$mb_currency = $_POST['currency'];
$status = $_POST['status'];
$md5sig = $_POST['md5sig'];
$status = $_POST['Status'];
$working_sig = strtoupper(md5($merchant_id . $transaction_id . $secret . $mb_amount . $mb_currency . $status));
$sql = "SELECT * FROM orders where order_id='" . $_POST['transaction_id'] . "'";
$result = mysql_query($sql) or die(mysql_error() . $sql);
$order_row = mysql_fetch_array($result);
if ($working_sig == $md5sig) {
switch ($status) {
case "-2":
// failed
break;
case "2":
// processed
debit_transaction($transaction_id, $mb_amount, MONEYBOOKERS_CURRENCY, "mb" . $transaction_id, $reason_code, 'moneybookers');
complete_order($order_row['user_id'], $_POST['transaction_id']);
break;
case "1":
// scheduled (wait for 2 or -2)
break;
case "0":
// pending
break;
case "-1":
// cancelled
break;
}
} else {
echo "Invalid signiture";
}
function process_payment_return()
{
global $label;
if ($_POST['Merchant_Id'] != '') {
$sql = "SELECT * FROM orders where order_id='" . $_POST['Order_Id'] . "'";
$result = mysql_query($sql) or die(mysql_error() . $sql);
$order_row = mysql_fetch_array($result);
//$WorkingKey = "" ; //put in the 32 bit working key in the quotes provided here
$Checksum = cc_verifychecksum($_POST['Merchant_Id'], $_POST['Order_Id'], $_POST['Amount'], $_POST['AuthDesc'], $_POST['Checksum'], CCAVENUE_WORKING_KEY);
if ($Checksum == "true" && $_POST['AuthDesc'] == "Y") {
debit_transaction($_POST['Order_Id'], $_POST['Amount'], CCAVENUE_CURRENCY, "ccAve" . $_POST['Order_Id'], $reason_code, 'CCAvenue');
complete_order($order_row['user_id'], $_POST['Order_Id']);
?>
<center>
<?php
echo $label['payment_ccave_note_y'];
?>
?>
</center>
<h3><?php
echo $label['payment_ccave_go_back'];
?>
</h3>
<?php
echo "<br>Thank you for shopping with us. Your credit card has been charged and your transaction is successful. You can continue and upload your pixels.";
//Here you need to put in the routines for a successful
//transaction such as sending an email to customer,
//setting database status, informing logistics etc etc
} else {
if ($Checksum == "true" && $_POST['AuthDesc'] == "B") {
pend_order($order_row['user_id'], $_POST['Order_Id']);
?>
<center>
<?php
echo $label['payment_ccave_note_b'];
?>
?>
</center>
?>
<br>
<?php
//Here you need to put in the routines/e-mail for a "Batch Processing" order
//This is only if payment for this transaction has been made by an American Express Card
//since American Express authorisation status is available only after 5-6 hours by mail from ccavenue and at the "View Pending Orders"
} else {
if ($Checksum == "true" && $_POST['AuthDesc'] == "N") {
echo "<br>Thank you for shopping with us. However, the transaction has been declined.";
//Here you need to put in the routines for a failed
//transaction such as sending an email to customer
//setting database status etc etc
?>
<h3><?php
echo $label['payment_ccave_go_back'];
?>
</h3>
<?php
} else {
echo "<br>Security Error. Illegal access detected";
//Here you need to simply ignore this and dont need
//to perform any operation in this condition
}
}
}
}
}
foreach ($_REQUEST[orders] as $oid) {
$sql = "SELECT * from orders where order_id=" . $oid;
$result = mysql_query($sql) or die(mysql_error());
$order_row = mysql_fetch_array($result);
if ($order_row['status'] != 'completed') {
complete_order($order_row['user_id'], $oid);
debit_transaction($order_row['user_id'], $order_row[price], $order_row[currency], $order_row[order_id], $reason_code, 'Admin');
}
}
}
if ($_REQUEST['action'] == 'complete') {
$sql = "SELECT * from orders where order_id=" . $_REQUEST[order_id];
$result = mysql_query($sql) or die(mysql_error());
$order_row = mysql_fetch_array($result);
complete_order($_REQUEST['user_id'], $_REQUEST[order_id]);
debit_transaction($_REQUEST[order_id], $order_row[price], $order_row[currency], $order_row[order_id], $reason_code, 'Admin');
echo "Order completed.";
