Create($crm_db,$crm_user,$crm_host,$crm_pass); $tmp = new MySQL_class; $tmp->Create($template_db,$template_user,$template_host,$template_pass); $gc_sql=$crm; // session handling $cdc = new MySQL_class; $cdc->Create($cdc_db,$cdc_user,$cdc_host,$cdc_pass); $brnd = new MySQL_class; $brnd->Create($db,$user,$host,$pass); $dir = new MySQL_class; $dir->Create($directory_db,$directory_user,$directory_host,$directory_pass); // foil hackers unset($u_type,$u_id,$session_email,$customer_relation_id); complex_striptags($_GET); complex_striptags($_POST); // start session start_session($php_sessid); if($team_id) { $donation_team_id = $team_id; } if(page_auth(3,$u_type,$cdc) == "yes") { $staging = "yes"; } unset($u_type,$u_id,$session_email,$customer_relation_id); // log it //app_log('store',$PHP_SELF,$search_word,$application_id,'view',$code,$array); $app_logs_sql = new MySQL_class; $app_logs_sql->Create($app_logs_db,$app_logs_user,$app_logs_host,$app_logs_pass); $end_user = "yes"; start_session($sessid); // populate the error messages $message_array = get_messages('store_checkout',$language_c,$TEMPLATE_MESSAGE,$code,$tmp); unset($u_id,$cdc_type); // configuration options for the page $conf = get_conf2(6); if(!$donation_team_member_id && !$team_id && !$donation_individual_id && !$donation_id) { echo "where is the fundraiser..."; exit(); } // page starts $order_header_id = ass($order_header_id); $today = gmdate('Y-m-d'); // most common -- team member if($donation_team_member_id) { $query = "select m.monetary_goal, d.campaign_id, contact_id, d.id from $DONATION_TEAM t, $DONATION_TEAM_MEMBER m, $DONATION d where m.id = '".ass($donation_team_member_id)."' and m.donation_team_id = t.id and t.donation_id = d.id and t.brand = '$code' "; $data = $crm->mydata($query); $donation_id = $data[id][0]; } // team donation if($donation_team_id) { $query = "select t.monetary_goal, d.campaign_id, d.id from $DONATION_TEAM t, $DONATION d where t.id = '".ass($donation_team_id)."' and t.donation_id = d.id and t.brand = '$code' "; $data = $crm->mydata($query); $donation_id = $data[id][0]; } // solo if($donation_individual_id) { $query = "select i.monetary_goal, d.campaign_id, i.contact_id, d.id from $DONATION_INDIVIDUAL i, $DONATION d where i.id = '".ass($donation_individual_id)."' and i.donation_id = d.id and d.brand = '$code' "; $data = $crm->mydata($query); $donation_id = $data[id][0]; } // direct if(!$data[monetary_goal][0]) { $query = "select monetary_goal, campaign_id, d.id from $DONATION d where d.id = '".ass($donation_id)."' and d.brand = '$code' "; $data = $crm->mydata($query); } if(!$data[contact_id][0] && !$donation_id) { echo"error2: invalid id"; exit(); } $sponsored_cdc_id = $data['contact_id'][0]; if(!$cdc_type) { $cdc_type = 'contact'; } $personal_monetary_goal = $data['monetary_goal'][0]; $campaign_id = $data['campaign_id'][0]; if(!$sponsored_cdc_id && !$donation_id) { echo "Invalid Fundraiser"; exit(); } $query = "select name, description, currency, monetary_goal from $CAMPAIGN where id = '$campaign_id' and brand = '$code' "; $data = $crm->mydata($query); $campaign_name = $data['name'][0]; $campaign_description = $data['description'][0]; $currency_code = $data['currency'][0]; //$global_monetary_goal = $data['monetary_goal'][0]; $sponsored_info = get_cdc($sponsored_cdc_id,$code,$cdc); if($cdc_type == 'company') { $query = "select name from $DONATION_TEAM where id = '".ass($team_id)."' and brand = '$code' "; $data = $crm->mydata($query); $sponsored_name = $data['name'][0]; $entity_type = "Team"; } if($cdc_type == 'contact') { $sponsored_name = $sponsored_info['first_name']." ".$sponsored_info['last_name']; $entity_type = "Individual"; } if(!$cdc_type) { $query = "select d.name from $DONATION where id = '".ass($donation_id)."' and c.brand = '$code' "; $data = $crm->mydata($query); $sponsored_name = $data[name][0]; $entity_type = "Direct"; } if(!$currency_code) { $currency_code = "USD"; } if(!$locale) { $locale = "en_US.UTF8"; } $query = "select id from $CURRENCY_EXCHANGE_RATE where currency_code = '$currency_code' and date_accurate = '$today' and brand = '$code' "; $data_currency_exchange_rate = $crm->mydata($query); $currency_exchange_rate_id = $data_currency_exchange_rate[id][0]; //setlocale(LC_MONETARY, 'en_US'); //$fmt = new NumberFormatter( $locale, NumberFormatter::CURRENCY ); $fmt = new DwNumberFormatter(); // if user is not logged in the next values will be empty $query = "select company_id, division_id, contact_id from $CRM_RELATION where relation_id = '$customer_relation_id' and relation_id != '' and brand = '$code' "; $data = $crm->mydata($query); $company_id = $data[company_id][0]; $division_id = $data[division_id][0]; $contact_id = $data[contact_id][0]; if($carry=='') { $carry = $u_id; } // to use carry in a good way user needs to be logged in => is better that carry is not injected if($u_id=='') { $carry = ""; } if($cc_submit) { // first create order header $query = "select * from $ORDER_HEADER where order_header_id = '".ass($order_header_id)."' and brand = '$code' "; $oh_data = $crm->mydata($query); if($oh_data=="") { $order_header_id = make_rand(); $query = "insert into $ORDER_HEADER set order_header_id = '$order_header_id', relation_id = '$customer_relation_id', company_id = '$company_id', division_id = '$division_id', contact_id = '$contact_id', order_date = '".gmdate("Y-m-d H:i:s")."', gm_date = '".gmdate("Y-m-d H:i:s")."', status = 'PENDING', payment_method = 'CREDIT_CARD', created_by = '$u_id', order_type = 'NEW_BUSINESS', invoice_id = '$order_header_id', brand = '$code' "; $crm->Insert($query); } // only one entry as its a donation $query = "select * from $ORDER_DETAIL where order_header_id = '".ass($order_header_id)."' and brand = '$code' "; $oh_data = $crm->mydata($query); if($oh_data=="") { $query = "insert into $ORDER_DETAIL set order_detail_id = '".make_rand()."', order_header_id = '$order_header_id', product_name = 'Donation', price = '".ass($donation_amount)."', currency = '$currency_code', quantity = '1', type_revenue = 'DONATION', brand = '$code' "; $crm->Insert($query); } else { $query = "update $ORDER_DETAIL set price = '".ass($donation_amount)."' where order_header_id = '$order_header_id' and brand = '$code' "; $crm->Update($query); } if($all_cc) { $split = str_replace(" ","",$all_cc); $split = str_replace("-","",$split); $first_four = substr($split,0,4); $second_four = substr($split,4,4); $third_four = substr($split,8,4); $fourth_four = substr($split,12,4); } // lets make sure they entered all the right stuff //if(!luhn_check($all_cc)) if(!luhn_check($all_cc) && $foo==600) { if(!$staging) { $l_message = $message_array['checkout_06']; $message .= "
$l_message - 1"; $show_credit_card = "yes"; } } if(strlen($first_four)!=4 || strlen($second_four)!=4 || strlen($third_four)!=4) { //$message .= "
Please enter the credit card number correctly."; $l_message = $message_array['checkout_06']; $message .= "
$l_message - 2"; $show_credit_card = "yes"; } if($month=="") { //$message .="
Please enter the month of expiration."; $l_message = $message_array['checkout_07']; $message .="
$l_message"; $show_credit_card ="yes"; } if($year=="") { //$message .="
Please enter the year of expiration of the credit card."; $l_message = $message_array['checkout_08']; $message .="
$l_message"; $show_credit_card ="yes"; } if($first_name=="") { //$message .="
Please enter card holders first name."; $l_message = $message_array['checkout_09']; $message .="
$l_message"; $show_credit_card ="yes"; } if($last_name=="") { //$message .="
Please enter card holders last name."; $l_message = $message_array['checkout_10']; $message .="
$l_message"; $show_credit_card ="yes"; } if($email=="") { //$message .="
Please enter your email."; //$l_message = $message_array['checkout_16']; //$l_message = "Please enter your email."; $l_message = $message_array['checkout_32']; $message .="
$l_message"; $show_credit_card ="yes"; } else if(!valid_email(trim($email))) { //$message .="
Please enter a valid email."; //$l_message = $message_array['checkout_16']; $l_message = $message_array['checkout_32']; $message .="
$l_message"; $show_credit_card ="yes"; } if($phone=="") { //$message .="
Please enter the card holders telephone number."; $l_message = $message_array['checkout_11']; $message .="
$l_message"; $show_credit_card ="yes"; } if($address_1_1=="") { //$message .="
Please enter the street address."; $l_message = $message_array['checkout_12']; $message .="
$l_message"; $show_credit_card ="yes"; } if($city=="") { //$message .="
Please enter the city."; $l_message = $message_array['checkout_13']; $message .="
$l_message"; $show_credit_card ="yes"; } if($province=="") { //$message .="
Please enter the state or province."; $l_message = $message_array['checkout_14']; $message .="
$l_message"; $show_credit_card ="yes"; } if($zip=="") { //$message .="
Please enter the zipcode or postal code."; $l_message = $message_array['checkout_15']; $message .="
$l_message"; $show_credit_card ="yes"; } if($country=="") { //$message .="
Please enter the country."; $l_message = $message_array['checkout_16']; $message .="
$l_message"; $show_credit_card ="yes"; } if(!is_numeric($donation_amount) || $donation_amount <= 0) { //$message .="
Please enter a valid donation amount."; //$l_message = "Please enter a valid donation amount."; $l_message = $message_array['checkout_33']; $message .="
$l_message"; $show_credit_card ="yes"; } $query = "select status from $ORDER_HEADER where order_header_id = '$order_header_id' and brand = '$code' "; $data = $crm->mydata($query); if($data[status][0]=='PAID') { //$message .="
You have already completed this order and your transaction was successful."; $l_message = $message_array['checkout_17']; $message .="
