# 🤖 MFA Hydra Bot - Complete Telegram Ecommerce Bot **PHP-based Telegram Bot** for Hostinger Shared Hosting with AI Support, Ecommerce, Reseller System, Admin Panel, and Auto-Delivery. --- ## ✅ Features | Feature | Status | |---------|--------| | 🤖 AI Customer Support (Gemini API) | ✅ Working | | 🛍️ Product Catalog with Categories | ✅ Working | | 🛒 Order Management & UPI Payments | ✅ Working | | 📸 Payment Screenshot Upload | ✅ Working | | 📦 Auto-Delivery System | ✅ Working | | 💼 Reseller Program with Commissions | ✅ Working | | 🔗 Referral System | ✅ Working | | 🎫 Support Ticket System | ✅ Working | | 📢 Broadcast Messaging | ✅ Working | | 🔐 Web Admin Panel | ✅ Working | | 📊 Analytics & Charts | ✅ Working | | 🚫 Ban/Unban Users | ✅ Working | --- ## 📁 Project Structure ``` mfahydrabot/ ├── .htaccess # Security rules ├── config.php # Main configuration ├── database.sql # MySQL database schema ├── webhook/ │ ├── bot.php # Main Telegram webhook handler │ └── .htaccess # Webhook security ├── includes/ │ ├── Database.php # MySQL wrapper class │ ├── Telegram.php # Telegram API wrapper │ ├── GeminiAI.php # Google Gemini AI integration │ └── Helpers.php # Utility functions ├── admin/ │ ├── login.php # Admin login page │ ├── dashboard.php # Main dashboard with charts │ ├── orders.php # Order management │ ├── users.php # User management │ ├── products.php # Product CRUD │ ├── tickets.php # Support tickets │ ├── resellers.php # Reseller management │ ├── broadcast.php # Mass messaging │ ├── settings.php # Bot configuration │ └── logout.php # Admin logout ├── assets/ # CSS/JS/Images └── logs/ # Error logs ``` --- ## 🚀 Deployment Guide (Hostinger Shared Hosting) ### Step 1: Upload Files 1. **Download this ZIP file** and extract it 2. **Upload all files** to your Hostinger public_html folder (or subdomain folder) - Use File Manager or FTP - Upload to: `public_html/bot/` or subdomain like `bot.yourdomain.com/` ### Step 2: Create MySQL Database 1. Go to **Hostinger hPanel** → **Databases** → **MySQL Databases** 2. Create a new database: - Database name: `u123456789_mfahydrabot` (your prefix will differ) - Username: `u123456789_user` - Password: Generate strong password 3. **Import database.sql** using phpMyAdmin - Open phpMyAdmin → Select your database → Import tab → Choose `database.sql` ### Step 3: Update Configuration Edit `config.php` with your details: ```php // BOT TOKEN (from @BotFather) define('BOT_TOKEN', '8650727484:AAE1cN0DevRdsRXAq2i-nKSB6XvaxTpsG8I'); // DATABASE (from Hostinger) define('DB_HOST', 'localhost'); define('DB_NAME', 'u123456789_mfahydrabot'); define('DB_USER', 'u123456789_user'); define('DB_PASS', 'your_db_password'); // GEMINI AI KEY (from Google AI Studio) define('GEMINI_API_KEY', 'YOUR_GEMINI_API_KEY'); // YOUR TELEGRAM ID (get from @userinfobot) define('ADMIN_TELEGRAM_ID', '917038146526'); // WEBHOOK URL (after upload, see Step 4) define('WEBHOOK_URL', 'https://bot.yourdomain.com/webhook/bot.php'); // UPI ID for payments define('UPI_ID', 'yourupi@upi'); ``` ### Step 4: Set Webhook **Option A - Automatic (Recommended):** 1. Visit: `https://yourdomain.com/webhook/bot.php?setup=1` 2. You should see: "✅ Webhook set successfully!" **Option B - Manual (via Browser):** Visit this URL in your browser: ``` https://api.telegram.org/bot8650727484:AAE1cN0DevRdsRXAq2i-nKSB6XvaxTpsG8I/setWebhook?url=https://yourdomain.com/webhook/bot.php ``` **Verify Webhook:** ``` https://api.telegram.org/bot8650727484:AAE1cN0DevRdsRXAq2i-nKSB6XvaxTpsG8I/getWebhookInfo ``` ### Step 5: Set Yourself as Admin 1. Start the bot: `https://t.me/mfahydrabot` 2. Send `/start` to the bot 3. In phpMyAdmin, run this SQL: ```sql UPDATE users SET is_admin = 1 WHERE telegram_id = YOUR_TELEGRAM_ID; ``` ### Step 6: Access Admin Panel 1. Visit: `https://yourdomain.com/admin/` 2. Login with default credentials: - **Username:** `admin` - **Password:** `admin123` 3. **Immediately change password** in Settings page! --- ## 🔑 Getting API Keys ### Gemini AI Key 1. Go to [Google AI Studio](https://aistudio.google.com/app/apikey) 2. Click "Create API Key" 3. Copy and paste in `config.php` ### Telegram Bot Token Already provided: `8650727484:AAE1cN0DevRdsRXAq2i-nKSB6XvaxTpsG8I` **⚠️ IMPORTANT: This token was shared publicly. Revoke it immediately via @BotFather and get a new one!