<?php
/**
* Form posting handler
*/
require_once '../../../wp-load.php';
require_once TMM_PAYPAL_PLUGIN_PATH . '/classes/paypalConfig.php';
require_once TMM_PAYPAL_PLUGIN_PATH . '/classes/paypalApi.php';
if (isset($_POST['func']) && $_POST['func'] === 'start') {
paypalApi::startExpressCheckout();
} else {
if (isset($_GET['func']) && $_GET['func'] == 'confirm' && isset($_GET['token']) && isset($_GET['PayerID'])) {
$message_num = 0;
$paypal_data = paypalApi::confirmExpressCheckout();
$config = paypalConfig::getInstance();
if (isset($paypal_data['ACK']) && ($paypal_data['ACK'] == 'Success' || $paypal_data['ACK'] == 'SuccessWithWarning')) {
$message_num = TMM_Cardealer_User::user_paid_money($paypal_data);
header('Location: ' . $config->getItem('success_page'));
} else {
$message_num = $paypal_data['L_ERRORCODE0'];
header('Location: ' . $config->getItem('cancel_page') . '?errorcode=' . $message_num);
}
} else {
header('Location: ' . $config->getItem('cancel_page'));
}
}
function PageMain()
{
global $TMPL, $LNG, $CONF, $db, $loggedIn, $settings;
if (!$settings['paypalapp']) {
header("Location: " . $CONF['url'] . "/index.php?a=welcome");
}
if (isset($_SESSION['username']) && isset($_SESSION['password']) || isset($_COOKIE['username']) && isset($_COOKIE['password'])) {
$verify = $loggedIn->verify();
if (empty($verify['username'])) {
// If fake cookies are set, or they are set wrong, delete everything and redirect to home-page
$loggedIn->logOut();
header("Location: " . $CONF['url'] . "/index.php?a=welcome");
}
}
// Start the music feed
$feed = new feed();
$feed->db = $db;
$feed->url = $CONF['url'];
$feed->user = $verify;
$feed->id = $verify['idu'];
$feed->username = $verify['username'];
$proAccount = $feed->getProStatus($feed->id, 0);
$TMPL_old = $TMPL;
$TMPL = array();
// Get the PayPal settings
$PayPalMode = $settings['paypalsand'] ? '.sandbox' : '';
// Decide whether whether the request is for sandbox or live
$PayPalCurrencyCode = $settings['currency'];
// Paypal Currency Code
$PayPalReturnURL = $CONF['url'] . '/index.php?a=pro&type=successful';
//Point to process.php page
$PayPalCancelURL = $CONF['url'] . '/index.php?a=pro&type=canceled';
// Canceling URL if user clicks cancel
$paypal = new paypalApi();
$paypal->username = $settings['paypaluser'];
// PayPal API Username
$paypal->password = $settings['paypalpass'];
// Paypal API password
$paypal->signature = $settings['paypalsign'];
// Paypal API Signature
$skin = new skin('pro/gopro');
$rows = '';
// If the user is logged-in
if ($feed->id) {
if (isset($_POST['plan']) && !$proAccount) {
$ItemName = $_POST["plan"] == 1 ? sprintf($LNG['pro_year'], $settings['title']) : sprintf($LNG['pro_month'], $settings['title']);
//Item Name
$ItemPrice = $_POST["plan"] == 1 ? $settings['proyear'] : $settings['promonth'];
//Item Price
$ItemNumber = $_POST["plan"] == 1 ? md5(1) : md5(0);
//Item Number
$ItemDesc = $_POST["plan"] == 1 ? sprintf($LNG['pro_year'], $settings['title']) : sprintf($LNG['pro_month'], $settings['title']);
//Item Number
$ItemQty = 1;
// Item Quantity
$ItemTotalPrice = $ItemPrice * $ItemQty;
//(Item Price x Quantity = Total) Get total amount of product;
// Parameters for SetExpressCheckout, which will be sent to PayPal
