www
/
wwwroot
/
magazinmiorita.be
➕ New
📤 Upload
✎ Editing:
gateway.php
← Back
<?php ob_start(); include('includes/inc.config.php'); include('header.php'); if(isset($_POST['checkout'])){ $email = $database->sanitize($_POST['email']); $check_user = $database->execute("SELECT * FROM `customers` WHERE `email` = '$email'"); $chk_forum_email = mysqli_query($con,"select * from users where email = '$email'"); $chk_forum_user = mysqli_query($con,"select * from users where username = '$username'"); //Add user $username = $database->sanitize($_POST['username']); $password = $database->sanitize($_POST['password']); $password2 = $database->sanitize($_POST['password2']); $dbpassword = md5($_POST['password']); $epassword = $data->encrypt($_POST['password']); $salt = $data->random_key(12); $punbb_pass = sha1($salt.sha1($_POST['password'])); $fname = $database->sanitize($_POST['fname']); $lname = $database->sanitize($_POST['lname']); $company = $database->sanitize($_POST['company']); $address = $database->sanitize($_POST['address']); $zip = $database->sanitize($_POST['zip']); $city = $database->sanitize($_POST['city']); $phone = $database->sanitize($_POST['phone']); $total = $database->sanitize($_POST['total']); $shipp_total = $database->sanitize($_POST['shipp_total']); $random_salt = $data->random_key(12); $sitepass = "`password` = '".md5($_POST['password'])."', "; $siterepunbb_pass = "`epassword` = '".$data->encrypt($_POST['password'])."' "; $resalt = "`salt` = '".$random_salt."' "; $repunbb_pass = "`password` = '".sha1($random_salt.sha1($_POST['password']))."', "; $nickname = $database->sanitize($_POST['nickname']); if(isset($_POST['nickname']) && $_POST['nickname'] != ''){ $nickname = $database->sanitize($_POST['nickname']); }else{ $nickname = strtolower(str_replace(' ', '_',$fname))."_".$data->createOrderNr(3); } if(isset($_POST['ship_data'])){ $ship_address = $_POST['ship_address'].', '.$_POST['ship_city'].' '.$_POST['ship_zip']; $ship_zip = $database->sanitize($_POST['ship_zip']); $ship_city = $database->sanitize($_POST['ship_city']); }else{ $ship_address = ''; $ship_zip = ''; $ship_city = ''; } $status = '0'; if($loggedin == 0){ if($password != $password2){ $err_mes = 'Password does not match! Please try again.'; }else if(strlen($password) < 6){ $err_mes = 'password must contain at least 6 characters.'; }else if($database->num($check_user) > 0){ $err_mes = 'An account with email <b>'.$email.'</b> already exist. Please use another email address or try to login.'; }else if(mysqli_num_rows($chk_forum_user) > 0){ $err_mes = 'Ups! Acest Nickname nu este disponibil, te rugam sa alegi un alt nume!'; } if($err_mes == ''){ $add_user = $database->execute("INSERT INTO `customers` (`email`, `password`, `epassword`, `fname`, `lname`, `username`, `company`, `address`, `zip`, `city`, `phone`, `ship_address`, `ship_zip`, `ship_city`, `status`) VALUES ('$email', '$dbpassword', '$epassword', '$fname', '$lname', '$nickname', '$company', '$address', '$zip', '$city', '$phone', '$ship_address', '$ship_zip', '$ship_city', '$status')"); if(mysqli_num_rows($chk_forum_email) == 0){ $last_user_results = array(); $last_user = $database->execute("SELECT * FROM `customers` WHERE `email` = '$email' order by id desc limit 1"); while($row = $database->fetch($last_user)){ $last_user_id = $row['id']; } $add_punbb_user = mysqli_query($con,"INSERT INTO `users` (`site_id`, `group_id`, `username`, `password`, `salt`, `email`, `realname`, `email_setting`, `show_smilies`, `show_img_sig`, `show_avatars`, `show_sig`, `language`, `registration_ip`, `pun_bbcode_enabled`, `pun_bbcode_use_buttons`, `pun_pm_long_subject`, `registered`) VALUES ('$last_user_id', '3', '$nickname', '$punbb_pass', '$salt', '$email', '$fname $lname', '1', '1', '1', '1', '1', 'romanian', '".