$strRedirectURL = PAGE_HOME . $strQS;
         }
         //echo "errormsg=".$errorMSG;
         // send  back to join page with errors
         header('Location: ' . $strRedirectURL);
         die;
         //Make sure code after is not executed
     }
     break;
     //!CASE forgotpassword
 //!CASE forgotpassword
 case "forgotpassword":
     //prepared statements locked down. select ,update
     //echo "strDo= " . $strDo;
     //Get Form Post Data
     $strEmailForgotForm = funct_GetandCleanVariables($_POST["forgot_email"]);
     if ($DB_MYSQLI->connect_errno) {
         echo "Failed to connect to MySQL: (" . $DB_MYSQLI->connect_errno . ") " . $DB_MYSQLI->connect_error;
     }
     if ($stmt = $DB_MYSQLI->prepare("SELECT id FROM " . TBL_USERS . " WHERE email = ? ")) {
         $stmt->bind_param("s", $strEmailForgotForm);
         //Bind parameters s - string, b - blob, i - int, etc
         $stmt->execute();
         //Execute it
         $stmt->bind_result($intUserID);
         //bind results
         //$stmt -> fetch(); //fetch the value
         mysqli_stmt_store_result($stmt);
         $intTotalRowsFound = mysqli_stmt_num_rows($stmt);
         //echo "totalrows: $intTotalRowsFound <br>";
         if ($intTotalRowsFound < 1) {
<?php

require "inc/session.php";
$strError = funct_GetandCleanVariables($_GET["error"]);
//set error msg manually in query
$strEmail = funct_GetandCleanVariables($_GET["email"]);
//set error msg manually in query
$strPhone = funct_GetandCleanVariables($_GET["phonenumber"]);
//set error msg manually in query
$strFirst = funct_GetandCleanVariables($_GET["firstname"]);
//set error msg manually in query
$strLast = funct_GetandCleanVariables($_GET["lastname"]);
//set error msg manually in query
$strAddress = funct_GetandCleanVariables($_GET["address"]);
//set error msg manually in query
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <!-- Favicon -->
    <link rel="icon" type="image/png" href="/img/favicon.png" />
	<meta charset="UTF-8">
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
	<meta name="viewport" content="width=device-width">
   
	<?php 
if (!$intJquery) {
    $intJquery = 1;
    ?>
<script src="<?php 
    JQUERYSRC;
<?php 
/* */
$strDo = funct_GetandCleanVariables($_GET['do']);
if ($strDo == "call") {
    //test call internal url
    $strCallbackURL = "https://10.68.9.138/~easybitz/mods/processorder.php";
    //call processorder script
    $json_url = $strCallbackURL . "?secret={$strSecret}&transaction_hash={$strTransactionID}&address={$strAddress}&input_address={$strAddress}&userid={$strLabel2}&value={$intAmount}&confirms={$intConfirmations}&server=amsterdam";
    echo "<br>url: {$json_url} <br>";
    $json_data = file_get_contents($json_url);
    echo "data = {$json_data} <br>";
    $json_feed = json_decode($json_data);
    $strCallbackResponse = $json_data;
    echo "strCallbackResponse = {$strCallbackResponse} <br>";
}
$strTransaction = funct_GetandCleanVariables($_GET['txid']);
//$strTransaction = "d3de9c8d5ed75ca9d265f5b4581795d002234246f19dafe4d83b17661a4e3473";
//echo $strTransaction ;
if ($strTransaction) {
    //get transaction info as JSON object, only for local transactions
    $bitcoin = new jsonRPCClient(JSONRPC_CONNECTIONSTRING_CC);
    $trxinfo = $bitcoin->gettransaction($strTransaction);
    $new = "Transaction hash: " . $argv[1] . "\n balance: " . $trxinfo["balance"] . "\n amount: " . $trxinfo["amount"] . "\n confirmations: " . $trxinfo["confirmations"] . "\n blockhash: " . $trxinfo["blockhash"] . "\n blockindex: " . $trxinfo["blockindex"] . "\n blocktime: " . $trxinfo["blocktime"] . "\n txid: " . $trxinfo["txid"] . "\n time: " . $trxinfo["time"] . "\n timereceived: " . $trxinfo["timereceived"] . "\n account: " . $trxinfo["details"][0]["account"] . "\n address: " . $trxinfo["details"][0]["address"] . "\n category: " . $trxinfo["details"][0]["category"] . "\n amount: " . $trxinfo["details"][0]["amount"] . "\n fee: " . $trxinfo["details"][0]["fee"];
    // According to https://en.bitcoin.it/wiki/Original_Bitcoin_client/API_calls_list, fee is returned, but it doesn't seem that way here
    echo nl2br($new) . "<br><br><br>";
    //if we want the from address and more detail we can get the raw transaction, decode it, extract the values from Json and get more info
    //Enable txindex=1 in your bitcoin.conf (You'll need to rebuild the database as the transaction index is normally not maintained, start using -reindex to do so), and
    //use the getrawtransaction call to request information about any transaction
    $strRawHex = $bitcoin->getrawtransaction($strTransaction);
    $objJSON = $bitcoin->decoderawtransaction($strRawHex);
    //print_r($objJSON)."<br><br>";
<?php

