403WebShell

403Webshell

Server IP : 172.64.80.1 / Your IP : 172.70.50.62
Web Server : Apache
System : Linux mail.federalpolyede.edu.ng 5.10.0-32-amd64 #1 SMP Debian 5.10.223-1 (2024-08-10) x86_64
User : federalpolyede.edu.ng_idh35skikv ( 10000)
PHP Version : 7.4.33
Disable Function : opcache_get_status
MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF
Directory : /var/www/vhosts/federalpolyede.edu.ng/httpdocs_backup/admin_student/

Upload File :

[ Back ]

Current File : /var/www/vhosts/federalpolyede.edu.ng/httpdocs_backup/admin_student/processpayment.php

<?php 
if(session_id() == '') {
    session_start();
}
$id=$_SESSION['sn'];
$paymentType=$_SESSION['ptype'];
include 'remita_constants.php';
$amount = $_POST["amt"];
$timesammp=DATE("dmyHis");		
//$orderID = $timesammp;
$orderID="2024".mt_rand(1000, 9999).$id;
$payerName = $_POST["payerName"];
$payerEmail = $_POST["payerEmail"];
$payerPhone = $_POST["payerPhone"];
$responseurl = PATH . "/new-receipt-page.php";
if ( $paymentType=="Acceptance Fee") 
{
	$servicetypeId = SERVICETYPEID_ACCEPTANCEFEES;
	 
	}else{
		$servicetypeId = SERVICETYPEID_SCHOOLFEES;
		}

$concatString = MERCHANTID . $servicetypeId . $orderID . $amount . $responseurl . APIKEY;
$hash = hash('sha512', $concatString);
$paymenttype = $_POST["paymenttype"];
$formNo=$_SESSION['matNo'];
//$paymentType='Acceptance Fee';

?>
<html>
<p>You will be redirected to Remita in few seconds.......</p>

<form action="<?php echo GATEWAYURL; ?>" id="remita_form" name="remita_form" method="POST">
<input id="merchantId" name="merchantId" value="<?php echo MERCHANTID; ?>" type="hidden"/>
<input id="serviceTypeId" name="serviceTypeId" value="<?php echo $servicetypeId; ?>" type="hidden"/>
<input id="amt" name="amt" value="<?php echo $amount; ?>" type="hidden"/>
<input id="responseurl" name="responseurl" value="<?php echo $responseurl; ?>" type="hidden"/>
<input id="hash" name="hash" value="<?php echo $hash; ?>" type="hidden"/>
<input id="payerName" name="payerName" value="<?php echo $payerName; ?>" type="hidden"/>
<input id="paymenttype" name="paymenttype" value="<?php echo $paymenttype; ?>" type="hidden"/>
<input id="payerEmail" name="payerEmail" value="<?php echo $payerEmail; ?>" type="hidden"/>
<input id="payerPhone" name="payerPhone" value="<?php echo $payerPhone; ?>" type="hidden"/>
<input id="orderId" name="orderId" value="<?php echo $orderID; ?>" type="hidden"/>
</form>
<?php
require('../connect.php');
$db=db_connect();
//require('../filetoU/logFile.php');
//$logD='OrderID: '.$orderID.' PaymentType: '.$paymentType;
//logDetail($formNo,$logD);
		 $ip2=$_SERVER['HTTP_X_FORWARDED_FOR'];
		 $ip1=$_SERVER['REMOTE_ADDR'];
$db->query("INSERT INTO `fedpoly`.`remitaorder` (`sn`, `orderID`, `remitaRRR`, `transDate`, `transStatus`, `regNo`, `transDetail`, `amtPaid`, `paymentType`, `transApproved`,`clientIP`,`clientProxy`,`pay_session`) VALUES (NULL, '$orderID', '0', '0', '-1', '$formNo', 'Not Yet Approved', '$amount', '$paymentType', 'False','$ip1','$ip2','2024/2025')");


$db->query("UPDATE `fedpoly`.`admitted` SET `email` = '$payerEmail',`gsm` = '$payerPhone' WHERE `admitted`.`formNo` = '$formNo'");


?>
<script type="text/javascript">document.getElementById("remita_form").submit();</script>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit