Location: PHPKode > projects > Warp.cms - php/mysql content management > warp_121/cart_pay_zipzap.php
<?php

// [e-commerce payment module (standard release) - (to use only with 'zipzap.co.nz' payment gateway CCVS) v.1.2.1]
// xantis.warp.cms - version 1.2
// (c) 2002 xantis - all rights reserved
// this code is registered and protected by international copyrights laws

// !!! other payment gateways as :: verisign.com, cybercash.com, authorize.net, ... :: can be created for licensed versions !!!
// !!! any other payment gateway than 'zipzap.co.nz' requires a supplementary particular design with no charge for licensed versions !!!
// !!! if you own a licensed version of warp.cms you may ask for any payment gateway implementation (no additional charge) !!!
// !!! the warp.cms shopping cart can use any payment gateway with no limitations !!!


//####### Register Globals !

extract($HTTP_ENV_VARS);
extract($HTTP_GET_VARS);
extract($HTTP_POST_VARS);
extract($HTTP_COOKIE_VARS);
extract($HTTP_SERVER_VARS);

//#########################


//---------------------------------------------------------------------
$yecomm_zpay_xid = '35000038'; 			// the merchant account id on payment gateway (35000038 test account)
$yecomm_zpay_gateway = 'Secure Payment Gateway SSL 128 : ZipZap.co.nz Credit Card Processor';
$yecomm_zpay_title = 'Online Payment Form';
$yecomm_zpay_info_1 = 'This connection is SSL 128 secured. No Credit Card information will be stored on this website. All the information you submit over a SSL 128 connection is secure (no one can see or decrypt the information).';
$yecomm_zpay_info_2 = 'The accepted credit cards for payment are : Visa, Master Card, American Express, Diner\'s Club.';
$yecomm_zpay_info_3 = 'Enter your credit card number and the expiration date and submit the information. Check twice your credit card number and the expiration date. Due to the extra security reasons you will can not repeat the payment for this order. If an order remains unpaid it will be treated as invalid. Wait while your credit card is being verified. Do not press any button within your browser until the result of verification will be displayed ! After the credit card verification, follow the onscreen instructions.';
$yecomm_zpay_info_4 = 'If any error occurs in your credit card verification do not try to repeat the operation. Contact immediately the website administrator.';

$yecomm_zpay_form_bttn = 'Pay Now ! (DEMO)';
$yecomm_zpay_err_na = 'Payment has been successfully done !';
$yecomm_zpay_err_00 = 'TRANSACTION ERROR : Response data failure.';
$yecomm_zpay_err_01 = 'TRANSACTION ERROR : Invalid order ID response.';
$yecomm_zpay_err_02 = 'TRANSACTION ERROR : Invalid currency response.';
$yecomm_zpay_err_03 = 'TRANSACTION ERROR : Invalid amount response.';
$yecomm_zpay_err_04 = 'TRANSACTION ERROR : Order is locked.';
$yecomm_zpay_err_05 = 'TRANSACTION ERROR : '; //simple
$yecomm_zpay_err_anote = 'Wait for administration confirmation of this error.';
$yecomm_zpay_err_zreff = 'Reff order no.';
$yecomm_zpay_note_pay_ok = 'All products that require delivery by postal service will be delivered according with the order specifications. For the products that require download delivery go to your personal account (User Orders Tracking - section) to start downloading data, or you may do it later (all this downloads will be active only one time). Concerning the services, you will receive all the details in the shortest time. For any enquiry contact the website administrator. You can view / print your orders / status into your personal account, User Orders Tracking section.';
$yecomm_zpay_note_pay_notok = 'Contact the website administrator now, or you can wait to be contacted by us in the shortest time concerning this transaction error. It may happen that the error to come later than the pay is accepted. DO NOT REPEAT THE PAYMENT BEFORE YOU ASSURE BY CONTACTING US IF THE PAYMENT WAS DONE OR NOT. If the payment was already done and the error occurs later, your order will be processed as a paid order, else the order will be canceled. You can view / print your orders / status into your personal account, User Orders Tracking section.';
$yecomm_zpay_tot_paid = 'Total Amount Paid';
$yecomm_zpay_cc_num = 'Your Credit Card Number';
$yecomm_zpay_cc_exp = 'Expiration date (yymm)';
//---------------------------------------------------------------------


$xnt_control_var = 'xnt2002warp.cms';

if (empty($yfilename)) {
	$yfilename = 'cart_pay_zipzap.php';
} //end if

require("lib_adv.php");


