$table_card = new Table("cc_card", "username,useralias,UNIX_TIMESTAMP(creationdate) creationdate,vat,firstname,lastname");
$card_clause = "id = {$id}";
$result = $table_card->Get_list($DBHandle, $card_clause);
if (!is_array($result)) {
write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "-PAYPAL Reccurring Payment Failed : card id( {$id} ) not found");
die;
}
$card = $result[0];
$username = $result[0]['username'];
$creationdate = $result[0]['creationdate'];
$useralias = $result[0]['useralias'];
$vat = $result[0]['vat'];
$firstname = $result[0]['firstname'];
$lastname = $result[0]['lastname'];
$email = $result[0]['email'];
$newkey = securitykey(EPAYMENT_TRANSACTION_KEY, $username . "^" . $id . "^" . $useralias . "^" . $creationdate);
if ($newkey == $key) {
write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "----------- Transaction Key Verified ------------");
} else {
write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "----NEW KEY =" . $newkey . " OLD KEY= " . $key . " ------- Transaction Key Verification Failed:" . $transaction_data[0][8] . "^" . $transactionID . "^" . $transaction_data[0][2] . "^" . $transaction_data[0][1] . " ------------\n");
exit;
}
$amount_paid = $payment_gross;
$amount_without_vat = $amount_paid / (1 + $vat / 100);
$nowDate = date("Y-m-d H:i:s");
$Query = "INSERT INTO cc_payments ( customers_id, customers_name, customers_email_address, item_name, payment_method,cc_number,orders_status, " . " last_modified, date_purchased, orders_date_finished, orders_amount, currency, currency_value) values (" . " '" . $id . "', '" . $firstname . " " . $lastname . "', '" . $email . "', 'RECURRING PAYMENT', 'PAYPAL' ," . " '{$payer_email}','2', '" . $nowDate . "', '" . $nowDate . "', '" . $nowDate . "', " . $amount_paid . ", '" . BASE_CURRENCY . "', '1' )";
$result = $DBHandle->Execute($Query);
$instance_table = new Table("cc_card", "username, id");
$param_update = " credit = credit+'" . $amount_without_vat . "'";
$FG_EDITION_CLAUSE = " id='{$id}'";
$instance_table->Update_table($DBHandle, $param_update, $FG_EDITION_CLAUSE, $func_table = null);
$paycur = $currencies_list[$getcur][2];
if (strtoupper($payment)=='PLUGNPAY') {
$QUERY_FIELDS = "cardid, amount, vat, paymentmethod, cc_owner, cc_number, cc_expires, creationdate, cvv, credit_card_type, currency , item_id , item_type";
$QUERY_VALUES = "'".$_SESSION["card_id"]."','$amount_string', '".$_SESSION["vat"]."', '$payment','$plugnpay_cc_owner','".substr($plugnpay_cc_number,0,4)."XXXXXXXXXXXX','".$plugnpay_cc_expires_month."-".$plugnpay_cc_expires_year."','$time_stamp', '$cvv', '$credit_card_type', '".BASE_CURRENCY."' , '$item_id', '$item_type'";
} else if(strtoupper($payment)=='IRIDIUM'){
$QUERY_FIELDS = "cardid, amount, vat, paymentmethod, cc_owner, cc_number, cc_expires, creationdate, currency, item_id, item_type";
$QUERY_VALUES = "'".$_SESSION["card_id"]."','$amount_string', '".$_SESSION["vat"]."', '$payment','$CardName','".substr($CardNumber,0,4)."XXXXXXXXXXXX','".$ExpiryDateMonth."-".$ExpiryDateYear."','$time_stamp', '".BASE_CURRENCY."' , '$item_id','$item_type'";
} else {
$QUERY_FIELDS = "cardid, amount, vat, paymentmethod, cc_owner, cc_number, cc_expires, creationdate, currency, item_id, item_type";
$QUERY_VALUES = "'".$_SESSION["card_id"]."','$amount_string', '".$_SESSION["vat"]."', '$payment','$authorizenet_cc_owner','".substr($authorizenet_cc_number,0,4)."XXXXXXXXXXXX','".$authorizenet_cc_expires_month."-".$authorizenet_cc_expires_year."','$time_stamp', '".$getcur."' , '$item_id','$item_type'";
