Tul xxx Tul
User / IP
:
216.73.216.217
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
ecomercial.me
/
public_html
/
Viewing: portal.php
<?php require_once __DIR__ . '/app/portal_helpers.php'; require_once __DIR__ . '/admin/helpers/common.php'; require_once __DIR__ . '/admin/helpers/order_helpers.php'; $slug = trim((string) ($_GET['slug'] ?? '')); $token = trim((string) ($_GET['token'] ?? '')); try { $pdo = db(true); $client = portal_client_by_access($pdo, $slug, $token); } catch (Throwable $exception) { http_response_code(500); exit('No se pudo cargar el portal del cliente.'); } if (!$client) { http_response_code(404); exit('Portal no disponible.'); } $portalData = portal_client_data($pdo, $client); $orders = $portalData['orders']; $invoiceRows = $portalData['invoiceRows']; $contents = $portalData['contents']; $payments = $portalData['payments']; $summary = $portalData['summary']; $clientLogo = portal_asset_url($client['logo_url'] ?: 'assets/img/eComercial.png'); ?> <!doctype html> <html lang="es"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Portal <?= e($client['commercial_name']) ?> - eComercial</title> <link rel="icon" href="<?= e(portal_asset_url('assets/img/Favicon-s.png')) ?>" type="image/png"> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet"> <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.css" rel="stylesheet"> <link href="https://fonts.googleapis.com/css2?family=Jost:wght@400;600;800&display=swap" rel="stylesheet"> <style> body{font-family:Jost,sans-serif;background:#f7fafc;color:#12384e} .topbar{background:#fff;border-bottom:1px solid #dceaf1} .brand-logo{height:58px;width:auto}.client-logo{width:78px;height:78px;border-radius:8px;object-fit:cover;background:#eef7fc;border:1px solid #dceaf1} .panel{background:#fff;border:1px solid #dceaf1;border-radius:8px;box-shadow:0 10px 24px rgba(18,56,78,.06);padding:22px} .metric{border:1px solid #dceaf1;border-radius:8px;background:#fff;padding:16px}.metric strong{display:block;color:#1a96d3;font-size:1.45rem} .badge-soft{background:#e8f4fb;color:#12628a}.badge-ok{background:#e8f8f0;color:#0d5c2b}.badge-lock{background:#fff4d6;color:#7a4d00} .btn-primary{background:#1a96d3;border-color:#1a96d3;border-radius:999px;font-weight:800}.btn-outline-primary{border-color:#1a96d3;color:#1a96d3;border-radius:999px;font-weight:800} .content-card{border:1px solid #dceaf1;border-radius:8px;padding:14px;background:#fff;height:100%}.content-card audio,.content-card video{width:100%} .order-actions{display:flex;gap:10px;flex-wrap:wrap;align-items:center;margin-bottom:18px} .order-actions .btn{display:inline-flex;align-items:center;gap:6px} .terms-body{white-space:normal;line-height:1.65;color:#12384e} .muted{color:#61717a}.table{vertical-align:middle}.accordion-button{font-weight:800;color:#12384e}.accordion-button:not(.collapsed){background:#e8f4fb;color:#12384e} @media (max-width:576px){.panel{padding:16px}.metric strong{font-size:1.2rem}.client-logo{width:60px;height:60px}} </style> </head> <body> <header class="topbar py-3"> <div class="container d-flex align-items-center justify-content-between gap-3"> <img class="brand-logo" src="<?= e(portal_asset_url('assets/img/eComercial.png')) ?>" alt="eComercial"> <span class="badge badge-soft rounded-pill px-3 py-2">Portal de cliente</span> </div> </header> <main class="container py-4"> <section class="panel mb-4"> <div class="d-flex align-items-center gap-3 flex-wrap"> <img class="client-logo" src="<?= e($clientLogo) ?>" alt="<?= e($client['commercial_name']) ?>"> <div class="flex-grow-1"> <h1 class="h3 fw-bold mb-1"><?= e($client['commercial_name']) ?></h1> <div class="muted"><?