diff --git a/system/autoload/App.php b/system/autoload/App.php index 71f1614f..e39b9611 100644 --- a/system/autoload/App.php +++ b/system/autoload/App.php @@ -19,6 +19,9 @@ class App{ } public static function getTokenValue($key){ + if(empty($key)){ + return ""; + } if(isset($_SESSION[$key])){ return $_SESSION[$key]; }else{ diff --git a/system/autoload/Balance.php b/system/autoload/Balance.php index 6748dfa9..66981a19 100644 --- a/system/autoload/Balance.php +++ b/system/autoload/Balance.php @@ -30,13 +30,9 @@ class Balance public static function min($id_customer, $amount) { $c = ORM::for_table('tbl_customers')->where('id', $id_customer)->find_one(); - if ($c && $c['balance'] >= $amount) { - $c->balance = $c['balance'] - $amount; - $c->save(); - return true; - } else { - return false; - } + $c->balance = $c['balance'] - $amount; + $c->save(); + return true; } public static function plusByPhone($phone_customer, $amount) diff --git a/system/autoload/Message.php b/system/autoload/Message.php index a1a50a58..fa619b00 100644 --- a/system/autoload/Message.php +++ b/system/autoload/Message.php @@ -188,6 +188,20 @@ class Message } else { $msg = str_replace('[[expired_date]]', "", $msg); } + + if(strpos($msg, '[[payment_link]]')!== false){ + // token only valid for 1 day, for security reason + $token = User::generateToken($customer['id'], 1); + $tur = ORM::for_table('tbl_user_recharges') + ->where('customer_id', $customer['id']) + ->where('namebp', $package) + ->find_one(); + if($tur){ + $url = APP_URL . '?_route=home&recharge='. $tur.'uid='. $token; + $msg = str_replace('[[payment_link]]', $url, $msg); + } + } + if ( !empty($customer['phonenumber']) && strlen($customer['phonenumber']) > 5 && !empty($message) && in_array($via, ['sms', 'wa']) diff --git a/system/autoload/User.php b/system/autoload/User.php index 9737baf7..d0dd08d8 100644 --- a/system/autoload/User.php +++ b/system/autoload/User.php @@ -163,7 +163,8 @@ class User if($validDays>=30){ $time = time(); }else{ - $time = strtotime("+ $validDays days"); + // for customer, deafult expired is 30 days + $time = strtotime('+ '.(30 - $validDays).' days'); } return [ diff --git a/system/boot.php b/system/boot.php index ec9806ca..43ac9166 100644 --- a/system/boot.php +++ b/system/boot.php @@ -79,9 +79,10 @@ $handler = $routes[0]; if ($handler == '') { $handler = 'default'; } + try { if(!empty($_GET['uid'])){ - $_COOKIE['uid'] = $_GET['token']; + $_COOKIE['uid'] = $_GET['uid']; } $admin = Admin::_info(); $sys_render = $root_path . File::pathFixer('system/controllers/' . $handler . '.php'); diff --git a/system/controllers/home.php b/system/controllers/home.php index f7f4c5fc..56ed7d45 100644 --- a/system/controllers/home.php +++ b/system/controllers/home.php @@ -143,19 +143,7 @@ if (isset($_GET['recharge']) && !empty($_GET['recharge'])) { $routers = ORM::for_table('tbl_routers')->where('name', $bill['routers'])->find_one(); $router = $routers['id']; } - if ($config['enable_balance'] == 'yes') { - $plan = ORM::for_table('tbl_plans')->find_one($bill['plan_id']); - if (!