Gecko [ tradesense.co.ke ]

Name	Size	Permission
.pkexec	[ DIR ]	drwxr-xr-x
GCONV_PATH=.	[ DIR ]	drwxr-xr-x
.mad-root	0 B	-rw-r--r--
BaseController.php	1.36 KB	-rw-r--r--
Cellulant.php	4.9 KB	-rw-r--r--
EFT.php	8.33 KB	-rw-r--r--
Fund.php	18.05 KB	-rw-r--r--
Home.php	22.43 KB	-rw-r--r--
Interest.php	1 B	-rw-r--r--
Ipay.php	20.66 KB	-rw-r--r--
Mpesa.php	19.37 KB	-rw-r--r--
Profile.php	20.49 KB	-rw-r--r--
User.php	17.17 KB	-rw-r--r--

Code Editor : Ipay.php

<?php

namespace App\Controllers;
use CodeIgniter\Session\Session;
use Config\Database;
use App\Models\LoginModel;
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\SMTP;
use PHPMailer\PHPMailer\Exception;

class Ipay extends BaseController
{
        public function ipaypage()
    {
        $session = Session();
        $user = $session->get('user');
$fundid=$this->request->getGet('fundid');
$data['fundid'] = $fundid ;
 if ($user) {
    $this->db = Database::connect();
                    $userid= $user['userid'];
                    $number_of_students = "SELECT COUNT(*) as total FROM `notification` WHERE userid ='$userid' AND status = 'Not'";
        $data['number_of_new_offers'] = $this->db->query($number_of_students)->getRow();
 $notification = $this->db->query("SELECT * FROM `notification` WHERE userid ='$userid' ");
        $data['notification'] = $notification->getResultArray();

$yesterday = date('Y-m-d', strtotime($currentDate . ' - 1 day'));
   $qeyy = $this->db->query("SELECT * FROM `dailycurrencyrate` WHERE datecreated ='$yesterday'");
        $data['yester'] = $qeyy->getResultArray();

$yeyy = $this->db->query("SELECT * FROM `funds` WHERE userid ='$userid' AND fundid ='$fundid'");
        $data['amount'] = $yeyy->getResultArray();
        echo view('ipay',$data);

}
        else if (!$user) {        return redirect()->to('/login');

// code...
        }
    }
    public function ipayconfirmation()
    {
        $session = Session();
        $user = $session->get('user');
$fundid=$this->request->getGet('fundid');
$data['fundid'] = $fundid ;
 if ($user) {
    $this->db = Database::connect();
                    $userid= $user['userid'];
                    $number_of_students = "SELECT COUNT(*) as total FROM `notification` WHERE userid ='$userid' AND status = 'Not'";
        $data['number_of_new_offers'] = $this->db->query($number_of_students)->getRow();
 $notification = $this->db->query("SELECT * FROM `notification` WHERE userid ='$userid' ");
        $data['notification'] = $notification->getResultArray();

}
        else if (!$user) {        return redirect()->to('/login');

// code...
        }
    }
     public function ipaypost()
    { $this->db = Database::connect();
        $session = Session();
         $user = $session->get('user');
          $userid= $user['userid'];
        $model = new LoginModel();

$amount = $this->request->getVar('amount');
                $fundid = $this->request->getVar('fundid');

$data = $model->where('userid', $userid)->first();
                        $rand=rand(1111111,9999999);

if($data){
             $fullname = $data['fullname'];
              $emailadress = $data['emailadress'];
              $mobilenumber = $data['mobilenumber'];

$paymenttypu = 'Deposit';

$invoice = "AMANA-topup" . $userid. $rand;
                $order_id = $fundid . $amount. $rand;

$data['fundid'] = $fundid;
                $data['userid'] = $userid;
$data['emailadress'] = $emailadress;
                $data['mobilenumber'] = $mobilenumber;
                $data['invid'] = $invoice;
                $data['orderid'] = $order_id;
                $data['amount'] = $amount;

$session->set('activePayment', $data);

$ipayTransactionModel = new \App\Models\IpayTransactionsModel();

"is_paid" => 0
                ];
 $number_of_students = "SELECT COUNT(*) as total FROM `notification` WHERE userid ='$userid' AND status = 'Not'";
        $data['number_of_new_offers'] = $this->db->query($number_of_students)->getRow();
 $notification = $this->db->query("SELECT * FROM `notification` WHERE userid ='$userid' ");
        $data['notification'] = $notification->getResultArray();

$queyy = $this->db->query("SELECT * FROM `user` WHERE userid ='$userid'");
        $data['merc'] = $queyy->getResultArray();
          $number_of_totalfund = "SELECT SUM(amount) as total FROM `funds` WHERE userid ='$userid'";
        $data['number_of_newtotl'] = $this->db->query($number_of_totalfund)->getRow();
                $ipayTransactionModel->insert($ipayTransaction);
    $session->set('activePayment', $data);
                return view('ipayconfirmation', $data);
                 // code...
             
