<?php
// [e-commerce payment module (standard release) - (to use only with 'zipzap.co.nz' payment gateway CCVS) v.1.2.1]
// xantis.warp.cms - version 1.2
// (c) 2002 xantis - all rights reserved
// this code is registered and protected by international copyrights laws
// !!! other payment gateways as :: verisign.com, cybercash.com, authorize.net, ... :: can be created for licensed versions !!!
// !!! any other payment gateway than 'zipzap.co.nz' requires a supplementary particular design with no charge for licensed versions !!!
// !!! if you own a licensed version of warp.cms you may ask for any payment gateway implementation (no additional charge) !!!
// !!! the warp.cms shopping cart can use any payment gateway with no limitations !!!
//####### Register Globals !
extract($HTTP_ENV_VARS);
extract($HTTP_GET_VARS);
extract($HTTP_POST_VARS);
extract($HTTP_COOKIE_VARS);
extract($HTTP_SERVER_VARS);
//#########################
//---------------------------------------------------------------------
$yecomm_zpay_xid = '35000038'; // the merchant account id on payment gateway (35000038 test account)
$yecomm_zpay_gateway = 'Secure Payment Gateway SSL 128 : ZipZap.co.nz Credit Card Processor';
$yecomm_zpay_title = 'Online Payment Form';
$yecomm_zpay_info_1 = 'This connection is SSL 128 secured. No Credit Card information will be stored on this website. All the information you submit over a SSL 128 connection is secure (no one can see or decrypt the information).';
$yecomm_zpay_info_2 = 'The accepted credit cards for payment are : Visa, Master Card, American Express, Diner\'s Club.';
$yecomm_zpay_info_3 = 'Enter your credit card number and the expiration date and submit the information. Check twice your credit card number and the expiration date. Due to the extra security reasons you will can not repeat the payment for this order. If an order remains unpaid it will be treated as invalid. Wait while your credit card is being verified. Do not press any button within your browser until the result of verification will be displayed ! After the credit card verification, follow the onscreen instructions.';
$yecomm_zpay_info_4 = 'If any error occurs in your credit card verification do not try to repeat the operation. Contact immediately the website administrator.';
$yecomm_zpay_form_bttn = 'Pay Now ! (DEMO)';
$yecomm_zpay_err_na = 'Payment has been successfully done !';
$yecomm_zpay_err_00 = 'TRANSACTION ERROR : Response data failure.';
$yecomm_zpay_err_01 = 'TRANSACTION ERROR : Invalid order ID response.';
$yecomm_zpay_err_02 = 'TRANSACTION ERROR : Invalid currency response.';
$yecomm_zpay_err_03 = 'TRANSACTION ERROR : Invalid amount response.';
$yecomm_zpay_err_04 = 'TRANSACTION ERROR : Order is locked.';
$yecomm_zpay_err_05 = 'TRANSACTION ERROR : '; //simple
$yecomm_zpay_err_anote = 'Wait for administration confirmation of this error.';
$yecomm_zpay_err_zreff = 'Reff order no.';
$yecomm_zpay_note_pay_ok = 'All products that require delivery by postal service will be delivered according with the order specifications. For the products that require download delivery go to your personal account (User Orders Tracking - section) to start downloading data, or you may do it later (all this downloads will be active only one time). Concerning the services, you will receive all the details in the shortest time. For any enquiry contact the website administrator. You can view / print your orders / status into your personal account, User Orders Tracking section.';
