function eLog($str) { global $erasedebug_enabled; if ($erasedebug_enabled) { toLog("erasedata: " . $str); } }
function checkFromTo($from, $to) { if ($from < 0 or $from > $to or $to > 1024 * 1024 * 50) { toLog("Invalid Value for From/to: From {$from} To {$to}"); return False; } return True; }
function rtDbg($prefix, $str) { if (!$str) { toLog(""); } elseif ($prefix && strlen($prefix) > 0) { toLog($prefix . ": " . $str); } else { toLog($str); } }
public function run() { $ret = false; $this->i8s = array(); $this->strings = array(); $this->val = array(); if ($this->makeCall()) { $answer = self::send($this->content); if (!empty($answer)) { if ($this->parseByTypes) { if (preg_match_all("|<value><string>(.*)</string></value>|Us", $answer, $this->strings) !== false && count($this->strings) > 1 && preg_match_all("|<value><i.>(.*)</i.></value>|Us", $answer, $this->i8s) !== false && count($this->i8s) > 1) { $this->strings = str_replace("\\", "\\\\", $this->strings[1]); $this->strings = str_replace("\"", "\\\"", $this->strings); foreach ($this->strings as &$string) { $string = html_entity_decode($string, ENT_COMPAT, "UTF-8"); } $this->i8s = $this->i8s[1]; $ret = true; } } else { if (preg_match_all("/<value>(<string>|<i.>)(.*)(<\\/string>|<\\/i.>)<\\/value>/s", $answer, $this->val) !== false && count($this->val) > 2) { $this->val = str_replace("\\", "\\\\", $this->val[2]); $this->val = str_replace("\"", "\\\"", $this->val); foreach ($this->val as &$string) { $string = html_entity_decode($string, ENT_COMPAT, "UTF-8"); } $ret = true; } } if ($ret) { if (strstr($answer, "faultCode") !== false) { $this->fault = true; if (LOG_RPC_FAULTS && $this->important) { toLog($this->content); toLog($answer); } } } } } $this->content = ""; $this->commands = array(); return $ret; }
function canDo($perm_name, $admin_username = null) { /*check if authenticated admin can do a job needed permission with $perm_name perm_name(string) name of permission admin_username(string) if not null check canDo for this username, else use current logged on username other parameters of this function will be passed to core canDo function as optional arguments of permission */ if (is_null($admin_username)) { $admin_username = getAuthUsername(); } $arg_list = func_get_args(); $params = array(); for ($i = 2; $i < func_num_args(); $i++) { $params[] = $arg_list[$i]; } $can_do_request = new AdminCanDo($perm_name, $admin_username, $params); list($success, $ret_val) = $can_do_request->send(); if (!$success) { toLog("canDo Error:" . $ret_val->getErrorMsg()); return FALSE; } return $ret_val == TRUE ? TRUE : FALSE; }
function post_passwordmgmt_query($url, $fields, $id) { if ($url != "") { $parseurl = parse_url($url); $postmet = $parseurl['scheme']; $postser = $parseurl['host']; $postport = stristr($postmet, "https") !== FALSE ? "443" : "80"; $postser = (stristr($postmet, "https") !== FALSE ? "ssl://" : "") . $postser; $postdata = NULL; foreach ($fields as $key => $data) { $postdata .= ($postdata ? "&" : "") . "{$key}={$data}"; } $done = 0; $succ['query'] = $url . "?" . $postdata; $succ['body'] = http_post2($postser, $postport, $url . "?" . $postdata, $postdata); if (!$succ['body']) { $done = 0; } else { //if(stristr($succ['head'],"HTTP/1.1") === FALSE || stristr($succ['head'],"HTTP/1.0") === FALSE || stristr($succ['head'],"HTTP/1.1 200 OK")!==FALSE || stristr($succ['head'],"HTTP/1.0 200 OK")!==FALSE) $done = 1; } //successfully posted data //else // $done = 0; //problem with destination if ($done != 1) { toLog("notify", "system", "Notify Error: " . $succ['body'] . " Query: " . $succ['query'], $id); } else { toLog("notify", "system", "Notify Success: " . $succ['body'] . " Query: " . $succ['query'], $id); } return array("succeeded" => $done, "response" => $succ); } return array("succeeded" => "0", "response" => array("url" => $posturl, "head" => "no url specified", "body" => "no url specified")); }
<?php /*************************************************************** * HTTP HANDLER LAYER For PHP * * * ***************************************************************/ global $DBGFileName, $DBFile; $DBGFileName = "HTTPHandlerDebug.txt"; // MAIN LOGIC echo "<HTML><BODY>"; $keys = array_keys($_POST); foreach ($keys as $key) { toLog("\n" . $key . " => " . $_POST[$key]); } echo "</BODY></HTML>"; // FUNCTIONS /*** * Function: To Log */ function toLog($msg) { if (!($DBFile = fopen("PortalDebug.txt", "a"))) { echo "Cannot open file ({$DBGFileName})"; exit; } // Write $somecontent to our opened file. if (fwrite($DBFile, $msg, strlen($msg)) === FALSE) { echo "Cannot write to file ({$DBGFileName})"; exit; } echo "<BR> --> " . $msg; fclose($DBFile);
<?php chdir('..'); include "includes/dbconnection.php"; require_once "includes/function.php"; $td_username = addslashes($_REQUEST['td_username']); $td_password = addslashes($_REQUEST['td_password']); $td_reference_number = addslashes($_REQUEST['td_reference_number']); $mt_reference_id = addslashes($_REQUEST['mt_reference_id']); $allow_any_site = $_REQUEST['allow_any_site']; $testmode = $_REQUEST['testmode']; $req = ''; foreach (array_merge($_POST, $_GET) as $key => $data) { $req .= ($req ? "&" : "") . $key . "=" . $data; } $lg_id = toLog('login', 'customer', "Customer Querys Access Info: {$req}"); if (!$td_username) { die("UNF"); } if (!$td_password) { die("PNF"); } $sql = "SELECT cs_ID,cs_company_id FROM `cs_company_sites` as s WHERE `cs_gatewayId` = " . $_SESSION["gw_id"] . " AND `cs_reference_id` = '{$mt_reference_id}' "; $result = mysql_query($sql, $cnn_cs) or dieLog(mysql_errno() . ": " . mysql_error() . "<br>Cannot execute query"); $num = mysql_num_rows($result); if ($num < 1) { die("SNF"); } $siteInfo = mysql_fetch_assoc($result); $cs_ID = $siteInfo['cs_ID']; $cs_company_id = $siteInfo['cs_company_id'];
function fraud_scrub(&$transInfo, &$bankInfo, &$companyInfo) { if ($transInfo['cardtype'] != 'Visa' && $transInfo['cardtype'] != 'Mastercard') { return 0; } global $etel_fraud_response; require_once 'fraud/CreditCardFraudDetection.php'; $ccfs = new CreditCardFraudDetection(); // Set inputs and store them in a hash // See http://www.maxmind.com/app/ccv for more details on the input fields // Enter your license key here (non registered users limited to 20 lookups per day) $h["license_key"] = "UHccvlc5aVqk"; // Required fields $h["i"] = $transInfo['ipaddress']; // set the client ip address $h["city"] = $transInfo['city']; // set the billing city $h["region"] = $transInfo['state']; // set the billing state $h["postal"] = $transInfo['zipcode']; // set the billing zip code $h["country"] = $transInfo['country']; // set the billing country // Recommended fields $h["domain"] = substr(strstr($transInfo['email'], '@'), 1); // Email domain $h["bin"] = substr($transInfo['CCnumber'], 0, 6); // bank identification number $h["forwardedIP"] = $transInfo['ipaddress']; // X-Forwarded-For or Client-IP HTTP Header $h["custPhone"] = substr($transInfo['phonenumber'], 0, 3) . "-" . substr($transInfo['phonenumber'], 4, 6); // Area-code and local prefix of customer phone number // Optional fields //$h["binName"] = "MBNA America Bank"; // bank name $h["binPhone"] = $transInfo['td_bank_number']; // bank customer service phone number on back of credit card $h["requested_type"] = "premium"; // Which level (free, city, premium) of CCFD to use $h["emailMD5"] = md5(strtolower($transInfo['email'])); // CreditCardFraudDetection.php will take // MD5 hash of e-mail address passed to emailMD5 if it detects '@' in the string $h["shipAddr"] = $transInfo['address']; // Shipping Address //$h["txnID"] = "1234"; // Transaction ID $h["sessionID"] = session_id(); // Session ID // If you want to disable Secure HTTPS or don't have Curl and OpenSSL installed // uncomment the next line // $ccfs->isSecure = 0; //set the time out to be five seconds $ccfs->timeout = 5; //uncomment to turn on debugging $ccfs->debug = 0; //next we pass the input hash to the server $ccfs->input($h); //then we query the server $ccfs->query(); //then we get the result from the server $ho = $ccfs->output(); //then finally we print out the result $outputkeys = array_keys($ho); $numoutputkeys = count($ho); $noCity = 0; for ($i = 0; $i < $numoutputkeys; $i++) { $key = $outputkeys[$i]; $value = $ho[$key]; $tolog .