public function process_button() { $process_button_string = '<input type="hidden" name="cc_owner" value = "' . $_POST['checkoutapipayment_cc_owner'] . '">'; $process_button_string .= '<input type="hidden" name="cc_expires_month" value = "' . $_POST['checkoutapipayment_cc_expires_month'] . '">'; $process_button_string .= '<input type="hidden" name="cc_expires_year" value = "' . $_POST['checkoutapipayment_cc_expires_year'] . '">'; $process_button_string .= '<input type="hidden" name="cc_number" value = "' . $_POST['checkoutapipayment_cc_number'] . '">'; $process_button_string .= '<input type="hidden" name="cc_cvv" value = "' . $_POST['checkoutapipayment_cc_cvv'] . '">'; $process_button_string .= '<input type="hidden" name="' . zen_session_name() . '" value = "' . zen_session_id() . '">'; echo $process_button_string; return $process_button_string; }
/** * @return string */ public function process_button() { $sid = zen_session_name() . '=' . zen_session_id(); $formEntries = $this->buildStandardTransactionDetails(); $formEntries['SuccessURL'] = str_replace('&', '&', zen_href_link(FILENAME_CHECKOUT_PROCESS, $sid, 'SSL', false)); $formEntries['FailureURL'] = str_replace('&', '&', zen_href_link(FILENAME_CHECKOUT_PROCESS, $sid, 'SSL', false)); $processButtonString = SagepayUtil::processCryptEntries($formEntries); $crypt = SagepayUtil::encryptAndEncode($processButtonString, MODULE_PAYMENT_SAGEPAY_ZC_FORM_PASSWORD); $transaction_type = strtoupper(MODULE_PAYMENT_SAGEPAY_ZC_FORM_TXTYPE); $this->errorLog(array(array('title' => 'Transaction Type', 'content' => $transaction_type), array('title' => 'Submit Data', 'content' => $processButtonString))); $process_button_string = zen_draw_hidden_field('VPSProtocol', self::SP_PROTOCOL_VERSION) . zen_draw_hidden_field('TxType', $transaction_type) . zen_draw_hidden_field('Vendor', MODULE_PAYMENT_SAGEPAY_ZC_FORM_VENDOR_NAME) . zen_draw_hidden_field('ReferrerID', 'BB5F9F0D-8982-4203-AFD4-AF78017E4B92') . zen_draw_hidden_field('Crypt', $crypt); return $process_button_string; }
function zen_get_all_get_params($exclude_array = '') { global $_GET; if ($exclude_array == '') { $exclude_array = array(); } $get_url = ''; reset($_GET); while (list($key, $value) = each($_GET)) { if ($key != zen_session_name() && $key != 'error' && !in_array($key, $exclude_array)) { $get_url .= zen_sanitize_string($key) . '=' . rawurlencode(stripslashes($value)) . '&'; } } return $get_url; }
function zen_href_link_admin($page = '', $parameters = '', $connection = 'NONSSL', $add_session_id = true) { global $request_type, $session_started, $http_domain, $https_domain; if ($page == '') { bt(); die('</td></tr></table></td></tr></table><br><br><font color="#ff0000"><b>Error!</b></font><br><br><b>Unable to determine the page link!<br><br>Function used:<br><br>zen_href_link_admin(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</b>'); } if ($connection == 'NONSSL') { $link = HTTP_SERVER . DIR_WS_ADMIN; } elseif ($connection == 'SSL') { $link = HTTPS_SERVER . DIR_WS_HTTPS_ADMIN; } else { die('</td></tr></table></td></tr></table><br><br><font color="#ff0000"><b>Error!</b></font><br><br><b>Unable to determine connection method on a link!<br><br>Known methods: NONSSL SSL<br><br>Function used:<br><br>zen_href_link_admin(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</b>'); } if (!strstr($page, '.php')) { $page .= '.php'; } if ($parameters == '') { $link = $link . $page; $separator = '?'; } else { $link = $link . $page . '?' . $parameters; $separator = '&'; } while (substr($link, -1) == '&' || substr($link, -1) == '?') { $link = substr($link, 0, -1); } // Add the session ID when moving from different HTTP and HTTPS servers, or when SID is defined if ($add_session_id == true && $session_started == true) { if (defined('SID') && zen_not_null(SID)) { $sid = SID; } elseif ($request_type == 'NONSSL' && $connection == 'SSL' && ENABLE_SSL_ADMIN == 'true' || $request_type == 'SSL' && $connection == 'NONSSL') { //die($connection); if ($http_domain != $https_domain) { $sid = zen_session_name() . '=' . zen_session_id(); } } } if (isset($sid)) { $link .= $separator . $sid; } return $link; }
/** * Build the data and actions to process when the "Submit" button is pressed on the order-confirmation screen. * This sends the data to the payment gateway for processing. * (These are hidden fields on the checkout confirmation page) * * @return string */ function process_button() { $process_button_string = zen_draw_hidden_field('cc_owner', $_POST['authorizenet_aim_cc_owner']) . zen_draw_hidden_field('cc_expires', $this->cc_expiry_month . substr($this->cc_expiry_year, -2)) . zen_draw_hidden_field('cc_type', $this->cc_card_type) . zen_draw_hidden_field('cc_number', $this->cc_card_number); if (MODULE_PAYMENT_AUTHORIZENET_AIM_USE_CVV == 'True') { $process_button_string .= zen_draw_hidden_field('cc_cvv', $_POST['authorizenet_aim_cc_cvv']); } $process_button_string .= zen_draw_hidden_field(zen_session_name(), zen_session_id()); return $process_button_string; }
function process_button($pPaymentParameters) { // These are hidden fields on the checkout confirmation page $process_button_string = zen_draw_hidden_field('cc_owner', $_POST['authorizenet_aim_cc_owner']) . zen_draw_hidden_field('cc_expires', $this->cc_expires_month . substr($this->cc_expires_year, -2)) . zen_draw_hidden_field('cc_type', $this->cc_type) . zen_draw_hidden_field('cc_number', $this->cc_number); if (MODULE_PAYMENT_AUTHORIZENET_AIM_USE_CVV == 'True') { $process_button_string .= zen_draw_hidden_field('cc_cvv', $_POST['authorizenet_aim_cc_cvv']); } $process_button_string .= zen_draw_hidden_field(zen_session_name(), zen_session_id()); return $process_button_string; return false; }
