// in case of error fail misserably
}
}
$requested = false;
$userType = getUserType(ParseUser::getCurrentUser());
if ($userType == 'availableBorrower') {
// Procceed normally!
// Check if action was performed.
if (isset($_POST['action']) && $_POST['action']) {
$action = $_POST['action'];
if ($action == 'request') {
$start = $_POST['start'];
$end = $_POST['end'];
$requested = true;
// Send a request for the specified time.
createTransaction($start, $end);
} else {
// DELETE TRANSACTION.
}
}
} else {
if ($userType == 'seekingBorrower') {
// Get start and end.
$requested = true;
$times = getRegistrationTime();
$start = $times->start;
$end = $times->end;
} else {
if ($userType == 'currentBorrower') {
header('Location: http://' . URL . 'hackbag/timer.php');
} else {
if ($row = mysql_fetch_object($result)) {
$transrand = rand(1000, 1500) * 0.3;
$transdate = strtotime("now");
$transactid = $transrand . $transdate . $userid;
mysql_query("INSERT INTO transactions (date,userid,points,cash,transacid,vip) VALUES (now(),{$userid},{$pnts},{$cash},'{$transactid}',1)");
return $transactid;
} else {
return 0;
}
}
if (isset($_GET['id'])) {
$id = $_GET['id'];
if ($packs = mysql_query("SELECT * FROM p_pack WHERE id={$id}")) {
if ($pack = mysql_fetch_object($packs)) {
$name = $pack->name;
$transactid = createTransaction($data->id, $pack->coins, $pack->price);
echo $transactid;
echo '<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="*****@*****.**">
<input type="hidden" name="lc" value="RO">
<input type="hidden" name="item_name" value="' . $name . ' to ' . $data->login . '">
<input type="hidden" name="item_number" value="' . $pack->name . '">
<input type="hidden" name="custom" value="' . $data->id . '">
<input type="hidden" name="amount" value="' . $pack->price . '">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="button_subtype" value="services">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="no_shipping" value="2">
<input type="hidden" name="rm" value="1">
<input type="hidden" name="return" value="http://www.likesplanet.com/thankyou2.php?uid=' . $data->id . '&pnt=' . $pack->coins . '">
require_once "../app/transaction.php";
startSession(true);
//CSRF
if (!isset($_POST['submit']) && !isset($_POST['upload'])) {
clearCSRFToken();
createCSRFToken('newtransaction');
}
// process form
if (isset($_POST['submit']) && isset($_SESSION['newtransactiontoken']) && $_POST['newtransactiontoken'] == $_SESSION['newtransactiontoken']) {
$recipient = $_POST['recipient'];
$amount = $_POST['amount'];
$description = $_POST['description'];
$tan = $_POST['tan'];
getDBCredentials(getAuthUser()->usertype);
$sender = selectAccountByUserId(getAuthUser()->userid)->ACCOUNT_NUMBER;
$transaction = createTransaction($sender, $recipient, $amount, $description, $tan);
if ($transaction->value) {
unset($_SESSION['newtransactiontoken']);
header("Location: " . "view_transactions.php");
}
if (!empty($transaction->msg)) {
$showMsg = $transaction->msg;
}
}
// process file
if (isset($_POST['upload'])) {
$upload = uploadTransactionFile();
if ($upload->value) {
// execute C program
$program = realpath("../app/file_parser");
$program_directory = substr($program, 0, strrpos($program, "/"));
require_once 'Vindicia/Soap/Vindicia.php';
require_once 'Vindicia/Soap/Const.php';
$merchantAccountId = 'acct66485';
# use a sparse local Account object, only specify an identifier for CashBox
# to locate existing Account:
$account = new Account();
$account->setMerchantAccountId($merchantAccountId);
# This example is assuming we already know it's the default PM:
$response = $account->fetchByMerchantAccountId($merchantAccountId);
$fetch_SoapId = $response['data']->return->soapId;
print "Account.fetchByMerchantAccountId soapId: " . $fetch_SoapId . PHP_EOL;
$customer = $response['data']->account;
$merchantPaymentMethodId = $customer->paymentMethods[0]->merchantPaymentMethodId;
$merchantTransactionId = 'testTrx-' . rand(10000, 99999);
# 1) Line Item Detail (at time of transaction):
createTransaction($account, $merchantPaymentMethodId, $merchantTransactionId);
# 2) Activity Reporting:
activity_record($account, $merchantTransactionId);
function activity_record($account, $trxId = "")
{
#-----------------------------------------------------------------------------------
#
# Report Activity on the Account specified, indicating Usage of the merchant product
# or service by the Cardholder subsequent to the Transaction, to support Chargeback
# defense.
#
# 2) Activity Reporting (after transaction, when product/service used by Cardholder):
#
# This function demonstrates Reporting the following Activity Types:
#
# 1) Usage
function process_post()
{
/* We switch according to the $_POST[action] variable, which is a hidden
* submit formfield in each <form>. see html/add*.txt for more information.
*/
switch ("{$_POST['action']}") {
/*
* Add new user. We wont touch that here. Let auth() handle that.
*/
case "newuser":
addNewUser();
break;
/*
* Update to the about box in profiles.
*/
/*
* Update to the about box in profiles.
*/
case "modprofile":
modProfile();
break;
/*
* Change password. We wont touch that here. Let auth() handle that.
