gcallback.php | searchcode

/admin/gcallback.php

https://bitbucket.org/chadsaun/ifrogz-panel
PHP | 914 lines | 852 code | 8 blank | 54 comment | 142 complexity | 4264c3c4c3b4aaddb8d140d70fe3d6ca MD5 | raw file

<?php
//=========================================
//This code is copyright (c) Internet Business Solutions SL, all rights reserved.
//The contents of this file are protected under law as the intellectual property
//of Internet Business Solutions SL. Any use, reproduction, disclosure or copying
//of any kind without the express and written permission of Internet Business 
//Solutions SL is forbidden.
//Author: Vince Reid, vince@virtualred.net
function microtime_float() {
   list($usec, $sec) = explode(' ', microtime());
   return((float)$usec + (float)$sec);
}
ob_start();
session_cache_limiter('none');
session_start();
include('init.php');
include(APPPATH.'views/partials/admin/dbconnection.php');
include(APPPATH.'views/partials/admin/includes.php');
include(APPPATH.'views/pages/admin/email.php');
include(APPPATH.'views/partials/admin/languagefile.php');
include(APPPATH.'views/partials/admin/functions.php');
include(APPPATH.'views/pages/admin/deliverydate.php');

if(@$debugmode==TRUE) $time_start = microtime_float();
$enableclientlogin=FALSE;
if(@$dateadjust=='') $dateadjust=0;
$usehst=FALSE;
$maxcacheid=0;
function sendNotificationEmail($orderID) {
	$to = "karen@reminderband.com";
	$subject = "Order Cancelled by Google Checkout";
	$message = "Order Number: $orderID\n";
	$message .= "This order was cancelled by Google Checkout please cancel this order in Fishbowl.";
	mail($to, $subject, $message, "From: Google Checkout");
}
function getgcsessionsql(){
	global $hasclientid,$thesessionid;
	return ($hasclientid ? 'cartClientID=' . $thesessionid : 'cartSessionID="' . $thesessionid . '"');
}
function getgcordersessionsql(){
	global $hasclientid,$thesessionid;
	return ($hasclientid ? 'ordClientID=' . $thesessionid : 'ordSessionID="' . $thesessionid . '"');
}
function writeresultstructure(){
	global $cpncodes,$cpnmessage,$shipmethod,$cacheaddress,$responsexml,$maxcacheid,$noshipping,$addressid,$countryCurrency,$shipping,$handling,$freeshipamnt,$cpncode,$gotcpncode,$totaldiscounts,$stateTax,$countryTax,$appliedcouponname,$appliedcouponamount;
	$responsexml2 = '<result' . ($noshipping ? '' : ' shipping-name="' . $shipmethod . '"') . ' address-id="' . $addressid . '">';
	if(! $noshipping) $responsexml2 .= '<shipping-rate currency="' . $countryCurrency . '">' . round(($shipping+$handling)-$freeshipamnt, 2) . '</shipping-rate>';
	$responsexml2 .= '<shippable>true</shippable>';
	if(count($cpncodes) > 0){
		$responsexml2 .= '<merchant-code-results>';
		foreach($cpncodes as $key => $value){
			if($value==$cpncode){
				$responsexml2 .= '<coupon-result><valid>' . ($gotcpncode ? 'true' : 'false') . '</valid>';
				if($totaldiscounts>0) $responsexml2 .= '<calculated-amount currency="' . $countryCurrency . '">' . $appliedcouponamount . '</calculated-amount>';
				$responsexml2 .= '<code>' . $cpncode . '</code>';
				if($cpnmessage != '')
					$responsexml2 .= '<message>' . xmlencodecharref(str_replace('<br />',"\r\n",$appliedcouponname)) . '</message>';
				$responsexml2 .= '</coupon-result>';
			}else{
				$responsexml2 .= '<coupon-result><valid>false</valid>';
				$responsexml2 .= '<code>' . $value . '</code>';
				$responsexml2 .= '<message>This coupon is not valid in conjunction with other coupons.</message>';
				$responsexml2 .= '</coupon-result>';
			}
		}
		$responsexml2 .= '</merchant-code-results>';
	}
	$responsexml2 .= '<total-tax currency="' . $countryCurrency . '">' . round($stateTax+$countryTax,2) . '</total-tax>';
	$responsexml2 .= '</result>';
	$responsexml .= $responsexml2;
	$cacheaddress[$maxcacheid][3] .= $responsexml2;
}
/*function release_stock($smOrdId){
	global $stockManage;
	if($stockManage != 0){
		$sSQL="SELECT cartID,cartProdID,cartQuantity,pStockByOpts FROM cart INNER JOIN products ON cart.cartProdID=products.pID WHERE cartCompleted=1 AND cartOrderID=" . $smOrdId;
		$result = mysql_query($sSQL) or print(mysql_error());
		while($rs = mysql_fetch_array($result)){
			if(((int)$rs['pStockByOpts'] <> 0)){
				$sSQL = "SELECT coOptID FROM cartoptions INNER JOIN options ON cartoptions.coOptID=options.optID INNER JOIN optiongroup ON options.optGroup=optiongroup.optGrpID  WHERE optType IN (-2,-1,1,2) AND coCartID=" . $rs["cartID"];
				$result2 = mysql_query($sSQL) or print(mysql_error());
				while($rs2 = mysql_fetch_array($result2)){
					$sSQL = "UPDATE options SET optStock=optStock+" . $rs["cartQuantity"] . " WHERE optID=" . $rs2["coOptID"];
					mysql_query($sSQL) or print(mysql_error());
				}
				mysql_free_result($result2);
			}else{
				$sSQL = "UPDATE products SET pInStock=pInStock+" . $rs["cartQuantity"] . " WHERE pID='" . $rs["cartProdID"] . "'";
				mysql_query($sSQL) or print(mysql_error());
			}
		}
		mysql_free_result($result);
	}
}*/
$alreadygotadmin = getadminsettings();

$success = getpayprovdetails(20,$googledata1,$googledata2,$googledata3,$googledemomode,$ppmethod);
if(isset($HTTP_RAW_POST_DATA))
	$xmlResponse = $HTTP_RAW_POST_DATA;
else
	$xmlResponse = implode("\r\n", file('php://input'));

