HEX
Server: Apache
System: Linux 136-243-153-58.cprapid.com 4.18.0-553.81.1.el8_10.x86_64 #1 SMP Mon Oct 27 11:29:19 EDT 2025 x86_64
User: mytest (1001)
PHP: 8.2.30
Disabled: exec,passthru,shell_exec,system
$ pwd: /home/mytest/.trash/
Upload Files
File: /home/mytest/.trash/check-api-key.php.21
<?php
header('Content-Type: text/plain');

echo "=== API KEY CHECK ===\n\n";

require_once __DIR__ . '/config.php';
require_once __DIR__ . '/database/Database.php';
require_once __DIR__ . '/api/services/BookingManagerService.php';

// Method 1: Check from database directly
echo "Method 1: Direct Database Query\n";
echo "================================\n";
$db = Database::getInstance();
$result = $db->query("SELECT setting_value FROM settings WHERE setting_key = 'booking_manager_api_key'");
$row = $result->fetchArray(SQLITE3_ASSOC);

if ($row) {
    $dbKey = $row['setting_value'];
    echo "✅ API key found in database\n";
    echo "Length: " . strlen($dbKey) . " characters\n";
    echo "First 20 chars: " . substr($dbKey, 0, 20) . "...\n";
    echo "Last 20 chars: ..." . substr($dbKey, -20) . "\n\n";
} else {
    echo "❌ No API key in database!\n\n";
    exit;
}

// Method 2: Check what BookingManagerService loads
echo "Method 2: BookingManagerService\n";
echo "================================\n";

// Use reflection to get the private apiKey property
$bm = new BookingManagerService();
$reflection = new ReflectionClass($bm);
$property = $reflection->getProperty('apiKey');
$property->setAccessible(true);
$bmKey = $property->getValue($bm);

echo "Length: " . strlen($bmKey) . " characters\n";
echo "First 20 chars: " . substr($bmKey, 0, 20) . "...\n";
echo "Last 20 chars: ..." . substr($bmKey, -20) . "\n\n";

// Compare
if ($dbKey === $bmKey) {
    echo "✅ Keys match!\n\n";
} else {
    echo "❌ KEYS DO NOT MATCH!\n";
    echo "Database key length: " . strlen($dbKey) . "\n";
    echo "BM Service key length: " . strlen($bmKey) . "\n";
    echo "Difference: " . (strlen($dbKey) - strlen($bmKey)) . " characters\n\n";
}

// Expected key
$expectedKey = "1d40-2e6fd6f2efe772cf331d6b748aa2f2e5ada768f4a9ff1c176e457c26dfb05eb806b2d0eab200e3a1a6e49aebf9074d84347878823b4808faa1bd281b5db5f9fe";

echo "Method 3: Compare with Expected Key\n";
echo "====================================\n";
echo "Expected length: " . strlen($expectedKey) . " characters\n";
echo "Database length: " . strlen($dbKey) . " characters\n";

if ($dbKey === $expectedKey) {
    echo "✅ Database key matches expected!\n\n";
} else {
    echo "❌ Database key DIFFERENT from expected\n";
    if (strlen($dbKey) !== strlen($expectedKey)) {
        echo "Length mismatch: DB has " . strlen($dbKey) . ", expected " . strlen($expectedKey) . "\n";
    }
    
    // Character by character comparison
    $maxLen = max(strlen($dbKey), strlen($expectedKey));
    for ($i = 0; $i < $maxLen; $i++) {
        $dbChar = isset($dbKey[$i]) ? $dbKey[$i] : '[END]';
        $expChar = isset($expectedKey[$i]) ? $expectedKey[$i] : '[END]';
        if ($dbChar !== $expChar) {
            echo "First difference at position $i: DB='$dbChar' Expected='$expChar'\n";
            break;
        }
    }
    echo "\n";
}

// Test the API
echo "Method 4: Test API Call\n";
echo "=======================\n";
$testUrl = "https://www.booking-manager.com/api/v2/offers?dateFrom=2026-05-23T00:00:00&dateTo=2026-05-30T00:00:00&companyId=7850&tripDuration=7";

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $testUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'Authorization: ' . $bmKey,
    'Accept: application/json',
    'Content-Type: application/json'
]);

$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

echo "HTTP Code: $httpCode\n";

if ($httpCode == 200) {
    $data = json_decode($response, true);
    echo "✅ API works! Returned " . count($data) . " offers\n";
} elseif ($httpCode == 401) {
    echo "❌ API returns 401 - Authorization header incorrect\n";
    echo "This means the key being sent is wrong\n";
} else {
    echo "⚠️  Unexpected HTTP code\n";
    echo "Response: " . substr($response, 0, 200) . "\n";
}

echo "\n=== SUMMARY ===\n";
if ($dbKey === $expectedKey && $httpCode == 200) {
    echo "✅ Everything correct - API should work\n";
    echo "If search still fails, check browser console for exact error\n";
} else {
    if ($dbKey !== $expectedKey) {
        echo "❌ API key in database is wrong\n";
        echo "Update it with the correct key!\n";
    }
    if ($httpCode == 401) {
        echo "❌ API rejects the key\n";
        echo "Check Authorization header format\n";
    }
}
?>
@ Telegram