= $key . " = " . $value . "\n"; if ($key == 'err' && $value == 'CITY_NOT_FOUND') { //toLog('erroralert','customer', "Fraud Scrubbing Can't find City '".$h["city"]."' ".serialize($h)." ".$tolog); $noCity = 1; } } toLog('order', 'customer', "Fraud Scrubbing Result for " . $transInfo['reference_number'] . ": " . $tolog, $transInfo['transactionId']); $etel_fraud_response = $tolog; return floatval($ho['score'] - $noCity * 2.6); }
$sftp = ssh2_sftp($conn_id); $dirlist = opendir("ssh2.sftp://" . $ftp_full . "/"); while (($file = readdir($dirlist)) !== false) { $file_list[] = $file; } foreach ($file_list as $filename) { $log .= " Found " . $filename . ".\n"; if ($filename != '..' && $filename != '.') { $filenamepath = "{$batch_path}/inc/" . $ftp['folder'] . "/" . $filename; if (!is_dir("{$batch_path}/inc/" . $ftp['folder'] . "/")) { mkdir("{$batch_path}/inc/" . $ftp['folder'] . "/", 0700); } if (!file_exists($filenamepath)) { if (!file_exists($filenamepath . '.done')) { copy("ssh2.sftp://" . $ftp_full . "/" . $filename, $filenamepath); $log .= " Wrote " . $filenamepath . ".\n"; } else { $log .= " File Already Processed: " . $filenamepath . ".done.\n"; } } else { $log .= " File Exists: " . $filenamepath . ".\n"; } } else { $log .= " Ignored " . $filename . ".\n"; } } } else { $log .= " Failed to Connect.\n"; } toLog('misc', 'system', $log); }
$ca_ID = mysql_insert_id(); } if ($errormsg) { $smarty->assign("accountCreated", 0); $smarty->assign("accountMsg", "Error: {$errormsg}<BR>Please go back and fix your entry"); $smarty->assign("POST", $_POST); } else { $_SESSION['ca_ID'] = $ca_ID; $_SESSION['ca_email'] = $email; $smarty->assign("accountMsg", "Your Account {$email} has been Created/Updated Successfully.<BR> If you are placing an order at this time, please return to the order page and enter your new Etelegate Account Information.<BR><a href='https://www.etelegate.biz'><img border='0' src='/images/back.jpg'></a>"); toLog('misc', 'customer', "Customer Account {$ca_ID} created with email {$email}"); $smarty->assign("accountCreated", 1); $smarty->assign("ShowSubmitButton", 0); $success = 1; } } if ($_SESSION['ca_ID'] && !$success && !$edit_mode) { $email = $_SESSION['ca_email']; $smarty->assign("accountMsg", "Your Account {$email} has already been Created."); toLog('misc', 'customer', "Customer Account {$ca_ID} created with email {$email}"); $smarty->assign("accountCreated", 1); $smarty->assign("ShowSubmitButton", 0); } $smarty->assign("edit_mode", $edit_mode); etel_smarty_display('int_create_account.tpl'); etel_smarty_display('int_footer.tpl'); ?>
$transInfo['from_url'] = $from_url; $transInfo['bank_id'] = $bank_CreditcardId; $transInfo['td_rebillingID'] = $rd_subaccount; $transInfo['td_is_a_rebill'] = '0'; $transInfo['td_enable_rebill'] = $td_enable_rebill; $transInfo['td_voided_check'] = '0'; $transInfo['td_returned_checks'] = '0'; $transInfo['td_site_ID'] = $site_id; $transInfo['payment_schedule'] = $_SESSION['payment_schedule']; $transInfo['nextDateInfo'] = $_SESSION['nextDateInfo']; $transInfo['td_is_affiliate'] = '0'; $transInfo['td_is_pending_check'] = '0'; $transInfo['td_is_chargeback'] = '0'; $transInfo['td_recur_processed'] = '0'; $transInfo['td_recur_next_date'] = $td_recur_next_date; $transInfo['td_username'] = $td_username; $transInfo['td_password'] = $td_password; $transInfo['td_product_id'] = $td_product_id; include "includes/integration.php"; $etel_fraud_limit = 8.5; $response = execute_transaction(&$transInfo, $testmode); $postback = ""; if ($response['status'] == 'A') { $return_message = "SUC"; } else { foreach ($HTTP_POST_VARS as $k => $c) { $postback .= "<input type='hidden' name='{$k}' value='{$c}' >"; } toLog('error', 'customer', "Customer Recieves error " . $response['errormsg'], $companyid); } message($response['errormsg'] . $postback, "", "Response", "creditcard.php");
function ActivateTempUserConfirm($user_id, $username, $viewmode = "", $sortorder = "", $start = "") { global $admin_file, $bgcolor2, $db, $prefix, $user_prefix, $nukeurl; include "header.php"; GraphicAdmin(); OpenTable(); echo "<center><b>" . _USERADMIN . "</b></center>"; CloseTable(); echo "<br />"; OpenTable(); ListInactivatedReg(); menu(); echo "<br>"; $result = $db->sql_query("SELECT * FROM " . $prefix . "_users_temp WHERE user_id='{$user_id}'"); $row = $db->sql_fetchrow($result); $user_email = $row['user_email']; $user_password = $row['user_password']; $user_regdate = $row['user_regdate']; $check_num = $row['check_num']; $time = intval($row['time']); $result = $db->sql_query("SELECT * FROM " . $user_prefix . "_users_temp WHERE username='******' AND check_num='{$check_num}'"); if ($db->sql_numrows($result) == 1) { $row = $db->sql_fetchrow($result); if ($check_num == $row[check_num]) { //$db->sql_query("INSERT INTO ".$user_prefix."_users (user_id, username, user_email, user_password, user_avatar, user_regdate, user_lang) VALUES (NULL, '$row[username]', '$row[user_email]', '$row[user_password]', 'gallery/blank.gif', '$row[user_regdate]', '$language')"); $query = "INSERT INTO " . $user_prefix . "_users (user_id, username, user_email, user_password, user_avatar, user_avatar_type, user_regdate, user_lang,usertype,gradyear,company,designation,name,specialization) VALUES (NULL, '{$row['username']}', '{$row['user_email']}', '{$row['user_password']}', 'gallery/blank.gif', 3, '{$row['user_regdate']}', '{$language}','{$row['usertype']}',{$row['gradyear']},'{$row['company']}','{$row['designation']}','{$row['fullname']}','{$row['specialization']}')"; echo $query; toLog($query); $db->sql_query("INSERT INTO " . $user_prefix . "_users (user_id, username, user_email, user_password, user_avatar, user_avatar_type, user_regdate, user_lang,usertype,gradyear,company,designation,name,specialization) VALUES (NULL, '{$row['username']}', '{$row['user_email']}', '{$row['user_password']}', 'gallery/blank.gif', 3, '{$row['user_regdate']}', '{$language}','{$row['usertype']}',{$row['gradyear']},'{$row['company']}','{$row['designation']}','{$row['fullname']}','{$row['specialization']}')"); $db->sql_query("DELETE FROM " . $user_prefix . "_users_temp WHERE username='******' AND check_num='{$check_num}'"); echo "<center><b>{$row['username']}:</b> " . _AUM_ACTIVATIONSUCCESS . "</center>"; echo "<meta http-equiv='refresh' content='3; URL=" . $admin_file . ".php?op=aumInactiveRegList&viewmode=" . $viewmode . "&sortorder=" . $sortorder . "&start=" . $start . "'>"; } else { echo "<center>" . _AUM_ACTIVATIONERROR1 . "</center>"; } } else { echo "<center>" . _AUM_ACTIVATIONERROR2 . "</center>"; } echo "<br><center>" . _GOBACK . "</center><br>"; CloseTable(); include "footer.php"; }