//check session if form
if ($payxop == 'form') {
	if (strlen($wpsid) < '32') {
		$hlocal_sess_req_redr = "$ywebsite_addr".'xindex.php';
		header("Location: $hlocal_sess_req_redr");
	} //end if
} //end if




//#########################################################################


function xcart_pay_module () {

//special
global	$wpqid, $wpsid, $wordid, $payxop ;

//main
global	$arr_var_result, $PHP_AUTH_PW, $PHP_AUTH_USER,
	$warp_registrat_fail, $y_warp_err_data_failure,
	$warp_numform_decimal_sep, $warp_numform_thousand_sep,
	$y_warp_xdate, $y_warp_xtime ;

//sec
global	$wrshruid_xhlock_fct_usr_id ;

//ecomm
global	$yecomm_shoppingcart_title, $ywarp_max_display_cfg, $ybar_menu_color, 
	$yecomm_shoppingcart, $yecomm_order_xsafety_note, $ymain_color, $ywebsite_addr_secure, 
	$y_warp_picts_dir, $yprods_item_cartprocess, $yecomm_your_shoppingcart, $yecomm_your_shoppingcart_s2, 
	$yecomm_your_shoppingcart_s3, $yecomm_your_shoppingcart_s4, 
	$y_warp_profile_text, $ywusr_xentire_cxinfo, $ywusr_xentire_company, $ywusr_xentire_name, 
	$ywusr_xentire_addr, $ywusr_xentire_phone, $ywusr_xentire_email, $ywusr_user_forcompany, $yecomm_cart_user_note,
	$ywebsite_addr, $ywusr_adm_cont_lnk_txt ;

//pay form
global	$yecomm_zpay_gateway, $yecomm_zpay_title, $yecomm_zpay_info_1, $yecomm_zpay_info_2, $yecomm_zpay_info_3,
	$yecomm_zpay_info_4, $yecomm_order_invoice_prof , $yecomm_order_ord_no, $yecomm_crt_total_topay,
	$yecomm_zpay_xid, $y_warp_office_email, $yecomm_zpay_form_bttn, $y_warp_back_text_x,
	$yecomm_zpay_cc_num, $yecomm_zpay_cc_exp, $yecomm_zpay_err_anote, $yecomm_zpay_err_zreff ;


//reff
global	$hlx_apache_headers_reff, $y_warp_direct_file_acc_msg_reff;



//---------------------
if (empty($payxop)) {
	$payxop = 'payres';
} //end if
//---------------------


//---------------------------------------------------------page header
xheader ("$yecomm_shoppingcart_title", 'secure');
xcenter_start ();
xshow_page_title_ssl ("$yecomm_shoppingcart_title", "$wpsid");
xnewline ();
//---------------------------------------------------------



//###################################### pay form


if ($payxop == 'form') {

	//------------------
	//get, check user
	xrecheck_secure_header_ret_usrid ('y');
	$ylocal_pay_auth_usr_id = $wrshruid_xhlock_fct_usr_id;

	$arr_var_result = array();
	$WARP_B64_ENC_AUTH_PASSW = base64_encode($PHP_AUTH_PW);
	xmysql_read_data ("SELECT id FROM users WHERE ( (usr_name='$PHP_AUTH_USER') AND (usr_pass='$WARP_B64_ENC_AUTH_PASSW') ) ");

	$arr_usr_data = $arr_var_result;
	if ( (empty($arr_usr_data[0])) OR ($arr_usr_data[0] <> $ylocal_pay_auth_usr_id) ) {
		xzerr_die_after_header ("$warp_registrat_fail");
	} //end if

	//if no order id die
	if (strlen($wordid) < '25') {
		xzerr_die_after_header ($y_warp_err_data_failure);
	} //end if


	//------------------
	//get order
	$arr_var_result = array();
	xmysql_read_data ("SELECT id, usr_all_name, usr_company, usr_all_addr, usr_phone, usr_email, usr_by_co, tot_pay, w_crr_name, w_crr_id FROM orders WHERE ( ( ord_id='$wordid' ) AND (usr_id='$ylocal_pay_auth_usr_id') AND (payed<>'y') AND (ord_lock<>'y') ) ");

	//compare with db data
	if (empty($arr_var_result[0])) {
	xzerr_die_after_header ($y_warp_err_data_failure);
	} //end if

	//do step update
	xmysql_write_data ("UPDATE orders SET status=CONCAT(status, ' [step enter payment done] ') WHERE ( ( ord_id='$wordid' ) AND (usr_id='$ylocal_pay_auth_usr_id') AND (payed<>'y') ) ");


