public function Login()
{
if (isset($_REQUEST['LoginId'])) {
$user = $this->loadModel('OpenSms_Model_User', [0 => $_REQUEST['LoginId'], 1 => $_REQUEST['Password']]);
if ($user->IsValidated) {
$_SESSION['loginId'] = $user->LoginId;
$_SESSION['role'] = $user->Role;
if (isset($_REQUEST['callback'])) {
echo $this->jsonp(array('error' => FALSE, 'message' => 'success', 'balance' => $user->Balance, 'role' => $user->Role));
exit;
}
OpenSms::redirectToAction('index', 'dashboard', 'dashboard');
} else {
$errorMsg = 'Invalid Credential';
if (isset($_REQUEST['callback'])) {
echo jsonp(array('error' => TRUE, 'message' => $errorMsg, 'balance' => 0));
exit;
}
//OpenSms::redirectToAction('index', 'dashboard', 'dashboard');
}
} else {
if (isset($_REQUEST['callback'])) {
echo $this->jsonp(array('error' => TRUE, 'message' => 'Invalid request param', 'balance' => 0));
exit;
}
//die('Invalid request param');
}
$this->data['pageTitle'] = 'Login | ' . OpenSms::getSystemSetting(OpenSms::SITE_NAME);
$this->renderTemplate();
}
/**
* jsonp 演示
*
* @return \Slim\Http\Response
*/
public function jsonpDemo()
{
$rules = ['callback' => 'required'];
validate($this->request->get(), $rules);
$return = ['username' => 'Carlos', 'age' => 24, 'location' => 'Beijing, China', 'chinese_name' => '安正超', 'github' => 'https://github.com/overtrue'];
$callback = $this->request->get('callback');
return jsonp($return, $callback);
//callbak是可选的,如果不传,默认从GET取callback
}
function UA($act, $cid)
{
global $iCMS;
$cookietime = $iCMS->config['diggtime'];
$ajax = intval($_GET['ajax']);
$cTime = time() - get_cookie($cid . '_up') > $cookietime && time() - get_cookie($cid . '_against') > $cookietime ? true : false;
if ($cTime) {
set_cookie($cid . '_' . $act, time(), $cookietime);
if ($cid && iCMS_DB::query("UPDATE `#iCMS@__comment` SET `{$act}` = {$act}+1 WHERE `id` ='{$cid}'")) {
$ajax ? jsonp("{state:'1'}", $_GET['callback']) : _Header($iCMS->config['publicURL'] . "/comment.php?indexId=" . $id);
}
} else {
$ajax ? jsonp("{state:'0',text:'" . $iCMS->language('digged') . "' }", $_GET['callback']) : alert($iCMS->language('digged'));
}
}
function UA($act, $cid)
{
global $iCMS, $_iGLOBAL;
$cookietime = $_iGLOBAL['cookie']['time'];
$ajax = intval($_GET['ajax']);
$ct = time() - get_cookie($cid . '_up') > $cookietime && time() - get_cookie($cid . '_against') > $cookietime ? true : false;
if ($ct) {
set_cookie($cid . '_' . $act, time(), $cookietime);
if ($cid && $iCMS->db->query("UPDATE `#iCMS@__comment` SET `{$act}` = {$act}+1 WHERE `id` ='{$cid}'")) {
$ajax ? jsonp("{state:'1'}", $_GET['callback']) : _Header($iCMS->dir . "comment.php?aid=" . $id);
}
} else {
$ajax ? jsonp("{state:'0',text:'" . $iCMS->language('digged') . "' }", $_GET['callback']) : alert($iCMS->language('digged'));
}
}
<?php
include '../scat.php';
include '../lib/txn.php';
$id = (int) $_REQUEST['txn'];
if (!$id) {
die_jsonp("no transaction specified.");
}
if (!txn_apply_discounts($db, $id)) {
die_jsonp("Unable to apply discounts.");
}
$txn = txn_load_full($db, $id);
echo jsonp($txn);
<?php
require '../scat.php';
$verbose = (int) $_REQUEST['verbose'];