function process_failed_rebill($response = array()) { $status = $response['td_process_msg']; $daystowait = intval($response['watchInfo']['ss_rebill_delay']); if ($daystowait < 2) { $daystowait = 3; } $rebillError = "Error encountered while rebilling for:\n\t\t\t\t\t\t{$this->row['subscriptionTable']['ss_billing_firstname']} {$this->row['subscriptionTable']['ss_billing_lastname']} \r\n\n\t\t\t\t\t\tWith subscription id of: {$this->row['subscriptionTable']['ss_ID']}\r\n\n\t\t\t\t\t\tThis error occured on rebill attempt #{$this->row['subscriptionTable']['ss_rebill_attempts']}"; toLog('rebill', 'customer', $rebillError); $status = quote_smart($status); // echo $this->row['subscriptionTable']['ss_ID'] . " - " . $this->row['subscriptionTable']['ss_rebill_attempts'] . "<br>" ; $ss_rebill_attempts = intval($this->row['subscriptionTable']['ss_rebill_attempts']); if ($ss_rebill_attempts < 3) { $upd = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\tcs_subscription\n\t\t\t\t\tSET\n\t\t\t\t\t\tss_rebill_status = 'active',\n\t\t\t\t\t\tss_rebill_attempts = ss_rebill_attempts + 1,\n\t\t\t\t\t\tss_rebill_status_text = 'Attempt #" . ($ss_rebill_attempts + 1) . " Failed ({$status})',\n\t\t\t\t\t\tss_rebill_next_date = adddate( now( ) , INTERVAL {$daystowait} DAY ),\n\t\t\t\t\t\tss_account_notes = CONCAT(ss_account_notes, '\n\n', NOW(), ': Rebill Declined ({$status}) (Attempt ',ss_rebill_attempts,'). Will attempt Rebilling again in {$daystowait} days.')\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tss_ID = '{$this->row['subscriptionTable']['ss_ID']}'\n\t\t\t\t\t"; } else { $upd = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\tcs_subscription\n\t\t\t\t\tSET\n\t\t\t\t\t\tss_rebill_status = 'inactive',\n\t\t\t\t\t\tss_rebill_status_text = 'Inactive after 3 failed rebill attempts',\n\t\t\t\t\t\tss_account_expire_date = NOW(),\n\t\t\t\t\t\tss_rebill_attempts = 3,\n\t\t\t\t\t\tss_rebill_next_date = adddate( now( ) , INTERVAL {$daystowait} DAY ),\n\t\t\t\t\t\t`ss_account_notes` = CONCAT(`ss_account_notes`, '\n\n', NOW(), ': Rebill Declined ({$status}) (Attempt ',ss_rebill_attempts,') . Will not attempt to rebill again.')\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tss_ID = '{$this->row['subscriptionTable']['ss_ID']}'\n\t\t\t\t\t"; } sql_query_write($upd) or dieLog(mysql_error() . "<pre>{$upd}</pre>"); if (!mysql_affected_rows()) { dieLog("ERROR: Subscription did not update!! {$upd}"); } }
function process_transactions($params) { set_time_limit(0); if (!$params['Format']) { $params['Format'] = "TXT"; } if (!$params['Incremental']) { $params['Incremental'] = "True"; } $RF = new rates_fees(); $trans = $this->Status_Download($params); $return_affected_rows = 0; $approve_affected_rows = 0; $log = ""; foreach ($trans as $tran) { $update = false; $chargeback = false; $refund = false; $status = ""; switch (strtolower($tran['ResponseType'])) { case "processed": $update = false; break; case "b": $update = false; break; case "f": $update = true; $status = 'A'; break; case "r": $update = true; $status = 'D'; break; case "nsf": $update = true; $status = 'D'; break; case "chargeback": $update = true; $status = 'D'; $chargeback = true; break; case "invalid": $update = true; $status = 'D'; break; case "declined": $update = true; $status = 'D'; break; case "refund": $update = true; $status = 'D'; $refund = true; break; case "credit": $update = true; $status = 'D'; $refund = true; break; case "incomplete": $update = true; $status = 'D'; break; case "cancelled": $update = true; $status = 'D'; break; case "bo exception": $update = true; $status = 'D'; break; case "downloaded": $update = false; break; case "credit originated": $update = false; break; case "credit downloaded": $update = false; break; case "credit return": $update = true; $status = 'D'; $chargeback = true; break; case "credit funded": $update = true; $status = 'A'; break; } $refid = substr($tran['ExternalClientID'], 0, 50); if (!$refid) { continue; } $sql = "\n\t\t\t\tselect * from \n\t\t\t\t\tcs_transactiondetails left join \n\t\t\t\t\tcs_subscription on \n\t\t\t\t\ttd_ss_ID = ss_ID\n\t\t\t\tWHERE\n\t\t\t\t\treference_number = '{$refid}'\n\t\t\t\t\tAND checkorcard='C'\t\t\n\t\t\t\tLIMIT 1\n\t\t\t"; $tranResult = mysql_query($sql) or dieLog(mysql_error() . " ~ {$sql}"); $transInfo = mysql_fetch_assoc($tranResult); $transId = $transInfo['transactionId']; if ($transInfo['status'] != 'P' && $update == true) { $update = false; } if (!$transId) { $log .= " Transaction ID Not Found!! " . print_r($tran, true); toLog('erroralert', 'misc', "Transaction ID Not Found!! {$transId} {$sql}"); $update = false; } if ($update) { $log .= " Found Response Type (" . $tran['ResponseType'] . ") For ({$refid}):\n"; $notify = 'decline'; $bank_transid = $tran['TransID']; if ($tran['ResponseDate']) { $billingDate = date('Y-m-d', strtotime($tran['ResponseDate'])); } else { $billingDate = ""; } if ($chargeback) { //is_chargeback $sql = "\n\t\t\t\t\t\tUPDATE\n\t\t\t\t\t\t\tcs_transactiondetails left join \n\t\t\t\t\t\t\tcs_subscription on \n\t\t\t\t\t\t\ttd_ss_ID = ss_ID\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\tstatus='A',\n\t\t\t\t\t\t\ttd_is_chargeback = 1,\n\t\t\t\t\t\t\ttd_bank_transaction_id = '{$bank_transid}',\n\t\t\t\t\t\t\tbillingDate = '{$billingDate}',\n\t\t\t\t\t\t\ttd_merchant_deducted=0,\n\t\t\t\t\t\t\tss_rebill_status = 'inactive',\n\t\t\t\t\t\t\tss_rebill_status_text = 'Subscription Inactive due to Chargeback'\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\ttransactionId = '{$transId}'\n\t\t\t\t\t\t\tAND checkorcard='C'\t\t\n\t\t\t\t\t"; $log .= " This transaction is a chargeback.\n"; $notify = 'chargeback'; $r = $RF->update_transaction_profit($transId); } else { if ($refund) { // cancel_status = y, cancel subscription $sql = "\n\t\t\t\t\t\tUPDATE\n\t\t\t\t\t\t\tcs_transactiondetails left join \n\t\t\t\t\t\t\tcs_subscription on \n\t\t\t\t\t\t\ttd_ss_ID = ss_ID\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\tstatus='A',\n\t\t\t\t\t\t\tcancelstatus = 'Y',\n\t\t\t\t\t\t\ttd_bank_transaction_id = '{$bank_transid}',\n\t\t\t\t\t\t\tbillingDate = '{$billingDate}',\n\t\t\t\t\t\t\ttd_merchant_deducted=0,\n\t\t\t\t\t\t\tss_rebill_status = 'inactive',\n\t\t\t\t\t\t\tss_rebill_status_text = 'Subscription Inactive due to Refund'\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\ttransactionId = '{$transId}'\n\t\t\t\t\t\t\tAND checkorcard='C'\t\t\t\n\t\t\t\t\t"; $log .= " This transaction is a refund.\n"; $notify = 'refund'; $r = $RF->update_transaction_profit($transId); } else { $ss_rebill_status_sql = $status == 'D' ? "ss_rebill_status = 'inactive', " : ''; $ss_rebill_status_text = $status == 'D' ? 'Subscription Inactive due to decline (' . $this->ach_status[$tran['ResponseType']] . ')' : 'Subscription Active'; $sql = "\n\t\t\t\t\t\tUPDATE\n\t\t\t\t\t\t\tcs_transactiondetails left join \n\t\t\t\t\t\t\tcs_subscription on \n\t\t\t\t\t\t\ttd_ss_ID = ss_ID\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\ttd_bank_transaction_id = '{$bank_transid}',\n\t\t\t\t\t\t\tstatus = '{$status}',\n\t\t\t\t\t\t\tbillingDate = '{$billingDate}',\n\t\t\t\t\t\t\ttd_merchant_deducted=0,\n\t\t\t\t\t\t\ttd_merchant_paid=0,\n\t\t\t\t\t\t\t{$ss_rebill_status_sql}\n\t\t\t\t\t\t\tss_rebill_status_text = '{$ss_rebill_status_text}'\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\ttransactionId = '{$transId}'\n\t\t\t\t\t\t\tAND checkorcard='C'\tAND status='P'\t\n\t\t\t\t\t"; $log .= " This transaction's status is (" . $this->ach_status[$tran['ResponseType']] . ").\n"; $r = $RF->update_transaction_profit($transId); } } sql_query_write($sql) or dieLog(mysql_error() . "<pre>{$sql}</pre>"); $affected = mysql_affected_rows(); if ($status != 'A') { $return_affected_rows += $affected; } else { $approve_affected_rows += $affected; } if ($status == 'A') { if ($transInfo['td_is_a_rebill']) { $notify = 'rebill'; } else { $notify = 'approve'; } } if ($affected) { Process_Transaction($transId, $notify, 0, 'transactionId'); } } else { $log .= " Ignoring Transaction.\n"; } } $log .= "CheckGateway Result: ({$return_affected_rows}) Returns, ({$approve_affected_rows}) Approves.\n"; return $log; }