$yecomm_zpay_note_pay_notok = 'Contact the website administrator now, or you can wait to be contacted by us in the shortest time concerning this transaction error. It may happen that the error to come later than the pay is accepted. DO NOT REPEAT THE PAYMENT BEFORE YOU ASSURE BY CONTACTING US IF THE PAYMENT WAS DONE OR NOT. If the payment was already done and the error occurs later, your order will be processed as a paid order, else the order will be canceled. You can view / print your orders / status into your personal account, User Orders Tracking section.';
$yecomm_zpay_tot_paid = 'Total Amount Paid';
$yecomm_zpay_cc_num = 'Your Credit Card Number';
$yecomm_zpay_cc_exp = 'Expiration date (yymm)';
//---------------------------------------------------------------------
$xnt_control_var = 'xnt2002warp.cms';
if (empty($yfilename)) {
$yfilename = 'cart_pay_zipzap.php';
} //end if
require("lib_adv.php");
//check session if form
if ($payxop == 'form') {
if (strlen($wpsid) < '32') {
$hlocal_sess_req_redr = "$ywebsite_addr".'xindex.php';
header("Location: $hlocal_sess_req_redr");
} //end if
} //end if
//#########################################################################
function xcart_pay_module () {
//special
global $wpqid, $wpsid, $wordid, $payxop ;
//main
global $arr_var_result, $PHP_AUTH_PW, $PHP_AUTH_USER,
$warp_registrat_fail, $y_warp_err_data_failure,
$warp_numform_decimal_sep, $warp_numform_thousand_sep,
$y_warp_xdate, $y_warp_xtime ;
//sec
global $wrshruid_xhlock_fct_usr_id ;
//ecomm
global $yecomm_shoppingcart_title, $ywarp_max_display_cfg, $ybar_menu_color,
$yecomm_shoppingcart, $yecomm_order_xsafety_note, $ymain_color, $ywebsite_addr_secure,
$y_warp_picts_dir, $yprods_item_cartprocess, $yecomm_your_shoppingcart, $yecomm_your_shoppingcart_s2,
$yecomm_your_shoppingcart_s3, $yecomm_your_shoppingcart_s4,
$y_warp_profile_text, $ywusr_xentire_cxinfo, $ywusr_xentire_company, $ywusr_xentire_name,
$ywusr_xentire_addr, $ywusr_xentire_phone, $ywusr_xentire_email, $ywusr_user_forcompany, $yecomm_cart_user_note,
$ywebsite_addr, $ywusr_adm_cont_lnk_txt ;
//pay form
global $yecomm_zpay_gateway, $yecomm_zpay_title, $yecomm_zpay_info_1, $yecomm_zpay_info_2, $yecomm_zpay_info_3,
$yecomm_zpay_info_4, $yecomm_order_invoice_prof , $yecomm_order_ord_no, $yecomm_crt_total_topay,
$yecomm_zpay_xid, $y_warp_office_email, $yecomm_zpay_form_bttn, $y_warp_back_text_x,
$yecomm_zpay_cc_num, $yecomm_zpay_cc_exp, $yecomm_zpay_err_anote, $yecomm_zpay_err_zreff ;
//reff
global $hlx_apache_headers_reff, $y_warp_direct_file_acc_msg_reff;
//---------------------
if (empty($payxop)) {
$payxop = 'payres';
} //end if
//---------------------
//---------------------------------------------------------page header
xheader ("$yecomm_shoppingcart_title", 'secure');
xcenter_start ();
xshow_page_title_ssl ("$yecomm_shoppingcart_title", "$wpsid");
xnewline ();
//---------------------------------------------------------
//###################################### pay form
if ($payxop == 'form') {
//------------------
//get, check user
xrecheck_secure_header_ret_usrid ('y');
$ylocal_pay_auth_usr_id = $wrshruid_xhlock_fct_usr_id;
$arr_var_result = array();
$WARP_B64_ENC_AUTH_PASSW = base64_encode($PHP_AUTH_PW);
xmysql_read_data ("SELECT id FROM users WHERE ( (usr_name='$PHP_AUTH_USER') AND (usr_pass='$WARP_B64_ENC_AUTH_PASSW') ) ");
$arr_usr_data = $arr_var_result;
if ( (empty($arr_usr_data[0])) OR ($arr_usr_data[0] <> $ylocal_pay_auth_usr_id) ) {
xzerr_die_after_header ("$warp_registrat_fail");
} //end if
//if no order id die
if (strlen($wordid) < '25') {