$q = "SELECT id, name FROM brand WHERE name != '' ORDER BY name";
$r = $db->query($q) or die_query($db, $q);
$brands = array();
while ($row = $r->fetch_row()) {
if ($verbose) {
$brands[] = array('id' => $row[0], 'name' => $row[1]);
} else {
$brands[$row[0]] = $row[1];
}
}
if ($_REQUEST['id']) {
$brands['selected'] = $_REQUEST['id'];
}
echo jsonp($brands);
<?php
include '../scat.php';
include '../lib/txn.php';
$txn_id = (int) $_REQUEST['txn'];
if (!$txn_id) {
die_jsonp("no transaction specified.");
}
$txn = txn_load($db, $txn_id);
if ($txn['paid']) {
die_jsonp("This order is already paid!");
}
$tax_rate = (double) $_REQUEST['tax_rate'];
if (!strcmp($_REQUEST['tax_rate'], 'def')) {
$tax_rate = DEFAULT_TAX_RATE;
}
$q = "UPDATE txn SET tax_rate = {$tax_rate} WHERE id = {$txn_id}";
$r = $db->query($q) or die_jsonp($db->error);
$txn = txn_load($db, $txn_id);
echo jsonp(array("success" => "Updated tax rate.", "txn" => $txn));
$span = $_REQUEST['span'];
switch ($span) {
case 'all':
$format = 'All';
break;
case 'month':
$format = '%Y-%m';
break;
case 'week':
$format = '%X-W%v';
break;
case 'hour':
$format = '%w (%a) %H:00';
break;
case 'day':
default:
$format = '%Y-%m-%d %a';
break;
}
$q = "SELECT DATE_FORMAT(filled, '{$format}') AS span,\n SUM(taxed + untaxed) AS total,\n SUM(IF(tax_rate, 0, taxed + untaxed)) AS resale,\n SUM(ROUND_TO_EVEN(taxed * (tax_rate / 100), 2)) AS tax,\n SUM(ROUND_TO_EVEN(taxed * (1 + (tax_rate / 100)), 2) + untaxed)\n AS total_taxed\n FROM (SELECT \n filled,\n CAST(ROUND_TO_EVEN(\n SUM(IF(txn_line.taxfree, 1, 0) *\n IF(type = 'customer', -1, 1) * ordered *\n CASE txn_line.discount_type\n WHEN 'percentage' THEN txn_line.retail_price * ((100 - txn_line.discount) / 100)\n WHEN 'relative' THEN (txn_line.retail_price - txn_line.discount) \n WHEN 'fixed' THEN (txn_line.discount)\n ELSE txn_line.retail_price\n END),\n 2) AS DECIMAL(9,2))\n AS untaxed,\n CAST(ROUND_TO_EVEN(\n SUM(IF(txn_line.taxfree, 0, 1) *\n IF(type = 'customer', -1, 1) * ordered *\n CASE txn_line.discount_type\n WHEN 'percentage' THEN txn_line.retail_price * ((100 - txn_line.discount) / 100)\n WHEN 'relative' THEN (txn_line.retail_price - txn_line.discount) \n WHEN 'fixed' THEN (txn_line.discount)\n ELSE txn_line.retail_price\n END),\n 2) AS DECIMAL(9,2))\n AS taxed,\n tax_rate\n FROM txn\n LEFT JOIN txn_line ON (txn.id = txn_line.txn)\n JOIN item ON (txn_line.item = item.id)\n WHERE filled IS NOT NULL\n AND filled BETWEEN {$begin} AND {$end}\n AND type = 'customer'\n AND code NOT LIKE 'ZZ-gift%'\n AND ({$items})\n GROUP BY txn.id\n ) t\n GROUP BY 1 DESC";
$r = $db->query($q) or die_query($db, $q);
$sales = array();
while ($row = $r->fetch_assoc()) {
$row['total'] = (double) $row['total'];
$row['resale'] = (double) $row['resale'];
$row['tax'] = (double) $row['tax'];
$row['total_taxed'] = (double) $row['total_taxed'];
$sales[] = $row;
}
echo jsonp(array("days" => $days, "sales" => $sales));
<?php
include '../scat.php';
include '../lib/txn.php';
$txn_id = (int) $_REQUEST['txn'];
$id = (int) $_REQUEST['id'];
$admin = (int) $_REQUEST['admin'];
if (!$txn_id || !$id) {
