index.php

不错的东西

						*  Modified: 11/21/05
						*  Justin Osterholt
						*  SQL integration
						*/
						$query = $sql->query("INSERT INTO `ad_cue` (`id`, `setup`) VALUES ('{$_SESSION['order']['insert_id']}', '0')");
					}

					switch($_SESSION['order']['pay_method'])
					{
						case 1:
							/*
							*  Modified: 11/21/05
							*  Justin Osterholt
							*  SQL integration fix
							*/
							$data = $sql->getAssocRow("SELECT * FROM `merchant` WHERE `id` = '1'");

							switch($_SESSION['order']['pay_period'])
							{
								case 1:
									$months = 1;
								break;

								case 2:
									$months = 3;
								break;

								case 3:
									$months = 6;
								break;

								case 4:
									$months = 12;
								break;
							}
							/*
							*  Modified: 11/21/05
							*  Justin Osterholt
							*  SQL integration
							*/
							$query = $sql->query("INSERT INTO `paypal_ipn` (`id`) VALUES ('{$_SESSION['order']['insert_id']}')");
							$invoice_id = str_pad($sql->insertID, 11, 0, STR_PAD_LEFT);
							header("Location: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick-subscriptions&business={$data['username']}&item_name={$_SESSION['order']['packages'][$_SESSION['order']['package']]['name']}&item_number=$invoice_id&a3={$_SESSION['order']['packages'][$_SESSION['order']['package']]['prices'][$_SESSION['order']['pay_period']]}&p3=$months&t3=M&src=1&sra=1&return={$data['return_url']}");
							exit();
						break;

						case 2:
							/*
							*  Modified: 11/21/05
							*  Justin Osterholt
							*  SQL integration
							*/
							$data = $sql->getAssocRow("SELECT * FROM `merchant` WHERE `id` = '2'");
							$data2 = $sql->getAssocRow("SELECT * FROM packages WHERE id = '{$_SESSION['order']['package']}'");

							switch($_SESSION['order']['pay_period'])
							{
								case 1:
									$prod_id = $data2['monthly_id'];
								break;

								case 2:
									$prod_id = $data2['quarterly_id'];
								break;

								case 3:
									$prod_id = $data2['biannually_id'];
								break;

								case 4:
									$prod_id = $data2['annually_id'];
								break;
							}

							echo $_SESSION['order']['insert_id'];
							if($data2['test_mode'] == 1)
							{
								/*
								*  Modified: 11/21/05
								*  Justin Osterholt
								*  SQL integration
								*/
								$query = $sql->query("INSERT INTO `2checkout` (`id`, `test_mode`) VALUES ('{$_SESSION['order']['insert_id']}', '1')");
								$invoice_id = str_pad($sql->insertID, 11, 0, STR_PAD_LEFT);
								header("Location: https://www.2checkout.com/2co/buyer/purchase?sid={$data['username']}&quantity=1&product_id=$prod_id&merchant_order_id=$invoice_id&demo=Y&return_url={$data['return_url']}");
								exit();
							}
							else
							{
								/*
								*  Modified: 11/21/05
								*  Justin Osterholt
								*  SQL integration
								*/
								$query = $sql->query("INSERT INTO `2checkout` (`id`) VALUES ('{$_SESSION['order']['insert_id']}')");
								$invoice_id = str_pad($sql->insertID, 11, 0, STR_PAD_LEFT);
								header("Location: https://www.2checkout.com/2co/buyer/purchase?sid={$data['username']}&quantity=1&product_id=$prod_id&merchant_order_id=$invoice_id&return_url={$data['return_url']}");
								exit();
							}
						break;
					}
				}
			}

			$skip_num = ($_POST['pay_method'] == 3) ? 0 : 1;
		break;

		case 8:
			if(!is_numeric($_POST['cc_type']))
			{
				$_SESSION['error']['cc_type'] = TRUE;
				$_SESSION['error']['msg']['cc_type'] = "Card Holder Credit Card Type is required!";
			}
			else
			{
				$_SESSION['order']['cc_type'] = mysql_real_escape_string($_POST['cc_type']);
			}

