
<?php foreach ((array)$history as $msg):
// Label mapping: user => Question, assistant => Answer, system => (optional)
$role = $msg['role'] ?? 'assistant';
if ($role === 'user') $label = 'Question';
elseif ($role === 'assistant') $label = 'Answer';
else $label = ucfirst($role); // e.g., System
$text = str_replace("\r\n", "\n", $msg['text'] ?? '');
$refs = $msg['refs'] ?? [];
?>
<div style="margin-bottom:14px;">
<div style="font-weight:bold;"><?php echo h($label); ?></div>
<div style="white-space:pre-wrap;"><?php echo nl2br(h($text)); ?></div>
<?php if (!empty($refs)): ?>
<div style="margin-top:6px; font-size:12px;">
<em>References:</em>
<ul style="margin:6px 0 0 18px; padding:0;">
<?php foreach ((array)$refs as $r):
$fname = $r['filename'] ?? 'file';
$page = $r['page'] ?? 'n/a';
// If you have your own document links, replace '#' with a real URL.
?>
<li>
<a href="#" title="file_id: <?php echo h($r['file_id']); ?>">
<?php echo h($fname); ?> — page <?php echo h($page); ?>
</a>
</li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
</div>
<?php endforeach; ?>
</div>
<?php else: ?>
<div style="margin-top:10px; color:#666;">No messages yet.</div>
<?php endif; ?>
<div style="margin-top:10px; font-size:12px; color:#555;">
Conversation persists until you click “Reset Conversation”.
</div>
</div>
<!-- Submit on Enter (Shift+Enter = newline) -->
<script>
(function(){
var form = document.getElementById('chat-form');
var input = document.getElementById('chat-input');
input.addEventListener('keydown', function(e){
if (e.key === 'Enter') {
if (!e.shiftKey) {
e.preventDefault();
form.submit();
}
// if Shift+Enter, allow newline
}
});
})();
</script>

View file

@ -1,3 +0,0 @@
<?php
require_once __DIR__ . '/../_compat_include.php';
require website_billing_runtime_file('api/capture_order.php');

View file

@ -1,3 +0,0 @@
<?php
require_once __DIR__ . '/../_compat_include.php';
require website_billing_runtime_file('api/create_order.php');

View file

@ -1,44 +0,0 @@
<?php
/**
* Client-side error logging endpoint
* Logs JavaScript errors from the cart page for debugging
*/
// Ensure all errors are logged, not displayed
ini_set('display_errors', '0');
error_reporting(E_ALL);
header('Content-Type: application/json');
// Setup logging
$logDir = __DIR__ . '/../logs';
@mkdir($logDir, 0755, true);
$logFile = $logDir . '/client_errors.log';
function log_client_error($data) {
global $logFile;
$timestamp = date('Y-m-d H:i:s');
$entry = "[$timestamp] CLIENT ERROR\n";
$entry .= "IP: " . ($_SERVER['REMOTE_ADDR'] ?? 'UNKNOWN') . "\n";
$entry .= "User Agent: " . ($_SERVER['HTTP_USER_AGENT'] ?? 'UNKNOWN') . "\n";
if (is_array($data) || is_object($data)) {
$entry .= print_r($data, true);
} else {
$entry .= (string)$data;
}
$entry .= "\n" . str_repeat('-', 80) . "\n";
@file_put_contents($logFile, $entry, FILE_APPEND | LOCK_EX);
}
// Read and parse input
$rawInput = file_get_contents('php://input');
$data = json_decode($rawInput, true);
if ($data) {
log_client_error($data);
echo json_encode(['status' => 'logged']);
} else {
log_client_error(['raw_input' => $rawInput, 'error' => 'Invalid JSON']);
echo json_encode(['status' => 'error', 'message' => 'Invalid JSON']);
}
?>

View file

@ -1,142 +0,0 @@
<?php
// modules/billing/bootstrap.php
// Central bootstrap for billing website pages. Loads config, provides safe DB helper
// and ensures $table_prefix is available.
// Ensure session sync with panel happens first
require_once __DIR__ . '/includes/session_bridge.php';
require_once __DIR__ . '/includes/config_loader.php';
// Ensure $table_prefix exists (fallback to empty string)
if (!isset($table_prefix)) {
$table_prefix = '';
}
// Billing DB connection cached in $billing_db
if (!isset($billing_db)) {
$billing_db = null;
}
// Track whether bootstrap opened the connection (so callers can safely close it)
$billing_db_opened_by_bootstrap = false;
/**
* Get a mysqli connection for billing pages.
* - Reuses global $db if already created by other code.
* - Tries to open a new connection using config variables if needed.
* - Returns null on failure.
*/
function billing_get_db()
{
global $billing_db, $db, $db_host, $db_user, $db_pass, $db_name, $db_port, $billing_db_opened_by_bootstrap;
if (!empty($billing_db) && ($billing_db instanceof mysqli)) {
return $billing_db;
}
if (!empty($db) && ($db instanceof mysqli)) {
$billing_db = $db;
return $billing_db;
}
$port = isset($db_port) ? (int)$db_port : null;
// Try to connect (suppress warnings; caller may check return value)
$conn = @mysqli_connect($db_host ?? null, $db_user ?? null, $db_pass ?? null, $db_name ?? null, $port);
if ($conn) {
// Set charset when available
if (function_exists('mysqli_set_charset')) {
@mysqli_set_charset($conn, 'utf8mb4');
}
$billing_db = $conn;
$billing_db_opened_by_bootstrap = true;
return $billing_db;
}
// Leave $billing_db as null
$billing_db = null;
return null;
}
/**
* Close DB connection only if it was opened by bootstrap. If the connection
* is shared (created by other code) this function will not close it.
*/
function billing_maybe_close_db($conn)
{
global $billing_db, $billing_db_opened_by_bootstrap;
if (!($conn instanceof mysqli)) return;
if (!empty($billing_db_opened_by_bootstrap) && $billing_db === $conn) {
@mysqli_close($conn);
$billing_db = null;
$billing_db_opened_by_bootstrap = false;
}
}
// Small helper wrappers commonly used across billing pages
if (!function_exists('esc_mysqli')) {
function esc_mysqli($db, $v)
{
if ($db instanceof mysqli) {
return $db->real_escape_string((string)$v);
}
return addslashes((string)$v);
}
}
if (!function_exists('fetch_all_assoc')) {
function fetch_all_assoc($db, $sql)
{
if (!($db instanceof mysqli)) return [];
$res = $db->query($sql);
return $res ? $res->fetch_all(MYSQLI_ASSOC) : [];
}
}
if (!function_exists('col_exists')) {
function col_exists($db, $table, $col)
{
if (!($db instanceof mysqli)) return false;
$t = $db->real_escape_string($table);
$c = $db->real_escape_string($col);
$res = $db->query("SHOW COLUMNS FROM `{$t}` LIKE '{$c}'");
return ($res && $res->num_rows > 0);
}
}
// expose a convenience variable for scripts that expect $db
// Do not overwrite an existing $db if present
if (!isset($db) || !($db instanceof mysqli)) {
$maybe = billing_get_db();
if ($maybe instanceof mysqli) {
$db = $maybe;
}
}
/**
* Resolve a billing_services.img_url value to a browser-safe URL.
*
* Rules:
* - Empty string '' (caller should skip the <img> tag).
* - Full URL (http:// or https://) returned as-is.
* - Bare filename (e.g. "dayz.jpg") "/images/games/{filename}".
* - Anything else treated as a bare filename for safety.
*
* Output is NOT htmlspecialchars'd here; callers must escape for HTML context.
*/
if (!function_exists('billing_image_url')) {
function billing_image_url(string $imgUrl): string
{
$imgUrl = trim($imgUrl);
if ($imgUrl === '') {
return '';
}
// Keep full external URLs intact
if (str_starts_with($imgUrl, 'http://') || str_starts_with($imgUrl, 'https://')) {
return $imgUrl;
}
// Strip any leading path separators/directories so we always get a bare filename
$filename = basename($imgUrl);
if ($filename === '') {
return '';
}
return '/images/games/' . $filename;
}
}
// End bootstrap

View file

@ -1,3 +0,0 @@
<?php
require_once __DIR__ . '/_compat_include.php';
require website_billing_runtime_file('cart.php');

View file

@ -1,76 +0,0 @@
<?php
/**
* Check {table_prefix}billing_invoices table structure
*/
require_once(__DIR__ . '/bootstrap.php');
require_once('../../includes/database_mysqli.php');
$db = createDatabaseConnection($db_host, $db_user, $db_pass, $db_name, $db_port);
if (!$db) {
die("Database connection failed: " . mysqli_connect_error());
}
echo "<h2>{$table_prefix}billing_invoices Table Structure</h2>\n";
$result = mysqli_query($db, "DESCRIBE {$table_prefix}billing_invoices");
if (!$result) {
die("Table doesn't exist or query failed: " . mysqli_error($db));
}
echo "<table border='1' style='border-collapse: collapse;'>\n";
echo "<tr><th>Field</th><th>Type</th><th>Null</th><th>Key</th><th>Default</th><th>Extra</th></tr>\n";
while ($row = mysqli_fetch_assoc($result)) {
echo "<tr>";
echo "<td>{$row['Field']}</td>";
echo "<td>{$row['Type']}</td>";
echo "<td>{$row['Null']}</td>";
echo "<td>{$row['Key']}</td>";
echo "<td>" . ($row['Default'] ?? 'NULL') . "</td>";
echo "<td>{$row['Extra']}</td>";
echo "</tr>\n";
}
echo "</table>\n";
// Count existing invoices
$count_result = mysqli_query($db, "SELECT COUNT(*) as cnt FROM {$table_prefix}billing_invoices");
$count = mysqli_fetch_assoc($count_result);
echo "<p><strong>Total invoices in table:</strong> {$count['cnt']}</p>\n";
// Show last 5 invoices
echo "<h2>Last 5 Invoices</h2>\n";
$last_result = mysqli_query($db, "SELECT * FROM {$table_prefix}billing_invoices ORDER BY invoice_id DESC LIMIT 5");
if (mysqli_num_rows($last_result) > 0) {
echo "<table border='1' style='border-collapse: collapse;'>\n";
echo "<tr>";
$first = true;
while ($row = mysqli_fetch_assoc($last_result)) {
if ($first) {
foreach (array_keys($row) as $col) {
echo "<th>{$col}</th>";
}
echo "</tr>\n";
$first = false;
mysqli_data_seek($last_result, 0);
}
}
while ($row = mysqli_fetch_assoc($last_result)) {
echo "<tr>";
foreach ((array)$row as $val) {
echo "<td>" . htmlspecialchars($val ?? 'NULL') . "</td>";
}
echo "</tr>\n";
}
echo "</table>\n";
} else {
echo "<p>No invoices found.</p>\n";
}
billing_maybe_close_db($db);
?>

View file

@ -1,3 +0,0 @@
<?php
require_once __DIR__ . '/_compat_include.php';
require website_billing_runtime_file('checkout_free.php');

