SnapItOut/verify.php at master · SpooderManEXE/SnapItOut · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<?php

require('pconfig.php');

session_start();
require_once "config.php";
require('razorpay-php/Razorpay.php');
use Razorpay\Api\Api;
use Razorpay\Api\Errors\SignatureVerificationError;

  $code=$_SESSION['promo'];
  $query = "DELETE FROM promo where code='$code'";
  $result = mysqli_query($connect, $query);


$success = true;

$error = "Payment Failed";

if (empty($_POST['razorpay_payment_id']) === false)
{
    $api = new Api($keyId, $keySecret);

    try
    {
        // Please note that the razorpay order ID must
        // come from a trusted source (session here, but
        // could be database or something else)
        $attributes = array(
            'razorpay_order_id' => $_SESSION['razorpay_order_id'],
            'razorpay_payment_id' => $_POST['razorpay_payment_id'],
            'razorpay_signature' => $_POST['razorpay_signature']
        );

        $api->utility->verifyPaymentSignature($attributes);
    }
    catch(SignatureVerificationError $e)
    {
        $success = false;
        $error = 'Razorpay Error : ' . $e->getMessage();
    }
}
$iddd=$_POST['razorpay_payment_id'];
$tot=$_SESSION['total'];
$t_product='payment'.$_SESSION['id'];
$email=$_SESSION['username'];
if ($success === true){

      $cart='cart'.$_SESSION['id'];
     $query="INSERT INTO ORDERS VALUES ('$email','$tot','$iddd');";
$result = mysqli_query($connect, $query);
$query="CREATE TABLE $iddd SELECT * FROM $cart;";
$result = mysqli_query($connect, $query);
$addr=$_SESSION['address'];
$query=" INSERT INTO `$iddd` (`id`, `name`, `quantity`, `price`) VALUES
(990,'$addr',0, 0.00)";
$result = mysqli_query($connect, $query);
$query="DROP TABLE $cart";
     $result = mysqli_query($connect, $query);}
     else {
       $query="UPDATE $t_product SET paid =$success where total+0.00=$tot";
       $result = mysqli_query($connect, $query);
     }
    ?>
?>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">

<body class="jumbotron text-center">
<div class="jumbotron text-center">
  <h1 class="display-3"><?php
  if ($success === true){
  echo "Thank You!";
  }
  else {
    echo "Sorry!";
  }
  ?></h1>
  <p class="lead"><strong>
    <?php
    if ($success === true){
    echo "<p>Your Payment ID is {$_POST['razorpay_payment_id']}</p>";
    }
    else {
      echo "<p>Your payment failed</p>
               <p>{$error}</p>";
    }
    ?>

</strong> <br><?php
if ($success === true){
echo "For queries on your purchase, mail us the ID to snapitoutstudio@gmail.com or whatsapp us at 6282613191.";
}
else {
  echo "Please try again or contact us via snapitoutstudio@gmail.com or whatsapp to 6282613191.";
}
?>
</p>
  <hr>
  <p>
    Having trouble? <a href="https://www.snapitout.studio/about.php">Contact us</a>
  </p>
  <p class="lead">
    <a class="btn btn-primary btn-sm" href="https://www.snapitout.studio/" role="button">Continue to homepage</a>
  </p>
</div>