xzerr_die_after_header ($y_warp_err_data_failure);
} //end if
//------------------
//get order
$arr_var_result = array();
xmysql_read_data ("SELECT id, usr_all_name, usr_company, usr_all_addr, usr_phone, usr_email, usr_by_co, tot_pay, w_crr_name, w_crr_id FROM orders WHERE ( ( ord_id='$wordid' ) AND (usr_id='$ylocal_pay_auth_usr_id') AND (payed<>'y') AND (ord_lock<>'y') ) ");
//compare with db data
if (empty($arr_var_result[0])) {
xzerr_die_after_header ($y_warp_err_data_failure);
} //end if
//do step update
xmysql_write_data ("UPDATE orders SET status=CONCAT(status, ' [step enter payment done] ') WHERE ( ( ord_id='$wordid' ) AND (usr_id='$ylocal_pay_auth_usr_id') AND (payed<>'y') ) ");
//--------------------------------------
//==================== products categs where bar
xtable_start ("$ywarp_max_display_cfg");
xtable_row_start ();
xtable_column_start ('1', '', "$ybar_menu_color");
xtext_small ('|');
xspace ();
xtext_small ("<b>$yecomm_shoppingcart</b>");
xspace ();
xtext_small ('|');
xtable_column_end ();
xtable_row_end ();
xtable_end ();
xnewline ();
//=====================================
//==================== warning
xtable_start ("$ywarp_max_display_cfg");
xtable_row_start ();
xtable_column_start_vcenter ('1', '20%', "$ybar_menu_color");
xcenter_right_start ();
xvpix_h ('5');
xnewline ();
xwriteflash_nobg_var ('flagger.swf',
"&xaction=".rawurlencode('wrn').
"&"
, '30', '30');
xspace ();
xspace ();
xcenter_end ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '60%', "$ybar_menu_color");
xtext_small ("$yecomm_order_xsafety_note");
xtable_column_end ();
xtable_column_start_vcenter ('1', '20%', "$ybar_menu_color");
xspace ();
xtable_column_end ();
xtable_row_end ();
xtable_end ();
xnewline ();
//=====================================
//==================== cart process info
xtable_start ("$ywarp_max_display_cfg");
xtable_row_start ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xcenter_right_start ();
xvpix_h ('5');
xnewline ();
xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/prod_cart.jpg', '30', '30', "$yecomm_shoppingcart");
xspace ();
xspace ();
xcenter_end ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '60%', "$ymain_color");
xtext_small ('<b>'."$yprods_item_cartprocess".'</b>');
xtable_column_end ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_row_end ();
xtable_row_start ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '60%', "$ymain_color");
xtext_small ('<i>'.'1. '."$yecomm_your_shoppingcart".'</i>');
xnewline ();
xtext_small ('<i>'.'2. '."$yecomm_your_shoppingcart_s2".'</i>');
xnewline ();
xtext_small ('<i>'.'3. '."$yecomm_your_shoppingcart_s3".'</i>');
xnewline ();
xtext_small ('<b><i>'.'4. '."$yecomm_your_shoppingcart_s4".'</i></b>');
xnewline ();
xnewline ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_row_end ();
xtable_end ();
xnewline ();
//=====================================
//==================== user info
xtable_start ("$ywarp_max_display_cfg");
xtable_row_start ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xcenter_right_start ();
xvpix_h ('5');
xnewline ();
xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/usr_accnt.jpg', '30', '30', "$y_warp_profile_text");
xspace ();
xspace ();
xcenter_end ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '60%', "$ymain_color");
xtext_small ('<b>'."$ywusr_xentire_cxinfo".'</b>'." ($PHP_AUTH_USER) ");
xtable_column_end ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_row_end ();
xtable_row_start ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '60%', "$ymain_color");
if ($arr_var_result[6] == 'y') {
