$table_card = new Table("cc_card", "username,useralias,UNIX_TIMESTAMP(creationdate) creationdate,vat,firstname,lastname"); $card_clause = "id = {$id}"; $result = $table_card->Get_list($DBHandle, $card_clause); if (!is_array($result)) { write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "-PAYPAL Reccurring Payment Failed : card id( {$id} ) not found"); die; } $card = $result[0]; $username = $result[0]['username']; $creationdate = $result[0]['creationdate']; $useralias = $result[0]['useralias']; $vat = $result[0]['vat']; $firstname = $result[0]['firstname']; $lastname = $result[0]['lastname']; $email = $result[0]['email']; $newkey = securitykey(EPAYMENT_TRANSACTION_KEY, $username . "^" . $id . "^" . $useralias . "^" . $creationdate); if ($newkey == $key) { write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "----------- Transaction Key Verified ------------"); } else { write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "----NEW KEY =" . $newkey . " OLD KEY= " . $key . " ------- Transaction Key Verification Failed:" . $transaction_data[0][8] . "^" . $transactionID . "^" . $transaction_data[0][2] . "^" . $transaction_data[0][1] . " ------------\n"); exit; } $amount_paid = $payment_gross; $amount_without_vat = $amount_paid / (1 + $vat / 100); $nowDate = date("Y-m-d H:i:s"); $Query = "INSERT INTO cc_payments ( customers_id, customers_name, customers_email_address, item_name, payment_method,cc_number,orders_status, " . " last_modified, date_purchased, orders_date_finished, orders_amount, currency, currency_value) values (" . " '" . $id . "', '" . $firstname . " " . $lastname . "', '" . $email . "', 'RECURRING PAYMENT', 'PAYPAL' ," . " '{$payer_email}','2', '" . $nowDate . "', '" . $nowDate . "', '" . $nowDate . "', " . $amount_paid . ", '" . BASE_CURRENCY . "', '1' )"; $result = $DBHandle->Execute($Query); $instance_table = new Table("cc_card", "username, id"); $param_update = " credit = credit+'" . $amount_without_vat . "'"; $FG_EDITION_CLAUSE = " id='{$id}'"; $instance_table->Update_table($DBHandle, $param_update, $FG_EDITION_CLAUSE, $func_table = null);
$paycur = $currencies_list[$getcur][2]; if (strtoupper($payment)=='PLUGNPAY') { $QUERY_FIELDS = "cardid, amount, vat, paymentmethod, cc_owner, cc_number, cc_expires, creationdate, cvv, credit_card_type, currency , item_id , item_type"; $QUERY_VALUES = "'".$_SESSION["card_id"]."','$amount_string', '".$_SESSION["vat"]."', '$payment','$plugnpay_cc_owner','".substr($plugnpay_cc_number,0,4)."XXXXXXXXXXXX','".$plugnpay_cc_expires_month."-".$plugnpay_cc_expires_year."','$time_stamp', '$cvv', '$credit_card_type', '".BASE_CURRENCY."' , '$item_id', '$item_type'"; } else if(strtoupper($payment)=='IRIDIUM'){ $QUERY_FIELDS = "cardid, amount, vat, paymentmethod, cc_owner, cc_number, cc_expires, creationdate, currency, item_id, item_type"; $QUERY_VALUES = "'".$_SESSION["card_id"]."','$amount_string', '".$_SESSION["vat"]."', '$payment','$CardName','".substr($CardNumber,0,4)."XXXXXXXXXXXX','".$ExpiryDateMonth."-".$ExpiryDateYear."','$time_stamp', '".BASE_CURRENCY."' , '$item_id','$item_type'"; } else { $QUERY_FIELDS = "cardid, amount, vat, paymentmethod, cc_owner, cc_number, cc_expires, creationdate, currency, item_id, item_type"; $QUERY_VALUES = "'".$_SESSION["card_id"]."','$amount_string', '".$_SESSION["vat"]."', '$payment','$authorizenet_cc_owner','".substr($authorizenet_cc_number,0,4)."XXXXXXXXXXXX','".$authorizenet_cc_expires_month."-".