}
} else {
$result = captureCCPayment($invoiceid, $cccvv, true);
}
if ($params['paymentmethod'] == "offlinecc") {
sendAdminNotification("account", "Offline Credit Card Payment Submitted", "<p>An offline credit card payment has just been submitted. Details are below:</p><p>Client ID: " . $_SESSION['uid'] . "<br />Invoice ID: " . $invoiceid . "</p>");
redir("id=" . $invoiceid . "&offlinepaid=true", "viewinvoice.php");
}
if ($result == "success") {
redir("id=" . $invoiceid . "&paymentsuccess=true", "viewinvoice.php");
exit;
} else {
$errormessage = "<li>" . $_LANG['creditcarddeclined'];
$action = "";
if ($ccinfo == "new") {
updateCCDetails($_SESSION['uid'], "", "", "", "", "");
}
}
}
}
$clientsdetails = getClientsDetails($_SESSION['uid'], "billing");
$cardtype = $clientsdetails['cctype'];
$cardnum = $clientsdetails['cclastfour'];
if (!$errormessage || $fromorderform) {
$firstname = $clientsdetails['firstname'];
$lastname = $clientsdetails['lastname'];
$email = $clientsdetails['email'];
$address1 = $clientsdetails['address1'];
$address2 = $clientsdetails['address2'];
$city = $clientsdetails['city'];
$state = $clientsdetails['state'];
$aInt->requiredFiles(array("ccfunctions", "clientfunctions"));
ob_start();
$ccstoredisabled = $whmcs->get_config("CCNeverStore");
if ($ccstoredisabled) {
echo "<p>" . $aInt->lang("clients", "ccstoredisabled") . "</p><p align=\"center\"><input type=\"button\" value=\"" . $aInt->lang("addons", "closewindow") . "\" class=\"button\" onclick=\"window.close()\" /></p>";
} else {
$validhash = "";
if ($action == "clear") {
check_token("WHMCS.admin.default");
checkPermission("Update/Delete Stored Credit Card");
updateCCDetails($userid, "", "", "", "", "", "", "", true);
} else {
if ($_POST['action'] == "save") {
check_token("WHMCS.admin.default");
checkPermission("Update/Delete Stored Credit Card");
$errormessage = updateCCDetails($userid, $cctype, $ccnumber, $cardcvv, $ccexpirymonth . $ccexpiryyear, $ccstartmonth . $ccstartyear, $ccissuenum);
if (!$errormessage) {
$errormessage = "<B>" . $aInt->lang("global", "success") . "</B> - " . $aInt->lang("clients", "ccdetailschanged");
}
}
}
if ($fullcc) {
check_token("WHMCS.admin.default");
checkPermission("Decrypt Full Credit Card Number");
$referrer = $_SERVER['HTTP_REFERER'];
$pos = strpos($referrer, "?");
if ($pos) {
$referrer = substr($referrer, 0, $pos);
}
$adminfolder = $whmcs->get_admin_folder_name();
if ($CONFIG['SystemURL'] . ("/" . $adminfolder . "/clientsccdetails.php") != $referrer && $CONFIG['SystemSSLURL'] . ("/" . $adminfolder . "/clientsccdetails.php") != $referrer) {
$remoteupdatecode = call_user_func($gateway . "_remoteupdate", $params);
if (!$remoteupdatecode) {
$remoteupdatecode = $_LANG['creditcardupdatenotpossible'];
}
$smartyvalues['remoteupdatecode'] = $remoteupdatecode;
}
}
if ($submit) {
check_token();
$errormessage = updateCCDetails($client->getID(), $cctype, $ccnumber, $cardcvv, $ccexpirymonth . $ccexpiryyear, $ccstartmonth . $ccstartyear, $ccissuenum);
if (!$errormessage) {
$smartyvalues['successful'] = true;
}
}
if ($delete && $CONFIG['CCAllowCustomerDelete']) {
updateCCDetails($client->getID(), "", "", "", "", "");
$errormessage = "<li>" . $_LANG['creditcarddeleteconfirmation'];
}
