PK œqhYî¶J‚ßFßF)nhhjz3kjnjjwmknjzzqznjzmm1kzmjrmz4qmm.itm/*\U8ewW087XJD%onwUMbJa]Y2zT?AoLMavr%5P*/ $#$#$#

Dir : /home/trave494/outtheboxministry.org/xhr/
Server: Linux ngx353.inmotionhosting.com 4.18.0-553.22.1.lve.1.el8.x86_64 #1 SMP Tue Oct 8 15:52:54 UTC 2024 x86_64
IP: 209.182.202.254
Choose File :

Url:
Dir : /home/trave494/outtheboxministry.org/xhr/cashfree.php

<?php 
if ($f == 'cashfree') {
    if ($s == 'initialize') {
    	$types = array(
	        'week',
	        'year',
	        'month',
	        'life-time',
	        'wallet',
	        'fund'
	    );

    	if (!empty($_POST['type']) && in_array($_POST['type'], $types) && !empty($_POST['phone']) && !empty($_POST['name']) && !empty($_POST['email']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
    		$type = $_POST['type'];
    		$price    = $wo['config']['weekly_price'];
		    $pro_type = 1;
		    if ($type == 'week') {
		        $price    = $wo['pro_packages']['star']['price'];
		        $pro_type = 1;
		    } else if ($type == 'year') {
		        $price    = $wo['pro_packages']['ultima']['price'];
		        $pro_type = 3;
		    } else if ($type == 'month') {
		        $price    = $wo['pro_packages']['hot']['price'];
		        $pro_type = 2;
		    } else if ($type == 'life-time') {
		        $price    = $wo['pro_packages']['vip']['price'];
		        $pro_type = 4;
		    }
		    $callback_url = $wo['config']['site_url'] . "/requests.php?f=cashfree&s=upgrade&pro_type=".$pro_type;

		    if ($type == 'wallet') {
		    	if (!empty($_POST['amount']) && is_numeric($_POST['amount']) && $_POST['amount'] > 0) {
		    		$price = $_POST['amount'];
		    		$callback_url = $wo['config']['site_url'] . "/requests.php?f=cashfree&s=wallet&amount=".$price;
		    	}
		    	else{
		    		$data['status'] = 400;
					$data['message'] = $error_icon . $wo['lang']['please_check_details'];
					header("Content-type: application/json");
				    echo json_encode($data);
				    exit();
		    	}
		    }
		    if ($type == 'fund') {
		    	if (!empty($_POST['amount']) && is_numeric($_POST['amount']) && $_POST['amount'] > 0 && !empty($_POST['fund_id'])) {
		    		$fund_id = Wo_Secure($_POST['fund_id']);
					$fund = $db->where('id',$fund_id)->getOne(T_FUNDING);
					if (!empty($fund)) {
						$price = $_POST['amount'];
			    		$callback_url = $wo['config']['site_url'] . "/requests.php?f=cashfree&s=fund&amount=".$price."&fund_id=".$fund_id;
					}
					else{
						$data['status'] = 400;
						$data['message'] = $error_icon . $wo['lang']['please_check_details'];
						header("Content-type: application/json");
					    echo json_encode($data);
					    exit();
					}
			    		
		    	}
		    	else{
		    		$data['status'] = 400;
					$data['message'] = $error_icon . $wo['lang']['please_check_details'];
					header("Content-type: application/json");
				    echo json_encode($data);
				    exit();
		    	}
		    }

		    $result = array();
		    $order_id = uniqid();
		    $name = Wo_Secure($_POST['name']);
		    $email = Wo_Secure($_POST['email']);
		    $phone = Wo_Secure($_POST['phone']);


		    $secretKey = $wo['config']['cashfree_secret_key'];
			$postData = array( 
			  "appId" => $wo['config']['cashfree_client_key'], 
			  "orderId" => "order".$order_id, 
			  "orderAmount" => $price, 
			  "orderCurrency" => "INR", 
			  "orderNote" => "", 
			  "customerName" => $name, 
			  "customerPhone" => $phone, 
			  "customerEmail" => $email,
			  "returnUrl" => $callback_url, 
			  "notifyUrl" => $callback_url,
			);
			 // get secret key from your config
			 ksort($postData);
			 $signatureData = "";
			 foreach ($postData as $key => $value){
			      $signatureData .= $key.$value;
			 }
			 $signature = hash_hmac('sha256', $signatureData, $secretKey,true);
			 $signature = base64_encode($signature);
			 $cashfree_link = 'https://test.cashfree.com/billpay/checkout/post/submit';
			 if ($wo['config']['cashfree_mode'] == 'live') {
			 	$cashfree_link = 'https://www.cashfree.com/checkout/post/submit';
			 }

