<?php declare(strict_types=1); session_start(); /* ---------- CORS ---------- */ header('Content-Type: application/json; charset=utf-8'); header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: POST, GET, OPTIONS'); header('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, X-Session-Id, X-Username'); if (($_SERVER['REQUEST_METHOD'] ?? '') === 'OPTIONS') { http_response_code(204); exit; } /* ---------- Helpers ---------- */ function jerr(string $msg, array $debug = []): void { http_response_code(200); echo json_encode(['error' => $msg, 'debug' => $debug], JSON_UNESCAPED_SLASHES); exit; } function cut(string $s, int $n = 800): string { return function_exists('mb_substr') ? mb_substr($s, 0, $n) : substr($s, 0, $n); } function load_keys_from_file(?string $path): array { if (!$path || !is_file($path)) return []; $cfg = include $path; return is_array($cfg) ? $cfg : []; } function read_json_body(): array { $raw = file_get_contents('php://input'); if ($raw === false || $raw === '') return []; $data = json_decode($raw, true); if (json_last_error() !== JSON_ERROR_NONE) { jerr('Invalid JSON body: '.json_last_error_msg(), ['raw' => cut($raw, 300)]); } return is_array($data) ? $data : []; } /* ---------- Load API keys ---------- */ $cfg = []; $try1 = realpath(__DIR__ . '/../keys/keys.php'); $try2 = realpath(__DIR__ . '/keys/keys.php'); if (!$cfg) $cfg = load_keys_from_file($try1); if (!$cfg) $cfg = load_keys_from_file($try2); $DEEPSEEK_API_KEY = getenv('DEEPSEEK_API_KEY') ?: ($cfg['DEEPSEEK_API_KEY'] ?? ''); $OPENAI_API_KEY = getenv('OPENAI_API_KEY') ?: ($cfg['OPENAI_API_KEY'] ?? ''); $XAI_API_KEY = getenv('XAI_API_KEY') ?: ($cfg['XAI_API_KEY'] ?? ''); /* ---------- DB Connection ---------- */ $cfgPath = realpath(__DIR__ . '/root/core/db_config.php'); if (!$cfgPath || !is_file($cfgPath)) { $alt = realpath(__DIR__ . '/../root/core/db_config.php'); if ($alt && is_file($alt)) { $cfgPath = $alt; } } if ($cfgPath && is_file($cfgPath)) { require_once $cfgPath; // defines getDB() } $pdo = function_exists('getDB') ? getDB() : null; /* ---------- Settings ---------- */ $ENABLE_HISTORY = true; $MAX_HISTORY_MESSAGES = 12; $TIMEOUT_SECONDS = 120; /* ---------- Pricing ---------- */ const MODEL_PRICING = [ 'deepseek-chat' => ['in'=>0.27, 'out'=>1.10], 'deepseek-reasoner' => ['in'=>0.55, 'out'=>2.19], 'gpt-4o' => ['in'=>2.50, 'out'=>10.00], 'gpt-4o-mini' => ['in'=>0.15, 'out'=>0.60], 'gpt-5' => ['in'=>1.25, 'out'=>10.00], 'gpt-5-mini' => ['in'=>0.25, 'out'=>2.00], 'gpt-5-nano' => ['in'=>0.05, 'out'=>0.40], 'gpt-5-pro' => ['in'=>2.50, 'out'=>15.00], 'grok-3' => ['in'=>3.00, 'out'=>15.00], 'grok-3-mini' => ['in'=>0.30, 'out'=>0.50], 'grok-code-fast-1' => ['in'=>0.20, 'out'=>1.50], ]; function estimate_cost(string $model, int $inTok, int $outTok): float { $p = MODEL_PRICING[$model] ?? null; if (!$p) return 0.0; $costIn = ($inTok / 1_000_000.0) * $p['in']; $costOut = ($outTok / 1_000_000.0) * $p['out']; return $costIn + $costOut; } /* ---------- Optional: usage summary ---------- */ $action = $_GET['action'] ?? ''; if ($action === 'get_usage_summary') { if (!