function cp_contact_form_paypal_check_posted_data()
{
    global $wpdb;
    if (isset($_GET['cp_contactformpp_ipncheck']) && $_GET['cp_contactformpp_ipncheck'] == '1' && isset($_GET["itemnumber"])) {
        cp_contactformpp_check_IPN_verification();
    }
    if (isset($_GET['cp_contactformpp_encodingfix']) && $_GET['cp_contactformpp_encodingfix'] == '1') {
        $wpdb->query('alter table ' . CP_CONTACTFORMPP_DISCOUNT_CODES_TABLE_NAME . ' convert to character set utf8 collate utf8_unicode_ci;');
        $wpdb->query('alter table ' . CP_CONTACTFORMPP_FORMS_TABLE . ' convert to character set utf8 collate utf8_unicode_ci;');
        $wpdb->query('alter table ' . CP_CONTACTFORMPP_POSTS_TABLE_NAME . ' convert to character set utf8 collate utf8_unicode_ci;');
        echo 'Ok, encoding fixed.';
        exit;
    }
    if (isset($_GET) && array_key_exists('cp_contact_form_paypal_post', $_GET)) {
        if ($_GET["cp_contact_form_paypal_post"] == 'loadcoupons') {
            cp_contactformpp_load_discount_codes();
        }
    }
    if (isset($_GET['cp_contactformpp']) && $_GET['cp_contactformpp'] == 'captcha') {
        @(include_once dirname(__FILE__) . '/captcha/captcha.php');
        exit;
    }
    if (isset($_GET['cp_contactformpp_csv']) && is_admin()) {
        cp_contactformpp_export_csv();
        return;
    }
    if (isset($_GET['script_load_method'])) {
        cp_contactformpp_update_script_method();
        return;
    }
    if ('POST' == $_SERVER['REQUEST_METHOD'] && isset($_POST['cp_contactformpp_post_options']) && is_admin()) {
        cp_contactformpp_save_options();
        return;
    }
    if ('POST' != $_SERVER['REQUEST_METHOD'] || !isset($_POST['cp_contactformpp_pform_process'])) {
        if ('GET' != $_SERVER['REQUEST_METHOD'] || !isset($_GET['hdcaptcha_cp_contact_form_paypal_post'])) {
            return;
        }
    }
    if (isset($_POST["cp_contactformpp_id"])) {
        define("CP_CONTACTFORMPP_ID", intval($_POST["cp_contactformpp_id"]));
    }
    if (function_exists('session_start')) {
        @session_start();
    }
    if (isset($_GET["ps"])) {
        $sequence = $_GET["ps"];
    } else {
        if (isset($_POST["cp_pform_psequence"])) {
            $sequence = $_POST["cp_pform_psequence"];
        }
    }
    if (!isset($_GET['hdcaptcha_cp_contact_form_paypal_post']) || $_GET['hdcaptcha_cp_contact_form_paypal_post'] == '') {
        $_GET['hdcaptcha_cp_contact_form_paypal_post'] = @$_POST['hdcaptcha_cp_contact_form_paypal_post'];
    }
    if (cp_contactformpp_get_option('cv_enable_captcha', CP_CONTACTFORMPP_DEFAULT_cv_enable_captcha) != 'false' && (strtolower($_GET['hdcaptcha_cp_contact_form_paypal_post']) != strtolower($_SESSION['rand_code' . $sequence]) || $_SESSION['rand_code' . $sequence] == '') && (md5(strtolower($_GET['hdcaptcha_cp_contact_form_paypal_post'])) != $_COOKIE['rand_code' . $sequence] || $_COOKIE['rand_code' . $sequence] == '')) {
        $_SESSION['rand_code' . $sequence] = '';
        setCookie('rand_code' . $sequence, '', time() + 36000, "/");
        echo 'captchafailed';
        exit;
    }
    // if this isn't the real post (it was the captcha verification) then echo ok and exit
    if ('POST' != $_SERVER['REQUEST_METHOD'] || !isset($_POST['cp_contactformpp_pform_process'])) {