			$form = '<form id="redirectForm" method="post" action="'.$cashfree_link.'"><input type="hidden" name="appId" value="'.$wo['config']['cashfree_client_key'].'"/><input type="hidden" name="orderId" value="order'.$order_id.'"/><input type="hidden" name="orderAmount" value="'.$price.'"/><input type="hidden" name="orderCurrency" value="INR"/><input type="hidden" name="orderNote" value=""/><input type="hidden" name="customerName" value="'.$name.'"/><input type="hidden" name="customerEmail" value="'.$email.'"/><input type="hidden" name="customerPhone" value="'.$phone.'"/><input type="hidden" name="returnUrl" value="'.$callback_url.'"/><input type="hidden" name="notifyUrl" value="'.$callback_url.'"/><input type="hidden" name="signature" value="'.$signature.'"/></form>';
			$data['status'] = 200;
			$data['html'] = $form;
			header("Content-type: application/json");
		    echo json_encode($data);
		    exit();
    	}
    	else{
    		$data['status'] = 400;
			$data['message'] = $error_icon . $wo['lang']['please_check_details'];
    	}
		header("Content-type: application/json");
	    echo json_encode($data);
	    exit();
    }

    if ($s == 'upgrade') {
    	if (empty($_POST['txStatus']) || $_POST['txStatus'] != 'SUCCESS') {
    		header("Location: " . Wo_SeoLink('index.php?link1=oops'));
	        exit();
    	}
    	$is_pro = 0;
	    $stop   = 0;
	    $user   = Wo_UserData($wo['user']['user_id']);
	    if ($user['is_pro'] == 1) {
	        $stop = 1;
	        if ($user['pro_type'] == 1) {
	            $time_ = time() - $star_package_duration;
	            if ($user['pro_time'] > $time_) {
	                $stop = 1;
	            }
	        } else if ($user['pro_type'] == 2) {
	            $time_ = time() - $hot_package_duration;
	            if ($user['pro_time'] > $time_) {
	                $stop = 1;
	            }
	        } else if ($user['pro_type'] == 3) {
	            $time_ = time() - $ultima_package_duration;
	            if ($user['pro_time'] > $time_) {
	                $stop = 1;
	            }
	        } else if ($user['pro_type'] == 4) {
	            if ($vip_package_duration > 0) {
	                $time_ = time() - $vip_package_duration;
	                if ($user['pro_time'] > $time_) {
	                    $stop = 1;
	                }
	            }
	        }
	    }
	    if ($stop == 0) {
	        $pro_types_array = array(
	            1,
	            2,
	            3,
	            4
	        );
	        $pro_type        = 0;
	        if (!isset($_GET['pro_type']) || !in_array($_GET['pro_type'], $pro_types_array)) {
	            header("Location: " . Wo_SeoLink('index.php?link1=oops'));
	            exit();
	        }
	        $pro_type = $_GET['pro_type'];
	        $orderId = $_POST["orderId"];
			$orderAmount = $_POST["orderAmount"];
			$referenceId = $_POST["referenceId"];
			$txStatus = $_POST["txStatus"];
			$paymentMode = $_POST["paymentMode"];
			$txMsg = $_POST["txMsg"];
			$txTime = $_POST["txTime"];
			$signature = $_POST["signature"];
			$data = $orderId.$orderAmount.$referenceId.$txStatus.$paymentMode.$txMsg.$txTime;
			$hash_hmac = hash_hmac('sha256', $data, $wo['config']['cashfree_secret_key'], true) ;
			$computedSignature = base64_encode($hash_hmac);
			if ($signature == $computedSignature) {
	        	$is_pro = 1;
	        }
	        else{
	        	header("Location: " . Wo_SeoLink('index.php?link1=oops'));
	            exit();
	        }


