Devil Killer Is Here MiNi Shell
MiNi SheLL

Current Path : /hermes/bosweb01/b2920/ayobo.abbotschools.org/
Linux boscustweb5006.eigbox.net 5.4.91 #1 SMP Wed Jan 20 18:10:28 EST 2021 x86_64
Current File : //hermes/bosweb01/b2920/ayobo.abbotschools.org/payment.php
<?php
include("php/dbconnect.php");
include("php/checklogin.php");
include("php/header.php");

  //Random Number generating receipt no.

  $receipt_no ='AB-'.mt_rand(10000,99999999);

if(isset($_GET['std_id']) & isset($_GET['class']) & isset($_GET['group']) & isset($_GET['term_id']) & isset($_GET['session_id'])){

$ID = $_GET['std_id'];

$cl = $_GET['class'];

$cgp = $_GET['group'];

$term_id = $_GET['term_id'];

$session_id = $_GET['session_id'];



    $result = mysqli_query($conn,"SELECT * FROM student WHERE std_id= '$ID'");
    $row= mysqli_fetch_array($result);
    $name = explode(" ", $row['std_name'],2);
    $std_name = $row['std_name'];

    $result2 = mysqli_query($conn,"SELECT * FROM class WHERE class_id= '$cl'");
    $row2= mysqli_fetch_array($result2);
    $class_arm = $row2['class_arm'];

    $result3 = mysqli_query($conn,"SELECT * FROM class_group WHERE class_group_id= '$cgp'");
    $row3= mysqli_fetch_array($result3);

    $result001 = mysqli_query($conn,"SELECT * FROM session WHERE session_id='$session_id'");
     $row001 = mysqli_fetch_array($result001);

      $result002 = mysqli_query($conn,"SELECT * FROM term WHERE term_id='$term_id'");
     $row002 = mysqli_fetch_array($result002);

     $class_group_id =$row['class_group_id'];
     $result03 = mysqli_query($conn,"SELECT * FROM fee WHERE class_group_id='$class_group_id' AND term_id='$term_id' AND session_id='$session_id'");
     $row03 = mysqli_fetch_array($result03);
   
 

$std_id='';
$class_group_id='';
$session_id='';
$term_id='';
$amount='';
$date='';
$narration='';
$class_amount='';
$status='';

if(isset($_POST['save'])){
    
$std_id=mysqli_real_escape_string($conn,$_POST['std_id']);
$class_id=mysqli_real_escape_string($conn,$_POST['class_id']);
$class_group_id=mysqli_real_escape_string($conn,$_POST['class_group_id']);
$session_id=mysqli_real_escape_string($conn,$_POST['session_id']);
$term_id = mysqli_real_escape_string($conn,$_POST['term_id']);
$amount=mysqli_real_escape_string($conn,$_POST['amount']);
$date=mysqli_real_escape_string($conn,$_POST['date']);
$narration=mysqli_real_escape_string($conn,$_POST['narration']);
$status=mysqli_real_escape_string($conn,$_POST['status']);
$trans_status=mysqli_real_escape_string($conn,$_POST['trans_status']);

// Removing commas from Numbers
$bad_symbols = array(",", "."); 
$amount = str_replace($bad_symbols, "", $amount);

$userab=mysqli_query($conn,"SELECT * FROM student WHERE (pg_phone='' AND std_id ='$std_id') OR (pg_email='' AND std_id ='$std_id')");
$resultab=mysqli_num_rows($userab);
if($resultab >0 )
{
header("Location: update_profile?act=xwspvt3");
}else{

 //Payment Engine Parameter
$returnUrl = $baseUrl.'return_payment.php';
$receiptUrl = $baseUrl.'receipt/receipt.php';  

//Discount
$discount_id = $row['discount_id'];
$result00 = mysqli_query($conn,"SELECT * FROM discount WHERE id= '$discount_id'");
$row00= mysqli_fetch_array($result00);
$discount =$row00['discount'];
$discount1 =$row00['amount'];

//Staff Rebate
$staff_rebate_id = $row['staff_rebate'];
$result001 = mysqli_query($conn,"SELECT * FROM staff_rebate WHERE value= '$staff_rebate_id'");
$row001= mysqli_fetch_array($result001);
$staff_rebate1 =$row001['name'];


//Rebate From Student Table
$rebate = $row['rebate'];
$staff_rebate = $row['staff_rebate'];

