 Server : Apache/2 System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64 User : gositeme ( 1004) PHP Version : 8.2.29 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory : /home/gositeme/domains/soundstudiopro.com/private_html/admin_includes/ |
<?php
/**
* Credits Management Tab
* View and fix user credits, check purchase records, verify Stripe payments
*/
require_once __DIR__ . '/../webhooks/stripe.php';
$pdo = getDBConnection();
$stripe_secret = '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';
// Handle actions
$action = $_GET['action'] ?? null;
$user_id = isset($_GET['user_id']) ? (int)$_GET['user_id'] : null;
$payment_intent_id = $_GET['payment_intent_id'] ?? null;
if ($action === 'add_credits' && $user_id && isset($_POST['credits']) && isset($_POST['package'])) {
$credits_to_add = (int)$_POST['credits'];
$package = $_POST['package'];
$amount = (float)$_POST['amount'] ?? 0;
$payment_intent_id = $_POST['payment_intent_id'] ?? null;
if ($credits_to_add > 0 && in_array($package, ['starter', 'pro', 'premium'])) {
try {
// Use the same function as webhook
addCreditsToUser($user_id, $credits_to_add, $package, '30_days', $payment_intent_id);
$success_message = "Successfully added {$credits_to_add} credits to user ID {$user_id}";
} catch (Exception $e) {
$error_message = "Error: " . $e->getMessage();
}
} else {
$error_message = "Invalid credits or package";
}
}
// Search functionality
$search_query = $_GET['search'] ?? '';
$search_user = null;
if (!empty($search_query)) {
$search_stmt = $pdo->prepare("SELECT id, name, email, credits, plan FROM users WHERE id = ? OR email LIKE ? OR name LIKE ? LIMIT 1");
$search_term = "%{$search_query}%";
$search_stmt->execute([is_numeric($search_query) ? $search_query : 0, $search_term, $search_term]);
$search_user = $search_stmt->fetch(PDO::FETCH_ASSOC);
}
// Get user if specified
$selected_user = null;
if ($user_id) {
$stmt = $pdo->prepare("SELECT id, name, email, credits, plan FROM users WHERE id = ?");
$stmt->execute([$user_id]);
$selected_user = $stmt->fetch(PDO::FETCH_ASSOC);
}
?>
<style>
.credits-section {
background: rgba(255, 255, 255, 0.05);
padding: 20px;
border-radius: 8px;
margin: 20px 0;
}
.success-msg {
background: rgba(72, 187, 120, 0.2);
border: 1px solid #48bb78;
color: #48bb78;
padding: 15px;
border-radius: 8px;
margin: 15px 0;
}
.error-msg {
background: rgba(229, 62, 62, 0.2);
border: 1px solid #e53e3e;
color: #e53e3e;
padding: 15px;
border-radius: 8px;
margin: 15px 0;
}
.info-box {
background: rgba(102, 126, 234, 0.2);
border: 1px solid #667eea;
color: #667eea;
padding: 15px;
border-radius: 8px;
margin: 15px 0;
}
.credits-display {
font-size: 2rem;
font-weight: bold;
color: #667eea;
margin: 10px 0;
}
.form-group {
margin: 15px 0;
}
.form-group label {
display: block;
margin-bottom: 5px;
color: #a0aec0;
}
.form-group input, .form-group select {
width: 100%;
max-width: 400px;
padding: 10px;
background: rgba(255, 255, 255, 0.1);
border: 1px solid rgba(255, 255, 255, 0.2);
border-radius: 4px;
color: white;
}
.btn {
display: inline-block;
padding: 12px 24px;
background: #667eea;
color: white;
text-decoration: none;
border-radius: 6px;
border: none;
cursor: pointer;
margin: 5px;
}
.btn:hover {
background: #5568d3;
}
.btn-success {
background: #48bb78;
}
.btn-success:hover {
background: #38a169;
}
.btn-danger {
background: #e53e3e;
}
.btn-danger:hover {
background: #c53030;
}
table {
width: 100%;
border-collapse: collapse;
margin: 20px 0;
}
th, td {
padding: 12px;
