MAINHACK

Viewing / Editing File: offlinepay.php

<?php
include("functions.php");
$phone = isset($_SESSION['phone']) ? $_SESSION['phone'] : null;
$username = isset($_SESSION['username_Xw21erAAsqg4']) ? $_SESSION['username_Xw21erAAsqg4'] : null;

// Validate session data
if (!$phone || !$username) {
    die(json_encode(['error' => 'Session data missing']));
}

// Connect to DB with PDO
try {
    $db = new PDO('mysql:host=localhost;dbname=eliosofonline_ticketing', 'eliosofonline_ticketing', '3[cmY~u7_y-90^FQ');
    $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
    die(json_encode(['error' => 'Database connection failed: ' . $e->getMessage()]));
}

// Get selected amount from form submission
$transaction_amount = isset($_POST['amount']) ? (int)$_POST['amount'] : 0;
if (!$transaction_amount) {
    die(json_encode(['error' => 'No amount provided']));
}

// Determine number of tickets based on amount
$tickets_count = 0;
switch ($transaction_amount) {
    case 20: $tickets_count = 1; break;
    case 50: $tickets_count = 3; break;
    case 80: $tickets_count = 5; break;
    case 150: $tickets_count = 10; break;
    default:
        die(json_encode(['error' => 'Invalid amount: ' . $transaction_amount . ' GHS']));
}

// Generate unique transaction reference using UUID
function generateUniqueTransactionReference($db) {
    $max_attempts = 10;
    for ($attempt = 1; $attempt <= $max_attempts; $attempt++) {
        // Generate a UUID (version 4) and prepend 'OFFLINE_'
        $uuid = sprintf(
            '%04x%04x%04x%04x%04x%04x%04x%04x',
            mt_rand(0, 0xffff), mt_rand(0, 0xffff),
            mt_rand(0, 0xffff),
            mt_rand(0, 0x0fff) | 0x4000, // Version 4
            mt_rand(0, 0x3fff) | 0x8000, // Variant
            mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff)
        );
        $reference = 'OFFLINE_' . strtoupper($uuid);

// Check if reference exists
        $stmt = $db->prepare('SELECT COUNT(*) FROM tickets WHERE transaction_reference = :reference');
        $stmt->bindValue(':reference', $reference);
        $stmt->execute();
        if ($stmt->fetchColumn() == 0) {
            return $reference;
        }
    }
    die(json_encode(['error' => 'Unable to generate a unique transaction reference after multiple attempts']));
}

// Generate unique ticket code
function generateUniqueTicketCode($db) {
    $prefix = 'PAX-';
    $length = 6;
    $characters = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $max_attempts = 10;

for ($attempt = 1; $attempt <= $max_attempts; $attempt++) {
        $random = '';
        for ($i = 0; $i < $length; $i++) {
            $random .= $characters[rand(0, strlen($characters) - 1)];
        }
        $ticket_code = $prefix . $random;

$stmt = $db->prepare('SELECT COUNT(*) FROM tickets WHERE ticket_code = :ticket_code');
        $stmt->bindValue(':ticket_code', $ticket_code);
        $stmt->execute();
        if ($stmt->fetchColumn() == 0) {
            return $ticket_code;
        }
    }

return 'PAX-' . substr(strtoupper(md5(uniqid(rand(), true))), 0, 6);
}

try {
    // Set transaction isolation level to prevent race conditions
    $db->exec('SET TRANSACTION ISOLATION LEVEL SERIALIZABLE');
    $db->beginTransaction();

// Generate a unique transaction reference
    $reference = generateUniqueTransactionReference($db);

$ticketused = 0;
    $pay_mode = "OFFLINE";
    $usernameNEW = "";
    for ($i = 0; $i < $tickets_count; $i++) {
        $ticket_code = generateUniqueTicketCode($db);

$stmt = $db->prepare('INSERT INTO tickets (ticket_code, transaction_reference, amount, email, status, ticketused, verifyby,pay_mode) VALUES (:ticket_code, :transaction_reference, :amount, :email, :status, :ticketused, :verifyby,:pay_mode)');
        $stmt->execute([
            ':ticket_code' => $ticket_code,
            ':transaction_reference' => $reference,
            ':amount' => $transaction_amount,
            ':email' => $phone,
            ':status' => 'active',
            ':ticketused' => $ticketused,
            ':verifyby' => $usernameNEW,
            ':pay_mode' => $pay_mode,
        ]);

// Send SMS (optional)
        $sms_payload = json_encode([
            'username' => "vitelogistics",
            'password' => "vitelogis@2025",
            'source' => "PAX",
            'destination' => $phone,
            'message' => "Your ticket code is: $ticket_code",
            'ol' => false,
        ]);

$curl = curl_init();
        curl_setopt_array($curl, [
            CURLOPT_URL => 'https://deywuro.com/api/sms',
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_CUSTOMREQUEST => 'POST',
            CURLOPT_POSTFIELDS => $sms_payload,
            CURLOPT_HTTPHEADER => ['Accept: application/json', 'Content-Type: application/json'],
        ]);
        $sms_response = curl_exec($curl);
        if ($sms_response === false) {
            error_log('SMS sending failed for ticket: ' . $ticket_code);
        } else {
            error_log('SMS response: ' . $sms_response);
        }
        curl_close($curl);
    }

$db->commit();

unset($_SESSION['phone']);
    header("Location: dashboard.php"); // Ensure correct path
    exit();

} catch (PDOException $e) {
    $db->rollBack();
    error_log('Ticket generation error: ' . $e->getMessage());
    die(json_encode(['error' => 'Ticket generation failed: ' . $e->getMessage()]));
}
?>

Cancel / Back

[ MAINHACK ]

Viewing / Editing File: offlinepay.php

Server Info

System Features

User Info