X7ROOT File Manager
Current Path:
/home/u126090504/domains/saiadarshainternationalschool.org.in/public_html
home
/
u126090504
/
domains
/
saiadarshainternationalschool.org.in
/
public_html
/
📁
..
📄
.htaccess
(0 B)
📄
Antiraging-Cell.php
(2.73 KB)
📄
SVM-INT (1) (1).zip
(117.51 MB)
📄
about-us.php
(5.86 KB)
📄
academic-calendar.php
(2.73 KB)
📄
achievements.php
(9.56 KB)
📄
achievers.php
(15.19 KB)
📁
admin
📄
admission-process.php
(6.85 KB)
📄
admission.php
(12.93 KB)
📄
admission_submit.php
(3.38 KB)
📄
album.php
(890 B)
📄
assessment-policy.php
(6.8 KB)
📄
cbse-curriculum-summary.php
(5.99 KB)
📄
computer-courses.php
(22.83 KB)
📄
config.php
(1.27 KB)
📄
contact-us.php
(14.63 KB)
📄
contactdb.php
(796 B)
📄
courses.php
(10.44 KB)
📁
css
📄
director's-message.php
(6.54 KB)
📄
downloads.php
(2.9 KB)
📄
error.log
(14.6 KB)
📄
facilities.php
(6.04 KB)
📄
faculty.php
(10.27 KB)
📄
fee-structure.php
(7.97 KB)
📁
fonts
📄
footer.php
(23.95 KB)
📄
franchise.php
(2.09 KB)
📄
gallery.php
(3.05 KB)
📄
google929b505e9f42f894.html
(53 B)
📄
grievance-form.php
(16.52 KB)
📄
header.php
(19.69 KB)
📄
homework.php
(9.64 KB)
📁
images
📄
index.php
(39.38 KB)
📄
infrastructure-details.php
(5.39 KB)
📁
js
📁
lib
📄
managing-committee.php
(3.34 KB)
📄
media-corner.php
(2.48 KB)
📄
non-academic-achievers.php
(14.65 KB)
📄
payment.php
(21.85 KB)
📄
payment_submit.php
(15.1 KB)
📄
payment_verify.php
(2.31 KB)
📄
placement.php
(8.33 KB)
📄
principal's-message.php
(6.65 KB)
📄
public-disclosure.php
(3.38 KB)
📁
qrcodes
📁
revolution
📁
sai
📄
scope.php
(14.14 KB)
📄
search_videos.php
(1.76 KB)
📄
sitemap.xml
(4.69 KB)
📄
subjects-offered.php
(6 KB)
📄
submit-grievance.php
(3.88 KB)
📁
svm
📄
thank-you.php
(1.28 KB)
📄
u126090504_svmint.sql
(40.87 KB)
📁
uploads
📄
videos.php
(6.87 KB)
Editing: payment_submit.php
<?php /** * payment_submit.php — cache-proof, path-proof QR rendering * Upgraded to save new fields (mother_name, sex, caste, blood_group, aadhaar, photo, class, tuition_class, tuition_section) * Status stays 'Pending' until admin verifies. Mobile deep link opens UPI app. */ ini_set('display_errors', 0); error_reporting(E_ALL & ~E_DEPRECATED & ~E_STRICT); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); require_once __DIR__ . '/config.php'; $conn->set_charset('utf8mb4'); /* ---------- Utility helpers ---------- */ function e($v){ return htmlspecialchars((string)$v, ENT_QUOTES, 'UTF-8'); } function post($k, $def=''){ return isset($_POST[$k]) ? trim((string)$_POST[$k]) : $def; } function digits($v){ return preg_replace('/\D+/', '', (string)$v); } function clean_amount($s){ $s = preg_replace('/[^\d.]/', '', (string)$s); return (float)($s === '' ? 0 : $s); } function safe_die($msg){ header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); header('Pragma: no-cache'); http_response_code(400); echo '<!doctype html><html lang="en"><head><meta charset="utf-8"><title>Error</title>'; echo '<meta name="viewport" content="width=device-width,initial-scale=1">'; echo '<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet"></head><body>'; echo '<div class="container py-5"><div class="alert alert-danger shadow-sm">'; echo $msg; echo '</div><a class="btn btn-primary" href="payment.php">Back to Payment</a></div></body></html>'; exit; } function ensureDir($path){ if (!is_dir($path)) { @mkdir($path, 0775, true); } return is_dir($path); } function safeExtFromMime($mime){ return match($mime){ 'image/jpeg' => '.jpg', 'image/png' => '.png', 'image/webp' => '.webp', default => null }; } /* ---------- Settings loader (supports multiple key names) ---------- */ function get_setting($arr, $candidates, $fallback=''){ foreach ($candidates as $k){ if (isset($arr[$k]) && trim($arr[$k]) !