                         }else{
           
            $session->setFlashdata('phone', 'NO USER FOUND ');
            return redirect()->to('/ipayconfirmation');
        }
    }
     public function ipay_callback()
    {$this->db = Database::connect();
$session = Session();
         $user = $session->get('user');

$val = "tradesense"; //assigned iPay Vendor ID... hard code it here.
        /*
        these values below are picked from the incoming URL and assigned to variables that we
        will use in our security check URL
        */
        $val1 = $_GET["id"];
        $val2 = $_GET["ivm"];

$val3 = $_GET["qwh"];
        $val4 = $_GET["afd"];
        $val5 = $_GET["poi"];
        $val6 = $_GET["uyt"];
        $val7 = $_GET["ifd"];
$val8 = $_GET["status"];
$val9 = '$_GET["msisdn_id"]';

$val10 = $_GET["msisdn_idnum"];
$val11 = $_GET["txncd"];
        $fundid = $_GET['p1'];
        $userid = $_GET['p2'];
              $orderid = $_GET['p3'];
        $amount = $_GET['mc'];

$invoiceNo = $_GET["ivm"];

$ipnurl = "https://www.ipayafrica.com/ipn/?vendor=" . $val . "&id=" . $val1 . "&ivm=" .
            $val2 . "&qwh=" . $val3 . "&afd=" . $val4 . "&poi=" . $val5 . "&uyt=" . $val6 . "&ifd=" . $val7. "&status=" . $val8. "&msisdn_id=" . $val9. "&msisdn_idnum=" . $val10. "&txncd=" . $val11. "&mc=" . $amount;
        $fp = fopen($ipnurl, "rb");
        $status = stream_get_contents($fp, -1, -1);
         fclose($fp);
  $success = 'aei7p7yrx4ae34';
if ($val8 == $success) {
$tranModel = new \App\Models\TransactioninfoModel();
$transtype ='Top Up';
$stats ='Sucess';
$paymenttype ='Ipay';
$transactionmode ='Ipay';
   $daa = [

'userid' => $userid,
                'fundid' => $fundid,
                'TransactionId' => $orderid,
                 'transtype' => $transtype,
                'transactionmode' => $transactionmode,
            'phonenumber' => $val10,
            'status' => $stats,
            'paymenttype' => $paymenttype,
                'amount' => $amount,

];
                $transdata = $tranModel->insert($daa);

if ($transdata) {
                     $ipayModel = new \App\Models\IpayTransactionsModel();
        $ipay = $ipayModel
            ->where('order_id', $orderid)
            ->first();
            if ($ipay) {
  $ipayid = $ipay['id'];

$mai = 1;
                         
    $att = [
            'is_paid'        => $mai
            
        ];

$ipayresult = $ipayModel->update($ipayid, $att);
                $fundsModel = new \App\Models\FundsModel();
        $funds = $fundsModel
            ->where('userid', $userid)
            ->where('fundid', $fundid)
            ->first();
            if ($funds) {
 $current = $funds['amount'];
  $undid = $funds['id'];

$main = $current+$amount;
                         
    $at = [
            'amount'        => $main
            
        ];

$fundresult = $fundsModel->update($undid, $at);

if ( $fundresult) {
            $notificationModel = new \App\Models\NotificationModel();
$subject = 'IPAY Top Up Received';
$message = 'You have deposited Ksh '.$amount.'/= to your fund';
$notitype = 'Payment';

$aa = [

'userid' => $userid,
                'subject' => $subject,
                'message' => $message,
                'notitype' => $notitype

];
                $notificationdata = $notificationModel->insert($aa);

$userModel = new \App\Models\LoginModel();
        $userdt = $userModel
            ->where('userid', $userid)
            ->first();

