One Hat Cyber Team
Your IP :
216.73.216.36
Server IP :
162.240.179.46
Server :
Linux vps-14493116.nutrivittasaude.com.br 5.14.0-611.49.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Apr 21 16:39:08 EDT 2026 x86_64
Server Software :
Apache
PHP Version :
8.2.31
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
home
/
lifeprimeti
/
meta.lifeprimeti.com.br
/
webhook
/
View File Name :
hubpay.php
<?php require_once __DIR__ . '/../config/database.php'; $body = file_get_contents('php://input'); $sig = $_SERVER['HTTP_X_HUBPAY_SIGNATURE'] ?? ''; if (!$body || !$sig) { http_response_code(400); echo 'Missing body or signature'; exit; } $event = json_decode($body, true); if (!$event || !isset($event['type'])) { http_response_code(400); echo 'Invalid event'; exit; } $empresaId = null; $chargeId = null; if ($event['type'] === 'charge.paid') { $chargeId = $event['data']['id'] ?? null; } elseif ($event['type'] === 'charge.expired') { $chargeId = $event['data']['id'] ?? null; } if (!$chargeId) { http_response_code(200); echo 'No charge ID'; exit; } $stmt = $pdo->prepare("SELECT empresa_id FROM agendamentos WHERE hubpay_charge_id=? LIMIT 1"); $stmt->execute([$chargeId]); $row = $stmt->fetch(); if (!$row) { http_response_code(200); echo 'Charge not found in agendamentos'; exit; } $empresaId = $row['empresa_id']; $cfgStmt = $pdo->prepare("SELECT hubpay_webhook_secret FROM configuracoes WHERE empresa_id=?"); $cfgStmt->execute([$empresaId]); $config = $cfgStmt->fetch(); if (!$config || empty($config['hubpay_webhook_secret'])) { http_response_code(200); echo 'Webhook secret not configured'; exit; } $expectedSig = 'v1=' . hash_hmac('sha256', $body, $config['hubpay_webhook_secret']); if (!hash_equals($expectedSig, $sig)) { http_response_code(401); echo 'Invalid signature'; exit; } if ($event['type'] === 'charge.paid') { $pdo->prepare("UPDATE agendamentos SET pagamento_status='aprovado', status='concluido' WHERE hubpay_charge_id=?") ->execute([$chargeId]); $pdo->prepare("UPDATE contas_receber SET status='pago', data_pagamento=CURDATE(), valor_recebido=valor_total WHERE agendamento_id=(SELECT id FROM agendamentos WHERE hubpay_charge_id=?)") ->execute([$chargeId]); echo 'Charge paid, agendamento updated'; } elseif ($event['type'] === 'charge.expired') { $pdo->prepare("UPDATE agendamentos SET pagamento_status='expirado' WHERE hubpay_charge_id=?") ->execute([$chargeId]); echo 'Charge expired'; } http_response_code(200);