function ipn_debug_email($message, $email_address = '', $always_send = false, $subjecttext = 'IPN DEBUG message')
{
static $paypal_error_counter;
static $paypal_instance_id;
if ($email_address == '') {
$email_address = defined('MODULE_PAYMENT_PAYPAL_DEBUG_EMAIL_ADDRESS') ? MODULE_PAYMENT_PAYPAL_DEBUG_EMAIL_ADDRESS : STORE_OWNER_EMAIL_ADDRESS;
}
if (!isset($paypal_error_counter)) {
$paypal_error_counter = 0;
}
if (!isset($paypal_instance_id)) {
$paypal_instance_id = time() . '_' . zen_create_random_value(4);
}
if (defined('MODULE_PAYMENT_PAYPALWPP_DEBUGGING') && MODULE_PAYMENT_PAYPALWPP_DEBUGGING == 'Log and Email' || defined('MODULE_PAYMENT_PAYPAL_IPN_DEBUG') && MODULE_PAYMENT_PAYPAL_IPN_DEBUG == 'Log and Email' || $always_send) {
$paypal_error_counter++;
zen_mail(STORE_OWNER, $email_address, $subjecttext . ' (' . $paypal_instance_id . ') #' . $paypal_error_counter, $message, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => $message), 'debug');
}
if (defined('MODULE_PAYMENT_PAYPAL_IPN_DEBUG') && (MODULE_PAYMENT_PAYPAL_IPN_DEBUG == 'Log and Email' || MODULE_PAYMENT_PAYPAL_IPN_DEBUG == 'Log File' || MODULE_PAYMENT_PAYPAL_IPN_DEBUG == 'Yes') || defined('MODULE_PAYMENT_PAYPALWPP_DEBUGGING') && (MODULE_PAYMENT_PAYPALWPP_DEBUGGING == 'Log File' || MODULE_PAYMENT_PAYPALWPP_DEBUGGING == 'Log and Email')) {
ipn_add_error_log($message, $paypal_instance_id);
}
}
/**
* Complete the step2 phase by creating accounts if needed, linking data, placing order, etc.
*/
function ec_step2_finish($paypal_ec_payer_info, $new_acct_notify)
{
global $db, $order;
// register the payer_info in the session
$_SESSION['paypal_ec_payer_info'] = $paypal_ec_payer_info;
// debug
$this->zcLog('ec_step2_finish - 1', 'START: paypal_ec_payer_info= ' . print_r($_SESSION['paypal_ec_payer_info'], true));
/**
* Building customer zone/address from returned data
*/
// set some defaults, which will be updated later:
$country_id = '223';
$address_format_id = 2;
$state_id = 0;
$acct_exists = false;
// store default address id for later use/reference
$original_default_address_id = $_SESSION['customer_default_address_id'];
// Get the customer's country ID based on name or ISO code
$sql = "SELECT countries_id, address_format_id, countries_iso_code_2, countries_iso_code_3\r\n FROM " . TABLE_COUNTRIES . "\r\n WHERE countries_iso_code_2 = :countryId\r\n OR countries_name = :countryId\r\n LIMIT 1";
$sql1 = $db->bindVars($sql, ':countryId', $paypal_ec_payer_info['ship_country_name'], 'string');
$country1 = $db->Execute($sql1);
$sql2 = $db->bindVars($sql, ':countryId', $paypal_ec_payer_info['ship_country_code'], 'string');
$country2 = $db->Execute($sql2);
// see if we found a record, if yes, then use it instead of default American format
if ($country1->RecordCount() > 0) {
$country_id = $country1->fields['countries_id'];
if (!isset($paypal_ec_payer_info['ship_country_code']) || $paypal_ec_payer_info['ship_country_code'] == '') {
$paypal_ec_payer_info['ship_country_code'] = $country1->fields['countries_iso_code_2'];
}
$country_code3 = $country1->fields['countries_iso_code_3'];
$address_format_id = (int) $country1->fields['address_format_id'];
} elseif ($country2->RecordCount() > 0) {
// if didn't find it based on name, check using ISO code (ie: in case of no-shipping-address required/supplied)
$country_id = $country2->fields['countries_id'];
$country_code3 = $country2->fields['countries_iso_code_3'];
$address_format_id = (int) $country2->fields['address_format_id'];
}
// Need to determine zone, based on zone name first, and then zone code if name fails check. Otherwise uses 0.
