Spaces:

kingkay000
/

php

Running

App Files Files Community

kingkay000 commited on Jan 16

Commit

e31284f

verified ·

1 Parent(s): bdca4f9

Upload 25 files

Browse files

Files changed (25) hide show

easypay-api/.gemini/RECEIPT_FIX_SUMMARY.md +101 -0
easypay-api/README.md +204 -0
easypay-api/ajax_handlers.php +122 -0
easypay-api/api/.htaccess +26 -0
easypay-api/api/API_DOCUMENTATION.md +667 -0
easypay-api/api/LAST_RECEIPT_ENDPOINT.md +221 -0
easypay-api/api/README.md +396 -0
easypay-api/api/payments/process.php +340 -0
easypay-api/api/students/balance.php +63 -0
easypay-api/api/students/invoice.php +74 -0
easypay-api/api/students/last_receipt.php +209 -0
easypay-api/api/students/payment_status.php +69 -0
easypay-api/api/test.html +350 -0
easypay-api/api/test_receipt.html +322 -0
easypay-api/assets/logo.png +0 -0
easypay-api/config/api_config.php +30 -0
easypay-api/db_config.php +27 -0
easypay-api/download_receipt.php +134 -0
easypay-api/includes/ApiValidator.php +293 -0
easypay-api/includes/PaymentProcessor.php +691 -0
easypay-api/includes/ReceiptGenerator.php +283 -0
easypay-api/index.php +711 -0
easypay-api/logs/api.log +3 -0
easypay-api/process_payment - v0.php +663 -0
easypay-api/process_payment.php +668 -0

easypay-api/.gemini/RECEIPT_FIX_SUMMARY.md ADDED Viewed

	@@ -0,0 +1,101 @@

+# Receipt Generation Fix - API vs Web Interface
+## Issue Identified
+When payments were processed through the API endpoint (`POST /api/payments/process`), the generated receipts only displayed the fee items that received payment in that specific transaction. This differed from the web interface behavior, where receipts showed **all** fee items for the term with their complete financial status (amount billed, paid to date, and outstanding balance).
+This discrepancy left parents with an incomplete and inaccurate picture of their outstanding fees when using the API.
+## Root Cause
+### Web Interface (`download_receipt.php`)
+- Fetches **ALL fees** for the student from `tb_account_receivables`
+- Calculates cumulative "paid to date" for each fee up to the receipt date
+- Displays all fees with either:
+  - Outstanding balance > 0, OR
+  - Payment made in that receipt > 0
+- Shows complete columns: Fee Description, Term/Session, Amount Billed, Amount Paid, Paid To Date, To Balance
+### API Endpoint (`api/payments/process.php` - BEFORE FIX)
+- Used only the `allocations` array returned by `PaymentProcessor::processPayment()`
+- This array contained **only** the fees that received payment in the current transaction
+- Did not show other outstanding fees or complete financial picture
+- Parents could not see their total outstanding balance
+## Solution Implemented
+Modified `api/payments/process.php` (lines 206-298) to use the **same comprehensive receipt generation logic** as the web interface:
+### Changes Made:
+1. **Fetch All Student Fees**: Query `tb_account_receivables` to get all fees billed to the student
+2. **Calculate Paid To Date**: For each fee, sum all payments made up to the receipt date from `tb_account_payment_registers`
+3. **Calculate Amount Paid in This Receipt**: Determine how much was paid for each fee in this specific transaction
+4. **Calculate Balance**: Compute outstanding balance for each fee (amount billed - paid to date)
+5. **Filter Display**: Show fees that either have:
+   - Outstanding balance > 0, OR
+   - Payment made in this receipt > 0
+6. **Generate Complete Receipt**: Pass all fee information to `ReceiptGenerator` with proper structure
+### Key Code Changes:
+```php
+// OLD (Incomplete)
+$result['data']['student_name'] = $student['full_name'];
+$generator = new ReceiptGenerator();
+$receiptBase64 = $generator->generateBase64($result['data']);
+// NEW (Complete)
+// Fetch ALL fees from receivables
+$sqlFees = "SELECT ar.fee_id, ar.actual_value as amount_billed,
+                   ar.academic_session, ar.term_of_session,
+                   sf.description as fee_description
+            FROM tb_account_receivables ar
+            JOIN tb_account_school_fees sf ON ar.fee_id = sf.id
+            WHERE ar.student_id = :sid
+            ORDER BY ar.academic_session ASC, ar.term_of_session ASC";
+// Calculate paid to date and balances for each fee
+// Build comprehensive allocations array
+// Generate receipt with complete fee information
+```
+## Impact
+### Before Fix:
+- API receipts showed only 2-3 fees (those paid in transaction)
+- Parents couldn't see total outstanding balance
+- Incomplete financial picture
+- Inconsistent with web interface
+### After Fix:
+- API receipts show ALL relevant fees (matching web interface)
+- Complete financial transparency:
+  - All fees billed for the term
+  - Amount paid in this transaction
+  - Cumulative paid to date
+  - Outstanding balance for each fee
+- Parents have accurate picture of total outstanding fees
+- Consistent behavior across web and API interfaces
+## Testing Recommendations
+1. **Test API Payment**: Process a payment via API that partially pays multiple fees
+2. **Verify Receipt**: Check that the generated receipt shows:
+   - All fees for the student (not just paid ones)
+   - Correct "Amount Paid" column (only for fees paid in this transaction)
+   - Correct "Paid To Date" column (cumulative payments)
+   - Correct "To Balance" column (outstanding amounts)
+3. **Compare with Web**: Process a similar payment via web interface and compare receipts
+4. **Edge Cases**:
+   - Payment that fully settles some fees but not others
+   - Payment that partially pays multiple fees
+   - Student with fees from multiple terms/sessions
+## Files Modified
+- `c:\xampp\htdocs\easypay\api\payments\process.php` (lines 206-298)
+## Files Referenced (No Changes)
+- `c:\xampp\htdocs\easypay\download_receipt.php` (used as reference for correct behavior)
+- `c:\xampp\htdocs\easypay\includes\ReceiptGenerator.php` (receipt rendering logic)
+- `c:\xampp\htdocs\easypay\includes\PaymentProcessor.php` (payment processing logic)

easypay-api/README.md ADDED Viewed

	@@ -0,0 +1,204 @@

+# Student Fee Payment Registration System
+A streamlined 2-page PHP application that simplifies the school fee payment process by automatically allocating payments across outstanding fees from oldest to newest.
+## Features
+- **AJAX-powered student search** - Find students quickly by name or student code
+- **Outstanding fees display** - View all unpaid fees sorted from oldest to newest
+- **Automatic payment allocation** - Payments are automatically distributed across selected fees in chronological order
+- **Teller validation** - Automatic lookup of bank statements with unreconciled amount calculation
+- **Duplicate prevention** - Prevents multiple payments for the same student on the same date
+- **Transactional integrity** - All database operations wrapped in transactions with automatic rollback on error
+- **Comprehensive receipts** - Detailed payment confirmation with all settled fees
+## Database Tables Used
+The application interacts with the following tables in the `one_arps_aci` database:
+- `tb_student_registrations` - Student information
+- `tb_academic_levels` - Academic level details
+- `tb_account_school_fees` - Fee definitions
+- `tb_account_receivables` - Billed fees (invoices)
+- `tb_account_bank_statements` - Bank transaction data
+- `tb_account_school_fee_payments` - Individual fee payment records
+- `tb_account_school_fee_sum_payments` - Aggregated payment records
+- `tb_account_student_payments` - Cumulative payment tracking
+- `tb_account_payment_registers` - Receipt records
+- `tb_student_logistics` - Student outstanding balance tracking
+## Installation
+### Prerequisites
+- PHP 7.4 or higher
+- MySQL 5.7 or higher
+- Web server (Apache, Nginx, or PHP built-in server)
+- Existing `one_arps_aci` database with required tables
+### Setup Steps
+1. **Copy files to your web directory**
+   ```
+   c:\ESD\ARPS EasyPayments\
+   ├── db_config.php
+   ├── index.php
+   ├── process_payment.php
+   └── ajax_handlers.php
+   ```
+2. **Configure database connection**
+   Edit `db_config.php` and update the following constants:
+   ```php
+   define('DB_HOST', 'localhost');     // Your MySQL host
+   define('DB_USER', 'root');          // Your MySQL username
+   define('DB_PASS', '');              // Your MySQL password
+   ```
+3. **Set proper permissions**
+   Ensure the web server has read access to all PHP files.
+4. **Access the application**
+   Navigate to `http://localhost/ARPS%20EasyPayments/index.php` in your browser.
+## Usage Guide
+### Step 1: Search for a Student
+1. Type the student's name or student code in the search box
+2. Select the student from the dropdown results
+3. The page will reload showing student details and outstanding fees
+### Step 2: Review Outstanding Fees
+- All outstanding fees are displayed in a table, sorted from oldest to newest
+- Fees are pre-checked by default
+- You can uncheck any fees you don't want to settle
+- The table shows:
+  - Fee description
+  - Academic session and term
+  - Billed amount
+  - Amount already paid
+  - Outstanding balance
+### Step 3: Process Payment
+1. Click the **"Process Payment"** button
+2. Enter the **Teller Number** from the bank statement
+3. The system will automatically:
+   - Look up the bank statement
+   - Fill in the bank narration
+   - Calculate the unreconciled amount on the teller
+4. Enter the **Amount to Use for Fees** (must not exceed unreconciled amount)
+5. Click **"OK PROCEED!"**
+### Step 4: View Confirmation
+- On success, you'll see a detailed receipt showing:
+  - Student name and receipt number
+  - Payment date and teller information
+  - All fees that were settled
+  - Remaining unreconciled amount on the teller
+- On failure, you'll see an error message (no database changes are made)
+## Payment Allocation Logic
+The system automatically allocates payments using the following rules:
+1. **Oldest First** - Fees are sorted by academic session (ASC), then term (ASC)
+2. **Full Settlement Priority** - Each fee is fully settled before moving to the next
+3. **Partial Settlement** - If the payment amount runs out, the last fee is partially settled
+4. **Automatic Calculation** - No manual allocation required
+### Example
+If a student has these outstanding fees:
+- 2024 Term 1: ₦10,000
+- 2024 Term 2: ₦15,000
+- 2024 Term 3: ₦12,000
+And you process a payment of ₦30,000:
+- 2024 Term 1: Fully settled (₦10,000)
+- 2024 Term 2: Fully settled (₦15,000)
+- 2024 Term 3: Partially settled (₦5,000)
+## ID Generation Rules
+The application follows strict ID generation rules as per the database schema:
+- **transaction_id**: `student_id + academic_session + payment_date`
+- **school_fee_payment_id**: `student_code + fee_id + payment_date`
+- **receipt_no**: `student_code + payment_date`
+- **Date format**: Always `YYYY-MM-DD`
+## Error Handling
+The application includes comprehensive error handling:
+- **Database connection failures** - Clear error message displayed
+- **Invalid teller numbers** - Validation before processing
+- **Duplicate payments** - Prevented at database level
+- **Insufficient unreconciled amount** - Client and server-side validation
+- **Transaction failures** - Automatic rollback with error details
+## Security Features
+- **PDO with prepared statements** - Protection against SQL injection
+- **Input validation** - Server-side validation of all inputs
+- **Output sanitization** - All user data is escaped before display
+- **Transaction integrity** - All-or-nothing database operations
+## Browser Compatibility
+- Chrome (recommended)
+- Firefox
+- Edge
+- Safari
+## Troubleshooting
+### "Database connection failed"
+- Check your database credentials in `db_config.php`
+- Ensure MySQL server is running
+- Verify the database name is `one_arps_aci`
+### "Teller number not found"
+- Verify the teller number exists in `tb_account_bank_statements`
+- Check that the teller number is the last token in the description field
+- Ensure there's unreconciled amount available
+### "A payment for this student has already been registered on this date"
+- This is a duplicate prevention feature
+- You cannot process multiple payments for the same student on the same date
+- Use a different payment date or check existing records
+## Technical Notes
+### Teller Number Extraction
+The system extracts teller information from `tb_account_bank_statements.description` using this logic:
+- **Teller Number**: Last token (rightmost word) after splitting by spaces
+- **Teller Name**: All text before the last space
+Example: `"SCHOOL FEES PAYMENT 1234567890"`
+- Teller Number: `1234567890`
+- Teller Name: `SCHOOL FEES PAYMENT`
+### Unreconciled Amount Calculation
+```sql
+unreconciled_amount = bank_statement.amount_paid - SUM(school_fee_payments.amount_paid)
+```
+This shows how much of the bank deposit has not yet been allocated to student fees.
+## Support
+For issues or questions, please contact the system administrator.
+## License
+Internal use only - ARPS School Management System

easypay-api/ajax_handlers.php ADDED Viewed

	@@ -0,0 +1,122 @@

+<?php
+/**
+ * AJAX Handlers
+ * Endpoints for student search and teller lookup
+ */
+require_once 'db_config.php';
+header('Content-Type: application/json');
+$action = $_GET['action'] ?? '';
+try {
+    switch ($action) {
+        case 'search_students':
+            searchStudents($pdo);
+            break;
+        case 'lookup_teller':
+            lookupTeller($pdo);
+            break;
+        default:
+            echo json_encode(['error' => 'Invalid action']);
+    }
+} catch (Exception $e) {
+    echo json_encode(['error' => $e->getMessage()]);
+}
+/**
+ * Search for students by name or student code
+ */
+function searchStudents($pdo)
+{
+    $search = $_GET['search'] ?? '';
+    if (strlen($search) < 2) {
+        echo json_encode([]);
+        return;
+    }
+    $sql = "SELECT
+                id,
+                student_code,
+                CONCAT(last_name, ' ', first_name, ' ', COALESCE(other_name, '')) AS full_name
+            FROM tb_student_registrations
+            WHERE
+		admission_status = 'Active' -- New condition added here
+    		AND (
+        	    student_code LIKE :search1
+	            OR last_name LIKE :search2
+        	    OR first_name LIKE :search3
+        	    OR other_name LIKE :search4
+      		    OR CONCAT(last_name, ' ', first_name, ' ', COALESCE(other_name, '')) LIKE :search5
+    		)
+            ORDER BY last_name, first_name
+            LIMIT 20";
+    $stmt = $pdo->prepare($sql);
+    $searchParam = '%' . $search . '%';
+    $stmt->execute([
+        'search1' => $searchParam,
+        'search2' => $searchParam,
+        'search3' => $searchParam,
+        'search4' => $searchParam,
+        'search5' => $searchParam
+    ]);
+    $results = $stmt->fetchAll();
+    echo json_encode($results);
+}
+/**
+ * Lookup bank statement by teller number
+ */
+function lookupTeller($pdo)
+{
+    $tellerNumber = $_GET['teller_number'] ?? '';
+    if (empty($tellerNumber)) {
+        echo json_encode(['error' => 'Teller number is required']);
+        return;
+    }
+    // Query to find bank statement and calculate unreconciled amount
+    $sql = "SELECT
+                bs.id,
+                bs.description,
+                bs.amount_paid,
+                bs.payment_date,
+                COALESCE(fp.total_registered_fee, 0.00) AS registered_amount,
+                (bs.amount_paid - COALESCE(fp.total_registered_fee, 0.00)) AS unreconciled_amount
+            FROM tb_account_bank_statements bs
+            LEFT JOIN (
+                SELECT teller_no, SUM(amount_paid) AS total_registered_fee
+                FROM tb_account_school_fee_payments
+                GROUP BY teller_no
+            ) fp ON SUBSTRING_INDEX(bs.description, ' ', -1) = fp.teller_no
+            WHERE SUBSTRING_INDEX(bs.description, ' ', -1) = :teller_number
+            HAVING unreconciled_amount >= 0
+            LIMIT 1";
+    $stmt = $pdo->prepare($sql);
+    $stmt->execute(['teller_number' => $tellerNumber]);
+    $result = $stmt->fetch();
+    if (!$result) {
+        echo json_encode(['error' => 'Teller number not found or fully reconciled']);
+        return;
+    }
+    // Extract teller name (description without last token)
+    $descParts = explode(' ', $result['description']);
+    array_pop($descParts); // Remove teller number
+    $tellerName = implode(' ', $descParts);
+    $result['teller_name'] = $tellerName;
+    $result['teller_no'] = $tellerNumber;
+    echo json_encode($result);
+}

easypay-api/api/.htaccess ADDED Viewed

	@@ -0,0 +1,26 @@

+# Payment API .htaccess
+# Enable clean URLs for API endpoints
+<IfModule mod_rewrite.c>
+    RewriteEngine On
+    RewriteBase /easypay/api/
+    # Route /api/payments/process to process.php
+    RewriteRule ^payments/process$ payments/process.php [L]
+    # Route /api/students/...
+    RewriteRule ^students/balance$ students/balance.php [L]
+    RewriteRule ^students/invoice$ students/invoice.php [L]
+    RewriteRule ^students/payment_status$ students/payment_status.php [L]
+</IfModule>
+# Security headers
+<IfModule mod_headers.c>
+    # Prevent directory listing
+    Options -Indexes
+    # Security headers
+    Header set X-Content-Type-Options "nosniff"
+    Header set X-Frame-Options "DENY"
+    Header set X-XSS-Protection "1; mode=block"
+</IfModule>

easypay-api/api/API_DOCUMENTATION.md ADDED Viewed

	@@ -0,0 +1,667 @@

+# Payment Processing API Documentation
+## Overview
+The Payment Processing API allows external systems to initiate student fee payments securely via JSON requests. The API uses the same internal payment processing logic as the web application, ensuring consistency and reliability.
+## Base URL
+```
+http://your-domain.com/easypay/api/
+```
+## Authentication
+### API Key (Optional)
+If API authentication is enabled, include an API key in the request header:
+```
+Authorization: Bearer YOUR_API_KEY
+```
+To enable API authentication:
+1. Edit `config/api_config.php`
+2. Set `API_AUTH_ENABLED` to `true`
+3. Add your API keys to the `API_KEYS` array
+## Endpoint
+### Process Payment
+**POST** `/api/payments/process`
+Processes a student fee payment using a bank teller number.
+#### Request Headers
+```
+Content-Type: application/json
+Authorization: Bearer YOUR_API_KEY (if authentication is enabled)
+```
+#### Request Body
+```json
+{
+  "student_id": "string|integer",
+  "teller_no": "string",
+  "amount": number
+}
+```
+**Field Descriptions:**
+| Field | Type | Required | Description |
+|-------|------|----------|-------------|
+| `student_id` | string/integer | Yes | The unique ID of the student from `tb_student_registrations` |
+| `teller_no` | string | Yes | The teller number from the bank statement (must exist in `tb_account_bank_statements`) |
+| `amount` | number | Yes | The amount to allocate to student fees (must be positive and not exceed unreconciled amount) |
+#### Success Response (HTTP 201)
+```json
+{
+  "status": "success",
+  "message": "Payment processed successfully",
+  "data": {
+    "student_id": "000001234567890123",
+    "teller_no": "1234567890",
+    "amount": 50000.00,
+    "payment_id": "000001234567890123202420260109",
+    "receipt_no": "STU001202420260109",
+    "payment_date": "2026-01-09",
+    "fees_settled": [
+      {
+        "fee_description": "Tuition Fee",
+        "session": "2024",
+        "term": "1",
+        "amount": 30000.00
+      },
+      {
+        "fee_description": "Development Levy",
+        "session": "2024",
+        "term": "1",
+        "amount": 20000.00
+      }
+    ]
+  }
+}
+```
+#### Error Responses
+**Validation Error (HTTP 400)**
+```json
+{
+  "status": "error",
+  "message": "Validation failed",
+  "errors": {
+    "student_id": "Student ID is required",
+    "amount": "Amount must be greater than zero"
+  }
+}
+```
+**Student Not Found (HTTP 404)**
+```json
+{
+  "status": "error",
+  "message": "Student not found"
+}
+```
+**Teller Not Found (HTTP 404)**
+```json
+{
+  "status": "error",
+  "message": "Teller number not found"
+}
+```
+**Amount Exceeds Unreconciled (HTTP 400)**
+```json
+{
+  "status": "error",
+  "message": "Amount exceeds unreconciled amount on teller",
+  "errors": {
+    "amount": "Requested amount (60,000.00) exceeds available unreconciled amount (50,000.00)"
+  }
+}
+```
+**Duplicate Payment (HTTP 400)**
+```json
+{
+  "status": "error",
+  "message": "Internal server error",
+  "error_detail": "A payment for this student has already been registered on this date (2026-01-09)"
+}
+```
+**Unauthorized (HTTP 401)**
+```json
+{
+  "status": "error",
+  "message": "Invalid API key"
+}
+```
+**Invalid Content-Type (HTTP 400)**
+```json
+{
+  "status": "error",
+  "message": "Invalid Content-Type. Expected application/json"
+}
+```
+**Server Error (HTTP 500)**
+{
+  "status": "error",
+  "message": "Internal server error"
+}
+```
+### Student Information Endpoints
+#### 1. Get Outstanding Balance
+**GET** `/api/students/balance`
+Fetches a student's total outstanding balance and a breakdown of unpaid fees.
+**Parameters:**
+| Parameter | Type | Required | Description |
+|-----------|------|----------|-------------|
+| `student_id` | string | Yes | The ID of the student |
+**Success Response:**
+```json
+{
+  "status": "success",
+  "data": {
+    "student_id": "000001234567890123",
+    "currency": "NGN",
+    "total_outstanding": 50000,
+    "breakdown": [
+      {
+        "fee_id": "...",
+        "fee_description": "Tuition Fee",
+        "academic_session": "2024",
+        "term_of_session": "1",
+        "amount_billed": 100000,
+        "amount_paid": 50000,
+        "outstanding_amount": 50000
+      }
+    ]
+  }
+}
+```
+#### 2. Get Term Invoice
+**GET** `/api/students/invoice`
+Fetches the breakdown of fees billed to a student for a specific term and session.
+**Parameters:**
+| Parameter | Type | Required | Description |
+|-----------|------|----------|-------------|
+| `student_id` | string | Yes | The ID of the student |
+| `academic_session` | string | Yes | The accounting year (e.g. "2024") |
+| `term` | string | Yes | The term number (e.g. "1") |
+**Success Response:**
+```json
+{
+  "status": "success",
+  "data": {
+    "student_id": "...",
+    "academic_session": "2024",
+    "term": "1",
+    "items": [
+      {
+        "description": "Tuition Fee",
+        "amount_billed": 100000,
+        "amount_paid": 100000,
+        "balance": 0
+      }
+    ]
+  }
+}
+```
+#### 3. Get Term Payment Status
+**GET** `/api/students/payment_status`
+Gets a copy of the payment status for a term, including summary and transaction history.
+**Parameters:**
+| Parameter | Type | Required | Description |
+|-----------|------|----------|-------------|
+| `student_id` | string | Yes | The ID of the student |
+| `academic_session` | string | Yes | The accounting year |
+| `term` | string | Yes | The term number |
+**Success Response:**
+```json
+{
+  "status": "success",
+  "data": {
+    "summary": {
+      "total_billed": 150000,
+      "total_paid": 100000,
+      "outstanding": 50000
+    },
+    "transactions": [
+      {
+        "payment_date": "2026-01-15",
+        "amount": 50000,
+        "transaction_id": "...",
+        "payment_ref": "..."
+      }
+    ]
+  }
+}
+```
+#### 4. Get Last Payment Receipt Image
+**GET** `/api/students/last_receipt`
+Returns the receipt image (PNG format) of the most recent payment made by a student.
+**Parameters:**
+| Parameter | Type | Required | Description |
+|-----------|------|----------|-------------|
+| `student_id` | string | Yes | The ID of the student |
+**Success Response:**
+- **Content-Type:** `image/png`
+- **Body:** Binary PNG image data
+- The image can be saved directly to a file or displayed in an application
+**Error Responses:**
+```json
+// Student ID missing
+{
+  "status": "error",
+  "message": "Student ID is required"
+}
+// Student not found
+{
+  "status": "error",
+  "message": "Student not found or inactive"
+}
+// No payment records
+{
+  "status": "error",
+  "message": "No payment records found for this student"
+}
+// Server error
+{
+  "status": "error",
+  "message": "Error generating receipt: [error details]"
+}
+```
+**Example Requests:**
+**cURL:**
+```bash
+# Download receipt to file
+curl -X GET "http://your-domain.com/easypay/api/students/last_receipt?student_id=000001234567890123" \
+  --output receipt.png
+# With API authentication
+curl -X GET "http://your-domain.com/easypay/api/students/last_receipt?student_id=000001234567890123" \
+  -H "Authorization: Bearer your-api-key-here" \
+  --output receipt.png
+```
+**PHP:**
+```php
+<?php
+$studentId = '000001234567890123';
+$url = "http://your-domain.com/easypay/api/students/last_receipt?student_id={$studentId}";
+$context = stream_context_create([
+    'http' => [
+        'header' => 'Authorization: Bearer your-api-key-here'
+    ]
+]);
+$imageData = file_get_contents($url, false, $context);
+if ($imageData !== false) {
+    // Save to file
+    file_put_contents('receipt.png', $imageData);
+    // Or display in browser
+    header('Content-Type: image/png');
+    echo $imageData;
+} else {
+    echo "Error fetching receipt";
+}
+?>
+```
+**JavaScript (Fetch API):**
+```javascript
+const studentId = '000001234567890123';
+const url = `http://your-domain.com/easypay/api/students/last_receipt?student_id=${studentId}`;
+fetch(url, {
+  headers: {
+    'Authorization': 'Bearer your-api-key-here'
+  }
+})
+.then(response => {
+  if (response.ok) {
+    return response.blob();
+  } else {
+    return response.json().then(err => {
+      throw new Error(err.message);
+    });
+  }
+})
+.then(blob => {
+  // Create download link
+  const url = window.URL.createObjectURL(blob);
+  const a = document.createElement('a');
+  a.href = url;
+  a.download = 'receipt.png';
+  a.click();
+  // Or display in img tag
+  // document.getElementById('receiptImage').src = url;
+})
+.catch(error => console.error('Error:', error));
+```
+**Python:**
+```python
+import requests
+student_id = '000001234567890123'
+url = f'http://your-domain.com/easypay/api/students/last_receipt?student_id={student_id}'
+headers = {
+    'Authorization': 'Bearer your-api-key-here'
+}
+response = requests.get(url, headers=headers)
+if response.status_code == 200:
+    # Save to file
+    with open('receipt.png', 'wb') as f:
+        f.write(response.content)
+    print("Receipt downloaded successfully")
+else:
+    # Handle error
+    error = response.json()
+    print(f"Error: {error['message']}")
+```
+## Payment Allocation Logic
+The API automatically allocates payments using the following rules:
+1. **Automatic Fee Selection**: The system fetches all outstanding fees for the student
+2. **Oldest First**: Fees are sorted by academic session (ascending), then term (ascending)
+3. **Full Settlement Priority**: Each fee is fully settled before moving to the next
+4. **Partial Settlement**: If the payment amount runs out, the last fee is partially settled
+5. **Transaction Integrity**: All database operations are wrapped in a transaction (all-or-nothing)
+### Example
+If a student has these outstanding fees:
+- 2024 Term 1 Tuition: ₦30,000
+- 2024 Term 2 Tuition: ₦30,000
+- 2024 Term 3 Tuition: ₦30,000
+And you send a payment of ₦50,000:
+- 2024 Term 1: Fully settled (₦30,000)
+- 2024 Term 2: Partially settled (₦20,000)
+- 2024 Term 3: Not settled
+## Validation Rules
+### Student Validation
+- Student ID must exist in `tb_student_registrations`
+- Student must have `admission_status = 'Active'`
+- Student must have outstanding fees
+### Teller Validation
+- Teller number must exist in `tb_account_bank_statements`
+- Teller must have unreconciled amount > 0
+- The teller number is extracted as the last word in the `description` field
+### Amount Validation
+- Amount must be a positive number
+- Amount must not exceed the unreconciled amount on the teller
+- Amount must not be zero or negative
+### Duplicate Prevention
+- Only one payment per student per day is allowed
+- This prevents accidental duplicate submissions
+## Example Requests
+### cURL
+```bash
+curl -X POST http://your-domain.com/easypay/api/payments/process \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer your-api-key-here" \
+  -d '{
+    "student_id": "000001234567890123",
+    "teller_no": "1234567890",
+    "amount": 50000
+  }'
+```
+### PHP
+```php
+<?php
+$url = 'http://your-domain.com/easypay/api/payments/process';
+$data = [
+    'student_id' => '000001234567890123',
+    'teller_no' => '1234567890',
+    'amount' => 50000
+];
+$options = [
+    'http' => [
+        'header' => [
+            'Content-Type: application/json',
+            'Authorization: Bearer your-api-key-here'
+        ],
+        'method' => 'POST',
+        'content' => json_encode($data)
+    ]
+];
+$context = stream_context_create($options);
+$response = file_get_contents($url, false, $context);
+$result = json_decode($response, true);
+if ($result['status'] === 'success') {
+    echo "Payment processed: " . $result['data']['payment_id'];
+} else {
+    echo "Error: " . $result['message'];
+}
+?>
+```
+### JavaScript (Fetch API)
+```javascript
+const url = 'http://your-domain.com/easypay/api/payments/process';
+const data = {
+  student_id: '000001234567890123',
+  teller_no: '1234567890',
+  amount: 50000
+};
+fetch(url, {
+  method: 'POST',
+  headers: {
+    'Content-Type': 'application/json',
+    'Authorization': 'Bearer your-api-key-here'
+  },
+  body: JSON.stringify(data)
+})
+.then(response => response.json())
+.then(result => {
+  if (result.status === 'success') {
+    console.log('Payment processed:', result.data.payment_id);
+  } else {
+    console.error('Error:', result.message);
+  }
+})
+.catch(error => console.error('Request failed:', error));
+```
+### Python
+```python
+import requests
+import json
+url = 'http://your-domain.com/easypay/api/payments/process'
+headers = {
+    'Content-Type': 'application/json',
+    'Authorization': 'Bearer your-api-key-here'
+}
+data = {
+    'student_id': '000001234567890123',
+    'teller_no': '1234567890',
+    'amount': 50000
+}
+response = requests.post(url, headers=headers, json=data)
+result = response.json()
+if result['status'] == 'success':
+    print(f"Payment processed: {result['data']['payment_id']}")
+else:
+    print(f"Error: {result['message']}")
+```
+## Database Tables Affected
+The API writes to the same tables as the web application:
+1. `tb_account_school_fee_payments` - Individual fee payment records
+2. `tb_account_school_fee_sum_payments` - Aggregated payment records
+3. `tb_account_student_payments` - Cumulative payment tracking
+4. `tb_account_payment_registers` - Receipt records
+5. `tb_student_logistics` - Student outstanding balance updates
+## Logging
+API requests are logged to `logs/api.log` (if enabled in config).
+Each log entry includes:
+- Timestamp
+- Client IP address
+- Request data
+- Response data
+- HTTP status code
+To enable/disable logging, edit `config/api_config.php`:
+```php
+define('API_LOG_ENABLED', true);
+```
+## Security Considerations
+1. **HTTPS Required**: Always use HTTPS in production to encrypt API keys and payment data
+2. **API Key Management**: Store API keys securely and rotate them regularly
+3. **IP Whitelisting**: Consider restricting API access to specific IP addresses
+4. **Rate Limiting**: Implement rate limiting to prevent abuse (future enhancement)
+5. **Input Validation**: All inputs are validated and sanitized before processing
+6. **SQL Injection Protection**: All database queries use prepared statements
+7. **Transaction Integrity**: All operations are atomic (all-or-nothing)
+## Testing
+### Test with API Authentication Disabled
+For initial testing, you can disable API authentication:
+1. Edit `config/api_config.php`
+2. Set `API_AUTH_ENABLED` to `false`
+3. Test without the `Authorization` header
+### Test Cases
+1. **Valid Payment**: Send a valid request with existing student and teller
+2. **Invalid Student**: Send request with non-existent student ID
+3. **Invalid Teller**: Send request with non-existent teller number
+4. **Excessive Amount**: Send amount greater than unreconciled amount
+5. **Duplicate Payment**: Send two payments for same student on same day
+6. **Invalid JSON**: Send malformed JSON
+7. **Missing Fields**: Send request with missing required fields
+## Troubleshooting
+### "Database connection failed"
+- Check database credentials in `db_config.php`
+- Ensure MySQL server is running
+### "Student not found"
+- Verify student ID exists in `tb_student_registrations`
+- Check that student has `admission_status = 'Active'`
+### "Teller number not found"
+- Verify teller exists in `tb_account_bank_statements`
+- Check that teller number is the last word in the description field
+### "Amount exceeds unreconciled amount"
+- Check the unreconciled amount on the teller
+- Reduce the payment amount
+### "No outstanding fees found"
+- Verify student has unpaid fees in `tb_account_receivables`
+## Support
+For technical support or questions, contact your system administrator.
+## Version History
+- **v1.0** (2026-01-09): Initial API release
+  - Payment processing endpoint
+  - JSON request/response format
+  - Optional API key authentication
+  - Comprehensive validation
+  - Transaction logging