$xmlResponse2 = '<?xml version="1.0" encoding="UTF-8"?> <new-order-notification xmlns="http://checkout.google.com/schema/2" serial-number="8XXXXXX3-5641-4a2b-93d2-7XXXXXX3daa9"> <timestamp>2007-01-25T04:09:58.522Z</timestamp> <shopping-cart> <items> <item> <quantity>1</quantity> <unit-price currency="USD">amount</unit-price> <item-name>Payment request from Blue Rose Video Games</item-name> <item-description>Order #4846 @ Blue Rose Video Games</item-description> </item> </items> </shopping-cart> <order-adjustment> <merchant-codes /> <total-tax currency="USD">0.0</total-tax> <adjustment-total currency="USD">0.0</adjustment-total> </order-adjustment> <google-order-number>63486XXXXX55603</google-order-number> <buyer-shipping-address> <email>email address</email> <address1>address</address1> <address2></address2> <contact-name>name</contact-name> <company-name></company-name> <phone></phone> <fax></fax> <country-code>US</country-code> <city>city</city> <region>st</region> <postal-code>zip</postal-code> </buyer-shipping-address> <buyer-billing-address> <email>email address</email> <address1>address</address1> <address2></address2> <contact-name>name</contact-name> <company-name></company-name> <phone></phone> <fax></fax> <country-code>US</country-code> <city>city</city> <region>st</region> <postal-code>zip</postal-code> </buyer-billing-address> <buyer-marketing-preferences> <email-allowed>false</email-allowed> </buyer-marketing-preferences> <order-total currency="USD">amount</order-total> <fulfillment-order-state>NEW</fulfillment-order-state> <financial-order-state>REVIEWING</financial-order-state> <buyer-id>26489XXXXX70857</buyer-id> </new-order-notification>';
// print str_replace("<","<br />&lt;",str_replace("</","&lt;/",$xmlResponse2)) . "<br />\n";

$responsexml='';
$standalonetestmode=FALSE;

if($standalonetestmode) $xmlResponse=$xmlResponse2;

if(@$disablebasicauth==TRUE){
	// Do Nothing
}elseif($success){
	$http_auth = @$_SERVER['HTTP_AUTHORIZATION'];
	if($http_auth=='') $http_auth = @$_SERVER['HTTP_AUTHENTICATION'];
	if($http_auth==''){
		if($googledata1!=@$_SERVER['PHP_AUTH_USER'] || $googledata2!=@$_SERVER['PHP_AUTH_PW'] || $googledata1=='')
			$success=FALSE;
	}elseif(substr($http_auth, 0, 6)=='Basic '){
		$http_auth = substr($http_auth, 6);
		$http_auth = base64_decode($http_auth);
		if(strpos($http_auth, ':')===FALSE){
			$success=FALSE;
		}else{
			$auth_split = split(':',$http_auth);
			if($googledata1 != $auth_split[0] || $googledata2 != $auth_split[1]) $success=FALSE;
		}
	}else
		$success=FALSE;
	if($debugmode){
		if(@$_SERVER['PHP_AUTH_USER']=='' && @$_SERVER['PHP_AUTH_PW']=='' && @$_SERVER['HTTP_AUTHENTICATION']=='' && @$_SERVER['HTTP_AUTHORIZATION']==''){
			$responsexml .= 'Checking authentication. Basic auth sent by Google is blank.' . "\n";
			foreach($_SERVER as $key => $value){
				$responsexml .= $key . " : " . $value . "\n";
			}
		}
	}
}
if($standalonetestmode) $success=TRUE;
if(! $success){
	// response.clear
	if(! $standalonetestmode){
		header('HTTP/1.1 401 Unauthorized');
		echo '<html><head><title>401 Unauthorized</title></head><body>';
		echo 'I\'m sorry, you are not authorized to view this page.<br>';
		echo '</body></html>';
	}else
		print 'auth failure<br>';
}else{
	$gcXmlDoc = new vrXMLDoc($xmlResponse);
	$nodeList = $gcXmlDoc->nodeList->childNodes[0];
	$thismessage = $gcXmlDoc->nodeList->nodeName[0];
	switch ($thismessage) {
	case 'merchant-calculation-callback':
		$cartisincluded=TRUE;
		$cpncode='';
		$ordPayProvider=20;
		if($standalonetestmode) print '<html><body>';
		$responsexml = '<?xml version="1.0" encoding="UTF-8"?>';
		$responsexml .= '<merchant-calculation-results xmlns="http://checkout.google.com/schema/2">';
		$responsexml .= '<results>';
		$thesessionid = $nodeList->getValueByTagName('sessionid');
		if(substr($thesessionid,0,3)=='cid') $hasclientid=TRUE; else $hasclientid=FALSE;
		$thesessionid = str_replace("'",'',substr($thesessionid,3));
		$clientuser = trim($nodeList->getValueByTagName('clientuser'));
		$_SESSION['clientUser']='';
		if($hasclientid){
			$_SESSION['clientID']=$thesessionid;
			$sSQL = "SELECT clUserName,clActions,clLoginLevel,clPercentDiscount FROM customerlogin WHERE clID='" . mysql_real_escape_string($thesessionid) . "'";
			$result = mysql_query($sSQL) or print(mysql_error());
			if($rs = mysql_fetch_array($result)){
				$_SESSION['clientUser']=$rs['clUserName'];
				$_SESSION['clientActions']=$rs['clActions'];
				$_SESSION['clientLoginLevel']=$rs['clLoginLevel'];
				$_SESSION['clientPercentDiscount']=(100.0-(double)$rs['clPercentDiscount'])/100.0;
			}
			mysql_free_result($result);
		}
		include(APPPATH.'views/pages/admin/uspsshipping.php');
		include(APPPATH.'views/pages/admin/cart.php');
		$all_coupons='';
		for($i1 = 0; $i1 < $nodeList->length; $i1++){
			if($nodeList->nodeName[$i1]=='calculate'){
				$obj2=$nodeList->childNodes[$i1];
				$shipmethods=array();
				$cpncodes=array();
				$usestateabbrev=TRUE;
				$savehandling=$handling;
				$cpnmessage = '<br />';
				for($i2 = 0; $i2 < $obj2->length; $i2++){
					if($obj2->nodeName[$i2]=='shipping'){
						$obj3=$obj2->childNodes[$i2];
						for($i3 = 0; $i3 < $obj3->length; $i3++){
							if($obj3->nodeName[$i3]=='method'){
								$themethod = getattributes($obj3->attributes[$i3], 'name');
								array_push($shipmethods, $themethod);
							}
						}
					}elseif($obj2->nodeName[$i2]=='merchant-code-strings'){
						$obj3=$obj2->childNodes[$i2];
						for($i3 = 0; $i3 < $obj3->length; $i3++){
							if($obj3->nodeName[$i3]=='merchant-code-string'){
								$cpncode = getattributes($obj3->attributes[$i3], 'code'); // Because they arrive in NON reverse order
								array_push($cpncodes, $cpncode);
								$all_coupons.=$cpncode.' ';
							}
						}
					}
				}
				$saveshipmethods = $shipmethods;
				for($i2 = 0; $i2 < $obj2->length; $i2++){
					if($obj2->nodeName[$i2]=='addresses'){
						$obj3=$obj2->childNodes[$i2];
						for($i3 = 0; $i3 < $obj3->length; $i3++){
							if($obj3->nodeName[$i3]=='anonymous-address'){
								$shipmethods = $saveshipmethods;
								$numshipoptions=0;
								$totShipOptions=0;
								$freeshippingapplied=FALSE;
								$noshipping=($shipType==0);
								$totaldiscounts=0;
								$gotcpncode=FALSE;
								$cpnmessage = '<br />';
								$iTotItems = 0;
								$destinationsupported=TRUE;