}
$transaction_no = $paymentTable->Add_table ($HD_Form -> DBHandle, $QUERY_VALUES, $QUERY_FIELDS, 'cc_epayment_log', 'id');
$key = securitykey(EPAYMENT_TRANSACTION_KEY, $time_stamp."^".$transaction_no."^".$amount_string."^".$_SESSION["card_id"]."^".$item_id."^".$item_type);
if (empty($transaction_no)) {
exit(gettext("No Transaction ID found"));
}
$HD_Form -> create_toppage ($form_action);
if (!isset($currencies_list[strtoupper($_SESSION['currency'])][2]) || !is_numeric($currencies_list[strtoupper($_SESSION['currency'])][2])) {
$mycur = 1;
} else {
$mycur = $currencies_list[strtoupper($_SESSION['currency'])][2]/$paycur;
if ($payment == 'webmoney') {
$getcur = $wm_purse_type;
$two_currency=true;
} elseif ($getcur!=strtoupper($_SESSION['currency'])) $two_currency=true;
}
try {
//TODO: create mail class for agent
$mail = new Mail('epaymentverify', null);
} catch (A2bMailException $e) {
write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "-transactionID={$transactionID}" . " ERROR NO EMAIL TEMPLATE FOUND");
exit;
}
$mail->replaceInEmail(Mail::$TIME_KEY, date("y-m-d H:i:s"));
$mail->replaceInEmail(Mail::$PAYMENTGATEWAY_KEY, $transaction_data[0][4]);
$mail->replaceInEmail(Mail::$ITEM_AMOUNT_KEY, $amount_paid . $currCurrency);
// Add Post information / useful to track down payment transaction without having to log
$mail->AddToMessage("\n\n\n\n" . "-POST Var \n" . print_r($_POST, true));
$mail->send(ADMIN_EMAIL);
exit;
}
$newkey = securitykey(EPAYMENT_TRANSACTION_KEY, $transaction_data[0][8] . "^" . $transactionID . "^" . $transaction_data[0][2] . "^" . $transaction_data[0][1]);
if ($newkey == $key) {
write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "----------- Transaction Key Verified ------------");
} else {
write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "----NEW KEY =" . $newkey . " OLD KEY= " . $key . " ------- Transaction Key Verification Failed:" . $transaction_data[0][8] . "^" . $transactionID . "^" . $transaction_data[0][2] . "^" . $transaction_data[0][1] . " ------------\n");
exit;
}
write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "-transactionID={$transactionID}" . " ---------- TRANSACTION INFO ------------\n" . print_r($transaction_data, 1));
$payment_modules = new payment($transaction_data[0][4]);
// load the before_process function from the payment modules
//$payment_modules->before_process();
$QUERY = "SELECT id, credit, lastname, firstname, address, city, state, country, zipcode, phone, email, fax, currency " . "FROM cc_agent WHERE id = '" . $transaction_data[0][1] . "'";
$resmax = $DBHandle_max->Execute($QUERY);
if ($resmax) {
$numrow = $resmax->RecordCount();
} else {
<tr>
<td align="center" colspan="2" class="tableBodyRight" >
<img src="<?php
echo Images_Path;
?>
/payments_paypal.gif" />
</td>
</tr>
<?php
$desc = gettext("Automated refill") . " " . $A2B->config['epayment_method']['paypal_subscription_amount'] . " " . strtoupper(BASE_CURRENCY);
if ($vat > 0) {
$desc .= " + " . $vat / 100 * $amount_subscribe . " " . strtoupper(BASE_CURRENCY) . " of " . gettext("VAT");
}
$amount_subscribe = $amount_subscribe + $vat / 100 * $amount_subscribe;
$key = securitykey(EPAYMENT_TRANSACTION_KEY, $username . "^" . $_SESSION["card_id"] . "^" . $useralias . "^" . $creation_date);
$link = tep_href_link("A2B_recurring_payment.php?id=" . $_SESSION["card_id"] . "&key=" . $key, '', 'SSL');
