if ($response['PAYMENTINFO_0_PAYMENTSTATUS'] == "Completed" && $response['ACK'] == "Success" && $response['PAYMENTINFO_0_ACK'] == "Success") { //did pay $userid = intval($_SESSION['userid']); if (isset($_SESSION['shopping-cart'])) { $token = base64_encode(DbManager::i()->escapeString($_GET['token'])); $payerid = base64_encode(DbManager::i()->escapeString($_GET['PayerID'])); $cart = DbManager::i()->escapeString($_SESSION['shopping-cart']); $amount = floatval($response['PAYMENTINFO_0_AMT']); DbManager::i()->insert("sf_purchases", array("token", "payerid", "type", "userid", "cart", "date", "ip", "amount", "pending"), array(base64_encode($response['PAYMENTINFO_0_TRANSACTIONID']), $payerid, base64_encode("PayPal"), $userid, $cart, time(), base64_encode($_SERVER['REMOTE_ADDR']), $amount, 0)); $_SESSION['shopping-cart'] = base64_encode("{}"); DbManager::i()->update("sf_carts", array("cart" => $_SESSION['shopping-cart']), array("userid" => $userid)); $find = DbManager::i()->select("sf_members", array("email", "key", "iv"), array("userid" => $_SESSION['userid'])); if ($find !== false && !is_array($find)) { $recipient = Crypto::DecryptString(base64_decode(base64_decode($find->key)), base64_decode(base64_decode($find->iv)), base64_decode(base64_decode($find->email))); $subject = Settings::i()->title . ' Payment received'; $message = generateMessage($first_name, (array) json_decode(base64_decode($cart)), $response['PAYMENTINFO_0_TRANSACTIONID']); $header = 'From: shopfix@' . $_SERVER['SERVER_NAME'] . "\r\n" . 'Reply-To: shopfix@' . $_SERVER['SERVER_NAME'] . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($recipient, $subject, $message, $header); Logger::i()->writeLog("PayPal Transaction registered: " . $response['PAYMENTINFO_0_TRANSACTIONID']); } header("Location: index.php"); die; } else { header("Location: index.php"); } } else { header("Location: index.php"); die; } } else { Logger::i()->writeLog("Could not do express checkout, error = " . $paypal->error, 'dev');
$mailer->FromName = "Queens College Incubator"; $mailer->addAddress($to); $mailer->Subject = $subject; $mailer->Body = $message; $mailer->AddAttachment($_FILES["unofficialTranscript"]["tmp_name"], $_FILES["unofficialTranscript"]["name"]); $mailer->AddAttachment($_FILES["resume"]["tmp_name"], $_FILES["resume"]["name"]); $mailer->send(); } # to and from fields for the email $to = "*****@*****.**"; $from = "*****@*****.**"; # fields on the form $fields = array("applicant" => "Name of Applicant:", "phone" => "Phone:", "email" => "Email:", "lb1" => "linebreak", "degree" => "Degree in progress?:", "gradyear" => "Graduation Year:", "gradseason" => "Graduation Season:", "citizenship" => "Citizenship:", "credstograd" => "Credits to Graduate:", "lb2" => "linebreak", "programmingExperience" => "Programming Experience:", "personalstatement" => "Personal Statement:", "lb5" => "linebreak"); # get message and error values $errorValues = array(); $message = generateMessage($fields, $errorValues); $query = "INSERT INTO `student`(`Name`, `Email`, `Phone`, `Degree`, `Graduation`, `Year`, `Status`, `Credits_Needed`, `experience`, `personal`) VALUES ('%NAME%','%EMAIL%','%PHONE%','%DEGREE%','%GRAD%','%YEAR%','%STATUS%','%CREDITS%','%EXP%','%PERSONAL%')"; # if no fields are empty, send the email. # echo result to AJAX script if (count($errorValues) == 0) { $query = str_replace("%NAME%", get('applicant'), $query); $query = str_replace("%EMAIL%", get('email'), $query); $query = str_replace("%PHONE%", get('phone'), $query); $query = str_replace("%DEGREE%", get('degree'), $query); $query = str_replace("%GRAD%", get('gradseason'), $query); $query = str_replace("%YEAR%", get('gradyear'), $query); $query = str_replace("%STATUS%", get('citizenship'), $query); $query = str_replace("%CREDITS%", get('credstograd'), $query); $query = str_replace("%EXP%", get('programmingExperience'), $query); $query = str_replace("%PERSONAL%", get('personalstatement'), $query); if ($db->query($query) === TRUE) {
if (!$config->isAttachmentAllowed($board, $m, $a)) { continue; } $message->addAttachment($a); $session->addAttachment($a); } } return $message; } $preview = null; if (isset($_REQUEST["preview"])) { $preview = generateMessage($config, $session, $board, $reference); } if (isset($_REQUEST["post"])) { // TODO Sperre gegen F5 $message = generateMessage($config, $session, $board, $reference); $connection->open($session->getAuth()); $resp = $connection->postMessage($message); $group = $connection->getGroup(); $thread = $group->getThread($message->getMessageID()); $connection->close(); if ($resp === "m") { $template->viewpostmoderated($board, $thread, $message); } else { $template->viewpostsuccess($board, $thread, $message); } // Alte Attachments loeschen - werden ja nur fuers Preview gespeichert $session->clearAttachments(); } $template->viewpostform($board, $referencemessages, $reference, $quote, $preview, $session->getAttachments()); } catch (Exception $e) {
if (isset($_GET['ok']) && $_GET['url'] != '') { // The URL was not empty // The user has validated his message ($_GET['ok'] had a value). if ($_GET['pass'] == PASSWORD && in_array($_GET['from'], $ML_memberList)) { // Password was correct. // User provided a valid e-mail adress from the members list. ###################### ## Sending the mail ## ###################### // To $to = isset($_GET['test']) ? $_GET['from'] : ML_ADRESS; // Test mode allows mails to be sent only to the user itself (for testing purposes) // Subject $subject = stripslashes($_GET['title']); // Message body $message = generateMessage($_GET['comment'], $_GET['url'], $subject); // From $from = array_search($_GET['from'], $ML_memberList) . ' <' . $_GET['from'] . '>'; // Nom <e-mail> // HTTP Headers if (ADD_HEADERS_ENABLED === True) { // If Winnie is configured to add some. $headers = 'From: ' . $from . "\r\n"; $headers .= 'Reply-To: ' . $to . "\r\n"; $headers .= 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n"; $headers .= 'X-Mailer: Winnie, PHP/' . phpversion(); } else { // Otherwise they are left essentially empty. $headers = 'From: ' . $from; }