GSP/Panel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Website is completed working, moved into billing module

Browse source
This commit is contained in:
Frank Harris 2025-10-23 18:19:06 -04:00
parent 3ea6436f27
commit 437fbad5e6
401 changed files with 1822 additions and 7831 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.github/copilot-instructions.md vendored
View file

@ -14,7 +14,7 @@
- `modules/` — panel modules (legacy `billing/` exists; its **schema** is authoritative for multi-remote, but the **pages** are deprecated). - `modules/` — panel modules (legacy `billing/` exists; its **schema** is authoritative for multi-remote, but the **pages** are deprecated).
- `includes/` — panel configuration and DB connectors. - `includes/` — panel configuration and DB connectors.
- `ogp_api.php` — internal API entry point for panel-side actions. - `ogp_api.php` — internal API entry point for panel-side actions.
- `paypal/` — PayPal code if present in this branch. - `api/` — Payment-related API code if present in this branch (previously under `paypal/` or `payments/`).
## 2) No-Code Planning Mode (default) ## 2) No-Code Planning Mode (default)
- Do **not** emit PHP, SQL, XML, or shell commands unless a maintainer explicitly asks: **“Generate code now.”** - Do **not** emit PHP, SQL, XML, or shell commands unless a maintainer explicitly asks: **“Generate code now.”**
@ -72,7 +72,7 @@
- **Licensing:** Preserve upstream notices and ensure our additions stay license-compatible. - **Licensing:** Preserve upstream notices and ensure our additions stay license-compatible.
## 7) Validation checklist (pre-PR / pre-merge) ## 7) Validation checklist (pre-PR / pre-merge)
- Read `_website/`, `modules/config_games/server_configs/`, `modules/`, `includes/`, `paypal/` (if present), and `ogp_api.php` to anchor proposals to actual code. - Read `_website/`, `modules/config_games/server_configs/`, `modules/`, `includes/`, `api/` (if present), and `ogp_api.php` to anchor proposals to actual code.
- Catalog uses only the XML metadata; no hardcoded ports/params. - Catalog uses only the XML metadata; no hardcoded ports/params.
- Regions/nodes are read live from the panel DB; no duplicates on the website. - Regions/nodes are read live from the panel DB; no duplicates on the website.
- Auth plan preserves panel compatibility and modernizes website hashing; **sessions remain separate**. - Auth plan preserves panel compatibility and modernizes website hashing; **sessions remain separate**.

329
_website/cart.php
View file

@ -1,329 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Shopping Cart - GameServers.World</title>
</head>
<body>
<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
// Require login
require_once(__DIR__ . '/includes/login_required.php');
// Include database configuration
require_once(__DIR__ . '/includes/config.inc.php');
// Create database connection
$db = mysqli_connect($db_host, $db_user, $db_pass, $db_name);
if (!$db) {
die("Connection failed: " . mysqli_connect_error());
}
// Admin quick-create handler: create a free "paid" record for an in-cart order
if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST['create_free_for'])) {
session_start();
if (!empty($_SESSION['website_user_role']) && strtolower($_SESSION['website_user_role']) === 'admin') {
$orderId = (int)$_POST['create_free_for'];
if ($orderId > 0) {
$stmt = $db->prepare("UPDATE ogp_billing_orders SET status = 'paid' WHERE order_id = ? LIMIT 1");
if ($stmt) { $stmt->bind_param('i', $orderId); $stmt->execute(); $stmt->close(); }
// write a simulated webhook file
require_once(__DIR__ . '/includes/config.inc.php');
$dataDir = (isset($SITE_DATA_DIR) && $SITE_DATA_DIR) ? $SITE_DATA_DIR : realpath(__DIR__ . '/') . DIRECTORY_SEPARATOR . 'data';
@mkdir($dataDir, 0775, true);
$rec = [
'event_type' => 'PAYMENT.CAPTURE.COMPLETED',
'status' => 'PAID',
'amount' => 0.00,
'currency' => 'USD',
'payer' => $_SESSION['website_user_email'] ?? ($_SESSION['website_username'] ?? ''),
'invoice' => 'FREE-' . $orderId . '-' . time(),
'custom' => 'admin_free_create_order_' . $orderId,
'resource_id' => 'FREE-' . bin2hex(random_bytes(6)),
'items' => [],
'ts' => date('c'),
];
$fname = $dataDir . DIRECTORY_SEPARATOR . $rec['invoice'] . '.json';
file_put_contents($fname, json_encode($rec, JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES));
header('Location: return.php?invoice=' . urlencode($rec['invoice']));
exit;
}
}
}
// Include top bar and menu
include(__DIR__ . '/includes/top.php');
include(__DIR__ . '/includes/menu.php');
$user_id=$_SESSION['user_id'] ?? 0;
$user_id = 186; // For testing purposes, set a default user ID
if ($user_id <= 0) {
echo "<center><h4>Please login to view your cart</h4></center>";
mysqli_close($db);
echo "</body></html>";
return;
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['delete_single'])) {
$order_id = intval($_POST['delete_single']);
if ($order_id > 0) {
// First, check if the status is 'renew'
$stmt = $db->prepare("SELECT status FROM ogp_billing_orders WHERE order_id = ? AND user_id = ?");
$stmt->bind_param("ii", $order_id, $user_id);
$stmt->execute();
$stmt->bind_result($status);
if ($stmt->fetch() && strtolower($status) === 'renew') {
$stmt->close();
// Set status to 'expired' if currently 'renew'
$update = $db->prepare("UPDATE ogp_billing_orders SET status = 'expired' WHERE order_id = ? AND user_id = ?");
$update->bind_param("ii", $order_id, $user_id);
$update->execute();
$update->close();
} else {
$stmt->close();
// Otherwise, delete the order
$delete = $db->prepare("DELETE FROM ogp_billing_orders WHERE order_id = ? AND user_id = ?");
$delete->bind_param("ii", $order_id, $user_id);
$delete->execute();
$delete->close();
}
}
}
if ($db){
$carts = $db->query("SELECT * FROM ogp_billing_orders AS cart
WHERE (status = 'in-cart' OR status = 'renew') AND user_id = " . $user_id . " ORDER BY order_id ASC");
}
?>
<div class="site-panel">
<h2 class="site-panel-title">Your Cart</h2>
<!--
This is our cart form just for display and deletion. There is a different form below that has the paypal button and fills in all the hidden fields
-->
<table class="cart-table">
<thead>
<tr>
<th class="table-compact text-center"></th>
<th>Server ID</th>
<th>Game Name</th>
<th>Location</th>
<th>Max Players</th>
<th>Price per Player</th>
<th>Months</th>
<th>Total</th>
</tr>
</thead>
<tbody>
<?php
$grandTotal = 0; // Initialize grand total variable
if (isset($carts) && $carts instanceof mysqli_result && $carts->num_rows > 0) {
while ($row = $carts->fetch_assoc()) {
?>
<tr data-cart-id="<?php echo htmlspecialchars($row['order_id']); ?>">
<td>
<form method="post" action="" class="inline-form">
<button type="submit" name="delete_single" value="<?php echo htmlspecialchars($row['order_id']); ?>" class="btn-square text-danger">

</button>
</form>
</td>
<td><?php echo htmlspecialchars($row['home_id']); ?></td>
<td><?php echo htmlspecialchars($row['home_name']); ?></td>
<td><?php echo htmlspecialchars($row['ip']); ?></td>
<td><?php echo htmlspecialchars($row['max_players']); ?></td>
<td>$<?php echo number_format($row['price'], 2); ?></td>
<td><?php echo htmlspecialchars($row['qty']); ?></td>
<?php $rowtotal = $row['price'] * $row['qty'] * $row['max_players'];?>
<?php if ((float)$row['price'] == 0.0 && isset($_SESSION['website_user_role']) && strtolower($_SESSION['website_user_role']) === 'admin'): ?>
<td>
<form method="post" action="" class="inline-form">
<input type="hidden" name="create_free_for" value="<?php echo (int)$row['order_id']; ?>">
<button type="submit" class="btn-primary">Create (Free)</button>
</form>
</td>
<?php else: ?>
<td>&nbsp;</td>
<?php endif; ?>
<?php $grandTotal += $rowtotal; // Add to grand total ?>
<td>$<?php echo number_format($rowtotal, 2); ?></td>
</tr>
<?php
}
// Add total row
?>
<tr class="cart-total-row">
<td colspan="7" class="cart-total-label">
Cart Total:
</td>
<td class="cart-total-value">
$<?php echo number_format($grandTotal, 2); ?>
</td>
</tr>
<?php
} else {
// Display a message if no cart items are found
?>
<tr>
<td colspan="7" class="text-center muted">No items in your cart.</td>
</tr>
<?php
}
?>
</tbody>
</table>
<?php
// These must already exist earlier in your cart page:
// $grandTotal (number) e.g., 24.49
// $invoice (array) e.g., [['serverID'=>'srv123','amount'=>9.99], ['serverID'=>'srv999','amount'=>14.50]]
// --- Sanity + normalization ---
if (!isset($grandTotal) || !is_numeric($grandTotal)) {
$grandTotal = 0.00;
}
if (!isset($invoice) || !is_array($invoice)) {
$invoice = [];
}
$currency = 'USD';
$amount = number_format((float)$grandTotal, 2, '.', '');
$lineItems = [];
// Build PayPal-friendly items array (name, unit_amount, quantity, sku)
foreach ($invoice as $i) {
$sid = isset($i['serverID']) ? (string)$i['serverID'] : 'unknown';
$amt = isset($i['amount']) && is_numeric($i['amount']) ? number_format((float)$i['amount'], 2, '.', '') : '0.00';
$lineItems[] = [
'name' => "Server $sid",
'quantity' => '1',
'unit_amount' => ['currency_code' => $currency, 'value' => $amt],
'sku' => $sid
];
}
// Single overall invoice id for the order
$invoiceId = 'INV-' . date('Ymd-His') . '-' . bin2hex(random_bytes(3));
// A short custom reference derived from your line items (<= 127 chars for PayPal)
$customHash = substr(strtoupper(sha1(json_encode($invoice))), 0, 16);
$customId = "INVREF-$customHash";
// Text on the PayPal side
$description = 'Game server order (' . count($lineItems) . ' item' . (count($lineItems)===1?'': 's') . ')';
// URLs
$siteBase = 'https://panel.iaregamer.com';
$returnUrl = $siteBase . '/_website/return.php?invoice=' . urlencode($invoiceId);
$cancelUrl = $siteBase . '/_website/return.php?invoice=' . urlencode($invoiceId) . '&cancel=1';
// API base (relative)
$apiBase = '/_website/api';
?>
<!-- PayPal JS SDK (Sandbox). Use LIVE client-id when going live. -->
<script src="https://www.paypal.com/sdk/js?client-id=AfvY_C2zA_hTHxHq7TIhtOeub4xBdySYrt_Hjj3d_WYQwjWI9NfOAVOTeResx2rgZ_nP5tOoxQSAHw8c&currency=USD&intent=capture"></script>
<div id="paypal-button-container"></div>
<div id="pp-status" class="mt-12" style="font:14px system-ui, -apple-system, Segoe UI, Roboto, Arial, sans-serif;"></div>
<script>
(function(){
const statusEl = document.getElementById('pp-status');
// Values from PHP
const amount = "<?= $amount ?>";
const currency = "<?= $currency ?>";
const invoice_id = "<?= $invoiceId ?>";
const custom_id = "<?= $customId ?>";
const description = "<?= htmlspecialchars($description, ENT_QUOTES) ?>";
const return_url = "<?= $returnUrl ?>";
const cancel_url = "<?= $cancelUrl ?>";
// Line items (serverID + per-item amount) for your records and webhook correlation
const line_invoices = <?php echo json_encode($invoice, JSON_UNESCAPED_SLASHES); ?>;
// PayPal "items" for purchase_units (shows on PayPal + returns in webhook under purchase_units)
const items = <?php echo json_encode($lineItems, JSON_UNESCAPED_SLASHES); ?>;
function setStatus(msg){ if(statusEl) statusEl.textContent = msg; }
paypal.Buttons({
createOrder: function() {
setStatus('Creating order…');
return fetch("<?= $apiBase ?>/create_order.php", {
method: "POST",
headers: {"Content-Type":"application/json"},
body: JSON.stringify({
amount, currency, invoice_id, custom_id, description,
return_url, cancel_url,
// The next two are for your server to include:
items, // PayPal purchase_units[0].items
line_invoices // your raw cart detail, persisted in your DB if you choose
})
})
.then(res => res.json())
.then(data => {
if (!data.id) { throw new Error(data.error || 'No order id'); }
setStatus('Order created.');
return data.id;
});
},
onApprove: function(data) {
setStatus('Capturing payment…');
return fetch("<?= $apiBase ?>/capture_order.php", {
method: "POST",
headers: {"Content-Type":"application/json"},
body: JSON.stringify({ order_id: data.orderID })
})
.then(res => res.json())
.then(capture => {
if (capture.status === 'COMPLETED') {
// go to your return page; webhook will fill data/<invoice_id>.json
window.location.href = return_url;
} else {
setStatus('Capture status: ' + capture.status);
}
})
.catch(err => setStatus('Error: ' + err.message));
},
onCancel: function() {
window.location.href = cancel_url;
},
onError: function(err){
setStatus('PayPal error: ' + (err && err.message ? err.message : err));
}
}).render('#paypal-button-container');
})();
</script>
</div>
<?php
// Close database connection
mysqli_close($db);
?>
<?php include(__DIR__ . '/includes/footer.php'); ?>
</body>
</html>

19
_website/includes/login_required.php
View file

@ -1,19 +0,0 @@
<?php
if (session_status() === PHP_SESSION_NONE) {
session_name("gameservers_website");
session_start();
}
if (empty($_SESSION['website_user_id'])) {
// Build return_to pointing to current script + query and force absolute login URL
// Use raw REQUEST_URI (already absolute) and urlencode once when passing to login
$requestUri = $_SERVER['REQUEST_URI'] ?? '/index.php';
// Determine site root (prefer up to /_website)
$script = $_SERVER['SCRIPT_NAME'] ?? '';
$pos = strpos($script, '/_website');
$siteRoot = $pos !== false ? substr($script, 0, $pos + strlen('/_website')) : rtrim(dirname($script), '/\\');
$loginUrl = $siteRoot . '/login.php';
header('Location: ' . $loginUrl . '?return_to=' . urlencode($requestUri));
exit();
}
?>

18
_website/includes/top.php
View file

@ -1,18 +0,0 @@
<?php
// Top include for all _website pages: logo + site name
?>
<link rel="stylesheet" href="css/header.css">
<?php
// Optionally set a background image from config
if (isset($SITE_BACKGROUND) && $SITE_BACKGROUND) {
$bg = htmlspecialchars($SITE_BACKGROUND, ENT_QUOTES, 'UTF-8');
echo "<style>body{background-image:url('". $bg ."');background-size:cover;background-position:center fixed;}</style>\n";
}
?>
<div class="gsw-top">
<div class="gsw-top-left">
<img src="images/logo-sm.png" alt="Gameservers World logo">
</div>
<div class="gsw-site-name">Gameservers World</div>
</div>

57
_website/logout.php
View file

@ -1,57 +0,0 @@
<?php
// Start the website session
session_name("gameservers_website");
session_start();
// Logger function
function logger($logtext){
file_put_contents(__DIR__ . "/logfile.txt", $logtext . PHP_EOL, FILE_APPEND);
}
// Log the logout
if (isset($_SESSION['website_username'])) {
logger("Website logout: " . $_SESSION['website_username']);
}
// Destroy all session data
$_SESSION = array();
// Destroy the session cookie
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
}
// Destroy the session
session_destroy();
// Optional safe return_to handling
$return_raw = $_GET['return_to'] ?? '';
// Determine site root (prefer up to /_website)
$script = $_SERVER['SCRIPT_NAME'] ?? '';
$pos = strpos($script, '/_website');
$siteRoot = $pos !== false ? substr($script, 0, $pos + strlen('/_website')) : rtrim(dirname($script), '/\\');
// sanitize: disallow absolute URLs (with protocol), CR/LF; allow safe path characters.
$sanitize_return = function($p) use ($siteRoot) {
$p = trim((string)$p);
if ($p === '') return '';
// disallow absolute URLs or protocol-relative paths
if (preg_match('#^(https?:)?//#i', $p)) return '';
if (strpos($p, "\n") !== false || strpos($p, "\r") !== false) return '';
// allow only safe characters (slash, query, percent-encodings, alnum and a few safe symbols)
if (!preg_match('#^[A-Za-z0-9_./?&=%:\-]+$#', $p)) return '';
// If it already starts with '/', treat it as an absolute path and return as-is
if (strpos($p, '/') === 0) {
return $p;
}
// Otherwise, build an absolute path under the site root
return $siteRoot . '/' . ltrim($p, '/');
};
$sanitized = $sanitize_return($return_raw);
if ($sanitized !== '') {
header('Location: ' . $sanitized);
} else {
header('Location: ' . $siteRoot . '/index.php');
}
exit();
?>

1
_website/payments/api/README.md
View file

@ -1 +0,0 @@
Compatibility wrappers for payments API endpoints. Canonical implementations are under /_website/api/.