easypay-api/api/LAST_RECEIPT_ENDPOINT.md ADDED Viewed

	@@ -0,0 +1,221 @@

+# Last Payment Receipt API - Implementation Summary
+## 🎯 Overview
+A new API endpoint has been added to the EasyPay system that returns the receipt image (PNG format) of the last payment made by a student.
+## ✅ What Was Implemented
+### 1. **New API Endpoint**
+**File:** `api/students/last_receipt.php`
+**Endpoint:** `GET /api/students/last_receipt`
+**Description:** Returns the receipt image of the most recent payment made by a student.
+**Parameters:**
+- `student_id` (required): The student's unique ID
+**Response:**
+- **Success:** PNG image (binary data)
+- **Error:** JSON with error message
+### 2. **Key Features**
+✅ **Automatic Last Payment Detection**
+- Queries the database to find the most recent payment for the student
+- Orders by payment date (DESC) and ID (DESC) to get the latest
+✅ **Complete Receipt Generation**
+- Uses the existing `ReceiptGenerator` class
+- Shows all fee items (not just those in the last payment)
+- Displays proper totals and balances
+- Includes school branding and formatting
+✅ **Validation & Security**
+- Validates student ID is provided
+- Checks student exists and is active
+- Verifies payment records exist
+- Optional API key authentication support
+- Proper error handling with JSON responses
+✅ **Error Handling**
+- Student ID missing (HTTP 400)
+- Student not found (HTTP 404)
+- No payment records (HTTP 404)
+- Receipt generation errors (HTTP 500)
+### 3. **Documentation Updates**
+**Updated Files:**
+- `api/README.md` - Added student endpoints section with last_receipt documentation
+- `api/API_DOCUMENTATION.md` - Added comprehensive documentation with examples in:
+  - cURL
+  - PHP
+  - JavaScript (Fetch API)
+  - Python
+### 4. **Testing Tool**
+**File:** `api/test_receipt.html`
+An interactive web-based testing tool that allows you to:
+- Enter a student ID
+- Optionally use API key authentication
+- View the receipt image in the browser
+- Download the receipt as a PNG file
+## 📁 Files Created/Modified
+### Created:
+1. `api/students/last_receipt.php` - Main endpoint
+2. `api/test_receipt.html` - Testing tool
+### Modified:
+1. `api/README.md` - Added student endpoints documentation
+2. `api/API_DOCUMENTATION.md` - Added detailed endpoint documentation
+## 🚀 How to Use
+### 1. **Basic Usage (cURL)**
+```bash
+# Get receipt and save to file
+curl -X GET "http://localhost/easypay/api/students/last_receipt?student_id=000001234567890123" \
+  --output receipt.png
+```
+### 2. **With API Authentication**
+```bash
+curl -X GET "http://localhost/easypay/api/students/last_receipt?student_id=000001234567890123" \
+  -H "Authorization: Bearer your-api-key-here" \
+  --output receipt.png
+```
+### 3. **Using the Test Tool**
+Open in your browser:
+```
+http://localhost/easypay/api/test_receipt.html
+```
+Enter a student ID and click "Get Receipt" to view and download.
+### 4. **PHP Example**
+```php
+<?php
+$studentId = '000001234567890123';
+$url = "http://localhost/easypay/api/students/last_receipt?student_id={$studentId}";
+$imageData = file_get_contents($url);
+if ($imageData !== false) {
+    // Save to file
+    file_put_contents('receipt.png', $imageData);
+    // Or display in browser
+    header('Content-Type: image/png');
+    echo $imageData;
+}
+?>
+```
+### 5. **JavaScript Example**
+```javascript
+const studentId = '000001234567890123';
+const url = `http://localhost/easypay/api/students/last_receipt?student_id=${studentId}`;
+fetch(url)
+  .then(response => response.blob())
+  .then(blob => {
+    // Create download link
+    const url = window.URL.createObjectURL(blob);
+    const a = document.createElement('a');
+    a.href = url;
+    a.download = 'receipt.png';
+    a.click();
+  });
+```
+## 🔍 How It Works
+1. **Validates Request**: Checks HTTP method and student ID parameter
+2. **Validates Student**: Ensures student exists and is active
+3. **Finds Last Payment**: Queries `tb_account_payment_registers` for most recent payment
+4. **Fetches Receipt Data**: Gets all fee information for the student
+5. **Generates Image**: Uses `ReceiptGenerator` to create PNG receipt
+6. **Returns Image**: Sends PNG image with proper headers
+## 📊 Database Tables Used
+- `tb_account_payment_registers` - Payment records and receipts
+- `tb_student_registrations` - Student information
+- `tb_academic_levels` - Student class/level
+- `tb_account_receivables` - Fee billing information
+- `tb_account_school_fees` - Fee descriptions
+## ✨ Key Benefits
+1. **Easy Integration**: Simple GET request with student ID
+2. **Consistent Format**: Uses same receipt generator as web application
+3. **Automatic Detection**: No need to specify receipt number or date
+4. **Flexible Output**: Can be displayed, downloaded, or embedded
+5. **Secure**: Validates student and supports API authentication
+6. **Well Documented**: Comprehensive examples in multiple languages
+## 🧪 Testing
+### Test Cases to Verify:
+1. ✅ **Valid Student with Payments**
+   - Send request with valid student ID
+   - Expect: PNG image of last receipt
+2. ✅ **Valid Student without Payments**
+   - Send request for student with no payments
+   - Expect: HTTP 404 "No payment records found"
+3. ✅ **Invalid Student**
+   - Send request with non-existent student ID
+   - Expect: HTTP 404 "Student not found"
+4. ✅ **Missing Student ID**
+   - Send request without student_id parameter
+   - Expect: HTTP 400 "Student ID is required"
+5. ✅ **With API Authentication**
+   - Send request with valid API key
+   - Expect: PNG image
+## 📝 Notes
+- The endpoint returns the **last payment** made by the student (most recent by date)
+- The receipt shows **all fees** for the student, not just those in the last payment
+- The receipt format matches the web-generated receipts exactly
+- Images are generated on-the-fly (not cached)
+- The endpoint supports both authenticated and unauthenticated requests (based on config)
+## 🔐 Security Considerations
+- Input validation on student ID
+- SQL injection protection (prepared statements)
+- Optional API key authentication
+- Proper error messages (no sensitive data leakage)
+- Active student verification
+## 📞 Support
+For issues or questions:
+1. Check the API documentation in `api/API_DOCUMENTATION.md`
+2. Use the test tool at `api/test_receipt.html`
+3. Review the endpoint code in `api/students/last_receipt.php`
+---
+**Version:** 1.0
+**Date:** 2026-01-16
+**Author:** AI Assistant

easypay-api/api/README.md ADDED Viewed

	@@ -0,0 +1,396 @@

+# Payment Processing API - Implementation Guide
+## 🎯 Overview
+This implementation extends the existing EasyPay application to support external payment initiation via a secure JSON API, without breaking or altering any existing internal payment workflows.
+## ✅ What Was Implemented
+### 1. **Core Architecture**
+- **`includes/PaymentProcessor.php`**: Encapsulates all payment processing logic
+  - Single source of truth for payment operations
+  - Used by both web UI and API
+  - Maintains all existing business rules
+  - Atomic transactions with rollback on error
+- **`includes/ApiValidator.php`**: Handles API validation and security
+  - Request validation (method, headers, content-type)
+  - API key authentication (optional)
+  - Input sanitization
+  - Business rule validation
+### 2. **API Endpoint**
+- **`api/payments/process.php`**: Main API endpoint
+  - Accepts JSON POST requests
+  - Validates all inputs
+  - Reuses PaymentProcessor for business logic
+  - Returns structured JSON responses
+  - Logs all API requests
+### 3. **Configuration**
+- **`config/api_config.php`**: API settings
+  - API key management
+  - Authentication toggle
+  - Logging configuration
+  - CORS settings
+### 4. **Documentation & Testing**
+- **`api/API_DOCUMENTATION.md`**: Comprehensive API documentation
+- **`api/test.html`**: Interactive API testing tool
+- **`api/.htaccess`**: Clean URLs and security headers
+## 📁 File Structure
+```
+easypay/
+├── api/
+│   ├── payments/
+│   │   └── process.php          # Main API endpoint
+│   ├── .htaccess                # URL routing & security
+│   ├── API_DOCUMENTATION.md     # Full API docs
+│   └── test.html                # API testing tool
+├── config/
+│   └── api_config.php           # API configuration
+├── includes/
+│   ├── PaymentProcessor.php     # Core payment logic
+│   └── ApiValidator.php         # API validation
+├── logs/
+│   └── api.log                  # API request logs (auto-created)
+├── db_config.php                # Database connection
+├── index.php                    # Web UI (unchanged)
+├── process_payment.php          # Web payment handler (unchanged)
+└── ajax_handlers.php            # AJAX endpoints (unchanged)
+```
+## 🚀 Quick Start
+### 1. Access the API
+**Endpoint URL:**
+```
+POST http://your-domain.com/easypay/api/payments/process
+```
+### 2. Test the API
+Open the testing tool in your browser:
+```
+http://your-domain.com/easypay/api/test.html
+```
+### 3. Send a Request
+**Example Request:**
+```bash
+curl -X POST http://localhost/easypay/api/payments/process \
+  -H "Content-Type: application/json" \
+  -d '{
+    "student_id": "000001234567890123",
+    "teller_no": "1234567890",
+    "amount": 50000
+  }'
+```
+**Example Response:**
+```json
+{
+  "status": "success",
+  "message": "Payment processed successfully",
+  "data": {
+    "student_id": "000001234567890123",
+    "teller_no": "1234567890",
+    "amount": 50000.00,
+    "payment_id": "000001234567890123202420260109",
+    "receipt_no": "STU001202420260109",
+    "payment_date": "2026-01-09",
+    "fees_settled": [...]
+  }
+}
+```
+## 🔐 Security Configuration
+### Enable API Key Authentication
+1. Edit `config/api_config.php`:
+```php
+// Enable authentication
+define('API_AUTH_ENABLED', true);
+// Add your API keys
+define('API_KEYS', [
+    'your-secret-key-123' => 'External System 1',
+    'another-secret-key-456' => 'Mobile App'
+]);
+```
+2. Include API key in requests:
+```bash
+curl -X POST http://localhost/easypay/api/payments/process \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer your-secret-key-123" \
+  -d '{...}'
+```
+## ✨ Key Features
+### ✅ Backward Compatibility
+- **Zero changes** to existing web UI
+- **Zero changes** to existing payment logic
+- **Zero changes** to database schema
+- Web and API use the same payment processor
+### ✅ Validation & Security
+- ✓ Student ID validation (must exist and be active)
+- ✓ Teller number validation (must exist with unreconciled amount)
+- ✓ Amount validation (positive, within limits)
+- ✓ Duplicate prevention (one payment per student per day)
+- ✓ SQL injection protection (prepared statements)
+- ✓ Input sanitization
+- ✓ Optional API key authentication
+- ✓ Transaction integrity (atomic operations)
+### ✅ Automatic Payment Allocation
+- Fetches all outstanding fees for the student
+- Sorts fees by session/term (oldest first)
+- Allocates payment automatically
+- Fully settles fees before moving to next
+- Partial settlement of last fee if needed
+### ✅ Comprehensive Logging
+- All API requests logged to `logs/api.log`
+- Includes timestamp, IP, request, response, status
+- Can be disabled in config
+### ✅ Error Handling
+- Structured error responses
+- Appropriate HTTP status codes
+- Detailed validation errors
+- Transaction rollback on failure
+## 🧪 Testing Checklist
+### Test Cases
+1. **✓ Valid Payment**
+   - Send valid student_id, teller_no, amount
+   - Expect HTTP 201 with payment details
+2. **✓ Invalid Student**
+   - Send non-existent student_id
+   - Expect HTTP 404 "Student not found"
+3. **✓ Invalid Teller**
+   - Send non-existent teller_no
+   - Expect HTTP 404 "Teller number not found"
+4. **✓ Excessive Amount**
+   - Send amount > unreconciled amount
+   - Expect HTTP 400 "Amount exceeds..."
+5. **✓ Duplicate Payment**
+   - Send two payments for same student on same day
+   - Expect HTTP 500 with duplicate error
+6. **✓ Missing Fields**
+   - Send request without required fields
+   - Expect HTTP 400 with validation errors
+7. **✓ Invalid JSON**
+   - Send malformed JSON
+   - Expect HTTP 400 "Invalid JSON"
+8. **✓ Wrong Content-Type**
+   - Send without application/json header
+   - Expect HTTP 400 "Invalid Content-Type"
+9. **✓ Invalid API Key** (if auth enabled)
+   - Send with wrong API key
+   - Expect HTTP 401 "Invalid API key"
+## 📊 Database Impact
+The API writes to the same tables as the web UI:
+| Table | Purpose |
+|-------|---------|
+| `tb_account_school_fee_payments` | Individual fee payments |
+| `tb_account_school_fee_sum_payments` | Aggregated payments |
+| `tb_account_student_payments` | Cumulative payment tracking |
+| `tb_account_payment_registers` | Receipt records |
+| `tb_student_logistics` | Outstanding balance updates |
+**All operations are atomic** - if any step fails, all changes are rolled back.
+## 🔍 Monitoring & Debugging
+### View API Logs
+```bash
+# View last 20 API requests
+tail -n 20 logs/api.log
+# Watch logs in real-time
+tail -f logs/api.log
+```
+### Enable Debug Mode
+In `api/payments/process.php`, change:
+```php
+error_reporting(E_ALL);
+ini_set('display_errors', 1); // Enable for debugging
+```
+## 🛠️ Troubleshooting
+### "Database connection failed"
+- Check `db_config.php` credentials
+- Ensure MySQL is running
+- Verify network connectivity
+### "Student not found"
+- Verify student exists in `tb_student_registrations`
+- Check `admission_status = 'Active'`
+### "Teller number not found"
+- Verify teller in `tb_account_bank_statements`
+- Check description format (teller is last word)
+### "No outstanding fees found"
+- Check `tb_account_receivables` for student
+- Verify fees have outstanding balance
+### API returns HTML instead of JSON
+- Check for PHP errors in the file
+- Enable error logging to see issues
+- Verify all required files are present
+## 📝 Implementation Notes
+### Design Decisions
+1. **PaymentProcessor Class**: Extracted payment logic into a reusable class to ensure both web and API use identical business rules.
+2. **Automatic Fee Selection**: The API automatically fetches and allocates to outstanding fees, simplifying the external system's integration.
+3. **Source Tracking**: Payments are marked with `source = 'api'` for audit purposes.
+4. **Current Date**: API uses current date for payments (not configurable via API for security).
+5. **Optional Authentication**: API key auth is optional to allow easy testing and gradual rollout.
+### Future Enhancements
+- Rate limiting per API key
+- Webhook notifications for payment status
+- Batch payment processing
+- Payment reversal endpoint
+- Custom payment date (with authorization)
+- IP whitelisting
+## 📚 Student API Endpoints
+### 1. **Get Last Payment Receipt Image**
+**Endpoint:** `GET /api/students/last_receipt`
+**Description:** Returns the receipt image (PNG) of the last payment made by a student.
+**Parameters:**
+- `student_id` (required): The student's unique ID
+**Example Request:**
+```bash
+curl -X GET "http://localhost/easypay/api/students/last_receipt?student_id=000001234567890123" \
+  --output receipt.png
+```
+**Success Response:**
+- **Content-Type:** `image/png`
+- **Body:** Binary PNG image data
+**Error Responses:**
+```json
+// Student ID missing
+{
+  "status": "error",
+  "message": "Student ID is required"
+}
+// Student not found
+{
+  "status": "error",
+  "message": "Student not found or inactive"
+}
+// No payment records
+{
+  "status": "error",
+  "message": "No payment records found for this student"
+}
+```
+### 2. **Get Payment Status**
+**Endpoint:** `GET /api/students/payment_status`
+**Description:** Returns payment status for a specific term.
+**Parameters:**
+- `student_id` (required): The student's unique ID
+- `academic_session` (required): Academic session (e.g., 2025)
+- `term` (required): Term number (e.g., 1, 2, 3)
+### 3. **Get Student Balance**
+**Endpoint:** `GET /api/students/balance`
+**Description:** Returns the current outstanding balance for a student.
+**Parameters:**
+- `student_id` (required): The student's unique ID
+### 4. **Get Student Invoice**
+**Endpoint:** `GET /api/students/invoice`
+**Description:** Returns detailed invoice information for a student.
+**Parameters:**
+- `student_id` (required): The student's unique ID
+- `academic_session` (optional): Filter by academic session
+- `term` (optional): Filter by term
+## 🎓 Usage Examples
+See `api/API_DOCUMENTATION.md` for detailed examples in:
+- cURL
+- PHP
+- JavaScript (Fetch API)
+- Python
+## 📞 Support
+For issues or questions:
+1. Check the API documentation
+2. Review the logs in `logs/api.log`
+3. Use the test tool at `api/test.html`
+4. Contact your system administrator
+## 📜 License
+Internal use only - ARPS School Management System
+---
+**Version:** 1.0
+**Date:** 2026-01-09
+**Author:** Senior PHP Backend Engineer