$authorizenet_cc_expires_year."','$time_stamp', '".$getcur."' , '$item_id','$item_type'"; } $transaction_no = $paymentTable->Add_table ($HD_Form -> DBHandle, $QUERY_VALUES, $QUERY_FIELDS, 'cc_epayment_log', 'id'); $key = securitykey(EPAYMENT_TRANSACTION_KEY, $time_stamp."^".$transaction_no."^".$amount_string."^".$_SESSION["card_id"]."^".$item_id."^".$item_type); if (empty($transaction_no)) { exit(gettext("No Transaction ID found")); } $HD_Form -> create_toppage ($form_action); if (!isset($currencies_list[strtoupper($_SESSION['currency'])][2]) || !is_numeric($currencies_list[strtoupper($_SESSION['currency'])][2])) { $mycur = 1; } else { $mycur = $currencies_list[strtoupper($_SESSION['currency'])][2]/$paycur; if ($payment == 'webmoney') { $getcur = $wm_purse_type; $two_currency=true; } elseif ($getcur!=strtoupper($_SESSION['currency'])) $two_currency=true; }
try { //TODO: create mail class for agent $mail = new Mail('epaymentverify', null); } catch (A2bMailException $e) { write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "-transactionID={$transactionID}" . " ERROR NO EMAIL TEMPLATE FOUND"); exit; } $mail->replaceInEmail(Mail::$TIME_KEY, date("y-m-d H:i:s")); $mail->replaceInEmail(Mail::$PAYMENTGATEWAY_KEY, $transaction_data[0][4]); $mail->replaceInEmail(Mail::$ITEM_AMOUNT_KEY, $amount_paid . $currCurrency); // Add Post information / useful to track down payment transaction without having to log $mail->AddToMessage("\n\n\n\n" . "-POST Var \n" . print_r($_POST, true)); $mail->send(ADMIN_EMAIL); exit; } $newkey = securitykey(EPAYMENT_TRANSACTION_KEY, $transaction_data[0][8] . "^" . $transactionID . "^" . $transaction_data[0][2] . "^" . $transaction_data[0][1]); if ($newkey == $key) { write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "----------- Transaction Key Verified ------------"); } else { write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "----NEW KEY =" . $newkey . " OLD KEY= " . $key . " ------- Transaction Key Verification Failed:" . $transaction_data[0][8] . "^" . $transactionID . "^" . $transaction_data[0][2] . "^" . $transaction_data[0][1] . " ------------\n"); exit; } write_log(LOGFILE_EPAYMENT, basename(__FILE__) . ' line:' . __LINE__ . "-transactionID={$transactionID}" . " ---------- TRANSACTION INFO ------------\n" . print_r($transaction_data, 1)); $payment_modules = new payment($transaction_data[0][4]); // load the before_process function from the payment modules //$payment_modules->before_process(); $QUERY = "SELECT id, credit, lastname, firstname, address, city, state, country, zipcode, phone, email, fax, currency " . "FROM cc_agent WHERE id = '" . $transaction_data[0][1] . "'"; $resmax = $DBHandle_max->Execute($QUERY); if ($resmax) { $numrow = $resmax->RecordCount(); } else {
<tr> <td align="center" colspan="2" class="tableBodyRight" > <img src="<?php echo Images_Path; ?> /payments_paypal.gif" /> </td> </tr> <?php $desc = gettext("Automated refill") . " " . $A2B->config['epayment_method']['paypal_subscription_amount'] . " " . strtoupper(BASE_CURRENCY); if ($vat > 0) { $desc .= " + " . $vat / 100 * $amount_subscribe . " " . strtoupper(BASE_CURRENCY) . " of " . gettext("VAT"); } $amount_subscribe = $amount_subscribe + $vat / 100 * $amount_subscribe; $key = securitykey(EPAYMENT_TRANSACTION_KEY, $username . "^" . $_SESSION["card_id"] . "^" . $useralias . "^" . $creation_date); $link = tep_href_link("A2B_recurring_payment.php?id=" . $_SESSION["card_id"] . "&key=" . $key, '', 'SSL'); $link_return = tep_href_link("userinfo.php?subscribe=true", '', 'SSL'); $link_cancel = tep_href_link("userinfo.php?subscribe=false", '', 'SSL'); ?> <tr> <td align="center" colspan="2" class="tableBodyRight" > <form name="_xclick" action="<?php echo PAYPAL_PAYMENT_URL; ?> " method="post"> <input type="hidden" name="cmd" value="_xclick-subscriptions"> <input type="hidden" name="business" value="<?php echo $A2B->config['epayment_method']['paypal_subscription_account']; ?>