$sql = "SELECT zone_id\r\n FROM " . TABLE_ZONES . "\r\n WHERE zone_country_id = :zCountry\r\n AND zone_code = :zoneCode\r\n OR zone_name = :zoneCode\r\n LIMIT 1";
$sql = $db->bindVars($sql, ':zCountry', $country_id, 'integer');
$sql = $db->bindVars($sql, ':zoneCode', $paypal_ec_payer_info['ship_state'], 'string');
$states = $db->Execute($sql);
if ($states->RecordCount() > 0) {
$state_id = $states->fields['zone_id'];
}
/**
* Using the supplied data from PayPal, set the data into the order record
*/
// customer
$order->customer['name'] = $paypal_ec_payer_info['payer_firstname'] . ' ' . $paypal_ec_payer_info['payer_lastname'];
$order->customer['company'] = $paypal_ec_payer_info['payer_business'];
$order->customer['street_address'] = $paypal_ec_payer_info['ship_street_1'];
$order->customer['suburb'] = $paypal_ec_payer_info['ship_street_2'];
$order->customer['city'] = $paypal_ec_payer_info['ship_city'];
$order->customer['postcode'] = $paypal_ec_payer_info['ship_postal_code'];
$order->customer['state'] = $paypal_ec_payer_info['ship_state'];
$order->customer['country'] = array('id' => $country_id, 'title' => $paypal_ec_payer_info['ship_country_name'], 'iso_code_2' => $paypal_ec_payer_info['ship_country_code'], 'iso_code_3' => $country_code3);
$order->customer['country']['id'] = $country_id;
$order->customer['country']['iso_code_2'] = $paypal_ec_payer_info['ship_country_code'];
$order->customer['format_id'] = $address_format_id;
$order->customer['email_address'] = $paypal_ec_payer_info['payer_email'];
$order->customer['telephone'] = $paypal_ec_payer_info['ship_phone'];
$order->customer['zone_id'] = $state_id;
// billing
$order->billing['name'] = $paypal_ec_payer_info['payer_firstname'] . ' ' . $paypal_ec_payer_info['payer_lastname'];
$order->billing['company'] = $paypal_ec_payer_info['payer_business'];
$order->billing['street_address'] = $paypal_ec_payer_info['ship_street_1'];
$order->billing['suburb'] = $paypal_ec_payer_info['ship_street_2'];
$order->billing['city'] = $paypal_ec_payer_info['ship_city'];
$order->billing['postcode'] = $paypal_ec_payer_info['ship_postal_code'];
$order->billing['state'] = $paypal_ec_payer_info['ship_state'];
$order->billing['country'] = array('id' => $country_id, 'title' => $paypal_ec_payer_info['ship_country_name'], 'iso_code_2' => $paypal_ec_payer_info['ship_country_code'], 'iso_code_3' => $country_code3);
$order->billing['country']['id'] = $country_id;
$order->billing['country']['iso_code_2'] = $paypal_ec_payer_info['ship_country_code'];
$order->billing['format_id'] = $address_format_id;
$order->billing['zone_id'] = $state_id;
// delivery
if ($_SESSION['paypal_ec_payer_info']['ship_address_status'] != 'None') {
$order->delivery['name'] = $paypal_ec_payer_info['payer_firstname'] . ' ' . $paypal_ec_payer_info['payer_lastname'];
$order->delivery['company'] = $paypal_ec_payer_info['payer_business'];
$order->delivery['street_address'] = $paypal_ec_payer_info['ship_street_1'];
$order->delivery['suburb'] = $paypal_ec_payer_info['ship_street_2'];
$order->delivery['city'] = $paypal_ec_payer_info['ship_city'];
$order->delivery['postcode'] = $paypal_ec_payer_info['ship_postal_code'];
$order->delivery['state'] = $paypal_ec_payer_info['ship_state'];
$order->delivery['country'] = array('id' => $country_id, 'title' => $paypal_ec_payer_info['ship_country_name'], 'iso_code_2' => $paypal_ec_payer_info['ship_country_code'], 'iso_code_3' => $country_code3);
$order->delivery['country_id'] = $country_id;
$order->delivery['format_id'] = $address_format_id;
$order->delivery['zone_id'] = $state_id;
}
// debug
$this->zcLog('ec_step2_finish - 2', 'country_id = ' . $country_id . ' ' . $paypal_ec_payer_info['ship_country_name'] . ' ' . $paypal_ec_payer_info['ship_country_code'] . "\naddress_format_id = " . $address_format_id . "\nstate_id = " . $state_id . ' (original state tested: ' . $paypal_ec_payer_info['ship_state'] . ')' . "\ncountry1->fields['countries_id'] = " . $country1->fields['countries_id'] . "\ncountry2->fields['countries_id'] = " . $country2->fields['countries_id'] . "\n" . '$order = ' . print_r($order, true));
// check to see whether PayPal should still be offered to this customer, based on the zone of their address:
$this->update_status();
if (!$this->enabled) {
$this->terminateEC(MODULE_PAYMENT_PAYPALWPP_TEXT_INVALID_ZONE_ERROR, true, FILENAME_SHOPPING_CART);
}
// see if the user is logged in
if (!empty($_SESSION['customer_first_name']) && !empty($_SESSION['customer_id'])) {
// They're logged in, so forward them straight to checkout stages, depending on address needs etc
$order->customer['id'] = $_SESSION['customer_id'];
// set the session value for express checkout temp
$_SESSION['paypal_ec_temp'] = false;
// if no address required for shipping, leave shipping portion alone
