Could you provide the full content of this file?
This is full content of the file:
use Tygh\Bootstrap;
use Tygh\Debugger;
use Tygh\Exceptions\DatabaseException;
use Tygh\Registry;
define('AREA', 'C');
function update_stock($order_info) {
$ids = array();
if (!empty($order_info[‘products’])) {
foreach ($order_info[‘products’] as $k => $v) {
$id = $v[‘product_id’];
$qty = $v[‘amount’];
if($id && $qty) {
$sql = “UPDATE cscart_products SET amount = amount - “.$qty.” WHERE product_id=” . $id . " AND amount >= " . $qty;
db_query($sql);
$sql = "UPDATE cscart_product_options_inventory SET amount = amount - ".$qty." WHERE product_id=" . $id . " AND amount >= " . $qty;
db_query($sql);
}
}
}
}
try {
// Register autoloader
$this_dir = dirname(__FILE__);
$classLoader = require($this_dir . '/app/lib/vendor/autoload.php');
$classLoader->add('Tygh', $this_dir . '/app');
// Prepare environment and process request vars
list($_REQUEST, $_SERVER) = Bootstrap::initEnv($_GET, $_POST, $_SERVER, $this_dir);
// Get config data
$config = require(DIR_ROOT . '/config.php');
if (isset($_REQUEST['version'])) {
$product_name = (PRODUCT_EDITION == 'ULTIMATE' ? PRODUCT_NAME : 'Multi-Vendor');
die($product_name . ' ' . PRODUCT_VERSION . ' ' . (PRODUCT_STATUS != '' ? (' (' . PRODUCT_STATUS . ')') : '') . (PRODUCT_BUILD != '' ? (' ' . PRODUCT_BUILD) : '') . '');
}
Debugger::init();
// Start debugger log
Debugger::checkpoint('Before init');
// Check if software is installed
if ($config['db_host'] == '%DB_HOST%') {
$product_name = (PRODUCT_EDITION == 'ULTIMATE' ? PRODUCT_NAME : 'Multi-Vendor');
die($product_name . ' is not installed. Please click here to start the installation process: [install]');
}
// Load core functions
$fn_list = array(
'fn.database.php',
'fn.users.php',
'fn.catalog.php',
'fn.cms.php',
'fn.cart.php',
'fn.locations.php',
'fn.common.php',
'fn.fs.php',
'fn.images.php',
'fn.init.php',
'fn.control.php',
'fn.search.php',
'fn.promotions.php',
'fn.log.php',
'fn.companies.php',
'fn.addons.php'
);
$fn_list[] = 'fn.' . strtolower(PRODUCT_EDITION) . '.php';
foreach ($fn_list as $file) {
require($config['dir']['functions'] . $file);
}
Registry::set('class_loader', $classLoader);
Registry::set('config', $config);
unset($config);
// Connect to database
if (!db_initiate(Registry::get('config.db_host'), Registry::get('config.db_user'), Registry::get('config.db_password'), Registry::get('config.db_name'))) {
throw new DatabaseException('Cannot connect to the database server');
}
register_shutdown_function(array('\\Tygh\\Registry', 'save'));
// define lifetime for the cache data
date_default_timezone_set('UTC'); // setting temporary timezone to avoid php warnings
if (defined('API')) {
fn_init_stack(
array('fn_init_api')
);
}
fn_init_stack(
array('fn_init_storage'),
array('fn_init_ua')
);
if (fn_allowed_for('ULTIMATE')) {
fn_init_stack(array('fn_init_store_params_by_host', &$_REQUEST));
}
fn_init_stack(
array(array('\\Tygh\\Session', 'init'), &$_REQUEST),
array('fn_init_ajax'),
array('fn_init_company_id', &$_REQUEST),
array('fn_check_cache', $_REQUEST),
array('fn_init_settings'),
array('fn_init_addons'),
array('fn_get_route', &$_REQUEST),
array('fn_simple_ultimate', &$_REQUEST)
);
if (!fn_allowed_for('ULTIMATE:FREE')) {
fn_init_stack(array('fn_init_localization', &$_REQUEST));
}
fn_init_stack(array('fn_init_language', &$_REQUEST),
array('fn_init_currency', &$_REQUEST),
array('fn_init_company_data', $_REQUEST),
array('fn_init_full_path', $_REQUEST),
array('fn_init_layout', &$_REQUEST),
array('fn_init_user'),
array('fn_init_templater')
);
} catch (Tygh\Exceptions\AException $e) {
$e->output();
}
$order_id = $_POST['invoice_id'];
$order_info = fn_get_order_info($order_id);
//print_r($_POST); exit;
// TODO
//print_r($order_info); exit;
//$key=$processor_data['processor_params']['secret_word'];
$key="8D822SWER2345234530F768B7B1WE2349149";
$zcrsp = array (
'amount' => addslashes(trim(@$_POST['amount'])), //original amount
'curr' => addslashes(trim(@$_POST['curr'])), //original currency
'invoice_id' => addslashes(trim(@$_POST['invoice_id'])),//original invoice id
'ep_id' => addslashes(trim(@$_POST['ep_id'])), //Euplatesc.ro unique id
'merch_id' => addslashes(trim(@$_POST['merch_id'])), //your merchant id
'action' => addslashes(trim(@$_POST['action'])), // if action ==0 transaction ok
'message' => addslashes(trim(@$_POST['message'])),// transaction responce message
'approval' => addslashes(trim(@$_POST['approval'])),// if action!=0 empty
'timestamp' => addslashes(trim(@$_POST['timestamp'])),// meesage timestamp
'nonce' => addslashes(trim(@$_POST['nonce'])),
);
$zcrsp['fp_hash'] = strtoupper(euplatesc_mac($zcrsp, $key));
$fp_hash=addslashes(trim(@$_POST['fp_hash']));
if($zcrsp['fp_hash']===$fp_hash) {
// start facem update in baza de date
if($zcrsp['action']=="0") {
fn_change_order_status($order_id, 'C');
//fn_finish_payment($order_id, "C", true);
fn_finish_payment($order_id, array('order_status' => "C"), true);
fn_order_placement_routines('route', $order_id, true);
//fn_order_placement_routines_euplatesc($order_id);
//include "ep_succes.php";
echo "Successfully completed";
update_stock($order_info);
}
else {
//include "ep_esec.php";
fn_finish_payment($order_id, array('order_status' => "F"), true);
echo "Tranzaction failed" . $zcrsp['message'];
}
// end facem update in baza de date
}
else {
echo "Invalid signature";
}
function hmacsha1($key,$data) {
$blocksize = 64;
$hashfunc = ‘md5’;
if(strlen($key) > $blocksize)
$key = pack(‘H*’, $hashfunc($key));
$key = str_pad($key, $blocksize, chr(0x00));
$ipad = str_repeat(chr(0x36), $blocksize);
$opad = str_repeat(chr(0x5c), $blocksize);
$hmac = pack(‘H*’, $hashfunc(($key ^ $opad) . pack(‘H*’, $hashfunc(($key ^ $ipad) . $data))));
return bin2hex($hmac);
}
// ===========================================================================================
function euplatesc_mac($data, $key = NULL)
{
$str = NULL;
foreach($data as $d)
{
if($d === NULL || strlen($d) == 0)
$str .= ‘-’; // valorile nule sunt inlocuite cu -
else
$str .= strlen($d) . $d;
}
$key = pack(‘H*’, $key);
return hmacsha1($key, $str);
}
?>
Thanks for looking into this!