4
_website/payments/config.php
View file

@ -1,4 +0,0 @@
<?php
// payments compatibility config — centralized in includes/config.inc.php
require_once(__DIR__ . '/../includes/config.inc.php');
?>

4
_website/payments/pay.php
View file

@ -1,4 +0,0 @@
<?php
// Compatibility wrapper: redirect legacy /payments/pay.php to new create_order API
header('Location: /_website/api/create_order.php');
exit;

4
_website/payments/return.php
View file

@ -1,4 +0,0 @@
<?php
// Compatibility wrapper for /payments/return.php
header('Location: /_website/return.php' . (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] ? '?' . $_SERVER['QUERY_STRING'] : ''));
exit;

159
_website/payments/webhook.php
View file

@ -1,159 +0,0 @@
<?php
// Full payments webhook implementation (migrated from top-level payments/webhook.php)
require_once(__DIR__ . '/../includes/config.inc.php');
$config = [
'sandbox' => true,
'client_id' => '',
'client_secret' => '',
'webhook_id' => '',
'data_dir' => realpath(__DIR__ . '/..') . DIRECTORY_SEPARATOR . 'data',
'log_file' => realpath(__DIR__ . '/..') . DIRECTORY_SEPARATOR . 'data' . DIRECTORY_SEPARATOR . 'webhook.log',
];
if (defined('SITE_DATA_DIR') && SITE_DATA_DIR) {
$config['data_dir'] = rtrim(SITE_DATA_DIR, "\\/") . DIRECTORY_SEPARATOR;
}
@mkdir($config['data_dir'], 0775, true);
function log_line($m){global $config; @file_put_contents($config['log_file'],'['.date('c')."] $m\n",FILE_APPEND);}
function api_base(){global $config; return $config['sandbox'] ? 'https://api-m.sandbox.paypal.com' : 'https://api-m.paypal.com';}
http_response_code(200);
$raw = file_get_contents('php://input');
$headers = array_change_key_case(getallheaders() ?: [], CASE_UPPER);
log_line("HIT ip=".($_SERVER['REMOTE_ADDR']??'') ." bytes=".strlen($raw));
if (!$raw) { log_line("NO_BODY"); exit; }
// 1) OAuth2
$ch = curl_init(api_base().'/v1/oauth2/token');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER=>true,
CURLOPT_POST=>true,
CURLOPT_POSTFIELDS=>'grant_type=client_credentials',
CURLOPT_HTTPHEADER=>['Accept: application/json'],
CURLOPT_USERPWD=>$config['client_id'].':'.$config['client_secret'],
]);
$tokenResp = curl_exec($ch);
$http = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($http!==200){ log_line("OAUTH_FAIL http=$http resp=$tokenResp"); exit; }
$access_token = json_decode($tokenResp, true)['access_token'] ?? null;
if (!$access_token){ log_line("OAUTH_NO_TOKEN"); exit; }
// 2) Verify webhook signature
$verifyPayload = [
'transmission_id' => $headers['PAYPAL-TRANSMISSION-ID'] ?? '',
'transmission_time' => $headers['PAYPAL-TRANSMISSION-TIME'] ?? '',
'cert_url' => $headers['PAYPAL-CERT-URL'] ?? '',
'auth_algo' => $headers['PAYPAL-AUTH-ALGO'] ?? '',
'transmission_sig' => $headers['PAYPAL-TRANSMISSION-SIG'] ?? '',
'webhook_id' => $config['webhook_id'],
'webhook_event' => json_decode($raw, true),
];
$ch = curl_init(api_base().'/v1/notifications/verify-webhook-signature');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER=>true,
CURLOPT_POST=>true,
CURLOPT_POSTFIELDS=>json_encode($verifyPayload),
CURLOPT_HTTPHEADER=>[
'Content-Type: application/json',
'Authorization: Bearer '.$access_token
],
]);
$verifyResp = curl_exec($ch);
$http = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
$verifyJson = json_decode($verifyResp, true);
if ($http!==200 || ($verifyJson['verification_status'] ?? '') !== 'SUCCESS'){
log_line("VERIFY_FAIL http=$http status=".($verifyJson['verification_status']??'NONE'));
exit;
}
log_line("VERIFY_OK");
// 3) Parse and persist (now with items)
$evt = json_decode($raw, true);
$type = $evt['event_type'] ?? '';
$res = $evt['resource'] ?? [];
// Extract common fields
$invoice = $res['invoice_id'] ?? ($res['invoice_number'] ?? null);
$custom = $res['custom_id'] ?? ($res['custom'] ?? null);
// Amounts/payer
$amount = $res['amount']['value'] ?? ($res['amount']['total'] ?? null);
$currency = $res['amount']['currency_code'] ?? ($res['amount']['currency'] ?? null);
$payer = $res['payer']['email_address'] ?? ($res['payer']['payer_info']['email'] ?? null);
// Try to capture line items if present directly in this event:
$items = [];
if (isset($res['purchase_units'][0]['items']) && is_array($res['purchase_units'][0]['items'])) {
$items = $res['purchase_units'][0]['items'];
}
// If capture event, try to fetch the parent ORDER to get items
if (!$items && $type === 'PAYMENT.CAPTURE.COMPLETED') {
$orderId =
$res['supplementary_data']['related_ids']['order_id'] // preferred
?? null;
if (!$orderId && isset($res['links']) && is_array($res['links'])) {
// Fallback: look for a link to the parent order
foreach ($res['links'] as $lnk) {
if (!empty($lnk['href']) && !empty($lnk['rel']) && stripos($lnk['href'], '/v2/checkout/orders/') !== false) {
$orderId = basename(parse_url($lnk['href'], PHP_URL_PATH));
break;
}
}
}
if ($orderId) {
$ch = curl_init(api_base()."/v2/checkout/orders/".urlencode($orderId));
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer '.$access_token,
'Content-Type: application/json'
],
]);
$orderJson = curl_exec($ch);
$httpOrder = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($httpOrder === 200) {
$order = json_decode($orderJson, true);
if (isset($order['purchase_units'][0]['items']) && is_array($order['purchase_units'][0]['items'])) {
$items = $order['purchase_units'][0]['items'];
}
// If the order has invoice/custom (sometimes more reliable), prefer those:
if (!$invoice) { $invoice = $order['purchase_units'][0]['invoice_id'] ?? $invoice; }
if (!$custom) { $custom = $order['purchase_units'][0]['custom_id'] ?? $custom; }
} else {
log_line("ORDER_FETCH_FAIL id=$orderId http=$httpOrder");
}
}
}
$status = 'IGNORED';
// We persist on payment completed events
if (in_array($type, ['PAYMENT.CAPTURE.COMPLETED','PAYMENT.SALE.COMPLETED'], true)) {
$record = [
'event_type' => $type,
'status' => 'PAID',
'amount' => $amount,
'currency' => $currency,
'payer' => $payer,
'invoice' => $invoice,
'custom' => $custom,
'resource_id' => $res['id'] ?? null,
'items' => $items, // Persist line items for your return.php/UI
'ts' => date('c'),
];
$name = $invoice ?: 'NO-INVOICE';
@file_put_contents($config['data_dir']."/$name.json", json_encode($record, JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES));
$status = 'WROTE_FILE';
}
log_line("EVENT $type invoice=".($invoice ?: 'none')." items_count=".count($items)." status=$status");

1
_website/paypal/api/README.md
View file

@ -1 +0,0 @@
This folder contains compatibility wrappers for PayPal API endpoints. The canonical implementations live in /_website/api/.

7
_website/paypal/config.php
View file

@ -1,7 +0,0 @@
<?php
// Local _website copy of paypal/config.php - configuration is centralized in includes/config.inc.php
// This file is intentionally lightweight and will include the site config.
require_once(__DIR__ . '/../includes/config.inc.php');
// If you need PayPal-specific overrides, add them here.
?>

103
_website/paypal/pay.php
View file

@ -1,103 +0,0 @@
<?php
// ==== YOUR CART DATA (server authoritative) ====
// TODO: set these from your cart/session/DB:
$amount = number_format(19.99, 2, '.', '');
$currency = 'USD';
$invoiceId = 'INV-' . date('Ymd-His') . '-' . bin2hex(random_bytes(3));
$customId = 'user_1234_order_5678';
$description = 'Game server monthly plan';
// Site base (adjust if different)
$siteBase = 'https://panel.iaregamer.com';
// Where your API endpoints live:
$returnUrl = $siteBase . '/_website/return.php?invoice=' . urlencode($invoiceId);
$cancelUrl = $siteBase . '/_website/return.php?invoice=' . urlencode($invoiceId) . '&cancel=1';
// Where your API endpoints live:
$apiBase = '/_website/api';
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Checkout</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- PayPal JS SDK (Sandbox). Use LIVE client-id when you go live. -->
<script src="https://www.paypal.com/sdk/js?client-id=AfvY_C2zA_hTHxHq7TIhtOeub4xBdySYrt_Hjj3d_WYQwjWI9NfOAVOTeResx2rgZ_nP5tOoxQSAHw8c&currency=USD&intent=capture"></script>
<style>body{font-family:system-ui,Arial,sans-serif;max-width:700px;margin:40px auto;padding:0 16px}</style>
</head>
<body>
<h1>Complete your purchase</h1>
<p><strong>Amount:</strong> <?= htmlspecialchars($currency) ?> <?= htmlspecialchars($amount) ?></p>
<p><strong>Invoice:</strong> <?= htmlspecialchars($invoiceId) ?></p>
<div id="paypal-button-container"></div>
<div id="status" style="margin-top:16px"></div>
<script>
const statusEl = document.getElementById('status');
const amount = "<?= $amount ?>";
const currency = "<?= $currency ?>";
const invoice_id = "<?= $invoiceId ?>";
const custom_id = "<?= htmlspecialchars($customId, ENT_QUOTES) ?>";
const description = "<?= htmlspecialchars($description, ENT_QUOTES) ?>";
const return_url = "<?= $returnUrl ?>";
const cancel_url = "<?= $cancelUrl ?>";
function setStatus(msg){ statusEl.textContent = msg; }
paypal.Buttons({
// Show a single, small PayPal button
style: {
layout: 'vertical', // or 'horizontal'
color: 'gold', // gold | blue | silver | black | white
shape: 'pill', // pill | rect
label: 'paypal', // paypal | pay | checkout | buynow
height: 35, // 25
55 (smaller button = lower height)
tagline: false
},
fundingSource: paypal.FUNDING.PAYPAL, // only the PayPal button
createOrder: function() {
// (unchanged) 5 your fetch to create_order.php
return fetch("<?= $apiBase ?>/create_order.php", {
method: "POST",
headers: {"Content-Type":"application/json"},
body: JSON.stringify({
amount, currency, invoice_id, custom_id, description,
return_url, cancel_url,
items, line_invoices
})
})
.then(r => r.json())
.then(d => {
if (!d.id) throw new Error(d.error || 'No order id');
return d.id;
});
},
onApprove: function(data) {
// (unchanged) 5 capture then redirect
return fetch("<?= $apiBase ?>/capture_order.php", {
method: "POST",
headers: {"Content-Type":"application/json"},
body: JSON.stringify({ order_id: data.orderID })
})
.then(r => r.json())
.then(c => {
if (c.status === 'COMPLETED') {
window.location.href = return_url;
} else {
document.getElementById('pp-status').textContent = 'Capture status: ' + c.status;
}
});
},
onCancel: function(){ window.location.href = cancel_url; },
onError: function(err){ document.getElementById('pp-status').textContent = 'PayPal error: ' + err; }
}).render('#paypal-button-container');
</script>
</body>
</html>

4
_website/paypal/return.php
View file

@ -1,4 +0,0 @@
<?php
// Compatibility wrapper for old /paypal/return.php — route to unified return page
header('Location: /_website/return.php' . (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] ? '?' . $_SERVER['QUERY_STRING'] : ''));
exit;

