ONE PIECE HACKING

Ngiler SH3LL 360
: / home / tbf / tbf.ro / app / Http / Controllers / Api /

Information Server
MySQL : OFF Perl : OFF CURL : ON WGET : OFF PKEXEC : OFF

Directive	Local Value
IP Address	89.40.16.97
System	Linux server.atelieruldeit.ro 3.10.0-1160.el7.x86_64 #1 SMP Mon Oct 19 16:18:59 UTC 2020 x86_64
User	tbf
PHP Version	7.3.33
Software	Apache
Doc root	Writable

Edit File : PaymentController.php \| Size : 11.96 KB
<?php namespace App\Http\Controllers\Api; use Illuminate\Http\Request; use App\Http\Controllers\Controller; use App\Repositories\InvoiceRepository; use Illuminate\Support\Facades\Input; use Validator; use Auth; use App\Course; use App\Order; use App\Invoice; use JWTAuth; use App\User; class PaymentController extends Controller { public function getBookingInfo($slug){ $course = Course::where('slug', $slug)->first(); if($course){ if($course->reviews->count() > 0){ $average_rating = round($course->reviews->sum('rating') / $course->reviews->count()); }else{ $average_rating = 0; } $courseData = [ 'id' => $course->id, 'name' => $course->name, 'slug' => $course->slug, 'description' => $course->description, 'no_reviews' => $course->reviews->count(), 'average_rating' => $average_rating, 'lessons_video' => $course->lessons->where('type', 'video')->count(), 'lessons_document' => $course->lessons->where('type', 'document')->count() ]; return response()->json(['courseData' => $courseData]); }else{ return response()->json(['error' => 'Not found'], 404); } } public function payInfoSuccess($publicId){ $order = Order::where('public_id', $publicId)->first(); if($order){ $orderData = [ 'id' => $order->id, 'status' => $order->status, 'payment_type' => $order->payment_type, 'transaction_message' => $order->transaction_message, 'slug' => $order->course->slug, ]; return response()->json(['orderData' => $orderData]); }else{ return response()->json(['error' => 'Not found'], 404); } } public function lastPaySuccess(){ $order = Order::where('user_id', Auth::user()->id)->orderBy('created_at', 'desc')->first(); if($order){ $orderData = [ 'id' => $order->id, 'status' => $order->status, 'payment_type' => $order->payment_type, 'transaction_message' => $order->transaction_message, 'slug' => $order->course->slug, ]; return response()->json(['orderData' => $orderData]); }else{ return response()->json(['error' => 'Not found'], 404); } } public function euplatesc_response(Request $request) { $euplatesc_response = [ 'amount' => addslashes(trim($request->amount)), //original amount 'curr' => addslashes(trim($request->curr)), //original currency 'invoice_id' => addslashes(trim($request->invoice_id)),//original invoice id 'ep_id' => addslashes(trim($request->ep_id)), //Euplatesc.ro unique id 'merch_id' => addslashes(trim($request->merch_id)), //your merchant id 'action' => addslashes(trim($request->action)), // if action ==0 transaction ok 'message' => addslashes(trim($request->message)),// transaction responce message 'approval' => addslashes(trim($request->approval)),// if action!=0 empty 'timestamp' => addslashes(trim($request->timestamp)),// meesage timestamp 'nonce' => addslashes(trim($request->nonce)), ]; $euplatesc_response['fp_hash'] = strtoupper(euplatesc_mac($euplatesc_response, config('app.euPlatesckey'))); $fp_hash = addslashes(trim($request->fp_hash)); // Daca se face prima plata $order = Order::findOrFail($euplatesc_response['invoice_id']); if($euplatesc_response['fp_hash'] === $fp_hash) { // start facem update in baza de date if($euplatesc_response['action'] == "0") { $order->update([ 'euplatesc_customer_id' => $euplatesc_response['ep_id'], 'status' => 'paid', 'transaction_message' => $euplatesc_response['message'], ]); $invoice_record = Invoice::where('euplatesc_id',$euplatesc_response['ep_id'])->first(); if($invoice_record == null) { $invoice = InvoiceRepository::generateInvoice($order); $invoice->save(); sendMailWithInvoice($invoice); } if($order->source == 'web'){ return redirect('/informatii-plata'); }else{ return redirect('/mobile-redirect?status=success'); } }else{ $order->update([ 'euplatesc_customer_id' => $euplatesc_response['ep_id'], 'status' => 'error', 'transaction_message' => $euplatesc_response['message'], ]); if($order->source == 'web'){ return redirect('/informatii-plata'); }else{ return redirect('/mobile-redirect?status=error'); } } }else{ $order->update([ 'euplatesc_customer_id' => $euplatesc_response['ep_id'], 'status' => 'error', 'transaction_message' => 'invalid