= e($client['sector_industry']) ?><?= $client['phone'] ? ' / ' . e($client['phone']) : '' ?></div> </div> </div> </section> <section class="row g-3 mb-4"> <div class="col-md-4"><div class="metric"><span class="muted">Total facturado</span><strong><?= e(portal_format_money($summary['total'])) ?></strong></div></div> <div class="col-md-4"><div class="metric"><span class="muted">Abonado</span><strong><?= e(portal_format_money($summary['paid'])) ?></strong></div></div> <div class="col-md-4"><div class="metric"><span class="muted">Saldo</span><strong><?= e(portal_format_money($summary['balance'])) ?></strong></div></div> </section> <?php if (!$orders): ?> <section class="panel"><p class="mb-0 muted">Aun no hay pedidos publicados para este cliente.</p></section> <?php else: ?> <div class="accordion" id="ordersAccordion"> <?php foreach ($orders as $index => $order): ?> <?php $orderId = (int) $order['id']; $orderContents = $contents[$orderId] ?? []; $orderPayments = $payments[$orderId] ?? []; $orderInvoiceRows = $invoiceRows[$orderId] ?? []; ?> <section class="accordion-item mb-3 border-0 panel p-0 overflow-hidden"> <h2 class="accordion-header"> <button class="accordion-button <?= $index > 0 ? 'collapsed' : '' ?>" type="button" data-bs-toggle="collapse" data-bs-target="#order<?= e($orderId) ?>" aria-expanded="<?= $index === 0 ? 'true' : 'false' ?>" aria-controls="order<?= e($orderId) ?>"> <?= e($order['title']) ?> <span class="badge badge-soft ms-3"><?= e($order['status']) ?></span> </button> </h2> <div id="order<?= e($orderId) ?>" class="accordion-collapse collapse <?= $index === 0 ? 'show' : '' ?>" data-bs-parent="#ordersAccordion"> <div class="accordion-body"> <div class="order-actions"> <a class="btn btn-primary btn-sm" href="<?= e(portal_base_path() . '/cliente/' . rawurlencode($slug) . '/' . rawurlencode($token) . '/factura/' . $orderId) ?>" target="_blank"> <i class="fa-solid fa-file-invoice-dollar"></i> Ver / descargar factura </a> <button class="btn btn-outline-primary btn-sm" type="button" data-bs-toggle="modal" data-bs-target="#termsModal<?= e($orderId) ?>"> <i class="fa-solid fa-file-contract"></i> Ver terminos </button> </div> <div class="row g-3 mb-4"> <div class="col-md-4"><div class="metric"><span class="muted">Factura</span><strong><?= e(portal_format_money($order['_totals']['total'])) ?></strong></div></div> <div class="col-md-4"><div class="metric"><span class="muted">Abonado</span><strong><?= e(portal_format_money($order['_paid'])) ?></strong></div></div> <div class="col-md-4"><div class="metric"><span class="muted">Saldo</span><strong><?= e(portal_format_money($order['_balance'])) ?></strong></div></div> </div> <div class="row g-4"> <div class="col-lg-6"> <h3 class="h5 fw-bold">Factura</h3> <div class="table-responsive"> <table class="table table-sm"> <thead><tr><th>Producto</th><th class="text-end">Cant.</th><th class="text-end">Valor</th></tr></thead> <tbody> <?php foreach ($orderInvoiceRows as $row): ?> <tr><td><?= e($row['description']) ?></td><td class="text-end"><?= e($row['quantity']) ?></td><td class="text-end"><?= e(portal_format_money((float) $row['quantity'] * (float) $row['unit_price'])) ?></td></tr> <?php endforeach; ?> <?php if (!$orderInvoiceRows): ?><tr><td colspan="3" class="muted">Sin items de factura.</td></tr><?php endif; ?> </tbody> </table> </div> </div> <div class="col-lg-6"> <h3 class="h5 fw-bold">Pagos</h3> <div class="table-responsive"> <table class="table table-sm"> <thead><tr><th>Fecha</th><th>Metodo</th><th class="text-end">Valor</th></tr></thead> <tbody> <?php foreach ($orderPayments as $payment): ?> <tr><td><?