tomsjavajive-app/api/payment-status.php

<?php
/**
 * Tom's Java Jive - Check Payment Status API
 * Polls Stripe for payment/checkout session status
 */

require_once __DIR__ . '/../includes/functions.php';
require_once __DIR__ . '/../includes/stripe.php';

header('Content-Type: application/json');

// Only accept GET
if ($_SERVER['REQUEST_METHOD'] !== 'GET') {
    jsonResponse(['error' => 'Method not allowed'], 405);
}

$orderId = $_GET['order_id'] ?? '';
$sessionId = $_GET['session_id'] ?? '';

if (empty($orderId) && empty($sessionId)) {
    jsonResponse(['error' => 'Order ID or Session ID required'], 400);
}

// Get order by ID or session
if (!empty($orderId)) {
    $order = db()->fetch(
        "SELECT * FROM orders WHERE order_id = :id",
        ['id' => $orderId]
    );
} else {
    $order = db()->fetch(
        "SELECT * FROM orders WHERE stripe_checkout_session = :session OR stripe_payment_intent = :session",
        ['session' => $sessionId]
    );
}

if (!$order) {
    jsonResponse(['error' => 'Order not found'], 404);
}

// If already marked as paid, return success
if ($order['payment_status'] === 'paid') {
    jsonResponse([
        'status' => 'complete',
        'payment_status' => 'paid',
        'order_id' => $order['order_id'],
        'order_number' => $order['order_number'],
        'redirect' => '/order-confirmation.php?order=' . $order['order_id']
    ]);
}

// Check if Stripe is configured
if (!isStripeConfigured()) {
    jsonResponse([
        'status' => 'demo_mode',
        'payment_status' => $order['payment_status'],
        'message' => 'Stripe not configured - running in demo mode'
    ]);
}

try {
    // Check with Stripe
    if (!empty($order['stripe_checkout_session'])) {
        // Check checkout session status
        $session = stripe()->getCheckoutSession($order['stripe_checkout_session']);
        
        if ($session['payment_status'] === 'paid') {
            // Update order
            db()->update('orders',
                [
                    'payment_status' => 'paid',
                    'order_status' => 'confirmed',
                    'stripe_payment_intent' => $session['payment_intent'] ?? null
                ],
                'order_id = :id',
                ['id' => $order['order_id']]
            );
            
            jsonResponse([
                'status' => 'complete',
                'payment_status' => 'paid',
                'order_id' => $order['order_id'],
                'order_number' => $order['order_number'],
                'redirect' => '/order-confirmation.php?order=' . $order['order_id']
            ]);
        }
        
        jsonResponse([
            'status' => $session['status'],
            'payment_status' => $session['payment_status']
        ]);
        
    } elseif (!empty($order['stripe_payment_intent'])) {
        // Check payment intent status
        $paymentIntent = stripe()->getPaymentIntent($order['stripe_payment_intent']);
        
        if ($paymentIntent['status'] === 'succeeded') {
            // Update order
            db()->update('orders',
                [
                    'payment_status' => 'paid',
                    'order_status' => 'confirmed'
                ],
                'order_id = :id',
                ['id' => $order['order_id']]
            );
            
            jsonResponse([
                'status' => 'complete',
                'payment_status' => 'paid',
                'order_id' => $order['order_id'],
                'order_number' => $order['order_number'],
                'redirect' => '/order-confirmation.php?order=' . $order['order_id']
            ]);
        }
        
        jsonResponse([
            'status' => $paymentIntent['status'],
            'payment_status' => 'pending'
        ]);
    }
    
    // No Stripe reference found
    jsonResponse([
        'status' => 'pending',
        'payment_status' => $order['payment_status']
    ]);
    
} catch (Exception $e) {
    error_log('Payment status check error: ' . $e->getMessage());
    jsonResponse([
        'status' => 'error',
        'payment_status' => $order['payment_status'],
        'error' => 'Failed to check payment status'
    ]);
}