fix: handle missing sign parameter in EPay notify callback

[onesyue]

Summary

• PHP 8 throws ErrorException: Undefined array key "sign" when accessing $params['sign'] on an empty/incomplete POST body
• When the payment callback POST body is lost through CDN/proxy layers (e.g., Cloudflare forwarding, reverse proxy misconfiguration), $request->input() returns an empty array
• This causes a 500 error response, and the payment gateway interprets it as a failure and retries indefinitely
• Fix: use null coalescing operator (??) and return false early to gracefully reject invalid callbacks

Changes

plugins/Epay/Plugin.php line 82:

// Before
$sign = $params['sign'];

// After
$sign = $params['sign'] ?? null;
if (!$sign) return false;

Test plan

• Verify normal EPay payment callback still works (sign present and valid)
• Verify callback with empty POST body returns false instead of 500
• Verify callback with missing sign key returns false instead of throwing exception

🤖 Generated with Claude Code

[onesyue]

@cedar2025 友情提醒此 PR 已开了 11 天，恳请审查 🙏

EPay 回调中 $params['sign'] 在某些异常请求（badly-formed POST、爬虫扫探、特定支付平台测试请求）下可能不存在，导致 PHP 抛 undefined index warning 同时 sign 比对走空字符串路径，进而：

1. 错误日志被刷屏
2. 真实回调可能被误判
3. 在某些 PHP 配置下直接 500

修复非常小（2 行）：

- $sign = $params['sign'];
+ $sign = $params['sign'] ?? null;
+ if (!$sign) return false;

向后兼容，不改变正常回调行为。