View file

@ -1,674 +0,0 @@
<?php
/**
* BillingRepository data layer for the billing module.
* All SQL lives here. Accepts a mysqli connection.
*/
class BillingRepository
{
private mysqli $db;
private string $prefix;
private array $columnCache = [];
public function __construct(mysqli $db, string $prefix = 'gsp_')
{
$this->db = $db;
$this->prefix = $prefix;
}
// ---------------------------------------------------------------
// Invoice helpers
// ---------------------------------------------------------------
/** Find a single 'unpaid' invoice by ID, owned by $userId. */
public function getUnpaidInvoice(int $invoiceId, int $userId): ?array
{
$stmt = $this->db->prepare(
"SELECT * FROM `{$this->prefix}billing_invoices`
WHERE invoice_id = ? AND user_id = ? AND payment_status IN ('unpaid','due') LIMIT 1"
);
if (!$stmt) return null;
$stmt->bind_param('ii', $invoiceId, $userId);
$stmt->execute();
$row = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $row ?: null;
}
/** Get all unpaid invoices for a user. */
public function getUnpaidInvoicesForUser(int $userId): array
{
$stmt = $this->db->prepare(
"SELECT * FROM `{$this->prefix}billing_invoices`
WHERE user_id = ? AND payment_status IN ('unpaid','due')
ORDER BY invoice_id ASC"
);
if (!$stmt) return [];
$stmt->bind_param('i', $userId);
$stmt->execute();
return $stmt->get_result()->fetch_all(MYSQLI_ASSOC);
}
/** Get invoice rows for a specific user and invoice id list. */
public function getInvoicesForUserByIds(int $userId, array $invoiceIds, bool $onlyUnpaid = true): array
{
$invoiceIds = array_values(array_unique(array_filter(array_map('intval', $invoiceIds), static fn($id) => $id > 0)));
if (empty($invoiceIds)) {
return [];
}
$placeholders = implode(',', array_fill(0, count($invoiceIds), '?'));
$types = str_repeat('i', count($invoiceIds) + 1);
$params = array_merge([$userId], $invoiceIds);
$where = $onlyUnpaid ? " AND payment_status IN ('unpaid','due')" : '';
$sql = "SELECT * FROM `{$this->prefix}billing_invoices`
WHERE user_id = ? AND invoice_id IN ({$placeholders}){$where}
ORDER BY invoice_id ASC";
$stmt = $this->db->prepare($sql);
if (!$stmt) {
return [];
}
$stmt->bind_param($types, ...$params);
$stmt->execute();
$rows = $stmt->get_result()->fetch_all(MYSQLI_ASSOC);
$stmt->close();
return $rows;
}
/** Mark an invoice as paid. Also sets status='paid' so it disappears from cart queries. */
public function markInvoicePaid(int $invoiceId, string $txid, string $method, string $paidAt): bool
{
$stmt = $this->db->prepare(
"UPDATE `{$this->prefix}billing_invoices`
SET payment_status='paid', status='paid', payment_txid=?, payment_method=?, paid_date=?
WHERE invoice_id = ? LIMIT 1"
);
if (!$stmt) return false;
$stmt->bind_param('sssi', $txid, $method, $paidAt, $invoiceId);
$ok = $stmt->execute();
$stmt->close();
return $ok;
}
/**
* Create a billing_orders row from invoice/payment data.
* Returns new order_id (0 on failure).
*
* @param array $data Keys: user_id, service_id, home_name, ip, qty, invoice_duration,
* max_players, price, remote_control_password, ftp_password,
* status, end_date, payment_txid, paid_ts, coupon_id
*/
public function createOrder(array $data): int
{
$now = date('Y-m-d H:i:s');
$status = (string)($data['status'] ?? 'Active');
$endDate = $data['end_date'] ?? null;
$txid = (string)($data['payment_txid'] ?? '');
$paidTs = (string)($data['paid_ts'] ?? $now);
$couponId = intval($data['coupon_id'] ?? 0);
$discount = (float)($data['discount_amount'] ?? 0);
$ip = (string)($data['ip'] ?? '0');
$qty = intval($data['qty'] ?? 1);
$maxPl = intval($data['max_players'] ?? 0);
$price = (float)($data['price'] ?? 0);
$userId = intval($data['user_id']);
$svcId = intval($data['service_id']);
$homeName = (string)($data['home_name'] ?? '');
$invDur = (string)($data['invoice_duration'] ?? 'month');
$rcp = (string)($data['remote_control_password'] ?? '');
$ftp = (string)($data['ftp_password'] ?? '');
$fields = [
'user_id' => $userId,
'service_id' => $svcId,
'home_name' => $homeName,
'ip' => $ip,
'qty' => $qty,
'invoice_duration' => $invDur,
'max_players' => $maxPl,
'price' => $price,
'discount_amount' => $discount,
'remote_control_password' => $rcp,
'ftp_password' => $ftp,
'home_id' => '0',
'status' => $status,
'order_date' => $now,
'end_date' => $endDate,
'payment_txid' => $txid,
'paid_ts' => $paidTs,
'coupon_id' => $couponId,
];
if ($this->hasColumn('billing_orders', 'paypal_data')) {
$fields['paypal_data'] = isset($data['paypal_data'])
? (is_array($data['paypal_data']) ? json_encode($data['paypal_data']) : (string)$data['paypal_data'])
: null;
}
return $this->insertAssoc('billing_orders', $fields);
}
/**
* Link a billing_invoice row to its corresponding billing_orders row.
* Called after createOrder() so the capture endpoint can be idempotent.
*/
public function updateInvoiceOrderId(int $invoiceId, int $orderId): bool
{
$stmt = $this->db->prepare(
"UPDATE `{$this->prefix}billing_invoices` SET order_id = ? WHERE invoice_id = ? LIMIT 1"
);
if (!$stmt) return false;
$stmt->bind_param('ii', $orderId, $invoiceId);
$ok = $stmt->execute();
$stmt->close();
return $ok;
}
/** Create a new invoice record. Returns new invoice_id or 0 on failure. */
public function createInvoice(array $data): int
{
$fields = [
'user_id', 'service_id', 'home_id', 'home_name',
'customer_name', 'customer_email',
'rate_type', 'rate_per_player', 'players',
'period_start', 'period_end',
'subtotal', 'total_due',
'currency', 'payment_status', 'payment_method', 'description',
];
$cols = implode(',', array_map(fn($f) => "`$f`", $fields));
$places = implode(',', array_fill(0, count($fields), '?'));
$types = 'iiissssssiissssss';
$stmt = $this->db->prepare(
"INSERT INTO `{$this->prefix}billing_invoices` ({$cols}) VALUES ({$places})"
);
if (!$stmt) return 0;
$vals = [];
foreach ($fields as $f) {
$vals[] = $data[$f] ?? null;
}
$stmt->bind_param($types, ...$vals);
if (!$stmt->execute()) { $stmt->close(); return 0; }
$id = (int)$stmt->insert_id;
$stmt->close();
return $id;
}
// ---------------------------------------------------------------
// Safe table-creation helpers (idempotent, check INFORMATION_SCHEMA first)
// ---------------------------------------------------------------
/**
* Ensure billing_transactions table exists.
* Safe to call on every request; uses INFORMATION_SCHEMA to skip if already present.
*/
public function ensureBillingTransactionsTable(): bool
{
$res = $this->db->query(
"SELECT COUNT(*) AS cnt FROM INFORMATION_SCHEMA.TABLES
WHERE TABLE_SCHEMA = DATABASE()
AND TABLE_NAME = '{$this->prefix}billing_transactions'"
);
if ($res && (int)$res->fetch_assoc()['cnt'] > 0) {
return true;
}
return (bool)$this->db->query(
"CREATE TABLE IF NOT EXISTS `{$this->prefix}billing_transactions` (
`transaction_id` INT(11) NOT NULL AUTO_INCREMENT,
`invoice_id` INT(11) NOT NULL DEFAULT 0,
`user_id` INT(11) NOT NULL DEFAULT 0,
`home_id` INT(11) NOT NULL DEFAULT 0,
`payment_method` VARCHAR(50) NOT NULL DEFAULT 'paypal',
`transaction_external_id` VARCHAR(255) NOT NULL DEFAULT '',
`amount` DECIMAL(15,2) NOT NULL DEFAULT 0.00,
`currency` VARCHAR(3) NOT NULL DEFAULT 'USD',
`status` ENUM('pending','completed','failed','refunded') NOT NULL DEFAULT 'pending',
`raw_response` MEDIUMTEXT NULL,
`created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`updated_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`transaction_id`),
KEY `invoice_id` (`invoice_id`),
KEY `user_id` (`user_id`),
KEY `home_id` (`home_id`),
KEY `status` (`status`),
KEY `payment_method` (`payment_method`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4"
);
}
/**
* Ensure billing_paypal_errors table exists.
* Safe to call on every request; uses INFORMATION_SCHEMA to skip if already present.
*/
public function ensureBillingPaypalErrorsTable(): bool
{
$res = $this->db->query(
"SELECT COUNT(*) AS cnt FROM INFORMATION_SCHEMA.TABLES
WHERE TABLE_SCHEMA = DATABASE()
AND TABLE_NAME = '{$this->prefix}billing_paypal_errors'"
);
if ($res && (int)$res->fetch_assoc()['cnt'] > 0) {
return true;
}
return (bool)$this->db->query(
"CREATE TABLE IF NOT EXISTS `{$this->prefix}billing_paypal_errors` (
`id` INT NOT NULL AUTO_INCREMENT,
`context` VARCHAR(64) NOT NULL DEFAULT '',
`error_code` VARCHAR(128) NOT NULL DEFAULT '',
`message` TEXT NULL,
`paypal_debug_id` VARCHAR(128) NULL,
`order_id` VARCHAR(128) NULL,
`capture_id` VARCHAR(128) NULL,
`billing_order_id` INT NULL,
`user_id` INT NULL,
`raw_json` LONGTEXT NULL,
`created_at` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`),
KEY `idx_context` (`context`),
KEY `idx_created_at` (`created_at`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4"
);
}
// ---------------------------------------------------------------
// Transaction (payment log) helpers
// ---------------------------------------------------------------
/** Insert a row into billing_transactions. Returns new transaction_id. */
public function logTransaction(array $data): int
{
$this->ensureBillingTransactionsTable();
$invoiceId = intval($data['invoice_id'] ?? 0);
$extId = (string)($data['transaction_external_id'] ?? '');
if ($invoiceId > 0 && $extId !== '') {
$existing = $this->db->prepare(
"SELECT transaction_id FROM `{$this->prefix}billing_transactions`
WHERE invoice_id = ? AND transaction_external_id = ?
LIMIT 1"
);
if ($existing) {
$existing->bind_param('is', $invoiceId, $extId);
$existing->execute();
$row = $existing->get_result()->fetch_assoc();
$existing->close();
if (!empty($row['transaction_id'])) {
return (int)$row['transaction_id'];
}
}
}
$stmt = $this->db->prepare(
"INSERT INTO `{$this->prefix}billing_transactions`
(invoice_id, user_id, home_id, payment_method, transaction_external_id,
amount, currency, status, raw_response)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)"
);
if (!$stmt) return 0;
$rawJson = is_array($data['raw_response']) ? json_encode($data['raw_response']) : (string)($data['raw_response'] ?? '');
$userId = intval($data['user_id'] ?? 0);
$homeId = intval($data['home_id'] ?? 0);
$method = (string)($data['payment_method'] ?? 'paypal');
$amount = (float)($data['amount'] ?? 0);
$currency = (string)($data['currency'] ?? 'USD');
$status = (string)($data['status'] ?? 'completed');
$stmt->bind_param(
'iiissdsss',
$invoiceId, $userId, $homeId, $method, $extId, $amount, $currency, $status, $rawJson
);
if (!$stmt->execute()) { $stmt->close(); return 0; }
$id = (int)$stmt->insert_id;
$stmt->close();
return $id;
}
/** Get all transactions, optionally filtered. Creates the table if missing. */
public function getTransactions(array $filter = [], int $limit = 100, int $offset = 0): array
{
if (!$this->ensureBillingTransactionsTable()) {
return [];
}
$where = '1=1';
$params = [];
$types = '';
if (!empty($filter['user_id'])) {
$where .= ' AND t.user_id = ?';
$params[] = intval($filter['user_id']);
$types .= 'i';
}
if (!empty($filter['home_id'])) {
$where .= ' AND t.home_id = ?';
$params[] = intval($filter['home_id']);
$types .= 'i';
}
if (!empty($filter['payment_method'])) {
$where .= ' AND t.payment_method = ?';
$params[] = $filter['payment_method'];
$types .= 's';
}
$sql = "SELECT t.*, u.users_login, u.users_email
FROM `{$this->prefix}billing_transactions` t
LEFT JOIN `{$this->prefix}users` u ON u.user_id = t.user_id
WHERE {$where}
ORDER BY t.transaction_id DESC
LIMIT ? OFFSET ?";
$params[] = $limit;
$params[] = $offset;
$types .= 'ii';
$stmt = $this->db->prepare($sql);
if (!$stmt) return [];
$stmt->bind_param($types, ...$params);
$stmt->execute();
return $stmt->get_result()->fetch_all(MYSQLI_ASSOC);
}
// ---------------------------------------------------------------
// PayPal error log helpers
// ---------------------------------------------------------------
/**
* Insert a row into billing_paypal_errors. Never logs client secrets.
* Returns new error log id (0 on failure).
*/
public function logPaypalError(array $data): int
{
$this->ensureBillingPaypalErrorsTable();
$stmt = $this->db->prepare(
"INSERT INTO `{$this->prefix}billing_paypal_errors`
(context, error_code, message, paypal_debug_id, order_id, capture_id,
billing_order_id, user_id, raw_json)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)"
);
if (!$stmt) return 0;
$context = substr((string)($data['context'] ?? ''), 0, 64);
$errorCode = substr((string)($data['error_code'] ?? ''), 0, 128);
$message = (string)($data['message'] ?? '');
$debugId = isset($data['paypal_debug_id']) ? substr((string)$data['paypal_debug_id'], 0, 128) : null;
$orderId = isset($data['order_id']) ? substr((string)$data['order_id'], 0, 128) : null;
$captureId = isset($data['capture_id']) ? substr((string)$data['capture_id'], 0, 128) : null;
$billingOrderId = isset($data['billing_order_id']) ? intval($data['billing_order_id']) : null;
$userId = isset($data['user_id']) ? intval($data['user_id']) : null;
$rawJson = isset($data['raw_json'])
? (is_array($data['raw_json']) ? json_encode($data['raw_json']) : (string)$data['raw_json'])
: null;
// Truncate large payloads to avoid LONGTEXT bloat
if ($rawJson !== null && strlen($rawJson) > 65536) {
$rawJson = substr($rawJson, 0, 65536) . '…[truncated]';
}
$stmt->bind_param(
'ssssssiis',
$context, $errorCode, $message, $debugId, $orderId, $captureId,
$billingOrderId, $userId, $rawJson
);
if (!$stmt->execute()) { $stmt->close(); return 0; }
$id = (int)$stmt->insert_id;
$stmt->close();
return $id;
}
/**
* Return the $limit most recent rows from billing_paypal_errors.
* Returns empty array if the table does not exist.
*/
public function getRecentPaypalErrors(int $limit = 10): array
{
if (!$this->ensureBillingPaypalErrorsTable()) {
return [];
}
$stmt = $this->db->prepare(
"SELECT id, created_at, context, error_code, message,
paypal_debug_id, order_id, capture_id, billing_order_id, user_id
FROM `{$this->prefix}billing_paypal_errors`
ORDER BY id DESC
LIMIT ?"
);
if (!$stmt) return [];
$stmt->bind_param('i', $limit);
$stmt->execute();
return $stmt->get_result()->fetch_all(MYSQLI_ASSOC);
}
// ---------------------------------------------------------------
// Server home (billing state) helpers
// ---------------------------------------------------------------
/** Get server home billing info by home_id. */
public function getServerHomeBilling(int $homeId): ?array
{
$stmt = $this->db->prepare(
"SELECT home_id, home_name, user_id_main, billing_status, billing_expires_at,
billing_price, billing_rate_type, billing_players, billing_enabled,
next_invoice_date, server_expiration_date, billing_invoice_sent_at
FROM `{$this->prefix}server_homes`
WHERE home_id = ? LIMIT 1"
);
if (!$stmt) return null;
$stmt->bind_param('i', $homeId);
$stmt->execute();
$row = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $row ?: null;
}
/** Update billing state fields on server_homes. */
public function updateServerHomeBilling(int $homeId, array $data): bool
{
$allowed = [
'billing_status', 'billing_expires_at', 'billing_price',
'billing_rate_type', 'billing_players', 'billing_enabled',
'next_invoice_date', 'server_expiration_date', 'billing_invoice_sent_at',
];
$set = [];
$params = [];
$types = '';
foreach ($allowed as $col) {
if (array_key_exists($col, $data)) {
$set[] = "`{$col}` = ?";
$params[] = $data[$col];
$val = $data[$col];
if ($val === null) {
$types .= 's'; // NULL binds safely as string in mysqli
} elseif (is_int($val)) {
$types .= 'i';
} elseif (is_float($val)) {
$types .= 'd';
} else {
$types .= 's';
}
}
}
if (empty($set)) return false;
$params[] = $homeId;
$types .= 'i';
$stmt = $this->db->prepare(
"UPDATE `{$this->prefix}server_homes` SET " . implode(', ', $set) . " WHERE home_id = ? LIMIT 1"
);
if (!$stmt) return false;
$stmt->bind_param($types, ...$params);
$ok = $stmt->execute();
$stmt->close();
return $ok;
}
// ---------------------------------------------------------------
// Service helpers
// ---------------------------------------------------------------
/** Get a billing service by ID. Returns null if not found / disabled. */
public function getService(int $serviceId, bool $mustBeEnabled = true): ?array
{
$extra = $mustBeEnabled ? ' AND enabled = 1' : '';
$stmt = $this->db->prepare(
"SELECT * FROM `{$this->prefix}billing_services` WHERE service_id = ?{$extra} LIMIT 1"
);
if (!$stmt) return null;
$stmt->bind_param('i', $serviceId);
$stmt->execute();
$row = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $row ?: null;
}
/** Get enabled services (for storefront listing). */
public function getEnabledServices(): array
{
$res = $this->db->query(
"SELECT * FROM `{$this->prefix}billing_services` WHERE enabled = 1 ORDER BY service_name"
);
return $res ? $res->fetch_all(MYSQLI_ASSOC) : [];
}
// ---------------------------------------------------------------
// Legacy billing_orders helpers (kept for backward compat during migration)
// ---------------------------------------------------------------
/** Get an active order by order_id. */
public function getOrder(int $orderId): ?array
{
$stmt = $this->db->prepare(
"SELECT * FROM `{$this->prefix}billing_orders` WHERE order_id = ? LIMIT 1"
);
if (!$stmt) return null;
$stmt->bind_param('i', $orderId);
$stmt->execute();
$row = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $row ?: null;
}
/** Extend an existing order's end_date. */
public function extendOrder(int $orderId, string $newEndDate, string $txid, string $now): bool
{
$stmt = $this->db->prepare(
"UPDATE `{$this->prefix}billing_orders`
SET status='Active', end_date=?, payment_txid=?, paid_ts=?
WHERE order_id=? LIMIT 1"
);
if (!$stmt) return false;
$stmt->bind_param('sssi', $newEndDate, $txid, $now, $orderId);
$ok = $stmt->execute();
$stmt->close();
return $ok;
}
public function getCouponByCode(string $couponCode): ?array
{
$stmt = $this->db->prepare(
"SELECT * FROM `{$this->prefix}billing_coupons`
WHERE code = ? AND is_active = 1
LIMIT 1"
);
if (!$stmt) {
return null;
}
$stmt->bind_param('s', $couponCode);
$stmt->execute();
$row = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $row ?: null;
}
public function updateInvoiceFields(int $invoiceId, array $data): bool
{
return $this->updateAssoc('billing_invoices', 'invoice_id', $invoiceId, $data);
}
public function updateOrderFields(int $orderId, array $data): bool
{
return $this->updateAssoc('billing_orders', 'order_id', $orderId, $data);
}
private function hasColumn(string $table, string $column): bool
{
$cacheKey = $table . '.' . $column;
if (array_key_exists($cacheKey, $this->columnCache)) {
return $this->columnCache[$cacheKey];
}
$tableName = $this->db->real_escape_string($this->prefix . $table);
$columnName = $this->db->real_escape_string($column);
$res = $this->db->query(
"SELECT COUNT(*) AS cnt
FROM INFORMATION_SCHEMA.COLUMNS
WHERE TABLE_SCHEMA = DATABASE()
AND TABLE_NAME = '{$tableName}'
AND COLUMN_NAME = '{$columnName}'"
);
$exists = $res ? ((int)($res->fetch_assoc()['cnt'] ?? 0) > 0) : false;
$this->columnCache[$cacheKey] = $exists;
return $exists;
}
private function insertAssoc(string $table, array $data): int
{
if (empty($data)) {
return 0;
}
$columns = array_keys($data);
$placeholders = implode(',', array_fill(0, count($columns), '?'));
$sql = sprintf(
"INSERT INTO `%s%s` (%s) VALUES (%s)",
$this->prefix,
$table,
implode(',', array_map(static fn($field) => "`{$field}`", $columns)),
$placeholders
);
$stmt = $this->db->prepare($sql);
if (!$stmt) {
return 0;
}
[$types, $values] = $this->prepareBindValues($data);
$stmt->bind_param($types, ...$values);
if (!$stmt->execute()) {
$stmt->close();
return 0;
}
$id = (int)$stmt->insert_id;
$stmt->close();
return $id;
}
private function updateAssoc(string $table, string $idColumn, int $idValue, array $data): bool
{
$data = array_filter($data, static fn($value) => $value !== null);
if (empty($data)) {
return true;
}
$set = [];
foreach (array_keys($data) as $field) {
$set[] = "`{$field}` = ?";
}
$sql = sprintf(
"UPDATE `%s%s` SET %s WHERE `%s` = ? LIMIT 1",
$this->prefix,
$table,
implode(', ', $set),
$idColumn
);
$stmt = $this->db->prepare($sql);
if (!$stmt) {
return false;
}
[$types, $values] = $this->prepareBindValues($data);
$types .= 'i';
$values[] = $idValue;
$stmt->bind_param($types, ...$values);
$ok = $stmt->execute();
$stmt->close();
return $ok;
}
private function prepareBindValues(array $data): array
{
$types = '';
$values = [];
foreach ($data as $value) {
if (is_int($value)) {
$types .= 'i';
$values[] = $value;
} elseif (is_float($value)) {
$types .= 'd';
$values[] = $value;
} else {
$types .= 's';
$values[] = ($value === null) ? null : (string)$value;
}
}
return [$types, $values];
}
}