if ($_SESSION['paypal_ec_payer_info']['ship_address_status'] != 'None' && $_SESSION['paypal_ec_payer_info']['ship_street_1'] != '') {
// set the session info for the sendto
$_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
// This is the address matching section
// try to match it first
// note: this is by no means 100%
$address_book_id = $this->findMatchingAddressBookEntry($_SESSION['customer_id'], $order->delivery);
// no match, so add the record
if (!$address_book_id) {
$address_book_id = $this->addAddressBookEntry($_SESSION['customer_id'], $order->delivery, false);
}
// set the address for use
$_SESSION['sendto'] = $address_book_id;
}
// set the users billto information (default address)
if (!isset($_SESSION['billto'])) {
$_SESSION['billto'] = $_SESSION['customer_default_address_id'];
}
// debug
$this->zcLog('ec_step2_finish - 3', 'Exiting ec_step2_finish logged-in mode.' . "\n" . 'Selected address: ' . $address_book_id . "\nOriginal was: " . $original_default_address_id);
// select a shipping method, based on cheapest available option
if (MODULE_PAYMENT_PAYPALWPP_AUTOSELECT_CHEAPEST_SHIPPING == 'Yes') {
$this->setShippingMethod();
}
// send the user on
if ($_SESSION['paypal_ec_markflow'] == 1) {
$this->terminateEC('', false, FILENAME_CHECKOUT_PROCESS);
} else {
$this->terminateEC('', false, FILENAME_CHECKOUT_CONFIRMATION);
}
} else {
// They're not logged in. Create an account if necessary, and then log them in.
// First, see if they're an existing customer, and log them in automatically
// If Paypal didn't supply us an email address, something went wrong
if (trim($paypal_ec_payer_info['payer_email']) == '') {
$this->terminateEC(MODULE_PAYMENT_PAYPALWPP_INVALID_RESPONSE, true);
}
// attempt to obtain the user information using the payer_email from the info returned from PayPal, via email address
$sql = "SELECT customers_id, customers_firstname, customers_lastname, customers_paypal_payerid, customers_paypal_ec\r\n FROM " . TABLE_CUSTOMERS . "\r\n WHERE customers_email_address = :emailAddress ";
$sql = $db->bindVars($sql, ':emailAddress', $paypal_ec_payer_info['payer_email'], 'string');
$check_customer = $db->Execute($sql);
// debug
$this->zcLog('ec_step2_finish - 4', 'Not logged in. Looking for account.' . "\n" . $sql . "\n" . print_r($check_customer, true));
if (!$check_customer->EOF) {
$acct_exists = true;
// see if this was only a temp account -- if so, remove it
if ($check_customer->fields['customers_paypal_ec'] == '1') {
// Delete the existing temporary account
$this->ec_delete_user($check_customer->fields['customers_id']);
$acct_exists = false;
// debug
$this->zcLog('ec_step2_finish - 5', 'Found temporary account - deleting it.');
}
}
// Create an account, if the account does not exist
if (!$acct_exists) {
// debug
$this->zcLog('ec_step2_finish - 6', 'No ZC account found for this customer. Creating new account.' . "\n" . '$this->new_acct_notify =' . $this->new_acct_notify);
// Generate a random 8-char password
$password = zen_create_random_value(8);
$sql_data_array = array();
// set the customer information in the array for the table insertion
$sql_data_array = array('customers_firstname' => $paypal_ec_payer_info['payer_firstname'], 'customers_lastname' => $paypal_ec_payer_info['payer_lastname'], 'customers_email_address' => $paypal_ec_payer_info['payer_email'], 'customers_telephone' => $paypal_ec_payer_info['ship_phone'], 'customers_fax' => '', 'customers_gender' => $paypal_ec_payer_info['payer_gender'], 'customers_newsletter' => '0', 'customers_password' => zen_encrypt_password($password), 'customers_paypal_payerid' => $_SESSION['paypal_ec_payer_id']);
// insert the data
$result = zen_db_perform(TABLE_CUSTOMERS, $sql_data_array);
// grab the customer_id (last insert id)
$customer_id = $db->Insert_ID();
// set the Guest customer ID -- for PWA purposes
$_SESSION['customer_guest_id'] = $customer_id;
// set the customer address information in the array for the table insertion
$sql_data_array = array('customers_id' => $customer_id, 'entry_gender' => $paypal_ec_payer_info['payer_gender'], 'entry_firstname' => $paypal_ec_payer_info['payer_firstname'], 'entry_lastname' => $paypal_ec_payer_info['payer_lastname'], 'entry_street_address' => $paypal_ec_payer_info['ship_street_1'], 'entry_suburb' => $paypal_ec_payer_info['ship_street_2'], 'entry_city' => $paypal_ec_payer_info['ship_city'], 'entry_zone_id' => $state_id, 'entry_postcode' => $paypal_ec_payer_info['ship_postal_code'], 'entry_country_id' => $country_id);
if ($state_id > 0) {
$sql_data_array['entry_zone_id'] = $state_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = 0;
$sql_data_array['entry_state'] = $paypal_ec_payer_info['ship_state'];
}
// insert the data
zen_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
