When payment is complete, remember to click
Return to Merchant
for a printable receipt
EOR;
*/
///////////////////////////////////////////////////////////////////////////////
}
else {
// $amount_str = $amount;
$payoption = "Pay-by-Check";
$paywindow = "";
$convtext = "";
$formaction = "";
$remind_return = "";
}
?>
Billing Details
Enter the billing address for the checking account or credit card you want to use for this payment.
=$privacyStatement?>
}
elseif ($mode == "check") {
?>
Online Check Payment
Please provide your bank and checking account information below.
=$privacyStatement?>
}
elseif ($mode == "admin-login") {
?>
Login
Enter your user name and password to log in.
=$msg?>
}
elseif ($mode == "admin-list-checks") {
?>
For maximum security, click "Delete Record" link to permanently remove each record after saving or printing information.
=$msg?>
$maxCount = mysql_num_rows($queryResult);
while ($row = mysql_fetch_array($queryResult)) {
?>
Date |
Payer Name |
Address 1 |
Address 2 |
City |
State & Zip Code |
$zip_code_fmt = (strlen(trim($row['zip_code'])) >= 9) ?
(substr($row['zip_code'],0,5) . "-" . substr($row['zip_code'],-4)) : $row['zip_code'];
?>
=$row['date_created_fmt']?> |
=$row['first_name']?> =$row['last_name']?> |
=$row['address_1']?> |
=$row['address_2']?> |
=$row['city']?> |
=$row['state']?> =$zip_code_fmt?> |
Amount |
Bank Name |
Bank City & State |
Routing Number |
Account Number |
Check Number |
=$row['amount_fmt']?> |
=$row['bank_name']?> |
=$row['bank_city']?> =$row['bank_state']?> |
=$row['bank_routing_num']?> |
=$row['bank_account_num']?> |
=$row['check_number']?> |
=$row['memo']?> |
=$row['phone_fmt']?> |
=$row['e_mail']?> |
Delete Record |
}
?>
=$rowCount?> records displayed of =$maxCount?> total records
=$listChecksTimeoutScript?>
}
elseif ($mode == "paypal-return") {
?>
Thank You!
A receipt for your payment has been e-mailed to the address you provided.
Please contact us if you have questions about this transaction or about your purchase.
=$privacyStatement?>
}
elseif ($mode == "cancel") {
?>
Transaction Cancelled
You have cancelled your payment and your account has not been charged.
Please contact us if you have questions about this transaction.
=$privacyStatement?>
}
elseif ($mode != "receipt") { // mode error
?>
Transaction Error
We encountered a problem while processing your payment.
=$errmsg?>
Please note the above error message and contact us for assistance. We apologize for the inconvenience.
=$privacyStatement?>
}
else { // mode "receipt"
// file_put_contents("make-pmt-receipt-args", date("Y-m-d h:i:s") . " : {$paymethod} : {$_GET['tx']} : {$_GET['merchant_return_link']} : {$_SERVER["HTTP_HOST"]} : {$_SERVER["SCRIPT_NAME"]}\n");
if ($paymethod != "check" and $_GET['tx'] == "" and $_GET['merchant_return_link'] == "") {
header("Location: http://" . $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"] . "?next_mode=error&errmsg=Invalid parameters sent to PayPal."); // for invalid paymethod
exit;
}
$dateToday = date("F j, Y");
//////////////////////////////////////////////////////////////
//
// PAY-BY-CHECK PROCESSING - START
//
//////////////////////////////////////////////////////////////
if ($paymethod == "check") {
//////////////////////////////////////////////////////////////
// Prepare insert SQL
//////////////////////////////////////////////////////////////
$patient = addslashes($patient);
$last_name = addslashes($last_name);
$first_name = addslashes($first_name);
$suffix = addslashes($suffix);
$address1 = addslashes($address1);
$address2 = addslashes($address2);
$city = addslashes($city);
$zip = addslashes($zip);
$bankname = addslashes($bankname);
$bankfraction = addslashes($bankfraction);
$memo = addslashes($memo);
$insertBankInfo = << $value ) {
echo "$key : $value
\n";
}
echo "-->\n";
////////////////////////////////////////////////////////////////////////////////////////
// Collect returned and pass-through (custom) values