$data->getUserIP()."', '1', '1', '1', '".time()."')") or die(mysqli_error($con)); }else{ $update_forum = mysqli_query($con, "update users set `username` = '$nickname', `password` = '$punbb_pass', `salt` = '$salt' where email = '$email'") or die(mysqli_error($con)); } $reupdate_site = $database->execute("update customers set $sitepass $siterepunbb_pass where email = '$email'"); $reupdate_forum = mysqli_query($con, "update users set $repunbb_pass $resalt where email = '$email'"); } $last_user = $database->execute("SELECT * FROM `customers` WHERE `email` = '$email' order by id desc limit 1"); $row = $database->assoc($last_user); $last_user_id = $row['id']; }else{ $last_user_id = $_COOKIE['user_id']; } $cart = $_SESSION['cart']; $cart_ch = array(); foreach ($cart as $key => $item){ $itemdata = explode('|',$item); $ch['qt'] = $itemdata[4]; $ch['price'] = $itemdata[3]; $ch['type'] = $itemdata[2]; $ch['weight'] = $itemdata[1]; $ch['item_id'] = $itemdata[0]; $ch['amount'] = $itemdata[5]; $ch['calc_total'] += $itemdata[5]; $ch['chsubtotal'] = money_format('%.2n',$ch['calc_total']); $ch['chtotal'] = money_format('%.2n',$data->vat($ch['calc_total'],$data->settings('tax'))); $ch['ord_chtotal'] = $data->vat($ch['calc_total'],$data->settings('tax')); $ch['tax'] = money_format('%.2n',$data->tax($ch['calc_total'],$data->settings('tax'))); $ch['key'] = $key; $cart_ch[] = $ch; } if(isset($_POST['payment_method']) && $_POST['payment_method'] == 'cash'){ $product_id = implode(',', array_map(function ($entry) {return $entry['item_id'];}, $cart_ch)); $amount = $total; $indate = time(); $gateway = 'Cash'; $status = '0'; $add_order = $database->execute("INSERT INTO `orders` (`user_id`, `product_id`, `history`, `amount`, `shipp_amount`, `indate`, `gateway`, `status`) VALUES ('$last_user_id', '$product_id', '".serialize($cart)."', '$total', '$shipp_total', '$indate', '$gateway', '$status')"); $last_order_results = array(); $last_order = $database->execute(" SELECT * FROM `orders` WHERE `user_id` = '".$last_user_id."' order by id desc limit 1 "); while($row = $database->fetch($last_order)){ $last_order_id = $row['id']; } unset($_SESSION['cart']); $to = "like_geo26@yahoo.com"; $subject = "Comanda in asteptare la Magazin Miorita"; $message = " <html> <head> <title>Comanda in asteptare la Magazin Miorita</title> </head> <body> <p>O noua comanda pentru magazinul Miorita. Click <a href='http://www.magazinmiorita.be/admin'>aici</a> pentru a vedea comanda.</p> <h3>Detalii comanda</h3> <p>Client: ".$data->client_data($last_user_id,'fname')." ".$data->client_data($last_user_id,'lname')."</p> <p>Adresa Livrare: ".($ship_address ? $ship_address : $address.', '.$city.' '.$zip)."</p> <p>Telefon: $phone</p> <hr /> <table cellspacing='5'> <thead> <tr> <th>Qty</th> <th>Produs</th> <th>Unitate</th> <th>Price</th> <th>Total</th> </tr> </thead> "; foreach($cart_ch as $prod){ $message .= " <tr> <td style='border-right:1px solid #ccc'>".$prod['qt']."</td> <td style='border-right:1px solid #ccc'>".$data->item_data($prod['item_id'],'name')."</td> <td style='border-right:1px solid #ccc'>".$prod['weight']." ".$prod['type']."</td> <td style='border-right:1px solid #ccc'>".$prod['price']."€/".$prod['type']."</td> <td>".number_format($prod['amount'],2)."