<?php
// Start session
session_start();
// Check if user is logged in
if (!isset($_SESSION['user_id']) || $_SESSION['role'] !== 'student') {
header('Location: ../login.php');
exit();
}
// Include database connection
require_once('database/db_config.php');
// Include Razorpay configuration
require_once('../enroll/includes/razorpay_config.php');
// Get student ID from session
$student_id = $_SESSION['user_id'];
// Check if this is a Razorpay callback
if (!isset($_GET['razorpay_payment_id']) || !isset($_GET['razorpay_order_id'])) {
$_SESSION['error_message'] = "Invalid payment callback.";
header('Location: payments.php');
exit();
}
// Get callback parameters
$razorpay_payment_id = $_GET['razorpay_payment_id'];
$razorpay_order_id = $_GET['razorpay_order_id'];
$razorpay_signature = $_GET['razorpay_signature'] ?? '';
$course_id = isset($_GET['course_id']) ? intval($_GET['course_id']) : 0;
$amount = isset($_GET['amount']) ? floatval($_GET['amount']) : 0;
$payment_for = isset($_GET['payment_for']) ? $_GET['payment_for'] : 'Course Fee';
$payment_plan = isset($_GET['payment_plan']) ? $_GET['payment_plan'] : 'full';
$receipt_id = isset($_GET['receipt']) ? $_GET['receipt'] : 'rcpt_' . time() . '_' . $student_id;
$cert_id = isset($_GET['cert_id']) ? intval($_GET['cert_id']) : 0;
// Get site settings for institute information
$settings_query = "SELECT * FROM site_settings WHERE setting_key IN ('site_name', 'site_address', 'contact_phone', 'contact_email', 'site_logo', 'site_url')";
$settings_result = $conn->query($settings_query);
$settings = [];
if ($settings_result) {
while ($row = $settings_result->fetch_assoc()) {
$settings[$row['setting_key']] = $row['setting_value'];
}
}
// School/Institute information for receipt
$school = [
'site_name' => $settings['site_name'] ?? $razorpay_company_name,
'site_address' => $settings['site_address'] ?? '',
'contact_phone' => $settings['contact_phone'] ?? '',
'contact_email' => $settings['contact_email'] ?? '',
'site_logo' => $settings['site_logo'] ?? $razorpay_company_logo,
'site_url' => $settings['site_url'] ?? ''
];
$success = false;
$error = null;
try {
// Log the payment data
error_log("Received payment callback: PaymentID=$razorpay_payment_id, OrderID=$razorpay_order_id");
// Get enrollment information
$stmt = $conn->prepare("
SELECT e.id as enrollment_id, e.payment_plan, e.status,
c.title as course_title, c.duration, c.price, c.discount_price,
CONCAT(u.first_name, ' ', u.last_name) as student_name, u.email, u.phone
FROM enrollments e
JOIN courses c ON e.course_id = c.id
JOIN users u ON e.user_id = u.id
WHERE e.user_id = ? AND e.course_id = ?
");
$stmt->bind_param('ii', $student_id, $course_id);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$enrollment = $result->fetch_assoc();
$enrollment_id = $enrollment['enrollment_id'];
// Insert payment record - removing enrollment_id from the query
$stmt = $conn->prepare("
INSERT INTO payments (
user_id, course_id, amount, payment_method,
transaction_id, status
) VALUES (?, ?, ?, 'razorpay', ?, 'completed')
");
$stmt->bind_param('iids', $student_id, $course_id, $amount,
$razorpay_payment_id);
if ($stmt->execute()) {
$payment_id = $conn->insert_id;
$success = true;
$_SESSION['success_message'] = "Payment completed successfully.";
error_log("Payment record inserted successfully: ID=$payment_id");
// Update certificate payment status if this was a certificate payment
if ($payment_for == 'Certificate Fee' && $cert_id > 0) {
$cert_update = $conn->prepare("UPDATE unified_certificates SET payment_status = 'completed' WHERE id = ?");
$cert_update->bind_param('i', $cert_id);
$cert_update->execute();
error_log("Certificate payment status updated for cert_id=$cert_id");
}
// Generate receipt data
$receipt_data = [
'payment_id' => $payment_id,
'receipt_id' => $receipt_id,
'transaction_id' => $razorpay_payment_id,
'order_id' => $razorpay_order_id,
'student_id' => $student_id,
'student_name' => $enrollment['student_name'],
'email' => $enrollment['email'],
'phone' => $enrollment['phone'],
'course_id' => $course_id,
'course_title' => $enrollment['course_title'],
'amount' => $amount,
'payment_date' => date('Y-m-d H:i:s'),