xtext_small ("$ywusr_xentire_company".' : <b>'."$arr_var_result[2]".'</b>');
xnewline ();
} //end if
else {
xtext_small ("$ywusr_xentire_name".' : <b>'."$arr_var_result[1]".'</b>');
xnewline ();
} //end else
xtext_small ("$ywusr_xentire_addr".' : <b>'."$arr_var_result[3]".'</b>');
xnewline ();
xtext_small ("$ywusr_xentire_phone".' : <b>'."$arr_var_result[4]".'</b>');
xnewline ();
xtext_small ("$ywusr_xentire_email".' : <b>'."$arr_var_result[5]".'</b>');
xnewline ();
if ($arr_var_result[6] == 'y') {
xtext_small ("$ywusr_user_forcompany".' : <b>'."$arr_var_result[1]".'</b>');
xnewline ();
} //end if
xnewline ();
xtext_small ('<i>'."$yecomm_cart_user_note".'</i>');
xnewline ();
xnewline ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_row_end ();
xtable_end ();
xnewline ();
//=====================================
//==================== pay form
xtable_start ("$ywarp_max_display_cfg");
xtable_row_start ();
xtable_column_start ('1', '20%', "$ymain_color");
xcenter_right_start ();
xnewline();
xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/cc_visa.jpg', '30', '30', 'Visa');
xspace ();
xspace ();
xnewline ();
xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/cc_master.jpg', '30', '30', 'Master Card');
xspace ();
xspace ();
xnewline ();
xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/cc_amex.jpg', '30', '30', 'American Express');
xspace ();
xspace ();
xnewline ();
xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/cc_dinners.jpg', '30', '30', 'Dinner\'s Club');
xspace ();
xspace ();
xcenter_end ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '60%', "$ymain_color");
xnewline();
xtext_small ('<b>'."$yecomm_zpay_title".':</b>');
xnewline();
xtext_small ('<i>( '."$yecomm_zpay_gateway".' )</i>');
xnewline();
xnewline();
xtext_small ("$yecomm_zpay_info_1");
xnewline();
xtext_small ("$yecomm_zpay_info_2");
xnewline();
xnewline();
xtext_small ("$yecomm_zpay_info_3");
xnewline();
xtext_small ("$yecomm_zpay_info_4");
xnewline();
xvline ('100%');
xnewline();
xtext_small ("$yecomm_order_invoice_prof".' : '.'<b>'."$arr_var_result[0]".'</b>');
xnewline();
xtext_small ("$yecomm_order_ord_no".' : '.'<b>'."$wordid".'</b>');
xnewline();
xnewline();
xtext_small ("$yecomm_crt_total_topay".' : '.'<b>'.number_format($arr_var_result[7], 2, $warp_numform_decimal_sep, $warp_numform_thousand_sep).' '."$arr_var_result[8]".'</b>');
xnewline();
//================== PAYMENT FORM zipzap
$uy_ht_md5_chk = md5($wordid.number_format("$arr_var_result[7]", 2, '.', '').$arr_var_result[9]);
xform_start ('payment', "https://zipzap.zipzap.co.nz/servlets/zipzap");
xform_hidden ('OPS_ID', "$yecomm_zpay_xid"); //merchant id on zipzap
xform_hidden ('EMAIL', "$arr_var_result[5]"); //customer e-mail
xform_hidden ('ORDERNO', "$wordid"); //order id
xform_hidden ('AMOUNT', number_format("$arr_var_result[7]", 2, '.', '')); //amount to pay 000.00
xform_hidden ('CURRENCY', "$arr_var_result[9]"); //currency code
xform_hidden ('TYPE', 'P'); //transaction type (P=purchase)
xform_hidden ('CGIURL', "$ywebsite_addr_secure".'cart_pay_zipzap.php'); //url of gateway response
xform_hidden ('VAR1', "$wpqid"); //additional var 1
xform_hidden ('VAR2', "$wpsid"); //additional var 2
xform_hidden ('VAR3', "$uy_ht_md5_chk"); //additional var 3
xcenter_start ();
xtable_start ('');
xtable_row_start ();
xtable_column_start ('1', '', "$ymain_color");
xcenter_start ();
xtext_small ("$yecomm_zpay_cc_num");
xcenter_end ();
xtable_column_end ();
xtable_column_start ('1', '', "$ymain_color");
xspace();
xspace();
xspace();