								$addressid = getattributes($obj3->attributes[$i3], 'id');
								$obj4=$obj3->childNodes[$i3];
								for($i4 = 0; $i4 < $obj4->length; $i4++){
									if($obj4->nodeName[$i4]=='country-code'){
										$shipCountryCode = $obj4->nodeValue[$i4];
									}elseif($obj4->nodeName[$i4]=='region'){
										$shipstate = $obj4->nodeValue[$i4];
									}elseif($obj4->nodeName[$i4]=='postal-code'){
										$destZip = $obj4->nodeValue[$i4];
									}
								}
								// Firstly check in the cache
								$foundincache=-1;
								for($gindex3=0; $gindex3 < $maxcacheid; $gindex3++){
									if($cacheaddress[$gindex3][0]==$destZip && $cacheaddress[$gindex3][1]==$shipCountryCode) $foundincache=$gindex3;
								}
								if($foundincache >= 0){
									$responsexml .= str_replace($cacheaddress[$foundincache][2], $addressid, $cacheaddress[$foundincache][3]);
								}else{
									$cacheaddress[$maxcacheid][0] = $destZip;
									$cacheaddress[$maxcacheid][1] = $shipCountryCode;
									$cacheaddress[$maxcacheid][2] = $addressid;
									$cacheaddress[$maxcacheid][3] = '';
									$sSQL = "SELECT countryID,countryName,countryTax,countryCode,countryFreeShip,countryOrder,countryEnabled FROM countries WHERE countryCode='" . mysql_real_escape_string($shipCountryCode) . "'";
									$result = mysql_query($sSQL) or print(mysql_error());
									if($rs = mysql_fetch_array($result)){
										//if trim(Session("clientUser")) <> "" AND (Session("clientActions") AND 2)=2 then countryTaxRate=0 else countryTaxRate = $rs['countryTax")
										$shipCountryID = $rs['countryID'];
										$shipCountryCode = $rs['countryCode'];
										$freeshipapplies = ($rs['countryFreeShip']==1);
										$shiphomecountry = ($rs['countryOrder']==2);
										$shipcountry = $rs['countryName'];
										if($rs['countryEnabled']==0) $destinationsupported=FALSE;
									}
									if($shiphomecountry){
										$sSQL = "SELECT stateTax,stateAbbrev,stateFreeShip,stateEnabled FROM states WHERE stateAbbrev='" . mysql_real_escape_string($shipstate) . "'";
										$result = mysql_query($sSQL) or print(mysql_error());
										if($rs = mysql_fetch_array($result)){
											$stateTaxRate=$rs['stateTax'];
											$shipStateAbbrev=$rs['stateAbbrev'];
											$freeshipapplies=($freeshipapplies && ($rs['stateFreeShip']==1));
											if($rs['stateEnabled']==0) $destinationsupported=FALSE;
										}
									}
									if(! $destinationsupported){
										foreach($shipmethods as $key => $shipmethod){
											$responsexml .= '<result' . ($noshipping ? '' : ' shipping-name="' . $shipmethod . '"') . ' address-id="' . $addressid . '"><shipping-rate currency="' . $countryCurrency . '">0.00</shipping-rate><shippable>false</shippable><total-tax currency="' . $countryCurrency . '">0.00</total-tax></result>';
										}
									}else{
										initshippingmethods();
										$totalgoods=0;
										$alldata='';
										$index = 0;
										$sSQL = "SELECT cartID,cartProdID,cartProdName,cartProdPrice,cartQuantity,pWeight,pShipping,pShipping2,pExemptions,pSection,topSection,pDims,pTax," . getlangid('pDescription',2) . " FROM cart INNER JOIN products ON cart.cartProdID=products.pID LEFT OUTER JOIN sections ON products.pSection=sections.sectionID WHERE cartCompleted=0 AND " . getgcsessionsql();
										if($standalonetestmode) print $sSQL . "<br>";
										$allcart = mysql_query($sSQL) or print(mysql_error());
										if(($itemsincart = mysql_num_rows($allcart)) > 0){
											while($rsCart=mysql_fetch_array($allcart)){
												$index++;
												$sSQL = "SELECT SUM(coPriceDiff) AS coPrDff FROM cartoptions WHERE coCartID=". $rsCart["cartID"];
												$result = mysql_query($sSQL) or print(mysql_error());
												if($rs = mysql_fetch_array($result)){
													$rsCart["cartProdPrice"] += (double)$rs["coPrDff"];
												}
												mysql_free_result($result);
												$sSQL = "SELECT SUM(coWeightDiff) AS coWghtDff FROM cartoptions WHERE coCartID=". $rsCart["cartID"];
												$result = mysql_query($sSQL) or print(mysql_error());
												if($rs = mysql_fetch_array($result)){
													$rsCart["pWeight"] += (double)$rs["coWghtDff"];
												}
												mysql_free_result($result);
												$runTot=$rsCart["cartProdPrice"] * (int)($rsCart["cartQuantity"]);
												$totalquantity += (int)($rsCart["cartQuantity"]);
												$totalgoods += $runTot;
												$thistopcat=0;
												if(trim(@$_SESSION['clientUser']) != '') $rsCart['pExemptions'] = ((int)$rsCart['pExemptions'] | (int)$_SESSION['clientActions']);
												if(($shipType==2 || $shipType==3 || $shipType==4 || $shipType==6 || $shipType==7) && (double)$rsCart['pWeight']<=0.0)
													$rsCart['pExemptions'] = ($rsCart['pExemptions'] | 4);
												if(($rsCart['pExemptions'] & 1)==1) $statetaxfree += $runTot;
												if(@$perproducttaxrate==TRUE){
													if(is_null($rsCart['pTax'])) $rsCart['pTax'] = $countryTaxRate;
													if(($rsCart['pExemptions'] & 2) != 2) $countryTax += (($rsCart['pTax'] * $runTot) / 100.0);
												}else{
													if(($rsCart['pExemptions'] & 2)==2) $countrytaxfree += $runTot;
												}
												if(($rsCart['pExemptions'] & 4)==4) $shipfreegoods += $runTot;
												addproducttoshipping($rsCart, $index);
											}
										}else{
											$errormsg = "Error, couldn't find cart";
											$success=FALSE;
										}
										calculatediscounts($totalgoods, false, $cpncode);
										if($totaldiscounts > $totalgoods) $totaldiscounts = $totalgoods;
										if($success && calculateshipping()){
											$freeshipamnt=0;
											insuranceandtaxaddedtoshipping();
											calculateshippingdiscounts(false);
