403WebShell

403Webshell
Server IP : 172.64.80.1 / Your IP : 172.71.120.136
Web Server : Apache
System : Linux mail.federalpolyede.edu.ng 5.10.0-32-amd64 #1 SMP Debian 5.10.223-1 (2024-08-10) x86_64
User : federalpolyede.edu.ng_idh35skikv ( 10000)
PHP Version : 7.4.33
Disable Function : opcache_get_status
MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF
Directory : /var/www/vhosts/federalpolyede.edu.ng/httpdocs_backup/admin_student/
Upload File :
[ Back ]
Current File : /var/www/vhosts/federalpolyede.edu.ng/httpdocs_backup/admin_student/sample-receipt-page.php
<!-- 
@company - SystemSpecs
@product - Remita
@author - Oshadami Mike
-->
<?php
if(session_id() == '') {
    session_start();
}
$ptype=$_SESSION['ptype'];
$dept=$_SESSION['dept'];
 $matNo1=$_SESSION['transID'];

require 'remita_constants2.php';
$orderID = "";
if( isset( $_GET['orderID'] )) {
$orderID = $_GET["orderID"];
}
$response_code ="";
$rrr = "";
$response_message = "";
//Verify Transaction
function remita_transaction_details($orderId){
		$mert =  MERCHANTID;
		$api_key =  APIKEY;
		$concatString = $orderId . $api_key . $mert;
		$hash = hash('sha512', $concatString);
		$url 	= CHECKSTATUSURL . '/' . $mert  . '/' . $orderId . '/' . $hash . '/' . 'orderstatus.reg';
		//  Initiate curl
		$ch = curl_init();
		// Disable SSL verification
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
		// Will return the response, if false it print the response
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
		// Set the url
		curl_setopt($ch, CURLOPT_URL,$url);
		// Execute
		$result=curl_exec($ch);
		// Closing
		curl_close($ch);
		$response = json_decode($result, true);
		return $response;
	}
	if($orderID !=null){
		$response = remita_transaction_details($orderID);
		$response_code = $response['status'];
		if (isset($response['RRR']))
			{
			$rrr = $response['RRR'];
			}
		$response_message = $response['message'];
}
?>
<html>
<head>
<title></title>
</head>
<body>
<html>
<head>
    <title></title>
</head>
<body>
<table width="50%" align="center" cellpadding="3" cellspacing="5">
    <tr>
        <td align="center"><img src="../images/edebanner2.png" width="731" height="95"></td>
    </tr>
    <tr>
        <td><fieldset><legend>Payment Detail</legend>
                <div style="text-align: center;">



		<?php
        if($response_code == '01' || $response_code == '00') { ?>
		<h2>Transaction Successful</h2>



                    <p><b>Remita Retrieval Reference: </b><?php echo $rrr; ?><p>
                    <p><b>Transaction ID: </b><?php echo $orderID; ?><p>
                        <?php
                        $ptype=$_SESSION['formType'];
                        $dept=$_SESSION['dept'];

                        echo'   <a href="formPaymentReciept.php" target="_blank">Click Here to Print Payment Receipt</a>';

                        ?>
                        <?php
                        $transApproved='True';
                        $remitaRRR=$rrr;
                        $transDate=date('y/m/d h:i:s a');
                        $transStatus=$response_code;
                        $transDetail=$response_message;

                        }else if($response_code == '021') { ?>
						<h2>RRR Generated Successfully</h2>
						<p><b>Remita Retrieval Reference: </b><?php echo $rrr; ?><p>
                        <?php

                        $transApproved='False';
                        $remitaRRR=$rrr;
                        $transDate=date('y/m/d h:i:s a');
                        $transStatus=$response_code;
                        $transDetail=$response_message;
		 }	else{ ?>
						<h2>Your Transaction was not Successful</h2>
                    <?php
                    $transApproved='False';
                    $remitaRRR=$rrr;
                    $transDate=date('y/m/d h:i:s a');
                    $transStatus=$response_code;
                    $transDetail=$response_message;

						 if ($rrr !=null){ ?>
						 <p>Your Remita Retrieval Reference is <span><b><?php echo $rrr; ?></b></span><br />
						<?php } ?> 
						  <p><b>Reason: </b><?php echo $response_message; ?><p>
                        <?php
                        }
                       // echo "am here";
                        require_once('../connect.php');
                        $db=db_connect();
                        require('../filetoU/logFile.php');
                        $logD='Payment. OrderID: '.$orderID.' PaymentType: '.$ptype;
                        logDetail($matNo1,$logD);
                        // echo $transApproved;
                        //  echo $orderID;
                        $sql_remita=$db->query("UPDATE `fedpoly`.`remitaorderform` SET `remitaRRR` = '$remitaRRR',`transDate` = '$transDate',`transStatus` = '$transStatus',`transDetail` = '$transDetail',`transApproved` ='$transApproved' WHERE `remitaorderform`.`orderID` ='$orderID'");