	//--------------------------------------

	//==================== products categs where bar

	xtable_start ("$ywarp_max_display_cfg");
		xtable_row_start ();
			xtable_column_start ('1', '', "$ybar_menu_color");
				xtext_small ('|');
				xspace ();
				xtext_small ("<b>$yecomm_shoppingcart</b>");
				xspace ();
				xtext_small ('|');
			xtable_column_end ();
		xtable_row_end ();
	xtable_end ();

	xnewline ();

	//=====================================



	//==================== warning

	xtable_start ("$ywarp_max_display_cfg");

		xtable_row_start ();
			xtable_column_start_vcenter ('1', '20%', "$ybar_menu_color");
				xcenter_right_start ();
					xvpix_h ('5');
					xnewline ();

					xwriteflash_nobg_var ('flagger.swf',
					"&xaction=".rawurlencode('wrn').
					"&"
					, '30', '30');

					xspace ();
					xspace ();
				xcenter_end ();
			xtable_column_end ();

			xtable_column_start_vcenter ('1', '60%', "$ybar_menu_color");
				xtext_small ("$yecomm_order_xsafety_note");
			xtable_column_end ();

			xtable_column_start_vcenter ('1', '20%', "$ybar_menu_color");
					xspace ();
			xtable_column_end ();
		xtable_row_end ();

	xtable_end ();
	xnewline ();

	//=====================================


	//==================== cart process info

	xtable_start ("$ywarp_max_display_cfg");

		xtable_row_start ();
			xtable_column_start_vcenter ('1', '20%', "$ymain_color");
				xcenter_right_start ();
					xvpix_h ('5');
					xnewline ();
					xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/prod_cart.jpg', '30', '30', "$yecomm_shoppingcart");
					xspace ();
					xspace ();
				xcenter_end ();
			xtable_column_end ();

			xtable_column_start_vcenter ('1', '60%', "$ymain_color");
					xtext_small ('<b>'."$yprods_item_cartprocess".'</b>');
			xtable_column_end ();

			xtable_column_start_vcenter ('1', '20%', "$ymain_color");
					xspace ();
			xtable_column_end ();
		xtable_row_end ();

		xtable_row_start ();
			xtable_column_start_vcenter ('1', '20%', "$ymain_color");
					xspace ();
			xtable_column_end ();

			xtable_column_start_vcenter ('1', '60%', "$ymain_color");
				xtext_small ('<i>'.'1. '."$yecomm_your_shoppingcart".'</i>');
				xnewline ();
				xtext_small ('<i>'.'2. '."$yecomm_your_shoppingcart_s2".'</i>');
				xnewline ();
				xtext_small ('<i>'.'3. '."$yecomm_your_shoppingcart_s3".'</i>');
				xnewline ();
				xtext_small ('<b><i>'.'4. '."$yecomm_your_shoppingcart_s4".'</i></b>');
				xnewline ();
				xnewline ();
			xtable_column_end ();

			xtable_column_start_vcenter ('1', '20%', "$ymain_color");
					xspace ();
			xtable_column_end ();
		xtable_row_end ();

	xtable_end ();
	xnewline ();

	//=====================================


	//==================== user info

	xtable_start ("$ywarp_max_display_cfg");

		xtable_row_start ();
			xtable_column_start_vcenter ('1', '20%', "$ymain_color");
				xcenter_right_start ();
					xvpix_h ('5');
					xnewline ();
					xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/usr_accnt.jpg', '30', '30', "$y_warp_profile_text");
					xspace ();
					xspace ();
				xcenter_end ();
			xtable_column_end ();

			xtable_column_start_vcenter ('1', '60%', "$ymain_color");
					xtext_small ('<b>'."$ywusr_xentire_cxinfo".'</b>'." ($PHP_AUTH_USER) ");
			xtable_column_end ();

			xtable_column_start_vcenter ('1', '20%', "$ymain_color");
					xspace ();
			xtable_column_end ();
		xtable_row_end ();

		xtable_row_start ();
			xtable_column_start_vcenter ('1', '20%', "$ymain_color");
					xspace ();
			xtable_column_end ();

			xtable_column_start_vcenter ('1', '60%', "$ymain_color");
				if ($arr_var_result[6] == 'y') {
					xtext_small ("$ywusr_xentire_company".' : <b>'."$arr_var_result[2]".'</b>');
					xnewline ();
				} //end if
				else {
					xtext_small ("$ywusr_xentire_name".' : <b>'."$arr_var_result[1]".'</b>');
					xnewline ();
				} //end else
				xtext_small ("$ywusr_xentire_addr".' : <b>'."$arr_var_result[3]".'</b>');
				xnewline ();
				xtext_small ("$ywusr_xentire_phone".' : <b>'."$arr_var_result[4]".'</b>');
				xnewline ();
				xtext_small ("$ywusr_xentire_email".' : <b>'."$arr_var_result[5]".'</b>');
				xnewline ();