			// fix state, province vica-versa error.
			if(!isset($_SESSION['error']['cc_state']))
			{
				unset($_SESSION['error']['cc_province'], $_SESSION['error']['msg']['cc_province']);
			}
			elseif(!isset($_SESSION['error']['cc_province']))
			{
				unset($_SESSION['error']['cc_state'], $_SESSION['error']['msg']['cc_state']);
			}

			if(!$_SESSION['error'])
			{
				if(isset($_SESSION['order']['cc_firstname']) && isset($_SESSION['order']['cc_lastname']))
				{
					/*
					*  Modified: 11/21/05
					*  Justin Osterholt
					*  SQL integration
					*/
					$query = $sql->query("INSERT INTO `authnet` (`id`, `cc_firstname`, `cc_lastname`, `cc_address`, `cc_state`, `cc_zip`, `cc_country`, `cc_type`, `cc_num`, `cc_exp`, `date`) VALUES('{$_SESSION['order']['insert_id']}', '{$_SESSION['order']['cc_firstname']}', '{$_SESSION['order']['cc_lastname']}', '{$_SESSION['order']['cc_address']}', '{$_SESSION['order']['cc_state']}', '{$_SESSION['order']['cc_zip']}', '{$_SESSION['order']['cc_country']}', '{$_SESSION['order']['cc_type']}', '{$_SESSION['order']['cc_num']}', '{$_SESSION['order']['cc_exp']}', NOW())");
					$invoice_id = $sql->insertID;
				}
				/*
				*  Modified: 11/21/05
				*  Justin Osterholt
				*  SQL integration
				*/
				$sql->getAssocRow("SELECT * FROM `merchant` WHERE `id` = '1'");

				$x_Login				= $data['username'];
				$x_Password				= $data['password'];
				$x_Delim_Data			= "TRUE";
				$x_Delim_Char			= ",";
				$x_Encap_Char			= "";
				$x_Type					= "AUTH_CAPTURE";
				$x_Test_Request			= $data['test_mode'];
				$x_Method				= "CC";
				$x_Amount				= $_SESSION['order']['packages'][$_SESSION['order']['package']]['prices'][$_SESSION['order']['pay_period']];
				$x_First_Name			= $_SESSION['order']['firstname'];
				$x_Last_Name			= $_SESSION['order']['lastname'];
				$x_Address				= $_SESSION['order']['address'];
				$x_State				= $_SESSION['order']['state'];
				$x_Zip					= $_SESSION['order']['zip_code'];
				$x_Cust_ID				= $_SESSION['order']['phone_num'];
				$x_Invoice_Num			= $invoice_id;
				$x_Description			= $_SESSION['order']['packages'][$_SESSION['order']['package']]['name'];
				$x_Card_Num				= $_SESSION['order']['cc_num'];
				$x_Exp_Date				= $_SESSION['order']['cc_exp'];
				$x_card_code			= $_SESSION['order']['cc_cvv'];
				$request  ="x_Version=3.1&x_Login=$x_Login&x_Delim_Data=$x_Delim_Data&x_Delim_Char=$x_Delim_Char&x_Encap_Char=$x_Encap_Char";
				$request .= "&x_Type=$x_Type&x_Test_Request=$x_Test_Request&x_Method=$x_Method&x_Amount=$x_Amount&x_First_Name=$x_First_Name";
				$request .= "&x_Last_Name=$x_Last_Name&x_Card_Num=$x_Card_Num&x_Exp_Date=$x_Exp_Date&x_Address=$x_Address&x_City=$x_City&x_State=$x_State&x_Zip=$x_Zip&x_Cust_ID=$x_Cust_ID&x_Invoice_Num=$x_Invoice_Num&x_Description=$x_Description&x_card_code=$x_card_code";
				$request .= ($x_Password != "") ? "&x_Password=$x_Password" : NULL;
				$ch = curl_init("https://secure.authorize.net/gateway/transact.dll");
				curl_setopt($ch, CURLOPT_HEADER, 0);
				curl_setopt($ch, CURLOPT_POSTFIELDS, $request);
				curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
				$result = curl_exec($ch);
				curl_close($ch);
				$response = explode($x_Delim_char, $result);
			}
		break;
	}

	// fix empty $_SESSION error array.
	if(empty($_SESSION['error']['msg']))
	{
		unset($_SESSION['error']);
	}

	if(!$_SESSION['error'])
	{
		session_write_close();
		header("Location: ?step=" . ($_POST['step'] + 1 + $skip_num));
	}
	else
	{
		session_write_close();
		header("Location: ?step=" . $_POST['step']);
	}
}
else
{
	if($_GET['page'] == "terms")
	{
		/*
		*  Modified: 11/21/05
		*  Justin Osterholt
		*  SQL integration
		*/
		$data = $sql->getAssocRow("SELECT `terms` FROM `text`");
		$data2 = $sql->getAssocRow("SELECT `company` FROM `settings`");
		$data['terms'] = str_replace("[company]", $data2['company'], $data['terms']);
		/*
		*  Modified: 11/17/05
		*  Justin Osterholt
		*  TOS slashes fix
		*/
		echo stripslashes($data['terms']);
	}
	else
	{
		/*
		*  Justin Osterholt
		*  11/27/05
		*  Invisible package addon
		*/
		$query = mysql_query("SELECT * FROM packages WHERE `invisible` = '0';");
		$_GET['step'] = (isset($_GET['step'])) ? $_GET['step'] : 1;

