<?php

/**
 * Form posting handler
 */
require_once '../../../wp-load.php';
require_once TMM_PAYPAL_PLUGIN_PATH . '/classes/paypalConfig.php';
require_once TMM_PAYPAL_PLUGIN_PATH . '/classes/paypalApi.php';
if (isset($_POST['func']) && $_POST['func'] === 'start') {
    paypalApi::startExpressCheckout();
} else {
    if (isset($_GET['func']) && $_GET['func'] == 'confirm' && isset($_GET['token']) && isset($_GET['PayerID'])) {
        $message_num = 0;
        $paypal_data = paypalApi::confirmExpressCheckout();
        $config = paypalConfig::getInstance();
        if (isset($paypal_data['ACK']) && ($paypal_data['ACK'] == 'Success' || $paypal_data['ACK'] == 'SuccessWithWarning')) {
            $message_num = TMM_Cardealer_User::user_paid_money($paypal_data);
            header('Location: ' . $config->getItem('success_page'));
        } else {
            $message_num = $paypal_data['L_ERRORCODE0'];
            header('Location: ' . $config->getItem('cancel_page') . '?errorcode=' . $message_num);
        }
    } else {
        header('Location: ' . $config->getItem('cancel_page'));
    }
}
Exemplo n.º 2
0
function PageMain()
{
    global $TMPL, $LNG, $CONF, $db, $loggedIn, $settings;
    if (!$settings['paypalapp']) {
        header("Location: " . $CONF['url'] . "/index.php?a=welcome");
    }
    if (isset($_SESSION['username']) && isset($_SESSION['password']) || isset($_COOKIE['username']) && isset($_COOKIE['password'])) {
        $verify = $loggedIn->verify();
        if (empty($verify['username'])) {
            // If fake cookies are set, or they are set wrong, delete everything and redirect to home-page
            $loggedIn->logOut();
            header("Location: " . $CONF['url'] . "/index.php?a=welcome");
        }
    }
    // Start the music feed
    $feed = new feed();
    $feed->db = $db;
    $feed->url = $CONF['url'];
    $feed->user = $verify;
    $feed->id = $verify['idu'];
    $feed->username = $verify['username'];
    $proAccount = $feed->getProStatus($feed->id, 0);
    $TMPL_old = $TMPL;
    $TMPL = array();
    // Get the PayPal settings
    $PayPalMode = $settings['paypalsand'] ? '.sandbox' : '';
    // Decide whether whether the request is for sandbox or live
    $PayPalCurrencyCode = $settings['currency'];
    // Paypal Currency Code
    $PayPalReturnURL = $CONF['url'] . '/index.php?a=pro&type=successful';
    //Point to process.php page
    $PayPalCancelURL = $CONF['url'] . '/index.php?a=pro&type=canceled';
    // Canceling URL if user clicks cancel
    $paypal = new paypalApi();
    $paypal->username = $settings['paypaluser'];
    // PayPal API Username
    $paypal->password = $settings['paypalpass'];
    // Paypal API password
    $paypal->signature = $settings['paypalsign'];
    // Paypal API Signature
    $skin = new skin('pro/gopro');
    $rows = '';
    // If the user is logged-in
    if ($feed->id) {
        if (isset($_POST['plan']) && !$proAccount) {
            $ItemName = $_POST["plan"] == 1 ? sprintf($LNG['pro_year'], $settings['title']) : sprintf($LNG['pro_month'], $settings['title']);
            //Item Name
            $ItemPrice = $_POST["plan"] == 1 ? $settings['proyear'] : $settings['promonth'];
            //Item Price
            $ItemNumber = $_POST["plan"] == 1 ? md5(1) : md5(0);
            //Item Number
            $ItemDesc = $_POST["plan"] == 1 ? sprintf($LNG['pro_year'], $settings['title']) : sprintf($LNG['pro_month'], $settings['title']);
            //Item Number
            $ItemQty = 1;
            // Item Quantity
            $ItemTotalPrice = $ItemPrice * $ItemQty;
            //(Item Price x Quantity = Total) Get total amount of product;
            // Parameters for SetExpressCheckout, which will be sent to PayPal
            $params = array('METHOD' => 'SetExpressCheckout', 'RETURNURL' => $PayPalReturnURL, 'CANCELURL' => $PayPalCancelURL, 'PAYMENTREQUEST_0_PAYMENTACTION' => 'SALE', 'L_PAYMENTREQUEST_0_NAME0' => $ItemName, 'L_PAYMENTREQUEST_0_NUMBER0' => $ItemNumber, 'L_PAYMENTREQUEST_0_DESC0' => $ItemDesc, 'L_PAYMENTREQUEST_0_AMT0' => $ItemPrice, 'L_PAYMENTREQUEST_0_QTY0' => $ItemQty, 'NOSHIPPING' => 0, 'PAYMENTREQUEST_0_ITEMAMT' => $ItemTotalPrice, 'PAYMENTREQUEST_0_AMT' => $ItemPrice, 'PAYMENTREQUEST_0_CURRENCYCODE' => $PayPalCurrencyCode, 'PAYMENTREQUEST_0_ALLOWEDPAYMENTMETHOD' => 'InstantPaymentOnly', 'LOCALECODE' => 'US', 'LOGOIMG' => $CONF['url'] . '/' . $CONF['theme_url'] . '/images/logo_black.png', 'CARTBORDERCOLOR' => 'FFFFFF', 'ALLOWNOTE' => 0);
