function find_general_trans($params) { $query = array(); if ($params['email']) { $query['email'] = $params['email']; } if ($params['reference_number']) { $query['reference_number'] = $params['reference_number']; } if ($params['phonenumber']) { $query['phonenumber'] = $params['phonenumber']; } if ($params['subscription_id']) { $query['ss_subscription_id'] = $params['subscription_id']; } if ($params['credit_card']) { $query['CCnumber'] = etelEnc($params['credit_card']); } if ($params['checking_account'] && $params['routing_number']) { $query['bankaccountnumber'] = etelEnc($params['checking_account']); $query['bankroutingcode'] = etelEnc($params['routing_number']); } if (sizeof($query) < 1) { return 0; } foreach ($query as $key => $data) { $sql .= ($sql ? "and " : "") . " {$key} = '{$data}' "; } $where = "\n\t\t\tWHERE \n\t\t\t\t{$sql}\n\t\t\t"; return $this->find_transaction_query("{$where}"); }
function ch_check_previous_decline($transInfo, $hours = 24) { return 0; $sql = "\n\t\tSELECT \n\t\t\t*\n\t\tFROM \n\t\t\t`cs_transactiondetails`\n\t\tWHERE \n\t\t\t`bankaccountnumber` = '" . etelEnc($transInfo['bankaccountnumber']) . "' \n\t\t\tAND transactionDate > DATE_SUB(Now(),Interval {$hours} HOUR)\n\t\t\tAND (`status` != 'A' or `cancelstatus` = 'Y' or `td_is_chargeback`=1) \n\t\t\tAND (`td_bank_recieved` = 'yes' or `td_bank_recieved` = 'fraudscrubbing')\n\t\t"; $result = sql_query_read($sql) or dieLog(mysql_errno() . ": " . mysql_error() . "<pre>{$sql}</pre>"); $numrows = mysql_num_rows($result); return $numrows > 0; }
function check_unique($table, &$transInfo) { $check = "`CCnumber` = '" . etelEnc($transInfo['CCnumber']) . "'"; if ($transInfo['checkorcard'] == 'C') { $check = "(`bankroutingcode` = '" . etelEnc($transInfo['bankroutingcode']) . "' and `bankaccountnumber` = '" . etelEnc($transInfo['bankaccountnumber']) . "')"; } $sql = "\r\n\t\tSELECT \r\n\t\t\tleast(\r\n\t\t\t\t(\r\n\t\t\t\t\tSELECT min(transactionId)\r\n\t\t\t\t\t\tFROM `{$table}`\r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t{$check}\r\n\t\t\t\t) , \r\n\t\t\t\t(\r\n\t\t\t\t\r\n\t\t\t\t\tSELECT min(transactionId)\r\n\t\t\t\t\t\tFROM `cs_transactiondetails`\r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t`ipaddress` = '" . $transInfo['ipaddress'] . "'\r\n\t\t\t\t) \r\n\t\t\t) AS num \r\n\t\t"; $result = sql_query_read($sql) or dieLog(mysql_errno() . ": " . mysql_error() . "<pre>{$sql}</pre>"); $trans = mysql_result($result, 0, 0); if ($trans == $transInfo['transactionId']) { $trans = 0; } return $trans; }
// labels.php,printemailforms.php,maileditor.php,shipping.php,shippingdetails.php,logout.php // companyAdd.php: The admin page functions for the New Company setup. require_once "includes/dbconnection.php"; require_once 'includes/function.php'; $check_card_no = isset($HTTP_POST_VARS['checkcardno']) ? quote_smart($HTTP_POST_VARS['checkcardno']) : ""; $voice_auth_id = isset($HTTP_POST_VARS['voiceauthno']) ? quote_smart($HTTP_POST_VARS['voiceauthno']) : ""; $telephone_no = isset($HTTP_POST_VARS['telephoneno']) ? quote_smart($HTTP_POST_VARS['telephoneno']) : ""; $transaction_no = isset($HTTP_POST_VARS['transactionno']) ? quote_smart($HTTP_POST_VARS['transactionno']) : ""; $whereqry = ""; $msgtodisplay = ""; $select_trans_details = ""; if ($transaction_no != "") { $whereqry = " and a.transactionId={$transaction_no}"; } if ($check_card_no != "") { $whereqry .= " and a.CCnumber='" . etelEnc($check_card_no) . "'"; } if ($voice_auth_id != "") { $whereqry .= " and a.voiceAuthorizationno='{$voice_auth_id}'"; } if ($telephone_no != "") { $whereqry .= " and a.phonenumber='{$telephone_no}'"; } if ($whereqry != "") { $select_trans_details = "Select a.transactionId,b.companyname,a.name,a.surname,a.checkorcard,a.amount,a.transactionDate,a.voiceAuthorizationno,a.CCnumber,a.cvv,a.cardtype,a.validupto,a.billingDate,a.shippingTrackingno,a.socialSecurity,a.driversLicense,a.checktype,a.accounttype,a.bankname,a.bankroutingcode,a.bankaccountnumber from cs_transactiondetails as a,cs_companydetails as b where a.userId=b.userId and a.cancelstatus='N' {$whereqry} "; } else { $msgtodisplay = "<table width='370' height='100' align='center' valign='top' style='border:2px solid black'><tr><td align='center' valign='middle'><font face='verdana' size='2' color='red'><strong>No transactions were found based on your search.</strong></font></td></tr><tr><td align='center'><a href='javascript:window.history.back();'><img border='0' src='images/back.jpg'></a></td></tr></table>"; } //print $select_trans_details; if ($select_trans_details != "") { if (!($qrt_select_run = mysql_query($select_trans_details))) {
function cc_i24Card_integration($transInfo, $bankInfo, $companyInfo) { global $etel_fraud_limit; $response = ""; $response['errormsg'] = "No Error 15"; $response['success'] = false; $response['td_bank_recieved'] = 'no'; if ($bankInfo['bk_cc_support'] != 1) { $response['errormsg'] = "This bank does not support this Integration Function. Please contact an administrator."; return $response; } $expDate = explode("/", $transInfo['validupto']); $expYear = substr($expDate[0], -2, 2); $expMonth = $expDate[1]; $expDate = $expMonth . $expYear; $cust_cntry = urlencode(func_get_country($transInfo['country'], 'co_ISO')); $i24_msg_id = rand(0, 400000000000); $response['td_bank_transaction_id'] = $i24_msg_id; $transInfo['additional_funds'] = intval($transInfo['additional_funds']); if ($transInfo['additional_funds'] > 20) { $transInfo['additional_funds'] = 20; } if ($transInfo['additional_funds'] < 0) { $transInfo['additional_funds'] = 0; } $additional_array = explode('|', $bankInfo['bk_additional_id']); //FunctionID 002 Y $Pinfo = ""; $Pinfo .= "CID=" . $additional_array[0]; $Pinfo .= "&CUSR="******"&CPWD=" . $bankInfo['bk_password']; if (!is_numeric($transInfo['td_gcard'])) { $transInfo['td_is_a_rebill'] = 0; } if (!$transInfo['td_is_a_rebill']) { $Pinfo .= "&FUNC=002"; } else { $Pinfo .= "&FUNC=003"; } $Pinfo .= "&MSGID=" . $i24_msg_id; if (!$transInfo['td_is_a_rebill']) { $Pinfo .= "&P1=" . rand(0, 400000000); } else { $Pinfo .= "&P1=" . $transInfo['td_gcard']; } //Electron Card Y (1,9) Numeric $Pinfo .= "&P2=" . urlencode($transInfo['name']); //First Name Y (1,20) Varchar $Pinfo .= "&P3=" . urlencode($transInfo['initial']); //Middle Initial N (1,1) Varchar $Pinfo .= "&P4=" . urlencode($transInfo['surname']); //Last Name Y (1,20) Varchar $Pinfo .= "&P5=" . urlencode($transInfo['address']); //Address1 Y (1,30) Varchar $Pinfo .= "&P6=" . urlencode($transInfo['address2']); //Address2 N (1,30) Varchar $Pinfo .= "&P7=" . urlencode($transInfo['city']); //City Y (1,25) Varchar $Pinfo .= "&P8=" . urlencode($transInfo['state']); //State Y (1,8) Varchar $Pinfo .= "&P9=" . urlencode($transInfo['zipcode']); //Zip Code Y (5,9) Varchar $Pinfo .= "&P10=" . $cust_cntry; //Country Code (ISO 3166) Y (2) Varchar Alpha $Pinfo .= "&P16=" . urlencode($transInfo['email']); // Email Y (1,40) varchar $Pinfo .= "&P17=" . urlencode(round(($transInfo['amount'] + $transInfo['additional_funds']) * 100)); // Load Amount – Represents the amount of money on the initial load when assigning the card number Y Numeric (See 1.1.5) if (!$transInfo['td_is_a_rebill']) { $Pinfo .= "&P18=" . ($transInfo['CCnumber'] ? $transInfo['CCnumber'] : $transInfo['td_gcard']); } else { $Pinfo .= "&P18="; } // Credit Card – Card number to charge for the Amount (P17) if a load is required. Y (1,26) Numeric $Pinfo .= "&P19=" . $expDate; // Credit Card Expiry Date – Expiration date of the credit card. MMYY Y (1,4) Numeric if (!$transInfo['td_is_a_rebill']) { $Pinfo .= "&P20="; } else { $Pinfo .= "&P20=" . urlencode($transInfo['cvv']); } // CVD – Cardholder Verification Data (CVV2,CVC2) Y (1,3) Numeric $Pinfo .= "&P21=" . round($transInfo['amount'] * 100); // Transfer Amount – Amount to transfer from Electron Card to Web Master. Y (1,9) Varchar $Pinfo .= "&P22=" . $additional_array[1]; // Merchant Vendor ID - Virtual ID number linked to a Merchant ID and/or a Merchant Debit Card. Y (1,20) Varchar $Pinfo .= "&P23=" . $transInfo['ipaddress']; // Cardholder IP Address Y (1,15) varchar $Pinfo .= "&P24=0"; // RSID – Reseller/Referrer ID Y $Pinfo .= "&P27=" . urlencode($transInfo['productdescription']); // Transaction Description N $Pinfo .= "&P28=" . urlencode($transInfo['reference_number']); // Ibill Transaction Tracking ID Y $Pinfo .= "&P29=" . $transInfo['td_is_a_rebill']; // RecurID Y 0 = not recurring 1 = recurring transaction $Pinfo .