html/api/tracking-relay.php

<?php
header("Access-Control-Allow-Origin: *");

$tracking_id = null;
$event_type = 'open';
$referer = 'unknown';

if ($_SERVER['REQUEST_METHOD'] === 'GET' && !empty($_GET['t'])) {
    // GET = pixel from email client
    $tracking_id = $_GET['t'];
    $event_type = $_GET['e'] ?? 'open';
    $referer = $_SERVER['HTTP_REFERER'] ?? 'pixel';
    $data = json_encode(['tracking_id' => $tracking_id, 'event_type' => $event_type, 'referer' => $referer]);
} else {
    // POST = relay from S151 or direct call
    $input = file_get_contents("php://input");
    $json = json_decode($input, true);
    if ($json && !empty($json['tracking_id'])) {
        $tracking_id = $json['tracking_id'];
        // Accept both "event" (S151) and "event_type" (direct)
        $event_type = $json['event_type'] ?? $json['event'] ?? 'open';
        $referer = $json['referer'] ?? $json['url'] ?? $json['ip'] ?? 'relay';
        // Normalize payload for S95
        $data = json_encode([
            'tracking_id' => $tracking_id,
            'event_type' => $event_type,
            'referer' => $referer,
            'ip' => $json['ip'] ?? '',
            'ua' => $json['ua'] ?? ''
        ]);
    }
}

if (!$tracking_id) {
    http_response_code(400);
    echo json_encode(["error" => "missing tracking_id"]);
    exit;
}

// Relay to S95
$ch = curl_init("http://10.1.0.3:5890/api/tracking-webhook.php");
curl_setopt_array($ch, [
    CURLOPT_POST => true,
    CURLOPT_POSTFIELDS => $data,
    CURLOPT_HTTPHEADER => ["Content-Type: application/json"],
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_TIMEOUT => 5
]);
$resp = curl_exec($ch);
$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    header("Content-Type: image/gif");
    header("Cache-Control: no-store, no-cache");
    echo base64_decode("R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7");
} else {
    header("Content-Type: application/json");
    echo json_encode(["ok" => $code === 200, "upstream" => $code, "event_type" => $event_type]);
}