require "inc/session.php";
//Define Page Values
$strThisPage = PAGE_SETTINGS;
$intUserID = funct_GetandCleanVariables(DETECT_USERID);
$strDo = funct_GetandCleanVariables($_GET['do']);
//echo "do= " .$strDo. "<br>" ;
$strError = funct_GetandCleanVariables($_GET['error']);
$strError_passwordupdate = funct_GetandCleanVariables($_GET['error_password']);
$strError_testphone = funct_GetandCleanVariables($_GET['error_testphone']);
$strError_confirmphone = funct_GetandCleanVariables($_GET['error_confirmphone']);
$strError_confirmemail = funct_GetandCleanVariables($_GET['error_confirmemail']);
if ($strDo == "welcome") {
    $strError = "Email Confirmed. Please Fill in your Address below";
}
//Check if logged in. If not then send to login page with an error.
if ($intUserID == "") {
    header('Location: ' . PAGE_ERROR . '?error=you are not logged in');
    die;
    //Make sure code after is not executed
}
if ($DB_MYSQLI->connect_errno) {
    echo "Failed to connect to MySQL: (" . $DB_MYSQLI->connect_errno . ") " . $DB_MYSQLI->connect_error;
}
$strSQL = "SELECT id,password,email,cellphone,first_name,last_name,address,address2,cityname,state,postal,country_id,country_phonecode,currency_id,currency_symbol,crypto_miner_fee,verification_level,verification_phone,verification_email FROM " . TBL_USERS . " WHERE id = ? ";
//echo "$strSQL $intUserID <br>";
if ($stmt = $DB_MYSQLI->prepare($strSQL)) {
    $stmt->bind_param("i", $intUserID);
    //Bind parameters s - string, b - blob, i - int, etc
    $stmt->execute();
// If we are on production, ensure page is ssl encrypted for entering in credit card info
// Todo: move to global include
if (SERVERTAG == "hg" || SERVERTAG == "prod") {
    if ($_SERVER["HTTPS"] != "on") {
        header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
        exit;
    }
} else {
    error_reporting(E_ERROR | E_PARSE);
    //ini_set('display_errors',2);
}
if (DETECT_USERID) {
    header("Location: " . PAGE_WALLET);
}
$strEmail = funct_GetandCleanVariables($_GET['email']);
$strError = funct_GetandCleanVariables($_GET['error']);
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <meta charset="utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title><?php 
echo WEBSITENAME;
?>
</title>