= "&P39="; // Embossing Data – used for embossing the name of the company on the card Y (1,40) Varchar if (!$transInfo['td_is_a_rebill']) { $Pinfo .= "&issue_physical_card=0"; } // Whether or not to issue plastic Y Boolean // Uncomment below for live $query_url = "https://trans.symmetrex.com/ibill/ibillapi?"; $output_url = $query_url . $Pinfo; $output_url = str_replace(" ", "%20", $output_url); toLog('order', 'customer', "Symmetrex Post for " . $transInfo['reference_number'] . ": " . $output_url, $transInfo['transactionId']); $process_result = http_post2('ssl://trans.symmetrex.com', 443, $output_url, $Pinfo); toLog('order', 'customer', "Symmetrex Result for " . $transInfo['reference_number'] . ": " . $process_result, $transInfo['transactionId']); $response['td_process_result'] = $process_result; parse_str(trim($process_result)); $response['errormsg'] = $P2; $response['errorcode'] = $P1; if (!$P3) { $response['td_gcard'] = "NULL"; } else { $response['td_gcard'] = "'" . etelEnc($P3) . "'"; } if (!$response['errormsg']) { $response['errormsg'] = "Declined"; } $response['success'] = true; $response['status'] = "D"; $response['td_process_query'] = $output_url; $response['td_bank_recieved'] = 'yes'; if ($process_result == '0: Success') { $response['td_bank_recieved'] = 'internalerror'; } if ($P2 == "Success") { $response['status'] = "A"; } $response['td_bank_transaction_id'] = $P8; $response['td_gcard_pass'] = $WalletPassword; return $response; }
$number = isset($HTTP_POST_VARS['number']) ? quote_smart($HTTP_POST_VARS['number']) : ""; $cvv2 = isset($HTTP_POST_VARS['cvv2']) ? quote_smart($HTTP_POST_VARS['cvv2']) : ""; $cardtype = isset($HTTP_POST_VARS['cardtype']) ? quote_smart($HTTP_POST_VARS['cardtype']) : ""; $mm = isset($HTTP_POST_VARS['opt_exp_month']) ? quote_smart($HTTP_POST_VARS['opt_exp_month']) : ""; $yyyy = isset($HTTP_POST_VARS['opt_exp_year']) ? quote_smart($HTTP_POST_VARS['opt_exp_year']) : ""; if ($i_recur_charge == "") { $i_recur_charge = $amount; } $validupto = "{$yyyy}/{$mm}"; $qrt_update_details = "update cs_transactiondetails set name='{$firstname}',surname='{$lastname}',phonenumber='{$phonenumber}',email='{$email}',address='{$address}',checkorcard='H',CCnumber='" . etelEnc($number) . "',accounttype='{$accounttype}',country='{$country}',city='{$city}',state='{$state}',zipcode='{$zip}',cvv={$cvv2},amount={$amount},cardtype='{$cardtype}',validupto='{$validupto}',misc='{$misc}',userid={$userid},voiceAuthorizationno='{$voiceauth}',shippingTrackingno='{$shipping}',socialSecurity='{$socialno}',driversLicense='{$licenceno}',billingDate='{$setbilldate}',licensestate='{$licensestate}' ,productdescription ='{$productDescription}' where transactionid={$tid}"; // print $qrt_update_details ; if (!($show_insert_run = mysql_query($qrt_update_details))) { dieLog(mysql_errno() . ": " . mysql_error() . "<BR>"); } else { if ($str_fields != "") { $qrt_update_details = "update cs_rebillingdetails set name='{$firstname}',surname='{$lastname}',phonenumber='{$phonenumber}',email='{$email}',address='{$address}',checkorcard='H',CCnumber='" . etelEnc($number) . "',accounttype='{$accounttype}',country='{$country}',city='{$city}',state='{$state}',zipcode='{$zip}',cvv={$cvv2},amount={$amount},cardtype='{$cardtype}',validupto='{$validupto}',misc='{$misc}',userid={$userid},voiceAuthorizationno='{$voiceauth}',shippingTrackingno='{$shipping}',socialSecurity='{$socialno}',driversLicense='{$licenceno}',billingDate='{$setbilldate}',licensestate='{$licensestate}' {$str_values} where transactionid={$tid}"; // print($qrt_update_details); if (!($show_sql = mysql_query($qrt_update_details, $cnn_cs))) { dieLog(mysql_errno() . ": " . mysql_error() . "<BR>"); } } /* $msgtodisplay="The Credit card transaction has been updated"; $outhtml="y"; message($msgtodisplay,$outhtml,$headerInclude); */ } } $cancel = isset($HTTP_POST_VARS['cancel']) ? quote_smart($HTTP_POST_VARS['cancel']) : ""; $cancelreason = isset($HTTP_POST_VARS['cancelreason']) ? quote_smart($HTTP_POST_VARS['cancelreason']) : ""; $id = isset($HTTP_POST_VARS['id']) ? quote_smart($HTTP_POST_VARS['id']) : ""; $canceldate = func_get_current_date_time();
</head> <body> <?php chdir(".."); $pageConfig['HideHeader'] = true; $pageConfig['Title'] = 'Transaction Information'; require_once 'includes/header.php'; require_once "includes/transaction.class.php"; require_once "includes/updateAccess.php"; $allowed = array('sub_phone', 'sub_email', 'email', 'CCnumber', 'bankaccountnumber', 'bankroutingcode', 'reference_number', 'phonenumber', 'subscription_ID'); if ($_REQUEST['CCnumber']) { if ($_REQUEST['email']) { $query['cs_transactiondetails.email'] = $_REQUEST['email']; } if ($_REQUEST['CCnumber']) { $query['CCnumber'] = etelEnc(quote_smart($_REQUEST['CCnumber'])); } } else { if ($_REQUEST['bankaccountnumber']) { if ($_REQUEST['bankaccountnumber']) { $query['bankaccountnumber'] = $_REQUEST['bankaccountnumber']; } if ($_REQUEST['bankroutingcode']) { $query['bankroutingcode'] = $_REQUEST['bankroutingcode']; } } else { if ($_REQUEST['email']) { $query['cs_transactiondetails.email'] = $_REQUEST['email']; } if ($_REQUEST['reference_number']) { $query['reference_number'] = $_REQUEST['reference_number'];
$sql = "SELECT reseller_id,reseller_email FROM `cs_resellerdetails` WHERE reseller_sendmail=0"; $result = mysql_query($sql) or dieLog(mysql_error()); while ($companyInfo = mysql_fetch_assoc($result)) { addListEmail($companyInfo['reseller_email'], "Company Email is Unsubscribed", $companyInfo['reseller_id'], 'reseller', 'unsubscribe'); } die; $sql = "SELECT * FROM `cs_transactiondetails` WHERE 1"; $result = mysql_query($sql) or dieLog(mysql_error()); while ($transInfo = mysql_fetch_assoc($result)) { die; $P3 = ""; parse_str(trim($transInfo['td_process_result'])); if (!$P3) { $response['td_gcard'] = "NULL"; } else { $response['td_gcard'] = "'" . etelEnc($P3) . "'"; } $sql = "UPDATE `cs_transactiondetails` set td_gcard=" . $response['td_gcard'] . " WHERE transactionId=" . $transInfo['transactionId']; mysql_query($sql) or dieLog(mysql_error()); } /* $sql = "SELECT userId, volumenumber, volume_last_month, volume_prev_30days,
} else { $str_or_query .= " ( " . $decline_condition; } } if ($cancel_condition != "") { if ($str_or_query != "") { $str_or_query .= " or " . $cancel_condition; } else { $str_or_query .= " ( " . $cancel_condition; } } if ($cnumber != "") { if ($strConditions != "") { $strConditions .= " and CCnumber = '" . etelEnc($cnumber) . "' "; } else { $strConditions .= " CCnumber = '" . etelEnc($cnumber) . "' "; } } $strRadConditions = ""; if ($radRange == "S") { $strRadConditions = " (billingDate >= '{$dateToEnter}' and billingDate <= '{$dateToEnter1}') "; } else { $strRadConditions = " (transactionDate >= '{$dateToEnter}' and transactionDate <= '{$dateToEnter1}') "; } if ($strRadConditions != "") { if ($strConditions != "") { $strConditions .= " and {$strRadConditions}"; } else { $strConditions .= $strRadConditions; } }
} </script> <?php $txt_cc = isset($HTTP_GET_VARS["txt_cc"]) ? Trim($HTTP_GET_VARS["txt_cc"]) : ""; $txt_telephone = isset($HTTP_GET_VARS["txt_telephone"]) ? Trim($HTTP_GET_VARS["txt_telephone"]) : ""; $txt_email = isset($HTTP_GET_VARS["txt_email"]) ? Trim($HTTP_GET_VARS["txt_email"]) : ""; $txt_reference = isset($HTTP_GET_VARS["txt_reference"]) ? Trim($HTTP_GET_VARS["txt_reference"]) : ""; $txt_cancel = isset($HTTP_GET_VARS["txt_cancel"]) ? Trim($HTTP_GET_VARS["txt_cancel"]) : ""; $txt_checkingaccount = isset($HTTP_GET_VARS["txt_checkingaccount"]) ? Trim($HTTP_GET_VARS["txt_checkingaccount"]) : ""; $txt_bankrouting = isset($HTTP_GET_VARS["txt_bankrouting"]) ? Trim($HTTP_GET_VARS["txt_bankrouting"]) : ""; $cancelBtnTxt = "Cancel Transaction"; $refundBtnTxt = "Request Refund"; $str_qry = ""; if ($txt_cc) { $str_qry .= " AND t.CCnumber = '" . etelEnc(strip_chars($txt_cc)) . "' "; } if ($txt_telephone) { $str_qry .= " AND t.phonenumber = '" . strip_chars($txt_telephone) . "'"; } if ($txt_email) { $str_qry .= " AND t.email = '{$txt_email}' "; } if ($txt_reference) { $str_qry .= " AND t.reference_number = '" . strtoupper($txt_reference) . "' "; } if ($txt_cancel) { $str_qry .= " AND t.cancel_refer_num = '{$txt_cancel}' "; } if ($txt_checkingaccount && $txt_bankrouting) { $str_qry .= " AND t.bankaccountnumber = '" . strip_chars($txt_checkingaccount) . "' AND bankroutingcode = '{$txt_bankrouting}' ";