$plan['enabled']) { - r2(U . "home", 'e', 'Plan is not exists'); - } - if ($user['balance'] > $plan['price']) { - r2(U . "order/pay/$router/$bill[plan_id]&stoken=" . _get('stoken'), 'e', 'Order Plan'); - } else { - r2(U . "order/buy/$router/$bill[plan_id]", 'e', 'Order Plan'); - } - } else { - r2(U . "order/buy/$router/$bill[plan_id]", 'e', 'Order Plan'); - } + r2(U. "order/gateway/$router/$bill[plan_id]"); } } else if (!empty(_get('extend'))) { if ($user['status'] != 'Active') { diff --git a/system/controllers/order.php b/system/controllers/order.php index 12300af7..b06fbc0a 100644 --- a/system/controllers/order.php +++ b/system/controllers/order.php @@ -205,15 +205,13 @@ switch ($action) { if ($user['status'] != 'Active') { _alert(Lang::T('This account status') . ' : ' . Lang::T($user['status']), 'danger', ""); } - $plan = ORM::for_table('tbl_plans')->where('enabled', '1')->find_one($routes['3']); - if (empty($plan)) { + $plan = ORM::for_table('tbl_plans')->find_one($routes[3]); + if (!$plan) { r2(U . "order/package", 'e', Lang::T("Plan Not found")); } - if (!$plan['enabled']) { - r2(U . "home", 'e', 'Plan is not exists'); - } if ($plan['is_radius'] == '1') { $router_name = 'radius'; + $router = 'radius'; } else { $router_name = $plan['routers']; } @@ -237,21 +235,21 @@ switch ($action) { $tax = 0; } // Tax calculation stop - - if ($plan && $plan['enabled'] && $user['balance'] >= $plan['price'] + $tax) { + $total_cost = $plan['price'] + $add_cost + $tax; + if ($plan && $plan['enabled'] && $user['balance'] >= $total_cost) { if (Package::rechargeUser($user['id'], $router_name, $plan['id'], 'Customer', 'Balance')) { // if success, then get the balance - Balance::min($user['id'], $plan['price'] + $add_cost + $tax); + Balance::min($user['id'], $total_cost); App::setToken($_GET['stoken'], "success"); r2(U . "voucher/invoice/", 's', Lang::T("Success to buy package")); } else { r2(U . "order/package", 'e', Lang::T("Failed to buy package")); Message::sendTelegram("Buy Package with Balance Failed\n\n#u$c[username] #buy \n" . $plan['name_plan'] . "\nRouter: " . $router_name . - "\nPrice: " . $plan['price'] + $tax); + "\nPrice: " . $total_cost); } } else { - r2(U . "home", 'e', 'Plan is not exists'); + r2(U . "order/gateway/$routes[2]/$routes[3]", 'e', Lang::T("Insufficient balance")); } break; @@ -440,6 +438,11 @@ switch ($action) { } case 'buy': $gateway = _post('gateway'); + print_r($routes); + if($gateway == 'balance') { + unset($_SESSION['gateway']); + r2(U . 'order/pay/' . $routes[2] . '/' . $routes[3]); + } if (empty($gateway) && !empty($_SESSION['gateway'])) { $gateway = $_SESSION['gateway']; } else if (!empty($gateway)) { diff --git a/system/lan/english.json b/system/lan/english.json index c1843a6c..a66fe769 100644 --- a/system/lan/english.json +++ b/system/lan/english.json @@ -878,5 +878,12 @@ "Token_has_expired__Please_log_in_again_": "Token has expired. Please log in again.", "Minute": "Minute", "Hour": "Hour", - "Failed_to_connect_to_device": "Failed to connect to device" + "Failed_to_connect_to_device": "Failed to connect to device", + "Custom_Balance": "Custom Balance", + "Input_Desired_Amount": "Input Desired Amount", + "Security": "Security", + "Enable_CSRF_Validation": "Enable CSRF