				if ($arr_var_result[6] == 'y') {
					xtext_small ("$ywusr_user_forcompany".' : <b>'."$arr_var_result[1]".'</b>');
					xnewline ();
				} //end if

				xnewline ();
				xtext_small ('<i>'."$yecomm_cart_user_note".'</i>');
				xnewline ();
				xnewline ();
			xtable_column_end ();

			xtable_column_start_vcenter ('1', '20%', "$ymain_color");
					xspace ();
			xtable_column_end ();
		xtable_row_end ();

	xtable_end ();
	xnewline ();

	//=====================================


	//==================== pay form

	xtable_start ("$ywarp_max_display_cfg");

		xtable_row_start ();
			xtable_column_start ('1', '20%', "$ymain_color");
				xcenter_right_start ();
					xnewline();
					xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/cc_visa.jpg', '30', '30', 'Visa');
					xspace ();
					xspace ();
					xnewline ();
					xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/cc_master.jpg', '30', '30', 'Master Card');
					xspace ();
					xspace ();
					xnewline ();
					xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/cc_amex.jpg', '30', '30', 'American Express');
					xspace ();
					xspace ();
					xnewline ();
					xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/cc_dinners.jpg', '30', '30', 'Dinner\'s Club');
					xspace ();
					xspace ();

				xcenter_end ();
			xtable_column_end ();

			xtable_column_start_vcenter ('1', '60%', "$ymain_color");
					xnewline();
					xtext_small ('<b>'."$yecomm_zpay_title".':</b>');
					xnewline();
					xtext_small ('<i>( '."$yecomm_zpay_gateway".' )</i>');
					xnewline();
					xnewline();
					xtext_small ("$yecomm_zpay_info_1");
					xnewline();
					xtext_small ("$yecomm_zpay_info_2");
					xnewline();
					xnewline();
					xtext_small ("$yecomm_zpay_info_3");
					xnewline();
					xtext_small ("$yecomm_zpay_info_4");
					xnewline();
					xvline ('100%');
					xnewline();
					xtext_small ("$yecomm_order_invoice_prof".' : '.'<b>'."$arr_var_result[0]".'</b>');
					xnewline();
					xtext_small ("$yecomm_order_ord_no".' : '.'<b>'."$wordid".'</b>');
					xnewline();
					xnewline();
					xtext_small ("$yecomm_crt_total_topay".' : '.'<b>'.number_format($arr_var_result[7], 2, $warp_numform_decimal_sep, $warp_numform_thousand_sep).' '."$arr_var_result[8]".'</b>');
					xnewline();

					//================== PAYMENT FORM zipzap

					$uy_ht_md5_chk = md5($wordid.number_format("$arr_var_result[7]", 2, '.', '').$arr_var_result[9]);

					xform_start ('payment', "https://zipzap.zipzap.co.nz/servlets/zipzap");
						xform_hidden ('OPS_ID', "$yecomm_zpay_xid"); 					//merchant id on zipzap
						xform_hidden ('EMAIL', "$arr_var_result[5]"); 					//customer e-mail
						xform_hidden ('ORDERNO', "$wordid"); 						//order id
						xform_hidden ('AMOUNT', number_format("$arr_var_result[7]", 2, '.', '')); 	//amount to pay 000.00
						xform_hidden ('CURRENCY', "$arr_var_result[9]"); 				//currency code
						xform_hidden ('TYPE', 'P');							//transaction type (P=purchase)

						xform_hidden ('CGIURL', "$ywebsite_addr_secure".'cart_pay_zipzap.php');		//url of gateway response

						xform_hidden ('VAR1', "$wpqid");						//additional var 1
						xform_hidden ('VAR2', "$wpsid");						//additional var 2
						xform_hidden ('VAR3', "$uy_ht_md5_chk");					//additional var 3

						xcenter_start ();