}
if ($_REQUEST['action'] == 'cancel') {
/*
$sql = "UPDATE orders set status='cancelled' WHERE order_id=".$_REQUEST[order_id];
mysql_query ($sql) or die (mysql_error());
*/
cancel_order($_REQUEST[order_id]);
echo "Order cancelled.";
}
if ($_REQUEST['mass_cancel'] != '') {
echo "cancelling...";
foreach ($_REQUEST[orders] as $oid) {
//echo "$order_id ";
cancel_order($oid);
}
if ($txn_type == 'web_accept' || $txn_type == '') {
// transaction came from a button or straight from paypal
switch ($payment_status) {
case "Canceled_Reversal":
complete_order($row['user_id'], $invoice_id);
debit_transaction($invoice_id, $mc_gross, $mc_currency, $txn_id, $reason_code, 'PayPal');
break;
case "Completed":
// Funds successfully transferred
// complete_order ($user_id, $order_id);
$sql = "select user_id FROM orders where order_id='" . $invoice_id . "'";
$result = mysql_query($sql) or pp_mail_error(mysql_error() . $sql);
$row = mysql_fetch_array($result);
complete_order($row['user_id'], $invoice_id);
debit_transaction($invoice_id, $mc_gross, $mc_currency, $txn_id, $reason_code, 'PayPal');
break;
case "Denied":
// denied by merchant
break;
case "Failed":
// only happens when payment is from customers' bank account
//insert_transaction ($employer_id, $payment_status, $pending_reason, $reason_code, $payment_date, $txn_id, $parent_txn_id, $txn_type, $payment_type, $mc_gross, $mc_currency, $item_name, $item_number, $invoice_id);
break;
case "Pending":
$sql = "select user_id FROM orders where order_id='" . $invoice_id . "'";
$result = mysql_query($sql) or pp_mail_error(mysql_error() . $sql);
$row = mysql_fetch_array($result);
pend_order($row['user_id'], $invoice_id);
// pending_reason : 'address', 'echeck', 'intl', 'multi_currency', 'unilateral', 'upgrade', 'verify', 'other'
break;
if (IPN_LOGGING == 'Y') {
$entry_line = "{$entry_line}\r\n ";
$log_fp = @fopen("logs.txt", "a");
@fputs($log_fp, $entry_line);
@fclose($log_fp);
}
}
if ($_POST['PAYMENT_ID'] != '') {
$alt_hash = strtoupper(md5(EGOLD_ALTERNATE_PASSPHRASE));
$hash = strtoupper(md5($_POST['PAYMENT_ID'] . ":" . $_POST['PAYEE_ACCOUNT'] . ":" . $_POST['PAYMENT_AMOUNT'] . ":" . $_POST['PAYMENT_UNITS'] . ":" . $_POST['PAYMENT_METAL_ID'] . ":" . $_POST['PAYMENT_BATCH_NUM'] . ":" . $_POST['PAYER_ACCOUNT'] . ":" . $alt_hash . ":" . $_POST['ACTUAL_PAYMENT_OUNCES'] . ":" . $_POST['USD_PER_OUNCE'] . ":" . $_POST['FEEWEIGHT'] . ":" . $_POST['TIMESTAMPGMT']));
$sql = "SELECT * FROM orders where order_id='" . $_POST['PAYMENT_ID'] . "'";
$result = mysql_query($sql) or die(mysql_error() . $sql);
$order_row = mysql_fetch_array($result);
if ($hash == $_POST['HANDSHAKE_HASH']) {
$egold = new egold();
debit_transaction($_POST['PAYMENT_ID'], $_POST['PAYMENT_AMOUNT'], $egold->get_currency(), "eg" . $_POST['PAYMENT_ID'], $reason_code, 'egold');
complete_order($_POST['CUST_NUM'], $_POST['ORDER_NUM']);
} else {
echo "Invalid signiture";
}
}
###########################################################################
# Payment Object
class egold
{
var $name = "E-Gold";
var $description = 'E-Gold';
var $className = "egold";
function egold()
{
global $label;
function process_payment_return()
{
global $label;
if ($_POST['x_response_code'] != '') {
//$_POST['x_md5_hash'];
$working_sig = strtoupper(md5($merchant_id . $transaction_id . $secret . $mb_amount . $mb_currency . $status));
$sql = "SELECT * FROM orders where order_id='" . $_POST['x_invoice_num'] . "'";
$result = mysql_query($sql) or die(mysql_error() . $sql);
$order_row = mysql_fetch_array($result);
$myhash = strtoupper(md5(AUTHNET_X_TRAN_KEY . AUTHNET_LOGIN_ID . $_POST['x_trans_id'] . $_POST['x_amount']));
if ($_POST['x_md5_hash'] == $myhash) {
switch ($_POST['x_response_code']) {
case "1":
// approved
debit_transaction($_POST['x_invoice_num'], $_POST['x_amount'], AUTHNET_CURRENCY, $_POST['x_trans_id'], $_POST['x_response_reason_text'], 'authorize.net');
