identifies to PayPal your transaction
In this example, when the script sees a token, the script
knows that the buyer has already authorized payment through
paypal. If no token was found, the action is to send the buyer
to PayPal to first authorize payment
*/
//$token = $_REQUEST['token'];
if (!isset($token)) {
//check deal quantity availability
require_once DOCUMENT_ROOT . "/system/includes/transaction.php";
$getvalue = split(",", $_POST['CUSTOM']);
$L_QTY0 = $getvalue[1];
$COUPONID = $getvalue[0];
//check whether deal is expired or closed
is_deal_expired($COUPONID);
check_max_deal_purchase($COUPONID, $_POST["friendname"], $_POST["friendemail"], $L_QTY0, $_SESSION['userid']);
check_deal_quantity($COUPONID, $_POST["friendname"], $_POST["friendemail"], $L_QTY0);
$_SESSION['pay_mod_id'] = $_POST['pay_mod_id'];
if (!isset($_SESSION['pay_mod_id'])) {
if ($_POST["friendname"] != '' && $_POST["friendemail"] != '') {
url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID . "&type=gift");
} else {
url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID);
}
}
/* The servername and serverport tells PayPal where the buyer
should be directed back to after authorizing payment.
In this case, its the local webserver that is running this script
Using the servername and serverport, the return URL is the first
portion of the URL that buyers will return to after authorizing payment
*/
} else {
$_SESSION['deductable_ref_amt'] = 0;
}
// authorize
$qty = $_POST['qty'];
$couponid = $_POST['couponid'];
$sale->cust_id = $_POST['user'];
$amount = $_POST['amount'];
//if payable amount is equal to zero then process the customer directly
if ($_POST['amount'] == 0) {
//check deal quantity availability
require_once DOCUMENT_ROOT . "/system/includes/transaction.php";
$L_QTY0 = $qty;
$COUPONID = $couponid;
$USERID = $_SESSION['userid'];
check_max_deal_purchase($COUPONID, $_POST["friendname"], $_POST["friendemail"], $L_QTY0, $USERID);
check_deal_quantity($COUPONID, $_POST["friendname"], $_POST["friendemail"], $L_QTY0);
$USERID = $_SESSION['userid'];
$_SESSION['pay_mod_id'] = $_POST['pay_mod_id'];
if (!isset($_SESSION['pay_mod_id'])) {
if ($_POST["friendname"] != '' && $_POST["friendemail"] != '') {
url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID . "&type=gift");
} else {
url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID);
}
}
$user = "******";
$userSet = mysql_query($user);
while ($r = mysql_fetch_array($userSet)) {
$FIRSTNAME = html_entity_decode($r['firstname'], ENT_QUOTES);
$LASTNAME = html_entity_decode($r['lastname'], ENT_QUOTES);
displays the errors.
Called by DoDirectPayment.php.
Calls CallerService.php and APIError.php.
***********************************************************/
define("DOCUMENT_ROOT", $_SERVER['DOCUMENT_ROOT']);
require_once 'CallerService.php';
require_once DOCUMENT_ROOT . "/system/includes/docroot.php";
require_once DOCUMENT_ROOT . "/system/includes/dboperations.php";
//check deal quantity availability
require_once DOCUMENT_ROOT . "/system/includes/transaction.php";
//check whether deal is expired or closed
is_deal_expired($_POST['couponid']);
check_max_deal_purchase($_POST['couponid'], $_POST["friendname"], $_POST["friendemail"], $_POST['qty'], $_SESSION['userid']);
check_deal_quantity($_POST['couponid'], $_POST["friendname"], $_POST["friendemail"], $_POST['qty']);
$USERID = $_SESSION['userid'];
$_SESSION["defaultuserid"] = $_SESSION['userid'];
$COUPONID = $_POST['couponid'];
$PAYMENTACTION = $_POST['PAYMENT_ACTION_NAME'];
$_SESSION['pay_mod_id'] = $_POST['pay_mod_id'];
if (!isset($_SESSION['pay_mod_id'])) {
if ($_POST["friendname"] != '' && $_POST["friendemail"] != '') {
url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID . "&type=gift");
} else {
url_redirect(DOCROOT . "purchase.html?cid=" . $COUPONID);
}
}
if ($_POST['ref_amt2'] > 0 && $PAYMENTACTION == 'Creditcardpayment') {
$user = "******";
