Devil Killer Is Here MiNi Shell
MiNi SheLL

Current Path : /hermes/bosweb01/b2920/ayobo.abbotschools.org/
Linux boscustweb5006.eigbox.net 5.4.91 #1 SMP Wed Jan 20 18:10:28 EST 2021 x86_64
Current File : //hermes/bosweb01/b2920/ayobo.abbotschools.org/transport_pay_add.php
<?php
include("php/dbconnect.php");
include("php/checklogin.php");
include("php/header.php");

$errormsg = '';
$action = "add";
	
//Random Number generating receipt no.
$receipt_no ='BUS-'.mt_rand(10000,9999999);


if(isset($_GET['std_id']) & isset($_GET['id']) & isset($_GET['term_id']) & isset($_GET['session_id']) & isset($_GET['class_id'])){

$ID = $_GET['std_id'];

$pay_id = $_GET['id'];

$term_id = $_GET['term_id'];

$session_id = $_GET['session_id'];

$class_id = $_GET['class_id'];


    $result1 = mysqli_query($conn,"SELECT * FROM transport_fee WHERE id='$pay_id'");
    $row1 = mysqli_fetch_array($result1);

    $result = mysqli_query($conn,"SELECT * FROM student WHERE std_id= '$ID'");
    $row= mysqli_fetch_array($result);
    $name = explode(" ", $row['std_name'],2);

    $result0 = mysqli_query($conn,"SELECT * FROM transport_fee WHERE std_id= '$ID' AND session_id = '$session_id' AND term_id = '$term_id' AND class_id = $class_id and trans_status='success' ORDER BY id DESC");
    $row0= mysqli_fetch_array($result0);
 
    $result2 = mysqli_query($conn,"SELECT * FROM class WHERE class_id= '$class_id'");
    $row2= mysqli_fetch_array($result2);
    $class_arm= $row2['class_arm'];


$std_id='';
$std_name='';
$class_id='';
$class_group_id='';
$session_id='';
$term_id='';
$mode_payment='';
$amount='';
$date='';
$narration='';
$class_amount='';
$user_id='';
$user_name='';

if(isset($_POST['save'])){
    
$std_id=mysqli_real_escape_string($conn,$_POST['std_id']);
$std_name=mysqli_real_escape_string($conn,$_POST['std_name']);
$class_id=mysqli_real_escape_string($conn,$_POST['class_id']);
$class_group_id=mysqli_real_escape_string($conn,$_POST['class_group_id']);
$session_id=mysqli_real_escape_string($conn,$_POST['session_id']);
$term_id = mysqli_real_escape_string($conn,$_POST['term_id']);
$amount=mysqli_real_escape_string($conn,$_POST['amount']);
$date=mysqli_real_escape_string($conn,$_POST['date']);
$narration=mysqli_real_escape_string($conn,$_POST['narration']);

// Removing commas from Numbers
$bad_symbols = array(",", "."); 
$amount = str_replace($bad_symbols, "", $amount);

  // Check if Phone Number and E-mail is not empty
  $userab=mysqli_query($conn,"SELECT * FROM student WHERE (pg_phone='' AND std_id ='$std_id') OR (pg_email='' AND std_id ='$std_id')");
  $resultab=mysqli_num_rows($userab);
if($resultab >0 )
{
  header("Location: update_profile?act=xwspvt3");
}else{
  

 //Payment Engine Parameter
 $returnUrl = $baseUrl.'return_transport.php';
 $receiptUrl = $baseUrl.'receipt/transport_receipt.php';  

// Removing commas from Numbers
$bad_symbols = array(",", "."); 
$amount = str_replace($bad_symbols, "", $amount);


//route amount
$route_amount = $row1['route_amount'];

//route name
$route_name = $row1['route_name'];

 $result4 = mysqli_query($conn,"SELECT * FROM session WHERE session_id='$session_id'");
     $row4 = mysqli_fetch_array($result4);

      $session = $row4['session_name'];

      $result5 = mysqli_query($conn,"SELECT * FROM term WHERE term_id='$term_id'");
     $row5 = mysqli_fetch_array($result5);

     $term = $row5['term_name'];

    $result6 = mysqli_query($conn,"SELECT sum(amount_paid) as total FROM transport_fee WHERE std_id='$ID' and term_id='$term_id' and session_id='$session_id' and trans_status='success'");
     $row6 = mysqli_fetch_assoc($result6);

      $sum = $row6['total'];

    $total = $sum + $amount;

$balance = $route_amount - $total;


$result7 = mysqli_query($conn,"SELECT * FROM transport_fee WHERE std_id='$ID' and term_id='$term_id' and session_id='$session_id' and trans_status='success' ORDER BY id DESC");
     $row7 = mysqli_fetch_assoc($result7);