$params = array('METHOD' => 'SetExpressCheckout', 'RETURNURL' => $PayPalReturnURL, 'CANCELURL' => $PayPalCancelURL, 'PAYMENTREQUEST_0_PAYMENTACTION' => 'SALE', 'L_PAYMENTREQUEST_0_NAME0' => $ItemName, 'L_PAYMENTREQUEST_0_NUMBER0' => $ItemNumber, 'L_PAYMENTREQUEST_0_DESC0' => $ItemDesc, 'L_PAYMENTREQUEST_0_AMT0' => $ItemPrice, 'L_PAYMENTREQUEST_0_QTY0' => $ItemQty, 'NOSHIPPING' => 0, 'PAYMENTREQUEST_0_ITEMAMT' => $ItemTotalPrice, 'PAYMENTREQUEST_0_AMT' => $ItemPrice, 'PAYMENTREQUEST_0_CURRENCYCODE' => $PayPalCurrencyCode, 'PAYMENTREQUEST_0_ALLOWEDPAYMENTMETHOD' => 'InstantPaymentOnly', 'LOCALECODE' => 'US', 'LOGOIMG' => $CONF['url'] . '/' . $CONF['theme_url'] . '/images/logo_black.png', 'CARTBORDERCOLOR' => 'FFFFFF', 'ALLOWNOTE' => 0);
// Store the selected plan
$_SESSION['SelectedPlan'] = $_POST['plan'];
$_SESSION['ItemName'] = $ItemName;
//Item Name
$_SESSION['ItemPrice'] = $ItemPrice;
//Item Price
$_SESSION['ItemNumber'] = $ItemNumber;
//Item Number
$_SESSION['ItemDesc'] = $ItemDesc;
//Item Number
$_SESSION['ItemQty'] = $ItemQty;
// Item Quantity
$_SESSION['ItemTotalPrice'] = $ItemTotalPrice;
//(Item Price x Quantity = Total) Get total amount of product;
// Execute SetExpressCheckOut method to create the payment token and PayerID
$paypalResponse = $paypal->post('SetExpressCheckout', $params, $PayPalMode);
//Respond according to message we receive from Paypal
if (strtoupper($paypalResponse["ACK"]) == "SUCCESS") {
// Generat the PayPal payment url with the response Token
$paypalurl = 'https://www' . $PayPalMode . '.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=' . $paypalResponse["TOKEN"] . '';
// Redirect to PayPal payment page
header('Location: ' . $paypalurl);
} else {
// If the payment is not successful
$TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0']));
}
} elseif ($_GET['type'] == 'canceled' && !$proAccount) {
// If the payment has been canceled
$TMPL['error'] = notificationBox('error', $LNG['payment_error_1']);
} elseif ($_GET['type'] == 'successful' && !$proAccount) {
$skin = new skin('pro/gopro');
$rows = '';
// If the token and PayerID has been returned by the Return URL
if (isset($_GET["token"]) && isset($_GET["PayerID"])) {
$token = $_GET["token"];
$payer_id = $_GET["PayerID"];
// Get the selected plan
$ItemName = $_SESSION['ItemName'];
//Item Name
$ItemPrice = $_SESSION['ItemPrice'];
//Item Price
$ItemNumber = $_SESSION['ItemNumber'];
//Item Number
$ItemDesc = $_SESSION['ItemDesc'];
//Item Number
$ItemQty = $_SESSION['ItemQty'];
// Item Quantity
$ItemTotalPrice = $_SESSION['ItemTotalPrice'];
$params = array('TOKEN' => $token, 'PAYERID' => $payer_id, 'PAYMENTREQUEST_0_PAYMENTACTION' => 'Sale', 'L_PAYMENTREQUEST_0_NAME0' => $ItemName, 'L_PAYMENTREQUEST_0_NUMBER0' => $ItemNumber, 'L_PAYMENTREQUEST_0_DESC0' => $ItemDesc, 'L_PAYMENTREQUEST_0_AMT0' => $ItemPrice, 'L_PAYMENTREQUEST_0_QTY0' => $ItemQty, 'PAYMENTREQUEST_0_ITEMAMT' => $ItemTotalPrice, 'PAYMENTREQUEST_0_AMT' => $ItemPrice, 'PAYMENTREQUEST_0_CURRENCYCODE' => $PayPalCurrencyCode, 'PAYMENTREQUEST_0_ALLOWEDPAYMENTMETHOD' => 'InstantPaymentOnly');
// Execute DoExpressCheckoutPayment to receive the payment from the user
$paypalResponse = $paypal->post('DoExpressCheckoutPayment', $params, $PayPalMode);
// Check if the payment was successful
if (strtoupper($paypalResponse["ACK"]) == "SUCCESS") {
// Verify if the payment is Completed
if ($paypalResponse["PAYMENTINFO_0_PAYMENTSTATUS"] == 'Completed') {
// Execute GetExpressCheckoutDetails to retrieve the transaction details
$params = array('TOKEN' => $token);
$paypalResponse = $paypal->post('GetExpressCheckoutDetails', $params, $PayPalMode);
// If the GetExpressCheckoutDetails was successful
if (strtoupper($paypalResponse["ACK"]) == "SUCCESS") {