View file

@ -1,179 +0,0 @@
<?php
require_once __DIR__ . '/../classes/BillingRepository.php';
require_once __DIR__ . '/../classes/PaymentGatewayInterface.php';
/**
* BillingService core business logic for the billing module.
*
* Responsibilities:
* - Calculate pricing
* - Create invoices
* - Process payment results (log transaction, mark invoice paid, update server home)
* - Extend / reset server billing expiration
*/
class BillingService
{
private BillingRepository $repo;
public function __construct(BillingRepository $repo)
{
$this->repo = $repo;
}
/**
* Calculate pricing for a new order.
*
* @param array $service Row from gsp_billing_services
* @param string $rateType 'daily' | 'monthly' | 'yearly'
* @param int $players Number of player slots
* @param int $qty Duration quantity (e.g. 2 = 2 months)
* @return array { rate_per_player, subtotal, total_due, period_days }
*/
public function calculatePrice(array $service, string $rateType, int $players, int $qty = 1): array
{
$qty = max(1, $qty);
$players = max(1, $players);
$rateType = 'monthly';
$basePrice = (float)($service['price_monthly'] ?? 0);
$periodDays = $qty * 31;
// price_monthly etc is the per-player per-period rate
$ratePerPlayer = $basePrice;
$subtotal = round($ratePerPlayer * $players * $qty, 2);
$totalDue = $subtotal;
return [
'rate_type' => $rateType,
'rate_per_player' => $ratePerPlayer,
'players' => $players,
'qty' => $qty,
'subtotal' => $subtotal,
'total_due' => $totalDue,
'period_days' => $periodDays,
];
}
/**
* Create a billing invoice row.
*
* @param array $pricing Result from calculatePrice()
* @param array $context { user_id, service_id, home_id, home_name, customer_name, customer_email, description }
* @return int New invoice_id (0 on failure)
*/
public function createInvoice(array $pricing, array $context): int
{
$now = date('Y-m-d H:i:s');
$periodStart = $now;
$periodEnd = date('Y-m-d H:i:s', strtotime('+' . $pricing['period_days'] . ' days'));
return $this->repo->createInvoice([
'user_id' => intval($context['user_id'] ?? 0),
'service_id' => intval($context['service_id'] ?? 0),
'home_id' => intval($context['home_id'] ?? 0),
'home_name' => $context['home_name'] ?? '',
'customer_name' => $context['customer_name'] ?? '',
'customer_email' => $context['customer_email'] ?? '',
'rate_type' => $pricing['rate_type'],
'rate_per_player' => $pricing['rate_per_player'],
'players' => $pricing['players'],
'period_start' => $periodStart,
'period_end' => $periodEnd,
'subtotal' => $pricing['subtotal'],
'total_due' => $pricing['total_due'],
'currency' => $context['currency'] ?? 'USD',
'payment_status' => 'unpaid',
'payment_method' => '',
'description' => $context['description'] ?? '',
]);
}
/**
* Process a successful payment result from a gateway.
*
* 1. Log the transaction
* 2. Mark invoice paid
* 3. Update server home billing state (extend or reset expiration)
*
* @param array $captureResult Result from PaymentGatewayInterface::handleCallback()
* @param int $invoiceId
* @param int $userId
* @param int $homeId
* @param array $invoiceRow The invoice row (from DB) needed for period/pricing
* @return array { success: bool, transaction_id: string, error?: string }
*/
public function processPaymentSuccess(
array $captureResult,
int $invoiceId,
int $userId,
int $homeId,
array $invoiceRow
): array {
$txid = $captureResult['transaction_id'] ?? null;
$method = $captureResult['payment_method'] ?? 'paypal';
$amount = (float)($captureResult['amount'] ?? $invoiceRow['total_due'] ?? 0);
$currency = $captureResult['currency'] ?? $invoiceRow['currency'] ?? 'USD';
$now = date('Y-m-d H:i:s');
// 1. Log transaction
$this->repo->logTransaction([
'invoice_id' => $invoiceId,
'user_id' => $userId,
'home_id' => $homeId,
'payment_method' => $method,
'transaction_external_id' => $txid ?? '',
'amount' => $amount,
'currency' => $currency,
'status' => 'completed',
'raw_response' => $captureResult['raw_response'] ?? [],
]);
// 2. Mark invoice paid
if ($invoiceId > 0) {
$this->repo->markInvoicePaid($invoiceId, $txid ?? '', $method, $now);
}
// 3. Update server home billing state
if ($homeId > 0) {
$this->extendServerBilling($homeId, $invoiceRow, $now);
}
return ['success' => true, 'transaction_id' => $txid];
}
/**
* Extend or reset a server's billing expiration based on the invoice period.
*/
public function extendServerBilling(int $homeId, array $invoiceRow, string $now): void
{
$home = $this->repo->getServerHomeBilling($homeId);
$periodEnd = $invoiceRow['period_end'] ?? null;
if (!$periodEnd) {
$periodEnd = date('Y-m-d H:i:s', strtotime('+31 days'));
}
// If current expiry is in the future, extend from it; otherwise reset from period_end
$currentExpiry = $home['billing_expires_at'] ?? null;
if ($currentExpiry && strtotime($currentExpiry) > time()) {
// Calculate the period length from the invoice; fall back to rate_type if dates are missing
$periodStart = $invoiceRow['period_start'] ?? null;
$periodEndVal = $invoiceRow['period_end'] ?? null;
if ($periodStart && $periodEndVal) {
$currentPeriodSecs = strtotime($periodEndVal) - strtotime($periodStart);
} else {
$currentPeriodSecs = 31 * 86400;
}
$newExpiry = date('Y-m-d H:i:s', strtotime($currentExpiry) + max(86400, $currentPeriodSecs));
} else {
$newExpiry = $periodEnd;
}
$this->repo->updateServerHomeBilling($homeId, [
'billing_status' => 'active',
'billing_expires_at' => $newExpiry,
'next_invoice_date' => $newExpiry,
'server_expiration_date' => null,
'billing_invoice_sent_at' => null,
]);
}
}

View file

@ -1,30 +0,0 @@
<?php
require_once __DIR__ . '/../classes/PaymentGatewayInterface.php';
require_once __DIR__ . '/../classes/PayPalGateway.php';
require_once __DIR__ . '/../classes/ManualGateway.php';
require_once __DIR__ . '/../classes/StripeGateway.php';
/**
* Factory for instantiating payment gateways by name.
*/
class GatewayFactory
{
/**
* @param string $name Gateway name: 'paypal', 'stripe', 'manual'
* @return PaymentGatewayInterface
* @throws InvalidArgumentException
*/
public static function make(string $name): PaymentGatewayInterface
{
switch (strtolower($name)) {
case 'paypal':
return PayPalGateway::fromConfig();
case 'manual':
return new ManualGateway();
case 'stripe':
return new StripeGateway();
default:
throw new InvalidArgumentException("Unknown payment gateway: {$name}");
}
}
}

View file

@ -1,36 +0,0 @@
<?php
require_once __DIR__ . '/../classes/PaymentGatewayInterface.php';
/**
* Manual / offline payment gateway.
* Used when an admin marks a payment as paid directly.
*/
class ManualGateway implements PaymentGatewayInterface
{
public function getName(): string { return 'manual'; }
public function createPayment(array $params): array
{
return ['success' => true, 'provider_order_id' => 'MANUAL-' . uniqid(), 'raw_response' => []];
}
public function handleCallback(array $params): array
{
$txid = $params['admin_txid'] ?? ('MANUAL-' . uniqid());
return [
'success' => true,
'transaction_id' => $txid,
'amount' => (float)($params['amount'] ?? 0),
'currency' => $params['currency'] ?? 'USD',
'status' => 'completed',
'raw_response' => $params,
];
}
public function verifyPayment(array $payload): bool { return true; }
public function getTransactionId(array $captureResult): ?string
{
return $captureResult['transaction_id'] ?? null;
}
}

View file

@ -1,194 +0,0 @@
<?php
require_once __DIR__ . '/../classes/PaymentGatewayInterface.php';
class PayPalGateway implements PaymentGatewayInterface
{
private string $clientId;
private string $clientSecret;
private bool $sandbox;
private string $apiBase;
public function __construct(string $clientId, string $clientSecret, bool $sandbox = true)
{
$this->clientId = $clientId;
$this->clientSecret = $clientSecret;
$this->sandbox = $sandbox;
$this->apiBase = $sandbox
? 'https://api-m.sandbox.paypal.com'
: 'https://api-m.paypal.com';
}
/**
* Build a PayPalGateway instance from global config variables.
* Prefers the new gsp_paypal_* helper functions; falls back to legacy globals.
*/
public static function fromConfig(): self
{
if (function_exists('gsp_paypal_get_client_id')) {
$clientId = gsp_paypal_get_client_id();
$clientSecret = gsp_paypal_get_client_secret();
$sandbox = gsp_paypal_is_sandbox();
} else {
$clientId = $GLOBALS['paypal_client_id'] ?? '';
$clientSecret = $GLOBALS['paypal_client_secret'] ?? '';
$sandbox = (bool)($GLOBALS['paypal_sandbox'] ?? true);
}
return new self($clientId, $clientSecret, $sandbox);
}
public function getName(): string { return 'paypal'; }
/** Exchange client credentials for a Bearer token. Returns token or null. */
private function getAccessToken(): ?string
{
$ch = curl_init("{$this->apiBase}/v1/oauth2/token");
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => 'grant_type=client_credentials',
CURLOPT_HTTPHEADER => ['Accept: application/json'],
CURLOPT_USERPWD => "{$this->clientId}:{$this->clientSecret}",
]);
$body = curl_exec($ch);
$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($code !== 200 || !$body) return null;
$data = json_decode($body, true);
return $data['access_token'] ?? null;
}
public function createPayment(array $params): array
{
$token = $this->getAccessToken();
if (!$token) {
return ['success' => false, 'error' => 'paypal_oauth_failed'];
}
$amount = number_format((float)($params['amount'] ?? 0), 2, '.', '');
$currency = $params['currency'] ?? 'USD';
$invoiceId = $params['invoice_id'] ?? null;
$description = $params['description'] ?? 'Game Server Order';
$returnUrl = $params['return_url'] ?? '';
$cancelUrl = $params['cancel_url'] ?? '';
$items = $params['items'] ?? null;
$purchaseUnit = [
'amount' => ['currency_code' => $currency, 'value' => $amount],
'description' => $description,
'custom_id' => (string)($params['custom_id'] ?? $invoiceId ?? ''),
];
if ($invoiceId) {
$purchaseUnit['invoice_id'] = (string)$invoiceId;
}
if ($items) {
$purchaseUnit['items'] = $items;
$purchaseUnit['amount']['breakdown'] = [
'item_total' => ['currency_code' => $currency, 'value' => $amount],
];
}
$body = [
'intent' => 'CAPTURE',
'purchase_units' => [$purchaseUnit],
'application_context' => [
'return_url' => $returnUrl,
'cancel_url' => $cancelUrl,
'user_action' => 'PAY_NOW',
],
];
$ch = curl_init("{$this->apiBase}/v2/checkout/orders");
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode($body),
CURLOPT_HTTPHEADER => [
'Content-Type: application/json',
"Authorization: Bearer {$token}",
],
]);
$res = curl_exec($ch);
$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($code !== 201 || !$res) {
return ['success' => false, 'error' => 'paypal_create_order_failed', 'http_code' => $code];
}
$data = json_decode($res, true);
if (json_last_error() !== JSON_ERROR_NONE) {
return ['success' => false, 'error' => 'paypal_invalid_response'];
}
return [
'success' => true,
'provider_order_id' => $data['id'] ?? '',
'raw_response' => $data,
];
}
public function handleCallback(array $params): array
{
$providerOrderId = $params['order_id'] ?? null;
if (!$providerOrderId) {
return ['success' => false, 'error' => 'missing_order_id'];
}
$token = $this->getAccessToken();
if (!$token) {
return ['success' => false, 'error' => 'paypal_oauth_failed'];
}
$ch = curl_init("{$this->apiBase}/v2/checkout/orders/{$providerOrderId}/capture");
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => [
'Content-Type: application/json',
"Authorization: Bearer {$token}",
],
]);
$res = curl_exec($ch);
$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if (($code !== 200 && $code !== 201) || !$res) {
return ['success' => false, 'error' => 'paypal_capture_failed', 'http_code' => $code];
}
$data = json_decode($res, true);
if (json_last_error() !== JSON_ERROR_NONE) {
return ['success' => false, 'error' => 'paypal_invalid_capture_response'];
}
$status = $data['status'] ?? '';
if ($status !== 'COMPLETED') {
return ['success' => false, 'error' => 'payment_not_completed', 'status' => $status];
}
$capture = $data['purchase_units'][0]['payments']['captures'][0] ?? [];
$txid = $capture['id'] ?? null;
$amount = (float)($capture['amount']['value'] ?? 0);
$currency = $capture['amount']['currency_code'] ?? 'USD';
$customId = $data['purchase_units'][0]['custom_id'] ?? null;
return [
'success' => true,
'transaction_id' => $txid,
'amount' => $amount,
'currency' => $currency,
'status' => 'completed',
'custom_id' => $customId,
'raw_response' => $data,
];
}
public function verifyPayment(array $payload): bool
{
// For REST API flow (JS SDK capture), verification is done by the capture response itself.
// Webhook signature verification would be implemented here for webhook events.
return true;
}
public function getTransactionId(array $captureResult): ?string
{
return $captureResult['transaction_id'] ?? null;
}
}

View file

@ -1,40 +0,0 @@
<?php
/**
* Payment Gateway Interface
* All payment providers must implement this contract.
*/
interface PaymentGatewayInterface
{
/**
* Create a payment/order on the provider side.
* @param array $params { amount, currency, invoice_id, description, return_url, cancel_url, items? }
* @return array { success: bool, provider_order_id: string, redirect_url?: string, error?: string }
*/
public function createPayment(array $params): array;
/**
* Handle a provider callback/capture (webhook or return).
* @param array $params Provider-specific parameters (e.g. { order_id } for PayPal)
* @return array { success: bool, transaction_id: string, amount: float, status: string, raw_response: array, error?: string }
*/
public function handleCallback(array $params): array;
/**
* Verify that a payment/webhook is authentic.
* @param array $payload Raw request body / headers
* @return bool
*/
public function verifyPayment(array $payload): bool;
/**
* Get the provider's external transaction ID from a capture result.
* @param array $captureResult Result from handleCallback()
* @return string|null
*/
public function getTransactionId(array $captureResult): ?string;
/**
* Return a short machine name for this gateway (e.g. 'paypal', 'stripe', 'manual').
*/
public function getName(): string;
}

View file

@ -1,25 +0,0 @@
<?php
require_once __DIR__ . '/../classes/PaymentGatewayInterface.php';
/**
* Stripe payment gateway stub.
* Implement this class when Stripe support is needed.
*/
class StripeGateway implements PaymentGatewayInterface
{
public function getName(): string { return 'stripe'; }
public function createPayment(array $params): array
{
return ['success' => false, 'error' => 'stripe_not_implemented'];
}
public function handleCallback(array $params): array
{
return ['success' => false, 'error' => 'stripe_not_implemented'];
}
public function verifyPayment(array $payload): bool { return false; }
public function getTransactionId(array $captureResult): ?string { return null; }
}

View file

@ -1,3 +0,0 @@
$test_id = 1362;
$db->query( "DROP USER 'server_" .$test_id ."'@localhost'");
mysql -uremoteuser -pDrV75Uyyxr9VFVVt -hmysql.iaregamer.com -e "DROP USER server_'${test_id}'"

View file

@ -1,107 +0,0 @@
-- Enhanced coupon system for billing module
-- This creates a flexible coupon system with game filters and usage tracking
-- Table prefix is hardcoded to gsp_ for standalone billing module
-- Drop existing table if upgrading from old coupon module
DROP TABLE IF EXISTS `gsp_billing_coupons`;
-- Create enhanced coupons table
CREATE TABLE `gsp_billing_coupons` (
`coupon_id` INT(11) NOT NULL AUTO_INCREMENT,
`code` VARCHAR(50) NOT NULL UNIQUE,
`name` VARCHAR(255) NOT NULL DEFAULT '',
`description` TEXT,
`discount_percent` DECIMAL(5,2) NOT NULL DEFAULT 0.00,
`usage_type` ENUM('one_time', 'permanent') NOT NULL DEFAULT 'one_time',
`game_filter_type` ENUM('all_games', 'specific_games') NOT NULL DEFAULT 'all_games',
`game_filter_list` TEXT COMMENT 'JSON array of game keys when game_filter_type=specific_games',
`max_uses` INT(11) DEFAULT NULL COMMENT 'NULL for unlimited uses',
`current_uses` INT(11) NOT NULL DEFAULT 0,
`expires` DATETIME DEFAULT NULL,
`created_date` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`created_by` INT(11) DEFAULT NULL,
`is_active` TINYINT(1) NOT NULL DEFAULT 1,
PRIMARY KEY (`coupon_id`),
UNIQUE KEY `idx_code` (`code`),
KEY `idx_active_expires` (`is_active`, `expires`),
KEY `idx_created_by` (`created_by`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4;
-- Add coupon_id field to billing_orders if it doesn't exist
SET @tablename = 'gsp_billing_orders';
SET @checkIfColumnExists = (
SELECT COUNT(*)
FROM information_schema.COLUMNS
WHERE TABLE_SCHEMA = DATABASE()
AND TABLE_NAME = @tablename
AND COLUMN_NAME = 'coupon_id'
);
SET @addColumn = IF(@checkIfColumnExists = 0,
'ALTER TABLE `gsp_billing_orders` ADD COLUMN `coupon_id` INT(11) DEFAULT NULL AFTER `user_id`, ADD KEY `idx_coupon` (`coupon_id`)',
'SELECT "Column coupon_id already exists in gsp_billing_orders"'
);
PREPARE stmt FROM @addColumn;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
-- Add coupon_id field to billing_invoices if it doesn't exist
SET @tablename = 'gsp_billing_invoices';
SET @checkIfColumnExists = (
SELECT COUNT(*)
FROM information_schema.COLUMNS
WHERE TABLE_SCHEMA = DATABASE()
AND TABLE_NAME = @tablename
AND COLUMN_NAME = 'coupon_id'
);
SET @addColumn = IF(@checkIfColumnExists = 0,
'ALTER TABLE `gsp_billing_invoices` ADD COLUMN `coupon_id` INT(11) DEFAULT NULL AFTER `user_id`, ADD KEY `idx_coupon` (`coupon_id`)',
'SELECT "Column coupon_id already exists in gsp_billing_invoices"'
);
PREPARE stmt FROM @addColumn;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
-- Add discount_amount field to billing_invoices to track actual discount applied
SET @checkIfColumnExists = (
SELECT COUNT(*)
FROM information_schema.COLUMNS
WHERE TABLE_SCHEMA = DATABASE()
AND TABLE_NAME = 'gsp_billing_invoices'
AND COLUMN_NAME = 'discount_amount'
);
SET @addColumn = IF(@checkIfColumnExists = 0,
'ALTER TABLE `gsp_billing_invoices` ADD COLUMN `discount_amount` DECIMAL(10,2) NOT NULL DEFAULT 0.00 AFTER `amount`',
'SELECT "Column discount_amount already exists in gsp_billing_invoices"'
);
PREPARE stmt FROM @addColumn;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
-- Add discount_amount field to billing_orders to track permanent discounts
SET @checkIfColumnExists = (
SELECT COUNT(*)
FROM information_schema.COLUMNS
WHERE TABLE_SCHEMA = DATABASE()
AND TABLE_NAME = 'gsp_billing_orders'
AND COLUMN_NAME = 'discount_amount'
);
SET @addColumn = IF(@checkIfColumnExists = 0,
'ALTER TABLE `gsp_billing_orders` ADD COLUMN `discount_amount` DECIMAL(10,2) NOT NULL DEFAULT 0.00 AFTER `price`',
'SELECT "Column discount_amount already exists in gsp_billing_orders"'
);
PREPARE stmt FROM @addColumn;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
-- Sample coupons for testing
INSERT INTO `gsp_billing_coupons` (`code`, `name`, `description`, `discount_percent`, `usage_type`, `game_filter_type`, `game_filter_list`, `expires`) VALUES
('WELCOME10', 'Welcome 10% Off', 'New customer welcome discount - 10% off any game', 10.00, 'one_time', 'all_games', NULL, DATE_ADD(NOW(), INTERVAL 1 YEAR)),
('ARMA25', 'Arma Series 25% Off', 'Save 25% on any Arma game server', 25.00, 'permanent', 'specific_games', '["arma2_win32", "arma2oa_win32", "arma3_linux32", "arma3_linux64", "arma3_win64", "arma-reforger_linux64", "arma-reforger_win64"]', NULL);

