403Webshell
Server IP : 127.0.0.1  /  Your IP : 216.73.216.48
Web Server : Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
System : Windows NT DESKTOP-3H4FHQJ 10.0 build 19045 (Windows 10) AMD64
User : win 10 ( 0)
PHP Version : 8.2.12
Disable Function : NONE
MySQL : OFF |  cURL : ON |  WGET : OFF |  Perl : OFF |  Python : OFF |  Sudo : OFF |  Pkexec : OFF
Directory :  D:/xamppkk/htdocs-coblaa/cbawards/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :

[ Back ]     

Current File : D:/xamppkk/htdocs-coblaa/cbawards/cb_transaction.php
<html>
<?php
include('db.php');
session_start();
if(isset($_SESSION['id']))
{
$my_id = $_SESSION['id'];		


//////////////////////////////////////////////////////////////////////////////////// 
?>
<input id="my_id" style="display:none;" value="<?php echo"$my_id";?>" />

<head>
<title>cbawards</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" type="text/css" href="main_css/user_account.css" />

</head>

<body>

<div class="main_container" >


<div class="home_div" >
<img src="main_icon/bk.png" onclick="history.back()" class="bk_btn_icon" />
<span class="main_title" >User account</span>
<span id="profile_output"></span>
</div>

<div class="sub_home_div" >
<!--img src="thumb_img/1950969133.jpg" class="user_img" />
<span class="user_name" >Khalid</span-->

<button onClick="show_video();" class="home_btn">Video</button>
<button onClick="show_coins();" class="home_btn">Coins</button>
<button onClick="show_settings();" class="home_btn">Settings</button>

</div> 

<div id="main_vid_div" class="main_vid_div">

<span class="vid_title" >Video waiting for selection</span>
<div id="disp_own_vid_output" ></div>

<div class="user_tip" >For one to be considered a winner, must score 90% and above.</div>


</div>


<div id="main_coin_div" class="main_coin_div">

<h2 class="coin_title">Your balance</h2>
<div id="cb_coins_output" class="coin_amt">CB 0</div>
<button class="withdraw_btn">Withdraw</button>
<span class="amt_tips">1 CB Coin is equivalent ugx 100</span>

<h2 class="coin_title">Your balance</h2>
<div id="convert_amt" class="coin_amt">Ugx 0</div>

</div>

<div id="main_settings_div" class="main_settings_div">

<div class="main_acc_div">
<span class="acc_info_lebal">account details</span>
<span id="disp_user_info_output" ></span>


<button onClick="show_confirm_div();" class="delete_acc_btn">Delet account</button>

</div>


<div id="confirm_div" class="confirm_div" >
<button onClick="close_confirm_div();" class="yes_del" style="color:red;">No</button>
<button class="yes_del" style="color:green;">Yes</button>
</div>



<div class="main_payment_div">

<span class="acc_info_lebal">Payments</span>

<a href="http://craneblue.com/cranepay/login"><button class="crinePay_btn" >CrinePay</button></a>

</div>

</div>


<div class="withdraw_div">

<div class="sub_pa_cb_koin" style="" >
<span class="recharge_title" >Withdraw CB coins</span>
<input type="text" id="coin_take" onkeyup="convert_cb();" class="recharge_pas" placeholder="Enter coins..." />
<div class="recharge_pas" >Ugx <span id="convert_cb_out" >0</span></div>
<button class="recharge_btn" onclick="complete_recharge();" >Withdraw</button>
</div>


<div class="sub_pa_cb_koin" >
<span class="recharge_title" >Transfering ugx <span id="wiz_amount">200</span> to CrinePay</span>
<input type="password" id="cp_pas" class="recharge_pas" placeholder="CrinePay password..." />
<div class="error_output" id="error_out" ></div>
<button class="recharge_btn" onclick="transfer_coin();" >Transfer</button>
</div>


</div>







<div class="footer">
<a href="logout"><span class="logout_btn">Logout</span></a>
<span class="logout_btn">Terms</span>
</div>


</div>

<script>

function convert_cb()
{
    coin_widthdraw = document.getElementById('coin_take').value;
	cur_wiz_amt = document.getElementById('convert_cb_out').innerHTML=coin_widthdraw * 100;
    document.getElementById('wiz_amount').innerHTML=cur_wiz_amt;
}

function transfer_coin()
{
	my_id = document.getElementById('my_id').value;
	cp_pas = document.getElementById('cp_pas').value;
	wiz_amount = document.getElementById('wiz_amount').innerHTML;
	
	xmlhttp = new XMLHttpRequest();
	xmlhttp.open("GET","auto_page.php?my_id="+my_id+"&&wiz_amount="+wiz_amount+"&&cp_pas="+cp_pas+"&&status=withdraw_start",false);
	xmlhttp.send(null);
	document.getElementById('error_out').innerHTML =xmlhttp.responseText;	
}