€</td> </tr> "; } $message .= " </table> <hr /> "; $message .= "<div align=\"right\">Total: ".number_format($ch['ord_chtotal'],2)."€</div>"; $message .=" </body> </html> "; // Always set content-type when sending HTML email $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n"; // More headers $headers .= 'From: <contact@magazinmiorita.be>' . "\r\n"; mail($to,$subject,$message,$headers); $to = $data->client_data($last_user_id,'email'); $subject = "Detalii comanda - Magazin Miorita"; $message = " <html> <head> <title>Detalii comanda - Magazin Miorita</title> </head> <body> <p>Multumim pentru comanda dvs in Magazinul Miorita! In scurt timp veti primi un apel telefonic din partea noastra pentru confirmare, in caz contrar va rugam sa ne apelati cat de repede posibil la nr de tel: 0484 590 893. Click <a href='http://www.magazinmiorita.be/clientarea'>aici</a> pentru mai multe detalii despre comanda dvs.</p> <h3>Detalii comanda cu nr: #$last_order_id</h3> <p>Client: ".$data->client_data($last_user_id,'fname')." ".$data->client_data($last_user_id,'lname')."</p> <p>Adresa Livrare: ".($ship_address ? $ship_address : $address.', '.$city.' '.$zip)."</p> <p>Metoda de plata: Cash la livrare</p> <p>Telefon: $phone</p> <hr /> <p>Produse comandate</p> <table cellspacing='5'> <thead> <tr> <th>Qty</th> <th>Produs</th> <th>Unitate</th> <th>Price</th> <th>Total</th> </tr> </thead> "; foreach($cart_ch as $prod){ $message .= " <tr> <td style='border-right:1px solid #ccc'>".$prod['qt']."</td> <td style='border-right:1px solid #ccc'>".$data->item_data($prod['item_id'],'name')."</td> <td style='border-right:1px solid #ccc'>".$prod['weight']." ".$prod['type']."</td> <td style='border-right:1px solid #ccc'>".$prod['price']."€/".$prod['type']."</td> <td>".number_format($prod['amount'],2)."€</td> </tr> "; } $message .= " </table> <hr /> "; $message .= "<div align=\"right\">Total: ".$ch['ord_chtotal']."</div>"; $message .=" </body> </html> "; $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n"; $headers .= 'From: <contact@magazinmiorita.be>' . "\r\n"; mail($to,$subject,$message,$headers); $usr_dd = $database->assoc($check_user); if($usr_dd['status'] == 0){ $akey = md5($data->encrypt($data->genPass())); $update_client = $database->execute("update customers set `activation_key` = '".$akey."' where id = '$last_user_id'"); $err_mes = '<span style="color:green">O cheie de activare a fost trimisa la adresa ta de email! Te rugam sa verifici folderul INBOX cat si folderul SPAM.</span>'; $to = $email; $subject = "Activare cont pentru Magazin Miorița "; $message = " <p>Salut $username!</p><br /> <p>Iti multumim pentru ca ai ales se devi un membru din comunitatea Magazinului Miorita, te rugăm să accesezi link-ul de mai jos pentru activarea contului tau.</p> <p>Link-ul de activare este: <a href=\"http://www.magazinmiorita.be/check.php?akey=$akey\">http://www.magazinmiorita.be/check.php?akey=$akey</a></p> <p>Daca intampini probeme la activarea contului, te rugam sa ne contactezi folosind formularul de contact de pe site.</p> <br /> <p>Numai bine, Administratia Magazinului Miorița</p> "; // Always set content-type when sending HTML email $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n"; // More headers $headers .= 'From: <noreply@magazinmiorita.be>' . "\r\n"; mail($to,$subject,$message,$headers); } header('Location: order_recived.php?gateway=cash&id='.