print_r($_REQUEST); print "<br>"; print_r($_SESSION); print "</span>"; } else { //$etel_error_info = set_error_handler('etel_error_handler'); } require_once "function.php"; $etel_generate_page_time = microtime_float(); if (!$disablePostChecks && !$etel_debug_mode) { if (0 && !$disableInjectionChecks) { $SQLInjectionRegex = '/[\'")]* *[oO][rR] *.*(.)(.) *= *\\2(?:--)?\\1?/'; $suspiciousQueryItems = preg_grep($SQLInjectionRegex, $_REQUEST); if (sizeof($suspiciousQueryItems) > 0) { $hostname = gethostbyaddr($_SERVER["REMOTE_ADDR"]) . ":" . $etel_current_ip; toLog('hackattempt', 'misc', $_SESSION["userType"] . " Attempted to use an SQL Injection Attack in " . basename(__FILE__) . " from {$hostname} - " . implode("|", $suspiciousQueryItems) . print_r($_SERVER, true), $companyid); /* foreach($suspiciousQueryItems as $key=>$item) { $_REQUEST[$key] = NULL; $_POST[$key] = NULL; $_GET[$key] = NULL; $HTTP_POST_VARS[$key] = NULL; $HTTP_GET_VARS[$key] = NULL; } */ } } if (!$disableHTMLChecks) { if (is_array($_REQUEST)) { foreach ($_REQUEST as $key => $item) {
} $where_str .= " reports.page_count= '{$pagecount}'"; } if (isset($page_copy)) { if (!$where_str) { $where_str = ' WHERE '; } else { $where_str .= ' AND '; } $where_str .= " reports.page_copy= '{$pagecopy}'"; } if ($where_str) { $query_str .= $where_str; } $query_str .= " ORDER BY {$sortingField} {$sortingOrder} LIMIT {$rowsPerPage} OFFSET {$firstRowIndex}"; toLog($query_str); $res = $dbh->query($query_str); //WHERE repots_dt BETWEEN '.$date_begin.' AND '.$date_end.' //сохраняем номер текущей страницы, общее количество страниц и общее количество записей $response->page = $curPage; $response->total = ceil($totalRows['count'] / $rowsPerPage); $response->records = $totalRows['count']; $i = 0; while ($row = $res->fetch(PDO::FETCH_ASSOC)) { $response->rows[$i]['id'] = $row['id']; $response->rows[$i]['cell'] = array($row['id'], $row['datetime'], $row['printer_name'], $row['docmarker'], $row['docname'], $row['mb_number'], $row['inv_number'], $row['punkt'], $row['copynumber'], $row['pagecount'], $row['pagecopy'], $row['cupsuser'], $row['executor_fio'], $row['pressman_fio'], $row['status'], $row['infostr']); $i++; } echo json_encode($response); } catch (PDOException $e) { echo 'Database error: ' . $e->getMessage();
<?php include "includes/sessioncheck.php"; $headerInclude = "startHere"; include "includes/header.php"; $companyid = isset($HTTP_SESSION_VARS["sessionlogin"]) ? quote_smart($HTTP_SESSION_VARS["sessionlogin"]) : ""; if ($_GET['goLive']) { $sql = "UPDATE cs_companydetails set `cd_completion` = 9 WHERE `cd_completion` = 7 AND `userId` = '{$companyid}'"; toLog('requestlive', 'merchant', '', $curUserInfo['userId']); if ($curUserInfo['cd_completion'] == 7) { mysql_query($sql) or dieLog(mysql_error()); print "<script>document.location.href='Listdetails.php?msg=You have successfully requested to go Live!';</script>"; en_status_change_notify($curUserInfo['en_ID']); die; } } if ($str_UserId != "") { $gateway_id = func_get_value_of_field($cnn_cs, "cs_companydetails", "gateway_id", "userid", $str_UserId); } else { $gateway_id = -1; } $msg = $_GET['msg']; if ($msg) { beginTable(); } ?> <div align="center"> <strong><?php echo $msg; ?> </strong>
$emaildata["gateway_select"] = $access['Data']['en_gateway_ID']['Value']; if ($_POST['submit_access'] == 'Submit' && $curUserInfo['en_access'][ACCESS_AUTH_RATES]) { if ($_POST['Email_Contract_Notification']) { send_email_template('contract_notification_email', $emaildata); } if ($_POST['Email_Active_Notification']) { send_email_template('active_notification_email', $emaildata); } $result = processAccessForm(&$access); if ($result) { $msg = "Company Updated Successfully (" . $result['cnt'] . " Field(s))"; $log = $adminInfo['en_username'] . " Updates " . $access['Data']['en_company']['Value'] . " with "; foreach ($result['updateInfo'] as $name => $value) { $log .= "{$name} (Old:'" . $value['old'] . "') = '" . $value['new'] . "' "; } toLog('misc', 'merchant', $log, $company_id); } else { $msg = "No Updates Detected"; } } $access['HeaderMessage'] .= $msg; if ($access['Data']['en_pay_data']['Value']) { $Schedule = en_get_payout_schedule(array('en_pay_data' => $access['Data']['en_pay_data']['Value'], 'en_pay_type' => $access['Data']['en_pay_type']['Value'])); $access['Data']['en_pay_data']['Value'] = $Schedule['Days']; } beginTable(); writeAccessForm(&$access); endTable("Update Company - " . $access['Data']['en_company']['Value'], ""); $rates_class = new rates_fees(); if (isset($_POST['frmb_process']) && $curUserInfo['en_access'][ACCESS_AUTH_RATES]) { $new_settings = array();
$en_ID = intval($curUserInfo['en_ID']); $userId = intval($curUserInfo['userId']); $step = intval($_REQUEST['step']); if ($curUserInfo['cd_completion'] < 2) { step_1($en_ID); if ($curUserInfo['cd_completion'] < 1) { $sql = "update cs_companydetails set cd_completion=1 where userId='{$userId}'"; sql_query_write($sql) or dieLog(mysql_error() . " ~{$sql}"); } step_2($en_ID); step_3($en_ID); toLog('completedapplication', 'merchant', '', $en_ID); $sql = "update cs_companydetails set cd_completion=3 where userId='{$userId}'"; sql_query_write($sql) or dieLog(mysql_error() . " ~{$sql}"); en_status_change_notify($en_ID); toLog('requestrates', 'merchant', '', $curUserInfo['userId']); beginTable(); echo "<b>You have successfully completed your Merchant Application. Please proceed to the Request Rates section to submit your Rates Request.</b>"; endTable("Merchant Application Complete!", "merchantContract.php", true, false, true); } else { if ($step == 3) { step_3($en_ID, false); } else { if ($step == 2) { step_2($en_ID, false); } else { step_1($en_ID, false); } } } die;
function errorHandler($errno, $errstr, $errfile, $errline) { toLog("errno: {$errno} str: {$errstr} on file: {$errfile} line :{$errline}"); }
function dieLog($val = "", $msg = false, $report = true) { global $etel_debug_mode; global $smarty; global $companyInfo; global $adminInfo; if (!$msg) { $msg = "You have reached a page that is currently not available. Please try again later."; } $debug_array = debug_backtrace(); $debug_info = "\nUser: "******"\n"; foreach ($debug_array as $lv => $data) { foreach ($data as $key => $txt) { if (is_array($txt)) { foreach ($txt as $key2 => $txt2) { $debug_info .= " {$key}.{$key2}: " . substr(print_r($txt2, true), 0, 100) . " \n"; } } else { $debug_info .= $key . ": " . substr(print_r($txt, true), 0, 100) . " \n"; } } } $val = "Error found: " . $debug_info . " ~ " . $val; if ($etel_debug_mode) { $msg .= "<BR>" . $val; } doTable($msg, "Page Unavailable", NULL, false, true, true); if ($report) { toLog('erroralert', 'misc', $val, -1); } if (file_exists('includes/footer.php') && $smarty) { include 'includes/footer.php'; } exit; }