View file

@ -1,34 +0,0 @@
-- Create billing_invoices table for invoice-first flow
-- Run this SQL to enable the new billing system
-- Table prefix is hardcoded to gsp_ for standalone billing module
CREATE TABLE IF NOT EXISTS `gsp_billing_invoices` (
`invoice_id` INT(11) NOT NULL AUTO_INCREMENT,
`order_id` INT(11) NOT NULL DEFAULT 0,
`user_id` INT(11) NOT NULL,
`service_id` INT(11) NOT NULL,
`home_name` VARCHAR(255) NOT NULL DEFAULT '',
`ip` INT(11) NOT NULL DEFAULT 0,
`max_players` INT(11) NOT NULL DEFAULT 0,
`remote_control_password` VARCHAR(255) NULL,
`ftp_password` VARCHAR(255) NULL,
`customer_name` VARCHAR(255) NOT NULL DEFAULT '',
`customer_email` VARCHAR(255) NOT NULL DEFAULT '',
`amount` FLOAT(15,2) NOT NULL DEFAULT 0,
`currency` VARCHAR(3) NOT NULL DEFAULT 'USD',
`status` VARCHAR(16) NOT NULL DEFAULT 'due',
`invoice_date` DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
`due_date` DATETIME NULL,
`paid_date` DATETIME NULL,
`payment_txid` VARCHAR(255) NULL,
`payment_method` VARCHAR(50) NULL,
`description` VARCHAR(500) NOT NULL DEFAULT '',
`invoice_duration` VARCHAR(16) NOT NULL DEFAULT 'month',
`qty` INT(11) NOT NULL DEFAULT 1,
PRIMARY KEY (`invoice_id`),
KEY `order_id` (`order_id`),
KEY `user_id` (`user_id`),
KEY `status` (`status`),
KEY `due_date` (`due_date`),
KEY `service_id` (`service_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4;

View file

@ -1,3 +0,0 @@
<?php
require_once __DIR__ . '/_compat_include.php';
require website_billing_runtime_file('create_servers.php');

View file

@ -1,3 +0,0 @@
<?php
require_once __DIR__ . '/_compat_include.php';
require website_billing_runtime_file('cron-shop.php');

View file

@ -1,423 +0,0 @@
/* Global font family - legible sans-serif stack */
html,
body {
width: 100%;
max-width: 100%;
overflow-x: hidden;
}
body {
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol";
}
#gsw-site {
width: 100%;
max-width: 100%;
overflow-x: hidden;
}
.gsw-top{display:flex;align-items:center;gap:12px;padding:12px 24px;background:#fff;border-bottom:1px solid rgba(0,0,0,0.05);}
.gsw-top img{height:40px;width:auto;display:block}
.gsw-top .gsw-site-name{font-weight:700;font-size:1.1rem;color:#333}
@media(max-width:480px){.gsw-top{padding:10px}.gsw-top img{height:32px}.gsw-top .gsw-site-name{font-size:1rem}}
/* Header: two-row layout with left/right divs on top row */
.gsw-header{display:flex;flex-direction:column;align-items:stretch;padding:0;background:transparent;margin-bottom:18px;}
/* Top row: contains left (logo/title) and right (login) divs as separate blocks */
#gsw-site .gsw-header-top{display:flex;flex-direction:row;justify-content:space-between;align-items:center;padding:12px 20px;background:#0b3b6f !important;backdrop-filter:blur(6px);box-shadow:0 2px 6px rgba(0,0,0,0.18);width:100%;max-width:100%;}
/* Left div: logo + title, takes up available space */
#gsw-site .gsw-header-left{flex:1 1 auto;display:flex;align-items:center;font-weight:700;font-size:1.4rem;color:#fff;padding-left:8px;}
/* Right div: login/logout button area, shrinks to content */
#gsw-site .gsw-header-right{flex:0 0 auto;display:flex;align-items:center;justify-content:flex-end;gap:12px;padding-right:8px;}
.gsw-logo{height:48px;width:auto;margin-right:12px;display:block}
.gsw-logo-link{display:flex;align-items:center;gap:10px;color:#fff;text-decoration:none}
.gsw-header-left a{color:#fff;text-decoration:none;}
/* Bottom row: centered navigation menu */
#gsw-site .gsw-header-bottom{display:flex;justify-content:center;padding:10px 20px;background:#0b3b6f !important;width:100%;max-width:100%;}
.gsw-header-nav{display:flex;gap:22px;align-items:center;max-width:100%;}
.gsw-nav-link{color:#fff;text-decoration:none;font-size:0.98rem;transition:opacity 0.2s;padding:6px 8px;border-radius:6px;}
.gsw-nav-link:hover{opacity:0.9;text-decoration:underline;background:rgba(255,255,255,0.03);}
/* My Account link styling - larger font in middle of menu */
.gsw-nav-link-myaccount{font-size:1.15rem;font-weight:600;padding:6px 12px;}
.gsw-user-info{color:#fff;font-size:0.95rem;margin-right:8px;}
/* Login/Logout button with gradient */
#gsw-site .gsw-header-btn,
#gsw-site a.gsw-header-btn{padding:10px 18px;background:linear-gradient(135deg,#667eea 0%,#764ba2 100%) !important;color:#fff !important;border-radius:8px;text-decoration:none;font-weight:700;transition:transform 0.2s;border:none;display:inline-block;cursor:pointer;}
#gsw-site .gsw-header-btn:hover,
#gsw-site a.gsw-header-btn:hover{transform:translateY(-2px);text-decoration:none;color:#fff !important;}
@media(max-width:768px){
.gsw-header{flex-direction:column;gap:12px;}
.gsw-header-nav{flex-wrap:wrap;justify-content:center;}
}
/* Banner styling (index only) */
.gsw-banner{width:100%;text-align:center;margin-bottom:18px}
.gsw-banner img{max-width:100%;height:auto;display:inline-block}
/* Footer styles: ultra-specific to override any theme CSS */
html body #gsw-site footer.gsw-footer{background:#0b3b6f !important;color:#fff;padding:18px 12px;text-align:center;margin-top:28px;}
#gsw-site footer.gsw-footer a{color:#cfe6ff;text-decoration:none;}
#gsw-site footer.gsw-footer a:hover{text-decoration:underline;}
/* Page color scheme: prefer dark text on light backgrounds by default */
/* Dark site theme: dark background with light text */
body { color: #fff; background: #0b1020; }
/* Make links readable on dark background */
a { color: #7fb3ff; }
/* But override for styled buttons/links inside our site wrapper */
#gsw-site a.gsw-btn,
#gsw-site a.gsw-btn-secondary,
#gsw-site a.gsw-header-btn,
#gsw-site .gsw-nav-link{color:#fff !important;}
/* Form inputs: light text on darker inputs by default */
input, textarea, select, button { color: #fff; background: #11141f; border: 1px solid rgba(255,255,255,0.06); }
.cart-badge{display:inline-block;background:#ff3b30;color:#fff;font-size:0.8rem;padding:2px 6px;border-radius:12px;margin-left:6px;vertical-align:middle}
.site-panel{width:100%; max-width:1000px; margin:auto; padding:1rem; background:rgba(0,0,0,0.25); border-radius:0.75rem;}
.site-panel-title{font-size:1.5rem; font-weight:bold; color:#fff; margin-bottom:1.5rem; text-align:center}
.cart-table{border-collapse:separate; border-spacing:0; width:100%; color:#fff}
.cart-table thead{background:rgba(255,255,255,0.03)}
.cart-table th, .cart-table td{padding:1rem 1.5rem; text-align:left; border-bottom:1px solid rgba(255,255,255,0.03)}
.cart-total-row{background:transparent; font-weight:bold}
.cart-total-label{padding:1rem 1.5rem; text-align:right; border-top:2px solid rgba(255,255,255,0.06); font-weight:600; color:#fff}
.cart-total-value{padding:1rem 1.5rem; text-align:left; border-top:2px solid rgba(255,255,255,0.06); font-weight:600; color:#fff; font-size:1.1rem}
/* Utility classes */
.container-wide{width:100%; max-width:1000px; margin:28px auto; padding-inline:12px; box-sizing:border-box;}
.panel{background:rgba(0,0,0,0.25); padding:16px; border-radius:8px}
.muted{color:rgba(255,255,255,0.6)}
.center{text-align:center}
.pad-40{padding:40px}
.btn-danger{background:#ef4444;color:#fff;border:none;padding:6px 10px;border-radius:6px}
.btn-primary{background:linear-gradient(135deg,#667eea 0%,#764ba2 100%);color:#fff;border:none;padding:8px 14px;border-radius:8px;font-weight:700}
/* Primary gradient button for links and buttons */
#gsw-site .gsw-btn,
#gsw-site a.gsw-btn,
#gsw-site button.gsw-btn{display:inline-block;padding:12px 24px;background:linear-gradient(135deg,#667eea 0%,#764ba2 100%) !important;color:#fff !important;text-decoration:none;border-radius:8px;font-weight:600;transition:transform 0.2s;border:none;cursor:pointer;}
#gsw-site .gsw-btn:hover,
#gsw-site a.gsw-btn:hover,
#gsw-site button.gsw-btn:hover{transform:translateY(-2px);color:#fff !important;text-decoration:none;}
/* Renew button: slightly smaller but matching gradient, used on My Account cards */
#gsw-site .renew-btn, #gsw-site a.renew-btn, #gsw-site button.renew-btn{
display:inline-block;
padding:8px 14px;
background:linear-gradient(135deg,#f59e0b 0%,#ef4444 100%) !important;
color:#fff !important;
text-decoration:none;
border-radius:8px;
font-weight:700;
transition:transform 0.12s;
border:none;
cursor:pointer;
}
#gsw-site .renew-btn:hover, #gsw-site a.renew-btn:hover, #gsw-site button.renew-btn:hover{transform:translateY(-2px);}
#gsw-site .gsw-btn-secondary,
#gsw-site a.gsw-btn-secondary{display:inline-block;padding:10px 16px;background:rgba(255,255,255,0.06);color:#fff !important;text-decoration:none;border-radius:8px;border:1px solid rgba(255,255,255,0.06);cursor:pointer;}
#gsw-site .gsw-btn-secondary:hover,
#gsw-site a.gsw-btn-secondary:hover{color:#fff !important;text-decoration:none;}
.float-left{float:left}
.clearfix::after{content:"";display:table;clear:both}
.table-compact th,.table-compact td{padding:0.5rem}
/* Small spacing utilities used by a few pages */
.mb-18{margin-bottom:18px}
.mt-6{margin-top:6px}
.mt-12{margin-top:12px}
/* Padding helper used where a wider card/panel is desired */
.p-30-20{padding:30px 20px}
/* Decorative container used in a few places */
.decorative-bottom{border:4px solid transparent;border-bottom:25px solid transparent}
/* Inline form helper (used for small inline forms inside table cells) */
.inline-form{margin:0;display:inline}
/* Small square button (used for delete icons) */
.btn-square{width:2rem;height:2rem;display:inline-flex;align-items:center;justify-content:center;font-weight:bold;border-radius:0.25rem;border:none}
.text-right{text-align:right}
.text-danger{color:#ef4444}
.text-center{text-align:center}
/* small helpers for admin server list inputs */
.min-w-260{min-width:260px}
.min-w-240{min-width:240px}
.w-90{width:90px}
.img-preview{max-height:48px; max-width:120px; border:1px solid #eee; display:block}
.loc-label{border:1px solid #eee;border-radius:6px;padding:6px 8px; display:inline-flex; align-items:center}
.small-muted{color:#777;font-size:12px;margin-top:2px}
/* PayPal status */
.pp-status{margin-top:12px;font:14px system-ui, -apple-system, Segoe UI, Roboto, Arial, sans-serif}
/* AI UI helpers */
.ai-container{max-width:760px; margin:20px auto; font-family:Arial, sans-serif}
.ai-panel{margin:10px 0; padding:8px; border-radius:6px}
.ai-alert{margin:10px 0; padding:8px; border-radius:6px; border:1px solid #c00}
.ai-textarea{width:100%; padding:6px}
.ai-message{margin-top:16px; padding:10px; border:1px solid #ccc; border-radius:8px}
.ai-msg-title{font-weight:bold}
.ai-msg-meta{margin-top:6px; font-size:12px}
.flex-gap-wrap{display:flex;flex-wrap:wrap;gap:10px}
.table-center{text-align:center;width:100%;border-collapse:collapse}
.tb-row-bottom{border-bottom:1px solid #f0f0f0;padding:8px 6px;text-align:left}
.locs-box{display:flex;flex-wrap:wrap;gap:8px}
.mb-12{margin-bottom:12px}
.mt-10{margin-top:10px}
.mt-14{margin-top:14px}
.mt-20{margin-top:20px}
.mt-8{margin-top:8px}
.btn-small{padding:3px 8px;font-size:12px}
.mr-6{margin-right:6px}
.ml-8{margin-left:8px}
.flex-row-gap{display:flex;gap:8px;align-items:center}
/* Account page styles */
.account-container{max-width:1000px;margin:20px auto;padding:20px}
.account-section{background:rgba(0,0,0,0.25);padding:20px;border-radius:8px;margin-bottom:20px}
.account-section h2{margin:0 0 15px 0;font-size:1.3rem;color:#fff;border-bottom:2px solid rgba(255,255,255,0.1);padding-bottom:10px}
.account-info-grid{display:grid;grid-template-columns:1fr 1fr;gap:15px;margin-bottom:15px}
.account-info-item{padding:10px;background:rgba(255,255,255,0.03);border-radius:6px}
.account-info-label{font-weight:600;color:rgba(255,255,255,0.7);font-size:0.9rem;margin-bottom:5px}
.account-info-value{color:#fff;font-size:1rem}
.account-edit-summary{cursor:pointer;color:#667eea;font-weight:600;margin-top:10px}
/* Form styles */
.form-group{margin-bottom:15px}
.form-group label{display:block;margin-bottom:5px;color:#fff;font-weight:500}
.form-group input{width:100%;padding:10px;border:1px solid rgba(255,255,255,0.1);border-radius:6px;background:rgba(0,0,0,0.3);color:#fff}
/* Alert messages */
.alert{padding:12px 16px;border-radius:8px;margin-bottom:20px;font-size:0.95rem}
.alert-error{background-color:rgba(255,0,0,0.2);border:1px solid rgba(255,0,0,0.3);color:#ffcccc}
.alert-success{background-color:rgba(0,255,0,0.2);border:1px solid rgba(0,255,0,0.3);color:#ccffcc}
/* Server item cards */
.server-item{background:rgba(255,255,255,0.03);padding:15px;border-radius:6px;margin-bottom:10px;border-left:3px solid #667eea}
.server-name{font-size:1.1rem;font-weight:600;color:#fff;margin-bottom:8px}
.server-details{display:grid;grid-template-columns:repeat(auto-fit,minmax(150px,1fr));gap:10px;margin-top:10px}
.server-detail{font-size:0.9rem}
.server-detail-label{color:rgba(255,255,255,0.6)}
.server-detail-value{color:#fff;font-weight:500}
/* Invoice items */
.invoice-item{background:rgba(255,255,255,0.03);padding:12px 15px;border-radius:6px;margin-bottom:8px;display:flex;justify-content:space-between;align-items:center}
.invoice-id{font-weight:600;color:#fff}
.invoice-amount{color:#10b981;font-weight:600}
.invoice-status{padding:4px 10px;border-radius:4px;font-size:0.85rem;font-weight:600}
.invoice-status-paid{background:rgba(16,185,129,0.2);color:#10b981}
.invoice-status-pending{background:rgba(245,158,11,0.2);color:#f59e0b}
.invoice-status-expired{background:rgba(239,68,68,0.2);color:#ef4444}
.invoice-date{color:rgba(255,255,255,0.6);font-size:0.9rem}
/* Login placeholder for non-logged-in users */
.login-placeholder{padding:12px;background:rgba(255,255,255,0.03);border-radius:8px;color:#fff}
.login-placeholder a{color:#cfe6ff;text-decoration:underline}
/* No data state */
.no-data{text-align:center;padding:30px;color:rgba(255,255,255,0.6)}
/* Service description text */
.service-desc{color:gray;width:230px}
.service-desc-wide{color:gray;width:280px}
.service-textarea{resize:none;width:230px;height:132px}
/* Admin helpers */
.admin-note{font-size:11px;color:#666;margin-top:4px}
.admin-flex-wrap{display:flex;gap:12px;flex-wrap:wrap;margin-top:12px}
@media (max-width:768px){
.account-info-grid{grid-template-columns:1fr}
}
/* Responsive improvements for mobile devices */
@media (max-width: 600px) {
/* Stack header top and make logo smaller */
#gsw-site .gsw-header-top{flex-direction:column;align-items:flex-start;padding:10px 12px}
#gsw-site .gsw-header-left{width:100%;justify-content:flex-start;padding-left:4px}
.gsw-logo{height:40px}
.gsw-site-name{font-size:1rem}
/* Make header right area flow beneath the logo */
#gsw-site .gsw-header-right{width:100%;margin-top:8px;justify-content:flex-start;padding-right:4px;gap:8px}
/* Navigation: wrap and stack for easier tapping */
#gsw-site .gsw-header-bottom{padding:8px 12px}
.gsw-header-nav{flex-direction:column;align-items:stretch;gap:10px;width:100%;max-width:100%}
.gsw-nav-link{display:block;padding:12px 10px;border-radius:8px}
.gsw-nav-link-myaccount{font-size:1rem}
/* Make main panel use full width with reduced padding */
.site-panel{padding:0.75rem;margin:8px;border-radius:0.5rem;max-width:100%}
/* Tables and cart spacing adjustments */
.cart-table th, .cart-table td{padding:0.6rem 0.8rem}
/* Buttons become full-width for easier tapping on small screens */
#gsw-site .gsw-btn, #gsw-site a.gsw-btn, #gsw-site button.gsw-btn, #gsw-site .gsw-header-btn{
width:100%;display:block;text-align:center;padding:12px;border-radius:10px
}
/* Server cards: stack details and move actions below */
.server-details{grid-template-columns:1fr}
.server-actions{margin-top:12px;display:block}
.server-item{padding:12px}
/* Forms: make inputs and action buttons full width */
.form-group input, .form-group textarea, .form-group select{width:100%;box-sizing:border-box;max-width:100%}
/* Invoice items: stack label and amount for readability */
.invoice-item{flex-direction:column;align-items:flex-start;gap:8px}
.invoice-amount{font-size:1rem}
}
@media (max-width:420px){
/* Extra small devices: tighten spacing, smaller fonts */
.gsw-logo{height:34px}
.gsw-site-name{font-size:0.95rem}
.site-panel-title{font-size:1.25rem}
.server-name{font-size:1rem}
.account-section h2{font-size:1.1rem}
/* Reduce large paddings that consume screen real estate */
.panel{padding:10px}
.form-group{margin-bottom:12px}
.btn-primary, .btn-small{padding:10px}
}
/* Server status and utility classes */
#gsw-site .text-success {
color: #10b981 !important;
font-weight: 600 !important;
}
#gsw-site .text-danger {
color: #ef4444 !important;
font-weight: 600 !important;
}
#gsw-site .text-muted {
color: rgba(255,255,255,0.7) !important;
}
#gsw-site .text-center {
text-align: center !important;
}
#gsw-site .mb-20 {
margin-bottom: 20px !important;
}
#gsw-site .server-notes {
padding-left: 40px !important;
font-size: 0.9rem !important;
color: rgba(255,255,255,0.7) !important;
}
/* Status badges */
#gsw-site .status-badge {
display: inline-block;
padding: 4px 12px;
border-radius: 12px;
font-size: 0.85rem;
font-weight: 600;
text-transform: uppercase;
}
#gsw-site .status-online {
background-color: rgba(16, 185, 129, 0.2);
color: #10b981;
}
#gsw-site .status-offline {
background-color: rgba(239, 68, 68, 0.2);
color: #ef4444;
}
#gsw-site .status-maintenance {
background-color: rgba(251, 191, 36, 0.2);
color: #fbbf24;
}
#gsw-site .status-unknown {
background-color: rgba(156, 163, 175, 0.2);
color: #9ca3af;
}
/* Form radio labels in renewal page */
#gsw-site .form-group label {
display: block;
margin-bottom: 10px;
cursor: pointer;
padding: 12px;
border: 2px solid #e1e8ed;
border-radius: 8px;
background: rgba(255,255,255,0.05);
transition: background 0.2s ease;
}
#gsw-site .form-group label:hover {
background: rgba(255,255,255,0.1);
}
/* Ensure header-right sits flush to the far right */
#gsw-site .gsw-header-top .gsw-header-right{margin-left:auto}
/* User dropdown menu (small, CSS-only). Uses :focus-within and :hover for accessibility */
.gsw-user-menu{position:relative;display:inline-block}
.gsw-user-link{color:#fff;text-decoration:none;font-weight:600;padding:8px 12px;display:inline-block}
.gsw-user-caret{margin-left:6px;font-size:0.85rem;opacity:0.85}
.gsw-user-dropdown{display:none;position:absolute;right:0;top:calc(100% + 8px);background:rgba(255,255,255,0.06);backdrop-filter:blur(6px);border-radius:8px;padding:8px;min-width:160px;box-shadow:0 8px 24px rgba(0,0,0,0.35);z-index:60}
.gsw-user-dropdown-item{display:block;color:#fff;text-decoration:none;padding:8px 10px;border-radius:6px;margin:2px 0}
.gsw-user-dropdown-item:hover{background:rgba(255,255,255,0.03)}
.gsw-user-menu:hover .gsw-user-dropdown, .gsw-user-menu:focus-within .gsw-user-dropdown{display:block}
/* Mobile: make dropdown inline under header and full-width */
@media (max-width:600px){
.gsw-user-dropdown{position:static;top:auto;right:auto;margin-top:8px;background:rgba(255,255,255,0.03);width:100%;box-shadow:none;padding:6px}
.gsw-user-menu{width:100%}
.gsw-user-link{width:100%;display:flex;justify-content:space-between;padding:12px}
}
/* Prevent serverlist images from overflowing on small screens */
#gsw-site .server-item img,
#gsw-site .game-thumb,
#gsw-site .server-card img,
.server-list img{max-width:100%;height:auto;display:block;object-fit:cover}
#gsw-site img,
#gsw-site video,
#gsw-site iframe,
#gsw-site canvas,
#gsw-site svg {
max-width: 100%;
height: auto;
}
#gsw-site table {
max-width: 100%;
}
#gsw-site input,
#gsw-site select,
#gsw-site textarea,
#gsw-site button,
#gsw-site .btn,
#gsw-site .gsw-btn,
#gsw-site .gsw-btn-secondary {
max-width: 100%;
box-sizing: border-box;
}

