function ipn_debug_email($message, $email_address = '', $always_send = false, $subjecttext = 'IPN DEBUG message') { static $paypal_error_counter; static $paypal_instance_id; if ($email_address == '') { $email_address = defined('MODULE_PAYMENT_PAYPAL_DEBUG_EMAIL_ADDRESS') ? MODULE_PAYMENT_PAYPAL_DEBUG_EMAIL_ADDRESS : STORE_OWNER_EMAIL_ADDRESS; } if (!isset($paypal_error_counter)) { $paypal_error_counter = 0; } if (!isset($paypal_instance_id)) { $paypal_instance_id = time() . '_' . zen_create_random_value(4); } if (defined('MODULE_PAYMENT_PAYPALWPP_DEBUGGING') && MODULE_PAYMENT_PAYPALWPP_DEBUGGING == 'Log and Email' || defined('MODULE_PAYMENT_PAYPAL_IPN_DEBUG') && MODULE_PAYMENT_PAYPAL_IPN_DEBUG == 'Log and Email' || $always_send) { $paypal_error_counter++; zen_mail(STORE_OWNER, $email_address, $subjecttext . ' (' . $paypal_instance_id . ') #' . $paypal_error_counter, $message, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => $message), 'debug'); } if (defined('MODULE_PAYMENT_PAYPAL_IPN_DEBUG') && (MODULE_PAYMENT_PAYPAL_IPN_DEBUG == 'Log and Email' || MODULE_PAYMENT_PAYPAL_IPN_DEBUG == 'Log File' || MODULE_PAYMENT_PAYPAL_IPN_DEBUG == 'Yes') || defined('MODULE_PAYMENT_PAYPALWPP_DEBUGGING') && (MODULE_PAYMENT_PAYPALWPP_DEBUGGING == 'Log File' || MODULE_PAYMENT_PAYPALWPP_DEBUGGING == 'Log and Email')) { ipn_add_error_log($message, $paypal_instance_id); } }
/** * Complete the step2 phase by creating accounts if needed, linking data, placing order, etc. */ function ec_step2_finish($paypal_ec_payer_info, $new_acct_notify) { global $db, $order; // register the payer_info in the session $_SESSION['paypal_ec_payer_info'] = $paypal_ec_payer_info; // debug $this->zcLog('ec_step2_finish - 1', 'START: paypal_ec_payer_info= ' . print_r($_SESSION['paypal_ec_payer_info'], true)); /** * Building customer zone/address from returned data */ // set some defaults, which will be updated later: $country_id = '223'; $address_format_id = 2; $state_id = 0; $acct_exists = false; // store default address id for later use/reference $original_default_address_id = $_SESSION['customer_default_address_id']; // Get the customer's country ID based on name or ISO code $sql = "SELECT countries_id, address_format_id, countries_iso_code_2, countries_iso_code_3\r\n FROM " . TABLE_COUNTRIES . "\r\n WHERE countries_iso_code_2 = :countryId\r\n OR countries_name = :countryId\r\n LIMIT 1"; $sql1 = $db->bindVars($sql, ':countryId', $paypal_ec_payer_info['ship_country_name'], 'string'); $country1 = $db->Execute($sql1); $sql2 = $db->bindVars($sql, ':countryId', $paypal_ec_payer_info['ship_country_code'], 'string'); $country2 = $db->Execute($sql2); // see if we found a record, if yes, then use it instead of default American format if ($country1->RecordCount() > 0) { $country_id = $country1->fields['countries_id']; if (!isset($paypal_ec_payer_info['ship_country_code']) || $paypal_ec_payer_info['ship_country_code'] == '') { $paypal_ec_payer_info['ship_country_code'] = $country1->fields['countries_iso_code_2']; } $country_code3 = $country1->fields['countries_iso_code_3']; $address_format_id = (int) $country1->fields['address_format_id']; } elseif ($country2->RecordCount() > 0) { // if didn't find it based on name, check using ISO code (ie: in case of no-shipping-address required/supplied) $country_id = $country2->fields['countries_id']; $country_code3 = $country2->fields['countries_iso_code_3']; $address_format_id = (int) $country2->fields['address_format_id']; } // Need to determine zone, based on zone name first, and then zone code if name fails check. Otherwise uses 0. $sql = "SELECT zone_id\r\n FROM " . TABLE_ZONES . "\r\n WHERE zone_country_id = :zCountry\r\n AND zone_code = :zoneCode\r\n OR zone_name = :zoneCode\r\n LIMIT 1"; $sql = $db->bindVars($sql, ':zCountry', $country_id, 'integer'); $sql = $db->bindVars($sql, ':zoneCode', $paypal_ec_payer_info['ship_state'], 'string'); $states = $db->Execute($sql); if ($states->RecordCount() > 0) { $state_id = $states->fields['zone_id']; } /** * Using the supplied data from PayPal, set the data into the order record */ // customer $order->customer['name'] = $paypal_ec_payer_info['payer_firstname'] . ' ' . $paypal_ec_payer_info['payer_lastname']; $order->customer['company'] = $paypal_ec_payer_info['payer_business']; $order->customer['street_address'] = $paypal_ec_payer_info['ship_street_1']; $order->customer['suburb'] = $paypal_ec_payer_info['ship_street_2']; $order->customer['city'] = $paypal_ec_payer_info['ship_city']; $order->customer['postcode'] = $paypal_ec_payer_info['ship_postal_code']; $order->customer['state'] = $paypal_ec_payer_info['ship_state']; $order->customer['country'] = array('id' => $country_id, 'title' => $paypal_ec_payer_info['ship_country_name'], 'iso_code_2' => $paypal_ec_payer_info['ship_country_code'], 'iso_code_3' => $country_code3); $order->customer['country']['id'] = $country_id; $order->customer['country']['iso_code_2'] = $paypal_ec_payer_info['ship_country_code']; $order->customer['format_id'] = $address_format_id; $order->customer['email_address'] = $paypal_ec_payer_info['payer_email']; $order->customer['telephone'] = $paypal_ec_payer_info['ship_phone']; $order->customer['zone_id'] = $state_id; // billing $order->billing['name'] = $paypal_ec_payer_info['payer_firstname'] . ' ' . $paypal_ec_payer_info['payer_lastname']; $order->billing['company'] = $paypal_ec_payer_info['payer_business']; $order->billing['street_address'] = $paypal_ec_payer_info['ship_street_1']; $order->billing['suburb'] = $paypal_ec_payer_info['ship_street_2']; $order->billing['city'] = $paypal_ec_payer_info['ship_city']; $order->billing['postcode'] = $paypal_ec_payer_info['ship_postal_code']; $order->billing['state'] = $paypal_ec_payer_info['ship_state']; $order->billing['country'] = array('id' => $country_id, 'title' => $paypal_ec_payer_info['ship_country_name'], 'iso_code_2' => $paypal_ec_payer_info['ship_country_code'], 'iso_code_3' => $country_code3); $order->billing['country']['id'] = $country_id; $order->billing['country']['iso_code_2'] = $paypal_ec_payer_info['ship_country_code']; $order->billing['format_id'] = $address_format_id; $order->billing['zone_id'] = $state_id; // delivery if ($_SESSION['paypal_ec_payer_info']['ship_address_status'] != 'None') { $order->delivery['name'] = $paypal_ec_payer_info['payer_firstname'] . ' ' . $paypal_ec_payer_info['payer_lastname']; $order->delivery['company'] = $paypal_ec_payer_info['payer_business']; $order->delivery['street_address'] = $paypal_ec_payer_info['ship_street_1']; $order->delivery['suburb'] = $paypal_ec_payer_info['ship_street_2']; $order->delivery['city'] = $paypal_ec_payer_info['ship_city']; $order->delivery['postcode'] = $paypal_ec_payer_info['ship_postal_code']; $order->delivery['state'] = $paypal_ec_payer_info['ship_state']; $order->delivery['country'] = array('id' => $country_id, 'title' => $paypal_ec_payer_info['ship_country_name'], 'iso_code_2' => $paypal_ec_payer_info['ship_country_code'], 'iso_code_3' => $country_code3); $order->delivery['country_id'] = $country_id; $order->delivery['format_id'] = $address_format_id; $order->delivery['zone_id'] = $state_id; } // debug $this->zcLog('ec_step2_finish - 2', 'country_id = ' . $country_id . ' ' . $paypal_ec_payer_info['ship_country_name'] . ' ' . $paypal_ec_payer_info['ship_country_code'] . "\naddress_format_id = " . $address_format_id . "\nstate_id = " . $state_id . ' (original state tested: ' . $paypal_ec_payer_info['ship_state'] . ')' . "\ncountry1->fields['countries_id'] = " . $country1->fields['countries_id'] . "\ncountry2->fields['countries_id'] = " . $country2->fields['countries_id'] . "\n" . '$order = ' . print_r($order, true)); // check to see whether PayPal should still be offered to this customer, based on the zone of their address: $this->update_status(); if (!$this->enabled) { $this->terminateEC(MODULE_PAYMENT_PAYPALWPP_TEXT_INVALID_ZONE_ERROR, true, FILENAME_SHOPPING_CART); } // see if the user is logged in if (!empty($_SESSION['customer_first_name']) && !empty($_SESSION['customer_id'])) { // They're logged in, so forward them straight to checkout stages, depending on address needs etc $order->customer['id'] = $_SESSION['customer_id']; // set the session value for express checkout temp $_SESSION['paypal_ec_temp'] = false; // if no address required for shipping, leave shipping portion alone if ($_SESSION['paypal_ec_payer_info']['ship_address_status'] != 'None' && $_SESSION['paypal_ec_payer_info']['ship_street_1'] != '') { // set the session info for the sendto $_SESSION['sendto'] = $_SESSION['customer_default_address_id']; // This is the address matching section // try to match it first // note: this is by no means 100% $address_book_id = $this->findMatchingAddressBookEntry($_SESSION['customer_id'], $order->delivery); // no match, so add the record if (!