            // Store the selected plan
            $_SESSION['SelectedPlan'] = $_POST['plan'];
            $_SESSION['ItemName'] = $ItemName;
            //Item Name
            $_SESSION['ItemPrice'] = $ItemPrice;
            //Item Price
            $_SESSION['ItemNumber'] = $ItemNumber;
            //Item Number
            $_SESSION['ItemDesc'] = $ItemDesc;
            //Item Number
            $_SESSION['ItemQty'] = $ItemQty;
            // Item Quantity
            $_SESSION['ItemTotalPrice'] = $ItemTotalPrice;
            //(Item Price x Quantity = Total) Get total amount of product;
            // Execute SetExpressCheckOut method to create the payment token and PayerID
            $paypalResponse = $paypal->post('SetExpressCheckout', $params, $PayPalMode);
            //Respond according to message we receive from Paypal
            if (strtoupper($paypalResponse["ACK"]) == "SUCCESS") {
                // Generat the PayPal payment url with the response Token
                $paypalurl = 'https://www' . $PayPalMode . '.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=' . $paypalResponse["TOKEN"] . '';
                // Redirect to PayPal payment page
                header('Location: ' . $paypalurl);
            } else {
                // If the payment is not successful
                $TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0']));
            }
        } elseif ($_GET['type'] == 'canceled' && !$proAccount) {
            // If the payment has been canceled
            $TMPL['error'] = notificationBox('error', $LNG['payment_error_1']);
        } elseif ($_GET['type'] == 'successful' && !$proAccount) {
            $skin = new skin('pro/gopro');
            $rows = '';
            // If the token and PayerID has been returned by the Return URL
            if (isset($_GET["token"]) && isset($_GET["PayerID"])) {
                $token = $_GET["token"];
                $payer_id = $_GET["PayerID"];
                // Get the selected plan
                $ItemName = $_SESSION['ItemName'];
                //Item Name
                $ItemPrice = $_SESSION['ItemPrice'];
                //Item Price
                $ItemNumber = $_SESSION['ItemNumber'];
                //Item Number
                $ItemDesc = $_SESSION['ItemDesc'];
                //Item Number
                $ItemQty = $_SESSION['ItemQty'];
                // Item Quantity
                $ItemTotalPrice = $_SESSION['ItemTotalPrice'];
                $params = array('TOKEN' => $token, 'PAYERID' => $payer_id, 'PAYMENTREQUEST_0_PAYMENTACTION' => 'Sale', 'L_PAYMENTREQUEST_0_NAME0' => $ItemName, 'L_PAYMENTREQUEST_0_NUMBER0' => $ItemNumber, 'L_PAYMENTREQUEST_0_DESC0' => $ItemDesc, 'L_PAYMENTREQUEST_0_AMT0' => $ItemPrice, 'L_PAYMENTREQUEST_0_QTY0' => $ItemQty, 'PAYMENTREQUEST_0_ITEMAMT' => $ItemTotalPrice, 'PAYMENTREQUEST_0_AMT' => $ItemPrice, 'PAYMENTREQUEST_0_CURRENCYCODE' => $PayPalCurrencyCode, 'PAYMENTREQUEST_0_ALLOWEDPAYMENTMETHOD' => 'InstantPaymentOnly');
                // Execute DoExpressCheckoutPayment to receive the payment from the user
                $paypalResponse = $paypal->post('DoExpressCheckoutPayment', $params, $PayPalMode);
                // Check if the payment was successful
                if (strtoupper($paypalResponse["ACK"]) == "SUCCESS") {
                    // Verify if the payment is Completed
                    if ($paypalResponse["PAYMENTINFO_0_PAYMENTSTATUS"] == 'Completed') {
                        // Execute GetExpressCheckoutDetails to retrieve the transaction details
                        $params = array('TOKEN' => $token);
                        $paypalResponse = $paypal->post('GetExpressCheckoutDetails', $params, $PayPalMode);
                        // If the GetExpressCheckoutDetails was successful
                        if (strtoupper($paypalResponse["ACK"]) == "SUCCESS") {
                            $date = date("Y-m-d H:m:s", strtotime($_SESSION['SelectedPlan'] == 1 ? "+1 year" : "+1 month"));