											$freeshipamnt=0;
											$cpnmessage = substr($cpnmessage, 6);
											if(count($shipmethods) == 0){
												$noshipping=TRUE;
												$handling=$savehandling;
												$shipping=0;
												calculatetaxandhandling();
												writeresultstructure();
											}else{
												if($shipType==1 || ! $somethingToShip){
													foreach($shipmethods as $key => $shipmethod){
														if(xmlencodecharref($xxShipHa) == $shipmethod){
															$handling=$savehandling;
															if($freeshippingapplied) $shipping=0;
															$freeshipamnt=0;
															calculatetaxandhandling();
															writeresultstructure();
															$shipmethods[$key]='';
														}
													}
												}elseif($shipType>=2 && $shipType<=7){
													if($shipType==2 || $shipType==5) $totShipOptions=$numshipoptions; else $totShipOptions=$maxshipoptions;
													for($gindex4=0; $gindex4 < $totShipOptions; $gindex4++){
														foreach($shipmethods as $key => $shipmethod){
															// print "matching: " . $intShipping[$gindex4][5] . " : " . $intShipping[$gindex4][4] . " : " . $shipmethod . "<br>";
															if($shipmethod==''){
																// Already matched
															}elseif($shipType==3){
																if($iTotItems==$intShipping[$gindex4][3]){
																	if(xmlencodecharref($intShipping[$gindex4][5]) == $shipmethod){
																		$handling=$savehandling;
																		$isstandardship=0;
																		for($gindex12=0;$gindex12<$numuspsmeths;$gindex12++){
																			if(str_replace('-',' ',strtolower($shipmethod)) == str_replace('-',' ',strtolower($uspsmethods[$gindex12][2])))
																				$isstandardship=(int)$uspsmethods[$gindex12][1];
																		}
																		if($freeshippingapplied && $isstandardship != 0) $shipping=0; else $shipping=$intShipping[$gindex4][2];
																		calculatetaxandhandling();
																		writeresultstructure();
																		$shipmethods[$key]='';
																	}
																}
															}elseif($shipType==4 || $shipType==6 || $shipType==7){
																if($intShipping[$gindex4][3]==TRUE){
																	if(xmlencodecharref($intShipping[$gindex4][0]) == $shipmethod){
																		$handling=$savehandling;
																		if($freeshippingapplied && $intShipping[$gindex4][4] != 0) $shipping=0; else $shipping=$intShipping[$gindex4][2];
																		calculatetaxandhandling();
																		writeresultstructure();
																		$shipmethods[$key]='';
																	}
																}
															}else{
																// print "matching: " . $intShipping[$gindex4][0] . " : " . $intShipping[$gindex4][4] . " : " . $shipmethod . "<br>";
																if(xmlencodecharref($intShipping[$gindex4][0]) == $shipmethod){
																	$handling=$savehandling;
																	if($freeshippingapplied && $intShipping[$gindex4][4] != 0) $shipping=0; else $shipping=$intShipping[$gindex4][2];
																	calculatetaxandhandling();
																	writeresultstructure();
																	$shipmethods[$key]='';
																}
															}
														}
													}
												}elseif($shipType==0){
													$handling=$savehandling;
													$shipping=0;
													calculatetaxandhandling();
													writeresultstructure();
												}
												if(@$willpickuptext != ''){
													$noshipping=FALSE;
													foreach($shipmethods as $key => $shipmethod){
														if(xmlencodecharref($willpickuptext) == $shipmethod){
															if(@$willpickupcost=='') $willpickupcost=0;
															$handling=$savehandling;
															$shipping=$willpickupcost;
															$freeshipamnt=0;
															calculatetaxandhandling();
															writeresultstructure();
															$shipmethods[$key]='';
														}
													}
												}
												foreach($shipmethods as $key => $shipmethod){
													if($shipmethod != ''){
														$responsexml2 = '<result' . ($noshipping ? '' : ' shipping-name="' . $shipmethod . '"') . ' address-id="' . $addressid . '"><shipping-rate currency="' . $countryCurrency . '">0.00</shipping-rate><shippable>false</shippable><total-tax currency="' . $countryCurrency . '">0.00</total-tax></result>';
														$responsexml .= $responsexml2;
														$cacheaddress[$maxcacheid][3] .= $responsexml2;
													}
												}
											}
										}else{
											$responsexml .= '<error-message>' . $errormsg . '</error-message>';
										}
										$maxcacheid++;
									}
								}
							}
						}
					}
				}
			}
		}
		$responsexml .= '</results></merchant-calculation-results>';
		if($standalonetestmode)
			print "<HR>" . str_replace("<","<br />&lt;",str_replace('</','&lt;/',$responsexml)) . "<br />\n";
		else{
			ob_end_clean();
			print $responsexml;
		}
	break;
	
	case 'new-order-notification':
		function get_google_address($xmlobj,&$gEmail,&$gName,&$gAddress,&$gAddress2,&$gCity,&$gState,&$gZip,&$gCountry,&$gPhone){
			for($index2=0; $index2 < $xmlobj->length; $index2++){
				switch($xmlobj->nodeName[$index2]){
				case "email":
					$gEmail=$xmlobj->nodeValue[$index2];
				break;
				case "contact-name":
					$gName=$xmlobj->nodeValue[$index2];
				break;
				case "address1":
					$gAddress=$xmlobj->nodeValue[$index2];
				break;
				case "address2":
					$gAddress2=$xmlobj->nodeValue[$index2];
				break;
				case "city":
					$gCity=$xmlobj->nodeValue[$index2];
				break;
				case "region":
					$gState=$xmlobj->nodeValue[$index2];
				break;
				case "postal-code":
					$gZip=$xmlobj->nodeValue[$index2];
				break;
				case "country-code":
					$gCountry=$xmlobj->nodeValue[$index2];
				break;
