PageRenderTime 24ms CodeModel.GetById 29ms RepoModel.GetById 1ms app.codeStats 0ms

/cp/chatusers/makepayment.php

https://bitbucket.org/rubbystar/carimod
PHP | 206 lines | 122 code | 44 blank | 40 comment | 20 complexity | 2ba7646a8482021597ce08293e33b0fb MD5 | raw file
Possible License(s): LGPL-2.1, GPL-2.0, GPL-3.0 
    

  1. <? if (!isset($_COOKIE["id"]) || $_COOKIE['usertype']!="chatusers" )
    2. 

  2. 

  3. {
    4. 

  4. 

  5. header("location: ../../login.php");
    6. 

  6. 

  7. } else{
    8. 

  8. 

  9. include("../../dbase.php");
    10. 

  10. 

  11. $result=mysql_query("SELECT user from chatusers WHERE id='$_COOKIE[id]' LIMIT 1");
    12. 

  12. 

  13. 	while($row = mysql_fetch_array($result)) 
    14. 

  14. 

  15. 	{	$username=$row[user];	}
    16. 

  16. 

  17. }
    18. 

  18. 

  19. ?>
    20. 

  20. 

  21. <?
    22. 

  22. include("_members.header.php");
    23. 

  23. ?><style type="text/css">
    24. 

  24. <!--
    25. 

  25. body,td,th {
    26. 

  26. 	color: #FFFFFF;
    27. 

  27. 	font-family: Arial, Helvetica, sans-serif;
    28. 

  28. 	font-size: 14px;
    29. 

  29. }
    30. 

  30. body {
    31. 

  31. 	background-color: #8F0000;
    32. 

  32. }
    33. 

  33. a:link {
    34. 

  34. 	color: #FFFFFF;
    35. 

  35. 	text-decoration: none;
    36. 

  36. }
    37. 

  37. a:visited {
    38. 

  38. 	text-decoration: none;
    39. 

  39. 	color: #FFFFFF;
    40. 

  40. }
    41. 

  41. a:hover {
    42. 

  42. 	text-decoration: none;
    43. 

  43. 	color: #FFCC00;
    44. 

  44. }
    45. 

  45. a:active {
    46. 

  46. 	text-decoration: none;
    47. 

  47. 	color: #FFFFFF;
    48. 

  48. }
    49. 

  49. -->
    50. 

  50. </style>
    51. 

  51. 

  52. <table width="720" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#8F0000" class="form_definitions">
    53. 

  53. 

  54.   <tr valign="top">
    55. 

  55. 

  56.     <td>
    57. 

  57.     <?
    58. 

  58. ob_start();
    59. 

  59. 

  60. // read the post from PayPal system and add 'cmd'
    61. 

  61. $req = 'cmd=_notify-synch';
    62. 

  62. 

  63. $tx_token = $_GET['tx'];
    64. 

  64. $auth_token = "ZpnErSeMfYzm_hMXS9ldyHtbLlp5t15bww03vmIK-x1k9sfdZ6SyILPuStG";
    65. 

  65. $req .= "&tx=$tx_token&at=$auth_token";
    66. 

  66. 

  67. // post back to PayPal system to validate
    68. 

  68. $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
    69. 

  69. $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
    70. 

  70. $header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
    71. 

  71. $fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
    72. 

  72. // If possible, securely post back to paypal using HTTPS
    73. 

  73. // Your PHP server will need to be SSL enabled
    74. 

  74. // $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
    75. 

  75. 

  76. if (!$fp) {
    77. 

  77. // HTTP ERROR
    78. 

  78. } else {
    79. 

  79. fputs ($fp, $header . $req);
    80. 

  80. // read the body data
    81. 

  81. $res = '';
    82. 

  82. $headerdone = false;
    83. 

  83. while (!feof($fp)) {
    84. 

  84. $line = fgets ($fp, 1024);
    85. 

  85. if (strcmp($line, "\r\n") == 0) {
    86. 

  86. // read the header
    87. 

  87. $headerdone = true;
    88. 

  88. }
    89. 

  89. else if ($headerdone)
    90. 

  90. {
    91. 

  91. // header has been read. now read the contents
    92. 

  92. $res .= $line;
    93. 

  93. }
    94. 

  94. }
    95. 

  95. 

  96. // parse the data
    97. 

  97. $lines = explode("\n", $res);
    98. 

  98. $keyarray = array();
    99. 

  99. if (strcmp ($lines[0], "SUCCESS") == 0) {
    100. 

  100. //for ($i=1; $i<count($lines);$i++){
    101. 

  101. //list($key,$val) = explode("=", $lines[$i]);
    102. 

  102. //$keyarray[urldecode($key)] = urldecode($val);
    103. 

  103. //}
    104. 

