| Server IP : 162.214.74.102 / Your IP : 216.73.216.139 Web Server : Apache System : Linux dedi-4363141.lrsys.com.br 3.10.0-1160.119.1.el7.tuxcare.els25.x86_64 #1 SMP Wed Oct 1 17:37:27 UTC 2025 x86_64 User : lrsys ( 1015) PHP Version : 5.6.40 Disable Function : exec,passthru,shell_exec,system MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /home/lrsys/www/lrsys_projetos/sopizzas/application/controllers/ |
Upload File : |
<?php
include_once("includes/main_init.php");
include_once "paypalDirectPaymentClass.php";
$myarray=array();
$cardType = $_POST['cardType'];
$cardNumber = $_POST['cardNumber'];
$cardExpMonth = $_POST['cardExpMonth'];
$cardExpYear = $_POST['cardExpYear'];
$totalAmount = $_POST["totalAmount"];
$cardExpDate = $cardExpMonth.$cardExpYear;
$cardCVV2= $_POST['cardCVV'];
$userId = $_POST['user_id'];
//`template_name`, `template`, `subject`
$orderEmailTemplate = find("first", EMAIL_TEMPLATE, "*", "where template_name=:template_name", array(":template_name"=>CUSTOMER_ORDER_TEMPLATE));
$isExsistingCard = $_POST["isExsistingCard"];
$findCardDetails = find("first", CREDIT_CARD_DETAILS, "*", "where customer_id=:customer_id", array(":customer_id"=>$userId));
$customer = find("first", CUSTOMER, "*", "where customer_id=:customer_id", array(":customer_id"=>$userId));
$isSameCard = false;
if(!empty($findCardDetails))
{
$isSameCard = true;
}
if($isExsistingCard == "YES")
{
//customer_id, cc_type, cc_number, cc_exp_month, cc_exp_year, cc_cvv, cc_time
$cardType = $findCardDetails['cc_type'];
$cardNumber = cp_decrypt($findCardDetails['cc_number'], $findCardDetails['cc_time']);
$cardExpMonth = $findCardDetails['cc_exp_month'];
$cardExpYear = $findCardDetails['cc_exp_year'];
$cardExpDate = $cardExpMonth.$cardExpYear;
$cardCVV2= cp_decrypt($findCardDetails['cc_cvv'], $findCardDetails['cc_time']);
}
$time = time();
$encrypt_card_no = cp_encrypt($cardNumber, $time);
$cardCVV = cp_encrypt($cardCVV2, $time);
$uid = $_POST["cart"];
$res_id = $_POST["res_id"];
$customer_name = $_POST["customer_name"];
$customer_lastname = $_POST["customer_lastname"];
$customer_phone = $_POST["customer_phone"];
//$customer_email = "earthtechnology10@gmail.com";
$customer_buildtype = $_POST["customer_buildtype"];
$customer_crossstreet = $_POST["customer_crossstreet"];
$customer_landmark = $_POST["customer_landmark"];
$ordertime = $_POST["order_time"];
$orderdate = $_POST["order_date"];
//$myarray["post"] = $_POST;
$customer_zipcode = $_POST["customer_zipcode"];
$instructionsVal =$_POST["instructionsVal"];
$tip = $_POST["tip"];
$offer = $_POST["offer"];
$DeliveryCharge = $_POST["DeliveryCharge"];
$execute = array(':restaurant_id' => $res_id);
//restaurant_id, restaurant_estimated_time, restaurant_name, restaurant_delivery_charge, restaurant_minorder_price, restaurant_salestax, restaurant_commission_fixed, restaurant_commission_percnt, restaurant_commissiontype
$detail = find("first", RESTAURANT, "restaurant_id, restaurant_estimated_time, restaurant_name, restaurant_delivery_charge, restaurant_minorder_price, restaurant_salestax, restaurant_commission_fixed, restaurant_commission_percnt, restaurant_commissiontype", "where restaurant_id=:restaurant_id", $execute);
$isFixedCommision = true;
$comissionValue = $detail["restaurant_commission_fixed"];
if($detail["restaurant_commission_fixed"] == "")
{
$isFixedCommision = false;
$comissionValue = $detail["restaurant_commission_percnt"];
}
//delivery_by_admin_fee, delivery_by_restaurant, delivery_by_admin, estimated_delivery_time, admin_minorder_price, driver_payout
$settings = find("first", GENERAL_SETTINGS, "*", "WHERE 1", array());
$driverCommission = $settings["driver_payout"];
//echo json_encode($myarray);
//exit;
if(isset($order_time) && $order_time!='')
{
$ctime=explode(":",$order_time);
}
//$orderdate=$ctime[2]."-".$ctime[3]."-".$ctime[4];
//$ordertime=$ctime[0]."-".$ctime[1];