161
_website/paypal/webhook.php
View file

@ -1,161 +0,0 @@
<?php
// Full webhook implementation (migrated from top-level paypal/webhook.php)
// Uses central site config where possible; fall back to local defaults.
require_once(__DIR__ . '/../includes/config.inc.php');
$config = [
'sandbox' => true,
'client_id' => '',
'client_secret' => '',
'webhook_id' => '',
'data_dir' => realpath(__DIR__ . '/..') . DIRECTORY_SEPARATOR . 'data',
'log_file' => realpath(__DIR__ . '/..') . DIRECTORY_SEPARATOR . 'data' . DIRECTORY_SEPARATOR . 'webhook.log',
];
// Allow includes/config.inc.php to override SITE_DATA_DIR if set
if (defined('SITE_DATA_DIR') && SITE_DATA_DIR) {
$config['data_dir'] = rtrim(SITE_DATA_DIR, "\\/") . DIRECTORY_SEPARATOR;
}
@mkdir($config['data_dir'], 0775, true);
function log_line($m){global $config; @file_put_contents($config['log_file'],'['.date('c')."] $m\n",FILE_APPEND);}
function api_base(){global $config; return $config['sandbox'] ? 'https://api-m.sandbox.paypal.com' : 'https://api-m.paypal.com';}
http_response_code(200);
$raw = file_get_contents('php://input');
$headers = array_change_key_case(getallheaders() ?: [], CASE_UPPER);
log_line("HIT ip=".($_SERVER['REMOTE_ADDR']??'') ." bytes=".strlen($raw));
if (!$raw) { log_line("NO_BODY"); exit; }
// 1) OAuth2
$ch = curl_init(api_base().'/v1/oauth2/token');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER=>true,
CURLOPT_POST=>true,
CURLOPT_POSTFIELDS=>'grant_type=client_credentials',
CURLOPT_HTTPHEADER=>['Accept: application/json'],
CURLOPT_USERPWD=>$config['client_id'].':'.$config['client_secret'],
]);
$tokenResp = curl_exec($ch);
$http = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($http!==200){ log_line("OAUTH_FAIL http=$http resp=$tokenResp"); exit; }
$access_token = json_decode($tokenResp, true)['access_token'] ?? null;
if (!$access_token){ log_line("OAUTH_NO_TOKEN"); exit; }
// 2) Verify webhook signature
$verifyPayload = [
'transmission_id' => $headers['PAYPAL-TRANSMISSION-ID'] ?? '',
'transmission_time' => $headers['PAYPAL-TRANSMISSION-TIME'] ?? '',
'cert_url' => $headers['PAYPAL-CERT-URL'] ?? '',
'auth_algo' => $headers['PAYPAL-AUTH-ALGO'] ?? '',
'transmission_sig' => $headers['PAYPAL-TRANSMISSION-SIG'] ?? '',
'webhook_id' => $config['webhook_id'],
'webhook_event' => json_decode($raw, true),
];
$ch = curl_init(api_base().'/v1/notifications/verify-webhook-signature');
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER=>true,
CURLOPT_POST=>true,
CURLOPT_POSTFIELDS=>json_encode($verifyPayload),
CURLOPT_HTTPHEADER=>[
'Content-Type: application/json',
'Authorization: Bearer '.$access_token
],
]);
$verifyResp = curl_exec($ch);
$http = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
$verifyJson = json_decode($verifyResp, true);
if ($http!==200 || ($verifyJson['verification_status'] ?? '') !== 'SUCCESS'){
log_line("VERIFY_FAIL http=$http status=".($verifyJson['verification_status']??'NONE'));
exit;
}
log_line("VERIFY_OK");
// 3) Parse and persist (now with items)
$evt = json_decode($raw, true);
$type = $evt['event_type'] ?? '';
$res = $evt['resource'] ?? [];
// Extract common fields
$invoice = $res['invoice_id'] ?? ($res['invoice_number'] ?? null);
$custom = $res['custom_id'] ?? ($res['custom'] ?? null);
// Amounts/payer
$amount = $res['amount']['value'] ?? ($res['amount']['total'] ?? null);
$currency = $res['amount']['currency_code'] ?? ($res['amount']['currency'] ?? null);
$payer = $res['payer']['email_address'] ?? ($res['payer']['payer_info']['email'] ?? null);
// Try to capture line items if present directly in this event:
$items = [];
if (isset($res['purchase_units'][0]['items']) && is_array($res['purchase_units'][0]['items'])) {
$items = $res['purchase_units'][0]['items'];
}
// If capture event, try to fetch the parent ORDER to get items
if (!$items && $type === 'PAYMENT.CAPTURE.COMPLETED') {
$orderId =
$res['supplementary_data']['related_ids']['order_id'] // preferred
?? null;
if (!$orderId && isset($res['links']) && is_array($res['links'])) {
// Fallback: look for a link to the parent order
foreach ($res['links'] as $lnk) {
if (!empty($lnk['href']) && !empty($lnk['rel']) && stripos($lnk['href'], '/v2/checkout/orders/') !== false) {
$orderId = basename(parse_url($lnk['href'], PHP_URL_PATH));
break;
}
}
}
if ($orderId) {
$ch = curl_init(api_base()."/v2/checkout/orders/".urlencode($orderId));
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
'Authorization: Bearer '.$access_token,
'Content-Type: application/json'
],
]);
$orderJson = curl_exec($ch);
$httpOrder = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($httpOrder === 200) {
$order = json_decode($orderJson, true);
if (isset($order['purchase_units'][0]['items']) && is_array($order['purchase_units'][0]['items'])) {
$items = $order['purchase_units'][0]['items'];
}
// If the order has invoice/custom (sometimes more reliable), prefer those:
if (!$invoice) { $invoice = $order['purchase_units'][0]['invoice_id'] ?? $invoice; }
if (!$custom) { $custom = $order['purchase_units'][0]['custom_id'] ?? $custom; }
} else {
log_line("ORDER_FETCH_FAIL id=$orderId http=$httpOrder");
}
}
}
$status = 'IGNORED';
// We persist on payment completed events
if (in_array($type, ['PAYMENT.CAPTURE.COMPLETED','PAYMENT.SALE.COMPLETED'], true)) {
$record = [
'event_type' => $type,
'status' => 'PAID',
'amount' => $amount,
'currency' => $currency,
'payer' => $payer,
'invoice' => $invoice,
'custom' => $custom,
'resource_id' => $res['id'] ?? null,
'items' => $items, // Persist line items for your return.php/UI
'ts' => date('c'),
];
$name = $invoice ?: 'NO-INVOICE';
@file_put_contents($config['data_dir']."/$name.json", json_encode($record, JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES));
$status = 'WROTE_FILE';
}
log_line("EVENT $type invoice=".($invoice ?: 'none')." items_count=".count($items)." status=$status");

0
_website/CONFIGURATION.md → modules/billing/_archived/CONFIGURATION.md
View file

0
_website/FEATURES.md → modules/billing/_archived/FEATURES.md
View file

0
_website/IMPLEMENTATION_SUMMARY.md → modules/billing/_archived/IMPLEMENTATION_SUMMARY.md
View file

0
_website/README_LOGIN.md → modules/billing/_archived/README_LOGIN.md
View file

0
_website/VISUAL_GUIDE.md → modules/billing/_archived/VISUAL_GUIDE.md
View file

16
modules/billing/_archived/removed-20251023-142000/ARCHIVE_README.txt Normal file
View file

@ -0,0 +1,16 @@
Archived files from _website on 2025-10-23 14:20:00
This folder contains a snapshot of removed documentation and test artifacts moved from the active `_website/` tree.
Files moved here (original paths):
- VISUAL_GUIDE.md
- README_LOGIN.md
- FEATURES.md
- IMPLEMENTATION_SUMMARY.md
- CONFIGURATION.md
- test_db_connection.php
- tools/simulate_webhook.php
- ai.php
- data/SIMULATED-WEBHOOK-20251022-101500.json
If you need to restore any of these, copy them back to the original paths.

3
modules/billing/_archived/removed-20251023-142000/MOVED_DOCS.md Normal file
View file

@ -0,0 +1,3 @@
The detailed game docs under `_website/docs/games/` were intentionally left in place (they are product-facing).
Top-level documentation (VISUAL_GUIDE.md, FEATURES.md, IMPLEMENTATION_SUMMARY.md, CONFIGURATION.md, README_LOGIN.md) were archived here and removed from the active site to reduce clutter.

75
modules/billing/_archived/removed-20251023-202500/MOVED_FILES.json Normal file
View file

@ -0,0 +1,75 @@
{
"moved_at": "2025-10-23T20:25:00Z",
"kept": {
"logs": "_website/logs/",
"docs": "_website/docs/"
},
"files": [
{
"original": "_website/ai.php",
"archived": "_website/_archived/removed-20251023-202500/ai.php",
"size_bytes": null,
"note": "archived sample and tools; size omitted"
},
{
"original": "_website/test_db_connection.php",
"archived": "_website/_archived/removed-20251023-202500/test_db_connection.php",
"size_bytes": null
},
{
"original": "_website/tools/simulate_webhook.php",
"archived": "_website/_archived/removed-20251023-202500/tools/simulate_webhook.php",
"size_bytes": null
},
{
"original": "_website/tools/check_db_user.php",
"archived": "_website/_archived/removed-20251023-202500/tools/check_db_user.php",
"size_bytes": null
},
{
"original": "_website/tools/check_invoices_redirect.php",
"archived": "_website/_archived/removed-20251023-202500/tools/check_invoices_redirect.php",
"size_bytes": null
},
{
"original": "_website/tools/debug_invoices_redirect.php",
"archived": "_website/_archived/removed-20251023-202500/tools/debug_invoices_redirect.php",
"size_bytes": null
},
{
"original": "_website/tools/check_logout_redirect.php",
"archived": "_website/_archived/removed-20251023-202500/tools/check_logout_redirect.php",
"size_bytes": null
},
{
"original": "_website/data/SIMULATED-WEBHOOK-20251022-101500.json",
"archived": "_website/_archived/removed-20251023-202500/data/SIMULATED-WEBHOOK-20251022-101500.json",
"size_bytes": null
},
{
"original": "_website/data/NO-INVOICE.json",
"archived": "_website/_archived/removed-20251023-202500/data/NO-INVOICE.json",
"size_bytes": null
},
{
"original": "_website/data/INV-20250825-174311-0a7993.json",
"archived": "_website/_archived/removed-20251023-202500/data/INV-20250825-174311-0a7993.json",
"size_bytes": null
},
{
"original": "_website/data/INV-20250825-170438-e37518.json",
"archived": "_website/_archived/removed-20251023-202500/data/INV-20250825-170438-e37518.json",
"size_bytes": null
},
{
"original": "_website/data/FREE-549-1761246925.json",
"archived": "_website/_archived/removed-20251023-202500/data/FREE-549-1761246925.json",
"size_bytes": null
},
{
"original": "_website/data/FREE-548-1761171178.json",
"archived": "_website/_archived/removed-20251023-202500/data/FREE-548-1761171178.json",
"size_bytes": null
}
]
}

325
modules/billing/_archived/removed-20251023-202500/ai.php Normal file
View file

@ -0,0 +1,325 @@
<?php
/***********************
* Assistant Chat (Full History) PHP + cURL
* - Persistent thread in session
* - Full history render with Question / Answer labels
* - SSL verification disabled (your hosting constraint)
* - Citations: filename + page (when available)
***********************/
// Debug (disable on production)
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
/* ------------------- CONFIG ------------------- */
$OPENAI_API_KEY = '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';
$ASSISTANT_ID = 'asst_RAhtGzcy6higJeMwomZSqVjM'; // <-- set to your existing assistant
$OPENAI_BASE_URL = 'https://api.openai.com/v1';
$OPENAI_BETA_HDR = 'assistants=v2'; // required for Assistants v2
$REQUEST_TIMEOUT = 30; // seconds for cURL calls
$RUN_POLL_DELAY = 500000; // microseconds between run polls (0.5s)
$RUN_POLL_MAX = 40; // max polls (~20s total); adjust as needed
/* ---------------------------------------------- */
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
if (!isset($_SESSION['thread_id'])) {
$_SESSION['thread_id'] = null;
}
/** HTML escape helper */
function h($v) { return htmlspecialchars((string)$v, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'); }
/** Low-level OpenAI request helper */
function openai_request($method, $endpoint, $payload = null, $query = []) {
global $OPENAI_API_KEY;
$url = "https://api.openai.com/v1" . $endpoint;
if (!empty($query)) $url .= '?' . http_build_query($query);
$headers = [
"Content-Type: application/json",
"Authorization: Bearer {$OPENAI_API_KEY}",
"OpenAI-Beta: assistants=v2"
];
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, strtoupper($method));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
// Host requires SSL verification disabled
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
if (!is_null($payload)) curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($payload));
$resp = curl_exec($ch);
if ($resp === false) {
$err = curl_error($ch);
curl_close($ch);
throw new RuntimeException("cURL error: {$err}");
}
$code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
$data = json_decode($resp, true);
if ($code >= 400) {
$msg = isset($data['error']['message']) ? $data['error']['message'] : 'Unknown API error';
throw new RuntimeException("OpenAI API error ({$code}): {$msg}");
}
return is_array($data) ? $data : [];
}
/** Create or reuse a per-visitor thread */
function ensure_thread_id() {
if (!empty($_SESSION['thread_id'])) return $_SESSION['thread_id'];
$created = openai_request('POST', '/threads', ['metadata' => ['site' => $_SERVER['HTTP_HOST'] ?? 'unknown']]);
$tid = $created['id'] ?? null;
if (!$tid) throw new RuntimeException('Failed to create thread.');
$_SESSION['thread_id'] = $tid;
return $tid;
}
/** Add a user message */
function add_user_message($thread_id, $text) {
openai_request('POST', "/threads/{$thread_id}/messages", [
'role' => 'user',
'content' => $text,
]);
}
/** Start a run */
function start_run($thread_id, $assistant_id) {
$run = openai_request('POST', "/threads/{$thread_id}/runs", [
'assistant_id' => $assistant_id,
]);
$run_id = $run['id'] ?? null;
if (!$run_id) throw new RuntimeException('Failed to start run.');
return $run_id;
}
/** Wait for completion (or fail/timeout) */
function wait_for_run($thread_id, $run_id, $max_tries, $delay_us) {
$terminal = ['completed', 'failed', 'requires_action', 'cancelled', 'expired'];
for ($i = 0; $i < $max_tries; $i++) {
usleep($delay_us);
$run = openai_request('GET', "/threads/{$thread_id}/runs/{$run_id}");
$status = $run['status'] ?? '';
if (in_array($status, $terminal, true)) return $run;
}
return ['status' => 'timeout'];
}
/** Cache of file_id => filename (per request) */
$_FILE_NAME_CACHE = [];
/** Resolve file name from file_id (API returns "filename" or sometimes "display_name") */
function get_file_name_by_id($file_id) {
global $_FILE_NAME_CACHE;
if (isset($_FILE_NAME_CACHE[$file_id])) return $_FILE_NAME_CACHE[$file_id];
$file = openai_request('GET', "/files/{$file_id}");
$name = $file['filename'] ?? ($file['display_name'] ?? ($file['name'] ?? $file_id));
$_FILE_NAME_CACHE[$file_id] = $name;
return $name;
}
/**
* Extract message text + citations (filename + page if available).
* Returns an array of entries: ['role' => 'user|assistant', 'text' => '...', 'refs' => [['filename'=>'','page'=>'','file_id'=>'']]]
*/
function normalize_messages($messages) {
$out = [];
if (empty($messages['data']) || !is_array($messages['data'])) return $out;
// The API returns newest first by default if not specifying; we request 'asc' in fetch.
foreach ($messages['data'] as $m) {
$role = $m['role'] ?? '';
if (!in_array($role, ['user', 'assistant', 'system'], true)) continue;
if (empty($m['content']) || !is_array($m['content'])) continue;
$all_text = [];
$refs = [];
foreach ($m['content'] as $part) {
if (($part['type'] ?? '') === 'text' && !empty($part['text']['value'])) {
$all_text[] = $part['text']['value'];
// Parse annotations for citations (file_citation)
$anns = $part['text']['annotations'] ?? [];
if (is_array($anns)) {
foreach ($anns as $ann) {
if (($ann['type'] ?? '') === 'file_citation' && !empty($ann['file_citation']['file_id'])) {
$fid = $ann['file_citation']['file_id'];
$page = null;
// Page can appear under different shapes depending on backend. Try common keys:
if (isset($ann['file_citation']['page'])) {
$page = $ann['file_citation']['page'];
} elseif (isset($ann['file_citation']['page_range']) && is_array($ann['file_citation']['page_range'])) {
// Example: ['start' => 5, 'end' => 6]
$start = $ann['file_citation']['page_range']['start'] ?? null;
$end = $ann['file_citation']['page_range']['end'] ?? null;
if ($start && $end && $start !== $end) $page = "{$start}-{$end}";
elseif ($start) $page = (string)$start;
}
// Fetch filename
try {
$filename = get_file_name_by_id($fid);
} catch (Throwable $e) {
$filename = $fid;
}
$refs[] = [
'file_id' => $fid,
'filename' => $filename,
'page' => $page ?? 'n/a',
];
}
}
}
}
}
if (!empty($all_text)) {
$out[] = [
'role' => $role,
'text' => implode("\n", $all_text),
'refs' => $refs,
];
}
}
return $out;
}
/** Fetch conversation (ascending) */
function fetch_history($thread_id) {
$messages = openai_request('GET', "/threads/{$thread_id}/messages", null, ['order' => 'asc', 'limit' => 50]);
return normalize_messages($messages);
}
/* ------------------- HANDLE POST ------------------- */
$error = null;
$history = [];
try {
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!empty($_POST['reset_thread'])) {
$_SESSION['thread_id'] = null;
} elseif (isset($_POST['user_input'])) {
$user_text = trim((string)$_POST['user_input']);
if ($user_text !== '') {
$thread_id = ensure_thread_id();
add_user_message($thread_id, $user_text);
$run_id = start_run($thread_id, $ASSISTANT_ID);
$run = wait_for_run($thread_id, $run_id, $POLL_MAX_TRIES, $RUN_POLL_DELAY);
if (($run['status'] ?? '') === 'failed') {
$error = 'Assistant run failed.';
} elseif (($run['status'] ?? '') === 'requires_action') {
// If you later support tool calls, handle them here then submit outputs.
} elseif (($run['status'] ?? '') === 'timeout') {
$error = 'Assistant timed out. Please try again.';
}
}
}
}
if (!empty($_SESSION['thread_id'])) {
$history = fetch_history($_SESSION['thread_id']);
}
} catch (Throwable $e) {
$error = $e->getMessage();
}
?>
<?php
// Include top and menu for website UI (session already started above)
include(__DIR__ . '/includes/top.php');
include(__DIR__ . '/includes/menu.php');
?>
<!-- UI -->
<div class="ai-container">
<h3>Site Assistant</h3>
<p>Type a question below. Press <b>Enter</b> to send, <b>Shift+Enter</b> for a new line.</p>
<?php if ($error): ?>
<div class="ai-alert" style="border:1px solid #c00;">
<strong>Error:</strong> <?php echo h($error); ?>
</div>
<?php endif; ?>
<?php if (!empty($_SESSION['thread_id'])): ?>
<div class="ai-msg-meta">Thread: <?php echo h($_SESSION['thread_id']); ?></div>
<?php endif; ?>
<form id="chat-form" method="post" style="margin:12px 0;">
<textarea id="chat-input" name="user_input" rows="3" class="ai-textarea" placeholder="Ask your question..."></textarea>
<div style="margin-top:8px; display:flex; gap:8px;">
<button type="submit">Send</button>
<button type="submit" name="reset_thread" value="1">Reset Conversation</button>
</div>
</form>
<?php if (!empty($history) && is_array($history)): ?>
<div style="margin-top:16px; padding:10px; border:1px solid #ccc; border-radius:8px;">
<?php foreach ($history as $msg):
// Label mapping: user => Question, assistant => Answer, system => (optional)
$role = $msg['role'] ?? 'assistant';
if ($role === 'user') $label = 'Question';
elseif ($role === 'assistant') $label = 'Answer';
else $label = ucfirst($role); // e.g., System
$text = str_replace("\r\n", "\n", $msg['text'] ?? '');
$refs = $msg['refs'] ?? [];
?>
<div style="margin-bottom:14px;">
<div style="font-weight:bold;"><?php echo h($label); ?></div>
<div style="white-space:pre-wrap;"><?php echo nl2br(h($text)); ?></div>
<?php if (!empty($refs)): ?>
<div style="margin-top:6px; font-size:12px;">
<em>References:</em>
<ul style="margin:6px 0 0 18px; padding:0;">
<?php foreach ($refs as $r):
$fname = $r['filename'] ?? 'file';
$page = $r['page'] ?? 'n/a';
// If you have your own document links, replace '#' with a real URL.
?>
<li>
<a href="#" title="file_id: <?php echo h($r['file_id']); ?>">
<?php echo h($fname); ?> — page <?php echo h($page); ?>
</a>
</li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
</div>
<?php endforeach; ?>
</div>
<?php else: ?>
<div style="margin-top:10px; color:#666;">No messages yet.</div>
<?php endif; ?>
<div style="margin-top:10px; font-size:12px; color:#555;">
Conversation persists until you click “Reset Conversation”.
</div>
</div>
<!-- Submit on Enter (Shift+Enter = newline) -->
<script>
(function(){
var form = document.getElementById('chat-form');
var input = document.getElementById('chat-input');
input.addEventListener('keydown', function(e){
if (e.key === 'Enter') {
if (!e.shiftKey) {
e.preventDefault();
form.submit();
}
// if Shift+Enter, allow newline
}
});
})();
</script>