                            $stmt = $db->prepare(sprintf("INSERT INTO `payments`\n\t\t\t\t\t\t\t\t(`by`, `payer_id`, `payer_first_name`, `payer_last_name`, `payer_email`, `payer_country`, `txn_id`, `amount`, `currency`, `type`, `status`, `valid`, `time`) VALUES \n\t\t\t\t\t\t\t\t('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s','%s', '%s', '%s', '%s')", $db->real_escape_string($feed->id), $db->real_escape_string($paypalResponse['PAYERID']), $db->real_escape_string($paypalResponse['FIRSTNAME']), $db->real_escape_string($paypalResponse['LASTNAME']), $db->real_escape_string($paypalResponse['EMAIL']), $db->real_escape_string($paypalResponse['SHIPTOCOUNTRYNAME']), $db->real_escape_string($paypalResponse['PAYMENTREQUEST_0_TRANSACTIONID']), $db->real_escape_string($paypalResponse['AMT']), $settings['currency'], $_SESSION['SelectedPlan'], 1, $date, date("Y-m-d H:m:s")));
                            // Execute the statement
                            $stmt->execute();
                            // Check the affected rows
                            $affected = $stmt->affected_rows;
                            // Close the statement
                            $stmt->close();
                            // If the pro status has been added
                            if ($affected) {
                                // Set the pro account to valid
                                $proAccount = 2;
                            }
                        } else {
                            $TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0']));
                        }
                    } else {
                        $TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0']));
                    }
                } else {
                    $TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0']));
                }
            }
        }
        if ($proAccount) {
            $skin = new skin('pro/successful');
            $rows = '';
            $transaction = $feed->getProStatus($feed->id, 2);
            // If the proAccount was just created
            if ($proAccount == 2) {
                $TMPL['pro_title'] = $LNG['congratulations'] . '!';
                $TMPL['pro_title_desc'] = $LNG['go_pro_congrats'];
            } else {
                $TMPL['pro_title'] = $LNG['pro_plan'];
                $TMPL['pro_title_desc'] = $LNG['account_status'];
            }
            // Explode the date to display in a custom format
            $valid = explode('-', $transaction['valid']);
            $TMPL['validuntil'] = $valid[0] . '-' . $valid[1] . '-' . substr($valid[2], 0, 2);
            // Decide the plan type
            $TMPL['plan'] = $transaction['amount'] == $settings['proyear'] ? $LNG['yearly'] : $LNG['monthly'];
            // Days left of pro Plan
            $TMPL['daysleft'] = floor((strtotime($transaction['valid']) - strtotime(date("Y-m-d H:i:s"))) / (60 * 60 * 24)) . ' ' . $LNG['days_left'];
            // The Amount paid for the pro plan
            $TMPL['amount'] = $transaction['amount'] . ' ' . $settings['currency'];
        }
        $TMPL['go_pro_action'] = 'formSubmit(\'gopro-form\')';
    } else {
        $TMPL['go_pro_action'] = 'connect_modal()';
    }
    $TMPL['history'] = $feed->proAccountHistory(null, 1, 1);
    $TMPL['protracksize'] = fsize($settings['protracksize']);
    $TMPL['protracktotal'] = fsize($settings['protracktotal']);
    $TMPL['tracksize'] = fsize($settings['tracksize']);
    $TMPL['tracksizetotal'] = fsize($settings['tracksizetotal']);
    $TMPL['promonth'] = $settings['promonth'];
    $TMPL['proyear'] = $settings['proyear'];
    $TMPL['currency'] = $settings['currency'];
    $rows = $skin->make();
    $TMPL = $TMPL_old;
    unset($TMPL_old);
    $TMPL['rows'] = $rows;
    if (isset($_GET['logout']) == 1) {
        $loggedIn->logOut();
        header("Location: " . $CONF['url'] . "/index.php?a=welcome");
    }
    $TMPL['url'] = $CONF['url'];
    $TMPL['title'] = $LNG['go_pro'] . ' - ' . $settings['title'];
    $TMPL['meta_description'] = $settings['title'] . ' ' . $LNG['go_pro'] . ' - ' . $LNG['go_pro_desc'];
    $skin = new skin('pro/content');
    return $skin->make();
}