View file

@ -1,77 +0,0 @@
<?php
// Remote diagnostic helper for GameServers.World (_website)
// Upload this file to the remote server and open it in the browser to collect environment info.
header('Content-Type: text/plain; charset=utf-8');
echo "GSP _website remote diagnostic\n";
echo "Date: " . date('c') . "\n\n";
// PHP info summary
echo "PHP Version: " . PHP_VERSION . "\n";
echo "Loaded extensions: " . implode(', ', get_loaded_extensions()) . "\n\n";
// Session settings
echo "Session save path: " . (ini_get('session.save_path') ?: '(not set)') . "\n";
echo "Session cookie params: " . json_encode(session_get_cookie_params()) . "\n";
echo "Session status (before start): " . session_status() . "\n";
// Try to start a named session used by _website
session_name('opengamepanel_web');
@session_start();
echo "Session status (after start): " . session_status() . "\n";
echo "Session id: " . session_id() . "\n";
echo "Session variables: \n" . print_r($_SESSION, true) . "\n";
// Check config file readability (panel root first, module local second)
$panelCfgRoot = realpath(__DIR__ . '/../../..');
$panelCfg = $panelCfgRoot ? $panelCfgRoot . '/includes/config.inc.php' : __DIR__ . '/../../..' . '/includes/config.inc.php';
$localCfg = __DIR__ . '/includes/config.inc.php';
echo "Panel config: " . $panelCfg . " exists=" . (file_exists($panelCfg) ? 'yes' : 'no') . " readable=" . (is_readable($panelCfg) ? 'yes' : 'no') . "\n";
echo "Local config: " . $localCfg . " exists=" . (file_exists($localCfg) ? 'yes' : 'no') . " readable=" . (is_readable($localCfg) ? 'yes' : 'no') . "\n";
require_once(__DIR__ . '/includes/config_loader.php');
echo "Active config source: " . (defined('BILLING_CONFIG_PATH') ? BILLING_CONFIG_PATH : '(unknown)') . "\n";
if (defined('BILLING_CONFIG_PATH') && is_readable(BILLING_CONFIG_PATH)) {
echo "Active config preview (first 200 chars):\n" . substr(file_get_contents(BILLING_CONFIG_PATH), 0, 200) . "\n";
}
echo "Trying DB connection...\n";
$ok = false;
if (isset($db_host)) {
$db = @mysqli_connect($db_host, $db_user, $db_pass, $db_name, isset($db_port) ? (int)$db_port : null);
if ($db) {
echo "DB connect: OK (host=$db_host db=$db_name)\n";
$ok = true;
// run a small query
$q = @mysqli_query($db, "SELECT COUNT(*) AS cnt FROM information_schema.tables WHERE table_schema = '".mysqli_real_escape_string($db,$db_name)."'");
if ($q) {
$r = mysqli_fetch_assoc($q);
echo "Tables in DB: " . ($r['cnt'] ?? 'unknown') . "\n";
}
mysqli_close($db);
} else {
echo "DB connect: FAILED (mysqli_connect_error: " . mysqli_connect_error() . ")\n";
}
} else {
echo "DB config not available to attempt connection.\n";
}
// Check data and logs directories
$data = realpath(__DIR__ . '/..') . DIRECTORY_SEPARATOR . 'data';
$logs = __DIR__ . DIRECTORY_SEPARATOR . 'logs';
echo "Site data dir: $data exists=" . (is_dir($data)?'yes':'no') . " writable=" . (is_writable($data)?'yes':'no') . "\n";
echo "Site logs dir: $logs exists=" . (is_dir($logs)?'yes':'no') . " writable=" . (is_writable($logs)?'yes':'no') . "\n";
// Try creating test files
if (is_dir($logs) && is_writable($logs)) {
$fn = $logs . DIRECTORY_SEPARATOR . date('Y-m-d') . '.diag.txt';
$w = @file_put_contents($fn, "diag " . date('c') . "\n", FILE_APPEND);
echo "Wrote diag file to $fn result=" . ($w ? 'ok' : 'fail') . "\n";
}
echo "\nSuggested next checks:\n";
echo " - Confirm PHP can write session files to session.save_path and that cookies are sent to browser (use browser devtools).\n";
echo " - Ensure the site path is served under the expected /_website/ path and that session cookie domain/path match the served path.\n";
echo " - If sessions aren't persistent across requests, check webserver user permissions and session.save_path.\n";
?>

View file

@ -1,3 +0,0 @@
<?php
require_once __DIR__ . '/_compat_include.php';
require website_billing_runtime_file('docs.php');

Binary file not shown.

