/** * Performs a sessionGet() CASH Request for the specified variable * */ public static function getPersistentData($var) { $helper_cash_request = new CASHRequest(null); $result = $helper_cash_request->sessionGet($var); unset($helper_cash_request); return $result; }
public static function getAuthorizationUrl($redirect_uri) { $auth_client = DropboxSeed::getWebAuthClient($redirect_uri); if (!$auth_client) { return false; } $url = $auth_client->start(); $csrf_token = $auth_client->getCsrfTokenStore()->get(); $cash_page_request = new CASHRequest(null); $cash_page_request->sessionSet('dropbox_csrf_token', $csrf_token); return $url; }
public static function getRedirectMarkup($data = false) { $connections = CASHSystem::getSystemSettings('system_connections'); if (isset($connections['com.twitter'])) { require_once CASH_PLATFORM_ROOT . '/lib/twitter/OAuth.php'; require_once CASH_PLATFORM_ROOT . '/lib/twitter/twitteroauth.php'; $twitter = new TwitterOAuth($connections['com.twitter']['client_id'], $connections['com.twitter']['client_secret']); $temporary_credentials = $twitter->getRequestToken($connections['com.twitter']['redirect_uri']); // store temporary credentials in the session for return $session_request = new CASHRequest(); $session_request->sessionSet('twitter_temporary_credentials', $temporary_credentials); $login_url = $twitter->getAuthorizeURL($temporary_credentials, FALSE); $return_markup = '<h4>Twitter</h4>' . '<p>This will redirect you to a secure login on twitter.com and bring you right back.</p>' . '<a href="' . $login_url . '" class="button">Connect your Twitter account</a>'; return $return_markup; } else { return 'Please add default twitter app credentials.'; } }
protected function startJSSession() { $r = new CASHRequest(); $session_details = $r->startSession(); if ($session_details['newsession']) { $endpoint = explode('/', CASHSystem::getCurrentURL(), 4); unset($endpoint[3]); $endpoint = join('/', $endpoint); if (!$session_details['expiration']) { $session_details['expiration'] = time() + 10800; } return json_encode(array('endpoint' => $endpoint, 'expiration' => $session_details['expiration'], 'id' => $session_details['id'])); } else { return ''; } }
protected function finalizeRedirectedPayment($order_id, $creation_date, $direct_post_details = false, $session_id = false) { $order_details = $this->getOrder($order_id); $transaction_details = $this->getTransaction($order_details['transaction_id']); $connection_type = $this->getConnectionType($transaction_details['connection_id']); $r = new CASHRequest(); $r->startSession(false, $session_id); $finalize_url = $r->sessionGet('payment_finalize_url'); if ($finalize_url) { $r->sessionClear('payment_finalize_url'); } switch ($connection_type) { case 'com.paypal': if (isset($_GET['token'])) { if (isset($_GET['PayerID'])) { $pp = new PaypalSeed($order_details['user_id'], $transaction_details['connection_id'], $_GET['token']); $initial_details = $pp->getExpressCheckout(); if ($initial_details['ACK'] == 'Success') { $order_totals = $this->getOrderTotals($order_details['order_contents']); if ($initial_details['AMT'] >= $order_totals['price']) { $final_details = $pp->doExpressCheckout(); if ($final_details) { // look for a user to match the email. if not present, make one $user_request = new CASHRequest(array('cash_request_type' => 'people', 'cash_action' => 'getuseridforaddress', 'address' => $initial_details['EMAIL'])); $user_id = $user_request->response['payload']; if (!$user_id) { $user_request = new CASHRequest(array('cash_request_type' => 'system', 'cash_action' => 'addlogin', 'address' => $initial_details['EMAIL'], 'password' => time(), 'is_admin' => 0, 'display_name' => $initial_details['FIRSTNAME'] . ' ' . $initial_details['LASTNAME'], 'first_name' => $initial_details['FIRSTNAME'], 'last_name' => $initial_details['LASTNAME'], 'address_country' => $initial_details['COUNTRYCODE'])); $user_id = $user_request->response['payload']; } // deal with physical quantities if ($order_details['physical'] == 1) { $order_items = json_decode($order_details['order_contents'], true); if (is_array($order_items)) { foreach ($order_items as $i) { if ($i['available_units'] > 0 && $i['physical_fulfillment'] == 1) { $item = $this->getItem($i['id']); if ($i['variant']) { $variant_id = 0; $variant_qty = 0; if ($item['variants']) { foreach ($item['variants']['quantities'] as $q) { if ($q['key'] == $i['variant']) { $variant_id = $q['id']; $variant_qty = $q['value']; break; } } if ($variant_id) { $this->editItemVariant($variant_id, max($variant_qty - $i['qty'], 0), $i['id']); } } } else { $available_units = $this->editItem($i['id'], false, false, false, false, false, max($item['available_units'] - $i['qty'], 0)); } } } } } // record all the details if ($order_details['digital'] == 1 && $order_details['physical'] == 0) { // if the order is 100% digital just mark it as fulfilled $is_fulfilled = 1; } else { // there's something physical. sorry dude. gotta deal with it still. $is_fulfilled = 0; } $this->editOrder($order_id, $is_fulfilled, 0, false, $initial_details['COUNTRYCODE'], $user_id); $this->editTransaction($order_details['transaction_id'], strtotime($final_details['TIMESTAMP']), $final_details['CORRELATIONID'], json_encode($initial_details), json_encode($final_details), 1, $final_details['PAYMENTINFO_0_AMT'], $final_details['PAYMENTINFO_0_FEEAMT'], 'complete'); // empty the cart at this point $this->emptyCart($session_id); // TODO: add code to order metadata so we can track opens, etc $order_details['customer_details']['email_address'] = $initial_details['EMAIL']; $order_details['gross_price'] = $final_details['PAYMENTINFO_0_AMT']; $this->sendOrderReceipt(false, $order_details, $finalize_url); return $order_details['id']; } else { // make sure this isn't an accidentally refreshed page if ($initial_details['CHECKOUTSTATUS'] != 'PaymentActionCompleted') { $initial_details['ERROR_MESSAGE'] = $pp->getErrorMessage(); // there was an error processing the transaction $this->editOrder($order_id, 0, 1); $this->editTransaction($order_details['transaction_id'], strtotime($initial_details['TIMESTAMP']), $initial_details['CORRELATIONID'], false, json_encode($initial_details), 0, false, false, 'error processing payment'); return false; } else { // this is a successful transaction with the user hitting refresh // as long as it's within 30 minutes of the original return true, otherwise // call it false and allow the page to expire if (time() - strtotime($initial_details['TIMESTAMP']) < 180) { return true; } else { return false; } } } } else { // insufficient funds — user changed amount? $this->editOrder($order_id, 0, 1); $this->editTransaction($order_details['transaction_id'], strtotime($initial_details['TIMESTAMP']), $initial_details['CORRELATIONID'], false, json_encode($initial_details), 0, false, false, 'incorrect amount'); return false; } } else { // order reporting failure $this->editOrder($order_id, 0, 1); $this->editTransaction($order_details['transaction_id'], strtotime($initial_details['TIMESTAMP']), $initial_details['CORRELATIONID'], false, json_encode($initial_details), 0, false, false, 'payment failed'); return false; } } else { // user canceled transaction $this->editOrder($order_id, 0, 1); $this->editTransaction($order_details['transaction_id'], time(), false, false, false, 0, false, false, 'canceled'); return false; } } break; default: return false; } }
<?php if (strrpos($_SERVER['REQUEST_URI'], 'controller.php') !== false) { header('Location: ./'); exit; } require_once './constants.php'; require_once CASH_PLATFORM_PATH; $pages_path = ADMIN_BASE_PATH . '/components/pages/'; $admin_primary_cash_request = new CASHRequest(); $request_parameters = null; // admin-specific autoloader function cash_admin_autoloadCore($classname) { $file = ADMIN_BASE_PATH . '/classes/' . $classname . '.php'; if (file_exists($file)) { require_once $file; } } spl_autoload_register('cash_admin_autoloadCore'); // grab path from .htaccess redirect if ($_REQUEST['p'] && $_REQUEST['p'] != realpath(ADMIN_BASE_PATH)) { $parsed_request = str_replace('/', '_', trim($_REQUEST['p'], '/')); if (file_exists($pages_path . 'controllers/' . $parsed_request . '.php')) { define('BASE_PAGENAME', $parsed_request); $include_filename = BASE_PAGENAME . '.php'; } else { // cascade through a "failure" to see if it is a true bad request, or a page requested // with parameters requested — always show the last good true filename and push the // remaining request portions into te request_parameters array if (strpos($parsed_request, '_') !== false) {