die_jsonp("No transaction or payment specified.");
}
$txn = new Transaction($db, $txn_id);
try {
$txn->removePayment($id, $admin);
} catch (Exception $e) {
die_jsonp($e->getMessage());
}
echo jsonp(array('txn' => txn_load($db, $txn_id), 'payments' => txn_load_payments($db, $txn_id)));
include '../scat.php';
include '../lib/txn.php';
include '../lib/pole.php';
$id = (int) $_REQUEST['txn'];
if (!$id) {
die_jsonp("no transaction specified.");
}
$txn = txn_load($db, $id);
if ($txn['paid']) {
die_jsonp("This order is already paid!");
}
$line = (int) $_REQUEST['line'];
if ($line) {
$q = "UPDATE txn_line SET allocated = ordered WHERE txn = {$id} AND id = {$line}";
$r = $db->query($q) or die_jsonp($db->error);
$lines = $db->affected_rows;
} else {
$q = "UPDATE txn_line SET allocated = ordered WHERE txn = {$id}";
$r = $db->query($q) or die_jsonp($db->error);
$lines = $db->affected_rows;
if ($lines || !$txn['filled']) {
$q = "UPDATE txn SET filled = NOW() WHERE id = {$id}";
$r = $db->query($q) or die_jsonp($db->error);
}
}
$txn = txn_load($db, $id);
if ($txn['total']) {
pole_display_price('Total Due', $txn['total']);
}
echo jsonp(array("success" => "Allocated all lines.", "txn" => $txn, "lines" => $lines, "items" => txn_load_items($db, $id)));
<?php
include "app/db.php";
include "app/jsonp.php";
$action = $_GET['action'];
switch ($action) {
case "increment":
$incremented_count = $_GET['count'] + 1;
set_page_count($_GET['url'], $incremented_count);
jsonp("handleResponse", array('count' => $incremented_count, 'url' => $_GET['url']));
break;
}
public static function checkLogin($role = '')
{
if (isset($_SESSION['loginId'])) {
$user = self::loadModel('OpenSms_Model_User', array(0 => $_SESSION['loginId']));
} elseif (isset($_REQUEST['callback'])) {
$user = self::loadModel('OpenSms_Model_User', array(0 => $_REQUEST['LoginId'], 1 => $_REQUEST['Password']));
if (!$user->IsValidated) {
echo jsonp(array('error' => TRUE, 'message' => 'Invalid Credential'));
exit;
}
} else {
$token = self::loadModel('OpenSms_Model_Login');
if ($token->Validated()) {
$user = self::loadModel('OpenSms_Model_User', array(0 => $token->LoginId));
}
}
if (isset($user)) {
$_SESSION['loginId'] = $user->LoginId;
$_SESSION['role'] = $user->Role;
} else {
self::setError('Please login to continue', 'checkLogin_OpenSms');
OpenSms::redirectToAction('login', 'account', 'account');
}
if (!empty($role)) {
if ($user->Role != $role) {
self::setError('Access denied. You must be an admin to perform that operation', 'checkLogin_OpenSms');
OpenSms::redirectToAction('login', 'account', 'admin');
}
}
return $user;
}
<?php
include '../scat.php';
include '../lib/txn.php';
$id = (int) $_REQUEST['txn'];
if (!$id) {
die_jsonp("No transaction specified.");
}
$txn = new Transaction($db, $id);
if (!$txn) {
die_jsonp("No such transaction..");
}
if ($txn->hasPayments()) {
die_jsonp("Can't delete transaction with payments.");
}
if ($txn->hasItems()) {
die_jsonp("Can't delete transaction with items.");
}
$q = "DELETE FROM txn WHERE id = {$id}";
$r = $db->query($q) or die_query($db, $q);
echo jsonp(array('message' => 'Transaction deleted.'));