$prev_bal = $row7['balance'];

$prev_amount = $row7['total'];

$p_balance = $row0['balance'];

//To check if the amount to pay is greater than balance

if($amount > $p_balance) {

    $message1 = "<div class=\"alert alert-danger alert-dismissable\">
    <button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-hidden=\"true\">&times;</button>
     <strong>Sorry!</strong> You can not pay above the required balance.
  </div>";
}else{

  $sql = mysqli_query($conn, "INSERT INTO transport_fee (std_id,std_name,class_arm,session,term,class_id,class_group_id,session_id,term_id,mode_payment,amount_paid,date,narration,total,balance,route_amount,route_name,receipt_no,online) VALUES ('$std_id','$std_name','$class_arm','$session','$term','$class_id','$class_group_id','$session_id','$term_id','Online','$amount','$date','$narration','$total','$balance','$route_amount','$route_name','$receipt_no','readonly')");

if($sql ===TRUE) {

   //To pick the transaction ID
   $result101 = mysqli_query($conn,"SELECT * FROM transport_fee WHERE std_id='$ID' and term_id='$term_id' and session_id='$session_id' ORDER BY id DESC");
   $row101 = mysqli_fetch_array($result101);

   echo  'Form Submitted, you will be redirected in few seconds to the payment platform.......';

   echo "<form method='POST' action='".$post_url."'>";
   echo "<input type='hidden' name = 'Email' value='" . $row['pg_email'] . "'>";
   echo "<input type='hidden' name = 'FirstName' value='" . $name[0] . "'>";
   echo "<input type='hidden' name = 'LastName' value='" . $name[1] . "'>";
   echo "<input type='hidden' name = 'Phone' value='" . $row['pg_phone'] . "'>";
   echo "<input type='hidden' name = 'TransactionID' value='" . $row101['id'] . "'>";
   echo "<input type='hidden' name = 'Amount' value='" . $amount . "'>";
   echo "<input type='hidden' name = 'MerchantID' value='" . $MerchantId . "'>";
   echo "<input type='hidden' name = 'UniqueID' value='" . $UniqueId . "'>";
   echo "<input type='hidden' name = 'FeeId' value='" . $FeeId . "'>";
   echo "<input type='hidden' name = 'returnUrl' value='" . $returnUrl . "'>";
   echo "<input type='hidden' name = 'Description' value='" . $receipt_no . "'>";
   echo "<input type='hidden' name = 'receiptUrl' value='" . $receiptUrl . "'>";
     
   echo "</form>";

   /** Auto submit form. Alternatively, a submit button can be put in its stead. */
   echo "<script language='javascript'>";
   echo "var form = document.forms[0];";
   echo "form.submit()</script>";


//    $select = mysqli_query($conn, "SELECT * FROM update_transport_fee WHERE term_id='$term_id' AND std_id='$std_id' AND session_id='$session_id'");
//      $rows_selected = mysqli_num_rows($select);

//      // if number of rows is 0, then insert it. else update it
//     if($rows_selected > 0){

//         $qry1 = mysqli_query($conn, "UPDATE update_transport_fee SET total ='$total',balance='$balance',route_name='$route_name' WHERE term_id='$term_id' AND std_id='$std_id' AND session_id='$session_id'");


//     header("Location:transportation");

// }else{

//         $sql5 = mysqli_query($conn, "INSERT INTO update_transport_fee (std_id,class_id,class_group_id,session_id,term_id,total,balance,route_name,status) VALUES ('$std_id','$class_id','$class_group_id','$session_id','$term_id','$total','$balance','$route_name','$status')");

//     if($sql5){

//     header("Location:transportation");

// exit();

// }else{


//     echo "Submition Failed";
// }
//} 
}  
} 
}
}
?>

<style>
.error {color: #FF0000;}
</style>

<script>
    function validateForm() {
 var z = document.forms["form"]["amount"].value;
  if (z == "") {
    alert("Please Enter Amount");
    return false;
 }
}
</script>
  <main id="main" class="main">
    <div class="pagetitle">
      <h1>Make Payment</h1>
      <nav>
        <ol class="breadcrumb">
          <li class="breadcrumb-item"><a href="index">Home</a></li>
          <li class="breadcrumb-item"><a href="pay_info"> << Back </a> </li>
          <li class="breadcrumb-item active">Online Transportation Payment</li>
        </ol>
      </nav>
    </div><!-- End Page Title -->
    <section class="section" >
      <div class="row" >
        <div class="col-lg-8">
        <div class="alert alert-primary bg-info text-light border-0 alert-dismissible fade show" role="alert">
        <div class="panel-heading" align="right">
               <h3 align="left" class="panel-title"><?php echo ucwords($row['std_name']); ?> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Of &nbsp;&nbsp;&nbsp;&nbsp;<b><?php echo $row2['class_arm']; ?></b></h3>
              <h3>Balance To Pay:  &#8358; <?php echo number_format($row0['balance']); ?> <small> For <?php echo $row0['route_name'];?></small></h3>  
            </div>
         </div>