easypay-api/api/payments/process.php ADDED Viewed

	@@ -0,0 +1,340 @@

+<?php
+/**
+ * Payment API Endpoint
+ *
+ * POST /api/payments/process
+ *
+ * Accepts JSON payload to process student fee payments via external systems.
+ * This endpoint uses the same internal payment logic as the web UI.
+ *
+ * Request Format:
+ * {
+ *   "student_id": "string|integer",
+ *   "teller_no": "string",
+ *   "amount": number
+ * }
+ *
+ * Headers Required:
+ * - Content-Type: application/json
+ * - Authorization: Bearer <API_KEY> (if API_AUTH_ENABLED is true)
+ */
+// Set error reporting for production
+error_reporting(E_ALL);
+ini_set('display_errors', 0);
+// Include required files
+require_once __DIR__ . '/../../db_config.php';
+require_once __DIR__ . '/../../config/api_config.php';
+require_once __DIR__ . '/../../includes/ApiValidator.php';
+require_once __DIR__ . '/../../includes/PaymentProcessor.php';
+require_once __DIR__ . '/../../includes/ReceiptGenerator.php';
+// Set response headers
+header('Content-Type: application/json');
+// CORS headers (if enabled)
+if (defined('API_CORS_ENABLED') && API_CORS_ENABLED) {
+    header('Access-Control-Allow-Origin: ' . API_CORS_ORIGIN);
+    header('Access-Control-Allow-Methods: POST, OPTIONS');
+    header('Access-Control-Allow-Headers: Content-Type, Authorization');
+    // Handle preflight requests
+    if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
+        http_response_code(200);
+        exit;
+    }
+}
+/**
+ * Send JSON response
+ */
+function sendResponse($data, $httpCode = 200)
+{
+    http_response_code($httpCode);
+    echo json_encode($data, JSON_PRETTY_PRINT);
+    exit;
+}
+/**
+ * Log API request
+ */
+function logApiRequest($data, $response, $httpCode)
+{
+    if (!defined('API_LOG_ENABLED') || !API_LOG_ENABLED) {
+        return;
+    }
+    $logDir = dirname(API_LOG_FILE);
+    if (!is_dir($logDir)) {
+        mkdir($logDir, 0755, true);
+    }
+    $logEntry = [
+        'timestamp' => date('Y-m-d H:i:s'),
+        'ip' => $_SERVER['REMOTE_ADDR'] ?? 'unknown',
+        'method' => $_SERVER['REQUEST_METHOD'] ?? 'unknown',
+        'request' => $data,
+        'response' => $response,
+        'http_code' => $httpCode
+    ];
+    file_put_contents(
+        API_LOG_FILE,
+        json_encode($logEntry) . PHP_EOL,
+        FILE_APPEND
+    );
+}
+// Main execution
+try {
+    // Initialize validator
+    $apiKeys = defined('API_AUTH_ENABLED') && API_AUTH_ENABLED ? array_keys(API_KEYS) : [];
+    $validator = new ApiValidator($pdo, $apiKeys);
+    // Step 1: Validate request (method, headers, auth)
+    $requestValidation = $validator->validateRequest();
+    if (!$requestValidation['valid']) {
+        $response = [
+            'status' => 'error',
+            'message' => $requestValidation['error']
+        ];
+        logApiRequest([], $response, $requestValidation['http_code']);
+        sendResponse($response, $requestValidation['http_code']);
+    }
+    // Step 2: Parse JSON payload
+    $payloadValidation = $validator->parseJsonPayload();
+    if (!$payloadValidation['valid']) {
+        $response = [
+            'status' => 'error',
+            'message' => $payloadValidation['error']
+        ];
+        logApiRequest([], $response, $payloadValidation['http_code']);
+        sendResponse($response, $payloadValidation['http_code']);
+    }
+    $requestData = $payloadValidation['data'];
+    // Step 3: Validate required fields
+    $fieldValidation = $validator->validatePaymentRequest($requestData);
+    if (!$fieldValidation['valid']) {
+        $response = [
+            'status' => 'error',
+            'message' => 'Validation failed',
+            'errors' => $fieldValidation['errors']
+        ];
+        logApiRequest($requestData, $response, $fieldValidation['http_code']);
+        sendResponse($response, $fieldValidation['http_code']);
+    }
+    // Sanitize input
+    $sanitizedData = $validator->sanitizeInput($requestData);
+    // Step 4: Validate student exists
+    $studentValidation = $validator->validateStudentExists($sanitizedData['student_id']);
+    if (!$studentValidation['valid']) {
+        $response = [
+            'status' => 'error',
+            'message' => $studentValidation['error']
+        ];
+        logApiRequest($requestData, $response, $studentValidation['http_code']);
+        sendResponse($response, $studentValidation['http_code']);
+    }
+    $student = $studentValidation['student'];
+    // Add level_name for receipt
+    $result['data']['level_name'] = $student['level_name'] ?? '';
+    // Step 5: Validate teller number
+    $tellerValidation = $validator->validateTellerNumber($sanitizedData['teller_no']);
+    if (!$tellerValidation['valid']) {
+        $response = [
+            'status' => 'error',
+            'message' => $tellerValidation['error']
+        ];
+        logApiRequest($requestData, $response, $tellerValidation['http_code']);
+        sendResponse($response, $tellerValidation['http_code']);
+    }
+    $teller = $tellerValidation['teller'];
+    // Step 6: Validate amount doesn't exceed unreconciled amount
+    if ($sanitizedData['amount'] > $teller['unreconciled_amount']) {
+        $response = [
+            'status' => 'error',
+            'message' => 'Amount exceeds unreconciled amount on teller',
+            'errors' => [
+                'amount' => 'Requested amount (' . number_format($sanitizedData['amount'], 2) .
+                    ') exceeds available unreconciled amount (' .
+                    number_format($teller['unreconciled_amount'], 2) . ')'
+            ]
+        ];
+        logApiRequest($requestData, $response, 400);
+        sendResponse($response, 400);
+    }
+    // Step 7: Get outstanding fees for the student
+    $processor = new PaymentProcessor($pdo);
+    $outstandingFees = $processor->getOutstandingFees($student['id']);
+    if (empty($outstandingFees)) {
+        $response = [
+            'status' => 'error',
+            'message' => 'No outstanding fees found for this student'
+        ];
+        logApiRequest($requestData, $response, 400);
+        sendResponse($response, 400);
+    }
+    // Step 8: Prepare payment parameters
+    // The API will automatically allocate the payment to outstanding fees (oldest first)
+    $paymentParams = [
+        'student_id' => $student['id'],
+        'student_code' => $student['student_code'],
+        'selected_fees' => $outstandingFees,
+        'teller_number' => $sanitizedData['teller_no'],
+        'payment_date' => $sanitizedData['payment_date'], // Use provided date
+        'amount_to_use' => $sanitizedData['amount'],
+        'source' => 'api' // Mark this payment as API-initiated
+    ];
+    // Step 9: Process payment using the internal payment logic
+    $result = $processor->processPayment($paymentParams);
+    if ($result['success']) {
+        // Fetch ALL fees for comprehensive receipt (matching web interface behavior)
+        // This ensures the receipt shows complete fee picture, not just current transaction
+        $studentId = $result['data']['student_id'];
+        $paymentDate = $result['data']['payment_date'];
+        $receiptNo = $result['data']['receipt_no'];
+        // Fetch all fees from receivables
+        $sqlFees = "SELECT ar.fee_id, ar.actual_value as amount_billed,
+                           ar.academic_session, ar.term_of_session,
+                           sf.description as fee_description
+                    FROM tb_account_receivables ar
+                    JOIN tb_account_school_fees sf ON ar.fee_id = sf.id
+                    WHERE ar.student_id = :sid
+                    ORDER BY ar.academic_session ASC, ar.term_of_session ASC";
+        $stmtFees = $pdo->prepare($sqlFees);
+        $stmtFees->execute(['sid' => $studentId]);
+        $allFees = $stmtFees->fetchAll(PDO::FETCH_ASSOC);
+        $allocations = [];
+        $receiptTotalPaid = 0;
+        foreach ($allFees as $fee) {
+            // Calculate Paid To Date (up to this receipt's date)
+            $sqlPaid = "SELECT SUM(amount_paid) as total_paid
+                        FROM tb_account_payment_registers
+                        WHERE student_id = :sid
+                          AND fee_id = :fid
+                          AND academic_session = :as
+                          AND term_of_session = :ts
+                          AND payment_date <= :pd";
+            $stmtPaid = $pdo->prepare($sqlPaid);
+            $stmtPaid->execute([
+                'sid' => $studentId,
+                'fid' => $fee['fee_id'],
+                'as' => $fee['academic_session'],
+                'ts' => $fee['term_of_session'],
+                'pd' => $paymentDate
+            ]);
+            $paidResult = $stmtPaid->fetch(PDO::FETCH_ASSOC);
+            $paidToDate = floatval($paidResult['total_paid'] ?? 0);
+            // Calculate Amount paid IN THIS RECEIPT (for total calculation)
+            $sqlReceiptPay = "SELECT SUM(amount_paid) as receipt_paid
+                              FROM tb_account_payment_registers
+                              WHERE receipt_no = :rno
+                                AND fee_id = :fid
+                                AND academic_session = :as
+                                AND term_of_session = :ts";
+            $stmtReceiptPay = $pdo->prepare($sqlReceiptPay);
+            $stmtReceiptPay->execute([
+                'rno' => $receiptNo,
+                'fid' => $fee['fee_id'],
+                'as' => $fee['academic_session'],
+                'ts' => $fee['term_of_session']
+            ]);
+            $receiptPayResult = $stmtReceiptPay->fetch(PDO::FETCH_ASSOC);
+            $paidInReceipt = floatval($receiptPayResult['receipt_paid'] ?? 0);
+            $receiptTotalPaid += $paidInReceipt;
+            $balance = floatval($fee['amount_billed']) - $paidToDate;
+            // Show if (Balance > 0) OR (PaidInReceipt > 0)
+            // This filters out old fully paid fees but keeps current payments
+            if ($balance > 0.001 || $paidInReceipt > 0.001) {
+                $allocations[] = [
+                    'description' => $fee['fee_description'],
+                    'academic_session' => $fee['academic_session'],
+                    'term_of_session' => $fee['term_of_session'],
+                    'amount_billed' => floatval($fee['amount_billed']),
+                    'amount' => $paidInReceipt,
+                    'total_paid_to_date' => $paidToDate,
+                    'balance' => $balance
+                ];
+            }
+        }
+        // Prepare comprehensive receipt data
+        $receiptData = [
+            'receipt_no' => $receiptNo,
+            'student_name' => $student['full_name'],
+            'student_code' => $student['student_code'],
+            'level_name' => $student['level_name'] ?? '',
+            'payment_date' => $paymentDate,
+            'total_paid' => $receiptTotalPaid,
+            'allocations' => $allocations
+        ];
+        // Generate receipt with complete fee information
+        $generator = new ReceiptGenerator();
+        $receiptBase64 = $generator->generateBase64($receiptData);
+        $response = [
+            'status' => 'success',
+            'message' => $result['message'],
+            'data' => [
+                'student_id' => $result['data']['student_id'],
+                'teller_no' => $result['data']['teller_no'],
+                'amount' => $result['data']['total_paid'],
+                'payment_id' => $result['data']['transaction_id'],
+                'receipt_no' => $result['data']['receipt_no'],
+                'payment_date' => $result['data']['payment_date'],
+                'receipt_image' => $receiptBase64,
+                'fees_settled' => array_map(function ($allocation) {
+                    return [
+                        'fee_description' => $allocation['description'],
+                        'session' => $allocation['academic_session'],
+                        'term' => $allocation['term_of_session'],
+                        'amount' => $allocation['amount']
+                    ];
+                }, $result['data']['allocations'])
+            ]
+        ];
+        logApiRequest($requestData, $response, 201);
+        sendResponse($response, 201);
+    } else {
+        $response = [
+            'status' => 'error',
+            'message' => $result['message']
+        ];
+        logApiRequest($requestData, $response, 500);
+        sendResponse($response, 500);
+    }
+} catch (Exception $e) {
+    $response = [
+        'status' => 'error',
+        'message' => 'Internal server error',
+        'error_detail' => $e->getMessage() // Remove in production
+    ];
+    logApiRequest($requestData ?? [], $response, 500);
+    sendResponse($response, 500);
+}

easypay-api/api/students/balance.php ADDED Viewed

	@@ -0,0 +1,63 @@

+<?php
+/**
+ * API Endpoint: Fetch Student Outstanding Balance
+ *
+ * Returns the total outstanding balance and a breakdown of fees
+ * for all terms and sessions.
+ *
+ * Method: GET
+ * URL: /api/students/balance?student_id=...
+ */
+require_once '../../db_config.php';
+require_once '../../includes/PaymentProcessor.php';
+require_once '../../includes/ApiValidator.php';
+require_once '../../config/api_config.php';
+// Initialize core classes
+$validator = new ApiValidator($pdo, defined('API_KEYS') ? API_KEYS : []);
+$processor = new PaymentProcessor($pdo);
+// 1. Validate Request (Method & Auth)
+$validation = $validator->validateRequest(['GET']);
+if (!$validation['valid']) {
+    http_response_code($validation['http_code']);
+    echo json_encode(['status' => 'error', 'message' => $validation['error']]);
+    exit;
+}
+// 2. Validate Student ID
+$studentId = trim($_GET['student_id'] ?? '');
+if (empty($studentId)) {
+    http_response_code(400);
+    echo json_encode(['status' => 'error', 'message' => 'Student ID is required']);
+    exit;
+}
+$studentCheck = $validator->validateStudentExists($studentId);
+if (!$studentCheck['valid']) {
+    http_response_code($studentCheck['http_code']);
+    echo json_encode(['status' => 'error', 'message' => $studentCheck['error']]);
+    exit;
+}
+try {
+    // 3. Fetch Data
+    $data = $processor->getTotalOutstandingBalance($studentId);
+    // 4. Send Response
+    echo json_encode([
+        'status' => 'success',
+        'data' => $data
+    ]);
+} catch (Exception $e) {
+    // Log error (if logging enabled)
+    if (function_exists('log_api_request')) {
+        // log_api_request would be defined in api_config or similar,
+        // but for now we just handle the output.
+    }
+    http_response_code(500);
+    echo json_encode(['status' => 'error', 'message' => 'Internal server error: ' . $e->getMessage()]);
+}

easypay-api/api/students/invoice.php ADDED Viewed

	@@ -0,0 +1,74 @@

+<?php
+/**
+ * API Endpoint: Fetch Term Invoice (Fee Breakdown)
+ *
+ * Returns the breakdown of fees billed to a student for a specific term/session.
+ * Includes billed amount, paid amount, and outstanding balance per fee.
+ *
+ * Method: GET
+ * URL: /api/students/invoice?student_id=...&academic_session=...&term=...
+ */
+require_once '../../db_config.php';
+require_once '../../includes/PaymentProcessor.php';
+require_once '../../includes/ApiValidator.php';
+require_once '../../config/api_config.php';
+// Initialize core classes
+$validator = new ApiValidator($pdo, defined('API_KEYS') ? API_KEYS : []);
+$processor = new PaymentProcessor($pdo);
+// 1. Validate Request
+$validation = $validator->validateRequest(['GET']);
+if (!$validation['valid']) {
+    http_response_code($validation['http_code']);
+    echo json_encode(['status' => 'error', 'message' => $validation['error']]);
+    exit;
+}
+// 2. Validate Input Parameters
+$studentId = trim($_GET['student_id'] ?? '');
+$session = trim($_GET['academic_session'] ?? '');
+$term = trim($_GET['term'] ?? ''); // term_of_session
+$errors = [];
+if (empty($studentId))
+    $errors[] = "Student ID is required";
+if (empty($session))
+    $errors[] = "Academic Session is required";
+if (empty($term))
+    $errors[] = "Term is required";
+if (!empty($errors)) {
+    http_response_code(400);
+    echo json_encode(['status' => 'error', 'message' => implode(', ', $errors)]);
+    exit;
+}
+// 3. Validate Student Exists
+$studentCheck = $validator->validateStudentExists($studentId);
+if (!$studentCheck['valid']) {
+    http_response_code($studentCheck['http_code']);
+    echo json_encode(['status' => 'error', 'message' => $studentCheck['error']]);
+    exit;
+}
+try {
+    // 4. Fetch Data
+    $invoice = $processor->getTermInvoice($studentId, $session, $term);
+    // 5. Send Response
+    echo json_encode([
+        'status' => 'success',
+        'data' => [
+            'student_id' => $studentId,
+            'academic_session' => $session,
+            'term' => $term,
+            'items' => $invoice
+        ]
+    ]);
+} catch (Exception $e) {
+    http_response_code(500);
+    echo json_encode(['status' => 'error', 'message' => 'Internal server error: ' . $e->getMessage()]);
+}

easypay-api/api/students/last_receipt.php ADDED Viewed

	@@ -0,0 +1,209 @@

+<?php
+/**
+ * API Endpoint: Get Last Payment Receipt Image
+ *
+ * Returns the receipt image (PNG) of the last payment made by a student.
+ *
+ * Method: GET
+ * URL: /api/students/last_receipt?student_id=...
+ *
+ * Response: PNG image (binary)
+ *
+ * Error Response: JSON with error message
+ */
+require_once '../../db_config.php';
+require_once '../../includes/ReceiptGenerator.php';
+require_once '../../includes/ApiValidator.php';
+require_once '../../config/api_config.php';
+// Initialize validator
+$validator = new ApiValidator($pdo, defined('API_KEYS') ? API_KEYS : []);
+// 1. Validate Request
+$validation = $validator->validateRequest(['GET']);
+if (!$validation['valid']) {
+    http_response_code($validation['http_code']);
+    header('Content-Type: application/json');
+    echo json_encode(['status' => 'error', 'message' => $validation['error']]);
+    exit;
+}
+// 2. Validate Input Parameters
+$studentId = trim($_GET['student_id'] ?? '');
+if (empty($studentId)) {
+    http_response_code(400);
+    header('Content-Type: application/json');
+    echo json_encode(['status' => 'error', 'message' => 'Student ID is required']);
+    exit;
+}
+// 3. Validate Student Exists
+$studentCheck = $validator->validateStudentExists($studentId);
+if (!$studentCheck['valid']) {
+    http_response_code($studentCheck['http_code']);
+    header('Content-Type: application/json');
+    echo json_encode(['status' => 'error', 'message' => $studentCheck['error']]);
+    exit;
+}
+// Prevent output from messing up image headers
+ob_start();
+ini_set('display_errors', 0);
+error_reporting(E_ALL & ~E_DEPRECATED & ~E_NOTICE);
+try {
+    // 4. Fetch Last Payment Receipt Number
+    $sqlLastReceipt = "SELECT receipt_no, payment_date
+                       FROM tb_account_payment_registers
+                       WHERE student_id = :student_id
+                       ORDER BY payment_date DESC, id DESC
+                       LIMIT 1";
+    $stmt = $pdo->prepare($sqlLastReceipt);
+    $stmt->execute(['student_id' => $studentId]);
+    $lastPayment = $stmt->fetch(PDO::FETCH_ASSOC);
+    if (!$lastPayment) {
+        http_response_code(404);
+        header('Content-Type: application/json');
+        echo json_encode([
+            'status' => 'error',
+            'message' => 'No payment records found for this student'
+        ]);
+        exit;
+    }
+    $receiptNo = $lastPayment['receipt_no'];
+    $paymentDate = $lastPayment['payment_date'];
+    // 5. Fetch Receipt Meta Info (Student, Date)
+    $sqlInfo = "SELECT pr.student_id, pr.payment_date,
+                       sr.last_name, sr.first_name, sr.other_name, sr.student_code,
+                       al.level_name
+                FROM tb_account_payment_registers pr
+                JOIN tb_student_registrations sr ON pr.student_id = sr.id
+                LEFT JOIN tb_academic_levels al ON sr.level_id = al.id
+                WHERE pr.receipt_no = :receipt_no
+                LIMIT 1";
+    $stmt = $pdo->prepare($sqlInfo);
+    $stmt->execute(['receipt_no' => $receiptNo]);
+    $receiptInfo = $stmt->fetch(PDO::FETCH_ASSOC);
+    if (!$receiptInfo) {
+        http_response_code(500);
+        header('Content-Type: application/json');
+        echo json_encode([
+            'status' => 'error',
+            'message' => 'Receipt information not found'
+        ]);
+        exit;
+    }
+    $studentId = $receiptInfo['student_id'];
+    // 6. Fetch All Fees for Student (from receivables)
+    $sqlFees = "SELECT ar.fee_id, ar.actual_value as amount_billed,
+                       ar.academic_session, ar.term_of_session,
+                       sf.description as fee_description
+                FROM tb_account_receivables ar
+                JOIN tb_account_school_fees sf ON ar.fee_id = sf.id
+                WHERE ar.student_id = :sid
+                ORDER BY ar.academic_session ASC, ar.term_of_session ASC";
+    $stmtFees = $pdo->prepare($sqlFees);
+    $stmtFees->execute(['sid' => $studentId]);
+    $allFees = $stmtFees->fetchAll(PDO::FETCH_ASSOC);
+    $allocations = [];
+    $receiptTotalPaid = 0;
+    foreach ($allFees as $fee) {
+        // Calculate Paid To Date (up to this receipt's date)
+        $sqlPaid = "SELECT SUM(amount_paid) as total_paid
+                    FROM tb_account_payment_registers
+                    WHERE student_id = :sid
+                      AND fee_id = :fid
+                      AND academic_session = :as
+                      AND term_of_session = :ts
+                      AND payment_date <= :pd";
+        $stmtPaid = $pdo->prepare($sqlPaid);
+        $stmtPaid->execute([
+            'sid' => $studentId,
+            'fid' => $fee['fee_id'],
+            'as' => $fee['academic_session'],
+            'ts' => $fee['term_of_session'],
+            'pd' => $paymentDate
+        ]);
+        $paidResult = $stmtPaid->fetch(PDO::FETCH_ASSOC);
+        $paidToDate = floatval($paidResult['total_paid'] ?? 0);
+        // Calculate Amount paid IN THIS RECEIPT (for total calculation)
+        $sqlReceiptPay = "SELECT SUM(amount_paid) as receipt_paid
+                          FROM tb_account_payment_registers
+                          WHERE receipt_no = :rno
+                            AND fee_id = :fid
+                            AND academic_session = :as
+                            AND term_of_session = :ts";
+        $stmtReceiptPay = $pdo->prepare($sqlReceiptPay);
+        $stmtReceiptPay->execute([
+            'rno' => $receiptNo,
+            'fid' => $fee['fee_id'],
+            'as' => $fee['academic_session'],
+            'ts' => $fee['term_of_session']
+        ]);
+        $receiptPayResult = $stmtReceiptPay->fetch(PDO::FETCH_ASSOC);
+        $paidInReceipt = floatval($receiptPayResult['receipt_paid'] ?? 0);
+        $receiptTotalPaid += $paidInReceipt;
+        $balance = floatval($fee['amount_billed']) - $paidToDate;
+        // Condition: Show if (Balance > 0) OR (PaidInReceipt > 0)
+        // Helps filter out old fully paid fees, but keeps current payments even if they zeroed the balance
+        if ($balance > 0.001 || $paidInReceipt > 0.001) {
+            $allocations[] = [
+                'description' => $fee['fee_description'],
+                'academic_session' => $fee['academic_session'],
+                'term_of_session' => $fee['term_of_session'],
+                'amount_billed' => floatval($fee['amount_billed']),
+                'amount' => $paidInReceipt,
+                'total_paid_to_date' => $paidToDate,
+                'balance' => $balance
+            ];
+        }
+    }
+    // 7. Prepare data structure for generator
+    $data = [
+        'receipt_no' => $receiptNo,
+        'student_name' => trim($receiptInfo['last_name'] . ' ' . $receiptInfo['first_name'] . ' ' . ($receiptInfo['other_name'] ?? '')),
+        'student_code' => $receiptInfo['student_code'],
+        'level_name' => $receiptInfo['level_name'] ?? '',
+        'payment_date' => $paymentDate,
+        'total_paid' => $receiptTotalPaid,
+        'allocations' => $allocations
+    ];
+    // 8. Generate Image
+    $generator = new ReceiptGenerator();
+    $imageData = $generator->generate($data);
+    // 9. Output Image
+    ob_end_clean(); // Discard any warnings/output buffered so far
+    header('Content-Type: image/png');
+    header('Content-Disposition: inline; filename="receipt_' . $receiptNo . '.png"');
+    header('Content-Length: ' . strlen($imageData));
+    echo $imageData;
+} catch (Exception $e) {
+    ob_end_clean();
+    http_response_code(500);
+    header('Content-Type: application/json');
+    echo json_encode([
+        'status' => 'error',
+        'message' => 'Error generating receipt: ' . $e->getMessage()
+    ]);
+}

easypay-api/api/students/payment_status.php ADDED Viewed

	@@ -0,0 +1,69 @@

+<?php
+/**
+ * API Endpoint: Fetch Term Payment Status
+ *
+ * Returns a summary of payment status for a term (Billed vs Paid)
+ * and a list of transactions (receipts) associated with that term.
+ *
+ * Method: GET
+ * URL: /api/students/payment_status?student_id=...&academic_session=...&term=...
+ */
+require_once '../../db_config.php';
+require_once '../../includes/PaymentProcessor.php';
+require_once '../../includes/ApiValidator.php';
+require_once '../../config/api_config.php';
+// Initialize core classes
+$validator = new ApiValidator($pdo, defined('API_KEYS') ? API_KEYS : []);
+$processor = new PaymentProcessor($pdo);
+// 1. Validate Request
+$validation = $validator->validateRequest(['GET']);
+if (!$validation['valid']) {
+    http_response_code($validation['http_code']);
+    echo json_encode(['status' => 'error', 'message' => $validation['error']]);
+    exit;
+}
+// 2. Validate Input Parameters
+$studentId = trim($_GET['student_id'] ?? '');
+$session = trim($_GET['academic_session'] ?? '');
+$term = trim($_GET['term'] ?? '');
+$errors = [];
+if (empty($studentId))
+    $errors[] = "Student ID is required";
+if (empty($session))
+    $errors[] = "Academic Session is required";
+if (empty($term))
+    $errors[] = "Term is required";
+if (!empty($errors)) {
+    http_response_code(400);
+    echo json_encode(['status' => 'error', 'message' => implode(', ', $errors)]);
+    exit;
+}
+// 3. Validate Student Exists
+$studentCheck = $validator->validateStudentExists($studentId);
+if (!$studentCheck['valid']) {
+    http_response_code($studentCheck['http_code']);
+    echo json_encode(['status' => 'error', 'message' => $studentCheck['error']]);
+    exit;
+}
+try {
+    // 4. Fetch Data
+    $status = $processor->getTermPaymentStatus($studentId, $session, $term);
+    // 5. Send Response
+    echo json_encode([
+        'status' => 'success',
+        'data' => $status
+    ]);
+} catch (Exception $e) {
+    http_response_code(500);
+    echo json_encode(['status' => 'error', 'message' => 'Internal server error: ' . $e->getMessage()]);
+}