} // define constants (use sparingly!) $root = dirname(__FILE__); define('CASH_PLATFORM_ROOT', $root); // define cash_embedElement function function cash_embedElement($element_id) { global $cash_primary_request; $cash_body_request = new CASHRequest( array( 'cash_request_type' => 'element', 'cash_action' => 'getmarkup', 'element_id' => $element_id, 'status_uid' => $cash_primary_request->response['status_uid'] ) ); echo $cash_body_request->response['payload']; } // fire up the platform $cash_primary_request = new CASHRequest(); // check on each load to see if we need to regenerate the session id if(!defined('STDIN')) { // no session for CLI if ($cash_primary_request->sessionGetPersistent('session_regenerate_id')) { session_regenerate_id(true); $cash_primary_request->sessionClearPersistent('session_regenerate_id'); } } ?>
<?php if(strrpos($_SERVER['REQUEST_URI'],'controller.php') !== false) { header('Location: ./'); exit; } // include the necessary bits, define the page directory require_once('constants.php'); require_once(CASH_PLATFORM_PATH); $pages_path = ADMIN_BASE_PATH . '/components/pages/'; $admin_primary_cash_request = new CASHRequest(); $request_parameters = null; // grab path from .htaccess redirect if ($_REQUEST['p'] && ($_REQUEST['p'] != realpath(ADMIN_BASE_PATH))) { $parsed_request = str_replace('/','_',trim($_REQUEST['p'],'/')); if (file_exists($pages_path . 'definitions/' . $parsed_request . '.php') && file_exists($pages_path . 'markup/' . $parsed_request . '.php')) { define('BASE_PAGENAME', $parsed_request); $include_filename = BASE_PAGENAME.'.php'; } else { // cascade through a "failure" to see if it is a true bad request, or a page requested // with parameters requested — always show the last good true filename and push the // remaining request portions into te request_parameters array if (strpos($parsed_request,'_') !== false) { $fails_at_level = 0; $successful_request = ''; $exploded_request = explode('_',$parsed_request); for($i = 0, $a = sizeof($exploded_request); $i < $a; ++$i) { if ($i > 0) { $test_request = $successful_request . '_' . $exploded_request[$i]; } else {
protected function finalizeRedirectedPayment($order_id, $creation_date, $direct_post_details = false, $session_id = false) { $order_details = $this->getOrder($order_id); $transaction_details = $this->getTransaction($order_details['transaction_id']); $connection_type = $this->getConnectionType($transaction_details['connection_id']); $r = new CASHRequest(); $r->startSession(false, $session_id); $finalize_url = $r->sessionGet('payment_finalize_url'); if ($finalize_url) { $r->sessionClear('payment_finalize_url'); } switch ($connection_type) { case 'com.paypal': if (isset($_GET['token'])) { if (isset($_GET['PayerID'])) { $pp = new PaypalSeed($order_details['user_id'], $transaction_details['connection_id'], $_GET['token']); $initial_details = $pp->getExpressCheckout(); if ($initial_details['ACK'] == 'Success') { $order_totals = $this->getOrderTotals($order_details['order_contents']); if ($initial_details['AMT'] >= $order_totals['price']) { $final_details = $pp->doExpressCheckout(); if ($final_details) { // look for a user to match the email. if not present, make one $user_request = new CASHRequest(array('cash_request_type' => 'people', 'cash_action' => 'getuseridforaddress', 'address' => $initial_details['EMAIL'])); $user_id = $user_request->response['payload']; if (!