*/
/*
* Change password. We wont touch that here. Let auth() handle that.
*/
case "changepw":
changePassword();
break;
/*
* Change email.
*/
/*
* Change email.
*/
case "changeemail":
changeEmail();
break;
/*
* Change can view preferences.
*/
/*
* Change can view preferences.
*/
case "changecanpage":
changeCanPrefs();
break;
/*
* Update API Key
*/
/*
* Update API Key
*/
case "update_api":
global $MySelf;
$api = new api($MySelf->getID());
if ($_POST[deleteKey]) {
// Delete api Key
$api->deleteApiKey();
makeNotice("Your API key has been delete from the database.", "notice", "API Key wipe success", "index.php?action=preferences");
} else {
// Update api key
$api->setApiKey($_POST[apiID], $_POST[apiKey]);
makeNotice("Your new API key has been stored.", "notice", "API Key update success", "index.php?action=preferences");
}
break;
/*
* Add a Rank
*/
/*
* Add a Rank
*/
case "addnewrank":
addRank();
break;
/*
* Edit the ranks
*/
/*
* Edit the ranks
*/
case "editranks":
editRanks();
break;
/*
* Change opt-in status.
*/
/*
* Change opt-in status.
*/
case "optIn":
toggleOptIn();
break;
/*
* Change See Inoffical Runs Setting (sir)
*/
/*
* Change See Inoffical Runs Setting (sir)
*/
case "sirchange":
sirchange();
break;
/*
* Submiting a template change form
*/
/*
* Submiting a template change form
*/
case "editTemplate":
editTemplate();
break;
/*
* Change ore value.
*/
/*
* Change ore value.
*/
case "changeore":
changeOreValue();
break;
/*
* Change ship value.
*/
/*
* Change ship value.
*/
case "changeship":
changeShipValue();
break;
/*
* Delete pending payout request
*/
/*
* Delete pending payout request
*/
case "deleteRequest":
deletePayoutRequest();
break;
/*
* Modify online time.
*/
/*
* Modify online time.
*/
case "modonlinetime":
modOnlineTime();
break;
/*
* Modify site settings.
*/
/*
* Modify site settings.
*/
case "configuration":
modConfiguration();
break;
/*
* Add an event to the DB
*/
/*
* Add an event to the DB
*/
case "addevent":
addEventToDB();
break;
/*
* Request payout.
*/
/*
* Request payout.
*/
case "requestPayout":
requestPayout();
break;
/*
* Transfer Money
*/
/*
* Transfer Money
*/
case "transferMoney":
transferMoney();
break;
/*
* Do the payouts
*/
/*
* Do the payouts
*/
case "payout":
doPayout();
break;
/*
* Create a new can in the Database.
*/
/*
* Create a new can in the Database.
*/
case "addcan":
addCanToDatabase();
break;
/*
* Admin request to change a user.
*/
/*
* Admin request to change a user.
*/
case "edituser":
editUser();
break;
/*
* AddRun
* This adds a new run to the database.
*/
/*
* AddRun
* This adds a new run to the database.
*/
case "addrun":
addRun();
break;
/*
* Analog to AddRun, just for Hauls.
*/
/*
* Analog to AddRun, just for Hauls.
*/
case "addhaul":
addHaul();
break;
/*
* Create a new transaction.
*/
/*
* Create a new transaction.
*/
case "transaction":
createTransaction();
break;
/*
* Lotto stuff
*/
/*
* Lotto stuff
*/
case "editLottoTickets":
lotto_editCreditsInDB();
break;
case "createDrawing":
lotto_createDrawing();
break;
case "lottoBuyCredits":
lotto_buyTickets();
break;
}
}
<input type="hidden" name="custom" value="' . $data->login . '">
<input type="hidden" name="amount" value="8">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="button_subtype" value="services">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="no_shipping" value="2">
<input type="hidden" name="rm" value="1">
<input type="hidden" name="return" value="http://www.likesplanet.com/thankyou.php?uid=' . $data->id . '&pnt=9000&price=8">
<input type="hidden" name="notify_url" value="http://www.likesplanet.com/process_payment.php?uid=' . $data->id . '&pnt=9000&price=8&transactid=' . $transactid . '">
<input type="hidden" name="cancel_return" value="http://www.likesplanet.com">
<input type="hidden" name="bn" value="PP-BuyNowBF:btn_buynow_LG.gif:NonHosted">
</form>';
} else {
if ($type == 1000) {
$transactid = createTransaction($user_id, 9000, 8);
echo '<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="*****@*****.**">
<input type="hidden" name="lc" value="RO">
<input type="hidden" name="item_name" value="#9,000 Points to ' . $data->login . '">
<input type="hidden" name="item_number" value="1000">
<input type="hidden" name="custom" value="' . $data->login . '">
<input type="hidden" name="amount" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="button_subtype" value="services">
<input type="hidden" name="no_note" value="1">
<input type="hidden" name="no_shipping" value="2">
<input type="hidden" name="rm" value="1">
<input type="hidden" name="return" value="http://www.likesplanet.com/thankyou.php?uid=' . $data->id . '&pnt=1000&price=1">
<input type="hidden" name="notify_url" value="http://www.likesplanet.com/process_payment.php?uid=' . $data->id . '&pnt=1000&price=1&transactid=' . $transactid . '">