complete_order($order_row['user_id'], $_POST['x_invoice_num']);
break;
case "2":
// declined
break;
case "3":
// Error
break;
}
} else {
authnet_log_entry("Authorize.net: Invalid signiture");
}
}
}
if (strcmp($res, "DECLINED") == 0) {
log_entry($entry_line);
// log for manual investigation
$VERIFIED = false;
$payment_status = 'Denied';
}
}
}
fclose($fp);
// if VERIFIED=1 process payment
if ($VERIFIED) {
switch ($payment_status) {
case "Completed":
// Funds successfully transferred
complete_order($user_id, $order_id);
debit_transaction($order_id, $amount, 'GBP', $txn_id, $reason, 'NOCHEX');
break;
default:
break;
}
}
}
}
###########################################################################
# Payment Object
class NOCHEX
{
var $name = "NOCHEX";
var $description = "NOCHEX - Credit Card Payments. Accepts British Pounds.";
var $className = "NOCHEX";
function NOCHEX()
function process_payment_return()
{
global $label;
if ($_REQUEST['key'] != '') {
$order_number = $_REQUEST['order_number'];
//$order_number = _2CO_SID."-".$order_number;
if (_2CO_DEMO == 'Y') {
$order_number = 1;
}
$card_holder_name = $_REQUEST['card_holder_name'];
$street_address = $_REQUEST['street_address'];
$city = $_REQUEST['city'];
$state = $_REQUEST['state'];
$zip = $_REQUEST['zip'];
$country = $_REQUEST['country'];
$email = $_REQUEST['email'];
$phone = $_REQUEST['phone'];
$credit_card_processed = $_REQUEST['credit_card_processed'];
// Y = successfull. K = pending
$total = $_REQUEST['total'];
$product_id = $_REQUEST['product_id'];
// c2o product id
$quantity = $_REQUEST['quantity'];
// quantity
$merchant_product_id = $_REQUEST['merchant_product_id'];
//
$cart_order_id = $_REQUEST['cart_order_id'];
$product_description = $_REQUEST['product_description'];
$x_MD5_Hash = strtolower($_REQUEST['key']);
// md5 (secret word + vendor number + order number + total)
//.Demo mode:The order number used to create the Hash is forced to equal 1. This designates that the order is a demo order.
//$x_MD5_Hash = $_REQUEST['x_MD5_Hash']; // md5 (secret word + vendor number + order number + total)
//.Demo mode:The order number used to create the Hash is forced to equal 1. This designates that the order is a demo order.
//include ("header.php");
//print_r ($_REQUEST);
foreach ($_REQUEST as $key => $val) {
$req .= "&" . $key . "=" . $val;
}
_2co_log_entry($req);
// process order
$_2CO = new _2CO();
// load in the constants..
// get customer's order
$sql = "SELECT * FROM orders where order_id='" . $cart_order_id . "'";
$result = mysql_query($sql) or die(mysql_error() . $sql);
$order_row = mysql_fetch_array($result);
// md5 (secret word + vendor number + order number + total)
$md5_str = _2CO_SECRET_WORD . _2CO_SID . $order_number . format_number($order_row['price']);
$hash = md5($md5_str);
if (strcmp($hash, $x_MD5_Hash) == 0) {
if ($credit_card_processed == 'Y') {
# Credit card processed OK
complete_order($order_row['user_id'], $cart_order_id);
debit_transaction($cart_order_id, $total, 'USD', $order_number, $reason, '_2CO');
?>
<center>
<img src="<?php
echo SITE_LOGO_URL;
?>
">
<h3>Thank you. Your order was sucessfully completed. You may <a href="<?php
echo BASE_HTTP_PATH;
?>
users/publish.php">manage your pixels</a> now.</h3>
</center>
<?php
} elseif ($credit_card_processed == 'K') {
# credit card pending
pend_order($order_row['user_id'], $cart_order_id);
?>
<center>
<img src="<?php
echo SITE_LOGO_URL;
?>
">
<h3>Thank you. Your order is pending while the funds are cleared by 2Checkout. Go to the <a href="<?php
echo BASE_HTTP_PATH;
?>
users/index.php">Main Menu.</a></h3>
</center>
<?php
}
} else {
echo "Invalid.";
echo "Invalid. Was this a demo transaction?" . "Has does not match...: [{$hash}] != [{$x_MD5_Hash}] (original string: " . $md5_str . ") ";
_2co_mail_error("Has does not match...: [{$hash}] != [{$x_MD5_Hash}] (original string: " . $md5_str . ") ");
}
}
}