$user_id) { $user_request = new CASHRequest(array('cash_request_type' => 'system', 'cash_action' => 'addlogin', 'address' => $initial_details['EMAIL'], 'password' => time(), 'is_admin' => 0, 'display_name' => $initial_details['FIRSTNAME'] . ' ' . $initial_details['LASTNAME'], 'first_name' => $initial_details['FIRSTNAME'], 'last_name' => $initial_details['LASTNAME'], 'address_country' => $initial_details['COUNTRYCODE'])); $user_id = $user_request->response['payload']; } // deal with physical quantities if ($order_details['physical'] == 1) { $order_items = json_decode($order_details['order_contents'], true); if (is_array($order_items)) { foreach ($order_items as $i) { if ($i['available_units'] > 0 && $i['physical_fulfillment'] == 1) { $item = $this->getItem($i['id']); if ($i['variant']) { $variant_id = 0; $variant_qty = 0; if ($item['variants']) { foreach ($item['variants']['quantities'] as $q) { if ($q['key'] == $i['variant']) { $variant_id = $q['id']; $variant_qty = $q['value']; break; } } if ($variant_id) { $this->editItemVariant($variant_id, max($variant_qty - $i['qty'], 0), $i['id']); } } } else { $available_units = $this->editItem($i['id'], false, false, false, false, false, max($item['available_units'] - $i['qty'], 0)); } } } } } // record all the details if ($order_details['digital'] == 1 && $order_details['physical'] == 0) { // if the order is 100% digital just mark it as fulfilled $is_fulfilled = 1; } else { // there's something physical. sorry dude. gotta deal with it still. $is_fulfilled = 0; } $this->editOrder($order_id, $is_fulfilled, 0, false, $initial_details['COUNTRYCODE'], $user_id); $this->editTransaction($order_details['transaction_id'], strtotime($final_details['TIMESTAMP']), $final_details['CORRELATIONID'], json_encode($initial_details), json_encode($final_details), 1, $final_details['PAYMENTINFO_0_AMT'], $final_details['PAYMENTINFO_0_FEEAMT'], 'complete'); // empty the cart at this point $this->emptyCart($session_id); // TODO: add code to order metadata // bit of a hack, hard-wiring the email bits: try { $personalized_message = ''; if ($order_details['element_id']) { $element_request = new CASHRequest(array('cash_request_type' => 'element', 'cash_action' => 'getelement', 'id' => $order_details['element_id'])); if ($element_request->response['payload']) { if (isset($element_request->response['payload']['options']['message_email'])) { if ($element_request->response['payload']['options']['message_email']) { $personalized_message = $element_request->response['payload']['options']['message_email'] . "\n\n"; } } } } if ($order_details['digital']) { $addcode_request = new CASHRequest(array('cash_request_type' => 'element', 'cash_action' => 'addlockcode', 'element_id' => $order_details['element_id'])); if (!$finalize_url) { $finalize_url = CASHSystem::getCurrentURL(); } CASHSystem::sendEmail('Thank you for your order', $order_details['user_id'], $initial_details['EMAIL'], $personalized_message . "Your order is complete. Here are some details:\n\n**Order #" . $order_details['id'] . "** \n" . $initial_details['PAYMENTREQUEST_0_DESC'] . " \n Total: " . CASHSystem::getCurrencySymbol($order_details['currency']) . number_format($final_details['PAYMENTINFO_0_AMT'], 2) . "\n\n" . "\n\n" . '[View your receipt and any downloads](' . $finalize_url . '?cash_request_type=element&cash_action=redeemcode&code=' . $addcode_request->response['payload'] . '&element_id=' . $order_details['element_id'] . '&email=' . urlencode($initial_details['EMAIL']) . '&order_id=' . $order_details['id'] . ')', 'Thank you.'); } else { CASHSystem::sendEmail('Thank you for your order', $order_details['user_id'], $initial_details['EMAIL'], $personalized_message . "Your order is complete. Here are some details:\n\n**Order #" . $order_details['id'] . "** \n" . $initial_details['PAYMENTREQUEST_0_DESC'] . " \n Total: " . CASHSystem::getCurrencySymbol($order_details['currency']) . number_format($final_details['PAYMENTINFO_0_AMT'], 2) . "\n\n", 'Thank you.'); } } catch (Exception $e) { // TODO: handle the case where an email can't be sent. maybe display the download // code on-screen? that plus storing it with the order is probably enough } return $order_details['id']; } else { // make sure this isn't an accidentally refreshed page if ($initial_details['CHECKOUTSTATUS'] != 'PaymentActionCompleted') { $initial_details['ERROR_MESSAGE'] = $pp->getErrorMessage(); // there was an error processing the transaction $this->editOrder($order_id, 0, 1); $this->editTransaction($order_details['transaction_id'], strtotime($initial_details['TIMESTAMP']), $initial_details['CORRELATIONID'], false, json_encode($initial_details), 