identifies to PayPal your transaction In this example, when the script sees a token, the script knows that the buyer has already authorized payment through paypal. If no token was found, the action is to send the buyer to PayPal to first authorize payment */ //$token = $_REQUEST['token']; if (!isset($token)) { //check deal quantity availability require_once DOCUMENT_ROOT . "/system/includes/transaction.php"; $getvalue = split(",", $_POST['CUSTOM']); $L_QTY0 = $getvalue[1]; $COUPONID = $getvalue[0]; //check whether deal is expired or closed is_deal_expired($COUPONID); check_max_deal_purchase($COUPONID, $_POST["friendname"], $_POST["friendemail"], $L_QTY0, $_SESSION['userid']); check_deal_quantity($COUPONID, $_POST["friendname"], $_POST["friendemail"], $L_QTY0); $_SESSION['pay_mod_id'] = $_POST['pay_mod_id']; if (!isset($_SESSION['pay_mod_id'])) { if ($_POST["friendname"] != '' && $_POST["friendemail"] != '') { url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID . "&type=gift"); } else { url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID); } } /* The servername and serverport tells PayPal where the buyer should be directed back to after authorizing payment. In this case, its the local webserver that is running this script Using the servername and serverport, the return URL is the first portion of the URL that buyers will return to after authorizing payment */
} else { $_SESSION['deductable_ref_amt'] = 0; } // authorize $qty = $_POST['qty']; $couponid = $_POST['couponid']; $sale->cust_id = $_POST['user']; $amount = $_POST['amount']; //if payable amount is equal to zero then process the customer directly if ($_POST['amount'] == 0) { //check deal quantity availability require_once DOCUMENT_ROOT . "/system/includes/transaction.php"; $L_QTY0 = $qty; $COUPONID = $couponid; $USERID = $_SESSION['userid']; check_max_deal_purchase($COUPONID, $_POST["friendname"], $_POST["friendemail"], $L_QTY0, $USERID); check_deal_quantity($COUPONID, $_POST["friendname"], $_POST["friendemail"], $L_QTY0); $USERID = $_SESSION['userid']; $_SESSION['pay_mod_id'] = $_POST['pay_mod_id']; if (!isset($_SESSION['pay_mod_id'])) { if ($_POST["friendname"] != '' && $_POST["friendemail"] != '') { url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID . "&type=gift"); } else { url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID); } } $user = "******"; $userSet = mysql_query($user); while ($r = mysql_fetch_array($userSet)) { $FIRSTNAME = html_entity_decode($r['firstname'], ENT_QUOTES); $LASTNAME = html_entity_decode($r['lastname'], ENT_QUOTES);
displays the errors. Called by DoDirectPayment.php. Calls CallerService.php and APIError.php. ***********************************************************/ define("DOCUMENT_ROOT", $_SERVER['DOCUMENT_ROOT']); require_once 'CallerService.php'; require_once DOCUMENT_ROOT . "/system/includes/docroot.php"; require_once DOCUMENT_ROOT . "/system/includes/dboperations.php"; //check deal quantity availability require_once DOCUMENT_ROOT . "/system/includes/transaction.php"; //check whether deal is expired or closed is_deal_expired($_POST['couponid']); check_max_deal_purchase($_POST['couponid'], $_POST["friendname"], $_POST["friendemail"], $_POST['qty'], $_SESSION['userid']); check_deal_quantity($_POST['couponid'], $_POST["friendname"], $_POST["friendemail"], $_POST['qty']); $USERID = $_SESSION['userid']; $_SESSION["defaultuserid"] = $_SESSION['userid']; $COUPONID = $_POST['couponid']; $PAYMENTACTION = $_POST['PAYMENT_ACTION_NAME']; $_SESSION['pay_mod_id'] = $_POST['pay_mod_id']; if (!isset($_SESSION['pay_mod_id'])) { if ($_POST["friendname"] != '' && $_POST["friendemail"] != '') { url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID . "&type=gift"); } else { url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID); } } if ($_POST['ref_amt2'] > 0 && $PAYMENTACTION == 'Creditcardpayment') { $user = "******";