12
modules/billing/_archived/removed-20251023-202500/data/FREE-548-1761171178.json Normal file
View file

@ -0,0 +1,12 @@
{
"event_type": "PAYMENT.CAPTURE.COMPLETED",
"status": "PAID",
"amount": 0,
"currency": "USD",
"payer": "iaretechnician@gmail.com",
"invoice": "FREE-548-1761171178",
"custom": "admin_free_create_order_548",
"resource_id": "FREE-439c594e1e65",
"items": [],
"ts": "2025-10-23T00:12:58+02:00"
}

12
modules/billing/_archived/removed-20251023-202500/data/FREE-549-1761246925.json Normal file
View file

@ -0,0 +1,12 @@
{
"event_type": "PAYMENT.CAPTURE.COMPLETED",
"status": "PAID",
"amount": 0,
"currency": "USD",
"payer": "iaretechnician@gmail.com",
"invoice": "FREE-549-1761246925",
"custom": "admin_free_create_order_549",
"resource_id": "FREE-439c594e1e65",
"items": [],
"ts": "2025-10-23T00:12:58+02:00"
}

11
modules/billing/_archived/removed-20251023-202500/data/INV-20250825-170438-e37518.json Normal file
View file

@ -0,0 +1,11 @@
{
"event_type": "PAYMENT.CAPTURE.COMPLETED",
"status": "PAID",
"amount": "19.99",
"currency": "USD",
"payer": null,
"invoice": "INV-20250825-170438-e37518",
"custom": "user_1234_order_5678",
"resource_id": "2V315801FX904340P",
"ts": "2025-08-25T17:05:27-04:00"
}

11
modules/billing/_archived/removed-20251023-202500/data/INV-20250825-174311-0a7993.json Normal file
View file

@ -0,0 +1,11 @@
{
"event_type": "PAYMENT.CAPTURE.COMPLETED",
"status": "PAID",
"amount": "19.99",
"currency": "USD",
"payer": null,
"invoice": "INV-20250825-174311-0a7993",
"custom": "user_1234_order_5678",
"resource_id": "2V315801FX904340P",
"ts": "2025-08-25T17:05:27-04:00"
}

10
modules/billing/_archived/removed-20251023-202500/data/NO-INVOICE.json Normal file
View file

@ -0,0 +1,10 @@
{
"event_type": "PAYMENT.SALE.COMPLETED",
"status": "PAID",
"amount": "0.48",
"currency": "USD",
"payer": null,
"invoice": null,
"custom": null,
"ts": "2025-08-25T16:46:11-04:00"
}

0
_website/data/SIMULATED-WEBHOOK-20251022-101500.json → modules/billing/_archived/removed-20251023-202500/data/SIMULATED-WEBHOOK-20251022-101500.json
View file

305
modules/billing/add_to_cart.php
View file

@ -1,142 +1,175 @@
<?php <?php
/* // _website/add_to_cart.php
* // Handle Add to Cart posts from order.php
* OGP - Open Game Panel require_once(__DIR__ . '/includes/config.inc.php');
* Copyright (C) 2008 - 2017 The OGP Development Team require_once(__DIR__ . '/includes/login_required.php');
* require_once(__DIR__ . '/includes/log.php');
* http://www.opengamepanel.org/
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*/
function exec_ogp_module() // Start session if not already
{ if (session_status() === PHP_SESSION_NONE) session_start();
global $db ,$view;
$settings = $db->getSettings();
//The service id should also be cast to an int. // Immediate request tracing log (helps confirm the script is hit)
$service_id = intval($_REQUEST['service_id']); @mkdir(__DIR__ . '/logs', 0775, true);
$trace_file = __DIR__ . '/logs/add_to_cart_requests.log';
file_put_contents($trace_file, date('c') . " - REQUEST_METHOD=" . ($_SERVER['REQUEST_METHOD'] ?? '') . " URI=" . ($_SERVER['REQUEST_URI'] ?? '') . "\n", FILE_APPEND);
// Query for Selected service info. // Prefer website session id if set (login.php sets website_user_id in debug mode)
$qry_service = "SELECT DISTINCT service_id, home_cfg_id, mod_cfg_id, service_name, remote_server_id, slot_max_qty, slot_min_qty, price_daily, price_monthly, price_year, description, img_url FROM OGP_DB_PREFIXbilling_services WHERE service_id=".$db->realEscapeSingle($service_id); $user_id = 0;
$result_service = $db->resultQuery($qry_service); if (isset($_SESSION['website_user_id']) && !empty($_SESSION['website_user_id'])) {
$row_service = $result_service[0]; $user_id = intval($_SESSION['website_user_id']);
//Compiling info about invoice to create an invoice order. } elseif (isset($_SESSION['user_id']) && !empty($_SESSION['user_id'])) {
$user_id = intval($_SESSION['user_id']);
/*
Check if it's numeric before used in the WHERE clause... otherwise an SQL error is possible currently.
If it's not an int (or if it's 0 after casting and or not vaild service) redirect to the shop page.
*/
if ($service_id <= 0 || $result_service === false){
$view->refresh("home.php?m=billing&p=shop");
return;
}
// remote server value
//is now held in the the IP_ID value
//$remote_server_id = $row_service['remote_server_id'];
$remote_server_id = $_POST['ip_id'];
// request ogp user to create a home path.
$r_server = $db->getRemoteServer($remote_server_id);
$ogp_user = $r_server['ogp_user'];
// request the user name and the game name to generate a game home name.
$home_name = $_POST['home_name'];
//Calculating Price
if ($_POST['invoice_duration'] == "day")
{
$price_slot=$row_service['price_daily'];
}
elseif ($_POST['invoice_duration'] == "month")
{
$price_slot=$row_service['price_monthly'];
}
elseif ($_POST['invoice_duration'] == "year")
{
$price_slot=$row_service['price_year']*12;
}
else
{
$price_slot=$row_service['price_monthly'];
}
//Game Server Values
$ip_id = $_POST['ip_id'];
$ip = $db->getIpById($ip_id);
$max_players = $_POST['max_players'];
$qty = $_POST['qty'];
$invoice_duration = $_POST['invoice_duration'];
$user_id = $_SESSION['user_id'];
$remote_control_password = $_POST['remote_control_password'];
$ftp_password = $_POST['ftp_password'];
$tax_amount = $settings['tax_amount'];
$currency = $settings['currency'];
/*
Cast $_REQUEST['service_id'] to an int and then check if its value is higher than 0 before using it in the WHERE clause.
Checking if it's higher than 0 because if it's a non-numeric value, after casting it to an int it'll be 0.
*/
if($service_id !== 0) $where_service_id = " WHERE service_id=".$db->realEscapeSingle($service_id); else $where_service_id = "";
$qry_services = "SELECT * FROM OGP_DB_PREFIXbilling_services".$where_service_id;
$services = $db->resultQuery($qry_services);
foreach ($services as $key => $row) {
if($max_players < $row['slot_min_qty'] || $qty < 1){
$max_players = $row['slot_min_qty'];
$qty = 1;
}
/*
An extra check added for the inverse: check max_players against slot_max_qty.
It would be good to do in the event someone is only selling a max of 16 slots per server.
*/
elseif ($max_players > $row['slot_max_qty'])
{
$max_players = $row['slot_max_qty'];
}
}
if( isset( $_POST["add_to_cart"] ) )
{
if( isset( $_SESSION['CART'] ) )
{
$i = count( $_SESSION['CART'] );
$i++;
}
else
{
$i = 0;
}
$_SESSION['CART'][$i] = array( "cart_id" => $i,
"service_id" => $service_id,
"home_name" => $home_name,
"ip" => $ip_id,
"max_players" => $max_players,
"qty" => $qty,
"invoice_duration" => $invoice_duration,
"price" => $price_slot,
"remote_control_password" => $remote_control_password,
"ftp_password" => $ftp_password,
"tax_amount" => $tax_amount,
"currency" => $currency,
"paid" => 0);
echo '<meta http-equiv="refresh" content="0;url=?m=billing&amp;p=cart">';
}
} }
// If we don't have a numeric user_id but have a username, try to resolve it from the panel DB
if ($user_id <= 0 && isset($_SESSION['website_username']) && !empty($_SESSION['website_username'])) {
$uname = trim((string)$_SESSION['website_username']);
// attempt to lookup in DB (if connection available later we will set session after connecting)
// We'll set a temporary flag to resolve after DB connection is established below
$resolve_username_for_user_id = $uname;
} else {
$resolve_username_for_user_id = null;
}
/*
if ($user_id <= 0) {
// Not logged in - redirect to login with return
$return = urlencode('/' . trim(str_replace('\\', '/', $_SERVER['REQUEST_URI']), '/'));
header('Location: ' . (isset($SITE_BASE_URL) ? $SITE_BASE_URL : '') . '/_website/login.php?return_to=' . $return);
exit;
}*/
// Basic validation and normalization
$service_id = isset($_POST['service_id']) ? intval($_POST['service_id']) : 0;
$home_name = isset($_POST['home_name']) ? trim($_POST['home_name']) : '';
$ip_id = isset($_POST['ip_id']) ? intval($_POST['ip_id']) : 0;
$max_players = isset($_POST['max_players']) ? intval($_POST['max_players']) : 0;
$qty = isset($_POST['qty']) ? intval($_POST['qty']) : 1;
$invoice_duration = isset($_POST['invoice_duration']) ? $_POST['invoice_duration'] : 'month';
$remote_control_password = isset($_POST['remote_control_password']) ? $_POST['remote_control_password'] : '';
$ftp_password = isset($_POST['ftp_password']) ? $_POST['ftp_password'] : '';
// Price lookup: try to find service price_monthly
$db = mysqli_connect($db_host, $db_user, $db_pass, $db_name);
if (!$db) {
// Log connection error and exit
@mkdir(__DIR__ . '/logs', 0775, true);
$trace = __DIR__ . '/logs/add_to_cart.log';
file_put_contents($trace, date('c') . " - mysqli_connect failed: " . mysqli_connect_error() . "\n", FILE_APPEND);
die('DB connection failed');
} else {
// Log that config was loaded (mask password)
@mkdir(__DIR__ . '/logs', 0775, true);
$trace = __DIR__ . '/logs/add_to_cart.log';
$masked_pass = strlen($db_pass) ? '***' : '';
file_put_contents($trace, date('c') . " - DB connected host={$db_host} user={$db_user} pass={$masked_pass} db={$db_name}\n", FILE_APPEND);
}
// If we deferred resolving username to user_id, do it now with the DB connection
if (!empty($resolve_username_for_user_id) && $db) {
$safe_uname = mysqli_real_escape_string($db, $resolve_username_for_user_id);
// users_login is the correct column name in this schema
$q = mysqli_query($db, "SELECT user_id FROM ogp_users WHERE users_login = '$safe_uname' LIMIT 1");
if ($q && mysqli_num_rows($q) === 1) {
$r = mysqli_fetch_assoc($q);
$user_id = intval($r['user_id'] ?? 0);
// persist into session for subsequent requests
if ($user_id > 0) {
$_SESSION['website_user_id'] = $user_id;
site_log_info('resolved_user_id_from_username', ['username'=>$resolve_username_for_user_id,'user_id'=>$user_id]);
// Also resolve and persist the user's role so menus and admin checks are consistent
$role_q = mysqli_query($db, "SELECT users_role FROM ogp_users WHERE user_id = " . intval($user_id) . " LIMIT 1");
if ($role_q && mysqli_num_rows($role_q) === 1) {
$role_row = mysqli_fetch_assoc($role_q);
$_SESSION['website_user_role'] = $role_row['users_role'] ?? '';
}
}
} else {
site_log_warn('resolve_user_failed', ['username'=>$resolve_username_for_user_id]);
}
}
$price = 0.0;
if ($service_id > 0) {
$stmt = $db->prepare('SELECT price_monthly, slot_min_qty, slot_max_qty FROM ogp_billing_services WHERE service_id = ? LIMIT 1');
if ($stmt) {
$stmt->bind_param('i', $service_id);
$stmt->execute();
$stmt->bind_result($price_monthly, $slot_min_qty, $slot_max_qty);
if ($stmt->fetch()) {
$price = floatval($price_monthly);
// constrain slots
if ($max_players < $slot_min_qty) $max_players = $slot_min_qty;
if ($max_players > $slot_max_qty) $max_players = $slot_max_qty;
}
$stmt->close();
}
}
// Insert into ogp_billing_orders
$now = date('Y-m-d H:i:s');
$status = 'in-cart';
// Normal flow: process POST immediately. If debug=1 is passed, we'll still log SQL and show results in logs.
$debug = (isset($_GET['debug']) && $_GET['debug'] == '1') || (isset($_POST['debug']) && $_POST['debug'] == '1');
// Build and execute a simple INSERT using mysqli_query for debugging clarity
@mkdir(__DIR__ . '/logs', 0775, true);
$logfile = __DIR__ . '/logs/add_to_cart.log';
site_log_info('add_to_cart_invoked', ['user_id'=>$user_id, 'service_id'=>$service_id]);
// Escape values
$esc_user_id = intval($user_id);
$esc_service_id = intval($service_id);
$esc_home_name = mysqli_real_escape_string($db, $home_name);
$esc_ip_id = intval($ip_id);
$esc_max_players = intval($max_players);
$esc_qty = intval($qty);
$esc_invoice_duration = mysqli_real_escape_string($db, $invoice_duration);
$esc_price = number_format((float)$price, 2, '.', '');
$esc_remote_control_password = mysqli_real_escape_string($db, $remote_control_password);
$esc_ftp_password = mysqli_real_escape_string($db, $ftp_password);
$esc_status = mysqli_real_escape_string($db, $status);
$sql = "INSERT INTO ogp_billing_orders (user_id, service_id, home_name, ip, max_players, qty, invoice_duration, price, remote_control_password, ftp_password, status) VALUES ({$esc_user_id}, {$esc_service_id}, '{$esc_home_name}', {$esc_ip_id}, {$esc_max_players}, {$esc_qty}, '{$esc_invoice_duration}', {$esc_price}, '{$esc_remote_control_password}', '{$esc_ftp_password}', '{$esc_status}')";
// Compute finish_date = now + 3 days
$finish_dt = new DateTime('now');
$finish_dt->modify('+3 days');
$finish_date = $finish_dt->format('Y-m-d H:i:s');
// Check if the ogp_billing_orders table has a finish_date column; if so include it in the INSERT
$has_finish = false;
$col_check_q = mysqli_query($db, "SHOW COLUMNS FROM ogp_billing_orders LIKE 'finish_date'");
if ($col_check_q && mysqli_num_rows($col_check_q) > 0) {
$has_finish = true;
}
if ($has_finish) {
$esc_finish_date = mysqli_real_escape_string($db, $finish_date);
$sql = "INSERT INTO ogp_billing_orders (user_id, service_id, home_name, ip, max_players, qty, invoice_duration, price, remote_control_password, ftp_password, status, finish_date) VALUES ({$esc_user_id}, {$esc_service_id}, '{$esc_home_name}', {$esc_ip_id}, {$esc_max_players}, {$esc_qty}, '{$esc_invoice_duration}', {$esc_price}, '{$esc_remote_control_password}', '{$esc_ftp_password}', '{$esc_status}', '{$esc_finish_date}')";
file_put_contents($logfile, date('c') . " - finish_date included: {$esc_finish_date}\n", FILE_APPEND);
} else {
file_put_contents($logfile, date('c') . " - finish_date column not present, skipping finish_date. computed_finish_date={$finish_date}\n", FILE_APPEND);
}
site_log_info('add_to_cart_sql', ['sql'=>$sql]);
$res = mysqli_query($db, $sql);
if (!$res) {
$err_no = mysqli_errno($db);
$err = mysqli_error($db);
site_log_error('mysqli_query_failed', ['errno'=>$err_no, 'error'=>$err, 'sql'=>$sql]);
// Log table existence check
$tbl_check = mysqli_query($db, "SHOW TABLES LIKE 'ogp_billing_orders'");
$tbl_exists = ($tbl_check && mysqli_num_rows($tbl_check) > 0) ? 'yes' : 'no';
site_log_warn('ogp_billing_orders_exists', ['exists'=>$tbl_exists]);
} else {
$insert_id = mysqli_insert_id($db);
$affected = mysqli_affected_rows($db);
site_log_info('add_to_cart_insert', ['insert_id'=>$insert_id, 'affected_rows'=>$affected]);
}
// Redirect to cart page
header('Location: cart.php');
exit;
?> ?>