0, false, false, 'error processing payment'); return false; } else { // this is a successful transaction with the user hitting refresh // as long as it's within 30 minutes of the original return true, otherwise // call it false and allow the page to expire if (time() - strtotime($initial_details['TIMESTAMP']) < 180) { return true; } else { return false; } } } } else { // insufficient funds — user changed amount? $this->editOrder($order_id, 0, 1); $this->editTransaction($order_details['transaction_id'], strtotime($initial_details['TIMESTAMP']), $initial_details['CORRELATIONID'], false, json_encode($initial_details), 0, false, false, 'incorrect amount'); return false; } } else { // order reporting failure $this->editOrder($order_id, 0, 1); $this->editTransaction($order_details['transaction_id'], strtotime($initial_details['TIMESTAMP']), $initial_details['CORRELATIONID'], false, json_encode($initial_details), 0, false, false, 'payment failed'); return false; } } else { // user canceled transaction $this->editOrder($order_id, 0, 1); $this->editTransaction($order_details['transaction_id'], time(), false, false, false, 0, false, false, 'canceled'); return false; } } break; default: return false; } }
<?php $logout_request = new CASHRequest(null); $logout_request->sessionClearAll(); //if (!isset($_REQUEST['noredirect'])) { AdminHelper::controllerRedirect('/'); //}
<? $logout_request = new CASHRequest(); $logout_request->sessionClearAllPersistent(); header('Location: ' . ADMIN_WWW_BASE_PATH . '/') ?>
function testWhatever() { $request = new CASHRequest(); // test script-scope sesstion values: $value = $request->sessionGet('foobar', 'script'); $this->assertFalse($value); $request->sessionSet('foobar', 'baz', 'script'); $value = $request->sessionGet('foobar', 'script'); $this->assertEqual($value, 'baz'); $request->sessionClear('foobar', 'script'); $value = $request->sessionGet('foobar', 'script'); $this->assertFalse($value); $request->sessionSet('foobar', 'baz', 'script'); $request->sessionClearAll(); $value = $request->sessionGet('foobar', 'script'); $this->assertFalse($value); // test persistent-scope sesstion values: $value = $request->sessionGet('foobar'); $this->assertFalse($value); $request->sessionSet('foobar', 'baz'); $value = $request->sessionGet('foobar'); $this->assertFalse($value); // fail without startSession() $session = CASHSystem::startSession(); $this->assertTrue($session); echo 'Session started: ' . json_encode($session) . "\n"; $request->sessionSet('foobar', 'baz'); $value = $request->sessionGet('foobar'); $this->assertEqual($value, 'baz'); $request->sessionClear('foobar'); $value = $request->sessionGet('foobar'); $this->assertFalse($value); $request->sessionSet('foobar', 'baz'); $request->sessionClearAll(); $value = $request->sessionGet('foobar'); $this->assertFalse($value); }
$template = $template_request->response['payload']; } // with a real user but no template we redirect to the admin if ($template) { $element_embeds = false; // i know we don't technically need this, but the immaculate variable in preg_match_all freaks me out $found_elements = preg_match_all('/{{{element_(.*?)}}}/', $template, $element_embeds, PREG_PATTERN_ORDER); if ($found_elements) { foreach ($element_embeds[1] as $element_id) { ob_start(); CASHSystem::embedElement($element_id); $page_vars['element_' . $element_id] = ob_get_contents(); ob_end_clean(); } } // render out the page itself echo CASHSystem::renderMustache($template, $page_vars); exit; } else { // redirect to the admin header('Location: ./admin/'); } } /*************************************** * * NOT A USER. DISPLAY MAIN SITE. * ***************************************/ $cache_request = new CASHRequest(); $cache_request->primeCache(); echo $cache_request->getCachedURL('org.cashmusic.prime', 'pagecache', 'http://prime.cashmusic.org/', 'raw', false);