// grab the address_id (last insert id)
$address_id = $db->Insert_ID();
// set the address id lookup for the customer
$sql = "UPDATE " . TABLE_CUSTOMERS . "\r\n SET customers_default_address_id = :addrID\r\n WHERE customers_id = :custID";
$sql = $db->bindVars($sql, ':addrID', $address_id, 'integer');
$sql = $db->bindVars($sql, ':custID', $customer_id, 'integer');
$db->Execute($sql);
// insert the new customer_id into the customers info table for consistency
$sql = "INSERT INTO " . TABLE_CUSTOMERS_INFO . "\r\n (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created)\r\n VALUES (:custID, 0, now())";
$sql = $db->bindVars($sql, ':custID', $customer_id, 'integer');
$db->Execute($sql);
// send Welcome Email if appropriate
if ($this->new_acct_notify == 'Yes') {
// require the language file
global $language_page_directory, $template_dir;
if (!isset($language_page_directory)) {
$language_page_directory = DIR_WS_LANGUAGES . $_SESSION['language'] . '/';
}
if (file_exists($language_page_directory . $template_dir . '/create_account.php')) {
$template_dir_select = $template_dir . '/';
} else {
$template_dir_select = '';
}
require $language_page_directory . $template_dir_select . '/create_account.php';
// set the mail text
$email_text = sprintf(EMAIL_GREET_NONE, $paypal_ec_payer_info['payer_firstname']) . EMAIL_WELCOME . EMAIL_TEXT;
$email_text .= "\n\n" . EMAIL_EC_ACCOUNT_INFORMATION . "\nUsername: "******"\nPassword: "******"\n\n";
$email_text .= EMAIL_CONTACT;
// send the mail
zen_mail($paypal_ec_payer_info['payer_firstname'] . " " . $paypal_ec_payer_info['payer_lastname'], $paypal_ec_payer_info['payer_email'], EMAIL_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => nl2br($email_text)), 'welcome');
// set the express checkout temp -- false means the account is no longer "only" for EC ... it'll be permanent
$_SESSION['paypal_ec_temp'] = false;
} else {
// Make it a temporary account that'll be deleted once they've checked out
$sql = "UPDATE " . TABLE_CUSTOMERS . "\r\n SET customers_paypal_ec = 1\r\n WHERE customers_id = :custID ";
$sql = $db->bindVars($sql, ':custID', $customer_id, 'integer');
$db->Execute($sql);
// set the boolean ec temp value since we created account strictly for EC purposes
$_SESSION['paypal_ec_temp'] = true;
}
// hook notifier class vis a vis account-creation
$this->notify('NOTIFY_LOGIN_SUCCESS_VIA_CREATE_ACCOUNT');
} else {
// set the boolean ec temp value for the account to false, since we didn't have to create one
$_SESSION['paypal_ec_temp'] = false;
}
// log the user in with the email sent back from paypal response
$this->user_login($_SESSION['paypal_ec_payer_info']['payer_email'], false);
// debug
$this->zcLog('ec_step2_finish - 7', 'Auto-Logged customer in. (' . $_SESSION['paypal_ec_payer_info']['payer_email'] . ') (' . $_SESSION['customer_id'] . ')' . "\n" . '$_SESSION[paypal_ec_temp]=' . $_SESSION['paypal_ec_temp']);
// This is the address matching section
// try to match it first
// note: this is by no means 100%
$address_book_id = $this->findMatchingAddressBookEntry($_SESSION['customer_id'], $order->delivery);
// no match add the record
if (!$address_book_id) {
$address_book_id = $this->addAddressBookEntry($_SESSION['customer_id'], $order->delivery, false);
if (!$address_book_id) {
$address_book_id = $_SESSION['customer_default_address_id'];
}
}
// set the sendto to the address
$_SESSION['sendto'] = $address_book_id;
// set billto in the session
$_SESSION['billto'] = $_SESSION['customer_default_address_id'];
// select a shipping method, based on cheapest available option
if (MODULE_PAYMENT_PAYPALWPP_AUTOSELECT_CHEAPEST_SHIPPING == 'Yes') {
$this->setShippingMethod();
}
// debug
$this->zcLog('ec_step2_finish - 8', 'Exiting via terminateEC (from originally-not-logged-in mode).' . "\n" . 'Selected address: ' . $address_book_id . "\nOriginal was: " . $original_default_address_id . "\nprepared data: " . print_r($order->delivery, true));
// send the user on
if ($_SESSION['paypal_ec_markflow'] == 1) {
$this->terminateEC('', false, FILENAME_CHECKOUT_PROCESS);
} else {
$this->terminateEC('', false, FILENAME_CHECKOUT_CONFIRMATION);
}
}
}
/**
* Method to generate a cart ID
*
* @param length of ID to generate
* @return string cart ID
*/
function generate_cart_id($length = 5)
{
return zen_create_random_value($length, 'digits');
}
function log($message, $token = '')
{
static $tokenHash;
if ($tokenHash == '') {
$tokenHash = '_' . zen_create_random_value(4);
}
if ($token == '') {
$token = $_SESSION['paypal_ec_token'];
}
if ($token == '') {
$token = time();
}
$token .= $tokenHash;
$file = $this->_logDir . '/' . 'Paypal_CURL_' . $token . '.log';
if ($fp = @fopen($file, 'a')) {
fwrite($fp, $message . "\n\n");
fclose($fp);
}
}
/**
* Used to do any debug logging / tracking / storage as required.