4
_website/admin.php → modules/billing/admin.php
View file

@ -36,7 +36,7 @@ function h($s){ return htmlspecialchars((string)$s, ENT_QUOTES, 'UTF-8'); }
</ul> </ul>
<h3>Sandbox account (testing)</h3> <h3>Sandbox account (testing)</h3>
<p>Use PayPal sandbox credentials when testing payments. Set your sandbox <code>client_id</code> and <code>client_secret</code> in the runtime config that the payment handlers use (for this site those are in the respective files under <code>_website/paypal/</code> and <code>_website/payments/</code> or in a central config if you moved credentials).</p> <p>Use PayPal sandbox credentials when testing payments. Set your sandbox <code>client_id</code> and <code>client_secret</code> in the runtime config that the payment handlers use (for this site those are in the respective files under <code>_website/api/</code> or in a central config if you moved credentials).</p>
<ul> <ul>
<li>Create a sandbox business account at <a href="https://developer.paypal.com">PayPal Developer</a> and obtain a sandbox client ID/secret.</li> <li>Create a sandbox business account at <a href="https://developer.paypal.com">PayPal Developer</a> and obtain a sandbox client ID/secret.</li>
<li>Update the payment handler config and restart the webserver if required.</li> <li>Update the payment handler config and restart the webserver if required.</li>
@ -48,7 +48,7 @@ function h($s){ return htmlspecialchars((string)$s, ENT_QUOTES, 'UTF-8'); }
<ol> <ol>
<li>User adds an item and proceeds to checkout (<code>_website/cart.php</code>).</li> <li>User adds an item and proceeds to checkout (<code>_website/cart.php</code>).</li>
<li>The checkout page renders the PayPal JS SDK and calls server-side endpoints (create_order/capture_order).</li> <li>The checkout page renders the PayPal JS SDK and calls server-side endpoints (create_order/capture_order).</li>
<li>After a successful capture, PayPal sends a webhook event to <code>_website/webhook.php</code> (or the equivalent handler under <code>_website/paypal/</code>).</li> <li>After a successful capture, PayPal sends a webhook event to <code>_website/webhook.php</code> (or the equivalent handler under <code>_website/api/</code>).</li>
<li>The webhook verifies the signature, fetches any missing order details, and writes a JSON record to the <code>data/</code> directory (this powers <code>invoices.php</code> and <code>return.php</code>).</li> <li>The webhook verifies the signature, fetches any missing order details, and writes a JSON record to the <code>data/</code> directory (this powers <code>invoices.php</code> and <code>return.php</code>).</li>
<li>On successful payment we mark the order as PAID in the JSON and the site UI (invoices/returns) reads those JSONs to render receipts.</li> <li>On successful payment we mark the order as PAID in the JSON and the site UI (invoices/returns) reads those JSONs to render receipts.</li>
<li>Admin pages can view invoices at <code>./invoices.php</code> and reconcile or trigger further provisioning via internal panel APIs.</li> <li>Admin pages can view invoices at <code>./invoices.php</code> and reconcile or trigger further provisioning via internal panel APIs.</li>

0
_website/admin_config.php → modules/billing/admin_config.php
View file

0
_website/admin_payments.php → modules/billing/admin_payments.php
View file

0
_website/adminserverlist.php → modules/billing/adminserverlist.php
View file

0
_website/ai.php → modules/billing/ai.php
View file

0
_website/api/capture_order.php → modules/billing/api/capture_order.php
View file

0
_website/api/create_order.php → modules/billing/api/create_order.php
View file

142
modules/billing/bak/add_to_cart.php
View file

@ -1,142 +0,0 @@
<?php
/*
*
* OGP - Open Game Panel
* Copyright (C) 2008 - 2017 The OGP Development Team
*
* http://www.opengamepanel.org/
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*/
function exec_ogp_module()
{
global $db ,$view;
$settings = $db->getSettings();
//The service id should also be cast to an int.
$service_id = intval($_REQUEST['service_id']);
// Query for Selected service info.
$qry_service = "SELECT DISTINCT service_id, home_cfg_id, mod_cfg_id, service_name, remote_server_id, slot_max_qty, slot_min_qty, price_daily, price_monthly, price_year, description, img_url FROM OGP_DB_PREFIXbilling_services WHERE service_id=".$db->realEscapeSingle($service_id);
$result_service = $db->resultQuery($qry_service);
$row_service = $result_service[0];
//Compiling info about invoice to create an invoice order.
/*
Check if it's numeric before used in the WHERE clause... otherwise an SQL error is possible currently.
If it's not an int (or if it's 0 after casting and or not vaild service) redirect to the shop page.
*/
if ($service_id <= 0 || $result_service === false){
$view->refresh("home.php?m=billing&p=shop");
return;
}
// remote server value
//is now held in the the IP_ID value
//$remote_server_id = $row_service['remote_server_id'];
$remote_server_id = $_POST['ip_id'];
// request ogp user to create a home path.
$r_server = $db->getRemoteServer($remote_server_id);
$ogp_user = $r_server['ogp_user'];
// request the user name and the game name to generate a game home name.
$home_name = $_POST['home_name'];
//Calculating Price
if ($_POST['invoice_duration'] == "day")
{
$price_slot=$row_service['price_daily'];
}
elseif ($_POST['invoice_duration'] == "month")
{
$price_slot=$row_service['price_monthly'];
}
elseif ($_POST['invoice_duration'] == "year")
{
$price_slot=$row_service['price_year']*12;
}
else
{
$price_slot=$row_service['price_monthly'];
}
//Game Server Values
$ip_id = $_POST['ip_id'];
$ip = $db->getIpById($ip_id);
$max_players = $_POST['max_players'];
$qty = $_POST['qty'];
$invoice_duration = $_POST['invoice_duration'];
$user_id = $_SESSION['user_id'];
$remote_control_password = $_POST['remote_control_password'];
$ftp_password = $_POST['ftp_password'];
$tax_amount = $settings['tax_amount'];
$currency = $settings['currency'];
/*
Cast $_REQUEST['service_id'] to an int and then check if its value is higher than 0 before using it in the WHERE clause.
Checking if it's higher than 0 because if it's a non-numeric value, after casting it to an int it'll be 0.
*/
if($service_id !== 0) $where_service_id = " WHERE service_id=".$db->realEscapeSingle($service_id); else $where_service_id = "";
$qry_services = "SELECT * FROM OGP_DB_PREFIXbilling_services".$where_service_id;
$services = $db->resultQuery($qry_services);
foreach ($services as $key => $row) {
if($max_players < $row['slot_min_qty'] || $qty < 1){
$max_players = $row['slot_min_qty'];
$qty = 1;
}
/*
An extra check added for the inverse: check max_players against slot_max_qty.
It would be good to do in the event someone is only selling a max of 16 slots per server.
*/
elseif ($max_players > $row['slot_max_qty'])
{
$max_players = $row['slot_max_qty'];
}
}
if( isset( $_POST["add_to_cart"] ) )
{
if( isset( $_SESSION['CART'] ) )
{
$i = count( $_SESSION['CART'] );
$i++;
}
else
{
$i = 0;
}
$_SESSION['CART'][$i] = array( "cart_id" => $i,
"service_id" => $service_id,
"home_name" => $home_name,
"ip" => $ip_id,
"max_players" => $max_players,
"qty" => $qty,
"invoice_duration" => $invoice_duration,
"price" => $price_slot,
"remote_control_password" => $remote_control_password,
"ftp_password" => $ftp_password,
"tax_amount" => $tax_amount,
"currency" => $currency,
"paid" => 0);
echo '<meta http-equiv="refresh" content="0;url=?m=billing&amp;p=cart">';
}
}
?>