xspace();
xspace();
xtable_column_end ();
xtable_column_start ('1', '', "$ymain_color");
xcenter_start ();
xtext_small ("$yecomm_zpay_cc_exp");
xcenter_end ();
xtable_column_end ();
xtable_row_end ();
xtable_row_start ();
xtable_column_start ('1', '', "$ymain_color");
xcenter_start ();
xform_text_box ('CARDNUM', '16', '16', '');//credit card input (Visa, Master Card, American Express, Dinner's club (test=6009199900000017)
xcenter_end ();
xtable_column_end ();
xtable_column_start ('1', '', "$ymain_color");
xspace();
xspace();
xspace();
xspace();
xspace();
xtable_column_end ();
xtable_column_start ('1', '', "$ymain_color");
xcenter_start ();
xform_text_box ('EXPIRY', '4', '4', ''); //credit card expiration input [yymm (format)] (test=0912)
xcenter_end ();
xtable_column_end ();
xtable_row_end ();
xtable_end ();
xnewline();
xform_send_bttn ("$yecomm_zpay_form_bttn");
xcenter_end ();
xform_end ();
//================== END OF PAYMENT FORM zipzap
xvline ('100%');
xnewline();
xtable_column_end ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_row_end ();
xtable_end ();
xnewline ();
} //end if
//######################################
//###################################### gateway response
if ($payxop == 'payres') {
global $VAR1, $VAR2, $VAR3 ;
global $EMAIL ;
global $SEQNUMBER ;
global $RESULT, $RESPTEXT, $AMOUNT, $ORDERNUMBER, $CURRENCY ;
global $QUERY_STRING, $REQUEST_METHOD ;
global $yecomm_zpay_err_00, $yecomm_zpay_err_01, $yecomm_zpay_err_02,
$yecomm_zpay_err_03, $yecomm_zpay_err_04, $yecomm_zpay_err_05,
$yecomm_zpay_err_na, $yecomm_zpay_note_pay_ok, $yecomm_zpay_note_pay_notok,
$yecomm_zpay_tot_paid ;
//re-estab vars
$wpqid = $VAR1 ;
$wpsid = $VAR2 ;
$wmd5o = $VAR3 ;
$wordid = $ORDERNUMBER ;
switch ($CURRENCY) {
case 'EUR' :
$rx_crrency = '978';
break;
case 'USD' :
$rx_crrency = '840';
break;
case 'GBP' :
$rx_crrency = '826';
break;
default:
$rx_crrency = '000';
;
} //end switch
$rx_md5_checker_str_sec = md5($ORDERNUMBER.$AMOUNT.$rx_crrency);
//safe security http referer check
//-----------------------------
$hlx_apache_headers = getallheaders();
$hlx_apache_headers_reff = $hlx_apache_headers['Referer'];
$hlx_warp_location_this = "$ywebsite_addr_secure".'cart_pay_zipzap.php';
//-----------------------------
$arr_payr_usr_dat = array();
$WARP_B64_ENC_AUTH_PASSW = base64_encode($PHP_AUTH_PW);
xmysql_read_data ("SELECT id FROM users WHERE ( (usr_name='$PHP_AUTH_USER') AND (usr_pass='$WARP_B64_ENC_AUTH_PASSW') ) ");
$arr_payr_usr_dat = $arr_var_result;
//-----------------------------
if ($hlx_apache_headers_reff == $hlx_warp_location_this) {
$arr_payr_ord_dat = array();
xmysql_read_data ("SELECT id, usr_all_name, usr_company, usr_all_addr, usr_phone, usr_email, usr_by_co, tot_pay, w_crr_name, w_crr_id, w_crr, ord_lock, xxall_list FROM orders WHERE ( ( ord_id='$wordid' ) AND (usr_id='$arr_payr_usr_dat[0]') ) ");
$arr_payr_ord_dat = $arr_var_result;
//==================== products categs where bar
xtable_start ("$ywarp_max_display_cfg");
xtable_row_start ();
xtable_column_start ('1', '', "$ybar_menu_color");
xtext_small ('|');
xspace ();
xtext_small ("<b>$yecomm_shoppingcart</b>");
xspace ();
xtext_small ('|');
xtable_column_end ();
xtable_row_end ();
xtable_end ();
xnewline ();
//=====================================
//==================== warning
xtable_start ("$ywarp_max_display_cfg");
xtable_row_start ();
xtable_column_start_vcenter ('1', '20%', "$ybar_menu_color");
xcenter_right_start ();
xvpix_h ('5');
xnewline ();
xwriteflash_nobg_var ('flagger.swf',
"&xaction=".rawurlencode('wrn').