credentials', ]); if($order->source == 'web'){ return redirect('/informatii-plata'); }else{ return redirect('/mobile-redirect?status=error'); } } } public function get_currency_amount(Request $request){ $course = Course::findOrFail($request->course_id); if($request->country == 'Romania'){ $currency = 'RON'; $amount = $course->discount_in_ron ? $course->price_in_ron - $course->discount_in_ron : $course->price_in_ron; }else{ $currency = 'EUR'; $amount = $course->discount_in_euro ? $course->price_in_euro - $course->discount_in_euro : $course->price_in_euro; } $amount_with_tva = round(($amount * 1.19),2); return response()->json([ 'currency' => $currency, 'amount' => $amount, 'amount_with_tva' => $amount_with_tva, ]); } public function save_order(Request $request){ $validator = Validator::make(Input::all(), [ 'name' => 'required', 'last_name' => 'required', 'email' => 'required\|email', 'phone' => 'required', 'course_id' => 'required', 'payment_type' => 'required', 'country' => 'required', 'city' => 'required', 'address' => 'required', 'company_name' => $request->person_type == 'legal_person' ? 'required' : '', 'cui' => $request->person_type == 'legal_person' ? 'required' : '', 'billing_name' => $request->person_type == 'individual_person' ? 'required' : '', 'cnp' => $request->person_type == 'individual_person' ? 'required' : '', ]); if ($validator->fails()) { $messages = $validator->messages(); return response()->json(array("error" => $messages)); }else{ $generate_token = uniqid(); $exist_random_code = Order::where('public_id',$generate_token)->first(); while ($exist_random_code) { $generate_token = uniqid(); $exist_random_code = Order::where('public_id',$generate_token)->first(); } $order = Order::create([ 'course_id' => $request->course_id, 'name' => $request->name, 'last_name' => $request->last_name, 'phone' => $request->phone, 'email' => $request->email, 'status' => 'new', 'user_id' => Auth::user()->id, 'payment_type' => $request->payment_type, 'country' => $request->country, 'city' => $request->city, 'address' => $request->address, 'billing_name' => $request->billing_name, 'company_name' => $request->company_name, 'cnp' => $request->cnp, 'cui' => $request->cui, 'reg_number' => $request->reg_number, 'public_id' => $generate_token, 'source' => $request->source ]); if($request->payment_type == 'online'){ $dataAll = [ "amount" => $request->amount, "curr" => $request->currency, "invoice_id" => $order->id, "order_desc" => "THE BASIC FUNDAMENTALS 2019", "merch_id" => config('app.euPlatescMerchId'), "timestamp" => gmdate("YmdHis"), "nonce" => md5(microtime() . mt_rand()) ]; $dataAll += ["fp_hash" => strtoupper(euplatesc_mac($dataAll,config('app.euPlatesckey')))]; $dataAll += [ 'payType' => 'online', 'lang' => '', 'fname' => $order->name, 'lname' => $order->last_name, 'country' => $order->country, 'company' => $order->company_name ? $order->company_name : $order->billing_name, 'city' => $order->city, 'zip_code' => 0, 'add' => $order->address, 'email' => $order->email, 'phone' => $order->phone, 'euplatesc_url' => "https://secure.euplatesc.ro/tdsprocess/tranzactd.php", ]; return response()->json(['payData' => $dataAll]); }else{ $dataAll = [ 'payType' => 'transfer', 'publicId' => $order->public_id ]; //send mail with proforma sendMailWithProforma($order,$request->amount); return response()->json(['payData' => $dataAll]); } } } public function validate_order(Request $request){ $validator = Validator::make(Input::all(), [ 'name' => 'required', 'last_name' => 'required', 'email' => 'required\|email', 'phone' => 'required', 'course_id' => 'required', 'payment_type' => 'required', 'country' => 'required', 'city' => 'required', 'address' => 'required', 'company_name' => $request->person_type == 'legal_person' ? 'required' : '', 'cui' => $request->person_type == 'legal_person' ? 'required' : '', 'billing_name' => $request->person_type == 'individual_person' ? 'required' : '', 'cnp' => $request->person_type == 'individual_person' ? 'required' : '', ]); if ($validator->fails()) { $messages = $validator->messages(); return response()->json(array("list" => $messages, 'status' => 'error')); }else{ return response()->json(['status' => 'success']); } } public function get_data_tbf(){ $data_tbf = [ 'name' => 'S.C. TBF Digital S.R.L.', 'nr_reg_com' => 'J23/2632/2019', 'cif' => 'RO41257754', 'address' => 'Bld. Pipera nr 1-IA, Voluntari, Ilfov', 'email' => 'contact@tbf.ro' ]; return response()->json($data_tbf); } } Back

