function main_make_purchase() { global $conn; require_once 'cccountries.inc.php'; if (!cc_is_country_allowed()) { die("country not allowed for credit card use"); } $itemid = getParam('itemid'); list($chargetotal, $x_desc) = store_GetItemPriceDescByCode($itemid, 0); // avoid reloading of this page if (!isset($_SESSION['CCPurchaseInProcess'])) { echo "<strong>Please do not reload this page</strong>"; return; } unset($_SESSION['CCPurchaseInProcess']); // // check if user can make transaction // // create & execute query $tsql = "EXECUTE ECLIPSE_PROCESSTRANSACTION_CHECK ?, ?"; $params = array($userid, 0); $member = db_exec($conn, $tsql, $params); if ($member['Blocked'] > 0) { die("fraud"); } echo "Processing transaction.<br><br><br>"; //do not press any keys or back button to avoid double charges.... $ans = issue_transaction($chargetotal); // check result and display errors (if any) if (!check_transaction_answer($ans)) { return; } // at this time we have successful transaction echo "<strong>Thank you for placing your order !</strong><br><br>"; echo "Your Receipt<br>"; $userid = getParam('userid'); $bname = getParam('bname'); $baddr1 = getParam('baddr1'); $bcity = getParam('bcity'); $bzip = getParam('bzip'); $bstate = getParam('bstate'); $bcountry = getParam('bcountry'); if ($bcountry != "US") { $bstate = ""; } $cctype = getParam('cctype'); $cardnumber = getParam('cardnumber'); $expmonth = getParam('expmonth'); $expyear = getParam('expyear'); $ccn1 = substr($cardnumber, -4, 4); $x_payment = "{$cctype} ending in {$ccn1}<br>Expires {$expmonth}/{$expyear}"; $x_addr = "{$bname} ({$userid})<br>{$baddr1}<br>{$bcity}<br>{$bstate} {$bzip}<br>{$bcountry}<br>"; $x_email = getParam('x_email'); echo "<br>\n\tOrder Number: {$ans->OrderId}<br>\n\tTime: {$ans->TransactionTime} <br>\n\tPayment Method: {$x_payment}<br><br>\n\tBilling Address:<br>\n\t{$x_addr}"; echo "<br>\n\tItem: {$x_desc}<br>\n\tPrice: \${$chargetotal}<br>\n\tTaxes:\t \$0.00<br>\n\tTotal: \${$chargetotal}<br>\n\t<br>"; // send confirmation email $email = urldecode($_POST["x_email"]); send_payment_email($email, $ans->OrderId, $ans->TransactionTime, $x_payment, $x_addr, $x_desc, $chargetotal, true); }
<?php session_start(); require_once 'https_redir.php'; require_once 'auth_ingame.inc.php'; ingame_autologin(); require_once 'auth.php'; require_once 'cccountries.inc.php'; $Is_CC_Allowed = cc_is_country_allowed(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>War Inc. Battlezone - Store</title> <link rel="stylesheet" type="text/css" href="style.css" /> <!--[if IE]> <link href="style_ie.css" rel="stylesheet" type="text/css"> <![endif]--> <script type="text/javascript" src="js/analytics.js"></script> </head> <body> <div class="main_bg1"> <div class="main_bg"> </div> </div> <div class="root"> <!-- BEGIN BODY --> <!-- BEGIN HEADER -->
<?php require_once 'ccshop.inc.php'; require_once 'Store.inc.php'; require_once 'cccountries.inc.php'; if (!cc_is_country_allowed()) { die("country not allowed for credit card use"); } $chargetotal = 1.99; $userid = $_POST['userid']; $itemid = $_POST['itemid']; if (!isset($userid)) { die("fraud1"); } if (!isset($itemid)) { die("fraud2"); } list($chargetotal, $Item_Desc) = store_GetItemPriceDescByCode($itemid, 0); // // check if user can make transaction // require_once 'dbinfo.inc.php'; // create & execute query $tsql = "EXECUTE ECLIPSE_PROCESSTRANSACTION_CHECK ?, ?"; $params = array($userid, 0); $member = db_exec($conn, $tsql, $params); if ($member['Blocked'] > 0) { die("fraud"); } $bname = $_POST['bname']; $baddr1 = $_POST['baddr1'];