home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
79.96.193.101
/
79.96.193.101.tar
/
79.96.193.101
/
www
/
przelewy24_callback.php
< prev
next >
Wrap
PHP Script
|
2014-10-20
|
6KB
|
152 lines
<?php
//============================================
// Easy 2.0
// Copyright : .exe Evolution
// Wersja : 2.0
// Uwagi : Brak
//============================================
define("BASEDIR", dirname(__FILE__));
include(BASEDIR . "/inc/init.php");
$tmpl = new Easy("templates/$THEME/");
include(BASEDIR . "/system/shop/shopinc.php");
$this_url = "http://" .$_SERVER['HTTP_HOST'] . str_replace('/przelewy24_callback.php','',$_SERVER['PHP_SELF']);
$sql_pp = $db->Query("SELECT inst_id FROM ".PREFIX."_shop_payment_methods WHERE id='9'");
$row_pp = $sql_pp->fetchrow();
define("SPID", $row_pp->inst_id);
if($_POST["p24_error_code"]!="") {
$meta = '<meta http-equiv="refresh" content="0;URL='.$this_url.'/index.php?p=shop_orderconfirm&id=2&cid='.$za_id.'">';
} else {
$za_id = $_POST["p24_session_id"];
$kwota = $_POST["p24_kwota"];
$za_kwota = number_format($_POST["p24_kwota"]/100,2,".","");
$order_id = $_POST["p24_order_id"];
$q = "
SELECT
a.*,
b.email
FROM
" . PREFIX . "_shop_orders as a,
" . PREFIX . "_user as b
WHERE
a.control = '$za_id' AND
a.ovall = ".$za_kwota." AND
a.status_o != 'failed' AND
a.status_o != 'ok' AND
b.uid = a.uid
";
$sql = $db->Query($q);
$row_u = $sql->fetchrow();
$uemail = $row_u->email;
if($sql->numrows() == 1){
$header = "POST /transakcjanossl.php HTTP/1.1\r\n";
$header .= "Host: secure.przelewy24.pl\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$fp = fsockopen ("secure.przelewy24.pl", 80, $errno, $errstr, 30);
$P[] = urlencode("p24_id_sprzedawcy")."=".urlencode(SPID);
$P[] = urlencode("p24_session_id")."=".urlencode($za_id);
$P[] = urlencode("p24_order_id")."=".urlencode($order_id);
$P[] = urlencode("p24_kwota")."=".urlencode($kwota);
$post = join("&",$P);
$req .= "Content-Length: ".strlen( $post )."\r\n\r\n";
$req .= $post;
if(!$fp) {
PutLog("Przelewy24: could not connect to secure.przelewy24.pl:80", PRIO_ERROR, __FILE__, __LINE__);
$meta = '<meta http-equiv="refresh" content="0;URL='.$this_url.'/index.php?p=shop_orderconfirm&id=2&cid='.$za_id.'">';
} else {
fputs ($fp, $header . $req);
$res = false;
while (!feof($fp)) {
$line = ereg_replace("[\n\r]","",fgets ($fp, 1024));
if($line != "RESULT" and !$res) continue;
if($res)$RET[] = $line;
else $res = true;
}
if($RET[0] == "TRUE") {
$sql_first = $db->Query("UPDATE ". PREFIX ."_shop_orders SET status_o = 'progress', order_id='".$order_id."' WHERE control = '$za_id' ");
$items = explode(',', $row_u->articles);
$download_files = '';
foreach($items as $item){
$sql_esd = $db->Query("SELECT id,artnumber,esd_download,esd_dltimes,esd_timespan FROM " . PREFIX . "_shop_articles WHERE artnumber='$item'");
$row_esd = $sql_esd->fetchrow();
$esd_timespan = ($row_esd->esd_timespan=='') ? 0 : $row_esd->esd_timespan ;
$time_end = mktime(date("H")+$esd_timespan, date("i"), date("s"),date("m"), date("d"), date("Y"));
if($row_esd->esd_download != '') {
$itemkey = makepass(10);
$sql_newesd = $db->Query("INSERT INTO " . PREFIX . "_shop_esd (id,uid,dltimes,dlid,dltimespan,itemkey) VALUES ('','$userId','','$row_esd->id','$time_end','$itemkey')");
$download_files .= "\n---------------------------------------\n$row_esd->esd_download ($row_esd->esd_dltimes ".$lang['shop_max_downloads_esd'].")\nhttp://" .$_SERVER['HTTP_HOST'] . str_replace('/przelewy24_callback.php','',$_SERVER['PHP_SELF']) . "/index.php?p=shop&action=downloadfile&file_id=$row_esd->id&itemkey=$itemkey\n";
$download_files_copy .= "\n$row_esd->esd_download";
}
}
if($download_files!=''){
$body_first = str_replace("__TRANSID__", $za_id, $lang['shop_subject_cc_transaction_ok_header']);
$mails = $body_first . "\n" . $download_files . "\n" . $lang['shop_footer_ccokesd_2'] . "\n\n" . SHOPADRESS;
$thismail = new MIMEMail();
$thismail->from_email = EMAILFROM;
$thismail->subject = $lang['shop_subject_cc_transaction_ok'];
$thismail->to = $uemail;
$thismail->headers();
$thismail->addtextpart( false, $mails);
$thismail->finish();
$thismail->send();
} else {
$body_first = str_replace("__TRANSID__", $za_id, $lang['shop_subject_cc_transaction_ok_header2']);
$mails = $body_first . "\n\n" . SHOPADRESS;
$thismail = new MIMEMail();
$thismail->from_email = EMAILFROM;
$thismail->subject = $lang['shop_subject_cc_transaction_ok'];
$thismail->to = $uemail;
$thismail->headers();
$thismail->addtextpart( false, $mails);
$thismail->finish();
$thismail->send();
}
$copybody = $lang['shop_subject_cc_transaction_ok_header_copy'];
$copybody = str_replace("__OVALL__", $za_kwota,$copybody);
$copybody = str_replace("__TRANSID__", $za_id ,$copybody);
$copybody = str_replace("__USERID__", $row_u->uid,$copybody);
$copybody = str_replace("__UEMAIL__", $uemail,$copybody);
if($download_files_copy!='') $copybody .= "\n\n" . $lang['shop_copy_esdfoot_admin'] . "\n" . $download_files_copy;
$thismail = new MIMEMail();
$thismail->from_email = EMAILFROM;
$thismail->subject = $lang['shop_subject_cc_transaction_ok'];
$thismail->to = EMAILTO;
$thismail->headers();
$thismail->addtextpart( false, $copybody);
$thismail->finish();
$thismail->send();
$meta = '<meta http-equiv="refresh" content="0;URL='.$this_url.'/index.php?p=shop_orderconfirm&id=1&cid='.$za_id.'">';
}else {
PutLog("Przelewy24: got INVALID while trying to validate payment (" . $za_id . " / ".$RET[1]." )", PRIO_WARNING, __FILE__, __LINE__);
$meta = '<meta http-equiv="refresh" content="0;URL='.$this_url.'/index.php?p=shop_orderconfirm&id=2&cid='.$za_id.'">';
}
}
fclose ($fp);
} else {
PutLog("Przelewy24: incorrect order control or amount (" . $za_id ." )", PRIO_WARNING, __FILE__, __LINE__);
$meta = '<meta http-equiv="refresh" content="0;URL='.$this_url.'/index.php?p=shop_orderconfirm&id=2&cid='.$za_id.'">';
}
}
if(!isset($_GET["auto"])) echo $meta;
else echo(strpos($meta,"id=1")!==false)?1:0;
?>