177
modules/billing/bak/bill.php
View file

@ -1,177 +0,0 @@
<?php
function exec_ogp_module()
{
//Include database connection details
require('includes/config.inc.php');
global $db,$view,$settings;
if(isset($_GET['type']) && $_GET['type'] == 'cleared')
{
echo '<body onload="window.print()" >';
$view->setCharset(get_lang('lang_charset'));
}
$user_id = $_SESSION['user_id'];
$cart_id = $_POST['cart_id'];
$cart_id = $db->realEscapeSingle($cart_id);
$isAdmin = $db->isAdmin( $_SESSION['user_id'] );
if ( $isAdmin )
$orders = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart_id) );
else
$orders = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart_id)." AND user_id=".$db->realEscapeSingle($user_id) );
$cart = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_carts WHERE cart_id=".$db->realEscapeSingle($cart_id) );
$tempdate = date_create( $cart[0]['date']);
$paid_date = date_format($tempdate,"d M Y H:m");
if( !empty($orders) )
{
?>
<br><br>
<table width="772" height="438" border="0" style="color:#000000" bgcolor="#FFFFFF">
<tr bgcolor="#000000">
<td colspan="7" align="center" style="color:white">
<p style="font-size:18pt"><b><?php print_lang("invoice");?></b></p>
</td>
</tr>
<tr>
<td align="left" >Paid: <?php echo $paid_date; ?></td>
</tr>
<tr>
<td width="150" height="21" align="left"><b><?php echo "<b>Black Market Servers</b><br/>
3400 Laurel Rd<br/>
Brunswick, OH 44212 "; ?></td>
<td colspan="4" rowspan="3">&nbsp;</td>
<td align="center" colspan="2" rowspan="3" ><img src="images/logo.png"><br>Thank you for your preference</td>
</tr>
<tr>
<td width="150" height="21" align="left">Email: <?php echo "<b>".$settings['panel_email_address']."</b>"; ?></td>
</tr>
<tr>
<td height="23" colspan="7">&nbsp;</td>
</tr>
<tr>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong><?php print_lang("order");?></strong></div></td>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong>Server ID</strong></div></td>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong><?php print_lang("item");?></strong></div></td>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong><?php print_lang("invoice_duration");?></strong></div></td>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong><?php print_lang("slot_cost");?></strong></div></td>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong><?php print_lang("slot_quantity");?></strong></div></td>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong><?php print_lang("order_price");?></strong></div></td>
<hr/></tr>
<?php
$subtotal = 0;
foreach($orders as $order)
{
$order_id = $order['order_id'];
$user_id = $order['user_id'];
$service_id = $order['service_id'];
$home_name = $order['home_name']." - ".$order_id;
$ip = $order['ip'];
$max_players = $order['max_players'];
$qty = $order['qty'];
$invoice_duration = $order['invoice_duration'];
$price = $order['price'];
$subtotal= $price * $max_players * $qty;
$subtotal2 += $order['price'] * $max_players * $qty;
$qry_service = "SELECT DISTINCT price_daily, price_monthly, price_year FROM ".$table_prefix."billing_services WHERE service_id=".$db->realEscapeSingle($service_id);
$result_service = $db->resultQuery($qry_service);
$row_service = $result_service[0];
//Calculating Costs
if ($invoice_duration == "day")
{
$price_slot=$row_service['price_daily'];
}
elseif ($invoice_duration == "month")
{
$price_slot=$row_service['price_monthly'];
}
elseif ($invoice_duration == "year")
{
$price_slot=$row_service['price_year']*12;
}
$duration = $invoice_duration > 1 ? $invoice_duration."s":$invoice_duration;
?>
<tr>
<td align="center" height="23"><?php echo $order_id; ?></td>
<td align="center" height="23"><?php echo $order['home_id']; ?></td>
<td align="center" height="23"><?php echo $order['home_name']; ?></td>
<td align="center"><?php echo $qty." ".get_lang($duration); ?></td>
<td align="center"><?php echo "$" . number_format(floatval(round(($price_slot),2 )),2)." ".$settings['currency']."/".get_lang($invoice_duration); ?></td>
<td align="center"><?php echo $max_players; ?></td>
<td align="center"><?php echo "$" . number_format(floatval(round(($subtotal),2 )),2)." ".$settings['currency']; ?></td>
</tr><?php
}
$coupon_savings = 0;
if($cart[0]['coupon_id']>0) {
$result = $db->resultquery("SELECT discount from OGP_DB_PREFIXbilling_coupons WHERE id = '". $cart[0]['coupon_id'] . "'");
foreach($result as $coupon){
$coupon_savings = $subtotal2 * ($coupon['discount'] / 100);
}
}
//$subtotal2 += $order['price'] * $max_players * $qty;
//$total = $subtotal2+($cart[0]['tax_amount']/100*$subtotal2);
$total = ($subtotal2 - $coupon_savings) * ($cart[0]['tax_amount'] / 100 + 1);
?>
<tr>
<td height="24" colspan="5">&nbsp;</td>
</tr>
<tr>
<td colspan="3" rowspan="5">&nbsp;</td>
<td height="23" style="border: 2px solid #000000"><div align="right"><strong><?php print_lang("subtotal");?> : </strong></div></td>
<td style="border: 2px solid #000000"><?php echo "$" . number_format(floatval(round(($subtotal2),2 )),2) . " ".$settings['currency']; ?></td>
</tr>
<?php
if($cart[0]['coupon_id']>0) {
echo '
<tr>
<td height="23" style="border: 2px solid #000000"><div align="right"><strong>Discount : </strong></div></td>
<td style="border: 2px solid #000000">'. "$" . number_format(floatval(round((($subtotal2-$coupon_savings)-$subtotal2),2 )),2) . " ".$settings['currency'] .'</td>
</tr>';
}
?>
<tr>
<td height="23" style="border: 2px solid #000000"><div align="right"><strong><?php print_lang("tax");?> : </strong></div></td>
<td style="border: 2px solid #000000"><?php echo $cart[0]['tax_amount']."%"; ?></td>
</tr>
<tr>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="right"><strong><?php print_lang("total");?> : </strong></div></td>
<td style="border: 2px solid #000000" bgcolor="#222222"><?php echo "$" . number_format(floatval(round(($total),2 )),2) ." ".$settings['currency']; ?></td>
</tr>
<tr>
<td height="23" style="border: 2px solid #000000"><div align="right"><strong></strong></div></td>
<td style="border: 2px solid #000000"></td>
</tr>
</table>
<br><br>
<form method='post' action='?m=billing&p=bill&type=cleared' >
<input type="hidden" name="cart_id" value="<?php echo $_POST['cart_id'];?>">
<input type="submit" value="<?php print_lang('print_invoice') ?>" />
</form>
<form method='post' action='?m=billing&p=<?php
$isAdmin = $db->isAdmin($_SESSION['user_id']);
if ($isAdmin)
{
echo 'orders';
}
else
{
echo 'cart';
}
echo "'><input type='submit' value='";
print_lang('back');
?>'/>
</form>
<br><br><?php
}
}
?>

41
modules/billing/bak/bounce.php
View file

@ -1,41 +0,0 @@
<?php
$url = "https://";
// Append the host(domain name, ip) to the URL.
$url.= $_SERVER['HTTP_HOST'];
// foreach($_POST as $key => $val) {
// echo 'Field name : ' . $key . ' Value :' .$val .'<br>';
// }
if (($_POST['payment_status']=="Completed")){
echo "<title>Success</title><h4>Thank you for your order. <br> ... </h4><br>";
echo "Processing your payment Information ..";
$bounce_to = $url."/home.php?m=billing&p=paid";
} else {
echo "<title>Uh OH</title><h4>There was a problem, Please contact Support<br> ... </h4><br>";
$bounce_to = $url."/home.php?m=billing&p=paid";
//we can setup a "failed page" to redirect to. My sandbox payments are not marked completed for some reason
}
?>
<form name='paid' action='<?php echo $bounce_to?>' method='post'>
<input type='hidden' name='cart_id' value='<?php echo $_POST["item_number"]?>'>
<input type='hidden' name='payment_status' value='<?php echo $_POST["payment_status"] ?>'>
</form>
<script>
var auto_refresh = setInterval(
function()
{
submitform();
}, 2000);
function submitform()
{
document.paid.submit();
}
</script>