$last_order_id); exit; /* }else if(isset($_POST['payment_method']) && $_POST['payment_method'] == 'paypal'){ $product_id = implode(',', array_map(function ($entry) {return $entry['item_id'];}, $cart_ch)); $amount = $ch['ord_chtotal']; $indate = time(); $gateway = 'PayPal'; $status = '0'; $notes = $_POST['notes']; $add_order = $database->execute("INSERT INTO `orders` (`user_id`, `product_id`, `history`, `amount`, `indate`, `gateway`, `notes`, `status`) VALUES ('$last_user_id', '$product_id', '".serialize($cart)."', '$amount', '$indate', '$gateway', '$notes', '$status')"); $last_order_results = array(); $last_order = $database->execute(" SELECT * FROM `orders` WHERE `user_id` = '".$last_user_id."' order by id desc limit 1 "); while($row = $database->fetch($last_order)){ $last_order_id = $row['id']; } $first_name = $_POST['fname']; $last_name = $_POST['lname']; $email = $_POST['email']; $ship_to_address = $_POST['address'].', '.$_POST['city'].' '.$_POST['zip']; $ship_to_city = $_POST['ship_city']; $ship_to_state = $_POST['ship_region']; $ship_to_zip = $_POST['ship_zip']; // Prepare GET data $query = array(); $query['notify_url'] = ROOT_URL.'/includes/gateways/paypal/ipn.php?type=order'; $query['return'] = ROOT_URL.'order_recived.php?gateway=paypal_done&id='.$last_order_id; $query['cancel_return'] = ROOT_URL.'clientarea/dashboard.php?cancel'; $query['cmd'] = '_cart'; $query['upload'] = '1'; $query['currency_code'] = 'EUR'; $query['business'] = $data->settings('paypal_email'); $query['address_override'] = '1'; $query['first_name'] = $first_name; $query['last_name'] = $last_name; $query['email'] = $email; $query['custom'] = $user_id.'|'.$last_order_id.'|'.$amount.'|'.$data->settings('currency').'|'.session_id(); $query['address1'] = $ship_to_address; $query['city'] = $ship_to_city; $query['state'] = $ship_to_state; $query['zip'] = $ship_to_zip; $query['tax_cart'] = $data->tax($ch['calc_total'],$data->settings('tax')); $i=1; foreach($cart_ch as $value){ $query['item_name_'.$i] = $data->item_data($value['item_id'],'name'); $query['quantity_'.$i] = '1'; $query['amount_'.$i] = $value['amount']; $i++; } // Prepare query string $query_string = http_build_query($query); unset($_SESSION['message']); $pp_url = ($data->settings('paypal_test') == '1' ? 'https://www.sandbox.paypal.com/cgi-bin/webscr' : 'https://www.paypal.com/cgi-bin/webscr'); $to = "like_geo26@yahoo.com"; $subject = "Comanda in asteptare la Magazin Miorita"; $message = " <html> <head> <title>Comanda in asteptare la Magazin Miorita</title> </head> <body> <p>O noua comanda pentru magazinul Miorita. Click <a href='http://www.magazinmiorita.be/admin'>aici</a> pentru a vedea comanda.</p> <h3>Detalii comanda</h3> <p>Client: ".$data->client_data($last_user_id,'fname')." ".$data->client_data($last_user_id,'lname')."</p> <p>Adresa Livrare: ".($ship_address ? $ship_address : $address.', '.$city.' '.$zip)."</p> <p>Telefon: $phone</p> <hr /> <table cellspacing='5'> <thead> <tr> <th>Qty</th> <th>Produs</th> <th>Unitate</th> <th>Price</th> <th>Total</th> </tr> </thead> "; foreach($cart_ch as $prod){ $message .= " <tr> <td style='border-right:1px solid #ccc'>".$prod['qt']."</td> <td style='border-right:1px solid #ccc'>".$data->item_data($prod['item_id'],'name')."</td> <td style='border-right:1px solid #ccc'>".$prod['weight']." ".$prod['type']."</td> <td style='border-right:1px solid #ccc'>".$prod['price']."€/".$prod['type']."</td> <td>".number_format($prod['amount'],2)."€</td> </tr> "; } $message .= " </table> <hr /> "; $message .= "<div align=\"right\">Total: ".$ch['ord_chtotal']."</div>"; $message .