mikrotik-hotspot-paystack-full/
--------------------------------
Contains frontend pages to host in your MikroTik hotspot folder, and backend PHP files to place on your cPanel hosting (public_html/api/).

HOTSPOT (upload to MikroTik Files -> hotspot/):
  - index.html     -> signup + login page (router replaces %mac% and %ip%)
  - plans.html     -> plan selection + opens Paystack inline via backend

BACKEND (upload to cPanel public_html/api/):
  - db.php                 -> update DB credentials
  - signup.php             -> stores new user (status=pending)
  - login.php              -> verifies old users and triggers router auto-login
  - initiate_payment.php   -> initializes Paystack transaction (returns access_code)
  - paystack_webhook.php   -> Paystack webhook: verifies payment, creates hotspot user via RouterOS REST, updates DB

SQL:
  - schema.sql             -> SQL to create users and payments tables

PLEASE DO THE FOLLOWING BEFORE USE:
  1) Edit backend/db.php and set DB credentials.
  2) Edit backend/initiate_payment.php and backend/paystack_webhook.php; replace 'sk_test_YOUR_PAYSTACK_SECRET' with your Paystack secret key.
  3) Replace 'YOUR_ROUTER_PUBLIC_IP', 'apiuser' and 'apipassword' in paystack_webhook.php and login.php.
  4) Configure Paystack webhook URL to: https://yourdomain.com/api/paystack_webhook.php
  5) Add walled-garden entries on MikroTik for yourdomain.com and Paystack domains (js.paystack.co etc.).
  6) Ensure Router REST (www-ssl) is enabled and apiuser exists with minimal permissions.
  7) Test in Paystack sandbox first.

SECURITY NOTES:
  - Do NOT disable SSL verification in production. Use a valid TLS cert on your router (Let's Encrypt or similar).
  - Restrict Router REST access via firewall to only your cPanel IP.
  - Use strong apiuser password and rotate keys.