				case "phone":
					$gPhone=$xmlobj->nodeValue[$index2];
				break;
				}
			}
		}
		$totaldiscounts=0;
		$stateTax=0;
		$countryTax=0;
		$totalgoods=0;
		$handling=0;
		$shipping=0;
		$freeshipamnt=0;
		$cpnmessage='';
		$ordComLoc=0;
		$ordAddInfo='';
		$ordAffiliate='';
		$ordExtra1='';
		$ordExtra2='';
		$ordShipExtra1='';
		$ordShipExtra2='';
		$ordCheckoutExtra1='';
		$ordCheckoutExtra2='';
		$success=TRUE;
		for($i1 = 0; $i1 < $nodeList->length; $i1++){
			switch($nodeList->nodeName[$i1]){
			case "google-order-number":
				$ordAuthNumber=$nodeList->nodeValue[$i1];
			break;
			case "order-total":
				$ordTotal=$nodeList->nodeValue[$i1];
			break;
			case "shopping-cart":
				$hasclientid=FALSE;
				$thesessionid = '0';
				$thesessionid = $nodeList->childNodes[$i1]->getValueByTagName('sessionid');
				if(substr($thesessionid,0,3)=='cid') $hasclientid=TRUE;
				$thesessionid = str_replace("'", '', substr($thesessionid,3));
				$thissession=$thesessionid;				
				if($thesessionid==''){
					$success=FALSE;
					$thesessionid = '0';
				}
				$ordAffiliate = $nodeList->childNodes[$i1]->getValueByTagName('partner');
				$obj2=$nodeList->childNodes[$i1];
				for($i2 = 0; $i2 < $obj2->length; $i2++){
					if($obj2->nodeName[$i2]=='items'){
						$obj3=$obj2->childNodes[$i2];
						for($i3 = 0; $i3 < $obj3->length; $i3++){
							if($obj3->nodeName[$i3]=='item'){
								$obj4=$obj3->childNodes[$i3];
								if(($objdisc = $obj4->getValueByTagName("discountflag")) != null){
									if($objdisc=='true'){
										$obj5 = $obj4->getValueByTagName("unit-price");
										$totaldiscounts -= $obj5;
										$obj5 = $obj4->getValueByTagName("item-description");
										$cpnmessage = str_replace(' - ', '<br />', $obj5) . '<br />' . $cpnmessage;
									}
								}
							}
						}
					}
				}
			break;
			case "total-tax":
				$countryTax=$nodeList->nodeValue[$i1];
			break;
			case "order-adjustment":
				$obj2=$nodeList->childNodes[$i1];
				for($i2 = 0; $i2 < $obj2->length; $i2++){
					if($obj2->nodeName[$i2]=='merchant-codes'){
						$obj3=$obj2->childNodes[$i2];
						for($i3 = 0; $i3 < $obj3->length; $i3++){
							if($obj3->nodeName[$i3]=='coupon-adjustment'){
								$obj4=$obj3->childNodes[$i3];
								for($i4 = 0; $i4 < $obj4->length; $i4++){
									if($obj4->nodeName[$i4]=='applied-amount')
										$totaldiscounts += $obj4->nodeValue[$i4];
									elseif($obj4->nodeName[$i4]=='message')
										$cpnmessage = $obj4->nodeValue[$i4] . '<br />' . $cpnmessage;
								}
							}
						}
					}elseif($obj2->nodeName[$i2]=='shipping'){
						$obj3=$obj2->childNodes[$i2];
						if(($obj4 = $obj3->getValueByTagName("shipping-name")) != null) $shipMethod=$obj4;
						if(($obj4 = $obj3->getValueByTagName("shipping-cost")) != null) $shipping=$obj4;
					}elseif($obj2->nodeName[$i2]=='total-tax'){
						$countryTax += $obj2->nodeValue[$i2];
					}
				}
			break;
			case "buyer-billing-address":
				get_google_address($nodeList->childNodes[$i1],$ordEmail,$ordName,$ordAddress,$ordAddress2,$ordCity,$ordState,$ordZip,$ordCountry,$ordPhone);
			break;
			case "buyer-shipping-address":
				get_google_address($nodeList->childNodes[$i1],$dummyEmail,$ordShipName,$ordShipAddress,$ordShipAddress2,$ordShipCity,$ordShipState,$ordShipZip,$ordShipCountry,$ordShipPhone);
			break;
			}
		}
		if($success){
			$sSQL = "SELECT cartID FROM cart WHERE cartCompleted=0 AND " . getgcsessionsql();
			$result = mysql_query($sSQL) or print(mysql_error());
			$thissql=$sSQL;
			$success = (mysql_num_rows($result) > 0);
		}
		if($success){
			$totalgoods = ($ordTotal - ($stateTax+$countryTax+$shipping+$handling)) + $totaldiscounts;
			$sSQL = "SELECT ordID FROM orders WHERE ordAuthNumber='' AND " . getgcordersessionsql();
			$result = mysql_query($sSQL) or print(mysql_error());
			if($rs = mysql_fetch_array($result))
				$orderid=$rs["ordID"];
			else
				$orderid="";
			mysql_free_result($result);
			if($ordShipName=='' && $ordShipAddress=='' && $ordShipAddress2=='' && $ordShipCity=='') $ordShipCountry='';
			if($orderid==""){
				if(stristr('AA,AE,AP',$ordState)) $ordPoApo=1;
				else $ordPoApo=0;
				if(stristr('AA,AE,AP',$ordShipState)) $ordShipPoApo=1;
				else $ordShipPoApo=0;
				$sSQL = "INSERT INTO orders (ordSessionID,ordName,ordAddress,ordAddress2,ordCity,ordState,ordZip,ordCountry,ordEmail,ordPhone,ordShipName,ordShipAddress,ordShipAddress2,ordShipCity,ordShipState,ordShipZip,ordShipCountry,ordPayProvider,ordAuthNumber,ordShipping,ordStateTax,ordCountryTax,ordHSTTax,ordHandling,ordShipType,ordTotal,ordDate,ordStatus,ordStatusDate,ordComLoc,ordIP,ordAffiliate,ordExtra1,ordExtra2,ordDiscount,ordDiscountText,ordAddInfo,ordPoApo,ordShipPoApo,ord_cert_amt,ordEID) VALUES (";
				$sSQL .= "'" . $thesessionid . "',";
				//if($hasclientid) $sSQL .= "'" . mysql_real_escape_string($thesessionid) . "',"; else $sSQL .= "'0',";
				$sSQL .= "'" . mysql_real_escape_string($ordName) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordAddress) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordAddress2) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordCity) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordState) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordZip) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordCountry) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordEmail) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordPhone) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordShipName) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordShipAddress) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordShipAddress2) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordShipCity) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordShipState) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordShipZip) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordShipCountry) . "',";
