<?php $adir = '../'; include $adir . 'adminCode.php'; if ($_POST[sendEmail]) { switch ($_POST[type]) { case 'welcome': sendWelcomeEmail($_POST[id], $conn); break; default: $_POST[payer_email] = $_POST[email]; sendDownloadEmail($_POST[id], $conn); } } if ($_POST[email]) { $email = $_POST[email]; } else { $email = $context[adminEmail]; } $selP = 'select * from products order by id'; $resP = mysql_query($selP, $conn); while ($p = mysql_fetch_assoc($resP)) { $select = ''; if ($_POST[productID] == $p[id]) { $select = 'selected'; } $prodDropDown .= '<option value="' . $p[id] . '" ' . $select . '>' . $p[itemName] . '</option>'; } if ($_POST[productID]) { $id = $_POST[productID]; $selE = 'select * from emails where productID="' . $id . '"';
//check if price matches and if amount is fake if ($itemPrice != $paymentAmount && $paymentAmount == '0.01') { //redirect to fraud page $downloadLink = $websiteURL . 'fraud.html'; } if ($itemNumber) { //sales tracking $opt = array('tableName' => 'sales', 'dbFields' => array('productID' => $productID, 'transID' => $transID, 'itemName' => $itemName, 'itemNumber' => $itemNumber, 'amount' => $paymentAmount, 'purchased' => date('Y-m-d H:i:s', time()), 'expires' => date('Y-m-d H:i:s', time()), 'firstName' => $firstName, 'lastName' => $lastName, 'payerEmail' => $payerEmail, 'paidTo' => $receiverEmail, 'affiliate' => $custom)); //check for existing sale $sel = 'SELECT transID FROM sales WHERE transID="' . $transID . '"'; $res = mysql_query($sel, $conn) or die(mysql_error()); if (mysql_num_rows($res) == 0) { //add sales record into database dbInsert($opt); //send download email to customer sendDownloadEmail($p['id'], $conn); } } break; } } else { //bad transaction //notify admin of problem $headers = "From: " . $adminEmail . "\n"; $headers .= "Content-type: text/html;"; $subject = 'Problem with Order: ' . $businessName; $vars = array('txn_type', 'first_name', 'last_name', 'mc_currency', 'residence_country', 'payer_email', 'payer_id', 'reattempt', 'address_name', 'address_city', 'receiver_email', 'business', 'payment_status', 'amount3', 'mc_amount3'); $message = '<p>The following information was sent from paypal: <br> Date: ' . date('m/d/Y', time()) . '<br> Referrer: ' . $_SERVER['HTTP_REFERER'] . '<br>'; foreach ($vars as $var) {