        echo 'ok';
        exit;
    }
    // get base price
    $price = cp_contactformpp_get_option('request_cost', CP_CONTACTFORMPP_DEFAULT_COST);
    $price = trim(str_replace(',', '', str_replace(CP_CONTACTFORMPP_DEFAULT_CURRENCY_SYMBOL, '', str_replace(CP_CONTACTFORMPP_GBP_CURRENCY_SYMBOL, '', str_replace(CP_CONTACTFORMPP_EUR_CURRENCY_SYMBOL_A, '', str_replace(CP_CONTACTFORMPP_EUR_CURRENCY_SYMBOL_B, '', $price))))));
    $added_cost = @$_POST[cp_contactformpp_get_option('paypal_price_field', '') . $sequence];
    if (!is_numeric($added_cost)) {
        $added_cost = 0;
    }
    $price += $added_cost;
    $taxes = trim(str_replace("%", "", cp_contactformpp_get_option('request_taxes', '0')));
    // get form info
    //---------------------------
    $identify_prices = cp_contactformpp_get_option('paypal_identify_prices', CP_CONTACTFORMPP_DEFAULT_PAYPAL_IDENTIFY_PRICES);
    require_once ABSPATH . "wp-admin" . '/includes/file.php';
    $form_data = json_decode(cp_contactformpp_cleanJSON(cp_contactformpp_get_option('form_structure', CP_CONTACTFORMPP_DEFAULT_form_structure)));
    $fields = array();
    foreach ($form_data[0] as $item) {
        $fields[$item->name] = $item->title;
    }
    // calculate discounts if any
    //---------------------------
    $discount_note = "";
    $coupon = false;
    $codes = array();
    // grab posted data
    //---------------------------
    $buffer = "";
    foreach ($_POST as $item => $value) {
        if (isset($fields[str_replace($sequence, '', $item)])) {
            $buffer .= $fields[str_replace($sequence, '', $item)] . ": " . (is_array($value) ? implode(", ", $value) : $value) . "\n\n";
            $params[str_replace($sequence, '', $item)] = $value;
        }
    }
    $buffer_A = $buffer;
    $paypal_product_name = cp_contactformpp_get_option('paypal_product_name', CP_CONTACTFORMPP_DEFAULT_PRODUCT_NAME) . $discount_note;
    $params["PayPal Product Name"] = $paypal_product_name;
    $params["Cost"] = $price;
    $params["Costtax"] = $price + round($price * ($taxes / 100), 2);
    $current_user = wp_get_current_user();
    $params["user_login"] = $current_user->user_login;
    $params["user_id"] = $current_user->ID;
    $params["user_email"] = $current_user->user_email;
    $params["user_firstname"] = $current_user->user_firstname;
    $params["user_lastname"] = $current_user->user_lastname;
    $params["display_name"] = $current_user->display_name;
    cp_contactformpp_add_field_verify(CP_CONTACTFORMPP_POSTS_TABLE_NAME, 'posted_data');
    $_SESSION['rand_code' . $sequence] = '';
    setCookie('rand_code' . $sequence, '', time() + 36000, "/");
    // insert into database
    //---------------------------
    $to = cp_contactformpp_get_option('cu_user_email_field', CP_CONTACTFORMPP_DEFAULT_cu_user_email_field) . $sequence;
    $rows_affected = $wpdb->insert(CP_CONTACTFORMPP_POSTS_TABLE_NAME, array('formid' => CP_CONTACTFORMPP_ID, 'time' => current_time('mysql'), 'ipaddr' => $_SERVER['REMOTE_ADDR'], 'notifyto' => @$_POST[$to] ? @$_POST[$to] : '', 'paypal_post' => serialize($params), 'posted_data' => serialize($params), 'data' => $buffer_A), array('%d', '%s', '%s', '%s', '%s', '%s', '%s'));
    if (!$rows_affected) {
        echo 'Error saving data! Please try again.';