$l_message"; $show_credit_card ="yes"; // $show_receipt = "yes"; } } if($cc_submit && $message=="") { // verify the person did not click submit twice $query = "select status, cc_processing from $ORDER_HEADER where contact_id = '$u_id' and contact_id != '' and cc_processing = 'Y' and brand = '$code' "; $data = $crm->mydata($query); if($data[status][0]=='PAID') { // header("location: /store/my_account.php?message=You+clicked+submit+more+than+once. Your transaction was successful."); $l_message = $message_array['checkout_19']; header("location: /store/my_account.php?message=$l_message&sessid=$sessid"); exit(); } if($data[status][0]=='PENDING') { //header("location: /store/my_account.php?message=".urlencode("You clicked submit more than once. Unfortunately the credit card processor does not allow me to query for previous transactions through the API that I (this computer) has access to so I have sent an email to our support staff letting them know your transaction needs to be researched. We have to make sure that we do not double bill you.").""); $l_message = $message_array['checkout_20']; header("location: /store/my_account.php?message=".urlencode($l_message)."&sessid=$sessid" ); $l_message = $message_array['checkout_21']; mail2("company@dwalliance.com","A partially processed order is in the system.","brand = $code, account = $u_id, email = $session_email \n $code/crm2/show.php?type=contact&id=$carry",$PHP_SELF,$code); exit(); } else { $query = "update $ORDER_HEADER set cc_processing = 'Y', notes = '".ass($notes)."' where order_header_id = '$order_header_id' and brand = '$code' "; $crm->Update($query); } // process the credit card ...... // get the total $query = "select sum((quantity*price) + (quantity*price*provincial_sales_tax) + (quantity*price*goods_and_services_tax) + (quantity*price*harmonized_sales_tax)) as total from $ORDER_DETAIL where order_header_id = '$order_header_id' and brand = '$code' "; $data = $crm->mydata($query); $grand_total = $data[total][0]; $grand_total = round($grand_total,2); if($order_header_id=='') { //echo"Sorry but your order is invalid."; $l_message = $message_array['checkout_22']; echo $l_message; mail2("jimmy@dwalliance.com","no order header id","$query \n $code u_id = $u_id \n session_id = $sessid ",$PHP_SELF,$code); exit(); } if(!abs($grand_total)) { //echo"Sorry the order has an invalid amount."; $l_message = $message_array['checkout_23']; echo $l_message; mail2("jimmy@dwalliance.com","invalid amount -- no value","$query \n u_id = $u_id \n brand = $code ",$PHP_SELF,$code); // el("invalid amount -- no value $query u_id = $u_id brand = $code"); exit(); } $query = "select m_account_id from $ORDER_HEADER where order_header_id = '$order_header_id' and brand = '$code' "; $data = $crm->mydata($query); $m_account_id = $data[m_account_id][0]; if($m_account_id) { $maccount_detail = get_account_details($m_account_id,$code,$brnd); if($maccount_detail[type]=='authorize.net') { $cc_process = 'yes'; } if($maccount_detail[type]=='moneris') { $cc_process = 'yes'; } if($maccount_detail[type]=='eway') { $cc_process = 'yes'; } } // ******** build the order *********** // for making installments if($billed=='installment') { $order[billed] = $billed; $order[num_recurs] = $num_recurs - 1; $order[period] = 1; $grand_total = $amount_per_installment; $transaction_description = "Installment Donation"; } // for making recurring payments if($billed=='recurring') { $order[billed] = $billed; $order[period] = $period; // make it last 5 years if($period==1) { $num_recurs = 60; } if($period==3) { $num_recurs = 20; } if($period==6) { $num_recurs = 10; } if($period==12) { $num_recurs = 5; } if(!$num_recurs) { $num_recurs = 5; } $order[num_recurs] = $num_recurs; $transaction_description = "Recurring Donation"; } if(!$transaction_description) { $transaction_description = "Online Donation"; } $order[transaction_description] = $transaction_description; $order[time_stamp] = gmdate("YmdHis"); $order[invoice_number] = substr($order_header_id,0,10); $order[grandtotal] = $grand_total; $order[cc_number] = "$first_four$second_four$third_four$fourth_four"; $order[cc_type] = $cc_type; $order[cc_expiration] = "$month$year"; $order[cc_expiration_mn] = $month; $order[cc_expiration_yr] = $year; $order[cc_cvv2_number] = $cc_cvv2_number; $order[first_name] = $first_name; $order[company_name] = $company_name; $order[last_name] = $last_name; $order[phone] = $phone ; $order[customer_email] = $email; $order[street_address] = $address_1_1; $order[city]= $city; $order[state]= $province; $order[zipcode]= $zip; $order[country]= $country; $order[currency] = $currency_code; $order[ip_address] = $_SERVER[HTTP_X_FORWARDED_FOR]; $order[description] = $order_description; $order[cvn] = $cvn; // el(capture_print_r($order)); unset($cc_test_domain); $cc_test_domain[] = 'ISRG'; // $cc_test_domain[] = 'EMCORP'; // $cc_test_domain[] = 