*/
function _debugActions($response, $order_time = '', $sessID = '')
{
global $db;
if ($order_time == '') {
$order_time = date("F j, Y, g:i a");
}
// convert output to 1-based array for easier understanding:
$resp_output = $response;
array_unshift($resp_output, 'Response from gateway' . (isset($response['ErrorDetails']) ? ': ' . $response['ErrorDetails'] : ''));
// DEBUG LOGGING
$errorMessage = date('M-d-Y h:i:s') . "\n=================================\n\n" . ($this->commError != '' ? 'Comm results: ' . $this->commErrNo . ' ' . $this->commError . "\n\n" : '') . 'Response Code: ' . $response[0] . ".\nResponse Text: " . $response[3] . "\n\n" . 'Sending to Authorizenet: ' . print_r($this->reportable_submit_data, true) . "\n\n" . 'Results Received back from Authorizenet: ' . print_r($resp_output, true) . "\n\n" . 'CURL communication info: ' . print_r($this->commInfo, true) . "\n";
if (CURL_PROXY_REQUIRED == 'True') {
$errorMessage .= 'Using CURL Proxy: [' . CURL_PROXY_SERVER_DETAILS . '] with Proxy Tunnel: ' . ($this->proxy_tunnel_flag ? 'On' : 'Off') . "\n";
}
$errorMessage .= "\nRAW data received: \n" . $this->authorize . "\n\n";
if (strstr(MODULE_PAYMENT_AUTHORIZENET_ECHECK_DEBUGGING, 'Log') || strstr(MODULE_PAYMENT_AUTHORIZENET_ECHECK_DEBUGGING, 'All') || defined('AUTHORIZENET_DEVELOPER_MODE') && in_array(AUTHORIZENET_DEVELOPER_MODE, array('on', 'certify'))) {
$key = $response[6] . '_' . time() . '_' . zen_create_random_value(4);
$file = $this->_logDir . '/' . 'AuthNetECheck_Debug_' . $key . '.log';
if ($fp = @fopen($file, 'a')) {
fwrite($fp, $errorMessage);
fclose($fp);
}
}
if ($response[0] != '1' && stristr(MODULE_PAYMENT_AUTHORIZENET_ECHECK_DEBUGGING, 'Alerts') || strstr(MODULE_PAYMENT_AUTHORIZENET_ECHECK_DEBUGGING, 'Email')) {
zen_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Authorizenet-eCheck Alert ' . $response[7] . ' ' . date('M-d-Y h:i:s') . ' ' . $response[6], $errorMessage, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => nl2br($errorMessage)), 'debug');
}
// DATABASE SECTION
// Insert the send and receive response data into the database.