Before

Width:  |  Height:  |  Size: 40 KiB

View file

@ -1,413 +0,0 @@
<?php
/**
* 7 Days to Die Server Documentation - Comprehensive Guide
* General game server hosting information (not platform-specific)
*/
?>
<div style="background: #1e3a5f; padding: 20px; border-left: 4px solid #3b82f6; margin: 20px 0; border-radius: 4px;">
<h3 style="color: #ffffff; margin-top: 0;">📚 Quick Navigation</h3>
<div style="display: flex; flex-wrap: wrap; gap: 10px;">
<a href="#quick-info" style="background: #0f172a; padding: 8px 16px; border-radius: 4px; color: #a5b4fc; text-decoration: none;">Quick Info</a>
<a href="#ports" style="background: #0f172a; padding: 8px 16px; border-radius: 4px; color: #a5b4fc; text-decoration: none;">🔌 Ports</a>
<a href="#installation" style="background: #0f172a; padding: 8px 16px; border-radius: 4px; color: #a5b4fc; text-decoration: none;">Installation</a>
<a href="#configuration" style="background: #0f172a; padding: 8px 16px; border-radius: 4px; color: #a5b4fc; text-decoration: none;">Configuration</a>
<a href="#parameters" style="background: #0f172a; padding: 8px 16px; border-radius: 4px; color: #a5b4fc; text-decoration: none;">⚙️ Startup Parameters</a>
<a href="#troubleshooting" style="background: #0f172a; padding: 8px 16px; border-radius: 4px; color: #a5b4fc; text-decoration: none;">🔧 Troubleshooting</a>
<a href="#performance" style="background: #0f172a; padding: 8px 16px; border-radius: 4px; color: #a5b4fc; text-decoration: none;">Performance</a>
<a href="#security" style="background: #0f172a; padding: 8px 16px; border-radius: 4px; color: #a5b4fc; text-decoration: none;">Security</a>
</div>
</div>
<h1>7 Days to Die Server Hosting Guide</h1>
<h2>Overview</h2>
<p>7 Days to Die is a multiplayer game server that can be hosted on a VPS or dedicated server. This comprehensive guide covers everything you need to know about hosting a 7 Days to Die server for your community.</p>
<h2 id="quick-info">Quick Info</h2>
<div style="background: #1e3a5f; padding: 20px; border-left: 4px solid #3b82f6; margin: 20px 0; border-radius: 4px;">
<ul style="color: #e5e7eb; line-height: 1.8; margin: 0;">
<li><strong style="color: #ffffff;">Default Port:</strong> <code style="background: #0f172a; padding: 2px 6px; border-radius: 3px; color: #a5b4fc;">Varies (see configuration)</code></li>
<li><strong style="color: #ffffff;">Protocol:</strong> TCP/UDP</li>
<li><strong style="color: #ffffff;">Minimum RAM:</strong> 1GB</li>
<li><strong style="color: #ffffff;">Engine:</strong> Various</li>
<li><strong style="color: #ffffff;">Steam App ID:</strong> <code style="background: #0f172a; padding: 2px 6px; border-radius: 3px; color: #a5b4fc;">294420</code></li>
<li><strong style="color: #ffffff;">Recommended OS:</strong> Linux (Ubuntu/Debian) or Windows Server</li>
<li><strong style="color: #ffffff;">Configuration Files:</strong><ul style="margin-top: 8px;">
<li><code style="background: #0f172a; padding: 2px 6px; border-radius: 3px; color: #a5b4fc;">serverconfig.xml</code> - Server Configurations</li>
<li><code style="background: #0f172a; padding: 2px 6px; border-radius: 3px; color: #a5b4fc;">Saves/serveradmin.xml</code> - Admin Configurations</li>
</ul></li>
</ul>
</div>
<h2 id="ports">🔌 Network Ports</h2>
<div style="background: #1e3a5f; padding: 20px; border-left: 4px solid #3b82f6; margin: 20px 0; border-radius: 4px;">
<h3 style="color: #ffffff; margin-top: 0;">Required Ports</h3>
<p style="color: #e5e7eb;">The 7 Days to Die server typically uses a configurable port. Check your server configuration files for the specific port settings.</p>
<h3 style="color: #ffffff; margin-top: 20px;">Firewall Configuration</h3>
<p style="color: #e5e7eb;">Allow server ports through your firewall:</p>
<pre><code style="color: #a5b4fc;"># UFW (Ubuntu/Debian)
sudo ufw allow [PORT]/tcp
sudo ufw allow [PORT]/udp
sudo ufw reload
# FirewallD (CentOS/RHEL)
sudo firewall-cmd --permanent --add-port=[PORT]/tcp
sudo firewall-cmd --permanent --add-port=[PORT]/udp
sudo firewall-cmd --reload
# Windows Firewall
netsh advfirewall firewall add rule name="7 Days to Die Server" dir=in action=allow protocol=TCP localport=[PORT]
netsh advfirewall firewall add rule name="7 Days to Die Server" dir=in action=allow protocol=UDP localport=[PORT]
</code></pre>
<h3 style="color: #ffffff; margin-top: 20px;">⚠️ Port Security Notes</h3>
<ul style="color: #fef3c7; line-height: 1.8;">
<li>Only open ports that are necessary for the game server to function</li>
<li>Consider using non-standard ports to reduce automated attacks</li>
<li>If using cloud hosting, configure security groups properly</li>
<li>Monitor connection attempts and unusual traffic patterns</li>
</ul>
</div>
<h2 id="installation">Installation & Setup</h2>
<h3>System Requirements</h3>
<ul>
<li><strong>OS:</strong> Linux (Ubuntu 20.04+ or Debian 11+ recommended) or Windows Server 2019+</li>
<li><strong>CPU:</strong> 2+ cores recommended (single-threaded performance important for most game servers)</li>
<li><strong>RAM:</strong> 1GB minimum (more for larger player counts)</li>
<li><strong>Storage:</strong> 5GB+ for server files (SSD recommended for better performance)</li>
<li><strong>Network:</strong> Stable internet connection with low latency</li>
</ul>
<h3>Installation Steps</h3>
<h4>Linux (Ubuntu/Debian)</h4>
<pre><code># Update system packages
sudo apt update && sudo apt upgrade -y
# Create server directory
mkdir -p ~/gameserver
cd ~/gameserver
# Download server files (method varies by game)
# Check official documentation for download links
</code></pre>
<h4>Windows Server</h4>
<p>Download the server files from the official game website or through Steam (if applicable). Extract to a dedicated folder and run the server executable.</p>
<h3>Using SteamCMD - RECOMMENDED METHOD</h3>
<p><strong>This game can be installed via SteamCMD using App ID: 294420</strong></p>
<h4>Install SteamCMD (Ubuntu/Debian)</h4>
<pre><code># Update package list
sudo apt update
# Enable 32-bit architecture
sudo dpkg --add-architecture i386
sudo apt update
# Install SteamCMD
sudo apt install -y lib32gcc-s1 steamcmd
</code></pre>
<h4>Download Server Files</h4>
<pre><code># Create directory for game server
mkdir -p ~/gameservers/7daystodie
# Run SteamCMD and download
steamcmd +login anonymous \
+force_install_dir ~/gameservers/7daystodie \
+app_update 294420 validate \
+quit
# Server files are now in ~/gameservers/7daystodie/
cd ~/gameservers/7daystodie
ls -la
</code></pre>
<h4>Windows Installation with SteamCMD</h4>
<ol>
<li>Download SteamCMD from: <a href="https://steamcdn-a.akamaihd.net/client/installer/steamcmd.zip" target="_blank">https://steamcdn-a.akamaihd.net/client/installer/steamcmd.zip</a></li>
<li>Extract to <code>C:\steamcmd\</code></li>
<li>Open Command Prompt and run:</li>
</ol>
<pre><code>cd C:\steamcmd
steamcmd.exe +login anonymous ^
+force_install_dir C:\gameservers\7daystodie ^
+app_update 294420 validate ^
+quit
</code></pre>
<h2 id="configuration">Server Configuration</h2>
<p>After installation, you'll need to configure your server. Here's where to find the configuration files and what settings you can change.</p>
<h3>Essential Settings</h3>
<ul>
<li><strong>Server Name:</strong> Set a descriptive name for your server</li>
<li><strong>Max Players:</strong> Configure based on your server's resources</li>
<li><strong>Password:</strong> Optional password protection for private servers</li>
<li><strong>Admin/RCON Password:</strong> Set a strong password for remote administration</li>
<li><strong>Game Mode:</strong> Configure game-specific modes and settings</li>
</ul>
<h3>Configuration Files</h3>
<p>Important configuration files for this server:</p>
<ul>
<li><strong><code>serverconfig.xml</code></strong> - Server Configurations</li>
<li><strong><code>Saves/serveradmin.xml</code></strong> - Admin Configurations</li>
</ul>
<h3>Server Commands</h3>
<p>Common administrative commands (access via console or RCON):</p>
<pre><code># Kick player
kick [player_name]
# Ban player
ban [player_name]
# Change map/level (syntax varies by game)
changelevel [map_name]
# Set admin password (if supported)
setadminpassword [password]
</code></pre>
<h2 id="parameters">⚙️ Startup Parameters</h2>
<h3>Basic Startup</h3>
<pre><code># Generic startup command structure
./server_executable [parameters]
</code></pre>
<h3>Common Parameters</h3>
<ul>
<li><code>-port [number]</code> - Set the server port</li>
<li><code>-maxplayers [number]</code> - Maximum player slots</li>
<li><code>-map [name]</code> - Starting map/level</li>
<li><code>-console</code> - Enable console output</li>
<li><code>-nographics</code> - Run without graphics (headless mode)</li>
</ul>
<h3>Creating a Start Script</h3>
<p><strong>Linux (start.sh):</strong></p>
<pre><code>#!/bin/bash
cd /path/to/server
./server_executable [parameters] 2>&1 | tee server.log
</code></pre>
<pre><code>chmod +x start.sh
./start.sh
</code></pre>
<p><strong>Windows (start.bat):</strong></p>
<pre><code>@echo off
cd /d "%~dp0"
server_executable.exe [parameters]
pause
</code></pre>
<h3>Running as a Service</h3>
<p><strong>Linux (systemd):</strong></p>
<pre><code># Create service file: /etc/systemd/system/gameserver.service
[Unit]
Description=7 Days to Die Server
After=network.target
[Service]
Type=simple
User=gameserver
WorkingDirectory=/home/gameserver/server
ExecStart=/home/gameserver/server/start.sh
Restart=on-failure
RestartSec=10
[Install]
WantedBy=multi-user.target
</code></pre>
<pre><code># Enable and start service
sudo systemctl daemon-reload
sudo systemctl enable gameserver
sudo systemctl start gameserver
sudo systemctl status gameserver
</code></pre>
<h2 id="troubleshooting">🔧 Troubleshooting</h2>
<h3>Server Won't Start</h3>
<h4>Check Server Logs</h4>
<pre><code># View recent log entries
tail -f server.log
# Or check system logs
journalctl -u gameserver -f
</code></pre>
<h4>Port Already in Use</h4>
<pre><code># Find what's using the port
sudo lsof -i :[PORT]
sudo netstat -tulpn | grep [PORT]
# Kill the process or change server port
</code></pre>
<h4>Missing Dependencies</h4>
<p>Ensure all required dependencies are installed. Check the error messages for missing libraries or packages.</p>
<h3>Connection Issues</h3>
<h4>Can't Connect to Server</h4>
<ol>
<li><strong>Verify server is running:</strong> <code>ps aux | grep server</code></li>
<li><strong>Check port is listening:</strong> <code>netstat -an | grep [PORT]</code></li>
<li><strong>Verify firewall rules</strong> (see Ports section above)</li>
<li><strong>Check server IP:</strong> Use external IP, not localhost</li>
<li><strong>Router/NAT:</strong> Ensure port forwarding is configured</li>
</ol>
<h4>High Latency/Lag</h4>
<ul>
<li>Check server resource usage (CPU, RAM, disk I/O)</li>
<li>Verify network bandwidth is adequate</li>
<li>Consider server location relative to players</li>
<li>Check for background processes consuming resources</li>
</ul>
<h3>Performance Issues</h3>
<h4>Server Lag</h4>
<ol>
<li><strong>Monitor resources:</strong> Use <code>htop</code> or <code>top</code></li>
<li><strong>Check disk I/O:</strong> Use <code>iotop</code></li>
<li><strong>Review server logs</strong> for errors or warnings</li>
<li><strong>Reduce player count</strong> or increase server resources</li>
<li><strong>Optimize configuration</strong> based on server capacity</li>
</ol>
<h4>Memory Leaks</h4>
<pre><code># Monitor memory usage
free -h
top -p $(pgrep -f server)
# Restart server regularly via cron if needed
0 4 * * * /home/gameserver/restart.sh
</code></pre>
<h2 id="performance">Performance Optimization</h2>
<h3>Server Tuning</h3>
<ul>
<li><strong>CPU:</strong> Ensure adequate CPU allocation; most game servers are single-threaded</li>
<li><strong>RAM:</strong> Allocate sufficient memory; monitor usage and adjust as needed</li>
<li><strong>Disk:</strong> Use SSD storage for better I/O performance</li>
<li><strong>Network:</strong> Ensure stable, low-latency connection</li>
</ul>
<h3>Operating System Optimization</h3>
<pre><code># Increase file descriptor limits
echo "* soft nofile 65536" >> /etc/security/limits.conf
echo "* hard nofile 65536" >> /etc/security/limits.conf
# Network tuning
sysctl -w net.core.rmem_max=16777216
sysctl -w net.core.wmem_max=16777216
sysctl -w net.ipv4.tcp_rmem="4096 87380 16777216"
sysctl -w net.ipv4.tcp_wmem="4096 87380 16777216"
</code></pre>
<h3>Monitoring</h3>
<p>Set up monitoring to track server health:</p>
<ul>
<li>CPU and memory usage</li>
<li>Network traffic and latency</li>
<li>Player count and activity</li>
<li>Error rates and crash logs</li>
</ul>
<h3>Backup Strategy</h3>
<pre><code>#!/bin/bash
# backup.sh - Run via cron
DATE=$(date +%Y%m%d_%H%M%S)
BACKUP_DIR="/backups/gameserver"
SERVER_DIR="/home/gameserver/server"
# Create backup
tar -czf $BACKUP_DIR/backup_$DATE.tar.gz -C $SERVER_DIR .
# Keep only last 7 days
find $BACKUP_DIR -name "backup_*.tar.gz" -mtime +7 -delete
</code></pre>
<h2 id="security">Security Best Practices</h2>
<h3>Firewall Configuration</h3>
<pre><code># Minimal firewall - only allow necessary ports
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow [SERVER_PORT]/tcp
sudo ufw allow [SERVER_PORT]/udp
sudo ufw allow 22/tcp # SSH
sudo ufw enable
</code></pre>
<h3>Strong Passwords</h3>
<ul>
<li>Use strong, unique passwords for admin/RCON access</li>
<li>Never use default passwords</li>
<li>Change passwords regularly</li>
<li>Don't share admin credentials unnecessarily</li>
</ul>
<h3>Regular Updates</h3>
<ul>
<li>Keep server software updated to the latest stable version</li>
<li>Update operating system and dependencies regularly</li>
<li>Subscribe to security advisories for your game</li>
<li>Test updates on a staging server before production deployment</li>
</ul>
<h3>Access Control</h3>
<ul>
<li>Limit SSH access to specific IPs if possible</li>
<li>Use SSH keys instead of passwords</li>
<li>Disable root login via SSH</li>
<li>Implement fail2ban or similar intrusion prevention</li>
</ul>
<h3>DDoS Protection</h3>
<ul>
<li>Consider DDoS protection services (Cloudflare, OVH, etc.)</li>
<li>Implement rate limiting where supported</li>
<li>Monitor for unusual traffic patterns</li>
<li>Have an incident response plan</li>
</ul>
<h2>Additional Resources</h2>
<ul>
<li>Official 7 Days to Die documentation and forums</li>
<li>Community wikis and guides</li>
<li>Game-specific Discord or Reddit communities</li>
<li>Server hosting provider documentation</li>
</ul>
<div style="background: #78350f; padding: 20px; border-left: 4px solid #f59e0b; margin: 20px 0; border-radius: 4px;">
<h3 style="color: #ffffff; margin-top: 0;"><i class="fas fa-exclamation-triangle" style="color: #fbbf24; margin-right: 8px;"></i>Important Notes</h3>
<ul style="color: #fef3c7; line-height: 1.8; margin: 0;">
<li>Always make backups before making configuration changes</li>
<li>Keep your server and dependencies updated</li>
<li>Monitor server resources and player activity</li>
<li>Follow the game's End User License Agreement (EULA) and Terms of Service</li>
<li>Join community forums for support and best practices</li>
</ul>
</div>
<p style="text-align: center; margin-top: 30px; color: #666;">
<em>Last updated: November 2025 | For 7 Days to Die server hosting</em>
</p>

View file

@ -1,7 +0,0 @@
{
"description": "Comprehensive guide for 7 Days to Die dedicated servers with XML modding, ports, web control panel, and zombie survival hosting",
"name": "7 Days to Die",
"order": 33,
"category": "game",
"complete": true
}

View file

@ -1,234 +0,0 @@
# Comprehensive Game Documentation Update
## Date: November 22, 2025
## Overview
This document describes the comprehensive enhancement of ALL game server documentation in the GSP project. The goal was to replace generic placeholder text with detailed, actionable instructions for end users who want to install game servers on their own PC (Windows or Ubuntu).
## Problem Statement
The original documentation had several issues:
1. **Generic Port Placeholders**: Many games showed "Check server configuration" as the port number instead of actual ports
2. **Missing Installation Details**: No specific SteamCMD commands with App IDs
3. **Vague Configuration**: Generic instructions like "check configuration files" without specifics
4. **No Startup Parameters**: Missing detailed startup command explanations
5. **Generic Troubleshooting**: Common "check the logs" advice instead of game-specific solutions
## Solution Implemented
### 1. Enhanced Documentation Generator Script
Modified `tools/generate_game_docs.py` to:
- **Extract Real Data from XML Configs**: Parse actual port numbers, configuration files, and settings from the 244 XML server configs
- **Steam App ID Database**: Added lookup table for 50+ popular games with their Steam App IDs
- **Generate Exact Commands**: Create specific SteamCMD installation commands with real App IDs
- **Parse Configuration Details**: Extract all settings from XML `replace_texts` and `custom_fields` sections
- **Include Startup Parameters**: Extract parameters from XML `cli_template` and `server_params`
- **Add Troubleshooting**: Pull game-specific troubleshooting from knowledgepack YAML data
### 2. Processing Results
**Processed: 134 games**
**Skipped: 15 games** (already complete and no generic text)
**Errors: 0**
### 3. What Each Game Now Has
Every game documentation now includes:
1. **Quick Info Section**
- Actual port numbers (or "Varies" with explanation)
- Protocol (TCP/UDP)
- Memory requirements
- Engine information
- **Steam App ID** (e.g., 320850 for Life is Feudal)
- Recommended OS
2. **Comprehensive Port Information**
- Complete list of ALL ports the game uses
- What each port is for
- Whether it's required or optional
- Firewall configuration examples for:
- UFW (Ubuntu/Debian)
- FirewallD (CentOS/RHEL)
- Windows Firewall
- Router port forwarding instructions
3. **Detailed Installation Instructions**
- **For Steam games**: Exact SteamCMD commands
```bash
steamcmd +login anonymous \
+force_install_dir ~/gameservers/GAME \
+app_update APPID validate \
+quit
```
- Step-by-step for both Ubuntu and Windows
- System requirements
- Required dependencies
4. **Configuration File Details**
- Exact file paths from XML configs
- What each configuration file does
- Available settings extracted from XML
- Example configurations
5. **Startup Commands**
- Actual startup commands from XML
- Parameter explanations
- Example start scripts for Linux and Windows
- Systemd service file template
6. **Troubleshooting**
- Game-specific issues from knowledgepack where available
- Common server startup problems
- Connection troubleshooting
- Performance optimization tips
7. **Security Best Practices**
- Firewall configuration
- Password management
- Regular updates
- Backup strategies
## Example: Life is Feudal
### Before
- Default Port: "Check server configuration"
- No App ID mentioned
- Generic "download server files" instruction
### After
- Steam App ID: **320850**
- Exact command:
```bash
steamcmd +login anonymous \
+force_install_dir ~/gameservers/lifeisfeudal \
+app_update 320850 validate \
+quit
```
- Configuration file: `config/world_1.xml`
- Settings: name, adminPassword, port, maxPlayers (all extracted from XML)
## Files Modified
### Scripts
- `tools/generate_game_docs.py` - Enhanced with comprehensive data extraction
- `tools/find_missing_game_icons.py` - NEW - Icon checker script
### Documentation Files
- 134 `modules/billing/docs/*/index.php` files regenerated
- 134 `modules/billing/docs/*/metadata.json` files marked as complete
### Total Changes
- 299 files changed
- ~20,000 lines of new/updated documentation
- 0 errors during processing
## Verification
### Generic Text Check
**Before**: 95+ games with "Check server configuration" as port placeholder
**After**: Only 1 non-game file (common-issues) has placeholder text
### Port Information
- Real ports extracted from knowledgepack YAML
- Fallback to "Varies (see configuration)" when specific port unavailable
- All games have firewall configuration examples
### Steam App IDs
50+ games now have correct App IDs:
- Life is Feudal: 320850
- CS:GO: 740
- Rust: 258550
- Squad: 403240
- Valheim: 896660
- (and 45+ more)
## Remaining Tasks
### 1. Game Icons (Low Priority)
Only 4 games missing icons (all plugin/mod systems, not actual games):
- amxmodx
- b3
- metamodsource
- oxide
Use `tools/find_missing_game_icons.py` to check for missing icons.
### 2. Future Enhancements (Optional)
- Add web search capability to find game-specific troubleshooting solutions
- Expand knowledgepack YAML with more games
- Add more Steam App IDs to the database
- Include mod/plugin installation guides
## How to Use the Generator
### Process All Incomplete Games
```bash
cd /home/runner/work/GSP/GSP
python3 tools/generate_game_docs.py
```
### Check for Missing Icons
```bash
python3 tools/find_missing_game_icons.py
```
## Technical Details
### Steam App ID Database
Located in `generate_game_docs.py`, the `get_steam_app_id()` method contains a dictionary with 50+ mappings:
```python
app_ids = {
'7daystodie': '294420',
'arkse': '376030',
'arma3': '233780',
# ... 45+ more
}
```
### XML Config Parsing
The script extracts:
- Port configurations from `replace_texts` section
- Configuration files from `configuration_files` section
- Startup parameters from `cli_template` and `server_params`
- App IDs from `mods/mod/installer_name`
### Knowledgepack Integration
Pulls from `gameserver_knowledgepack_v2.yaml`:
- Port information with purposes
- System requirements
- Typical startup commands
- Troubleshooting issues and fixes
## Documentation Standards
All generated documentation follows this structure:
1. Quick Navigation (anchor links)
2. Overview
3. Quick Info box
4. System Requirements
5. Complete Port List
6. Installation (with exact commands)
7. Configuration (file-by-file)
8. Startup Parameters
9. Troubleshooting
10. Performance Optimization
11. Security Best Practices
12. Additional Resources
## Conclusion
The game documentation enhancement is **COMPLETE** with 134 games now having comprehensive, actionable installation and configuration guides. The documentation is suitable for end users with no prior knowledge of game server hosting, providing step-by-step instructions for both Windows and Ubuntu.
**Key Achievement**: Zero games now display "Check server configuration" as a port placeholder.
---
*Last Updated: November 22, 2025*
*Script: tools/generate_game_docs.py*
*Processed: 134 games successfully*