text-align: left;
border-bottom: 1px solid rgba(255, 255, 255, 0.1);
}
th {
background: rgba(255, 255, 255, 0.05);
font-weight: bold;
}
tr:hover {
background: rgba(255, 255, 255, 0.02);
}
.highlight {
background: rgba(72, 187, 120, 0.1) !important;
}
</style>
<div class="admin-content">
<h2><i class="fas fa-coins"></i> Credits Management</h2>
<?php if (isset($success_message)): ?>
<div class="success-msg">✅ <?= htmlspecialchars($success_message) ?></div>
<?php endif; ?>
<?php if (isset($error_message)): ?>
<div class="error-msg">❌ <?= htmlspecialchars($error_message) ?></div>
<?php endif; ?>
<!-- Search User -->
<div class="credits-section">
<h3>🔍 Search User</h3>
<form method="GET" action="?tab=credits">
<input type="hidden" name="tab" value="credits">
<div class="form-group">
<label>Search by User ID, Email, or Name:</label>
<input type="text" name="search" value="<?= htmlspecialchars($search_query) ?>" placeholder="User ID, email, or name">
</div>
<button type="submit" class="btn">Search</button>
</form>
<?php if ($search_user): ?>
<div class="info-box" style="margin-top: 20px;">
<strong>Found User:</strong><br>
ID: <?= $search_user['id'] ?><br>
Name: <?= htmlspecialchars($search_user['name']) ?><br>
Email: <?= htmlspecialchars($search_user['email']) ?><br>
Credits: <span class="credits-display"><?= $search_user['credits'] ?></span><br>
Plan: <?= htmlspecialchars($search_user['plan']) ?><br>
<a href="?tab=credits&user_id=<?= $search_user['id'] ?>" class="btn btn-success" style="margin-top: 10px;">View Details</a>
</div>
<?php elseif (!empty($search_query)): ?>
<div class="error-msg">No user found matching "<?= htmlspecialchars($search_query) ?>"</div>
<?php endif; ?>
</div>
<!-- User Details -->
<?php if ($selected_user): ?>
<div class="credits-section">
<h3>👤 User Details: <?= htmlspecialchars($selected_user['name']) ?></h3>
<div class="info-box">
<strong>User ID:</strong> <?= $selected_user['id'] ?><br>
<strong>Email:</strong> <?= htmlspecialchars($selected_user['email']) ?><br>
<strong>Current Credits:</strong> <span class="credits-display"><?= $selected_user['credits'] ?></span><br>
<strong>Current Plan:</strong> <?= htmlspecialchars($selected_user['plan']) ?>
</div>
<!-- Add Credits Form -->
<h4 style="margin-top: 30px;">➕ Add Credits</h4>
<form method="POST" action="?tab=credits&action=add_credits&user_id=<?= $selected_user['id'] ?>">
<div class="form-group">
<label>Package:</label>
<select name="package" required>
<option value="starter">Starter (30 credits)</option>
<option value="pro">Pro (150 credits)</option>
<option value="premium" selected>Premium (500 credits)</option>
</select>
</div>
<div class="form-group">
<label>Credits:</label>
<input type="number" name="credits" value="500" min="1" required>
</div>
<div class="form-group">
<label>Amount ($):</label>
<input type="number" name="amount" value="129.00" step="0.01" min="0" required>
</div>
<div class="form-group">
<label>Payment Intent ID (optional):</label>
<input type="text" name="payment_intent_id" placeholder="pi_xxx" value="<?= htmlspecialchars($payment_intent_id ?? '') ?>">
</div>
<button type="submit" class="btn btn-success" onclick="return confirm('Add credits to this user?');">Add Credits</button>
</form>
<!-- Purchase History -->
<h4 style="margin-top: 40px;">📋 Credit Purchase History</h4>
<?php
$purchases_stmt = $pdo->prepare("
SELECT id, package, credits, amount, payment_intent_id, expires_at, created_at
FROM credit_purchases
WHERE user_id = ?
