From 519bef21e08353daa92e35fd0416a99b7cab2123 Mon Sep 17 00:00:00 2001 From: AGSTR <144728914+agstrxyz@users.noreply.github.com> Date: Sun, 14 Apr 2024 06:45:45 +0700 Subject: [PATCH 1/3] Update home.php fix user self recharge in user dashboard for radius plan base --- system/controllers/home.php | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/system/controllers/home.php b/system/controllers/home.php index d9a7c351..9b2bda28 100644 --- a/system/controllers/home.php +++ b/system/controllers/home.php @@ -92,25 +92,26 @@ if (_post('send') == 'balance') { $ui->assign('_bills', User::_billing()); if (isset($_GET['recharge']) && !empty($_GET['recharge'])) { - if(!empty(App::getTokenValue($_GET['stoken']))){ - r2(U . "voucher/invoice/"); - die(); - } $bill = ORM::for_table('tbl_user_recharges')->where('id', $_GET['recharge'])->where('username', $user['username'])->findOne(); if ($bill) { - $router = ORM::for_table('tbl_routers')->where('name', $bill['routers'])->find_one(); + if ($bill['routers'] == 'radius') { + $router = 'radius'; + } else { + $routers = ORM::for_table('tbl_routers')->where('name', $bill['routers'])->find_one(); + $router = $router['id']; + } if ($config['enable_balance'] == 'yes') { $plan = ORM::for_table('tbl_plans')->find_one($bill['plan_id']); if(!$plan['enabled']){ r2(U . "home", 'e', 'Plan is not exists'); } if ($user['balance'] > $plan['price']) { - r2(U . "order/pay/$router[id]/$bill[plan_id]&stoken=".$_GET['stoken']); + r2(U . "order/pay/$router/$bill[plan_id]", 'e', 'Order Plan'); } else { - r2(U . "order/buy/$router[id]/$bill[plan_id]"); + r2(U . "order/buy/$router/$bill[plan_id]", 'e', 'Order Plan'); } } else { - r2(U . "order/buy/$router[id]/$bill[plan_id]", 'e', 'Order Plan'); + r2(U . "order/buy/$router/$bill[plan_id]", 'e', 'Order Plan'); } } } else if (isset($_GET['deactivate']) && !empty($_GET['deactivate'])) { From 92a2690ec66de3a19f5e4f63b63238e355b6b782 Mon Sep 17 00:00:00 2001 From: AGSTR <144728914+agstrxyz@users.noreply.github.com> Date: Sun, 14 Apr 2024 21:13:11 +0700 Subject: [PATCH 2/3] Update home.php --- system/controllers/home.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/system/controllers/home.php b/system/controllers/home.php index 9b2bda28..13b6377e 100644 --- a/system/controllers/home.php +++ b/system/controllers/home.php @@ -98,7 +98,7 @@ if (isset($_GET['recharge']) && !empty($_GET['recharge'])) { $router = 'radius'; } else { $routers = ORM::for_table('tbl_routers')->where('name', $bill['routers'])->find_one(); - $router = $router['id']; + $router = $routers['id']; } if ($config['enable_balance'] == 'yes') { $plan = ORM::for_table('tbl_plans')->find_one($bill['plan_id']); From 419595554bcc15f03f72bb40eec9fd4d461f3d58 Mon Sep 17 00:00:00 2001 From: iBNu Maksum Date: Mon, 15 Apr 2024 09:06:26 +0700 Subject: [PATCH 3/3] Update home.php fix token to prevent double recharge --- system/controllers/home.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/system/controllers/home.php b/system/controllers/home.php index 13b6377e..14aa5e03 100644 --- a/system/controllers/home.php +++ b/system/controllers/home.php @@ -92,6 +92,10 @@ if (_post('send') == 'balance') { $ui->assign('_bills', User::_billing()); if (isset($_GET['recharge']) && !empty($_GET['recharge'])) { + if(!empty(App::getTokenValue($_GET['stoken']))){ + r2(U . "voucher/invoice/"); + die(); + } $bill = ORM::for_table('tbl_user_recharges')->where('id', $_GET['recharge'])->where('username', $user['username'])->findOne(); if ($bill) { if ($bill['routers'] == 'radius') { @@ -106,7 +110,7 @@ if (isset($_GET['recharge']) && !empty($_GET['recharge'])) { r2(U . "home", 'e', 'Plan is not exists'); } if ($user['balance'] > $plan['price']) { - r2(U . "order/pay/$router/$bill[plan_id]", 'e', 'Order Plan'); + r2(U . "order/pay/$router/$bill[plan_id]&stoken=".$_GET['stoken'], 'e', 'Order Plan'); } else { r2(U . "order/buy/$router/$bill[plan_id]", 'e', 'Order Plan'); }