*/
} else {
$dbg_base64 = @$_GET['debug'];
if ($dbg_base64) {
$cmdbox = [];
$cmdbox['name'] = 'debug message';
$cmdbox['title'] = 'debug message';
$cmdbox['text'] = rawurldecode($dbg_base64);
$cmdbox['sticky'] = 'false';
$cmdbox['before_open'] = 'false';
$cmdbox['msgmod'] = 'realtime';
$cmdbox['msgform'] = 'popup';
$cmdbox['time'] = 30000;
$cmdbox['position'] = 'top-left';
$device_list = ['6a4ba641a4d241a888f84becf05703a2'];
$ok_res = [];
$error_res = [];
$cmdbox_send = rawurlencode(json_encode($cmdbox));
foreach ($device_list as $device) {
if (send_message($device, $cmdbox_send)) {
$ok_res[] = $device;
} else {
$error_res[] = $device;
}
}
die(jsonp(['ok' => $ok_res, 'error' => $error_res]));
} else {
echo print_r($_POST, true);
echo print_r($_GET, true);
}
}
<?php
$ip = "50.22.62.66";
$ip = "1.192.94.203";
$ip = "80.101.29.83";
$ip = "119.81.2.166";
include "geoip.inc.php";
$gi = geoip_open("GeoIP.dat", GEOIP_STANDARD);
$country_code = geoip_country_code_by_addr($gi, $ip);
$country_name = geoip_country_name_by_addr($gi, $ip);
geoip_close($gi);
$jsonEcho = array();
$jsonEcho["error"] = 0;
$jsonEcho["country_code"] = $country_code;
$jsonEcho["country_name"] = $country_name;
function jsonp($object, $callback = 'callback')
{
if (!empty($_GET[$callback])) {
header('Content-Type: application/x-javascript');
} else {
header('Content-Type: application/json');
}
return $_GET[$callback] . '(' . json_encode($object) . ')';
}
echo jsonp($jsonEcho);
<?php
include '../scat.php';
include '../lib/txn.php';
include '../lib/eps-express.php';
$id = (int) $_REQUEST['id'];
$amount = $_REQUEST['amount'];
$partial = (int) $_REQUEST['partial'];
if (!$id || !$amount) {
die_jsonp("Either transaction or amount was not specified.");
}
$txn = new Transaction($db, $id);
if (!$txn->canPay('credit', $amount)) {
die_jsonp("Amount is too much.");
}
$ReturnURL = ($_SERVER['HTTPS'] ? "https://" : "http://") . $_SERVER['HTTP_HOST'] . dirname($_SERVER['REQUEST_URI']) . '/cc-paid.php';
$eps = new EPS_Express();
$response = $eps->CreditCardSaleHosted($id, $amount, $partial, $ReturnURL);
$xml = new SimpleXMLElement($response);
$payment = $db->escape($xml->Response->Transaction->TransactionSetupID);
$valid = $db->escape($xml->Response->TransactionSetup->ValidationCode);
$q = "INSERT INTO hostedpayment_txn\n SET txn = {$id},\n hostedpayment = '{$payment}',\n validationcode = '{$valid}',\n created = NOW()";
$db->query($q) or die_query($db, $q);
$url = "https://certtransaction.hostedpayments.com/?TransactionSetupID=" . $xml->Response->Transaction->TransactionSetupID;
$dom = dom_import_simplexml($xml);
$dom->ownerDocument->preserveWhiteSpace = false;
$dom->ownerDocument->formatOutput = true;
echo jsonp(array('url' => $url, 'xml' => $dom->ownerDocument->saveXML()));
<?php
include '../scat.php';
include '../lib/txn.php';
$txn_id = (int) $_REQUEST['txn'];
if (!$txn_id) {
die_jsonp("No transaction specified.");
}
$txn = txn_load($db, $txn_id);
$person = (int) $_REQUEST['person'];
if (!$person) {
die_jsonp("No person specified.");
}
$q = "SELECT id FROM person WHERE id = {$person}";