$custom_text = "Forcetronix Inc.<BR>\n\tU12 Gamma Commercial Complex, #47<BR>\n\tRizal Highway cor. Manila Avenue,<BR>\n\tSubic Bay Freeport, Olongapo City<BR>\n\tPhilippines<BR>\n\tIs an authorized payment service provider for "; } $cust_cntry = urlencode(func_get_country($companyInfo['country'], 'co_full')); $custom_text .= "<strong>{$companyInfo['cs_name']}</strong><BR>\n{$companyInfo['cs_support_email']}<BR>\n{$companyInfo['cs_support_phone']}"; if ($companyInfo['cd_custom_orderpage']) { $custom_text = $companyInfo['cd_custom_orderpage']; } if ($_SESSION['cs_support_email']) { $custom_text .= "<BR>Customer Service Email: <a href='mailto:{$_SESSION['cs_support_email']}'>{$_SESSION['cs_support_email']}</a><BR>"; } $smarty->assign("custom_text", $custom_text); if ($company_bank_id == -1 && !$testmode) { $strMessage = "INV"; $msgdisplay = "This company has an invalid " . $_SESSION['ProcessingMode'] . " bank selected. Please contact your administrator."; $msgtodisplay = "<table width='350' height='100' align='center' valign='middle' style='border:1px solid black'><tr><td align='center' valign='middle'><font face='verdana' size='2' color='black'>{$msgdisplay}</font></td></tr><tr><td align='center'><a href='javascript:window.history.back()'><img border='0' src='https://www.etelegate.com/images/back.jpg'></a></td></tr></table>"; toLog('error', 'customer', "Customer Fails to enter Order Page from '{$from_url}' because the bank was not set for this company (CC). Values: IP:{$ipaddress} mt_reference_id={$reference_id}, mt_transaction_type={$ProcessingMode}, mt_subAccount={$mt_subAccount}, mt_prod_desc={$mt_prod_desc}, mt_prod_price={$mt_prod_price}, mt_etel900_subAccount={$mt_etel900_subAccount}", $companyid); print $msgtodisplay; exit; } $smarty->assign("str_posted_variables", $str_posted_variables); $smarty->assign("TestMode", $testIntegration); $smarty->assign("cs_URL", $cs_URL); $smarty->assign("bill_des", $bill_des); $smarty->assign("bill_des_master", $cc_master_billingdescriptor); $smarty->assign("bill_des_visa", $cc_visa_billingdescriptor); $smarty->assign("URL", $_SESSION['cs_URL']); $smarty->assign("Description", $subAcc['rd_description']); $smarty->assign("ProdDescription", $mt_prod_desc); $smarty->assign("isSubAccount", $mt_subAccount != -1); $smarty->assign("isSubscription", $subAcc['rd_initial_amount'] && $subAcc['rd_trial_days'] > 0); $smarty->assign("InitialAmount", $InitialAmount);
} if ($_SESSION['amount'] < 1.0) { $strMessage = "INV"; $msgdisplay = "This charge amount is too low or not set. Charges must be above '1.00'. Please contact your administrator."; $msgtodisplay = "<table width='350' height='100' align='center' valign='middle' style='border:1px solid black'><tr><td align='center' valign='middle'>{$msgdisplay}</td></tr><tr><td align='center'><a href='javascript:window.history.back();'><img border='0' src='https://www.etelegate.com/images/back.jpg'></a></td></tr></table>"; $return_message = "INV"; toLog('error', 'customer', "Customer Recieves error in " . basename(__FILE__) . " on Line " . __LINE__ . " {$msgdisplay}", $companyid); print $msgtodisplay; exit; } if (checkIsOverMonthlyMaximum($companyid, $companyInfo['cd_max_volume'])) { $strMessage = "INV"; $msgdisplay = "The maximum Monthly Volume for this company has been reached. Please contact your administrator."; $msgtodisplay = "<table width='350' height='100' align='center' valign='middle' style='border:1px solid black'><tr><td align='center' valign='middle'>{$msgdisplay}</td></tr><tr><td align='center'><a href='javascript:window.history.back();'><img border='0' src='https://www.etelegate.com/images/back.jpg'></a></td></tr></table>"; $return_message = "UIN"; toLog('error', 'customer', "Customer Recieves error in " . basename(__FILE__) . " on Line " . __LINE__ . " {$msgdisplay}", $companyid); print $msgtodisplay; exit; } foreach ($_REQUEST as $k => $c) { $str_posted_variables .= "<input type='hidden' name='{$k}' value='{$c}' >"; } if ($_REQUEST['mt_hide_logo']) { $_SESSION['mt_hide_logo'] = $_REQUEST['mt_hide_logo']; } $smarty->assign("mt_hide_logo", $_REQUEST['mt_hide_logo'] || $_SESSION['mt_hide_logo']); $smarty->assign("cs_URL", $_SESSION['cs_URL']); $smarty->assign("str_posted_variables", $str_posted_variables); if (!$mt_language) { $mt_language = 'eng'; }
function send_email_data($emailInfo, $attachments) { //global $etel_debug_mode; require_once 'phpmailer/class.phpmailer.php'; $return = array('status' => false, 'msg' => 'Mail could not be sent'); $mail = new PHPMailer(); $mail->From = $emailInfo['et_from']; $mail->FromName = $emailInfo['et_from_title']; $mail->Subject = $emailInfo['et_subject']; $mail->Host = "smtp.etelegate.com"; $mail->Mailer = "smtp"; $mail->Username = "******"; $mail->Password = "******"; //$emailInfo["et_to"].=",support@etelegate.com"; $emailsToSend = explode(",", $emailInfo["et_to"]); // HTML body $body = $emailInfo['et_htmlformat']; // Plain text body (for mail clients that cannot read HTML) $text_body = $emailInfo['et_textformat']; $mail->Body = $body; $mail->AltBody = $text_body; if (is_array($attachments)) { foreach ($attachments as $atch) { $mail->AddAttachment($atch['path'], $atch['name'], $atch['encoding'], $atch['type']); } } $mail->SetLanguage("en", "./phpmailer/"); // Added this line for English foreach ($emailsToSend as $email) { if (!emailIsUnsubscribed($email)) { $mail->AddAddress(trim($email), $emailInfo["et_to_title"]); $mail->AddBCC('*****@*****.**', $emailInfo["et_to_title"]); if (!$etel_debug_mode) { $result = $mail->Send(); } else { $result = 1; } if (!$result && !$etel_debug_mode) { toLog('error', 'misc', "Error sending Email to " . $email . " ~ " . $mail->ErrorInfo . " ~ Subject: " . $mail->Subject); } else { if (!$etel_debug_mode) { toLog('email', 'misc', "Email sent to " . $email . ": Subject:" . $mail->Subject); } else { toLog('email', 'misc', "Email Test successful to " . $email . ": Subject:" . $mail->Subject); } } // Clear all addresses and attachments for next loop $mail->ClearAddresses(); if ($result) { if (!$return['status']) { $return = array('status' => true, 'msg' => "Mail Sent Successfully to '{$email}'"); } else { $return['msg'] .= ", {$email}"; } } } else { toLog('error', 'misc', "Email '{$email}' is unsubscribed. Subject: " . $mail->Subject); if (!$return['status']) { $return['msg'] = "'{$email}' is unsubscribed"; } } } // Clear all addresses and attachments for next loop $mail->ClearAttachments(); return $return; }