				$sSQL .= "'20',"; // ordPayProvider
				$sSQL .= "'" . $ordAuthNumber . "',";
				$sSQL .= "'" . mysql_real_escape_string($shipping-$freeshipamnt) . "',";
				if($usehst){
					$sSQL .= "0,";
					$sSQL .= "0,";
					$sSQL .= ($stateTax + $countryTax) . ",";
				}else{
					$sSQL .= "'" . mysql_real_escape_string($stateTax) . "',";
					$sSQL .= "'" . mysql_real_escape_string($countryTax) . "',";
					$sSQL .= "0,";
				}
				$sSQL .= "'" . mysql_real_escape_string($handling) . "',";
				$sSQL .= "'" . mysql_real_escape_string($shipMethod) . "',";
				/*if($adminIntShipping != 0 && $ordShipCountry != $origCountryCode)
					$sSQL .= "'" . mysql_real_escape_string($adminIntShipping) . "',";
				else
					$sSQL .= "'" . mysql_real_escape_string($shipType) . "',";*/
				$sSQL .= "'" . mysql_real_escape_string($totalgoods) . "',";
				$sSQL .= "'" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "',";
				$sSQL .= "2,"; // Status
				$sSQL .= "'" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "',";
				$sSQL .= "'" . $ordComLoc . "',";
				$sSQL .= "'',"; // IP
				$sSQL .= "'" . mysql_real_escape_string(trim($ordAffiliate)) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordExtra1) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordExtra2) . "',";
				/*$sSQL .= "'" . mysql_real_escape_string($ordShipExtra1) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordShipExtra2) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordCheckoutExtra1) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordCheckoutExtra2) . "',";*/
				$sSQL .= "'" . mysql_real_escape_string($totaldiscounts) . "',";
				$sSQL .= "'" . mysql_real_escape_string(trim(substr($cpnmessage,0,255))) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordAddInfo) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordPoApo) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordShipPoApo) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ord_cert_amt) . "',";
				$sSQL .= "'" . mysql_real_escape_string($ordEID) . "')";
				mysql_query($sSQL) or $sqlerror=(mysql_error());
				$orderid = mysql_insert_id();
				if(!setNewLocation( 2 , $orderid ));
			}else{
				$sSQL = "UPDATE orders SET ";
				$sSQL .= "ordSessionID='" . mysql_real_escape_string($thesessionid) . "',";
				$sSQL .= "ordName='" . mysql_real_escape_string($ordName) . "',";
				$sSQL .= "ordAddress='" . mysql_real_escape_string($ordAddress) . "',";
				$sSQL .= "ordAddress2='" . mysql_real_escape_string($ordAddress2) . "',";
				$sSQL .= "ordCity='" . mysql_real_escape_string($ordCity) . "',";
				$sSQL .= "ordState='" . mysql_real_escape_string($ordState) . "',";
				$sSQL .= "ordZip='" . mysql_real_escape_string($ordZip) . "',";
				$sSQL .= "ordCountry='" . mysql_real_escape_string($ordCountry) . "',";
				$sSQL .= "ordEmail='" . mysql_real_escape_string($ordEmail) . "',";
				$sSQL .= "ordPhone='" . mysql_real_escape_string($ordPhone) . "',";
				$sSQL .= "ordShipName='" . mysql_real_escape_string($ordShipName) . "',";
				$sSQL .= "ordShipAddress='" . mysql_real_escape_string($ordShipAddress) . "',";
				$sSQL .= "ordShipAddress2='" . mysql_real_escape_string($ordShipAddress2) . "',";
				$sSQL .= "ordShipCity='" . mysql_real_escape_string($ordShipCity) . "',";
				$sSQL .= "ordShipState='" . mysql_real_escape_string($ordShipState) . "',";
				$sSQL .= "ordShipZip='" . mysql_real_escape_string($ordShipZip) . "',";
				$sSQL .= "ordShipCountry='" . mysql_real_escape_string($ordShipCountry) . "',";
				$sSQL .= "ordPayProvider='20',";
				$sSQL .= "ordAuthNumber='" . $ordAuthNumber . "',"; // Not yet authorized
				$sSQL .= "ordShipping='" . ($shipping - $freeshipamnt) . "',";
				if($usehst){
					$sSQL .= "ordStateTax=0,";
					$sSQL .= "ordCountryTax=0,";
					$sSQL .= "ordHSTTax=" . ($stateTax + $countryTax) . ",";
				}else{
					$sSQL .= "ordStateTax='" . $stateTax . "',";
					$sSQL .= "ordCountryTax='" . $countryTax . "',";
					$sSQL .= "ordHSTTax=0,";
				}
				$sSQL .= "ordHandling='" . $handling . "',";
				$sSQL .= "ordShipType='" . $shipMethod . "',";
				/*if($adminIntShipping != 0 && $ordShipCountry != $origCountryCode)
					$sSQL .= "ordShipCarrier='" . $adminIntShipping . "',";
				else
					$sSQL .= "ordShipCarrier='" . $shipType . "',";*/
				$sSQL .= "ordTotal='" . $totalgoods . "',";
				$sSQL .= "ordDate='" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "',";
				$sSQL .= "ordComLoc=" . $ordComLoc . ",";
				$sSQL .= "ordIP='" . @$_SERVER["REMOTE_ADDR"] . "',";
				$sSQL .= "ordAffiliate='" . mysql_real_escape_string(trim($ordAffiliate)) . "',";
				/*$sSQL .= "ordExtra1='" . mysql_real_escape_string($ordExtra1) . "',";
				$sSQL .= "ordExtra2='" . mysql_real_escape_string($ordExtra2) . "',";
				$sSQL .= "ordShipExtra1='" . mysql_real_escape_string($ordShipExtra1) . "',";
				$sSQL .= "ordShipExtra2='" . mysql_real_escape_string($ordShipExtra2) . "',";
				$sSQL .= "ordCheckoutExtra1='" . mysql_real_escape_string($ordCheckoutExtra1) . "',";
				$sSQL .= "ordCheckoutExtra2='" . mysql_real_escape_string($ordCheckoutExtra2) . "',";*/
				$sSQL .= "ordDiscount='" . $totaldiscounts . "',";
				$sSQL .= "ordDiscountText='" . mysql_real_escape_string(trim(substr($cpnmessage,0,255))) . "',";
				$sSQL .= "ordAddInfo='" . mysql_real_escape_string($ordAddInfo) . "'";
				$sSQL .= " WHERE ordID='" . $orderid . "'";
				mysql_query($sSQL) or print(mysql_error());
			}
			$sSQL="UPDATE cart SET cartOrderID=". $orderid . ",cartCompleted=2 WHERE cartCompleted=0 AND " . getgcsessionsql();
			mysql_query($sSQL) or print(mysql_error());
			
			//split order if needed
			include(DOCROOT.'includes/splitorder.php');