"&"
, '30', '30');
xspace ();
xspace ();
xcenter_end ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '60%', "$ybar_menu_color");
xtext_small ("$yecomm_order_xsafety_note");
xtable_column_end ();
xtable_column_start_vcenter ('1', '20%', "$ybar_menu_color");
xspace ();
xtable_column_end ();
xtable_row_end ();
xtable_end ();
xnewline ();
//=====================================
//==================== cart process info
xtable_start ("$ywarp_max_display_cfg");
xtable_row_start ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xcenter_right_start ();
xvpix_h ('5');
xnewline ();
xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/prod_cart.jpg', '30', '30', "$yecomm_shoppingcart");
xspace ();
xspace ();
xcenter_end ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '60%', "$ymain_color");
xtext_small ('<b>'."$yprods_item_cartprocess".'</b>');
xtable_column_end ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_row_end ();
xtable_row_start ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '60%', "$ymain_color");
xtext_small ('<i>'.'1. '."$yecomm_your_shoppingcart".'</i>');
xnewline ();
xtext_small ('<i>'.'2. '."$yecomm_your_shoppingcart_s2".'</i>');
xnewline ();
xtext_small ('<i>'.'3. '."$yecomm_your_shoppingcart_s3".'</i>');
xnewline ();
xtext_small ('<b><i>'.'4. '."$yecomm_your_shoppingcart_s4".'</i></b>');
xnewline ();
xnewline ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_row_end ();
xtable_end ();
xnewline ();
//=====================================
//==================== user info
xtable_start ("$ywarp_max_display_cfg");
xtable_row_start ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xcenter_right_start ();
xvpix_h ('5');
xnewline ();
xpict_alt ("$ywebsite_addr_secure"."$y_warp_picts_dir".'/usr_accnt.jpg', '30', '30', "$y_warp_profile_text");
xspace ();
xspace ();
xcenter_end ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '60%', "$ymain_color");
xtext_small ('<b>'."$ywusr_xentire_cxinfo".'</b>'." ($PHP_AUTH_USER) ");
xtable_column_end ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_row_end ();
xtable_row_start ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '60%', "$ymain_color");
if ($arr_payr_ord_dat[6] == 'y') {
xtext_small ("$ywusr_xentire_company".' : <b>'."$arr_payr_ord_dat[2]".'</b>');
xnewline ();
} //end if
else {
xtext_small ("$ywusr_xentire_name".' : <b>'."$arr_payr_ord_dat[1]".'</b>');
xnewline ();
} //end else
xtext_small ("$ywusr_xentire_addr".' : <b>'."$arr_payr_ord_dat[3]".'</b>');
xnewline ();
xtext_small ("$ywusr_xentire_phone".' : <b>'."$arr_payr_ord_dat[4]".'</b>');
xnewline ();
xtext_small ("$ywusr_xentire_email".' : <b>'."$arr_payr_ord_dat[5]".'</b>');
xnewline ();
if ($arr_payr_ord_dat[6] == 'y') {
xtext_small ("$ywusr_user_forcompany".' : <b>'."$arr_payr_ord_dat[1]".'</b>');
xnewline ();
} //end if
xnewline ();
xtable_column_end ();
xtable_column_start_vcenter ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_row_end ();
xtable_end ();
xnewline ();
//=====================================
