function registerTempUser() { // No user name or password? Temp user registration // Let's make a user with a GUID instead of an email address? $guid = generateGUID(); $result = User::getUserInfo($guid); while (!empty($result)) { $guid = generateGUID(); $result = User::getUserInfo($guid); } return $guid; }
function gateway_paypal_payflow($seperator, $sessionid) { global $wpdb, $wpsc_cart; $purchase_log_sql = "SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `sessionid`= " . $sessionid . " LIMIT 1"; $purchase_log = $wpdb->get_results($purchase_log_sql, ARRAY_A); $fraud = 'NO'; $env = get_option('paypal_payflow_test') ? 'Test' : 'Live'; $user = get_option('paypal_payflow_user'); $password = get_option('paypal_payflow_pass'); $partner = get_option('paypal_payflow_partner'); $vendor = get_option('paypal_payflow_vendor'); $currency = get_option('paypal_payflow_curcode'); if ($env == 'Live') { $submiturl = 'https://payflowpro.paypal.com'; $PayPalURL = 'https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token='; } else { $submiturl = 'https://pilot-payflowpro.paypal.com'; $PayPalURL = 'https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token='; } $cart_sql = "SELECT * FROM `" . WPSC_TABLE_CART_CONTENTS . "` WHERE `purchaseid`='" . $purchase_log[0]['id'] . "'"; $cart = $wpdb->get_results($cart_sql, ARRAY_A); $member_subtype = get_product_meta($cart[0]['prodid'], 'is_permenant', true); $member_shiptype = get_product_meta($cart[0]['prodid'], 'membership_length', true); $member_shiptype = $member_shiptype[0]; $status = get_product_meta($cart[0]['prodid'], 'is_membership', true); $is_member = $status; $is_perm = $member_subtype; $length = $member_shiptype['length']; $custom = $purchase_log[0]['id']; if ($_POST['collected_data'][get_option('paypal_form_first_name')] != '') { $data['first_name'] = urlencode($_POST['collected_data'][get_option('paypal_form_first_name')]); } if ($_POST['collected_data'][get_option('paypal_form_last_name')] != '') { $data['last_name'] = urlencode($_POST['collected_data'][get_option('paypal_form_last_name')]); } if ($_POST['collected_data'][get_option('paypal_form_address')] != '') { $address_rows = explode("\n\r", $_POST['collected_data'][get_option('paypal_form_address')]); $data['address1'] = urlencode(str_replace(array("\n", "\r"), '', $address_rows[0])); unset($address_rows[0]); if ($address_rows != null) { $data['address2'] = implode(", ", $address_rows); } else { $data['address2'] = ''; } } if ($_POST['collected_data'][get_option('paypal_form_city')] != '') { $data['city'] = urlencode($_POST['collected_data'][get_option('paypal_form_city')]); } if ($_POST['collected_data'][get_option('paypal_form_state')] != '') { $data['state'] = $wpdb->get_var("SELECT code FROM `" . WPSC_TABLE_REGION_TAX . "` WHERE id='" . wpsc_get_customer_meta('billing_region') . "'"); } $customer_billing_country = wpsc_get_customer_meta('billing_country'); if (preg_match("/^[a-zA-Z]{2}\$/", $customer_billing_country)) { $data['country'] = $customer_billing_country; } if (is_numeric($_POST['collected_data'][get_option('paypal_form_post_code')])) { $data['zip'] = urlencode($_POST['collected_data'][get_option('paypal_form_post_code')]); } $email_data = $wpdb->get_results("SELECT `id`,`type` FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `type` IN ('email') AND `active` = '1'", ARRAY_A); foreach ((array) $email_data as $email) { $data['email'] = $_POST['collected_data'][$email['id']]; } if ($_POST['collected_data'][get_option('email_form_field')] != null && $data['email'] == null) { $data['email'] = $_POST['collected_data'][get_option('email_form_field')]; } $card_num = $_POST['card_number']; $cvv2 = $_POST['card_cvv']; $expiry = $_POST['expiry']['month'] . $_POST['expiry']['year']; $unique_id = generateGUID(); $fname = $data['first_name']; $lname = $data['last_name']; $addr1 = $data['address1'] . $data['address2']; $addr2 = $data['city']; $addr3 = $data['state']; $addr4 = $data['zip']; $country = $data['country']; $email = $data['email']; $amount = wpsc_cart_total(false); $amount = number_format($amount, 2, '.', ''); if ($is_member[0]) { switch ($member_shiptype['unit']) { case 'w': $member_ship_unit = 'WEEK'; break; case 'm': $member_ship_unit = 'MONT'; break; case 'y': $member_ship_unit = 'YEAR'; break; } $paypal_query_array = array('USER' => $user, 'PROFILENAME' => $fname . $lname . $purchase_log[0]['id'], 'VENDOR' => $vendor, 'PARTNER' => $partner, 'PWD' => $password, 'TENDER' => 'C', 'TRXTYPE' => 'R', 'ACTION' => 'A', 'START' => date('m') . (date('d') + 1) . date('Y'), 'ACCT' => $card_num, 'CVV2' => $cvv2, 'EXPDATE' => $expiry, 'ACCTTYPE' => $card, 'AMT' => $amount, 'CURRENCY' => $currency, 'FIRSTNAME' => $fname, 'LASTNAME' => $lname, 'STREET' => $addr1, 'CITY' => $addr2, 'STATE' => $addr3, 'ZIP' => $addr4, 'COUNTRY' => $country, 'EMAIL' => $email, 'OPTIONALTRX' => 'A', 'OPTIONALTRXAMT' => '0.00', 'CLIENTIP' => $cust_ip, 'COMMENT1' => $custom, 'ORDERDESC' => $fname . $lname . $purchase_log[0]['id'], 'PAYPERIOD' => $member_ship_unit); foreach ($paypal_query_array as $key => $value) { if ($key == 'USER') { $paypal_query .= $key . '[' . strlen($value) . ']=' . $value; } else { $paypal_query .= '&' . $key . '[' . strlen($value) . ']=' . $value; } } $response = fetch_data($unique_id, $submiturl, $paypal_query); response_handler($response, 'NO', $sessionid, $colected_data, 1); } if (get_option('paypal_payflow_method') == '0') { $tender = 'P'; } else { $tender = 'C'; } $fname = $data['first_name']; $lname = $data['last_name']; $addr1 = $data['address1'] . $data['address2']; $addr2 = $data['city']; $addr3 = $data['state']; $addr4 = $data['zip']; $country = $data['country']; $email = $data['email']; $paypal_query_array = array('USER' => $user, 'VENDOR' => $vendor, 'PARTNER' => $partner, 'PWD' => $password, 'TENDER' => $tender, 'TRXTYPE' => 'S', 'ACCT' => $card_num, 'CVV2' => $cvv2, 'EXPDATE' => $expiry, 'ACCTTYPE' => $card, 'AMT' => $amount, 'CURRENCY' => $currency, 'FIRSTNAME' => $fname, 'LASTNAME' => $lname, 'STREET' => $addr1, 'CITY' => $addr2, 'STATE' => $addr3, 'ZIP' => $addr4, 'COUNTRY' => $country, 'EMAIL' => $email, 'CLIENTIP' => $cust_ip, 'COMMENT1' => $custom, 'COMMENT2' => '', 'INVNUM' => $order_num, 'ORDERDESC' => $desc, 'VERBOSITY' => 'MEDIUM', 'CARDSTART' => $card_start, 'CARDISSUE' => $card_issue); foreach ($paypal_query_array as $key => $value) { if ($key == 'USER') { $paypal_query .= $key . '[' . strlen($value) . ']=' . $value; } else { $paypal_query .= '&' . $key . '[' . strlen($value) . ']=' . $value; } } //exit("<pre>".print_r($paypal_query_array,true)."</pre>"); $response = fetch_data($unique_id, $submiturl, $paypal_query); response_handler($response, 'NO', $sessionid, $colected_data); exit; }