/** * Gets API credentials for the effective or actual user * * @param {string} effective || actual * @return array */ public static function getAPICredentials($user_type = 'effective') { $data_request = new CASHRequest(null); $user_id = $data_request->sessionGet('cash_' . $user_type . '_user'); if ($user_id) { $data_request = new CASHRequest(array('cash_request_type' => 'system', 'cash_action' => 'getapicredentials', 'user_id' => $user_id)); return $data_request->response['payload']; } return false; }
OF F*****G COURSE YOU SHOULD NOT DELETE THIS BLOCK! Love, Jesse in the past AKA "Smart Jesse" PS: you're dumb. */ if (isset($_GET['cash_action']) && isset($_GET['element_id'])) { $requests = array('embed', $_GET['element_id']); } if ($requests) { require_once dirname(__FILE__) . '/constants.php'; require_once CASH_PLATFORM_PATH; $cash_page_request = new CASHRequest(null); $initial_page_request = $cash_page_request->sessionGet('initial_page_request', 'script'); if ($requests[0] != 'payload' || $requests[0] != 'json') { // open up some mustache in here: include_once dirname(CASH_PLATFORM_PATH) . '/lib/mustache/Mustache.php'; $freddiemercury = new Mustache(); } // pass basic no-cache headers header('P3P: CP="ALL CUR OUR"'); // P3P privacy policy fix header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); header("Access-Control-Allow-Origin: *"); header('Access-Control-Allow-Credentials: true');
<?php if (strrpos($_SERVER['REQUEST_URI'], 'controller.php') !== false) { header('Location: ./'); exit; } require_once './constants.php'; require_once CASH_PLATFORM_PATH; $pages_path = ADMIN_BASE_PATH . '/components/pages/'; $admin_primary_cash_request = new CASHRequest(); $request_parameters = null; // admin-specific autoloader function cash_admin_autoloadCore($classname) { $file = ADMIN_BASE_PATH . '/classes/' . $classname . '.php'; if (file_exists($file)) { require_once $file; } } spl_autoload_register('cash_admin_autoloadCore'); // grab path from .htaccess redirect if ($_REQUEST['p'] && $_REQUEST['p'] != realpath(ADMIN_BASE_PATH)) { $parsed_request = str_replace('/', '_', trim($_REQUEST['p'], '/')); if (file_exists($pages_path . 'definitions/' . $parsed_request . '.php') && file_exists($pages_path . 'markup/' . $parsed_request . '.php')) { define('BASE_PAGENAME', $parsed_request); $include_filename = BASE_PAGENAME . '.php'; } else { // cascade through a "failure" to see if it is a true bad request, or a page requested // with parameters requested — always show the last good true filename and push the // remaining request portions into te request_parameters array if (strpos($parsed_request, '_') !== false) {
/** * The main public method to embed elements. Notice that it echoes rather * than returns, because it's meant to be used simply by calling and spitting * out the needed code... * * @return none */ public static function embedElement($element_id) { // fire up the platform sans-direct-request to catch any GET/POST info sent // in to the page $cash_page_request = new CASHRequest(null); $initial_page_request = $cash_page_request->sessionGet('initial_page_request', 'script'); if ($initial_page_request && isset($initial_page_request['request']['element_id'])) { // now test that the initial POST/GET was targeted for this element: if ($initial_page_request['request']['element_id'] == $element_id) { $status_uid = $initial_page_request['status_uid']; $original_request = $initial_page_request['request']; $original_response = $initial_page_request['response']; } else { $status_uid = false; $original_request = false; $original_response = false; } } else { $status_uid = false; $original_request = false; $original_response = false; } $cash_body_request = new CASHRequest(array('cash_request_type' => 'element', 'cash_action' => 'getmarkup', 'id' => $element_id, 'status_uid' => $status_uid, 'original_request' => $original_request, 'original_response' => $original_response)); if ($cash_body_request->response['status_uid'] == 'element_getmarkup_400') { echo '<div class="cash_system_error">Element #' . $element_id . ' could not be found.</div>'; } if (is_string($cash_body_request->response['payload'])) { echo $cash_body_request->response['payload']; } if ($cash_body_request->sessionGet('initialized_element_' . $element_id, 'script')) { if (ob_get_level()) { ob_flush(); } } unset($cash_page_request); unset($cash_body_request); }