                        /*	$mSQL="select * from realdataform";
                            $mResult=$db->query($mSQL);
                             $mNum=$mResult->rowCount();

                            if ($mNum>0){*/
                        //generation department code
                        //echo $response_code;
                        //     echo $ptype;

                        if($response_code == '01' || $response_code == '00') {
                            if ($dept < 10) {
                                $deptCode = '0' . $dept;
                            } else {
                                $deptCode = $dept;
                            }
                            //end department code generation

                            //generate Form type Code
                            if ($ptype == 'utmeForm') {
                                $formCode = '1';
                            } elseif ($ptype == 'hndForm') {
                                $formCode = '3';
                            } elseif ($ptype == 'preForm') {
                                $formCode = '5';
                            } elseif ($ptype == 'ptForm') {
                                $formCode = '4';
                            } elseif ($ptype == 'dptForm') {
                                $formCode = '2';
                            }
//echo $formCode;
                            //End of Form type Code

                            //generate serial Number

                            $matSQL = "select * from entrancetable where formNo<>''";
                            $matResult = $db->query($matSQL);
                            $matNum = $matResult->rowCount();
                            if ($matNum >=0) {
                                $realNo = $matNum + 1;
                                if ($realNo < 10) {
                                    $serialNo = '0000' . $realNo;
                                } elseif ($realNo < 100) {
                                    $serialNo = '000' . $realNo;
                                } elseif ($realNo < 1000) {
                                    $serialNo = '00' . $realNo;
                                } elseif ($realNo < 10000) {
                                    $serialNo = '0' . $realNo;
                                } else {
                                    $serialNo = $realNo;
                                }

//echo $serialNo;

                                $entranceUpdate = $db->query("select * from remitaorderform where orderID='$orderID'");
                                $entranceUpdate_fetch = $entranceUpdate->fetch(PDO::FETCH_BOTH);
                                $transCode = $entranceUpdate_fetch['regNo'];
                               // echo $matNo1.'kndkasdknsakdn';
                                if($transCode==$matNo1) {
                                   // echo "waitingggggg";
                                    $newMatNo = '16' . $formCode . $deptCode . $serialNo;
                                    //mysql_query("UPDATE `fedpoly`.`realdataform` SET `matNo` = '$newMatNo',`usernamea` = '$newMatNo',`passworda` = '$newMatNo',`fresher` = '10' WHERE `realdataform`.`formNo` ='$matNo'");
                                    $db->query("UPDATE `fedpoly`.`remitaorderform` SET `regNo` = '$newMatNo' WHERE `remitaorderform`.`orderID` ='$orderID'");
                                    $db->query("UPDATE `fedpoly`.`entrancetable` SET `formNo` = '$newMatNo' WHERE `entrancetable`.`transID` ='$transCode'");
                                    $_SESSION['matNo'] = $newMatNo;
                                    echo '<font color="#FF0000"><h2><br> Note: Your form Number is ' . $newMatNo . '</h2></font>';
                                }else{
                                    $matSQLa = "select * from entrancetable where transID='$matNo1'";
                                    $matResulta = $db->query($matSQLa);
                                    $matResulta_fetch = $matResulta->fetch(PDO::FETCH_BOTH);
                                    $_SESSION['matNo']=$newMatNo = $transCode;
                                    echo '<font color="#FF0000"><h2><br> Note: Your form Number is ' . $matResulta_fetch['formNo'] . '</h2></font>';
                                }
//end of generating serial number


                                //End of generation
                                echo"<div style=color: #ae2b2b>Kindly Write Down Your Details Before Proceed</div><br><a href=apply.php?user=".$matNo1 ."&formNo=".$newMatNo."><p>Click Here to Proceed</a>";

                            }
                            // end
                        }
                        ?>
                        <br><a href="../index.php" target="_blank">Back to Home Page</a>
                </div>
            </fieldset>
        </td>
    </tr>
</table>
</body>
</html>
Youez - 2016 - github.com/yon3zu
LinuXploit