=" </body> </html> "; $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n"; $headers .= 'From: <contact@magazinmiorita.be>' . "\r\n"; mail($to,$subject,$message,$headers); $to = $data->client_data($last_user_id,'email'); $subject = "Detalii comanda - Magazin Miorita"; $message = " <html> <head> <title>Detalii comanda - Magazin Miorita</title> </head> <body> <p>Multumim pentru comanda dvs in Magazinul Miorita! In scurt timp veti primi un apel telefonic din partea noastra pentru confirmare, in caz contrar va rugam sa ne apelati cat de repede posibil la nr de tel: 0484 590 893. Click <a href='http://www.magazinmiorita.be/clientarea'>aici</a> pentru mai multe detalii despre comanda dvs.</p> <h3>Detalii comanda cu nr: #$last_order_id</h3> <p>Client: ".$data->client_data($last_user_id,'fname')." ".$data->client_data($last_user_id,'lname')."</p> <p>Adresa Livrare: ".($ship_address ? $ship_address : $address.', '.$city.' '.$zip)."</p> <p>Metoda de plata: PayPal</p> <p>Telefon: $phone</p> <hr /> <p>Produse comandate</p> <table cellspacing='5'> <thead> <tr> <th>Qty</th> <th>Produs</th> <th>Unitate</th> <th>Price</th> <th>Total</th> </tr> </thead> "; foreach($cart_ch as $prod){ $message .= " <tr> <td style='border-right:1px solid #ccc'>".$prod['qt']."</td> <td style='border-right:1px solid #ccc'>".$data->item_data($prod['item_id'],'name')."</td> <td style='border-right:1px solid #ccc'>".$prod['weight']." ".$prod['type']."</td> <td style='border-right:1px solid #ccc'>".$prod['price']."€/".$prod['type']."</td> <td>".number_format($prod['amount'],2)."€</td> </tr> "; } $message .= " </table> <hr /> "; $message .= "<div align=\"right\">Total: ".$ch['ord_chtotal']."</div>"; $message .=" </body> </html> "; $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n"; $headers .= 'From: <contact@magazinmiorita.be>' . "\r\n"; mail($to,$subject,$message,$headers); if($usr_dd['status'] == 0){ $akey = md5($data->encrypt($data->genPass())); $update_client = $database->execute("update customers set `activation_key` = '".$akey."' where id = '$last_user_id'"); $err_mes = '<span style="color:green">O cheie de activare a fost trimisa la adresa ta de email! Te rugam sa verifici folderul INBOX cat si folderul SPAM.</span>'; $to = $email; $subject = "Activare cont pentru Magazin Miorița "; $message = " <p>Salut $username!</p><br /> <p>Iti multumim pentru ca ai ales se devi un membru din comunitatea Magazinului Miorita, te rugăm să accesezi link-ul de mai jos pentru activarea contului tau.</p> <p>Link-ul de activare este: <a href=\"http://www.magazinmiorita.be/check.php?akey=$akey\">http://www.magazinmiorita.be/check.php?akey=$akey</a></p> <p>Daca intampini probeme la activarea contului, te rugam sa ne contactezi folosind formularul de contact de pe site.</p> <br /> <p>Numai bine, Administratia Magazinului Miorița</p> "; // Always set content-type when sending HTML email $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n"; // More headers $headers .= 'From: <noreply@magazinmiorita.be>' . "\r\n"; mail($to,$subject,$message,$headers); } header('Location: '.$pp_url.'?'.$query_string); exit; } */ }else{ $err_mes = 'Invalid action, please play fair!'; $_SESSION['message'] = $err_mes; header('Location: checkout.php'); exit; } } $smarty->display('gateway.tpl'); ?>
💾 Save Changes
Cancel
📤 Upload File
×
Select File
Upload
Cancel
➕ Create New
×
Type
📄 File
📁 Folder
Name
Create
Cancel
✎ Rename Item
×
Current Name
New Name
Rename
Cancel
🔐 Change Permissions
×
Target File
Permission (e.g., 0755, 0644)
0755
0644
0777
Apply
Cancel