easypay-api/api/test.html ADDED Viewed

	@@ -0,0 +1,350 @@

+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Payment API Tester</title>
+    <style>
+        * {
+            margin: 0;
+            padding: 0;
+            box-sizing: border-box;
+        }
+        body {
+            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            min-height: 100vh;
+            padding: 20px;
+        }
+        .container {
+            max-width: 900px;
+            margin: 0 auto;
+            background: white;
+            border-radius: 12px;
+            box-shadow: 0 10px 40px rgba(0, 0, 0, 0.2);
+            padding: 40px;
+        }
+        h1 {
+            color: #333;
+            margin-bottom: 10px;
+            text-align: center;
+        }
+        .subtitle {
+            text-align: center;
+            color: #666;
+            margin-bottom: 30px;
+        }
+        .form-group {
+            margin-bottom: 20px;
+        }
+        label {
+            display: block;
+            margin-bottom: 8px;
+            color: #333;
+            font-weight: 600;
+        }
+        input[type="text"],
+        input[type="number"] {
+            width: 100%;
+            padding: 12px;
+            border: 2px solid #ddd;
+            border-radius: 6px;
+            font-size: 16px;
+            transition: border-color 0.3s;
+        }
+        input[type="text"]:focus,
+        input[type="number"]:focus {
+            outline: none;
+            border-color: #667eea;
+        }
+        .btn {
+            width: 100%;
+            padding: 14px;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            color: white;
+            border: none;
+            border-radius: 6px;
+            font-size: 16px;
+            font-weight: 600;
+            cursor: pointer;
+            transition: transform 0.3s;
+        }
+        .btn:hover {
+            transform: translateY(-2px);
+        }
+        .btn:disabled {
+            opacity: 0.6;
+            cursor: not-allowed;
+        }
+        .response-section {
+            margin-top: 30px;
+            display: none;
+        }
+        .response-section.show {
+            display: block;
+        }
+        .response-box {
+            background: #f8f9fa;
+            border-radius: 8px;
+            padding: 20px;
+            margin-top: 15px;
+        }
+        .response-box h3 {
+            margin-bottom: 15px;
+            color: #333;
+        }
+        .response-box pre {
+            background: #2d2d2d;
+            color: #f8f8f2;
+            padding: 15px;
+            border-radius: 6px;
+            overflow-x: auto;
+            font-size: 14px;
+            line-height: 1.5;
+        }
+        .status-badge {
+            display: inline-block;
+            padding: 6px 12px;
+            border-radius: 4px;
+            font-weight: 600;
+            margin-bottom: 10px;
+        }
+        .status-success {
+            background: #28a745;
+            color: white;
+        }
+        .status-error {
+            background: #dc3545;
+            color: white;
+        }
+        .info-box {
+            background: #e7f3ff;
+            border-left: 4px solid #2196F3;
+            padding: 15px;
+            margin-bottom: 20px;
+            border-radius: 4px;
+        }
+        .info-box p {
+            margin: 5px 0;
+            color: #333;
+        }
+        .checkbox-group {
+            margin-bottom: 20px;
+        }
+        .checkbox-group label {
+            display: flex;
+            align-items: center;
+            font-weight: normal;
+        }
+        .checkbox-group input[type="checkbox"] {
+            margin-right: 10px;
+            width: 18px;
+            height: 18px;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>Payment API Tester</h1>
+        <p class="subtitle">Test the Payment Processing API endpoint</p>
+        <div class="info-box">
+            <p><strong>API Endpoint:</strong> <code id="apiEndpoint"></code></p>
+            <p><strong>Method:</strong> POST</p>
+            <p><strong>Content-Type:</strong> application/json</p>
+        </div>
+        <form id="paymentForm">
+            <div class="form-group">
+                <label for="studentId">Student ID *</label>
+                <input type="text" id="studentId" name="student_id" required placeholder="e.g., 000001234567890123">
+            </div>
+            <div class="form-group">
+                <label for="tellerNo">Teller Number *</label>
+                <input type="text" id="tellerNo" name="teller_no" required placeholder="e.g., 1234567890">
+            </div>
+            <div class="form-group">
+                <label for="amount">Amount *</label>
+                <input type="number" id="amount" name="amount" step="0.01" min="0.01" required
+                    placeholder="e.g., 50000">
+            </div>
+            <div class="checkbox-group">
+                <label>
+                    <input type="checkbox" id="useAuth" name="use_auth">
+                    Use API Key Authentication
+                </label>
+            </div>
+            <div class="form-group" id="apiKeyGroup" style="display: none;">
+                <label for="apiKey">API Key</label>
+                <input type="text" id="apiKey" name="api_key" placeholder="Enter your API key">
+            </div>
+            <button type="submit" class="btn" id="submitBtn">Send Request</button>
+        </form>
+        <div class="response-section" id="responseSection">
+            <div class="response-box">
+                <h3>Response</h3>
+                <div id="statusBadge"></div>
+                <pre id="responseBody"></pre>
+            </div>
+            <div class="response-box">
+                <h3>Request Details</h3>
+                <pre id="requestDetails"></pre>
+            </div>
+        </div>
+    </div>
+    <script>
+        // Set API endpoint
+        const apiEndpoint = window.location.origin + '/easypay/api/payments/process';
+        document.getElementById('apiEndpoint').textContent = apiEndpoint;
+        // Toggle API key field
+        document.getElementById('useAuth').addEventListener('change', function () {
+            document.getElementById('apiKeyGroup').style.display = this.checked ? 'block' : 'none';
+        });
+        // Handle form submission
+        document.getElementById('paymentForm').addEventListener('submit', async function (e) {
+            e.preventDefault();
+            const submitBtn = document.getElementById('submitBtn');
+            submitBtn.disabled = true;
+            submitBtn.textContent = 'Sending...';
+            // Prepare request data
+            const requestData = {
+                student_id: document.getElementById('studentId').value,
+                teller_no: document.getElementById('tellerNo').value,
+                amount: parseFloat(document.getElementById('amount').value)
+            };
+            // Prepare headers
+            const headers = {
+                'Content-Type': 'application/json'
+            };
+            if (document.getElementById('useAuth').checked) {
+                const apiKey = document.getElementById('apiKey').value;
+                if (apiKey) {
+                    headers['Authorization'] = 'Bearer ' + apiKey;
+                }
+            }
+            try {
+                // Send request
+                const response = await fetch(apiEndpoint, {
+                    method: 'POST',
+                    headers: headers,
+                    body: JSON.stringify(requestData)
+                });
+                const responseData = await response.json();
+                // Display response
+                displayResponse(response.status, responseData, requestData, headers);
+            } catch (error) {
+                displayError(error.message, requestData, headers);
+            } finally {
+                submitBtn.disabled = false;
+                submitBtn.textContent = 'Send Request';
+            }
+        });
+        function displayResponse(status, data, request, headers) {
+            const responseSection = document.getElementById('responseSection');
+            const statusBadge = document.getElementById('statusBadge');
+            const responseBody = document.getElementById('responseBody');
+            const requestDetails = document.getElementById('requestDetails');
+            // Show response section
+            responseSection.classList.add('show');
+            // Set status badge
+            const isSuccess = status >= 200 && status < 300;
+            statusBadge.className = 'status-badge ' + (isSuccess ? 'status-success' : 'status-error');
+            statusBadge.textContent = 'HTTP ' + status + ' - ' + (isSuccess ? 'Success' : 'Error');
+            // Display response body
+            responseBody.textContent = JSON.stringify(data, null, 2);
+            // Display request details
+            const requestInfo = {
+                url: apiEndpoint,
+                method: 'POST',
+                headers: headers,
+                body: request
+            };
+            requestDetails.textContent = JSON.stringify(requestInfo, null, 2);
+            // Scroll to response
+            responseSection.scrollIntoView({ behavior: 'smooth' });
+        }
+        function displayError(message, request, headers) {
+            const responseSection = document.getElementById('responseSection');
+            const statusBadge = document.getElementById('statusBadge');
+            const responseBody = document.getElementById('responseBody');
+            const requestDetails = document.getElementById('requestDetails');
+            // Show response section
+            responseSection.classList.add('show');
+            // Set status badge
+            statusBadge.className = 'status-badge status-error';
+            statusBadge.textContent = 'Request Failed';
+            // Display error
+            responseBody.textContent = JSON.stringify({
+                error: message
+            }, null, 2);
+            // Display request details
+            const requestInfo = {
+                url: apiEndpoint,
+                method: 'POST',
+                headers: headers,
+                body: request
+            };
+            requestDetails.textContent = JSON.stringify(requestInfo, null, 2);
+            // Scroll to response
+            responseSection.scrollIntoView({ behavior: 'smooth' });
+        }
+    </script>
+</body>
+</html>

easypay-api/api/test_receipt.html ADDED Viewed

	@@ -0,0 +1,322 @@

+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Receipt API Tester</title>
+    <style>
+        * {
+            margin: 0;
+            padding: 0;
+            box-sizing: border-box;
+        }
+        body {
+            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            min-height: 100vh;
+            padding: 20px;
+        }
+        .container {
+            max-width: 900px;
+            margin: 0 auto;
+            background: white;
+            border-radius: 12px;
+            box-shadow: 0 10px 40px rgba(0, 0, 0, 0.2);
+            padding: 40px;
+        }
+        h1 {
+            color: #333;
+            margin-bottom: 10px;
+            text-align: center;
+        }
+        .subtitle {
+            text-align: center;
+            color: #666;
+            margin-bottom: 30px;
+        }
+        .form-group {
+            margin-bottom: 20px;
+        }
+        label {
+            display: block;
+            margin-bottom: 8px;
+            color: #333;
+            font-weight: 600;
+        }
+        input[type="text"] {
+            width: 100%;
+            padding: 12px;
+            border: 2px solid #ddd;
+            border-radius: 6px;
+            font-size: 16px;
+            transition: border-color 0.3s;
+        }
+        input[type="text"]:focus {
+            outline: none;
+            border-color: #667eea;
+        }
+        .btn {
+            width: 100%;
+            padding: 14px;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            color: white;
+            border: none;
+            border-radius: 6px;
+            font-size: 16px;
+            font-weight: 600;
+            cursor: pointer;
+            transition: transform 0.3s;
+            margin-bottom: 10px;
+        }
+        .btn:hover {
+            transform: translateY(-2px);
+        }
+        .btn:disabled {
+            opacity: 0.6;
+            cursor: not-allowed;
+        }
+        .btn-secondary {
+            background: linear-gradient(135deg, #28a745 0%, #20c997 100%);
+        }
+        .response-section {
+            margin-top: 30px;
+            display: none;
+        }
+        .response-section.show {
+            display: block;
+        }
+        .receipt-container {
+            background: #f8f9fa;
+            border-radius: 8px;
+            padding: 20px;
+            margin-top: 15px;
+            text-align: center;
+        }
+        .receipt-container img {
+            max-width: 100%;
+            border: 2px solid #ddd;
+            border-radius: 8px;
+            box-shadow: 0 4px 8px rgba(0, 0, 0, 0.1);
+        }
+        .error-box {
+            background: #f8d7da;
+            border: 1px solid #f5c6cb;
+            border-radius: 8px;
+            padding: 20px;
+            margin-top: 15px;
+            color: #721c24;
+        }
+        .info-box {
+            background: #e7f3ff;
+            border-left: 4px solid #2196F3;
+            padding: 15px;
+            margin-bottom: 20px;
+            border-radius: 4px;
+        }
+        .info-box p {
+            margin: 5px 0;
+            color: #333;
+        }
+        .checkbox-group {
+            margin-bottom: 20px;
+        }
+        .checkbox-group label {
+            display: flex;
+            align-items: center;
+            font-weight: normal;
+        }
+        .checkbox-group input[type="checkbox"] {
+            margin-right: 10px;
+            width: 18px;
+            height: 18px;
+        }
+        .loading {
+            text-align: center;
+            padding: 20px;
+            color: #667eea;
+            font-weight: 600;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>📄 Receipt API Tester</h1>
+        <p class="subtitle">Test the Last Payment Receipt endpoint</p>
+        <div class="info-box">
+            <p><strong>API Endpoint:</strong> <code id="apiEndpoint"></code></p>
+            <p><strong>Method:</strong> GET</p>
+            <p><strong>Response:</strong> PNG Image</p>
+        </div>
+        <form id="receiptForm">
+            <div class="form-group">
+                <label for="studentId">Student ID *</label>
+                <input type="text" id="studentId" name="student_id" required placeholder="e.g., 000001234567890123">
+            </div>
+            <div class="checkbox-group">
+                <label>
+                    <input type="checkbox" id="useAuth" name="use_auth">
+                    Use API Key Authentication
+                </label>
+            </div>
+            <div class="form-group" id="apiKeyGroup" style="display: none;">
+                <label for="apiKey">API Key</label>
+                <input type="text" id="apiKey" name="api_key" placeholder="Enter your API key">
+            </div>
+            <button type="submit" class="btn" id="submitBtn">Get Receipt</button>
+            <button type="button" class="btn btn-secondary" id="downloadBtn" style="display: none;">Download
+                Receipt</button>
+        </form>
+        <div class="response-section" id="responseSection">
+            <div id="loadingIndicator" class="loading" style="display: none;">
+                Loading receipt...
+            </div>
+            <div id="receiptContainer" class="receipt-container" style="display: none;">
+                <h3>Receipt Image</h3>
+                <img id="receiptImage" src="" alt="Receipt">
+            </div>
+            <div id="errorContainer" class="error-box" style="display: none;">
+                <h3>Error</h3>
+                <p id="errorMessage"></p>
+            </div>
+        </div>
+    </div>
+    <script>
+        // Set API endpoint
+        const apiEndpoint = window.location.origin + '/easypay/api/students/last_receipt';
+        document.getElementById('apiEndpoint').textContent = apiEndpoint;
+        let currentReceiptBlob = null;
+        // Toggle API key field
+        document.getElementById('useAuth').addEventListener('change', function () {
+            document.getElementById('apiKeyGroup').style.display = this.checked ? 'block' : 'none';
+        });
+        // Handle form submission
+        document.getElementById('receiptForm').addEventListener('submit', async function (e) {
+            e.preventDefault();
+            const submitBtn = document.getElementById('submitBtn');
+            const downloadBtn = document.getElementById('downloadBtn');
+            const responseSection = document.getElementById('responseSection');
+            const loadingIndicator = document.getElementById('loadingIndicator');
+            const receiptContainer = document.getElementById('receiptContainer');
+            const errorContainer = document.getElementById('errorContainer');
+            // Reset UI
+            submitBtn.disabled = true;
+            submitBtn.textContent = 'Loading...';
+            downloadBtn.style.display = 'none';
+            responseSection.classList.add('show');
+            loadingIndicator.style.display = 'block';
+            receiptContainer.style.display = 'none';
+            errorContainer.style.display = 'none';
+            // Prepare URL
+            const studentId = document.getElementById('studentId').value;
+            const url = `${apiEndpoint}?student_id=${encodeURIComponent(studentId)}`;
+            // Prepare headers
+            const headers = {};
+            if (document.getElementById('useAuth').checked) {
+                const apiKey = document.getElementById('apiKey').value;
+                if (apiKey) {
+                    headers['Authorization'] = 'Bearer ' + apiKey;
+                }
+            }
+            try {
+                // Send request
+                const response = await fetch(url, {
+                    method: 'GET',
+                    headers: headers
+                });
+                loadingIndicator.style.display = 'none';
+                if (response.ok) {
+                    // Success - display image
+                    const blob = await response.blob();
+                    currentReceiptBlob = blob;
+                    const imageUrl = URL.createObjectURL(blob);
+                    document.getElementById('receiptImage').src = imageUrl;
+                    receiptContainer.style.display = 'block';
+                    downloadBtn.style.display = 'block';
+                } else {
+                    // Error - try to parse JSON error
+                    const contentType = response.headers.get('content-type');
+                    if (contentType && contentType.includes('application/json')) {
+                        const errorData = await response.json();
+                        displayError(errorData.message || 'Unknown error occurred');
+                    } else {
+                        displayError(`HTTP ${response.status}: ${response.statusText}`);
+                    }
+                }
+            } catch (error) {
+                loadingIndicator.style.display = 'none';
+                displayError('Request failed: ' + error.message);
+            } finally {
+                submitBtn.disabled = false;
+                submitBtn.textContent = 'Get Receipt';
+            }
+        });
+        // Handle download button
+        document.getElementById('downloadBtn').addEventListener('click', function () {
+            if (currentReceiptBlob) {
+                const url = URL.createObjectURL(currentReceiptBlob);
+                const a = document.createElement('a');
+                a.href = url;
+                a.download = 'receipt_' + document.getElementById('studentId').value + '.png';
+                document.body.appendChild(a);
+                a.click();
+                document.body.removeChild(a);
+                URL.revokeObjectURL(url);
+            }
+        });
+        function displayError(message) {
+            const errorContainer = document.getElementById('errorContainer');
+            const errorMessage = document.getElementById('errorMessage');
+            errorMessage.textContent = message;
+            errorContainer.style.display = 'block';
+        }
+    </script>
+</body>
+</html>

easypay-api/assets/logo.png ADDED Viewed

easypay-api/config/api_config.php ADDED Viewed

	@@ -0,0 +1,30 @@

+<?php
+/**
+ * API Configuration
+ *
+ * Configuration settings for the Payment API
+ */
+// API Keys for authentication
+// Add your API keys here. Leave empty to disable API key authentication.
+// Example: ['key1' => 'My App', 'key2' => 'External System']
+define('API_KEYS', [
+    // 'your-secret-api-key-here' => 'System Name',
+    // Add more API keys as needed
+]);
+// Enable/Disable API key authentication
+// Set to false for testing, true for production
+define('API_AUTH_ENABLED', false);
+// API logging
+define('API_LOG_ENABLED', true);
+define('API_LOG_FILE', __DIR__ . '/../logs/api.log');
+// CORS settings (if needed for external systems)
+define('API_CORS_ENABLED', false);
+define('API_CORS_ORIGIN', '*'); // Use specific domain in production
+// Rate limiting (future implementation)
+define('API_RATE_LIMIT_ENABLED', false);
+define('API_RATE_LIMIT_REQUESTS', 100); // requests per minute

easypay-api/db_config.php ADDED Viewed

	@@ -0,0 +1,27 @@

+<?php
+/**
+ * Database Configuration
+ * PDO connection for one_arps_aci database
+ */
+// Database credentials
+define('DB_HOST', 'o2.service.oyster.cloud76.cc:3306');
+define('DB_NAME', 'one_arps_aci');
+define('DB_USER', 'root');
+define('DB_PASS', 'password');
+define('DB_CHARSET', 'utf8mb4');
+// PDO options - D55-system-2-beasts-jungle-sky-birth cs_admin
+$options = [
+    PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
+    PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
+    PDO::ATTR_EMULATE_PREPARES   => false,
+];
+// Create PDO instance
+try {
+    $dsn = "mysql:host=" . DB_HOST . ";dbname=" . DB_NAME . ";charset=" . DB_CHARSET;
+    $pdo = new PDO($dsn, DB_USER, DB_PASS, $options);
+} catch (PDOException $e) {
+    die("Database connection failed: " . $e->getMessage());
+}

easypay-api/download_receipt.php ADDED Viewed

	@@ -0,0 +1,134 @@

+<?php
+require_once 'db_config.php';
+require_once 'includes/ReceiptGenerator.php';
+// Prevent output from messing up image headers
+ob_start();
+ini_set('display_errors', 0);
+error_reporting(E_ALL & ~E_DEPRECATED & ~E_NOTICE);
+// Validate input
+$receiptNo = $_GET['receipt_no'] ?? '';
+if (empty($receiptNo)) {
+    die("Receipt number is required.");
+}
+try {
+    // 1. Fetch Receipt Meta Info (Student, Date)
+    $sqlInfo = "SELECT pr.student_id, pr.payment_date,
+                       sr.last_name, sr.first_name, sr.other_name, sr.student_code,
+                       al.level_name
+                FROM tb_account_payment_registers pr
+                JOIN tb_student_registrations sr ON pr.student_id = sr.id
+                LEFT JOIN tb_academic_levels al ON sr.level_id = al.id
+                WHERE pr.receipt_no = :receipt_no
+                LIMIT 1";
+    $stmt = $pdo->prepare($sqlInfo);
+    $stmt->execute(['receipt_no' => $receiptNo]);
+    $receiptInfo = $stmt->fetch(PDO::FETCH_ASSOC);
+    if (!$receiptInfo) {
+        die("Receipt not found.");
+    }
+    $studentId = $receiptInfo['student_id'];
+    $paymentDate = $receiptInfo['payment_date'];
+    // 2. Fetch All Fees for Student (from receivables)
+    $sqlFees = "SELECT ar.fee_id, ar.actual_value as amount_billed,
+                       ar.academic_session, ar.term_of_session,
+                       sf.description as fee_description
+                FROM tb_account_receivables ar
+                JOIN tb_account_school_fees sf ON ar.fee_id = sf.id
+                WHERE ar.student_id = :sid
+                ORDER BY ar.academic_session ASC, ar.term_of_session ASC";
+    $stmtFees = $pdo->prepare($sqlFees);
+    $stmtFees->execute(['sid' => $studentId]);
+    $allFees = $stmtFees->fetchAll(PDO::FETCH_ASSOC);
+    $allocations = [];
+    $receiptTotalPaid = 0;
+    foreach ($allFees as $fee) {
+        // Calculate Paid To Date (up to this receipt's date)
+        $sqlPaid = "SELECT SUM(amount_paid) as total_paid
+                    FROM tb_account_payment_registers
+                    WHERE student_id = :sid
+                      AND fee_id = :fid
+                      AND academic_session = :as
+                      AND term_of_session = :ts
+                      AND payment_date <= :pd";
+        $stmtPaid = $pdo->prepare($sqlPaid);
+        $stmtPaid->execute([
+            'sid' => $studentId,
+            'fid' => $fee['fee_id'],
+            'as' => $fee['academic_session'],
+            'ts' => $fee['term_of_session'],
+            'pd' => $paymentDate
+        ]);
+        $paidResult = $stmtPaid->fetch(PDO::FETCH_ASSOC);
+        $paidToDate = floatval($paidResult['total_paid'] ?? 0);
+        // Calculate Amount paid IN THIS RECEIPT (for total calculation)
+        $sqlReceiptPay = "SELECT SUM(amount_paid) as receipt_paid
+                          FROM tb_account_payment_registers
+                          WHERE receipt_no = :rno
+                            AND fee_id = :fid
+                            AND academic_session = :as
+                            AND term_of_session = :ts";
+        $stmtReceiptPay = $pdo->prepare($sqlReceiptPay);
+        $stmtReceiptPay->execute([
+            'rno' => $receiptNo,
+            'fid' => $fee['fee_id'],
+            'as' => $fee['academic_session'],
+            'ts' => $fee['term_of_session']
+        ]);
+        $receiptPayResult = $stmtReceiptPay->fetch(PDO::FETCH_ASSOC);
+        $paidInReceipt = floatval($receiptPayResult['receipt_paid'] ?? 0);
+        $receiptTotalPaid += $paidInReceipt;
+        $balance = floatval($fee['amount_billed']) - $paidToDate;
+        // Condition: Show if (Balance > 0) OR (PaidInReceipt > 0)
+        // Helps filter out old fully paid fees, but keeps current payments even if they zeroed the balance
+        if ($balance > 0.001 || $paidInReceipt > 0.001) {
+            $allocations[] = [
+                'description' => $fee['fee_description'],
+                'academic_session' => $fee['academic_session'],
+                'term_of_session' => $fee['term_of_session'],
+                'amount_billed' => floatval($fee['amount_billed']),
+                'amount' => $paidInReceipt,
+                'total_paid_to_date' => $paidToDate,
+                'balance' => $balance
+            ];
+        }
+    }
+    // 3. Prepare data structure for generator
+    $data = [
+        'receipt_no' => $receiptNo,
+        'student_name' => trim($receiptInfo['last_name'] . ' ' . $receiptInfo['first_name'] . ' ' . ($receiptInfo['other_name'] ?? '')),
+        'student_code' => $receiptInfo['student_code'],
+        'level_name' => $receiptInfo['level_name'] ?? '',
+        'payment_date' => $paymentDate,
+        'total_paid' => $receiptTotalPaid,
+        'allocations' => $allocations
+    ];
+    // 4. Generate Image
+    $generator = new ReceiptGenerator();
+    $imageData = $generator->generate($data);
+    // 5. Output
+    ob_end_clean(); // Discard any warnings/output buffered so far
+    header('Content-Type: image/png');
+    header('Content-Disposition: attachment; filename="receipt_' . $receiptNo . '.png"');
+    header('Content-Length: ' . strlen($imageData));
+    echo $imageData;
+} catch (Exception $e) {
+    die("Error generating receipt: " . $e->getMessage());
+}

easypay-api/includes/ApiValidator.php ADDED Viewed

	@@ -0,0 +1,293 @@

+<?php
+/**
+ * ApiValidator Class
+ *
+ * Handles API request validation, authentication, and input sanitization
+ */
+class ApiValidator
+{
+    private $pdo;
+    private $apiKeys;
+    public function __construct($pdo, $apiKeys = [])
+    {
+        $this->pdo = $pdo;
+        $this->apiKeys = $apiKeys;
+    }
+    /**
+     * Validate API request
+     * Checks Content-Type and optionally validates API key
+     *
+     * @param array $allowedMethods Array of allowed HTTP methods (e.g. ['POST', 'GET'])
+     * @return array Validation result
+     */
+    public function validateRequest($allowedMethods = ['POST'])
+    {
+        // Check request method
+        $method = $_SERVER['REQUEST_METHOD'];
+        if (!in_array($method, $allowedMethods)) {
+            return [
+                'valid' => false,
+                'error' => "Invalid request method. Allowed: " . implode(', ', $allowedMethods),
+                'http_code' => 405
+            ];
+        }
+        // Check Content-Type header (only for methods with body)
+        if (in_array($method, ['POST', 'PUT', 'PATCH'])) {
+            $contentType = $_SERVER['CONTENT_TYPE'] ?? '';
+            if (stripos($contentType, 'application/json') === false) {
+                return [
+                    'valid' => false,
+                    'error' => 'Invalid Content-Type. Expected application/json',
+                    'http_code' => 400
+                ];
+            }
+        }
+        // Validate API key if configured
+        if (!empty($this->apiKeys)) {
+            $authHeader = $_SERVER['HTTP_AUTHORIZATION'] ?? '';
+            if (empty($authHeader)) {
+                return [
+                    'valid' => false,
+                    'error' => 'Missing Authorization header',
+                    'http_code' => 401
+                ];
+            }
+            // Extract Bearer token
+            if (!preg_match('/Bearer\s+(.*)$/i', $authHeader, $matches)) {
+                return [
+                    'valid' => false,
+                    'error' => 'Invalid Authorization header format. Expected: Bearer <API_KEY>',
+                    'http_code' => 401
+                ];
+            }
+            $apiKey = $matches[1];
+            if (!in_array($apiKey, $this->apiKeys)) {
+                return [
+                    'valid' => false,
+                    'error' => 'Invalid API key',
+                    'http_code' => 401
+                ];
+            }
+        }
+        return ['valid' => true];
+    }
+    /**
+     * Parse and validate JSON payload
+     *
+     * @return array Parsed data or error
+     */
+    public function parseJsonPayload()
+    {
+        $rawInput = file_get_contents('php://input');
+        if (empty($rawInput)) {
+            return [
+                'valid' => false,
+                'error' => 'Empty request body',
+                'http_code' => 400
+            ];
+        }
+        $data = json_decode($rawInput, true);
+        if (json_last_error() !== JSON_ERROR_NONE) {
+            return [
+                'valid' => false,
+                'error' => 'Invalid JSON: ' . json_last_error_msg(),
+                'http_code' => 400
+            ];
+        }
+        return [
+            'valid' => true,
+            'data' => $data
+        ];
+    }
+    /**
+     * Validate payment request fields
+     *
+     * @param array $data Request data
+     * @return array Validation result with errors
+     */
+    public function validatePaymentRequest($data)
+    {
+        $errors = [];
+        // Validate student_id
+        if (empty($data['student_id'])) {
+            $errors['student_id'] = 'Student ID is required';
+        } elseif (!is_string($data['student_id']) && !is_numeric($data['student_id'])) {
+            $errors['student_id'] = 'Student ID must be a string or number';
+        }
+        // Validate teller_no
+        if (empty($data['teller_no'])) {
+            $errors['teller_no'] = 'Teller number is required';
+        } elseif (!is_string($data['teller_no']) && !is_numeric($data['teller_no'])) {
+            $errors['teller_no'] = 'Teller number must be a string or number';
+        }
+        // Validate amount
+        if (!isset($data['amount'])) {
+            $errors['amount'] = 'Amount is required';
+        } elseif (!is_numeric($data['amount'])) {
+            $errors['amount'] = 'Amount must be a number';
+        } elseif (floatval($data['amount']) <= 0) {
+            $errors['amount'] = 'Amount must be greater than zero';
+        }
+        // Validate payment_date
+        if (empty($data['payment_date'])) {
+            $errors['payment_date'] = 'Payment date is required';
+        } elseif (!strtotime($data['payment_date'])) {
+            $errors['payment_date'] = 'Invalid payment date format';
+        }
+        if (!empty($errors)) {
+            return [
+                'valid' => false,
+                'errors' => $errors,
+                'http_code' => 400
+            ];
+        }
+        return ['valid' => true];
+    }
+    /**
+     * Validate student exists in database
+     *
+     * @param string $studentId Student ID
+     * @return array Validation result with student data
+     */
+    public function validateStudentExists($studentId)
+    {
+        $sql = "SELECT sr.id, sr.student_code,
+                       CONCAT(sr.last_name, ' ', sr.first_name, ' ', COALESCE(sr.other_name, '')) AS full_name,
+                       sr.admission_status,
+                       al.level_name
+                FROM tb_student_registrations sr
+                LEFT JOIN tb_academic_levels al ON sr.level_id = al.id
+                WHERE sr.id = :student_id";
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute(['student_id' => $studentId]);
+        $student = $stmt->fetch();
+        if (!$student) {
+            return [
+                'valid' => false,
+                'error' => "Student not found (ID searched: '$studentId')",
+                'http_code' => 404
+            ];
+        }
+        if ($student['admission_status'] !== 'Active') {
+            return [
+                'valid' => false,
+                'error' => 'Student is not active',
+                'http_code' => 400
+            ];
+        }
+        return [
+            'valid' => true,
+            'student' => $student
+        ];
+    }
+    /**
+     * Validate teller number exists and has unreconciled amount
+     *
+     * @param string $tellerNo Teller number
+     * @return array Validation result with teller data
+     */
+    public function validateTellerNumber($tellerNo)
+    {
+        $sql = "SELECT
+                    bs.id,
+                    bs.description,
+                    bs.amount_paid,
+                    bs.payment_date,
+                    COALESCE(fp.total_registered_fee, 0.00) AS registered_amount,
+                    (bs.amount_paid - COALESCE(fp.total_registered_fee, 0.00)) AS unreconciled_amount
+                FROM tb_account_bank_statements bs
+                LEFT JOIN (
+                    SELECT teller_no, SUM(amount_paid) AS total_registered_fee
+                    FROM tb_account_school_fee_payments
+                    GROUP BY teller_no
+                ) fp ON SUBSTRING_INDEX(bs.description, ' ', -1) = fp.teller_no
+                WHERE SUBSTRING_INDEX(bs.description, ' ', -1) = :teller_number
+                LIMIT 1";
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute(['teller_number' => $tellerNo]);
+        $teller = $stmt->fetch();
+        if (!$teller) {
+            return [
+                'valid' => false,
+                'error' => 'Teller number not found',
+                'http_code' => 404
+            ];
+        }
+        if ($teller['unreconciled_amount'] <= 0) {
+            return [
+                'valid' => false,
+                'error' => 'Teller number has no unreconciled amount',
+                'http_code' => 400
+            ];
+        }
+        return [
+            'valid' => true,
+            'teller' => $teller
+        ];
+    }
+    /**
+     * Check for duplicate teller number usage
+     * Prevents the same teller number from being used multiple times
+     *
+     * @param string $tellerNo Teller number
+     * @param string $studentId Student ID (optional, for better error message)
+     * @return array Validation result
+     */
+    public function checkTellerDuplicate($tellerNo, $studentId = null)
+    {
+        // Note: The system allows the same teller to be used for different students
+        // This check is to ensure the teller has available unreconciled amount
+        // The actual duplicate check is handled by the validateTellerNumber method
+        return ['valid' => true];
+    }
+    /**
+     * Sanitize input data
+     *
+     * @param array $data Input data
+     * @return array Sanitized data
+     */
+    public function sanitizeInput($data)
+    {
+        return [
+            'student_id' => trim($data['student_id'] ?? ''),
+            'teller_no' => trim($data['teller_no'] ?? ''),
+            'amount' => floatval($data['amount'] ?? 0),
+            'payment_date' => trim($data['payment_date'] ?? '')
+        ];
+    }
+}