//===================================== internal comparisons
$vzipzap_res_accepter = 'ok';
$vzipzap_res_message = $yecomm_zpay_err_na;
//check md5
if ($rx_md5_checker_str_sec != $wmd5o) {
if ($vzipzap_res_accepter == 'ok') {
$vzipzap_res_message = $yecomm_zpay_err_00;
} //end if
$vzipzap_res_accepter = 'notok';
} //end if
//check order
if (empty($arr_payr_ord_dat[0])) {
if ($vzipzap_res_accepter == 'ok') {
$vzipzap_res_message = $yecomm_zpay_err_01;
} //end if
$vzipzap_res_accepter = 'notok';
} //end if
//check currency
if (strtoupper($arr_payr_ord_dat[10]) != $CURRENCY) {
if ($vzipzap_res_accepter == 'ok') {
$vzipzap_res_message = $yecomm_zpay_err_02;
} //end if
$vzipzap_res_accepter = 'notok';
} //end if
//check amount
if ($arr_payr_ord_dat[7] != $AMOUNT) {
if ($vzipzap_res_accepter == 'ok') {
$vzipzap_res_message = $yecomm_zpay_err_03;
} //end if
$vzipzap_res_accepter = 'notok';
} //end if
//check locked order
if ($arr_payr_ord_dat[11] != 'n') {
if ($vzipzap_res_accepter == 'ok') {
$vzipzap_res_message = $yecomm_zpay_err_04;
} //end if
$vzipzap_res_accepter = 'notok';
} //end if
//===================================== external comparisons
//check gateway answer
if ($RESULT != 'Approved') {
if ($vzipzap_res_accepter == 'ok') {
$vzipzap_res_message = $yecomm_zpay_err_05.' '.$RESPTEXT;
} //end if
$vzipzap_res_accepter = 'notok';
} //end if
//===================================== notes
xtable_start ("$ywarp_max_display_cfg");
xtable_row_start ();
xtable_column_start ('1', '20%', "$ymain_color");
xcenter_right_start ();
xnewline ();
if ($vzipzap_res_accepter == 'ok') {
$flx_typx = 'inf';
} //end if
else {
$flx_typx = 'err';
} //end else
xwriteflash_nobg_var ('flagger.swf',
"&xaction=".rawurlencode($flx_typx).
"&"
, '30', '30');
xspace ();
xspace ();
xcenter_end ();
xtable_column_end ();
xtable_column_start ('1', '60%', "$ymain_color");
xnewline();
$hxtt_order_reff_text = rawurlencode($yecomm_zpay_err_zreff.' : '.$wordid);
if ($vzipzap_res_accepter == 'ok') {
$tdk_erf_ord_pay_stat = md5($wordid.'y'.'accepted');
xmysql_write_data ("UPDATE orders SET status=CONCAT(status, ' [payment done] [gateway: ZipZap.co.nz] '), ord_lock='y', payed='y', pay_chk='$tdk_erf_ord_pay_stat', comments=CONCAT(comments, ' [$vzipzap_res_message] ') WHERE ( ( ord_id='$wordid' ) AND (usr_id='$arr_payr_usr_dat[0]') ) ");
xmysql_write_data ("DELETE FROM prod_cart WHERE ( (w_sess='$wpsid') AND (u_id='$arr_payr_usr_dat[0]') ) ");
xtext_small ('<b>'."$vzipzap_res_message".'</b>');
xnewline();
xtext_small ("$yecomm_order_ord_no".' : '.'<b>'."$wordid".'</b>');
xnewline();
xtext_small ("$yecomm_zpay_tot_paid".' : '.'<b>'.number_format($AMOUNT, 2, $warp_numform_decimal_sep, $warp_numform_thousand_sep).' '."$arr_payr_ord_dat[8]".'</b>');
xnewline();
xnewline();
xtext_small ("$yecomm_zpay_note_pay_ok");
xcenter_right_start ();
xtext_link ("$ywusr_adm_cont_lnk_txt", "$ywebsite_addr"."adm_contact.php?wpsid=$wpsid&vxmsgx=$hxtt_order_reff_text", '_self');
xnewline();