////////////////////////////////////////////////////////////////////////////////////////
$receiptid = $keyarray['receipt_id'];
$first_name = $keyarray['first_name'];
$last_name = $keyarray['last_name'];
$itemname = $keyarray['item_name'];
$amount = $keyarray['payment_gross'];
$payeremail = $keyarray['payer_email'];
$rcvremail = $keyarray['receiver_email'];
$memo = $keyarray['memo'];
list($address1,$addr2,$city, $state, $zip, $memo, $amount2, $email) = explode(":", urldecode($keyarray["custom"]));
}
////////////////////////////////////////////////////////////////////////////////////////
// If payment status is FAIL, report error for manual investigation
// - Check that transaction token (txn_id) is not bad
// - Check that ID token (auth_token) is not bad
// - Check that tokens have not expired
////////////////////////////////////////////////////////////////////////////////////////
else if (strcmp ($lines[0], "FAIL") == 0) {
header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"] . "?next_mode=error&errmsg=" . urlencode("Transaction Failed - {$lines[0]}, {$lines[1]}, {$lines[2]}" . "&qry=" . urlencode($req)));
exit;
}
}
fclose ($fp);
// $business_name = (strlen($company)) ? "\n{$company}
" : "";
$paymentMethod = (strlen($receiptid) > 0) ? "Credit Card with PayPal Receipt ID {$receiptid}" : "PayPal Account e-mail address {$payeremail}";
///////////////////////////////////////////////////////////////////////
// Set up PayPal receipt variables
///////////////////////////////////////////////////////////////////////
$address2 = $addr2;
$suffix = (strlen($sffx)) ? " {$sffx}" : "";
//////////////////////////////////////////////////////////////
//
// PAYPAL/CREDIT CARD PROCESSING - END
//
//////////////////////////////////////////////////////////////
}
////////////////////////////////////////////////////////////////////////////////////////
// Assemble common variables for receipt
////////////////////////////////////////////////////////////////////////////////////////
$payerAddress2Text = (trim($address2) != "") ? "\n{$address2}" : "";
$payerAddressText = <<";
$mail = new htmlMimeMail();
$mail->setFrom("{$merchantName} <{$merchantEmail}>");
$mail->setCc("{$merchantName} <{$merchantEmail}>");
$mail->setBcc($bccEmail);
$mail->setReturnPath($returnPath);
$mail->setSubject("{$merchantName} Payment Receipt");
///////////////////////////////////////////////////////////////////////
// Prepare text and HTML versions of receipt
///////////////////////////////////////////////////////////////////////
$text_section = <<
EOH;
$html_body = <<
|
Your Receipt
{$dateToday}
{$payerAddress}
Your payment transaction is complete. Print this page for your records.
Payment Amount: |
${$amount} |
Payment For: |
{$memo} |
Payment Method: |
{$paymentMethod} |
Thank you for your payment.
If you have any questions, please visit us at {$_SERVER['HTTP_HOST']} or call us at {$merchantPhone}.
Go to {$merchantName} home page.
|
EOB;
$html_section = $html_heading . $html_body;
///////////////////////////////////////////////////////////////////////
// Send receipt
///////////////////////////////////////////////////////////////////////
$mail->setHtml($html_section, $text_section, "./");
if (($mail->send($to)) === false) {
$officeNotify = "Customer receipt mail error";
///////////////////////////////////////////////////////////////////////
// If receipt e-mail failed, attempt to notify merchant
///////////////////////////////////////////////////////////////////////
$errorTo[] = $merchantEmail;
$mail = new htmlMimeMail();
$mail->setFrom($merchantEmail);
$mail->setReturnPath($merchantEmail);
$mail->setSubject("SEND ERROR: {$merchantName} Payment Receipt");
$mail->setHtml($html_section, $text_section, "./");
$mail->send($errorTo);
}
?>
Your Receipt | =$merchantName?>
=$html_section?>
} // End - Mode Conditional if-else blocks
// Customize the following required file to contain the footer and closing BODY and HTML tags.
