GSP/Panel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix PayPal capture_order.php to use standalone database connection

Browse source 
Co-authored-by: iaretechnician <2749183+iaretechnician@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot] 2025-10-29 10:52:32 +00:00
parent 1fe9911e3f
commit 91a63a780f
3 changed files with 39 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.github/copilot-instructions.md vendored
View file

@ -67,8 +67,7 @@ header('Location: /modules/billing/cart.php');
## 3) Scope & principles
- **Website ↔ Panel on the same host.** Website uses the **panel DB for authentication** and the **panels internal APIs** for provisioning. **Sessions remain separate** (website session ≠ panel session).
- **Billing module flexibility.** The `modules/billing/` frontend can run on the **same machine as the panel** or on an **external web host**, interfacing primarily via MySQL table edits. All interaction with panel DB happens through direct MySQL queries using credentials in `modules/billing/includes/config.inc.php`.
- **Billing module flexibility.** The `modules/billing/` frontend can run on the **same machine as the panel** or on an **external web host**, interfacing primarily via MySQL table edits. All interaction with panel DB happens through direct MySQL queries using credentials in `modules/billing/includes/config.inc.php`.
- **Billing module is STANDALONE.** The `modules/billing/` frontend is a **standalone product** that can run on the **same machine as the panel** or on an **external web host**. It must **NEVER** use `require_once` to include panel files like `includes/database_mysqli.php` or any panel helper functions. Instead, it connects directly to the MySQL database using standard `mysqli_connect()` with credentials from `modules/billing/includes/config.inc.php`. All database operations must use native mysqli functions (mysqli_query, mysqli_real_escape_string, etc.), NOT panel-specific helper functions like `$db->query()` or `createDatabaseConnection()`.
- **Catalog = XML.** Enable **every game** present under `modules/config_games/server_configs/`. The website reads those XMLs for ports, params, install/update metadata. New XMLs should become available without code changes.
- **Regions/Nodes = panel DB.** Regions and nodes are configured in the panel and must be **queried live** from the panel DB. Never hardcode or mirror region lists on the website.
- **Slotless model.** Pricing/UX must not enforce slot caps. If an engine requires a player count parameter, set a safe high default and surface engine limits transparently if they exist.

10
modules/billing/api/capture_order.php
View file

@ -1,6 +1,7 @@
<?php
require_once(__DIR__ . '/../includes/config.inc.php');
require_once(__DIR__ . '/../../../includes/database_mysqli.php');
// Standalone billing module - do NOT include panel files
// Connect directly to MySQL using mysqli
$sandbox = true; // flip to false for Live
$client_id = 'AfvY_C2zA_hTHxHq7TIhtOeub4xBdySYrt_Hjj3d_WYQwjWI9NfOAVOTeResx2rgZ_nP5tOoxQSAHw8c';
$client_secret = 'EJ216np9cAj9n7KSddez3fLVxGe-zi4oKKKl1YGqPp88XIikr4Qzbxh0XW2as-V6LgdX-upjtQAg9dC0';
@ -97,12 +98,13 @@ if (isset($capture['purchase_units'][0]['payments']['captures'][0])) {
// Get custom_id (should be invoice_id from cart.php)
$custom_id = $capture['purchase_units'][0]['custom_id'] ?? null;
$captureStatus = $capture['status'] ?? null;
if ($captureStatus === 'COMPLETED' && $custom_id) {
// Connect to database
$db = createDatabaseConnection($db_host, $db_user, $db_pass, $db_name, $db_port);
// Connect to database using mysqli (standalone - no panel dependencies)
$db = mysqli_connect($db_host, $db_user, $db_pass, $db_name);
if (!$db) {
error_log('capture_order.php: DB connection failed');
error_log('capture_order.php: DB connection failed - ' . mysqli_connect_error());
echo json_encode(['error' => 'db_connection_failed', 'status' => $captureStatus]);
exit;
}

32
modules/billing/includes/config.inc.php Normal file
View file

@ -0,0 +1,32 @@
<?php
###############################################
# Website Database Configuration
# This file contains the database connection
# settings for the _website standalone site.
#
# These settings should match the panel's
# database configuration in includes/config.inc.php
###############################################
$db_host="localhost";
$db_user="localuser";
$db_pass="password123";
$db_name="panel";
$table_prefix="ogp_";
$db_type="mysql";
// Optional: base URL used by admin pages to build absolute image previews.
// Leave empty to prefer relative paths (local folder).
// To enable production base URL, uncomment and set it to your site, e.g.:
// $SITE_BASE_URL = 'https://gameservers.world/';
$SITE_BASE_URL = '';
// Normalize: ensure either empty or ends without trailing slash (we use join_base to handle joining)
$SITE_BASE_URL = trim((string)$SITE_BASE_URL);
// Site-wide background image (relative to site root). Change to your preferred background.
$SITE_BACKGROUND = 'images/dark.jpg';
// Normalize
$SITE_BACKGROUND = trim((string)$SITE_BACKGROUND);
// Data directory for persisted payment webhook JSON files (relative to repo root)
$SITE_DATA_DIR = realpath(__DIR__ . '/..') . DIRECTORY_SEPARATOR . 'data';
?>