Edit File : PaymentController.php | Size : 11.96 KB

<?php

namespace App\Http\Controllers\Api;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\Repositories\InvoiceRepository;
use Illuminate\Support\Facades\Input;
use Validator;
use Auth;
use App\Course;
use App\Order;
use App\Invoice;
use JWTAuth;
use App\User;

class PaymentController extends Controller
{
    public function getBookingInfo($slug){
        $course = Course::where('slug', $slug)->first();
        if($course){
            if($course->reviews->count() > 0){
                $average_rating = round($course->reviews->sum('rating') / $course->reviews->count());
            }else{
                $average_rating = 0;
            }

$courseData = [
                'id' => $course->id,
                'name' => $course->name,
                'slug' => $course->slug,
                'description' => $course->description,
                'no_reviews' => $course->reviews->count(),
                'average_rating' => $average_rating,
                'lessons_video' => $course->lessons->where('type', 'video')->count(), 
                'lessons_document' => $course->lessons->where('type', 'document')->count()
            ];

return response()->json(['courseData'  => $courseData]);
        }else{
            return response()->json(['error' => 'Not found'], 404);
        }
    }

public function payInfoSuccess($publicId){
        $order = Order::where('public_id', $publicId)->first();
        
        if($order){
            $orderData = [
                'id' => $order->id,
                'status' => $order->status,
                'payment_type' => $order->payment_type,
                'transaction_message' => $order->transaction_message,
                'slug' => $order->course->slug,
            ];

return response()->json(['orderData'  => $orderData]);
        }else{
            return response()->json(['error' => 'Not found'], 404);
        }
    }

public function lastPaySuccess(){
        $order = Order::where('user_id', Auth::user()->id)->orderBy('created_at', 'desc')->first();
        
        if($order){
            $orderData = [
                'id' => $order->id,
                'status' => $order->status,
                'payment_type' => $order->payment_type,
                'transaction_message' => $order->transaction_message,
                'slug' => $order->course->slug,
            ];

return response()->json(['orderData'  => $orderData]);
        }else{
            return response()->json(['error' => 'Not found'], 404);
        }
    }