			splitOrders($orderid);
			
			$cfurl='https://' . ($googledemomode ? 'sandbox' : 'checkout') . '.google.com' . ($googledemomode ? '/checkout' : '') . '/cws/v2/Merchant/' . $googledata1 . '/request';
			$acttext = '<add-merchant-order-number xmlns="http://checkout.google.com/schema/2" google-order-number="' . $ordAuthNumber . '"><merchant-order-number>' . $orderid . '</merchant-order-number></add-merchant-order-number>';
			if(@$pathtocurl != ""){
				exec($pathtocurl . ($cfcert != '' ? ' -E \'' . $cfcert . '\'' : '') . ' --data-binary \'' . str_replace("'","\'",'<?xml version="1.0" encoding="UTF-8"?>' . $acttext) . '\' ' . $cfurl, $cfres, $retvar);
				$cfres = implode("\n",$cfres);
			}else{
				if (!$ch = curl_init()) {
					print "cURL package not installed in PHP. Set \$pathtocurl parameter.";
					$success=FALSE;
				}else{
					curl_setopt($ch, CURLOPT_URL, $cfurl);
					$headers = array('Authorization: Basic ' . base64_encode($googledata1 . ":" . $googledata2), 'Content-Type: application/xml', 'Accept: application/xml');
					curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
					curl_setopt($ch, CURLOPT_POST, 1);
					curl_setopt($ch, CURLOPT_HEADER, 0);
					curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
					curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
					curl_setopt($ch, CURLOPT_POSTFIELDS, '<?xml version="1.0" encoding="UTF-8"?>' . $acttext);
					curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
					if(@$curlproxy!=''){
						curl_setopt($ch, CURLOPT_PROXY, $curlproxy);
					}
					$cfres = curl_exec($ch);
					if(curl_error($ch) == '')
						curl_close($ch);
				}
			}
		}
		print '<?xml version="1.0" encoding="UTF-8"?><notification-acknowledgment xmlns="http://checkout.google.com/schema/2"/>';
	break;
	case 'order-state-change-notification':
		$ordnumber = $nodeList->getValueByTagName('google-order-number');
		$sSQL = "SELECT ordID FROM orders WHERE ordAuthNumber='" . mysql_real_escape_string($ordnumber) . "' AND ordPayProvider=20";
		$result = mysql_query($sSQL) or print(mysql_error());
		if($rs = mysql_fetch_assoc($result))
			$ordID=$rs['ordID'];
		else
			$ordID='';
		$financialstate = str_replace("'",'',$nodeList->getValueByTagName('new-financial-order-state'));
		$oldfinancialstate = str_replace("'",'',$nodeList->getValueByTagName('previous-financial-order-state'));
		$fulfillmentstate = str_replace("'",'',$nodeList->getValueByTagName('new-fulfillment-order-state'));
		$oldfulfillmentstate = str_replace("'",'',$nodeList->getValueByTagName('previous-fulfillment-order-state'));
		if($ordID != ''){
			if($oldfinancialstate != $financialstate){
				$result = mysql_query("SELECT ordStatus FROM orders WHERE ordID='" . $ordID . "'") or print(mysql_error());
				if($rs = mysql_fetch_assoc($result)) $oldstatus=(int)$rs['ordStatus']; else $oldstatus=999;
				switch($financialstate){
				case "CHARGEABLE":
					if($oldstatus < 3) do_stock_management($ordID);
					mysql_query("UPDATE cart SET cartCompleted=1 WHERE cartOrderID=" . $ordID) or print(mysql_error());
					mysql_query("UPDATE orders SET ordStatus=5,ordStatusDate='" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "' WHERE ordID=" . $ordID) or print(mysql_error());
					if(!setNewLocation( 5 , $ordID ,'Automatic', 'Google' ));
					do_order_success($ordID,$emailAddr,$sendEmail && ($oldstatus < 3),FALSE,($oldstatus < 3),FALSE,FALSE);
				break;
				case "CHARGING":
				break;
				case "CHARGED":
					if($oldstatus < 3) do_stock_management($ordID);
					mysql_query("UPDATE cart SET cartCompleted=1 WHERE cartOrderID=" . $ordID) or print(mysql_error());
					mysql_query("UPDATE orders SET ordStatus=3,ordStatusDate='" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "' WHERE ordID=" . $ordID) or print(mysql_error());
					$sql_check="SELECT p.pDropship FROM cart c LEFT JOIN products p ON c.cartProdID=p.pID WHERE p.pDropship>0 AND c.cartOrderID=".$ordID;
					$result_check=mysql_query($sql_check);
					if(!$result_check)$num_rows=0;
					else $num_rows=mysql_num_rows($result_check);
					if(!setNewLocation( 3 , $ordID , 'Automatic','Google' ));
					if($num_rows>0) {
						if(!setNewLocation( 10 , $ordID , 'Automatic','Google Dropship' ));					
						mysql_query("UPDATE orders SET ordStatus=10,ordStatusDate='" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "' WHERE ordID=" . $ordID) or print(mysql_error());
					}
					do_order_success($ordID,$emailAddr,$sendEmail && ($oldstatus < 3),FALSE,($oldstatus < 3),TRUE,TRUE);
				break;
				case "PAYMENT_DECLINED":
					if($oldstatus >= 3) release_stock($ordID);
					mysql_query("UPDATE orders SET ordStatus=2,ordStatusDate='" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "' WHERE ordID=" . $ordID) or print(mysql_error());
					if(!setNewLocation( 2 , $ordID , 'Automatic','Google' ));
				break;
				case "CANCELLED":
					if($oldstatus >= 3) release_stock($ordID);
					mysql_query("UPDATE orders SET ordStatus=0,ordStatusDate='" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "' WHERE ordID=" . $ordID) or print(mysql_error());
					if(!setNewLocation( 0 , $ordID, 'Automatic','Google' ));
					//sendNotificationEmail($ordID);
				break;
				case "CANCELLED_BY_GOOGLE":
					if($oldstatus >= 3) release_stock($ordID);
					$sSQL = "SELECT ordStatusInfo FROM orders WHERE ordID=" . $ordID;
					$result = mysql_query($sSQL) or print(mysql_error());
					if($rs = mysql_fetch_array($result)) $currstatusinfo = $rs['ordStatusInfo']; else $currstatusinfo = '';
					mysql_query("UPDATE orders SET ordStatus=0,ordStatusDate='" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "',ordStatusInfo='" . mysql_real_escape_string('Cancelled By Google.' . "\r\n" . $currstatusinfo) . "' WHERE ordID=" . $ordID) or print(mysql_error());