							xtable_start ('');
								xtable_row_start ();
									xtable_column_start ('1', '', "$ymain_color");
										xcenter_start ();
											xtext_small ("$yecomm_zpay_cc_num");
										xcenter_end ();
									xtable_column_end ();
									xtable_column_start ('1', '', "$ymain_color");
										xspace();
										xspace();
										xspace();
										xspace();
										xspace();
									xtable_column_end ();
									xtable_column_start ('1', '', "$ymain_color");
										xcenter_start ();
											xtext_small ("$yecomm_zpay_cc_exp");
										xcenter_end ();
									xtable_column_end ();
								xtable_row_end ();
								xtable_row_start ();
									xtable_column_start ('1', '', "$ymain_color");
										xcenter_start ();
											xform_text_box ('CARDNUM', '16', '16', '');//credit card input (Visa, Master Card, American Express, Dinner's club (test=6009199900000017)
										xcenter_end ();
									xtable_column_end ();
									xtable_column_start ('1', '', "$ymain_color");
										xspace();
										xspace();
										xspace();
										xspace();
										xspace();
									xtable_column_end ();
									xtable_column_start ('1', '', "$ymain_color");
										xcenter_start ();
											xform_text_box ('EXPIRY', '4', '4', ''); //credit card expiration input [yymm (format)] (test=0912)
										xcenter_end ();
									xtable_column_end ();
								xtable_row_end ();
							xtable_end ();

							xnewline();
							xform_send_bttn ("$yecomm_zpay_form_bttn");

						xcenter_end ();

					xform_end ();

					//================== END OF PAYMENT FORM zipzap

					xvline ('100%');
					xnewline();
			xtable_column_end ();

			xtable_column_start_vcenter ('1', '20%', "$ymain_color");
					xspace ();
			xtable_column_end ();
		xtable_row_end ();

	xtable_end ();
	xnewline ();

} //end if

//######################################


//###################################### gateway response

if ($payxop == 'payres') {

	global	$VAR1, $VAR2, $VAR3 ;
	global 	$EMAIL ;
	global	$SEQNUMBER ;
	global	$RESULT, $RESPTEXT, $AMOUNT, $ORDERNUMBER, $CURRENCY ;
	global	$QUERY_STRING, $REQUEST_METHOD ;

	global	$yecomm_zpay_err_00, $yecomm_zpay_err_01, $yecomm_zpay_err_02,
		$yecomm_zpay_err_03, $yecomm_zpay_err_04, $yecomm_zpay_err_05,
		$yecomm_zpay_err_na, $yecomm_zpay_note_pay_ok, $yecomm_zpay_note_pay_notok,
		$yecomm_zpay_tot_paid ;


	//re-estab vars
	$wpqid = $VAR1 ;
	$wpsid = $VAR2 ;
	$wmd5o = $VAR3 ;
	$wordid = $ORDERNUMBER ;

	switch ($CURRENCY) {
		case 'EUR' :
			$rx_crrency = '978';
			break;
		case 'USD' :
			$rx_crrency = '840';
			break;
		case 'GBP' :
			$rx_crrency = '826';
			break;
		default:
			$rx_crrency = '000';
			;
	} //end switch

	$rx_md5_checker_str_sec = md5($ORDERNUMBER.$AMOUNT.$rx_crrency);

	//safe security http referer check
	//-----------------------------
	$hlx_apache_headers = getallheaders();
	$hlx_apache_headers_reff = $hlx_apache_headers['Referer'];
	$hlx_warp_location_this = "$ywebsite_addr_secure".'cart_pay_zipzap.php';
	//-----------------------------
	$arr_payr_usr_dat = array();
	$WARP_B64_ENC_AUTH_PASSW = base64_encode($PHP_AUTH_PW);
	xmysql_read_data ("SELECT id FROM users WHERE ( (usr_name='$PHP_AUTH_USER') AND (usr_pass='$WARP_B64_ENC_AUTH_PASSW') ) ");
	$arr_payr_usr_dat = $arr_var_result;
	//-----------------------------

	if ($hlx_apache_headers_reff == $hlx_warp_location_this) {

		$arr_payr_ord_dat = array();
		xmysql_read_data ("SELECT id, usr_all_name, usr_company, usr_all_addr, usr_phone, usr_email, usr_by_co, tot_pay, w_crr_name, w_crr_id, w_crr, ord_lock, xxall_list FROM orders WHERE ( ( ord_id='$wordid' ) AND (usr_id='$arr_payr_usr_dat[0]') ) ");
		$arr_payr_ord_dat = $arr_var_result;


		//==================== products categs where bar

		xtable_start ("$ywarp_max_display_cfg");
			xtable_row_start ();
				xtable_column_start ('1', '', "$ybar_menu_color");
					xtext_small ('|');
					xspace ();
					xtext_small ("<b>$yecomm_shoppingcart</b>");
					xspace ();
					xtext_small ('|');
				xtable_column_end ();
			xtable_row_end ();
		xtable_end ();

		xnewline ();