if ($mode != "receipt") include("pay-online-footer.html");
exit;
//////////////////////////////////////////////////////////////////////////////////////////////////////
//
// SUPPORT FUNCTIONS
//
//////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////
// Get all POST variables
///////////////////////////////////////////////////////////////////////
/*
foreach ($_POST as $key => $value) {
switch ($key) {
case "myphone":
case "myemail":
$$key = numbersOnly(scrubStr($value));
break;
default:
$$key = scrubStr($value);
break;
}
}
*/
function numbersOnly($string) {
$numStr = "";
for($i = 0; $i < strlen($string); $i++) {
$currChar = substr($string, $i, 1);
if(is_numeric($currChar)) $numStr .= $currChar;
}
return $numStr;
}
// Strip any additional lines from single-line items, to protect against header spamming
function scrubPost($varName) {
return stripslashes(array_shift(explode("\n", $_POST[$varName], 2)));
}
function scrubStr($string) {
return stripslashes(array_shift(explode("\n", $string, 2)));
}
///////////////////////////////////////////////////////////////////////
// Database Error Messages
///////////////////////////////////////////////////////////////////////
$cErrSignInDbc =
"Sign-in check error. Please contact administrator - Error DBC";
// database-connect error
$cErrSignInDbq =
"Sign-in check error. Please contact administrator - Error DBQ";
// database-query error
$cErrSignInDbf =
"Sign-in check error. Please contact administrator - Error DBF";
// database-fetch error
$cErrSignInFnf =
"Sign-in check error. Please contact administrator - Error FNF";
// file-not-found error
$cErrSignInFop =
"Sign-in check error. Please contact administrator - Error FOP";
// file open error
$cErrSignInSiu = "Invalid username or password - Error SIU";
// sign-in username error
$cErrSignInSip = "Invalid username or password - Error SIP";
// sign-in password error
$cErrChgPwdIop = "Invalid old password.";
// invalid-old-password error
$cErrChgPwdSon = "New password cannot be the same as old password.";
// new-same-as-old password error
$cErrChgPwdNop = "New password cannot be blank.";
// no-password error
$cErrChgPwdNdf = "Re-entered password should be same as new password.";
// passwords different error
$cErrChgPwdSav = "New password save failed. Contact administrator - Error SAV";
// password save error
$cErrDbc = "Check user authority error. Try again or contact administrator - Error DBC";
// database-server-connect error
$cErrDbs = "Check user authority error. Try again or contact administrator - Error DBS";
// database-select error
$cErrDbq = "Check user authority error. Try again or contact administrator - Error DBQ";
// database-query error
$cErrNoCaseFilesNrr = "No case files found for criteria provided. Try again - Code NRF";
// No rows found
$cErrDbi = "Add record error. Try again or contact administrator - Error DBI";
// database-insert error
$cErrDbu = "Update record error. Try again or contact administrator - Error DBU";
// database-update error
$cErrDbd = "Delete record error. Try again or contact administrator - Error DBD";
// database-update error
$cErrDba = "Archive record error. Try again or contact administrator - Error DBA";
// database-archive error
$cErrDbr = "Drop table error. Try again or contact administrator - Error DBR";
// database DDL error
$cErrDbt = "Create table error. Try again or contact administrator - Error DBT";
// database DDL error
///////////////////////////////////////////////////////////////////////
// Database Functions
///////////////////////////////////////////////////////////////////////
// *************************************************************************************
// *************************************************************************************
//////////////////////////////////////////////////////////////////////////////
//
// Function: sqlDbSelect()
//
// Description: Connect to the MySQL server and select a database
//
// Arguments: $query: the SQL string to execute
//
//////////////////////////////////////////////////////////////////////////////
function sqlDbSelect() {
global $dbHost;
global $dbName;
global $dbUser;
global $dbPassword;
global $cUrlShowError;
// -----------------------------------------------------------------------
// Connect to MySQL server
// -----------------------------------------------------------------------
if(! $link = mysql_connect($dbHost, $dbUser, $dbPassword)) {
header("Location: " . $cUrlShowError . "?errmsg=" . $cErrDbc);
exit;
}
// -----------------------------------------------------------------------
// Select database
// -----------------------------------------------------------------------
if (! $dbSelected = mysql_select_db($dbName, $link)) {
header("Location: " . $cUrlShowError . "?errmsg=" . $cErrDbs);
exit;
}
return $link;
} // sqlDbSelect()
//////////////////////////////////////////////////////////////////////////////
//
// Function: sqlDbSelectReturn()
//
// Description: Connect to the MySQL server, select a database and
// return status.