Validation", + "Cross_site_request_forgery": "Cross-site request forgery", + "Validity_Periode": "Validity Periode", + "Insufficient_balance": "Insufficient balance" } \ No newline at end of file diff --git a/ui/ui/customer/orderPlan.tpl b/ui/ui/customer/orderPlan.tpl index 9f68c4e4..b5253b6d 100644 --- a/ui/ui/customer/orderPlan.tpl +++ b/ui/ui/customer/orderPlan.tpl @@ -35,8 +35,9 @@ {Lang::T('Price')} {Lang::moneyFormat($plan['price'])} {if !empty($plan['price_old'])} - {Lang::moneyFormat($plan['price_old'])} - {/if} + {Lang::moneyFormat($plan['price_old'])} + {/if} @@ -48,18 +49,67 @@
-
- {Lang::T('Buy')} - {if $_c['enable_balance'] == 'yes' && $_user['balance']>=$plan['price']} - {Lang::T('Pay With Balance')} - {/if} + {Lang::T('Buy')} + {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && $_user['balance']>=$plan['price']} + {Lang::T('Buy for friend')} + {/if} +
+
+ + {/foreach} + + {/if} + {elseif $_user['service_type'] == 'Hotspot'} + {if Lang::arrayCount($radius_hotspot)>0} +
    +
  1. {if $_c['radius_plan']==''}Radius Plan{else}{$_c['radius_plan']}{/if}
    2. +
  2. {if $_c['hotspot_plan']==''}Hotspot Plan{else}{$_c['hotspot_plan']}{/if}
    3. +
+
+ {foreach $radius_hotspot as $plan} +
+
+
{$plan['name_plan']}
+
+
+ + + + + + + {if $_c['show_bandwidth_plan'] == 'yes'} + + + + + {/if} + + + + + + + + + +
{Lang::T('Type')}{$plan['type']}
{Lang::T('Bandwidth')}
{Lang::T('Price')}{Lang::moneyFormat($plan['price'])} + {if !empty($plan['price_old'])} + {Lang::moneyFormat($plan['price_old'])} + {/if} +
{Lang::T('Validity')}{$plan['validity']} {$plan['validity_unit']}
- {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && - $_user['balance']>=$plan['price']} +
+
+ {Lang::T('Buy')} + {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && $_user['balance']>=$plan['price']} {Lang::T('Buy for friend')} @@ -70,14 +120,15 @@ {/foreach}
{/if} - {elseif $_user['service_type'] == 'Hotspot'} - {if Lang::arrayCount($radius_hotspot)>0} -
    -
  1. {if $_c['radius_plan']==''}Radius Plan{else}{$_c['radius_plan']}{/if}
    2. -
  2. {if $_c['hotspot_plan']==''}Hotspot Plan{else}{$_c['hotspot_plan']}{/if}
    3. -
+ {elseif $_user['service_type'] == 'Others' || $_user['service_type'] == '' && (Lang::arrayCount($radius_pppoe)>0 + || Lang::arrayCount($radius_hotspot)>0)} +
    +
  1. {if $_c['radius_plan']==''}Radius Plan{else}{$_c['radius_plan']}{/if}
    2. +
  2. {if $_c['pppoe_plan']==''}PPPOE Plan{else}{$_c['pppoe_plan']}{/if}
    3. +
+ {if Lang::arrayCount($radius_pppoe)>0}
- {foreach $radius_hotspot as $plan} + {foreach $radius_pppoe as $plan}
{$plan['name_plan']}
@@ -99,8 +150,9 @@ {Lang::T('Price')} {Lang::moneyFormat($plan['price'])} {if !empty($plan['price_old'])} - {Lang::moneyFormat($plan['price_old'])} - {/if} + {Lang::moneyFormat($plan['price_old'])} + {/if} @@ -112,19 +164,11 @@
-
- {Lang::T('Buy')} - {if $_c['enable_balance'] == 'yes' && $_user['balance']>=$plan['price']} - {Lang::T('Pay With Balance')} - {/if} -
- {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && - $_user['balance']>=$plan['price']} - {Lang::T('Buy')} + {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && $_user['balance']>=$plan['price']} + {Lang::T('Buy for friend')} {/if} @@ -134,71 +178,6 @@ {/foreach}
