/**
* @return relative URL path to Root URL with slash included if needed
* It is calculated based on location of file relative to root_dir
* If called not from a file within aMember root, root_surl will be
* returned
*/
function smarty_function_root_url($params, &$smarty)
{
$rd = ROOT_DIR;
$fn = normalizePath(dirname(array_shift(get_included_files())));
// filename of the script
if (($c = strpos($fn, $rd)) === FALSE) {
return amConfig('root_surl');
}
$fn = substr($fn, $c + strlen($rd) + 1);
if ($fn == '') {
return '';
}
$fnn = '';
foreach (explode('/', $fn) as $f) {
$fnn .= '../';
}
return $fnn;
}
function load_states_from_file()
{
print "Loading states from file...";
ob_end_flush();
$d =& amDb();
$prefix = amConfig('db.mysql.prefix');
$sql = file_get_contents(ROOT_DIR . '/sql-states.sql');
$sql = str_replace('@DB_MYSQL_PREFIX@', $prefix, $sql);
$d->query($sql);
$c = $d->selectCell("SELECT COUNT(*) FROM ?_states");
print "[{$c}] imported OK<br />\n";
ob_end_flush();
}
<?php
include_once "../../../config.inc.php";
include_once dirname(__FILE__) . "/TwocheckoutAPI.inc.php";
$this_config = amConfig('payment.twocheckout_r');
if (!$this_config['api_username']) {
fatal_error("Feature is not enabled");
}
$vars = get_input_vars();
$t =& new_smarty();
//Validate info that was submited
settype($vars['payment_id'], 'integer');
if (!$vars['payment_id']) {
fatal_error("Payment_id empty");
}
$payment = $db->get_payment($vars['payment_id']);
if ($payment['member_id'] != $vars['member_id']) {
fatal_error(_PLUG_PAY_CC_CORE_FERROR4);
}
if ($payment['paysys_id'] != 'twocheckout_r') {
fatal_error('Incorrect paysys_id');
}
$member = $db->get_user($vars['member_id']);
//Validate hash
if (md5($member['pass'] . $vars['action'] . $member['member_id'] * 12) != $vars['v']) {
fatal_error(_PLUG_PAY_CC_CORE_FERROR1);
}
$twocheckoutAPI = new TwocheckoutAPI($this_config['api_username'], $this_config['api_password']);
//get info about invoice
$params = array('sale_id' => $payment['receipt_id']);
$resp = $twocheckoutAPI->detail_sale($params);
function show_config_edit_field(&$field, &$vars)
{
$fname = $field['name'];
$val = $vars[$fname];
if ($func = $field['get_func']) {
$field['edit'] = $func($field, $vars);
$field['special_edit']++;
return;
}
switch ($ftype = $field['type']) {
case 'text':
case 'integer':
if ($ftype == 'integer') {
$size = 5;
} else {
$size = 30;
if ($field['params']['size']) {
$size = $field['params']['size'];
}
}
if (!strlen($val)) {
$val = $field['params']['default'];
}
$val = htmlspecialchars($val, ENT_QUOTES, 'UTF-8');
$field['edit'] = "\n <input type=text name=\"{$fname}\" \n value=\"{$val}\" size={$size} maxlength=255>\n ";
break;
case 'dbprefix':
$r = split('\\.', $field['name']);
$field['edit'] = "";
if (!strlen($val)) {
$val = $field['params']['default'];
}
$val = htmlspecialchars($val, ENT_QUOTES);
$hideDbText = '';
if ($r[0] == 'protect' && $r[1] && class_exists($class = 'protect_' . $r[1])) {
$obj =& new $class(amConfig('protect.' . $r[1]));
$options = "";
foreach ($dbs = $obj->guess_db_settings() as $s) {
$sel = $val == $s ? 'selected' : '';
if ($val == $s) {
$hideDbText = true;
}
$options .= "<option {$sel}>" . htmlentities($s) . "</option>\n";
}
$user = amConfig('db.mysql.user');
$field['edit'] = <<<CUT
<b>Auto-detected values for the field:</b><br />
<small>if there are no choices, it means that your third-party<br />
script database is unaccessible with aMember MySQL settings. You<br />
can fix it by going to Webhosting Control Panel -> MySQL Databases<br />
and allowing access to your third-party script table for aMember's <br />
Mysql user (<b>{$user}</b>), or your can specify MySQL database user,<br />
hostname and password on this page specially for use with <br />
the integration plugin and press <b>Save</b> button to see new choices.<br />
</small>
<select id='s_db' name="{$fname}" onchange="this.selectedIndex ? \$('#f_db').hide().attr('disabled', 1) : \$('#f_db').show().attr('disabled', 0)">
<option value=''>** Use Text Field **</option>
{$options}
</select>