function insert_TransactionWithRates($transInfo, $mode = "Test") { $int_table = "cs_test_transactiondetails"; if ($mode == "Live") { $int_table = "cs_transactiondetails"; } //$transInfo['userId'] = $merchant_id; $trans_fields = array("name", "surname", "phonenumber", "address", "ccnumber", "cvv", "checkorcard", "country", "city", "td_bank_number", "state", "zipcode", "amount", "bankname", "bankroutingcode", "bankaccountnumber", "accounttype", "email", "cancelstatus", "userid", "cardtype", "checktype", "validupto", "ipaddress", "productdescription", "reference_number", "currencytype", "r_reseller_discount_rate", "r_total_discount_rate", "td_fraud_score", "r_chargeback", "r_credit", "r_transactionfee", "r_reserve", "r_merchant_discount_rate", "r_total_trans_fees", "r_reseller_trans_fees", "r_discountrate", "r_merchant_trans_fees", "cancel_refer_num", "return_url", "from_url", "bank_id", "td_rebillingID", "td_is_a_rebill", "td_enable_rebill", "td_voided_check", "td_returned_checks", "td_site_id", "td_is_affiliate", "td_send_email", "td_customer_fee", "td_is_pending_check", "td_is_chargeback", "td_recur_processed", "td_recur_next_date", "td_username", "td_password", "td_product_id", "td_non_unique", "td_merchant_fields", "td_subscription_id", "r_bank_trans_fee", "r_bank_discount_rate", "r_chargeback,r_reserve", "r_reseller_trans_fees", "r_reseller_discount_rate", "r_merchant_trans_fees", "r_merchant_discount_rate", "transactiondate", "billingdate", "td_ss_ID"); //$this->array_print($transInfo); if (is_numeric($transInfo['CCnumber'])) { $transInfo['CCnumber'] = etelEnc($transInfo['CCnumber']); } if (is_numeric($transInfo['bankroutingcode'])) { $transInfo['bankroutingcode'] = etelEnc($transInfo['bankroutingcode']); } if (is_numeric($transInfo['bankaccountnumber'])) { $transInfo['bankaccountnumber'] = etelEnc($transInfo['bankaccountnumber']); } $insert = ""; foreach ($transInfo as $field => $value) { if (in_array(strtolower($field), $trans_fields)) { $insert .= ($insert == "" ? "" : ", ") . $field . " = \"" . quote_smart($transInfo[$field]) . "\"\r\n"; } } $sql = "\r\n\t\t\tINSERT INTO\r\n\t\t\t\t{$int_table}\r\n\t\t\tSET\r\n\t\t\t\tstatus = 'P',\r\n\t\t\t\t{$insert}\r\n\t\t\t;"; sql_query_write($sql) or dieLog(mysql_errno() . ": " . mysql_error() . "<BR>" . $sql); $trans_id = mysql_insert_id(); return $trans_id; }
<?php include "includes/sessioncheck.php"; $pageConfig['Title'] = 'Entity Manager'; $loginas = intval($_REQUEST["loginas"]); if ($loginas) { $etel_debug_mode = 0; require_once "../includes/dbconnection.php"; $_SESSION["gw_admin_info"] = etelEnc($_SESSION["gw_user_username"] . "|" . $_SESSION["gw_user_hash"] . "|Admin|" . $_SESSION['gw_id'] . "|editCompanyProfileAccess.php?entity_id=" . $_REQUEST['entity_id']); $_SESSION["loginredirect"] = "None"; $_SESSION["userType"] = quote_smart(ucfirst($_REQUEST['type'])); $_SESSION["gw_user_username"] = quote_smart($_REQUEST['username']); $_SESSION["gw_user_password"] = ''; $_SESSION["gw_user_hash"] = quote_smart($_REQUEST['hash']); if ($_SESSION["userType"] == 'Reseller') { echo "<script>document.location='../reseller/ledger.php'</script>"; } else { echo "<script>document.location='../ledger.php'</script>"; } die; } $headerInclude = "companies"; include "includes/header.php"; $data = JSON_get_data(array('func' => 'getEntitySearchOptions')); $json = new Services_JSON(); $output = $json->encode($data); ?> <script language="javascript" src="<?php echo $rootdir; ?> /scripts/dynosearch.js"></script>
function cc_i24Card_integration($transInfo, $bankInfo, $companyInfo) { global $etel_fraud_limit; $response = ""; $response['errormsg'] = "No Error 15"; $response['success'] = false; $response['td_bank_recieved'] = 'no'; //include('snoopy/Snoopy.class.php'); // Fraud Scrubbing $scrub_response = execute_scrub_tests(&$transInfo, &$bankInfo, &$companyInfo); if ($scrub_response != -1) { return $scrub_response; } if ($bankInfo['bk_cc_support'] != 1) { $response['errormsg'] = "This bank does not support this Integration Function. Please contact an administrator."; return $response; } //$cust_state = func_get_state($transInfo['state'],'st_full'); $expDate = explode("/", $transInfo['validupto']); $expYear = substr($expDate[0], -2, 2); $expMonth = $expDate[1]; //if(!$transInfo['td_is_a_rebill']) $expDate = $expMonth . $expYear; //else $expDate=''; $cust_cntry = urlencode(func_get_country($transInfo['country'], 'co_ISO')); //foreach($transInfo as $key => $info) //$transInfo[$key] = urlencode($info); $i24_msg_id = rand(0, 400000000000); $response['td_bank_transaction_id'] = $i24_msg_id; $additional_array = explode('|', $bankInfo['bk_additional_id']); //FunctionID 002 Y $Pinfo = ""; $Pinfo .= "CID=" . $additional_array[0]; $Pinfo .= "&CUSR="******"&CPWD=" . $bankInfo['bk_password']; if (!is_numeric($transInfo['td_gcard'])) { $transInfo['td_is_a_rebill'] = 0; } if (!$transInfo['td_is_a_rebill']) { $Pinfo .= "&FUNC=002"; } else { $Pinfo .= "&FUNC=003"; } $Pinfo .= "&MSGID=" . $i24_msg_id; if (!$transInfo['td_is_a_rebill']) { $Pinfo .= "&P1=" . rand(0, 400000000); } else { $Pinfo .= "&P1=" . $transInfo['td_gcard']; } //Electron Card Y (1,9) Numeric $Pinfo .= "&P2=" . urlencode($transInfo['name']); //First Name Y (1,20) Varchar $Pinfo .= "&P3=" . urlencode($transInfo['initial']); //Middle Initial N (1,1) Varchar $Pinfo .= "&P4=" . urlencode($transInfo['surname']); //Last Name Y (1,20) Varchar $Pinfo .= "&P5=" . urlencode($transInfo['address']); //Address1 Y (1,30) Varchar $Pinfo .= "&P6=" . urlencode($transInfo['address2']); //Address2 N (1,30) Varchar $Pinfo .= "&P7=" . urlencode($transInfo['city']); //City Y (1,25) Varchar $Pinfo .= "&P8=" . urlencode($transInfo['state']); //State Y (1,8) Varchar $Pinfo .= "&P9=" . urlencode($transInfo['zipcode']); //Zip Code Y (5,9) Varchar $Pinfo .= "&P10=" . $cust_cntry; //Country Code (ISO 3166) Y (2) Varchar Alpha //$Pinfo.="&P11=123"; //UDF1 N (255) varchar //$Pinfo.="&P12=123"; //UDF2 N (255) varchar //$Pinfo.="&P13=123"; //UDF3 N (255) varchar //$Pinfo.="&P14=123"; //UDF4 N (255) varchar //$Pinfo.="&P15=123"; //UDF5 N (255) varchar $Pinfo .= "&P16=" . urlencode($transInfo['email']); // Email Y (1,40) varchar $Pinfo .= "&P17=" . urlencode(round($transInfo['amount'] * 100)); // Load Amount – Represents the amount of money on the initial load when assigning the card number Y Numeric (See 1.1.5) if (!$transInfo['td_is_a_rebill']) { $Pinfo .= "&P18=" . ($transInfo['CCnumber'] ? $transInfo['CCnumber'] : $transInfo['td_gcard']); } else { $Pinfo .= "&P18="; } // Credit Card – Card number to charge for the Amount (P17) if a load is required. Y (1,26) Numeric //if(!$transInfo['cvv']) $transInfo['cvv']= 123; $Pinfo .= "&P19=" . $expDate; // Credit Card Expiry Date – Expiration date of the credit card. MMYY Y (1,4) Numeric if (!$transInfo['td_is_a_rebill']) { $Pinfo .= "&P20="; } else { $Pinfo .= "&P20=" . urlencode($transInfo['cvv']); } // CVD – Cardholder Verification Data (CVV2,CVC2) Y (1,3) Numeric $Pinfo .= "&P21=" . round($transInfo['amount'] * 100); // Transfer Amount – Amount to transfer from Electron Card to Web Master. Y (1,9) Varchar $Pinfo .= "&P22=" . $additional_array[1]; // Merchant Vendor ID - Virtual ID number linked to a Merchant ID and/or a Merchant Debit Card. Y (1,20) Varchar $Pinfo .= "&P23=" . $transInfo['ipaddress']; // Cardholder IP Address Y (1,15) varchar $Pinfo .= "&P24=0"; // RSID – Reseller/Referrer ID Y //$Pinfo.="&P25=".$transInfo['company_info']; // Merchant Descriptor 1 N //$Pinfo.="&P26=".$transInfo['company_info']; // Merchant Descriptor 2 N $Pinfo .= "&P27=" . urlencode($transInfo['productdescription']); // Transaction Description N $Pinfo .= "&P28=" . urlencode($transInfo['reference_number']); // Ibill Transaction Tracking ID Y $Pinfo .= "&P29=" . $transInfo['td_is_a_rebill']; // RecurID Y 0 = not recurring 1 = recurring transaction //$Pinfo.="&P30=123"; // DOB N Date (i.e., mm/dd/yyyy or m/d/yyyy) //$Pinfo.="&P31=123"; // Phone N (7,15) Varchar //$Pinfo.="&P32=123"; // Sale Flag N NOSALE- will not send transaction to sale //$Pinfo.="&P33=123"; // Security Field 1 can include mother’s maiden name or license number N (1,22) varchar //$Pinfo.="&P34=123"; // Security Field 1 can include mother’s maiden name or license number N (1,22) varchar //$Pinfo.="&P35=123"; // Not Used N //$Pinfo.="&P36=123"; // User defined field. It handles special requirements for the client N (1,16) varchar //$Pinfo.="&P37=123"; // User defined field. It handles special requirements for the client l N (1,16) varchar //$Pinfo.