{/if} - {elseif $_user['service_type'] == 'Others' || $_user['service_type'] == '' && (Lang::arrayCount($radius_pppoe)>0 - || Lang::arrayCount($radius_hotspot)>0)} -
    -
  1. {if $_c['radius_plan']==''}Radius Plan{else}{$_c['radius_plan']}{/if}
    2. -
  2. {if $_c['pppoe_plan']==''}PPPOE Plan{else}{$_c['pppoe_plan']}{/if}
    3. -
- {if Lang::arrayCount($radius_pppoe)>0} -
- {foreach $radius_pppoe as $plan} -
-
-
{$plan['name_plan']}
-
-
- - - - - - - {if $_c['show_bandwidth_plan'] == 'yes'} - - - - - {/if} - - - - - - - - - -
{Lang::T('Type')}{$plan['type']}
{Lang::T('Bandwidth')}
{Lang::T('Price')}{Lang::moneyFormat($plan['price'])} - {if !empty($plan['price_old'])} - {Lang::moneyFormat($plan['price_old'])} - {/if} -
{Lang::T('Validity')}{$plan['validity']} {$plan['validity_unit']}
-
-
-
-
- {Lang::T('Buy')} - {if $_c['enable_balance'] == 'yes' && $_user['balance']>=$plan['price']} - {Lang::T('Pay With Balance')} - {/if} -
- {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && - $_user['balance']>=$plan['price']} - {Lang::T('Buy for friend')} - {/if} -
-
-
- {/foreach} -
- {/if} {if Lang::arrayCount($radius_hotspot)>0}
  1. {if $_c['radius_plan']==''}Radius Plan{else}{$_c['radius_plan']}{/if}
    2. @@ -227,8 +206,9 @@ {Lang::T('Price')} {Lang::moneyFormat($plan['price'])} {if !empty($plan['price_old'])} - {Lang::moneyFormat($plan['price_old'])} - {/if} + {Lang::moneyFormat($plan['price_old'])} + {/if} @@ -240,18 +220,11 @@
-
- {Lang::T('Buy')} - {if $_c['enable_balance'] == 'yes' && $_user['balance']>=$plan['price']} - {Lang::T('Pay With Balance')} - {/if} -
+ {Lang::T('Buy')} {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && - $_user['balance']>=$plan['price']} + $_user['balance']>=$plan['price']} {Lang::T('Buy for friend')} @@ -266,8 +239,8 @@ {/if} {foreach $routers as $router} {if Validator::isRouterHasPlan($plans_hotspot, $router['name']) || Validator::isRouterHasPlan($plans_pppoe, - $router['name']) || Validator::isRouterHasPlan($plans_vpn, - $router['name'])} + $router['name']) || Validator::isRouterHasPlan($plans_vpn, + $router['name'])}
{$router['name']}
{if $router['description'] != ''} @@ -302,8 +275,9 @@ {Lang::T('Price')} {Lang::moneyFormat($plan['price'])} {if !empty($plan['price_old'])} - {Lang::moneyFormat($plan['price_old'])} - {/if} + {Lang::moneyFormat($plan['price_old'])} + {/if} @@ -315,18 +289,10 @@
-
- {Lang::T('Buy')} - {if $_c['enable_balance'] == 'yes' && $_user['balance']>=$plan['price']} - {Lang::T('Pay With Balance')} - {/if} -
- {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && - $_user['balance']>=$plan['price']} + {Lang::T('Buy')} + {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && $_user['balance']>=$plan['price']} {Lang::T('Buy for friend')} @@ -364,8 +330,9 @@ {Lang::T('Price')} {Lang::moneyFormat($plan['price'])} {if !empty($plan['price_old'])} - {Lang::moneyFormat($plan['price_old'])} - {/if} + {Lang::moneyFormat($plan['price_old'])} + {/if} @@ -377,18 +344,10 @@
-
- {Lang::T('Buy')} - {if $_c['enable_balance'] == 'yes' && $_user['balance']>=$plan['price']} - {Lang::T('Pay With Balance')} - {/if} -
