<?php
session_start();
if ($_POST) {
require_once 'AuthorizeNet.php';
define("AUTHORIZENET_API_LOGIN_ID", "86jrDx8naX49");
define("AUTHORIZENET_TRANSACTION_KEY", "8x88td44D8PFgeS5");
define("AUTHORIZENET_SANDBOX", true);
$sale = new AuthorizeNetAIM();
//check deal quantity availability
require_once $_SERVER['DOCUMENT_ROOT'] . "/system/includes/transaction.php";
$USERID = $_SESSION['userid'];
//check whether deal is expired or closed
is_deal_expired($_POST['couponid']);
check_max_deal_purchase($_POST['couponid'], $_POST["friendname"], $_POST["friendemail"], $_POST['qty'], $USERID);
check_deal_quantity($_POST['couponid'], $_POST["friendname"], $_POST["friendemail"], $_POST['qty']);
$USERID = $userid = $_SESSION['userid'];
if ($_POST['ref_amt2'] > 0) {
$user = "******";
$userSet = mysql_query($user);
while ($r = mysql_fetch_array($userSet)) {
$account_balance = round($r['referral_earned_amount'], 2);
}
$deductable_ref_amt = round($_POST['ref_amt2'], 2);
//referral amount validation
if ($deductable_ref_amt > $account_balance) {
$cid = $_POST['couponid'];
if ($_POST["friendname"] != '' && $_POST["friendemail"] != '') {
set_response_mes(-1, "Insufficient referral amount in your account.");
url_redirect(DOCROOT . "purchase.html?cid=" . $cid . "&type=gift");
} else {
/* An express checkout transaction starts with a token, that
identifies to PayPal your transaction
In this example, when the script sees a token, the script
knows that the buyer has already authorized payment through
paypal. If no token was found, the action is to send the buyer
to PayPal to first authorize payment
*/
//$token = $_REQUEST['token'];
if (!isset($token)) {
//check deal quantity availability
require_once DOCUMENT_ROOT . "/system/includes/transaction.php";
$getvalue = split(",", $_POST['CUSTOM']);
$L_QTY0 = $getvalue[1];
$COUPONID = $getvalue[0];
//check whether deal is expired or closed
is_deal_expired($COUPONID);
check_max_deal_purchase($COUPONID, $_POST["friendname"], $_POST["friendemail"], $L_QTY0, $_SESSION['userid']);
check_deal_quantity($COUPONID, $_POST["friendname"], $_POST["friendemail"], $L_QTY0);
$_SESSION['pay_mod_id'] = $_POST['pay_mod_id'];
if (!isset($_SESSION['pay_mod_id'])) {
if ($_POST["friendname"] != '' && $_POST["friendemail"] != '') {
url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID . "&type=gift");
} else {
url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID);
}
}
/* The servername and serverport tells PayPal where the buyer
should be directed back to after authorizing payment.
In this case, its the local webserver that is running this script
Using the servername and serverport, the return URL is the first
portion of the URL that buyers will return to after authorizing payment