** ### Your Telegram ID 1. Message [@userinfobot](https://t.me/userinfobot) 2. It will reply with your numeric ID --- ## 🛠️ Bot Commands | Command | Description | Who Can Use | |---------|-------------|-------------| | `/start` | Start the bot, show welcome menu | Everyone | | `/help` | Show all available commands | Everyone | | `/products` | Browse product catalog | Everyone | | `/orders` | View my orders | Everyone | | `/support` | Contact support | Everyone | | `/balance` | Check wallet & stats | Everyone | | `/referral` | Get referral link | Everyone | | `/reseller` | Reseller dashboard | Everyone | | `/admin` | Admin panel | Admin Only | | `/stats` | Bot statistics | Admin Only | | `/users` | User list | Admin Only | | `/broadcast` | Send mass message | Admin Only | --- ## 💰 Payment Flow 1. User clicks **"Buy Now"** on a product 2. Bot shows UPI ID and order amount 3. User pays via UPI app (Google Pay, PhonePe, Paytm) 4. User **sends payment screenshot** to bot 5. Admin receives screenshot with **"Confirm Payment"** button 6. Admin clicks confirm → Auto-delivery happens instantly 7. User receives account credentials via bot --- ## 🤝 Reseller System 1. User clicks **"Reseller Program"** → **"Become Reseller"** 2. Bot generates unique referral code 3. User shares link: `https://t.me/mfahydrabot?start=CODE` 4. When someone joins & buys, reseller earns **15% commission** 5. Reseller tracks earnings in dashboard 6. Withdraw via WhatsApp when reaching ₹500 --- ## 🎫 Support Ticket System 1. User clicks **"Support"** → **"Create Ticket"** 2. User describes issue (can include Order ID) 3. Admin sees ticket in Admin Panel → Tickets 4. Admin can resolve or message user directly on Telegram --- ## 📢 Broadcast Messaging 1. Go to Admin Panel → Broadcast 2. Type message (HTML formatting supported) 3. Click "Send Broadcast" 4. Message goes to ALL active users in batches 5. View delivery stats in history --- ## 🔐 Security Features - `.htaccess` blocks access to sensitive files - Rate limiting (30 requests/minute per user) - Admin authentication required for panel - SQL injection protection (prepared statements) - XSS protection (htmlspecialchars) - User ban/unban system --- ## 📝 Important Notes ### ⚠️ CRITICAL - Secure Your Bot Token **The token in this project was shared in chat. Immediately:** 1. Go to [@BotFather](https://t.me/BotFather) 2. Send `/revoke` 3. Select your bot 4. Get new token 5. Update `config.php` ### Database - All tables use **utf8mb4** for emoji support - **InnoDB** engine for transactions - Foreign keys for data integrity ### Hosting Requirements - PHP 7.4+ (PHP 8.0+ recommended) - MySQL 5.7+ or MariaDB 10.3+ - cURL extension enabled - SSL certificate (for webhook) ### Performance - Bot uses **webhook** (instant) not polling - Batched broadcast (30 messages/batch) - Rate limiting prevents spam - Database connection pooling via singleton --- ## 🆘 Troubleshooting | Problem | Solution | |---------|----------| | Webhook not working | Check SSL, verify URL in browser | | Database connection error | Check DB credentials in config.php | | Bot not responding | Check error logs in /logs/ folder | | AI not working | Verify Gemini API key | | Admin panel 404 | Check .htaccess mod_rewrite enabled | | Payment screenshots not received | Check file upload limits in PHP | --- ## 📞 Support - **WhatsApp:** 917038146526 - **Telegram:** @teamhydrashops - **Website:** teamhydrashop.com --- **Built for Team Hydra Shop** 🚀 *AI-Powered Digital Product Store*