//
// Arguments: $query: the SQL string to execute
//
//////////////////////////////////////////////////////////////////////////////
function sqlDbSelectReturn() {
global $dbHost;
global $dbName;
global $dbUser;
global $dbPassword;
global $cUrlShowError;
// -----------------------------------------------------------------------
// Connect to MySQL server
// -----------------------------------------------------------------------
if (!$link = mysql_connect($dbHost, $dbUser, $dbPassword)) {
return false;
}
// -----------------------------------------------------------------------
// Select database
// -----------------------------------------------------------------------
if (!$dbSelected = mysql_select_db($dbName, $link)) {
return false;
}
return $link;
} // sqlDbSelectReturn()
////////////////////////////////////////////////////////////////////////////////////////
//
// Function: sqlQuery()
//
// Description: Connects to the MySQL server, selects the active database
// and executes the specified query
//
// Arguments: $query: the SQL string to execute
// $errText: any special text you want displayed if query fails
// $conSel: Y or N, to connect to the server and select the database
// $errCode: Y or N, to include the MySQL error number and text
// $errPrefix: a lead-in string to the main error text
// $errSuffix: a string
//
// Returns: Returns a resource from which the result rows may be fetched
//
////////////////////////////////////////////////////////////////////////////////////////
function sqlQuery($query, $errText, $conSel = "N", $errCode = "N", $errPrefix = "", $errSuffix = "" ) {
global $dbHost;
global $dbName;
global $dbUser;
global $dbPassword;
global $cUrlShowError;
global $cErrDbc;
global $cErrDbs;
global $cDebugLog;
// -----------------------------------------------------------------------
// Connect to the MySQL server if specified
// -----------------------------------------------------------------------
if (strtoupper($conSel) != "N") {
if(! $link = mysql_connect($dbHost, $dbUser, $dbPassword)) {
header("Location: " . $cUrlShowError . "?errmsg=" . $cErrDbc);
exit;
}
// -----------------------------------------------------------------------
// Select the active database
// -----------------------------------------------------------------------
if (! $dbSelected = mysql_select_db($dbName, $link)) {
header("Location: " . $cUrlShowError . "?errmsg=" . $cErrDbs);
exit;
}
}
// -----------------------------------------------------------------------
// Execute the passed in query
// -----------------------------------------------------------------------
if (! $result = mysql_query($query)) {
return;
$errMsg = (strlen($errPrefix)) ? "{$errPrefix}: " : "";
$errMsg .= $errText;
// if (strlen($errSuffix)) {
// $suffix = str_replace(" ", " ", stripslashes($errSuffix));
// $errMsg .= " - " . str_replace("\n", " ", $suffix);
// }
// $errMsg .= (strtoupper($errCode) == "N") ?
// "" : "
" . mysql_errno($link) . " - " . mysql_error($link) . "";
$queryNoReturn = ($cDebugLog == "Y" ) ?
("&qry=" . str_replace("\t", " ", str_replace("\n", " ", $query))) : "";
// header("Location: " . $cUrlShowError . "?errmsg=" . $errMsg . $queryNoReturn);
// header("Location: " . $cUrlShowError . "?errmsg=" . $errMsg);
header("Location: " . $cUrlShowError . "?errmsg=" . $errMsg . "&errno=" . mysql_errno($link)); // . "&error=" . mysql_error($link));
exit;
}
// -----------------------------------------------------------------------
// Return the resource to the caller
// -----------------------------------------------------------------------
return $result;
} // sqlQuery()
////////////////////////////////////////////////////////////////////////////////////////
//
// Function: sqlLogDebug()
//
// Description: Connects to the MySQL server, selects the active database
// and saves your message in the debug table
//
// Arguments: $message: Your log message
//
// Returns: N/A
//
////////////////////////////////////////////////////////////////////////////////////////
function sqlLogDebug($message, $sql = "") {
global $dbHost;
global $dbName;
global $dbUser;
global $dbPassword;
global $cUrlShowError;
global $cErrDbc;
global $cErrDbs;
global $cLogDebug;
// -----------------------------------------------------------------------
// Exit now if DEBUG is off
// -----------------------------------------------------------------------
if ($cLogDebug != "Y") return;
// -----------------------------------------------------------------------
// Connect to the MySQL server
// -----------------------------------------------------------------------
if(! $link = mysql_connect($dbHost, $dbUser, $dbPassword)) {
header("Location: " . $cUrlShowError . "?errmsg=" . $cErrDbc . " - " . $message);
exit;
}
// -----------------------------------------------------------------------
// Select the active database
// -----------------------------------------------------------------------
if (! $dbSelected = mysql_select_db($dbName, $link)) {
header("Location: " . $cUrlShowError . "?errmsg=" . $cErrDbs . " - " . $message);
exit;
}
// -----------------------------------------------------------------------
// Execute the log insert
// -----------------------------------------------------------------------
$scriptName = basename($_SERVER['SCRIPT_NAME']);
$query = <<