$orderType = $_POST["orderType"];
//exit;
if($orderType=='d')
{
$orderType="delivery";
}
else
{
$orderType="pickup";
}
//$userid='4995';
//$cart_existsval=unserialize(base64_decode($uid));
$cart_existsval = json_decode($uid, true);
$dataString='';
$myc_total_price = 0;
$myc_main_total =0;
$customer_email = $customer["customer_email"];
$address = $customer_crossstreet.', '.$customer_zipcode;
if($address!='') {
$geo = file_get_contents('http://maps.googleapis.com/maps/api/geocode/json?address='.urlencode($address).'&sensor=false');
// We convert the JSON to an array
$geo = json_decode($geo, true);
// If everything is cool
if ($geo['status'] = 'OK') {
// We set our values
$latitude = isset($geo['results'][0]['geometry']['location']['lat'])? $geo['results'][0]['geometry']['location']['lat']: DEFAULT_LAT;
$longitude = isset($geo['results'][0]['geometry']['location']['lng'])? $geo['results'][0]['geometry']['location']['lng'] : DEFAULT_LONG;
}
else {
$latitude = DEFAULT_LAT;
$longitude = DEFAULT_LONG;
}
}
else {
$latitude = DEFAULT_LAT;
$longitude = DEFAULT_LONG;
}
$requestParams = array(
'IPADDRESS' => $_SERVER['REMOTE_ADDR'], // Get our IP Address
'PAYMENTACTION' => 'Sale'
);
$creditCardDetails = array(
'CREDITCARDTYPE' => $cardType,
'ACCT' => $cardNumber,
'EXPDATE' => $cardExpDate, // Make sure this is without slashes (NOT in the format 07/2017 or 07-2017)
'CVV2' => $cardCVV2
);
$payerDetails = array(
'FIRSTNAME' => $customer_name,//$customer["customer_name"],
'LASTNAME' => $customer_lastname,//$customer["customer_lastname"],
'COUNTRYCODE' => 'US',
'STATE' => $customer["customer_state"],
'CITY' => $customer["customer_city"],
'STREET' => $customer["customer_crossstreet"],//customer_street
'ZIP' => $customer["customer_zip"]
);
$orderParams = array(
'AMT' => $totalAmount, // This should be equal to ITEMAMT + SHIPPINGAMT
'ITEMAMT' => $totalAmount,
'SHIPPINGAMT' => '0',
'CURRENCYCODE' => 'USD' // USD for US Dollars
);
$item = array(
'L_NAME0' => 'Dine2You Order',
'L_DESC0' => '',
'L_AMT0' => $totalAmount,
'L_QTY0' => '1'
);
$paypal = new Paypal();
$response = $paypal -> request('DoDirectPayment',
$requestParams + $creditCardDetails + $payerDetails + $orderParams + $item
);
function numberFormat($value)
{
return number_format($value, 2, ".", "");
}
if( is_array($response) && $response['ACK'] == 'Success') { // Payment successful
// We'll fetch the transaction ID for internal bookkeeping
$transactionId = $response['TRANSACTIONID'];
if(!$isSameCard)
{
save(CREDIT_CARD_DETAILS, "customer_id, cc_type, cc_number, cc_exp_month, cc_exp_year, cc_cvv, cc_time", ":customer_id, :cc_type, :cc_number, :cc_exp_month, :cc_exp_year, :cc_cvv, :cc_time", array(":customer_id"=>$userId, ":cc_type"=>$cardType, ":cc_number"=>$encrypt_card_no, ":cc_exp_month"=>$cardExpMonth, ":cc_exp_year"=>$cardExpYear, ":cc_cvv"=>$cardCVV, ":cc_time"=>$time));
}
else{
update(CREDIT_CARD_DETAILS, "cc_type=:cc_type, cc_number=:cc_number, cc_exp_month=:cc_exp_month, cc_exp_year=:cc_exp_year, cc_cvv=:cc_cvv, cc_time=:cc_time", "where customer_id=:customer_id", array(":customer_id"=>$userId, ":cc_type"=>$cardType, ":cc_number"=>$encrypt_card_no, ":cc_exp_month"=>$cardExpMonth, ":cc_exp_year"=>$cardExpYear, ":cc_cvv"=>$cardCVV, ":cc_time"=>$time));
}
$txn_id = $transactionId;
if($cart_existsval!='')
{
//deliverylatitude, deliverylongitude, orderdate
$execute1 = array(':restaurant_id' => $res_id);
$res = find("first", RESTAURANT, "*", "where restaurant_id =:restaurant_id", $execute1);
$settings = find("first", GENERAL_SETTINGS, "*", "WHERE 1", array());
if($res['restaurant_estimated_time'] == "")
{
$res["restaurant_estimated_time"] = $settings['estimated_delivery_time'];
}
$orderdate = $res["restaurant_estimated_time"]." mins";
