function do_donations() { $amount = mysql_real_escape_string(safe('mc_gross')); $custom = mysql_real_escape_string(safe('custom')); // or 'transaction_subject' $custom = explode('|', $custom); $email = $custom[0]; $gift_aid = $custom[1]; // was item_number but it appears in PayPal customer page $gift_aid = $gift_aid == 'TAXPAYER_YES' ? 1 : 0; //-------------------------------------------------------------- $row = mysql_fetch_assoc(mysql_query("SELECT id, email, title, forename, surname FROM " . TABLE_COMMUNITY . " WHERE email='" . $email . "'")); check_db_error(); // id exists if ($row['email']) { $pid = $row['id']; insert_amount($pid, $amount, $gift_aid); } else { $sql_cmd = "\tINSERT INTO " . TABLE_COMMUNITY . " (dt, mdt, email)\n\t\t\t\t\t\tVALUES(\n\n\t\t\t\t\t\t\tNOW(),\n\t\t\t\t\t\t\tNOW(),\n\t\t\t\t\t\t\t'" . $email . "',\n\n\t\t\t\t\t\t)"; mysql_query($sql_cmd); check_db_error(); $pid = mysql_insert_id(); insert_amount($pid, $amount, $gift_aid); } insert_value('donor', 1, $pid); //-------------------------------------------------------------- // paypal address fields if (isset($_REQUEST['address_name'])) { $fields = array('first_name', 'last_name', 'payer_email', 'address_name', 'address_street', 'address_city', 'address_state', 'address_zip', 'address_country', 'address_country_code', 'residence_country', 'address_status'); $sql_cmd = ''; $sql_top = ''; foreach ($fields as $name) { $sql_top .= $name . ','; if (isset($_REQUEST[$name])) { $sql_cmd .= '\'' . mysql_real_escape_string(safe($name)) . '\','; } else { $sql_cmd .= '\'\','; } } // remove last , $sql_cmd = substr_replace($sql_cmd, "", -1); $sql_top = substr_replace($sql_top, "", -1); $sql_cmd = "\tINSERT INTO " . TABLE_PAYPAL . "\n\n\t\t\t\t\t\t(dt, pid, " . $sql_top . ")\n\n\t\t\t\t\t\tVALUES(\n\n\t\t\t\t\t\t\tNOW(),\n\t\t\t\t\t\t\t" . $pid . ",\n\t\t\t\t\t\t\t" . $sql_cmd . "\n\t\t\t\t\t)"; /* $sql_cmd = ''; foreach ($update_these as $name) $sql_cmd .= $name . ' = \'' .$_REQUEST[$name] . '\','; // remove last , $sql_cmd = substr_replace($sql_cmd ,"",-1); $sql_cmd = (" UPDATE " . TABLE_PAYPAL . " SET mdt = NOW(), " . $sql_cmd . " WHERE id = '". $pid ."' "); */ mysql_query($sql_cmd); check_db_error($sql_cmd); } //-------------------------------------------------------------- //send emails (to donor & IBS) if ($row['title'] && $row['forename'] && $row['surname']) { $name = get_full_name($row); } else { $name = 'Subscriber'; } send_email_auto_donor($name, $amount); send_email_donor($email, $name, $amount); }
/** * Update user record * * @access public * @return void */ function update_record($fields, $row, $insert_by) { $sql_cmd = ''; foreach ($fields as $name => $options) { if ($name != 'password_confirm') { $sql_cmd .= $name . ' = \'' . $_POST[$name] . '\','; } } // remove last , $sql_cmd = substr_replace($sql_cmd, "", -1); $sql_cmd = "\tUPDATE " . TABLE_COMMUNITY . " SET\n\n\t\t\t\t\tmdt = NOW(),\n\t\t\t\t\t\n\t\t\t\t\t" . $sql_cmd . "\n\t\t\t\t\t\n\t\t\t\t\tWHERE " . $insert_by . " = '" . $_POST[$insert_by] . "'\n\n\t\t\t"; mysql_query($sql_cmd); check_db_error($sql_cmd); // must set register for newsletter subscribers (insert_by email) if ($insert_by == 'email') { insert_value('register', '1', $row['id']); } // used for cookies $_POST['id'] = $row['id']; $_POST['name'] = $row['forename']; $_POST['admin'] = $row['admin']; return 'reg_updated'; }
require_once 'views/head.php'; require_once 'views/menu_left_blank.php'; $err = ''; $done = FALSE; // needs to be a GET so this hack had to be! if (!isset($_POST['email']) && isset($_GET['email'])) { $_POST['email'] = $_GET['email']; } // check to see if the page has been submitted if (echo_value('page_flag', FALSE) == 'unsubscribe') { $email = echo_value('email', FALSE); $row = db_fetch("SELECT id FROM " . TABLE_COMMUNITY . " WHERE email='{$email}'"); if ($row['id'] == null) { $err = array('This email does not exist in our database!'); } else { insert_value('newsletter', '0', $row['id']); $r = send_newsletter_auto_email($email, true); $done = TRUE; } } ?> <div id="content"> <div id="title"> <div class="text">Unsubscribe Newsletter Service</div> </div> <?php if ($err) { ?> <div class="error_message"><?php echo implode('<br />', $err); ?>
$r = write_file($filename, $s); //-------------------------------------------------------------- $r = send_newsletter_email($email); $r = send_newsletter_auto_email($email); //-------------------------------------------------------------- // add to DB $row = mysql_fetch_assoc(mysql_query("SELECT id, email, title, forename, surname FROM " . TABLE_COMMUNITY . " WHERE email='" . $email . "'")); check_db_error(); // id exists if ($row['email']) { $pid = $row['id']; } else { $sql_cmd = "\tINSERT INTO " . TABLE_COMMUNITY . " (dt, mdt, email)\n\t\t\t\t\tVALUES(\n\n\t\t\t\t\t\tNOW(),\n\t\t\t\t\t\tNOW(),\n\t\t\t\t\t\t'" . $email . "'\n\n\t\t\t\t\t)"; mysql_query($sql_cmd); check_db_error(); $pid = mysql_insert_id(); } insert_value('newsletter', '1', $pid); //-------------------------------------------------------------- // check for Facebook // // if fromFacebook is set then we must redirect to // another Newsletter Thank You page // otherwise it's an AJAX call expecting an exit($r) // if (isset($_REQUEST['fromFacebook'])) { header('Location: http://ibsproject.org/facebook/newsletter_thankyou.php'); } else { exit($r); } //--------------------------------------------------------------