if (SiteCredits_apiVerify($params, $_REQUEST['sha1'])) { $admins = dbAll('select name,email from user_accounts,users_groups ' . 'where groups_id=1 and user_accounts_id=id'); // { handle anything due today $rs = dbAll('select *,date_format(next_payment_date, "%b-%d-%Y") as npd ' . 'from sitecredits_recurring ' . 'where next_payment_date<now()'); if ($rs && count($rs)) { $email = "Dear %ADMIN%,\n your website has been charged the following " . "recurring items:\n\n"; $total = 0; for ($i = 0; $i < count($rs); ++$i) { $email .= ' ' . ($i + 1) . ': ' . $rs[$i]['npd'] . ', ' . $rs[$i]['description'] . ', ' . $rs[$i]['amt'] . ' credits, ' . 'recurring every ' . $rs[$i]['period'] . "\n"; $total += $rs[$i]['amt']; dbQuery('update sitecredits_recurring set next_payment_date=' . 'date_add(next_payment_date, interval ' . $rs[$i]['period'] . ')' . ' where id=' . $rs[$i]['id']); } $cur_total = (double) @$GLOBALS['DBVARS']['sitecredits-credits']; $cur_total -= $total; $GLOBALS['DBVARS']['sitecredits-credits'] = $cur_total; SiteCredits_recordTransaction('recurring costs (hosting, etc)', -$total); $email .= "\n\nYour new total is {$cur_total} credits."; $subject = ' credits updated'; if ($cur_total < 0) { $email .= "\n\nYOUR SITE HAS BEEN DISABLED BECAUSE YOUR CREDITS" . " ARE BELOW 0.\n\nYour credits are below 0. You must bring" . " your credits back to 0 or higher."; $subject = ' SITE DISABLED.' . $subject; } $email .= "\n\nPlease note that this is an automated email.\n\nThank you\n" . $domain . $subject; foreach ($admins as $admin) { mail($admin['email'], '[' . $domain . '] credits updated', str_replace('%ADMIN%', $admin['name'], $email), "Bcc: kae.verens@gmail.com\r\nFrom: no-reply@{$domain}\r\n" . "Reply-To: no-reply@{$domain}"); } $GLOBALS['DBVARS']['sitecredits-credits'] = $cur_total; Core_configRewrite(); } // } // { handle anything that's left
$req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&{$key}={$value}"; } if ($req == 'cmd=_notify-validate') { die('please don\'t access this file directly'); } // post back to PayPal system to validate $header = "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen('ssl://www.paypal.com', 443, $errno, $errstr, 30); if (!$fp) { // HTTP ERROR } else { fputs($fp, $header . $req); while (!feof($fp)) { $res = fgets($fp, 1024); if (strcmp($res, "VERIFIED") == 0) { $paid = $_POST['mc_gross'] - $_POST['mc_fee']; if ($paid < 0) { Core_quit(); } $GLOBALS['DBVARS']['sitecredits-credits'] = (double) $GLOBALS['DBVARS']['sitecredits-credits'] + $paid; Core_configRewrite(); SiteCredits_recordTransaction('credits purchased', $paid); } } fclose($fp); }