'SPCA'; //$cc_test_domain[] = 'DWALLC'; // $cc_test_domain[] = 'LEGINT'; // $cc_test_domain[] = 'EVENTREG'; $safe_ip[] = '70.49.159.224'; $safe_ip[] = '186.15.153.79'; $safe_ip[] = '69.70.72.10'; $safe_ip[] = '190.10.3.169'; $safe_ip[] = '70.51.122.67'; $safe_ip[] = '173.164.162.229'; $safe_ip[] = '173.164.162.225'; $safe_ip[] = '173.164.162.230'; $safe_ip[] = '173.164.162.226'; $safe_ip[] = '190.10.3.169'; $ip = explode(",",$_SERVER["HTTP_X_FORWARDED_FOR"]); $_SERVER["HTTP_X_FORWARDED_FOR"] = $ip[0]; if(!in_array($_SERVER["HTTP_X_FORWARDED_FOR"],$safe_ip)) { //el($_SERVER["HTTP_X_FORWARDED_FOR"]); unset($cc_test_domain); } if($cc_process) { // authorize.net AIM implementation if($maccount_detail[type] == 'authorize.net') { include('../commonfiles/class.authorize.php'); $auth = new authorizenet; $order[login] = $maccount_detail[authorize_net_login_id]; if(!$maccount_detail[authorize_x_tran_key]) { $order[password] = $maccount_detail[authorize_net_password]; } else { $order[x_tran_key] = $maccount_detail[authorize_x_tran_key]; } if(!@in_array($code,$cc_test_domain)) { if($grand_total!='0.00') { $result = $auth->cc_sale($order); } else { $order[grandtotal] = '1.00'; // this keeps the auth from failing $result = $auth->cc_auth($order); $order[grandtotal] = '0.00'; // this makes sure the order history is correct } } else { $result[success_response] = '1'; $result[transaction_id] = '1234'; mail2('jimmy@dwalliance.com',"$code $order_header_id free order","","jimmy@dwalliance.com","Jimmy Brake"); } } // moneris if($maccount_detail[type] == 'moneris') { //el($code); if(!@in_array($code,$cc_test_domain)) { include('../commonfiles/monerisv250/mpgClasses.php'); include('../commonfiles/moneris.php'); $mpgCustInfo = moneris_customer_info($order); $result = moneris_purchase($order,$carry,$maccount_detail,$mpgCustInfo,$mpgRecur); if($result[success_response] == 1) { // moneris FUCKING sux if($order[num_recurs]) { $mpgRecur = moneris_recurring($order); $moneris_sux = moneris_purchase($order,$carry,$maccount_detail,$mpgCustInfo,$mpgRecur); } $query = "update $ORDER_HEADER set invoice_id = '$result[invoice_id]' where order_header_id = '$order_header_id' and brand = '$code' "; $crm->Update($query); } } else { $result[success_response] = '1'; $result[transaction_id] = '1234'; mail2('jimmy@dwalliance.com',"$code $order_header_id moneris free order","","jimmy@dwalliance.com","Jimmy Brake"); } } // paypal if($maccount_detail[type] == 'paypal_website_pro') { require('../commonfiles/paypal/DoDirect.php'); $result = paypalDoDirect($order,$maccount_detail); } // eway if($maccount_detail[type] == 'eway') { require('../commonfiles/class.eway.com.au.php'); // for testing ... if(@in_array($code,$cc_test_domain)) { $order[test] = 'Y'; $order[cc_number] = '4444333322221111'; $maccount_detail[ewayCustomerID] = '87654321'; } $result = eway_sale($order,$maccount_detail); } $order[cc_number] = ''; if($result[success_response]!='1') { $message .= "
$result[response_reason_text]"; $show_credit_card = 'yes'; $v = capture_print_r($order); log_cc($order_header_id,$contact_id,$company_id,$result,$v,$app_logs_sql,$code); $v = capture_print_r($result); mail2("isurge3@yahoo.com", "$code $email CC failure $PHP_SELF $_SERVER[HTTP_HOST] "," $v", "sysadmin@dwalliance.com","sysadmin"); } else { $auth_code = $result[transaction_id]; $v = capture_print_r($order); log_cc($order_header_id,$contact_id,$company_id,$result,$v,$app_logs_sql,$code); $v = capture_print_r($result); mail2("isurge3@yahoo.com", "$code $email CC success $PHP_SELF $_SERVER[HTTP_HOST]", $v, "sysadmin@dwalliance.com","sysadmin"); $cc_approved = "yes"; } } if($show_credit_card == 'yes') { $query = "update $ORDER_HEADER set cc_processing = 'N' where order_header_id = '$order_header_id' and brand = '$code' "; $crm->Update($query); } } unset($approved); if($cc_approved) { $approved = "yes"; $query = "update $ORDER_HEADER set cc_processing = 'N' where order_header_id = '$order_header_id' and brand = '$code' "; $crm->Update($query); } if($approved && $message=="") { // update order headers if($cc_approved) { // create user account here => plus set carry $contact_info_query = ""; if(!$u_id) { // IF USER IS NOT LOGGED IN !!! include("../commonfiles/create_contact.php"); // see if client already exists by email $query = "select cdc_id from $CDC where email = '".ass($email)."' and brand = '$code' "; $data_dupe_contact = $cdc->mydata($query); // if contact not exists create it if(!