function debug() { for ($i = 0, $n = sizeof($this->path); $i < $n; $i++) { echo $this->path[$i]['page'] . '?'; while (list($key, $value) = each($this->path[$i]['get'])) { echo $key . '=' . $value . '&'; } if (sizeof($this->path[$i]['post']) > 0) { echo '<br />'; while (list($key, $value) = each($this->path[$i]['post'])) { echo ' <strong>' . $key . '=' . $value . '</strong><br />'; } } echo '<br />'; } if (sizeof($this->snapshot) > 0) { echo '<br /><br />'; echo $this->snapshot['mode'] . ' ' . $this->snapshot['page'] . '?' . zen_array_to_string($this->snapshot['get'], array(zen_session_name())) . '<br />'; } }
function zen_get_all_get_params($exclude_array = '', $search_engine_safe = true) { if (!is_array($exclude_array)) { $exclude_array = array(); } $get_url = ''; if (is_array($_GET) && sizeof($_GET) > 0) { reset($_GET); while (list($key, $value) = each($_GET)) { if (strlen($value) > 0 && $key != 'main_page' && $key != zen_session_name() && $key != 'error' && !in_array($key, $exclude_array) && $key != 'x' && $key != 'y') { if (SEARCH_ENGINE_FRIENDLY_URLS == 'true' && $search_engine_safe == true) { // die ('here'); $get_url .= $key . '/' . rawurlencode(stripslashes($value)) . '/'; } else { $get_url .= zen_sanitize_string($key) . '=' . rawurlencode(stripslashes($value)) . '&'; } } } } while (strstr($get_url, '&&')) { $get_url = str_replace('&&', '&', $get_url); } while (strstr($get_url, '&&')) { $get_url = str_replace('&&', '&', $get_url); } return $get_url; }
function zen_hide_session_id() { global $session_started; if ($session_started == true && defined('SID') && zen_not_null(SID)) { return zen_draw_hidden_field(zen_session_name(), zen_session_id()); } }
function convertToMobileLink($href_link) { if ($this->isMobile()) { $href_link = ereg_replace('&', '&', $href_link); if (zen_session_id() && !strstr($href_link, zen_session_name() . '=' . zen_session_id())) { if (!strstr($href_link, '?')) { $href_link .= '?'; } $href_link .= '&' . zen_session_name() . '=' . zen_session_id(); } // EUC-JP to SJIS if (strpos($href_link, '?') != false) { $path = substr($href_link, 0, strpos($href_link, '?') + 1); $query = substr($href_link, strpos($href_link, '?') + 1); $sjis_key_val_pairs = array(); $key_val_pairs = split("&", $query); foreach ($key_val_pairs as $key_val_pair) { list($key, $val) = split("=", $key_val_pair); $key = rawurlencode(mb_convert_encoding(rawurldecode($key), 'SJIS', 'EUC-JP')); $val = rawurlencode(mb_convert_encoding(rawurldecode($val), 'SJIS', 'EUC-JP')); $sjis_key_val_pairs[] = sprintf("%s=%s", $key, $val); } $sjis_query = join("&", $sjis_key_val_pairs); $href_link = $path . $sjis_query; } } return $href_link; }
$sql = "UPDATE " . TABLE_CUSTOMERS_INFO . "\r\n SET customers_info_date_of_last_logon = now(),\r\n customers_info_number_of_logons = customers_info_number_of_logons+1\r\n WHERE customers_info_id = :customersID"; $sql = $db->bindVars($sql, ':customersID', $_SESSION['customer_id'], 'integer'); $db->Execute($sql); $zco_notifier->notify('NOTIFY_LOGIN_SUCCESS'); // restore cart contents $_SESSION['cart']->restore_contents(); /* if ($_SESSION['cart']->count_contents() > 0) { zen_redirect(zen_href_link(FILENAME_CHECKOUT_SHIPPING)); } */ if (sizeof($_SESSION['navigation']->snapshot) > 0) { // $back = sizeof($_SESSION['navigation']->path)-2; //if (isset($_SESSION['navigation']->path[$back]['page'])) { // if (sizeof($_SESSION['navigation']->path)-2 > 0) { $origin_href = zen_href_link($_SESSION['navigation']->snapshot['page'], zen_array_to_string($_SESSION['navigation']->snapshot['get'], array(zen_session_name())), $_SESSION['navigation']->snapshot['mode']); // $origin_href = zen_back_link_only(true); $_SESSION['navigation']->clear_snapshot(); zen_redirect($origin_href); } else { zen_redirect(zen_href_link(FILENAME_DEFAULT)); } } } } if ($error == true) { $messageStack->add('login', TEXT_LOGIN_ERROR); $zco_notifier->notify('NOTIFY_LOGIN_FAILURE'); } $breadcrumb->add(NAVBAR_TITLE); // This should be last line of the script:
function zen_session_recreate() { if (PHP_VERSION >= 4.1) { $session_backup = $_SESSION; unset($_COOKIE[zen_session_name()]); zen_session_destroy(); if (STORE_SESSIONS == 'db') { session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc'); } zen_session_start(); $_SESSION = $session_backup; unset($session_backup); } }
} $path = defined('CUSTOM_COOKIE_PATH') ? CUSTOM_COOKIE_PATH : $path; $domainPrefix = !defined('SESSION_ADD_PERIOD_PREFIX') || SESSION_ADD_PERIOD_PREFIX == 'True' ? '.' : ''; $secureFlag = ENABLE_SSL == 'true' && substr(HTTP_SERVER, 0, 6) == 'https:' && substr(HTTPS_SERVER, 0, 6) == 'https:' || ENABLE_SSL == 'false' && substr(HTTP_SERVER, 0, 6) == 'https:' ? TRUE : FALSE; if (PHP_VERSION >= '5.2.0') { session_set_cookie_params(0, $path, zen_not_null($cookieDomain) ? $domainPrefix . $cookieDomain : '', $secureFlag, TRUE); } else { session_set_cookie_params(0, $path, zen_not_null($cookieDomain) ? $domainPrefix . $cookieDomain : '', $secureFlag); } /** * set the session ID if it exists */ if (isset($_POST[zen_session_name()])) { zen_session_id($_POST[zen_session_name()]); } elseif ($request_type == 'SSL' && isset($_GET[zen_session_name()])) { zen_session_id($_GET[zen_session_name()]); } /** * need to tidy up $_SERVER['REMOTE_ADDR'] here before we use it anywhere else * one problem we don't address here is if $_SERVER['REMOTE_ADDRESS'] is not set to anything at all */ $ipAddressArray = explode(',', zen_get_ip_address()); $ipAddress = sizeof($ipAddressArray) > 0 ? $ipAddressArray[0] : ''; $_SERVER['REMOTE_ADDR'] = $ipAddress; /** * start the session */ $session_started = false; if (SESSION_FORCE_COOKIE_USE == 'True') { zen_setcookie('cookie_test', 'please_accept_for_session', time() + 60 * 60 * 24 * 30, '/', zen_not_null($current_domain) ? $current_domain : ''); if (isset($_COOKIE['cookie_test'])) {