$address_book_id) { $address_book_id = $this->addAddressBookEntry($_SESSION['customer_id'], $order->delivery, false); } // set the address for use $_SESSION['sendto'] = $address_book_id; } // set the users billto information (default address) if (!isset($_SESSION['billto'])) { $_SESSION['billto'] = $_SESSION['customer_default_address_id']; } // debug $this->zcLog('ec_step2_finish - 3', 'Exiting ec_step2_finish logged-in mode.' . "\n" . 'Selected address: ' . $address_book_id . "\nOriginal was: " . $original_default_address_id); // select a shipping method, based on cheapest available option if (MODULE_PAYMENT_PAYPALWPP_AUTOSELECT_CHEAPEST_SHIPPING == 'Yes') { $this->setShippingMethod(); } // send the user on if ($_SESSION['paypal_ec_markflow'] == 1) { $this->terminateEC('', false, FILENAME_CHECKOUT_PROCESS); } else { $this->terminateEC('', false, FILENAME_CHECKOUT_CONFIRMATION); } } else { // They're not logged in. Create an account if necessary, and then log them in. // First, see if they're an existing customer, and log them in automatically // If Paypal didn't supply us an email address, something went wrong if (trim($paypal_ec_payer_info['payer_email']) == '') { $this->terminateEC(MODULE_PAYMENT_PAYPALWPP_INVALID_RESPONSE, true); } // attempt to obtain the user information using the payer_email from the info returned from PayPal, via email address $sql = "SELECT customers_id, customers_firstname, customers_lastname, customers_paypal_payerid, customers_paypal_ec\r\n FROM " . TABLE_CUSTOMERS . "\r\n WHERE customers_email_address = :emailAddress "; $sql = $db->bindVars($sql, ':emailAddress', $paypal_ec_payer_info['payer_email'], 'string'); $check_customer = $db->Execute($sql); // debug $this->zcLog('ec_step2_finish - 4', 'Not logged in. Looking for account.' . "\n" . $sql . "\n" . print_r($check_customer, true)); if (!$check_customer->EOF) { $acct_exists = true; // see if this was only a temp account -- if so, remove it if ($check_customer->fields['customers_paypal_ec'] == '1') { // Delete the existing temporary account $this->ec_delete_user($check_customer->fields['customers_id']); $acct_exists = false; // debug $this->zcLog('ec_step2_finish - 5', 'Found temporary account - deleting it.'); } } // Create an account, if the account does not exist if (!$acct_exists) { // debug $this->zcLog('ec_step2_finish - 6', 'No ZC account found for this customer. Creating new account.' . "\n" . '$this->new_acct_notify =' . $this->new_acct_notify); // Generate a random 8-char password $password = zen_create_random_value(8); $sql_data_array = array(); // set the customer information in the array for the table insertion $sql_data_array = array('customers_firstname' => $paypal_ec_payer_info['payer_firstname'], 'customers_lastname' => $paypal_ec_payer_info['payer_lastname'], 'customers_email_address' => $paypal_ec_payer_info['payer_email'], 'customers_telephone' => $paypal_ec_payer_info['ship_phone'], 'customers_fax' => '', 'customers_gender' => $paypal_ec_payer_info['payer_gender'], 'customers_newsletter' => '0', 'customers_password' => zen_encrypt_password($password), 'customers_paypal_payerid' => $_SESSION['paypal_ec_payer_id']); // insert the data $result = zen_db_perform(TABLE_CUSTOMERS, $sql_data_array); // grab the customer_id (last insert id) $customer_id = $db->Insert_ID(); // set the Guest customer ID -- for PWA purposes $_SESSION['customer_guest_id'] = $customer_id; // set the customer address information in the array for the table insertion $sql_data_array = array('customers_id' => $customer_id, 'entry_gender' => $paypal_ec_payer_info['payer_gender'], 'entry_firstname' => $paypal_ec_payer_info['payer_firstname'], 'entry_lastname' => $paypal_ec_payer_info['payer_lastname'], 'entry_street_address' => $paypal_ec_payer_info['ship_street_1'], 