uawdijnntqw1x1x1
IP : 216.73.216.26
Hostname : server.wtmmart.in
Kernel : Linux server.wtmmart.in 4.18.0-553.45.1.el8_10.x86_64 #1 SMP Wed Mar 19 09:44:46 EDT 2025 x86_64
Disable Function : exec,passthru,shell_exec,system
OS : Linux
PATH:
/
home2
/
wtmwscom
/
public_html
/
themes1582.wtmwebshop.com
/
6538c
/
..
/
..
/
member
/
fund_transfer_model.php
/
/
<?php session_start(); include('../connection.php'); include '../function_lib.php'; $uid = $_SESSION['userid']; if(isset($_POST['amount']) && isset($_POST['uid'])){ $login_id = $_POST['uid']; $amount = $_POST['amount']; $wallet_type = $_POST['wallet_type']; //$row = mysqli_fetch_object(mysqli_query($connection, "SELECT uid, email, mobile, wallet_fund as wallet FROM user WHERE uid='$uid'")); $wallet_row = mysqli_fetch_object(mysqli_query($connection, "SELECT wallet, wallet_fund FROM user WHERE uid='$uid'")); $wallet = $wallet_type=="primary_wallet" ? $wallet_row->wallet : $wallet_row->wallet_fund; if( $amount > $wallet){ setMessage('Insuffcient wallet for fund transfer!', 'alert-msg error'); redirect('./fund_transfer.php'); die(); } $result = mysqli_query($connection, "SELECT uid, email, mobile, wallet_fund as wallet FROM user WHERE login_id='$login_id'"); $to_uid_num_rows = mysqli_num_rows($result); if($to_uid_num_rows==1){ $to_row = mysqli_fetch_object($result); } if($to_uid_num_rows!=1 || $to_row->uid == $uid){ setMessage('Invalid user id.', 'alert-msg error'); redirect('./fund_transfer.php'); die(); } // elseif($to_row->email != $row->email || $to_row->mobile != $row->mobile){ // setMessage('Mobile and email does not match.', 'alert-msg error'); // redirect('./fund_transfer.php'); // die(); // } // if($amount > $row->wallet){ // setMessage('Invalid amount.', 'alert-msg error'); // redirect('./fund_transfer.php'); // die(); // } else{ $to_uid = $to_row->uid; $sql_wallet = $wallet_type=="primary_wallet" ? "wallet = wallet" : "wallet_fund = wallet_fund"; mysqli_query($connection, "UPDATE user SET $sql_wallet - '$amount' WHERE uid='".$uid."'"); mysqli_query($connection, "UPDATE user SET wallet_fund = wallet_fund + '$amount' WHERE uid='".$to_uid."'"); mysqli_query($connection, "INSERT INTO `fund_transfer` (`uid`, `from_uid`, `amount`, `datetime`) VALUES ('".$to_uid."','$uid','".$amount."','".date('Y-m-d H:i:s')."')"); setMessage('Fund transfer successfully.', 'alert-msg success'); redirect('./fund_transfer.php'); } } else{ redirect('./fund_transfer.php'); } ?>
/home2/wtmwscom/public_html/themes1582.wtmwebshop.com/6538c/../../member/fund_transfer_model.php