One Hat Cyber Team

Your IP : 216.73.216.240

Server IP : 162.240.106.28

Server : Linux server.ganesand.com 3.10.0-1160.80.1.el7.x86_64 #1 SMP Tue Nov 8 15:48:59 UTC 2022 x86_64

Server Software : Apache

PHP Version : 7.1.33

Buat File | Buat Folder

Dir : ~/home/thoa/www/fpdf/

Edit File: qrinv.php

<?
 error_reporting(0);
 include('../config.php');
 $blno = "www.shahajservice.com";

session_start();

$t = $_SESSION["apage"];
if($t)	
{	
$appno = $_SESSION["inno"] = $inno;
$date1 = $_SESSION["appdate"];

$main = $_SESSION["apsel"];
$pack = $_SESSION["subcat"];
$cls = $_SESSION["clas"];

$apname = $_SESSION['apname'];
$mob =	$_SESSION["apmob"];
$mail = $_SESSION["apmail"];
$add = $_SESSION["apadd"];
$apstate = $_SESSION["apstate"];
$amt = $_SESSION["gstamt"];
$appcod = $_SESSION["appcod"];
$apgst = $_SESSION["apgst"];

/* if($_SESSION["inno"])
{
	$inno = $_SESSION["inno"];
}
else
{
session_start(); */

$sql = mysql_query("select * from invoice WHERE INV_ID='1'"); // for editing
$row = mysql_fetch_array($sql);
$_SESSION["inno"] = $inno = $row['INV_NO'];

}
else
{
$sql = mysql_query("select * from invoice WHERE INV_ID='1'"); // for editing
$row = mysql_fetch_array($sql);
$inno = $row['INV_NO'];	
$appno = $_SESSION["inno"] = $inno;
$apinvo =  $_POST['apinvo'];
if($apinvo)
{ ?>
 <script type="text/javascript">
  alert("Invoice Already Generated");                               
                               
			location.href = '../admin1/mg_invoice.php';

</script>  	
<? 
}
$_SESSION["apno"] = $_POST['apno'];
$date1 = $_SESSION["appdate"] = $_POST['appdate'];
$main = $_SESSION["apsel"] =  $_POST['apsel'];
$pack = $_SESSION["subcat"] = $_POST['subcat'];
$cls = $_SESSION["clas"] = $_POST['clas'];
$apname = $_SESSION['apname'] = $_POST['apname'];
$mob =	$_SESSION["apmob"] =	$_POST['apmob'];
$mail = $_SESSION["apmail"] = $_POST['apmail'];
$add = $_SESSION["apadd"] = $_POST['apadd'];
$apcity = $_SESSION["apcity"] = $_POST["apcity"];
$apstate = $_SESSION["apstate"] = $_POST["apstate"];
$appcod = $_SESSION["appcod"]= $_POST["appcod"];	
$apgst = $_SESSION["apgst"] = $_POST["apgst"];
					$queryamt=mysql_query("select *  from price where SP_NAME ='".$pack."' and P_NAME ='".$main."' and C_NAME='".$cls."'");
					if($rowamt=mysql_fetch_array($queryamt)) 
					{

$amt =	$_SESSION["gstamt"] = $rowamt['SP_AMT'];
					$_SESSION["totamt"] = $rowamt['TOT_AMT'];

}
}

$i =1;
$_REQUEST['data'] = $apname.$appno.$mob.$main.$pack.$cls.$amt;
 
?>
<?php

//set it to writable location, a place for temp generated PNG files
    $PNG_TEMP_DIR = dirname(__FILE__).DIRECTORY_SEPARATOR.'temp'.DIRECTORY_SEPARATOR;
    
    //html PNG location prefix
    $PNG_WEB_DIR = 'temp/';

include "qrlib.php";    
    
    //ofcourse we need rights to create temp dir
    if (!file_exists($PNG_TEMP_DIR))
        mkdir($PNG_TEMP_DIR);
    
    
    $filename = $PNG_TEMP_DIR.'test.png';
    
    //processing form input
    //remember to sanitize user input in real-life solution !!!
    $errorCorrectionLevel = 'L';
    if (isset($_REQUEST['level']) && in_array($_REQUEST['level'], array('L','M','Q','H')))
        $errorCorrectionLevel = $_REQUEST['level'];

$matrixPointSize = 4;
    if (isset($_REQUEST['size']))
        $matrixPointSize = min(max((int)$_REQUEST['size'], 1), 10);

if (isset($_REQUEST['data'])) { 
    
        //it's very important!
        if (trim($_REQUEST['data']) == '')
            die('data cannot be empty! <a href="?">back</a>');
            
        // user data
        $filename = $PNG_TEMP_DIR.'test'.md5($_REQUEST['data'].'|'.$errorCorrectionLevel.'|'.$matrixPointSize).'.png';
        QRcode::png($_REQUEST['data'], $filename, $errorCorrectionLevel, $matrixPointSize, 2);    
        
    } else {    
    
        //default data
        echo 'You can provide data in GET parameter: <a href="?data=like_that">like that</a><hr/>';    
        QRcode::png('PHP QR Code :)', $filename, $errorCorrectionLevel, $matrixPointSize, 2);    
        
    }    
        
    //display generated file
    '<img src="'.$PNG_WEB_DIR.basename($filename).'" /><hr/>';

$codeContents = $_REQUEST['data']; 
     
    // we need to generate filename somehow,  
    // with md5 or with database ID used to obtains $codeContents... 
    $fileName = '006_file.png'; 
     
    $pngAbsoluteFilePath = $tempDir.$fileName; 
    $urlRelativeFilePath = EXAMPLE_TMP_URLRELPATH.$fileName; 
     
    // generating 
    if (file_exists($pngAbsoluteFilePath)) { 
        QRcode::png($codeContents, $pngAbsoluteFilePath); 
         'File generated!'; 
         '<hr />'; 
    } 
     
    'Server PNG File: '.$pngAbsoluteFilePath; 
    '<hr />'; 
     
    // displaying 
     '<img src="'.$urlRelativeFilePath.'" />'; 
	 if($i==1)
	 {
 ?>
 	 <script type="text/javascript">
                                 
                               
			location.href = 'agst.php';

</script>  
	<? } else{
		?>
	 <script type="text/javascript">
                                 
                               
			location.href = '../index.php';

</script>  
	<? } ?>