$smarty->assign("str_returnurl", $order->row['websiteTable']['cs_return_page']); $smarty->assign("str_posted_variables", $order->buildApproval()); if (strpos($order->row['websiteTable']['cs_return_page'], ".htm") != false) { $smarty->assign("form_get_post", "GET"); } else { $smarty->assign("form_get_post", "POST"); } } $smarty->assign("body", $ord); if ($_SESSION['stat'] == 2) { $smarty->assign("body", "<div align=\"center\">You Currently Have A Pending Transaction, You Must Wait For A Response From The Server</div>"); } else { if ($_SESSION['stat'] == 3) { if ($order->row['rebillingTable']['rd_ibill_landing_html']) { $landingContent = $order->row['rebillingTable']['rd_ibill_landing_html']; toLog('notify', 'customer', "Customer is shown the landing page for: " . $subAcc['rd_subName'], $companyid); $ibill_array['CUSTADDR1'] = $transInfo['address']; $ibill_array['CUSTADDR2'] = $transInfo['reference_number']; $ibill_array['CUSTADDR'] = $transInfo['address']; $ibill_array['CUSTCITY'] = $transInfo['city']; $ibill_array['CUSTCOUNTRY'] = $transInfo['country']; $ibill_array['CUSTEMAIL'] = $transInfo['email']; $ibill_array['CUSTFIRSTNAME'] = $transInfo['name']; $ibill_array['CUSTLASTNAME'] = $transInfo['surname']; $ibill_array['CUSTPHONE'] = $transInfo['phonenumber']; $ibill_array['CUSTSTATE'] = $transInfo['state']; $ibill_array['CUSTZIP'] = $transInfo['zipcode']; $ibill_array['DESC'] = $transInfo['productdescription']; $ibill_array['EMAIL'] = $transInfo['email']; $ibill_array['FIRSTNAME'] = $transInfo['name']; $ibill_array['LASTNAME'] = $transInfo['surname'];
// viewcompanyNext.php: This admin page functions for displaying the company details. $headerInclude = "startHere"; include "includes/header.php"; $resellerLogin = isset($HTTP_SESSION_VARS["sessionReseller"]) ? $HTTP_SESSION_VARS["sessionReseller"] : ""; $userId = isset($_POST['userId']) ? $_POST['userId'] : ""; if ($_POST['update']) { $request['request_cc_reseller_discount_rate'] = floatval(isset($_POST['cc_reseller_discount_rate']) ? $_POST['cc_reseller_discount_rate'] : 0); //$request['request_ch_reseller_discount_rate'] = isset($_POST['ch_reseller_discount_rate'])?$_POST['ch_reseller_discount_rate']:""; //$request['request_web_reseller_trans_fees'] = isset($_POST['web_reseller_trans_fees'])?$_POST['web_reseller_trans_fees']:""; $request['request_cc_reseller_trans_fees'] = floatval(isset($_POST['cc_reseller_trans_fees']) ? $_POST['cc_reseller_trans_fees'] : 0); //$request['request_ch_reseller_trans_fees'] = isset($_POST['ch_reseller_trans_fees'])?$_POST['ch_reseller_trans_fees']:""; $requestSer = serialize($request); $sql = "update cs_companydetails as cd set cd.cd_reseller_rates_request = '{$requestSer}' where cd.reseller_id='" . $resellerInfo['reseller_id'] . "' and cd.userId='{$userId}'"; $result = mysql_query($sql) or dieLog($sql); $msg = "Rates Requested Successfully"; toLog('resellerrequestrates', 'merchant', '', $userId); $userId = NULL; } beginTable(); ?> <script language="javascript"> function addRatesFees() { document.getElementById('cc_merchant_trans_fees').value = Math.round(100*(parseFloat(document.getElementById('cc_total_trans_fees').value)+parseFloat(document.getElementById('cc_reseller_trans_fees').value)))*.01; //document.getElementById('ch_merchant_trans_fees').value = Math.round(100*(parseFloat(document.getElementById('ch_total_trans_fees').value)+parseFloat(document.getElementById('ch_reseller_trans_fees').value)))*.01; //document.getElementById('web_merchant_trans_fees').value = Math.round(100*(parseFloat(document.getElementById('web_total_trans_fees').value)+parseFloat(document.getElementById('web_reseller_trans_fees').value)))*.01; document.getElementById('cc_merchant_discount_rate').value = Math.round(100*(parseFloat(document.getElementById('cc_total_discount_rate').value)+parseFloat(document.getElementById('cc_reseller_discount_rate').value)))*.01; //document.getElementById('ch_merchant_discount_rate').value = Math.round(100*(parseFloat(document.getElementById('ch_total_discount_rate').value)+parseFloat(document.getElementById('ch_reseller_discount_rate').value)))*.01; } </script> <table border="0" cellspacing="0" cellpadding="0">
public function startSilentTask($basename, $downloadname, $label, $name, $hash) { global $rootPath; global $cleanupAutoTasks; global $deleteAutoArchives; global $unpackToTemp; global $unpack_debug_enabled; if (rTorrentSettings::get()->isPluginRegistered('quotaspace')) { require_once dirname(__FILE__) . "/../quotaspace/rquota.php"; $qt = rQuota::load(); if (!$qt->check()) { return; } } $pathToUnrar = getExternal("unrar"); $pathToUnzip = getExternal("unzip"); $zipPresent = false; $rarPresent = false; $outPath = $this->path; if ($outPath != '' && !rTorrentSettings::get()->correctDirectory($outPath)) { $outPath = ''; } if (is_dir($basename)) { $postfix = "_dir"; if ($outPath == '') { $outPath = $basename; } $basename = addslash($basename); $filesToDelete = ""; $downloadname = addslash($downloadname); $Directory = new RecursiveDirectoryIterator($basename); $Iterator = new RecursiveIteratorIterator($Directory); $rarRegex = new RegexIterator($Iterator, '/.*\\.(rar|r\\d\\d|\\d\\d\\d)$/si'); $zipRegex = new RegexIterator($Iterator, '/.*\\.zip$/si'); if (USE_UNRAR && sizeof(iterator_to_array($rarRegex)) > 0) { $rarPresent = true; if ($deleteAutoArchives) { if ($downloadname === $basename) { if ($unpack_debug_enabled) { toLog("Unpack: No move operation enabled. Not deleting files."); } } else { if (!file_exists($downloadname)) { if ($unpack_debug_enabled) { toLog("Unpack: Move operation enabled. Not deleting files."); } } else { foreach ($rarRegex as $fileName) { $filePath = $fileName->getPathname(); if (is_link($filePath)) { if ($unpack_debug_enabled) { toLog("Unpack: SoftLink operation enabled. Deleting " . $filePath); } $filesToDelete .= $filePath . ";"; } else { $stat = LFS::stat($filePath); if ($stat) { if ($stat['nlink'] > 1) { if ($unpack_debug_enabled) { toLog("Unpack: HardLink operation enabled. Deleting " . $filePath); } $filesToDelete .= $filePath . ";"; } else { if ($unpack_debug_enabled) { toLog("Unpack: Copy operation enabled. Deleting " . $filePath); } $filesToDelete .= $filePath . ";"; } } } } } } } } if (USE_UNZIP && sizeof(iterator_to_array($zipRegex)) > 0) { $zipPresent = true; if ($deleteAutoArchives) { if ($downloadname === $basename) { if ($unpack_debug_enabled) { toLog("Unpack: No move operation enabled. Not deleting files."); } } else { if (!file_exists($downloadname)) { if ($unpack_debug_enabled) { toLog("Unpack: Move operation enabled. Not deleting files."); } } else { foreach ($zipRegex as $fileName) { $filePath = $fileName->getPathname(); if (is_link($filePath)) { if ($unpack_debug_enabled) { toLog("Unpack: SoftLink operation enabled. Deleting " . $filePath); } $filesToDelete .= $filePath . ";"; } else { $stat = LFS::stat($filePath); if ($stat) { if ($stat['nlink'] > 1) { if ($unpack_debug_enabled) { toLog("Unpack: HardLink operation enabled. Deleting " . $filePath); } $filesToDelete .= $filePath . ";"; } else { if ($unpack_debug_enabled) { toLog("Unpack: Copy operation enabled. Deleting " . $filePath); } $filesToDelete .= $filePath . ";"; } } } } } } } } $mode = $rarPresent && $zipPresent ? "all" : ($zipPresent ? "zip" : ($rarPresent ? "rar" : null)); } else { $postfix = "_file"; if (USE_UNRAR && preg_match("'.*\\.(rar|r\\d\\d|\\d\\d\\d)\$'si", $basename) == 1) { $rarPresent = true; if ($deleteAutoArchives) { if ($downloadname === $basename) { if ($unpack_debug_enabled) { toLog("Unpack: No move operation enabled. Not deleting files."); } } else { if (!file_exists($downloadname)) { if ($unpack_debug_enabled) { toLog("Unpack: Move operation enabled. Not deleting files."); } } else { if (is_link($basename)) { if ($unpack_debug_enabled) { toLog("Unpack: SoftLink operation enabled. Deleting " . $basename); } $filesToDelete .= $basename; } else { $stat = LFS::stat($basename); if ($stat) { if ($stat['nlink'] > 1) { if ($unpack_debug_enabled) { toLog("Unpack: HardLink operation enabled. Deleting " . $basename); } $filesToDelete .