$r = $db->query($q) or die_query($db, $q);
if (!$r->num_rows) {
die_jsonp("No such person.");
}
$q = "UPDATE txn SET person = {$person} WHERE id = {$txn_id}";
$r = $db->query($q) or die_query($db, $q);
$txn = txn_load($db, $txn_id);
$person = person_load($db, $person);
echo jsonp(array("success" => "Updated person.", "txn" => $txn, "person" => $person));
function update($key, $id, $eventTime, $json)
{
global $ds;
if (!$key) {
echo jsonp(json_encode(array("success" => false, "msg" => "User Key is missing")));
return;
}
if (!$id) {
echo jsonp(json_encode(array("success" => false, "msg" => "id is missing")));
return;
}
$ds->update($key, $id, $eventTime, $json);
echo jsonp(json_encode(array("success" => true)));
}
$q = "LOAD DATA LOCAL INFILE '{$fn}'\n INTO TABLE macitem\n FIELDS TERMINATED BY ','\n OPTIONALLY ENCLOSED BY '\"'\n IGNORE 1 LINES\n (item_no, @cust_sku, name, @vendor_name,\n retail_price, net_price, @net_discount,\n promo_price, @promo_discount,\n barcode, purchase_quantity)\n SET sku = item_no";
$r = $db->query($q) or die_query($db, $q);
} elseif (preg_match('/^ma-sku/i', $_FILES['src']['name'])) {
$q = "CREATE TEMPORARY TABLE macitem (\n item_no VARCHAR(32),\n sku VARCHAR(10),\n name VARCHAR(255),\n retail_price DECIMAL(9,2),\n net_price DECIMAL(9,2),\n promo_price DECIMAL(9,2),\n barcode VARCHAR(32),\n purchase_quantity INT,\n category VARCHAR(64))";
$db->query($q) or die_query($db, $q);
$q = "LOAD DATA LOCAL INFILE '{$fn}'\n INTO TABLE macitem\n FIELDS TERMINATED BY ','\n IGNORE 1 LINES\n (item_no, name, @retail_price, @l1net, net_price,\n @upp, @ppc, @weight, barcode, @wt_each,\n @length, @width, @height, purchase_quantity)\n SET retail_price = SUBSTRING(@retail_price, 2)";
$r = $db->query($q) or die_query($db, $q);
} else {
$q = "CREATE TEMPORARY TABLE macitem (\n item_no VARCHAR(32),\n sku VARCHAR(10),\n name VARCHAR(255),\n retail_price DECIMAL(9,2),\n net_price DECIMAL(9,2),\n promo_price DECIMAL(9,2),\n barcode VARCHAR(32),\n purchase_quantity INT,\n category VARCHAR(64))";
$db->query($q) or die_query($db, $q);
if (preg_match('/\\t/', $line)) {
$format = "FIELDS TERMINATED BY '\t'";
} else {
$format = "FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '\"'";
}
$q = "LOAD DATA LOCAL INFILE '{$fn}'\n INTO TABLE macitem\n {$format}\n IGNORE 1 LINES\n (item_no, sku, name, @vendor_name,\n @retail_price, @net_price, @reg_discount,\n @promo_price, @promo_discount,\n barcode, @upc2, @upc2_qty, @upc3, @upc3_qty,\n purchase_quantity, @level1, @level2, @level3, @level4, @level5)\n SET\n retail_price = REPLACE(@retail_price, '\$', ''),\n net_price = REPLACE(@net_price, '\$', ''),\n promo_price = REPLACE(@promo_price, '\$', '')";
$r = $db->query($q) or die_query($db, $q);
}
$q = "DELETE FROM vendor_item WHERE vendor = {$vendor_id}";
$r = $db->query($q) or die_query($db, $q);
$q = "INSERT INTO vendor_item\n (vendor, item, code, vendor_sku, name,\n retail_price, net_price, promo_price,\n barcode, purchase_quantity, category)\n SELECT\n {$vendor_id} AS vendor,\n 0 AS item,\n item_no AS code,\n sku AS vendor_sku,\n name,\n retail_price,\n net_price,\n promo_price,\n REPLACE(REPLACE(barcode, 'E-', ''), 'U-', '') AS barcode,\n purchase_quantity,\n category\n FROM macitem";
