include "db.php";
include "admin/includes/crypt.php";
include "admin/includes/charge2.php";
$pleaseEnter = 'Please enter this information!
';
$pleaseSelect = 'Please select one!
';
$pleaseCheckBox = 'Please check at least one!
';
$issues = '
1st. & 2nd. choice should be different issues!';
$mess = array("ms1"=>1,"ms2"=>1,"ms3"=>1,"ms4"=>1,"ms5"=>1,"ms6"=>1,"ms7"=>1,"ms8"=>1,"ms9"=>1,"ms10"=>1,"ms11"=>1);
if($theForm)
{
//Email address form is sent to
$email = "danbaldwin@mailbolt.com"; ///danbaldwin@mailbolt.com
//Name of person email is sent to
$name = "Blain";
// Comfirmation email
$comf = "Note to buyer";
stABC($firstName,1);
stABC($lastName,2);
stChk($streetAddress1,3);
stChk($city,4);
stChk($state,5);
stChk($zip,6);
stChk($phone,7);
stemail($emailAddress,8);
if($paymentType=="creditcard")
stChk($ccNumber,9);
if($mess['ms1'] && $mess['ms2'] && $mess['ms3'] && $mess['ms4'] && $mess['ms5'] && $mess['ms6'] && $mess['ms7'] && $mess['ms8'] && $mess['ms9'])
{
$body = "Giant Electronics\n\n";
$body .= "Name: $firstName $middleName $lastName \n\n";
$body .= "Address: $streetAddress1 $streetAddress2 $city $state $zip\n";
$body .= "Phone: $phone\n";
$comf = "Giant Electronics\n\n";
$comf .= "We have received your order for our CD-ROM.\n\n";
///////////////////
// Put into database
$ccNumber2 = encrypt($ccNumber,$key);
if(!mysql_query("INSERT INTO orders SET ccType='$ccType',ccNumber='$ccNumber2',ccExpMM='$ccExpMM',ccExpYY='$ccExpYY',ccCvv2='$ccCvv2',firstName='$firstName',lastName='$lastName',orderId='$orderId',streetAddress1='$streetAddress1',streetAddress2='$streetAddress2',city='$city',state='$state',zip='$zip',phone='$phone',email='$emailAddress',paymentOption='$paymentOption',comments='$comments',middleName='$middleName',updates='$updates',orderTime='".date('Y-m-j H:i:s')."'"))
{ echo "Error: 1 " . mysql_error(); exit(); }
if(mysql_affected_rows()>0)
$id=mysql_insert_id();
///////////////////////
// charge credit card
$strCCExpireDate = $ccExpMM.'/20'.$ccExpYY;
$testMode = 1; // 1 for true and 0 for false
$x_type = 'AUTH_CAPTURE';
// AUTH_ONLY = check to see if card is has amount available
// AUTH_CAPTURE = charges the card
// Get amount to charge
if(!$result = mysql_query("SELECT * FROM pricing WHERE id=1"))
{ echo "Error: 6 " . mysql_error(); exit(); }
$row3 = mysql_fetch_array($result);
$chargeAmount = $row3['cost']; // "cost" for initial cost, and "updates" for updates
// Get a transaction id
if(!mysql_query("INSERT INTO transactions (dateAndTime,amount,account) VALUES('".date("Y-m-d H:i:s")."',$chargeAmount,'$id')"))
{ echo "Error: 2 " . mysql_error(); exit(); }
else
{
if(mysql_affected_rows()>0)
$invoiceNum = mysql_insert_id();
$ccResult = ChargeCreditCard($chargeAmount, $ccNumber, $strCCExpireDate, $ccCvv2, $x_type, $testMode, $invoiceNum);
}
////////////////////////
// Insert result of charge