function show_video()
{
document.getElementById('main_vid_div').style="display:block;";
document.getElementById('main_coin_div').style="display:none;";
document.getElementById('main_settings_div').style="display:none;";		
}

function show_coins()
{
document.getElementById('main_coin_div').style="display:block;";
document.getElementById('main_vid_div').style="display:none;";
document.getElementById('main_settings_div').style="display:none;";	
}

function show_settings()
{
document.getElementById('main_settings_div').style.display="block";
document.getElementById('main_vid_div').style="display:none;";
document.getElementById('main_coin_div').style="display:none;";	
}

function show_confirm_div()
{
document.getElementById('confirm_div').style.display="block";	
}
function close_confirm_div()
{
document.getElementById('confirm_div').style.display="none";	
}

disp_own_vid();
function disp_own_vid()
{
	my_id = document.getElementById('my_id').value;
   	xmlhttp = new XMLHttpRequest();
	xmlhttp.open("GET","auto_page.php?my_id="+my_id+"&&status=disp_own_vid",false);
	xmlhttp.send(null);
	document.getElementById('disp_own_vid_output').innerHTML =xmlhttp.responseText;		
}

disp_user_info();
function disp_user_info()
{
	my_id = document.getElementById('my_id').value;
   	xmlhttp = new XMLHttpRequest();
	xmlhttp.open("GET","auto_page.php?my_id="+my_id+"&&status=disp_user_info",false);
	xmlhttp.send(null);
	document.getElementById('disp_user_info_output').innerHTML =xmlhttp.responseText;		
}

function edit_username()
{
document.getElementById('username').contentEditable='true';
document.getElementById('username').focus();
document.getElementById('edit_btn').style.display="block";	
document.getElementById('edit_icon').style.display="none";	

	
}

function show_pas_edit_div()
{
	document.getElementById('pas_edit_hp_div').style.display="block";
	//alert(100);
}
function close_pas_edit_div()
{
	document.getElementById('pas_edit_hp_div').style.display="none";
	//alert(100);
}

function update_name()
{
	new_name = document.getElementById('username').innerHTML;
	my_id = document.getElementById('my_id').value;
if(new_name==""){}else{
   	xmlhttp = new XMLHttpRequest();
	xmlhttp.open("GET","auto_page.php?my_id="+my_id+"&&new_name="+new_name+"&&status=update_name",false);
	xmlhttp.send(null);
	//document.getElementById('disp_user_info_output').innerHTML =xmlhttp.responseText;
	disp_user_info();
}
}

function update_pas()
{

	my_id = document.getElementById('my_id').value;
	old_pas = document.getElementById('old_pas').value;
	new_pas = document.getElementById('new_pas').value;
	comf_pas = document.getElementById('comf_pas').value;
	
	if(old_pas=="" || new_pas=="" || comf_pas==""){document.getElementById('error_output').innerHTML="Fill all the fields";
	}else if(new_pas !== comf_pas){document.getElementById('error_output').innerHTML="Password do not match.";}else{
   	xmlhttp = new XMLHttpRequest();
	xmlhttp.open("GET","auto_page.php?my_id="+my_id+"&&new_pas="+new_pas+"&&old_pas="+old_pas+"&&status=update_pas",false);
	xmlhttp.send(null);
	document.getElementById('error_output').innerHTML =xmlhttp.responseText;
	disp_user_info();
}
}

show_cb_coins();
function show_cb_coins()
{
	my_id = document.getElementById('my_id').value;
   	xmlhttp = new XMLHttpRequest();
	xmlhttp.open("GET","auto_page.php?my_id="+my_id+"&&status=show_cb_coins",false);
	xmlhttp.send(null);
	document.getElementById('cb_coins_output').innerHTML =xmlhttp.responseText;
	
}

show_converted_amt();
function show_converted_amt()
{
	my_id = document.getElementById('my_id').value;
   	xmlhttp = new XMLHttpRequest();
	xmlhttp.open("GET","auto_page.php?my_id="+my_id+"&&status=show_converted_amt",false);
	xmlhttp.send(null);
	document.getElementById('convert_amt').innerHTML =xmlhttp.responseText;
	
}

show_profile_img();
function show_profile_img()
{
	my_id = document.getElementById('my_id').value;
   	xmlhttp = new XMLHttpRequest();
	xmlhttp.open("GET","auto_page.php?my_id="+my_id+"&&status=show_profile_img",false);
	xmlhttp.send(null);
	document.getElementById('profile_output').innerHTML =xmlhttp.responseText;	
	
}






</script>


</body>


<?php }else{ echo"<script>window.open('join_competition', '_self')</script>";}	 ?>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit