· 9 years ago · Apr 08, 2017, 09:56 PM
1<?php
2require_once('libraries/stripe/init.php');
3require_once('libraries/PasswordHash.php');
4require_once('libraries/ses/SimpleEmailService.php');
5require_once('libraries/ses/SimpleEmailServiceMessage.php');
6require_once('libraries/ses/SimpleEmailServiceRequest.php');
7require_once('libraries/jwt/JWT.php');
8
9header('Content-Type: application/json');
10session_start();
11
12$_SESSION['stripe_error'] = "";
13
14function send_email($plan, $link, $email)
15{
16 $from = 'All Your Leads <info@allyourleads.com>';
17 $subject = 'All Your Leads - Direct Download';
18 $text_message = 'Hello,
19
20Thank you for your purchase of the '.$plan.' plan, the following is a direct download link to your data, the link will be available for the next 24 hours. If you need the link to be available for an extended period please contact support at help@allyourleads.com
21
22
23'.$link.'
24
25
26
27All Your Leads
28Sales leads for Ecommerce, Social Media, Alibaba, and much more';
29
30 $html_message = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
31<html xmlns="http://www.w3.org/1999/xhtml" xmlns="http://www.w3.org/1999/xhtml">
32 <head>
33 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
34 <title>Welcome!</title>
35
36 </head>
37 <body bgcolor="#f6f8f1" style="min-width: 100% !important; background-color: #FFFFFF; margin: 0; padding: 0;">
38 <table class="main_table" width="100%" bgcolor="#FFFFFF" border="0" cellpadding="0" cellspacing="0">
39 <tr>
40 <td>
41 <table class="content" align="center" cellpadding="0" cellspacing="0" border="0" style="width: 100%; max-width: 600px; min-height: 700px; background-color: #000000;" bgcolor="#000000">
42 <tr>
43 <td class="td_header" style="height: 100px; background-color: #2185d5; padding-left: 30px;" bgcolor="#2185d5">
44 <img src="https://allyourleads.com/images/logo_large.png" height="40" />
45 </td>
46 </tr>
47 <tr>
48 <td class="td_body" style="background-color: #eef7f8; vertical-align: top; padding: 30px;" bgcolor="#eef7f8" valign="top">
49
50 <p class="main_text" style="font-size: 12x; font-family: Arial; color: #262626;">
51
52Hello,<br /><br />
53Thank you for your purchase of the '.$plan.' plan, the following is a direct download link to your data, the link will be available for the next 24 hours. If you need the link to be available for an extended period please contact support at <a href="mailto:help@allyourleads.com">help@allyourleads.com</a><br /><br /><br />
54<a href="'.$link.'">'.$link.'</a>
55<br /><br /><br /><br />
56All Your Leads<br />
57Sales leads for Ecommerce, Social Media, Alibaba, and much more.
58 </p>
59 </td>
60 </tr>
61 <tr>
62 <td class="td_footer" style="height: 50px; background-color: #2185d5; text-align: center; font-family: Arial;" align="center" bgcolor="#2185d5">
63 <a class="footer_link" href="https://www.allyourleads.com" style="color: #FFFFFF; text-decoration: none;">www.allyourleads.com</a>
64 </td>
65 </tr>
66 </table>
67 </td>
68 </tr>
69 </table>
70 </body>
71</html>';
72
73 $m = new SimpleEmailServiceMessage();
74 $m->addTo($email);
75 $m->setFrom($from);
76 $m->setSubject($subject);
77 $m->setSubjectCharset('ISO-8859-1');
78 $m->setMessageCharset('ISO-8859-1');
79 $m->setMessageFromString($text_message,$html_message);
80 try
81 {
82 $ses = new SimpleEmailService('XXXXXXXXXXXXX',
83 'XXXXXXXXXXXXXXXXXXX');
84 $ses->sendEmail($m);
85 }
86 catch(Exception $e)
87 {
88 error_log("Error trying to send download email to: " . $email .