//Boarding Fee
$std_type = $row['std_type'];
$result01 = mysqli_query($conn,"SELECT * FROM boarding_fee WHERE status='active' AND fee_type_info= '$std_type'");
$row01= mysqli_fetch_array($result01);
$boarding_fee = $row01['amount'];
$boarding_name =$row01['fee_type'];

//New Intake
$result101a = mysqli_query($conn,"SELECT * FROM student WHERE std_id= '$std_id' AND new_intake='1'");
$row101a= mysqli_fetch_array($result101a);
$class_group_ida = isset($row101a['class_group_id'])?$row101a['class_group_id'] :0;

$result101b = mysqli_query($conn,"SELECT * FROM new_intake WHERE class_group_id= '$class_group_ida' AND status='active'");
$row101b= mysqli_fetch_array($result101b);
$new_intake = isset($row101b['amount'])?$row101b['amount']: 0;


//class Fee
$class_amount1 = $row03['amount'];
$other_fee = ($row03['other_fee'] + $new_intake);

//Total amount Payable = 
$class_amount = $boarding_fee + $other_fee + (($class_amount1/$staff_rebate) - $discount1 - $rebate);

//Total Class Amount or actual Fee
$actual_fee = $boarding_fee + $class_amount1 + $other_fee;


 $result4 = mysqli_query($conn,"SELECT * FROM session WHERE session_id='$session_id'");
     $row4 = mysqli_fetch_array($result4);

      $session = $row4['session_name'];

      $result5 = mysqli_query($conn,"SELECT * FROM term WHERE term_id='$term_id'");
     $row5 = mysqli_fetch_array($result5);

     $term = $row5['term_name'];

    $result6 = mysqli_query($conn,"SELECT sum(amount_paid) as total FROM payment WHERE std_id='$ID' and term_id='$term_id' and session_id='$session_id' and trans_status='success'");
     $row6 = mysqli_fetch_assoc($result6);

      $sum = $row6['total'];

    $total = $sum + $amount;

$balance = $class_amount - $total;


$result7 = mysqli_query($conn,"SELECT * FROM payment WHERE std_id='$ID' and term_id='$term_id' and session_id='$session_id' and trans_status='success' ORDER BY pay_id DESC");
     $row7 = mysqli_fetch_assoc($result7);

$prev_bal = $row7['balance'];

$prev_amount = $row7['total'];

$class_fee = $row03['amount'];

//To check if amount paying is more the required class fee
if($amount > $class_amount) {

  $message1 ="<div class='alert alert-danger alert-dismissible fade show' role='alert'>
  <i class='bi bi-exclamation-octagon me-1'></i>
  <strong>Sorry!</strong> You can not pay above the required Amount.
  <button type='button' class='btn-close' data-bs-dismiss='alert' aria-label='Close'></button>
</div>";

  //To check duplicate payment and the balance is equal to 0 for a particular term and session
}else{
 $sq=mysqli_query($conn,"SELECT * FROM payment WHERE std_id='$std_id' and class_id = '$cl' and term_id='$term_id' and session_id='$session_id' and trans_status='success' and balance ='0' ORDER BY pay_id DESC");
 $row_selected = mysqli_num_rows($sq);
 if($row_selected > 0) { 

  $message1 ="<div class='alert alert-danger alert-dismissible fade show' role='alert'>
  <i class='bi bi-exclamation-octagon me-1'></i>
  <strong>Sorry!</strong> Complete Payment has been made for the selected <b>Term</b> and <b>Session</b>.
  <button type='button' class='btn-close' data-bs-dismiss='alert' aria-label='Close'></button>
</div>";

}else{
    //To check if you have paid from this route before
 $sq1=mysqli_query($conn,"SELECT * FROM payment WHERE std_id= '$std_id' AND session_id = '$session_id' AND term_id = '$term_id' AND class_id = $class_id AND trans_status='success' AND balance !='' ORDER BY pay_id DESC");
 $row_selected1 = mysqli_num_rows($sq1);
if($row_selected1 > 0) {

    header("Location:pay_info?std_id=$ID&class=$cl&group=$cgp & act=xyzp212");
  
}else {

    $sql = mysqli_query($conn, "INSERT INTO payment (std_id,std_name,class_arm,term,session,class_id,class_group_id,session_id,term_id,mode_payment,amount_paid,date,narration,total,balance,prev_amount,prev_bal,staff_rebate,tuition,boarding_fee,boarding_name,class_amount,actual_fee,discount,receipt_no,other_fee,online) VALUES ('$std_id','$std_name','$class_arm','$term','$session','$class_id','$class_group_id','$session_id','$term_id','Online','$amount','$date','$narration','$total','$balance','$prev_amount','$prev_bal','$staff_rebate1','$class_amount1','$boarding_fee','$boarding_name','$class_amount','$actual_fee','$discount','$receipt_no','$other_fee','readonly')");
if($sql ===TRUE) {