easypay-api/includes/PaymentProcessor.php ADDED Viewed

	@@ -0,0 +1,691 @@

+<?php
+/**
+ * PaymentProcessor Class
+ *
+ * Encapsulates the core payment processing logic.
+ * This is the single source of truth for payment operations.
+ * Used by both the web UI and the API.
+ */
+class PaymentProcessor
+{
+    private $pdo;
+    // Constants for payment processing
+    private const CREDIT_BANK_ID = '000001373634585148';
+    private const DEBIT_BANK_ID = '514297805530965017';
+    private const PAYMODE_ID = '000001373901891416';
+    private const RECIPIENT_ID = 'SS0011441283890434';
+    private const PAYMENT_BY = 'SS0011441283890434';
+    private const CREATED_BY = 'SS0011441283890434';
+    private const CREATED_AS = 'school';
+    private const PAYMENT_STATUS = 'Approved';
+    private const PAYMODE_CATEGORY = 'BANK';
+    public function __construct($pdo)
+    {
+        $this->pdo = $pdo;
+    }
+    /**
+     * Process a payment transaction
+     *
+     * @param array $params Payment parameters
+     * @return array Result with success status, message, and payment details
+     * @throws Exception on validation or processing errors
+     */
+    public function processPayment(array $params)
+    {
+        // Extract and validate parameters
+        $studentId = $params['student_id'] ?? '';
+        $studentCode = $params['student_code'] ?? '';
+        $selectedFees = $params['selected_fees'] ?? [];
+        $tellerNumber = $params['teller_number'] ?? '';
+        $paymentDate = $params['payment_date'] ?? '';
+        $amountToUse = floatval($params['amount_to_use'] ?? 0);
+        $source = $params['source'] ?? 'web'; // Track payment source (web/api)
+        // Validate required fields
+        if (
+            empty($studentId) || empty($studentCode) || empty($selectedFees) ||
+            empty($tellerNumber) || empty($paymentDate) || $amountToUse <= 0
+        ) {
+            throw new Exception('Missing required fields');
+        }
+        // Validate selected fees is an array
+        if (!is_array($selectedFees) || count($selectedFees) === 0) {
+            throw new Exception('No fees selected');
+        }
+        // Sort fees by academic_session ASC, term_of_session ASC (oldest to newest)
+        usort($selectedFees, function ($a, $b) {
+            if ($a['academic_session'] != $b['academic_session']) {
+                return $a['academic_session'] - $b['academic_session'];
+            }
+            return $a['term_of_session'] - $b['term_of_session'];
+        });
+        // Re-fetch bank statement to verify
+        $bankStatement = $this->getBankStatement($tellerNumber);
+        if (!$bankStatement) {
+            throw new Exception('Bank statement not found for teller number: ' . $tellerNumber);
+        }
+        // Verify unreconciled amount
+        if ($amountToUse > $bankStatement['unreconciled_amount']) {
+            throw new Exception('Amount exceeds unreconciled amount on teller');
+        }
+        // Extract teller name and number from description
+        $descParts = explode(' ', $bankStatement['description']);
+        $tellerNo = array_pop($descParts);
+        $tellerName = implode(' ', $descParts);
+        // Use the oldest fee's session/term for transaction_id
+        $dominantSession = $selectedFees[0]['academic_session'];
+        $dominantTerm = $selectedFees[0]['term_of_session'];
+        // Generate transaction_id
+        $transactionId = $studentId . $dominantSession . $paymentDate;
+        // STEP 1: Guard check - prevent duplicate payments on same date
+        $this->checkDuplicatePayment($studentId, $paymentDate);
+        // STEP 2: Allocate payment across fees (oldest to newest)
+        $feeAllocations = $this->allocatePaymentToFees($selectedFees, $amountToUse);
+        if (count($feeAllocations) === 0) {
+            throw new Exception('No fees could be allocated');
+        }
+        // Calculate total paid
+        $totalPaid = array_sum(array_column($feeAllocations, 'amount'));
+        // Generate receipt_no (used across all fee records)
+        $receiptNo = $studentCode . $paymentDate;
+        // STEP 3: Execute database transaction
+        $this->pdo->beginTransaction();
+        try {
+            // 3a) INSERT into tb_account_school_fee_payments (per fee)
+            $this->insertSchoolFeePayments(
+                $feeAllocations,
+                $studentId,
+                $studentCode,
+                $transactionId,
+                $tellerNo,
+                $tellerName,
+                $paymentDate
+            );
+            // 3b) INSERT into tb_account_school_fee_sum_payments (single record)
+            $this->insertSumPayment(
+                $studentId,
+                $totalPaid,
+                $paymentDate,
+                $transactionId,
+                $dominantSession,
+                $dominantTerm
+            );
+            // 3c) INSERT into tb_account_student_payments (per fee)
+            $this->insertStudentPayments(
+                $feeAllocations,
+                $studentId,
+                $studentCode,
+                $transactionId,
+                $paymentDate
+            );
+            // 3d) INSERT into tb_account_payment_registers (per fee)
+            $this->insertPaymentRegisters(
+                $feeAllocations,
+                $studentId,
+                $studentCode,
+                $receiptNo,
+                $paymentDate,
+                $transactionId
+            );
+            // 3e) UPDATE tb_student_logistics
+            $this->updateStudentLogistics($feeAllocations, $studentId);
+            // Commit transaction
+            $this->pdo->commit();
+            // Fetch fee descriptions for display
+            $feeDescriptions = $this->getFeeDescriptions($feeAllocations);
+            // Prepare payment details for display
+            foreach ($feeAllocations as $key => $allocation) {
+                $feeAllocations[$key]['description'] = $feeDescriptions[$allocation['fee_id']] ?? 'Unknown Fee';
+                $feeAllocations[$key]['total_paid_to_date'] = $allocation['previous_paid'] + $allocation['amount'];
+                $feeAllocations[$key]['balance'] = $allocation['amount_billed'] - $feeAllocations[$key]['total_paid_to_date'];
+            }
+            return [
+                'success' => true,
+                'message' => 'Payment processed successfully',
+                'data' => [
+                    'student_id' => $studentId,
+                    'student_code' => $studentCode,
+                    'payment_date' => $paymentDate,
+                    'teller_no' => $tellerNo,
+                    'teller_name' => $tellerName,
+                    'total_paid' => $totalPaid,
+                    'receipt_no' => $receiptNo,
+                    'transaction_id' => $transactionId,
+                    'allocations' => $feeAllocations,
+                    'remaining_unreconciled' => $bankStatement['unreconciled_amount'] - $totalPaid,
+                    'source' => $source
+                ]
+            ];
+        } catch (Exception $e) {
+            $this->pdo->rollBack();
+            throw new Exception('Transaction failed: ' . $e->getMessage());
+        }
+    }
+    /**
+     * Get bank statement by teller number
+     */
+    private function getBankStatement($tellerNumber)
+    {
+        $sql = "SELECT
+                    bs.id,
+                    bs.description,
+                    bs.amount_paid,
+                    bs.payment_date,
+                    COALESCE(fp.total_registered_fee, 0.00) AS registered_amount,
+                    (bs.amount_paid - COALESCE(fp.total_registered_fee, 0.00)) AS unreconciled_amount
+                FROM tb_account_bank_statements bs
+                LEFT JOIN (
+                    SELECT teller_no, SUM(amount_paid) AS total_registered_fee
+                    FROM tb_account_school_fee_payments
+                    GROUP BY teller_no
+                ) fp ON SUBSTRING_INDEX(bs.description, ' ', -1) = fp.teller_no
+                WHERE SUBSTRING_INDEX(bs.description, ' ', -1) = :teller_number
+                LIMIT 1";
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute(['teller_number' => $tellerNumber]);
+        return $stmt->fetch();
+    }
+    /**
+     * Check for duplicate payment on the same date
+     */
+    private function checkDuplicatePayment($studentId, $paymentDate)
+    {
+        $sql = "SELECT COUNT(*) AS cnt
+                FROM tb_account_school_fee_sum_payments
+                WHERE student_id = :student_id
+                  AND payment_date = :payment_date";
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute([
+            'student_id' => $studentId,
+            'payment_date' => $paymentDate
+        ]);
+        $duplicateCheck = $stmt->fetch();
+        if ($duplicateCheck['cnt'] > 0) {
+            throw new Exception('A payment for this student has already been registered on this date (' . $paymentDate . ')');
+        }
+    }
+    /**
+     * Allocate payment amount across fees (oldest to newest)
+     */
+    private function allocatePaymentToFees($selectedFees, $amountToUse)
+    {
+        $feeAllocations = [];
+        $remainingAmount = $amountToUse;
+        foreach ($selectedFees as $fee) {
+            if ($remainingAmount <= 0) {
+                break;
+            }
+            $outstandingAmount = floatval($fee['outstanding_amount']);
+            if ($remainingAmount >= $outstandingAmount) {
+                // Fully settle this fee
+                $amountForThisFee = $outstandingAmount;
+                $remainingAmount -= $outstandingAmount;
+            } else {
+                // Partially settle this fee
+                $amountForThisFee = $remainingAmount;
+                $remainingAmount = 0;
+            }
+            $feeAllocations[] = [
+                'fee_id' => $fee['fee_id'],
+                'academic_session' => $fee['academic_session'],
+                'term_of_session' => $fee['term_of_session'],
+                'amount' => $amountForThisFee,
+                'amount_billed' => floatval($fee['amount_billed'] ?? 0),
+                'previous_paid' => floatval($fee['amount_paid'] ?? 0)
+            ];
+        }
+        return $feeAllocations;
+    }
+    /**
+     * Insert records into tb_account_school_fee_payments
+     */
+    private function insertSchoolFeePayments(
+        $feeAllocations,
+        $studentId,
+        $studentCode,
+        $transactionId,
+        $tellerNo,
+        $tellerName,
+        $paymentDate
+    ) {
+        foreach ($feeAllocations as $allocation) {
+            $schoolFeePaymentId = $studentCode . $allocation['fee_id'] . $paymentDate;
+            $sql = "INSERT INTO tb_account_school_fee_payments (
+                        id, fee_id, student_id, transaction_id, amount_paid,
+                        teller_no, teller_name, credit_bank_id, debit_bank_id,
+                        paymode_id, payment_status, payment_date, recipient_id,
+                        academic_session, term_of_session, payment_by, payment_on
+                    ) VALUES (
+                        :id, :fee_id, :student_id, :transaction_id, :amount_paid,
+                        :teller_no, :teller_name, :credit_bank_id, :debit_bank_id,
+                        :paymode_id, :payment_status, :payment_date, :recipient_id,
+                        :academic_session, :term_of_session, :payment_by, NOW()
+                    )";
+            $stmt = $this->pdo->prepare($sql);
+            $stmt->execute([
+                'id' => $schoolFeePaymentId,
+                'fee_id' => $allocation['fee_id'],
+                'student_id' => $studentId,
+                'transaction_id' => $transactionId,
+                'amount_paid' => $allocation['amount'],
+                'teller_no' => $tellerNo,
+                'teller_name' => $tellerName,
+                'credit_bank_id' => self::CREDIT_BANK_ID,
+                'debit_bank_id' => self::DEBIT_BANK_ID,
+                'paymode_id' => self::PAYMODE_ID,
+                'payment_status' => self::PAYMENT_STATUS,
+                'payment_date' => $paymentDate,
+                'recipient_id' => self::RECIPIENT_ID,
+                'academic_session' => $allocation['academic_session'],
+                'term_of_session' => $allocation['term_of_session'],
+                'payment_by' => self::PAYMENT_BY
+            ]);
+        }
+    }
+    /**
+     * Insert record into tb_account_school_fee_sum_payments
+     */
+    private function insertSumPayment(
+        $studentId,
+        $totalPaid,
+        $paymentDate,
+        $transactionId,
+        $dominantSession,
+        $dominantTerm
+    ) {
+        $sumPaymentsId = $studentId . $dominantSession . $paymentDate;
+        $sql = "INSERT INTO tb_account_school_fee_sum_payments (
+                    id, student_id, total_paid, paymode_id, payment_date,
+                    credit_bank_id, debit_bank_id, transaction_id, status,
+                    academic_session, term_of_session, registered_by, registered_on
+                ) VALUES (
+                    :id, :student_id, :total_paid, :paymode_id, :payment_date,
+                    :credit_bank_id, :debit_bank_id, :transaction_id, :status,
+                    :academic_session, :term_of_session, :registered_by, NOW()
+                )";
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute([
+            'id' => $sumPaymentsId,
+            'student_id' => $studentId,
+            'total_paid' => $totalPaid,
+            'paymode_id' => self::PAYMODE_ID,
+            'payment_date' => $paymentDate,
+            'credit_bank_id' => self::CREDIT_BANK_ID,
+            'debit_bank_id' => self::DEBIT_BANK_ID,
+            'transaction_id' => $transactionId,
+            'status' => self::PAYMENT_STATUS,
+            'academic_session' => $dominantSession,
+            'term_of_session' => $dominantTerm,
+            'registered_by' => self::CREATED_BY
+        ]);
+    }
+    /**
+     * Insert records into tb_account_student_payments
+     */
+    private function insertStudentPayments(
+        $feeAllocations,
+        $studentId,
+        $studentCode,
+        $transactionId,
+        $paymentDate
+    ) {
+        foreach ($feeAllocations as $allocation) {
+            // Get current payment_to_date (sum of all previous payments for this fee/session/term)
+            $sql = "SELECT SUM(payment_to_date) AS current_total
+                    FROM tb_account_student_payments
+                    WHERE student_id = :student_id
+                      AND fee_id = :fee_id
+                      AND academic_session = :academic_session
+                      AND term_of_session = :term_of_session";
+            $stmt = $this->pdo->prepare($sql);
+            $stmt->execute([
+                'student_id' => $studentId,
+                'fee_id' => $allocation['fee_id'],
+                'academic_session' => $allocation['academic_session'],
+                'term_of_session' => $allocation['term_of_session']
+            ]);
+            $currentPayment = $stmt->fetch();
+            $newPaymentToDate = $allocation['amount'];
+            $studentPaymentId = $studentCode . $allocation['fee_id'] . $paymentDate;
+            $sql = "INSERT INTO tb_account_student_payments (
+                        id, fee_id, student_id, payment_to_date, transaction_id,
+                        academic_session, term_of_session, created_by, created_as, created_on
+                    ) VALUES (
+                        :id, :fee_id, :student_id, :payment_to_date, :transaction_id,
+                        :academic_session, :term_of_session, :created_by, :created_as, NOW()
+                    )";
+            $stmt = $this->pdo->prepare($sql);
+            $stmt->execute([
+                'id' => $studentPaymentId,
+                'fee_id' => $allocation['fee_id'],
+                'student_id' => $studentId,
+                'payment_to_date' => $newPaymentToDate,
+                'transaction_id' => $transactionId,
+                'academic_session' => $allocation['academic_session'],
+                'term_of_session' => $allocation['term_of_session'],
+                'created_by' => self::CREATED_BY,
+                'created_as' => self::CREATED_AS
+            ]);
+        }
+    }
+    /**
+     * Insert records into tb_account_payment_registers
+     */
+    private function insertPaymentRegisters(
+        $feeAllocations,
+        $studentId,
+        $studentCode,
+        $receiptNo,
+        $paymentDate,
+        $transactionId
+    ) {
+        foreach ($feeAllocations as $allocation) {
+            $paymentRegisterId = $studentCode . $allocation['fee_id'] . $paymentDate;
+            $sql = "INSERT INTO tb_account_payment_registers (
+                        id, fee_id, student_id, amount_paid, amount_due,
+                        receipt_no, recipient_id, payment_date, paymode_category,
+                        transaction_id, academic_session, term_of_session,
+                        created_by, created_as, created_on
+                    ) VALUES (
+                        :id, :fee_id, :student_id, :amount_paid, :amount_due,
+                        :receipt_no, :recipient_id, :payment_date, :paymode_category,
+                        :transaction_id, :academic_session, :term_of_session,
+                        :created_by, :created_as, NOW()
+                    )";
+            $stmt = $this->pdo->prepare($sql);
+            $stmt->execute([
+                'id' => $paymentRegisterId,
+                'fee_id' => $allocation['fee_id'],
+                'student_id' => $studentId,
+                'amount_paid' => $allocation['amount'],
+                'amount_due' => $allocation['amount'],
+                'receipt_no' => $receiptNo,
+                'recipient_id' => self::RECIPIENT_ID,
+                'payment_date' => $paymentDate,
+                'paymode_category' => self::PAYMODE_CATEGORY,
+                'transaction_id' => $transactionId,
+                'academic_session' => $allocation['academic_session'],
+                'term_of_session' => $allocation['term_of_session'],
+                'created_by' => self::CREATED_BY,
+                'created_as' => self::CREATED_AS
+            ]);
+        }
+    }
+    /**
+     * Update tb_student_logistics to reduce outstanding fees
+     */
+    private function updateStudentLogistics($feeAllocations, $studentId)
+    {
+        // Group allocations by session/term to update specific records
+        $sessionTermTotals = [];
+        foreach ($feeAllocations as $allocation) {
+            $key = $allocation['academic_session'] . '-' . $allocation['term_of_session'];
+            if (!isset($sessionTermTotals[$key])) {
+                $sessionTermTotals[$key] = [
+                    'academic_session' => $allocation['academic_session'],
+                    'term_of_session' => $allocation['term_of_session'],
+                    'total' => 0
+                ];
+            }
+            $sessionTermTotals[$key]['total'] += $allocation['amount'];
+        }
+        // Update each session/term record
+        foreach ($sessionTermTotals as $st) {
+            $sql = "UPDATE tb_student_logistics
+                    SET fees_outstanding = GREATEST(0, fees_outstanding - :total_paid)
+                    WHERE student_id = :student_id
+                      AND academic_session = :academic_session
+                      AND term_of_session = :term_of_session";
+            $stmt = $this->pdo->prepare($sql);
+            $stmt->execute([
+                'total_paid' => $st['total'],
+                'student_id' => $studentId,
+                'academic_session' => $st['academic_session'],
+                'term_of_session' => $st['term_of_session']
+            ]);
+        }
+    }
+    /**
+     * Get fee descriptions for display
+     */
+    private function getFeeDescriptions($feeAllocations)
+    {
+        $feeIds = array_column($feeAllocations, 'fee_id');
+        $placeholders = implode(',', array_fill(0, count($feeIds), '?'));
+        $sql = "SELECT id, description FROM tb_account_school_fees WHERE id IN ($placeholders)";
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute($feeIds);
+        return $stmt->fetchAll(PDO::FETCH_KEY_PAIR);
+    }
+    /**
+     * Validate student exists
+     */
+    public function validateStudent($studentId)
+    {
+        $sql = "SELECT id, student_code,
+                       CONCAT(last_name, ' ', first_name, ' ', COALESCE(other_name, '')) AS full_name
+                FROM tb_student_registrations
+                WHERE id = :student_id AND admission_status = 'Active'";
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute(['student_id' => $studentId]);
+        return $stmt->fetch();
+    }
+    /**
+     * Get outstanding fees for a student
+     */
+    public function getOutstandingFees($studentId)
+    {
+        $sql = "SELECT
+                    ar.fee_id,
+                    sf.description AS fee_description,
+                    ar.academic_session,
+                    ar.term_of_session,
+                    ar.actual_value AS amount_billed,
+                    COALESCE(SUM(sp.payment_to_date), 0) AS amount_paid,
+                    (ar.actual_value - COALESCE(SUM(sp.payment_to_date), 0)) AS outstanding_amount
+                FROM tb_account_receivables ar
+                INNER JOIN tb_account_school_fees sf ON ar.fee_id = sf.id
+                LEFT JOIN tb_account_student_payments sp ON
+                    ar.student_id = sp.student_id AND
+                    ar.fee_id = sp.fee_id AND
+                    ar.academic_session = sp.academic_session AND
+                    ar.term_of_session = sp.term_of_session
+                WHERE ar.student_id = :student_id
+                GROUP BY ar.fee_id, ar.academic_session, ar.term_of_session, sf.description, ar.actual_value
+                HAVING outstanding_amount > 0
+                ORDER BY ar.academic_session ASC, ar.term_of_session ASC";
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute(['student_id' => $studentId]);
+        return $stmt->fetchAll();
+    }
+    /**
+     * Get total outstanding balance with breakdown
+     *
+     * @param string $studentId
+     * @return array Total and breakdown
+     */
+    public function getTotalOutstandingBalance($studentId)
+    {
+        // Reuse getOutstandingFees as it already provides the breakdown of unpaid items
+        $breakdown = $this->getOutstandingFees($studentId);
+        $totalOutstanding = 0;
+        foreach ($breakdown as $item) {
+            $totalOutstanding += floatval($item['outstanding_amount']);
+        }
+        return [
+            'student_id' => $studentId,
+            'currency' => 'NGN',
+            'total_outstanding' => $totalOutstanding,
+            'breakdown' => $breakdown
+        ];
+    }
+    /**
+     * Get invoice (fee breakdown) for a specific term
+     * Shows all fees billed, paid, and balance
+     *
+     * @param string $studentId
+     * @param string $session
+     * @param string $term
+     * @return array List of fees
+     */
+    public function getTermInvoice($studentId, $session, $term)
+    {
+        $sql = "SELECT
+                    ar.fee_id,
+                    sf.description,
+                    ar.actual_value AS amount_billed,
+                    COALESCE(SUM(sp.payment_to_date), 0) AS amount_paid,
+                    (ar.actual_value - COALESCE(SUM(sp.payment_to_date), 0)) AS balance
+                FROM tb_account_receivables ar
+                INNER JOIN tb_account_school_fees sf ON ar.fee_id = sf.id
+                LEFT JOIN tb_account_student_payments sp ON
+                    ar.student_id = sp.student_id AND
+                    ar.fee_id = sp.fee_id AND
+                    ar.academic_session = sp.academic_session AND
+                    ar.term_of_session = sp.term_of_session
+                WHERE ar.student_id = :student_id
+                  AND ar.academic_session = :session
+                  AND ar.term_of_session = :term
+                GROUP BY ar.fee_id, sf.description, ar.actual_value";
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute([
+            'student_id' => $studentId,
+            'session' => $session,
+            'term' => $term
+        ]);
+        return $stmt->fetchAll();
+    }
+    /**
+     * Get payment status summary and transactions for a term
+     *
+     * @param string $studentId
+     * @param string $session
+     * @param string $term
+     * @return array Summary and transactions
+     */
+    public function getTermPaymentStatus($studentId, $session, $term)
+    {
+        // 1. Get Summary (Billed vs Paid)
+        // We can use getTermInvoice to aggregate this
+        $invoiceItems = $this->getTermInvoice($studentId, $session, $term);
+        $totalBilled = 0;
+        $totalPaid = 0;
+        $totalBalance = 0;
+        foreach ($invoiceItems as $item) {
+            $totalBilled += floatval($item['amount_billed']);
+            $totalPaid += floatval($item['amount_paid']);
+            $totalBalance += floatval($item['balance']);
+        }
+        // 2. Get Transactions (Payments made for this term)
+        // We look at the sum_payments table or specific fee payments
+        // Using sum_payments is better for receipts, but it tracks 'dominant' session/term.
+        // A better approach for "transactions" might be to look at where the money went.
+        // However, usually we want to see "Receipts issued for this term".
+        // Let's query tb_account_payment_registers which tracks receipts per fee,
+        // or tb_account_school_fee_sum_payments which tracks the main transaction.
+        // Let's use tb_account_school_fee_sum_payments for the main "Transactions" list
+        // filtering by the session/term assigned to the payment.
+        $sql = "SELECT
+                    payment_date,
+                    total_paid AS amount,
+                    transaction_id,
+                    id AS payment_ref
+                FROM tb_account_school_fee_sum_payments
+                WHERE student_id = :student_id
+                  AND academic_session = :session
+                  AND term_of_session = :term
+                ORDER BY payment_date DESC";
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute([
+            'student_id' => $studentId,
+            'session' => $session,
+            'term' => $term
+        ]);
+        $transactions = $stmt->fetchAll();
+        return [
+            'summary' => [
+                'total_billed' => $totalBilled,
+                'total_paid' => $totalPaid,
+                'outstanding' => $totalBalance
+            ],
+            'transactions' => $transactions
+        ];
+    }
+}

