fix(billing): address code review feedback

- Use DECIMAL instead of FLOAT for monetary columns in ALTER TABLE
- Simplify bind_param type string from concatenated to single literal
- Validate payment_status against ENUM values before CSS class injection
- Add provisioning failure logging when panel bootstrap fails
- Add comment explaining total_due/amount legacy fallback

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Co-authored-by: iaretechnician <2749183+iaretechnician@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot] 2026-05-02 12:19:32 +00:00 committed by GitHub
parent 986a4e53b4
commit 4a1b5bc725
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 15 additions and 6 deletions

View file

@ -43,7 +43,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'], $_POST['inv
$msgType = 'error';
} elseif ($action === 'mark_paid') {
$gateway = GatewayFactory::make('manual');
$captureResult = $gateway->handleCallback(['amount' => $invRow['total_due'] ?? $invRow['amount'] ?? 0, 'currency' => $invRow['currency'] ?? 'USD']);
$captureResult = $gateway->handleCallback([
// total_due is the new schema field; amount is the legacy column during migration
'amount' => $invRow['total_due'] ?? $invRow['amount'] ?? 0,
'currency' => $invRow['currency'] ?? 'USD',
]);
$captureResult['payment_method'] = 'manual';
$homeId = intval($invRow['home_id'] ?? 0);
$result = $svc->processPaymentSuccess($captureResult, $invId, intval($invRow['user_id']), $homeId, $invRow);
@ -131,7 +135,7 @@ if (isset($_GET['type'])) $msgType = $_GET['type'];
<td><?= h($inv['players'] ?? '—') ?></td>
<td style="font-size:11px"><?= h(substr($inv['period_start'] ?? '', 0, 10)) ?> <?= h(substr($inv['period_end'] ?? '', 0, 10)) ?></td>
<td><?= h(number_format((float)($inv['total_due'] ?? $inv['amount'] ?? 0), 2)) ?></td>
<td><span class="status-badge status-<?= h($inv['payment_status'] ?? 'unpaid') ?>"><?= h($inv['payment_status'] ?? 'unpaid') ?></span></td>
<td><span class="status-badge status-<?= h(in_array($inv['payment_status'] ?? '', ['unpaid','paid','cancelled','refunded']) ? $inv['payment_status'] : 'unpaid') ?>"><?= h($inv['payment_status'] ?? 'unpaid') ?></span></td>
<td><?= h($inv['payment_method'] ?? '—') ?></td>
<td style="font-size:11px;max-width:120px;overflow:hidden"><?= h($inv['payment_txid'] ?? '—') ?></td>
<td>