= $basename; } else { if ($unpack_debug_enabled) { toLog("Unpack: Copy operation enabled. Deleting " . $basename); } $filesToDelete .= $basename; } } } } } } } else { if (USE_UNZIP && preg_match("'.*\\.zip\$'si", $basename) == 1) { $zipPresent = true; if ($deleteAutoArchives) { if ($downloadname === $basename) { if ($unpack_debug_enabled) { toLog("Unpack: No move operation enabled. Not deleting files."); } } else { if (!file_exists($downloadname)) { if ($unpack_debug_enabled) { toLog("Unpack: Move operation enabled. Not deleting files."); } } else { if (is_link($basename)) { if ($unpack_debug_enabled) { toLog("Unpack: SoftLink operation enabled. Deleting " . $basename); } $filesToDelete .= $basename; } else { $stat = LFS::stat($basename); if ($stat) { if ($stat['nlink'] > 1) { if ($unpack_debug_enabled) { toLog("Unpack: HardLink operation enabled. Deleting " . $basename); } $filesToDelete .= $basename; } else { if ($unpack_debug_enabled) { toLog("Unpack: Copy operation enabled. Deleting " . $basename); } $filesToDelete .= $basename; } } } } } } } } if ($outPath == '') { $outPath = dirname($basename); } $mode = $zipPresent ? 'zip' : ($rarPresent ? 'rar' : null); } if ($mode) { $arh = $mode == "zip" ? $pathToUnzip : $pathToUnrar; $outPath = addslash($outPath); if ($this->addLabel && $label != '') { $outPath .= addslash($label); } if ($this->addName && $name != '') { $outPath .= addslash($name); } if ($unpackToTemp) { $randTempDirectory = addslash(uniqid(getTempDirectory() . "archive-")); if ($unpack_debug_enabled) { toLog("Unpack: Unpack to temp enabled. Unpacking to " . $randTempDirectory); } } else { $randTempDirectory = ""; } $commands[] = escapeshellarg($rootPath . '/plugins/unpack/un' . $mode . $postfix . '.sh') . " " . escapeshellarg($arh) . " " . escapeshellarg($basename) . " " . escapeshellarg($outPath) . " " . escapeshellarg($pathToUnzip) . " " . escapeshellarg($filesToDelete) . " " . escapeshellarg($randTempDirectory); if ($cleanupAutoTasks) { $commands[] = 'rm -r "${dir}"'; } $task = new rTask(array('arg' => call_user_func('getFileName', delslash($basename)), 'requester' => 'unpack', 'name' => 'unpack', 'hash' => $hash, 'dir' => $outPath, 'mode' => null, 'no' => null)); $ret = $task->start($commands, 0); } }
$qry_update = "UPDATE `cs_company_sites` \n\t\t\t\t\t\tSET \n\t\t\t\t\t\t\tcs_ftp_user='******', \n\t\t\t\t\t\t\tcs_ftp_pass='******', \n\t\t\t\t\t\t\tcs_ftp='{$cs_ftp}', \n\t\t\t\t\t\t\tcs_title = '{$cs_title}',\n\t\t\t\t\t\t\tcs_support_email='{$cs_support_email}', \n\t\t\t\t\t\t\tcs_support_phone='{$cs_support_phone}', \n\t\t\t\t\t\t\tcs_reason = '',\n\t\t\t\t\t\t\tcs_2257_page = '{$cs_2257_page}',\n\t\t\t\t\t\t\tcs_member_url = '{$cs_member_url}',\n\t\t\t\t\t\t\tcs_member_username = '******',\n\t\t\t\t\t\t\tcs_member_password = '******',\n\t\t\t\t\t\t\tcs_enable_passmgmt = '{$cs_enable_passmgmt}',\n\t\t\t\t\t\t\tcs_hide = '0',\n\t\t\t\t\t\t\tcs_allow_testmode = '{$cs_allow_testmode}',\n\n\t\t\t\t\t\t\tcs_member_secret = '{$cs_member_secret}',\n\t\t\t\t\t\t\tcs_member_data = '" . serialize($cs_member_data) . "',\n\t\t\t\t\t\t\tcs_member_updateurl = '{$cs_member_updateurl}',\n\n\t\t\t\t\t\t\tcs_notify_url = '{$cs_notify_url}',\n\t\t\t\t\t\t\tcs_notify_retry = '{$cs_notify_retry}',\n\t\t\t\t\t\t\tcs_notify_user = '******',\n\t\t\t\t\t\t\tcs_notify_pass = '******',\n\t\t\t\t\t\t\tcs_notify_type = '{$cs_notify_type}',\n\t\t\t\t\t\t\tcs_notify_key = '{$cs_notify_key}',\n\n\t\t\t\t\t\t\tcs_notify_event = '{$cs_notify_event}',\n\t\t\t\t\t\t\tcs_notify_eventurl = '{$cs_notify_eventurl}',\n\t\t\t\t\t\t\tcs_notify_eventuser = '******',\n\t\t\t\t\t\t\tcs_notify_eventpass = '******',\n\t\t\t\t\t\t\tcs_notify_eventdomain = '{$cs_notify_eventdomain}',\n\t\t\t\t\t\t\tcs_notify_eventlogintype = '{$cs_notify_eventlogintype}'\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tWHERE {$identity} AND `cs_ID` = '" . $deleted_cs_info['cs_ID'] . "'"; sql_query_read($qry_update) or dieLog(mysql_error() . " ~ " . $qry_update, "Failed to reenable URL for this company. Please contact support."); toLog('pendingwebsite', 'merchant', "Merchant {$siteid} reenables site {$cs_URL}", $deleted_cs_info['cs_ID']); } else { $msg = "Added Site Successfully."; $qry_update = "INSERT INTO `cs_company_sites` \n\t\t\t\t\t\tSET \n\t\t\t\t\t\t\tcs_created = NOW(),\n\t\t\t\t\t\t\tcs_en_ID = '" . $companyInfo['en_ID'] . "', \n\t\t\t\t\t\t\tcs_URL = '{$cs_URL}',\n\t\t\t\t\t\t\tcs_title = '{$cs_title}',\n\t\t\t\t\t\t\tcs_order_page = '{$cs_order_page}',\n\t\t\t\t\t\t\tcs_return_page = '{$cs_return_page}',\n\t\t\t\t\t\t\tcs_gatewayId = '" . $_SESSION["gw_id"] . "',\n\t\t\t\t\t\t\tcs_company_id = '{$siteid}',\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tcs_reference_ID = '" . strtoupper(md5($hashURL)) . "',\n\t\t\t\t\t\t\tcs_name = '{$hashURL}',\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tcs_ftp_user='******', \n\t\t\t\t\t\t\tcs_ftp_pass='******', \n\t\t\t\t\t\t\tcs_ftp='{$cs_ftp}', \n\t\t\t\t\t\t\tcs_support_email='{$cs_support_email}', \n\t\t\t\t\t\t\tcs_support_phone='{$cs_support_phone}', \n\t\t\t\t\t\t\tcs_reason = '',\n\t\t\t\t\t\t\tcs_2257_page = '{$cs_2257_page}',\n\t\t\t\t\t\t\tcs_member_url = '{$cs_member_url}',\n\t\t\t\t\t\t\tcs_member_username = '******',\n\t\t\t\t\t\t\tcs_member_password = '******',\n\t\t\t\t\t\t\tcs_enable_passmgmt = '{$cs_enable_passmgmt}',\n\t\t\t\t\t\t\tcs_allow_testmode = '{$cs_allow_testmode}',\n\n\t\t\t\t\t\t\tcs_member_secret = '{$cs_member_secret}',\n\t\t\t\t\t\t\tcs_member_data = '" . serialize($cs_member_data) . "',\n\t\t\t\t\t\t\tcs_member_updateurl = '{$cs_member_updateurl}',\n\n\t\t\t\t\t\t\tcs_notify_url = '{$cs_notify_url}',\n\t\t\t\t\t\t\tcs_notify_retry = '{$cs_notify_retry}',\n\t\t\t\t\t\t\tcs_notify_user = '******',\n\t\t\t\t\t\t\tcs_notify_pass = '******',\n\t\t\t\t\t\t\tcs_notify_type = '{$cs_notify_type}',\n\t\t\t\t\t\t\tcs_notify_key = '{$cs_notify_key}',\n\n\t\t\t\t\t\t\tcs_notify_event = '{$cs_notify_event}',\n\t\t\t\t\t\t\tcs_notify_eventurl = '{$cs_notify_eventurl}',\n\t\t\t\t\t\t\tcs_notify_eventuser = '******',\n\t\t\t\t\t\t\tcs_notify_eventpass = '******',\n\t\t\t\t\t\t\tcs_notify_eventdomain = '{$cs_notify_eventdomain}',\n\t\t\t\t\t\t\tcs_notify_eventlogintype = '{$cs_notify_eventlogintype}'\n\t\t\t\t\t\t"; sql_query_read($qry_update) or dieLog(mysql_error() . " ~ " . $qry_update, "Failed to add URL to this company. This URL may already exist for another company."); toLog('pendingwebsite', 'merchant', "Merchant {$siteid} adds site {$cs_URL}", mysql_insert_id()); } } else { if ($_POST['mode'] == 'edit') { $qry_update = "UPDATE `cs_company_sites` \n\t\t\t\t\t\tSET \n\t\t\t\t\t\t\tcs_order_page = '{$cs_order_page}',\n\t\t\t\t\t\t\tcs_title = '{$cs_title}',\n\t\t\t\t\t\t\tcs_return_page = '{$cs_return_page}',\n\t\t\t\t\t\t\tcs_ftp_user='******', \n\t\t\t\t\t\t\tcs_ftp_pass='******', \n\t\t\t\t\t\t\tcs_ftp='{$cs_ftp}', \n\t\t\t\t\t\t\tcs_support_email='{$cs_support_email}', \n\t\t\t\t\t\t\tcs_support_phone='{$cs_support_phone}', \n\t\t\t\t\t\t\tcs_reason = '',\n\t\t\t\t\t\t\tcs_2257_page = '{$cs_2257_page}',\n\t\t\t\t\t\t\tcs_member_url = '{$cs_member_url}',\n\t\t\t\t\t\t\tcs_member_username = '******',\n\t\t\t\t\t\t\tcs_member_password = '******',\n\t\t\t\t\t\t\tcs_enable_passmgmt = '{$cs_enable_passmgmt}',\n\n\t\t\t\t\t\t\tcs_member_secret = '{$cs_member_secret}',\n\t\t\t\t\t\t\tcs_member_data = '" . serialize($cs_member_data) . "',\n\t\t\t\t\t\t\tcs_member_updateurl = '{$cs_member_updateurl}',\n\n\t\t\t\t\t\t\tcs_notify_url = '{$cs_notify_url}',\n\t\t\t\t\t\t\tcs_notify_retry = '{$cs_notify_retry}',\n\t\t\t\t\t\t\tcs_notify_user = '******',\n\t\t\t\t\t\t\tcs_notify_pass = '******',\n\t\t\t\t\t\t\tcs_notify_type = '{$cs_notify_type}',\n\t\t\t\t\t\t\tcs_notify_key = '{$cs_notify_key}',\n\t\t\t\t\t\t\tcs_allow_testmode = '{$cs_allow_testmode}',\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tcs_notify_event = '{$cs_notify_event}',\n\t\t\t\t\t\t\tcs_notify_eventurl = '{$cs_notify_eventurl}',\n\t\t\t\t\t\t\tcs_notify_eventuser = '******',\n\t\t\t\t\t\t\tcs_notify_eventpass = '******',\n\t\t\t\t\t\t\tcs_notify_eventdomain = '{$cs_notify_eventdomain}',\n\t\t\t\t\t\t\tcs_notify_eventlogintype = '{$cs_notify_eventlogintype}'\n\t\t\t\t\t"; //if(strcasecmp("approved",$cs_verified) !