					if(!setNewLocation( 0 , $ordID ,'Automatic','Cancelled By Google.'));
					//sendNotificationEmail($ordID);
				break;
				}
			}
			if($oldfulfillmentstate != $fulfillmentstate){
				if($googledeliveredstate=='') $googledeliveredstate=11;
				switch($fulfillmentstate){
				case "DELIVERED":
					mysql_query("UPDATE orders SET ordStatus=" . $googledeliveredstate . ",ordStatusDate='" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "' WHERE ordID=" . $ordID) or print(mysql_error());
					if(!setNewLocation( $googledeliveredstate , $ordID, 'Automatic','Google'));
				break;
				}
			}
		}
		print '<?xml version="1.0" encoding="UTF-8"?><notification-acknowledgment xmlns="http://checkout.google.com/schema/2"/>';
	break;
	case 'charge-amount-notification':
		print '<?xml version="1.0" encoding="UTF-8"?><notification-acknowledgment xmlns="http://checkout.google.com/schema/2"/>';
	break;
	case 'chargeback-amount-notification':
		$success=TRUE;
		$amount=0;
		$ordID=0;
		$ordnumber = $nodeList->getValueByTagName('google-order-number');
		$sSQL = "SELECT ordID,ordShipping,ordStateTax,ordCountryTax,ordHandling,ordTotal,ordDiscount,ordAuthNumber,ordStatus FROM orders WHERE ordAuthNumber='" . mysql_real_escape_string($ordnumber) . "' AND ordPayProvider=20";
		$result = mysql_query($sSQL) or print(mysql_error());
		if($rs = mysql_fetch_array($result)){
			$ordID = $rs['ordID'];
			$amount = ($rs['ordShipping']+$rs['ordStateTax']+$rs['ordCountryTax']+$rs['ordTotal']+$rs['ordHandling'])-$rs['ordDiscount'];
			$oldstatus = $rs['ordStatus'];
		}else
			$success = FALSE;
		$refundamount = $nodeList->getValueByTagName('total-chargeback-amount');
		if($success && $amount <= $refundamount){
			if($oldstatus >= 3) release_stock($ordID);
			mysql_query("UPDATE orders SET ordStatus=0,ordStatusDate='" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "' WHERE ordID=" . $ordID);
			if(!setNewLocation( 0 , $ordID ,'Automatic','Chargeback By Google.'));
		}
		print '<?xml version="1.0" encoding="UTF-8"?><notification-acknowledgment xmlns="http://checkout.google.com/schema/2"/>';
	break;
	case 'refund-amount-notification':
		$success=TRUE;
		$amount=0;
		$ordID=0;
		$ordnumber = $nodeList->getValueByTagName('google-order-number');
		$sSQL = "SELECT ordID,ordShipping,ordStateTax,ordCountryTax,ordHandling,ordTotal,ordDiscount,ordAuthNumber,ordStatus FROM orders WHERE ordAuthNumber='" . mysql_real_escape_string($ordnumber) . "' AND ordPayProvider=20";
		$result = mysql_query($sSQL) or print(mysql_error());
		if($rs = mysql_fetch_array($result)){
			$ordID = $rs['ordID'];
			$amount = ($rs['ordShipping']+$rs['ordStateTax']+$rs['ordCountryTax']+$rs['ordTotal']+$rs['ordHandling'])-$rs['ordDiscount'];
			$oldstatus = $rs['ordStatus'];
		}else
			$success = FALSE;
		$refundamount = $nodeList->getValueByTagName('total-refund-amount');
		if($success && $amount <= $refundamount){
			if($oldstatus >= 3) release_stock($ordID);
			mysql_query("UPDATE orders SET ordStatus=0,ordStatusDate='" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "' WHERE ordID=" . $ordID);
			if(!setNewLocation( 0 , $ordID ,'Automatic','Refund By Google.'));
		}
		print '<?xml version="1.0" encoding="UTF-8"?><notification-acknowledgment xmlns="http://checkout.google.com/schema/2"/>';
	break;
	case 'risk-information-notification':
		$ipaddress = '';
		$avs = '';
		$cvv = '';
		$iseligable = '';
		$partialcc = '';
		$acctage = 0;
		$ordnumber = $nodeList->getValueByTagName('google-order-number');
		for($i1 = 0; $i1 < $nodeList->length; $i1++){
			if($nodeList->nodeName[$i1]=='risk-information'){
				$obj2=$nodeList->childNodes[$i1];
				for($i2 = 0; $i2 < $obj2->length; $i2++){
					if($obj2->nodeName[$i2]=='ip-address'){
						$ipaddress = $obj2->nodeValue[$i2];
					}elseif($obj2->nodeName[$i2]=='avs-response'){
						$avs = $obj2->nodeValue[$i2];
					}elseif($obj2->nodeName[$i2]=='cvn-response'){
						$cvv = $obj2->nodeValue[$i2];
					}elseif($obj2->nodeName[$i2]=='buyer-account-age'){
						$acctage = $obj2->nodeValue[$i2];
					}elseif($obj2->nodeName[$i2]=='partial-cc-number'){
						$partialcc = $obj2->nodeValue[$i2];
					}elseif($obj2->nodeName[$i2]=='eligible-for-protection'){
						$iseligable = $obj2->nodeValue[$i2];
						if($iseligable=='false') $iseligable=$xxNo; else $iseligable=$xxYes;
					}
				}
			}
		}
		if($ordnumber != ''){
			$sSQL = "UPDATE orders SET ordIP='" . mysql_real_escape_string($ipaddress) . "',ordAVS='" . mysql_real_escape_string($avs) . "/" . $iseligable . "',ordCVV='" . mysql_real_escape_string($cvv) . '/' . $acctage . "',ordCNum='" . $partialcc . "' WHERE ordAuthNumber='" . $ordnumber . "' AND ordPayProvider=20";
			mysql_query($sSQL);
		}
		print '<?xml version="1.0" encoding="UTF-8"?><notification-acknowledgment xmlns="http://checkout.google.com/schema/2"/>';
	break;
	case 'request-received':
		print '<?xml version="1.0" encoding="UTF-8"?><notification-acknowledgment xmlns="http://checkout.google.com/schema/2"/>';
	break;
	case 'error':
		print '<?xml version="1.0" encoding="UTF-8"?><notification-acknowledgment xmlns="http://checkout.google.com/schema/2"/>';
	break;
	case 'diagnosis':
		print '<?xml version="1.0" encoding="UTF-8"?><notification-acknowledgment xmlns="http://checkout.google.com/schema/2"/>';
	break;
	default:
	}
}
if(@$debugmode==TRUE){
	$htmlemails=FALSE;
	$emlNl="\n";
	$headers = "MIME-Version: 1.0\n";
	$headers .= "From: ".$emailAddr." <".$emailAddr.">\n";
	$headers .= "Content-type: text/plain; charset=ISO-8859-1\n";
	$emailtxt = "ThisMessage: " . $xmlResponse . $emlNl . $emlNl . "Response: " . $responsexml . $emlNl;
	$emailtxt .=  "Callback took: " . (microtime_float() - $time_start) . " seconds" . $emlNl;
	mail($emailAddr, "/admin/gcallback.php debug", $emailtxt.'Coupons='.$all_coupons, $headers);
}
?>