ÿØÿà �JFIFÿØÿà �JFIF ÿØÿà �JFIFÿØÿà �JFIF�� � � ÿþ�$
������� �
������
File Manager
File Manager
Melihat File: pay1.php
<?php
session_start();
include 'config.php'; // this must define $conn (mysqli)
?>
<?php
// Only allow POST form submission to proceed
if (!isset($_POST['submit'])) {
// If script accessed without form submission, redirect to voting page
header("Location: vote.php");
exit();
}
// Collect and sanitize inputs
$con_id = isset($_POST['con']) ? intval($_POST['con']) : 0;
$money_input = isset($_POST['pf-amount']) ? $_POST['pf-amount'] : '';
$name = isset($_POST['pf-fname']) ? trim($_POST['pf-fname']) : '';
$numb = isset($_POST['Phone_Number']) ? trim($_POST['Phone_Number']) : '';
$email = isset($_POST['pf-pemail']) ? trim($_POST['pf-pemail']) : '';
// Basic validation
$errors = [];
if ($con_id <= 0) {
$errors[] = "Invalid contestant id.";
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors[] = "Invalid email address.";
}
if ($money_input === '') {
$errors[] = "Invalid amount.";
}
// Optionally, restrict to allowed amounts and compute votes
$allowed_amounts = [
100000 => 2000,
50000 => 1000,
25000 => 500,
10000 => 200,
5000 => 100,
2500 => 50,
1000 => 20,
];
// Force numeric int
$money = (int) $money_input;
if (array_key_exists($money, $allowed_amounts)) {
$voting = $allowed_amounts[$money];
} else {
// default or reject — here we set a default voting of 10 if not in allowed list
$voting = 10;
}
// If errors, show a simple error page and stop (you can style this as needed)
if (!empty($errors)) {
echo "<h2>Errors</h2><ul>";
foreach ($errors as $err) {
echo "<li>" . htmlspecialchars($err) . "</li>";
}
echo "</ul>";
echo '<p><a href="vote.php">Return to voting page</a></p>';
exit();
}
// Store values in session for later steps if you need them
$_SESSION['id'] = $con_id;
$_SESSION['vott'] = $voting;
// Fetch contestant name safely using prepared statement
$fname = 'Unknown';
if ($stmt = $conn->prepare("SELECT Childsname FROM registration WHERE Id = ? LIMIT 1")) {
$stmt->bind_param("i", $con_id);
$stmt->execute();
$result = $stmt->get_result();
if ($row = $result->fetch_assoc()) {
$fname = $row['Childsname'];
}
$stmt->close();
}
// Prepare display variables
$c_name = $fname;
$money_display = number_format($money); // e.g. 50,000
// Amount for Paystack is in kobo (Naira × 100)
$paystack_amount = $money * 100;
// sanitize phone for display/metadata
$numb_for_meta = htmlspecialchars($numb, ENT_QUOTES, 'UTF-8');
$email_safe = htmlspecialchars($email, ENT_QUOTES, 'UTF-8');
$c_name_safe = htmlspecialchars($c_name, ENT_QUOTES, 'UTF-8');
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Confirm Payment</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<!-- Materialize CSS (as you used before) -->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css">
<!-- Optional: Add your own styles -->
<style>
.btno{
background-color:#560280;
color:white;
border-radius:10px;
}
.btno:hover{
color:#560280;
background-color:white;
text-decoration:none;
font-weight:bold;
border:solid 1px #FCB900;
border-radius:10px;
}
.container .card {
padding: 16px;
}
</style>
<?php include 'nav.php'; ?>
</head>
<body>
<br><br><br><br>
<div class="container row">
<div class="col l5" style="border:2px solid #560280;border-radius:10px;padding:16px;">
<h5 class="center">Please Confirm Your Detail</h5>
<label>Contestant Name
<input type="text" value="<?php echo $c_name_safe; ?>" readonly>
</label>
<br>
<label>Votes
<input type="text" value="<?php echo htmlspecialchars($voting, ENT_QUOTES, 'UTF-8'); ?>" readonly>
</label>
<label>Price
<input type="text" value="₦<?php echo htmlspecialchars($money_display, ENT_QUOTES, 'UTF-8'); ?>" readonly>
</label>
<br>
<div class="center" style="margin-top:12px;">
<!-- Button triggers Paystack JS -->
<button onclick="payWithPaystack()" class="btno btn center"> Pay </button>
</div>
<br>
</div>
<div class="col l2">
<h5 class="center">OR</h5>
</div>
<div class="col l5" style="border:2px solid #efb507;border-radius:10px;padding:16px;">
<p class="left" style="color:grey;">
Bank Name: Fidelity Bank<br>
Account Number: 5600937582<br>
Account Name: Babies Nitche
</p>
<p class="left" style="font-weight:bold; color:grey;">
If you are paying via Bank Transfers, kindly send the screenshot of your transaction to the parent of the child you are voting for: <?php echo $email_safe; ?>
</p>
</div>
</div>
<?php
// If you wanted to append some note to $numb, do it safely
$numb_meta_value = $numb_for_meta . ' (update for ' . $con_id . ')';
?>
<!-- Paystack and jQuery scripts -->
<script src="https://code.jquery.com/jquery-3.3.1.min.js"></script>
<script src="https://js.paystack.co/v1/inline.js"></script>
<script>
// Use JSON-encoded PHP variables to avoid JS injection problems
const PAYSTACK_KEY = <?php echo json_encode('pk_live_731752c2a34041b4db78531e3042a5fde9101c76'); ?>; // Replace with your key or use env
const PAYSTACK_EMAIL = <?php echo json_encode($email); ?>;
const PAYSTACK_AMOUNT = <?php echo json_encode((int)$paystack_amount); ?>; // in kobo
const META_PHONE = <?php echo json_encode($numb_meta_value); ?>;
const CONTESTANT_ID = <?php echo json_encode($con_id); ?>;
function payWithPaystack() {
var handler = PaystackPop.setup({
key: PAYSTACK_KEY,
email: PAYSTACK_EMAIL,
amount: PAYSTACK_AMOUNT,
metadata: {
custom_fields: [
{
display_name: "Mobile Number",
variable_name: "mobile_number",
value: META_PHONE
},
{
display_name: "Contestant ID",
variable_name: "contestant_id",
value: CONTESTANT_ID
}
]
},
callback: function (response) {
// Here you should verify the payment server-side before granting votes
// We redirect to a verification/thank-you page and pass the reference
window.location.href = "addo1.php?reference=" + encodeURIComponent(response.reference);
},
onClose: function () {
alert('Transaction cancelled');
}
});
handler.openIframe();
}
</script>
<!-- Materialize JS -->
<script src="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js"></script>
<?php include 'footer.php'; ?>
</body>
</html>
ÿØÿà �JFIF �� � � ÿþ�$
ÿØÿà �JFIF �� � � ÿþ�$
ÿÂ