ORDER BY created_at DESC
");
$purchases_stmt->execute([$selected_user['id']]);
$purchases = $purchases_stmt->fetchAll(PDO::FETCH_ASSOC);
if (empty($purchases)):
?>
<div class="info-box">No purchase records found.</div>
<?php else: ?>
<table>
<tr>
<th>ID</th>
<th>Package</th>
<th>Credits</th>
<th>Amount</th>
<th>Payment Intent</th>
<th>Expires</th>
<th>Created</th>
<th>Actions</th>
</tr>
<?php foreach ($purchases as $p): ?>
<tr class="<?= ($p['payment_intent_id'] === $payment_intent_id) ? 'highlight' : '' ?>">
<td><?= $p['id'] ?></td>
<td><?= htmlspecialchars($p['package']) ?></td>
<td><strong><?= $p['credits'] ?></strong></td>
<td>$<?= number_format($p['amount'], 2) ?></td>
<td><code><?= htmlspecialchars($p['payment_intent_id'] ?? 'N/A') ?></code></td>
<td><?= $p['expires_at'] ? date('Y-m-d', strtotime($p['expires_at'])) : 'Never' ?></td>
<td><?= date('Y-m-d H:i:s', strtotime($p['created_at'])) ?></td>
<td>
<?php if ($p['payment_intent_id']): ?>
<a href="?tab=credits&user_id=<?= $selected_user['id'] ?>&payment_intent_id=<?= urlencode($p['payment_intent_id']) ?>" class="btn" style="padding: 5px 10px; font-size: 0.9rem;">Verify in Stripe</a>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
</table>
<?php endif; ?>
<!-- Verify Payment Intent in Stripe -->
<?php if ($payment_intent_id): ?>
<h4 style="margin-top: 40px;">💳 Stripe Payment Verification</h4>
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api.stripe.com/v1/payment_intents/{$payment_intent_id}");
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Authorization: Bearer ' . $stripe_secret]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($http_code === 200):
$payment_intent = json_decode($response, true);
?>
<div class="info-box">
<strong>Payment Intent:</strong> <?= htmlspecialchars($payment_intent['id']) ?><br>
<strong>Status:</strong> <span style="color: <?= $payment_intent['status'] === 'succeeded' ? '#48bb78' : '#e53e3e' ?>;"><?= htmlspecialchars($payment_intent['status']) ?></span><br>
<strong>Amount:</strong> $<?= number_format($payment_intent['amount'] / 100, 2) ?><br>
<strong>Created:</strong> <?= date('Y-m-d H:i:s', $payment_intent['created']) ?><br>
<?php if (isset($payment_intent['metadata'])): ?>
<strong>Metadata:</strong><br>
<pre style="background: rgba(0,0,0,0.3); padding: 10px; border-radius: 4px; overflow-x: auto;"><?= json_encode($payment_intent['metadata'], JSON_PRETTY_PRINT) ?></pre>
<?php endif; ?>
</div>
<?php if ($payment_intent['status'] === 'succeeded'): ?>
<?php
// Check if purchase record exists
$check_stmt = $pdo->prepare("SELECT id FROM credit_purchases WHERE payment_intent_id = ? AND user_id = ?");
$check_stmt->execute([$payment_intent_id, $selected_user['id']]);
$exists = $check_stmt->fetch();
if (!$exists):
// Extract credit info from metadata
$metadata = $payment_intent['metadata'] ?? [];
$cart_items_json = $metadata['cart_items'] ?? '[]';
$cart_items = json_decode($cart_items_json, true);
$credits_to_add = 0;
$package = 'premium';