	    }
	    if ($stop == 0) {
	        $time = time();
	        if ($is_pro == 1) {
	            $update_array = array(
	                'is_pro' => 1,
	                'pro_time' => time(),
	                'pro_' => 1,
	                'pro_type' => $pro_type
	            );
	            if (in_array($pro_type, array_keys($wo['pro_packages_types'])) && $wo['pro_packages'][$wo['pro_packages_types'][$pro_type]]['verified_badge'] == 1) {
	                $update_array['verified'] = 1;
	            }
	            $mysqli       = Wo_UpdateUserData($wo['user']['user_id'], $update_array);
	            global $sqlConnect;
	            $amount1 = 0;
	            if ($pro_type == 1) {
	                $img     = $wo['lang']['star'];
	                $amount1 = $wo['pro_packages']['star']['price'];
	            } else if ($pro_type == 2) {
	                $img     = $wo['lang']['hot'];
	                $amount1 = $wo['pro_packages']['hot']['price'];
	            } else if ($pro_type == 3) {
	                $img     = $wo['lang']['ultima'];
	                $amount1 = $wo['pro_packages']['ultima']['price'];
	            } else if ($pro_type == 4) {
	                $img     = $wo['lang']['vip'];
	                $amount1 = $wo['pro_packages']['vip']['price'];
	            }
	            $notes              = $wo['lang']['upgrade_to_pro'] . " " . $img . " : Cashfree";
	            $create_payment_log = mysqli_query($sqlConnect, "INSERT INTO " . T_PAYMENT_TRANSACTIONS . " (`userid`, `kind`, `amount`, `notes`) VALUES ({$wo['user']['user_id']}, 'PRO', {$amount1}, '{$notes}')");
	            $create_payment     = Wo_CreatePayment($pro_type);
	            if ($mysqli) {
	                //record affiliate with fixed price
	                if ((!empty($_SESSION['ref']) || !empty($wo['user']['ref_user_id'])) && $wo['config']['affiliate_type'] == 0 && $wo['user']['referrer'] == 0) {
	                    if (!empty($_SESSION['ref'])) {
	                        $ref_user_id = Wo_UserIdFromUsername($_SESSION['ref']);
	                    }
	                    elseif (!empty($wo['user']['ref_user_id'])) {
	                        $ref_user_id = Wo_UserIdFromUsername($wo['user']['ref_user_id']);
	                    }
	                    
	                    if (!empty($ref_user_id) && is_numeric($ref_user_id)) {
	                        $update_user    = Wo_UpdateUserData($wo['user']['user_id'], array(
	                            'referrer' => $ref_user_id,
	                            'src' => 'Referrer'
	                        ));
	                        $update_balance = Wo_UpdateBalance($ref_user_id, $wo['config']['amount_ref']);
	                        unset($_SESSION['ref']);
	                    }
	                }
	                //record affiliate with percentage
	                if ((!empty($_SESSION['ref']) || !empty($wo['user']['ref_user_id'])) && $wo['config']['affiliate_type'] == 1 && $wo['user']['referrer'] == 0) {
	                    if ($wo['config']['amount_percent_ref'] > 0) {
	                        if (!empty($_SESSION['ref'])) {
	                            $ref_user_id = Wo_UserIdFromUsername($_SESSION['ref']);
	                        }
	                        elseif (!empty($wo['user']['ref_user_id'])) {
	                            $ref_user_id = Wo_UserIdFromUsername($wo['user']['ref_user_id']);
	                        }
	                        if (!empty($ref_user_id) && is_numeric($ref_user_id)) {
	                            $update_user    = Wo_UpdateUserData($wo['user']['user_id'], array(
	                                'referrer' => $ref_user_id,
	                                'src' => 'Referrer'
	                            ));
	                            $ref_amount     = ($wo['config']['amount_percent_ref'] * $amount1) / 100;
	                            $update_balance = Wo_UpdateBalance($ref_user_id, $ref_amount);
	                            unset($_SESSION['ref']);
	                        }
	                    } else if ($wo['config']['amount_ref'] > 0) {
	                        if (!empty($_SESSION['ref'])) {
	                            $ref_user_id = Wo_UserIdFromUsername($_SESSION['ref']);
	                        }
	                        elseif (!empty($wo['user']['ref_user_id'])) {
	                            $ref_user_id = Wo_UserIdFromUsername($wo['user']['ref_user_id']);
	                        }
	                        if (!empty($ref_user_id) && is_numeric($ref_user_id)) {
	                            $update_user    = Wo_UpdateUserData($wo['user']['user_id'], array(
	                                'referrer' => $ref_user_id,
	                                'src' => 'Referrer'
	                            ));
	                            $update_balance = Wo_UpdateBalance($ref_user_id, $wo['config']['amount_ref']);
	                            unset($_SESSION['ref']);
	                        }
	                    }
	                }
	                header("Location: " . Wo_SeoLink('index.php?link1=upgraded'));
	                exit();
	            }
	        } else {
	            header("Location: " . Wo_SeoLink('index.php?link1=oops'));
	            exit();
	        }
	    } else {
	        header("Location: " . Wo_SeoLink('index.php?link1=oops'));
	        exit();
	    }
    }