/** * Build the data and actions to process when the "Submit" button is pressed on the order-confirmation screen. * This sends the data to the payment gateway for processing. * (These are hidden fields on the checkout confirmation page) * * @return string */ function process_button() { global $order, $db; $this->order_id = md5(serialize($order->products) . '' . serialize($order->customer) . '' . serialize($order->delivery)); $_SESSION['order_id'] = $this->order_id; $sql = sprintf("insert into " . TABLE_PAGAMASTARDE . " (order_id) values ('%s')", $this->order_id); $db->Execute($sql); $base_url = dirname(sprintf("%s://%s%s", isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off' ? 'https' : 'http', $_SERVER['SERVER_NAME'], $_SERVER['REQUEST_URI'])); $callback_url = $base_url . '/ext/modules/payment/pagamastarde/callback.php'; $pagamastarde_ok_url = htmlspecialchars_decode(zen_href_link(FILENAME_CHECKOUT_PROCESS, 'action=confirm', 'SSL', true, false)); $pagamastarde_nok_url = trim(zen_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL', false)); $cancelled_url = trim(zen_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL', false)); $amount = number_format($order->info['total'] * 100, 0, '', ''); $currency = $_SESSION['currency']; $currency = 'EUR'; if (MODULE_PAYMENT_PAGAMASTARDE_DISCOUNT == 'False') { $discount = 'false'; } else { $discount = 'true'; } if (MODULE_PAYMENT_PAGAMASTARDE_TESTMODE == 'Test') { $secret_key = MODULE_PAYMENT_PAGAMASTARDE_TSK; $public_key = MODULE_PAYMENT_PAGAMASTARDE_TK; } else { $secret_key = MODULE_PAYMENT_PAGAMASTARDE_PSK; $public_key = MODULE_PAYMENT_PAGAMASTARDE_PK; } $message = $secret_key . $public_key . $this->order_id . $amount . $currency . $pagamastarde_ok_url . $pagamastarde_nok_url . $callback_url . $discount . $cancelled_url; $signature = hash('sha512', $message); // extra parameters for logged users $sign_up = ''; $dob = ''; $order_total = 0; $order_count = 0; if (trim($_SESSION['customer_id']) != '') { $sql = sprintf("SELECT *\r\n FROM %s\r\n JOIN %s ON customers_info.customers_info_id = customers.customers_id\r\n Where customers.customers_id = %d", TABLE_CUSTOMERS, TABLE_CUSTOMERS_INFO, $_SESSION['customer_id']); $check = $db->Execute($sql); while (!$check->EOF) { $sign_up = substr($check->fields['customers_info_date_account_created'], 0, 10); $dob = substr($check->fields['customers_dob'], 0, 10); $check->MoveNext(); } $sql = sprintf("select * from %s join %s on orders_status.orders_status_id = orders.orders_status\r\n where customers_id=%d\r\n and orders_status.orders_status_name in ('Processing','Delivered')\r\n order by orders_id", TABLE_ORDERS_STATUS, TABLE_ORDERS, $_SESSION['customer_id']); $check = $db->Execute($sql); while (!$check->EOF) { $order_total += $check->fields['order_total']; $order_count += 1; $check->MoveNext(); } } $submit_data = array('order_id' => $this->order_id, 'email' => $order->customer['email_address'], 'full_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'], 'amount' => $amount, 'currency' => $currency, 'ok_url' => $pagamastarde_ok_url, 'nok_url' => $pagamastarde_nok_url, 'cancelled_url' => $cancelled_url, 'account_id' => $public_key, 'signature' => $signature, 'address[street]' => $order->customer['street_address'], 'address[city]' => $order->customer['city'], 'address[province]' => $order->customer['state'], 'address[zipcode]' => $order->customer['postcode'], 'shipping[street]' => $order->delivery['street_address'], 'shipping[city]' => $order->delivery['city'], 'shipping[province]' => $order->delivery['state'], 'shipping[zipcode]' => $order->delivery['postcode'], 'callback_url' => $callback_url, 'discount[full]' => $discount, 'mobile_phone' => $order->customer['telephone'], 'metadata[num_orders]' => $order_count, 'metadata[amount_orders]' => $order_total, 'dob' => $dob, 'metadata[member_since]' => $sign_up); //product descirption $desciption = []; $i = 0; if (isset($order->info['shipping_method'])) { $submit_data["items[" . $i . "][description]"] = $order->info['shipping_method']; $submit_data["items[" . $i . "][quantity]"] = 1; $submit_data["items[" . $i . "][amount]"] = number_format($order->info['shipping_cost'], 2, '.', ''); $desciption[] = $order->info['shipping_method']; $i++; } foreach ($order->products as $product) { $submit_data["items[" . $i . "][description]"] = $product['name'] . " (" . $product['qty'] . ") "; $submit_data["items[" . $i . "][quantity]"] = $product['qty']; $submit_data["items[" . $i . "][amount]"] = number_format($product['final_price'] * $product['qty'], 2, '.', ''); $desciption[] = $product['name'] . " ( " . $product['qty'] . " )"; $i++; } $submit_data['description'] = implode(",", $desciption); $this->notify('NOTIFY_PAYMENT_AUTHNETSIM_PRESUBMIT_HOOK'); if (MODULE_PAYMENT_PAGAMASTARDE_TESTMODE == 'Test') { $submit_data['x_Test_Request'] = 'TRUE'; } $submit_data[zen_session_name()] = zen_session_id(); $process_button_string = "\n"; foreach ($submit_data as $key => $value) { $process_button_string .= zen_draw_hidden_field($key, $value) . "\n"; } return $process_button_string; }
/** * Adds the sid to the end of the URL if needed. If a page cache has been * enabled and no customer is logged in the sid is replaced with '<zinsid>'. * * @param string $link current URL. * @param bool $add_session_id true if a session id be added to the url, false otherwise * @param string $connection 'NONSSL' or 'SSL' the type of connection to use * @param string $separator the separator to use between the link and this paramater (if added) * @return unknown */ function add_sid($link, $add_session_id, $connection, $separator) { global $request_type, $http_domain, $https_domain, $session_started; if ($add_session_id == true && $session_started && SESSION_FORCE_COOKIE_USE == 'False') { if (defined('SID') && zen_not_null(SID)) { $_sid = SID; } else { if ($request_type == 'NONSSL' && $connection == 'SSL' && ENABLE_SSL == 'true' || $request_type == 'SSL' && $connection == 'NONSSL') { if ($http_domain != $https_domain) { $_sid = zen_session_name() . '=' . zen_session_id(); } } } } switch (true) { case !isset($_SESSION['customer_id']) && defined('ENABLE_PAGE_CACHE') && ENABLE_PAGE_CACHE == 'true' && class_exists('page_cache'): $return = $link . $separator . '<zensid>'; break; case zen_not_null($_sid): $return = $link . $separator . $_sid; break; default: $return = $link; break; } return $return; }