easypay-api/includes/ReceiptGenerator.php ADDED Viewed

	@@ -0,0 +1,283 @@

+<?php
+class ReceiptGenerator
+{
+    private $fontPath;
+    private $logoPath;
+    public function __construct()
+    {
+        if (!extension_loaded('gd')) {
+            throw new Exception("The PHP GD extension is not enabled. Please enable it in your php.ini or install php-gd.");
+        }
+        // Try to find a suitable font
+        $fonts = [
+            'C:/Windows/Fonts/arial.ttf',
+            '/usr/share/fonts/truetype/dejavu/DejaVuSans.ttf',
+            '/usr/share/fonts/truetype/liberation/LiberationSans-Regular.ttf',
+            '/usr/share/fonts/TTF/arial.ttf'
+        ];
+        $this->fontPath = null;
+        foreach ($fonts as $font) {
+            if (file_exists($font)) {
+                $this->fontPath = $font;
+                break;
+            }
+        }
+        $this->logoPath = __DIR__ . '/../assets/logo.png';
+    }
+    public function generate($data)
+    {
+        $width = 900; // Increased width to accommodate 6 columns comfortably
+        // Calculate dynamic height
+        $baseHeight = 450;
+        $rowHeight = 40;
+        $numRows = count($data['allocations'] ?? []);
+        $height = $baseHeight + ($numRows * $rowHeight) + 150;
+        $image = imagecreatetruecolor($width, $height);
+        // Colors
+        $white = imagecolorallocate($image, 255, 255, 255);
+        $black = imagecolorallocate($image, 0, 0, 0);
+        $grey = imagecolorallocate($image, 100, 100, 100);
+        $lightGrey = imagecolorallocate($image, 240, 240, 240);
+        imagefilledrectangle($image, 0, 0, $width, $height, $white);
+        // Logo
+        if (file_exists($this->logoPath)) {
+            $logo = @imagecreatefrompng($this->logoPath);
+            if ($logo) {
+                $logoW = imagesx($logo);
+                $logoH = imagesy($logo);
+                $targetW = 100;
+                $targetH = ($targetW / $logoW) * $logoH;
+                imagecopyresampled($image, $logo, 40, 30, 0, 0, (int) $targetW, (int) $targetH, (int) $logoW, (int) $logoH);
+            }
+        }
+        // School Name Logic
+        $schoolName = "ACE JUNIOR COLLEGE";
+        $levelName = isset($data['level_name']) ? strtoupper($data['level_name']) : '';
+        // Check for Senior classes (SSS 1, SSS 2, SSS 3, or Senior)
+        if (strpos($levelName, 'SSS') !== false || strpos($levelName, 'SENIOR') !== false) {
+            $schoolName = "ACE SENIOR COLLEGE";
+        }
+        // Header
+        $this->centerText($image, 18, 50, $schoolName, $black);
+        $this->centerText($image, 10, 75, "...education for excellence", $grey);
+        $this->centerText($image, 10, 100, "1, Ebute - Igbogbo Road, Ipakodo, Ikorodu, Lagos, Nigeria", $black);
+        $this->centerText($image, 10, 120, "Phone No(s): 08027449739, 08077275777", $black);
+        $this->centerText($image, 10, 140, "mailto:info@acecollege.com.ng https://www.acecollege.com.ng", $black);
+        // Receipt Title
+        $titleY = 180;
+        $receiptNo = $data['receipt_no'] ?? 'N/A';
+        $this->centerText($image, 12, $titleY, "SCHOOL FEES RECEIPT - REFERENCE NO: $receiptNo", $black);
+        // Session Info
+        $session = $data['allocations'][0]['academic_session'] ?? '----';
+        $term = $data['allocations'][0]['term_of_session'] ?? '-';
+        $nextSession = is_numeric($session) ? ($session + 1) : '';
+        $levelPart = isset($data['level_name']) ? ' - ' . strtoupper($data['level_name']) : '';
+        $sessionStr = "$session/$nextSession ACADEMIC SESSION, TERM $term" . $levelPart;
+        $this->centerText($image, 10, $titleY + 25, $sessionStr, $grey);
+        // Student Box
+        $boxY = 230;
+        imagerectangle($image, 40, $boxY, $width - 40, $boxY + 40, $grey);
+        // We expect student_name to be passed in $data. If not, fallback.
+        $studentName = isset($data['student_name']) ? strtoupper($data['student_name']) : (isset($data['student_code']) ? "STUDENT CODE: " . $data['student_code'] : 'UNKNOWN STUDENT');
+        $this->centerText($image, 14, $boxY + 26, $studentName, $grey);
+        // Table Header
+        $tableY = 300;
+        // 6 Columns: Description, Term/Session, Amount Billed, Amount Paid, Paid To Date, To Balance
+        // Width 900. Margins 40. Active 820.
+        // Approx X: 40, 320, 440, 560, 680, 800 (Right Boundary for last col is width-40 = 860)
+        // Let's adjust spacing.
+        $cols = [40, 300, 440, 550, 660, 780];
+        imageline($image, 40, $tableY, $width - 40, $tableY, $black);
+        imageline($image, 40, $tableY + 30, $width - 40, $tableY + 30, $black);
+        if ($this->fontPath) {
+            imagettftext($image, 8, 0, $cols[0], $tableY + 20, $black, $this->fontPath, "FEE DESCRIPTION");
+            imagettftext($image, 8, 0, $cols[1], $tableY + 20, $black, $this->fontPath, "TERM/SESSION");
+            imagettftext($image, 8, 0, $cols[2], $tableY + 20, $black, $this->fontPath, "AMOUNT BILLED");
+            imagettftext($image, 8, 0, $cols[3], $tableY + 20, $black, $this->fontPath, "AMOUNT PAID");
+            imagettftext($image, 8, 0, $cols[4], $tableY + 20, $black, $this->fontPath, "PAID TO DATE");
+            imagettftext($image, 8, 0, $cols[5], $tableY + 20, $black, $this->fontPath, "TO BALANCE");
+        } else {
+            // Fallback font
+            imagestring($image, 3, $cols[0], $tableY + 5, "FEE DESCRIPTION", $black);
+            imagestring($image, 3, $cols[1], $tableY + 5, "TERM/SESSION", $black);
+            imagestring($image, 3, $cols[2], $tableY + 5, "BILLED", $black);
+            imagestring($image, 3, $cols[3], $tableY + 5, "PAID", $black);
+            imagestring($image, 3, $cols[4], $tableY + 5, "PAID TO DATE", $black);
+            imagestring($image, 3, $cols[5], $tableY + 5, "TO BALANCE", $black);
+        }
+        // Rows
+        $currY = $tableY + 30;
+        $totalBilled = 0;
+        $totalPaidToDate = 0;
+        $totalBalance = 0;
+        // Total Paid is passed from outside
+        $totalAmountPaid = 0;
+        if (isset($data['allocations']) && is_array($data['allocations'])) {
+            foreach ($data['allocations'] as $alloc) {
+                $desc = $alloc['description'];
+                $session = $alloc['academic_session'] ?? '';
+                $term = $alloc['term_of_session'] ?? '';
+                // Format: Term/Session e.g. "1/2025" or "1st/2025"
+                // Assuming simpler "1/2025" format for space
+                $termSessionStr = "$term/$session";
+                $billedVal = $alloc['amount_billed'] ?? 0;
+                $paidVal = $alloc['amount'] ?? 0;
+                $paidToDateVal = $alloc['total_paid_to_date'] ?? 0;
+                $balanceVal = $alloc['balance'] ?? 0;
+                $totalBilled += $billedVal;
+                $totalAmountPaid += $paidVal;
+                $totalPaidToDate += $paidToDateVal;
+                $totalBalance += $balanceVal;
+                $billed = number_format($billedVal, 2);
+                $paid = number_format($paidVal, 2);
+                $paidToDate = number_format($paidToDateVal, 2);
+                $balance = number_format($balanceVal, 2);
+                $currY += 30;
+                if ($this->fontPath) {
+                    imagettftext($image, 8, 0, $cols[0], $currY, $black, $this->fontPath, substr($desc, 0, 35));
+                    imagettftext($image, 8, 0, $cols[1], $currY, $black, $this->fontPath, $termSessionStr); // Term/Session
+                } else {
+                    imagestring($image, 3, $cols[0], $currY - 10, substr($desc, 0, 35), $black);
+                    imagestring($image, 3, $cols[1], $currY - 10, $termSessionStr, $black);
+                }
+                // Right Alignment using approx right boundaries
+                // Col 2 (Billed): starts 440. Right align around 530?
+                // Col 3 (Paid): starts 550.
+                // Col 4 (PTD): starts 660.
+                // Col 5 (Bal): starts 780.
+                $rbBilled = 530;
+                $rbPaid = 640;
+                $rbPTD = 760;
+                $rbBal = $width - 40;
+                $this->rightAlignText($image, 8, $rbBilled, $currY, $billed, $black);
+                $this->rightAlignText($image, 8, $rbPaid, $currY, $paid, $black);
+                $this->rightAlignText($image, 8, $rbPTD, $currY, $paidToDate, $black);
+                $this->rightAlignText($image, 8, $rbBal, $currY, $balance, $black);
+            }
+        }
+        // Total Row
+        $currY += 20;
+        imageline($image, 40, $currY, $width - 40, $currY, $black);
+        $currY += 26;
+        $totalPaidStr = number_format($data['total_paid'] ?? 0, 2);
+        $totalBilledStr = number_format($totalBilled, 2);
+        $totalPaidToDateStr = number_format($totalPaidToDate, 2);
+        $totalBalanceStr = number_format($totalBalance, 2);
+        // Columns for totals
+        $rbBilled = 530;
+        $rbPaid = 640;
+        $rbPTD = 760;
+        $rbBal = $width - 40;
+        $this->rightAlignText($image, 9, $rbBilled, $currY, $totalBilledStr, $grey);
+        $this->rightAlignText($image, 9, $rbPaid, $currY, $totalPaidStr, $grey);
+        $this->rightAlignText($image, 9, $rbPTD, $currY, $totalPaidToDateStr, $grey);
+        $this->rightAlignText($image, 9, $rbBal, $currY, $totalBalanceStr, $grey);
+        imageline($image, 40, $currY + 14, $width - 40, $currY + 14, $black);
+        // Footer
+        $footerY = $currY + 50;
+        if ($this->fontPath) {
+            imagettftext($image, 9, 0, 40, $footerY, $black, $this->fontPath, "RECEIPT DULY VERIFIED BY");
+            imagettftext($image, 9, 0, 40, $footerY + 20, $black, $this->fontPath, "BURSAR'S OFFICE");
+        } else {
+            imagestring($image, 3, 40, $footerY - 10, "RECEIPT DULY VERIFIED BY", $black);
+            imagestring($image, 3, 40, $footerY + 10, "BURSAR'S OFFICE", $black);
+        }
+        $receivedY = $footerY;
+        $this->rightAlignText($image, 9, $width - 40, $receivedY, "RECEIVED IN", $black);
+        $this->rightAlignText($image, 9, $width - 40, $receivedY + 15, "BANK", $black);
+        $this->rightAlignText($image, 9, $width - 40, $receivedY + 40, "RECEIVED ON", $black);
+        $dateStr = isset($data['payment_date']) ? strtoupper(date("F d, Y", strtotime($data['payment_date']))) : date("F d, Y");
+        $this->rightAlignText($image, 9, $width - 40, $receivedY + 55, $dateStr, $black);
+        ob_start();
+        imagepng($image);
+        $content = ob_get_clean();
+        imagedestroy($image);
+        return $content;
+    }
+    public function generateBase64($data)
+    {
+        $content = $this->generate($data);
+        return base64_encode($content);
+    }
+    private function centerText($image, $size, $y, $text, $color)
+    {
+        if ($this->fontPath) {
+            try {
+                $box = imagettfbbox($size, 0, $this->fontPath, $text);
+                $textW = $box[2] - $box[0];
+                $x = (int) ((imagesx($image) - $textW) / 2);
+                imagettftext($image, $size, 0, $x, (int) $y, $color, $this->fontPath, $text);
+                return;
+            } catch (Exception $e) {
+                // Fallthrough to built-in font
+            }
+        }
+        // Fallback or if fontPath is missing
+        $gdSize = (int) min(5, max(1, floor($size / 3)));
+        $charWidth = imagefontwidth($gdSize);
+        $textW = strlen($text) * $charWidth;
+        $x = (int) ((imagesx($image) - $textW) / 2);
+        imagestring($image, $gdSize, $x, (int) $y, $text, $color);
+    }
+    private function rightAlignText($image, $size, $rightX, $y, $text, $color)
+    {
+        if ($this->fontPath) {
+            try {
+                $box = imagettfbbox($size, 0, $this->fontPath, $text);
+                $textW = $box[2] - $box[0];
+                $x = (int) ($rightX - $textW);
+                imagettftext($image, $size, 0, $x, (int) $y, $color, $this->fontPath, $text);
+                return;
+            } catch (Exception $e) {
+                // Fallthrough
+            }
+        }
+        $gdSize = (int) min(5, max(1, floor($size / 3)));
+        $charWidth = imagefontwidth($gdSize);
+        $x = (int) ($rightX - (strlen($text) * $charWidth));
+        imagestring($image, $gdSize, $x, (int) $y, $text, $color);
+    }
+}

easypay-api/index.php ADDED Viewed

	@@ -0,0 +1,711 @@

+<?php
+/**
+ * Student Fee Payment Registration - Main Page
+ * Search for students and display outstanding fees
+ */
+require_once 'db_config.php';
+$studentData = null;
+$outstandingFees = [];
+$studentId = $_GET['student_id'] ?? '';
+// If student is selected, fetch their data and outstanding fees
+if (!empty($studentId)) {
+    try {
+        // Fetch student details
+        $sql = "SELECT
+                    sr.id,
+                    sr.student_code,
+                    CONCAT(sr.last_name, ' ', sr.first_name, ' ', COALESCE(sr.other_name, '')) AS full_name,
+                    al.level_name
+                FROM tb_student_registrations sr
+                LEFT JOIN tb_academic_levels al ON al.id = sr.level_id
+                WHERE sr.id = :student_id";
+        $stmt = $pdo->prepare($sql);
+        $stmt->execute(['student_id' => $studentId]);
+        $studentData = $stmt->fetch();
+        if ($studentData) {
+            // Fetch outstanding fees per fee_id
+            $sql = "SELECT
+			ar.id AS receivable_id,
+    			ar.fee_id,
+    			asf.description AS fee_description,
+    			ar.academic_session,
+    			ar.term_of_session,
+    			ar.actual_value AS billed_amount,
+    			COALESCE(asp.total_paid_for_period, 0) AS total_paid, -- Renamed column for clarity
+    			(ar.actual_value - COALESCE(asp.total_paid_for_period, 0)) AS outstanding_amount,
+    			ar.created_on
+		FROM
+    			tb_account_receivables ar
+		JOIN
+    			tb_account_school_fees asf ON asf.id = ar.fee_id
+		LEFT JOIN (
+    			-- Subquery now calculates total payments specific to a session, term, and fee
+    			SELECT
+        			fee_id,
+        			student_id,
+        			academic_session,
+        			term_of_session,
+        			SUM(payment_to_date) AS total_paid_for_period
+    			FROM
+        			tb_account_student_payments
+    			GROUP BY
+        			fee_id,
+        			student_id,
+        			academic_session,
+        			term_of_session
+			) asp ON asp.fee_id = ar.fee_id
+     				AND asp.student_id = ar.student_id
+     				AND asp.academic_session = ar.academic_session
+     				AND asp.term_of_session = ar.term_of_session
+			WHERE
+    				ar.student_id = :student_id
+    				AND ar.academic_session > 2023
+    				-- Only show records where the calculated outstanding amount is greater than zero
+    				AND (ar.actual_value - COALESCE(asp.total_paid_for_period, 0)) > 0
+			ORDER BY
+    				ar.academic_session ASC, ar.term_of_session ASC, ar.created_on ASC";
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute(['student_id' => $studentId]);
+            $outstandingFees = $stmt->fetchAll();
+        }
+    } catch (PDOException $e) {
+        $error = "Error fetching student data: " . $e->getMessage();
+    }
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Student Fee Payment Registration</title>
+    <style>
+        * {
+            margin: 0;
+            padding: 0;
+            box-sizing: border-box;
+        }
+        body {
+            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            min-height: 100vh;
+            padding: 20px;
+        }
+        .container {
+            max-width: 1200px;
+            margin: 0 auto;
+            background: white;
+            border-radius: 12px;
+            box-shadow: 0 10px 40px rgba(0, 0, 0, 0.2);
+            padding: 30px;
+        }
+        h1 {
+            color: #333;
+            margin-bottom: 30px;
+            text-align: center;
+            font-size: 28px;
+        }
+        .search-section {
+            margin-bottom: 30px;
+            padding: 20px;
+            background: #f8f9fa;
+            border-radius: 8px;
+        }
+        .search-box {
+            position: relative;
+        }
+        .search-box label {
+            display: block;
+            margin-bottom: 8px;
+            font-weight: 600;
+            color: #555;
+        }
+        .search-box input {
+            width: 100%;
+            padding: 12px 15px;
+            border: 2px solid #ddd;
+            border-radius: 6px;
+            font-size: 16px;
+            transition: border-color 0.3s;
+        }
+        .search-box input:focus {
+            outline: none;
+            border-color: #667eea;
+        }
+        .search-results {
+            position: absolute;
+            top: 100%;
+            left: 0;
+            right: 0;
+            background: white;
+            border: 2px solid #667eea;
+            border-top: none;
+            border-radius: 0 0 6px 6px;
+            max-height: 300px;
+            overflow-y: auto;
+            display: none;
+            z-index: 1000;
+            box-shadow: 0 4px 6px rgba(0, 0, 0, 0.1);
+        }
+        .search-results.active {
+            display: block;
+        }
+        .search-result-item {
+            padding: 12px 15px;
+            cursor: pointer;
+            border-bottom: 1px solid #eee;
+            transition: background-color 0.2s;
+        }
+        .search-result-item:hover {
+            background-color: #f0f0f0;
+        }
+        .search-result-item:last-child {
+            border-bottom: none;
+        }
+        .student-code {
+            color: #667eea;
+            font-weight: 600;
+            margin-right: 10px;
+        }
+        .student-details {
+            margin-bottom: 30px;
+            padding: 20px;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            color: white;
+            border-radius: 8px;
+        }
+        .student-details h2 {
+            margin-bottom: 10px;
+            font-size: 24px;
+        }
+        .student-details p {
+            font-size: 16px;
+            margin-bottom: 5px;
+        }
+        .fees-section {
+            margin-bottom: 30px;
+        }
+        .fees-section h3 {
+            margin-bottom: 15px;
+            color: #333;
+            font-size: 20px;
+        }
+        table {
+            width: 100%;
+            border-collapse: collapse;
+            margin-bottom: 20px;
+        }
+        th,
+        td {
+            padding: 12px;
+            text-align: left;
+            border-bottom: 1px solid #ddd;
+        }
+        th {
+            background-color: #667eea;
+            color: white;
+            font-weight: 600;
+        }
+        tr:hover {
+            background-color: #f8f9fa;
+        }
+        .amount {
+            text-align: right;
+            font-family: 'Courier New', monospace;
+        }
+        .btn {
+            padding: 12px 30px;
+            border: none;
+            border-radius: 6px;
+            font-size: 16px;
+            font-weight: 600;
+            cursor: pointer;
+            transition: all 0.3s;
+        }
+        .btn-primary {
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            color: white;
+        }
+        .btn-primary:hover {
+            transform: translateY(-2px);
+            box-shadow: 0 5px 15px rgba(102, 126, 234, 0.4);
+        }
+        .btn-primary:disabled {
+            background: #ccc;
+            cursor: not-allowed;
+            transform: none;
+        }
+        .modal {
+            display: none;
+            position: fixed;
+            top: 0;
+            left: 0;
+            width: 100%;
+            height: 100%;
+            background: rgba(0, 0, 0, 0.5);
+            z-index: 2000;
+            align-items: center;
+            justify-content: center;
+        }
+        .modal.active {
+            display: flex;
+        }
+        .modal-content {
+            background: white;
+            padding: 30px;
+            border-radius: 12px;
+            max-width: 600px;
+            width: 90%;
+            max-height: 90vh;
+            overflow-y: auto;
+        }
+        .modal-header {
+            margin-bottom: 20px;
+        }
+        .modal-header h2 {
+            color: #333;
+            font-size: 22px;
+        }
+        .form-group {
+            margin-bottom: 20px;
+        }
+        .form-group label {
+            display: block;
+            margin-bottom: 8px;
+            font-weight: 600;
+            color: #555;
+        }
+        .form-group input,
+        .form-group textarea {
+            width: 100%;
+            padding: 10px 12px;
+            border: 2px solid #ddd;
+            border-radius: 6px;
+            font-size: 14px;
+            font-family: inherit;
+        }
+        .form-group input:focus,
+        .form-group textarea:focus {
+            outline: none;
+            border-color: #667eea;
+        }
+        .form-group input[readonly] {
+            background-color: #f0f0f0;
+            cursor: not-allowed;
+        }
+        .modal-actions {
+            display: flex;
+            gap: 10px;
+            justify-content: flex-end;
+            margin-top: 25px;
+        }
+        .btn-secondary {
+            background: #6c757d;
+            color: white;
+        }
+        .btn-secondary:hover {
+            background: #5a6268;
+        }
+        .error {
+            color: #dc3545;
+            font-size: 14px;
+            margin-top: 5px;
+        }
+        .success {
+            color: #28a745;
+            font-size: 14px;
+            margin-top: 5px;
+        }
+        .alert {
+            padding: 15px;
+            border-radius: 6px;
+            margin-bottom: 20px;
+        }
+        .alert-error {
+            background-color: #f8d7da;
+            color: #721c24;
+            border: 1px solid #f5c6cb;
+        }
+        .total-row {
+            font-weight: bold;
+            background-color: #f0f0f0;
+        }
+        .loading {
+            display: inline-block;
+            width: 16px;
+            height: 16px;
+            border: 3px solid #f3f3f3;
+            border-top: 3px solid #667eea;
+            border-radius: 50%;
+            animation: spin 1s linear infinite;
+            margin-left: 10px;
+        }
+        @keyframes spin {
+            0% {
+                transform: rotate(0deg);
+            }
+            100% {
+                transform: rotate(360deg);
+            }
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>Student Fee Payment Registration</h1>
+        <?php if (isset($error)): ?>
+            <div class="alert alert-error"><?php echo htmlspecialchars($error); ?></div>
+        <?php endif; ?>
+        <!-- Student Search Section -->
+        <div class="search-section">
+            <div class="search-box">
+                <label for="studentSearch">Search Student (by name or student code)</label>
+                <input type="text" id="studentSearch" placeholder="Type to search..." autocomplete="off">
+                <div class="search-results" id="searchResults"></div>
+            </div>
+        </div>
+        <?php if ($studentData): ?>
+            <!-- Student Details -->
+            <div class="student-details">
+                <h2><?php echo htmlspecialchars($studentData['full_name']); ?></h2>
+                <p><strong>Student Code:</strong> <?php echo htmlspecialchars($studentData['student_code']); ?></p>
+                <p><strong>Academic Level:</strong> <?php echo htmlspecialchars($studentData['level_name'] ?? 'N/A'); ?></p>
+            </div>
+            <?php if (count($outstandingFees) > 0): ?>
+                <!-- Outstanding Fees Section -->
+                <div class="fees-section">
+                    <h3>Outstanding Fees</h3>
+                    <form id="paymentForm">
+                        <input type="hidden" name="student_id" value="<?php echo htmlspecialchars($studentData['id']); ?>">
+                        <input type="hidden" name="student_code"
+                            value="<?php echo htmlspecialchars($studentData['student_code']); ?>">
+                        <table>
+                            <thead>
+                                <tr>
+                                    <th width="50">Select</th>
+                                    <th>Fee Description</th>
+                                    <th width="100">Session</th>
+                                    <th width="80">Term</th>
+                                    <th width="120" class="amount">Billed</th>
+                                    <th width="120" class="amount">Paid</th>
+                                    <th width="120" class="amount">Outstanding</th>
+                                </tr>
+                            </thead>
+                            <tbody>
+                                <?php
+                                $totalOutstanding = 0;
+                                foreach ($outstandingFees as $fee):
+                                    $totalOutstanding += $fee['outstanding_amount'];
+                                    ?>
+                                    <tr>
+                                        <td>
+                                            <input type="checkbox" class="fee-checkbox" name="selected_fees[]" value="<?php echo htmlspecialchars(json_encode([
+                                                'receivable_id' => $fee['receivable_id'],
+                                                'fee_id' => $fee['fee_id'],
+                                                'academic_session' => $fee['academic_session'],
+                                                'term_of_session' => $fee['term_of_session'],
+                                                'outstanding_amount' => $fee['outstanding_amount']
+                                            ])); ?>" checked>
+                                        </td>
+                                        <td><?php echo htmlspecialchars($fee['fee_description']); ?></td>
+                                        <td><?php echo htmlspecialchars($fee['academic_session']); ?></td>
+                                        <td><?php echo htmlspecialchars($fee['term_of_session']); ?></td>
+                                        <td class="amount">₦<?php echo number_format($fee['billed_amount'], 2); ?></td>
+                                        <td class="amount">₦<?php echo number_format($fee['total_paid'], 2); ?></td>
+                                        <td class="amount">₦<?php echo number_format($fee['outstanding_amount'], 2); ?></td>
+                                    </tr>
+                                <?php endforeach; ?>
+                                <tr class="total-row">
+                                    <td colspan="6" style="text-align: right;">Total Outstanding:</td>
+                                    <td class="amount">₦<?php echo number_format($totalOutstanding, 2); ?></td>
+                                </tr>
+                            </tbody>
+                        </table>
+                        <button type="button" class="btn btn-primary" id="processPaymentBtn">Process Payment</button>
+                    </form>
+                </div>
+            <?php else: ?>
+                <div class="alert alert-error">No outstanding fees found for this student.</div>
+            <?php endif; ?>
+        <?php endif; ?>
+    </div>
+    <!-- Payment Modal -->
+    <div class="modal" id="paymentModal">
+        <div class="modal-content">
+            <div class="modal-header">
+                <h2>Process Payment</h2>
+            </div>
+            <form id="paymentDetailsForm" method="POST" action="process_payment.php">
+                <input type="hidden" name="student_id" id="modal_student_id">
+                <input type="hidden" name="student_code" id="modal_student_code">
+                <input type="hidden" name="selected_fees" id="modal_selected_fees">
+                <input type="hidden" name="payment_date" id="modal_payment_date">
+                <input type="hidden" name="bank_description" id="modal_bank_description">
+                <div class="form-group">
+                    <label for="teller_number">Teller Number *</label>
+                    <input type="text" id="teller_number" name="teller_number" required>
+                    <span class="loading" id="tellerLoading" style="display:none;"></span>
+                    <div class="error" id="tellerError"></div>
+                </div>
+                <div class="form-group">
+                    <label for="bank_narration">Bank Narration</label>
+                    <textarea id="bank_narration" name="bank_narration" rows="3" readonly></textarea>
+                </div>
+                <div class="form-group">
+                    <label for="unreconciled_amount">Unreconciled Amount on Teller</label>
+                    <input type="text" id="unreconciled_amount" readonly>
+                </div>
+                <div class="form-group">
+                    <label for="amount_to_use">Amount to Use for Fees *</label>
+                    <input type="number" id="amount_to_use" name="amount_to_use" step="0.01" min="0" required>
+                    <div class="error" id="amountError"></div>
+                </div>
+                <div class="modal-actions">
+                    <button type="button" class="btn btn-secondary" id="cancelBtn">Cancel</button>
+                    <button type="submit" class="btn btn-primary" id="proceedBtn" disabled>OK PROCEED!</button>
+                </div>
+            </form>
+        </div>
+    </div>
+    <script>
+        // Student search functionality
+        const searchInput = document.getElementById('studentSearch');
+        const searchResults = document.getElementById('searchResults');
+        let searchTimeout;
+        searchInput.addEventListener('input', function () {
+            clearTimeout(searchTimeout);
+            const searchTerm = this.value.trim();
+            if (searchTerm.length < 2) {
+                searchResults.classList.remove('active');
+                searchResults.innerHTML = '';
+                return;
+            }
+            searchTimeout = setTimeout(() => {
+                fetch(`ajax_handlers.php?action=search_students&search=${encodeURIComponent(searchTerm)}`)
+                    .then(response => response.json())
+                    .then(data => {
+                        if (data.error) {
+                            searchResults.innerHTML = `<div class="search-result-item">${data.error}</div>`;
+                        } else if (data.length === 0) {
+                            searchResults.innerHTML = '<div class="search-result-item">No students found</div>';
+                        } else {
+                            searchResults.innerHTML = data.map(student =>
+                                `<div class="search-result-item" data-id="${student.id}">
+                                    <span class="student-code">${student.student_code}</span>
+                                    <span>${student.full_name}</span>
+                                </div>`
+                            ).join('');
+                            // Add click handlers
+                            document.querySelectorAll('.search-result-item').forEach(item => {
+                                item.addEventListener('click', function () {
+                                    const studentId = this.dataset.id;
+                                    window.location.href = `?student_id=${studentId}`;
+                                });
+                            });
+                        }
+                        searchResults.classList.add('active');
+                    })
+                    .catch(error => {
+                        console.error('Search error:', error);
+                        searchResults.innerHTML = '<div class="search-result-item">Error searching students</div>';
+                        searchResults.classList.add('active');
+                    });
+            }, 300);
+        });
+        // Close search results when clicking outside
+        document.addEventListener('click', function (e) {
+            if (!searchInput.contains(e.target) && !searchResults.contains(e.target)) {
+                searchResults.classList.remove('active');
+            }
+        });
+        // Payment modal functionality
+        const modal = document.getElementById('paymentModal');
+        const processPaymentBtn = document.getElementById('processPaymentBtn');
+        const cancelBtn = document.getElementById('cancelBtn');
+        const tellerInput = document.getElementById('teller_number');
+        const tellerLoading = document.getElementById('tellerLoading');
+        const tellerError = document.getElementById('tellerError');
+        const amountInput = document.getElementById('amount_to_use');
+        const amountError = document.getElementById('amountError');
+        const proceedBtn = document.getElementById('proceedBtn');
+        let unreconciledAmount = 0;
+        processPaymentBtn?.addEventListener('click', function () {
+            const checkedFees = document.querySelectorAll('.fee-checkbox:checked');
+            if (checkedFees.length === 0) {
+                alert('Please select at least one fee to process payment.');
+                return;
+            }
+            // Collect selected fees
+            const selectedFees = Array.from(checkedFees).map(cb => JSON.parse(cb.value));
+            // Populate modal
+            document.getElementById('modal_student_id').value = document.querySelector('input[name="student_id"]').value;
+            document.getElementById('modal_student_code').value = document.querySelector('input[name="student_code"]').value;
+            document.getElementById('modal_selected_fees').value = JSON.stringify(selectedFees);
+            // Reset form
+            document.getElementById('paymentDetailsForm').reset();
+            tellerError.textContent = '';
+            amountError.textContent = '';
+            proceedBtn.disabled = true;
+            unreconciledAmount = 0;
+            modal.classList.add('active');
+        });
+        cancelBtn.addEventListener('click', function () {
+            modal.classList.remove('active');
+        });
+        // Teller lookup on blur
+        tellerInput.addEventListener('blur', function () {
+            const tellerNumber = this.value.trim();
+            if (!tellerNumber) {
+                return;
+            }
+            tellerLoading.style.display = 'inline-block';
+            tellerError.textContent = '';
+            fetch(`ajax_handlers.php?action=lookup_teller&teller_number=${encodeURIComponent(tellerNumber)}`)
+                .then(response => response.json())
+                .then(data => {
+                    tellerLoading.style.display = 'none';
+                    if (data.error) {
+                        tellerError.textContent = data.error;
+                        document.getElementById('bank_narration').value = '';
+                        document.getElementById('unreconciled_amount').value = '';
+                        unreconciledAmount = 0;
+                        proceedBtn.disabled = true;
+                    } else {
+                        document.getElementById('bank_narration').value = data.teller_name;
+                        document.getElementById('unreconciled_amount').value = '₦' + parseFloat(data.unreconciled_amount).toFixed(2);
+                        document.getElementById('modal_payment_date').value = data.payment_date;
+                        document.getElementById('modal_bank_description').value = data.description;
+                        unreconciledAmount = parseFloat(data.unreconciled_amount);
+                        // Enable proceed button if amount is valid
+                        validateAmount();
+                    }
+                })
+                .catch(error => {
+                    tellerLoading.style.display = 'none';
+                    tellerError.textContent = 'Error looking up teller number';
+                    console.error('Teller lookup error:', error);
+                });
+        });
+        // Amount validation
+        amountInput.addEventListener('input', validateAmount);
+        function validateAmount() {
+            const amount = parseFloat(amountInput.value);
+            if (isNaN(amount) || amount <= 0) {
+                amountError.textContent = 'Amount must be greater than zero';
+                proceedBtn.disabled = true;
+                return;
+            }
+            if (unreconciledAmount === 0) {
+                amountError.textContent = 'Please enter a valid teller number first';
+                proceedBtn.disabled = true;
+                return;
+            }
+            if (amount > unreconciledAmount) {
+                amountError.textContent = `Amount cannot exceed unreconciled amount (₦${unreconciledAmount.toFixed(2)})`;
+                proceedBtn.disabled = true;
+                return;
+            }
+            amountError.textContent = '';
+            proceedBtn.disabled = false;
+        }
+    </script>
+</body>
+</html>