		//=====================================



		//==================== warning

		xtable_start ("$ywarp_max_display_cfg");

			xtable_row_start ();
				xtable_column_start_vcenter ('1', '20%', "$ybar_menu_color");
					xcenter_right_start ();
						xvpix_h ('5');
						xnewline ();

						xwriteflash_nobg_var ('flagger.swf',
						"&xaction=".rawurlencode('wrn').
						"&"
						, '30', '30');

						xspace ();
						xspace ();
					xcenter_end ();
				xtable_column_end ();

				xtable_column_start_vcenter ('1', '60%', "$ybar_menu_color");
					xtext_small ("$yecomm_order_xsafety_note");
				xtable_column_end ();

				xtable_column_start_vcenter ('1', '20%', "$ybar_menu_color");
					xspace ();
				xtable_column_end ();
			xtable_row_end ();

		xtable_end ();
		xnewline ();

		//=====================================


		//==================== cart process info

		xtable_start ("$ywarp_max_display_cfg");

			xtable_row_start ();
				xtable_column_start_vcenter ('1', '20%', "$ymain_color");
					xcenter_right_start ();
						xvpix_h ('5');
						xnewline ();
						xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/prod_cart.jpg', '30', '30', "$yecomm_shoppingcart");
						xspace ();
						xspace ();
					xcenter_end ();
				xtable_column_end ();

				xtable_column_start_vcenter ('1', '60%', "$ymain_color");
						xtext_small ('<b>'."$yprods_item_cartprocess".'</b>');
				xtable_column_end ();

				xtable_column_start_vcenter ('1', '20%', "$ymain_color");
						xspace ();
				xtable_column_end ();
			xtable_row_end ();

			xtable_row_start ();
				xtable_column_start_vcenter ('1', '20%', "$ymain_color");
						xspace ();
				xtable_column_end ();

				xtable_column_start_vcenter ('1', '60%', "$ymain_color");
					xtext_small ('<i>'.'1. '."$yecomm_your_shoppingcart".'</i>');
					xnewline ();
					xtext_small ('<i>'.'2. '."$yecomm_your_shoppingcart_s2".'</i>');
					xnewline ();
					xtext_small ('<i>'.'3. '."$yecomm_your_shoppingcart_s3".'</i>');
					xnewline ();
					xtext_small ('<b><i>'.'4. '."$yecomm_your_shoppingcart_s4".'</i></b>');
					xnewline ();
					xnewline ();
				xtable_column_end ();

				xtable_column_start_vcenter ('1', '20%', "$ymain_color");
					xspace ();
				xtable_column_end ();
			xtable_row_end ();

		xtable_end ();
		xnewline ();

		//=====================================


		//==================== user info

		xtable_start ("$ywarp_max_display_cfg");

			xtable_row_start ();
				xtable_column_start_vcenter ('1', '20%', "$ymain_color");
					xcenter_right_start ();
						xvpix_h ('5');
						xnewline ();
						xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/usr_accnt.jpg', '30', '30', "$y_warp_profile_text");
						xspace ();
						xspace ();
					xcenter_end ();
				xtable_column_end ();

				xtable_column_start_vcenter ('1', '60%', "$ymain_color");
						xtext_small ('<b>'."$ywusr_xentire_cxinfo".'</b>'." ($PHP_AUTH_USER) ");
				xtable_column_end ();

				xtable_column_start_vcenter ('1', '20%', "$ymain_color");
						xspace ();
				xtable_column_end ();
			xtable_row_end ();

			xtable_row_start ();
				xtable_column_start_vcenter ('1', '20%', "$ymain_color");
						xspace ();
				xtable_column_end ();

				xtable_column_start_vcenter ('1', '60%', "$ymain_color");
					if ($arr_payr_ord_dat[6] == 'y') {
						xtext_small ("$ywusr_xentire_company".' : <b>'."$arr_payr_ord_dat[2]".'</b>');
						xnewline ();
					} //end if
					else {
						xtext_small ("$ywusr_xentire_name".' : <b>'."$arr_payr_ord_dat[1]".'</b>');
						xnewline ();
					} //end else
					xtext_small ("$ywusr_xentire_addr".' : <b>'."$arr_payr_ord_dat[3]".'</b>');
					xnewline ();
					xtext_small ("$ywusr_xentire_phone".' : <b>'."$arr_payr_ord_dat[4]".'</b>');
					xnewline ();
					xtext_small ("$ywusr_xentire_email".' : <b>'."$arr_payr_ord_dat[5]".'</b>');
					xnewline ();

					if ($arr_payr_ord_dat[6] == 'y') {
						xtext_small ("$ywusr_user_forcompany".' : <b>'."$arr_payr_ord_dat[1]".'</b>');
						xnewline ();
					} //end if

					xnewline ();
				xtable_column_end ();

				xtable_column_start_vcenter ('1', '20%', "$ymain_color");
						xspace ();
				xtable_column_end ();
			xtable_row_end ();

		xtable_end ();
		xnewline ();

