shell bypass 403
<?php
defined('BASEPATH') OR exit('No direct script access allowed');
class CCavenue extends CI_Controller{
public $CI = NULL;
//phonepe
public function __construct()
{
parent::__construct();
$this->load->model("Curd");
$this->load->library('cart');
$this->load->database();
$this->load->helper('array');
$this->CI = & get_instance();
}
function index(){
}
// public function pay(){
// $data['main_cat'] = $this->Curd->fetch_where_order("tb_main_category",array("*"),array("status"=>1),"ASC");
// //print_r($_POST);die;
// $amount = $this->input->post('amount');
// $order_id = $this->input->post('txnid');
// $mobile = $this->input->post('mobile');
// $apikey= "ab0b1ce5-bd3f-490a-bfc1-35a36e42e10a";
// // Step 1: Create the JSON payload with a custom parameter
// $payload = array(
// "merchantId" => "M22D5LIYNKQMF",//Live mID - M22D5LIYNKQMF,
// "merchantTransactionId" => $order_id,
// "merchantUserId" => rand(),
// "amount" => $amount*100,
// "redirectUrl" => 'https://www.gutlooks.com/phonepe/redirect',
// "redirectMode" => "POST",
// "callbackUrl" => 'https://www.gutlooks.com/phonepe/callback',
// "mobileNumber" => $mobile,
// "paymentInstrument" => array(
// "type" => "PAY_PAGE"
// ),
// // "customParam" => "hy" // Add your custom parameter here
// );
// // Step 2: Convert the JSON payload to Base64
// $jsonPayload = json_encode($payload);
// $base64Payload = base64_encode($jsonPayload);
// //
// $salt_index = 1; //key index 1
// $payload1 = $base64Payload . "/pg/v1/pay" . $apikey;
// $sha256 = hash("sha256", $payload1);
// $final_x_header = $sha256 . '###' . $salt_index;
// //
// // Step 3: Construct the final request payload
// $request = json_encode(array(
// "request" => $base64Payload
// ));
// // MID: PHONEPETESTUAT
// // saltKey: 56c43115-7eda-40ce-a6e1-43339fbbf07c,
// // saltIndex: 1
// // https://api-preprod.phonepe.com/apis/pg-sandbox/pg/v1/pay
// // mgk-rjuf-ghx
// $curl = curl_init();
// curl_setopt_array($curl, [
// CURLOPT_URL => "https://api.phonepe.com/apis/hermes/pg/v1/pay", //prod host url
// CURLOPT_RETURNTRANSFER => true,
// CURLOPT_ENCODING => "",
// CURLOPT_MAXREDIRS => 10,
// CURLOPT_TIMEOUT => 30,
// CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
// CURLOPT_CUSTOMREQUEST => "POST",
// CURLOPT_POSTFIELDS => $request,
// CURLOPT_HTTPHEADER => [
// "Content-Type: application/json",
// "X-VERIFY: " . $final_x_header,
// "accept: application/json"
// ],
// ]);
// $response = curl_exec($curl);
// $err = curl_error($curl);
// curl_close($curl);
// if ($err) {
// echo "cURL Error #:" . $err;
// } else {
// $res = json_decode($response);
// if (isset($res->success) && $res->success == '1') {
// $paymentCode = $res->code;
// $paymentMsg = $res->message;
// $payUrl = $res->data->instrumentResponse->redirectInfo->url;
// }
// header("Location:$payUrl");
// }
// }
public function ccavRequestHandler(){
$this->load->view('ccavRequestHandler');
}
public function callback()
{
//$order_id = $this->input->post('txnid');
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
$json = file_get_contents('php://input');
$response = json_decode($json, true);
$value = $response['response'];
$json_format = base64_decode($value);
$ab = json_decode($json_format);
$transaction_id = $response['data']['merchantTransactionId'];
if($ab['code'] == 'PAYMENT_SUCCESS') {
//////
$data = array('pay_status'=>'Paid','pay_transaction_id'=>$response['data']['transactionId'],'pay_logs'=>$value);
// $this->db->where('order_no', $transaction_id);
// $this->db->update('tb_order',$data);
}
else
{
$data = array('pay_status'=>'Failed','pay_transaction_id'=>$response['data']['transactionId'],'pay_logs'=>$value);
//$transaction_id = $response['data']['merchantTransactionId'];
}
$this->db->where('order_no', $transaction_id);
$this->db->update('tb_order',$data);
}
}
}
?>