="&P38=123"; // Social Security Nbr. N (1,9) Varchar $Pinfo .= "&P39="; // Embossing Data – used for embossing the name of the company on the card Y (1,40) Varchar //$Pinfo.="&P40=123"; // Merchant City N (1,30) Varchar //$Pinfo.="&P41=123"; // Merchant State N (1,30) Varchar //$Pinfo.="&P42=123"; // Merchant Zip N (1,30) Varchar //$Pinfo.="&P43=123"; // Merchant Country N (1,30) Varchar //$Pinfo.="&distributorcode=123"; // Distributor Code N (1,30) Varchar if (!$transInfo['td_is_a_rebill']) { $Pinfo .= "&issue_physical_card=0"; } // Whether or not to issue plastic Y Boolean //$Pinfo.="&Remote_Host=".$transInfo['ipaddress']; // Whether or not to issue plastic Y Boolean //$Pinfo.="&password=0"; // Whether or not to issue plastic Y Boolean // Uncomment below for live $query_url = "https://trans.symmetrex.com/ibill/ibillapi?"; $output_url = $query_url . $Pinfo; $output_url = str_replace(" ", "%20", $output_url); //$process_result = file_get_contents($output_url); //print($output_url."@"); //$process_result = file($output_url); //print($process_result."2@"); toLog('order', 'customer', "Symmetrex Post for " . $transInfo['reference_number'] . ": " . $output_url, $transInfo['transactionId']); $process_result = http_post2('ssl://trans.symmetrex.com', 443, $output_url, $Pinfo); toLog('order', 'customer', "Symmetrex Result for " . $transInfo['reference_number'] . ": " . $process_result, $transInfo['transactionId']); //if(!$process_result) //{ //$Pinfo=""; //$Pinfo.="FUNC=004"; //$Pinfo.="&P1=".$i24_msg_id; //$echo_result = http_post('ssl://trans.symmetrex.com', 443, $query_url.$Pinfo, $Pinfo); //toLog('order','customer', "Querying server for info on ".$transInfo['reference_number'].": ".$echo_result." Query: ".$query_url.$Pinfo,$transInfo['transactionId']); //} $response['td_process_result'] = $process_result; //$clean_data = str_replace("\n","&",trim(str_replace("endofdata", "", trim($process_result['0'])))); parse_str(trim($process_result)); $response['errormsg'] = $P2; $response['errorcode'] = $P1; if (!$P3) { $response['td_gcard'] = "NULL"; } else { $response['td_gcard'] = "'" . etelEnc($P3) . "'"; } if (!$response['errormsg']) { $response['errormsg'] = "Declined"; } $response['success'] = true; $response['status'] = "D"; $response['td_process_query'] = $output_url; $response['td_bank_recieved'] = 'yes'; if ($process_result == '0: Success') { $response['td_bank_recieved'] = 'internalerror'; } if ($P2 == "Success") { $response['status'] = "A"; } $response['td_bank_transaction_id'] = $P8; return $response; }
$strConditions .= " and checkorcard = 'H' and CCnumber = '" . etelEnc($credit_number) . "' "; } else { $strConditions .= " checkorcard = 'H' and CCnumber = '" . etelEnc($credit_number) . "' "; } } else { if ($check_number != "") { if ($account_number == "" || $routing_code == "") { $outhtml = "y"; $msgtodisplay = "Please enter the account number and bank routing code"; message($msgtodisplay, $outhtml, $headerInclude); exit; } if ($strConditions != "") { $strConditions .= " and checkorcard = 'C' and CCnumber = '" . etelEnc($check_number) . "' and bankaccountnumber = '{$account_number}' and bankroutingcode = '{$routing_code}' "; } else { $strConditions .= " checkorcard = 'C' and CCnumber = '" . etelEnc($check_number) . "' and bankaccountnumber = '{$account_number}' and bankroutingcode = '{$routing_code}' "; } } } $strRadConditions = ""; if ($radRange == "S") { $strRadConditions = " (billingDate >= '{$dateToEnter}' and billingDate <= '{$dateToEnter1}') "; } else { $strRadConditions = " ({$search_date_type} >= '{$dateToEnter}' and {$search_date_type} <= '{$dateToEnter1}') "; } if ($str_firstname == "" && $str_lastname == "" && $str_telephone == "" && $email == "" && $transactionId == "" && $check_number == "" && $credit_number == "" && $account_number == "" && $routing_code == "") { if ($strRadConditions != "") { if ($strConditions != "") { $strConditions .= " and {$strRadConditions}"; } else { $strConditions .= $strRadConditions;
<?php $rootdir = "../"; $headerInclude = "service"; include $rootdir . "includes/sessioncheckserviceuser.php"; include $rootdir . "includes/dbconnection.php"; $redir = $_REQUEST['redir']; if ($_SESSION['cs_found_merchant']) { $sql = "select * from cs_companydetails where userId = '" . intval($_SESSION['cs_found_merchant']) . "'"; $result = mysql_query($sql) or dieLog(mysql_error() . " ~ {$sql}"); $companyInfo = mysql_fetch_assoc($result); if ($companyInfo) { $etel_debug_mode = 0; require_once "../includes/dbconnection.php"; $_SESSION["loginredirect"] = "None"; $_SESSION["gw_customerservice_info"] = etelEnc($_SESSION["gw_user_username"] . "|" . $_SESSION["gw_user_password"] . "|CustomerService|" . $_SESSION['gw_id'] . "|livetree.php"); general_login($companyInfo['username'], $companyInfo['password'], "merchant", $companyInfo['gateway_id'], false, $redir); die; } } dieLog("Invalid Login ~ {$sql}", "Invalid Login");
<td colspan="3" width="98%" background="images/menubtmcenter.gif"><img border="0" src="images/menubtmcenter.gif" width="6" height="11"></td> <td width="1%" ><img src="images/menubtmright.gif"></td> </tr> </table> <?php } } ?> </td> </tr> </table> </form> <?php } else { if ($cnumber != "" && $id == "") { $querystr = "select a.status,a.transactionId,b.companyname,a.name,a.surname,a.checkorcard,a.amount,a.transactionDate from cs_transactiondetails as a,cs_companydetails as b where a.CCnumber = '" . etelEnc($cnumber) . "' and a.userid=b.userid"; $querystr = $querystr . " and a.userid=" . $sessionlogin . " order by a.transactionId desc"; // echo $querystr; $show_sql = mysql_query($querystr); if (mysql_num_rows($show_sql) == 0) { $outhtml = "y"; $msgtodisplay = "The Check or Credit Card Number is not valid"; message($msgtodisplay, $outhtml, $headerInclude); exit; } ?> <table border="0" cellpadding="0" width="95%" cellspacing="0" height="490" align="center"> <tr><td width="83%" valign="top" align="center" height="333"> <table border="0" cellpadding="0" cellspacing="0" width="70%" > <tr> <td width="100%" height="22">
$str_where_query .= " and a.cardtype != 'Check' and a.CCnumber = '" . etelEnc($credit_number) . "' "; } else { $str_where_query .= " a.cardtype != 'Check' and a.CCnumber = '" . etelEnc($credit_number) . "' "; } } else { if ($check_number != "") { if ($account_number == "" || $routing_code == "") { $outhtml = "y"; $msgtodisplay = "Please enter the account number and bank routing code"; message($msgtodisplay, $outhtml, $headerInclude); exit; } if ($str_where_query != "") { $str_where_query .= " and a.cardtype = 'Check' and a.CCnumber = '" . etelEnc($check_number) . "' and a.bankaccountnumber = '{$account_number}' and a.bankroutingcode = '{$routing_code}' "; } else { $str_where_query .= " a.cardtype = 'Check' and a.CCnumber = '" . etelEnc($check_number) . "' and a.bankaccountnumber = '{$account_number}' and a.bankroutingcode = '{$routing_code}' "; } } } if ($str_where_query != "") { $str_where_query .= " and "; } if (!$trans_period) { $dateToEnter = "{$yyyyCur}-{$mmCur}-{$ddCur}"; $dateToEnter1 = "{$yyyyCur}-{$mmCur}-{$ddCur} 23:59:59"; $qrt_select_details = "select a.status,a.transactionId,a.userId,b.companyname,a.name,a.surname,a.checkorcard,a.cardtype,a.amount,a.transactionDate,a.status,a.cancelstatus,a.td_is_chargeback,b.billingdescriptor,a.reference_number,a.currencytype,a.cardtype,a.td_is_chargeback,b.cc_billingdescriptor,b.ch_billingdescriptor,b.cc_visa_billingdescriptor,b.cc_master_billingdescriptor,b.we_billingdescriptor from {$trans_table_name} as a,cs_companydetails as b,cs_rebillingdetails as c where {$str_where_query} a.userid=b.userid"; $qrt_total_select = "select sum(IF(a.status='A',a.amount,0)) as approved,sum(a.amount*(a.status='D')) as declined,count(*) as cnt from {$trans_table_name} as a,cs_companydetails as b where {$str_where_query} a.userid=b.userid"; } if ($trans_period == "p") { if (!isset($trans_querycc)) { $trans_querycc = "";