== '') return trim($arr[$k]); } return $fallback; } $settings = []; try { $res = $conn->query("SELECT field, value FROM settings"); while ($row = $res->fetch_assoc()) $settings[$row['field']] = $row['value']; } catch (Throwable $e) { error_log('settings load failed: '.$e->getMessage()); } /* Common variants: upi_vpa / upi_id / upi / vpa ; name / payee_name / upi_payee_name */ $merchant_upi_id = get_setting($settings, ['upi_vpa','upi_id','upi','vpa'], ''); $merchant_name = get_setting($settings, ['upi_payee_name','payee_name','name','institute_name'], 'Your Institute'); /* ============================================================ * A) If user submitted Transaction ID (keep Pending) * ============================================================ */ if ($_SERVER['REQUEST_METHOD'] === 'POST' && post('action') === 'submit_txn') { try { $payment_id = (int) post('payment_id', 0); $transaction_id = post('transaction_id', ''); $payment_mode = post('payment_mode', 'UPI'); if ($payment_id <= 0 || $transaction_id === '') { safe_die('Invalid transaction submission. <a href="payment.php">Go back</a>.'); } $stmt = $conn->prepare("UPDATE payments SET transaction_id = ?, payment_mode = ?, status = 'Pending' WHERE id = ?"); $stmt->bind_param("ssi", $transaction_id, $payment_mode, $payment_id); $stmt->execute(); $stmt->close(); header('Location: /payment_verify.php?updated=1'); exit; } catch (Throwable $e) { error_log('submit_txn error: '.$e->getMessage()); safe_die('Could not update payment. Please try again or contact admin.'); } } /* ============================================================ * B) First visit must be POST from payment form * ============================================================ */ if ($_SERVER['REQUEST_METHOD'] !== 'POST') { safe_die('Invalid access. Please start from <a href="payment.php">Payment Form</a>.'); } /* ============================================================ * C) Collect & validate inputs (supports Admission Fee + Tuition Fee) * ============================================================ */ /* Common + Admission fields */ $student_name = post('student_name'); // frontend toggling ensures right input sends this $father_name = post('father_name'); $mother_name = post('mother_name'); $sex = post('sex'); // Male/Female/Other $caste = post('caste'); // SC/ST/OBC/GENERAL $blood_group = post('blood_group'); // A+/A-... $aadhaar = digits(post('aadhaar')); // 12 digits expected $dob = post('dob'); $age = post('age'); $class_adm = post('class'); // Admission class $school = post('school'); $course = post('course'); $mobile = digits(post('mobile')); $address = post('address'); /* Tuition-only */ $rollno = post('rollno'); $tuition_class = post('tuition_class'); $tuition_section= post('tuition_section'); /* Payment kind */ $payment_type = post('payment_type', 'Admission Fee'); // 'Admission Fee' | 'Tuition Fee' $mode_radio = post('payment_mode', 'UPI'); // original radio; we store just for trace /* Amount (hidden normalized by frontend) */ $amount_raw = post('amount', post('amount_admission', post('amount_tuition', '0'))); $amount = clean_amount($amount_raw); /* Base validations */ $errors = []; if ($student_name === '') $errors[] = 'Student name is required.'; if ($amount <= 0) $errors[] = 'Valid amount is required.'; if ($dob !== '' && !preg_match('/^\d{4}-\d{2}-\d{2}$/', $dob)) $errors[] = 'DOB must be YYYY-MM-DD.'; /* Mode-specific validations + photo processing */ $photoPath = null; if ($payment_type === 'Admission Fee') { if ($dob === '') $errors[] = 'Date of Birth is required.'; if ($class_adm === '') $errors[] = 'Class is required.'; if ($sex === '') $errors[] = 'Sex is required.'; if ($caste === '') $errors[] = 'Caste is required.'; if (strlen($aadhaar) !