$fields_member="restaurant_id,restaurant_name,customer_id,usertype,customername,customerlastname,customeremail,customercellphone,deliverydoornumber,deliverystreet,deliverylandmark,deliverytype,deliverydate, deliverytime, payment_type,transaction_id, deliveryzip, instructions, status, deliverylatitude, deliverylongitude, orderdate";
$values_member=":restaurant_id,:restaurant_name,:customer_id,:usertype,:customername,:customerlastname,:customeremail,:customercellphone,:deliverydoornumber,:deliverystreet,:deliverylandmark,:deliverytype,:deliverydate, :deliverytime, :payment_type,:transaction_id, :deliveryzip, :instructions, :status, :deliverylatitude, :deliverylongitude, :orderdate";
$execute_member=array(':restaurant_id'=> trim($res_id),':restaurant_name'=> trim(htmlentities($res['restaurant_name'])),':customer_id'=> trim($userId),':usertype'=> 'C',':customername'=> trim(htmlentities($customer_name)),':customerlastname'=> trim(htmlentities($customer_lastname)),':customeremail'=> $customer["customer_email"],':customercellphone'=> $customer_phone,':deliverydoornumber'=> trim(htmlentities($customer_buildtype)),':deliverystreet'=> trim(htmlentities($customer_crossstreet)),':deliverylandmark'=> trim(htmlentities($customer_landmark)),':deliverytype'=> trim(htmlentities($orderType)),':deliverydate'=>$orderdate, ':deliverytime'=>$ordertime, ':payment_type'=> 'CC',':transaction_id'=> trim(htmlentities($txn_id)), ":deliveryzip"=>$customer_zipcode, ":instructions"=>$instructionsVal, ":status"=>"In Preparation", ":deliverylatitude"=>$latitude, ":deliverylongitude"=>$longitude, ":orderdate"=>date("Y-m-d H:i:s"));
$mainorder=save(ORDER, $fields_member, $values_member, $execute_member);
$myc_addon_total_price = 0;
$myc_calories = 0;
$show_calories = 0;
$menu_quantity = 0;
$addonname='';
$cart_items = "";
//print_r($cart_existsval);
foreach($cart_existsval['cart'] as $k=>$list)
{
//$unitPrice = numberFormat(($list['menu_price']-($list["addons_price"]))/$list["quantity"]);
$unitPrice = numberFormat($list["item_price"]);
//if($_POST["size_name"] == "")
//{
// $find_menu = find("first", RESTAURANT_MENU, "menu_price", "where id=:id and restaurant_id=:restaurant_id", array(":id"=>$list['menu_id'], ":restaurant_id"=>$res_id));
// $unitPrice = $find_menu["menu_price"];
//}else{
// $find_menu_size = find("first", RESTAURANT_MENU_SIZE, "menu_slice_price", "where menu_slice_menuid=:menu_slice_menuid and menu_slice_name=:menu_slice_name", array(":menu_slice_menuid"=>$list['menu_id'], ":menu_slice_name"=>trim($_POST["size_name"])));
// $unitPrice = $find_menu_size["menu_slice_price"];
//}
//$unitPrice = numberFormat($unitPrice);
//tax_per=:tax_per, ordersubtotal=:ordersubtotal, res_comm_perchantage=:res_comm_perchantage, res_comm_price=:res_comm_price,
$fields_member="menuid,restaurantid,orderid,menuname,menuprice,quantity,tot_menuprice,addonsname,addonsprice, specialinstruction";
$values_member=":menuid,:restaurantid,:orderid,:menuname,:menuprice,:quantity,:tot_menuprice,:addonsname,:addonsprice, :specialinstruction";
$execute_member=array(':menuid'=> $list['menu_id'],':restaurantid'=> $res_id,':orderid'=> $mainorder,':menuname'=> trim(htmlentities($list['menu_name'])),':menuprice'=> $unitPrice,':quantity'=> $list["quantity"],':tot_menuprice'=> numberFormat($list['menu_price']),':addonsname'=> trim(htmlentities($list["addons"])),':addonsprice'=> numberFormat($list["addons_price"]), ":specialinstruction"=>$list["specialinstruction"]);
$ladtcus=save(RESTAURANT_CART, $fields_member, $values_member, $execute_member);
$cart_items .= '<tr class="even" style="">';
$cart_items .= '<td style="text-align: center;">'.($k+1).'</td>';
if($list["addons"] != "")
{
$cart_items .= '<td style="text-align: center;">'.trim(htmlentities($list['menu_name'])).'<br />'.trim(htmlentities($list["addons"])).'</td>';
}else{
$cart_items .= '<td style="text-align: center;">'.trim(htmlentities($list['menu_name'])).'</td>';
}
$cart_items .= '<td style="text-align: center;">'.$list["quantity"].'</td>';