        echo '<br /><br />Error debug information: ' . mysql_error();
        echo '<br /><br />If the error persists contact support service at http://wordpress.dwbooster.com/support';
        exit;
    }
    $myrows = $wpdb->get_results("SELECT MAX(id) as max_id FROM " . CP_CONTACTFORMPP_POSTS_TABLE_NAME);
    // save data here
    $item_number = $myrows[0]->max_id;
    $paypal_recurrent = cp_contactformpp_get_option('paypal_recurrent_setup', '0');
    if (cp_contactformpp_get_option('paypal_mode', CP_CONTACTFORMPP_DEFAULT_PAYPAL_MODE) == "sandbox") {
        $ppurl = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
    } else {
        $ppurl = 'https://www.paypal.com/cgi-bin/webscr';
    }
    $recurrent = cp_contactformpp_get_option('paypal_recurrent', CP_CONTACTFORMPP_DEFAULT_PAYPAL_RECURRENT);
    ?>
<html>
<head><title>Redirecting to Paypal...</title></head>
<body>
<form action="<?php 
    echo $ppurl;
    ?>
" name="ppform3" method="post">
<input type="hidden" name="business" value="<?php 
    echo cp_contactformpp_get_option('paypal_email', CP_CONTACTFORMPP_DEFAULT_PAYPAL_EMAIL);
    ?>
" />
<input type="hidden" name="item_name" value="<?php 
    echo $paypal_product_name;
    ?>
" />
<input type="hidden" name="item_number" value="<?php 
    echo $item_number;
    ?>
" />
<?php 
    if (cp_contactformpp_get_option('paypal_recurrent', CP_CONTACTFORMPP_DEFAULT_PAYPAL_RECURRENT) == '0' || cp_contactformpp_get_option('paypal_recurrent', CP_CONTACTFORMPP_DEFAULT_PAYPAL_RECURRENT) == '') {
        ?>
<input type="hidden" name="cmd" value="_xclick" />
<input type="hidden" name="bn" value="NetFactorSL_SI_Custom" />
<input type="hidden" name="amount" value="<?php 
        echo $price;
        ?>
" />
<?php 
    } else {
        if ($paypal_recurrent != '0' && $paypal_recurrent != '') {
            ?>
<input type="hidden" name="a1" value="<?php 
            echo $paypal_recurrent;
            ?>
">
<input type="hidden" name="p1" value="<?php 
            echo $recurrent == '0.4' ? '1' : $recurrent;
            ?>
">
<input type="hidden" name="t1" value="<?php 
            echo $recurrent == '0.4' ? 'W' : 'M';
            ?>
">
<?php 
        }
        $selnum = cp_contactformpp_get_option('paypal_recurrent_times', '0');
        if ($selnum != '0') {
            ?>
<input type="hidden" name="srt" value="<?php 
            echo $selnum;
            ?>
">
<?php 
        }
        ?>
<input type="hidden" name="cmd" value="_xclick-subscriptions">
<input type="hidden" name="bn" value="NetFactorSL_SI_Custom">
<input type="hidden" name="a3" value="<?php 
        echo $price;
        ?>
">
<input type="hidden" name="p3" value="<?php 
        echo $recurrent == '0.4' ? '1' : $recurrent;
        ?>
">
<input type="hidden" name="t3" value="<?php 
        echo $recurrent == '0.4' ? 'W' : 'M';
        ?>
">
<input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1">
<?php 
    }
    if ($taxes != '0' && $taxes != '') {
        ?>
<input type="hidden" name="tax_rate"  value="<?php 
        echo $taxes;
        ?>
" />
<?php 
    }
    ?>
<input type="hidden" name="page_style" value="Primary" />
<input type="hidden" name="charset" value="utf-8">
<input type="hidden" name="no_shipping" value="<?php 
