function main_make_purchase()
{
global $conn;
require_once 'cccountries.inc.php';
if (!cc_is_country_allowed()) {
die("country not allowed for credit card use");
}
$itemid = getParam('itemid');
list($chargetotal, $x_desc) = store_GetItemPriceDescByCode($itemid, 0);
// avoid reloading of this page
if (!isset($_SESSION['CCPurchaseInProcess'])) {
echo "<strong>Please do not reload this page</strong>";
return;
}
unset($_SESSION['CCPurchaseInProcess']);
//
// check if user can make transaction
//
// create & execute query
$tsql = "EXECUTE ECLIPSE_PROCESSTRANSACTION_CHECK ?, ?";
$params = array($userid, 0);
$member = db_exec($conn, $tsql, $params);
if ($member['Blocked'] > 0) {
die("fraud");
}
echo "Processing transaction.<br><br><br>";
//do not press any keys or back button to avoid double charges....
$ans = issue_transaction($chargetotal);
// check result and display errors (if any)
if (!check_transaction_answer($ans)) {
return;
}
// at this time we have successful transaction
echo "<strong>Thank you for placing your order !</strong><br><br>";
echo "Your Receipt<br>";
$userid = getParam('userid');
$bname = getParam('bname');
$baddr1 = getParam('baddr1');
$bcity = getParam('bcity');
$bzip = getParam('bzip');
$bstate = getParam('bstate');
$bcountry = getParam('bcountry');
if ($bcountry != "US") {
$bstate = "";
}
$cctype = getParam('cctype');
$cardnumber = getParam('cardnumber');
$expmonth = getParam('expmonth');
$expyear = getParam('expyear');
$ccn1 = substr($cardnumber, -4, 4);
$x_payment = "{$cctype} ending in {$ccn1}<br>Expires {$expmonth}/{$expyear}";
$x_addr = "{$bname} ({$userid})<br>{$baddr1}<br>{$bcity}<br>{$bstate} {$bzip}<br>{$bcountry}<br>";
$x_email = getParam('x_email');
echo "<br>\n\tOrder Number: {$ans->OrderId}<br>\n\tTime: {$ans->TransactionTime} <br>\n\tPayment Method: {$x_payment}<br><br>\n\tBilling Address:<br>\n\t{$x_addr}";
echo "<br>\n\tItem: {$x_desc}<br>\n\tPrice: \${$chargetotal}<br>\n\tTaxes:\t \$0.00<br>\n\tTotal: \${$chargetotal}<br>\n\t<br>";
// send confirmation email
$email = urldecode($_POST["x_email"]);
send_payment_email($email, $ans->OrderId, $ans->TransactionTime, $x_payment, $x_addr, $x_desc, $chargetotal, true);
}
<?php session_start(); require_once 'https_redir.php'; require_once 'auth_ingame.inc.php'; ingame_autologin(); require_once 'auth.php'; require_once 'cccountries.inc.php'; $Is_CC_Allowed = cc_is_country_allowed(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>War Inc. Battlezone - Store</title> <link rel="stylesheet" type="text/css" href="style.css" /> <!--[if IE]> <link href="style_ie.css" rel="stylesheet" type="text/css"> <![endif]--> <script type="text/javascript" src="js/analytics.js"></script> </head> <body> <div class="main_bg1"> <div class="main_bg"> </div> </div> <div class="root"> <!-- BEGIN BODY --> <!-- BEGIN HEADER -->
<?php
require_once 'ccshop.inc.php';
require_once 'Store.inc.php';
require_once 'cccountries.inc.php';
if (!cc_is_country_allowed()) {
die("country not allowed for credit card use");
}
$chargetotal = 1.99;
$userid = $_POST['userid'];
$itemid = $_POST['itemid'];
if (!isset($userid)) {
die("fraud1");
}
if (!isset($itemid)) {
die("fraud2");
}
list($chargetotal, $Item_Desc) = store_GetItemPriceDescByCode($itemid, 0);
//
// check if user can make transaction
//
require_once 'dbinfo.inc.php';
// create & execute query
$tsql = "EXECUTE ECLIPSE_PROCESSTRANSACTION_CHECK ?, ?";
$params = array($userid, 0);
$member = db_exec($conn, $tsql, $params);
if ($member['Blocked'] > 0) {
die("fraud");
}
$bname = $_POST['bname'];
$baddr1 = $_POST['baddr1'];