          <div class="card">
            <div class="card-body">
              <h5 class="card-title"><?php if (isset($message1)) {  echo $message1; } ?> </h5>

              <!-- Horizontal Form -->
              <form  action="" method="POST" class="row g-3 needs-validation" name="form" novalidate onsubmit="return validateForm()" enctype="multipart/form-data">
                <input type="hidden" name="std_id" value="<?php echo $row['std_id']; ?>">
                <input type="hidden" name="std_name" value="<?php echo $row['std_name']; ?>">
                <input type="hidden" name="class_id" value="<?php echo $row['class_id']; ?>">
                <input type="hidden" name="class_group_id" value="<?php echo $row['class_group_id']; ?>">
                <input type="hidden"  name="date" value="<?php echo date("Y-m-d")?>" />
                <input type="hidden"  name="status" value="active" />
                <div class="row mb-3">
                  <label for="inputEmail3" class="col-sm-2 col-form-label">Session</label>
                  <div class="col-sm-6">
                  <select class="form-select" name="session_id" readonly>
                      <option value="<?php echo $row0['session_id'] ?>">
                      <?php
                       $session_id1 = $row0['session_id'];
                          $sql = "select * from session where session_id = '$session_id1'";
                          $q = $conn->query($sql);
                              while($r = $q->fetch_assoc()){
                          ?>
                           <?php echo $r['session_name'] ?></option>
                          <?php
                          }
                          ?>
                    </select>
                  </div>
                </div>
                <div class="row mb-3">
                  <label for="inputEmail3" class="col-sm-2 col-form-label">Term</label>
                  <div class="col-sm-6">
                  <select class="form-select" name="term_id" readonly>
                      <option value="<?php echo $row0['term_id'] ?>"> 
                      <?php
                       $term_id1 = $row0['term_id'];
                          $sql = "select * from term where term_id = '$term_id1'";
                          $q = $conn->query($sql);
                              while($r = $q->fetch_assoc()){
                          ?>
                           <?php echo $r['term_name'] ?></option>
                          <?php
                          }
                          ?>
                    </select>
                  </div>
                </div>
                <div class="row mb-3 position-relative">
                  <label for="validationTooltip04" class="col-sm-2 col-form-label">Amount <span class="error">*</span></label>
                  <div class="col-sm-6">
                  <div class="form-control">
                    <input  class="number" aria-label="Default select example" id="validationTooltip04" name="amount" placeholder="Enter Amount" value="" />
                    <div class="invalid-tooltip">
                    Please select the amount you want to pay.
                  </div>
                  </div>
                </div>
                </div>
                <div class="row mb-3">
                  <label for="inputPassword3" class="col-sm-2 col-form-label">Narration</label>
                  <div class="col-sm-10">
                <textarea name="narration" id="tArea" cols="50" oninput="limitChar(this)" maxlength="50" class="form-control"  id="floatingTextarea" style="height: 70px;"></textarea>
                <p align="left" id="charCounter">50 Characters limit</p>
              </div>
                </div>
                <div class="text-center">
                  <button type="submit" name="save" class="btn btn-primary">Submit</button>
                  <button type="reset" class="btn btn-secondary">Clear</button>
                </div>
              </form><!-- End Horizontal Form -->
          <?php } ?>
            </div>
          </div>
        </div>

    </section>

  </main><!-- End #main -->

  <!-- Character Limit in Javascript -->
<script>
    let limitChar = (element) => {
        const maxChar = 50;
        
        let ele = document.getElementById(element.id);
        let charLen = ele.value.length;
        
        let p = document.getElementById('charCounter');
        p.innerHTML = maxChar - charLen + ' characters remaining';
        
        if (charLen > maxChar) 
        {
            ele.value = ele.value.substring(0, maxChar);
            p.innerHTML = 0 + ' characters remaining'; 
        }
    }

</script>
<!-- Number Seperated with comma in json  -->
<script >
  var el = document.querySelector('input.number');
el.addEventListener('keyup', function (event) {
  if (event.which >= 37 && event.which <= 40) return;

  this.value = this.value.replace(/\D/g, '')
                         .replace(/\B(?=(\d{3})+(?!\d))/g, ',');
});
</script>
<?php
include('footer.php');
?>
Creat By MiNi SheLL
Email: devilkiller@gmail.com