'entry_suburb' => $paypal_ec_payer_info['ship_street_2'], 'entry_city' => $paypal_ec_payer_info['ship_city'], 'entry_zone_id' => $state_id, 'entry_postcode' => $paypal_ec_payer_info['ship_postal_code'], 'entry_country_id' => $country_id); if ($state_id > 0) { $sql_data_array['entry_zone_id'] = $state_id; $sql_data_array['entry_state'] = ''; } else { $sql_data_array['entry_zone_id'] = 0; $sql_data_array['entry_state'] = $paypal_ec_payer_info['ship_state']; } // insert the data zen_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array); // grab the address_id (last insert id) $address_id = $db->Insert_ID(); // set the address id lookup for the customer $sql = "UPDATE " . TABLE_CUSTOMERS . "\r\n SET customers_default_address_id = :addrID\r\n WHERE customers_id = :custID"; $sql = $db->bindVars($sql, ':addrID', $address_id, 'integer'); $sql = $db->bindVars($sql, ':custID', $customer_id, 'integer'); $db->Execute($sql); // insert the new customer_id into the customers info table for consistency $sql = "INSERT INTO " . TABLE_CUSTOMERS_INFO . "\r\n (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created)\r\n VALUES (:custID, 0, now())"; $sql = $db->bindVars($sql, ':custID', $customer_id, 'integer'); $db->Execute($sql); // send Welcome Email if appropriate if ($this->new_acct_notify == 'Yes') { // require the language file global $language_page_directory, $template_dir; if (!isset($language_page_directory)) { $language_page_directory = DIR_WS_LANGUAGES . $_SESSION['language'] . '/'; } if (file_exists($language_page_directory . $template_dir . '/create_account.php')) { $template_dir_select = $template_dir . '/'; } else { $template_dir_select = ''; } require $language_page_directory . $template_dir_select . '/create_account.php'; // set the mail text $email_text = sprintf(EMAIL_GREET_NONE, $paypal_ec_payer_info['payer_firstname']) . EMAIL_WELCOME . EMAIL_TEXT; $email_text .= "\n\n" . EMAIL_EC_ACCOUNT_INFORMATION . "\nUsername: "******"\nPassword: "******"\n\n"; $email_text .= EMAIL_CONTACT; // send the mail zen_mail($paypal_ec_payer_info['payer_firstname'] . " " . $paypal_ec_payer_info['payer_lastname'], $paypal_ec_payer_info['payer_email'], EMAIL_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => nl2br($email_text)), 'welcome'); // set the express checkout temp -- false means the account is no longer "only" for EC ... it'll be permanent $_SESSION['paypal_ec_temp'] = false; } else { // Make it a temporary account that'll be deleted once they've checked out $sql = "UPDATE " . TABLE_CUSTOMERS . "\r\n SET customers_paypal_ec = 1\r\n WHERE customers_id = :custID "; $sql = $db->bindVars($sql, ':custID', $customer_id, 'integer'); $db->Execute($sql); // set the boolean ec temp value since we created account strictly for EC purposes $_SESSION['paypal_ec_temp'] = true; } // hook notifier class vis a vis account-creation $this->notify('NOTIFY_LOGIN_SUCCESS_VIA_CREATE_ACCOUNT'); } else { // set the boolean ec temp value for the account to false, since we didn't have to create one $_SESSION['paypal_ec_temp'] = false; } // log the user in with the email sent back from paypal response $this->user_login($_SESSION['paypal_ec_payer_info']['payer_email'], false); // debug $this->zcLog('ec_step2_finish - 7', 'Auto-Logged customer in. (' . $_SESSION['paypal_ec_payer_info']['payer_email'] . ') (' . $_SESSION['customer_id'] . ')' . "\n" . '$_SESSION[paypal_ec_temp]=' . $_SESSION['paypal_ec_temp']); // This is the address matching section // try to match it first // note: this is by no means 100% $address_book_id = $this->findMatchingAddressBookEntry($_SESSION['customer_id'], $order->delivery); // no match add the record if (!$address_book_id) { $address_book_id = $this->addAddressBookEntry($_SESSION['customer_id'], $order->delivery, false); if (!$address_book_id) { $address_book_id = $_SESSION['customer_default_address_id']; } } // set the sendto to the address $_SESSION['sendto'] = $address_book_id; // set billto in the session $_SESSION['billto'] = $_SESSION['customer_default_address_id']; // select a shipping method, based on cheapest available option if (MODULE_PAYMENT_PAYPALWPP_AUTOSELECT_CHEAPEST_SHIPPING == 'Yes') { $this->setShippingMethod(); } // debug $this->zcLog('ec_step2_finish - 8', 'Exiting via terminateEC (from originally-not-logged-in mode).' . "\n" . 'Selected address: ' . $address_book_id . "\nOriginal was: " . $original_default_address_id . "\nprepared data: " . print_r($order->delivery, true)); // send the user on if ($_SESSION['paypal_ec_markflow'] == 1) { $this->terminateEC('', false, FILENAME_CHECKOUT_PROCESS); } else { $this->terminateEC('', false, FILENAME_CHECKOUT_CONFIRMATION); } } }