$lng = new language(); } reset($lng->catalog_languages); $languages_array = array(); $current_language = ''; while (list($key, $value) = each($lng->catalog_languages)) { $languages_array_popup[$key] = $value['name']; } foreach ($languages_array_popup as $k => $v) { if ($k == $_SESSION['languages_code']) { $current_language = $v; } } } $lang_array = array(); while (list($key, $value) = each($lng->catalog_languages)) { $lang_array[] = array('id' => $key, 'text' => $value['name']); } $hidden_get_variables = ''; reset($_GET); while (list($key, $value) = each($_GET)) { if ($key != 'language' && $key != zen_session_name() && $key != 'x' && $key != 'y') { $hidden_get_variables .= zen_draw_hidden_field($key, $value); } } ?> <a href="#" id="language_switcher"> <?php echo $current_language; ?> </a>
function zen_href_link($page = '', $parameters = '', $connection = 'NONSSL', $add_session_id = true, $search_engine_safe = true, $static = false, $use_dir_ws_catalog = true) { global $gBitSystem, $request_type, $session_started, $http_domain, $https_domain; if ($connection == 'NONSSL') { $link = HTTP_SERVER; } elseif ($connection == 'SSL') { if (ENABLE_SSL == 'true') { $link = HTTPS_SERVER; } else { $link = HTTP_SERVER; } } else { $link = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? HTTPS_SERVER : HTTP_SERVER; } if ($use_dir_ws_catalog) { $link .= DIR_WS_CATALOG; } if (!empty($page)) { $page = 'main_page=' . $page . "&"; } if (!$static) { if (zen_not_null($parameters)) { $link .= 'index.php?' . $page . zen_output_string($parameters); } else { $link .= 'index.php?' . $page; } } else { if (zen_not_null($parameters)) { $link .= $page . "&" . zen_output_string($parameters); } else { $link .= $page; } } $separator = '&'; while (substr($link, -1) == '&' || substr($link, -1) == '?') { $link = substr($link, 0, -1); } // Add the session ID when moving from different HTTP and HTTPS servers, or when SID is defined if ($add_session_id == true && $session_started == true && (!defined('SESSION_FORCE_COOKIE_USE') || SESSION_FORCE_COOKIE_USE == 'False')) { if (defined('SID') && zen_not_null(SID)) { $sid = SID; // } elseif ( ( ($request_type == 'NONSSL') && ($connection == 'SSL') && (ENABLE_SSL_ADMIN == 'true') ) || ( ($request_type == 'SSL') && ($connection == 'NONSSL') ) ) { } elseif ($request_type == 'NONSSL' && $connection == 'SSL' && ENABLE_SSL == 'true' || $request_type == 'SSL' && $connection == 'NONSSL') { if ($http_domain != $https_domain) { $sid = zen_session_name() . '=' . zen_session_id(); } } } // clean up the link before processing while (strstr($link, '&&')) { $link = str_replace('&&', '&', $link); } while (strstr($link, '&&')) { $link = str_replace('&&', '&', $link); } if (0 && $gBitSystem->isFeatureActive('pretty_urls') && $search_engine_safe == true) { while (strstr($link, '&&')) { $link = str_replace('&&', '&', $link); } $link = str_replace('&', '/', $link); $link = str_replace('?', '/', $link); $link = str_replace('&', '/', $link); $link = str_replace('=', '/', $link); $separator = '?'; } if (isset($sid)) { $link .= $separator . $sid; } // clean up the link after processing while (strstr($link, '&&')) { $link = str_replace('&&', '&', $link); } $link = preg_replace('/&/', '&', $link); return $link; }
function before_process() { global $order, $db; global $sales_id, $tranid, $refapproved, $refforwarded, $errcode, $errinfo, $errlevel, $r_code, $rec_type, $x_amount, $x_tax, $x_total, $remise_cc_job_code; $sales_id = $_POST['X-S_TORIHIKI_NO']; $tranid = $_POST['X-TRANID']; $refapproved = $_POST['X-REFAPPROVED']; $refforwarded = $_POST['X-REFFORWARDED']; $errcode = $_POST['X-ERRCODE']; $errinfo = $_POST['X-ERRINFO']; $errlevel = $_POST['X-ERRLEVEL']; $r_code = $_POST['X-R_CODE']; $rec_type = $_POST['REC_TYPE']; $x_amount = $_POST['X-AMOUNT']; $x_tax = $_POST['X-TAX']; $x_total = $_POST['X-TOTAL']; //$today = date('Y-m-d H:i:s'); if (MODULE_PAYMENT_REMISE_RET == "ON") { $sql = "select * from " . TABLE_REMISE_RESULT . " where tranid='" . $tranid . "' and rec_type='RET' limit 1"; $remise_query = $db->Execute($sql); if ($remise_query->RecordCount() > 0) { $remise_values = $remise_query->fields; if ($sales_id != $remise_values['sales_id'] || $tranid != $remise_values['tranid'] || $refapproved != $remise_values['refapproved'] || $refforwarded != $remise_values['refforwarded'] || $errinfo != $remise_values['errinfo'] || $errlevel != $remise_values['errlevel'] || $r_code != $remise_values['r_code'] || $rec_type != "END" || $x_amount != $remise_values['x_amount'] || $x_tax != $remise_values['x_tax'] || $x_total != $remise_values['x_total'] || $errlevel > 0 || strlen($errlevel) == 0) { if (MODULE_PAYMENT_REMISE_RET == "ON") { $db->Execute("INSERT INTO " . TABLE_REMISE_RESULT . " VALUES('','{$sales_id}','{$tranid}','{$refapproved}','{$refforwarded}','{$errcode}','{$errinfo}','{$errlevel}','{$r_code}','{$rec_type}','{$x_amount}','{$x_tax}','{$x_total}','failed:0','','',now())"); } zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, zen_session_name() . '=' . $_POST[zen_session_name()] . '&payment_error=' . $this->code, 'SSL', false, false)); } } else { if (MODULE_PAYMENT_REMISE_RET == "ON") { $db->Execute("INSERT INTO " . TABLE_REMISE_RESULT . " VALUES('','{$sales_id}','{$tranid}','{$refapproved}','{$refforwarded}','{$errcode}','{$errinfo}','{$errlevel}','{$r_code}','{$rec_type}','{$x_amount}','{$x_tax}','{$x_total}','failed:1','" . $_SERVER['REMOTE_ADDR'] . "','" . $_SERVER['REQUEST_METHOD'] . "',now())"); } zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, zen_session_name() . '=' . $_POST[zen_session_name()] . '&payment_error=' . $this->code, 'SSL', false, false)); } } else { if ($errlevel > 0 || strlen($errlevel) == 0) { zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, zen_session_name() . '=' . $_POST[zen_session_name()] . '&payment_error=' . $this->code, 'SSL', false, false)); } } $card_info = $_POST['OPT']; $remise_cc_job_code = strtok($card_info, "<>"); if (MODULE_PAYMENT_REMISE_CARD == "ON") { $order->info['cc_type'] = strtok("<>"); $order->info['cc_owner'] = strtok("<>"); $order->info['cc_number'] = strtok("<>"); $order->info['cc_expires'] = strtok("<>"); } if ($remise_cc_job_code != MODULE_PAYMENT_REMISE_JOB_CODE) { $order_status = MODULE_PAYMENT_REMISE_ORDER_STATUS_ID_FUTEIKAN; $order->info['order_status'] = $order_status; } }
