mirror.MikroTik/hotspotbilling.phpnuxbill
1
0
Fork 0
mirror of https://github.com/hotspotbilling/phpnuxbill.git synced 2025-07-05 15:44:24 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update home.php

Browse source 
fix token to prevent double recharge
This commit is contained in:
iBNu Maksum 2024-04-15 09:06:26 +07:00 committed by GitHub
parent 92a2690ec6
commit 419595554b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
system/controllers/home.php
View file

@ -92,6 +92,10 @@ if (_post('send') == 'balance') {
$ui->assign('_bills', User::_billing());
if (isset($_GET['recharge']) && !empty($_GET['recharge'])) {
if(!empty(App::getTokenValue($_GET['stoken']))){
r2(U . "voucher/invoice/");
die();
}
$bill = ORM::for_table('tbl_user_recharges')->where('id', $_GET['recharge'])->where('username', $user['username'])->findOne();
if ($bill) {
if ($bill['routers'] == 'radius') {
@ -106,7 +110,7 @@ if (isset($_GET['recharge']) && !empty($_GET['recharge'])) {
r2(U . "home", 'e', 'Plan is not exists');
}
if ($user['balance'] > $plan['price']) {
r2(U . "order/pay/$router/$bill[plan_id]", 'e', 'Order Plan');
r2(U . "order/pay/$router/$bill[plan_id]&stoken=".$_GET['stoken'], 'e', 'Order Plan');
} else {
r2(U . "order/buy/$router/$bill[plan_id]", 'e', 'Order Plan');
}