$cart_items .= '<td style="text-align: center;">$'.$unitPrice.'</td>';
$cart_items .= '<td style="text-align: center;">$'.numberFormat($list['menu_price']).'</td>';
$cart_items .= '</tr>';
}
if($orderType=="delivery")
{
$dcharged=$res['restaurant_delivery_charge'];
}
else
{
$dcharged=0;
}
$txxprice=$_POST["tax"];
$myc_total_price_sub = $_POST["sub_total"];
$item_total = ($myc_total_price_sub - $txxprice - $tip);
if($isFixedCommision)
{
$restaurantCommission = $comissionValue;
}else{
$restaurantCommission = ($item_total * $comissionValue)/100;
}
$myc_total_price = $_POST["total"];
$fields1="ordergenerateid=:ordergenerateid,ordertotalprice=:ordertotalprice,taxvalue=:taxvalue,orderdate=:orderdate, driver_commission=:driver_commission, commission=:commission, delivery_charged=:delivery_charged, tip=:tip, offervalue=:offer, tax_per=:tax_per, ordersubtotal=:ordersubtotal, res_comm_perchantage=:res_comm_perchantage, res_comm_price=:res_comm_price, menuprice_total=:menuprice_total, foodassoonas=:foodassoonas";
$values1="WHERE orderid=:orderid";
$execute1=array(':ordergenerateid'=> 'ORD'.$mainorder,
':ordertotalprice'=> numberFormat($myc_total_price),
":menuprice_total"=>numberFormat($item_total),
':taxvalue'=> numberFormat($txxprice),
':orderdate'=> date('Y-m-d H:i:s'),
':orderid'=>$mainorder,
":driver_commission"=>numberFormat($driverCommission),
":commission"=>numberFormat($restaurantCommission),
":delivery_charged"=>numberFormat($DeliveryCharge),
":tip"=>numberFormat($tip),
":offer"=>numberFormat($offer),
":foodassoonas"=>$_POST["checkout_asap"],
":tax_per"=>$detail["restaurant_salestax"],
":ordersubtotal"=>numberFormat($myc_total_price_sub),
":res_comm_perchantage"=>$detail["restaurant_commission_percnt"] != "" ? $detail["restaurant_commission_percnt"] : "",
":res_comm_price"=>$detail["restaurant_commission_fixed"] !="" ? $detail["restaurant_commission_fixed"] : "",
);
$sv_mchne1=update(ORDER, $fields1, $values1,$execute1);
//print_r($execute1);
//exit;
}
/*EMAIL TEMPLATES*/
$variables['image_path'] = BASE_URL.'assets/';
$variables['customer_email'] = $customer_email;
$variables['order_id'] = 'ORD'.$mainorder;
$variables['customer_name'] = $customer["customer_name"]." ".$customer["customer_lastname"];
$variables['cart_items'] = $cart_items;
$variables['total_item_price_label'] = "Total Item Price";
$variables['total_item_price'] = numberFormat($item_total);
$variables['tax_label'] = "Tax(".$detail["restaurant_salestax"]."%)";
$variables['tax_amount'] = numberFormat($txxprice);
$variables['sub_total_label'] = "Sub Total";
$variables['sub_total_amount'] = numberFormat($myc_total_price_sub);
$variables['delivery_charge_label'] = "Delivery Charge";
$variables['delivery_charge_amount'] = numberFormat($DeliveryCharge);
$variables['tips_label'] = "Tips";
$variables['tips_amount'] = numberFormat($tip);
$variables['offer_label'] = "Coupon Discount";
$variables['offer_amount'] = numberFormat($offer);
$variables['grand_total_label'] = "Grand Total";
$variables['grand_total'] = numberFormat($totalAmount);
$variables['site_address'] = SITE_ADDRESS;
$variables['sender_name'] = SITENAME;
$variables['site_name'] = SITENAME;
$mail_Body=htmlspecialchars_decode($orderEmailTemplate["template"]);
$subject = $orderEmailTemplate["subject"];
foreach($variables as $key => $value) {
$mail_Body = str_replace('{{'.$key.'}}', $value, $mail_Body);
}
@Send_HTML_Mail($customer_email, '', '', $subject, $mail_Body);
array_push($myarray,array('message' => 'Thank you. You have successfully placed your order.', "success"=>1, "inserted_id"=>$mainorder));
}
else
{
array_push($myarray,array('message' => 'Payment process failed', "success"=>0, "error_message_long"=>$response['L_LONGMESSAGE0'], "error_message_short"=>$response['L_SHORTMESSAGE0'], "paypal_error"=>$paypal->_errors, "ack"=>$response['ACK']));
}
echo json_encode($myarray);
exit;
?>