$date = date("Y-m-d H:m:s", strtotime($_SESSION['SelectedPlan'] == 1 ? "+1 year" : "+1 month"));
$stmt = $db->prepare(sprintf("INSERT INTO `payments`\n\t\t\t\t\t\t\t\t(`by`, `payer_id`, `payer_first_name`, `payer_last_name`, `payer_email`, `payer_country`, `txn_id`, `amount`, `currency`, `type`, `status`, `valid`, `time`) VALUES \n\t\t\t\t\t\t\t\t('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s','%s', '%s', '%s', '%s')", $db->real_escape_string($feed->id), $db->real_escape_string($paypalResponse['PAYERID']), $db->real_escape_string($paypalResponse['FIRSTNAME']), $db->real_escape_string($paypalResponse['LASTNAME']), $db->real_escape_string($paypalResponse['EMAIL']), $db->real_escape_string($paypalResponse['SHIPTOCOUNTRYNAME']), $db->real_escape_string($paypalResponse['PAYMENTREQUEST_0_TRANSACTIONID']), $db->real_escape_string($paypalResponse['AMT']), $settings['currency'], $_SESSION['SelectedPlan'], 1, $date, date("Y-m-d H:m:s")));
// Execute the statement
$stmt->execute();
// Check the affected rows
$affected = $stmt->affected_rows;
// Close the statement
$stmt->close();
// If the pro status has been added
if ($affected) {
// Set the pro account to valid
$proAccount = 2;
}
} else {
$TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0']));
}
} else {
$TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0']));
}
} else {
$TMPL['error'] = notificationBox('error', '<strong>' . urldecode($paypalResponse['L_SHORTMESSAGE0'] . '</strong>: ' . $paypalResponse['L_LONGMESSAGE0']));
}
}
}
if ($proAccount) {
$skin = new skin('pro/successful');
$rows = '';
$transaction = $feed->getProStatus($feed->id, 2);
// If the proAccount was just created
if ($proAccount == 2) {
$TMPL['pro_title'] = $LNG['congratulations'] . '!';
$TMPL['pro_title_desc'] = $LNG['go_pro_congrats'];
} else {
$TMPL['pro_title'] = $LNG['pro_plan'];
$TMPL['pro_title_desc'] = $LNG['account_status'];
}
// Explode the date to display in a custom format
$valid = explode('-', $transaction['valid']);
$TMPL['validuntil'] = $valid[0] . '-' . $valid[1] . '-' . substr($valid[2], 0, 2);
// Decide the plan type
$TMPL['plan'] = $transaction['amount'] == $settings['proyear'] ? $LNG['yearly'] : $LNG['monthly'];
// Days left of pro Plan
$TMPL['daysleft'] = floor((strtotime($transaction['valid']) - strtotime(date("Y-m-d H:i:s"))) / (60 * 60 * 24)) . ' ' . $LNG['days_left'];
// The Amount paid for the pro plan
$TMPL['amount'] = $transaction['amount'] . ' ' . $settings['currency'];
}
$TMPL['go_pro_action'] = 'formSubmit(\'gopro-form\')';
} else {
$TMPL['go_pro_action'] = 'connect_modal()';
}
$TMPL['history'] = $feed->proAccountHistory(null, 1, 1);
$TMPL['protracksize'] = fsize($settings['protracksize']);
$TMPL['protracktotal'] = fsize($settings['protracktotal']);
$TMPL['tracksize'] = fsize($settings['tracksize']);
$TMPL['tracksizetotal'] = fsize($settings['tracksizetotal']);
$TMPL['promonth'] = $settings['promonth'];
$TMPL['proyear'] = $settings['proyear'];
$TMPL['currency'] = $settings['currency'];
$rows = $skin->make();
$TMPL = $TMPL_old;
unset($TMPL_old);
$TMPL['rows'] = $rows;
if (isset($_GET['logout']) == 1) {
$loggedIn->logOut();
header("Location: " . $CONF['url'] . "/index.php?a=welcome");
}
$TMPL['url'] = $CONF['url'];
$TMPL['title'] = $LNG['go_pro'] . ' - ' . $settings['title'];
$TMPL['meta_description'] = $settings['title'] . ' ' . $LNG['go_pro'] . ' - ' . $LNG['go_pro_desc'];
$skin = new skin('pro/content');
return $skin->make();
}