xtext_link ("$y_warp_back_text_x", "$ywebsite_addr"."xw_main.php?wpqid=$wpqid&wpsid=$wpsid", '_self');
xcenter_end ();
//update rank
$xy_update_prod_list_arr = array();
$xy_update_prod_list_arr = explode(",", $arr_payr_ord_dat[12]);
for ($i=0; $i<count($xy_update_prod_list_arr); $i++) {
$xy_update_prod_list_val = trim($xy_update_prod_list_arr[$i]);
xmysql_write_data ("UPDATE prod_items SET rank_e=rank_e+1 WHERE (id='$xy_update_prod_list_val')");
} //end for
} //end if
else {
$tdk_erf_ord_pay_stat = md5($wordid.'n'.'declined');
xmysql_write_data ("UPDATE orders SET status=CONCAT(status, ' [payment refused] [gateway: ZipZap.co.nz] '), ord_lock='y', comments=CONCAT(comments, ' [$vzipzap_res_message - $yecomm_zpay_err_anote] ') WHERE ( ( ord_id='$wordid' ) AND (usr_id='$arr_payr_usr_dat[0]') ) ");
xtext_small ('<b>'."$vzipzap_res_message".'</b>');
xnewline();
xtext_small ("$yecomm_order_ord_no".' : '.'<b>'."$wordid".'</b>');
xnewline();
xnewline();
xtext_small ("$yecomm_zpay_note_pay_notok");
xcenter_right_start ();
xtext_link ("$ywusr_adm_cont_lnk_txt", "$ywebsite_addr"."adm_contact.php?wpsid=$wpsid&vxmsgx=$hxtt_order_reff_text", '_self');
xnewline();
xtext_link ("$y_warp_back_text_x", "$ywebsite_addr"."xw_main.php?wpqid=$wpqid&wpsid=$wpsid", '_self');
xcenter_end ();
} //end else
xnewline();
xtable_column_end ();
xtable_column_start ('1', '20%', "$ymain_color");
xspace ();
xtable_column_end ();
xtable_row_end ();
xtable_end ();
xnewline ();
//=====================================
} //end if
//-----------------------------
else {
$wp_gy_dentify_arr = array();
$wp_gy_dentify_arr = xwrp_os_brows_ip_get ();
$wp_browser = $wp_gy_dentify_arr['bw'] ;
$wp_os = $wp_gy_dentify_arr['os'] ;
$wp_ipaddr = $wp_gy_dentify_arr['ip'] ;
$hcx_spec = 'FRAUD SCREEN : PAYMENT GATEWAY ZIPZAP'."\n".'Querry string ('.$REQUEST_METHOD.') : '.$QUERY_STRING."\n".'Order id : '.$ORDERNUMBER;
$hcx_usr = '<anonymous>, ';
if (!empty($arr_payr_usr_dat[0])) {
$hcx_usr = '<'.$arr_payr_usr_dat[0].'>, ';
} //end if
xmysql_write_data ("INSERT INTO hack_register (w_browser, w_os, w_date, w_time, w_ipaddr, w_usr, w_forced, w_special) VALUES ('$wp_browser', '$wp_os', '$y_warp_xdate', '$y_warp_xtime', '$wp_ipaddr', '$hcx_usr', 'cart_pay_zipzap.php', '$hcx_spec')");
xmysql_write_data ("UPDATE orders SET status=CONCAT(status, ' [fraud screen payment] '), ord_lock='y' WHERE ( ( ord_id='$wordid' ) AND (usr_id='$arr_payr_usr_dat[0]') ) ");
xzerr_die_after_header ($y_warp_direct_file_acc_msg_reff);
} //end else
} //end if
//######################################
//---------------------------------------------------------page footer
xcenter_end ();
xfooter ();
//---------------------------------------------------------
} //end function
//#########################################################################
//---------------------
//secure ssl check
if ($SERVER_PORT == "$ywebsite_addr_secure_port") {
xcart_pay_module ();
} //end if
else {
$xnt_control_var = 'xx';
xhalt_hack ();
} //end else
//---------------------
// end of php code
?>