== 12) $errors[] = 'Aadhaar must be 12 digits.'; // Photo required for admission if (!isset($_FILES['photo']) || !is_uploaded_file($_FILES['photo']['tmp_name'])) { $errors[] = 'Student photo is required.'; } else { $finfo = new finfo(FILEINFO_MIME_TYPE); $mime = $finfo->file($_FILES['photo']['tmp_name']); $ext = safeExtFromMime($mime); if (!$ext) $errors[] = 'Invalid photo type. Use JPG/PNG/WebP.'; if ($_FILES['photo']['size'] > 2*1024*1024) $errors[] = 'Photo too large (max 2MB).'; if (!$errors) { $dir = __DIR__ . '/uploads/students'; if (!ensureDir($dir)) $errors[] = 'Cannot create upload directory.'; if (!$errors) { $filename = 'stu_' . date('Ymd_His') . '_' . bin2hex(random_bytes(4)) . $ext; $destAbs = $dir . '/' . $filename; if (!move_uploaded_file($_FILES['photo']['tmp_name'], $destAbs)) { $errors[] = 'Failed to save photo.'; } else { $photoPath = 'uploads/students/' . $filename; // public relative path } } } } } else { // Tuition Fee if ($rollno === '') $errors[] = 'Roll/Admission No is required.'; if ($tuition_class === '') $errors[] = 'Tuition Class is required.'; if ($tuition_section === '') $errors[] = 'Section is required.'; // Admission-only fields optional in tuition; keep as-is/nulls } if ($errors) { error_log("validation failed: ".implode(' | ', $errors)); safe_die('Validation failed:<br>'.implode('<br>', array_map('e',$errors))); } /* ============================================================ * D) Insert payment (Pending) — now includes new columns * ============================================================ */ try { $status = 'Pending'; $transaction_id_in = post('transaction_id', null); // usually empty on first render $sql = "INSERT INTO payments (student_name, father_name, mother_name, sex, caste, blood_group, dob, age, class, tuition_class, tuition_section, school, course, mobile, address, aadhaar, photo, rollno, payment_type, amount, status, transaction_id, payment_mode, created_at) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?, NOW())"; $stmt = $conn->prepare($sql); if (!$stmt) { error_log('insert prepare failed: '.$conn->error); safe_die('Unable to create payment record. Please try again later.'); } $stmt->bind_param( 'sssssssssssssssssssssss', $student_name, $father_name, $mother_name, $sex, $caste, $blood_group, $dob, $age, $class_adm, $tuition_class, $tuition_section, $school, $course, $mobile, $address, $aadhaar, $photoPath, $rollno, $payment_type, $amount, $status, $transaction_id_in, $mode_radio ); $stmt->execute(); $payment_id = $stmt->insert_id; $stmt->close(); } catch (Throwable $e) { error_log('insert error: '.$e->getMessage()); safe_die('Could not create payment. Please try again later.'); } /* ============================================================ * E) Build UPI deep link (absolute, cache-proof) * ============================================================ */ /* Hard-stop if VPA missing or demo-like */ if ($merchant_upi_id === '' || strtolower($merchant_upi_id) === 'demo@upi') { safe_die('⚠️ UPI VPA not configured. Please set <code>upi_vpa</code> in <strong>settings</strong> table.'); } /* Short note (<=80 chars) */ $note_base = 'Fees - ' . $student_name; $note = mb_substr($note_base, 0, 80, 'UTF-8'); /* Unique ref for reconciliation */ $tr = 'PMT' . $payment_id . date('ymdHis'); /* Strictly encoded query */ $upi_params = [ 'pa' => $merchant_upi_id, 'pn' => $merchant_name, 'am' => number_format($amount, 2, '.', ''), 'cu' => 'INR', 'tn' => $note, 'tr' => $tr, ]; $upi_qs = http_build_query($upi_params, '', '&', PHP_QUERY_RFC3986); $upi_url = 'upi://pay?' . $upi_qs; /* Absolute external QR (path/cache proof) */ $hash = substr(hash('sha256', $upi_url), 0, 10); $qr_abs_url = 'https://api.qrserver.com/v1/create-qr-code/?size=280x280&data=' . rawurlencode($upi_url); $qr_abs_url_cb = $qr_abs_url . '&cb=' . $hash; /* Send strong no-cache headers */ header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); header('Pragma: no-cache'); /* ============================================================ * F) Render page (same UI, just shows details) * ============================================================ */ ?