/** * Method to generate a cart ID * * @param length of ID to generate * @return string cart ID */ function generate_cart_id($length = 5) { return zen_create_random_value($length, 'digits'); }
function log($message, $token = '') { static $tokenHash; if ($tokenHash == '') { $tokenHash = '_' . zen_create_random_value(4); } if ($token == '') { $token = $_SESSION['paypal_ec_token']; } if ($token == '') { $token = time(); } $token .= $tokenHash; $file = $this->_logDir . '/' . 'Paypal_CURL_' . $token . '.log'; if ($fp = @fopen($file, 'a')) { fwrite($fp, $message . "\n\n"); fclose($fp); } }
/** * Used to do any debug logging / tracking / storage as required. */ function _debugActions($response, $order_time = '', $sessID = '') { global $db; if ($order_time == '') { $order_time = date("F j, Y, g:i a"); } // convert output to 1-based array for easier understanding: $resp_output = $response; array_unshift($resp_output, 'Response from gateway' . (isset($response['ErrorDetails']) ? ': ' . $response['ErrorDetails'] : '')); // DEBUG LOGGING $errorMessage = date('M-d-Y h:i:s') . "\n=================================\n\n" . ($this->commError != '' ? 'Comm results: ' . $this->commErrNo . ' ' . $this->commError . "\n\n" : '') . 'Response Code: ' . $response[0] . ".\nResponse Text: " . $response[3] . "\n\n" . 'Sending to Authorizenet: ' . print_r($this->reportable_submit_data, true) . "\n\n" . 'Results Received back from Authorizenet: ' . print_r($resp_output, true) . "\n\n" . 'CURL communication info: ' . print_r($this->commInfo, true) . "\n"; if (CURL_PROXY_REQUIRED == 'True') { $errorMessage .= 'Using CURL Proxy: [' . CURL_PROXY_SERVER_DETAILS . '] with Proxy Tunnel: ' . ($this->proxy_tunnel_flag ? 'On' : 'Off') . "\n"; } $errorMessage .= "\nRAW data received: \n" . $this->authorize . "\n\n"; if (strstr(MODULE_PAYMENT_AUTHORIZENET_ECHECK_DEBUGGING, 'Log') || strstr(MODULE_PAYMENT_AUTHORIZENET_ECHECK_DEBUGGING, 'All') || defined('AUTHORIZENET_DEVELOPER_MODE') && in_array(AUTHORIZENET_DEVELOPER_MODE, array('on', 'certify'))) { $key = $response[6] . '_' . time() . '_' . zen_create_random_value(4); $file = $this->_logDir . '/' . 'AuthNetECheck_Debug_' . $key . '.log'; if ($fp = @fopen($file, 'a')) { fwrite($fp, $errorMessage); fclose($fp); } } if ($response[0] != '1' && stristr(MODULE_PAYMENT_AUTHORIZENET_ECHECK_DEBUGGING, 'Alerts') || strstr(MODULE_PAYMENT_AUTHORIZENET_ECHECK_DEBUGGING, 'Email')) { zen_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Authorizenet-eCheck Alert ' . $response[7] . ' ' . date('M-d-Y h:i:s') . ' ' . $response[6], $errorMessage, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => nl2br($errorMessage)), 'debug'); } // DATABASE SECTION // Insert the send and receive response data into the database. // This can be used for testing or for implementation in other applications // This can be turned on and off if the Admin Section if (MODULE_PAYMENT_AUTHORIZENET_ECHECK_STORE_DATA == 'True') { $db_response_text = $response[3] . ($this->commError != '' ? ' - Comm results: ' . $this->commErrNo . ' ' . $this->commError : ''); $db_response_text .= $response[0] == 2 && $response[2] == 4 ? ' NOTICE: Card should be picked up - possibly stolen ' : ''; $db_response_text .