=0 ) // $qry_update .=",cs_verified = 'pending'"; $qry_update .= "\t\t\t\t\t\t\t\n\t\t\t\t\t\tWHERE \n\t\t\t\t\t\t\t{$identity} AND `cs_ID` = '{$cs_ID}'"; toLog('pendingwebsite', 'merchant', "Merchant {$siteid} updates site {$cs_URL}", $cs_ID); sql_query_write($qry_update) or dieLog(mysql_error() . " ~ " . $qry_update, "Failed to edit URL for this company. Please contact support."); } } } $sql = "SELECT * FROM `cs_company_sites` WHERE {$identity} AND cs_hide = '0' order by cs_verified DESC"; if (!($result = sql_query_read($sql, 1))) { dieLog(mysql_errno() . ": " . mysql_error() . "<BR>"); } else { ?> <script language="javascript"> function removeQuery(name) {
function cc_AvantPay_integration($transInfo, $bankInfo, $companyInfo) { global $etel_fraud_limit; $response = ""; $response['errormsg'] = "Transaction could not be processed."; $expDate = explode("/", $transInfo['validupto']); $expYear = substr($expDate[0], -2, 2); $expMonth = $expDate[1]; $cust_cntry = urlencode(func_get_country($transInfo['country'], 'co_ISO')); $cust_state = urlencode(func_get_state($transInfo['state'], 'st_abbrev')); $cardtype = "VI"; if (strtolower($transInfo['cardtype']) == 'master') { $cardtype = 'MC'; } $cardholder = $transInfo['name'] . " " . $transInfo['surname']; $url = $companyInfo['cs_URL']; $url = str_replace(array("http://", "https://", "HTTP://", "HTTPS://"), "", $url); $output_url = "https://secure.avantpay.com/webservices/0_9/payment.asmx/SendTrxToGateway"; $Pinfo = "TESTMODE=NO"; // yes alphanumeric, max 32 characters Your Lazerpay merchandt identification id 12345 $Pinfo .= "&TXNTYPE=AUTH"; // yes alphanumeric, max 40 characters Your Lazerpay secret merchant key IMPORTANT: Keep this secret key hidden. Do not show it on your website. Make sure that it is not stated in the html code viewable to the clients. v7iTT5yq6_66eQ $Pinfo .= "&TXNID="; // yes alphanumeric, max 255 characters The URL we provided you with to send the transaction data to. https://merchants.lazerpay.com/api/processing.cfm $Pinfo .= "&MCHTTXNID=" . $transInfo['reference_number']; // yes tr_amount $Pinfo .= "&MCHTID=" . $bankInfo['bk_additional_id']; // yes tr_amount $Pinfo .= "&CCHOLDERNAME=" . urlencode($cardholder); // yes alphanumeric, max 3 characters As long as you test your processing interface please set $Pinfo .= "&CCTYPE=" . $cardtype; // yes alphanumeric, max 20 characters Type of Credit Card, Visa or MasterCard Visa $Pinfo .= "&CCNUMBER=" . $transInfo['CCnumber']; // yes numeric, max 16 digits Credit Card Number 4111111111111111 $Pinfo .= "&CCEXPMONTH=" . $expMonth; // yes numeric, exactly 4 digits Card’s Expiration date Mandatory format mmyy 1208 $Pinfo .= "&CCEXPYEAR=20" . $expYear; // yes numeric, exactly 4 digits Card’s Expiration date Mandatory format mmyy 1208 $Pinfo .= "&CVV2=" . $transInfo['cvv']; // yes numeric, max 4 digits Control Number on the reverse side of card 123 $Pinfo .= "&DESCRIPTION=" . $url . ":Description-" . urlencode($transInfo['productdescription']); // no alphanumeric, max 200 characters The name / ID of the Submerchant this transaction is being processed for. www.webmerchant.com $Pinfo .= "&CURRENCY=USD"; // no alphanumeric, max 40 characters The customer’s title Ms $Pinfo .= "&FIRSTNAME=" . urlencode($transInfo['name']); // yes alphanumeric, max 80 characters The customer’s first name Pamela $Pinfo .= "&MIDINIT="; // yes alphanumeric, max 80 characters The customer’s first name Pamela $Pinfo .= "&LASTNAME=" . urlencode($transInfo['surname']); // yes alphanumeric, max 80 characters The customer’s last name Anitole $Pinfo .= "&STREET1=" . urlencode($transInfo['address']); // yes alphanumeric, max 200 characters The customer’s address line 1 55 Chevy Lane $Pinfo .= "&STREET2=" . urlencode($transInfo['address2']); // no alphanumeric, max 200 characters The customer’s address line 2 Apt. 2020 $Pinfo .= "&CITY=" . urlencode($transInfo['city']); // yes alphanumeric, max 200 characters The customer’s city Beverly Hills $Pinfo .= "&STPROVINCE=" . $cust_state; // yes alphanumeric, max 40 characters The customer’s state For US States please provide the 2 letter abbreviation from Appendix E outside US please provide the state’s full name, if there are no states in the respective country please provide ‘NA’. This field cannot be left blank. CA $Pinfo .= "&POSTCODE=" . $transInfo['zipcode']; // yes alphanumeric, max 12 characters The customer’s zip code 99054 $Pinfo .= "&COUNTRY=" . $cust_cntry; // yes alphanumeric, exactly 2 characters The customer’s country For the USA please provide ‘US’, outside of the US please provide the 2 letter code from Appendix C US $Pinfo .= "&HOMEPHONE=" . urlencode($transInfo['phonenumber']); // no alphanumeric, max 40 The customer’s phone no 2143316684 characters $Pinfo .= "&CELLPHONE=" . $transInfo['']; // no alphanumeric, max 80 characters The customer’s cell phone no $Pinfo .= "&EMAIL=" . $transInfo['email']; // yes alphanumeric, max 80 characters The customer’s email address pammya@yahoo.com $Pinfo .= "&TOTALAMT=" . number_format($transInfo['amount'], 2, '.', ''); // yes tr_amount toLog('order', 'customer', "Pending Transaction '" . $transInfo['reference_number'] . "' Sending Request to Bank: " . $output_url . "?" . $Pinfo); $user_agent = "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"; $ch = curl_init(); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $Pinfo); curl_setopt($ch, CURLOPT_URL, $output_url); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 500); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); $result = curl_exec($ch); curl_close($ch); $process_result = trim($result); toLog('order', 'customer', "Pending Transaction '" . $transInfo['reference_number'] . "' Recieved from Bank: " . $process_result); $response['td_process_result'] = $process_result; $xml = xml2array($process_result); $status = $xml['PROCESS_RESPONSE']['PROCESS_RESULT']['TXN_STATUS']; $ProcessStatusText = $xml['PROCESS_RESPONSE']['PROCESS_RESULT']['TXN_MSG']; $ProcessOrderID = $xml['PROCESS_RESPONSE']['PROCESS_RESULT']['TXN_ID']; $response['success'] = true; $response['status'] = "D"; $response['td_process_query'] = $output_url . "?" . $Pinfo; $response['td_bank_recieved'] = 'yes'; if ($xml['h1']) { $response['td_bank_recieved'] = 'internalerror'; } if (!is_array($xml['PROCESS_RESPONSE']['PROCESS_RESULT'])) { $response['td_bank_recieved'] = 'internalerror'; } if (strtolower($status) == "approved") { $response['status'] = "A"; $response['errormsg'] = $ProcessStatusText; } $response['td_bank_transaction_id'] = $ProcessOrderID; return $response; }