if ($response['PAYMENTINFO_0_PAYMENTSTATUS'] == "Completed" && $response['ACK'] == "Success" && $response['PAYMENTINFO_0_ACK'] == "Success") {
//did pay
$userid = intval($_SESSION['userid']);
if (isset($_SESSION['shopping-cart'])) {
$token = base64_encode(DbManager::i()->escapeString($_GET['token']));
$payerid = base64_encode(DbManager::i()->escapeString($_GET['PayerID']));
$cart = DbManager::i()->escapeString($_SESSION['shopping-cart']);
$amount = floatval($response['PAYMENTINFO_0_AMT']);
DbManager::i()->insert("sf_purchases", array("token", "payerid", "type", "userid", "cart", "date", "ip", "amount", "pending"), array(base64_encode($response['PAYMENTINFO_0_TRANSACTIONID']), $payerid, base64_encode("PayPal"), $userid, $cart, time(), base64_encode($_SERVER['REMOTE_ADDR']), $amount, 0));
$_SESSION['shopping-cart'] = base64_encode("{}");
DbManager::i()->update("sf_carts", array("cart" => $_SESSION['shopping-cart']), array("userid" => $userid));
$find = DbManager::i()->select("sf_members", array("email", "key", "iv"), array("userid" => $_SESSION['userid']));
if ($find !== false && !is_array($find)) {
$recipient = Crypto::DecryptString(base64_decode(base64_decode($find->key)), base64_decode(base64_decode($find->iv)), base64_decode(base64_decode($find->email)));
$subject = Settings::i()->title . ' Payment received';
$message = generateMessage($first_name, (array) json_decode(base64_decode($cart)), $response['PAYMENTINFO_0_TRANSACTIONID']);
$header = 'From: shopfix@' . $_SERVER['SERVER_NAME'] . "\r\n" . 'Reply-To: shopfix@' . $_SERVER['SERVER_NAME'] . "\r\n" . 'X-Mailer: PHP/' . phpversion();
mail($recipient, $subject, $message, $header);
Logger::i()->writeLog("PayPal Transaction registered: " . $response['PAYMENTINFO_0_TRANSACTIONID']);
}
header("Location: index.php");
die;
} else {
header("Location: index.php");
}
} else {
header("Location: index.php");
die;
}
} else {
Logger::i()->writeLog("Could not do express checkout, error = " . $paypal->error, 'dev');
$mailer->FromName = "Queens College Incubator";
$mailer->addAddress($to);
$mailer->Subject = $subject;
$mailer->Body = $message;
$mailer->AddAttachment($_FILES["unofficialTranscript"]["tmp_name"], $_FILES["unofficialTranscript"]["name"]);
$mailer->AddAttachment($_FILES["resume"]["tmp_name"], $_FILES["resume"]["name"]);
$mailer->send();
}
# to and from fields for the email
$to = "*****@*****.**";
$from = "*****@*****.**";
# fields on the form
$fields = array("applicant" => "Name of Applicant:", "phone" => "Phone:", "email" => "Email:", "lb1" => "linebreak", "degree" => "Degree in progress?:", "gradyear" => "Graduation Year:", "gradseason" => "Graduation Season:", "citizenship" => "Citizenship:", "credstograd" => "Credits to Graduate:", "lb2" => "linebreak", "programmingExperience" => "Programming Experience:", "personalstatement" => "Personal Statement:", "lb5" => "linebreak");
# get message and error values
$errorValues = array();
$message = generateMessage($fields, $errorValues);
$query = "INSERT INTO `student`(`Name`, `Email`, `Phone`, `Degree`, `Graduation`, `Year`, `Status`, `Credits_Needed`, `experience`, `personal`) VALUES ('%NAME%','%EMAIL%','%PHONE%','%DEGREE%','%GRAD%','%YEAR%','%STATUS%','%CREDITS%','%EXP%','%PERSONAL%')";
# if no fields are empty, send the email.
# echo result to AJAX script
if (count($errorValues) == 0) {
$query = str_replace("%NAME%", get('applicant'), $query);
$query = str_replace("%EMAIL%", get('email'), $query);
$query = str_replace("%PHONE%", get('phone'), $query);
$query = str_replace("%DEGREE%", get('degree'), $query);
$query = str_replace("%GRAD%", get('gradseason'), $query);
$query = str_replace("%YEAR%", get('gradyear'), $query);
$query = str_replace("%STATUS%", get('citizenship'), $query);
$query = str_replace("%CREDITS%", get('credstograd'), $query);
$query = str_replace("%EXP%", get('programmingExperience'), $query);
$query = str_replace("%PERSONAL%", get('personalstatement'), $query);
if ($db->query($query) === TRUE) {
if (!$config->isAttachmentAllowed($board, $m, $a)) {
continue;
}
$message->addAttachment($a);
$session->addAttachment($a);
}
}
return $message;
}
$preview = null;
if (isset($_REQUEST["preview"])) {
$preview = generateMessage($config, $session, $board, $reference);
}
if (isset($_REQUEST["post"])) {
// TODO Sperre gegen F5
$message = generateMessage($config, $session, $board, $reference);
$connection->open($session->getAuth());
$resp = $connection->postMessage($message);
$group = $connection->getGroup();
$thread = $group->getThread($message->getMessageID());
$connection->close();
if ($resp === "m") {
$template->viewpostmoderated($board, $thread, $message);
} else {
$template->viewpostsuccess($board, $thread, $message);
}
// Alte Attachments loeschen - werden ja nur fuers Preview gespeichert
$session->clearAttachments();
}
$template->viewpostform($board, $referencemessages, $reference, $quote, $preview, $session->getAttachments());
} catch (Exception $e) {
if (isset($_GET['ok']) && $_GET['url'] != '') {
// The URL was not empty
// The user has validated his message ($_GET['ok'] had a value).
if ($_GET['pass'] == PASSWORD && in_array($_GET['from'], $ML_memberList)) {
// Password was correct.
// User provided a valid e-mail adress from the members list.
######################
## Sending the mail ##
######################
// To
$to = isset($_GET['test']) ? $_GET['from'] : ML_ADRESS;
// Test mode allows mails to be sent only to the user itself (for testing purposes)
// Subject
$subject = stripslashes($_GET['title']);
// Message body
$message = generateMessage($_GET['comment'], $_GET['url'], $subject);
// From
$from = array_search($_GET['from'], $ML_memberList) . ' <' . $_GET['from'] . '>';
// Nom <e-mail>
// HTTP Headers
if (ADD_HEADERS_ENABLED === True) {
// If Winnie is configured to add some.
$headers = 'From: ' . $from . "\r\n";
$headers .= 'Reply-To: ' . $to . "\r\n";
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
$headers .= 'X-Mailer: Winnie, PHP/' . phpversion();
} else {
// Otherwise they are left essentially empty.
$headers = 'From: ' . $from;
}