easypay-api/logs/api.log ADDED Viewed

	@@ -0,0 +1,3 @@

+{"timestamp":"2026-01-09 12:44:46","ip":"::1","method":"POST","request":{"student_id":"0000012025JSR26549","teller_no":"S59500769","amount":87500},"response":{"status":"error","message":"Internal server error","error_detail":"SQLSTATE[42S22]: Column not found: 1054 Unknown column 'ar.amount_billed' in 'field list'"},"http_code":500}
+{"timestamp":"2026-01-09 13:42:34","ip":"::1","method":"POST","request":{"student_id":"0000012025JSR26549","teller_no":"S59500769","amount":87500},"response":{"status":"error","message":"Internal server error","error_detail":"SQLSTATE[42000]: Syntax error or access violation: 1055 Expression #5 of SELECT list is not in GROUP BY clause and contains nonaggregated column 'one_arps_aci.ar.actual_value' which is not functionally dependent on columns in GROUP BY clause; this is incompatible with sql_mode=only_full_group_by"},"http_code":500}
+{"timestamp":"2026-01-09 13:46:52","ip":"::1","method":"POST","request":{"student_id":"0000012025JSR26549","teller_no":"S59500769","amount":87500},"response":{"status":"success","message":"Payment processed successfully","data":{"student_id":"0000012025JSR26549","teller_no":"S59500769","amount":87500,"payment_id":"0000012025JSR2654920252026-01-09","receipt_no":"2025R265492026-01-09","payment_date":"2026-01-09","fees_settled":[{"fee_description":"Tuition [RJ]","session":2025,"term":2,"amount":80000},{"fee_description":"P.T.A Levy","session":2025,"term":2,"amount":500},{"fee_description":"Inter-House Sport","session":2025,"term":2,"amount":7000}]}},"http_code":201}

easypay-api/process_payment - v0.php ADDED Viewed

	@@ -0,0 +1,663 @@

+<?php
+/**
+ * Process Payment
+ * Handle payment allocation and database transactions
+ */
+require_once 'db_config.php';
+// Initialize response
+$success = false;
+$message = '';
+$paymentDetails = [];
+try {
+    // Validate POST data
+    if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
+        throw new Exception('Invalid request method');
+    }
+    $studentId = $_POST['student_id'] ?? '';
+    $studentCode = $_POST['student_code'] ?? '';
+    $selectedFeesJson = $_POST['selected_fees'] ?? '';
+    $tellerNumber = $_POST['teller_number'] ?? '';
+    $bankDescription = $_POST['bank_description'] ?? '';
+    $paymentDate = $_POST['payment_date'] ?? '';
+    $amountToUse = floatval($_POST['amount_to_use'] ?? 0);
+    // Validate required fields
+    if (
+        empty($studentId) || empty($studentCode) || empty($selectedFeesJson) ||
+        empty($tellerNumber) || empty($paymentDate) || $amountToUse <= 0
+    ) {
+        throw new Exception('Missing required fields');
+    }
+    // Parse selected fees
+    $selectedFees = json_decode($selectedFeesJson, true);
+    if (!is_array($selectedFees) || count($selectedFees) === 0) {
+        throw new Exception('No fees selected');
+    }
+    // Sort fees by academic_session ASC, term_of_session ASC (oldest to newest)
+    usort($selectedFees, function ($a, $b) {
+        if ($a['academic_session'] != $b['academic_session']) {
+            return $a['academic_session'] - $b['academic_session'];
+        }
+        return $a['term_of_session'] - $b['term_of_session'];
+    });
+    // Re-fetch bank statement to verify
+    $sql = "SELECT
+                bs.id,
+                bs.description,
+                bs.amount_paid,
+                bs.payment_date,
+                COALESCE(fp.total_registered_fee, 0.00) AS registered_amount,
+                (bs.amount_paid - COALESCE(fp.total_registered_fee, 0.00)) AS unreconciled_amount
+            FROM tb_account_bank_statements bs
+            LEFT JOIN (
+                SELECT teller_no, SUM(amount_paid) AS total_registered_fee
+                FROM tb_account_school_fee_payments
+                GROUP BY teller_no
+            ) fp ON SUBSTRING_INDEX(bs.description, ' ', -1) = fp.teller_no
+            WHERE SUBSTRING_INDEX(bs.description, ' ', -1) = :teller_number
+            LIMIT 1";
+    $stmt = $pdo->prepare($sql);
+    $stmt->execute(['teller_number' => $tellerNumber]);
+    $bankStatement = $stmt->fetch();
+    if (!$bankStatement) {
+        throw new Exception('Bank statement not found for teller number: ' . $tellerNumber);
+    }
+    // Verify unreconciled amount
+    if ($amountToUse > $bankStatement['unreconciled_amount']) {
+        throw new Exception('Amount exceeds unreconciled amount on teller');
+    }
+    // Extract teller name and number from description
+    $descParts = explode(' ', $bankStatement['description']);
+    $tellerNo = array_pop($descParts);
+    $tellerName = implode(' ', $descParts);
+    // Use the oldest fee's session/term for transaction_id
+    $dominantSession = $selectedFees[0]['academic_session'];
+    $dominantTerm = $selectedFees[0]['term_of_session'];
+    // Generate transaction_id
+    $transactionId = $studentId . $dominantSession . $paymentDate;
+    // STEP 1: Guard check - prevent duplicate payments on same date
+    $sql = "SELECT COUNT(*) AS cnt
+            FROM tb_account_school_fee_sum_payments
+            WHERE student_id = :student_id
+              AND payment_date = :payment_date";
+    $stmt = $pdo->prepare($sql);
+    $stmt->execute([
+        'student_id' => $studentId,
+        'payment_date' => $paymentDate
+    ]);
+    $duplicateCheck = $stmt->fetch();
+    if ($duplicateCheck['cnt'] > 0) {
+        throw new Exception('A payment for this student has already been registered on this date (' . $paymentDate . ')');
+    }
+    // STEP 2: Allocate payment across fees (oldest to newest)
+    $feeAllocations = [];
+    $remainingAmount = $amountToUse;
+    foreach ($selectedFees as $fee) {
+        if ($remainingAmount <= 0) {
+            break;
+        }
+        $outstandingAmount = floatval($fee['outstanding_amount']);
+        if ($remainingAmount >= $outstandingAmount) {
+            // Fully settle this fee
+            $amountForThisFee = $outstandingAmount;
+            $remainingAmount -= $outstandingAmount;
+        } else {
+            // Partially settle this fee
+            $amountForThisFee = $remainingAmount;
+            $remainingAmount = 0;
+        }
+        $feeAllocations[] = [
+            'fee_id' => $fee['fee_id'],
+            'academic_session' => $fee['academic_session'],
+            'term_of_session' => $fee['term_of_session'],
+            'amount' => $amountForThisFee
+        ];
+    }
+    if (count($feeAllocations) === 0) {
+        throw new Exception('No fees could be allocated');
+    }
+    // Calculate total paid
+    $totalPaid = array_sum(array_column($feeAllocations, 'amount'));
+    // STEP 3: Begin database transaction
+    $pdo->beginTransaction();
+    try {
+        // Constants
+        $creditBankId = '000001373634585148';
+        $debitBankId = '514297805530965017';
+        $paymodeId = '000001373901891416';
+        $recipientId = 'SS0011441283890434';
+        $paymentBy = 'SS0011441283890434';
+        $createdBy = 'SS0011441283890434';
+        $createdAs = 'school';
+        $paymentStatus = 'Approved';
+        $paymodeCategory = 'BANK';
+        // Generate receipt_no (used across all fee records)
+        $receiptNo = $studentCode . $paymentDate;
+        // 3a) INSERT into tb_account_school_fee_payments (per fee)
+        foreach ($feeAllocations as $allocation) {
+            $schoolFeePaymentId = $studentCode . $allocation['fee_id'] . $paymentDate;
+            $sql = "INSERT INTO tb_account_school_fee_payments (
+                        id, fee_id, student_id, transaction_id, amount_paid,
+                        teller_no, teller_name, credit_bank_id, debit_bank_id,
+                        paymode_id, payment_status, payment_date, recipient_id,
+                        academic_session, term_of_session, payment_by, payment_on
+                    ) VALUES (
+                        :id, :fee_id, :student_id, :transaction_id, :amount_paid,
+                        :teller_no, :teller_name, :credit_bank_id, :debit_bank_id,
+                        :paymode_id, :payment_status, :payment_date, :recipient_id,
+                        :academic_session, :term_of_session, :payment_by, NOW()
+                    )";
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute([
+                'id' => $schoolFeePaymentId,
+                'fee_id' => $allocation['fee_id'],
+                'student_id' => $studentId,
+                'transaction_id' => $transactionId,
+                'amount_paid' => $allocation['amount'],
+                'teller_no' => $tellerNo,
+                'teller_name' => $tellerName,
+                'credit_bank_id' => $creditBankId,
+                'debit_bank_id' => $debitBankId,
+                'paymode_id' => $paymodeId,
+                'payment_status' => $paymentStatus,
+                'payment_date' => $paymentDate,
+                'recipient_id' => $recipientId,
+                'academic_session' => $allocation['academic_session'],
+                'term_of_session' => $allocation['term_of_session'],
+                'payment_by' => $paymentBy
+            ]);
+        }
+        // 3b) INSERT into tb_account_school_fee_sum_payments (single record)
+        $sumPaymentsId = $studentId . $dominantSession . $paymentDate;
+        $sql = "INSERT INTO tb_account_school_fee_sum_payments (
+                    id, student_id, total_paid, paymode_id, payment_date,
+                    credit_bank_id, debit_bank_id, transaction_id, status,
+                    academic_session, term_of_session, registered_by, registered_on
+                ) VALUES (
+                    :id, :student_id, :total_paid, :paymode_id, :payment_date,
+                    :credit_bank_id, :debit_bank_id, :transaction_id, :status,
+                    :academic_session, :term_of_session, :registered_by, NOW()
+                )";
+        $stmt = $pdo->prepare($sql);
+        $stmt->execute([
+            'id' => $sumPaymentsId,
+            'student_id' => $studentId,
+            'total_paid' => $totalPaid,
+            'paymode_id' => $paymodeId,
+            'payment_date' => $paymentDate,
+            'credit_bank_id' => $creditBankId,
+            'debit_bank_id' => $debitBankId,
+            'transaction_id' => $transactionId,
+            'status' => $paymentStatus,
+            'academic_session' => $dominantSession,
+            'term_of_session' => $dominantTerm,
+            'registered_by' => $createdBy
+        ]);
+        // 3c) INSERT into tb_account_student_payments (per fee)
+        foreach ($feeAllocations as $allocation) {
+            // Get current payment_to_date (sum of all previous payments for this fee/session/term)
+            $sql = "SELECT SUM(payment_to_date) AS current_total
+                    FROM tb_account_student_payments
+                    WHERE student_id = :student_id
+                      AND fee_id = :fee_id
+                      AND academic_session = :academic_session
+                      AND term_of_session = :term_of_session";
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute([
+                'student_id' => $studentId,
+                'fee_id' => $allocation['fee_id'],
+                'academic_session' => $allocation['academic_session'],
+                'term_of_session' => $allocation['term_of_session']
+            ]);
+            $currentPayment = $stmt->fetch();
+            $currentTotal = floatval($currentPayment['current_total'] ?? 0);
+            $newPaymentToDate = $allocation['amount'];
+	    //$newPaymentToDate = $currentTotal + $allocation['amount']; --Old code that added new payment amount to current total (total before payment)
+            $studentPaymentId = $studentCode . $allocation['fee_id'] . $paymentDate;
+            $sql = "INSERT INTO tb_account_student_payments (
+                        id, fee_id, student_id, payment_to_date, transaction_id,
+                        academic_session, term_of_session, created_by, created_as, created_on
+                    ) VALUES (
+                        :id, :fee_id, :student_id, :payment_to_date, :transaction_id,
+                        :academic_session, :term_of_session, :created_by, :created_as, NOW()
+                    )";
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute([
+                'id' => $studentPaymentId,
+                'fee_id' => $allocation['fee_id'],
+                'student_id' => $studentId,
+                'payment_to_date' => $newPaymentToDate,
+                'transaction_id' => $transactionId,
+                'academic_session' => $allocation['academic_session'],
+                'term_of_session' => $allocation['term_of_session'],
+                'created_by' => $createdBy,
+                'created_as' => $createdAs
+            ]);
+        }
+        // 3d) INSERT into tb_account_payment_registers (per fee)
+        foreach ($feeAllocations as $allocation) {
+            $paymentRegisterId = $studentCode . $allocation['fee_id'] . $paymentDate;
+            $sql = "INSERT INTO tb_account_payment_registers (
+                        id, fee_id, student_id, amount_paid, amount_due,
+                        receipt_no, recipient_id, payment_date, paymode_category,
+                        transaction_id, academic_session, term_of_session,
+                        created_by, created_as, created_on
+                    ) VALUES (
+                        :id, :fee_id, :student_id, :amount_paid, :amount_due,
+                        :receipt_no, :recipient_id, :payment_date, :paymode_category,
+                        :transaction_id, :academic_session, :term_of_session,
+                        :created_by, :created_as, NOW()
+                    )";
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute([
+                'id' => $paymentRegisterId,
+                'fee_id' => $allocation['fee_id'],
+                'student_id' => $studentId,
+                'amount_paid' => $allocation['amount'],
+                'amount_due' => $allocation['amount'],
+                'receipt_no' => $receiptNo,
+                'recipient_id' => $recipientId,
+                'payment_date' => $paymentDate,
+                'paymode_category' => $paymodeCategory,
+                'transaction_id' => $transactionId,
+                'academic_session' => $allocation['academic_session'],
+                'term_of_session' => $allocation['term_of_session'],
+                'created_by' => $createdBy,
+                'created_as' => $createdAs
+            ]);
+        }
+        // 3e) UPDATE tb_student_logistics
+        // Group allocations by session/term to update specific records
+        $sessionTermTotals = [];
+        foreach ($feeAllocations as $allocation) {
+            $key = $allocation['academic_session'] . '-' . $allocation['term_of_session'];
+            if (!isset($sessionTermTotals[$key])) {
+                $sessionTermTotals[$key] = [
+                    'academic_session' => $allocation['academic_session'],
+                    'term_of_session' => $allocation['term_of_session'],
+                    'total' => 0
+                ];
+            }
+            $sessionTermTotals[$key]['total'] += $allocation['amount'];
+        }
+        // Update each session/term record
+        foreach ($sessionTermTotals as $st) {
+            $sql = "UPDATE tb_student_logistics
+                    SET fees_outstanding = GREATEST(0, fees_outstanding - :total_paid)
+                    WHERE student_id = :student_id
+                      AND academic_session = :academic_session
+                      AND term_of_session = :term_of_session";
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute([
+                'total_paid' => $st['total'],
+                'student_id' => $studentId,
+                'academic_session' => $st['academic_session'],
+                'term_of_session' => $st['term_of_session']
+            ]);
+        }
+        // Commit transaction
+        $pdo->commit();
+        $success = true;
+        $message = 'Payment processed successfully!';
+        // Fetch fee descriptions for display
+        $feeIds = array_column($feeAllocations, 'fee_id');
+        $placeholders = implode(',', array_fill(0, count($feeIds), '?'));
+        $sql = "SELECT id, description FROM tb_account_school_fees WHERE id IN ($placeholders)";
+        $stmt = $pdo->prepare($sql);
+        $stmt->execute($feeIds);
+        $feeDescriptions = $stmt->fetchAll(PDO::FETCH_KEY_PAIR);
+        // Prepare payment details for display
+        foreach ($feeAllocations as &$allocation) {
+            $allocation['description'] = $feeDescriptions[$allocation['fee_id']] ?? 'Unknown Fee';
+        }
+        $paymentDetails = [
+            'student_code' => $studentCode,
+            'payment_date' => $paymentDate,
+            'teller_no' => $tellerNo,
+            'teller_name' => $tellerName,
+            'total_paid' => $totalPaid,
+            'receipt_no' => $receiptNo,
+            'transaction_id' => $transactionId,
+            'allocations' => $feeAllocations,
+            'remaining_unreconciled' => $bankStatement['unreconciled_amount'] - $totalPaid
+        ];
+    } catch (Exception $e) {
+        $pdo->rollBack();
+        throw new Exception('Transaction failed: ' . $e->getMessage());
+    }
+} catch (Exception $e) {
+    $success = false;
+    $message = $e->getMessage();
+}
+// Fetch student name for display
+$studentName = '';
+if (!empty($studentId)) {
+    try {
+        $sql = "SELECT CONCAT(last_name, ' ', first_name, ' ', COALESCE(other_name, '')) AS full_name
+                FROM tb_student_registrations
+                WHERE id = :student_id";
+        $stmt = $pdo->prepare($sql);
+        $stmt->execute(['student_id' => $studentId]);
+        $result = $stmt->fetch();
+        $studentName = $result['full_name'] ?? 'Unknown Student';
+    } catch (Exception $e) {
+        $studentName = 'Unknown Student';
+    }
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Payment Processing Result</title>
+    <style>
+        * {
+            margin: 0;
+            padding: 0;
+            box-sizing: border-box;
+        }
+        body {
+            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            min-height: 100vh;
+            padding: 20px;
+            display: flex;
+            align-items: center;
+            justify-content: center;
+        }
+        .container {
+            max-width: 800px;
+            width: 100%;
+            background: white;
+            border-radius: 12px;
+            box-shadow: 0 10px 40px rgba(0, 0, 0, 0.2);
+            padding: 40px;
+        }
+        .success-icon {
+            width: 80px;
+            height: 80px;
+            margin: 0 auto 20px;
+            background: #28a745;
+            border-radius: 50%;
+            display: flex;
+            align-items: center;
+            justify-content: center;
+            color: white;
+            font-size: 48px;
+        }
+        .error-icon {
+            width: 80px;
+            height: 80px;
+            margin: 0 auto 20px;
+            background: #dc3545;
+            border-radius: 50%;
+            display: flex;
+            align-items: center;
+            justify-content: center;
+            color: white;
+            font-size: 48px;
+        }
+        h1 {
+            text-align: center;
+            color: #333;
+            margin-bottom: 10px;
+            font-size: 28px;
+        }
+        .message {
+            text-align: center;
+            color: #666;
+            margin-bottom: 30px;
+            font-size: 16px;
+        }
+        .details-section {
+            background: #f8f9fa;
+            padding: 20px;
+            border-radius: 8px;
+            margin-bottom: 20px;
+        }
+        .details-section h2 {
+            color: #333;
+            margin-bottom: 15px;
+            font-size: 20px;
+        }
+        .detail-row {
+            display: flex;
+            justify-content: space-between;
+            padding: 10px 0;
+            border-bottom: 1px solid #ddd;
+        }
+        .detail-row:last-child {
+            border-bottom: none;
+        }
+        .detail-label {
+            font-weight: 600;
+            color: #555;
+        }
+        .detail-value {
+            color: #333;
+            text-align: right;
+        }
+        table {
+            width: 100%;
+            border-collapse: collapse;
+            margin-top: 15px;
+        }
+        th,
+        td {
+            padding: 12px;
+            text-align: left;
+            border-bottom: 1px solid #ddd;
+        }
+        th {
+            background-color: #667eea;
+            color: white;
+            font-weight: 600;
+        }
+        .amount {
+            text-align: right;
+            font-family: 'Courier New', monospace;
+        }
+        .total-row {
+            font-weight: bold;
+            background-color: #f0f0f0;
+        }
+        .btn {
+            display: inline-block;
+            padding: 12px 30px;
+            border: none;
+            border-radius: 6px;
+            font-size: 16px;
+            font-weight: 600;
+            cursor: pointer;
+            text-decoration: none;
+            transition: all 0.3s;
+            text-align: center;
+        }
+        .btn-primary {
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            color: white;
+        }
+        .btn-primary:hover {
+            transform: translateY(-2px);
+            box-shadow: 0 5px 15px rgba(102, 126, 234, 0.4);
+        }
+        .actions {
+            text-align: center;
+            margin-top: 30px;
+        }
+        .highlight {
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            color: white;
+            padding: 15px;
+            border-radius: 8px;
+            margin-bottom: 20px;
+        }
+        .highlight p {
+            margin: 5px 0;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <?php if ($success): ?>
+            <div class="success-icon">✓</div>
+            <h1>Payment Processed Successfully!</h1>
+            <p class="message"><?php echo htmlspecialchars($message); ?></p>
+            <div class="highlight">
+                <p><strong>Student:</strong> <?php echo htmlspecialchars($studentName); ?></p>
+                <p><strong>Receipt No:</strong> <?php echo htmlspecialchars($paymentDetails['receipt_no']); ?></p>
+                <p><strong>Transaction ID:</strong> <?php echo htmlspecialchars($paymentDetails['transaction_id']); ?></p>
+            </div>
+            <div class="details-section">
+                <h2>Payment Details</h2>
+                <div class="detail-row">
+                    <span class="detail-label">Payment Date:</span>
+                    <span class="detail-value"><?php echo htmlspecialchars($paymentDetails['payment_date']); ?></span>
+                </div>
+                <div class="detail-row">
+                    <span class="detail-label">Teller Number:</span>
+                    <span class="detail-value"><?php echo htmlspecialchars($paymentDetails['teller_no']); ?></span>
+                </div>
+                <div class="detail-row">
+                    <span class="detail-label">Bank Narration:</span>
+                    <span class="detail-value"><?php echo htmlspecialchars($paymentDetails['teller_name']); ?></span>
+                </div>
+                <div class="detail-row">
+                    <span class="detail-label">Total Amount Used:</span>
+                    <span class="detail-value">₦<?php echo number_format($paymentDetails['total_paid'], 2); ?></span>
+                </div>
+                <div class="detail-row">
+                    <span class="detail-label">Remaining Unreconciled on Teller:</span>
+                    <span
+                        class="detail-value">₦<?php echo number_format($paymentDetails['remaining_unreconciled'], 2); ?></span>
+                </div>
+            </div>
+            <div class="details-section">
+                <h2>Fees Settled</h2>
+                <table>
+                    <thead>
+                        <tr>
+                            <th>Fee Description</th>
+                            <th width="100">Session</th>
+                            <th width="80">Term</th>
+                            <th width="120" class="amount">Amount Paid</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        <?php foreach ($paymentDetails['allocations'] as $allocation): ?>
+                            <tr>
+                                <td><?php echo htmlspecialchars($allocation['description']); ?></td>
+                                <td><?php echo htmlspecialchars($allocation['academic_session']); ?></td>
+                                <td><?php echo htmlspecialchars($allocation['term_of_session']); ?></td>
+                                <td class="amount">₦<?php echo number_format($allocation['amount'], 2); ?></td>
+                            </tr>
+                        <?php endforeach; ?>
+                        <tr class="total-row">
+                            <td colspan="3" style="text-align: right;">Total:</td>
+                            <td class="amount">₦<?php echo number_format($paymentDetails['total_paid'], 2); ?></td>
+                        </tr>
+                    </tbody>
+                </table>
+            </div>
+        <?php else: ?>
+            <div class="error-icon">✗</div>
+            <h1>Payment Processing Failed</h1>
+            <p class="message" style="color: #dc3545;"><?php echo htmlspecialchars($message); ?></p>
+            <div class="details-section">
+                <h2>Error Details</h2>
+                <p>The payment could not be processed. No changes were made to the database.</p>
+                <p style="margin-top: 10px;"><strong>Error:</strong> <?php echo htmlspecialchars($message); ?></p>
+            </div>
+        <?php endif; ?>
+        <div class="actions">
+            <a href="index.php" class="btn btn-primary">Return to Main Page</a>
+        </div>
+    </div>
+</body>
+</html>