658
modules/billing/bak/cart.php
View file

@ -1,658 +0,0 @@
<?php
function saveOrderToDb($user_id,$service_id,$home_name,$ip,$max_players,$qty,$invoice_duration,$price,$remote_control_password,$ftp_password,$cart_id,$home_id = "0",$status,$finish_date,$extended = "0"){
global $db;
if(isset($_SESSION['coupon_id'])){
$coupon_id = $_SESSION['coupon_id'];
} else {
$coupon_id = 0;
}
$fields['user_id'] = $user_id;
$fields['service_id'] = $service_id;
$fields['home_name'] = $home_name;
$fields['ip'] = $ip;
$fields['max_players'] = $max_players;
$fields['qty'] = $qty;
$fields['invoice_duration'] = $invoice_duration;
$fields['price'] = $price;
$fields['remote_control_password'] = $remote_control_password;
$fields['ftp_password'] = $ftp_password;
$fields['cart_id'] = $cart_id;
$fields['home_id'] = $home_id;
$fields['status'] = $status;
$fields['finish_date'] = $finish_date;
$fields['extended'] = $extended;
$fields['coupon_id'] = $coupon_id;
return $db->resultInsertId( 'billing_orders', $fields );
}
function assignOrdersToCart($user_id,$tax_amount,$currency,$coupon_id){
global $db;
$fields['user_id'] = $user_id;
$fields['paid'] = '0';
$fields['tax_amount'] = $tax_amount;
$fields['currency'] = $currency;
//discount coupon
if (!isset($coupon_id)) $coupon_id = "0";
$fields['coupon_id'] = $coupon_id;
$check_expired = $db->resultquery("SELECT id from OGP_DB_PREFIXbilling_coupons WHERE id = $fields[coupon_id] AND count > 0 AND expires >= NOW()");
if ($check_expired <= 0) $fields['coupon_id'] = 0;
return $db->resultInsertId( 'billing_carts', $fields );
}
function exec_ogp_module()
{
error_reporting(E_ALL);
global $db,$view,$settings;
$discounted_price = 0;
$user_id = $_SESSION['user_id'];
if( isset($_POST["update_cart"] )) {
//print_r($_POST);
$db->query( "UPDATE OGP_DB_PREFIXbilling_orders SET max_players= ".$_POST['slots']." WHERE order_id=".$db->realEscapeSingle($_POST['order_id']));
$db->query( "UPDATE OGP_DB_PREFIXbilling_orders SET qty= ".$_POST['qty']." WHERE order_id=".$db->realEscapeSingle($_POST['order_id']));
$db->query( "UPDATE OGP_DB_PREFIXbilling_orders SET invoice_duration = 'month' WHERE order_id=".$db->realEscapeSingle($_POST['order_id']));
$db->query( "UPDATE OGP_DB_PREFIXgame_mods SET max_players= ".$_POST['slots']." WHERE home_id=".$db->realEscapeSingle($_POST['homeid']));
}
//discount coupon
if( isset($_POST["coupon_code"] ) && $_POST["coupon_code"] != "") {
$coupon_id = 0;
$coupon_code = "";
$result = $db->resultquery("SELECT * from OGP_DB_PREFIXbilling_coupons WHERE code= '". $_POST['coupon_code'] . "'");
$coupon_name = "<b style='color:red'>NON-EXISTING COUPON</b>";
$coupon_discount = 0;
foreach($result as $couponDB){
$_SESSION['coupon_id'] = $couponDB['id'];
$coupon_id = $couponDB['id'];
$coupon_code = $couponDB['code'];
$coupon_discount = $couponDB['discount'];
$coupon_name = $couponDB['name'];
$coupon_recurring = $couponDB['recurring'];
$coupon_expires = $couponDB['expires'];
$coupon_count = $couponDB['count'];
$today = date("Y-m-d H:i:s", time());
if($coupon_expires < $today || $coupon_count == 0){
$coupon_id = 0;
$coupon_discount = 0;
$coupon_name = "<b style='color:red'>EXPIRED COUPON</b>";
}
if ($coupon_count > 0) {
$coupon_count--;
$db->resultquery("UPDATE ogp_billing_coupons SET count = $coupon_count WHERE code = '$_POST[coupon_code]'");
}
}
}
if( isset( $_POST["buy"] ) or isset( $_POST["pay_paypal"] ) )
{
if( isset( $_SESSION['CART'] ) )
{
$orders = $_SESSION['CART'];
if(isset($_SESSION['coupon_id'])){
$coupon_id = $_SESSION['coupon_id'];
} else {
$coupon_id = 0;
}
// Fill The Cart on DB
$cart_id = assignOrdersToCart($user_id,$settings['tax_amount'],$settings['currency'],$coupon_id);
foreach($orders as $order)
{
$service_id = $order['service_id'];
$home_name = $order['home_name'];
$ip = $order['ip'];
$max_players = $order['max_players'];
//They pushed the "buy" button.
//So set the quantity and invoice_duration
if(isset($_POST["buy"]))
{
$invoice_duration = "month";
$qty = 1;
}
else{
$invoice_duration = $order['invoice_duration'];
$qty = $order['qty'];
}
$price = $order['price'];
$remote_control_password = $order['remote_control_password'];
$ftp_password = $order['ftp_password'];
//Save order to DB
saveOrderToDb($user_id,$service_id,$home_name,$ip,$max_players,$qty,$invoice_duration,$price,$remote_control_password,$ftp_password,$cart_id,0,0,0,0);
if( isset( $_POST["buy"] )) {
echo '<meta http-equiv="refresh" content="0;url=home.php?m=billing&p=create_servers&cart_id='.$cart_id.'" >';
}
}
// Remove Cart From Session
unset($_SESSION['CART']);
unset($_SESSION['coupon_id']);
}
else
{
$cart_id = $_POST['cart_id'];
}
if ( !empty( $cart_id ) and isset( $_POST["pay_paypal"] ) and $settings['paypal'] == "1" )
{
echo '<meta http-equiv="refresh" content="0;url=home.php?m=billing&p=paypal&cart_id='.$cart_id.'" >';
}
}
if( isset( $_POST["extend"] ) or isset( $_POST["extend_and_pay_paypal"] ))
{
$orders = $db->resultQuery("SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE order_id=".$db->realEscapeSingle($_POST['order_id']));
// *****************************************
//FIGURE OUT IF THIS IS ALREADY BEEN UPDATED
//RENEWAL IN DB SO
//WE DONT CREATE MULTIPLE INVOICES
// *****************************************
foreach($orders as $order)
{
$cart_id = $order['cart_id'];
if($order['status'] < 0)
{
$cart_id = assignOrdersToCart($user_id,$settings['tax_amount'],$settings['currency'],$_SESSION['coupon_id']);
$service_id = $order['service_id'];
$home_name = $order['home_name'];
$ip = $order['ip'];
$max_players = $order['max_players'];
$qty = $_POST['qty'];
$invoice_duration = $_POST['invoice_duration'];
$remote_control_password = $order['remote_control_password'];
$ftp_password = $order['ftp_password'];
$home_id = $order['home_id'];
$status = 0;
$finish_date = $order['finish_date'];
$services = $db->resultQuery( "SELECT *
FROM OGP_DB_PREFIXbilling_services
WHERE service_id=".$db->realEscapeSingle($service_id) );
$service = $services[0];
//Calculating Price
switch ($_POST['invoice_duration'])
{
case "day":
$price = $service['price_monthly']/30;
break;
case "month":
$price = $service['price_monthly'];
break;
case "year":
$price = $service['price_monthly']*12;
break;
}
//Save order to DB
//save the EXPIRED finish date into NEW finish date. Then check if FINISH DATE !=0 and move that + 1 month into status
$order_id = saveOrderToDb($user_id,$service_id,$home_name,$ip,$max_players,$qty,$invoice_duration,$price,$remote_control_password,$ftp_password,$cart_id,$home_id,$status,$finish_date,"1");
//Change the old order expiration to -3 so it can not be extended, since there is a new order managing the same game home.
$db->query( "UPDATE OGP_DB_PREFIXbilling_orders
SET status=-3
WHERE order_id=".$db->realEscapeSingle($_POST['order_id']));
}
}
if ( !empty( $cart_id ) and isset( $_POST["extend_and_pay_paypal"] ) and $settings['paypal'] == "1" )
{
echo '<meta http-equiv="refresh" content="0;url=home.php?m=billing&p=paypal&cart_id='.$cart_id.'" >';
}
}
if(isset($_POST['remove']))
{
$cart_id = $_POST['cart_id'];
if( isset( $_SESSION['CART'][$cart_id] ) )
{
unset($_SESSION['CART'][$cart_id]);
unset($_SESSION['coupon_id']);
}
$order_id = $_POST['order_id'];
$db->query( "DELETE FROM OGP_DB_PREFIXbilling_orders WHERE order_id=".$db->realEscapeSingle($order_id) );
$orders_in_cart = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart_id) );
if( !$orders_in_cart )
{
$db->query( "DELETE FROM OGP_DB_PREFIXbilling_carts WHERE cart_id=".$db->realEscapeSingle($cart_id) );
}
}
?>
<style>
h4 {
width:250px;
height:25px;
background:#f5f5f5;
border-top-style:solid;
border-top-color:#afafaf;
border-top-width:1px;
border-style: solid;
border-color: #CFCFCF;
border-width: 1px;
padding-top:8px;
text-align: center;
font-family:"Trebuchet MS";
}
</style>
<h2>Cart</h2>
<!--
SHOW ALL THE INVOICES FOR USER
<form method="post" action="?m=billing&p=orders">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<input type="submit" value="All Orders">
</form>
-->
<?php
if( isset($_SESSION['CART']) and !empty($_SESSION['CART']) )
{
$carts[0] = $_SESSION['CART'];
}
$user_carts = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_carts WHERE user_id=".$db->realEscapeSingle($user_id) ." order by cart_id desc" );
if( $user_carts >=1 )
{
// SELECT WHAT KIND OF OLD INVOICES TO DISPLAY. WE NEED A BUTTON?
foreach ( $user_carts as $user_cart )
{
$cart_id = $user_cart['cart_id'];
$carts[$cart_id] = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_carts AS cart JOIN
OGP_DB_PREFIXbilling_orders AS orders
ON orders.cart_id=cart.cart_id
WHERE orders.status IN (0, -1 , -2) AND (cart.cart_id=".$db->realEscapeSingle($cart_id). ") order by order_id asc");
}
}
if( empty( $carts ) )
{
print_failure( get_lang('there_are_no_orders_in_cart') );
?>
<a href="?m=billing&p=shop"><?php print_lang('back'); ?></a>
<?php
return;
}
foreach ( $carts as $orders )
{
if( !empty( $orders ) )
{
?>
<center>
<table style="width:95%;text-align:left;" class="center">
<tr>
<hr />
<th>
<?php print_lang("order_desc");?></th>
<th>
<?php print_lang("price");?>
</th>
<?php
if(isset($orders[0]['paid']) and $orders[0]['paid'] == 3)
{
?>
<th>
<?php print_lang('expiration_date');?>
</th>
<th>Status
</th>
<?php
}
?>
<th>
</th>
</tr>
<?php
$subtotal = 0;
$total_orders = count($orders);
$order_counter = 0;
foreach($orders as $order)
{
$order_counter++;
if ( $order['qty'] > 1 )
$order['invoice_duration'] = $order['invoice_duration']."s";
$subtotal += ($order['price']* $order['max_players'] * $order['qty']);
?>
<tr class="tr">
<td>
<?php
$rserver = $db->getRemoteServer($order['ip']);
echo "Order# ".$order['order_id'] . " <b>".$order['home_name']."</b> Server ID ".$order['home_id'] ;
?>
</td>
<td>
<?php
echo "$" . number_format( $order['price'], 2 ). " " .$order['currency'] . " per slot<br>"
. $order['max_players'] . " Slots<br>"
. $order['qty'] . " " . $order['invoice_duration'] ;
?>
</td>
<?php
if($order['paid'] == 0 and ($order['extended'] == 0))
{
?>
<td align="center">
<form method="post" action="">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<input type="hidden" name="order_id" value="<?php echo @$order['order_id'];?>">
<input type="submit" name="remove" value="<?php print_lang("remove_from_cart");?>">
</form>
<?php if ($total_orders == $order_counter) { ?>
<!--checkbox -->
<form method="post" action="" onsubmit="if(document.getElementById('agree').checked) { return true; } else { alert('You must Agree to the TOS'); return false; }">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<?php
//see if user is a new customer,
//check number of orders they have had or if user is an admin (to be able to create server)
$isAdmin = $db->isAdmin( $_SESSION['user_id'] );
$result = $db->resultQuery("SELECT * FROM ogp_billing_orders WHERE user_id=".$user_id);
$server_price = number_format( $order['price'], 2 );
if(isset($settings['display_free'])) {
$display_free = $settings['display_free'];
}else {
$display_free = false;
}
if((($server_price < 0.05 )|| ($isAdmin)) && ($display_free))
//if($display_free)
{
if($isAdmin)
{
echo '<input name="buy" type="submit" value="Create Server" ><br>';
echo 'When created EDIT this server to assign a user';
}
else
{
echo '<input name="buy" type="submit" value="Create FREE Server" ><br>';
}
}
else{
if($settings['paypal'] == "1")
echo '<input name="pay_paypal" type="submit" value="'.get_lang_f("pay_from", get_lang('paypal')).'">';
}
?>
<!--checkbox do regulamento -->
<br><br><input type="checkbox" name="checkbox" value="check" id="agree" /><?php echo $settings['checkbox'];?>
</form>
<?php } ?>
</td><?php
}
if($order['paid'] == 3)
{
$today=time();
$formated_finish_date = date('d/M/Y H:i A',$order['finish_date']);
//status has a date for invoice
if($order['status'] > 0)
{
$status = "<b style='color:green;'>Active</b>" ;
}
//status is -1, invoice has been created
elseif($order['status'] == -1)
{
$status = "<b style='color:yellow;'>Invoice Due</b>";
}
//invoice was not paid, server is expired and suspended
elseif($order['status'] == -2)
{
$status = "<b style='color:red;'>Suspended</b>";
}
//display the expiration date and invoice button.
if($order['status'] > 0){$warning_status = "<b style='color:green;'>". $formated_finish_date ."</b>";}
if($order['status'] == -1){$warning_status ="<b style='color:yellow;'>". $formated_finish_date ."</b>";}
if($order['status'] == -2){$warning_status ="<b style='color:red;'>". $formated_finish_date ."</b>" ;}
?>
<td>
<?php echo "$warning_status";?>
</td>
<td>
<?php echo "$status";
?>
</td>
<?php
}
if( isset( $order['status'] ) and $order['status'] == "0" or $order['status'] == "-1" or $order['status'] == "-2")
{
?>
<td></td></tr><tr><td>
<form method="post" action="">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<input type="hidden" name="order_id" value="<?php echo $order['order_id'];?>">
<input type="hidden" name="homeid" value="<?php echo $order['home_id'];?>">
<select name="slots">
<?php
//allow to change the amount of max players and invoice time when renewing server
//get max_slots and min_slots from the billing_services for this game.
$services = $db->resultQuery( "SELECT *
FROM OGP_DB_PREFIXbilling_services
WHERE service_id=".$db->realEscapeSingle($order['service_id']) );
$service = $services[0];
$min = $service['slot_min_qty'];
$max = $service['slot_max_qty'];
$slots=$min;
while($slots<= $max)
{
if($slots == $order['max_players'])
{
echo "<option value='$slots' selected>$slots slots</option>";
}else{
echo "<option value='$slots' >$slots slots</option>";
}
$slots++;
}
?>
</select>
<select name="qty">
<?php
$qty=1;
while($qty<=12)
{
if($qty == $order['qty'])
{
echo "<option value='$qty' selected>$qty months</option>";
}else{
echo "<option value='$qty'>$qty months</option>";
}
$qty++;
}
?>
</select>
<input type="hidden" name="invoice_duration" value="month">
<!--
<input type="submit" name="extend" value="<?php print_lang("extend");?>">
-->
<?php
if($settings['paypal'] == "1")
echo '<button name="update_cart" type="submit" value="update_cart">Update Invoice</button>';
echo '<button name="extend_and_pay_paypal" type="submit" value="extend_and_pay_paypal">Renew Service</button>';
?>
</form>
</td><?php
}
?>
</tr><?php
}
?>
</table>
<table style="width:95%;text-align:left;" class="center">
<tr>
<td>Amount</td>
<td>
<?php
echo "$" . number_format( $subtotal , 2 ). " " .$order['currency'];?>
</td>
</tr>
<tr>
<td><b><?php echo $coupon_name;?></b></td>
<td>
<?php
//APPLY COUPON CODE HERE
$coupon_discount_amt = $subtotal * ($coupon_discount / 100);
echo "-$" . number_format($coupon_discount_amt,2);
?></td><td>
<table><tr>
<form method="post" action="">
<td class="child">
<input type="text" name="coupon_code"size="5" value="<?php echo $coupon_code ?>"></input>
</td>
<td>
<input type="submit" name="Apply Code" value="Apply Code"></input>
</td>
</tr></table>
</form>
</td>
</tr>
<tr>
<td>Discounted Subtotal</td>
<td><?php $subtotal = $subtotal-$coupon_discount_amt;echo "$" . number_format( $subtotal , 2 ). " " .$order['currency'];?></td>
</tr>
<tr>
<td>
Tax Amount</td>
<td>
<?php echo "$" . number_format($order['tax_amount']/100 * $subtotal,2);?>
</td>
</tr>
<tr>
<td>
<?php print_lang("total");?>
</td>
<td>
<?php
$total = $subtotal+($order['tax_amount']/100*$subtotal);
echo "$" . number_format( $total , 2 ). " " .$order['currency'];
?>
</td>
<td>
<?php
if($order['paid'] == 1)
{
?>
<form method="post" action="home.php?m=billing&p=create_servers">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<?php
if($order['extended'] == "1")
{
?>
<input name="enable_server" type="submit" value="<?php print_lang("enable_server");?>">
<?php
}
else
{
?>
<input name="create_server" type="submit" value="<?php print_lang("create_server");?>">
<?php
}
?>
</form>
<?php
}
elseif($order['paid'] == 2)
{
echo get_lang_f("payment_is_pending_of_approval");
}
elseif($order['paid'] == 3)
{
?>
<form method="post" action="?m=billing&p=bill">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<input name="paid" type="submit" value="<?php print_lang("see_invoice");?>">
</form>
<?php
}
else
{
}
?>
</form>
</td>
</tr>
</table>
</center>
<?php
}
}
?>
<a href="?m=billing&p=shop"><?php print_lang('back'); ?></a>
<?php
}
?>

103
modules/billing/bak/coupon.php
View file

@ -1,103 +0,0 @@
<?php
function exec_ogp_module()
{
global $db;
//Querying UPDATE a service FROM DB
if (isset($_POST['update_coupon']) )
{
$new_code = $db->realEscapeSingle($_POST['new_code']);
$new_name = $db->realEscapeSingle($_POST['new_name']);
$new_discount = $db->realEscapeSingle($_POST['new_discount']);
$new_count = $db->realEscapeSingle($_POST['new_count']);
$new_expires = $db->realEscapeSingle($_POST['new_expires']);
$id = $db->realEscapeSingle($_POST['id']);
//Create INSERT query
$qry_change_url = "UPDATE OGP_DB_PREFIXbilling_coupons
SET code ='".$new_code."',
name = '".$new_name."',
discount ='".$new_discount."',
count = '".$new_count."',
expires = '".$new_expires."'
WHERE id=".$id;
$db->query($qry_change_url);
}
//Querying INSERT new coupon INTO DB
if(isset($_POST['add_coupon']))
{
$id = $_POST['id'];
$code = $_POST['code'];
$name = $_POST['name'];
$discount = $_POST['discount'];
$count= $_POST['count'];
$expires = $_POST['expires'];
$query = "INSERT INTO OGP_DB_PREFIXbilling_coupons(code, name, discount, count, expires) VALUES('".$code."', '".$name."', '".$discount."', '".$count."', '".$expires."')";
$db->query($query);
}
//Querying REMOVE coupon FROM DB
if (isset($_POST['del_coupon']))
{
$db->query( "DELETE FROM OGP_DB_PREFIXbilling_coupons WHERE id=" . $db->realEscapeSingle($_POST['id']) );
}
?>
<!-- Show Coupons on DB -->
</table>
<br>
<?php
$result = $db->resultQuery("SELECT * FROM OGP_DB_PREFIXbilling_coupons");
if ($result > 0)
{
?>
<h2><?php print_lang('current_coupons');?></h2>
<table class="center" style='text-align:center;'>
<tr>
<th><?php print_lang('code');?></th>
<th><?php print_lang('coupon_name');?></th>
<th><?php print_lang('discount');?></th>
<th><?php print_lang('count');?></th>
<th><?php print_lang('expires');?></th>
</tr>
<?php
foreach($result as $row)
{
?>
<tr class="tr<?php $i = 0; echo($i++%2);?>">
<form method="post" action="">
<input name="id" type="hidden" value="<?php echo $row['id'];?>"/></td>
<td><input name="new_code" type="text" value="<?php echo $row['code'];?>"/></td>
<td><input name="new_name" type="text" value="<?php echo $row['name'];?>" /></td>
<td><input name="new_discount" type="text" value="<?php echo $row['discount'];?>"/></td>
<td><input name="new_count"type="text" value="<?php echo $row['count'];?>"/></td>
<td><input name="new_expires" type="text" value="<?php echo $row['expires'];?>"/></td>
<td><input type="submit" name="update_coupon" value="<?php print_lang('update_settings');?>"/></td>
<td><input type="submit" name="del_coupon" value="<?php print_lang('del_coupon');?>"/></td>
</form>
</tr><?php
}
//add new row to insert
?>
<form method="post" action="">
<td><input name="code" type="text" value=""/></td>
<td><input name="name" type="text" value="" /></td>
<td><input name="discount" type="text" value="0"/></td>
<td><input name="count"type="text" value="0"/></td>
<td><input name="expires" type="datetime-local" data-date-format="YYYY MMMM DD" value=""/></td>
<td><input type="submit" name="add_coupon" value="<?php print_lang('add_coupon');?>"/></td>
</form></table>
<?php
}
}
?>