		//=====================================


		//===================================== internal comparisons
		$vzipzap_res_accepter = 'ok';
		$vzipzap_res_message = $yecomm_zpay_err_na;

		//check md5
		if ($rx_md5_checker_str_sec != $wmd5o) {
			if ($vzipzap_res_accepter == 'ok') {
				$vzipzap_res_message = $yecomm_zpay_err_00;
			} //end if
			$vzipzap_res_accepter = 'notok';
		} //end if

		//check order
		if (empty($arr_payr_ord_dat[0])) {
			if ($vzipzap_res_accepter == 'ok') {
				$vzipzap_res_message = $yecomm_zpay_err_01;
			} //end if
			$vzipzap_res_accepter = 'notok';
		} //end if

		//check currency
		if (strtoupper($arr_payr_ord_dat[10]) != $CURRENCY) {
			if ($vzipzap_res_accepter == 'ok') {
				$vzipzap_res_message = $yecomm_zpay_err_02;
			} //end if
			$vzipzap_res_accepter = 'notok';
		} //end if

		//check amount
		if ($arr_payr_ord_dat[7] != $AMOUNT) {
			if ($vzipzap_res_accepter == 'ok') {
				$vzipzap_res_message = $yecomm_zpay_err_03;
			} //end if
			$vzipzap_res_accepter = 'notok';
		} //end if

		//check locked order
		if ($arr_payr_ord_dat[11] != 'n') {
			if ($vzipzap_res_accepter == 'ok') {
				$vzipzap_res_message = $yecomm_zpay_err_04;
			} //end if
			$vzipzap_res_accepter = 'notok';
		} //end if

		//===================================== external comparisons

		//check gateway answer
		if ($RESULT != 'Approved') {
			if ($vzipzap_res_accepter == 'ok') {
				$vzipzap_res_message = $yecomm_zpay_err_05.' '.$RESPTEXT;
			} //end if
			$vzipzap_res_accepter = 'notok';
		} //end if


		//===================================== notes

		xtable_start ("$ywarp_max_display_cfg");

			xtable_row_start ();
				xtable_column_start ('1', '20%', "$ymain_color");
					xcenter_right_start ();
						xnewline ();

						if ($vzipzap_res_accepter == 'ok') {
							$flx_typx = 'inf';
						} //end if
						else {
							$flx_typx = 'err';
						} //end else

						xwriteflash_nobg_var ('flagger.swf',
						"&xaction=".rawurlencode($flx_typx).
						"&"
						, '30', '30');

						xspace ();
						xspace ();
					xcenter_end ();
				xtable_column_end ();

				xtable_column_start ('1', '60%', "$ymain_color");
					xnewline();

					$hxtt_order_reff_text = rawurlencode($yecomm_zpay_err_zreff.' : '.$wordid);

					if ($vzipzap_res_accepter == 'ok') {
						$tdk_erf_ord_pay_stat = md5($wordid.'y'.'accepted');
						xmysql_write_data ("UPDATE orders SET status=CONCAT(status, ' [payment done] [gateway: ZipZap.co.nz] '), ord_lock='y', payed='y', pay_chk='$tdk_erf_ord_pay_stat', comments=CONCAT(comments, ' [$vzipzap_res_message] ')  WHERE ( ( ord_id='$wordid' ) AND (usr_id='$arr_payr_usr_dat[0]') ) ");
						xmysql_write_data ("DELETE FROM prod_cart WHERE ( (w_sess='$wpsid') AND (u_id='$arr_payr_usr_dat[0]') ) ");

						xtext_small ('<b>'."$vzipzap_res_message".'</b>');
						xnewline();
						xtext_small ("$yecomm_order_ord_no".' : '.'<b>'."$wordid".'</b>');
						xnewline();
						xtext_small ("$yecomm_zpay_tot_paid".' : '.'<b>'.number_format($AMOUNT, 2, $warp_numform_decimal_sep, $warp_numform_thousand_sep).' '."$arr_payr_ord_dat[8]".'</b>');
						xnewline();
						xnewline();
						xtext_small ("$yecomm_zpay_note_pay_ok");
						xcenter_right_start ();
							xtext_link ("$ywusr_adm_cont_lnk_txt", "$ywebsite_addr"."adm_contact.php?wpsid=$wpsid&vxmsgx=$hxtt_order_reff_text", '_self');
							xnewline();
							xtext_link ("$y_warp_back_text_x", "$ywebsite_addr"."xw_main.php?wpqid=$wpqid&wpsid=$wpsid", '_self');
						xcenter_end ();