- {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && - $_user['balance']>=$plan['price']} + {Lang::T('Buy')} + {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && $_user['balance']>=$plan['price']} {Lang::T('Buy for friend')} @@ -426,8 +385,9 @@ {Lang::T('Price')} {Lang::moneyFormat($plan['price'])} {if !empty($plan['price_old'])} - {Lang::moneyFormat($plan['price_old'])} - {/if} + {Lang::moneyFormat($plan['price_old'])} + {/if} @@ -439,18 +399,10 @@
-
- {Lang::T('Buy')} - {if $_c['enable_balance'] == 'yes' && $_user['balance']>=$plan['price']} - {Lang::T('Pay With Balance')} - {/if} -
- {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && - $_user['balance']>=$plan['price']} + {Lang::T('Buy')} + {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && $_user['balance']>=$plan['price']} {Lang::T('Buy for friend')} @@ -492,8 +444,9 @@ {Lang::T('Price')} {Lang::moneyFormat($plan['price'])} {if !empty($plan['price_old'])} - {Lang::moneyFormat($plan['price_old'])} - {/if} + {Lang::moneyFormat($plan['price_old'])} + {/if} @@ -505,18 +458,10 @@
-
- {Lang::T('Buy')} - {if $_c['enable_balance'] == 'yes' && $_user['balance']>=$plan['price']} - {Lang::T('Pay With Balance')} - {/if} -
- {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && - $_user['balance']>=$plan['price']} + {Lang::T('Buy')} + {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && $_user['balance']>=$plan['price']} {Lang::T('Buy for friend')} @@ -552,8 +497,9 @@ {Lang::T('Price')} {Lang::moneyFormat($plan['price'])} {if !empty($plan['price_old'])} - {Lang::moneyFormat($plan['price_old'])} - {/if} + {Lang::moneyFormat($plan['price_old'])} + {/if} @@ -565,18 +511,10 @@
-
- {Lang::T('Buy')} - {if $_c['enable_balance'] == 'yes' && $_user['balance']>=$plan['price']} - {Lang::T('Pay With Balance')} - {/if} -
- {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && - $_user['balance']>=$plan['price']} + {Lang::T('Buy')} + {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && $_user['balance']>=$plan['price']} {Lang::T('Buy for friend')} @@ -612,8 +550,9 @@ {Lang::T('Price')} {Lang::moneyFormat($plan['price'])} {if !empty($plan['price_old'])} - {Lang::moneyFormat($plan['price_old'])} - {/if} + {Lang::moneyFormat($plan['price_old'])} + {/if} @@ -625,18 +564,10 @@
-
- {Lang::T('Buy')} - {if $_c['enable_balance'] == 'yes' && $_user['balance']>=$plan['price']} - {Lang::T('Pay With Balance')} - {/if} -
- {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && - $_user['balance']>=$plan['price']} + {Lang::T('Buy')} + {if $_c['enable_balance'] == 'yes' && $_c['allow_balance_transfer'] == 'yes' && $_user['balance']>=$plan['price']} {Lang::T('Buy for friend')} diff --git a/ui/ui/customer/selectGateway.tpl b/ui/ui/customer/selectGateway.tpl index 2d075f65..4266dcea 100644 --- a/ui/ui/customer/selectGateway.tpl +++ b/ui/ui/customer/selectGateway.tpl @@ -2,44 +2,47 @@
{if file_exists("$PAGES_PATH/Payment_Info.html")} -
-
-
{Lang::T('Payment Info')}
-
{include file="$PAGES_PATH/Payment_Info.html"}
+
+
+
{Lang::T('Payment Info')}
+
{include file="$PAGES_PATH/Payment_Info.html"}
+
-
{/if}