  104. //// check the payment_status is Completed
    105. 

  105. //// check that txn_id has not been previously processed
    106. 

  106. //// check that receiver_email is your Primary PayPal email
    107. 

  107. //// check that payment_amount/payment_currency are correct
    108. 

  108. //// process payment
    109. 

  109. //$firstname = $keyarray['first_name'];
    110. 

  110. //$lastname = $keyarray['last_name'];
    111. 

  111. //$itemname = $keyarray['item_name'];
    112. 

  112. //$amount = $keyarray['payment_gross'];
    113. 

  113. //
    114. 

  114. //echo ("<p><h3>Thank you for your purchase!</h3></p>");
    115. 

  115. //
    116. 

  116. //echo ("<b>Payment Details</b><br>\n");
    117. 

  117. //echo ("<li>Name: $firstname $lastname</li>\n");
    118. 

  118. //echo ("<li>Item: $itemname</li>\n");
    119. 

  119. //echo ("<li>Amount: $amount</li>\n");
    120. 

  120. //echo ("");
    121. 

  121. //dl_file("full/whyinstrumental.mp3");
    122. 

  122. include("../../dbase.php");
    123. 

  123. 

  124. 

  125. $result=mysql_query("SELECT user,money from chatusers WHERE id='$_COOKIE[id]' LIMIT 1");
    126. 

  126. 

  127. 	while($row = mysql_fetch_array($result)) 
    128. 

  128. 

  129. 	{	$username=$row['user'];$money=$row['money'];	}
    130. 

  130. 	if (strstr($_REQUEST[amt],".") == "")
    131. 

  131. 	{
    132. 

  132. echo $money=$money + $_REQUEST[amt].".00";
    133. 

  133. 	}
    134. 

  134. 	else 
    135. 

  135. 	{
    136. 

  136. 	$money=$money + $_REQUEST[amt];	
    137. 

  137. 	}
    138. 

  138. 			echo $sql="Update chatusers set money=$money where user='$username'";
    139. 

  139. 			 $res=mysql_query($sql);
    140. 

  140. 	mysql_query("insert into payments (ammount, details) values ('".$_REQUEST['amt']."', '$username')");
    141. 

  141. 	echo '<script>window.location="buyminutes.php"</script>';
    142. 

  142. 

  143. }
    144. 

  144. else if (strcmp ($lines[0], "FAIL") == 0) {
    145. 

  145. 	//var_dump($_REQUEST);
    146. 

  146. // log for manual investigation
    147. 

  147. include("../../dbase.php");
    148. 

  148. 

  149. $result=mysql_query("SELECT user,money from chatusers WHERE id='$_COOKIE[id]' LIMIT 1");
    150. 

  150. 

  151. 	while($row = mysql_fetch_array($result)) 
    152. 

  152. 

  153. 	{	$username=$row['user'];$money=$row['money'];	}
    154. 

  154. if (strstr($_REQUEST[amt],".") == "")
    155. 

  155. 	{
    156. 

  156. echo $money=$money + $_REQUEST[amt].".00";
    157. 

  157. 	}
    158. 

  158. 	else 
    159. 

  159. 	{
    160. 

  160. 	$money=$money + $_REQUEST[amt];	
    161. 

  161. 	} 	
    162. 

  162. 			$sql="Update chatusers set money=$money where user='$username'";
    163. 

  163. 			 $res=mysql_query($sql);
    164. 

  164. 	mysql_query("insert into payments (ammount, details) values ('".$_REQUEST['amt']."', '$username')");
    165. 

  165. 	echo '<script>window.location="buyminutes.php"</script>';
    166. 

  166. }
    167. 

  167. 

  168. }
    169. 

  169. 

  170. fclose ($fp);
    171. 

  171. 

  172. 

  173. //if ($_REQUEST['st'] == 'Pending' || $_REQUEST['st'] == 'Completed')
    174. 

  174. //{
    175. 

  175. //	
    176. 

  176. //}
    177. 

  177. //var_dump($_REQUEST);
    178. 

  178. //
    179. 

  179. 

  180. ?>
    181. 

  181.     </td>
    182. 

  182.   </tr>
    183. 

  183. 

  184.       
    185. 

  185. 

  186.       <tr>
    187. 

  187. 

  188.         <td class="form_definitions"> <p>&nbsp;</p>          </td>
    189. 

  189. 

  190.       </tr>
    191. 

  191. 

  192. </table>
    193. 

  193. 

  194. 	<br>
    195. 

  195. 

  196. 

  197. 

  198. 	</td>
    199. 

  199. 

  200.   </tr>
    201. 

  201. 

  202. </table>
    203. 

  203. 

  204. <?
    205. 

  205. include("_members.footer.php");
    206. 

  206. ?>
    207.