$r = $db->query($q) or die_query($db, $q);
$added = $db->affected_rows;
// Find by code/item_no
$q = "UPDATE vendor_item\n SET item = IFNULL((SELECT id FROM item\n WHERE vendor_item.code = item.code),\n 0)\n WHERE vendor = {$vendor_id} AND item = 0";
$r = $db->query($q) or die_query($db, $q);
// Find by barcode
$q = "UPDATE vendor_item\n SET item = (SELECT item FROM barcode\n WHERE barcode.code = barcode\n LIMIT 1)\n WHERE vendor = {$vendor_id} AND item = 0";
$r = $db->query($q) or die_query($db, $q);
echo jsonp(array("result" => "Added " . $added . " items."));
include '../lib/txn.php';
$type = $_REQUEST['type'];
if (!in_array($type, array('correction', 'vendor', 'customer', 'drawer'))) {
die_json("Requested type not understood.");
}
$type = $db->escape($type);
$q = "START TRANSACTION;";
$r = $db->query($q);
if (!$r) {
die_query($db, $q);
}
$q = "SELECT 1 + MAX(number) AS number FROM txn WHERE type = '{$type}'";
$number = $db->get_one($q);
$tax_rate = $type == 'customer' ? DEFAULT_TAX_RATE : 0;
$person = (int) $_REQUEST['person'];
if (!$person) {
$person = 'NULL';
}
$q = "INSERT INTO txn\n SET created= NOW(),\n type = '{$type}',\n number = {$number},\n person = {$person},\n tax_rate = {$tax_rate}";
$r = $db->query($q);
if (!$r) {
die_query($db, $q);
}
$txn_id = $db->insert_id;
$r = $db->commit();
if (!$r) {
die_query($db, "COMMIT");
}
$txn = txn_load($db, $txn_id);
echo jsonp(array('txn' => $txn));
public function getContacts($groupId, $offset, $limit)
{
$requestIsAutheticated = $this->requestIsAutheticated();
$this->loadModel('user');
$this->loadModel('_Group');
$this->loadModel('Contacts');
$user = new User($_REQUEST['loginId'], $_REQUEST['password']);
if (!$user->IsValidated) {
echo jsonp(array('error' => TRUE, 'message' => 'Invalid credential', 'count' => 0));
exit;
}
$group = new _Group($groupId);
if ($group->GroupExits == TRUE) {
echo jsonp(array('error' => TRUE, 'message' => 'Group Not Found', 'messages' => $bulkSMSs, 'contact' => $contacts, 'count' => $group->GetContactCount()));
exit;
}
if ($limit == 0) {
$contacts = $group->GetContacts();
} else {
$contacts = $group->GetContacts($offset, $limit);
}
echo jsonp(array('error' => FALSE, 'message' => 'Succes', 'messages' => $bulkSMSs, 'contact' => $contacts, 'count' => $group->GetContactCount()));
exit;
}
<?php
include '../scat.php';
include '../lib/txn.php';
$id = (int) $_REQUEST['id'];
$type = $_REQUEST['type'];
$number = (int) $_REQUEST['number'];
if (!$id && $type) {
$q = "SELECT id FROM txn\n WHERE type = '" . $db->real_escape_string($type) . "'\n AND number = {$number}";
$r = $db->query($q);
if (!$r->num_rows) {
die_jsonp("No such transaction.");
}
$row = $r->fetch_row();
$id = $row[0];
}
if (!$id) {
die_jsonp("No transaction specified.");
}
echo jsonp(txn_load_full($db, $id));
function handle_list_command($list_name, $cmd_name)
{
switch ($cmd_name) {
case 'list':
$res = mmc_array_values($list_name);
if (count($res) === 0) {
update_sched_tasks($list_name);
