PHP WebShell
Текущая директория: /var/www/bitcardoApp/user/fiat
Просмотр файла: confirm_withdrawal.php
<?php
// user/fiat/confirm_withdrawal.php
include '../common/header.php';
require_once "../../config/db_config.php";
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
if (!isset($_SESSION["user_id"])) exit("Session expired. Please login again.");
$userId = (int)$_SESSION["user_id"];
$walletId = (int)($_POST["wallet_id"] ?? 0);
$bankCode = trim($_POST["bank_code"] ?? "");
$accountNumber = trim($_POST["account_number"] ?? "");
$accountName = trim($_POST["account_name"] ?? "");
$amount = (float)($_POST["amount"] ?? 0);
$reason = trim($_POST["reason"] ?? "");
/* setting: add_paystack_naira_withdraw_fee */
function get_setting(mysqli $conn, string $key, $default = null) {
$stmt = $conn->prepare("SELECT setting_value FROM site_settings WHERE setting_key = ? LIMIT 1");
if (!$stmt) return $default;
$stmt->bind_param("s", $key);
$stmt->execute();
$stmt->bind_result($val);
$ok = $stmt->fetch();
$stmt->close();
return $ok ? $val : $default;
}
$addWithdrawFee = get_setting($conn, 'add_paystack_naira_withdraw_fee', '1') === '1';
if (!$walletId || !$bankCode || !$accountNumber || !$accountName || $amount <= 0) exit("Invalid submission.");
$bankName = $bankCode;
$codeKey = (string)$bankCode;
if (isset($_SESSION['paystack_banks'][$codeKey])) $bankName = $_SESSION['paystack_banks'][$codeKey];
$stmt = $conn->prepare("
SELECT balance, bank_name, wallet_add
FROM user_wallets
WHERE wallet_id = ? AND user_id = ? AND type='fiat' AND coin='NGN'
");
$stmt->bind_param("ii", $walletId, $userId);
$stmt->execute();
$rs = $stmt->get_result();
if ($rs->num_rows === 0) exit("Wallet not found or unauthorized.");
$w = $rs->fetch_assoc();
$balance = (float)$w['balance'];
$stmt->close();
?>
<style>
.confirm-card{max-width:640px;margin:2rem auto;padding:1.5rem;border-radius:12px;background:#fff;box-shadow:0 6px 18px rgba(0,0,0,0.08)}
.kv{display:flex;justify-content:space-between;padding:.5rem 0;border-bottom:1px dashed #e9ecef}
.kv:last-child{border-bottom:none}
.kv b{color:#333}
</style>
<div class="container mt-5">
<div class="confirm-card mt-2">
<h4 class="mb-3">Confirm Withdrawal</h4>
<div class="kv"><b>Wallet:</b><span><?= htmlspecialchars($w['bank_name']) ?> (<?= htmlspecialchars($w['wallet_add']) ?>)</span></div>
<div class="kv"><b>Current Balance:</b><span>₦<?= number_format($balance, 2) ?></span></div>
<div class="kv"><b>Bank:</b><span><?= htmlspecialchars($bankName) ?></span></div>
<div class="kv"><b>Account Name:</b><span><?= htmlspecialchars($accountName) ?></span></div>
<div class="kv"><b>Account Number:</b><span><?= htmlspecialchars($accountNumber) ?></span></div>
<div class="kv"><b>Amount:</b><span>₦<?= number_format($amount, 2) ?></span></div>
<?php if ($reason): ?><div class="kv"><b>Remark:</b><span><?= htmlspecialchars($reason) ?></span></div><?php endif; ?>
<p class="text-muted mt-3">
<?php if ($addWithdrawFee): ?>
Paystack transfer fee will be <b>added</b> to your debit (we’ll fetch the exact fee during processing).
<?php else: ?>
We cover the Paystack transfer fee; you’ll be debited the amount only.
<?php endif; ?>
</p>
<form action="../../models/fiat/process_send_fiat.php" method="post" class="mt-3">
<input type="hidden" name="wallet_id" value="<?= htmlspecialchars($walletId) ?>">
<input type="hidden" name="bank_code" value="<?= htmlspecialchars($bankCode) ?>">
<input type="hidden" name="account_number" value="<?= htmlspecialchars($accountNumber) ?>">
<input type="hidden" name="account_name" value="<?= htmlspecialchars($accountName) ?>">
<input type="hidden" name="amount" value="<?= htmlspecialchars($amount) ?>">
<input type="hidden" name="reason" value="<?= htmlspecialchars($reason) ?>">
<div class="d-flex gap-2">
<a href="send_fiat.php?wallet_id=<?= urlencode((string)$walletId) ?>" class="btn btn-outline-secondary w-50">Go Back</a>
<button type="submit" class="btn btn-success w-50">Confirm & Send</button>
</div>
</form>
</div>
</div>
<?php include '../common/footer.php'; ?>
Выполнить команду
Для локальной разработки. Не используйте в интернете!