= $response[0] == 3 && $response[2] == 11 ? ' DUPLICATE TRANSACTION ATTEMPT ' : ''; // Insert the data into the database $sql = "insert into " . TABLE_AUTHORIZENET . " (id, customer_id, order_id, response_code, response_text, authorization_type, transaction_id, sent, received, time, session_id) values (NULL, :custID, :orderID, :respCode, :respText, :authType, :transID, :sentData, :recvData, :orderTime, :sessID )"; $sql = $db->bindVars($sql, ':custID', $_SESSION['customer_id'], 'integer'); $sql = $db->bindVars($sql, ':orderID', preg_replace('/[^0-9]/', '', $response[7]), 'integer'); $sql = $db->bindVars($sql, ':respCode', $response[0], 'integer'); $sql = $db->bindVars($sql, ':respText', $db_response_text, 'string'); $sql = $db->bindVars($sql, ':authType', $response[11], 'string'); $sql = $db->bindVars($sql, ':transID', $this->transaction_id, 'string'); $sql = $db->bindVars($sql, ':sentData', print_r($this->reportable_submit_data, true), 'string'); $sql = $db->bindVars($sql, ':recvData', print_r($response, true), 'string'); $sql = $db->bindVars($sql, ':orderTime', $order_time, 'string'); $sql = $db->bindVars($sql, ':sessID', $sessID, 'string'); $db->Execute($sql); } }
function _log($msg, $suffix = '') { static $key; if (!isset($key) || $key == '') { $key = time() . '_' . zen_create_random_value(4); } $file = $this->_logDir . '/' . 'Linkpoint_Debug_' . $suffix . '_' . $key . '.log'; if ($fp = @fopen($file, 'a')) { @fwrite($fp, $msg); @fclose($fp); } }
* @copyright Portions Copyright 2003 osCommerce * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0 * @version $Id: header_php.php 2982 2006-02-07 07:56:41Z birdbrain $ */ // This should be first line of the script: $zco_notifier->notify('NOTIFY_HEADER_START_PASSWORD_FORGOTTEN'); require DIR_WS_MODULES . zen_get_module_directory('require_languages.php'); // remove from snapshot $_SESSION['navigation']->remove_current_page(); if (isset($_GET['action']) && $_GET['action'] == 'process') { $email_address = zen_db_prepare_input($_POST['email_address']); $check_customer_query = "SELECT customers_firstname, customers_lastname, customers_password, customers_id \r\n FROM " . TABLE_CUSTOMERS . "\r\n WHERE customers_email_address = :emailAddress"; $check_customer_query = $db->bindVars($check_customer_query, ':emailAddress', $email_address, 'string'); $check_customer = $db->Execute($check_customer_query); if ($check_customer->RecordCount() > 0) { $new_password = zen_create_random_value(ENTRY_PASSWORD_MIN_LENGTH); $crypted_password = zen_encrypt_password($new_password); $sql = "UPDATE " . TABLE_CUSTOMERS . "\r\n SET customers_password = :password\r\n WHERE customers_id = :customersID"; $sql = $db->bindVars($sql, ':password', $crypted_password, 'string'); $sql = $db->bindVars($sql, ':customersID', $check_customer->fields['customers_id'], 'integer'); $db->Execute($sql); $html_msg['EMAIL_CUSTOMERS_NAME'] = $check_customer->fields['customers_firstname'] . ' ' . $check_customer->fields['customers_lastname']; $html_msg['EMAIL_MESSAGE_HTML'] = sprintf(EMAIL_PASSWORD_REMINDER_BODY, $new_password); // send the email zen_mail($check_customer->fields['customers_firstname'] . ' ' . $check_customer->fields['customers_lastname'], $email_address, EMAIL_PASSWORD_REMINDER_SUBJECT, sprintf(EMAIL_PASSWORD_REMINDER_BODY, $new_password), STORE_NAME, EMAIL_FROM, $html_msg, 'password_forgotten'); $messageStack->add_session('login', SUCCESS_PASSWORD_SENT, 'success'); zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL')); } else { $messageStack->add('password_forgotten', TEXT_NO_EMAIL_ADDRESS_FOUND); } }
function email_templates_make_new_passord($customers_id, $email_address) { global $db; $new_password = zen_create_random_value(ENTRY_PASSWORD_MIN_LENGTH); $crypted_password = zen_encrypt_password($new_password); $sql = "UPDATE " . TABLE_CUSTOMERS . "\n SET customers_password = :password\n WHERE customers_id = :customersID"; $sql = $db->bindVars($sql, ':password', $crypted_password, 'string'); $sql = $db->bindVars($sql, ':customersID', $customers_id, 'integer'); $db->Execute($sql); return $new_password; }
function logDetails($details, $location = '', $fname = '') { global $current_page; if ($_SESSION['logfilename'] == '') { $_SESSION['logfilename'] = $fname == '' ? date('M-d-Y_h-i-s-') . zen_create_random_value(6) : $fname; } $location = $location == '' ? $current_page : $location; if ($fp = @fopen(DEBUG_LOG_FOLDER . '/zcInstallLog_' . $_SESSION['logfilename'] . '.log', 'a')) { fwrite($fp, '---------------' . "\n" . date('M d Y G:i') . ' -- ' . $location . "\n" . $details . "\n\n"); fclose($fp); } }