    if (cp_contactformpp_get_option('request_address', '0') != '1') {
        echo '1';
    } else {
        echo '2';
    }
    ?>
" />
<input type="hidden" name="return" value="<?php 
    echo cp_contactformpp_get_option('fp_return_page', CP_CONTACTFORMPP_DEFAULT_fp_return_page);
    ?>
">
<input type="hidden" name="cancel_return" value="<?php 
    echo $_POST["cp_ref_page"];
    ?>
" />
<input type="hidden" name="no_note" value="1" />
<input type="hidden" name="currency_code" value="<?php 
    echo strtoupper(cp_contactformpp_get_option('currency', CP_CONTACTFORMPP_DEFAULT_CURRENCY));
    ?>
" />
<input type="hidden" name="lc" value="<?php 
    echo cp_contactformpp_get_option('paypal_language', CP_CONTACTFORMPP_DEFAULT_PAYPAL_LANGUAGE);
    ?>
" />
<input type="hidden" name="notify_url" value="<?php 
    echo cp_contactformpp_get_FULL_site_url();
    ?>
/?cp_contactformpp_ipncheck=1&itemnumber=<?php 
    echo $item_number;
    ?>
" />
<input type="hidden" name="ipn_test" value="1" />
</form>
<script type="text/javascript">
document.ppform3.submit();
</script>
</body>
</html>
<?php 
    exit;
}
Exemplo n.º 2
0
function cp_contact_form_paypal_check_posted_data()
{
    global $wpdb;
    if (isset($_GET) && array_key_exists('cp_contact_form_paypal_post', $_GET)) {
        if ($_GET["cp_contact_form_paypal_post"] == 'loadcoupons') {
            cp_contactformpp_load_discount_codes();
        }
    }
    if (isset($_GET['cp_contactformpp']) && $_GET['cp_contactformpp'] == 'captcha') {
        @(include_once dirname(__FILE__) . '/captcha/captcha.php');
        exit;
    }
    if ('POST' == $_SERVER['REQUEST_METHOD'] && isset($_POST['cp_contactformpp_post_options']) && is_admin()) {
        cp_contactformpp_save_options();
        return;
    }
    if ('POST' != $_SERVER['REQUEST_METHOD'] || !isset($_POST['cp_contactformpp_pform_process'])) {
        if ('GET' != $_SERVER['REQUEST_METHOD'] || !isset($_GET['hdcaptcha_cp_contact_form_paypal_post'])) {
            return;
        }
    }
    if (isset($_POST["cp_contactformpp_id"])) {
        define("CP_CONTACTFORMPP_ID", $_POST["cp_contactformpp_id"]);
    }
    @session_start();
    if (!isset($_GET['hdcaptcha_cp_contact_form_paypal_post']) || $_GET['hdcaptcha_cp_contact_form_paypal_post'] == '') {
        $_GET['hdcaptcha_cp_contact_form_paypal_post'] = @$_POST['hdcaptcha_cp_contact_form_paypal_post'];
    }
    if (cp_contactformpp_get_option('cv_enable_captcha', CP_CONTACTFORMPP_DEFAULT_cv_enable_captcha) != 'false' && ($_GET['hdcaptcha_cp_contact_form_paypal_post'] != $_SESSION['rand_code'] || $_SESSION['rand_code'] == '')) {
        echo 'captchafailed';
        exit;
    }
    // if this isn't the real post (it was the captcha verification) then echo ok and exit
    if ('POST' != $_SERVER['REQUEST_METHOD'] || !isset($_POST['cp_contactformpp_pform_process'])) {
        echo 'ok';
        exit;
    }
    // get price and discounts
    $price = cp_contactformpp_get_option('request_cost', CP_CONTACTFORMPP_DEFAULT_COST);
    $discount_note = "";
    $coupon = false;
    // get form info
    //---------------------------
    $form_data = json_decode(cp_contactformpp_cleanJSON(cp_contactformpp_get_option('form_structure', CP_CONTACTFORMPP_DEFAULT_form_structure)));
    $fields = array();
    foreach ($form_data[0] as $item) {