    <!-- Favicon -->
    <link rel="icon" type="image/png" href="img/favicon.png" />
      <script src="<?php 
    $strFiatCode = "usd";
}
//#### Get the qr code , label and amount from qrcode scanning app
if ($strWallet_Address_preload2) {
    $strWallet_Address_preload = $strWallet_Address_preload2;
}
//$strWallet_Address_preload = "bitcoin:1Hwau6DA1dAfjhMtakhpkf6jgVmTSfTx5a?amount=0.008003&label=Pizza and Pint";
//get preloaded values for
if (!$strWallet_Address_preload) {
    $strWallet_Address_preload = funct_GetandCleanVariables($_POST["wallet_hash_preload"]);
}
if (!$intWallet_Crypto_Amt_preload) {
    $intWallet_Crypto_Amt_preload = funct_GetandCleanVariables($_POST["wallet_crypto_amt_preload"]);
}
if (!$intWallet_Label_preload) {
    $intWallet_Label_preload = funct_GetandCleanVariables($_POST["wallet_label_preload"]);
}
//echo "address= ".$strWallet_Address_preload = $strAddress."<br>";
//echo "amount= ".$amount."<br>" ;  // value
//echo "label= ". $label."<br><br>" ; // foo bar
$BIPSFormat = strstr($strWallet_Address_preload, "bitcoin");
if ($BIPSFormat) {
    //if BIPS format passed as address then
    //hack together bips format
    $strString1 = str_replace("bitcoin:", "", $strWallet_Address_preload);
    $arr = explode("?", $strString1, 2);
    $strAddress = $arr[0];
    $strQS2 = $arr[1];
    //echo "qs= ".$strQS2."<br>";
    parse_str($strQS2);
    $strWallet_Address_preload = $strAddress;
*/
//get values from query string
$real_secret = funct_GetandCleanVariables($_GET['secret']);
//this I entered into the blockchain wallet form
$transaction_hash = funct_GetandCleanVariables($_GET['transaction_hash']);
//The transaction hash.
$input_address = funct_GetandCleanVariables($_GET['input_address']);
//The bitcoin address that received the transaction
$value_in_satoshi = funct_GetandCleanVariables($_GET['value']);
$intNewCallBackID = funct_GetandCleanVariables($_GET['callbackid']);
//callback id of script that called it.. so we can amtch the callback log to the transaction when it updates
//coincafe.co amsterdam sends confirms as well so we need to be able to handle updates
$confirmations = funct_GetandCleanVariables($_GET['confirms']);
//The bitcoin address that received the transaction
$intUserID = funct_GetandCleanVariables($_GET['userid']);
$strServer = funct_GetandCleanVariables($_GET['server']);
//if zero satoshi value then kill script
if (!$value_in_satoshi or $value_in_satoshi <= 0) {
    echo "satoshi:" . $value_in_satoshi;
    die;
}
//############ % security checks //###################################
//if coming from the loaded send from address then skip this transaction
//this is our hack to keep uses from getting free btc via blockchain.info random change address bug!
if ($input_address == BLOCKCHAIN_SENDFROMADDRESS) {
    echo "ignore";
    die;
}
//checks secret key
//echo "real_secret=$real_secret - bc secret=".BLOCKCHAIN_SECRET."<br>";
//COINCAFE_API_SECRET
//!$strDo sendcrypto
if ($strDo == "sendcrypto") {
    if (!SEND_ACTIVE) {
        die('Sending temporarily disabled.');
    }
    $Form_PageFrom = funct_GetandCleanVariables($_POST['page']);
    $intBTCamt = funct_GetandCleanVariables($_POST['send_amount_crypto']);
    $intUSDamt = funct_GetandCleanVariables($_POST['send_amount_fiat']);
    $strWalletHash = funct_GetandCleanVariables($_POST['send_address']);
    //hackable
    $strPassword = funct_GetandCleanVariables($_POST['password']);
    //hackable
    $strLabel = funct_GetandCleanVariables($_POST['label']);
    //hackable
    $strCrypto = funct_GetandCleanVariables($_POST['crypto']);
    $strFiat = funct_GetandCleanVariables($_POST['fiat']);
    /*
    //why do we allow get here??? for testing.... easier to hack get
    $strMethod = 			funct_GetandCleanVariables($_GET['get']);
    if($strMethod){
    	// /mods/sendcrypto.php?do=sendcrypto&send_amount_crypto=.01&send_address=1FTJXv8FjqyQ1HUTx7HeLxVaZTnc8E3muW&label=testing
    	$Form_PageFrom = 		funct_GetandCleanVariables($_GET['page']);
    	$intBTCamt = 			funct_GetandCleanVariables($_GET['send_amount_crypto']);
    	$intUSDamt = 			funct_GetandCleanVariables($_GET['send_amount_fiat']);
    	$strWalletHash = 		funct_GetandCleanVariables($_GET['send_address']);
    	$strPassword = 			funct_GetandCleanVariables($_GET['password']);
    	$strLabel = 			funct_GetandCleanVariables($_GET['label']);
    	$strCrypto = 			funct_GetandCleanVariables($_GET['crypto']);
    	$strFiat = 				funct_GetandCleanVariables($_GET['fiat']);
    }
    */
<?php