		switch($_GET['step'])
		{
			case 1:
				/*
				*  Modified: 11/23/05
				*  Justin Osterholt
				*  Block IP addon
				*/
				if($blockIPCount == 0) {
					include(TPL_INC . "services.inc");
				} else {
					include(TPL_INC."banned_ip.inc");
				}
			break;

			case 2:
				include(TPL_INC . "pay_period.inc");
			break;

			case 3:
				$inet = $sql->getResult("SELECT `allow_same_ip_order` FROM `settings` LIMIT 0,1;");
				if($inet == 0) {
					$ipCount = $sql->getResult("SELECT COUNT(*) FROM `accounts` WHERE `hostname`='".ip2long($_SERVER['REMOTE_ADDR'])."';");
					if($ipCount != 0) {
						include(TPL_INC . "duplicate_ip.inc");
						$duplicate = true;
					}
				}
				if(empty($duplicate)) {
					include(TPL_INC . "domain_type.inc");
				}
			break;

			case 4:
				include(TPL_INC . "domain_info.inc");
			break;

			case 5:
				include(TPL_INC . "personal.inc");
			break;

			case 6:
				include(TPL_INC . "login.inc");
			break;

			case 7:
				unset($_SESSION['order']['pay_method']);
				include(TPL_INC . "pay_method.inc");
				break;

			case 8:
				// 2checkout -- authorize.net
				// authorize.net

				$_error_str = array
				(
					"cc_firstname"	=> "Card Holder Firstname is required!",
					"cc_lastname"	=> "Card Holder Lastname is required!",
					"cc_address"	=> "Card Holder Address is required!",
					"cc_state"		=> "Card Holder State is required",
					"cc_province"	=> "Card Holder Province is required!",
					"cc_zip"		=> "Card Holder Zip Code is required!",
					"cc_country"	=> "Card Holder Country is required!",
					"cc_num"		=> "Card Holder Credit Card Number is required!",
					"cc_type"		=> "Card Holder Credit Card Type is required!",
					"cc_exp"		=> "Card Holder Credit Card Expiration Date is required!"
				);

				include(TPL_INC . "credit_info.inc");
			break;

			case 9:
				/*
				*  Modified: 11/21/05
				*  Justin Osterholt
				*  SQL class integration
				*/
				$userCount = $sql->getResult("SELECT COUNT(*) FROM `accounts` WHERE `username`='{$_SESSION['order']['username']}';");

				if($userCount != 0) {
					echo 'Username already exists!<br/>';
				}
				if(!$_SESSION['order']['insert_id'] && $userCount == 0)
				{
					$data = $sql->getAssocRow("SELECT `email`, `company`, `http_path` FROM `settings`");
					$hostname = ip2long($_SERVER['REMOTE_ADDR']);
					$data = $sql->getAssocRow("SELECT auto_aprv_free FROM settings");

					// FREE PACKAGE
					if($data['auto_aprv_free'] == 1)
					{
						/*
						*  Justin Osterholt
						*  12/03/05
						*  Status fix
						*/
						$query = $sql->query("INSERT INTO accounts (sid, sdid, firstname, lastname, company, address, city, state, province, zip, country, phone_num, fax_num, email, referrer, username, password, pay_method, pay_period, package, domain, domain_type, level, status, hostname, date, servstatus)
						VALUES('{$_SESSION['order']['server_id']}', '{$_SESSION['order']['subdomain']}', '{$_SESSION['order']['firstname']}', '{$_SESSION['order']['lastname']}', '{$_SESSION['order']['company']}',
						'{$_SESSION['order']['address']}', '{$_SESSION['order']['city']}', '{$_SESSION['order']['state']}',
						'{$_SESSION['order']['province']}', '{$_SESSION['order']['zip']}', '{$_SESSION['order']['country']}',
						'{$_SESSION['order']['phone_num']}', '{$_SESSION['order']['fax_num']}', '{$_SESSION['order']['email']}',
						'{$_SESSION['order']['refferer']}', '" . strtolower($_SESSION['order']['username']) . "',
						'{$_SESSION['order']['password']}', '{$_SESSION['order']['pay_method']}', '{$_SESSION['order']['pay_period']}',
						'{$_SESSION['order']['package']}', '{$_SESSION['order']['domain']}', '{$_SESSION['order']['domain_type']}', 0, 8,
						'" . ip2long($_SERVER['REMOTE_ADDR']) . "', NOW(), 'yes')") or die(mysql_error());