Header("Location: PP_error.php?c=accessdenied"); die; } getpost_ifset(array('amount', 'payment', 'authorizenet_cc_expires_year', 'authorizenet_cc_owner', 'authorizenet_cc_expires_month', 'authorizenet_cc_number', 'authorizenet_cc_expires_year')); $HD_Form = new FormHandler("cc_payment_methods", "payment_method"); $HD_Form->setDBHandler(DbConnect()); $HD_Form->init(); $_SESSION["p_module"] = $payment; $_SESSION["p_amount"] = $amount; $paymentTable = new Table(); $time_stamp = date("Y-m-d h:i:s"); $QUERY = "INSERT INTO cc_epayment_log (cardid,amount,vat,paymentmethod,cc_owner,cc_number,cc_expires,creationdate) VALUES ('" . $_SESSION["card_id"] . "','{$amount}', 0, '{$payment}','{$authorizenet_cc_owner}','{$authorizenet_cc_number}','" . $authorizenet_cc_expires_month . "-" . $authorizenet_cc_expires_year . "','{$time_stamp}')"; $paymentTable->SQLExec($HD_Form->DBHandle, $QUERY); $QUERY = "SELECT max(id) from cc_epayment_log"; $transaction_no = $paymentTable->SQLExec($DBHandle, $QUERY); $key = securitykey(EPAYMENT_TRANSACTION_KEY, $time_stamp . "^" . $transaction_no[0][0] . "^" . $amount . "^" . $_SESSION["card_id"]); if ($transaction_no[0][0] == null) { exit(gettext("No Transaction ID found")); } $HD_Form->create_toppage($form_action); $payment_modules = new payment($payment); $order = new order($amount); if (is_array($payment_modules->modules)) { $payment_modules->pre_confirmation_check(); } // #### HEADER SECTION include 'PP_header.php'; ?> <?php if (isset(${$payment}->form_action_url)) {
$paymentTable = new Table(); $time_stamp = date("Y-m-d H:i:s"); if (strtoupper($payment)=='PLUGNPAY') { $QUERY_FIELDS = "agent_id, amount, vat, paymentmethod, cc_owner, cc_number, cc_expires, creationdate, cvv, credit_card_type, currency"; $QUERY_VALUES = "'".$_SESSION["agent_id"]."','$total_amount', '".$_SESSION["vat"]."', '$payment','$plugnpay_cc_owner','".substr($plugnpay_cc_number,0,4)."XXXXXXXXXXXX','".$plugnpay_cc_expires_month."-".$plugnpay_cc_expires_year."','$time_stamp', '$cvv', '$credit_card_type', '".BASE_CURRENCY."'"; } else { $QUERY_FIELDS = "agent_id, amount, vat, paymentmethod, cc_owner, cc_number, cc_expires, creationdate, currency"; $QUERY_VALUES = "'".$_SESSION["agent_id"]."','$total_amount', '".$_SESSION["vat"]."', '$payment','$authorizenet_cc_owner','".substr($authorizenet_cc_number,0,4)."XXXXXXXXXXXX','".$authorizenet_cc_expires_month."-".$authorizenet_cc_expires_year."','$time_stamp', '".BASE_CURRENCY."'"; } $transaction_no = $paymentTable->Add_table ($HD_Form -> DBHandle, $QUERY_VALUES, $QUERY_FIELDS, 'cc_epayment_log_agent', 'id'); $key = securitykey(EPAYMENT_TRANSACTION_KEY, $time_stamp."^".$transaction_no."^".$total_amount."^".$_SESSION["agent_id"]); if (empty($transaction_no)) { exit(gettext("No Transaction ID found")); } $HD_Form -> create_toppage ($form_action); $payment_modules = new payment($payment); $order = new order($total_amount); if (is_array($payment_modules->modules)) { $payment_modules->pre_confirmation_check(); } // #### HEADER SECTION