$ccResponse = explode(',',$ccResult);
if($ccResponse[0] == 1)
$paid = 1;
elseif($ccResponse[0] == 2)
{
$paid = 0;
$payError = 'Declined';
}
else
{
$paid = 0;
$payError = 'Error';
}
if($paid)
{
if(!mysql_query("UPDATE orders SET paid='$paid' WHERE orderId='$id'"))
{ echo "Error: 3 ".mysql_error(); exit(); }
////////////// email out the form
mail($name." <".$email.">", "Giant Electronics", $body, "From: Giant Electronics <".$email.">");
// Confirm email sent out
mail($FirstName." ".$LastName." <".$EmailAddress.">", "Giant Electronics", $comf, "From: Giant Electronics <".$email.">");
// Go to thankyou page
//header("Location:order_thanks.html?id=$id&opt=$paymentOption");
}
else
{
if($payError == 'Declined')
$ccErrorMessage = '
Your credit card was declined! Please make sure you have sufficient funds available on your card.';
else
$ccErrorMessage = '
Your credit card information has an error! Please check your informaton and try again.';
if(!mysql_query("DELETE FROM orders WHERE orderId='$id'"))
{ echo "Error: 4 ".mysql_error(); exit(); }
if(!mysql_query("DELETE FROM transactions WHERE account='$id'"))
{ echo "Error: 5 ".mysql_error(); exit(); }
}
}
}
// Required fields
function stABC($str,$msNum)
{
$result = false;
global $mess;
if(ereg("[a-zA-Z]",$str))
$mess["ms".$msNum] = 1;
else
$mess["ms".$msNum] = 0;
}
function st123($str,$msNum)
{
global $mess;
if(ereg("[0-9]",$str))
$mess["ms".$msNum] = 1;
else
$mess["ms".$msNum] = 0;
}
function stemail($str,$msNum)
{
global $mess;
if(ereg("^.+@.+\\..+$",$str))
$mess["ms".$msNum] = 1;
else
$mess["ms".$msNum] = 0;
}
function stChk($str,$msNum)
{
global $mess;
if($str!='') // True
$mess["ms".$msNum] = 1;
else // False
$mess["ms".$msNum] = 0;
}
$states = array( ''=>'State','AL'=>'Alabama', 'AK'=>'Alaska', 'AZ'=>'Arizona', 'AR'=>'Arkansas', 'CA'=>'California', 'CO'=>'Colorado', 'CT'=>'Connecticut', 'DE'=>'Delaware', 'DC'=>'District of Columbia', 'FL'=>'Florida', 'GA'=>'Georgia', 'HI'=>'Hawaii', 'ID'=>'Idaho', 'IL'=>'Illinois', 'IN'=>'Indiana', 'IA'=>'Iowa', 'KS'=>'Kansas', 'KY'=>'Kentucky', 'LA'=>'Louisiana', 'ME'=>'Maine', 'MD'=>'Maryland', 'MA'=>'Massachusetts', 'MI'=>'Michigan', 'MN'=>'Minnesota', 'MS'=>'Mississippi', 'MO'=>'Missouri', 'MT'=>'Montana', 'NE'=>'Nebraska', 'NV'=>'Nevada', 'NH'=>'New Hampshire', 'NJ'=>'New Jersey', 'NM'=>'New Mexico', 'NY'=>'New York', 'NC'=>'North Carolina', 'ND'=>'North Dakota', 'OH'=>'Ohio', 'OK'=>'Oklahoma', 'OR'=>'Oregon', 'PA'=>'Pennsylvania', 'RI'=>'Rhode Island', 'SC'=>'South Carolina', 'SD'=>'South Dakota', 'TN'=>'Tennessee', 'TX'=>'Texas', 'UT'=>'Utah', 'VT'=>'Vermont', 'VA'=>'Virginia', 'WA'=>'Washington', 'WV'=>'West Virginia', 'WI'=>'Wisconsin', 'WY'=>'Wyoming' );
function printstateselect($name='state',$default='',$short='')
{
global $states;
$selected = 'selected="selected"';
printf("\n");
}
?>