/** * Return all GET params as (usually hidden) POST params * @param array $exclude_array * @param boolean $hidden * @return string */ function zen_post_all_get_params($exclude_array = array(), $hidden = true) { if (!is_array($exclude_array)) { $exclude_array = array(); } $exclude_array = array_merge($exclude_array, array(zen_session_name(), 'error', 'x', 'y')); $fields = ''; if (is_array($_GET) && sizeof($_GET) > 0) { reset($_GET); while (list($key, $value) = each($_GET)) { if (!in_array($key, $exclude_array)) { if (!is_array($value)) { if (strlen($value) > 0) { if ($hidden) { $fields .= zen_draw_hidden_field($key, $value); } else { $fields .= zen_draw_input_field($key, $value); } } } else { foreach (array_filter($value) as $arr) { if ($hidden) { $fields .= zen_draw_hidden_field($key . '[]', $arr); } else { $fields .= zen_draw_input_field($key . '[]', $arr); } } } } } } return $fields; }
if ($is_a_bot == true) { echo ' <tr class="dataTableRowBot" onmouseout="this.className=\'dataTableRowBot\'" onclick="document.location.href=\'' . zen_href_link(FILENAME_WHOS_ONLINE, zen_get_all_get_params(array('info', 'action')) . 'info=' . zen_output_string_protected($whos_online->fields['session_id']), 'NONSSL') . '\'">' . "\n"; } else { echo ' <tr class="dataTableRowWhois" onmouseout="this.className=\'dataTableRowWhois\'" onclick="document.location.href=\'' . zen_href_link(FILENAME_WHOS_ONLINE, zen_get_all_get_params(array('info', 'action')) . 'info=' . zen_output_string_protected($whos_online->fields['session_id']), 'NONSSL') . '\'">' . "\n"; } } ?> <td class="dataTableContentWhois" colspan=3 valign="top"> <?php echo TIME_PASSED_LAST_CLICKED . '<br /> ' . zen_check_minutes($whos_online->fields['time_last_click']); ?> ago</td> <td class="dataTableContentWhois" colspan=5 valign="top"> <?php echo TEXT_SESSION_ID . zen_output_string_protected($whos_online->fields['session_id']) . '<br />' . TEXT_HOST . zen_output_string_protected($whos_online->fields['host_address']) . '<br />' . TEXT_USER_AGENT . zen_output_string_protected($whos_online->fields['user_agent']) . '<br />'; $lastURLlink = '<a href="' . zen_output_string_protected($whos_online->fields['last_page_url']) . '" target="_blank">' . '<u>' . zen_output_string_protected($whos_online->fields['last_page_url']) . '</u>' . '</a>'; if (preg_match('/^(.*)' . zen_session_name() . '=[a-f,0-9]+[&]*(.*)/i', $whos_online->fields['last_page_url'], $array)) { $lastURLlink = zen_output_string_protected($array[1] . $array[2]); } echo '<div class="last-url-link">' . $lastURLlink . '</div>'; ?> </td> </tr> <?php } // show host ?> <tr> <td colspan="8"><?php echo zen_draw_separator('pixel_trans.gif', '1', '3'); ?>
/** * Build the data and actions to process when the "Submit" button is pressed on the order-confirmation screen. * This sends the data to the payment gateway for processing. * (These are hidden fields on the checkout confirmation page) * * @return string */ function process_button() { $process_button_string = zen_draw_hidden_field('bank_aba_code', substr(zen_db_prepare_input($_POST['authorizenet_echeck_bank_aba_code']), 0, 9)) . zen_draw_hidden_field('bank_acct_num', substr(zen_db_prepare_input($_POST['authorizenet_echeck_bank_acct_num']), 0, 20)) . zen_draw_hidden_field('bank_acct_type', zen_db_prepare_input($_POST['authorizenet_echeck_bank_acct_type'])) . zen_draw_hidden_field('bank_name', substr(zen_db_prepare_input($_POST['authorizenet_echeck_bank_name']), 0, 50)) . zen_draw_hidden_field('bank_acct_name', substr(zen_db_prepare_input($_POST['authorizenet_echeck_bank_accountholder']), 0, 100)); if (MODULE_PAYMENT_AUTHORIZENET_ECHECK_WFSS_ENABLED == 'True') { $process_button_string .= zen_draw_hidden_field('echeck_customer_type', substr(zen_db_prepare_input($_POST['echeck_customer_type']), 0, 10)); $process_button_string .= zen_draw_hidden_field('echeck_customer_tax_id', substr(zen_db_prepare_input($_POST['echeck_customer_tax_id']), 0, 9)); $process_button_string .= zen_draw_hidden_field('echeck_dl_num', substr(zen_db_prepare_input($_POST['echeck_dl_num']), 0, 50)); $process_button_string .= zen_draw_hidden_field('echeck_dl_state', substr(zen_db_prepare_input($_POST['echeck_dl_state']), 0, 2)); $process_button_string .= zen_draw_hidden_field('echeck_dl_dob', substr(zen_db_prepare_input($_POST['echeck_dl_dob']), 0, 16)); } $process_button_string .= zen_draw_hidden_field(zen_session_name(), zen_session_id()); return $process_button_string; }
* @version $Id: init_sessions.php 3001 2006-02-09 21:45:06Z wilt $ */ if (!defined('IS_ADMIN_FLAG')) { die('Illegal Access'); } /** * Session ID is always sent and received by using Cookie. * This is measures of Session Fixation vulnerability. */ if (SESSION_FORCE_COOKIE_USE == 'True') { ini_set("session.use_only_cookies", "1"); ini_set("session.use_cookies", "1"); ini_set("session.use_trans_sid", "0"); } // define how the session functions will be used require DIR_FS_CATALOG . DIR_WS_FUNCTIONS . 'strict_sessions.php'; if (SESSION_USE_FQDN == 'False') { $current_domain = '.' . $current_domain; } zen_session_name('zenAdminID'); zen_session_save_path(SESSION_WRITE_DIRECTORY); // set the session cookie parameters // if (function_exists('session_set_cookie_params')) { session_set_cookie_params(0, '/', zen_not_null($current_domain) ? $current_domain : ''); // } elseif (function_exists('ini_set')) { // @ini_set('session.cookie_lifetime', '0'); // @ini_set('session.cookie_path', DIR_WS_ADMIN); // } // lets start our session zen_session_start(); $session_started = true;