View file

@ -1,250 +0,0 @@
# Documentation Enhancement Summary
## Overview
This document summarizes the comprehensive enhancements made to the billing module's documentation system and session handling.
## Issues Resolved
### 1. Documentation Page Login Button Issue ✅
**Problem:** Documentation page showed "Login" button even when user was logged in.
**Root Cause:** docs.php used basic `session_start()` instead of the website's session name.
**Solution:** Changed to use `opengamepanel_web` session name to match rest of website.
### 2. Cart Page Display Issue ✅
**Problem:** Cart page didn't display when clicking menu link.
**Root Cause:** cart.php also used basic `session_start()` causing session inconsistency.
**Solution:** Changed to use `opengamepanel_web` session name for consistency.
### 3. Documentation Content Enhancement ✅
**Problem:** Documentation was basic, system-specific, and not comprehensive enough for SEO.
**Solution:** Created detailed, XML-independent, general hosting guides for major games.
## Changes Made
### Session Fixes
**Files Modified:**
- `modules/billing/docs.php`
- `modules/billing/cart.php`
**Change:**
```php
// OLD
session_start();
// NEW
if (session_status() === PHP_SESSION_NONE) {
session_name("opengamepanel_web");
session_start();
}
```
This ensures the documentation and cart pages use the same session as the rest of the website (login.php, menu.php, etc.), so login state is properly detected.
### Documentation Enhancements
#### Games Enhanced (3 of 151 total)
1. **Minecraft Java Edition** (549 lines)
2. **CS:GO & CS2** (584 lines)
3. **Rust** (455 lines)
#### Documentation Structure (Template for All Games)
Each comprehensive guide includes:
1. **Navigation Bar** - Quick links to all sections
2. **Quick Info Section** - Essential details at a glance:
- Default ports (game, RCON, query)
- RAM requirements (min/recommended)
- Storage requirements
- Log file locations
- Default configurations
- Protocol information
3. **Installation & Setup** - Complete instructions:
- System requirements (CPU, RAM, storage, bandwidth)
- Linux installation steps
- Windows installation steps
- SteamCMD usage (where applicable)
- First-time setup procedures
4. **Server Configuration** - Detailed config guides:
- All configuration files explained
- Every parameter documented
- Example configurations
- Best practices
5. **Startup Parameters** - Complete reference:
- All command-line parameters
- Parameter breakdown and explanations
- Startup script examples (Linux & Windows)
- Advanced optimization flags
6. **Plugins & Mods** - Enhancement guides:
- Plugin/mod platform installation
- Popular plugins/mods list with descriptions
- Installation procedures
- Configuration examples
7. **Troubleshooting** - Common issues & solutions:
- Server won't start
- Connection issues
- Performance problems
- Error messages and fixes
- Diagnostic commands
8. **Performance Optimization** - Tuning guides:
- Configuration optimization
- Resource management
- Automation scripts
- Monitoring tips
- Scheduled maintenance
9. **Additional Resources** - External links:
- Official documentation
- Community resources
- Tools and utilities
- Support forums
## Documentation Principles
### ✅ XML-Independent
- Does NOT pull information from panel XML files
- Does NOT reference `modules/config_games/server_configs/`
- Stands alone as general game server hosting information
### ✅ General Hosting Focus
- Written from VPS/dedicated server perspective
- Not specific to our panel system
- Applicable to any hosting environment
- User could follow these guides on any server
### ✅ SEO-Optimized
- Comprehensive content (400-600 lines per game)
- Covers all aspects of server hosting
- Natural keyword integration
- Designed to rank in Google search results
- Goal: Become go-to resource for game server hosting
### ✅ Professional Quality
- Clean, modern formatting
- Code examples with syntax highlighting
- Internal navigation between sections
- Consistent structure across all games
- Production-ready commands and configs
## Benefits
### For Users
- Complete guides for setting up game servers
- Troubleshooting help for common issues
- Performance optimization tips
- All info in one place
### For Business
- SEO boost - comprehensive guides rank well
- Authority building - comprehensive content
- Traffic generation - users find guides via Google
- Reduced support load - self-service documentation
### For Future Development
- Template established for remaining 148 games
- Consistent structure makes expansion easy
- Can be enhanced incrementally
- Scalable approach
## Remaining Games (148)
The same comprehensive template can be applied to all remaining games:
- ARK: Survival Evolved
- Valheim
- 7 Days to Die
- Team Fortress 2
- Garry's Mod
- Terraria
- Don't Starve Together
- Project Zomboid
- Satisfactory
- V Rising
- Palworld
- And 138 more...
## Testing Completed
✅ PHP syntax validation - No errors
✅ CodeQL security scan - No issues
✅ Session handling verified
✅ Documentation structure validated
✅ No XML references confirmed
✅ File permissions correct
## Implementation Notes
### Session Name Consistency
The entire billing module now uses `opengamepanel_web` session name:
- login.php ✅
- register.php ✅
- logout.php ✅
- menu.php ✅
- docs.php ✅ (FIXED)
- cart.php ✅ (FIXED)
- my_account.php ✅
- All other pages ✅
### Documentation File Structure
```
docs/
├── minecraft/
│ ├── index.php (549 lines - comprehensive)
│ ├── index_old.php (backup)
│ ├── metadata.json
│ └── icon.png
├── csgo/
│ ├── index.php (584 lines - comprehensive)
│ ├── index_old.php (backup)
│ ├── metadata.json
│ └── icon.jpg
├── rust/
│ ├── index.php (455 lines - comprehensive)
│ ├── index_old.php (backup)
│ ├── metadata.json
│ └── icon.png
└── [148 other games with basic docs to be enhanced]
```
## Future Enhancement Ideas
1. **Add More Games** - Apply template to remaining 148 games
2. **Video Tutorials** - Link to video guides where available
3. **Interactive Commands** - Copy-to-clipboard for commands
4. **Version History** - Track game version updates
5. **Community Contributions** - Allow user-submitted tips
6. **Search Functionality** - Cross-game documentation search
7. **Translations** - Multi-language support
## Maintenance
### Keeping Documentation Current
- Monitor game updates and patches
- Update documentation quarterly
- Track breaking changes in games
- Community feedback integration
### Backup Strategy
All original documentation files are preserved as `index_old.php` in each game folder for reference and potential rollback if needed.
## Conclusion
The documentation system is now:
- ✅ Fully functional with correct session handling
- ✅ Comprehensive for 3 major games (Minecraft, CS:GO/CS2, Rust)
- ✅ Template-based for easy expansion to remaining games
- ✅ SEO-optimized for Google search ranking
- ✅ XML-independent and general hosting focused
- ✅ Production-ready and tested
**Status:** Ready for review and deployment
---
*Created: November 8, 2024*
*Last Updated: November 8, 2024*

View file

@ -1,271 +0,0 @@
# Game Server Documentation Expansion Plan
## Executive Summary
This document outlines the comprehensive plan for enhancing documentation for all 151 games supported by the GameServerPanel billing module. As of the current phase, 6 games have comprehensive documentation (200+ lines each), with 145 games remaining at basic level (67 lines average).
## Completed Games (6/151)
### Phase 1 - Already Enhanced (3 games)
1. **Minecraft Java Edition** (549 lines) - Complete
2. **CS:GO & CS2** (584 lines) - Complete
3. **Rust** (455 lines) - Complete
### Phase 2 - Recently Enhanced (3 games)
4. **Valheim** (325 lines) - Complete
5. **ARK: Survival Evolved** (303 lines) - Complete
6. **Terraria** (359 lines) - Complete
## Documentation Enhancement Template
Each enhanced game documentation includes:
### 1. Navigation Bar
- Quick links to all major sections
- Improves user experience and SEO
- Anchor links for easy jumping
### 2. Quick Info Section (Required Details)
- Default ports (game, query, RCON)
- Protocol (TCP/UDP)
- RAM requirements (min/recommended)
- CPU recommendations
- Storage requirements
- SteamCMD App ID (if applicable)
- Max players
- Config file locations
- Log file paths
### 3. Installation & Setup
- System requirements breakdown
- Windows installation steps
- Linux installation steps (preferred with SteamCMD)
- macOS installation (if supported)
- First-time setup procedures
- Directory structure explanation
### 4. Server Configuration
- Configuration file locations
- Complete parameter reference
- Example configurations
- Best practices for settings
- Multiple configuration scenarios
### 5. Startup Parameters
- Command-line options table
- Parameter descriptions
- Example startup scripts (Windows & Linux)
- Advanced optimization flags
- Launch parameter combinations
### 6. Port Forwarding & Networking
- Required ports list with protocols
- Router configuration examples
- Firewall rules (UFW for Linux, Windows Firewall)
- NAT configuration guidance
- DMZ considerations
### 7. Plugins/Mods/Extensions
- Popular mod loaders (if applicable)
- Plugin installation procedures
- Popular plugins/mods list
- Configuration examples
- Compatibility notes
### 8. Troubleshooting
- Server won't start solutions
- Connection issues diagnosis
- Performance problems
- Common error messages
- Log file analysis
- Diagnostic commands
### 9. Performance Optimization
- Server sizing guidelines by player count
- Resource management tips
- Configuration tuning
- Automated maintenance
- Monitoring recommendations
### 10. Admin Tools & Commands
- Console commands reference
- Admin authentication
- User management
- Server control commands
- Debugging tools
### 11. Backup & Recovery
- Backup strategy recommendations
- Automated backup scripts (Linux/Windows)
- World/save file locations
- Recovery procedures
- Disaster recovery planning
### 12. Additional Resources
- Official documentation links
- Community resources
- Forums and support
- Tool recommendations
- Related guides
## Priority Game List (Next 20 Games)
### High Priority (Most Popular)
1. Team Fortress 2 (TF2)
2. Garry's Mod
3. Don't Starve Together
4. Left 4 Dead 2
5. Counter-Strike: Source
6. Counter-Strike 1.6
7. Project Zomboid
8. V Rising
9. Satisfactory
10. Conan Exiles
### Medium Priority (Popular)
11. 7 Days to Die
12. Killing Floor 2
13. Insurgency Sandstorm
14. Squad
15. Arma 3
16. DayZ
17. Space Engineers
18. Eco
19. Factorio
20. Unturned
## Research Sources for Each Game
### Primary Sources
1. Official game websites and documentation
2. Official game wikis (Fandom, Wiki.gg)
3. Steam Community guides
4. Developer documentation
### Secondary Sources
1. Hosting provider knowledge bases (Nitrado, GTXGaming, etc.)
2. Reddit communities (r/[gamename])
3. GitHub repositories for tools/mods
4. YouTube server setup tutorials
5. Forum threads (AlliedModders, SRCDS, etc.)
### Information to Gather
- SteamCMD App ID
- Default ports and protocols
- Minimum and recommended hardware
- Configuration file formats and locations
- Startup parameters and options
- Common troubleshooting issues
- Popular mods/plugins
- Admin tools and commands
- Performance optimization tips
## Implementation Strategy
### Batch Processing Approach
1. **Research Phase** - Gather information for 5-10 games at once
2. **Documentation Phase** - Write comprehensive guides using template
3. **Review Phase** - Syntax check, link validation, formatting
4. **Commit Phase** - Commit in batches to track progress
### Quality Standards
- Minimum 300 lines per enhanced game
- All sections from template must be present
- At least 5 external resource links
- Proper formatting with code blocks and tables
- No syntax errors (PHP validation)
- SEO-optimized content
### Estimated Timeline
- **Per game:** 30-45 minutes (research + writing)
- **Batch of 10:** 5-8 hours
- **All 145 remaining:** 72-108 hours total work
## Automation Opportunities
### Possible Automations
1. **Port extraction** from XML config files
2. **Template generation** with game-specific placeholders
3. **Batch PHP syntax checking**
4. **Link validation** across all docs
5. **Formatting consistency** checks
### Manual Work Required
- Game-specific troubleshooting research
- Community resource identification
- Mod/plugin ecosystem understanding
- Performance optimization specifics
- Platform-specific considerations
## Progress Tracking
### Current Status
- **Enhanced:** 6 games (4% complete)
- **Remaining:** 145 games (96% to do)
- **Total Documentation Lines:** ~2,575 lines (enhanced games only)
- **Average Lines per Enhanced Game:** 429 lines
### Completion Milestones
- **10% (15 games):** Target date TBD
- **25% (38 games):** Target date TBD
- **50% (76 games):** Target date TBD
- **75% (113 games):** Target date TBD
- **100% (151 games):** Target date TBD
## Benefits of Completion
### For Users
- Comprehensive self-service documentation
- Reduced setup time and frustration
- Better troubleshooting guidance
- Performance optimization tips
- Community resource discovery
### For Business
- **SEO boost** - 145 new comprehensive pages ranking for game server hosting
- **Authority building** - Comprehensive resource destination
- **Traffic generation** - Organic search traffic from game communities
- **Support reduction** - Self-service documentation reduces tickets
- **Competitive advantage** - Most comprehensive game server hosting documentation
### For Search Rankings
- Long-form content (300+ lines per game)
- Natural keyword integration
- Internal linking structure
- External authoritative links
- Regular update potential
- User engagement (navigation, resource links)
## Maintenance Plan
### Regular Updates
- **Quarterly review** - Check for game updates, new versions
- **Version tracking** - Monitor major game releases
- **Link validation** - Ensure external resources remain valid
- **Community feedback** - Incorporate user suggestions
- **Error corrections** - Fix reported issues promptly
### Update Triggers
- Major game version releases
- New DLC or expansion launches
- Significant mod ecosystem changes
- Breaking configuration changes
- New hosting best practices
## Next Steps
1. **Immediate:** Complete next batch of 10-15 popular games
2. **Short-term:** Develop automation for repetitive tasks
3. **Mid-term:** Complete top 50 most popular games
4. **Long-term:** Achieve 100% documentation coverage
5. **Ongoing:** Maintain and update as games evolve
## Conclusion
The documentation expansion project is critical for establishing the platform as the authoritative resource for game server hosting. While comprehensive, the systematic approach outlined ensures quality, consistency, and long-term maintainability.
---
**Created:** November 2024
**Last Updated:** November 2024
**Status:** In Progress (6/151 games enhanced)

View file

@ -1,282 +0,0 @@
# Multiplayer Games with Dedicated Server Support
**Last Updated:** November 10, 2025
This list contains multiplayer games that support dedicated server hosting, ordered by popularity (most to least popular based on player counts, community activity, and hosting demand).
## Legend
- ~~Strikethrough~~ = Documentation complete
- Normal text = Documentation incomplete (shows with "TODO:" prefix on site)
---
## Top Tier (Extremely Popular)
1. ~~Minecraft~~ - Sandbox building and survival
2. Counter-Strike 2 - Tactical FPS (CS2 not yet in GSP, covered in CS:GO docs)
3. ~~Counter-Strike: Global Offensive~~ - Tactical FPS & CS2 (Source 2 engine)
4. ~~Rust~~ - Survival crafting and PvP
5. ~~Arma 3~~ - Military simulation
6. ~~ARK: Survival Evolved~~ - Dinosaur survival
7. Garry's Mod - Sandbox multiplayer
8. ~~Valheim~~ - Viking survival co-op
9. ~~7 Days to Die~~ - Zombie survival crafting
10. ~~Terraria~~ - 2D sandbox adventure
## High Popularity
11. ~~DayZ Standalone~~ - Zombie survival
12. ~~Team Fortress 2~~ - Team-based FPS
13. ~~Left 4 Dead 2~~ - Co-op zombie shooter
14. Squad - Tactical military FPS
15. ~~Killing Floor 2~~ - Co-op wave shooter
16. 21. ~~Insurgency: Sandstorm~~ - Tactical FPS
17. Space Engineers - Space sandbox engineering
18. Don't Starve Together - Survival co-op
19. ~~Conan Exiles~~ - Survival and building
20. Unturned - Zombie survival
## Medium-High Popularity
21. ~~Counter-Strike: Source~~ - Classic Source engine tactical FPS
22. ~~Counter-Strike 1.6~~ - Original CS (GoldSrc engine)
23. ~~Arma 2: Operation Arrowhead~~ - Military sim (DayZ Mod base)
24. ~~Arma 2: Combined Operations~~ - Arma 2 + OA (DayZ Mod)
25. ~~Left 4 Dead~~ - Co-op zombie shooter
26. 13. ~~Killing Floor~~ - Co-op horror shooter
27. Insurgency - Tactical FPS
28. The Forest - Survival horror co-op
29. Starbound - 2D space exploration
30. Project Zomboid - Zombie survival RPG
## Medium Popularity
31. Factorio - Factory building automation
32. Eco - Environmental survival simulation
33. V Rising - Vampire survival
34. Satisfactory - Factory building 3D
35. Stationeers - Space station engineering
36. Mordhau - Medieval combat
37. Red Orchestra 2 - WWII tactical shooter
38. Rising Storm 2: Vietnam - Tactical FPS
39. Day of Infamy - WWII FPS
40. Pavlov VR - VR tactical shooter
## Legacy / Niche Popular
41. Arma 2 - Military simulation
42. Arma Reforger - Modern military sim
43. Team Fortress Classic - Classic team FPS
44. Day of Defeat: Source - WWII team shooter
45. Natural Selection 2 - FPS/RTS hybrid
46. Nuclear Dawn - FPS/RTS hybrid
47. Dystopia - Cyberpunk source mod
48. Pirates, Vikings and Knights II - Medieval combat mod
49. Zombie Master: Reborn - Asymmetric zombie game
50. The Ship - Murder mystery multiplayer
## Specialized / Modding Communities
51. Multi Theft Auto (MTA) - GTA multiplayer mod
52. San Andreas Multiplayer (SAMP) - GTA SA multiplayer
53. FiveM - GTA V multiplayer mod
54. Just Cause 2 Multiplayer - JC2 mod
55. Mafia 2 Online - Mafia 2 multiplayer
56. Vice City Multiplayer - GTA VC multiplayer
57. IV Multiplayer - GTA IV multiplayer
## Survival & Building Games
58. Hurtworld - Survival crafting
59. Miscreated - Survival horror
60. Reign of Kings - Medieval survival
61. Life is Feudal - Medieval MMO survival
62. Empyrion: Galactic Survival - Space survival
63. ATLAS - Pirate MMO survival
64. PixARK - Voxel ARK variant
65. Wurm Unlimited - Medieval sandbox MMO
## Racing & Simulation
66. Assetto Corsa - Racing simulation
67. Euro Truck Simulator 2 - Truck driving sim
68. BeamNG.drive - Vehicle physics sim
69. Trackmania Nations Forever - Racing arcade
70. Trackmania - Modern racing arcade
## Tactical & Military Shooters
71. Battlefield 2 - Combined arms warfare
72. Battlefield: Bad Company 2 - Modern warfare
73. Call of Duty (original) - WWII FPS
74. Call of Duty 2 - WWII FPS
75. Call of Duty 4: Modern Warfare - Modern FPS
76. Call of Duty: World at War - WWII FPS
77. Call of Duty: Modern Warfare 2 - Modern FPS
78. Call of Duty: Modern Warfare 3 - Modern FPS
79. Call of Duty: United Offensive - WWII expansion
80. Call of Duty: Black Ops - Cold War FPS
81. Medal of Honor: Allied Assault - WWII FPS
82. Medal of Honor: Spearhead - WWII expansion
83. Medal of Honor: Breakthrough - WWII expansion
84. Homefront - Modern warfare FPS
85. Sniper Elite V2 - Tactical sniper game
## Classic Source Engine Games
86. Half-Life 2: Deathmatch - Physics-based deathmatch
87. Half-Life Deathmatch - Classic deathmatch
88. Deathmatch Classic - Quake-style deathmatch
89. Synergy - Half-Life 2 co-op mod
90. The Hidden: Source - Asymmetric multiplayer mod
91. Fistful of Frags - Western multiplayer mod
92. GoldenEye: Source - GoldenEye remake mod
## Arena Shooters
93. Quake 3 Arena - Classic arena shooter
94. Quake 4 - Sci-fi arena shooter
95. Unreal Tournament 99 - Classic arena shooter
96. Unreal Tournament 2004 - Arena shooter
97. Unreal Tournament 3 - Modern arena shooter
98. Warsow - Fast-paced arena shooter
99. Xonotic - Open-source arena shooter
100. Nexuiz - Arena shooter
101. Alien Arena - Sci-fi arena shooter
## RTS & Strategy
102. Age of Chivalry - Medieval Source mod
103. Chivalry: Medieval Warfare - Medieval slasher
## Zombie & Horror Co-op
104. No More Room in Hell - Realistic zombie co-op
105. Brain Bread 2 - Zombie co-op shooter
## MMO & Persistent Worlds
106. Soldat - 2D multiplayer shooter
107. OpenTTD - Transport simulation
108. Minetest - Open-source voxel game
109. Free Orion - Space strategy
110. Freeciv - Civilization-like strategy
## Voice & Communication Servers
111. TeamSpeak 2 - Voice communication
112. TeamSpeak 3 - Voice communication
113. Mumble - Low-latency voice chat
114. Ventrilo - Voice communication
## Streaming & Broadcasting
115. Shoutcast - Internet radio streaming
116. SinusBot - TeamSpeak music bot
## Specialized Game Servers
117. BattlEye - Anti-cheat system
118. BigBrotherBot - Game server admin bot
119. SpunkyBot - Urban Terror admin bot
120. Jedi Knight 2: Jedi Outcast - Star Wars FPS
121. Jedi Knight: Jedi Academy - Star Wars FPS
122. Halo: Combat Evolved - Sci-fi FPS
123. Serious Sam HD: First Encounter - Co-op shooter
124. Serious Sam HD: Second Encounter - Co-op shooter
125. Blood Frontier - Arena shooter
126. Citadel: Forged with Fire - Fantasy survival
127. Wreckfest - Demolition racing
128. Alien Swarm: Reactive Drop - Top-down co-op shooter
129. Aliens vs Predator - Sci-fi multiplayer FPS
## Flight Simulators
130. IL-2 Sturmovik - WWII flight sim
131. FlightGear Multi-Simulator (FGMS) - Open-source flight sim
## Legacy & Retro Games
132. Half-Life TV - HL spectator system
133. Ricochet - Disc-throwing arena game
134. Smashball - Sport/combat hybrid
135. Condition Zero - Counter-Strike variant
## Mods & Total Conversions
136. Counter-Strike: Promod - Competitive CS mod
137. Age of Chivalry - Source engine medieval mod
138. Empires Mod - RTS/FPS hybrid mod
139. Epsilon Source Mod - Source engine mod
140. Obsidian Conflict - Half-Life 2 co-op mod
141. Pirates, Vikings & Knights - Medieval combat
142. Smoking Guns - Western shooter mod
143. Soldier of Fortune - Tactical shooter
144. Urban Terror - Tactical realism mod
145. Wolfenstein: Return to Castle Wolfenstein - WWII FPS
146. Zombie Panic: Source - Zombie infection mod
147. ROR Server - Rigs of Rods multiplayer
## VPS/Panel Management Tools
148. Getting Started Guide - Server hosting basics
149. Common Issues - General troubleshooting guide
---
## Summary Statistics
- **Total Games Listed:** 149
- **Documentation Complete:** 8 (5.4%)
- ~~Minecraft~~
- ~~Arma 3~~
- ~~Arma 2: Operation Arrowhead~~
- ~~Arma 2: Combined Operations~~
- ~~DayZ Standalone~~
- ~~Counter-Strike: Global Offensive~~ (includes CS2)
- ~~Counter-Strike: Source~~
- ~~Counter-Strike 1.6~~
- **Documentation Incomplete:** 141 (94.6%)
## Next Priority Games for Documentation
### Phase 3 - Counter-Strike Family ✅ COMPLETE
All Counter-Strike games now documented:
- ~~Counter-Strike: Global Offensive~~ (includes CS2 coverage)
- ~~Counter-Strike: Source~~
- ~~Counter-Strike 1.6~~
### Phase 4 - Popular Survival Games (Target: 6 games)
4. Counter-Strike 1.6
### Phase 4 - Popular Survival Games (Target: 6 games)
1. Rust
2. ARK: Survival Evolved
3. Valheim
4. Terraria
5. 7 Days to Die
6. Conan Exiles
### Phase 5 - Co-op Shooters (Target: 6 games)
1. Left 4 Dead 2
2. Left 4 Dead
3. Killing Floor 2
4. Killing Floor
5. Team Fortress 2
6. Insurgency: Sandstorm
---
**Note:** Popularity rankings based on:
- Current Steam player counts (November 2025)
- Community activity and server hosting demand
- Active modding communities
- Longevity and continued support
**Documentation Standard:** Each complete game includes:
- ✅ Comprehensive ports table (all ports with purposes)
- ✅ Firewall configurations (UFW, FirewallD, Windows, iptables)
- ✅ Startup parameters with detailed explanations
- ✅ Troubleshooting sections with specific solutions
- ✅ Performance optimization tips
- ✅ Security best practices
- ✅ Resource links with citations

