$foto_id){
// $foto_id is guranteed to be an int!
$Q = mysql_query('SELECT can, strecke_id, size_arc_w, size_arc_h, sort FROM foto WHERE foto_id='.$foto_id);
$FOTO = mysql_fetch_assoc($Q);
mysql_free_result($Q);
// check if there an entry
if(!$FOTO){
var_dump('no foto db entry', $foto_id, $FOTO, mysql_error());
unset($_SESSION['WARENKORB'][$k]);
continue;
}
// check if buyable
$can = explode(',', $FOTO['can']);
if(false === array_search('buy', $can)){
var_dump('not buyable', $foto_id);
unset($_SESSION['WARENKORB'][$k]);
continue;
}
// get "strecke" info: buy_source
$Q = mysql_query('SELECT strecke_id, titel, buy_source, event_id, search_event FROM strecke WHERE strecke_id='.$FOTO['strecke_id']);
$STRECKE = mysql_fetch_assoc($Q);
mysql_free_result($Q);
// check if there an entry
if(!$STRECKE){
var_dump('no strecke db entry', $foto_id);
unset($_SESSION['WARENKORB'][$k]);
continue;
}
// extraxt params
$params = json_decode($STRECKE['buy_source'], true);
if(!isset($params[$_SESSION['CLIENT']]['paypal'])){
var_dump('no paypal params', $foto_id);
unset($_SESSION['WARENKORB'][$k]);
continue;
}
$params = $params[$_SESSION['CLIENT']]['paypal'];
if(!array_alloc_equal($_SESSION['PARAMS'], $params)){
var_dump('different paypal params', $foto_id);
unset($_SESSION['WARENKORB'][$k]);
continue;
}
if($_SESSION['KARTE']){
$params = $params['karte'];
}
// add to sum (and remember it)
if(isset($params['preis'])){
$p = $params['preis'];
}else if(isset($params['staffelung'])){
$p = $params['staffelung'][$staffel];
if($staffel+1 < count($params['staffelung'])){
$staffel++;
}
}else{
var_dump('no paypal preis/staffelung', $foto_id);
unset($_SESSION['WARENKORB'][$k]);
continue;
}
$tot_amount += $p;
$FOTOS[] = array(
'event_id' => $STRECKE['event_id'],
'event_titel' => $STRECKE['search_event'],
'strecke_id' => $FOTO['strecke_id'],
'strecke_titel' => $STRECKE['titel'],
'sort' => $FOTO['sort'],
'foto_id' => $foto_id,
'amount' => $p,
'size_arc_w' => $FOTO['size_arc_w'],
'size_arc_h' => $FOTO['size_arc_h'],
'size_arc' => round(filesize($f='../foto/'.substr($foto_id, -2).'/'.substr($foto_id, -4, 2).'/'.$foto_id.'/upload.jpeg') / 1000),
);
//var_dump($params);
}
$tot_tax = round(100*$tot_amount - 100*$tot_amount/1.19) / 100;
$INFO = array(
'client' => $_SESSION['CLIENT'],
'amount' => $tot_amount,
'tax' => $tot_tax,
);
if($_SESSION['KARTE']){
if(isset($_REQUEST['karte_nummer'])){
$_REQUEST['karte_nummer'] = trim($_REQUEST['karte_nummer']);
}else{
$_REQUEST['karte_nummer'] = '';
}
if(isset($_REQUEST['karte_name'])){
$_REQUEST['karte_name'] = trim($_REQUEST['karte_name']);
}else{
$_REQUEST['karte_name'] = '';
}
$INFO['karte_name'] = $_REQUEST['karte_name'];
$INFO['karte_nummer'] = $_REQUEST['karte_nummer'];
}
if($tot_amount == 0){
$INFO['valid_until'] = time() + 60*60;
}
$ERRORS = array();
if(isset($_REQUEST['next'])){
// fotos
if(count($FOTOS) == 0){
$ERRORS[] = 'Es sind keine Fotos ausgewählt';
}
// KARTE: name & nummer
if($_SESSION['KARTE']){
$Q = mysql_query('SELECT id FROM paypal_nwkarte WHERE name=\''.mysql_real_escape_string($_REQUEST['karte_name']).'\' AND nummer=\''.mysql_real_escape_string(ltrim($_REQUEST['karte_nummer'], '0')).'\'');
list($id) = mysql_fetch_row($Q);
mysql_free_result($Q);
if(!$id){
$ERRORS[] = 'Der Name und die Kundennummer passen nicht zueinander.
Bitte rufen Sie uns an unter: 0521 / 555 888';
}
}
// AGB
if(!isset($_REQUEST['agb'])){
$ERRORS[] = 'Die AGB müssen akzeptiert werden';
}
if(count($ERRORS) > 0){
unset($_REQUEST['next']);
}
}
// id erstellen!!
if(isset($_REQUEST['next'])){
do{
$id = substr(md5('pictools-paypal-bridge-id-generator:'.time().':'.mt_rand()), 0, 16);
}while(! mysql_query('INSERT INTO paypal_download (unique_id,datetime,ip,info,foto) VALUES (\''.$id.'\', \''.gmdate('Y-m-d H:i:s').'\', \''.mysql_real_escape_string($_SERVER['REMOTE_ADDR']).'\', \''.mysql_real_escape_string(json_encode($INFO)).'\', \''.mysql_real_escape_string(json_encode($FOTOS)).'\')'));
$Q = mysql_query('SELECT nummer FROM paypal_download WHERE unique_id=\''.$id.'\'');
list($nummer) = mysql_fetch_row($Q);
mysql_free_result($Q);
}
head($_SESSION['CLIENT']);
if(isset($_REQUEST['next'])){
echo '';
echo 'Ihr Warenkorb (#'.$nummer.') enthält:
';
echo 'Diese Seite drucken';
echo ' |
';
}
foreach($FOTOS AS $I){
echo '';
echo ' ';
echo ' | ';
echo ''.$I['strecke_titel'].'';
echo ' |
';
/* if($I['sektion_titel'] != ''){
echo $I['sektion_titel'].'
