Browse code
Changed majority of files.
DoubleBastionAdmin authored on 30/11/2024 06:56:40
Showing 1 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,70 @@ |
| 1 |
+<?php |
|
| 2 |
+/** |
|
| 3 |
+ * Copyright (C) 2021 Double Bastion LLC |
|
| 4 |
+ * |
|
| 5 |
+ * This file is part of Roundpin, which is licensed under the |
|
| 6 |
+ * GNU Affero General Public License Version 3.0. The license terms |
|
| 7 |
+ * are detailed in the "LICENSE.txt" file located in the root directory. |
|
| 8 |
+ */ |
|
| 9 |
+ |
|
| 10 |
+session_start(); |
|
| 11 |
+ |
|
| 12 |
+ // header('Set-Cookie: PHPSESSID= ' . session_id() . '; SameSite=strict; Secure=true; HttpOnly=true;');
|
|
| 13 |
+ |
|
| 14 |
+if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {
|
|
| 15 |
+ |
|
| 16 |
+ define('ACCESSCONST', TRUE);
|
|
| 17 |
+ |
|
| 18 |
+ require('db-connect.php');
|
|
| 19 |
+ |
|
| 20 |
+ $username = $_POST['username']; |
|
| 21 |
+ |
|
| 22 |
+ // Get the id of the user who asks for their Phaxio balance |
|
| 23 |
+ $query1 = $mysqli->prepare("SELECT id, username FROM app_users WHERE BINARY username = ?");
|
|
| 24 |
+ $query1->bind_param("s", $username);
|
|
| 25 |
+ $query1->execute(); |
|
| 26 |
+ $queryres = $query1->get_result()->fetch_assoc(); |
|
| 27 |
+ $userID = $queryres['id']; |
|
| 28 |
+ |
|
| 29 |
+ // Get the encrypted Phaxio key and secret from the 'fax_settings' table |
|
| 30 |
+ $query2 = $mysqli->prepare("SELECT userid, phax_api_key, phax_api_secret FROM fax_settings WHERE userid = ?");
|
|
| 31 |
+ $query2->bind_param("i", $userID);
|
|
| 32 |
+ $query2->execute(); |
|
| 33 |
+ $fetchInfo = $query2->get_result()->fetch_assoc(); |
|
| 34 |
+ $phaxioKeyEnc = $fetchInfo['phax_api_key']; |
|
| 35 |
+ $phaxioSecretEnc = $fetchInfo['phax_api_secret']; |
|
| 36 |
+ |
|
| 37 |
+ // Decrypt the key and secret obtained from the 'fax_settings' table |
|
| 38 |
+ $psswdaddedkey = file_get_contents('../restr/' . $username . '/pwdphaxiokey');
|
|
| 39 |
+ $componentsippsswd = explode(':', $phaxioKeyEnc);
|
|
| 40 |
+ $encpwdin = $componentsippsswd[0]; |
|
| 41 |
+ $ivkey = $componentsippsswd[1]; |
|
| 42 |
+ $phaxioKey = openssl_decrypt($encpwdin, 'AES-256-CBC', $psswdaddedkey, false, $ivkey); |
|
| 43 |
+ |
|
| 44 |
+ $psswdaddedkeysec = file_get_contents('../restr/' . $username . '/pwdphaxiosecret');
|
|
| 45 |
+ $compsippsswdsec = explode(':', $phaxioSecretEnc);
|
|
| 46 |
+ $encpwdinsec = $compsippsswdsec[0]; |
|
| 47 |
+ $ivkeysec = $compsippsswdsec[1]; |
|
| 48 |
+ $phaxioSecret = openssl_decrypt($encpwdinsec, 'AES-256-CBC', $psswdaddedkeysec, false, $ivkeysec); |
|
| 49 |
+ |
|
| 50 |
+ // Get the Phaxio balance |
|
| 51 |
+ $ch = curl_init(); |
|
| 52 |
+ curl_setopt($ch, CURLOPT_URL, "https://" . $phaxioKey . ":" . $phaxioSecret . "@api.phaxio.com/v2.1/account/status"); |
|
| 53 |
+ curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json", "Accept: application/json"));
|
|
| 54 |
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
|
| 55 |
+ $responsephax = curl_exec($ch); |
|
| 56 |
+ $recdataphax = json_decode($responsephax, TRUE); |
|
| 57 |
+ $phaxbalresponse = $recdataphax['data']['balance']; |
|
| 58 |
+ $phaxioBalance = round(($phaxbalresponse / 100), 3); |
|
| 59 |
+ $phaxioreqsuccess = $recdataphax['success']; |
|
| 60 |
+ curl_close($ch); |
|
| 61 |
+ |
|
| 62 |
+ if ($phaxioreqsuccess) { $messagetosend = 'success'; } else { $messagetosend = 'failure'; }
|
|
| 63 |
+ |
|
| 64 |
+ $respdata = ['messagetosend' => $messagetosend, 'phaxiobalance' => $phaxioBalance]; |
|
| 65 |
+ |
|
| 66 |
+ echo json_encode($respdata); |
|
| 67 |
+ |
|
| 68 |
+} else { header("Location: ../login.php"); }
|
|
| 69 |
+ |
|
| 70 |
+?> |