foreach ($cart_items as $item) {
$item_type = $item['type'] ?? $item['t'] ?? null;
if ($item_type === 'credit') {
$package = $item['package'] ?? $item['i'] ?? 'premium';
$credits_to_add = $item['credits'] ?? null;
$quantity = $item['quantity'] ?? $item['q'] ?? 1;
if (!$credits_to_add && $package) {
$package_credits_map = ['starter' => 30, 'pro' => 150, 'premium' => 500];
$credits_to_add = ($package_credits_map[$package] ?? 0) * $quantity;
}
break;
}
}
if ($credits_to_add == 0 && isset($metadata['total_credits'])) {
$credits_to_add = (int)$metadata['total_credits'];
}
if ($credits_to_add > 0):
?>
<div class="error-msg">
⚠️ Payment succeeded but credits NOT found in database!<br>
<strong>Missing:</strong> <?= $credits_to_add ?> credits (<?= $package ?> package)
</div>
<form method="POST" action="?tab=credits&action=add_credits&user_id=<?= $selected_user['id'] ?>">
<input type="hidden" name="package" value="<?= htmlspecialchars($package) ?>">
<input type="hidden" name="credits" value="<?= $credits_to_add ?>">
<input type="hidden" name="amount" value="<?= number_format($payment_intent['amount'] / 100, 2) ?>">
<input type="hidden" name="payment_intent_id" value="<?= htmlspecialchars($payment_intent_id) ?>">
<button type="submit" class="btn btn-success" onclick="return confirm('Add missing <?= $credits_to_add ?> credits to this user?');">🔧 Fix: Add Missing Credits</button>
</form>
<?php endif; ?>
<?php else: ?>
<div class="success-msg">✅ Purchase record exists in database</div>
<?php endif; ?>
<?php endif; ?>
<?php else: ?>
<div class="error-msg">❌ Could not fetch payment intent from Stripe (HTTP <?= $http_code ?>)</div>
<?php endif; ?>
<?php endif; ?>
</div>
<?php endif; ?>
<!-- Recent Credit Purchases -->
<div class="credits-section">
<h3>📊 Recent Credit Purchases</h3>
<?php
$recent_stmt = $pdo->query("
SELECT cp.*, u.name, u.email
FROM credit_purchases cp
JOIN users u ON cp.user_id = u.id
ORDER BY cp.created_at DESC
LIMIT 20
");
$recent = $recent_stmt->fetchAll(PDO::FETCH_ASSOC);
if (empty($recent)):
?>
<div class="info-box">No recent purchases found.</div>
<?php else: ?>
<table>
<tr>
<th>ID</th>
<th>User</th>
<th>Package</th>
<th>Credits</th>
<th>Amount</th>
<th>Payment Intent</th>
<th>Created</th>
<th>Actions</th>
</tr>
<?php foreach ($recent as $p): ?>
<tr>
<td><?= $p['id'] ?></td>
<td>
<a href="?tab=credits&user_id=<?= $p['user_id'] ?>" style="color: #667eea;">
<?= htmlspecialchars($p['name']) ?><br>
<small style="color: #a0aec0;"><?= htmlspecialchars($p['email']) ?></small>
</a>
</td>
<td><?= htmlspecialchars($p['package']) ?></td>
<td><strong><?= $p['credits'] ?></strong></td>
<td>$<?= number_format($p['amount'], 2) ?></td>
<td><code><?= htmlspecialchars($p['payment_intent_id'] ?? 'N/A') ?></code></td>
<td><?= date('Y-m-d H:i:s', strtotime($p['created_at'])) ?></td>
<td>
<a href="?tab=credits&user_id=<?= $p['user_id'] ?>" class="btn" style="padding: 5px 10px; font-size: 0.9rem;">View User</a>
</td>
</tr>
<?php endforeach; ?>
</table>
<?php endif; ?>
</div>
</div>