$send_mails = mysql_result($show_sql_run, 0, 4); $send_ecommercemail = mysql_result($show_sql_run, 0, 5); $str_gateway_id = mysql_result($show_sql_run, 0, 6); $bank_check = mysql_result($show_sql_run, 0, 7); if (mysql_num_rows($show_sql_run) == 0) { $msgdisplay = "<font face='verdana' size='2' color='black'>You are not a valid user.</font>"; $msgtodisplay = "<table width='350' height='100' align='center' valign='middle' style='border:1px solid black'><tr><td align='center' valign='middle'>{$msgdisplay}</td></tr><tr><td align='center'><a href='javascript:window.history.back();'><img border='0' src='http://www.etelegate.com/images/back.jpg'></a></td></tr></table>"; print $msgtodisplay; $return_message = "UIN"; exit; } else { $int_table = "cs_test_transactiondetails"; if ($integration_mode == "Live") { $int_table = "cs_transactiondetails"; } $qrt_insert_details = "insert into {$int_table} (td_product_id,name,surname,phonenumber,address,checkorcard,CCnumber,accounttype,country,city,state,zipcode,checktype,amount,transactionDate,bankname,bankroutingcode,bankaccountnumber,misc,cancelstatus,status,userid ,ipaddress,voiceAuthorizationno,shippingTrackingno,socialSecurity,driversLicense,billingDate,passStatus,pass_count,licensestate,email,productdescription,company_usertype,company_user_id,currencytype,td_is_pending_check,return_url,from_url,bank_id,td_site_ID,td_username,td_password,td_recur_next_date,td_rebillingID,td_enable_rebill) \n\t\t\tvalues('{$td_product_id}','{$firstname}','{$lastname}','{$phonenumber}','{$address}','C','" . etelEnc($chequenumber) . "','{$accounttype}','{$country}','{$city}','{$state}','{$zip}','{$chequetype}','{$amount}','{$dateToEnter}','{$bankname}','{$bankroutingcode}','{$bankaccountno}','{$misc}','N','',{$companyid},'{$ipaddress}','{$voiceauth}','{$shipping}','{$socialno}','{$licenceno}','{$setbilldate}','PE',0,'{$licensestate}','{$email}','{$productDescription}',4,{$companyid},'{$str_currency}','1','{$i_return_url}','{$from_url}','{$bank_CreditcardId}','{$site_id}','{$td_username}','{$td_password}','{$td_recur_next_date}','{$mt_subAccount}','{$td_enable_rebill}')"; if (!($show_sql = mysql_query($qrt_insert_details, $cnn_cs))) { print mysql_errno() . ": " . mysql_error() . "<BR>"; print "Cannot execute query"; $return_message = "INT"; exit; } else { //changed $trans_id = mysql_insert_id(); func_update_rate($companyid, $trans_id, $cnn_cs, "ch"); //func_ins_bankrates($trans_id,$bank_check,$cnn_cs); $ref_number = func_Trans_Ref_No($trans_id); $updateSuccess = ""; $updateSuccess = func_update_single_field($int_table, 'reference_number', $ref_number, 'transactionId', $trans_id, $cnn_cs); if ($updateSuccess = 1) { $reference_number = $ref_number;
$sql = "select lt.*,plt.lt_subject as parent_lt_subject from cs_live_tree as lt left join cs_live_tree as plt on lt.lt_parent_ID = plt.lt_ID where lt.lt_ID = '{$lt_ID}' {$sql_lt_type};"; $result = mysql_query($sql) or dieLog(mysql_error()); $cs_live_tree = mysql_fetch_assoc($result); } else { $_SESSION['cs_found_merchant'] = NULL; $cs_error_msg = "Merchant could not be found. Please try another search method.<BR>If you have tried all methods, please select 'Could Not Find Merchant' option."; } } $reference_number = $_SESSION['cs_found_reference_number']; if ($_POST['searchtrans']) { $sql_where = ""; if ($_POST['CCnumber']) { $_POST['CCnumber'] = etelEnc($_POST['CCnumber']); } if ($_POST['bankaccountnumber']) { $_POST['bankaccountnumber'] = etelEnc($_POST['bankaccountnumber']); } if ($_POST['phonenumber']) { $_POST['phonenumber'] = preg_replace('/[^0-9]/', '', $_POST['phonenumber']); } foreach ($search_by_array as $search_type) { if (isset($_POST[$search_type])) { $sql_where .= ($sql_where ? " AND " : "") . " {$search_type}='" . quote_smart($_POST[$search_type] ? $_POST[$search_type] : "Invalid") . "'"; } } if ($sql_where) { $sql = "select reference_number,concat('Time: ',transactiondate,' - Ref: ',reference_number,' for ','\$',amount) as title,\n\t\t\tproductdescription as descr\n\t\t\t\n\t\t\t from cs_transactiondetails where {$sql_where} and status='A'"; $result = mysql_query($sql) or dieLog(mysql_error() . " ~ {$sql}"); $num_rows = mysql_num_rows($result); $_SESSION['cs_found_transaction_array'] = NULL; if ($num_rows) {
function JSON_get_data($qry) { global $etel_completion_array, $etel_entity_search, $etel_transaction_search; global $curUserInfo; $start_time = microtime_float(); $data = NULL; $data['output'] = NULL; $data['func'] = $qry['func']; switch ($qry['func']) { case 'getTransactionSearchOptions': $search_opts = $etel_transaction_search; case 'getEntitySearchOptions': if (!$search_opts) { $search_opts = $etel_entity_search; } foreach ($search_opts['options'] as $k => $s) { $sa[$s['g']]['o'][] = array('k' => $k, 'n' => $s['n'], 't' => $s['t'], 'c' => $s['c']); $sa[$s['g']]['g'] = $search_opts['groups'][$s['g']]['g']; } $data['search_options'] = array_values($sa); $data['search_func'] = $search_opts['search_func']; break; case 'getTransactionList': $search_opts = $etel_transaction_search; case 'getEntityList': if ($qry['silent']) { $data['silent'] = $qry['silent']; } if (!$search_opts) { $search_opts = $etel_entity_search; } $sql_info['join'] = array(); $search_conditions = array(); $sql_info['where'] = ''; foreach ($qry['en_search_by'] as $key => $search_by) { if ($search_by == 'er') { $qry['en_search'][$key] = $_SESSION["gw_user_en_ID"]; } $search_conditions[$key] = array('search' => quote_smart($qry['en_search'][$key]), 'searchby' => quote_smart($search_by)); if ($search_by == 'all') { foreach ($search_opts['options'] as $by => $opt) { if ($opt['allinfo']) { JSON_getEntityList_build_where($search_opts, $sql_info, $by, quote_smart($qry['en_search'][$key]), 'OR'); } } if ($sql_info['where']) { $sql_info['where'] = "( " . $sql_info['where'] . " )"; } } } foreach ($search_conditions as $sc) { JSON_getEntityList_build_where($search_opts, $sql_info, $sc['searchby'], $sc['search'], $qry['logic']); } if ($qry['sortby'] && $search_opts['options'][$qry['sortby']]['f']) { $sql_info['sort'] = " ORDER BY " . $search_opts['options'][$qry['sortby']]['f'] . " " . ($qry['sortdir'] == 'ASC' ? 'ASC ' : 'DESC '); } if (!$sql_info['sort']) { $sql_info['sort'] = " ORDER BY en_ID DESC "; } if ($sql_info['where']) { $sql_info['where'] = " AND ( " . $sql_info['where'] . " )"; } if (!$curUserInfo['en_access'][ACCESS_AUTH_ENTITY_ADMIN]) { $sql_info['where'] .= " AND en_type != 'admin' "; } $data['limit'] = intval($qry['limit']); if ($data['limit'] < 10) { $data['limit'] = 50; } if ($data['limit'] > 300) { $data['limit'] = 300; } $data['limitfrom'] = intval($qry['limitfrom']); if ($data['limitfrom'] < 1) { $data['limitfrom'] = 0; } $data['entity_list'] = array(); if ($sql_info['join']) { $sql_info['group'] = " Group by en_ID "; } $info['TimeOut'] = 5; $sql = "select SQL_CALC_FOUND_ROWS en.en_ID as id,en.en_company as cn,en.en_email as em,en.en_username as un, en.en_password as pw, en.en_type as ty from cs_entities as en " . implode(" ", $sql_info['join']) . " WHERE 1 " . $sql_info['where'] . $sql_info['group'] . $sql_info['sort'] . " limit " . $data['limitfrom'] . ',' . $data['limit']; //etelPrint($sql); if (in_array('wp', $qry['en_search_by'])) { $data['cmd'][] = array('id' => 'all', 'type' => 'ws', 'st' => 'pending'); } if (in_array('dp', $qry['en_search_by'])) { $data['cmd'][] = array('id' => 'all', 'type' => 'ud', 'st' => 'pending'); } if (in_array('pp', $qry['en_search_by'])) { $data['cmd'][] = array('id' => 'all', 'type' => 'pa', 'st' => 'pending'); } if (in_array('ip', $qry['en_search_by'])) { $data['cmd'][] = array('id' => 'all', 'type' => 'is', 'st' => 'Unanswered'); } //$data['sql'] = $sql; $result = sql_query_read($sql, $info) or dieLog(mysql_error() . " ~ {$sql}"); while ($entity = mysql_fetch_assoc($result)) { $entity['il'] = 'editCompanyProfileAccess.php?entity_id=' . $entity['id']; $entity['li'] = 'EntityManager.php?loginas=1&type=' . $entity['ty'] . '&username='******'un'] . '&hash=' . $entity['pw'] . '&entity_id=' . $entity['id']; if (strlen($entity['cn']) > 35) { $entity['cn'] = substr($entity['cn'], 0, 34) . "..."; } $data['entity_list'][] = $entity; } $sql = "select FOUND_ROWS()"; $result = sql_query_read($sql) or dieLog(mysql_error() . " ~ {$sql}"); $data['num_rows'] = mysql_result($result, 0, 0); $data['search_func'] = $search_opts['info_func']; $data['display_fields'] = array(array('k' => 'id', 'chk' => 1), array('k' => 'id', 'n' => 'ID'), array('k' => 'cn', 'n' => 'Company Name', 'ar' => array(array('k' => 'lg', 'n' => '(Login as)', 'btn' => array('li')), array('k' => 'cn', 'dl' => array('il')))), array('k' => 'op', 'n' => 'Options', 'opar' => array('info|(Information)', $curUserInfo['en_access'][ACCESS_AUTH_ENTITY_ADMIN] ? 