// This can be used for testing or for implementation in other applications
// This can be turned on and off if the Admin Section
if (MODULE_PAYMENT_AUTHORIZENET_ECHECK_STORE_DATA == 'True') {
$db_response_text = $response[3] . ($this->commError != '' ? ' - Comm results: ' . $this->commErrNo . ' ' . $this->commError : '');
$db_response_text .= $response[0] == 2 && $response[2] == 4 ? ' NOTICE: Card should be picked up - possibly stolen ' : '';
$db_response_text .= $response[0] == 3 && $response[2] == 11 ? ' DUPLICATE TRANSACTION ATTEMPT ' : '';
// Insert the data into the database
$sql = "insert into " . TABLE_AUTHORIZENET . " (id, customer_id, order_id, response_code, response_text, authorization_type, transaction_id, sent, received, time, session_id) values (NULL, :custID, :orderID, :respCode, :respText, :authType, :transID, :sentData, :recvData, :orderTime, :sessID )";
$sql = $db->bindVars($sql, ':custID', $_SESSION['customer_id'], 'integer');
$sql = $db->bindVars($sql, ':orderID', preg_replace('/[^0-9]/', '', $response[7]), 'integer');
$sql = $db->bindVars($sql, ':respCode', $response[0], 'integer');
$sql = $db->bindVars($sql, ':respText', $db_response_text, 'string');
$sql = $db->bindVars($sql, ':authType', $response[11], 'string');
$sql = $db->bindVars($sql, ':transID', $this->transaction_id, 'string');
$sql = $db->bindVars($sql, ':sentData', print_r($this->reportable_submit_data, true), 'string');
$sql = $db->bindVars($sql, ':recvData', print_r($response, true), 'string');
$sql = $db->bindVars($sql, ':orderTime', $order_time, 'string');
$sql = $db->bindVars($sql, ':sessID', $sessID, 'string');
$db->Execute($sql);
}
}
function _log($msg, $suffix = '')
{
static $key;
if (!isset($key) || $key == '') {
$key = time() . '_' . zen_create_random_value(4);
}
$file = $this->_logDir . '/' . 'Linkpoint_Debug_' . $suffix . '_' . $key . '.log';
if ($fp = @fopen($file, 'a')) {
@fwrite($fp, $msg);
@fclose($fp);
}
}
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: header_php.php 2982 2006-02-07 07:56:41Z birdbrain $
*/
// This should be first line of the script:
$zco_notifier->notify('NOTIFY_HEADER_START_PASSWORD_FORGOTTEN');
require DIR_WS_MODULES . zen_get_module_directory('require_languages.php');
// remove from snapshot
$_SESSION['navigation']->remove_current_page();
if (isset($_GET['action']) && $_GET['action'] == 'process') {
$email_address = zen_db_prepare_input($_POST['email_address']);
$check_customer_query = "SELECT customers_firstname, customers_lastname, customers_password, customers_id \r\n FROM " . TABLE_CUSTOMERS . "\r\n WHERE customers_email_address = :emailAddress";
$check_customer_query = $db->bindVars($check_customer_query, ':emailAddress', $email_address, 'string');
$check_customer = $db->Execute($check_customer_query);
if ($check_customer->RecordCount() > 0) {
$new_password = zen_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
$crypted_password = zen_encrypt_password($new_password);
$sql = "UPDATE " . TABLE_CUSTOMERS . "\r\n SET customers_password = :password\r\n WHERE customers_id = :customersID";
$sql = $db->bindVars($sql, ':password', $crypted_password, 'string');
$sql = $db->bindVars($sql, ':customersID', $check_customer->fields['customers_id'], 'integer');
$db->Execute($sql);
$html_msg['EMAIL_CUSTOMERS_NAME'] = $check_customer->fields['customers_firstname'] . ' ' . $check_customer->fields['customers_lastname'];
$html_msg['EMAIL_MESSAGE_HTML'] = sprintf(EMAIL_PASSWORD_REMINDER_BODY, $new_password);
// send the email
zen_mail($check_customer->fields['customers_firstname'] . ' ' . $check_customer->fields['customers_lastname'], $email_address, EMAIL_PASSWORD_REMINDER_SUBJECT, sprintf(EMAIL_PASSWORD_REMINDER_BODY, $new_password), STORE_NAME, EMAIL_FROM, $html_msg, 'password_forgotten');
$messageStack->add_session('login', SUCCESS_PASSWORD_SENT, 'success');
zen_redirect(zen_href_link(FILENAME_LOGIN, '', 'SSL'));
} else {
$messageStack->add('password_forgotten', TEXT_NO_EMAIL_ADDRESS_FOUND);
}
}
function email_templates_make_new_passord($customers_id, $email_address)
{
global $db;
$new_password = zen_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
$crypted_password = zen_encrypt_password($new_password);
$sql = "UPDATE " . TABLE_CUSTOMERS . "\n SET customers_password = :password\n WHERE customers_id = :customersID";
$sql = $db->bindVars($sql, ':password', $crypted_password, 'string');
$sql = $db->bindVars($sql, ':customersID', $customers_id, 'integer');
$db->Execute($sql);
return $new_password;
}
function logDetails($details, $location = '', $fname = '')
{
global $current_page;
if ($_SESSION['logfilename'] == '') {
$_SESSION['logfilename'] = $fname == '' ? date('M-d-Y_h-i-s-') . zen_create_random_value(6) : $fname;
}