require "inc/session.php";
//$strErrorMSG = 			trim($_GET["msg"]); //set error msg manually in query
$strErrorMSG = funct_GetandCleanVariables($_GET["msg"]);
//set error msg manually in query
$strEmail = funct_GetandCleanVariables($_GET['email']);
$strError = funct_GetandCleanVariables($_GET['error']);
$strError_forgot = funct_GetandCleanVariables($_GET['error_forgot']);
$_SESSION['last_post'] = time();
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
//if(!$strErrorMSG){ $strErrorMSG=$strError;}
if (!$strEmail) {
    $strEmail = $_COOKIE[SESSION_EMAIL];
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>

	<meta charset="UTF-8">
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
	<meta name="viewport" content="width=device-width">

    <link rel="icon" type="image/png" href="img/favicon.png" />

    <link href="css/bootstrap.min.css" rel="stylesheet">
    <link href="css/custom.css" rel="stylesheet" />
    <link rel="stylesheet" href="css/bootstrapValidator.min.css"/>

    <?php 
</a>
        </div>

        <!-- Collect the nav links, forms, and other content for toggling -->
        <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
            <ul class="nav navbar-nav">
                <li class="active"><a href="<?php 
echo PAGE_WALLET;
?>
">Wallet</a></li>
            </ul>


            <?php 
if (DETECT_USERID) {
    $strUserIDhud = funct_GetandCleanVariables(DETECT_USERID);
    //Get User Data from DataBase
    $query = "SELECT * FROM " . TBL_USERS . " WHERE id = " . $strUserIDhud;
    //echo "SQL STMNT = " . $query .  "<br>";
    $rs = mysqli_query($DB_LINK, $query) or die(mysqli_error());
    $row = mysqli_fetch_array($rs);
    $intUserID_hud = $row["id"];
    $Password_hud = $row["password"];
    $Email_hud = $row["email"];
    $strFirstName_hud = $row["first_name"];
    $strLastName_hud = $row["last_name"];
    $strPhone_hud = $row["cellphone"];
    //$strWelcomeName = $Email_hud ;
    if ($strFirstName_hud) {
        $strWelcomeName = $strFirstName_hud;
    }
    $intType = funct_GetandCleanVariables($_GET["type"]);
    //1=songs, 2=pics, 3=ringtones, 7=albums, 9=people
    $intUserID2 = funct_GetandCleanVariables($_GET["user2"]);
    //for me.php , comments
    $sortby = funct_GetandCleanVariables($_GET["sort"]);
    $intFilter = funct_GetandCleanVariables($_GET["f"]);
    if (!$intFilter) {
        $intFilter = 0;
    }
    //show all types
    //$strSearchTXT = 		functCleanSQLText(trim($_GET["searchtxt"]));
    $intMod = funct_GetandCleanVariables($_GET["m"]);
    //is this user a moderator?
    $intRecID = funct_GetandCleanVariables($_GET["recid"]);
    //to return single cell of record just uploaded
    $intUserID_viewer = funct_GetandCleanVariables($_GET["viewer"]);
    //userid of user currently viewing the content
    if ($strDo == "iframe") {
        ?>
		<link href="css/web.css" media="screen" rel="stylesheet" type="text/css">
        <script src="js/web.js" type="text/javascript"></script>
	<?php 
    }
} else {
    //file is being included and values are preset
    //...? nothing.. values should already be set in included file
}
//security check...
$intUserID_viewer = DETECT_USERID;
//always get current user from function-cookie
if (!$intUserID_viewer) {