public function euplatesc_response(Request $request) {
        $euplatesc_response = [
            'amount'        => addslashes(trim($request->amount)),  //original amount
            'curr'          => addslashes(trim($request->curr)),    //original currency
            'invoice_id'    => addslashes(trim($request->invoice_id)),//original invoice id
            'ep_id'         => addslashes(trim($request->ep_id)), //Euplatesc.ro unique id
            'merch_id'      => addslashes(trim($request->merch_id)), //your merchant id
            'action'        => addslashes(trim($request->action)), // if action ==0 transaction ok
            'message'       => addslashes(trim($request->message)),// transaction responce message
            'approval'      => addslashes(trim($request->approval)),// if action!=0 empty
            'timestamp'     => addslashes(trim($request->timestamp)),// meesage timestamp
            'nonce'         => addslashes(trim($request->nonce)),
        ];
        $euplatesc_response['fp_hash'] = strtoupper(euplatesc_mac($euplatesc_response, config('app.euPlatesckey')));
        $fp_hash = addslashes(trim($request->fp_hash));

// Daca se face prima plata
        $order = Order::findOrFail($euplatesc_response['invoice_id']);
        if($euplatesc_response['fp_hash'] === $fp_hash) {
            // start facem update in baza de date
            if($euplatesc_response['action'] == "0") {
                $order->update([
                    'euplatesc_customer_id' => $euplatesc_response['ep_id'],
                    'status' => 'paid',
                    'transaction_message' => $euplatesc_response['message'],
                ]);

$invoice_record = Invoice::where('euplatesc_id',$euplatesc_response['ep_id'])->first();
                if($invoice_record == null) {
                    $invoice = InvoiceRepository::generateInvoice($order);
                    $invoice->save();

sendMailWithInvoice($invoice);
                }
                if($order->source == 'web'){
                    return redirect('/informatii-plata');
                }else{
                    return redirect('/mobile-redirect?status=success');
                }
            }else{
                $order->update([
                    'euplatesc_customer_id' => $euplatesc_response['ep_id'],
                    'status' => 'error',
                    'transaction_message' => $euplatesc_response['message'],
                ]);

if($order->source == 'web'){
                    return redirect('/informatii-plata');
                }else{
                    return redirect('/mobile-redirect?status=error');
                }
            }
        }else{
            $order->update([
                'euplatesc_customer_id' => $euplatesc_response['ep_id'],
                'status' => 'error',
                'transaction_message' => 'invalid credentials',
            ]);

if($order->source == 'web'){
                return redirect('/informatii-plata');
            }else{
                return redirect('/mobile-redirect?status=error');
            }
        }
    }

public function get_currency_amount(Request $request){
        $course = Course::findOrFail($request->course_id);

if($request->country == 'Romania'){
            $currency = 'RON';
            $amount = $course->discount_in_ron ? $course->price_in_ron - $course->discount_in_ron : $course->price_in_ron;
        }else{
            $currency = 'EUR';
            $amount = $course->discount_in_euro ? $course->price_in_euro - $course->discount_in_euro : $course->price_in_euro;
        }
        $amount_with_tva = round(($amount * 1.19),2);

return response()->json([
            'currency' => $currency,
            'amount' => $amount,
            'amount_with_tva' => $amount_with_tva,
        ]);
    }

public function save_order(Request $request){
        $validator = Validator::make(Input::all(), [
            'name'          => 'required',
            'last_name'     => 'required',
            'email'         => 'required|email',
            'phone'         => 'required',
            'course_id'     => 'required',
            'payment_type'  => 'required',
            'country'       => 'required',
            'city'          => 'required',
            'address'       => 'required',
            'company_name'  =>  $request->person_type == 'legal_person' ? 'required' : '',
            'cui'           =>  $request->person_type == 'legal_person' ? 'required' : '',
            'billing_name'  =>  $request->person_type == 'individual_person' ? 'required' : '',
            'cnp'           =>  $request->person_type == 'individual_person' ? 'required' : '',
        ]);

if ($validator->fails()) {
            $messages = $validator->messages();
            return response()->json(array("error" => $messages));
        }else{
            $generate_token = uniqid();
            $exist_random_code = Order::where('public_id',$generate_token)->first();

while ($exist_random_code) {
                $generate_token = uniqid();
                $exist_random_code = Order::where('public_id',$generate_token)->first();
            }