function ConfirmPayment($FinalPaymentAmt) { /* Gather the information to make the final call to finalize the PayPal payment. The variable nvpstr holds the name value pairs */ //Format the other parameters that were stored in the session from the previous calls $token = $_SESSION['token']; $paymentType = $_SESSION['paymentType']; $currencyCodeType = $_SESSION['currencyCodeType']; $payerID = $_SESSION['payer_id']; $serverName = $_SERVER['SERVER_NAME']; $nvpstr = "&TENDER=P&ACTION=D"; if ("Sale" == $paymentType) { $nvpstr .= "&TRXTYPE=S"; } elseif ("Authorization" == $paymentType) { $nvpstr .= "&TRXTYPE=A"; } else { $nvpstr .= "&TRXTYPE=S"; } $nvpstr .= "&TOKEN=" . $token . "&PAYERID=" . $payerID . "&AMT=" . $FinalPaymentAmt; $nvpstr .= '&CURRENCY=' . $currencyCodeType . '&IPADDRESS=' . $serverName; // Each part of Express Checkout must have a unique request ID. // Save it as a session variable in order to avoid duplication $unique_id = isset($_SESSION['unique_id']) ? $_SESSION['unique_id'] : generateGUID(); $_SESSION['unique_id'] = $unique_id; /* Make the call to PayPal to finalize payment If an error occured, show the resulting errors */ $resArray = hash_call($nvpstr, $unique_id); /* Display the API response back to the browser. If the response from PayPal was a success, display the response parameters' If the response was an error, display the errors received using APIError.php. */ $ack = strtoupper($resArray["RESULT"]); return $resArray; }
function createUser($userID, $privilegeID, $accessID, $pwd, $attrs = array(), $site = SITENAME) { if (!isset($_SESSION['SESS_PRIVILEGE_ID']) || $_SESSION['SESS_PRIVILEGE_ID'] > ROLE_PRIME) { $site = SITENAME; } if (checkUserID($userID, $site)) { return array("error" => "UserID Exists"); } //Check PrivilegeID $sql = _db(true)->_selectQ(_dbTable("privileges", true), "count(*) as cnt")->_where(array("id" => $privilegeID))->_whereOR("site", [SITENAME, '*']); $resData = $sql->_GET(); if (!$resData) { return array("error" => "PrivilegeID Query Error"); } elseif ($resData[0]['cnt'] <= 0) { return array("error" => "PrivilegeID Not Found For Site"); } $sql = _db(true)->_selectQ(_dbTable("access", true), "count(*) as cnt")->_where(array("blocked" => 'false', "id" => $accessID))->_whereMulti([["sites", [SITENAME, "FIND"]], ["sites", '*']], "AND", "OR"); $resData = $sql->_GET(); if (!$resData) { return array("error" => "AccessID Query Error"); } elseif ($resData[0]['cnt'] <= 0) { return array("error" => "AccessID Not Found For Site"); } $params = getDefaultParams($userID, $pwd, $privilegeID, $accessID); //code added by Mita if (isset($attrs['pwd'])) { unset($attrs['pwd']); } if (isset($attrs['pwd_salt'])) { unset($attrs['pwd_salt']); } //End of Mita's Code $data = array_merge($params, $attrs); //If custom guid is there, then no default guid if (isset($data['guid'])) { $data['guid'] = generateGUID($data['guid']); } else { $data['guid'] = generateGUID($params['guid']); } $reqParams = explode(",", getConfig("USER_CREATE_REQUIRED_FIELDS")); foreach ($reqParams as $vx) { if (!isset($data[$vx]) || $data[$vx] == null || strlen($data[$vx]) <= 0) { return array("error" => "Missing Field", "field" => $vx); } } $sql = _db(true)->_insertQ1(_dbTable("users", true), $data); $res = _dbQuery($sql, true); if ($res) { return array("guid" => $data['guid'], "userid" => $data['userid'], "name" => $data['name'], "email" => $data['email'], "status" => "success"); } $errMsg = _db(true)->get_error(); if (strpos(strtolower("###" . $errMsg), "duplicate") > 2) { return array("error" => "UserID Duplicate Across Sites"); } else { return array("error" => "Error In User Creation", "details" => $errMsg); } }