';
}
echo 'Bild nr: '.($I['sort']+1).'
';*/
echo 'Betrag: '.nf($I['amount']).' €
';
// echo 'Steuer enthalten: '.nf($I['tax']).' €
';
echo 'Auflösung: '.$I['size_arc_w'].' × '.$I['size_arc_h'].' Pixel
';
if($I['size_arc'] < 1000){
echo 'Größe: '.$I['size_arc'].' kB
';
}else{
echo 'Größe: '.nf($I['size_arc']/1000, 1).' MB
';
}
$mp = $I['size_arc_w'] * $I['size_arc_h'] / 1000000;
if($mp < 2){
// kein hinweis, da klein!!
}else if($mp < 3){
echo '
Das Foto eignet sich für
Fotoabzüge bis 10 × 15 cm';
}else if($mp <= 6){
echo '
Das Foto eignet sich für
Fotoabzüge bis 13 × 18 cm';
}else if($mp <= 10){
echo '
Das Foto eignet sich für
Fotoabzüge bis 20 × 30 cm';
}else if($mp <= 14){
echo '
Das Foto eignet sich für
Fotoabzüge bis 30 × 45 cm';
}else{
echo '
Das Foto eignet sich für
Fotoabzüge bis 40 × 60 cm';
}
echo ' |
';
if(count($FOTOS) > 0 && !isset($_REQUEST['next'])){
echo '
';
}
echo ' |
';
}
echo ' |
';
echo ' | ';
echo '';
echo 'Betrag: '.nf($tot_amount).' €
';
echo 'enthaltene MwSt. 19%: '.nf($tot_tax).' €
';
echo ' |
';
if(!isset($_REQUEST['next'])){
echo '';
}else if($tot_amount == 0){
mysql_query('UPDATE paypal_download SET payment_status=\'*Free\' WHERE unique_id=\''.mysql_real_escape_string($id).'\'');
echo '';
echo '
';
echo 'hier runterladen';
echo ' |
';
// clear warenkorb
unset($_SESSION['WARENKORB']);
}else{
echo '';
echo '| ';
echo '';
echo ' | ';
echo ' ';
if(TEST){
echo ' | Kann nicht abgeschlossen werden wegen testsystem!';
}
echo ' |
';
echo ' |
';
}
$params = $_SESSION['PARAMS'];
if($_SESSION['KARTE']){
$params = $params['karte'];
}
$out = '
';
if(isset($params['preis'])){
$out .= 'Jedes Bild kostet '.number_format($params['preis'], 2, ',', '.').' €.
';
}else if(isset($params['staffelung'])){
$prices = $params['staffelung'];
$any = array_pop($prices);
foreach($prices as $k => $v){
$out .= ($k == 0 ? 'Das' : 'das').' '.($k+1).'. Bild kostet '.number_format($v, 2, ',', '.').' €,
';
}
$out .= 'jedes weitere Bild kostet '.number_format($any, 2, ',', '.').' €.
';
}
if(isset($params['preis']) && $params['preis'] == 0){
foot('', true);
}else{
foot($out);
}
/*
echo '
';
var_dump($_SESSION['WARENKORB'], $INFO, $FOTOS);
*/
function nf($num, $dec=2){
return number_format($num, $dec, ',', '.');
}
function encryptButton($parameters, $CLIENT){
global $SANDBOX;
// gen two temp files
$inFile = tempnam(sys_get_temp_dir(), 'paypal_crypt_in');
$outFile = tempnam(sys_get_temp_dir(), 'paypal_crypt_out');
// initialize data
$data = fopen($inFile, 'w');
foreach($parameters as $k => $v){
fwrite($data, $k.'='.$v."\n");
}
fclose($data);
// sign it
if (!openssl_pkcs7_sign($inFile, $outFile, $CLIENT['my_certificate'], $CLIENT['my_private_key'], array(), PKCS7_BINARY)){
return false;
}
// encode it
$signedData = explode("\n\n", file_get_contents($outFile));
file_put_contents($inFile, base64_decode($signedData[1]));
// encrypt it
if (!openssl_pkcs7_encrypt($inFile, $outFile, $CLIENT['paypal_certificate'.($SANDBOX ? '_sandbox' : '')], array(), PKCS7_BINARY)){
return false;
}
// get the result
$encryptedData = explode("\n\n", file_get_contents($outFile));
// delete temp files
@unlink($inFile);
@unlink($outFile);
// return
return '-----BEGIN PKCS7-----'."\n".$encryptedData[1]."\n".'-----END PKCS7-----';
}
function array_alloc_equal($a1, $a2){
// eleminate all those who are equal from both
foreach($a1 AS $k => $v){
if(!isset($a2[$k])){
return false;
}else{
if(is_array($v) && is_array($a2[$k])){
// recursive call
if(!array_alloc_equal($v, $a2[$k])){
return false;
}
}else if($v !== $a2[$k]){
// mismatch
return false;
}
// remove "seen" keys
unset($a2[$k]);
}
}
return count($a2) == 0;
}
?>