<br /><br />
CUT;
}
if ($hideDbText) {
$hideDbText = 'style="display: none;" disabled="disabled"';
}
$field['edit'] .= "\n <input type=text name=\"{$fname}\" id='f_db' {$hideDbText}\n value=\"{$val}\" size={$size} maxlength=255>\n ";
break;
case 'color':
if ($ftype == 'integer') {
$size = 5;
}
if (!strlen($val)) {
$val = $field['params']['default'];
}
$val = htmlspecialchars($val, ENT_QUOTES);
$field['edit'] = "\n <input type=text name=\"{$fname}\" style='behavior: url(ColorPick.htc)'\n value=\"{$val}\" size={$size} maxlength=255\n onchange=\"document.getElementById('{$fname}'+'span').style.background=this.value\"\n onkeyup=\"document.getElementById('{$fname}'+'span').style.background=this.value\"\n >\n \n <span id='{$fname}span' style='font-size: 16pt; background-color: {$val}'> </span>\n ";
break;
case 'textarea':
$cols = 40;
$rows = 4;
if ($field['params']['rows']) {
$rows = $field['params']['rows'];
}
if ($field['params']['cols']) {
$cols = $field['params']['cols'];
}
if (!strlen($val)) {
$val = $field['params']['default'];
}
$val = htmlspecialchars($val, ENT_QUOTES);
$field['edit'] = "\n <textarea name=\"{$fname}\" cols={$cols} rows={$rows}>{$val}</textarea>\n ";
break;
case 'password':
case 'password_c':
$size = 10;
$field['edit'] = "\n <input type=password name=\"{$fname}\" \n size={$size} maxlength=255>\n <input type=password name=\"{$fname}_confirm\" \n size={$size} maxlength=255>\n <br /><small>enter password and confirmation><br />\n keep empty if you don't want change it</small>\n ";
break;
case 'select':
case 'multi_select':
if ($ftype == 'multi_select') {
$multi = 1;
}
if (!isset($vars[$fname])) {
$val = $field['params']['default'];
}
$options = "";
foreach ($field['params']['options'] as $k => $v) {
$k = htmlspecialchars($k, ENT_QUOTES);
$v = htmlspecialchars($v, ENT_QUOTES);
$sel = $multi ? in_array($k, (array) $val) : $val == $k ? 'selected' : '';
$options .= "<option value=\"{$k}\" {$sel}>{$v}";
}
$multiple = $multi ? 'multiple' : '';
$fname = $multi ? $fname . "[]" : $fname;
$size = $multi ? min(10, count($field['params']['options'])) : 1;
$field['edit'] = "<select name=\"{$fname}\" size={$size} {$multiple}>\n {$options}\n </select>\n ";
break;
case 'checkbox':
if (!isset($vars[$fname])) {
$val = $field['params']['default'];
}
$checked = $val ? 'checked' : '';
$field['edit'] = "<input type='hidden' name='{$fname}' value='' />\n <input style='border-width: 0px;' type='checkbox' name='{$fname}' value='1' {$checked} />\n ";
break;
case 'multi_checkbox':
if (!isset($vars[$fname])) {
$val = $field['params']['default'];
}
$size = $field['params']['size'];
if (!$size) {
$size = '5em';
}
$field['edit'] = "<div class='checkbox_list' style='height: {$size};'>\n <table class='checkbox_list'>\n \n";
$i = -1;
foreach ($field['params']['options'] as $k => $v) {
$i++;
$k = htmlspecialchars($k, ENT_QUOTES);
$v = htmlspecialchars($v, ENT_QUOTES);
$sel = in_array($k, (array) $val) ? 'checked' : '';
$class = $sel ? 'sel' : '';
$field['edit'] .= "\n <tr><td class='{$class}' nowrap='nowrap' id='td_{$fname}_{$i}'><label for='{$fname}_{$i}'>\n <input type='checkbox' id='{$fname}_{$i}' name='{$fname}[]' value='{$k}' {$sel}\n onclick='document.getElementById(\"td_{$fname}_{$i}\").className = this.checked ? \"sel\" : \"\";'>\n {$v}</label></td></tr>\n ";
}
$field['edit'] .= "</table></div>";
break;
}
}
function get_warnings()
{
global $db, $config, $member_additional_fields, $plugins, $plugin_error;
$warn = array();
if ($config['db_version'] < $config['require_db_version'] && $config['require_db_version']) {
$warn[] = "Please upgrade your SQL database, upload latest file amember/amember.sql \n then run <a href='{$config['root_url']}/admin/upgrade_db.php' target=_blank>upgrade script</a><br />\n Your database has version [{$config['db_version']}], your aMember requires [{$config['require_db_version']}]";
}
if (defined("INCREMENTAL_CONTENT_PLUGIN") && !function_exists('get_incremental_plugin_files')) {
$warn[] = 'You have outdated version of Incremental Content plugin installed.