> <!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>Confirm Your Payment</title> <meta name="viewport" content="width=device-width, initial-scale=1"> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet"> <style> body{background:#f7f8fc;font-family:system-ui,-apple-system,"Segoe UI",Roboto,Inter,Arial} .card{border:0;border-radius:18px;box-shadow:0 8px 24px rgba(15,23,42,.08)} .badge-soft{background:#eef2ff;color:#1e1b4b;font-weight:700} .qr{border:1px dashed #94a3b8;border-radius:12px;padding:10px;background:#fff} .muted{color:#475569} code.small{word-break:break-all} </style> </head> <body> <div class="container py-5"> <div class="row justify-content-center"> <div class="col-lg-8"> <div class="card p-4 p-md-5"> <h3 class="mb-2">Scan & Pay</h3> <p class="muted mb-3">Scan the QR with your UPI app, complete the payment, then submit the Transaction ID below.</p> <div class="alert alert-info py-2"> <strong>VPA in use:</strong> <code><?= e($merchant_upi_id) ?></code> </div> <div class="row g-4 align-items-center"> <!-- LEFT: QR + amount + deep link --> <div class="col-md-6 text-center"> <div class="qr"> <img src="<?= e($qr_abs_url_cb) ?>" alt="UPI QR" width="260" height="260" loading="lazy"> </div> <div class="mt-2"> <span class="badge badge-soft px-3 py-2"> Amount: ₹<?= e(number_format($amount,2)) ?> </span> </div> <div class="d-grid gap-2 mt-3"> <a class="btn btn-success btn-lg" href="<?= e($upi_url) ?>">Pay in UPI App</a> </div> <details class="mt-3"> <summary class="small text-muted" style="cursor:pointer">Show UPI link</summary> <code class="d-block small mt-2"><?= e($upi_url) ?></code> </details> <div class="small text-muted mt-2"> Ref: <code><?= e($tr) ?></code> </div> </div> <!-- RIGHT: Details + submit txn id --> <div class="col-md-6"> <div class="border rounded p-3"> <div class="mb-2 fw-semibold">Payment Details</div> <div class="small muted">Student: <strong><?= e($student_name) ?></strong></div> <div class="small muted">Type: <strong><?= e($payment_type) ?></strong></div> <div class="small muted">Amount: <strong>₹<?= e(number_format($amount,2)) ?></strong></div> <div class="small muted">Status: <span class="badge bg-warning text-dark">Pending (awaiting admin confirmation)</span></div> </div> <form class="mt-4" method="post" action=""> <input type="hidden" name="action" value="submit_txn"> <input type="hidden" name="payment_id" value="<?= (int)$payment_id ?>"> <div class="mb-3"> <label class="form-label">Transaction ID</label> <input type="text" name="transaction_id" class="form-control" required placeholder="Enter UPI/Bank Txn ID"> </div> <div class="mb-3"> <label class="form-label">Payment Mode</label> <select name="payment_mode" class="form-select"> <option value="UPI" selected>UPI</option> <option value="PhonePe">PhonePe</option> <option value="Paytm">Paytm</option> <option value="GooglePay">Google Pay</option> <option value="Bank">Bank</option> <option value="Cash">Cash</option> <option value="Card">Card</option> </select> </div> <button type="submit" class="btn btn-success w-100">Submit Transaction ID</button> </form> <p class="small text-muted mt-3"> After you submit, our admin will verify and mark it as <strong>Paid</strong>. </p> </div> </div> <div class="mt-4 text-center"> <a href="index.php" class="btn btn-outline-secondary btn-sm">← Go Home</a> </div> </div> </div> </div> </div> </body> </html>
Upload File
Create Folder