$passwd = ""; $passwd2 = ""; loginprompt(false); break; /* Login phase 2 - check usernm and passwd, login if match */ /* Login phase 2 - check usernm and passwd, login if match */ case "Log In": $usernm = postvalue("usernm", ""); $passwd = postvalue("passwd", ""); $pwcheck = dbgetsingleton("SELECT (PASSWORD('{$passwd}') = passwd) pwcheck " . " FROM user " . " WHERE usernm = '{$usernm}'", "pwcheck"); if ($pwcheck) { h1("Login successful"); $user = new User(); $user->loadByUserNm($usernm); $_SESSION["user"] = $user; $x->log("Login Succeeded", "Login succeeded for {$usernm}", $user->userix); /* Check for waiting list pickups */ # $sql = # "SELECT r.eventix, e.eventnm, e.eventdt, COUNT(*) wlcnt, IF(o.rcnt IS NULL, 0, o.rcnt) rcnt \n" . # " FROM registration r \n" . # " JOIN event e ON (r.eventix = e.eventix) \n" . # " LEFT OUTER JOIN (SELECT eventix, COUNT(*) rcnt FROM registration WHERE NOT waiting AND releasetime IS NOT NULL GROUP BY eventix) o ON (r.eventix = o.eventix) \n" . # " WHERE r.userix = {$user->userix} \n" . # " AND r.waiting \n" . # " AND rcnt > 0 \n" . # " AND e.eventdt >= CURDATE() \n" . # " GROUP BY e.eventdt \n" . # " ORDER BY e.eventdt"; # # dispsql($sql); # $result = mysql_query($sql)
dbconnect(); $x = new XactLog(); $order = new Order(); $ipn = $_POST; $orderix = postvalue("invoice", NULL); $payment_status = postvalue("payment_status", NULL); $mc_gross = postvalue("mc_gross", 0.0); $userix = NULL; if ($orderix) { $order->loadByOrderIx($orderix); $userix = $order->userix; if ($userix) { $usernm = dbgetsingleton("SELECT usernm FROM user WHERE userix = {$userix}", "usernm"); } } $x->log("PP IPN Notificaton", "Unvalidated PP Notification", $userix, $orderix, NULL, print_r($_POST, true)); /* Form the response */ if (array_key_exists("test_ipn", $_POST) && $_POST["test_ipn"] == 1) { $ppurl = "https://www.sandbox.paypal.com/cgi-bin/webscr"; } else { $ppurl = "https://www.paypal.com/cgi-bin/webscr"; } $request = curl_init(); curl_setopt_array($request, array(CURLOPT_URL => $ppurl, CURLOPT_POST => TRUE, CURLOPT_POSTFIELDS => http_build_query(array("cmd" => "_notify-validate") + $_POST), CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_HEADER => FALSE, CURLOPT_SSL_VERIFYPEER => TRUE)); /* Send the response */ $response = curl_exec($request); $status = curl_getinfo($request, CURLINFO_HTTP_CODE); curl_close($request); if ($status == 200 && $response == "VERIFIED") { $x->log("PP IPN Verified", "PP IPN Verification Succeeded - {$payment_status}", $userix, $orderix, NULL, print_r($_POST, true)); /* Record approval */
require_once "{$TKTDIR}xactlog.php"; require_once "{$TKTDIR}order.php"; dbconnect(); $x = new XactLog(); $order = new Order(); $ipn = $_POST; $orderix = postvalue("invoice", NULL); $userix = NULL; if ($orderix) { $order->loadByOrderIx($orderix); $userix = $order->userix; if ($userix) { $usernm = dbgetsingleton("SELECT usernm FROM user WHERE userix = {$userix}", "usernm"); } } $x->log("PP IPN Notificaton", "Unvalidated PP Notification", $userix, $orderix, NULL, print_r($_POST, true)); /* Form the response */ if (array_key_exists("test_ipn", $_POST) && $_POST["test_ipn"] == 1) { $ppurl = "https://www.sandbox.paypal.com/cgi-bin/webscr"; } else { $ppurl = "https://www.paypal.com/cgi-bin/webscr"; } $request = curl_init(); curl_setopt_array($request, array(CURLOPT_URL => $ppurl, CURLOPT_POST => TRUE, CURLOPT_POSTFIELDS => http_build_query(array("cmd" => "_notify-validate") + $_POST), CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_HEADER => FALSE, CURLOPT_SSL_VERIFYPEER => TRUE)); /* Send the response */ $response = curl_exec($request); $status = curl_getinfo($request, CURLINFO_HTTP_CODE); curl_close($request); if ($status == 200 && $response == "VERIFIED") { $x->log("PP IPN Verified", "PP IPN Verification Succeeded", $userix, $orderix, NULL, print_r($_POST, true)); /* Record approval */
/* Confirm: where the user lands if they click Confirm */ /* Creates the order in the database and */ /* *************************************************************************************************************************** */ case 'Confirm': /* Create the order in the orderhdr and orderdtl tables */ echo "<h1>Event Order Placed - {$usernm}</h1>\n"; dbconnect(); /* Create orderhdr row */ $totalamt = postvalue("totalamt", 0.0); $order = new Order(); $orderix = $order->createOrderIx($userix); $order->setTotalAmt($totalamt); if ($debug) { echo "<p>Your order number is <strong><big>{$orderix}</big></strong>.</p>\n"; } $x->log("Order Confirmed", "Order {$orderix} confirmed by user {$usernm}", $userix, $orderix); $ix = 0; $orderdtlix = 0; $totaladd = 0; while (array_key_exists("eventnm{$ix}", $_POST)) { $eventix = $_POST["eventix{$ix}"]; $eventnm = $_POST["eventnm{$ix}"]; $eventdt = $_POST["eventdt{$ix}"]; $add = postvalue("add{$ix}", 0); $addwait = postvalue("addwait{$ix}", 0); $remove = postvalue("remove{$ix}", 0); $extamt = postvalue("extamt{$ix}", 0); $totaladd += $add; /* Adds */ if ($add) { /* Order detail insertion */
<html> <head> <?php require_once "functions.php"; require_once "database.php"; require_once "xactlog.php"; ?> </head> <body> <h1>test.xactlog</h1> <?php dbconnect(); echo "<h2>XactLog::log</h2>"; $x = new XactLog(); $x->log("Test Xact"); $x->log("Test Xact 2", "description"); $x->log("Test Xact 3", NULL); $x->log("Test Xact 3", ""); $x->log("Test Xact 4", "userix", 1); $x->log("Test Xact 4", "userix", NULL); $x->log("Test Xact 4", "userix", ""); $x->log("Test Xact 4", NULL, 1); $x->log("Test Xact 5", "eventix", 1, 2); $x->log("Test Xact 5", "eventix", 1, NULL); $x->log("Test Xact 5", "eventix", 1, ""); $x->log("Test Xact 5", "eventix", NULL, 2); $x->log("Test Xact 5", "eventix", "", 2); $x->log("Test Xact 5", NULL, 1, 2); $x->log("Test Xact 5", "", 1, 2); $x->log("Test Xact 6", "eventix", 1, 2, "This is a test transaction.\nMany test transactions have excessive detail.\nThis one is a good example of that.\n");