'Unauthorized']); exit; } $pdo = new PDO("pgsql:host=127.0.0.1;dbname=adx_system", "postgres", ""); $pdo->exec("SET search_path TO ethica, public"); $pdo->exec("CREATE TABLE IF NOT EXISTS sms_providers (id SERIAL PRIMARY KEY, name TEXT, provider TEXT DEFAULT 'ovh', app_key TEXT, app_secret TEXT, consumer_key TEXT, sender_name TEXT DEFAULT 'Ethica', service_name TEXT, active BOOLEAN DEFAULT false, created_at TIMESTAMP DEFAULT NOW())"); $pdo->exec("CREATE TABLE IF NOT EXISTS sms_log (id SERIAL PRIMARY KEY, campaign_id INT, phone TEXT, message TEXT, status TEXT DEFAULT 'pending', provider TEXT, provider_ref TEXT, sent_at TIMESTAMP DEFAULT NOW())"); $action = $_POST['action'] ?? $_GET['action'] ?? 'status'; if ($action === 'status') { $providers = $pdo->query("SELECT id, name, provider, sender_name, active FROM sms_providers")->fetchAll(PDO::FETCH_ASSOC); $sent = $pdo->query("SELECT COUNT(*) FROM sms_log WHERE status='sent'")->fetchColumn(); echo json_encode(['ok'=>true, 'providers'=>$providers, 'total_sent'=>(int)$sent, 'note'=>'Configure OVH credentials via add_provider action']); } elseif ($action === 'add_provider') { $stmt = $pdo->prepare("INSERT INTO sms_providers (name, provider, app_key, app_secret, consumer_key, sender_name, service_name, active) VALUES (?,?,?,?,?,?,?,true)"); $stmt->execute([$_POST['name']??'OVH SMS', 'ovh', $_POST['app_key']??'', $_POST['app_secret']??'', $_POST['consumer_key']??'', $_POST['sender_name']??'Ethica', $_POST['service_name']??'']); echo json_encode(['ok'=>true, 'message'=>'Provider added. Test with action=test_send']); } elseif ($action === 'send') { $phone = $_POST['phone'] ?? ''; $message = $_POST['message'] ?? ''; if (!$phone || !$message) { echo json_encode(['error'=>'phone + message required']); exit; } $prov = $pdo->query("SELECT * FROM sms_providers WHERE active=true LIMIT 1")->fetch(PDO::FETCH_ASSOC); if (!$prov) { echo json_encode(['error'=>'No active SMS provider. Add one via add_provider']); exit; } // OVH SMS API call $url = "https://eu.api.ovh.com/1.0/sms/{$prov['service_name']}/jobs"; $body = json_encode(['charset'=>'UTF-8','message'=>$message,'noStopClause'=>true,'receivers'=>[$phone],'sender'=>$prov['sender_name'],'priority'=>'high']); $timestamp = time(); $sig = '$1$' . sha1($prov['app_secret'].'+'.$prov['consumer_key'].'+POST+'.$url.'+'.$body.'+'.$timestamp); $ch = curl_init($url); curl_setopt_array($ch, [CURLOPT_POST=>true, CURLOPT_RETURNTRANSFER=>true, CURLOPT_TIMEOUT=>15, CURLOPT_HTTPHEADER=>["Content-Type: application/json","X-Ovh-Application: {$prov['app_key']}","X-Ovh-Consumer: {$prov['consumer_key']}","X-Ovh-Signature: $sig","X-Ovh-Timestamp: $timestamp"], CURLOPT_POSTFIELDS=>$body]); $r = curl_exec($ch); $code = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); $pdo->prepare("INSERT INTO sms_log (phone, message, status, provider, provider_ref) VALUES (?,?,?,?,?)") ->execute([$phone, $message, $code==200?'sent':'failed', 'ovh', $r]); echo json_encode(['ok'=>$code==200, 'http_code'=>$code, 'response'=>json_decode($r,true)]); } elseif ($action === 'bulk_send') { $campaign_id = (int)($_POST['campaign_id'] ?? 0); $message = $_POST['message'] ?? ''; $country = $_POST['country'] ?? 'MA'; $limit = min((int)($_POST['limit'] ?? 100), 1000); $phones = $pdo->prepare("SELECT DISTINCT telephone FROM medecins WHERE country=? AND telephone IS NOT NULL AND telephone != '' LIMIT ?"); $phones->execute([$country, $limit]); $list = $phones->fetchAll(PDO::FETCH_COLUMN); echo json_encode(['ok'=>true, 'recipients'=>count($list), 'message'=>$message, 'note'=>'Use action=send for each phone or configure bulk via OVH']); } else { echo json_encode(['actions'=>['status','add_provider','send','bulk_send']]); }