$pdo) jerr('DB not configured'); $username = $_SERVER['HTTP_X_USERNAME'] ?? ($_SESSION['username'] ?? null); if (!$username) jerr('Missing username header'); try { $sum = $pdo->prepare(" SELECT COALESCE(SUM(total_cost_est),0) AS total_cost, COALESCE(SUM(input_tokens),0) AS total_in, COALESCE(SUM(output_tokens),0) AS total_out, COUNT(*) AS calls FROM ai_usage WHERE username = :u "); $sum->execute([':u' => $username]); $summary = $sum->fetch() ?: ['total_cost'=>0,'total_in'=>0,'total_out'=>0,'calls'=>0]; $by = $pdo->prepare(" SELECT model, COUNT(*) AS calls, SUM(input_tokens) AS total_in, SUM(output_tokens) AS total_out, ROUND(SUM(total_cost_est),6) AS total_cost FROM ai_usage WHERE username = :u GROUP BY model ORDER BY total_cost DESC "); $by->execute([':u' => $username]); $byModel = $by->fetchAll(); echo json_encode(['ok'=>true,'summary'=>$summary,'byModel'=>$byModel], JSON_UNESCAPED_SLASHES); exit; } catch (Throwable $e) { jerr('DB query failed', ['err'=>$e->getMessage()]); } } /* ---------- Optional: submit client stats ---------- */ if ($action === 'submit_client_stats') { if (!$pdo) jerr('DB not configured'); $body = read_json_body(); $username = $_SERVER['HTTP_X_USERNAME'] ?? ($_SESSION['username'] ?? 'guest'); $sessionId = (string)($body['sessionId'] ?? ''); $model = (string)($body['model'] ?? ''); $provider = (string)($body['provider'] ?? ''); $latencyMs = (int)($body['latencyMs'] ?? 0); $inputChars = (int)($body['inputChars'] ?? 0); $outputChars= (int)($body['outputChars'] ?? 0); $promptTok = (int)($body['promptTokens'] ?? 0); $compTok = (int)($body['completionTokens'] ?? 0); $totalTok = (int)($body['totalTokens'] ?? 0); $ok = (bool)($body['ok'] ?? true); $userAgent = $_SERVER['HTTP_USER_AGENT'] ?? ''; $extra = $body['extra'] ?? null; try { $stmt = $pdo->prepare(" INSERT INTO ai_client_stats (username, session_id, model, provider, latency_ms, input_chars, output_chars, prompt_tokens, completion_tokens, total_tokens, ok, user_agent, extra_json, created_at) VALUES (:u, :sid, :m, :p, :lat, :in_c, :out_c, :pt, :ct, :tt, :ok, :ua, :extra, NOW()) "); $stmt->execute([ ':u' => $username, ':sid' => $sessionId, ':m' => $model, ':p' => $provider, ':lat' => $latencyMs, ':in_c' => $inputChars, ':out_c' => $outputChars, ':pt' => $promptTok, ':ct' => $compTok, ':tt' => $totalTok, ':ok' => $ok ? 1 : 0, ':ua' => $userAgent, ':extra' => $extra ? json_encode($extra, JSON_UNESCAPED_SLASHES) : null, ]); echo json_encode(['ok' => true], JSON_UNESCAPED_SLASHES); exit; } catch (Throwable $e) { jerr('Stats insert failed', ['err' => $e->getMessage()]); } } /* ---------- Normal Chat Completion ---------- */ $req = read_json_body(); if (!$req && !empty($_POST)) $req = $_POST; $question = trim((string)($req['question'] ?? '')); $model = (string)($req['model'] ?? 'deepseek-chat'); $maxTokens = (int)($req['maxTokens'] ?? 800); $temperature = (float)($req['temperature'] ?? 