$link_return = tep_href_link("userinfo.php?subscribe=true", '', 'SSL');
$link_cancel = tep_href_link("userinfo.php?subscribe=false", '', 'SSL');
?>
<tr>
<td align="center" colspan="2" class="tableBodyRight" >
<form name="_xclick" action="<?php
echo PAYPAL_PAYMENT_URL;
?>
" method="post">
<input type="hidden" name="cmd" value="_xclick-subscriptions">
<input type="hidden" name="business" value="<?php
echo $A2B->config['epayment_method']['paypal_subscription_account'];
?>
Header("Location: PP_error.php?c=accessdenied");
die;
}
getpost_ifset(array('amount', 'payment', 'authorizenet_cc_expires_year', 'authorizenet_cc_owner', 'authorizenet_cc_expires_month', 'authorizenet_cc_number', 'authorizenet_cc_expires_year'));
$HD_Form = new FormHandler("cc_payment_methods", "payment_method");
$HD_Form->setDBHandler(DbConnect());
$HD_Form->init();
$_SESSION["p_module"] = $payment;
$_SESSION["p_amount"] = $amount;
$paymentTable = new Table();
$time_stamp = date("Y-m-d h:i:s");
$QUERY = "INSERT INTO cc_epayment_log (cardid,amount,vat,paymentmethod,cc_owner,cc_number,cc_expires,creationdate) VALUES ('" . $_SESSION["card_id"] . "','{$amount}', 0, '{$payment}','{$authorizenet_cc_owner}','{$authorizenet_cc_number}','" . $authorizenet_cc_expires_month . "-" . $authorizenet_cc_expires_year . "','{$time_stamp}')";
$paymentTable->SQLExec($HD_Form->DBHandle, $QUERY);
$QUERY = "SELECT max(id) from cc_epayment_log";
$transaction_no = $paymentTable->SQLExec($DBHandle, $QUERY);
$key = securitykey(EPAYMENT_TRANSACTION_KEY, $time_stamp . "^" . $transaction_no[0][0] . "^" . $amount . "^" . $_SESSION["card_id"]);
if ($transaction_no[0][0] == null) {
exit(gettext("No Transaction ID found"));
}
$HD_Form->create_toppage($form_action);
$payment_modules = new payment($payment);
$order = new order($amount);
if (is_array($payment_modules->modules)) {
$payment_modules->pre_confirmation_check();
}
// #### HEADER SECTION
include 'PP_header.php';
?>
<?php
if (isset(${$payment}->form_action_url)) {
$paymentTable = new Table();
$time_stamp = date("Y-m-d H:i:s");
if (strtoupper($payment)=='PLUGNPAY') {
$QUERY_FIELDS = "agent_id, amount, vat, paymentmethod, cc_owner, cc_number, cc_expires, creationdate, cvv, credit_card_type, currency";
$QUERY_VALUES = "'".$_SESSION["agent_id"]."','$total_amount', '".$_SESSION["vat"]."', '$payment','$plugnpay_cc_owner','".substr($plugnpay_cc_number,0,4)."XXXXXXXXXXXX','".$plugnpay_cc_expires_month."-".$plugnpay_cc_expires_year."','$time_stamp', '$cvv', '$credit_card_type', '".BASE_CURRENCY."'";
} else {
$QUERY_FIELDS = "agent_id, amount, vat, paymentmethod, cc_owner, cc_number, cc_expires, creationdate, currency";
$QUERY_VALUES = "'".$_SESSION["agent_id"]."','$total_amount', '".$_SESSION["vat"]."', '$payment','$authorizenet_cc_owner','".substr($authorizenet_cc_number,0,4)."XXXXXXXXXXXX','".$authorizenet_cc_expires_month."-".$authorizenet_cc_expires_year."','$time_stamp', '".BASE_CURRENCY."'";
}
$transaction_no = $paymentTable->Add_table ($HD_Form -> DBHandle, $QUERY_VALUES, $QUERY_FIELDS, 'cc_epayment_log_agent', 'id');
$key = securitykey(EPAYMENT_TRANSACTION_KEY, $time_stamp."^".$transaction_no."^".$total_amount."^".$_SESSION["agent_id"]);
if (empty($transaction_no)) {
exit(gettext("No Transaction ID found"));
}
$HD_Form -> create_toppage ($form_action);
$payment_modules = new payment($payment);
$order = new order($total_amount);
if (is_array($payment_modules->modules)) {
$payment_modules->pre_confirmation_check();
}
// #### HEADER SECTION
