T.ME/BIBIL_0DAY
CasperSecurity


Server : Apache/2
System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64
User : gositeme ( 1004)
PHP Version : 8.2.29
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/gositeme/domains/soundstudiopro.com/private_html/api/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/gositeme/domains/soundstudiopro.com/private_html/api/update_track_price.php
<?php
session_start();
header('Content-Type: application/json');

// Check if user is logged in and is admin
if (!isset($_SESSION['user_id']) || !isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) {
    http_response_code(401);
    echo json_encode(['success' => false, 'error' => 'Unauthorized']);
    exit;
}

require_once '../config/database.php';

try {
    $input = json_decode(file_get_contents('php://input'), true);
    
    if (!isset($input['track_id']) || !isset($input['price'])) {
        throw new Exception('Missing required fields');
    }
    
    $track_id = intval($input['track_id']);
    $price = floatval($input['price']);
    
    if ($price < 0) {
        throw new Exception('Price cannot be negative');
    }
    
    $pdo = getDBConnection();
    
    // Update the track price
    $stmt = $pdo->prepare("UPDATE music_tracks SET price = ? WHERE id = ?");
    $result = $stmt->execute([$price, $track_id]);
    
    if ($result) {
        // Log the price change
        $log_entry = [
            'timestamp' => date('Y-m-d H:i:s'),
            'action' => 'track_price_updated',
            'track_id' => $track_id,
            'new_price' => $price,
            'admin_user_id' => $_SESSION['user_id']
        ];
        
        $log_file = __DIR__ . '/../logs/track_pricing.log';
        file_put_contents($log_file, json_encode($log_entry) . "\n", FILE_APPEND | LOCK_EX);
        
        echo json_encode([
            'success' => true,
            'message' => 'Track price updated successfully',
            'track_id' => $track_id,
            'new_price' => $price,
            'credits_needed' => ceil($price)
        ]);
    } else {
        throw new Exception('Failed to update track price');
    }
    
} catch (Exception $e) {
    http_response_code(400);
    echo json_encode([
        'success' => false,
        'error' => $e->getMessage()
    ]);
}
?>

CasperSecurity Mini