/** * Debug Logging support */ function zcLog($stage, $message) { static $tokenHash; if ($tokenHash == '') { $tokenHash = '_' . zen_create_random_value(4); } if (MODULE_PAYMENT_PAYPALDP_DEBUGGING == 'Log and Email' || MODULE_PAYMENT_PAYPALDP_DEBUGGING == 'Log File') { $token = isset($_SESSION['paypal_ec_token']) ? $_SESSION['paypal_ec_token'] : preg_replace('/[^0-9.A-Z\\-]/', '', $_GET['token']); $token = $token == '' ? date('m-d-Y-h-i') : $token; // or time() $token .= $tokenHash; $file = $this->_logDir . '/' . $this->code . '_Paypal_Action_' . $token . '.log'; if (defined('PAYPAL_DEV_MODE') && PAYPAL_DEV_MODE == 'true') { $file = $this->_logDir . '/' . $this->code . '_Paypal_Debug_' . $token . '.log'; } $fp = @fopen($file, 'a'); @fwrite($fp, date('M-d-Y h:i:s') . "\n" . $stage . "\n" . $message . "\n=================================\n\n"); @fclose($fp); } $this->_doDebug($stage, $message, false); }
$firstname = No_Account; $lastname = No_Account; $nick = No_Account; $street_address = No_Account; $suburb = No_Account; $city = No_Account; $postcode = 33333; $dob = '0001-01-01 00:00:00'; $state = Florida; $country = 223; $telephone = 5555551212; $fax = 5555551212; $customers_referrals = No_Account; $gender = m; } $password = zen_create_random_value(15, 'mixed'); if ($error == true) { // hook notifier class $zco_notifier->notify('NOTIFY_FAILURE_DURING_NO_ACCOUNT'); } else { $_SESSION['COWOA'] = true; $sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_nick' => $nick, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_newsletter' => (int) $newsletter, 'customers_email_format' => $email_format, 'customers_default_address_id' => 0, 'customers_password' => zen_encrypt_password($password), 'COWOA_account' => 1, 'customers_authorization' => (int) CUSTOMERS_APPROVAL_AUTHORIZATION); if (CUSTOMERS_REFERRAL_STATUS == '2' and $customers_referral != '') { $sql_data_array['customers_referral'] = $customers_referral; } if (ACCOUNT_GENDER == 'true') { $sql_data_array['customers_gender'] = $gender; } if (ACCOUNT_DOB == 'true') { $sql_data_array['customers_dob'] = empty($_POST['dob']) || $dob_entered == '0001-01-01 00:00:00' ? zen_db_prepare_input('0001-01-01 00:00:00') : zen_date_raw($_POST['dob']); }
/** * Used to do any debug logging / tracking / storage as required. */ function _debugActions($response, $mode, $order_time = '', $sessID = '') { global $db, $messageStack, $insert_id; if ($order_time == '') { $order_time = date("F j, Y, g:i a"); } $response['url'] = $this->form_action_url; $this->reportable_submit_data['url'] = $this->form_action_url; $errorMessage = date('M-d-Y h:i:s') . "\n=================================\n\n"; if ($mode == 'Submit-Data') { $errorMessage .= 'Sent to Authorizenet: ' . print_r($this->reportable_submit_data, true) . "\n\n"; } if ($mode == 'Response-Data') { $errorMessage .= 'Response Code: ' . $response['x_response_code'] . ".\nResponse Text: " . $response['x_response_reason_text'] . "\n\n" . ($response['x_response_code'] == 2 && $response['x_response_reason_code'] == 4 ? ' NOTICE: Card should be picked up - possibly stolen ' : '') . ($response['x_response_code'] == 3 && $response['x_response_reason_code'] == 11 ? ' DUPLICATE TRANSACTION ATTEMPT ' : '') . 'Results Received back from Authorizenet: ' . print_r($response, true) . "\n\n"; } // store log file if log mode enabled if (stristr(MODULE_PAYMENT_AUTHORIZENET_DEBUGGING, 'Log') || strstr(MODULE_PAYMENT_AUTHORIZENET_DEBUGGING, 'All') || defined('AUTHORIZENET_DEVELOPER_MODE') && in_array(AUTHORIZENET_DEVELOPER_MODE, array('on', 'certify'))) { $key = ($response['x_trans_id'] != '' ? $response['x_trans_id'] . '_' : '') . time() . '_' . zen_create_random_value(4); $file = $this->_logDir . '/' . 'SIM_Debug_' . $key . '.log'; $fp = @fopen($file, 'a'); @fwrite($fp, $errorMessage); @fclose($fp); } // send email alerts only if in alert mode or if email specifically requested as logging mode if (isset($response['x_response_code']) && $response['x_response_code'] != '1' && stristr(MODULE_PAYMENT_AUTHORIZENET_DEBUGGING, 'Alerts') || stristr(MODULE_PAYMENT_AUTHORIZENET_DEBUGGING, 'Email')) { zen_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Authorizenet-SIM Alert ' . $response['x_invoice_num'] . ' ' . date('M-d-Y h:i:s') . ' ' . $response['x_trans_id'], $errorMessage, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => nl2br($errorMessage)), 'debug'); } // DATABASE SECTION // Insert the send and receive response data into the database. // This can be used for testing or for implementation in other applications // This can be turned on and off if the Admin Section if (MODULE_PAYMENT_AUTHORIZENET_STORE_DATA == 'True' && $mode == 'Response-Data') { $db_response_text = $response['x_response_reason_text']; $db_response_text .