$location = $location == '' ? $current_page : $location;
if ($fp = @fopen(DEBUG_LOG_FOLDER . '/zcInstallLog_' . $_SESSION['logfilename'] . '.log', 'a')) {
fwrite($fp, '---------------' . "\n" . date('M d Y G:i') . ' -- ' . $location . "\n" . $details . "\n\n");
fclose($fp);
}
}
/**
* Debug Logging support
*/
function zcLog($stage, $message)
{
static $tokenHash;
if ($tokenHash == '') {
$tokenHash = '_' . zen_create_random_value(4);
}
if (MODULE_PAYMENT_PAYPALDP_DEBUGGING == 'Log and Email' || MODULE_PAYMENT_PAYPALDP_DEBUGGING == 'Log File') {
$token = isset($_SESSION['paypal_ec_token']) ? $_SESSION['paypal_ec_token'] : preg_replace('/[^0-9.A-Z\\-]/', '', $_GET['token']);
$token = $token == '' ? date('m-d-Y-h-i') : $token;
// or time()
$token .= $tokenHash;
$file = $this->_logDir . '/' . $this->code . '_Paypal_Action_' . $token . '.log';
if (defined('PAYPAL_DEV_MODE') && PAYPAL_DEV_MODE == 'true') {
$file = $this->_logDir . '/' . $this->code . '_Paypal_Debug_' . $token . '.log';
}
$fp = @fopen($file, 'a');
@fwrite($fp, date('M-d-Y h:i:s') . "\n" . $stage . "\n" . $message . "\n=================================\n\n");
@fclose($fp);
}
$this->_doDebug($stage, $message, false);
}
$firstname = No_Account;
$lastname = No_Account;
$nick = No_Account;
$street_address = No_Account;
$suburb = No_Account;
$city = No_Account;
$postcode = 33333;
$dob = '0001-01-01 00:00:00';
$state = Florida;
$country = 223;
$telephone = 5555551212;
$fax = 5555551212;
$customers_referrals = No_Account;
$gender = m;
}
$password = zen_create_random_value(15, 'mixed');
if ($error == true) {
// hook notifier class
$zco_notifier->notify('NOTIFY_FAILURE_DURING_NO_ACCOUNT');
} else {
$_SESSION['COWOA'] = true;
$sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_nick' => $nick, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_newsletter' => (int) $newsletter, 'customers_email_format' => $email_format, 'customers_default_address_id' => 0, 'customers_password' => zen_encrypt_password($password), 'COWOA_account' => 1, 'customers_authorization' => (int) CUSTOMERS_APPROVAL_AUTHORIZATION);
if (CUSTOMERS_REFERRAL_STATUS == '2' and $customers_referral != '') {
$sql_data_array['customers_referral'] = $customers_referral;
}
if (ACCOUNT_GENDER == 'true') {
$sql_data_array['customers_gender'] = $gender;
}
if (ACCOUNT_DOB == 'true') {
$sql_data_array['customers_dob'] = empty($_POST['dob']) || $dob_entered == '0001-01-01 00:00:00' ? zen_db_prepare_input('0001-01-01 00:00:00') : zen_date_raw($_POST['dob']);
}
/**
* Used to do any debug logging / tracking / storage as required.
*/
function _debugActions($response, $mode, $order_time = '', $sessID = '')
{
global $db, $messageStack, $insert_id;
if ($order_time == '') {
$order_time = date("F j, Y, g:i a");
}
$response['url'] = $this->form_action_url;
$this->reportable_submit_data['url'] = $this->form_action_url;
$errorMessage = date('M-d-Y h:i:s') . "\n=================================\n\n";
if ($mode == 'Submit-Data') {
$errorMessage .= 'Sent to Authorizenet: ' . print_r($this->reportable_submit_data, true) . "\n\n";
}
if ($mode == 'Response-Data') {
$errorMessage .= 'Response Code: ' . $response['x_response_code'] . ".\nResponse Text: " . $response['x_response_reason_text'] . "\n\n" . ($response['x_response_code'] == 2 && $response['x_response_reason_code'] == 4 ? ' NOTICE: Card should be picked up - possibly stolen ' : '') . ($response['x_response_code'] == 3 && $response['x_response_reason_code'] == 11 ? ' DUPLICATE TRANSACTION ATTEMPT ' : '') . 'Results Received back from Authorizenet: ' . print_r($response, true) . "\n\n";
}
// store log file if log mode enabled
if (stristr(MODULE_PAYMENT_AUTHORIZENET_DEBUGGING, 'Log') || strstr(MODULE_PAYMENT_AUTHORIZENET_DEBUGGING, 'All') || defined('AUTHORIZENET_DEVELOPER_MODE') && in_array(AUTHORIZENET_DEVELOPER_MODE, array('on', 'certify'))) {
$key = ($response['x_trans_id'] != '' ? $response['x_trans_id'] . '_' : '') . time() . '_' . zen_create_random_value(4);
$file = $this->_logDir . '/' . 'SIM_Debug_' . $key . '.log';
$fp = @fopen($file, 'a');
@fwrite($fp, $errorMessage);
@fclose($fp);
}
// send email alerts only if in alert mode or if email specifically requested as logging mode
if (isset($response['x_response_code']) && $response['x_response_code'] != '1' && stristr(MODULE_PAYMENT_AUTHORIZENET_DEBUGGING, 'Alerts') || stristr(MODULE_PAYMENT_AUTHORIZENET_DEBUGGING, 'Email')) {
zen_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Authorizenet-SIM Alert ' . $response['x_invoice_num'] . ' ' . date('M-d-Y h:i:s') . ' ' . $response['x_trans_id'], $errorMessage, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => nl2br($errorMessage)), 'debug');
}
// DATABASE SECTION
// Insert the send and receive response data into the database.