function zcInstallAddSID($connection = '') { global $request_type, $session_started, $http_domain, $https_domain; $sid = ''; if ($connection == '') { $connection = $request_type; } // Add the session ID when moving from different HTTP and HTTPS servers, or when SID is defined if ($session_started == true) { if (defined('SID') && zen_not_null(SID)) { $sid = SID; } elseif ($request_type == 'NONSSL' && $connection == 'SSL' || $request_type == 'SSL' && $connection == 'NONSSL') { if ($http_domain != $https_domain) { $sid = zen_session_name() . '=' . zen_session_id(); } } } return $sid == '' ? '' : '&' . zen_output_string($sid); }
<?php echo zen_draw_form('currencies', zen_href_link(basename(ereg_replace('.php', '', $PHP_SELF)), '', $request_type, false), 'get'); ?> <?php if (isset($currencies) && is_object($currencies)) { reset($currencies->currencies); $currencies_array = array(); while (list($key, $value) = each($currencies->currencies)) { $currencies_array[] = array('id' => $key, 'text' => $value['title']); } $hidden_get_variables = ''; reset($_GET); while (list($key, $value) = each($_GET)) { if ($key != 'currency' && $key != zen_session_name() && $key != 'x' && $key != 'y') { $hidden_get_variables .= zen_draw_hidden_field($key, $value); } } } echo zen_draw_pull_down_menu('currency', $currencies_array, $_SESSION['currency'], ' onchange="this.form.submit();"') . $hidden_get_variables . zen_hide_session_id(); ?> </form> </div> <!-- nav_currencies --> <div class="clearBoth"></div>
/** * Build the data and actions to process when the "Submit" button is pressed on the order-confirmation screen. * This sends the data to the payment gateway for processing. * (These are hidden fields on the checkout confirmation page) * * @return string */ function process_button() { global $db, $order, $currencies, $currency; $this->totalsum = $order->info['total']; // save the session stuff permanently in case paypal loses the session $db->Execute("delete from " . TABLE_PAYPAL_SESSION . " where session_id = '" . session_id() . "'"); $sql = "insert into " . TABLE_PAYPAL_SESSION . " (session_id, saved_session, expiry) values (\r\n '" . session_id() . "',\r\n '" . base64_encode(serialize($_SESSION)) . "',\r\n '" . (time() + 1 * 60 * 60 * 24 * 2) . "')"; $db->Execute($sql); if (MODULE_PAYMENT_PAYPAL_CURRENCY == 'Selected Currency') { $my_currency = $_SESSION['currency']; } else { $my_currency = substr(MODULE_PAYMENT_PAYPAL_CURRENCY, 5); } if (!in_array($my_currency, array('CAD', 'EUR', 'GBP', 'JPY', 'USD', 'AUD'))) { $my_currency = 'USD'; } $telephone = preg_replace('/\\D/', '', $order->customer['telephone']); $process_button_string = zen_draw_hidden_field('business', MODULE_PAYMENT_PAYPAL_BUSINESS_ID) . zen_draw_hidden_field('cmd', '_ext-enter') . zen_draw_hidden_field('return', zen_href_link(FILENAME_CHECKOUT_PROCESS, 'referer=paypal', 'SSL')) . zen_draw_hidden_field('cancel_return', zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')) . zen_draw_hidden_field('notify_url', zen_href_link('ipn_main_handler.php', '', 'SSL', false, false, true)) . zen_draw_hidden_field('rm', MODULE_PAYMENT_PAYPAL_RM) . zen_draw_hidden_field('currency_code', $my_currency) . zen_draw_hidden_field('bn', 'zencart') . zen_draw_hidden_field('mrb', 'R-6C7952342H795591R') . zen_draw_hidden_field('pal', '9E82WJBKKGPLQ') . zen_draw_hidden_field('cbt', MODULE_PAYMENT_PAYPAL_CBT) . zen_draw_hidden_field('image_url', MODULE_PAYMENT_PAYPAL_IMAGE_URL) . zen_draw_hidden_field('page_style', MODULE_PAYMENT_PAYPAL_PAGE_STYLE) . zen_draw_hidden_field('item_name', STORE_NAME) . zen_draw_hidden_field('item_number', '1') . zen_draw_hidden_field('lc', $order->customer['country']['iso_code_2']) . zen_draw_hidden_field('amount', number_format($this->totalsum * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency))) . zen_draw_hidden_field('shipping', '0.00') . zen_draw_hidden_field('custom', zen_session_name() . '=' . zen_session_id()) . zen_draw_hidden_field('upload', sizeof($order->products)) . zen_draw_hidden_field('redirect_cmd', '_xclick') . zen_draw_hidden_field('first_name', $order->customer['lastname']) . zen_draw_hidden_field('last_name', $order->customer['firstname']) . zen_draw_hidden_field('address1', $order->customer['street_address']) . zen_draw_hidden_field('city', $order->customer['city']) . zen_draw_hidden_field('state', zen_get_zone_code($order->customer['country']['id'], $order->customer['zone_id'], $order->customer['zone_id'])) . zen_draw_hidden_field('zip', $order->customer['postcode']) . zen_draw_hidden_field('country', $order->customer['country']['iso_code_2']) . zen_draw_hidden_field('email', $order->customer['email_address']) . zen_draw_hidden_field('night_phone_a', substr($telephone, 0, 3)) . zen_draw_hidden_field('night_phone_b', substr($telephone, 3, 3)) . zen_draw_hidden_field('night_phone_c', substr($telephone, 6, 4)) . zen_draw_hidden_field('day_phone_a', substr($telephone, 0, 3)) . zen_draw_hidden_field('day_phone_b', substr($telephone, 3, 3)) . zen_draw_hidden_field('day_phone_c', substr($telephone, 6, 4)) . zen_draw_hidden_field('paypal_order_id', $paypal_order_id); return $process_button_string; }
/** * Build the data and actions to process when the "Submit" button is pressed on the order-confirmation screen. * This sends the data to the payment gateway for processing. * (These are hidden fields on the checkout confirmation page) * * @return string */ function process_button() { global $db, $order, $currencies, $currency; $options = array(); $optionsCore = array(); $optionsPhone = array(); $optionsShip = array(); $optionsLineItems = array(); $optionsAggregate = array(); $optionsTrans = array(); $buttonArray = array(); // save the session stuff permanently in case paypal loses the session $_SESSION['ppipn_key_to_remove'] = session_id(); $db->Execute("delete from " . TABLE_PAYPAL_SESSION . " where session_id = '" . zen_db_input($_SESSION['ppipn_key_to_remove']) . "'"); $sql = "insert into " . TABLE_PAYPAL_SESSION . " (session_id, saved_session, expiry) values (\n '" . zen_db_input($_SESSION['ppipn_key_to_remove']) . "',\n '" . base64_encode(serialize($_SESSION)) . "',\n '" . (time() + 1 * 60 * 60 * 24 * 2) . "')"; $db->Execute($sql); $my_currency = select_pp_currency(); $this->transaction_currency = $my_currency; $this->totalsum = $order->info['total'] = zen_round($order->info['total'], 2); $this->transaction_amount = zen_round($this->totalsum * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency)); $telephone = preg_replace('/\\D/', '', $order->customer['telephone']); if ($telephone != '') { $optionsPhone['H_PhoneNumber'] = $telephone; if (in_array($order->customer['country']['iso_code_2'], array('US', 'CA'))) { $optionsPhone['night_phone_a'] = substr($telephone, 0, 3); $optionsPhone['night_phone_b'] = substr($telephone, 3, 3); $optionsPhone['night_phone_c'] = substr($telephone, 6, 4); $optionsPhone['day_phone_a'] = substr($telephone, 0, 3); $optionsPhone['day_phone_b'] = substr($telephone, 3, 3); $optionsPhone['day_phone_c'] = substr($telephone, 6, 4); } else { $optionsPhone['night_phone_b'] = $telephone; $optionsPhone['day_phone_b'] = $telephone; } } $optionsCore = array('lc' => $this->getLanguageCode(), 'charset' => CHARSET, 'page_style' => MODULE_PAYMENT_PAYPAL_PAGE_STYLE, 'custom' => zen_session_name() . '=' . zen_session_id(), 'business' => MODULE_PAYMENT_PAYPAL_BUSINESS_ID, 'return' => zen_href_link(FILENAME_CHECKOUT_PROCESS, 'referer=paypal', 'SSL'), 'cancel_return' => zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'), 'shopping_url' => zen_href_link(FILENAME_SHOPPING_CART, '', 'SSL'), 'notify_url' => zen_href_link('ipn_main_handler.php', '', 'SSL', false, false, true), 'redirect_cmd' => '_xclick', 'rm' => 2, 'bn' => 'CNZcart_Cart_EC', 'mrb' => 'R-4DM17246PS436904F', 'pal' => 'GR5QUVVL9AFGN'); $optionsCust = array('first_name' => replace_accents($order->customer['firstname']), 'last_name' => replace_accents($order->customer['lastname']), 'address1' => replace_accents($order->customer['street_address']), 'city' => replace_accents($order->customer['city']), 'state' => zen_get_zone_code($order->customer['country']['id'], $order->customer['zone_id'], $order->customer['state']), 'zip' => $order->customer['postcode'], 'country' => $order->customer['country']['iso_code_2'], 'email' => $order->customer['email_address']); // address line 2 is optional if ($order->customer['suburb'] != '') { $optionsCust['address2'] = $order->customer['suburb']; } // different format for Japanese address layout: if ($order->customer['country']['iso_code_2'] == 'JP') { $optionsCust['zip'] = substr($order->customer['postcode'], 0, 3) . '-' . substr($order->customer['postcode'], 3); } if (MODULE_PAYMENT_PAYPAL_ADDRESS_REQUIRED == 2) { $optionsCust = array('first_name' => replace_accents($order->delivery['firstname'] != '' ? $order->delivery['firstname'] : $order->billing['firstname']), 'last_name' => replace_accents($order->delivery['lastname'] != '' ? $order->delivery['lastname'] : $order->billing['lastname']), 'address1' => replace_accents($order->delivery['street_address'] != '' ? $order->delivery['street_address'] : $order->billing['street_address']), 'city' => replace_accents($order->delivery['city'] != '' ? $order->delivery['city'] : $order->billing['city']), 'state' => $order->delivery['country']['id'] != '' ? zen_get_zone_code($order->delivery['country']['id'], $order->delivery['zone_id'], $order->delivery['state']) : zen_get_zone_code($order->billing['country']['id'], $order->billing['zone_id'], $order->billing['state']), 'zip' => $order->delivery['postcode'] != '' ? $order->delivery['postcode'] : $order->billing['postcode'], 'country' => $order->delivery['country']['title'] != '' ? $order->delivery['country']['title'] : $order->billing['country']['title'], 'country_code' => $order->delivery['country']['iso_code_2'] != '' ? $order->delivery['country']['iso_code_2'] : $order->billing['country']['iso_code_2'], 'email' => $order->customer['email_address']); if ($order->delivery['suburb'] != '') { $optionsCust['address2'] = $order->delivery['suburb']; } if ($order->delivery['country']['iso_code_2'] == 'JP') { $optionsCust['zip'] = substr($order->delivery['postcode'], 0, 3) . '-' . substr($order->delivery['postcode'], 3); } } $optionsShip['no_shipping'] = MODULE_PAYMENT_PAYPAL_ADDRESS_REQUIRED; if (MODULE_PAYMENT_PAYPAL_ADDRESS_OVERRIDE == '1') { $optionsShip['address_override'] = MODULE_PAYMENT_PAYPAL_ADDRESS_OVERRIDE; } // prepare cart contents details where possible if (MODULE_PAYMENT_PAYPAL_DETAILED_CART == 'Yes') { $optionsLineItems = ipn_getLineItemDetails($my_currency); } if (sizeof($optionsLineItems) > 0) { $optionsLineItems['cmd'] = '_cart'; // $optionsLineItems['num_cart_items'] = sizeof($order->products); if (isset($optionsLineItems['shipping'])) { $optionsLineItems['shipping_1'] = $optionsLineItems['shipping']; unset($optionsLineItems['shipping']); } unset($optionsLineItems['subtotal']); // if line-item details couldn't be kept due to calculation mismatches or discounts etc, default to aggregate mode if (!isset($optionsLineItems['item_name_1']) || $optionsLineItems['creditsExist'] == TRUE) { $optionsLineItems = array(); } // if ($optionsLineItems['amount'] != $this->transaction_amount) $optionsLineItems = array(); // debug: // ipn_debug_email('Line Item Details (if blank, this means there was a data mismatch or credits applied, and thus bypassed): ' . "\n" . print_r($optionsLineItems, true)); unset($optionsLineItems['creditsExist']); } $optionsAggregate = array('cmd' => '_ext-enter', 'item_name' => MODULE_PAYMENT_PAYPAL_PURCHASE_DESCRIPTION_TITLE, 'item_number' => MODULE_PAYMENT_PAYPAL_PURCHASE_DESCRIPTION_ITEMNUM, 'amount' => number_format($this->transaction_amount, $currencies->get_decimal_places($my_currency)), 'shipping' => '0.00'); if (MODULE_PAYMENT_PAYPAL_TAX_OVERRIDE == 'true') { $optionsAggregate['tax'] = '0.00'; } if (MODULE_PAYMENT_PAYPAL_TAX_OVERRIDE == 'true') { $optionsAggregate['tax_cart'] = '0.00'; } $optionsTrans = array('upload' => (int) (sizeof($order->products) > 