(at your option) any later version.
Fossfactory-src is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with Fossfactory-src. If not, see <http://www.gnu.org/licenses/>.
*/
// This script is supposed to be invoked within account.php.
// Make sure it isn't being invoked directly.
if (!function_exists("my_projects")) {
exit;
}
list($rc, $memberinfo) = ff_getmemberinfo($username);
if ($rc) {
exit;
}
list($rc, $currencies) = ff_currencies();
if ($rc) {
exit;
}
$reserve = $memberinfo["reserve"];
?>
<h1>My Reserve</h1>
<?php
if ($_REQUEST["err"] === 'syserr') {
?>
<div class=error>Your withdrawal failed due to a temporary system error.
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
Fossfactory-src is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with Fossfactory-src. If not, see <http://www.gnu.org/licenses/>.
*/
$userid = "{$_REQUEST['u']}";
$password = "******";
$err = '';
// Do some basic validation
list($rc, $memberinfo) = ff_getmemberinfo($userid);
if ($rc) {
print $rc == 2 ? "unauthorized" : "syserr";
exit;
}
list($rc, $err) = ff_checkpassword($memberinfo["encpwd"], $password);
if ($rc) {
print $rc == 5 ? "unauthorized" : "syserr";
exit;
}
// Format the public key properly
$key = ereg_replace("^.*(ssh-dss|ssh-rsa) +([+/a-zA-Z0-9]+=?=?).*\$", "\\1 \\2", $_REQUEST["k"]);
if (!ereg("^ssh-(dss|rsa) [+/a-zA-Z0-9]+=?=?\$", $key)) {
print "invalidkey";
exit;
}
// Make sure the developer received his payment
list($rc, $dev_info) = ff_getmemberinfo($developer);
checkerr($rc, $dev_info);
if (get_FFC($dev_info["reserve"]) !== 48849) {
checkerr(1, "Developer's reserve: {$dev_info['reserve']}");
}
// Make sure the charity received the proper donation
list($rc, $charities) = ff_getcharities();
checkerr($rc, $charities);
$difference = get_FFC($charities[$prefcharity]["current"]) - get_FFC($olddonation);
if ($difference != 2147) {
checkerr(1, "Donation difference: {$difference}");
}
list($rc, $lead_info) = ff_getmemberinfo($projectlead);
checkerr($rc, $lead_info);
list($rc, $sponsor_info) = ff_getmemberinfo($sponsor);
checkerr($rc, $sponsor_info);
// Our total commission should be $26.84
$commission = 2684;
// Now make sure all the money adds up
$total = get_FFC($dev_info["reserve"]) + $difference + $commission + get_FFC($sponsor_info["reserve"]) + get_FFC($lead_info["reserve"]) + get_FFC($A_info["bounty"]);
if ($total != 100000) {
checkerr(1, "Some money got lost. {$total}");
}
if (get_FFC($sponsor_info["reserve"]) != 13000) {
checkerr(1, "Incorrect reserve: {$sponsor_info['reserve']}");
}
// We need 10 sponsors for this test
list($rc, $sponsor1) = ff_createmember('', $secret, "Sponsor 1 {$now}", "sponsor1-{$now}@gignac.org");
checkerr($rc, $sponsor1);
list($rc, $sponsor2) = ff_createmember('', $secret, "Sponsor 2 {$now}", "sponsor2-{$now}@gignac.org");
function paypal_handle_info($info)
{
list($rc, $currencies) = ff_currencies();
if ($rc) {
return array(1, $currencies);
}
// Make sure the currency is supported.
if (!isset($currencies[$info["mc_currency"]])) {
return array(4, "Unsupported currency: {$info['mc_currency']}");
}
$currency = $currencies[$info["mc_currency"]];
$custom = explode("/", $info["custom"]);
$username = scrub("{$custom['0']}");
$subscr_distribution = "{$custom['3']}";
if ($username !== '') {
list($rc, $memberinfo) = ff_getmemberinfo($username);
if ($rc) {
return array($rc, $memberinfo);
}
}
if ($info["txn_type"] === 'subscr_payment' || $info["txn_type"] === 'subscr_signup' || $info["txn_type"] === 'subscr_modify') {
// The person is setting up a subscription.
// Make sure that everything is as we expect.
if ($info["txn_type"] !== 'subscr_payment' && ($info["recurring"] !== '1' || $info["period3"] !== '1 M' || $info["period1"] || $info["period2"])) {
return array(4, "Invalid subscription settings.");
}
$gross = $info["txn_type"] === 'subscr_payment' ? $info["mc_gross"] : $info["mc_amount3"];
$amount = round($gross * $currency["multiplier"]) . $currency["code"];
if ($amount !== $memberinfo["subscription_fee"]) {
// This is the first we've heard of this.