$data_dupe_contact[cdc_id][0]) { $contact_data = array(); $contact_data['first_name'] = $first_name; $contact_data['last_name'] = $last_name; $contact_data['email'] = $email; $contact_data['telephone_1 '] = $phone; $contact_data['address_1_1'] = $address_1_1; $contact_data['address_1_2'] = $address_1_2; $contact_data['city_1'] = $city; $contact_data['province_1'] = $province; $contact_data['zipcode_1'] = $zip; $contact_data['country_1'] = $country; $u_id = create_contact($contact_data,$code); $carry = $u_id; $contact_id = $u_id; // create company if any... if($company_name) { $data_relation = create_company_and_relation($company_name,$u_id,$crm,$code); $company_id = $data_relation[company_id]; $the_customer_relation_id = $data_relation[relation_id]; } } else { // if contact already exists => but not logged in $u_id = $data_dupe_contact[cdc_id][0]; $carry = $u_id; $contact_id = $u_id; // if user supplied a company name if($company_name) { $data_relation = create_company_and_relation($company_name,$u_id,$crm,$code); $company_id = $data_relation[company_id]; $the_customer_relation_id = $data_relation[relation_id]; } else { // get company and relation if any... $query = "select relation_id, company_id from $CRM_RELATION where contact_id = '$u_id' and company_id != '' and division_id = '' and disable = '0' and brand = '$code' order by last_modified desc limit 0,1 "; $data_relation = $crm->mydata($query); $company_id = $data_relation[company_id][0]; $the_customer_relation_id = $data_relation[relation_id][0]; } } $contact_info_query = "relation_id = '$the_customer_relation_id', company_id = '$company_id', contact_id = '$carry', "; } $query = "update $ORDER_HEADER set status = 'PAID', approve_date = '".gmdate("Y-m-d H:i:s")."', $contact_info_query cc_name = '".addslashes("$first_name $last_name")."', cc_first_name = '".addslashes($first_name)."', cc_last_name = '".addslashes($last_name)."', cc_address_1 = '".addslashes($address_1_1)."', cc_city = '".addslashes($city)."', cc_province = '".addslashes($province)."', cc_postal_code = '".addslashes($zip)."', cc_country = '".addslashes($country)."', cc_type = '$cc_type', cc_first4 = '$first_four', cc_last4 = '$fourth_four', cc_phone_number = '".addslashes($phone)."', cc_expiration_date = '$month / $year', cc_auth_code = '$auth_code' where order_header_id = '$order_header_id' and brand = '$code' "; $crm->Update($query); $query = "insert into $ORDER_PARTIAL_PAYMENT set partial_payment_id = '".make_rand()."', order_header_id = '$order_header_id', relation_id = '$the_customer_relation_id', currency_exchange_rate_id = '$currency_exchange_rate_id', amount = '".ass($donation_amount)."', currency = '$currency_code', company_id = '$company_id', contact_id = '$carry', cc_name = '".ass("$first_name $last_name")."', cc_first_name = '".addslashes($first_name)."', cc_last_name = '".addslashes($last_name)."', cc_address_1 = '".addslashes($address_1_1)."', cc_city = '".addslashes($city)."', cc_province = '".addslashes($province)."', cc_postal_code = '".addslashes($zip)."', cc_country = '".addslashes($country)."', cc_type = '$cc_type', cc_first4 = '$first_four', cc_last4 = '$fourth_four', cc_phone_number = '$phone', cc_expiration_date = '$month / $year', cc_auth_code = '$auth_code', # cc_clearing_house_id = '$cybersourceid', payment_method = 'CREDIT_CARD', notes = '".addslashes($notes)."', order_date = '".gmdate("Y-m-d H:i:s")."', transaction_date = '".gmdate("Y-m-d H:i:s")."', created_by = '$u_id', m_account_id = '$m_account_id', brand = '$code' "; $crm->Insert($query); // insert donation entry here $name_in_donor_scroll = $name_in_donor_scroll?"Y":"N"; $amount_in_donor_scroll = $amount_in_donor_scroll?"Y":"N"; if($donation_team_member_id) { $tmp_sql = " id_type = 'donation_team_member_id', id_value = '".ass($donation_team_member_id)."', "; } if($donation_individual_id) { $tmp_sql = " id_type = 'donation_individual_id', id_value = '".ass($donation_individual_id)."', "; } if($team_id) { $tmp_sql = "id_type = 'donation_team_id', id_value = '".ass($team_id)."',"; } if(!$tmp_sql) { $tmp_sql = "id_type = 'donation_id', id_value = '".ass($donation_id)."', "; } $query = "insert into $DONATION_GIFT set id = '".make_rand()."', donation_id = '".ass($donation_id)."', $tmp_sql order_header_id = '".ass($order_header_id)."', name_in_donor_scroll = '".ass($name_in_donor_scroll)."', amount_in_donor_scroll = '".ass($amount_in_donor_scroll)."', brand = '$code' "; $crm->Insert($query); // last billing foo $contact = get_cdc($carry,$code,$cdc); $company = get_cdc($company_id,$code,$cdc); insert_order_contact($order_header_id,$company,$contact,'CONTACT',$code,$crm); $billing = get_cdc($u_id,$code,$cdc); insert_order_contact($order_header_id,$company,$billing,'BILLING',$code,$crm); } $cc_month = $month; $cc_year = $year; // send email and move to home or whatever if($cc_approved) { // print order details $query = "select product_name, price, quantity, product_id from $ORDER_DETAIL where order_header_id = '$order_header_id' and brand = '$code' "; $data = $crm->mydata($query); for($a=0;$aformatCurrency($data[price][$a], $currency_code); if(trim($data[product_name][$a])) { $products .="\n ".ss($data[product_name][$a])." @ $new_price * ".$data[quantity][$a]." "; } } for($a=0;$a".ss($data[product_name][$a])."

