HEX
Server: Apache
System: Linux top 5.8.11-1.el7.elrepo.x86_64 #1 SMP Tue Sep 22 18:18:35 EDT 2020 x86_64
User: www (1000)
PHP: 7.4.33
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
$ pwd: /www/wwwroot/www.018111.cn/wp-content/themes/jian/inc/xunhupay/
Upload Files
File: /www/wwwroot/www.018111.cn/wp-content/themes/jian/inc/xunhupay/query.php
<?php

header('Content-type:text/html; Charset=utf-8');
ob_start();
require_once dirname(__FILE__) . "../../../../../../wp-load.php";
ob_end_clean();
require_once get_template_directory() . '/inc/class/xunhupay.class.php';
$XHpayConfig = _cao('xunhupay_wx');

if (empty($XHpayConfig['mchid'])) {
    exit;
}

if ($_GET) {
    try {
        $data = array(
            'mchid'        => $XHpayConfig['mchid'],
            'out_trade_no' => $_GET['out_trade_no'],
            'nonce_str'    => str_shuffle(time()),
        );
        $hashkey      = $XHpayConfig['private_key'];
        $url          = $XHpayConfig['url_do'] . '/pay/query';
        $data['sign'] = XH_Payment_Api::generate_xh_hash_new($data, $hashkey);
        $response     = XH_Payment_Api::http_post_json($url, json_encode($data));
        $result       = $response ? json_decode($response, true) : null;
        echo $result['status'];exit;
    } catch (Exception $e) {
        exit;
    }
}
@ Telegram