'ac|(Access Rights)' : NULL, 'pr|(Profit)', 'pa|(Payouts)', 'is|(Issues)', 'ws|(Websites)', 'ud|(Documents)', 'pp|(PricePoints)', 'all|(Open All)'))); //$data['display_options'] = array();//,'em|Email' break; case 'setEntityInfo': $id = $qry['id']; $res = array('msg' => 'Failed to Update', 'status' => false); switch ($qry['f']) { case 'update_general': $update = array('General_Notes' => html_entity_decode(stripslashes($qry['nst']))); unset($qry['nst']); $update_result = etel_update_serialized_field('cs_entities', 'en_info', " en_ID = '" . $id . "'", $update); if (!$update_result) { $res = array('msg' => 'Invalid Entry', 'status' => false); } else { if ($update_result['updated']) { $res = array('msg' => 'Merchant Updated Successfully', 'status' => true); } else { $res = array('msg' => 'No Updates Detected', 'status' => true); } } $res['update'] = array('id' => $id, 'type' => 'info'); $data['result'][] = $res; break; case 'update_site': $conf_array = array('a' => 'approved', 'd' => 'declined', 'i' => 'ignored', 'n' => 'non-compliant'); if ($conf_array[$qry['nvr']]) { $res = en_confirm_website($qry['wi'], $conf_array[$qry['nvr']], $qry['nc']); } else { $res = array('msg' => 'Invalid Entry', 'status' => false); } if ($res['status']) { $res['update'] = array('id' => $id, 'type' => 'ws', 'hl' => $qry['wi'], 'st' => $qry['st']); } $data['result'][] = $res; break; case 'update_doc': $conf_array = array('a' => 'Approved', 'd' => 'Declined'); if ($conf_array[$qry['nst']]) { $res = en_confirm_documents($qry['fi'], $conf_array[$qry['nst']], $qry['nc']); } else { $res = array('msg' => 'Invalid Entry', 'status' => false); } $res['update'] = array('id' => $id, 'type' => 'ud', 'hl' => $qry['fi'], 'st' => $qry['st']); $data['result'][] = $res; break; case 'update_invoice': $res = en_update_invoice($qry['ii'], $qry['nst'], $qry['in'], $qry['em']); if ($res['status']) { $res['update'] = array('id' => $id, 'type' => 'pa', 'hl' => $qry['ii'], 'st' => $qry['st']); } $data['result'][] = $res; break; case 'update_access': $res = en_update_access($id, array($qry['al'] => $qry['nst'])); $data['result'][] = $res; break; case 'add_adjustment': $res = en_adjust_profit($id, $qry['ia'], $qry['ie'], $qry['in'], $qry['ic']); if ($res['status']) { $res['update'] = array('id' => $id, 'type' => 'pr'); } $data['result'][] = $res; break; case 'commit_payout': $RF = new rates_fees(); if ($curUserInfo['en_access'][ACCESS_AUTH_PAYMENTS]) { $res = $RF->commit_payout($id, array('date_entered' => $qry['pd'], 'amount' => $qry['pa'])); } if ($res['status']) { $res['update'] = array('id' => $id, 'type' => 'pa', 'hl' => $res['pa_ID']); } $data['result'][] = $res; break; } break; case 'getEntityInfo': $qry['id'] = explode(',', $qry['id']); $data['num_rows'] = 0; if ($qry['silent']) { $data['silent'] = $qry['silent']; } $highlight_format = array('tr|class|rowhighlight'); foreach ($qry['id'] as $i => $en_ID) { $en_ID = intval($en_ID); if (!is_array($qry['type'])) { $request = $qry['type']; } else { $request = $qry['type'][$i]; } switch ($request) { case 'all': case 'info': $entity = array('id' => $en_ID, 'msg' => 'No General Info Available', 'type' => 'info', 'info' => array(), 'use_tab' => true); $entityInfo = en_get_general_info($en_ID); //$entity['stats'] = array('n'=>"\n".$etel_completion_array[$entityInfo['cd_completion']]['txt']); $entity['display_fields'] = array(array('ar' => array(array('k' => 'st', 'edit' => 'textarea', 'tstamp' => true), array('k' => 'upd', 'edit' => 'button', 'f' => array('s|f|update_general|', 'fld|nst|st'), 'n' => '(Update)')), 'n' => 'General Info')); //,'em|Email' $entity['info'][] = array('sid' => $en_ID, 'st' => $entityInfo['en_info']['General_Notes']); $data['entity_info'][] = $entity; if ($request != 'all') { break; } case 'is': $entity = array('id' => $en_ID, 'msg' => 'No Issues Available', 'type' => 'is', 'info' => array(), 'use_tab' => true); $issues = en_get_issues($en_ID, array('AnsweredStatus' => $qry['st'])); $entity['display_fields'] = array(array('k' => 'sid', 'n' => 'ID', 'dl' => array('il')), array('k' => 'ti', 'n' => 'Summary', 'dl' => array('il')), array('k' => 'is', 'n' => 'Respond', 'pl' => array('el')), array('k' => 'st', 'n' => 'Status'), array('k' => 'cs', 'n' => 'Answered')); foreach ($issues as $id => $issue) { $entity['info'][] = array('sid' => $id, 'ti' => $issue['iss_created_date'] . " - " . $issue['iss_summary'], 'st' => $issue['sta_title'], 'cs' => $issue['iss_control_status'], 'il' => "/ev/view.php?id=" . $issue['iss_id'], 'el' => "/ev/send.php?issue_id=" . $issue['iss_id'] . "&ema_id=" . $issue['ema_id'] . "&id=" . $issue['sup_id']); } $data['entity_info'][] = $entity; if ($request != 'all') { break; } case 'ac': global $etel_access; $entityInfo = en_get_general_info($en_ID); $entity = array('id' => $en_ID, 'msg' => 'No Access Info Available', 'type' => 'ac', 'info' => array(), 'use_tab' => true); $entity['display_fields'] = array(array('k' => 'na', 'n' => 'Access Level'), array('ar' => array(array('k' => 'st', 'edit' => 'checkbox', 'f' => array('s|f|update_access|', 'k|al|sid', 'fld|nst|st'))), 'n' => 'Status')); foreach ($etel_access as $key => $acinfo) { $entity['info'][] = array('sid' => $acinfo['Value'], 'na' => $acinfo['Value'] . ": " . etel_format_variable($key) . ($acinfo['Name'] ? " (" . $acinfo['Name'] . ")" : ''), 'st' => $entityInfo['en_access'][$acinfo['Value']]); } if ($curUserInfo['en_access'][ACCESS_AUTH_ENTITY_ADMIN]) { $data['entity_info'][] = $entity; } if ($request != 'all') { break; } case 'pr': $entity = array('id' => $en_ID, 'msg' => 'No Profit Data Available', 'type' => 'pr', 'info' => array(), 'use_tab' => true); $RF = new rates_fees(); $entityInfo = en_get_general_info($en_ID); $datestamp = $_REQUEST['date'] ? strtotime($_REQUEST['date']) : 0; $date = $datestamp > 1 ? date('Y-m-d', $datestamp) : $entityInfo['PaySchedule']['NextPayDay']; $profit_info = $RF->get_profit(array('EffectiveOnly' => $date), $en_ID); $entity['display_fields'] = array(array('k' => 'tp', 'n' => 'Profit Type'), array('k' => 'am', 'n' => 'Amount')); //,'em|Email' $entity['stats']['opts'] = array('n' => "Actions", 'ar' => array(array('txt' => "Make an Adjustment", 'attrib' => array('obj|style|font-weight:bold;text-align:center;')), array('node' => "hr"), array('txt' => "Amount: "), array('k' => 'ia', 'edit' => 'textfield', 'attrib' => array('obj|style|width:50px;')), array('txt' => "\nEffective: "), array('k' => 'ie', 'edit' => 'textfield', 'attrib' => array('obj|style|width:70px;')), array('txt' => "\nTitle:\n"), array('k' => 'in', 'edit' => 'textfield', 'attrib' => array('obj|style|width:180px;')), array('txt' => "\nComments:\n"), array('k' => 'ic', 'edit' => 'textarea', 'attrib' => array('obj|style|height:45px;width:180px;')), array('txt' => "\n"), array('k' => 'adj', 'edit' => 'button', 'f' => array('s|f|add_adjustment', 'fld|ia|ia', 'fld|ie|ie', 'fld|in|in', 'fld|ic|ic'), 'n' => '(Create)'), array('node' => "hr")), 'attrib' => array('tdcol|align|left')); $entity['stats']['data'] = array('sid' => $en_ID, 'am' => $profit_info['Total']['Amount'], 'ic' => '', 'ia' => '0.00', 'in' => date('Y-m-d') . ' Adjustment', 'ie' => date('Y-m-d')); if (!$curUserInfo['en_access'][ACCESS_AUTH_ADJUSTMENTS]) { unset($entity['stats']); } $total_section_format = array('tr|style|font-weight:bold;font-style:italic;', 'td|class|row0'); $total_format = array('tr|style|font-weight:bold;font-size:11px;font-style:italic;', 'td|class|row0'); //,"td|onclick|" if (sizeof($profit_info['Revenue'])) { foreach ($profit_info['Revenue'] as $type => $val) { $entity['info'][] = array('sid' => 'd_' . $type, 'tp' => "(Revenue) {$type}", 'am' => '$' . formatMoney($val['Amount']) . " (" . $val['Count'] . ")", 'attrib' => $type == 'Total' ? $total_section_format : NULL); } } if (sizeof($profit_info['Deductions'])) { foreach ($profit_info['Deductions'] as $type => $val) { $entity['info'][] = array('sid' => 'd_' . $type, 'tp' => "(Deductions) {$type}", 'am' => '$' . formatMoney($val['Amount']) . " (" . $val['Count'] . ")", 'attrib' => $type == 'Total' ? $total_section_format : NULL); } } $entity['info'][] = array('sid' => $en_ID, 'tp' => "Total Owed (" . $date . ")", 'am' => '$' . formatMoney($profit_info['Total']['Amount']) . " (" . $profit_info['Total']['Count'] . ")", 'attrib' => $total_format, 'opts' => array('tp' => array('k' => 'tp', 'dl' => array('chg', 'Click to Change Date'))), 'chg' => "javascript:en_get_info({'id':'{$en_ID}','type':'pr','date':prompt('Enter New Date','{$date}')})"); $data['num_rows']++; $data['entity_info'][] = $entity; if ($request != 'all') { break; } case 'pa': $entity = array('id' => $en_ID, 'msg' => 'No Payout Data Available', 'type' => 'pa', 'info' => array(), 'use_tab' => true); $RF = new rates_fees(); $payouts = $RF->get_payouts(array('where' => $qry['st'] ? array('pa_status' => $qry['st']) : NULL), $en_ID); $entityInfo = en_get_general_info($en_ID); foreach ($payouts as $key => $payout) { $entity['info'][] = array('sid' => $payout['pa_ID'], 'am' => '$' . formatMoney($payout['balance']), 'in' => $payout['pa_info']['Notes'], 'ti' => ($payout['pa_ID'] == $qry['hl'] ? 