// Note that we might get two messages at the same time. So
// we have to be careful to make sure that nothing bad happens
// in that case.
// It's very important that we only do this part on the
// *very first* time that this payment amount arrives.
// Otherwise, if the user ever rearranges his sponsorships,
// the values will be overridden the next time a payment arrives.
$sponsorships = false;
if ($subscr_distribution !== '') {
$subscr_distribution = explode("&", $subscr_distribution);
$sponsorships = array();
foreach ($subscr_distribution as $key_value) {
if (!ereg("^([^=]*)=([^=]*)\$", $key_value, $parts)) {
continue;
}
$key = $parts[1];
if ($key === '') {
// Some other process took care of it for us.
$sponsorships = false;
break;
}
$sponsorships[$key] = $parts[2] . $currency["code"];
}
}
$rc = ff_setsubscription($username, $amount, "monthly", $sponsorships);
if ($rc[0]) {
return $rc;
}
}
if ($info["txn_type"] !== 'subscr_payment') {
return array(0, "Success");
}
}
if ($info["txn_type"] === 'subscr_cancel') {
if ($memberinfo["subscription_amount"]) {
return ff_cancelsubscription($username);
}
return array(0, "Subscription already cancelled.");
}
if ($info["txn_type"] === 'subscr_failed' || $info["txn_type"] === 'subscr_eot') {
// Ignore IPNs we don't know what to do with.
return array(0, "Huh?");
}
// We must reject pending payments because they don't necessarily
// include the transaction fee.
if ($info["payment_status"] === 'Pending') {
return array(4, "Payment not complete");
}
// The message is a verified transfer of funds. Now let's make sure
// it's a valid sponsorship.
// Make sure the payment is directed to us
if ($info["receiver_email"] !== conf("paypal_business")) {
return array(4, "Wrong recipient: {$info['receiver_email']}");
}
// Make sure it's not old. This is because old sponsorship records may be
// moved out of the database and archived, so they can't be compared
// against to see if the current transaction is a repeat.
if (strtotime($info["payment_date"]) < time() - 3 * 3600 * 24 * 7) {
return array(7, "IPN too old, probably a repeat: {$info['payment_date']}");
}
$multiplier = intval("1" . str_repeat("0", $currency["decimal_places"]));
$amount = intval(round(floatval($info["mc_gross"]) * $multiplier));
if ($amount >= 2000000000) {
return array(4, "Amount too large to handle: {$info['mc_gross']}");
}
$fee = intval(round(floatval($info["mc_fee"]) * $multiplier));
if ($fee >= $amount) {
return array(4, "Fee too big: {$info['mc_fee']} >= {$info['mc_gross']}");
}
if ($amount < 0 || $fee < 0) {
return array(4, "Negative money: {$info['mc_fee']} {$info['mc_gross']}");
}
// Compute the net amount after deducting the transaction fee.
$netamount = $amount - $fee;
$projectid = "{$custom['1']}";
if ($username !== '') {
list($rc, $err) = ff_receivefunds($username, "{$netamount}{$currency['code']}", "paypal-{$info['txn_id']}", "{$fee}{$currency['code']}", $info["txn_type"] === 'subscr_payment', "{$info['first_name']} {$info['last_name']}", $info["payer_email"], $info["residence_country"], $info["address_zip"]);
if ($rc == 7) {
return array(0, "Repeated transaction");
}
if ($rc) {
return array(1, $err);
}
}
$retval = "Success";
if ($projectid !== '') {
if (ereg("[1-9]", "{$netamount}")) {
// Direct the sponsorship to the specified project.
list($rc, $err) = ff_setsponsorship($projectid, $username, "{$netamount}{$currency['code']}", true);
if ($rc) {
return array(8, $err);
}
}
}
return array(0, $retval);
}
delmember_header();
?>
<p>
Member <?php
echo htmlentities($_REQUEST["deluser"]);
?>
was deleted.
</p>
<?php
}
} else {
if (isset($_REQUEST["notsure"])) {
header("Location: admin.php");
exit;
} else {
list($rc, $memberinfo) = ff_getmemberinfo($_REQUEST["deluser"]);
if ($rc) {
delmember_header();
?>
<p>
Error: <?php
echo $rc;
?>
<?php
echo htmlentities($memberinfo);
?>
</p>
<?php
} else {
delmember_header();
?>