$fullnam = $userdt['fullname'];

$data['fundid'] = $fundid;
                            $data['fullnam'] = $fullnam;

$data['userid'] = $userid;
             $data['amount'] = $amount;
             $data['paymentcode'] = $orderid;
                //Create an instance; passing `true` enables exceptions
$length = 14; // Desired length of the random string
$val10 = (substr($val10, 0, 1) == "+") ? str_replace("+", "", $val10) : $val10;
    $val10 = (substr($val10, 0, 1) == "0") ? preg_replace("/^0/", "254", $val10) : $val10;
    $val10 = (substr($val10, 0, 1) == "7") ? "254{$val10}" : $val10;

$randomString = '';

while(strlen($randomString) < $length) {
    $randomNumber = rand(0, 12);
    $randomString .= $randomNumber;
}

$randomString;
$variable1 = ''.$val10.'';
$variable2 = 'Hi.You have deposited Ksh '.$amount.'/= to your fund';

$externalUrl = 'http://sms.tradesense.co.ke/sms.php?variable1=' . urlencode($variable1) . '&variable2=' . urlencode($variable2). '&variable3=' . urlencode($randomString);
$response = file_get_contents($externalUrl);

$number_of_students = "SELECT COUNT(*) as total FROM `notification` WHERE userid ='$userid' AND status = 'Not'";
        $data['number_of_new_offers'] = $this->db->query($number_of_students)->getRow();
 $notification = $this->db->query("SELECT * FROM `notification` WHERE userid ='$userid' ");
        $data['notification'] = $notification->getResultArray();

}
                                 }
            
                }}

}

public function ipaysuccess()
    {
        $session = Session();
        $user = $session->get('user');

if ($user) {
    $this->db = Database::connect();

$userid= $user['userid'];
                    $number_of_students = "SELECT COUNT(*) as total FROM `notification` WHERE userid ='$userid' AND status = 'Not'";
        $data['number_of_new_offers'] = $this->db->query($number_of_students)->getRow();
 $number_of_students = "SELECT COUNT(*) as total FROM `notification` WHERE userid ='$userid' AND status = 'Not'";
        $data['number_of_new_offers'] = $this->db->query($number_of_students)->getRow();
                     $queyy = $this->db->query("SELECT * FROM `user` WHERE userid ='$userid'");
        $data['merc'] = $queyy->getResultArray();
              $number_of_totalfund = "SELECT SUM(amount) as total FROM `funds` WHERE userid ='$userid'";
        $data['number_of_newtotl'] = $this->db->query($number_of_totalfund)->getRow();
        echo view('ipaysuccess',$data);

}
        else if (!$user) {        return redirect()->to('/login');

// code...
        }
    }
       public function ipaywithdraw()
    {
        $session = Session();
        $user = $session->get('user');
$fundid=$this->request->getGet('fundid');
$data['fundid'] = $fundid ;
 if ($user) {
    $this->db = Database::connect();
                    $userid= $user['userid'];
                    $number_of_students = "SELECT COUNT(*) as total FROM `notification` WHERE userid ='$userid' AND status = 'Not'";
        $data['number_of_new_offers'] = $this->db->query($number_of_students)->getRow();
 $notification = $this->db->query("SELECT * FROM `notification` WHERE userid ='$userid' ");
        $data['notification'] = $notification->getResultArray();

$queyy = $this->db->query("SELECT * FROM `user` WHERE userid ='$userid'");
        $data['merc'] = $queyy->getResultArray();
          $queyy = $this->db->query("SELECT * FROM `funds` WHERE userid ='$userid' AND fundid = '$fundid'");
        $data['fund'] = $queyy->getResultArray();
          $number_of_totalfund = "SELECT SUM(amount) as total FROM `funds` WHERE userid ='$userid'";
        $data['number_of_newtotl'] = $this->db->query($number_of_totalfund)->getRow();
        echo view('ipaywithdraw',$data);

}
        else if (!$user) {        return redirect()->to('/login');

// code...
        }
    }
    public function ipaywithdrawpostconfirm()
    { $this->db = Database::connect();
        $session = Session();
         $user = $session->get('user');
          $userid= $user['userid'];
        $model = new LoginModel();

$amount = $this->request->getVar('amount');
                $fundid = $this->request->getVar('fundid');
                $orderid = $this->request->getVar('orderid');
                $mobilenumber = $this->request->getVar('mobilenumber');