    //To pick the transaction ID
    $result101 = mysqli_query($conn,"SELECT * FROM payment WHERE std_id='$ID' and term_id='$term_id' and session_id='$session_id' ORDER BY pay_id DESC");
    $row101 = mysqli_fetch_array($result101);

    echo  'Form Submitted, you will be redirected in few seconds to the payment platform.......';

    echo "<form method='POST' action='".$post_url."'>";
    echo "<input type='hidden' name = 'Email' value='" . $row['pg_email'] . "'>";
    echo "<input type='hidden' name = 'FirstName' value='" . $name[0] . "'>";
    echo "<input type='hidden' name = 'LastName' value='" . $name[1] . "'>";
    echo "<input type='hidden' name = 'Phone' value='" . $row['pg_phone'] . "'>";
    echo "<input type='hidden' name = 'TransactionID' value='" . $row101['pay_id'] . "'>";
    echo "<input type='hidden' name = 'Amount' value='" . $amount . "'>";
    echo "<input type='hidden' name = 'MerchantID' value='" . $MerchantId . "'>";
    echo "<input type='hidden' name = 'UniqueID' value='" . $UniqueId . "'>";
    echo "<input type='hidden' name = 'FeeId' value='" . $FeeId . "'>";
    echo "<input type='hidden' name = 'returnUrl' value='" . $returnUrl . "'>";
    echo "<input type='hidden' name = 'Ref' value='" . $receipt_no . "'>";
    echo "<input type='hidden' name = 'Description' value='" . $receipt_no . "'>";
    echo "<input type='hidden' name = 'receiptUrl' value='" . $receiptUrl . "'>";
      
    echo "</form>";

    /** Auto submit form. Alternatively, a submit button can be put in its stead. */
    echo "<script language='javascript'>";
    echo "var form = document.forms[0];";
    echo "form.submit()</script>";


}  
} 
}
}
}
}
//Discount
$discount_id =$row['discount_id'];
$result101 = mysqli_query($conn,"SELECT * FROM discount WHERE id= '$discount_id'");
$row101= mysqli_fetch_array($result101);
$discount = $row101['amount'];

//Rebate
$rebate = $row['rebate'];
$staff_rebate = $row['staff_rebate'];

//Boarding Fee
$std_type = $row['std_type'];
$result01 = mysqli_query($conn,"SELECT * FROM boarding_fee WHERE status='active' AND fee_type_info= '$std_type'");
$row01= mysqli_fetch_array($result01);
$boarding_fee = $row01['amount'];

//class Amount
$session_id=$row001['session_id'];
$term_id=$row002['term_id'];
$result02 = mysqli_query($conn,"SELECT * FROM fee WHERE class_group_id='$cgp' AND term_id='$term_id' AND session_id='$session_id'");
$row02 = mysqli_fetch_array($result02);
$class_amount02 = $row02['amount'];
$other_fee = $row02['other_fee'];

//New Intake
$result101a = mysqli_query($conn,"SELECT * FROM student WHERE std_id= '$ID' AND new_intake='1'");
$row101a= mysqli_fetch_array($result101a);
$class_group_ida = isset($row101a['class_group_id'])?$row101a['class_group_id'] :0;

$result101b = mysqli_query($conn,"SELECT * FROM new_intake WHERE class_group_id= '$class_group_ida' AND status='active'");
$row101b= mysqli_fetch_array($result101b);
$new_intake = isset($row101b['amount'])?$row101b['amount']: 0;
//Sum_pay
$class_amount_to_pay = (($class_amount02/$staff_rebate) + $boarding_fee + $other_fee + $new_intake - $discount - $rebate);

?>
<style>
.error {color: #FF0000;}
</style>

<script>
    function validateForm() {
 var z = document.forms["form"]["amount"].value;
  if (z == "") {
    alert("Please Enter Amount");
    return false;
 }
}
</script>

