xml_set_element_handler($xml_parser, "startElement", "endElement");
xml_set_character_data_handler($xml_parser, "characterData");
if (!xml_parse($xml_parser, $HTTP_RAW_POST_DATA, TRUE)) {
$msg = sprintf("XML error: %s at line %d", xml_error_string(xml_get_error_code($xml_parser)), xml_get_current_line_number($xml_parser));
xml_parser_free($xml_parser);
ReportFatalError($msg);
}
xml_parser_free($xml_parser);
// We have all the data in the $XmlData array
// Check the secret text
if ($XmlData["ORDERNOTICEDS"]["ORDERINFO"]["ORDER_NOTICE_SECRET"]["_data"] != $order_notice_secret) {
ReportFatalError("Invalid order notice secret\n");
}
// Ignore Preview orders
if ($debug == 0 && $XmlData["ORDERNOTICEDS"]["ORDERINFO"]["STATUS"]["_data"] == "PREVIEW") {
ReportFatalError("No processing of preview order except in debug mode.\n");
}
// For Aquatic Prime we really need the date and time (in case someone orders more than one copy
// the same day), so the date from eSellerate won't cut it.
$sn_date = strftime("%Y-%m-%d %H:%m:%S");
// Process each order line
for ($i = 0; $i < $nOrderLines; ++$i) {
// Now do the AquaticPrime stuff
if (in_array($XmlData["ORDERNOTICEDS"]["ORDERLINES"][$i]["SKU_ID"]["_data"], $aquaticPrimeSKUs)) {
$product = $XmlData["ORDERNOTICEDS"]["ORDERLINES"][$i]["SKU_TITLE"]["_data"];
$name = $XmlData["ORDERNOTICEDS"]["ORDERLINES"][$i]["REGISTRATION_NAME"]["_data"];
$email = $XmlData["ORDERNOTICEDS"]["ORDERINFO"]["EMAIL"]["_data"];
$unit_price = $XmlData["ORDERNOTICEDS"]["ORDERLINES"][$i]["UNIT_PRICE"]["_data"];
$count = $XmlData["ORDERNOTICEDS"]["ORDERLINES"][$i]["QUANTITY"]["_data"];
// eSellerate only gives you the date, not the time (so we don't do RFC 2822 formatting here).
$transactionID = $orderNumber;
// Create our license dictionary to be signed
$dict = array("Product" => $product, "Name" => $name, "Email" => $email, "Licenses" => $count, "Timestamp" => $sn_date, "TransactionID" => $transactionID);
$license = licenseDataForDictionary($dict, $key, $privateKey);
// Note that the database size for SERIAL_NUMBER was raised from 255 (eSellerate's size) to
// a MySQL TEXT field to fit alternate registration schemes.
$XmlData["ORDERNOTICEDS"]["ORDERLINES"][$i]["SERIAL_NUMBER"]["_data"] = $license;
$to = $email;
$from = str_replace(array("##NAME##", "##EMAIL##"), array($name, $email), $from);
$subject = str_replace(array("##NAME##", "##EMAIL##"), array($name, $email), $subject);
$message = str_replace(array("##NAME##", "##EMAIL##", "##LICENSES##"), array($name, $email, $count), $message);
$licenseName = str_replace(array("##NAME##", "##EMAIL##"), array($name, $email), $licenseName);
$bcc = str_replace(array("##NAME##", "##EMAIL##"), array($name, $email), $bcc);
sendMail($to, $from, $subject, $message, $license, $licenseName, $bcc);
}
// Build a query string
$queryStringValues = array();
foreach ($orderLinesFields as $currentField) {
$queryStringValues[] = "\"" . mysql_real_escape_string($XmlData["ORDERNOTICEDS"]["ORDERLINES"][$i][$currentField]["_data"]) . "\"";
}
$queryString = "INSERT INTO OrderLines (" . join(", ", $orderLinesFields) . ", ORDER_NUMBER, SN_DATE)" . " VALUES (" . join(", ", $queryStringValues) . ", \"{$orderNumber}\", \"{$sn_date}\")";
if ($debug == 1) {
echo "{$queryString}\n";
}
// Do the insert
$sqlResult = mysql_query($queryString);
if (!$sqlResult) {
ReportFatalError(mysql_error());
}
}
mysql_query("COMMIT");
CloseDb();
