403Webshell
Server IP : 172.64.80.1  /  Your IP : 172.70.127.136
Web Server : Apache
System : Linux mail.federalpolyede.edu.ng 5.10.0-32-amd64 #1 SMP Debian 5.10.223-1 (2024-08-10) x86_64
User : federalpolyede.edu.ng_idh35skikv ( 10000)
PHP Version : 7.4.33
Disable Function : opcache_get_status
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/vhosts/federalpolyede.edu.ng/httpdocs_backup/eace_entranceForm/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/vhosts/federalpolyede.edu.ng/httpdocs_backup/eace_entranceForm/reQuery.php
<?php
/**
 * Created by PhpStorm.
 * User: adisa
 * Date: 2016-05-07
 * Time: 05:57 PM
 */
ob_start();
session_start();
$matNo=$_SESSION['transID'];
?>

<?php

require 'remita_constants.php';
$orderID = "";
if( isset( $_GET['id'] )) {
    $orderID = $_GET['id'];
    $ptype=$_GET['ptype'];
}
$response_code ="";
$rrr = "";
$response_message = "";

//Verify Transaction
function remita_transaction_details($orderId){
    $mert =  MERCHANTID;
    $api_key =  APIKEY;
    $concatString = $orderId . $api_key . $mert;
    $hash = hash('sha512', $concatString);

    http://www.remitademo.net/remita/ecomm/merchantId/RRR/hash/RESPONSE_TYPE/status.reg
    $url 	= CHECKSTATUSURL . '/' . $mert  . '/' . $orderId . '/' . $hash . '/' . 'orderstatus.reg';
    //  Initiate curl

    $ch = curl_init();
    // Disable SSL verification
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    // Will return the response, if false it print the response
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    // Set the url
    curl_setopt($ch, CURLOPT_URL,$url);
    // Execute
    $result=curl_exec($ch);
    // Closing
    curl_close($ch);
    $result;
    $response = json_decode($result, true);
    return $response;
}

if($orderID !=null){

    $response = remita_transaction_details($orderID);
    $response_code = $response['status'];
    if (isset($response['RRR']))
    {
        $rrr = $response['RRR'];
    }
    $response_message = $response['message'];


    $transactiontime= $response['transactiontime'];
    $RRR= $response['RRR'];
    $status= $response['status'];
    $message= $response['message'];
//echo $response['Approved'];

    if (($status=='00') or ($status=='01')){
        $transA='True';
    }else{
        $transA='False';
    }

    require_once('../connect.php');
    require('../filetoU/logFile.php');
    $logD='Requerying.  OrderID: '.$orderID.' RRR: '.$RRR;
    logDetail($matNo,$logD);

    mysql_query("UPDATE `fedpoly`.`remitaorderForm` SET `remitaRRR` = '$RRR',`transDate` = '$transactiontime',`transStatus` = '$status',`transDetail` = '$message',`transApproved` = '$transA' WHERE `remitaorder`.`orderID` ='$orderID'");


//----------------------------------------------------------------------
    $pValue=mysql_num_rows(mysql_query("select orderID from remitaorderForm where orderID='$orderID' and transApproved='True' and paymenttype='School Fees'"));
//	if (($transApproved=='True') and ($ptype=='School Fees')){
    if ($pValue>0){

        $regNo=$_SESSION['transID'];
        $mSQL="select * from realdata where formNo='$regNo' and matNo='$regNo' and fresher='1'";
        $mResult=mysql_query($mSQL);
        $mNum=mysql_num_rows($mResult);