"; } $new_array = get_cdc($contact_id,$code,$cdc); $new_array[product_br] = nl2br($products); $new_array[products] = $products; $new_array[amount] = $fmt->formatCurrency($grand_total, $currency_code); $new_array[total] = $fmt->formatCurrency($grand_total, $currency_code); $company_foo = get_cdc($company_id,$code,$cdc); $new_array[company_name] = $company_foo[company_name]; $new_array[exp_date] = $duration_end; $new_array[product_name] = "Donation"; $new_array[invoice_id] = substr($order_header_id,0,10); $new_array[notes] = $notes; $new_array[br_notes] = nl2br($notes); $new_array[receipt_from] = $receipt_from; $new_array[receipt_from_name] = $receipt_from_name; $new_array[receipt_subject] = $receipt_subject; $new_array[receipt_body] = $receipt_body; $new_array[order_date] = gmdate("Y-m-d H:i:s"); $new_array[time_stamp] = gmdate("Y-m-d H:i:s"); $new_array[event_location] = $event_location; $new_array[domain] = $HTTP_HOST; // emails to customers if(trim($send_email)=='') { $send_email = $new_array[email]; } system_email("3","","",$new_array,$EMAIL,$code,$crm); // email to sales // attachment sent if($code=='SPCA') { $new_array[return_html_only] = "yes"; $email_attachment = system_email("29",$new_array[email],"$new_array[first_name] $new_array[last_name]",$new_array,$EMAIL,$code,$crm); $new_array[email_attachment] = ""; if($email_attachment) { require_once("../commonfiles/dompdf/dompdf_config.inc.php"); $dompdf = new DOMPDF(); $dompdf->load_html($email_attachment); $dompdf->render(); $email_attachment = $dompdf->output(); $new_array[email_attachment] = $email_attachment; } $new_array[return_html_only] = ""; } system_email("4",$send_email,"$new_array[first_name] $new_array[last_name]",$new_array,$EMAIL,$code,$crm); // email to customer //el(capture_print_r($new_array)); $next_link = $conf[final_page]; $show_receipt = 'yes'; } } // **************************************************************************** PRINTING STARTS $tpl = new rFastTemplate("."); $tpl->no_strict(); $tpl->quiet(); $main = get_template('40',$TEMPLATE,$tmp,$code,$staging); if(!$mobile) { $main = get_template('40',$TEMPLATE,$tmp,$code,$staging); } else { $main = get_template('250',$TEMPLATE,$tmp,$code,$staging); } $tpl->define_raw(array( main => $main, credit_card => get_template('226',$TEMPLATE,$tmp,$code,$staging), receipt => get_template('227',$TEMPLATE,$tmp,$code,$staging), show_failed_receipt => get_template('228',$TEMPLATE,$tmp,$code,$staging) )); $tpl->assign(array( TODAY => gmdate("l, F j, Y"), WAIT_LIST_EMAIL => $wait_list_email )); //$tpl = store_dir_cats($tpl,$code,$dir); if($u_id) { $user = get_cdc($u_id,$code,$cdc); $l_message = $message_array['checkout_25']; $l_message2 = $message_array['checkout_26']; $l_message3 = $message_array['checkout_27']; // USER_2 => "You are logged in as: $user[first_name] $user[last_name]
Logout - Manage Email ", $tpl->assign(array( COMPANY_ID => $company_id, USER_2 => "$l_message $user[first_name] $user[last_name]
$l_message2 - $l_message3 ", HLO1 => "", HLO2 => "", HLI1 => "", USER => "$l_message $user[first_name] $user[last_name]
$l_message2 - $l_message3 " )); } else { $tpl->assign(array( HLI1 => "", HLI2 => "", HLO1 => "" )); } $tpl->assign( array( SELF => $PHP_SELF, CONTACT_ID => $contact_id, MESSAGE => $message, TEAM_ID => strip_tags($team_id), DONATION_TEAM_MEMBER_ID => strip_tags($donation_team_member_id), DONATION_INDIVIDUAL_ID => strip_tags($donation_individual_id), DELAYED_START_DATE => $delayed_start_date, SESSID => $sessid, HIDE_COMPANY_IMAGE1 => " ", ALT_MESSAGE => strip_tags($alt_message), ORDER_HEADER_ID => $order_header_id, )); // campaign stuff $tpl->assign( array( PERSONAL_MONETARY_GOAL => number_format($personal_monetary_goal, 2), //GLOBAL_MONETARY_GOAL => $global_monetary_goal, SPONSORED_NAME => $sponsored_name, PAGE_TITLE => 'Donate', CAMPAIGN_NAME => $campaign_name, CAMPAIGN_DESCRIPTION => $campaign_description, CAMPAIGN_CURRENCY => $campaign_currency, DONATION_ID => $donation_id, ENTITY_TYPE => $entity_type, FUNDRAISER_ID => $fundraiser_id, )); // cc receipt if($show_receipt == "yes") { $tpl = show_login($u_id,$tpl); $tpl = html_chunks($staging,$tpl,$code,$brnd); $query = "select title, meta from $TEMPLATE where template_id = '37' and brand = '$code' "; $data = $tmp->mydata($query); $tpl->assign(array( PAGE_TITLE => 'receipt', PAGE_META => ss($data[meta][0]) )); $receipt_number = substr($cc_result[receipt_refernce_number],0,12); $company_name = get_cdc($company_id,$code,$cdc); $new_array = get_cdc($u_id,$code,$cdc); $new_array = cdc_template_array($new_array); // push into the template $tpl->assign( $new_array ); $tpl->assign(array( CARD_TYPE => $cc_result[card_type], TRANSACTION_DESCRIPTION => $transaction_description, ORDER_HEADER_ID => $order_header_id, PRODUCTS => nl2br($products), RECEIPT_MSG_ACCOUNT => $cc_result[receipt_account], RECEIPT_MSG_ACTION => $cc_result[receipt_action], DELAYED_START_DATE => $delayed_start_date, TIME_STAMP => gmdate("Y-m-d H:i:s")." GMT", AUTH_CODE => $cc_result[auth_code], RESPONSE_CODE => $cc_result[response_reason_code], ISO_CODE => $cc_result[iso_code], RESPONSE_MESSAGE => $cc_result[message], REFERENCE_NUMBER => $cc_result[reference_num], RESPONSE_MESSAGE => $cc_result[message], TERMINAL_ID => $order[terminal_id], FIRST_NAME => $order[first_name], LAST_NAME => $order[last_name], AMOUNT => $fmt->formatCurrency($order[grandtotal], $currency_code), INVOICE_ID => $order[invoice_number], DURATION_END => $ts_date, MESSAGE => $message, FINAL_PAGE => $conf[final_page] )); if($show_failed_receipt == "yes") { $tpl->parse( MAIN, array( "show_failed_receipt", "main" )); } else { $tpl->parse( MAIN, array( "receipt", "main" )); } $tpl->FastPrint(); exit(); } if($show_credit_card) { $query = "select title, meta from $TEMPLATE where template_id = '22' and brand = '$code' "; $data = $tmp->mydata($query); $tpl->assign(array( PAGE_TITLE => 'cc', MESSAGE => $message, PAGE_META => ss($data[meta][0]) )); $tpl = show_login($u_id,$tpl); $tpl = html_chunks($staging,$tpl,$code,$brnd); if($contact_id!='') { $contact = get_cdc($contact_id,$code,$cdc); $company = get_cdc($company_id,$code,$cdc); } // month and year $f_month =""; for($a=1;$a<=12;$a++) { if(strlen($a)==1) { $foo = "0$a"; } else { $foo = "$a"; } if($month==$foo) { $checked = "selected"; } else { $checked = ""; } $f_month .= "\n $foo "; } $f_month .=""; $f_year =""; for($a=date("Y");$a<=date("Y")+10;$a++) { if($year==$a) { $checked = "selected"; } else { $checked = ""; } $f_year .= "\n $a "; } $f_year .=""; if($cc_submit=="") { $company_name = $company[company_name]; $first_name = $contact[first_name]; $last_name = $contact[last_name]; $address_1_1 = $contact[address_1_1]; $address_1_2 = $contact[address_1_2]; $city = $contact[city_1]; $province = $contact[province_1]; $zip = $contact[zipcode_1]; $email = $contact[email]; $phone = $contact[telephone_1]; $country = $contact[country_1]; $name_in_donor_scroll = "Y"; $amount_in_donor_scroll = "Y"; } $event_name = ""; if($event_name=='') { $event_name = 'NA'; $event_date = 'NA'; } $query = "select sum((quantity*price) + (price*provincial_sales_tax) + (price*goods_and_services_tax) + (price*harmonized_sales_tax)) as total from $ORDER_DETAIL where order_header_id = '$order_header_id' "; $data = $crm->mydata($query); // make a pretty break down $query = "select ((quantity*price) + (price*provincial_sales_tax) + (price*goods_and_services_tax) + (price*harmonized_sales_tax)) as sub_total, ((price*provincial_sales_tax) + (price*goods_and_services_tax) + (price*harmonized_sales_tax)) as tax, product_id, product_name, product_description, price, quantity from $ORDER_DETAIL where order_header_id = '$order_header_id' and brand = '$code' group by product_id order by product_name "; $b_data = $crm->mydata($query); if(is_array($b_data['sub_total'])) { // for each selected product for($a=0;$aassign(array( PRODUCT_NAME => ss($b_data[product_name][$a]), PRODUCT_DESCRIPTION => ss($b_data[product_description][$a]), QUANTITY => $b_data[quantity][$a], PRICE => $fmt->formatCurrency($b_data[price][$a], $currency_code), TAX => $fmt->formatCurrency($b_data[tax][$a], $currency_code), SUB_TOTAL => $fmt->formatCurrency($b_data[sub_total][$a], $currency_code) )); $tpl->parse( "SUB_AMOUNT", ".sub_amount" ); } } else { $tpl->assign(array( PRODUCTS_TABLE_DISPLAY_STYLE => "display:none;" )); } if($send_email=='') { $send_email = $email; } if($u_id) { $tpl->assign( array( HIDE_COMPANY_FIELD_1 => "", )); } $tpl->assign( array( CONTACT_ID => $contact_id, FIRST_NAME => strip_tags($first_name), PURCHASE_ORDER_NUMBER => $purchase_order_number, SEND_EMAIL => $send_email, LAST_NAME => strip_tags($last_name), COMPANY_NAME => strip_comment_tags($company_name), EMAIL => strip_tags($email), PHONE => strip_tags($phone), PROMO => strip_tags($promo), NOTES => strip_tags($notes), ADDRESS_1_1 => strip_tags($address_1_1), ADDRESS_1_2 => strip_tags($address_1_2), DONATION_AMOUNT => $donation_amount, CITY => strip_tags($city), PROVINCE => strip_tags($province), ZIP => strip_tags($zip), COUNTRY => strip_tags($country), ALL_CC => strip_tags($all_cc), FIRST_FOUR => strip_tags($first_four), SECOND_FOUR => strip_tags($second_four), THIRD_FOUR => strip_tags($third_four), FOURTH_FOUR => strip_tags($fourth_four), CVN => $cvn, MONTH => $f_month, EVENT_ID => $event_id, EVENT_NAME => $event_name, EVENT_LOCATION => nl2br($event_location), EVENT_DATE => $event_date, BOTTOM_ALL => nl2br($bottom_all), BOTTOM_CHECKOUT => $bottom_checkout, ORDER_HEADER_ID => $order_header_id, AMOUNT => $fmt->formatCurrency($data[total][0], $currency_code), RECIPIENTS => $recipients, GIFT_EMAIL => $gift_email, YEAR => $f_year, PAYPAL_EMAIL => $paypal_email, CURRENCY_CODE => $currency_code, HIDE_PAYPAL_FOO_1 => $hide_paypal_foo_1, HIDE_PAYPAL_FOO_2 => $hide_paypal_foo_2, NAME_IN_DONOR_SCROLL => $name_in_donor_scroll=='Y'?"checked='checked'":"", AMOUNT_IN_DONOR_SCROLL => $amount_in_donor_scroll=='Y'?"checked='checked'":"", )); if($event_name!='NA') { $tpl->assign(array( HIDE_STORE_STEPS_1 => '' )); } $tpl->parse( MAIN, array( "credit_card", "main" )); $tpl->FastPrint(); exit(); } echo "Malformed Order"; exit(); // functions function create_company_and_relation($company_name,$u_id,$crm,$code) { global $CRM_CDC,$cdc,$CRM_RELATION; // check that company doesnt already exists $query = "select cdc_id from $CRM_CDC where company_name = '".ass($company_name)."' and disabled = '0' and brand = '$code' "; $data_company = $crm->mydata($query); // if compamy doent exists create it if(!$data_company[cdc_id][0]) { unset($company_data); $company_data['company_name'] = $company_name; // create the company $company_id = insert_cdc($company_data,$cdc,$code); insert_crm_cdc($company_data,$company_id,$code,$crm); create_relation("",$company_id,$crm,$code); insert_search_db($company_id,$company_data,$code,'company'); // create company-contact relation $the_customer_relation_id = create_relation($u_id,$company_id,$crm,$code); } else { // if company already exists $company_id = $data_company[cdc_id][0]; // check if relation exists $query = "select relation_id, disable from $CRM_RELATION where company_id = '".ass($company_id)."' and contact_id = '$u_id' and division_id = '' and brand = '$code' "; $data_relation = $crm->mydata($query); if(!$data_relation[relation_id][0]) { // if relation doesnt exists create it $the_customer_relation_id = create_relation($u_id,$company_id,$crm,$code); } else { // if the relation exists but is disabled enable it again if($data_relation[disable][0] == '1') { $query = "update $CRM_RELATION set disable = '0' where company_id = '".ass($company_id)."' and contact_id = '$u_id' and division_id = '' and brand = '$code' "; $crm->Update($query); } $the_customer_relation_id = $data_relation[relation_id][0]; } } return array('relation_id'=>$the_customer_relation_id,'company_id'=>$company_id); } ?>