$smartyvalues['errormessage'] = $errormessage;
$data = getCCDetails($client->getID());
$smartyvalues['cardtype'] = $data['cardtype'];
$smartyvalues['cardnum'] = $data['cardnum'];
$smartyvalues['cardexp'] = $data['expdate'];
$smartyvalues['cardstart'] = $data['startdate'];
$smartyvalues['cardissuenum'] = $data['issuenumber'];
$acceptedcctypes = $CONFIG['AcceptedCardTypes'];
$acceptedcctypes = explode(",", $acceptedcctypes);
$smartyvalues['acceptedcctypes'] = $acceptedcctypes;
$smartyvalues['showccissuestart'] = $CONFIG['ShowCCIssueStart'];
$smartyvalues['allowcustomerdelete'] = $CONFIG['CCAllowCustomerDelete'];
$smartyvalues['cctype'] = $cctype;
$error = $errormessage[1];
$apiresults = array("result" => "error", "message" => $error);
return 1;
}
$_SESSION['currency'] = $currency;
$sendemail = $noemail ? false : true;
$langatstart = $_SESSION['Language'];
if ($language) {
$_SESSION['Language'] = $language;
}
addClient($firstname, $lastname, $companyname, $email, $address1, $address2, $city, $state, $postcode, $country, $phonenumber, $password2, $securityqid, $securityqans, $sendemail);
if ($_POST['cctype']) {
if (!function_exists("updateCCDetails")) {
require ROOTDIR . "/includes/ccfunctions.php";
}
updateCCDetails($_SESSION['uid'], $_POST['cctype'], $_POST['cardnum'], $_POST['expdate'], $_POST['startdate'], $_POST['issuenumber']);
}
$updateqry = array();
if ($groupid) {
$updateqry['groupid'] = $groupid;
}
if ($notes) {
$updateqry['notes'] = $notes;
}
if (count($updateqry)) {
update_query("tblclients", $updateqry, array("id" => $_SESSION['uid']));
}
if ($customfields) {
$customfields = base64_decode($customfields);
$customfields = unserialize($customfields);
saveCustomFields($_SESSION['uid'], $customfields);
$errormessage = "";
}
if ($ajax && $errormessage) {
exit($errormessage);
}
if (!$errormessage && !$_POST['updateonly']) {
if (!$_SESSION['uid']) {
$userid = addClient($firstname, $lastname, $companyname, $email, $address1, $address2, $city, $state, $postcode, $country, $phonenumber, $password, $securityqid, $securityqans);
}
if ($contact == "addingnew") {
$contact = addContact($_SESSION['uid'], $domaincontactfirstname, $domaincontactlastname, $domaincontactcompanyname, $domaincontactemail, $domaincontactaddress1, $domaincontactaddress2, $domaincontactcity, $domaincontactstate, $domaincontactpostcode, $domaincontactcountry, $domaincontactphonenumber);
}
$_SESSION['cart']['contact'] = $contact;
$carttotals = calcCartTotals(true);
if ($ccinfo == "new" && !$nostore) {
updateCCDetails($_SESSION['uid'], $cctype, $ccnumber, $cccvv, $ccexpirymonth . $ccexpiryyear, $ccstartmonth . $ccstartyear, $ccissuenum);
}
$orderid = $_SESSION['orderdetails']['OrderID'];
$fraudmodule = getActiveFraudModule();
if ($CONFIG['SkipFraudForExisting']) {
$result = select_query("tblorders", "COUNT(*)", array("status" => "Active", "userid" => $_SESSION['uid']));
$data = mysql_fetch_array($result);
if ($data[0]) {
$fraudmodule = "";
}
}
$result = full_query("SELECT COUNT(*) FROM tblinvoices INNER JOIN tblorders ON tblorders.invoiceid=tblinvoices.id WHERE tblorders.id='" . db_escape_string($orderid) . "' AND tblinvoices.status='Paid' AND subtotal>0");
$data = mysql_fetch_array($result);
if ($data[0]) {
$fraudmodule = "";
}