$passwd = "";
$passwd2 = "";
loginprompt(false);
break;
/* Login phase 2 - check usernm and passwd, login if match */
/* Login phase 2 - check usernm and passwd, login if match */
case "Log In":
$usernm = postvalue("usernm", "");
$passwd = postvalue("passwd", "");
$pwcheck = dbgetsingleton("SELECT (PASSWORD('{$passwd}') = passwd) pwcheck " . " FROM user " . " WHERE usernm = '{$usernm}'", "pwcheck");
if ($pwcheck) {
h1("Login successful");
$user = new User();
$user->loadByUserNm($usernm);
$_SESSION["user"] = $user;
$x->log("Login Succeeded", "Login succeeded for {$usernm}", $user->userix);
/* Check for waiting list pickups */
# $sql =
# "SELECT r.eventix, e.eventnm, e.eventdt, COUNT(*) wlcnt, IF(o.rcnt IS NULL, 0, o.rcnt) rcnt \n" .
# " FROM registration r \n" .
# " JOIN event e ON (r.eventix = e.eventix) \n" .
# " LEFT OUTER JOIN (SELECT eventix, COUNT(*) rcnt FROM registration WHERE NOT waiting AND releasetime IS NOT NULL GROUP BY eventix) o ON (r.eventix = o.eventix) \n" .
# " WHERE r.userix = {$user->userix} \n" .
# " AND r.waiting \n" .
# " AND rcnt > 0 \n" .
# " AND e.eventdt >= CURDATE() \n" .
# " GROUP BY e.eventdt \n" .
# " ORDER BY e.eventdt";
#
# dispsql($sql);
# $result = mysql_query($sql)
dbconnect();
$x = new XactLog();
$order = new Order();
$ipn = $_POST;
$orderix = postvalue("invoice", NULL);
$payment_status = postvalue("payment_status", NULL);
$mc_gross = postvalue("mc_gross", 0.0);
$userix = NULL;
if ($orderix) {
$order->loadByOrderIx($orderix);
$userix = $order->userix;
if ($userix) {
$usernm = dbgetsingleton("SELECT usernm FROM user WHERE userix = {$userix}", "usernm");
}
}
$x->log("PP IPN Notificaton", "Unvalidated PP Notification", $userix, $orderix, NULL, print_r($_POST, true));
/* Form the response */
if (array_key_exists("test_ipn", $_POST) && $_POST["test_ipn"] == 1) {
$ppurl = "https://www.sandbox.paypal.com/cgi-bin/webscr";
} else {
$ppurl = "https://www.paypal.com/cgi-bin/webscr";
}
$request = curl_init();
curl_setopt_array($request, array(CURLOPT_URL => $ppurl, CURLOPT_POST => TRUE, CURLOPT_POSTFIELDS => http_build_query(array("cmd" => "_notify-validate") + $_POST), CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_HEADER => FALSE, CURLOPT_SSL_VERIFYPEER => TRUE));
/* Send the response */
$response = curl_exec($request);
$status = curl_getinfo($request, CURLINFO_HTTP_CODE);
curl_close($request);
if ($status == 200 && $response == "VERIFIED") {
$x->log("PP IPN Verified", "PP IPN Verification Succeeded - {$payment_status}", $userix, $orderix, NULL, print_r($_POST, true));
/* Record approval */
require_once "{$TKTDIR}xactlog.php";
require_once "{$TKTDIR}order.php";
dbconnect();
$x = new XactLog();
$order = new Order();
$ipn = $_POST;
$orderix = postvalue("invoice", NULL);
$userix = NULL;
if ($orderix) {
$order->loadByOrderIx($orderix);
$userix = $order->userix;
if ($userix) {
$usernm = dbgetsingleton("SELECT usernm FROM user WHERE userix = {$userix}", "usernm");
}
}
$x->log("PP IPN Notificaton", "Unvalidated PP Notification", $userix, $orderix, NULL, print_r($_POST, true));
/* Form the response */
if (array_key_exists("test_ipn", $_POST) && $_POST["test_ipn"] == 1) {
$ppurl = "https://www.sandbox.paypal.com/cgi-bin/webscr";
} else {
$ppurl = "https://www.paypal.com/cgi-bin/webscr";
}
$request = curl_init();
curl_setopt_array($request, array(CURLOPT_URL => $ppurl, CURLOPT_POST => TRUE, CURLOPT_POSTFIELDS => http_build_query(array("cmd" => "_notify-validate") + $_POST), CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_HEADER => FALSE, CURLOPT_SSL_VERIFYPEER => TRUE));
/* Send the response */
$response = curl_exec($request);
$status = curl_getinfo($request, CURLINFO_HTTP_CODE);
curl_close($request);
if ($status == 200 && $response == "VERIFIED") {
$x->log("PP IPN Verified", "PP IPN Verification Succeeded", $userix, $orderix, NULL, print_r($_POST, true));
/* Record approval */
/* Confirm: where the user lands if they click Confirm */
/* Creates the order in the database and */
/* *************************************************************************************************************************** */
case 'Confirm':
/* Create the order in the orderhdr and orderdtl tables */
echo "<h1>Event Order Placed - {$usernm}</h1>\n";
dbconnect();
/* Create orderhdr row */
$totalamt = postvalue("totalamt", 0.0);
$order = new Order();
$orderix = $order->createOrderIx($userix);
$order->setTotalAmt($totalamt);
if ($debug) {
echo "<p>Your order number is <strong><big>{$orderix}</big></strong>.</p>\n";
}
$x->log("Order Confirmed", "Order {$orderix} confirmed by user {$usernm}", $userix, $orderix);
$ix = 0;
$orderdtlix = 0;
$totaladd = 0;
while (array_key_exists("eventnm{$ix}", $_POST)) {
$eventix = $_POST["eventix{$ix}"];
$eventnm = $_POST["eventnm{$ix}"];
$eventdt = $_POST["eventdt{$ix}"];
$add = postvalue("add{$ix}", 0);
$addwait = postvalue("addwait{$ix}", 0);
$remove = postvalue("remove{$ix}", 0);
$extamt = postvalue("extamt{$ix}", 0);
$totaladd += $add;
/* Adds */
if ($add) {
/* Order detail insertion */
<html>
<head>
<?php
require_once "functions.php";
require_once "database.php";
require_once "xactlog.php";
?>
</head>
<body>
<h1>test.xactlog</h1>
<?php
dbconnect();
echo "<h2>XactLog::log</h2>";
$x = new XactLog();
$x->log("Test Xact");
$x->log("Test Xact 2", "description");
$x->log("Test Xact 3", NULL);
$x->log("Test Xact 3", "");
$x->log("Test Xact 4", "userix", 1);
$x->log("Test Xact 4", "userix", NULL);
$x->log("Test Xact 4", "userix", "");
$x->log("Test Xact 4", NULL, 1);
$x->log("Test Xact 5", "eventix", 1, 2);
$x->log("Test Xact 5", "eventix", 1, NULL);
$x->log("Test Xact 5", "eventix", 1, "");
$x->log("Test Xact 5", "eventix", NULL, 2);
$x->log("Test Xact 5", "eventix", "", 2);
$x->log("Test Xact 5", NULL, 1, 2);
$x->log("Test Xact 5", "", 1, 2);
$x->log("Test Xact 6", "eventix", 1, 2, "This is a test transaction.\nMany test transactions have excessive detail.\nThis one is a good example of that.\n");
