MAINHACK

Viewing / Editing File: init-payment.php

<?php
header('Content-Type: application/json');

function test_input($data) {
    return htmlspecialchars(stripslashes(trim($data)));
}

if ($_SERVER['REQUEST_METHOD'] === 'POST') {

$indexNo    = test_input($_POST['indexNo'] ?? '');
    $schoolCode = test_input($_POST['schoolCode'] ?? '');

if (empty($indexNo) || empty($schoolCode)) {
        echo json_encode(["error" => true, "message" => "Missing index number or school code"]);
        exit;
    }

$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? "https://" : "http://";
    $domain   = $_SERVER['HTTP_HOST'];

$referenceId = "REF" . time();

$callbackUrl = $protocol . $domain . "/student/payment-return.php?indexNo=" . urlencode($indexNo) . "&schoolCode=" . urlencode($schoolCode);

$data = [
        "Amount"        => $_POST['amount'] ?? 0,
        "CallbackUrl"   => $callbackUrl,
        "ReferenceId"   => $referenceId,
        "PaymentMethod" => $_POST['payment_method'] ?? "MOMO"
    ];

$headers = [
        "Content-Type: application/json",
        "Authorization: TW5sM05FNXhRbWRhY1dkUS5wcm9kLlRFSnZiWEEwYjJGYVRWSm4=",
        "User-Agent: Mozilla/5.0"
    ];

$ch = curl_init();
    curl_setopt_array($ch, [
        CURLOPT_URL            => "https://webpay.ghana.accessbankplc.com/Checkout/v1/Prod/Init",
        CURLOPT_POST           => true,
        CURLOPT_HTTPHEADER     => $headers,
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_POSTFIELDS     => json_encode($data),
        CURLOPT_TIMEOUT        => 30,
        CURLOPT_SSL_VERIFYPEER => true,
        CURLOPT_SSL_VERIFYHOST => 2
    ]);

$response = curl_exec($ch);

if (curl_errno($ch)) {
        echo json_encode(["error" => true, "message" => "cURL error: " . curl_error($ch)]);
        exit;
    }

$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    curl_close($ch);

if (empty($response)) {
        echo json_encode(["error" => true, "message" => "Empty response from Access Bank API"]);
        exit;
    }

$result = json_decode($response, true);
    if (json_last_error() !== JSON_ERROR_NONE) {
        echo json_encode(["error" => true, "message" => "Invalid JSON received: " . json_last_error_msg(), "raw" => $response]);
        exit;
    }

if ($httpcode >= 200 && $httpcode <= 202) {
        if (isset($result['checkoutUrl'])) {
            echo json_encode(["error" => false, "redirect" => $result['checkoutUrl']]);
            exit;
        } elseif (isset($result['paymentUrl'])) {
            echo json_encode(["error" => false, "redirect" => $result['paymentUrl']]);
            exit;
        }
    }

echo json_encode(["error" => true, "message" => $result['message'] ?? 'Unknown error', "raw" => $result]);
    exit;
}

echo json_encode(["error" => true, "message" => "Invalid request"]);
exit;

Cancel / Back

[ MAINHACK ]

Viewing / Editing File: init-payment.php

Server Info

System Features

User Info