| Current File : /home/viralhoga/public_html/payment/success.php |
<?php
$dbHost="localhost";
$dbUsername="viralhoga_viralhogauser";
$dbPassword="D#L3mfXUbKP$";
$dbName="viralhoga_viralhoga";
$con=mysqli_connect($dbHost,$dbUsername,$dbPassword,$dbName) or die(mysqli_connect_error());
session_start();
$status=$_POST["status"];
$firstname=$_POST["firstname"];
$amount=$_POST["amount"];
$txnid=$_POST["txnid"];
$posted_hash=$_POST["hash"];
$key=$_POST["key"];
$productinfo=$_POST["productinfo"];
$email=$_POST["email"];
$salt="JmeuuwMI57ttMaJV8ho0tw1iI7eHaofH";
// Salt should be same Post Request
If (isset($_POST["additionalCharges"])) {
$additionalCharges=$_POST["additionalCharges"];
$retHashSeq = $additionalCharges.'|'.$salt.'|'.$status.'|||||||||||'.$email.'|'.$firstname.'|'.$productinfo.'|'.$amount.'|'.$txnid.'|'.$key;
} else {
$retHashSeq = $salt.'|'.$status.'|||||||||||'.$email.'|'.$firstname.'|'.$productinfo.'|'.$amount.'|'.$txnid.'|'.$key;
}
$hash = hash("sha512", $retHashSeq);
if ($hash != $posted_hash) {
echo "Invalid Transaction. Please try again";
} else {
$up_query = mysqli_query($con,"update `cart` set paysts='Success',transID='$txnid' where code_id='$txnid'");
if($up_query){
unset($_SESSION['receipt_id']);
unset($_SESSION['amount']);
//sel data
$sel_query = mysqli_query($con,"select reg_id,bll_name,bll_mob,bll_email from `cart` where code_id='$txnid'");
$userData = mysqli_fetch_array($sel_query);
$_SESSION['reg_id']=$userData['reg_id'];
$_SESSION['name']=$userData['bll_name'];
$_SESSION['email']=$userData['bll_email'];
$_SESSION['mobile']=$userData['bll_mob'];
echo "<h3>Thank You. Your order status is ". $status .".</h3>";
echo "<h4>Your Transaction ID for this transaction is ".$txnid.".</h4>";
echo "<h4>We have received a payment of Rs. " . $amount . ". Your order will soon be shipped.</h4>";
header("Refresh:5; url=https://viralhoga.com/booking.php");
}
}
?>