/** * * * @param array $params with at least filebase and ext as required keys, * and licenselines and authorlines as optional keys. */ function generateBoilerplate($params) { $ext = $params['ext']; $type = getTemplateType($ext); if (strlen($type) == 0) { die("Warning: Bad value for 'ext' - could not look up template type for: {$ext}\n"); } $output_ext = getExtensionForType($ext); $mimetype = getMimeForExtension($output_ext); $filebase = $params['filebase']; $filename = $filebase . '.' . $output_ext; // TODO hardcoded hack for prettier templates $headerext = '.h'; $year = date('Y'); $substitutions = array('YEAR' => $year); if (array_has_valid_string_for_key('licenselines', $params)) { $licenseraw = '[LICENSE]' . $params['licenselines'] . '[LICENSE]'; } else { global $defaultLicense; $licenseraw = $defaultLicense; } if (array_has_valid_string_for_key('authorlines', $params)) { $authorinfo = $params['authorlines']; } else { global $defaultAuthor; $authorinfo = $defaultAuthor; } generateAttachment($filename, $mimetype); $mysubstitutions = array('YEAR' => $year, 'AUTHORLINES' => doSubstitutions(indentAuthorInfo($authorinfo), $substitutions), 'LICENSELINES' => doSubstitutions(commentLicense($licenseraw), $substitutions), 'DEF' => makeCIdentifier('INCLUDED_' . $filebase . '_' . $output_ext . '_GUID_' . strtoupper(generateGUID())), 'FILEBASE' => $filebase, 'HEADEREXT' => $headerext); print doSubstitutions(file_get_contents('templates/' . $type . '.tpl', true), $mysubstitutions); }
$appToEdit = null; if (isset($_GET['guid'], $_GET['token'], $myappsToken) && md5($myappsToken) === $_GET['token']) { $matchingApps = getArrayFromSQLQuery($mysqlConn, 'SELECT guid, name, description, category, subcategory, rating, downloads, webicon, publishstate, appversions.number AS version, appversions.appdata, group_concat(screenshots.imageIndex) AS screenshots FROM apps LEFT JOIN appversions ON appversions.versionId = (SELECT versionId FROM appversions appver WHERE appver.appGuid = ? ORDER BY appver.versionId DESC LIMIT 1) LEFT JOIN screenshots ON screenshots.appGuid = ? WHERE guid = ? AND publisher = ? GROUP BY guid LIMIT 1', 'ssss', [$_GET['guid'], $_GET['guid'], $_GET['guid'], $_SESSION['user_id']]); //Get app with user/GUID combination printAndExitIfTrue(count($matchingApps) != 1, 'Invalid app GUID.'); //Check if there is one app matching attempted GUID/user combination $appToEdit = $matchingApps[0]; $_SESSION['publish_app_guid' . $guidId] = $appToEdit['guid']; $_SESSION['user_app_version' . $appToEdit['guid']] = $appToEdit['version']; } else { $_SESSION['publish_app_guid' . $guidId] = generateGUID(); } if (!isset($_SESSION['publish_token' . $_SESSION['publish_app_guid' . $guidId]])) { $_SESSION['publish_token' . $_SESSION['publish_app_guid' . $guidId]] = uniqid(mt_rand(), true); } $editing = isset($appToEdit); ?> <h1 class="animated bounceInDown text-center"><?php if (isset($appToEdit)) { echo 'Updating ' . escapeHTMLChars($appToEdit['name']); } else { echo 'Add a new application'; } ?> </h1> <br />