Deprixa Pro v8.5.4 — PHP Courier & Logistics Platform | Shipping, Tracking & WhatsApp API

Revolutionize your courier and logistics business with DEPRIXA PRO! Streamline your operations, save time and resources, and elevate your business to the next level with our powerful tool. Automate processes, track shipments in real-time, and ensure maximum security at every stage of the logistics chain. Customizable, intuitive, and easy to use, Deprixa Pro is the smart choice for businesses of all sizes. Don’t settle for outdated systems—get Deprixa Pro now and transform your business. The future starts today!

Payment Gateways

In this new module, you’ll find the most popular payment APIs such as STRIPE, PAYPAL, and PAYSTACK, allowing seamless transactions from the online shopping module. Whenever you purchase an item on platforms like eBay, Amazon, or other stores, you can pre-alert and then pay for your shipments with credit cards.

Requirements

• PHP 8.4 (Recommended)
• MySQL 8.x
• PDO PHP Extension
• Curl PHP Extension
• Openssl PHP Extension
• ION CUBE LOADER Extension

Need Assistance?

Please note that response times may be up to 2 business days.

v8.5.4 – Apr-07-[2026] Security · UI Redesign · Bug Fixes

NEW ADDED:
-Public Shipping Rate Calculator (cotizar.php): New standalone public page with no login required. Includes cascading dropdowns for origin and destination country → state → city, shipping service selector, weight input, volumetric dimensions (L × W × H), automatic chargeable weight calculation (real vs volumetric), and instant tariff lookup. The result panel displays total amount, rate per lb, chargeable weight, service name, and currency symbol.
-Auto-Notification System (helpers/auto_notify.php): Added the new cdp_autoNotifyShipmentStatus() function to automatically send Email, WhatsApp, and SMS notifications when the shipment tracking status is updated. Each notification channel is isolated with its own try/catch block for better stability. Integrated into add_courier_tracking.php and courier_update_multiple_ajax.php.
-CSRF Global Protection: csrf_init.js now uses $(document).ajaxSend() to automatically inject the X-CSRF-TOKEN header into every jQuery POST request, including requests that define their own beforeSend. Also added ajax_guard.php into loader.php so csrf_token() is globally available and the CSRF meta tag renders correctly across panel pages.

UI REDESIGNS:
-login.php: Fully redesigned with Bootstrap 5.2.1 using local assets only, plus Bootstrap Icons. New two-column layout with form panel on the left and hero gradient section on the right. Added quick-access buttons for Get a Quote and Track Shipment. No CDN dependencies.
-views/auth/sign-up.php: Fully redesigned with Bootstrap 5. Organized into clear sections such as Personal Information, Contact, Address, and Account Credentials. Bootstrap Icons integrated. Existing Select2, intlTelInput, and SweetAlert2 functionality preserved.
-views/auth/forgot-password.php: Redesigned with the same Bootstrap 5 visual style used in login and signup pages. Includes shield-lock badge, email input with icon, gradient action button, and right-side hero panel.
-views/tracking.php: Full redesign of the shipment search page with consistent navbar, gradient hero header, floating search card, visual toggle for Shipment / Online Shopping, and feature pills.
-views/track.php: Fully redesigned tracking result page with a Status Hero banner, dynamic colored status badge, 4-step progress stepper with automatic current-step detection, route strip from origin to destination, Sender and Recipient cards, detailed information grids with Bootstrap Icons, sticky vertical timeline with colored event markers, and file attachments table.

FIXED:
-Batch CSRF injection residue — ?>?> (98 files): Removed stray duplicated closing tags left by a previous automation script, which were corrupting JSON AJAX responses and causing jQuery error callbacks across Settings and tools modules.
-Batch CSRF injection residue — (28 files): Fixed duplicate closing brace pattern in dashboard AJAX files that caused PHP Unmatched } fatal errors on the Dashboard page.
-Batch CSRF injection residue — \$lang literal backslash in left_sidebar.php: Fixed parse error on line 205 that caused the panel loader to fail and produce an infinite loading spinner after login.
-ajax/public_quote_ajax.php — Fatal error on submit: Added the missing require_once(‘helpers/querys.php’) include that previously caused Call to undefined function cdp_getSettingsCourier().
-ajax/public_quote_ajax.php — No tariff found for valid routes: Fixed tariff query logic by removing the incorrect client_id = 0 OR client_id IS NULL restriction that excluded client-linked tariffs. Query now prioritizes generic tariffs first while maintaining correct route detection.
-views/print/print_inv_ship.php — Wrong invoice total: Fixed invoice print logic so the view now reads the stored total_order value instead of recalculating totals incorrectly from value_weight.
-Notification badge persistent unread count: Fixed load_notifications.php for Admin users so unread notifications are now filtered correctly by user_id = $_SESSION[‘userid’]. Also improved Mark all read behavior to clear orphan system notifications with user_id = 0.
-XSS escaping: Applied h() / htmlspecialchars() escaping to DB-sourced output in courier_view.php, courier_edit.php, courier_accept.php, courier_add.php, customers_edit.php, and multiple AJAX listing files.
-SQL injection hardening (Reports module): Migrated date-range filters in ajax/reports/*.php (27 files) from string concatenation to PDO named parameters. Replaced row ID concatenations with intval() casts for safer processing.
-Mobile shipment form improvements: Fixed shipment creation behavior on mobile devices so creating a shipment, sender, or recipient no longer closes the modal unexpectedly.
-Pickup and client-side shipping formula issue: Corrected price calculation bugs affecting pickup and shipping forms from the client side.
-General bug fixes and stability improvements: Applied multiple fixes across the system to improve consistency, usability, and overall platform stability.

IMPORTANT NOTES:
-Bootstrap 5.2.1 local assets are now used across all public-facing pages, including login, sign-up, forgot-password, tracking, and cotizar. No CDN dependency is required on these pages.
-loader.php now unconditionally includes helpers/ajax_guard.php, making csrf_token() and require_csrf() available globally across all panel pages without additional per-view changes.
-Supported PHP versions: 8.1 through 8.4. Recommended: PHP 8.4.