						//update rank
						$xy_update_prod_list_arr = array();
						$xy_update_prod_list_arr = explode(",", $arr_payr_ord_dat[12]);
						for ($i=0; $i<count($xy_update_prod_list_arr); $i++) {
							$xy_update_prod_list_val = trim($xy_update_prod_list_arr[$i]);
							xmysql_write_data ("UPDATE prod_items SET rank_e=rank_e+1 WHERE (id='$xy_update_prod_list_val')");
						} //end for


					} //end if
					else {
						$tdk_erf_ord_pay_stat = md5($wordid.'n'.'declined');
						xmysql_write_data ("UPDATE orders SET status=CONCAT(status, ' [payment refused] [gateway: ZipZap.co.nz] '), ord_lock='y', comments=CONCAT(comments, ' [$vzipzap_res_message - $yecomm_zpay_err_anote] ')  WHERE ( ( ord_id='$wordid' ) AND (usr_id='$arr_payr_usr_dat[0]') ) ");

						xtext_small ('<b>'."$vzipzap_res_message".'</b>');
						xnewline();
						xtext_small ("$yecomm_order_ord_no".' : '.'<b>'."$wordid".'</b>');
						xnewline();
						xnewline();
						xtext_small ("$yecomm_zpay_note_pay_notok");
						xcenter_right_start ();
							xtext_link ("$ywusr_adm_cont_lnk_txt", "$ywebsite_addr"."adm_contact.php?wpsid=$wpsid&vxmsgx=$hxtt_order_reff_text", '_self');
							xnewline();
							xtext_link ("$y_warp_back_text_x", "$ywebsite_addr"."xw_main.php?wpqid=$wpqid&wpsid=$wpsid", '_self');
						xcenter_end ();
					} //end else


					xnewline();

				xtable_column_end ();

				xtable_column_start ('1', '20%', "$ymain_color");
					xspace ();
				xtable_column_end ();
			xtable_row_end ();

		xtable_end ();
		xnewline ();


		//=====================================

	} //end if
	//-----------------------------
	else {

		$wp_gy_dentify_arr = array();
		$wp_gy_dentify_arr = xwrp_os_brows_ip_get ();

		$wp_browser = $wp_gy_dentify_arr['bw'] ;
		$wp_os = $wp_gy_dentify_arr['os'] ;
		$wp_ipaddr = $wp_gy_dentify_arr['ip'] ;

		$hcx_spec = 'FRAUD SCREEN : PAYMENT GATEWAY ZIPZAP'."\n".'Querry string ('.$REQUEST_METHOD.') : '.$QUERY_STRING."\n".'Order id : '.$ORDERNUMBER;

		$hcx_usr = '<anonymous>, ';
		if (!empty($arr_payr_usr_dat[0])) {
			$hcx_usr = '<'.$arr_payr_usr_dat[0].'>, ';
		} //end if

		xmysql_write_data ("INSERT INTO hack_register (w_browser, w_os, w_date, w_time, w_ipaddr, w_usr, w_forced, w_special) VALUES ('$wp_browser', '$wp_os', '$y_warp_xdate', '$y_warp_xtime', '$wp_ipaddr', '$hcx_usr', 'cart_pay_zipzap.php', '$hcx_spec')");
		xmysql_write_data ("UPDATE orders SET status=CONCAT(status, ' [fraud screen payment] '), ord_lock='y' WHERE ( ( ord_id='$wordid' ) AND (usr_id='$arr_payr_usr_dat[0]') ) ");

		xzerr_die_after_header ($y_warp_direct_file_acc_msg_reff);


	} //end else


} //end if

//######################################


//---------------------------------------------------------page footer
xcenter_end ();
xfooter ();
//---------------------------------------------------------


} //end function


//#########################################################################


//---------------------
//secure ssl check
if ($SERVER_PORT == "$ywebsite_addr_secure_port") {
	xcart_pay_module ();
} //end if
else {
	$xnt_control_var = 'xx';
	xhalt_hack ();
} //end else
//---------------------



// end of php code
?>
Return current item: Warp.cms - php/mysql content management