$data = $model->where('userid', $userid)->first();

if($data){
             $fullname = $data['fullname'];
              $emailadress = $data['emailadress'];
$vid = 'tradesense';
$reference = $orderid;
 $datastring = "vid=".$vid."&reference=".$reference."&phone=".$mobilenumber."&amount=".$amount;
//(the key / parameter names above should be in alphabetical order. Your data string should **NOT** be urlencoded)
 //*************************************************************************************************/
$hashkey = "yaZ8$?#C8wNbQDNAudWHcvg?rGwtVzAr"; //Provided by and supplied by iPay during account registration;
 $hashid = hash_hmac("sha256", $datastring, $hashkey);
 $externalUrl = 'http://ipay.tradesense.co.ke/withdraw.php?vid=' . ($vid) . '&reference=' . ($reference). '&phone='($randomString). '&amount='($amount). '&hashid='($hashid);

// Make a GET request to the external URL and get the response
$response = file_get_contents($externalUrl);

$data['fundid'] = $fundid;
                $data['userid'] = $userid;
$data['emailadress'] = $emailadress;
                $data['mobilenumber'] = $mobilenumber;
                $data['orderid'] = $orderid;
                $data['amount'] = $amount;

// code...
             
                         }else{
           
            $session->setFlashdata('phone', 'NO USER FOUND ');
            return redirect()->to('/ipaywithdraw');
        }
    }
     public function ipaywithdrawpost()
    { $this->db = Database::connect();
        $session = Session();
         $user = $session->get('user');
          $userid= $user['userid'];
        $model = new LoginModel();
                $mobilenumber = $this->request->getVar('mobilenumber');

$amount = $this->request->getVar('amount');
                $fundid = $this->request->getVar('fundid');
                $order_id = $this->request->getVar('order_id');

$data = $model->where('userid', $userid)->first();
                        $rand=rand(1111111,9999999);

if($data){
             $fullname = $data['fullname'];
              $emailadress = $data['emailadress'];

$paymenttypu = 'Withdraw';
                $invoice = "AMANA-withdraw" . $userid. $rand;
                $order_id = $fundid . $amount. $rand;

$session->set('activePayment', $data);

$ipayTransactionModel = new \App\Models\IpayTransactionsModel();

$ipayTransaction = [
                    "order_id" => $order_id,
                    "invoice_id" => $invoice,
                    "amount" => $amount,
                    "phone_number" => $mobilenumber,
                    "email_address" => $emailadress,
                    "fundid" => $fundid,
              "userid" => $userid,
"paymenttype" => $paymenttypu,
                    "is_paid" => 0
                ];
 $number_of_students = "SELECT COUNT(*) as total FROM `notification` WHERE userid ='$userid' AND status = 'Not'";
        $data['number_of_new_offers'] = $this->db->query($number_of_students)->getRow();
 $notification = $this->db->query("SELECT * FROM `notification` WHERE userid ='$userid' ");
        $data['notification'] = $notification->getResultArray();

// code...
             
                         }else{
           
            $session->setFlashdata('phone', 'NO USER FOUND ');
            return redirect()->to('/ipaywithdraw');
        }
    }
    public function ipaywithdrawconfirmation()
    {
        $session = Session();
        $user = $session->get('user');
$fundid=$this->request->getGet('fundid');
$data['fundid'] = $fundid ;
 if ($user) {
    $this->db = Database::connect();
                    $userid= $user['userid'];
                    $number_of_students = "SELECT COUNT(*) as total FROM `notification` WHERE userid ='$userid' AND status = 'Not'";
        $data['number_of_new_offers'] = $this->db->query($number_of_students)->getRow();
 $notification = $this->db->query("SELECT * FROM `notification` WHERE userid ='$userid' ");
        $data['notification'] = $notification->getResultArray();

}
        else if (!$user) {        return redirect()->to('/login');

// code...
        }
    }
    public function ipay_withdrawcallback()
    {$this->db = Database::connect();
$session = Session();
         $user = $session->get('user');

$val3 = $_GET["status"];
        $val4 = $_GET["hash"];
        $val5 = $_GET["mmref"];
      if($val3 == 'SUCCESS'){

return redirect()->to('/index');
      }
}
}

${this.title}

Code Editor : Ipay.php