View file

@ -1,199 +0,0 @@
# Game Server Documentation Generation
## Overview
This directory contains comprehensive game server hosting documentation for 143+ games. The documentation follows a consistent template structure based on the Minecraft server guide.
## Generated Documentation
In November 2024, we generated comprehensive documentation for 98 game servers that were previously in the "todo" category. Each game now has:
- **Quick Navigation Menu** - Easy access to all sections
- **Quick Info** - Default ports, protocols, RAM requirements, engine info
- **Network Ports** - Detailed port tables with firewall configuration examples
- **Installation & Setup** - System requirements and installation steps
- **Server Configuration** - Configuration files and essential settings
- **Startup Parameters** - Command-line parameters and service setup
- **Troubleshooting** - Common issues and solutions
- **Performance Optimization** - Tuning and monitoring tips
- **Security Best Practices** - Firewall, passwords, updates, DDoS protection
- **Additional Resources** - External references and community links
## Documentation Structure
Each game documentation folder contains:
```
gamename/
├── index.php - Main documentation content
├── metadata.json - Category, name, description, order
└── icon.png/jpg - Game icon (optional)
```
### metadata.json Format
```json
{
"name": "Game Name",
"description": "Brief description for the game",
"category": "game",
"order": 1
}
```
## Categories
Documentation is organized into categories:
- **game** - Game server documentation (143+ servers)
- **mods** - Mod/plugin documentation
- **panel** - Panel-specific documentation
- **troubleshooting** - General troubleshooting guides
- **other** - Other documentation
## Generation Tool
The documentation was generated using the `generate_game_docs.py` script located in `/tools/`.
### Data Sources
The generator uses multiple data sources:
1. **XML Configurations** (`/modules/config_games/server_configs/*.xml`)
- Port configurations
- Configuration file paths
- Custom fields and parameters
2. **YAML Knowledgepack** (`/modules/billing/docs/gameserver_knowledgepack_v2.yaml`)
- Network port details
- System requirements
- Startup commands
- Troubleshooting tips
- External references
3. **Template Structure** (Based on Minecraft documentation)
- Consistent formatting
- Comprehensive coverage
- User-friendly navigation
### Running the Generator
```bash
cd /home/runner/work/GSP/GSP
python3 tools/generate_game_docs.py
```
The script will:
1. Load XML configurations and YAML knowledgepack
2. Find all folders with `category: "todo"` in metadata.json
3. Generate comprehensive PHP documentation for each game
4. Update metadata.json to change category to "game"
## Games Documented
The following games now have comprehensive hosting documentation:
### Action/FPS Games
- Aliens vs Predator, Call of Duty series (COD, COD2, COD4, MW2, MW3, WAW, Black Ops)
- Counter-Strike variants (CS 1.6, CS:CZ, CS:S, CS:GO, CS:Promod, CS 2D)
- Battlefield 2, Battlefield Bad Company 2
- Half-Life variants (HLDM, HL2DM, HLTV)
- Insurgency, Medal of Honor series (MOHAA, MOHBR, MOHSP, MOHSPDEMO)
- Quake 3, Quake 4, Sniper Elite V2
### Source Engine Games
- Dystopia, Hidden: Source, Natural Selection 2, Nuclear Dawn
- Pirates Vikings and Knights II, Zombie Panic Source, Synergy
- Brain Bread 2, Day of Defeat: Source
### Open World/Survival
- Atlas, Hurtworld, Life is Feudal, Miscreated
- Reign of Kings, The Forest, Space Engineers
- Wurm Unlimited, PixArk
### Racing/Simulation
- Assetto Corsa, Euro Truck Simulator 2
- Trackmania Nations, Trackmania Forever
- Wreckfest
### Multiplayer Mods
- FiveM (GTA V), Multi Theft Auto (GTA SA/VC)
- IV:MP (GTA IV), JC:MP (Just Cause 2)
- Mafia II Online, Epoch Mod
### Strategy/Building
- Avorion, Colony Survival, Eco
- FreeCol, OpenTTD, Empyrion Galactic Survival
### Arena/Combat
- Jedi Knight 2, Jedi Knight: Jedi Academy
- Mount & Blade: Warband, Mordhau
- Soldat, Smashball, Blood Frontier
- Citadel: Forged with Fire, Red Orchestra 2, Rising Storm 2
- Arma Reforger, Homefront
### Voice/Communication
- TeamSpeak 2, TeamSpeak 3, Mumble, Ventrilo
- SinusBot, Shoutcast, Shoutcast Bot
### Classic/Retro
- Unreal Tournament 99, UT2004, UT3
- Serious Sam HD TFE, Serious Sam HD TSE
- Roadkill, Wolfenstein: Return to Castle Wolfenstein
- Enemy Territory, Warsow, Nexuiz, Xonotic
- IL-2 Sturmovik, Halo: Combat Evolved
### Other
- Feed the Beast (Minecraft modpack)
- Spigot MC (Minecraft server software)
- Rigs of Rods, Flight Gear Multiplayer Server
- Virtual Box, Smokinguns, DMC, Gearbox, ESMod
- SpunkyBot, AoC, SMS
## Viewing Documentation
Access the documentation through the billing website:
```
/modules/billing/docs.php
```
Or view a specific game:
```
/modules/billing/docs.php?action=view&doc=gamename
```
## Maintenance
To update or regenerate documentation:
1. Update data sources (XML configs, YAML knowledgepack)
2. Modify the generator script if needed
3. Run the generator script
4. Commit changes to the repository
## Template Customization
To customize the documentation template, edit the `build_php_content()` method in `generate_game_docs.py`.
The template includes:
- Inline CSS styling matching the site theme
- Responsive design for mobile/desktop
- Color-coded information boxes
- Syntax-highlighted code blocks
- Professional formatting
## Contributing
When adding new game documentation:
1. Create a folder with the game's slug name
2. Add metadata.json with game information
3. Add icon.png or icon.jpg (optional)
4. Either manually create index.php or add to "todo" category and run generator
5. Update this README if adding new categories
## License
Documentation follows the same license as the GSP project. See main repository LICENSE file.

View file

@ -1,198 +0,0 @@
# Game Server Documentation Generation - Implementation Summary
## Task Completed
Successfully generated comprehensive hosting documentation for **98 game servers** that were previously in the "TODO" category, bringing the total documented game servers to **143**.
## Approach
### 1. Analysis Phase
- Examined the existing Minecraft documentation as the reference template
- Analyzed the `docs.php` file to understand the documentation framework
- Reviewed available data sources:
- XML server configurations (`/modules/config_games/server_configs/*.xml`)
- YAML knowledgepack (`/modules/billing/docs/gameserver_knowledgepack_v2.yaml`)
- Existing documentation structure
### 2. Implementation
Created a Python script (`tools/generate_game_docs.py`) that:
- Loads and parses 244 XML configuration files
- Loads YAML knowledgepack with detailed info for 20 games
- Finds all folders with `category: "todo"` in their metadata.json
- Generates comprehensive PHP documentation for each game
- Updates metadata.json from "todo" to "game" category
### 3. Documentation Template
Each generated documentation includes:
#### Navigation & Overview
- Quick navigation menu with anchor links
- Game name and comprehensive introduction
- Target audience: VPS/dedicated server administrators
#### Quick Info Section
- Default port and protocol
- Minimum RAM requirements
- Game engine information
- Configuration file paths (from XML)
#### Network Ports
- Detailed port tables with purpose descriptions
- Firewall configuration for UFW, FirewallD, iptables, Windows
- Port security best practices
#### Installation & Setup
- System requirements
- Installation steps for Linux and Windows
- SteamCMD instructions (where applicable)
- Dependency information (from knowledgepack)
#### Server Configuration
- Essential settings overview
- Configuration file documentation (from XML)
- Server console commands
- Admin/RCON setup
#### Startup Parameters
- Basic and advanced startup commands (from knowledgepack)
- Parameter explanations
- Start script examples for Linux/Windows
- systemd service configuration
#### Troubleshooting
- Common issues and solutions (from knowledgepack)
- Server won't start scenarios
- Connection problems
- Performance issues
- Log file locations
#### Performance Optimization
- Server tuning recommendations
- Operating system optimization
- Monitoring suggestions
- Backup strategies
#### Security
- Firewall configuration
- Password best practices
- Regular updates
- Access control
- DDoS protection
#### Resources
- External references (from knowledgepack)
- Community links
- Official documentation
## Data Integration
The generator intelligently combines data from multiple sources:
1. **For games in YAML knowledgepack** (20 games like COD4, Dystopia, HLDM):
- Accurate port numbers and protocols
- Detailed port tables with multiple ports
- System requirements (RAM, CPU, dependencies)
- Startup command examples
- Specific troubleshooting tips
- External reference links
2. **For games with XML configs** (all games):
- Configuration file paths
- Port configuration details
- Custom field documentation
3. **For all games**:
- Consistent template structure
- Professional formatting
- Complete hosting guide sections
## Games Documented (98 New + 45 Existing = 143 Total)
### Newly Documented Games Include:
**Action/FPS**: Aliens vs Predator, Battlefield series, Call of Duty variants, Counter-Strike variants, Half-Life variants, Insurgency, Medal of Honor series, Quake series, Sniper Elite
**Source Engine**: Dystopia, Hidden: Source, Natural Selection 2, Nuclear Dawn, Pirates Vikings Knights II, Zombie Panic Source, Synergy, Brain Bread 2
**Open World/Survival**: Atlas, Hurtworld, Life is Feudal, Miscreated, Reign of Kings, The Forest, Space Engineers, Wurm Unlimited, PixArk
**Racing/Sim**: Assetto Corsa, Euro Truck Simulator 2, Trackmania series, Wreckfest
**Multiplayer Mods**: FiveM, Multi Theft Auto, IV:MP, JC:MP, Mafia II Online, Epoch Mod
**Strategy/Building**: Avorion, Colony Survival, Eco, FreeCol, OpenTTD, Empyrion
**Arena/Combat**: Jedi Knight series, Mount & Blade, Mordhau, Soldat, Smashball, Blood Frontier, Citadel, Red Orchestra 2, Rising Storm 2, Arma Reforger, Homefront
**Voice/Communication**: TeamSpeak 2/3, Mumble, Ventrilo, SinusBot, Shoutcast
**Classic/Retro**: Unreal Tournament series, Serious Sam HD, Roadkill, Wolfenstein RTCW, Enemy Territory, Warsow, Nexuiz, Xonotic, IL-2, Halo CE
**Other**: Feed the Beast, Spigot MC, Rigs of Rods, Flight Gear, and more
## Technical Details
- **Script**: `tools/generate_game_docs.py` (968 lines)
- **Template Size**: ~370-420 lines of PHP per game
- **Files Modified**: 198 files (99 index.php + 99 metadata.json)
- **Total Documentation**: ~37,000 lines of comprehensive content
- **Syntax Validation**: All PHP files validated with `php -l`
- **Categories Updated**: All TODO → game
- **Remaining TODO**: 0
## Quality Assurance
1. **Template Consistency**: All docs follow the Minecraft template structure
2. **PHP Syntax**: All files validated for syntax errors
3. **Data Accuracy**: Port info and configurations pulled from authoritative sources
4. **Formatting**: Professional styling with inline CSS matching site theme
5. **Navigation**: Quick navigation menu for easy access
6. **Completeness**: All required sections included
## Files Created/Modified
### New Files
- `tools/generate_game_docs.py` - Documentation generator script
- `modules/billing/docs/GENERATION_README.md` - Comprehensive documentation README
- `modules/billing/docs/IMPLEMENTATION_SUMMARY.md` - This file
### Modified Files
- 98 × `index.php` files - Comprehensive game server documentation
- 98 × `metadata.json` files - Category updated from "todo" to "game"
## Usage
The documentation is accessible through:
- Main docs page: `/modules/billing/docs.php`
- Individual game: `/modules/billing/docs.php?action=view&doc=gamename`
## Future Maintenance
The generator script can be reused to:
1. Generate docs for new games (add folder with metadata.json set to "todo", run script)
2. Regenerate existing docs when data sources are updated
3. Maintain consistency across all documentation
## Benefits
1. **User Experience**: Comprehensive, professional documentation for 143 game servers
2. **SEO**: Rich content for search engine discovery
3. **Conversion**: Detailed guides drive awareness of hosting services
4. **Maintenance**: Automated generation ensures consistency
5. **Scalability**: Easy to add new games following the same process
## Testing Recommendations
To fully validate the implementation:
1. Start a PHP development server or configure Apache/Nginx
2. Navigate to `/modules/billing/docs.php`
3. Verify all 143 game servers appear in the list
4. Click through several game documentation pages
5. Test navigation menu functionality
6. Verify styling matches site theme
7. Check responsive design on mobile devices
## Conclusion
Successfully completed the task of generating comprehensive documentation for all games in the "TODO" category. The documentation follows the Minecraft template structure, includes all relevant details for VPS/dedicated server hosting, and is accessible through the existing docs.php page. The generator tool is saved for future use.

Some files were not shown because too many files have changed in this diff Show more