{Lang::T('Available Payment Gateway')}
{if !$custom} -
-
- -
- + +
+ +
+ +
-
-
-
-
{Lang::T('Package Details')}
+
+
+
{Lang::T('Package Details')}
-
    -
  • - {Lang::T('Plan Name')} {$plan['name_plan']} -
    • - {if $plan['is_radius'] or $plan['routers']} -
  • - {Lang::T('Location')} {if - $plan['is_radius']}Radius{else}{$plan['routers']} - {/if} -
    • +
      +
    • + {Lang::T('Plan Name')} {$plan['name_plan']} +
      • + {if $plan['is_radius'] or $plan['routers']} +
    • + {Lang::T('Location')} {if + $plan['is_radius']}Radius{else}{$plan['routers']} + {/if} +
      • {/if}
    • {Lang::T('Type')} {if $plan['prepaid'] eq @@ -50,73 +53,74 @@
    • {Lang::T('Plan Price')} {if !empty($plan['price_old'])} - {Lang::moneyFormat($plan['price_old'])} + {Lang::moneyFormat($plan['price_old'])} {/if} {Lang::moneyFormat($plan['price'])}
      • {if $plan['validity']} -
    • - {Lang::T('Validity Periode')} {$plan['validity']} - {$plan['validity_unit']} -
      • +
    • + {Lang::T('Validity Periode')} {$plan['validity']} + {$plan['validity_unit']} +
      • {/if}
    {Lang::T('Summary')}
      {if $tax} -
    • - {Lang::T('Tax')} {Lang::moneyFormat($tax)} -
      • - {if $add_cost!=0} - {foreach $bills as $k => $v} -
    • - {$k} {Lang::moneyFormat($v)} -
      • - {/foreach} -
    • - {Lang::T('Additional Cost')} {Lang::moneyFormat($add_cost)} -
      • -
    • - {Lang::T('Total')} ({Lang::T('Plan Price')} - +{Lang::T('Additional Cost')}){Lang::moneyFormat($plan['price']+$add_cost+$tax)} -
      • +
    • + {Lang::T('Tax')} {Lang::moneyFormat($tax)} +
      • + {if $add_cost!=0} + {foreach $bills as $k => $v} +
    • + {$k} {Lang::moneyFormat($v)} +
      • + {/foreach} +
    • + {Lang::T('Additional Cost')} {Lang::moneyFormat($add_cost)} +
      • +
    • + {Lang::T('Total')} ({Lang::T('Plan Price')} + +{Lang::T('Additional Cost')}){Lang::moneyFormat($plan['price']+$add_cost+$tax)} +
      • + {else} +
    • + {Lang::T('Total')} ({Lang::T('Plan Price')} + {Lang::T('Tax')}){Lang::moneyFormat($plan['price']+$tax)} +
      • + {/if} {else} -
    • - {Lang::T('Total')} ({Lang::T('Plan Price')} + {Lang::T('Tax')}){Lang::moneyFormat($plan['price']+$tax)} -
      • - {/if} - {else} - {if $add_cost!=0} - {foreach $bills as $k => $v} -
    • - {$k} {Lang::moneyFormat($v)} -
      • - {/foreach} -
    • - {Lang::T('Additional Cost')} {Lang::moneyFormat($add_cost)} -
      • -
    • - {Lang::T('Total')} ({Lang::T('Plan Price')} - +{Lang::T('Additional Cost')}){Lang::moneyFormat($plan['price']+$add_cost)} -
      • - {else} -
    • - {Lang::T('Total')} {Lang::moneyFormat($plan['price'])} -
      • - {/if} + {if $add_cost!=0} + {foreach $bills as $k => $v} +
    • + {$k} {Lang::moneyFormat($v)} +
      • + {/foreach} +
    • + {Lang::T('Additional Cost')} {Lang::moneyFormat($add_cost)} +
      • +
    • + {Lang::T('Total')} ({Lang::T('Plan Price')} + +{Lang::T('Additional Cost')}){Lang::moneyFormat($plan['price']+$add_cost)} +
      • + {else} +
    • + {Lang::T('Total')} {Lang::moneyFormat($plan['price'])} +
      • + {/if} {/if}
    -
    +
    {Lang::T('Cancel')}
    @@ -128,8 +132,8 @@
    @@ -148,7 +152,8 @@
-
+
{Lang::T('Cancel')}