89 ", ERROR MSG: " . $e->getMessage(), 0);
90 }
91}
92
93
94function get_client_ip() {
95 $ipaddress = '';
96 if (getenv('HTTP_CLIENT_IP'))
97 $ipaddress = getenv('HTTP_CLIENT_IP');
98 else if(getenv('HTTP_X_FORWARDED_FOR'))
99 $ipaddress = getenv('HTTP_X_FORWARDED_FOR');
100 else if(getenv('HTTP_X_FORWARDED'))
101 $ipaddress = getenv('HTTP_X_FORWARDED');
102 else if(getenv('HTTP_FORWARDED_FOR'))
103 $ipaddress = getenv('HTTP_FORWARDED_FOR');
104 else if(getenv('HTTP_FORWARDED'))
105 $ipaddress = getenv('HTTP_FORWARDED');
106 else if(getenv('REMOTE_ADDR'))
107 $ipaddress = getenv('REMOTE_ADDR');
108 else
109 $ipaddress = '127.0.0.1';
110 return $ipaddress;
111}
112
113
114if (isset($_POST['token']) &&
115 isset($_POST['email']) &&
116 isset($_POST['plan']) &&
117 isset($_POST['password']) &&
118 isset($_POST['name']) &&
119 isset($_POST['address']) &&
120 isset($_POST['zip']))
121{
122 $token = $_POST['token'];
123 $email = strtolower(trim($_POST['email']));
124 $plan = $_POST['plan'];
125 $password = $_POST['password'];
126 $name = trim($_POST['name']);
127 $address = trim($_POST['address']);
128 $zip = trim($_POST['zip']);
129 $_SESSION['email'] = $email;
130 $_SESSION['plan'] = $plan;
131 $_SESSION['name'] = $name;
132 $_SESSION['address'] = $address;
133 $_SESSION['zip'] = $zip;
134
135 $customer_check = false;
136 $user_id;
137 $customer;
138 $customer_id;
139 // Get client's IP address
140 $ip_address = get_client_ip();
141
142 // Connect to database
143 $db = pg_connect('host=allyourleads.com port=9999 dbname=XXXXX user=root password=XXXXXXXXXXXXXXXX') or die('Could not connect: ' . pg_last_error());
144
145 // TEST
146 //$secret_key = "XXXXXXXXXXXXX";
147 //$publishable_key = "XXXXXXXXX";
148
149 // LIVE
150 $secret_key = "XXXXXXXXX";
151 $publishable_key = "XXXXXXXXXXXXXXXX";
152
153 \Stripe\Stripe::setApiKey($secret_key);
154
155 // Get existing customer id if they exist with stripe
156 $res = pg_query_params($db, "SELECT user_id, stripe_customer_id FROM users " .
157 "WHERE stripe_customer_id IS NOT NULL AND email = $1",
158 array($email));
159 if ($res && pg_num_rows($res) > 0)
160 {
161 $row = pg_fetch_object($res);
162 $user_id = $row->user_id;
163 $customer_id = $row->stripe_customer_id;
164
165 // Check if customer exists with stripe
166 $customer = \Stripe\Customer::retrieve($customer_id);
167
168 if(!isset($customer['deleted']) && $customer['delinquent'] == FALSE)
169 {
170 $customer_check = TRUE;
171 // Update the last login and IP address
172 pg_query_params($db, "INSERT INTO ip_addresses(user_id, ip_address) VALUES($1, $2)",
173 array($user_id, $ip_address));
174 }
175 pg_free_result($res);
176 }
177
178 // Create a new customer
179 if(!$customer_check)
180 {
181 try
182 {
183 $customer = \Stripe\Customer::create(array(
184 'email' => $email,
185 'source' => $token
186 ));
187 }
188 catch (\Stripe\Error\Card $e)
189 {
190 $_SESSION['stripe_error'] = $e->getMessage();
191 header("Location: /download");
192 die();
193 }
194
195 if (isset($customer))
196 {
197 $customer_id = $customer->id;
198 $hasher = new PasswordHash(8, FALSE);
199 $hash_password = $hasher->HashPassword($password);
200
201 $res = pg_query_params($db, "INSERT INTO users(email, password, name, " .
202 "address, zip, stripe_customer_id) " .
203 "VALUES($1, $2, $3, $4, $5, $6) " .
204 "RETURNING user_id",
205 array($email, $hash_password, $name, $address,
206 $zip, $customer_id));
207 if ($res && pg_num_rows($res) > 0)
208 {
209 // Update the last login and IP address
210 $row = pg_fetch_object($res);
211 $user_id = $row->user_id;
212 pg_query_params($db, "INSERT INTO ip_addresses(user_id, ip_address) VALUES($1, $2)",
213 array($user_id, $ip_address));
214 pg_free_result($res);
215 }
216 }
217 }
218
219 // Charge the customer based on their selected plan
220 $res = pg_query_params($db, "SELECT plan_id, plan, category, plan_type, " .
