PHP Paytr Ödeme Formu

PHP Paytr Ödeme Formu
<?php

$ayarlar = [
    "merchant_id"=>'123',
    "merchant_key"=>'test',
    "merchant_salt"=>'test',
    
    "chat_id"=>'123',
    "bot_token"=>'123'
];

## EGER PHP BILGISINE SAHIP DEGILSENIZ BURADAN ITIBAREN HER HANGI BIR SEY DEGISTIRMEYINIZ ##
    
if( !empty($_POST["merchant_oid"]) ):

    $hash = base64_encode( hash_hmac('sha256', $_POST['merchant_oid'].$ayarlar["merchant_salt"].$_POST['status'].$_POST['total_amount'], $ayarlar["merchant_key"], true) );
  
    if( $hash != $post['hash'] ):
      die('HASH Hatalı');
      exit();
    endif;
    
    if( $_POST['status'] == 'success' ):
        if( !empty($ayarlar["chat_id"]) ):
            $params = [
                'chat_id'=>$ayarlar["chat_id"],
                'text'=>$_POST['total_amount']. "TL Tutarında yeni bir ödeme alındı.",
            ];
            
            $ch = curl_init("https://api.telegram.org/bot".$ayarlar["bot_token"]. '/sendMessage');
            curl_setopt($ch, CURLOPT_HEADER, false);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
            curl_setopt($ch, CURLOPT_POST, 1);
            curl_setopt($ch, CURLOPT_POSTFIELDS, ($params));
            curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
            $result = curl_exec($ch);
            curl_close($ch);
        endif;
    endif;
        
    exit("OK");
endif;

if( !empty($_POST) ):
    $merchant_id      = $ayarlar["merchant_id"];
    $merchant_key     = $ayarlar["merchant_key"];
    $merchant_salt    = $ayarlar["merchant_salt"];
    $merchant_oid     = time()+rand();
    $user_name        = strip_tags($_POST["adsoyad"]);
    $user_address     = strip_tags($_POST["adres"]);
    $user_phone       = strip_tags($_POST["telefon"]);
    $email            = strip_tags($_POST["eposta"]);
    $payment_amount   = strip_tags($_POST["miktar"]) * 100;
    $currency         = "TL";
    $merchant_ok_url  = 'https://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
    $merchant_fail_url= 'https://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
    $user_basket      = base64_encode(json_encode(array( array($amount." TL Tutarında Ödeme Tahsilatı", strip_tags($_POST["miktar"]), 1))));
    $user_ip          = $_SERVER["REMOTE_ADDR"];
    $timeout_limit    = "360";
    $debug_on         = 1;
    $test_mode        = 0;
    $no_installment   = 0;
    $max_installment  = 0;
    $hash_str         = $merchant_id .$user_ip .$merchant_oid .$email .$payment_amount .$user_basket.$no_installment.$max_installment.$currency.$test_mode;
    $paytr_token      = base64_encode(hash_hmac('sha256',$hash_str.$merchant_salt,$merchant_key,true));
    $post_vals=array(
        'merchant_id'=>$merchant_id,
        'user_ip'=>$user_ip,
        'merchant_oid'=>$merchant_oid,
        'email'=>$email,
        'payment_amount'=>$payment_amount,
        'paytr_token'=>$paytr_token,
        'user_basket'=>$user_basket,
        'debug_on'=>$debug_on,
        'no_installment'=>$no_installment,
        'max_installment'=>$max_installment,
        'user_name'=>$user_name,
        'user_address'=>$user_address,
        'user_phone'=>$user_phone,
        'merchant_ok_url'=>$merchant_ok_url,
        'merchant_fail_url'=>$merchant_fail_url,
        'timeout_limit'=>$timeout_limit,
        'currency'=>$currency,
        'test_mode'=>$test_mode
      );
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, "https://www.paytr.com/odeme/api/get-token");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_POST, 1) ;
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_vals);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
    curl_setopt($ch, CURLOPT_TIMEOUT, 20);
    $result = @curl_exec($ch);
    if(curl_errno($ch))
      die("PAYTR IFRAME connection error. err:".curl_error($ch));
    curl_close($ch);
    $result  = json_decode($result, true);

      if( $result['status']=='success' ):
          header("Location: https://www.paytr.com/odeme/guvenli/". $result['token']);
          exit();
      else:
        $_SESSION["error"] = "Ödeme başlatılamadı. ".json_encode($result);
        header("Refresh: 0;");
        exit();
      endif;
endif;

?>
<!DOCTYPE html>
<html lang="tr">
   <head>
      <meta charset="utf-8">
      <meta http-equiv="X-UA-Compatible" content="IE=edge">
      <meta name="viewport" content="width=device-width, initial-scale=1">
      <title>Ödeme Formu</title>
      <link rel="shortcut icon" type="image/ico" href="https://i.hizliresim.com/j7y863g.png"/>
      <link rel="stylesheet" type="text/css" href="style.css">
   </head>
   <body>
      <div class="container">
         <div class="row">
            <div class="col-md-8 col-md-offset-2" style="margin-top: 20px">
                <center>
                <img src="https://i.hizliresim.com/5sfde0x.png" style="height:50px;margin-bottom:20px">
                </center>
               <div class="well">
                  <form  method="post" action="/">
                      
                    <?php if($_SESSION["error"]): ?>  
                      <div class="alert alert-danger">
                          <?php echo $_SESSION["error"]; unset($_SESSION["error"]); ?>
                      </div>
                    <?php endif; ?>
                    
                     <div class="form-group">
                        <label class="control-label">Ad Soyad</label>
                        <input type="text" class="form-control" name="adsoyad" required>
                     </div>
                    
                     <div class="form-group">
                        <label class="control-label">Telefon Numarası</label>
                        <input type="number" class="form-control" name="telefon" required>
                     </div>
                     <div class="form-group">
                        <label class="control-label">E-Posta Adresi</label>
                        <input type="mail" class="form-control" name="eposta" required>
                     </div>
                    <div class="form-group">
                        <label class="control-label">Adres Bilgisi</label>
                        <input type="text" class="form-control" name="adres" required>
                     </div>
                    <hr>
                    <div class="form-group">
                        <label class="control-label">Ödenecek Miktar [TL]</label>
                        <input type="number" class="form-control" name="miktar" required>
                     </div>

                     <button type="submit" class="btn btn-primary">Ödeme Sayfasına İlerle</button>
                  </form>
               </div>
            </div>
         </div>
      </div>
   </body>
</html>