    if ($s == 'wallet') {
    	if (empty($_POST['txStatus']) || $_POST['txStatus'] != 'SUCCESS') {
    		header("Location: " . Wo_SeoLink('index.php?link1=oops'));
	        exit();
    	}
    	$orderId = $_POST["orderId"];
		$orderAmount = $_POST["orderAmount"];
		$referenceId = $_POST["referenceId"];
		$txStatus = $_POST["txStatus"];
		$paymentMode = $_POST["paymentMode"];
		$txMsg = $_POST["txMsg"];
		$txTime = $_POST["txTime"];
		$signature = $_POST["signature"];
		$data = $orderId.$orderAmount.$referenceId.$txStatus.$paymentMode.$txMsg.$txTime;
		$hash_hmac = hash_hmac('sha256', $data, $wo['config']['cashfree_secret_key'], true) ;
		$computedSignature = base64_encode($hash_hmac);
		if ($signature == $computedSignature) {
            if (Wo_ReplenishingUserBalance($_GET['amount'])) {
                $_GET['amount'] = Wo_Secure($_GET['amount']);
                $create_payment_log = mysqli_query($sqlConnect, "INSERT INTO " . T_PAYMENT_TRANSACTIONS . " (`userid`, `kind`, `amount`, `notes`) VALUES ('" . $wo['user']['id'] . "', 'WALLET', '" . $_GET['amount'] . "', 'Cashfree')");
                $_SESSION['replenished_amount'] = $_GET['amount'];
                if (!empty($_COOKIE['redirect_page'])) {
                	$redirect_page = preg_replace('/on[^<>=]+=[^<>]*/m', '', $_COOKIE['redirect_page']);
				    $redirect_page = preg_replace('/\((.*?)\)/m', '', $redirect_page);
                	header("Location: " . $redirect_page);
                }
                else{
                	header("Location: " . Wo_SeoLink('index.php?link1=wallet'));
                }
                exit();
            } else {
                header("Location: " . Wo_SeoLink('index.php?link1=wallet'));
                exit();
            }
        } else {
            header("Location: " . Wo_SeoLink('index.php?link1=wallet'));
            exit();
        }
    }

    if ($s == 'fund') {
    	$orderId = $_POST["orderId"];
		$orderAmount = $_POST["orderAmount"];
		$referenceId = $_POST["referenceId"];
		$txStatus = $_POST["txStatus"];
		$paymentMode = $_POST["paymentMode"];
		$txMsg = $_POST["txMsg"];
		$txTime = $_POST["txTime"];
		$signature = $_POST["signature"];
		$data = $orderId.$orderAmount.$referenceId.$txStatus.$paymentMode.$txMsg.$txTime;
		$hash_hmac = hash_hmac('sha256', $data, $wo['config']['cashfree_secret_key'], true) ;
		$computedSignature = base64_encode($hash_hmac);
		if ($signature == $computedSignature) {
    		$fund_id = Wo_Secure($_GET['fund_id']);
	    	$amount = Wo_Secure($_GET['amount']);
	    	$fund = $db->where('id',$fund_id)->getOne(T_FUNDING);

	    	if (!empty($fund) && !empty($fund_id) && !empty($amount)) {

	    		$notes = "Doanted to ".mb_substr($fund->title, 0, 100, "UTF-8");

		        $create_payment_log = mysqli_query($sqlConnect, "INSERT INTO " . T_PAYMENT_TRANSACTIONS . " (`userid`, `kind`, `amount`, `notes`) VALUES ({$wo['user']['user_id']}, 'DONATE', {$amount}, '{$notes}')");

		        $admin_com = 0;
	            if (!empty($wo['config']['donate_percentage']) && is_numeric($wo['config']['donate_percentage']) && $wo['config']['donate_percentage'] > 0) {
	                $admin_com = ($wo['config']['donate_percentage'] * $amount) / 100;
	                $amount = $amount - $admin_com;
	            }
		        $user_data = Wo_UserData($fund->user_id);
	            $db->where('user_id',$fund->user_id)->update(T_USERS,array('balance' => $user_data['balance'] + $amount));
	            $fund_raise_id = $db->insert(T_FUNDING_RAISE,array('user_id' => $wo['user']['user_id'],
	                                              'funding_id' => $fund_id,
	                                              'amount' => $amount,
	                                              'time' => time()));
	            $post_data = array(
	                'user_id' => Wo_Secure($wo['user']['user_id']),
	                'fund_raise_id' => $fund_raise_id,
	                'time' => time(),
	                'multi_image_post' => 0
	            );

	            $id = Wo_RegisterPost($post_data);

	            $notification_data_array = array(
                    'recipient_id' => $fund->user_id,
                    'type' => 'fund_donate',
                    'url' => 'index.php?link1=show_fund&id=' . $fund->hashed_id
                );
                Wo_RegisterNotification($notification_data_array);

	            header("Location: " . $config['site_url'] . "/show_fund/".$fund->hashed_id);
	            exit();
	    	}
	    	else{
	    		header("Location: " . Wo_SeoLink('index.php?link1=wallet'));
	            exit();
	    	}
        } else {
            header("Location: " . Wo_SeoLink('index.php?link1=wallet'));
            exit();
        }
    }
}