Please download latest plugin version from your account
<a href="http://www.amember.com/amember/member.php">account</a>
and reupload all files from the plugin package into your
/amember/plugins/protect/incremental_content/ folder
(replace existing files). If you need help with this contact us in
<a href="http://www.amember.com/support/">helpdesk</a>.';
}
///check for configuration problems
foreach ($member_additional_fields as $f) {
if ($f['name'] == 'cc') {
$has_cc_fields++;
}
}
if ((function_exists('cc_core_init') || $has_cc_fields) && !$config['use_cron']) {
$warn[] = "Enable and configure external cron (<a href=\"setup.php?notebook=Advanced\" target=_blank>aMember CP -> Setup -> Advanced</a>) if you are using credit card payment plugins";
if (!amConfig('agreed_cc_warning') && $_GET['agreed_cc_warning'] == '') {
$t =& new_smarty();
$t->display('admin/cc_warning.html');
exit;
}
}
$q = $db->query("SELECT UNIX_TIMESTAMP(MAX(time)) FROM {$db->config[prefix]}cron_run");
list($t) = mysql_fetch_row($q);
$diff = time() - $t;
$tt = $t ? strftime('at ' . $config['time_format'], $t) : "NEVER (oops! no records that it has been running at all!)";
if ($diff > 24 * 3600) {
$warn[] = "Cron job has been running last time {$tt}, it is more than 24 hours before.<br />\n Most possible external cron job has been set incorrectly. It may cause very serious problems with the script";
}
////
if (!count($db->get_products_list())) {
$warn[] = "You have not added any products, your signup forms will not work until you <a href='products.php'>add at least one product</a>";
}
//
if ($has_cc_fields || function_exists('cc_core_init')) {
if (!extension_loaded("curl") && !$config['curl']) {
$warn[] = "You must <a href='setup.php'>enter cURL path into settings</a>, because your host doesn't have built-in cURL functions.";
}
}
// check for license expiration
if (!function_exists('is_trial') || !is_trial()) {
global $_amember_license;
$tm1 = strtotime($_amember_license['expire']);
$tm2 = time();
$df = round(($tm1 - $tm2) / (3600 * 24));
if ($df >= 0 && $df <= 25) {
define('AMEMBER_LICENSE_EXPIRES_SOON', $df);
$t = strftime($config['date_format'], $tm1);
$warn[] = "Your aMember license key will expire within {$df} days ({$t}).\n Please login into <a href='https://www.amember.com/amember/member.php' target=_blank>members area</a>,\n get your lifetime license (it is FREE) and paste it to \n \"aMember CP -> Setup -> License\"";
}
}
//check protect plugins setup
foreach ($plugins['protect'] as $plugin_name) {
$func = "check_setup_" . $plugin_name;
if (function_exists($func)) {
$res = $func();
if ($res) {
$warn[] = $res;
}
}
//check if $plugin_error[$plugin_name] not same as result of "check_setup_" . $plugin_name
if (trim($plugin_error[$plugin_name]) && trim($res) != trim($plugin_error[$plugin_name])) {
$warn[] = ucfirst($plugin_name) . " plugin error: " . $plugin_error[$plugin_name];
}
}
return $warn;
}
function guess_db_settings()
{
if (!$this->guess_table_pattern || !$this->guess_fields_pattern) {
return array();
}
if ($this->config['user'] == '' || $this->config['host'] == '' || isset($this->config['other_db']) && !$this->config['other_db']) {