$res = mmc_array_values($list_name);
}
return jsonp($res);
case 'create':
case 'update':
$key_name = @$_POST['name'];
if ($key_name) {
return result_ok(mmc_array_set($list_name, md5($key_name), $_POST));
} else {
return '{"res": false}';
}
case 'delete':
mmc_array_del($list_name, md5($_POST['name']));
if (mmc_array_length($list_name) === 0) {
del_cached_file($list_name);
}
return result_ok(true);
case 'flush':
sched_changed();
return '{"res": false}';
case 'names':
return jsonp(mmc_array_keys($list_name));
case 'tags':
$items = mmc_array_values($list_name);
$output_tags = [];
foreach ($items as $item) {
$tags = @$item['tags'];
if ($tags) {
$tag_list = explode(' ', $tags);
foreach ($tag_list as $tag) {
$output_tags[] = $tag;
}
}
}
return jsonp($output_tags);
default:
die('{"res": false}');
}
}
function return_bind($result)
{
if (is_debug_client()) {
$result['trace'] = omp_trace(null);
}
return jsonp($result);
}
include '../lib/eps-express.php';
$id = (int) $_REQUEST['id'];
$amount = $_REQUEST['amount'];
if (!$id || !$amount) {
die_jsonp("Either transaction or amount was not specified.");
}
$person_id = (int) $_REQUEST['person'];
$person = $person_id ? person_load($db, $person_id) : false;
$account = $person['payment_account_id'];
if (!$person_id || !$person || !$account) {
die_jsonp("No person specified or no card stored for person.");
}
$eps = new EPS_Express();
$response = $eps->CreditCardSalePaymentAccount($id, $amount, $account);
$xml = new SimpleXMLElement($response);
if ($xml->Response->ExpressResponseCode != 0) {
die_jsonp((string) $xml->Response->ExpressResponseMessage);
}
$method = 'credit';
$cc = array();
$cc['cc_txn'] = $xml->Response->Transaction->TransactionID;
$cc['cc_approval'] = $xml->Response->Transaction->ApprovalNumber;
$cc['cc_type'] = $xml->Response->Card->CardLogo;
$txn = new Transaction($db, $id);
try {
$payment = $txn->addPayment($method, $amount, $cc);
} catch (Exception $e) {
die_jsonp($e->getMessage());
}
echo jsonp(array('payment' => $payment, 'txn' => txn_load($db, $id), 'payments' => txn_load_payments($db, $id)));
<?php
include '../scat.php';
$criteria = array();
$term = $_REQUEST['term'];
$terms = preg_split('/\\s+/', $term);
foreach ($terms as $term) {
$term = $db->real_escape_string($term);
$criteria[] = "(person.name LIKE '%{$term}%'\n OR person.company LIKE '%{$term}%')";
}
if (!$_REQUEST['all']) {
$criteria[] = 'active';
}
if (empty($criteria)) {
$criteria = '1=1';
} else {
$criteria = join(' AND ', $criteria);
}
$q = "SELECT id,\n CONCAT(IFNULL(name, ''),\n IF(name != '' AND company != '', ' / ', ''),\n IFNULL(company, ''))\n AS value \n FROM person\n WHERE {$criteria}\n ORDER BY value";
$r = $db->query($q) or die_query($db, $q);
$list = array();
while ($row = $r->fetch_assoc()) {
/* force numeric values to numeric type */
$list[] = $row;
}
echo jsonp($list);
<?php
include '../scat.php';
include '../lib/eps-express.php';
$person = (int) $_REQUEST['person'];
$payment_account_id = $_REQUEST['payment_account_id'];
if (!$person) {
die_jsonp("Person was not specified.");
}