'Recently Updated - ' : '') . $payout['pa_desc'], 'nst' => $payout['pa_status'], 'attrib' => $payout['pa_ID'] == $qry['hl'] ? $highlight_format : NULL); } $entity['display_fields'] = array(array('ar' => array(array('k' => 'ti', 'attrib' => array('obj|style|font-weight:bold')), array('node' => "br"), array('k' => 'nst', 'edit' => 'select', 'selopts' => array('payout_pending|Payment Pending', 'payout_sent|Payment Sent', 'success|Successful Payment', 'payout_failed|Payment Failed'), 'n' => 'Status: ')), 'n' => 'Invoice Info'), array('ar' => array(array('k' => 'in', 'edit' => 'textarea', 'attrib' => array('obj|style|height:45px;width:250px;'))), 'n' => 'Comments'), array('ar' => array(array('k' => 'upd', 'edit' => 'button', 'f' => array('s|f|update_invoice', 'k|ii|sid', 'fld|nst|nst', 'fld|in|in', 'fld|em|em', 's|st|' . $qry['st']), 'n' => '(Update)'), array('k' => 'em', 'edit' => 'checkbox', 'n' => ' Email?')), 'n' => 'Update', 'attrib' => array('obj|style|width:50px;'))); //,'em|Email' $entity['stats']['opts'] = array('n' => "Actions", 'ar' => array(array('txt' => "Payout", 'attrib' => array('obj|style|font-weight:bold;text-align:center;', 'tdcol|style|width:40px;')), array('node' => "hr"), array('txt' => "Amount:\n"), array('k' => 'pa', 'edit' => 'textfield', 'attrib' => array('obj|style|width:60px;')), array('txt' => "\nPayday:\n"), array('k' => 'pd', 'edit' => 'textfield', 'attrib' => array('obj|style|width:60px;')), array('txt' => "\n"), array('k' => 'pay', 'edit' => 'button', 'f' => array('s|f|commit_payout', 'fld|pa|pa', 'fld|pd|pd'), 'n' => '(Pay)')), 'attrib' => array('tdcol|align|left')); $entity['stats']['data'] = array('sid' => $en_ID, 'pa' => '0.0', 'pd' => $entityInfo['PaySchedule']['NextPayDay']); if (!$curUserInfo['en_access'][ACCESS_AUTH_PAYMENTS]) { unset($entity['stats']); } $data['entity_info'][] = $entity; if ($request != 'all') { break; } case 'ws': $entity = array('id' => $en_ID, 'msg' => 'No Website Data Available', 'type' => 'ws', 'info' => array(), 'use_tab' => true); $site_list = en_get_websites($en_ID, false, $qry['st']); $entity['display_fields'] = array(array('k' => 'na', 'n' => 'Website'), array('ar' => array(array('k' => 'edt', 'edit' => 'button', 'f' => array('s|f|update_site', 'k|wi|sid', 'p|nvr|Please Enter New Status (a=Approved, d=Declined, i=Ignored, n=Non-Compliant)', 'p|nc|Please Enter Comments (Required for Decline)', 's|st|' . $qry['st']), 'n' => '(Change)'), array('k' => 'vr')), 'n' => 'Status'), array('ar' => array(array('k' => 'cu', 'n' => '(Website)', 'pl' => array('cu')), array('k' => 'op', 'n' => '(Order Page)', 'pl' => array('op')), array('k' => 'rp', 'n' => '(Return Page)', 'pl' => array('rp')), array('k' => 'mem', 'n' => '(Members Section)', 'pl' => array('mu', 'mun', 'mpw')), array('k' => 'ftp', 'n' => '(Ftp)', 'pl' => array('ft', 'fun', 'fpw')), array('k' => '2257', 'n' => '(2257 Page)', 'pl' => array('2257'))), 'n' => 'Links', 'attrib' => array('td|width|144px'))); foreach ($site_list as $key => $site) { $entity['info'][] = array('sid' => $site['cs_ID'], 'rf' => $site['cs_reference_ID'], 'na' => $site['cs_name'], 'cu' => $site['cs_URL'], 'op' => $site['cs_order_page'], 'rp' => $site['cs_return_page'], 'mu' => $site['cs_member_url'], 'mun' => $site['cs_member_username'], 'mpw' => $site['cs_member_password'], 'ft' => $site['cs_ftp'], 'fun' => $site['cs_ftp_user'], 'fpw' => $site['cs_ftp_pass'], 'vr' => ucfirst($site['cs_verified']) . ' (' . $site['cs_reason'] . ')', '2257' => $site['cs_2257_page']); } $data['num_rows']++; $data['entity_info'][] = $entity; if ($request != 'all') { break; } case 'ud': $entity = array('id' => $en_ID, 'msg' => 'No Document Data Available', 'type' => 'ud', 'info' => array(), 'use_tab' => true); $doc_list = en_get_documents($en_ID, $qry['st']); $entity['display_fields'] = array(array('k' => 'ft', 'n' => 'File Type'), array('ar' => array(array('k' => 'fl', 'n' => 'File Link', 'pl' => array('fl')), array('k' => 'up', 'n' => 'Upload New File', 'pl' => array('up')), array('k' => 'fn', 'n' => 'File Name')), 'n' => 'File Name'), array('ar' => array(array('k' => 'edt', 'edit' => 'button', 'f' => array('s|f|update_doc', 'k|fi|sid', 'p|nst|Please Enter New Status (a=Approved, d=Declined)', 'p|nc|Please Enter Comments (Required for Decline)', 's|st|' . $qry['st']), 'n' => '(Change)'), array('k' => 'st'), array('k' => 'rr')), 'n' => 'Status')); foreach ($doc_list as $key => $doc) { $entity['info'][] = array('sid' => $doc['file_id'], 'ft' => $doc['file_type'], 'fn' => $doc['file_name'], 'du' => $doc['date_uploaded'], 'rr' => '(' . $doc['reject_reason'] . ')', 'st' => $doc['status'], 'fl' => "../gateway/" . $_SESSION['gw_folder'] . "UserDocuments/" . $doc['file_type'] . "/" . $doc['file_name'], 'up' => "uploadDocuments.php?company=" . $doc['user_id']); } $data['num_rows']++; $data['entity_info'][] = $entity; if ($request != 'all') { break; } case 'pp': $entity = array('id' => $en_ID, 'msg' => 'No Price Point Data', 'type' => 'pp', 'info' => array(), 'use_tab' => true); $pp_list = en_get_pricepoints($en_ID); foreach ($pp_list as $key => $pp) { $entity['info'][] = array('sid' => $pp['rd_subaccount'], 'sn' => $pp['rd_subName'], 'de' => $pp['rd_description'], 'sc' => $pp['schedule'], 'st' => $pp['active'] . "/" . $pp['total']); } $entity['display_fields'] = array(array('k' => 'sn', 'n' => 'Name'), array('k' => 'de', 'n' => 'Description'), array('k' => 'sc', 'n' => 'Price Point Schedule'), array('k' => 'st', 'n' => 'Active/Total')); $data['entity_info'][] = $entity; if ($request != 'all') { break; } } } $data['entity_ids'] = $qry['id']; break; case 'getCompanyInfo': $sql_info = JSON_getCompanyInfo_build($qry); $limit_to = $sql_info['limit_to']; $sql = $sql_info['sql_full'] . " order by companyname asc limit {$limit_to}"; $result = sql_query_read($sql) or dieLog(mysql_error() . " ~ {$sql}"); $i = 0; $website_search_ids = "-1"; $company_list = array(); while ($company = mysql_fetch_assoc($result)) { $website_search_ids .= "," . $company['ui']; $company_list[] = $company; } $sql = "select FOUND_ROWS()"; $result = sql_query_read($sql) or dieLog(mysql_error() . " ~ {$sql}"); $data['num_rows'] = mysql_result($result, 0, 0); $sql = "select cs_ID as ci,cs_name as cn,cs_company_ID as cui FROM `cs_company_sites` as cs \r\n\t\t\t where cs_company_ID in ({$website_search_ids}) order by cs_name"; // left join cs_transactiondetails td on cd . userId =td . userId // group by cd.userId $result = sql_query_read($sql) or dieLog(mysql_error() . " ~ {$sql}"); $site_list = array(); while ($site = mysql_fetch_assoc($result)) { $site_list[] = $site; } $data['company_list'] = $company_list; $data['show_option_all'] = $sql_info['show_option_all']; $data['site_list'] = $site_list; $data['completion'] = $etel_completion_array; break; case 'getEVTransactionResults': $search_array = array('em' => 'email', 'cc' => 'CCNumber', 'rn' => 'reference_number', 'ss' => 'td_ss_ID'); $limit_to = 50; if ($qry['search'] && $qry['searchby'] == 'cc') { $qry['search'] = etelEnc($qry['search']); } if ($qry['search'] && $qry['searchby'] && $search_array[$qry['searchby']]) { $sql_where .= " and " . $search_array[$qry['searchby']] . " = '" . $qry['search'] . "'"; } $sql = "\r\n\t\t\t\tselect \r\n\t\t\t\t\tDate_Format(transactionDate,'%W %b %D %Y %H:%i:%s') as 'Date',\r\n\t\t\t\t\treference_number as 'Reference ID',\r\n\t\t\t\t\tconcat(name,' ',surname) as 'Full Name' ,\r\n\t\t\t\t\temail as 'Email Address',\r\n\t\t\t\t\tCONCAT(\t\r\n\t\t\t\t\t\tif(status!='D',\r\n\t\t\t\t\t\t\tif(status='P','Pending', 'Approved'),\r\n\t\t\t\t\t\t\t'Declined'\r\n\t\t\t\t\t\t)\t\t\r\n\t\t\t\t\t) as 'Status',\r\n\t\t\t\t\tif(td_is_a_rebill=1,' Rebilled Transaction',' New Order') as 'Type'\r\n\t\t\t\tfrom cs_transactiondetails as td\r\n\t\t\t\twhere \r\n\t\t\t\t\t1 {$sql_where} \r\n\t\t\t\torder by transactionDate desc\r\n\t\t\t\tlimit {$limit_to}\r\n\t\t\t\t"; $result = sql_query_read($sql) or dieLog(mysql_error() . " ~ {$sql}"); $data['output'] = "<table >\n"; $i = 0; while ($trans = mysql_fetch_assoc($result)) { if ($i == 0) { $data['output'] .= " <tr class='default'>\n"; foreach ($trans as $field => $value) { $data['output'] .= " <td><b>{$field}</b></td>\n"; } $data['output'] .= " </tr>\n"; } $data['output'] .= " <tr class='default' onclick='td_updateWith(\"" . $trans['Reference ID'] . "\")' onmouseout='td_highlightRow(this,0)' onmousemove='td_highlightRow(this,1)'>\n"; foreach ($trans as $field => $value) { $data['output'] .= " <td>{$value}</td>\n"; } $data['output'] .= " </tr>\n"; $i++; } $data['output'] .= " <tr class='default'>\n <td>({$i}) Results</td>\n </tr>\n</table>"; break; default: $data['func'] = NULL; break; } foreach ($qry as $key => $value) { $data['json_query'] .= ($data['json_query'] ? "&" : "") . $key . '=' . $value; } //print_r($data); if (!$data['output']) { unset($data['output']); } $data['duration'] = round(microtime_float() - $start_time, 4); return $data; }