$config = amConfig('db.mysql');
} else {
$config = $this->config;
/// lets get name of first available database just for DbSimple
/// because it does not work without database name
$c = @mysql_connect($config['host'], $config['user'], $config['pass']);
if (!$c) {
return false;
}
$q = mysql_query("SHOW DATABASES", $c);
list($db) = mysql_fetch_row($q);
if ($db == '') {
return false;
}
$config['db'] = $db;
}
$c = connectMysql($config);
if ($c->error) {
return false;
}
$c->setErrorHandler(null);
$res = array();
foreach ($dbs = $c->selectCol("SHOW DATABASES") as $dbname) {
$tables = $c->selectCol("SHOW TABLES FROM {$dbname} LIKE '%{$this->guess_table_pattern}'");
if (is_array($tables)) {
foreach ($tables as $t) {
// check fields here
$info = $c->select("SHOW COLUMNS FROM {$dbname}.{$t}");
$infostr = "";
if (is_array($info)) {
foreach ($info as $k => $v) {
$infostr .= join(';', $v) . "\n";
}
}
$wrong = 0;
foreach ($this->guess_fields_pattern as $pat) {
if (!preg_match('|^' . $pat . '|m', $infostr)) {
$wrong++;
}
}
if ($wrong) {
continue;
}
$res[] = $dbname . '.' . substr($t, 0, -strlen($this->guess_table_pattern));
}
}
}
return $res;
}
function insert_google_analytics(&$source, $resource_name, $smarty)
{
global $db;
static $_ga_tracked, $_ga_tracked_sale;
$ga = htmlentities(amConfig('google_analytics'));
if (!$_ga_tracked) {
$out = <<<CUT
<!-- google analytics code start (insert_google_analytics()) -->
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var pageTracker = _gat._getTracker("{$ga}");
pageTracker._trackPageview();
CUT;
} else {
$out = <<<CUT
<!-- google analytics sale start (insert_google_analytics()) -->
<script type="text/javascript">
CUT;
}
if ($resource_name == 'thanks.html' && ($p = $smarty->get_template_vars('payment')) && $p['amount'] && $p['completed']) {
$_ga_tracked++;
if ($_ga_tracked_sale++) {
return;
}
if (!$p['data']['0']['BASKET_PRICES']) {
$p['data']['0']['BASKET_PRICES'] = array($p['product_id'] => $p['amount']);
}
foreach ($p['data']['0']['BASKET_PRICES'] as $pid => $price) {
$pr = $db->get_product($pid);
$pr['subtotal'] = $pr['trial1_price'] ? $pr['trial1_price'] : $pr['price'];
$subtotal += $pr['subtotal'];
$receipt_products[$pid] = $pr;
}
$user = $db->get_user($p['member_id']);
$total = array_sum($p['data']['0']['BASKET_PRICES']);
$city = escape_for_js($user['city']);
$state = escape_for_js($user['state']);
$country = escape_for_js($user['country']);
$payment_id = $p['payment_id'];
$tax_amount = $p['tax_amount'];
$out .= <<<CUT
pageTracker._addTrans(
"{$payment_id}", "", "{$total}","{$tax_amount}", "",
"{$city}", "{$state}", "{$country}"
);
CUT;
foreach ($receipt_products as $pr) {
$product_id = $pr['product_id'];
$subtotal = $pr['subtotal'];
$title = escape_for_js($pr['title']);
$out .= <<<CUT
pageTracker._addItem("{$payment_id}","{$product_id}","{$title}","","{$subtotal}","1");
CUT;
}
$out .= <<<CUT
pageTracker._trackTrans();
CUT;
} else {
// this is not a sale
if ($_ga_tracked++) {
return;
}
}
$out .= <<<CUT
</script>
<!-- google analytics code end -->
CUT;
$source = preg_replace('|</body>|i', $out . "\n</body>", $source, 1, $count);
if (!$count) {
$source .= $out;
}
}