= e($payment['paid_at'] ?: substr((string) $payment['created_at'], 0, 10)) ?></td><td><?= e($payment['payment_method'] ?: 'Pago') ?></td><td class="text-end"><?= e(portal_format_money($payment['amount'])) ?></td></tr> <?php endforeach; ?> <?php if (!$orderPayments): ?><tr><td colspan="3" class="muted">Sin abonos registrados.</td></tr><?php endif; ?> </tbody> </table> </div> </div> </div> <h3 class="h5 fw-bold mt-4">Contenidos</h3> <div class="row g-3"> <?php foreach ($orderContents as $content): ?> <?php $media = $content['media_url'] ? portal_media_url($slug, $token, $content['id']) : ''; ?> <div class="col-md-6 col-xl-4"> <article class="content-card"> <div class="d-flex align-items-start justify-content-between gap-2 mb-2"> <div> <strong><?= e($content['title'] ?: $content['product_title']) ?></strong> <div class="muted small"><?= e($content['tab_title'] . ' / ' . $content['product_title']) ?></div> </div> <?php if ((int) $content['allow_download'] === 1): ?> <span class="badge badge-ok">Descarga activa</span> <?php else: ?> <span class="badge badge-lock">Solo escucha</span> <?php endif; ?> </div> <?php if ($content['item_type'] === 'video' && $content['media_url']): ?> <video controls controlsList="nodownload" playsinline src="<?= e($media) ?>"></video> <?php elseif ($content['media_url']): ?> <audio controls controlsList="nodownload" src="<?= e($media) ?>"></audio> <?php elseif ($content['action_url']): ?> <a class="btn btn-outline-primary btn-sm" href="<?= e($content['action_url']) ?>" target="_blank">Abrir enlace</a> <?php endif; ?> <div class="mt-3"> <?php if ((int) $content['allow_download'] === 1 && $content['media_url']): ?> <a class="btn btn-primary btn-sm" href="<?= e(portal_base_path() . '/cliente/' . rawurlencode($slug) . '/' . rawurlencode($token) . '/descargar/' . (int) $content['id']) ?>"><i class="fa-solid fa-download me-1"></i> Descargar</a> <?php elseif ($content['media_url']): ?> <button class="btn btn-outline-secondary btn-sm" type="button" disabled><i class="fa-solid fa-lock me-1"></i> Descarga bloqueada</button> <?php endif; ?> </div> </article> </div> <?php endforeach; ?> <?php if (!$orderContents): ?><div class="col-12 muted">Aun no hay contenidos activos para este pedido.</div><?php endif; ?> </div> </div> </div> </section> <?php $orderTerms = trim((string) ($order['terms_conditions'] ?? '')); if ($orderTerms === '') { $orderTerms = default_order_terms( $client['commercial_name'], $order['ordered_at'] ?? '', $order['script_delivery_date'] ?? '', $order['final_delivery_date'] ?? '' ); } ?> <div class="modal fade" id="termsModal<?= e($orderId) ?>" tabindex="-1" aria-labelledby="termsModalLabel<?= e($orderId) ?>" aria-hidden="true"> <div class="modal-dialog modal-lg modal-dialog-scrollable"> <div class="modal-content"> <div class="modal-header"> <h2 class="modal-title fs-5" id="termsModalLabel<?= e($orderId) ?>">Terminos y condiciones - <?= e($order['title']) ?></h2> <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Cerrar"></button> </div> <div class="modal-body terms-body"><?= invoice_terms_html($orderTerms, $client['commercial_name']) ?></div> <div class="modal-footer"> <a class="btn btn-primary btn-sm" href="<?= e(portal_base_path() . '/cliente/' . rawurlencode($slug) . '/' . rawurlencode($token) . '/factura/' . $orderId) ?>" target="_blank"> <i class="fa-solid fa-file-invoice-dollar"></i> Abrir factura </a> <button type="button" class="btn btn-outline-secondary btn-sm" data-bs-dismiss="modal">Cerrar</button> </div> </div> </div> </div> <?php endforeach; ?> </div> <?php endif; ?> </main> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script> </body> </html>
Coded With 💗 by
0x6ick