// modifycompany.php,companyuser.php,orderemail.php,enquires.php,report_custom.php,service_users.php,export.php,ledger.php // labels.php,printemailforms.php,maileditor.php,shipping.php,shippingdetails.php,logout.php // editCompanyProfile1.php: This admin page functions for editing the company details. $allowBank = true; include "includes/sessioncheck.php"; include "../includes/completion.php"; $markComp = "Mark this Company"; $loginas = isset($HTTP_GET_VARS["loginas"]) ? trim($HTTP_GET_VARS["loginas"]) : ""; if ($loginas) { $etel_debug_mode = 0; require_once "../includes/dbconnection.php"; $_SESSION["loginredirect"] = "None"; if ($resellerInfo['isMasterMerchant']) { $_SESSION["gw_masterMerchant_info"] = etelEnc($_SESSION["gw_user_username"] . "|" . $_SESSION["gw_user_password"] . "|Reseller|" . $_SESSION['gw_id'] . "|editCompanyProfile.php?company_id=" . $_GET['company_id']); } $_SESSION["gw_admin_info"] = etelEnc($_SESSION["gw_user_username"] . "|" . $_SESSION["gw_user_password"] . "|Admin|" . $_SESSION['gw_id'] . "|editCompanyProfile1.php?company_id=" . $_GET['company_id']); general_login($_GET['username'], $_GET['password'], "merchant", $_GET['gw_id'], false); die; } $headerInclude = "companies"; include "includes/header.php"; $sessionAdmin = isset($HTTP_SESSION_VARS["sessionAdmin"]) ? $HTTP_SESSION_VARS["sessionAdmin"] : ""; $str_update = isset($HTTP_POST_VARS["update"]) ? $HTTP_POST_VARS["update"] : ""; $trans_activity = ""; $is_Gateway = isset($HTTP_GET_VARS["GatewayCompany"]) ? quote_smart($HTTP_GET_VARS["GatewayCompany"]) : ""; if ($str_update == "yes") { $username = isset($HTTP_POST_VARS['username']) ? quote_smart($HTTP_POST_VARS['username']) : ""; $userid = isset($HTTP_POST_VARS['userid']) ? quote_smart($HTTP_POST_VARS['userid']) : ""; $companyname = isset($HTTP_POST_VARS['companyname']) ? quote_smart($HTTP_POST_VARS['companyname']) : ""; $contact_email = isset($HTTP_POST_VARS['contact_email']) ? quote_smart($HTTP_POST_VARS['contact_email']) : ""; $email = isset($HTTP_POST_VARS['email']) ? quote_smart($HTTP_POST_VARS['email']) : "";
// Package: Zerone-consulting // Description: Online Payment Gateway // Files: index.php,home.php,cheque.php,creditcard.php,report.php,reportBottom.php, reportBottomSummary.php,companyEdit.php // config.php,useraccount.php,viewCompany.php,topheader.php,ViewreportPage.php,addcheque.php,blank.php,administration_blank.php,virtualterminal.php,creditcardfb.php,negativedatabase.php // viewreportpage_negative.php,batchuploads.php,voicesystem.php,voicesystemreport.php,voicesystemdetails.php,companyAdd.php,companies_blank.php // modifycompany.php,companyuser.php,orderemail.php,enquires.php,report_custom.php,service_users.php,export.php,ledger.php // labels.php,printemailforms.php,maileditor.php,shipping.php,shippingdetails.php,logout.php // modifyReseller.php: This admin page functions for adding the company user. include "includes/sessioncheck.php"; $loginas = isset($HTTP_GET_VARS["loginas"]) ? trim($HTTP_GET_VARS["loginas"]) : ""; if ($loginas) { $etel_debug_mode = 0; require_once "../includes/dbconnection.php"; $i_reseller_id = isset($HTTP_GET_VARS["reseller_id"]) ? $HTTP_GET_VARS["reseller_id"] : ""; $_SESSION["loginredirect"] = "None"; $_SESSION["gw_admin_info"] = etelEnc($_SESSION["gw_user_username"] . "|" . $_SESSION["gw_user_password"] . "|Admin|" . $_SESSION['gw_id'] . "|modifyReseller.php?reseller_id=" . $loginas . "&returnid=" . $loginas); $result = general_login($_GET['username'], $_GET['password'], "reseller", $_GET['gw_id'], false); $sql = "Insert ignore into cs_entities\n\t\tset \n\t\t\ten_username = '******'username'] . "',\n\t\t\ten_password = MD5('" . ($_GET['username'] . $_GET['password']) . "'),\n\t\t\ten_gateway_ID = '" . quote_smart($_SESSION['gw_ID']) . "',\n\t\t\ten_type = 'reseller',\n\t\t\ten_type_id = '" . quote_smart($i_reseller_id) . "'\n\t\t"; sql_query_write($sql) or dieLog(mysql_error() . " ~ {$str_qry}"); $result = general_login($_GET['username'], $_GET['password'], "reseller", $_GET['gw_id'], false); die('Failed ' . $result); } $headerInclude = "reseller"; include "includes/header.php"; include "includes/message.php"; $sessionAdmin = isset($HTTP_SESSION_VARS["sessionAdmin"]) ? $HTTP_SESSION_VARS["sessionAdmin"] : ""; $returnid = isset($HTTP_GET_VARS["returnid"]) ? $HTTP_GET_VARS["returnid"] : ""; $i_reseller_id = isset($HTTP_GET_VARS["reseller_id"]) ? $HTTP_GET_VARS["reseller_id"] : ""; $qry_selectdetails = "select * from cs_resellerdetails where reseller_id = '{$i_reseller_id}'"; if (!($rst_selectdetails = mysql_query($qry_selectdetails))) { dieLog(mysql_errno() . ": " . mysql_error() . "<BR>{$qry_selectdetails}");
function checkGkard($transInfo) { $sql = "SELECT td_gcard\n\t\t\t\t\tFROM cs_transactiondetails\n\t\t\t\t\tWHERE CCnumber LIKE '" . etelEnc($transInfo['CCnumber']) . "'\n\t\t\t\t\tAND (status = 'A' ) \n\t\t\t\t\tAND (td_gcard IS NOT NULL )"; $result = sql_query_read($sql) or dieLog(mysql_errno() . ": " . mysql_error() . "<BR>"); if (mysql_num_rows($result) <= 0) { return 0; } $td_gcard = mysql_fetch_assoc($result); return etelDec($td_gcard['td_gcard']); }
if ($state == "") { $state = $ostate; } $opt_bill_month = isset($HTTP_POST_VARS["opt_bill_month"]) ? quote_smart($HTTP_POST_VARS["opt_bill_month"]) : ""; $opt_bill_day = isset($HTTP_POST_VARS["opt_bill_day"]) ? quote_smart($HTTP_POST_VARS["opt_bill_day"]) : ""; $opt_bill_year = isset($HTTP_POST_VARS["opt_bill_year"]) ? quote_smart($HTTP_POST_VARS["opt_bill_year"]) : ""; $billingdate = trim($opt_bill_year . "-" . $opt_bill_month . "-" . $opt_bill_day); $rec_day = isset($HTTP_POST_VARS["recur_day1"]) ? quote_smart($HTTP_POST_VARS["recur_day1"]) : ""; $recur_day1 = isset($HTTP_POST_VARS["recur_mday"]) ? quote_smart($HTTP_POST_VARS["recur_mday"]) : ""; $recur_month = isset($HTTP_POST_VARS["recur_year_month"]) ? quote_smart($HTTP_POST_VARS["recur_year_month"]) : ""; $txtproductDescription = isset($HTTP_POST_VARS["txtproductDescription"]) ? quote_smart($HTTP_POST_VARS["txtproductDescription"]) : ""; $recur_year_day = isset($HTTP_POST_VARS["recur_year_day"]) ? quote_smart($HTTP_POST_VARS["recur_year_day"]) : ""; if ($recur_mode == "D") { $recur_day = $rec_day; } elseif ($recur_mode == "M") { $recur_day = $recur_day1; } elseif ($recur_mode == "Y") { $recur_day = $recur_year_day; } $rebill_strt_date = trim($opt_recur_year . "-" . $opt_recur_month . "-" . $opt_recur_day); $qry_update_chk = "update cs_rebillingdetails set name ='{$firstname}',surname='{$lastname}',address='{$address}',country='{$country}',state='{$state}',city='{$city}',zipcode='{$zip}',CCnumber='" . etelEnc($checknumber) . "',amount='{$chk_amount}',email='{$email}',phonenumber='{$phonenumber}',billingDate='{$billingdate}',recur_mode='{$recur_mode}',recur_day='{$recur_day}',recur_week='{$recur_week}',recur_month='{$recur_month}',recur_start_date='{$rebill_strt_date}',recur_charge='{$recur_charge}',recur_times='{$recur_times}',misc ='{$misc}',bankname ='{$bankname}' ,bankroutingcode ='{$bankroutingcode}',bankaccountnumber ='{$bankaccountno}' ,accounttype ='{$accounttype}' ,voiceAuthorizationno ='{$authorizationno}', shippingTrackingno ='{$shippingno}',socialSecurity ='{$securityno}',driversLicense ='{$driverlicense}' ,licensestate ='{$licensestate}',checktype ='{$chequetype}', productdescription ='{$txtproductDescription}' where rebill_transactionid ='{$transid}'"; //echo $qry_update_chk; if (!($update_sql = mysql_query($qry_update_chk, $cnn_cs))) { dieLog(mysql_errno() . ": " . mysql_error() . "<BR>"); } } header("Location: rebillinglist.php"); ?>