= $response['x_response_code'] == 2 && $response['x_response_reason_code'] == 4 ? ' NOTICE: Card should be picked up - possibly stolen ' : ''; $db_response_text .= $response['x_response_code'] == 3 && $response['x_response_reason_code'] == 11 ? ' DUPLICATE TRANSACTION ATTEMPT ' : ''; // Insert the data into the database $sql = "insert into " . TABLE_AUTHORIZENET . " (id, customer_id, order_id, response_code, response_text, authorization_type, transaction_id, sent, received, time, session_id) values (NULL, :custID, :orderID, :respCode, :respText, :authType, :transID, :sentData, :recvData, :orderTime, :sessID )"; $sql = $db->bindVars($sql, ':custID', $_SESSION['customer_id'], 'integer'); $sql = $db->bindVars($sql, ':orderID', preg_replace('/[^0-9]/', '', $insert_id), 'integer'); $sql = $db->bindVars($sql, ':respCode', $response['x_response_code'], 'integer'); $sql = $db->bindVars($sql, ':respText', $db_response_text, 'string'); $sql = $db->bindVars($sql, ':authType', $response['x_type'], 'string'); $sql = $db->bindVars($sql, ':transID', $response['x_trans_id'], 'string'); $sql = $db->bindVars($sql, ':sentData', print_r($this->reportable_submit_data, true), 'string'); $sql = $db->bindVars($sql, ':recvData', print_r($response, true), 'string'); $sql = $db->bindVars($sql, ':orderTime', $order_time, 'string'); $sql = $db->bindVars($sql, ':sessID', $sessID, 'string'); $db->Execute($sql); } }
/** * @param $errorMessages */ protected function errorLog($errorMessages = array()) { $moduleSetting = 'MODULE_PAYMENT_' . strtoupper($this->code) . '_DEBUGGING'; if (constant($moduleSetting) == 'Off') { return; } $logDir = defined('DIR_FS_LOGS') ? DIR_FS_LOGS : DIR_FS_SQL_CACHE; $message = date('M-d-Y h:i:s') . "\n=================================\n\n"; foreach ($errorMessages as $errorMessage) { $message .= $errorMessage['title'] . "\n\n"; $message .= $errorMessage['content'] . "\n\n"; $message .= "=================================\n\n"; } $file = $logDir . '/' . 'Sagepay_Debug_' . time() . '_' . zen_create_random_value(4) . '.log'; if ($fp = @fopen($file, 'a')) { fwrite($fp, $message); fclose($fp); } if (constant($moduleSetting) !== 'Log and Email') { return; } zen_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Sagepay Form Alert ' . date('M-d-Y h:i:s'), $message, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => nl2br($message)), 'debug'); }
$result = $db->Execute($sql); if (!($admin_email == $result->fields['admin_email'])) { $error = true; $email_message = MESSAGE_PASSWORD_SENT; } // BEGIN SLAM PREVENTION if ($error == TRUE && $_POST['admin_email'] != '') { if (!isset($_SESSION['login_attempt'])) { $_SESSION['login_attempt'] = 0; } $_SESSION['login_attempt']++; sleep(3 * $_SESSION['login_attempt']); } // END SLAM PREVENTION if ($error == false) { $new_password = zen_create_random_value((int) ADMIN_PASSWORD_MIN_LENGTH < 7 ? 7 : (int) ADMIN_PASSWORD_MIN_LENGTH); $resetToken = time() + ADMIN_PWD_TOKEN_DURATION . '}' . zen_encrypt_password($new_password); $sql = "update " . TABLE_ADMIN . " set reset_token = :token: where admin_id = :admID: "; $sql = $db->bindVars($sql, ':token:', $resetToken, 'string'); $sql = $db->bindVars($sql, ':admID:', $result->fields['admin_id'], 'string'); $db->Execute($sql); $html_msg['EMAIL_CUSTOMERS_NAME'] = $result->fields['admin_name']; $html_msg['EMAIL_MESSAGE_HTML'] = sprintf(TEXT_EMAIL_MESSAGE_PWD_RESET, $_SERVER['REMOTE_ADDR'], $new_password); zen_mail($result->fields['admin_name'], $result->fields['admin_email'], TEXT_EMAIL_SUBJECT_PWD_RESET, sprintf(TEXT_EMAIL_MESSAGE_PWD_RESET, $_SERVER['REMOTE_ADDR'], $new_password), STORE_NAME, EMAIL_FROM, $html_msg, 'password_forgotten_admin'); $email_message = MESSAGE_PASSWORD_SENT; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" <?php echo HTML_PARAMS;