// This can be used for testing or for implementation in other applications
// This can be turned on and off if the Admin Section
if (MODULE_PAYMENT_AUTHORIZENET_STORE_DATA == 'True' && $mode == 'Response-Data') {
$db_response_text = $response['x_response_reason_text'];
$db_response_text .= $response['x_response_code'] == 2 && $response['x_response_reason_code'] == 4 ? ' NOTICE: Card should be picked up - possibly stolen ' : '';
$db_response_text .= $response['x_response_code'] == 3 && $response['x_response_reason_code'] == 11 ? ' DUPLICATE TRANSACTION ATTEMPT ' : '';
// Insert the data into the database
$sql = "insert into " . TABLE_AUTHORIZENET . " (id, customer_id, order_id, response_code, response_text, authorization_type, transaction_id, sent, received, time, session_id) values (NULL, :custID, :orderID, :respCode, :respText, :authType, :transID, :sentData, :recvData, :orderTime, :sessID )";
$sql = $db->bindVars($sql, ':custID', $_SESSION['customer_id'], 'integer');
$sql = $db->bindVars($sql, ':orderID', preg_replace('/[^0-9]/', '', $insert_id), 'integer');
$sql = $db->bindVars($sql, ':respCode', $response['x_response_code'], 'integer');
$sql = $db->bindVars($sql, ':respText', $db_response_text, 'string');
$sql = $db->bindVars($sql, ':authType', $response['x_type'], 'string');
$sql = $db->bindVars($sql, ':transID', $response['x_trans_id'], 'string');
$sql = $db->bindVars($sql, ':sentData', print_r($this->reportable_submit_data, true), 'string');
$sql = $db->bindVars($sql, ':recvData', print_r($response, true), 'string');
$sql = $db->bindVars($sql, ':orderTime', $order_time, 'string');
$sql = $db->bindVars($sql, ':sessID', $sessID, 'string');
$db->Execute($sql);
}
}
/**
* @param $errorMessages
*/
protected function errorLog($errorMessages = array())
{
$moduleSetting = 'MODULE_PAYMENT_' . strtoupper($this->code) . '_DEBUGGING';
if (constant($moduleSetting) == 'Off') {
return;
}
$logDir = defined('DIR_FS_LOGS') ? DIR_FS_LOGS : DIR_FS_SQL_CACHE;
$message = date('M-d-Y h:i:s') . "\n=================================\n\n";
foreach ($errorMessages as $errorMessage) {
$message .= $errorMessage['title'] . "\n\n";
$message .= $errorMessage['content'] . "\n\n";
$message .= "=================================\n\n";
}
$file = $logDir . '/' . 'Sagepay_Debug_' . time() . '_' . zen_create_random_value(4) . '.log';
if ($fp = @fopen($file, 'a')) {
fwrite($fp, $message);
fclose($fp);
}
if (constant($moduleSetting) !== 'Log and Email') {
return;
}
zen_mail(STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, 'Sagepay Form Alert ' . date('M-d-Y h:i:s'), $message, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, array('EMAIL_MESSAGE_HTML' => nl2br($message)), 'debug');
}
$result = $db->Execute($sql);
if (!($admin_email == $result->fields['admin_email'])) {
$error = true;
$email_message = MESSAGE_PASSWORD_SENT;
}
// BEGIN SLAM PREVENTION
if ($error == TRUE && $_POST['admin_email'] != '') {
if (!isset($_SESSION['login_attempt'])) {
$_SESSION['login_attempt'] = 0;
}
$_SESSION['login_attempt']++;
sleep(3 * $_SESSION['login_attempt']);
}
// END SLAM PREVENTION
if ($error == false) {
$new_password = zen_create_random_value((int) ADMIN_PASSWORD_MIN_LENGTH < 7 ? 7 : (int) ADMIN_PASSWORD_MIN_LENGTH);
$resetToken = time() + ADMIN_PWD_TOKEN_DURATION . '}' . zen_encrypt_password($new_password);
$sql = "update " . TABLE_ADMIN . " set reset_token = :token: where admin_id = :admID: ";
$sql = $db->bindVars($sql, ':token:', $resetToken, 'string');
$sql = $db->bindVars($sql, ':admID:', $result->fields['admin_id'], 'string');
$db->Execute($sql);
$html_msg['EMAIL_CUSTOMERS_NAME'] = $result->fields['admin_name'];
$html_msg['EMAIL_MESSAGE_HTML'] = sprintf(TEXT_EMAIL_MESSAGE_PWD_RESET, $_SERVER['REMOTE_ADDR'], $new_password);
zen_mail($result->fields['admin_name'], $result->fields['admin_email'], TEXT_EMAIL_SUBJECT_PWD_RESET, sprintf(TEXT_EMAIL_MESSAGE_PWD_RESET, $_SERVER['REMOTE_ADDR'], $new_password), STORE_NAME, EMAIL_FROM, $html_msg, 'password_forgotten_admin');
$email_message = MESSAGE_PASSWORD_SENT;
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" <?php
echo HTML_PARAMS;