        $fields[$item->name] = $item->title;
    }
    // grab posted data
    //---------------------------
    $buffer = "";
    foreach ($_POST as $item => $value) {
        if (isset($fields[$item])) {
            $buffer .= $fields[$item] . ": " . (is_array($value) ? implode(", ", $value) : $value) . "\n\n";
            $params[$item] = $value;
        }
    }
    $buffer_A = $buffer;
    cp_contactformpp_add_field_verify(CP_CONTACTFORMPP_POSTS_TABLE_NAME, 'posted_data');
    // insert into database
    //---------------------------
    $to = cp_contactformpp_get_option('cu_user_email_field', CP_CONTACTFORMPP_DEFAULT_cu_user_email_field);
    $rows_affected = $wpdb->insert(CP_CONTACTFORMPP_POSTS_TABLE_NAME, array('formid' => CP_CONTACTFORMPP_ID, 'time' => current_time('mysql'), 'ipaddr' => $_SERVER['REMOTE_ADDR'], 'notifyto' => $_POST[$to], 'paypal_post' => serialize($params), 'posted_data' => serialize($params), 'data' => $buffer_A . ($coupon ? "\n\nCoupon code:" . $coupon->code . $discount_note : "")));
    if (!$rows_affected) {
        echo 'Error saving data! Please try again.';
        echo '<br /><br />Error debug information: ' . mysql_error();
        exit;
    }
    $myrows = $wpdb->get_results("SELECT MAX(id) as max_id FROM " . CP_CONTACTFORMPP_POSTS_TABLE_NAME);
    // save data here
    $item_number = $myrows[0]->max_id;
    ?>
<html>
<head><title>Redirecting to Paypal...</title></head>
<body>
<form action="https://www.paypal.com/cgi-bin/webscr" name="ppform3" method="post">
<input type="hidden" name="cmd" value="_xclick" />
<input type="hidden" name="business" value="<?php 
    echo cp_contactformpp_get_option('paypal_email', CP_CONTACTFORMPP_DEFAULT_PAYPAL_EMAIL);
    ?>
" />
<input type="hidden" name="item_name" value="<?php 
    echo cp_contactformpp_get_option('paypal_product_name', CP_CONTACTFORMPP_DEFAULT_PRODUCT_NAME) . $discount_note;
    ?>
" />
<input type="hidden" name="item_number" value="<?php 
    echo $item_number;
    ?>
" />
<input type="hidden" name="amount" value="<?php 
    echo $price;
    ?>
" />
<input type="hidden" name="page_style" value="Primary" />
<input type="hidden" name="no_shipping" value="1" />
<input type="hidden" name="return" value="<?php 
    echo cp_contactformpp_get_option('fp_return_page', CP_CONTACTFORMPP_DEFAULT_fp_return_page);
    ?>
">
<input type="hidden" name="cancel_return" value="<?php 
    echo $_POST["cp_ref_page"];
    ?>
" />
<input type="hidden" name="no_note" value="1" />
<input type="hidden" name="currency_code" value="<?php 
    echo strtoupper(cp_contactformpp_get_option('currency', CP_CONTACTFORMPP_DEFAULT_CURRENCY));
    ?>
" />
<input type="hidden" name="lc" value="<?php 
    echo cp_contactformpp_get_option('paypal_language', CP_CONTACTFORMPP_DEFAULT_PAYPAL_LANGUAGE);
    ?>
" />
<input type="hidden" name="bn" value="PP-BuyNowBF" />
<input type="hidden" name="notify_url" value="<?php 
    echo cp_contactformpp_get_FULL_site_url();
    ?>
/?cp_contactformpp_ipncheck=1&itemnumber=<?php 
    echo $item_number;
    ?>
" />
<input type="hidden" name="ipn_test" value="1" />
<input class="pbutton" type="hidden" value="Buy Now" /></div>
</form>
<script type="text/javascript">
document.ppform3.submit();
</script>
</body>
</html>
<?php 
    exit;
}