  <main id="main" class="main">

    <div class="pagetitle">
      <h1>Make Payment</h1>
      <nav>
        <ol class="breadcrumb">
          <li class="breadcrumb-item"><a href="index">Home</a></li>
          <li class="breadcrumb-item"><a href="pay_info"> << Back </a> </li>
          <li class="breadcrumb-item active">Online Payment</li>
        </ol>
      </nav>
    </div><!-- End Page Title -->
    <section class="section" >
      <div class="row" >
        <div class="col-lg-8">
        <div class="alert alert-primary bg-success text-light border-0 alert-dismissible fade show" role="alert">
          <div class="panel-heading" align="right">
               <h3 align="left" class="panel-title"><?php echo ucwords($row['std_name']); ?> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Of &nbsp;&nbsp;&nbsp;&nbsp;<b><?php echo $row2['class_arm']; ?></b></h3>
              <h3>To Pay:  &#8358; <?php echo number_format($class_amount_to_pay); ?></h3>  
            </div>
         </div>
          <div class="card">
            <div class="card-body">
            <h5 class="card-title"><?php if (isset($message1)) {  echo $message1; } ?> </h5>
              <!-- Horizontal Form -->
              <form action="" method="POST" name="form" class="row g-3 needs-validation" novalidate onsubmit="return validateForm()" enctype="multipart/form-data">
                <input type="hidden" name="std_id" value="<?php echo $row['std_id']; ?>">
                <input type="hidden" name="class_id" value="<?php echo $row['class_id']; ?>">
                <input type="hidden" name="class_group_id" value="<?php echo $row['class_group_id']; ?>">
                <input type="hidden" name="date" value="<?php echo date("Y-m-d")?>" />
                <input type="hidden" name="status" value="active" />
                <input type="hidden" name="trans_status" value="success" />
                <input type="hidden" name="pay_amount" value="<?php echo $row03['amount']; ?>" />
                <div class="row mb-3">
                  <label for="inputEmail3" class="col-sm-2 col-form-label">Session</label>
                  <div class="col-sm-6">
                  <select name="session_id" class="form-select" readonly>
                      <option value="<?php echo $row001['session_id'] ?>"><?php echo $row001['session_name'] ?></option>
                    </select>
                  </div>
                </div>
                <div class="row mb-3">
                  <label for="inputEmail3" class="col-sm-2 col-form-label">Term</label>
                  <div class="col-sm-6">
                  <select name="term_id" class="form-select" readonly>
                      <option value="<?php echo $row002['term_id'] ?>"><?php echo $row002['term_name'] ?></option>
                    </select>
                  </div>
                </div>
                <div class="row mb-3 position-relative">
                  <label for="validationTooltip04" class="col-sm-2 col-form-label">Amount <span class="error">*</span></label>
                  <div class="col-sm-6">
                  <div class="form-control">
                    <input  class="number" aria-label="Default select example" id="validationTooltip04" name="amount" placeholder="Enter Amount" value="" />
                    <div class="invalid-tooltip">
                    Please select the amount you want to pay.
                  </div>
                  </div>
                </div>
                </div>
                <div class="row mb-3">
                  <label for="inputPassword3" class="col-sm-2 col-form-label">Narration</label>
                  <div class="col-sm-10">
                <textarea name="narration" id="tArea" cols="50" oninput="limitChar(this)" maxlength="50" class="form-control"  id="floatingTextarea" style="height: 70px;"></textarea>
                <p align="left" id="charCounter">50 Characters limit</p>
              </div>
                </div>
                <div class="text-center">
                  <button type="submit" name="save" class="btn btn-primary">Submit</button>
                  <button type="reset" class="btn btn-secondary">Clear</button>
                </div>
              </form><!-- End Horizontal Form -->
          <?php } ?>
            </div>
          </div>
        </div>

    </section>

  </main><!-- End #main -->

  <!-- Character Limit in Javascript -->
<script>
    let limitChar = (element) => {
        const maxChar = 50;
        
        let ele = document.getElementById(element.id);
        let charLen = ele.value.length;
        
        let p = document.getElementById('charCounter');
        p.innerHTML = maxChar - charLen + ' characters remaining';
        
        if (charLen > maxChar) 
        {
            ele.value = ele.value.substring(0, maxChar);
            p.innerHTML = 0 + ' characters remaining'; 
        }
    }
</script>

<!-- Number Seperated with comma in json  -->
<script >
  var el = document.querySelector('input.number');
el.addEventListener('keyup', function (event) {
  if (event.which >= 37 && event.which <= 40) return;

  this.value = this.value.replace(/\D/g, '')
                         .replace(/\B(?=(\d{3})+(?!\d))/g, ',');
});
</script>

<?php
include('footer.php');
?>
Creat By MiNi SheLL
Email: devilkiller@gmail.com