-
Notifications
You must be signed in to change notification settings - Fork 0
/
do_setPaymentForm.php
117 lines (93 loc) · 4.82 KB
/
do_setPaymentForm.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
<?php /*
Copyright 2015 Cédric Levieux, Parti Pirate
This file is part of PPMoney.
PPMoney is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
PPMoney is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with PPMoney. If not, see <http://www.gnu.org/licenses/>.
*/
include_once("config/database.php");
include_once("config/paybox.php");
require_once("engine/bo/ProjectBo.php");
require_once("engine/bo/TransactionBo.php");
require_once("engine/utils/FormUtils.php");
// We sanitize the request fields
xssCleanArray($_REQUEST);
if (!isset($_REQUEST["iCertify"])) exit();
$connection = openConnection();
$transactionBo = TransactionBo::newInstance($connection);
$email = $_REQUEST["email"] ? $_REQUEST["email"] : $_REQUEST["renewEmail"];
$amount = str_replace(",", ".", $_REQUEST["donation"]);
$amount += (isset($_REQUEST["costRadio"]) ? str_replace(",", ".", $_REQUEST["costRadio"]) : 0);
$amount += (isset($_REQUEST["localDonation"]) ? str_replace(",", ".", $_REQUEST["localDonation"]) : 0);
$amount += (isset($_REQUEST["projectDonation"]) ? str_replace(",", ".", $_REQUEST["projectDonation"]) : 0);
$amount += (isset($_REQUEST["projectAdditionalDonation"]) ? str_replace(",", ".", $_REQUEST["projectAdditionalDonation"]) : 0);
$dateTime = date("c");
$purpose = array();
if (isset($_REQUEST["donation"])) {
$purpose["donation"] = str_replace(",", ".", $_REQUEST["donation"]);
}
if (isset($_REQUEST["costRadio"])) {
$purpose["join"] = str_replace(",", ".", $_REQUEST["costRadio"]);
}
if (isset($_REQUEST["localSection"]) && $_REQUEST["localSection"]) {
$purpose["local"] = array();
$purpose["local"]["section"] = $_REQUEST["localSection"];
if (isset($_REQUEST["localDonation"]) && $_REQUEST["localDonation"]) {
$purpose["local"]["donation"] = str_replace(",", ".", $_REQUEST["localDonation"]);
}
}
if (isset($_REQUEST["pseudo"]) && $_REQUEST["pseudo"]) {
$purpose["forumPseudo"] = $_REQUEST["pseudo"];
}
if (isset($_REQUEST["forum"]) && isset($_REQUEST["pseudo"]) && $_REQUEST["pseudo"]) {
$purpose["forumPseudo"] = $_REQUEST["pseudo"];
}
if (isset($_REQUEST["subscription"])) {
$purpose["reportSubscription"] = true;
}
if (isset($_REQUEST["comment"]) && $_REQUEST["comment"]) {
$purpose["comment"] = $_REQUEST["comment"];
}
if (isset($_REQUEST["projectId"]) && $_REQUEST["projectId"]) {
$purpose["project"] = array();
$projectBo = ProjectBo::newInstance($connection);
$project = $projectBo->getProject($_REQUEST["projectId"]);
$purpose["project"]["code"] = $project["pro_code"];
$purpose["project"]["donation"] = str_replace(",", ".", $_REQUEST["projectDonation"]);
$purpose["project"]["additionalDonation"] = str_replace(",", ".", $_REQUEST["projectAdditionalDonation"]);
}
if (isset($_REQUEST["rejoin"]) && $_REQUEST["rejoin"] == "true") {
$purpose["rejoin"] = true;
}
$transaction = array();
$transaction["tra_amount"] = $amount;
$transaction["tra_email"] = $email;
$transaction["tra_date"] = $dateTime;
$transaction["tra_purpose"] = json_encode($purpose);
if (isset($_REQUEST["firstname"]) && $_REQUEST["firstname"]) $transaction["tra_firstname"] = $_REQUEST["firstname"];
if (isset($_REQUEST["lastname"]) && $_REQUEST["lastname"]) $transaction["tra_lastname"] = $_REQUEST["lastname"];
if (isset($_REQUEST["nationality"]) && $_REQUEST["nationality"]) $transaction["tra_nationality_iso"] = $_REQUEST["nationality"];
if (isset($_REQUEST["nationalityLabel"]) && $_REQUEST["nationalityLabel"]) $transaction["tra_nationality"] = $_REQUEST["nationalityLabel"];
if (isset($_REQUEST["address"]) && $_REQUEST["address"]) $transaction["tra_address"] = $_REQUEST["address"];
if (isset($_REQUEST["zipcode"]) && $_REQUEST["zipcode"]) $transaction["tra_zipcode"] = $_REQUEST["zipcode"];
if (isset($_REQUEST["city"]) && $_REQUEST["city"]) $transaction["tra_city"] = $_REQUEST["city"];
if (isset($_REQUEST["country"]) && $_REQUEST["country"]) $transaction["tra_country"] = $_REQUEST["country"];
if (isset($_REQUEST["telephone"]) && $_REQUEST["telephone"]) $transaction["tra_telephone"] = $_REQUEST["telephone"];
$transactionBo->save($transaction);
$amount *= 100;
$reference = $transaction["tra_reference"];
if ((isset($purpose["donation"]) || isset($purpose["join"]) || isset($purpose["project"])) && $amount > 750000) {
include_once("language/language.php");
$data = array("error" => true, "title" => lang("error_title"), "message" => lang("error_donation_too_high"));
echo json_encode($data);
exit();
}
include ("engine/utils/paybox.php");
?>