T.ME/BIBIL_0DAY
CasperSecurity


Server : Apache/2
System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64
User : gositeme ( 1004)
PHP Version : 8.2.29
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/gositeme/domains/soundstudiopro.com/private_html/api/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/gositeme/domains/soundstudiopro.com/private_html/api/get_payment_methods.php
<?php
session_start();
header('Content-Type: application/json');

// Enable error logging
error_log("get_payment_methods.php called at " . date('Y-m-d H:i:s'));

if (!isset($_SESSION['user_id'])) {
    error_log("get_payment_methods.php: User not authenticated");
    echo json_encode(['success' => false, 'error' => 'Not authenticated']);
    exit;
}

require_once '../config/database.php';
$pdo = getDBConnection();

$stmt = $pdo->prepare('SELECT * FROM users WHERE id = ?');
$stmt->execute([$_SESSION['user_id']]);
$user = $stmt->fetch();

if (!$user) {
    echo json_encode(['success' => false, 'error' => 'User not found']);
    exit;
}

$stripe_secret = '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';
$customer_id = $user['stripe_customer_id'];

if (!$customer_id) {
    echo json_encode(['success' => true, 'payment_methods' => [], 'default_payment_method_id' => null]);
    exit;
}

// Fetch payment methods from Stripe
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://api.stripe.com/v1/payment_methods?customer=$customer_id&type=card");
curl_setopt($ch, CURLOPT_USERPWD, $stripe_secret . ":");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

error_log("get_payment_methods.php: API response code: $http_code");

if ($http_code !== 200) {
    echo json_encode(['success' => false, 'error' => 'Failed to fetch payment methods']);
    exit;
}

$payment_data = json_decode($response, true);
$payment_methods = $payment_data['data'] ?? [];

// Get default payment method
$default_payment_method_id = null;
if (!empty($payment_methods)) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, "https://api.stripe.com/v1/customers/$customer_id");
    curl_setopt($ch, CURLOPT_USERPWD, $stripe_secret . ":");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    $customer_response = curl_exec($ch);
    curl_close($ch);
    
    $customer_data = json_decode($customer_response, true);
    $default_payment_method_id = $customer_data['invoice_settings']['default_payment_method'] ?? null;
}

error_log("get_payment_methods.php: Found " . count($payment_methods) . " payment methods");

echo json_encode([
    'success' => true,
    'payment_methods' => $payment_methods,
    'default_payment_method_id' => $default_payment_method_id
]);
?>

CasperSecurity Mini