'Unauthorized']); exit; } $pdo = new PDO("pgsql:host=10.1.0.3;port=5432;dbname=adx_system", "admin", "admin123"); $pdo->exec("SET search_path TO ethica, public"); $pdo->exec("CREATE TABLE IF NOT EXISTS whatsapp_providers (id SERIAL PRIMARY KEY, name TEXT, phone_number_id TEXT, access_token TEXT, business_id TEXT, verify_token TEXT, active BOOLEAN DEFAULT false, created_at TIMESTAMP DEFAULT NOW())"); $pdo->exec("CREATE TABLE IF NOT EXISTS whatsapp_log (id SERIAL PRIMARY KEY, campaign_id INT, phone TEXT, template_name TEXT, status TEXT DEFAULT 'pending', wa_message_id TEXT, sent_at TIMESTAMP DEFAULT NOW())"); $action = $_POST['action'] ?? $_GET['action'] ?? 'status'; if ($action === 'status') { $providers = $pdo->query("SELECT id, name, phone_number_id, active FROM whatsapp_providers")->fetchAll(PDO::FETCH_ASSOC); $sent = $pdo->query("SELECT COUNT(*) FROM whatsapp_log WHERE status='sent'")->fetchColumn(); echo json_encode(['ok'=>true, 'providers'=>$providers, 'total_sent'=>(int)$sent]); } elseif ($action === 'add_provider') { $stmt = $pdo->prepare("INSERT INTO whatsapp_providers (name, phone_number_id, access_token, business_id, verify_token, active) VALUES (?,?,?,?,?,true)"); $stmt->execute([$_POST['name']??'Meta WA', $_POST['phone_number_id']??'', $_POST['access_token']??'', $_POST['business_id']??'', $_POST['verify_token']??bin2hex(random_bytes(16))]); echo json_encode(['ok'=>true, 'message'=>'WhatsApp provider added']); } elseif ($action === 'send_template') { $phone = $_POST['phone'] ?? ''; $template = $_POST['template_name'] ?? 'ethica_consent'; $params = json_decode($_POST['params'] ?? '[]', true) ?: []; $prov = $pdo->query("SELECT * FROM whatsapp_providers WHERE active=true LIMIT 1")->fetch(PDO::FETCH_ASSOC); if (!$prov) { echo json_encode(['error'=>'No active WhatsApp provider']); exit; } $body = ['messaging_product'=>'whatsapp','to'=>$phone,'type'=>'template','template'=>['name'=>$template,'language'=>['code'=>'fr'],'components'=>[]]]; if ($params) { $body['template']['components'][] = ['type'=>'body','parameters'=>array_map(fn($v)=>['type'=>'text','text'=>$v], $params)]; } $ch = curl_init("https://graph.facebook.com/v18.0/{$prov['phone_number_id']}/messages"); curl_setopt_array($ch, [CURLOPT_POST=>true, CURLOPT_RETURNTRANSFER=>true, CURLOPT_TIMEOUT=>15, CURLOPT_HTTPHEADER=>["Content-Type: application/json","Authorization: Bearer {$prov['access_token']}"], CURLOPT_POSTFIELDS=>json_encode($body)]); $r = curl_exec($ch); $code = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); $d = json_decode($r, true); $waId = $d['messages'][0]['id'] ?? ''; $pdo->prepare("INSERT INTO whatsapp_log (phone, template_name, status, wa_message_id) VALUES (?,?,?,?)") ->execute([$phone, $template, $code==200?'sent':'failed', $waId]); echo json_encode(['ok'=>$code==200, 'wa_message_id'=>$waId, 'response'=>$d]); } elseif ($action === 'webhook') { // Meta webhook verification if ($_SERVER['REQUEST_METHOD'] === 'GET') { $mode = $_GET['hub_mode'] ?? ''; $token = $_GET['hub_verify_token'] ?? ''; $challenge = $_GET['hub_challenge'] ?? ''; $prov = $pdo->query("SELECT verify_token FROM whatsapp_providers WHERE active=true LIMIT 1")->fetch(PDO::FETCH_ASSOC); if ($mode === 'subscribe' && $token === ($prov['verify_token']??'')) { echo $challenge; } else { http_response_code(403); } exit; } // Incoming message webhook $payload = json_decode(file_get_contents('php://input'), true); file_put_contents("/tmp/wa_webhook_".time().".json", json_encode($payload)); echo json_encode(['ok'=>true]); } else { echo json_encode(['actions'=>['status','add_provider','send_template','webhook']]); }