'payment_method' => 'Razorpay',
'payment_status' => 'Completed',
'payment_for' => $payment_for,
'payment_plan' => $payment_plan,
'institute_name' => $school['site_name'],
'institute_address' => $school['site_address'],
'institute_email' => $school['contact_email'],
'institute_phone' => $school['contact_phone'],
'institute_logo' => $school['site_logo']
];
// Store receipt data in session for displaying in receipt page
$_SESSION['payment_receipt'] = $receipt_data;
// Redirect to receipt page
header('Location: payment_receipt.php');
exit();
} else {
$error = "Failed to record payment: " . $stmt->error;
error_log("Failed to insert payment record: " . $stmt->error);
}
} else {
// If this is a certificate payment, we can proceed even without enrollment information
if ($payment_for == 'Certificate Fee' && $cert_id > 0) {
try {
// Get student information
$student_query = "SELECT CONCAT(first_name, ' ', last_name) as student_name, email, phone FROM users WHERE id = ?";
$stmt = $conn->prepare($student_query);
$stmt->bind_param('i', $student_id);
$stmt->execute();
$student_result = $stmt->get_result();
if ($student_result->num_rows > 0) {
$student = $student_result->fetch_assoc();
// Get course information
$course_query = "SELECT title FROM courses WHERE id = ?";
$stmt = $conn->prepare($course_query);
$stmt->bind_param('i', $course_id);
$stmt->execute();
$course_result = $stmt->get_result();
if ($course_result->num_rows > 0) {
$course = $course_result->fetch_assoc();
// Insert payment record
$stmt = $conn->prepare("
INSERT INTO payments (
user_id, course_id, amount, payment_method,
transaction_id, status
) VALUES (?, ?, ?, 'razorpay', ?, 'completed')
");
$stmt->bind_param('iids', $student_id, $course_id, $amount,
$razorpay_payment_id);
if ($stmt->execute()) {
$payment_id = $conn->insert_id;
$success = true;
$_SESSION['success_message'] = "Certificate payment completed successfully.";
error_log("Certificate payment record inserted successfully: ID=$payment_id");
// Update certificate payment status
$cert_update = $conn->prepare("UPDATE unified_certificates SET payment_status = 'completed', payment_date = NOW(), payment_reference = ? WHERE id = ?");
$cert_update->bind_param('si', $razorpay_payment_id, $cert_id);
$cert_update->execute();
// Generate receipt data
$receipt_data = [
'payment_id' => $payment_id,
'receipt_id' => $receipt_id,
'transaction_id' => $razorpay_payment_id,
'order_id' => $razorpay_order_id,
'student_id' => $student_id,
'student_name' => $student['student_name'],
'email' => $student['email'],
'phone' => $student['phone'],
'course_id' => $course_id,
'course_title' => $course['title'],
'amount' => $amount,
'payment_date' => date('Y-m-d H:i:s'),
'payment_method' => 'Razorpay',
'payment_status' => 'Completed',
'payment_for' => $payment_for,
'payment_plan' => $payment_plan,
'institute_name' => $school['site_name'],
'institute_address' => $school['site_address'],
'institute_email' => $school['contact_email'],
'institute_phone' => $school['contact_phone'],
'institute_logo' => $school['site_logo']
];
// Store receipt data in session for displaying in receipt page
$_SESSION['payment_receipt'] = $receipt_data;
// Redirect to receipt page
header('Location: payment_receipt.php');
exit();
} else {
$error = "Failed to record certificate payment: " . $stmt->error;
}
} else {
$error = "Course not found.";
}
} else {
$error = "Student information not found.";
}
} catch (Exception $e) {
$error = "Error processing certificate payment: " . $e->getMessage();
error_log("Certificate payment processing error: " . $e->getMessage());
}
} else {
$error = "Enrollment not found.";
error_log("Enrollment not found for user_id=$student_id and course_id=$course_id");
}
}
} catch (Exception $e) {
$error = "Error processing payment: " . $e->getMessage();
error_log("Payment processing error: " . $e->getMessage());
}
// If there's an error, set error message
if (!$success && $error) {
$_SESSION['error_message'] = $error;
error_log("Payment error set in session: $error");
}
// Redirect based on payment type
if ($payment_for == 'Certificate Fee') {
header('Location: certificates.php');
} else {
header('Location: payments.php');
}
exit();