						$user_id = $sql->insertID;

						// AUTO APPROVE
						$data = $sql->getAssocRow("SELECT `verify_email` FROM `text`");
						$subject = "Account Verification!";
						$message = $data['verify_email'];
						$data = $sql->getAssocRow("SELECT * FROM `settings`");
						$message = str_replace("[company]", $data['company'], $message);
						$message = str_replace("[http_path]", "<a href=\"{$data['http_path']}/client/?uid=$user_id&action=approve&aprv_id=$hostname\">Please click here to verify your account!</a><br />If you are an aol user and can not click the above link please copy and paste the following link: {$data['http_path']}/client/?uid=$user_id&action=approve&aprv_id=$hostname.", $message);
					}
					else
					{
						$query = $sql->query("INSERT INTO accounts (sid, sdid, firstname, lastname, company, address, city, state, province, zip, country, phone_num, fax_num, email, referrer, username, password, pay_method, pay_period, package, domain, domain_type, level, status, hostname, date, servstatus)
						VALUES('{$_SESSION['order']['server_id']}', '{$_SESSION['order']['subdomain']}', '{$_SESSION['order']['firstname']}', '{$_SESSION['order']['lastname']}', '{$_SESSION['order']['company']}',
						'{$_SESSION['order']['address']}', '{$_SESSION['order']['city']}', '{$_SESSION['order']['state']}',
						'{$_SESSION['order']['province']}', '{$_SESSION['order']['zip']}', '{$_SESSION['order']['country']}',
						'{$_SESSION['order']['phone_num']}', '{$_SESSION['order']['fax_num']}', '{$_SESSION['order']['email']}',
						'{$_SESSION['order']['refferer']}', '" . strtolower($_SESSION['order']['username']) . "',
						'{$_SESSION['order']['password']}', '{$_SESSION['order']['pay_method']}', '{$_SESSION['order']['pay_period']}',
						'{$_SESSION['order']['package']}', '{$_SESSION['order']['domain']}', '{$_SESSION['order']['domain_type']}', 0, 8,
						'" . ip2long($_SERVER['REMOTE_ADDR']) . "', NOW(),'yes')") or die(mysql_error());

						$user_id = $sql->insertID;

						// ADMIN APPROVAL
						$data = $sql->getAssocRow("SELECT `approval_email` FROM `text`");
						$subject = "Account Approval Required!";
						$message = $data['approval_email'];
						$data = $sql->getAssocRow("SELECT * FROM `settings`");
						$message = str_replace("[company]", $data['company'], $message);
						$message = str_replace("[http_path]", "<a href=\"{$data['http_path']}/client/?uid=$user_id&action=approve&aprv_id=$hostname\">Please click here to verify your account!</a><br />If you are an aol user and can not click the above link please copy and paste the following link: {$data['http_path']}/client/?uid=$user_id&action=approve&aprv_id=$hostname.", $message);
					}

					$message = str_replace("[http_login]", "http://{$_SESSION['order']['domain']}:2082", $message);
					$message = str_replace("[https_login]", "https://{$_SESSION['order']['domain']}:2083", $message);
					$message = str_replace("[username]", $_SESSION['order']['username'], $message);
					$message = str_replace("[password]", $_SESSION['order']['password'], $message);
					$message = str_replace("[email]", $_SESSION['order']['email'], $message);
					$message = str_replace("[package]", $_SESSION['order']['package']['name'], $message);
					$message = str_replace("[domain]", $_SESSION['order']['domain'], $message);
					$message = str_replace("[hostname]", $_SERVER['REMOTE_ADDR'], $message);
					$message = str_replace("[ns1]", $server['ns1'], $message);
					$message = str_replace("[ns2]", $server['ns2'], $message);
					$message = str_replace("[signup_date]", date("m-d-y"), $message);
					$message = str_replace("[todays_date]", date("m-d-y"), $message);

					$mail = new mailObj();
					$mail->subject = $subject;
					$mail->message = nl2br($message);
					$mail->sender = "{$data['company']} <{$data['email']}>";
					if(!$mail->addRecepient($_SESSION['order']['email'])) {
						$error[] = "Unable to assign contact name!";
					}
					if(empty($error)) {
						if(!$mail->execute()) {
							$error[] = "Unable to send e-mail!";
						}
					} else {
						echo implode("<br/>\n", $error);
					}
					include(TPL_INC . "thankyou.inc");
				}
			break;
		}
	}
}

echo "<table><tr><td>Your IP Address is recorded: {$_SERVER['REMOTE_ADDR']}</td></tr></table>";

include("../tpl/main/footer.inc");
?>