// | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +--------------------------------------------------------------------------+ /** * @package paypal */ /** * Required geeklog */ require_once '../lib-common.php'; // Check for required permissions paypal_access_check('paypal.user'); $vars = array('msg' => 'text', 'mode' => 'alpha', 'uid' => 'number', 'name' => 'text', 'street1' => 'text', 'street2' => 'text', 'postal' => 'alpha', 'city' => 'text', 'country' => 'text', 'phone1' => 'alpha', 'phone2' => 'alpha', 'fax' => 'alpha', 'contact' => 'text', 'proid' => 'alpha', 'pay_by' => 'alpha', 'shipping' => 'text'); paypal_filterVars($vars, $_REQUEST); //Main $display = ''; $display .= paypal_user_menu(); if (!empty($_REQUEST['msg'])) { $display .= PAYPAL_message($_REQUEST['msg']); } switch ($_REQUEST['mode']) { case 'edit': // Get the details to edit and display the form if (isset($_USER['uid']) && $_USER['uid'] > 1) { $sql = "SELECT * FROM {$_TABLES['paypal_users']} WHERE user_id = {$_USER['uid']}"; //only admin can edit details of a user if (SEC_hasRights('paypal.admin')) { $sql = "SELECT * FROM {$_TABLES['paypal_users']} WHERE user_id = {$_REQUEST['uid']}"; }
// | but WITHOUT ANY WARRANTY; without even the implied warranty of | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | // | GNU General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +--------------------------------------------------------------------------+ /** * require core geeklog code */ require_once '../lib-common.php'; // Incoming variable filter $vars = array('item_number' => 'number', 'amount' => 'text', 'shipping' => 'number'); paypal_filterVars($vars, $_POST); /* Ensure sufficient privs to read this page */ paypal_access_check('paypal.user'); $valid_process = true; $item_id = $_POST['item_number']; $item_price = $_POST['amount']; $paypalURL = 'https://' . $_PAY_CONF['paypalURL'] . '/cgi-bin/webscr?cmd=_xclick'; /* MAIN */ $display .= PAYPAL_siteHeader(); $display .= paypal_user_menu(); session_start(); $_SESSION["user_id"] = $_USER['uid']; $_SESSION["item_id"] = $_POST['item_number']; $A = DB_fetchArray(DB_query("SELECT * FROM {$_TABLES['paypal_products']} WHERE id = '{$item_id}' LIMIT 1")); if ($A['type'] == 'recurrent') { require_once $_CONF['path'] . 'plugins/paypal/proversion/paypalfunctions.php';