0.7); $system = (string)($req['system'] ?? "You are a helpful assistant."); if ($question === '') jerr('Please enter a question.'); /* Provider */ if (str_starts_with($model, 'deepseek')) { $provider = 'deepseek'; $api_url = 'https://api.deepseek.com/chat/completions'; $api_key = $DEEPSEEK_API_KEY; if ($api_key === '') jerr('Missing DeepSeek API key.'); } elseif (preg_match('/^grok[-_]/i', $model)) { $provider = 'xai'; $api_url = 'https://api.x.ai/v1/chat/completions'; $api_key = $XAI_API_KEY; if ($api_key === '') jerr('Missing xAI API key.'); } else { $provider = 'openai'; $api_url = 'https://api.openai.com/v1/chat/completions'; $api_key = $OPENAI_API_KEY; if ($api_key === '') jerr('Missing OpenAI API key.'); } /* History */ $sessionId = (string)($req['sessionId'] ?? ($_SERVER['HTTP_X_SESSION_ID'] ?? 'default')); if ($sessionId === '') $sessionId = 'default'; $_SESSION['chat_log_map'] = $_SESSION['chat_log_map'] ?? []; $history = $_SESSION['chat_log_map'][$sessionId] ?? []; $messages = [['role' => 'system', 'content' => $system]]; foreach (array_slice($history, -$MAX_HISTORY_MESSAGES) as $m) { $messages[] = ['role'=>$m['role'],'content'=>$m['content']]; } $messages[] = ['role'=>'user','content'=>$question]; /* Payload */ $payload = ['model'=>$model,'messages'=>$messages,'max_tokens'=>$maxTokens,'temperature'=>$temperature]; /* API Call */ $ch = curl_init($api_url); curl_setopt_array($ch, [ CURLOPT_POST => true, CURLOPT_HTTPHEADER => [ 'Content-Type: application/json', 'Authorization: Bearer '.$api_key, ], CURLOPT_POSTFIELDS => json_encode($payload, JSON_UNESCAPED_SLASHES), CURLOPT_RETURNTRANSFER => true, CURLOPT_TIMEOUT => $TIMEOUT_SECONDS, ]); $raw = curl_exec($ch); $http = (int)curl_getinfo($ch, CURLINFO_HTTP_CODE); $cerr = curl_error($ch); curl_close($ch); if ($cerr) jerr('cURL error: '.$cerr); if ($http < 200 || $http >= 300) jerr("Upstream HTTP $http", ['resp'=>cut((string)$raw,800)]); $json = json_decode((string)$raw, true); if (json_last_error() !== JSON_ERROR_NONE) jerr('Invalid JSON from upstream'); $answer = $json['choices'][0]['message']['content'] ?? '(no content)'; $usage = $json['usage'] ?? null; /* Save to session */ $_SESSION['chat_log_map'][$sessionId][] = ['role'=>'user','content'=>$question]; $_SESSION['chat_log_map'][$sessionId][] = ['role'=>'assistant','content'=>$answer]; /* Save to DB */ if ($pdo && $usage) { $username = $_SERVER['HTTP_X_USERNAME'] ?? ($_SESSION['username'] ?? 'guest'); $inTok = (int)($usage['prompt_tokens'] ?? 0); $outTok = (int)($usage['completion_tokens'] ?? 0); $cost = estimate_cost($model, $inTok, $outTok); try { $stmt = $pdo->prepare(" INSERT INTO ai_usage (username, session_id, model, provider, input_tokens, output_tokens, total_cost_est) VALUES (:u,:sid,:m,:p,:inTok,:outTok,:cost) "); $stmt->execute([':u'=>$username,':sid'=>$sessionId,':m'=>$model,':p'=>$provider,':inTok'=>$inTok,':outTok'=>$outTok,':cost'=>$cost]); } catch (Throwable $e) { error_log('Usage insert failed: '.$e->getMessage()); } } /* Output */ echo json_encode([ 'success'=>true, 'provider'=>$provider, 'model'=>$model, 'answer'=>$answer, 'usage'=>$usage, 'sessionId'=>$sessionId ], JSON_UNESCAPED_SLASHES); exit;