$order = Order::create([
                'course_id'     => $request->course_id,
                'name'          => $request->name,
                'last_name'     => $request->last_name,
                'phone'         => $request->phone,
                'email'         => $request->email,
                'status'        => 'new',
                'user_id'       => Auth::user()->id,
                'payment_type'  => $request->payment_type,
                'country'       => $request->country,
                'city'          => $request->city,
                'address'       => $request->address,
                'billing_name'  => $request->billing_name,
                'company_name'  => $request->company_name,
                'cnp'           => $request->cnp,
                'cui'           => $request->cui,
                'reg_number'    => $request->reg_number,
                'public_id'     => $generate_token,
                'source'        => $request->source
            ]);

if($request->payment_type == 'online'){
                $dataAll = [
                    "amount"        => $request->amount,
                    "curr"          => $request->currency,
                    "invoice_id"    => $order->id,
                    "order_desc"    => "THE BASIC FUNDAMENTALS 2019",
                    "merch_id"      => config('app.euPlatescMerchId'),
                    "timestamp"     => gmdate("YmdHis"),
                    "nonce"         => md5(microtime() . mt_rand())
                ];
                $dataAll += ["fp_hash" => strtoupper(euplatesc_mac($dataAll,config('app.euPlatesckey')))];
                
                $dataAll += [
                    'payType'       => 'online',
                    'lang'          => '',
                    'fname'         => $order->name,
                    'lname'         => $order->last_name,
                    'country'       => $order->country,
                    'company'       => $order->company_name ? $order->company_name : $order->billing_name,
                    'city'          => $order->city,
                    'zip_code'      => 0,
                    'add'           => $order->address,
                    'email'         => $order->email,
                    'phone'         => $order->phone,
                    'euplatesc_url' => "https://secure.euplatesc.ro/tdsprocess/tranzactd.php",
                ];

return response()->json(['payData' => $dataAll]);
            }else{
                $dataAll = [
                    'payType'       => 'transfer',
                    'publicId'      => $order->public_id
                ];

//send mail with proforma
                sendMailWithProforma($order,$request->amount);

return response()->json(['payData' => $dataAll]);
            }

}
    }

public function validate_order(Request $request){
        $validator = Validator::make(Input::all(), [
            'name'          => 'required',
            'last_name'     => 'required',
            'email'         => 'required|email',
            'phone'         => 'required',
            'course_id'     => 'required',
            'payment_type'  => 'required',
            'country'       => 'required',
            'city'          => 'required',
            'address'       => 'required',
            'company_name'  =>  $request->person_type == 'legal_person' ? 'required' : '',
            'cui'           =>  $request->person_type == 'legal_person' ? 'required' : '',
            'billing_name'  =>  $request->person_type == 'individual_person' ? 'required' : '',
            'cnp'           =>  $request->person_type == 'individual_person' ? 'required' : '',
        ]);

if ($validator->fails()) {
            $messages = $validator->messages();
            return response()->json(array("list" => $messages, 'status' => 'error'));
        }else{
            return response()->json(['status' => 'success']);
        }
    }

public function get_data_tbf(){

$data_tbf = [
            'name' => 'S.C. TBF Digital S.R.L.',
            'nr_reg_com' => 'J23/2632/2019',
            'cif' => 'RO41257754',
            'address' => 'Bld. Pipera nr 1-IA, Voluntari, Ilfov',
            'email' => 'contact@tbf.ro'
        ];

return response()->json($data_tbf);
    }

}

Back