0), 'currency_code' => $my_currency); // if line-item info is invalid, use aggregate: if (sizeof($optionsLineItems) > 0) { $optionsAggregate = $optionsLineItems; } if (defined('MODULE_PAYMENT_PAYPAL_LOGO_IMAGE')) { $optionsCore['cpp_logo_image'] = urlencode(MODULE_PAYMENT_LOGO_IMAGE); } if (defined('MODULE_PAYMENT_PAYPAL_CART_BORDER_COLOR')) { $optionsCore['cpp_cart_border_color'] = MODULE_PAYMENT_PAYPAL_CART_BORDER_COLOR; } // prepare submission $options = array_merge($optionsCore, $optionsCust, $optionsPhone, $optionsShip, $optionsTrans, $optionsAggregate); // ipn_debug_email('Keys for submission: ' . print_r($options, true)); // build the button fields foreach ($options as $name => $value) { // remove quotation marks $value = str_replace('"', '', $value); // check for invalid chars if (preg_match('/[^a-zA-Z_0-9]/', $name)) { ipn_debug_email('datacheck - ABORTING - preg_match found invalid submission key: ' . $name . ' (' . $value . ')'); break; } // do we need special handling for & and = symbols? // if (strpos($value, '&') !== false || strpos($value, '=') !== false) $value = urlencode($value); $buttonArray[] = zen_draw_hidden_field($name, $value); } $process_button_string = "\n" . implode("\n", $buttonArray) . "\n"; $_SESSION['paypal_transaction_info'] = array($this->transaction_amount, $this->transaction_currency); return $process_button_string; }
function display_links($query_numrows, $max_rows_per_page, $max_page_links, $current_page_number, $parameters = '', $page_name = 'page') { if (zen_not_null($parameters) && substr($parameters, -1) != '&') { $parameters .= '&'; } // calculate number of pages needing links $num_pages = ceil($query_numrows / $max_rows_per_page); $pages_array = array(); for ($i = 1; $i <= $num_pages; $i++) { $pages_array[] = array('id' => $i, 'text' => $i); } if ($num_pages > 1) { $display_links = zen_draw_form_admin('pages', basename($_SERVER['SCRIPT_NAME']), '', 'get'); $display_links .= '<ul class="pagination">'; if ($current_page_number > 1) { $display_links .= '<li><a href="' . zen_href_link_admin(basename($_SERVER['SCRIPT_NAME']), $parameters . $page_name . '=' . ($current_page_number - 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_PREV . '</a></li>'; } else { $display_links .= '<li><a href="#">«</a></li>'; } $display_links .= sprintf(TEXT_RESULT_PAGE, zen_draw_pull_down_menu($page_name, $pages_array, $current_page_number, 'onChange="this.form.submit();"'), $num_pages); if ($current_page_number < $num_pages && $num_pages != 1) { $display_links .= '<li><a href="' . zen_href_link_admin(basename($_SERVER['SCRIPT_NAME']), $parameters . $page_name . '=' . ($current_page_number + 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_NEXT . '</a></li>'; } else { $display_links .= '<li><a href="#">»</a></li>'; } if ($parameters != '') { if (substr($parameters, -1) == '&') { $parameters = substr($parameters, 0, -1); } $pairs = explode('&', $parameters); while (list(, $pair) = each($pairs)) { list($key, $value) = explode('=', $pair); $display_links .= zen_draw_hidden_field(rawurldecode($key), rawurldecode($value)); } } if (SID) { $display_links .= zen_draw_hidden_field(zen_session_name(), zen_session_id()); } $display_links .= '</ul>'; $display_links .= '</form>'; } else { $display_links = sprintf(TEXT_RESULT_PAGE, $num_pages, $num_pages); } return $display_links; }
function zen_get_all_get_params($exclude_array = '') { global $_GET; if ($exclude_array == '') { $exclude_array = array(); } $get_url = ''; reset($_GET); while (list($key, $value) = each($_GET)) { if ($key != zen_session_name() && $key != 'error' && !in_array($key, $exclude_array)) { $get_url .= $key . '=' . $value . '&'; } } return $get_url; }
} else { if ($is_a_bot == true) { echo ' <tr class="dataTableRowBot" onmouseover="this.className=\'dataTableRowOverBot\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRowBot\'" onclick="document.location.href=\'' . zen_href_link(FILENAME_WHOS_ONLINE, zen_get_all_get_params(array('info', 'action')) . 'info=' . $whos_online->fields['session_id'], 'NONSSL') . '\'">' . "\n"; } else { echo ' <tr class="dataTableRowWhois" onmouseover="this.className=\'dataTableRowOverWhois\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRowWhois\'" onclick="document.location.href=\'' . zen_href_link(FILENAME_WHOS_ONLINE, zen_get_all_get_params(array('info', 'action')) . 'info=' . $whos_online->fields['session_id'], 'NONSSL') . '\'">' . "\n"; } } ?> <td class="dataTableContentWhois" colspan=3 valign="top"> <?php echo TIME_PASSED_LAST_CLICKED . '<br /> ' . zen_check_minutes($whos_online->fields['time_last_click']); ?> ago</td> <td class="dataTableContentWhois" colspan=5 valign="top"> <?php echo TEXT_SESSION_ID . $whos_online->fields['session_id'] . '<br />' . TEXT_HOST . $whos_online->fields['host_address'] . '<br />' . TEXT_USER_AGENT . $whos_online->fields['user_agent'] . '<br />'; if (eregi('^(.*)' . zen_session_name() . '=[a-f,0-9]+[&]*(.*)', $whos_online->fields['last_page_url'], $array)) { echo $array[1] . $array[2]; } else { echo "<a href='" . $whos_online->fields['last_page_url'] . "' target=new>" . '<u>' . $whos_online->fields['last_page_url'] . '</u>' . "</a>"; } ?> </td> </tr> <?php } // show host ?> <tr> <td colspan="8"><?php echo zen_draw_separator('pixel_trans.gif', '1', '3');
function process_button() { $process_button_string = zen_draw_hidden_field('cc_owner', $_POST['linkpoint_api_cc_owner']) . zen_draw_hidden_field('cc_expires', $this->cc_expiry_month . substr($this->cc_expiry_year, -2)) . zen_draw_hidden_field('cc_expires_month', $this->cc_expiry_month) . zen_draw_hidden_field('cc_expires_year', substr($this->cc_expiry_year, -2)) . zen_draw_hidden_field('cc_type', $this->cc_card_type) . zen_draw_hidden_field('cc_number', $this->cc_card_number) . zen_draw_hidden_field('cc_cvv', $_POST['linkpoint_api_cc_cvv']); $process_button_string .= zen_draw_hidden_field(zen_session_name(), zen_session_id()); return $process_button_string; }