easypay-api/process_payment.php ADDED Viewed

	@@ -0,0 +1,668 @@

+<?php
+/**
+ * Process Payment
+ * Handle payment allocation and database transactions
+ */
+require_once 'db_config.php';
+// Initialize response
+$success = false;
+$message = '';
+$paymentDetails = [];
+try {
+    // Validate POST data
+    if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
+        throw new Exception('Invalid request method');
+    }
+    $studentId = $_POST['student_id'] ?? '';
+    $studentCode = $_POST['student_code'] ?? '';
+    $selectedFeesJson = $_POST['selected_fees'] ?? '';
+    $tellerNumber = $_POST['teller_number'] ?? '';
+    $bankDescription = $_POST['bank_description'] ?? '';
+    $paymentDate = $_POST['payment_date'] ?? '';
+    $amountToUse = floatval($_POST['amount_to_use'] ?? 0);
+    // Validate required fields
+    if (
+        empty($studentId) || empty($studentCode) || empty($selectedFeesJson) ||
+        empty($tellerNumber) || empty($paymentDate) || $amountToUse <= 0
+    ) {
+        throw new Exception('Missing required fields');
+    }
+    // Parse selected fees
+    $selectedFees = json_decode($selectedFeesJson, true);
+    if (!is_array($selectedFees) || count($selectedFees) === 0) {
+        throw new Exception('No fees selected');
+    }
+    // Sort fees by academic_session ASC, term_of_session ASC (oldest to newest)
+    usort($selectedFees, function ($a, $b) {
+        if ($a['academic_session'] != $b['academic_session']) {
+            return $a['academic_session'] - $b['academic_session'];
+        }
+        return $a['term_of_session'] - $b['term_of_session'];
+    });
+    // Re-fetch bank statement to verify
+    $sql = "SELECT
+                bs.id,
+                bs.description,
+                bs.amount_paid,
+                bs.payment_date,
+                COALESCE(fp.total_registered_fee, 0.00) AS registered_amount,
+                (bs.amount_paid - COALESCE(fp.total_registered_fee, 0.00)) AS unreconciled_amount
+            FROM tb_account_bank_statements bs
+            LEFT JOIN (
+                SELECT teller_no, SUM(amount_paid) AS total_registered_fee
+                FROM tb_account_school_fee_payments
+                GROUP BY teller_no
+            ) fp ON SUBSTRING_INDEX(bs.description, ' ', -1) = fp.teller_no
+            WHERE SUBSTRING_INDEX(bs.description, ' ', -1) = :teller_number
+            LIMIT 1";
+    $stmt = $pdo->prepare($sql);
+    $stmt->execute(['teller_number' => $tellerNumber]);
+    $bankStatement = $stmt->fetch();
+    if (!$bankStatement) {
+        throw new Exception('Bank statement not found for teller number: ' . $tellerNumber);
+    }
+    // Verify unreconciled amount
+    if ($amountToUse > $bankStatement['unreconciled_amount']) {
+        throw new Exception('Amount exceeds unreconciled amount on teller');
+    }
+    // Extract teller name and number from description
+    $descParts = explode(' ', $bankStatement['description']);
+    $tellerNo = array_pop($descParts);
+    $tellerName = implode(' ', $descParts);
+    // Use the oldest fee's session/term for transaction_id
+    $dominantSession = $selectedFees[0]['academic_session'];
+    $dominantTerm = $selectedFees[0]['term_of_session'];
+    // Generate transaction_id
+    $transactionId = $studentId . $dominantSession . $paymentDate;
+    // STEP 1: Guard check - prevent duplicate payments on same date
+    $sql = "SELECT COUNT(*) AS cnt
+            FROM tb_account_school_fee_sum_payments
+            WHERE student_id = :student_id
+              AND payment_date = :payment_date";
+    $stmt = $pdo->prepare($sql);
+    $stmt->execute([
+        'student_id' => $studentId,
+        'payment_date' => $paymentDate
+    ]);
+    $duplicateCheck = $stmt->fetch();
+    if ($duplicateCheck['cnt'] > 0) {
+        throw new Exception('A payment for this student has already been registered on this date (' . $paymentDate . ')');
+    }
+    // STEP 2: Allocate payment across fees (oldest to newest)
+    $feeAllocations = [];
+    $remainingAmount = $amountToUse;
+    foreach ($selectedFees as $fee) {
+        if ($remainingAmount <= 0) {
+            break;
+        }
+        $outstandingAmount = floatval($fee['outstanding_amount']);
+        if ($remainingAmount >= $outstandingAmount) {
+            // Fully settle this fee
+            $amountForThisFee = $outstandingAmount;
+            $remainingAmount -= $outstandingAmount;
+        } else {
+            // Partially settle this fee
+            $amountForThisFee = $remainingAmount;
+            $remainingAmount = 0;
+        }
+        $feeAllocations[] = [
+            'fee_id' => $fee['fee_id'],
+            'academic_session' => $fee['academic_session'],
+            'term_of_session' => $fee['term_of_session'],
+            'amount' => $amountForThisFee
+        ];
+    }
+    if (count($feeAllocations) === 0) {
+        throw new Exception('No fees could be allocated');
+    }
+    // Calculate total paid
+    $totalPaid = array_sum(array_column($feeAllocations, 'amount'));
+    // STEP 3: Begin database transaction
+    $pdo->beginTransaction();
+    try {
+        // Constants
+        $creditBankId = '000001373634585148';
+        $debitBankId = '514297805530965017';
+        $paymodeId = '000001373901891416';
+        $recipientId = 'SS0011441283890434';
+        $paymentBy = 'SS0011441283890434';
+        $createdBy = 'SS0011441283890434';
+        $createdAs = 'school';
+        $paymentStatus = 'Approved';
+        $paymodeCategory = 'BANK';
+        // Generate receipt_no (used across all fee records)
+        $receiptNo = $studentCode . $paymentDate;
+        // 3a) INSERT into tb_account_school_fee_payments (per fee)
+        foreach ($feeAllocations as $allocation) {
+            $schoolFeePaymentId = $studentCode . $allocation['fee_id'] . $paymentDate; //original code
+            //$schoolFeePaymentId = $allocation['fee_id'] . $paymentDate; //Is used to reduce length of id to solve duplicate entry error.
+            $sql = "INSERT INTO tb_account_school_fee_payments (
+                        id, fee_id, student_id, transaction_id, amount_paid,
+                        teller_no, teller_name, credit_bank_id, debit_bank_id,
+                        paymode_id, payment_status, payment_date, recipient_id,
+                        academic_session, term_of_session, payment_by, payment_on
+                    ) VALUES (
+                        :id, :fee_id, :student_id, :transaction_id, :amount_paid,
+                        :teller_no, :teller_name, :credit_bank_id, :debit_bank_id,
+                        :paymode_id, :payment_status, :payment_date, :recipient_id,
+                        :academic_session, :term_of_session, :payment_by, NOW()
+                    )";
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute([
+                'id' => $schoolFeePaymentId,
+                'fee_id' => $allocation['fee_id'],
+                'student_id' => $studentId,
+                'transaction_id' => $transactionId,
+                'amount_paid' => $allocation['amount'],
+                'teller_no' => $tellerNo,
+                'teller_name' => $tellerName,
+                'credit_bank_id' => $creditBankId,
+                'debit_bank_id' => $debitBankId,
+                'paymode_id' => $paymodeId,
+                'payment_status' => $paymentStatus,
+                'payment_date' => $paymentDate,
+                'recipient_id' => $recipientId,
+                'academic_session' => $allocation['academic_session'],
+                'term_of_session' => $allocation['term_of_session'],
+                'payment_by' => $paymentBy
+            ]);
+        }
+        // 3b) INSERT into tb_account_school_fee_sum_payments (single record)
+        $sumPaymentsId = $studentId . $dominantSession . $paymentDate;
+        $sql = "INSERT INTO tb_account_school_fee_sum_payments (
+                    id, student_id, total_paid, paymode_id, payment_date,
+                    credit_bank_id, debit_bank_id, transaction_id, status,
+                    academic_session, term_of_session, registered_by, registered_on
+                ) VALUES (
+                    :id, :student_id, :total_paid, :paymode_id, :payment_date,
+                    :credit_bank_id, :debit_bank_id, :transaction_id, :status,
+                    :academic_session, :term_of_session, :registered_by, NOW()
+                )";
+        $stmt = $pdo->prepare($sql);
+        $stmt->execute([
+            'id' => $sumPaymentsId,
+            'student_id' => $studentId,
+            'total_paid' => $totalPaid,
+            'paymode_id' => $paymodeId,
+            'payment_date' => $paymentDate,
+            'credit_bank_id' => $creditBankId,
+            'debit_bank_id' => $debitBankId,
+            'transaction_id' => $transactionId,
+            'status' => $paymentStatus,
+            'academic_session' => $dominantSession,
+            'term_of_session' => $dominantTerm,
+            'registered_by' => $createdBy
+        ]);
+        // 3c) INSERT into tb_account_student_payments (per fee)
+        foreach ($feeAllocations as $allocation) {
+            // Get current payment_to_date (sum of all previous payments for this fee/session/term)
+            $sql = "SELECT SUM(payment_to_date) AS current_total
+                    FROM tb_account_student_payments
+                    WHERE student_id = :student_id
+                      AND fee_id = :fee_id
+                      AND academic_session = :academic_session
+                      AND term_of_session = :term_of_session";
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute([
+                'student_id' => $studentId,
+                'fee_id' => $allocation['fee_id'],
+                'academic_session' => $allocation['academic_session'],
+                'term_of_session' => $allocation['term_of_session']
+            ]);
+            $currentPayment = $stmt->fetch();
+            $currentTotal = floatval($currentPayment['current_total'] ?? 0);
+            $newPaymentToDate = $allocation['amount'];
+            //$newPaymentToDate = $currentTotal + $allocation['amount']; --Old code that added new payment amount to current total (total before payment)
+            $studentPaymentId = $studentCode . $allocation['fee_id'] . $paymentDate;
+            $sql = "INSERT INTO tb_account_student_payments (
+                        id, fee_id, student_id, payment_to_date, transaction_id,
+                        academic_session, term_of_session, created_by, created_as, created_on
+                    ) VALUES (
+                        :id, :fee_id, :student_id, :payment_to_date, :transaction_id,
+                        :academic_session, :term_of_session, :created_by, :created_as, NOW()
+                    )";
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute([
+                'id' => $studentPaymentId,
+                'fee_id' => $allocation['fee_id'],
+                'student_id' => $studentId,
+                'payment_to_date' => $newPaymentToDate,
+                'transaction_id' => $transactionId,
+                'academic_session' => $allocation['academic_session'],
+                'term_of_session' => $allocation['term_of_session'],
+                'created_by' => $createdBy,
+                'created_as' => $createdAs
+            ]);
+        }
+        // 3d) INSERT into tb_account_payment_registers (per fee)
+        foreach ($feeAllocations as $allocation) {
+            $paymentRegisterId = $studentCode . $allocation['fee_id'] . $paymentDate;
+            $sql = "INSERT INTO tb_account_payment_registers (
+                        id, fee_id, student_id, amount_paid, amount_due,
+                        receipt_no, recipient_id, payment_date, paymode_category,
+                        transaction_id, academic_session, term_of_session,
+                        created_by, created_as, created_on
+                    ) VALUES (
+                        :id, :fee_id, :student_id, :amount_paid, :amount_due,
+                        :receipt_no, :recipient_id, :payment_date, :paymode_category,
+                        :transaction_id, :academic_session, :term_of_session,
+                        :created_by, :created_as, NOW()
+                    )";
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute([
+                'id' => $paymentRegisterId,
+                'fee_id' => $allocation['fee_id'],
+                'student_id' => $studentId,
+                'amount_paid' => $allocation['amount'],
+                'amount_due' => $allocation['amount'],
+                'receipt_no' => $receiptNo,
+                'recipient_id' => $recipientId,
+                'payment_date' => $paymentDate,
+                'paymode_category' => $paymodeCategory,
+                'transaction_id' => $transactionId,
+                'academic_session' => $allocation['academic_session'],
+                'term_of_session' => $allocation['term_of_session'],
+                'created_by' => $createdBy,
+                'created_as' => $createdAs
+            ]);
+        }
+        // 3e) UPDATE tb_student_logistics
+        // Group allocations by session/term to update specific records
+        $sessionTermTotals = [];
+        foreach ($feeAllocations as $allocation) {
+            $key = $allocation['academic_session'] . '-' . $allocation['term_of_session'];
+            if (!isset($sessionTermTotals[$key])) {
+                $sessionTermTotals[$key] = [
+                    'academic_session' => $allocation['academic_session'],
+                    'term_of_session' => $allocation['term_of_session'],
+                    'total' => 0
+                ];
+            }
+            $sessionTermTotals[$key]['total'] += $allocation['amount'];
+        }
+        // Update each session/term record
+        foreach ($sessionTermTotals as $st) {
+            $sql = "UPDATE tb_student_logistics
+                    SET fees_outstanding = GREATEST(0, fees_outstanding - :total_paid)
+                    WHERE student_id = :student_id
+                      AND academic_session = :academic_session
+                      AND term_of_session = :term_of_session";
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute([
+                'total_paid' => $st['total'],
+                'student_id' => $studentId,
+                'academic_session' => $st['academic_session'],
+                'term_of_session' => $st['term_of_session']
+            ]);
+        }
+        // Commit transaction
+        $pdo->commit();
+        $success = true;
+        $message = 'Payment processed successfully!';
+        // Fetch fee descriptions for display
+        $feeIds = array_column($feeAllocations, 'fee_id');
+        $placeholders = implode(',', array_fill(0, count($feeIds), '?'));
+        $sql = "SELECT id, description FROM tb_account_school_fees WHERE id IN ($placeholders)";
+        $stmt = $pdo->prepare($sql);
+        $stmt->execute($feeIds);
+        $feeDescriptions = $stmt->fetchAll(PDO::FETCH_KEY_PAIR);
+        // Prepare payment details for display
+        foreach ($feeAllocations as $key => $allocation) {
+            $feeAllocations[$key]['description'] = $feeDescriptions[$allocation['fee_id']] ?? 'Unknown Fee';
+        }
+        $paymentDetails = [
+            'student_code' => $studentCode,
+            'payment_date' => $paymentDate,
+            'teller_no' => $tellerNo,
+            'teller_name' => $tellerName,
+            'total_paid' => $totalPaid,
+            'receipt_no' => $receiptNo,
+            'transaction_id' => $transactionId,
+            'allocations' => $feeAllocations,
+            'remaining_unreconciled' => $bankStatement['unreconciled_amount'] - $totalPaid
+        ];
+    } catch (Exception $e) {
+        $pdo->rollBack();
+        throw new Exception('Transaction failed: ' . $e->getMessage());
+    }
+} catch (Exception $e) {
+    $success = false;
+    $message = $e->getMessage();
+}
+// Fetch student name for display
+$studentName = '';
+if (!empty($studentId)) {
+    try {
+        $sql = "SELECT CONCAT(last_name, ' ', first_name, ' ', COALESCE(other_name, '')) AS full_name
+                FROM tb_student_registrations
+                WHERE id = :student_id";
+        $stmt = $pdo->prepare($sql);
+        $stmt->execute(['student_id' => $studentId]);
+        $result = $stmt->fetch();
+        $studentName = $result['full_name'] ?? 'Unknown Student';
+    } catch (Exception $e) {
+        $studentName = 'Unknown Student';
+    }
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Payment Processing Result</title>
+    <style>
+        * {
+            margin: 0;
+            padding: 0;
+            box-sizing: border-box;
+        }
+        body {
+            font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            min-height: 100vh;
+            padding: 20px;
+            display: flex;
+            align-items: center;
+            justify-content: center;
+        }
+        .container {
+            max-width: 800px;
+            width: 100%;
+            background: white;
+            border-radius: 12px;
+            box-shadow: 0 10px 40px rgba(0, 0, 0, 0.2);
+            padding: 40px;
+        }
+        .success-icon {
+            width: 80px;
+            height: 80px;
+            margin: 0 auto 20px;
+            background: #28a745;
+            border-radius: 50%;
+            display: flex;
+            align-items: center;
+            justify-content: center;
+            color: white;
+            font-size: 48px;
+        }
+        .error-icon {
+            width: 80px;
+            height: 80px;
+            margin: 0 auto 20px;
+            background: #dc3545;
+            border-radius: 50%;
+            display: flex;
+            align-items: center;
+            justify-content: center;
+            color: white;
+            font-size: 48px;
+        }
+        h1 {
+            text-align: center;
+            color: #333;
+            margin-bottom: 10px;
+            font-size: 28px;
+        }
+        .message {
+            text-align: center;
+            color: #666;
+            margin-bottom: 30px;
+            font-size: 16px;
+        }
+        .details-section {
+            background: #f8f9fa;
+            padding: 20px;
+            border-radius: 8px;
+            margin-bottom: 20px;
+        }
+        .details-section h2 {
+            color: #333;
+            margin-bottom: 15px;
+            font-size: 20px;
+        }
+        .detail-row {
+            display: flex;
+            justify-content: space-between;
+            padding: 10px 0;
+            border-bottom: 1px solid #ddd;
+        }
+        .detail-row:last-child {
+            border-bottom: none;
+        }
+        .detail-label {
+            font-weight: 600;
+            color: #555;
+        }
+        .detail-value {
+            color: #333;
+            text-align: right;
+        }
+        table {
+            width: 100%;
+            border-collapse: collapse;
+            margin-top: 15px;
+        }
+        th,
+        td {
+            padding: 12px;
+            text-align: left;
+            border-bottom: 1px solid #ddd;
+        }
+        th {
+            background-color: #667eea;
+            color: white;
+            font-weight: 600;
+        }
+        .amount {
+            text-align: right;
+            font-family: 'Courier New', monospace;
+        }
+        .total-row {
+            font-weight: bold;
+            background-color: #f0f0f0;
+        }
+        .btn {
+            display: inline-block;
+            padding: 12px 30px;
+            border: none;
+            border-radius: 6px;
+            font-size: 16px;
+            font-weight: 600;
+            cursor: pointer;
+            text-decoration: none;
+            transition: all 0.3s;
+            text-align: center;
+        }
+        .btn-primary {
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            color: white;
+        }
+        .btn-primary:hover {
+            transform: translateY(-2px);
+            box-shadow: 0 5px 15px rgba(102, 126, 234, 0.4);
+        }
+        .actions {
+            text-align: center;
+            margin-top: 30px;
+        }
+        .highlight {
+            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+            color: white;
+            padding: 15px;
+            border-radius: 8px;
+            margin-bottom: 20px;
+        }
+        .highlight p {
+            margin: 5px 0;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <?php if ($success): ?>
+            <div class="success-icon">✓</div>
+            <h1>Payment Processed Successfully!</h1>
+            <p class="message"><?php echo htmlspecialchars($message); ?></p>
+            <div class="highlight">
+                <p><strong>Student:</strong> <?php echo htmlspecialchars($studentName); ?></p>
+                <p><strong>Receipt No:</strong> <?php echo htmlspecialchars($paymentDetails['receipt_no']); ?></p>
+                <p><strong>Transaction ID:</strong> <?php echo htmlspecialchars($paymentDetails['transaction_id']); ?></p>
+            </div>
+            <div class="details-section">
+                <h2>Payment Details</h2>
+                <div class="detail-row">
+                    <span class="detail-label">Payment Date:</span>
+                    <span class="detail-value"><?php echo htmlspecialchars($paymentDetails['payment_date']); ?></span>
+                </div>
+                <div class="detail-row">
+                    <span class="detail-label">Teller Number:</span>
+                    <span class="detail-value"><?php echo htmlspecialchars($paymentDetails['teller_no']); ?></span>
+                </div>
+                <div class="detail-row">
+                    <span class="detail-label">Bank Narration:</span>
+                    <span class="detail-value"><?php echo htmlspecialchars($paymentDetails['teller_name']); ?></span>
+                </div>
+                <div class="detail-row">
+                    <span class="detail-label">Total Amount Used:</span>
+                    <span class="detail-value">₦<?php echo number_format($paymentDetails['total_paid'], 2); ?></span>
+                </div>
+                <div class="detail-row">
+                    <span class="detail-label">Remaining Unreconciled on Teller:</span>
+                    <span
+                        class="detail-value">₦<?php echo number_format($paymentDetails['remaining_unreconciled'], 2); ?></span>
+                </div>
+            </div>
+            <div class="details-section">
+                <h2>Fees Settled</h2>
+                <table>
+                    <thead>
+                        <tr>
+                            <th>Fee Description</th>
+                            <th width="100">Session</th>
+                            <th width="80">Term</th>
+                            <th width="120" class="amount">Amount Paid</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        <?php foreach ($paymentDetails['allocations'] as $allocation): ?>
+                            <tr>
+                                <td><?php echo htmlspecialchars($allocation['description']); ?></td>
+                                <td><?php echo htmlspecialchars($allocation['academic_session']); ?></td>
+                                <td><?php echo htmlspecialchars($allocation['term_of_session']); ?></td>
+                                <td class="amount">₦<?php echo number_format($allocation['amount'], 2); ?></td>
+                            </tr>
+                        <?php endforeach; ?>
+                        <tr class="total-row">
+                            <td colspan="3" style="text-align: right;">Total:</td>
+                            <td class="amount">₦<?php echo number_format($paymentDetails['total_paid'], 2); ?></td>
+                        </tr>
+                    </tbody>
+                </table>
+            </div>
+        <?php else: ?>
+            <div class="error-icon">✗</div>
+            <h1>Payment Processing Failed</h1>
+            <p class="message" style="color: #dc3545;"><?php echo htmlspecialchars($message); ?></p>
+            <div class="details-section">
+                <h2>Error Details</h2>
+                <p>The payment could not be processed. No changes were made to the database.</p>
+                <p style="margin-top: 10px;"><strong>Error:</strong> <?php echo htmlspecialchars($message); ?></p>
+            </div>
+        <?php endif; ?>
+        <div class="actions">
+            <a href="index.php" class="btn btn-primary">Return to Main Page</a>
+            <?php if ($success && !empty($paymentDetails['receipt_no'])): ?>
+                <a href="download_receipt.php?receipt_no=<?php echo urlencode($paymentDetails['receipt_no']); ?>"
+                    class="btn btn-primary" style="background: #28a745; margin-left: 10px;">Download Receipt</a>
+            <?php endif; ?>
+        </div>
+    </div>
+</body>
+</html>