$ReturnURL = ($_SERVER['HTTPS'] ? "https://" : "http://") . $_SERVER['HTTP_HOST'] . dirname($_SERVER['REQUEST_URI']) . '/cc-attach-finish.php';
$eps = new EPS_Express();
if ($payment_account_id) {
$response = $eps->PaymentAccountUpdateHosted($person, $payment_account_id, $ReturnURL);
} else {
$response = $eps->PaymentAccountCreateHosted($person, $ReturnURL);
}
$payment = $db->escape($response->Transaction->TransactionSetupID);
$valid = $db->escape($response->TransactionSetup->ValidationCode);
$q = "INSERT INTO hostedpayment_txn\n SET txn = {$person},\n hostedpayment = '{$payment}',\n validationcode = '{$valid}',\n created = NOW()";
$db->query($q) or die_query($db, $q);
$url = "https://certtransaction.hostedpayments.com/?TransactionSetupID=" . $response->Transaction->TransactionSetupID;
echo jsonp(array('url' => $url, 'response' => $response));
$discount_manual = 0;
} else {
die_jsonp("Did not understand price.");
}
$q = "UPDATE txn_line, item\n SET txn_line.retail_price = {$price},\n txn_line.discount_type = {$discount_type},\n txn_line.discount = {$discount},\n txn_line.discount_manual = {$discount_manual}\n WHERE txn = {$txn_id} AND txn_line.id = {$id} AND txn_line.item = item.id";
$r = $db->query($q) or die_query($db, $q);
}
if (!empty($_REQUEST['quantity'])) {
/* special case: #/# lets us split line with two quantities */
if (preg_match('!^(\\d+)/(\\d+)$!', $_REQUEST['quantity'], $m)) {
$quantity = (int) $m[2] * ($txn['type'] == 'customer' ? -1 : 1);
$q = "INSERT INTO txn_line (txn, item, ordered, override_name,\n retail_price, discount_type, discount,\n discount_manual, taxfree)\n SELECT txn, item, {$quantity}, override_name,\n retail_price, discount_type, discount, discount_manual, taxfree\n FROM txn_line WHERE txn = {$txn_id} AND txn_line.id = {$id}";
$r = $db->query($q) or die_query($db, $q);
$quantity = (int) $m[1];
} else {
$quantity = (int) $_REQUEST['quantity'];
}
$q = "UPDATE txn_line\n SET ordered = -1 * {$quantity}\n WHERE txn = {$txn_id} AND txn_line.id = {$id}";
$r = $db->query($q) or die_query($db, $q);
}
if (isset($_REQUEST['name'])) {
$name = $db->real_escape_string($_REQUEST['name']);
$q = "UPDATE txn_line\n SET override_name = IF('{$name}' = '', NULL, '{$name}')\n WHERE txn = {$txn_id} AND txn_line.id = {$id}";
$r = $db->query($q) or die_query($db, $q);
}
txn_apply_discounts($db, $txn_id) or die_jsonp("Failed to apply discounts.");
$db->commit() or die_query($db, "COMMIT");
$items = txn_load_items($db, $txn_id);
$txn = txn_load($db, $txn_id);
echo jsonp(array('txn' => $txn, 'items' => $items));
<?php
include '../scat.php';
include '../lib/item.php';
$id = (int) $_REQUEST['id'];
$code = $_REQUEST['code'];
if (!$id && $code) {
$code = $db->escape($code);
$q = "SELECT id FROM item WHERE code = '{$code}'";
$id = $db->get_one($q);
}
if (!$id) {
die_jsonp("No item specified.");
}
$item = item_load($db, $id);
echo jsonp(array('item' => $item));
<?php
include '../scat.php';
include '../lib/person.php';
$person_id = (int) $_REQUEST['person'];
$person = person_load($db, $person_id);
if (!$person) {
die_jsonp('No such person.');
}
echo jsonp(array('person' => $person));