        if ($mNum>0){
            //generate prefix and sufix
            $deptID=$_SESSION['deptID'] ;
            $levelID=$_SESSION['levelID'] ;
            $prefixQ=mysql_query("select * from dept where sn='$deptID'");
            mysql_num_rows($prefixQ);
            if (mysql_num_rows($prefixQ)>0){
                if ($levelID=='1'){
                    $prefix=mysql_result($prefixQ,0,'nd');
                    $sufix='';
                }elseif($levelID=='3'){
                    $prefix=mysql_result($prefixQ,0,'hnd');
                    $sufix='';
                }elseif($levelID=='5'){
                    $prefix=mysql_result($prefixQ,0,'nd');
                    $sufix='PT';
                }elseif($levelID=='8'){
                    $prefix=mysql_result($prefixQ,0,'nd');
                    $sufix='DPT';
                }elseif($levelID=='10'){
                    $prefix=mysql_result($prefixQ,0,'nd');
                    $sufix='';
                }
            }
            //End of prefix and sufix
            //generate serial Number
            $matSQL="select * from realdata where fresher='10'";
            $matResult=mysql_query($matSQL);
            $matNum=mysql_num_rows($matResult);
            if ($matNum>0){
                $realNo=$matNum+1;
                if ($realNo<10){
                    $serialNo='20150000'.$realNo;
                }elseif($realNo<100){
                    $serialNo='2015000'.$realNo;
                }elseif($realNo<1000){
                    $serialNo='201500'.$realNo;
                }elseif($realNo<10000){
                    $serialNo='20150'.$realNo;
                }else{
                    $serialNo='2015'.$realNo;
                }
                $newMatNo=$prefix.$serialNo.$sufix;
                mysql_query("UPDATE `fedpoly`.`realdata` SET `matNo` = '$newMatNo',`usernamea` = '$newMatNo',`passworda` = '$newMatNo',`fresher` = '10' WHERE `realdata`.`formNo` ='$matNo'");
                mysql_query("UPDATE `fedpoly`.`remitaorder` SET `regNo` = '$newMatNo' WHERE `remitaorder`.`orderID` ='$orderID'");

                $_SESSION['matNo']=$newMatNo;
                echo '<font color="#FF0000"><h2><br> Note: Your Username and Password is now '.$newMatNo.'</h2></font>';
            }
        }
//end of generating serial number
    }else{

//=========================================================

        if (($transA=='True') and ($ptype=='Acceptance Fee')){

            $k=mysql_num_rows(mysql_query("select * from remitaorder where regNo='$matNo'and paymentType='Acceptance Fee' and transApproved='True'"));
            if ($k>0){
                $cardGet=mysql_query("select * from admitted where formNo='$matNo'");
                $numGet=mysql_num_rows($cardGet);
                if ($numGet>0){
                    $names=mysql_result($cardGet,0,'names');
                    $names=str_replossce("'","''",$names);
                    $course=mysql_result($cardGet,0,'course');
                    $levelID=mysql_result($cardGet,0,'levelID');
                    $address=mysql_result($cardGet,0,'address');
                    $state=mysql_result($cardGet,0,'state');
                    $lga=mysql_result($cardGet,0,'lga');
                    $email=mysql_result($cardGet,0,'email');
                    $gsm=mysql_result($cardGet,0,'gsm');
                    $ausername=mysql_result($cardGet,0,'formNo');
                    $apassword=mysql_result($cardGet,0,'formNo');
                    $mode=mysql_result($cardGet,0,'mode');
                    $dob=mysql_result($cardGet,0,'dob');
                    $sex=mysql_result($cardGet,0,'sex');

                    mysql_query("INSERT INTO `fedpoly`.`realdata` (`sn`, `formNo`, `matNo`, `names`, `course`, `levelID`, `mode`, `state`, `lga`, `dob`, `gsm`, `sex`, `address`, `email`, `usernamea`, `passworda`, `fresher`) VALUES (NULL, '$matNo', '$matNo', '$names', '$course', '$levelID', '$mode', '$state', '$lga', '$dob', '$gsm', '$sex', '$address', '$email', '$matNo', '$matNo', '1')") or die('Error');
                }
            }
        }




        header('location:'.'paymentHistory.php');
    }
}
ob_end_flush();
?>








<!-- InstanceEndEditable --></td>
<td align="right" valign="top"><!-- InstanceBeginEditable name="EditRegion4" --><!-- InstanceEndEditable --></td>
</tr>
</table></td>
</tr>
<tr>
    <td>&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<p>&nbsp;</p>
<script type="text/javascript">
    var MenuBar1 = new Spry.Widget.MenuBar("MenuBar1", {imgDown:"../SpryAssets/SpryMenuBarDownHover.gif", imgRight:"../SpryAssets/SpryMenuBarRightHover.gif"});
</script>
</body>
<!-- InstanceEnd --></html>

Youez - 2016 - github.com/yon3zu
LinuXploit