221 "price FROM plans WHERE plan = $1",
222 array($plan));
223
224 if ($res && pg_num_rows($res) > 0)
225 {
226 $row = pg_fetch_object($res);
227 $plan_id = $row->plan_id;
228 $plan = $row->plan;
229 $category = $row->category;
230 $plan_type = $row->plan_type;
231 $price = $row->price;
232 $plan_formatted = ucfirst($category) . ' ' . ucfirst($plan_type);
233
234 try
235 {
236 $charge = \Stripe\Charge::create(array(
237 'customer' => $customer_id,
238 'amount' => (int) ($price * 100),
239 'currency' => 'usd'
240 ));
241
242 if($charge['status'] == "succeeded")
243 {
244 $stripe_trans_id = $charge['id'];
245 $amount = $charge['amount'];
246 $currency = $charge['currency'];
247 $transaction_id = null;
248 $res2 = pg_query_params($db, "INSERT INTO transactions(user_id, plan_id, amount, " .
249 "currency, stripe_trans_id) VALUES($1, $2, $3, $4, $5) " .
250 "RETURNING transaction_id",
251 array($user_id, $plan_id, $amount, $currency, $stripe_trans_id));
252
253 if ($res2 && pg_num_rows($res2) > 0)
254 {
255 // Get the transaction id
256 $row = pg_fetch_object($res2);
257 $transaction_id = $row->transaction_id;
258 pg_free_result($res2);
259 }
260
261 // Update the user account stripe customer id
262 pg_query_params($db, "UPDATE users SET stripe_customer_id = $1 WHERE user_id = $2",
263 array($customer_id, $user_id));
264
265 // If the user purchased because of referral, give affiliate commission
266 if (isset($_COOKIE['referral']))
267 {
268 // Private cryptographic key used for JWT
269 $key = "sepmgz4LEnii4PzVCb3REgEVvkHpagY4";
270
271 try
272 {
273 $decoded = JWT::decode($_COOKIE['referral'], $key, array('HS256'));
274 $code = $decoded->code;
275 pg_query_params($db, "INSERT INTO referrals(code_id, commission_amount, " .
276 "transaction_id) VALUES(" .
277 "(SELECT code_id FROM codes WHERE code = $1), " .
278 "((SELECT commission_percent FROM codes " .
279 "NATURAL JOIN affiliates WHERE code = $1) * $2), $3)",
280 array($code, $amount, $transaction_id));
281 }
282 catch (Exception $e) {
283 error_log("Error decoding cookie, ERROR: " . $e->getMessage(), 0);
284 }
285 }
286
287 // Get the download URL
288 $res3 = pg_query_params($db, "SELECT download_host || '/' || download_unique " .
289 "|| '/' || download_file AS download_url " .
290 "FROM downloads WHERE plan_id = $1",
291 array($plan_id));
292
293 if ($res3 && pg_num_rows($res3) > 0)
294 {
295 $row = pg_fetch_object($res3);
296 $_SESSION['download_url'] = $row->download_url;
297 send_email($plan_formatted, $row->download_url, $email);
298 header("Location: /thankyou");
299 pg_free_result($res);
300 pg_free_result($res3);
301 }
302 else
303 {
304 // This should never happen!
305 error_log("Unable to find download URL for USER: " . $user_id . ", PLAN ID: " . $plan_id, 0);
306 }
307 }
308 else
309 {
310 // Unable to charge their credit card
311 error_log("Unable to charge credit card for USER: " . $user_id . ", STRIPE USER ID: " .
312 $customer_id . ", PLAN ID: " . $plan_id . ", AMOUNT: " . (int) ($price * 100), 0);
313 $_SESSION['stripe_error'] = 'Unknown error, unable to charge credit card';
314 header("Location: /download");
315 }
316 }
317 catch(Exception $e)
318 {
319 error_log("Stripe error occurred trying to charge credit card for USER: " . $user_id .
320 ", STRIPE USER ID: " . $customer_id . ", PLAN ID: " . $plan_id .
321 ", AMOUNT: " . (int) ($price * 100) . "\nERROR MSG: " . $e->getMessage(), 0);
322 $_SESSION['stripe_error'] = $e->getMessage();
323 header("Location: /download");
324 }
325 }
326 pg_close($db);
327}
328else {
329 die("Missing parameters");
330}
331?>