<?
###############################################################################
# PROGRAM     : DOPAYS                                                        #
# VERSION     : 2.64.87                                                       #
# AUTHOR      : Dmitry Pereuda                                                #
# COPYRIGHTS  : DOSWARE TEAM                                                  #
#                                                                             #
# RELEASED BY : WDYL-WTN                                                      #
###############################################################################
# All source code, images, programs, files included in this distribution      #
# Copyright (C)2003 DOSWARE TEAM. All Rights Reservded.                       #
###############################################################################
# While we distribute the source code for our scripts and you are allowed  to #
# edit them to better suit your  needs,  we  do  not support  modified  code. #
# Please see the license prior to changing anything.  You  must  agree to the #
# license terms before using this software  package  or  any  code  contained #
# herein.                                                                     #
###############################################################################
# Any redistribution without permission of Dmitry Pereuda  (DOSWARE TEAM)  is #
# strictly forbidden.                                                         #
###############################################################################
$data['PageName']='ORDER DETAILS';
$data['PageFile']='process';
$data['HideMenu']=true;
###############################################################################
include('config.htm');
###############################################################################
if(!$post['step']){
	if($post['action']=='product'||$post['action']=='subscription'){
		$post['owner']=get_member_id($post['member']);
		if(!$post['owner']){
			header("Location:{$data['Host']}/index.htm");
			echo('ACCESS DENIED.');
			exit;
		}
		$product=select_product_details($post['product'], $post['owner']);
		if(!$product){
			header("Location:{$data['Host']}/index.htm");
			echo('ACCESS DENIED.');
			exit;
		}
		foreach($product as $key=>$value){
			$_SESSION[$key]=$value;
			$post[$key]=$value;
		}
		$_SESSION['pid']=$product['id'];
		$_SESSION['product']=$product['name'];
		$_SESSION['action']=$post['action'];
	}elseif($post['action']=='payment'){
		if(!$post['price']){
			header("Location:{$data['Host']}/index.htm");
			echo('ACCESS DENIED.');
			exit;
		}
		foreach($data['FormParams'] as $value)$_SESSION[$value]=$post[$value];
		$_SESSION['owner']=get_member_id($post['member']);
	}else{
		header("Location:{$data['Host']}/index.htm");
		echo('ACCESS DENIED.');
		exit;
	}
	if($data['UseTuringNumber'])$_SESSION['turing']=gencode();
	if(!$_SESSION['quantity'])$_SESSION['quantity']=1;
	$post['step']=1;
}
###############################################################################
if($post['back'])$post['step']--;
###############################################################################
if($post['step']==1){
	foreach($data['FormParams'] as $value){
		if($_SESSION[$value])$post[$value]=$_SESSION[$value];
	}
	$post['member']=get_member_username($post['owner']);
	$post['total']=($post['price']+$post['setup']+$post['tax']+$post['shipping'])*$post['quantity'];
	$_SESSION['total']=$post['total'];
	if($post['send']){
		unset($_SESSION['ufound']);
		if(!$post['username']){
			$data['Error']='Your username can not be empty.';
		}elseif(!$post['password']){
			$data['Error']='Your password can not be empty.';
		}elseif($post['owner']==get_member_id($post['username'])){
			$data['Error']='You cannot send money to yourself.';
		}elseif($data['UseTuringNumber']&&
		(!$post['turing']||strtoupper($post['turing'])!=$_SESSION['turing'])){
			$data['Error']='Please enter valid turing number.';
		}elseif(!is_member_active($post['username'], $post['password'])){
			$data['Error']='This username is not found, inactive or banned.';
		}elseif(!is_member_found($post['username'], $post['password'])){
			$data['Error']='Your have entered a wrong username or password.';
		}elseif($post['price']>select_balance(get_member_id($post['username']))){
			$data['Error']='You do not have enough money in your account.';
		}else{
			$_SESSION['ufound']=true;
			$_SESSION['buyer']=get_member_id($post['username'], $post['password']);
			$post['step']++;
		}
	}
}elseif($post['step']==2){
	if($_SESSION['ufound']){
		if($_SESSION['action']=='product'){
			update_sold($_SESSION['pid'], $_SESSION['quantity']);
		}elseif($_SESSION['action']=='subscription'){
			update_sold($_SESSION['pid'], $_SESSION['quantity']);
			insert_subscription($_SESSION['owner'], $_SESSION['buyer'], $_SESSION['pid']);
		}
		$fees=($_SESSION['total']*$data['PaymentPercent']/100)+$data['PaymentFees'];
		transaction(
			$_SESSION['buyer'],
			$_SESSION['owner'],
			$_SESSION['total'],
			$fees,
			0,
			1,
			$post['notes']
		);
		$post['fees']=prnsumm($fees);
		$post['buyer']=get_member_email($_SESSION['buyer']);
		$post['amount']=prnsumm($_SESSION['total']);
		$post['username']=get_member_username($_SESSION['buyer']);
		$post['comments']=($post['notes']?$post['notes']:'N/A');
		if($_SESSION['action']!='subscription'){
			$post['email']=$post['buyer'];
			send_email('PAYMENT-MONEY', $post);
			$post['email']=get_member_email($_SESSION['owner']);
			send_email('PAYMENT-MONEY-TO-OWNER', $post);
		}else{
			$post['email']=$post['buyer'];
			send_email('SUBSCRIPTION-MONEY', $post);
			$post['email']=get_member_email($_SESSION['owner']);
			send_email('SUBSCRIPTION-MONEY-TO-OWNER', $post);
		}
		$back['pid']=$_SESSION['pid'];
		$back['pname']=$_SESSION['product'];
		$back['buyer']=get_member_username($_SESSION['buyer']);
		$back['total']=$_SESSION['total'];
		$back['action']=$_SESSION['action'];
		$back['quantity']=$_SESSION['quantity'];
		$back['comments']=$post['notes'];
		$back['referer']=$data['Host'];
		$unotify=$_SESSION['unotify'];
		$ureturn=$_SESSION['ureturn'];
		$ucancel=$_SESSION['ucancel'];
		foreach($_SESSION as $key=>$value)unset($_SESSION[$key]);
		session_destroy();
		if($unotify)use_curl($unotify, $back);
		if(!$ureturn)$ureturn="{$data['Host']}/index.htm";
		header("Location:{$ureturn}");
		echo('ACCESS DENIED.');
		exit;
	}
}
###############################################################################
display();
###############################################################################
?>