103
modules/billing/bak/coupons.php
View file

@ -1,103 +0,0 @@
<?php
function exec_ogp_module()
{
global $db;
//Querying UPDATE a service FROM DB
if (isset($_POST['update_coupon']) )
{
$new_code = $db->realEscapeSingle($_POST['new_code']);
$new_name = $db->realEscapeSingle($_POST['new_name']);
$new_discount = $db->realEscapeSingle($_POST['new_discount']);
$new_count = $db->realEscapeSingle($_POST['new_count']);
$new_expires = $db->realEscapeSingle($_POST['new_expires']);
$id = $db->realEscapeSingle($_POST['id']);
//Create INSERT query
$qry_change_url = "UPDATE OGP_DB_PREFIXbilling_coupons
SET code ='".$new_code."',
name = '".$new_name."',
discount ='".$new_discount."',
count = '".$new_count."',
expires = '".$new_expires."'
WHERE id=".$id;
$db->query($qry_change_url);
}
//Querying INSERT new coupon INTO DB
if(isset($_POST['add_coupon']))
{
$id = $_POST['id'];
$code = $_POST['code'];
$name = $_POST['name'];
$discount = $_POST['discount'];
$count= $_POST['count'];
$expires = $_POST['expires'];
$query = "INSERT INTO OGP_DB_PREFIXbilling_coupons(code, name, discount, count, expires) VALUES('".$code."', '".$name."', '".$discount."', '".$count."', '".$expires."')";
$db->query($query);
}
//Querying REMOVE coupon FROM DB
if (isset($_POST['del_coupon']))
{
$db->query( "DELETE FROM OGP_DB_PREFIXbilling_coupons WHERE id=" . $db->realEscapeSingle($_POST['id']) );
}
?>
<!-- Show Coupons on DB -->
</table>
<br>
<?php
$result = $db->resultQuery("SELECT * FROM OGP_DB_PREFIXbilling_coupons");
if ($result > 0)
{
?>
<h2><?php print_lang('current_coupons');?></h2>
<table class="center" style='text-align:center;'>
<tr>
<th><?php print_lang('code');?></th>
<th><?php print_lang('coupon_name');?></th>
<th><?php print_lang('discount');?></th>
<th><?php print_lang('count');?></th>
<th><?php print_lang('expires');?></th>
</tr>
<?php
foreach($result as $row)
{
?>
<tr class="tr<?php $i = 0; echo($i++%2);?>">
<form method="post" action="">
<input name="id" type="hidden" value="<?php echo $row['id'];?>"/></td>
<td><input name="new_code" type="text" value="<?php echo $row['code'];?>"/></td>
<td><input name="new_name" type="text" value="<?php echo $row['name'];?>" /></td>
<td><input name="new_discount" type="text" value="<?php echo $row['discount'];?>"/></td>
<td><input name="new_count"type="text" value="<?php echo $row['count'];?>"/></td>
<td><input name="new_expires" type="text" value="<?php echo $row['expires'];?>"/></td>
<td><input type="submit" name="update_coupon" value="<?php print_lang('update_settings');?>"/></td>
<td><input type="submit" name="del_coupon" value="<?php print_lang('del_coupon');?>"/></td>
</form>
</tr><?php
}
//add new row to insert
?>
<form method="post" action="">
<td><input name="code" type="text" value=""/></td>
<td><input name="name" type="text" value="" /></td>
<td><input name="discount" type="text" value="0"/></td>
<td><input name="count"type="text" value="0"/></td>
<td><input name="expires" type="datetime-local" data-date-format="YYYY MMMM DD" value=""/></td>
<td><input type="submit" name="add_coupon" value="<?php print_lang('add_coupon');?>"/></td>
</form></table>
<?php
}
}
?>

378
modules/billing/bak/create_servers.php
View file

@ -1,378 +0,0 @@
<?php
require_once("includes/lib_remote.php");
require_once("modules/config_games/server_config_parser.php");
function exec_ogp_module()
{
global $db,$view,$settings;
$user_id = $_SESSION['user_id'];
if (isset($_POST['cart_id'])) {
$cart_id = $_POST['cart_id'];
}
if(isset($_GET['cart_id'])){
$cart_id = $_GET['cart_id'];
}
$cart_paid = $db->resultQuery( "SELECT paid FROM OGP_DB_PREFIXbilling_carts WHERE cart_id=".$db->realEscapeSingle($cart_id) );
$isAdmin = $db->isAdmin( $_SESSION['user_id'] );
if ( $isAdmin ){
$orders = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart_id) );
} else {
$orders = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart_id)." AND user_id=".$db->realEscapeSingle($user_id) );
}
if( !empty($orders) and !empty($cart_paid) )
{
foreach($orders as $order)
{
$order_id = $order['order_id'];
$service_id = $order['service_id'];
$home_name = $order['home_name'];
$remote_control_password = $order['remote_control_password'];
$ftp_password = $order['ftp_password'];
$ip = $order['ip'];
$max_players = $order['max_players'];
$user_id = $order['user_id'];
$extended = $order['extended'] == "1" ? TRUE : FALSE;
//Query service info
$service = $db->resultQuery( "SELECT *
FROM OGP_DB_PREFIXbilling_services
WHERE service_id=".$db->realEscapeSingle($service_id) );
if( !empty( $service[0] ) )
{
$home_cfg_id = $service[0]['home_cfg_id'];
$mod_cfg_id = $service[0]['mod_cfg_id'];
//remote_server_id has been stored in IP_ID
//$remote_server_id = $service[0]['remote_server_id'];
$remote_server_id = $order['ip'];
$ftp = $service[0]['ftp'];
$install_method = $service[0]['install_method'];
$manual_url = $service[0]['manual_url'];
$access_rights = $service[0]['access_rights'];
}
else
return;
if($extended)
{
$home_id = $order['home_id'];
//Get The home info without mods in 1 array (Necesary for remote connection).
$home_info = $db->getGameHomeWithoutMods($home_id);
//Create the remote connection
$remote = new OGPRemoteLibrary($home_info['agent_ip'],$home_info['agent_port'],$home_info['encryption_key'],$home_info['timeout']);
//Reassign the server
$db->assignHomeTo( "user", $user_id, $home_id, $access_rights );
//Reenable the FTP account
if ($ftp == "enabled")
{
$remote->ftp_mgr("useradd", $home_info['home_id'], $home_info['ftp_password'], $home_info['home_path']);
$db->changeFtpStatus('enabled',$home_info['home_id']);
}
echo "<h4>Server Installed, Check your Email for Details</h4><br>";
//Panel Log
$db->logger( "RENEWED SERVER " . $home_id);
// SEND EMAIL
$settings = $db->getSettings();
$subject = "Gameserver Renewel at " . $settings['panel_name'];
$email = $db->resultQuery(" SELECT DISTINCT users_email
FROM ogp_users, ogp_billing_orders
WHERE ogp_users.user_id = $user_id")[0]["users_email"];
$message = "Your server, " . $home_name ." ID #". $home_id . " at " . $settings['panel_name'] . " has just been renewed.<br>
Thank You for your continued support.<br>
If you have any questions or requests, visit our website or contact us directly in our Discord Server.";
$mail = mymail($email, $subject, $message, $settings);
$rundate = date('d/M/y G:i',$now);
if (!$mail)
$db->logger( "Email FAILED - Server Renewed " . $home_id);
// END EMAIL
//WEBHOOK Discord=======================================================================================
$webhookurl = $settings['webhookurl'];
$msg = "The ". $home_name ." server ID #". $home_id . " has just been renewed.";
$json_data = array ('content'=>"$msg");
$make_json = json_encode($json_data);
$ch = curl_init( $webhookurl );
curl_setopt( $ch, CURLOPT_HTTPHEADER, array('Content-type: application/json'));
curl_setopt( $ch, CURLOPT_POST, 1);
curl_setopt( $ch, CURLOPT_POSTFIELDS, $make_json);
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt( $ch, CURLOPT_HEADER, 0);
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec( $ch );
//If you need to debug, or find out why you can't send message uncomment line below, and execute script.
//echo $response;
//end WEBHOOK Discord
}
else
{
//OPTIONS, change it at your choice;
$extra_params = "";//no extra params defined by default
$cpu_affinity = "NA";//Affinity to one core/thread of the cpu by number, use NA to disable it
$nice = "0";//Min priority=19 Max Priority=-19
//Add Game home to database
//HARD CODE TO /home/gameserver/
$rserver = $db->getRemoteServer($remote_server_id);
$game_path = "/home/gameserver/";
$home_id = $db->addGameHome( $remote_server_id, $user_id, $home_cfg_id, $game_path, $home_name, $remote_control_password, $ftp_password);
//Add IP:Port Pair to the Game Home
//need to get the IP_ID for this remote server.
$result = $db->resultQuery("SELECT ip_id FROM OGP_DB_PREFIXremote_server_ips WHERE remote_server_id=".$ip);
foreach ($result as $rs)
{
$ip_id = $rs['ip_id'];
}
$add_port = $db->addGameIpPort( $home_id, $ip_id, $db->getNextAvailablePort($ip_id,$home_cfg_id) );
//Assign the Game Mod to the Game Home
$mod_id = $db->addModToGameHome( $home_id, $mod_cfg_id );
$db->updateGameModParams( $max_players, $extra_params, $cpu_affinity, $nice, $home_id, $mod_cfg_id );
$db->assignHomeTo( "user", $user_id, $home_id, $access_rights );
//Get The home info without mods in 1 array (Necesary for remote connection).
$home_info = $db->getGameHomeWithoutMods($home_id);
//Create the remote connection
$remote = new OGPRemoteLibrary($home_info['agent_ip'],$home_info['agent_port'],$home_info['encryption_key'],$home_info['timeout']);
//Get Full home info in 1 array
$home_info = $db->getGameHome($home_id);
//Read the Game Config from the XML file
$server_xml = read_server_config(SERVER_CONFIG_LOCATION."/".$home_info['home_cfg_file']);
//Get Values from XML
$modkey = $home_info['mods'][$mod_id]['mod_key'];
$mod_xml = xml_get_mod($server_xml, $modkey);
$installer_name = $mod_xml->installer_name;
$mod_cfg_id = $home_info['mods'][$mod_id]['mod_cfg_id'];
//Get Preinstall commands from xml
$precmd = $server_xml->pre_install;
//Get Postinstall commands from xml
$postcmd = $server_xml->post_install;
//Enable FTP account in remote server
if ($ftp == "enabled")
{
$remote->ftp_mgr("useradd", $home_info['home_id'], $home_info['ftp_password'], $home_info['home_path']);
$db->changeFtpStatus('enabled',$home_info['home_id']);
}
//Install files for this service in the remote server
// -Steam
$exec_folder_path = clean_path($home_info['home_path'] . "/" . $server_xml->exe_location );
$exec_path = clean_path($exec_folder_path . "/" . $server_xml->server_exec_name );
if ($install_method == "steam")
{
if ( $server_xml->installer == "steamcmd" )
{
if( preg_match("/win32/", $server_xml->game_key) OR preg_match("/win64/", $server_xml->game_key) )
$cfg_os = "windows";
elseif( preg_match("/linux/", $server_xml->game_key) )
$cfg_os = "linux";
// Some games like L4D2 require anonymous login
if($mod_xml->installer_login){
$login = $mod_xml->installer_login;
$pass = '';
}else{
$login = $settings['steam_user'];
$pass = $settings['steam_pass'];
}
$modname = ( $installer_name == '90' and !preg_match("/(cstrike|valve)/", $modkey) ) ? $modkey : '';
$betaname = isset($mod_xml->betaname) ? $mod_xml->betaname : '';
$betapwd = isset($mod_xml->betapwd) ? $mod_xml->betapwd : '';
$arch = isset($mod_xml->steam_bitness) ? $mod_xml->steam_bitness : '';
$remote->steam_cmd( $home_id,$home_info['home_path'],$installer_name,$modname,
$betaname,$betapwd,$login,$pass,$settings['steam_guard'],
$exec_folder_path,$exec_path,$precmd,$postcmd,$cfg_os,'',$arch);
}
}
// -Rsync
elseif ($install_method == "rsync")
{
//Rsync Server
$url = "files.iaregamer.com";
//OS
if( preg_match("/win32/", $server_xml->game_key) OR preg_match("/win64/", $server_xml->game_key) )
$os = "windows";
elseif( preg_match("/linux/", $server_xml->game_key) )
$os = "linux";
//Rsync Game Name
//JUST SET RS_GNAME TO GAME xml NAME
$rs_gname = $server_xml->game_key;
//Starting Sync
$full_url = "$url/rsync_installer/$rs_gname/$os/";
$remote->start_rsync_install($home_id,$home_info['home_path'],"$full_url",$exec_folder_path,$exec_path,$precmd,$postcmd);
}
// -Manual
elseif ($install_method == "manual")
{
// Start File Download and uncompress
$filename = !empty($manual_url) ? substr($manual_url, -9) : "";
$remote->start_file_download($manual_url,$home_info['home_path'],$filename,"uncompress");
}
echo "<h4><br><p>".get_lang('starting_installations')."</p></h4><br>";
//PANEL LOG
$db->logger( "CREATED NEW SERVER " . $home_id);
// SEND EMAIL to new server only
if($order['finish_date'] == 0){
$settings = $db->getSettings();
$subject = "New Gameserver installed at " . $settings['panel_name'];
$email = $db->resultQuery(" SELECT DISTINCT users_email
FROM ogp_users, ogp_billing_orders
WHERE ogp_users.user_id = $user_id")[0]["users_email"];
$message = "Your server, " . $home_name ." ID #". $home_id . " at " . $settings['panel_name'] . " has just been created.<br>
Thank You for your continued support.<br>
If you have any questions or requests, visit our website or contact us directly in our Discord Server.
You can login to the Game Panel and click on Game Monitor to see your server. <br><br>
Thank you!<br> ";
$mail = mymail($email, $subject, $message, $settings);
$rundate = date('d/M/y G:i',$now);
if (!$mail)
$db->logger( "Email FAILED - Server Created " . $home_id);
//WEBHOOK Discord=======================================================================================
$webhookurl = "https://discord.com/api/webhooks/710275918274363412/g5Tr-EUdEnLfFryOlscxJ6FuPiSJuE6EMKRYmh9UGMiqTUxU5-y9CQrBlDJW7znr0Tol";
//$settings['webhookurl'];
$msg = "A new server, ". $home_name ." ID #". $home_id . ", has just been created.";
$json_data = array ('content'=>"$msg");
$make_json = json_encode($json_data);
$ch = curl_init( $webhookurl );
curl_setopt( $ch, CURLOPT_HTTPHEADER, array('Content-type: application/json'));
curl_setopt( $ch, CURLOPT_POST, 1);
curl_setopt( $ch, CURLOPT_POSTFIELDS, $make_json);
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt( $ch, CURLOPT_HEADER, 0);
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec( $ch );
//If you need to debug, or find out why you can't send message uncomment line below, and execute script.
//echo $response;
//end WEBHOOK Discord
}
// END EMAIL
}
// Set expiration date in ogp database
//status is -3 -2 -1 0 and 1
// deleted, suspended, invoiced, inactive, active
//finish_date the server will be suspended
//in cron_shop the finish_date is used to delete the server
//several days after being suspended
if ($order['invoice_duration'] == "day")
{
if($order['finish_date'] == 0){
$finish_date = strtotime('+'.$order['qty'].' day');
$status = 1;
}
else{
//this is a renewel, start from end of previous order
$finish_date = strtotime('+'.$order['qty'].' day',$order['finish_date']);
$status = 1;
}
}
elseif ($order['invoice_duration'] == "month")
{
// this is a new order
if($order['finish_date'] == 0){
$finish_date = strtotime('+'.$order['qty'].' month');
$status = 1;
}
else{
//this is a renewel, start from end of previous order
$finish_date = strtotime('+'.$order['qty'].' month',$order['finish_date']);
$status = 1;
}
}
elseif ($order['invoice_duration'] == "year")
{
// this is a new order
if($order['finish_date'] == 0){
$finish_date = strtotime('+'.$order['qty'].' year');
$status = 1;
}
else{
//this is a renewel, start from end of previous order
$finish_date = strtotime('+'.$order['qty'].' year',$order['finish_date']);
$status = 1;
}
}
// set order status
$db->query("UPDATE OGP_DB_PREFIXbilling_orders
SET status='" . $db->realEscapeSingle($status) . "'
WHERE order_id=".$db->realEscapeSingle($order_id));
// set the order expiration
$db->query("UPDATE OGP_DB_PREFIXbilling_orders
SET finish_date='" . $db->realEscapeSingle($finish_date) . "'
WHERE order_id=".$db->realEscapeSingle($order_id));
// Save home id created by this order
$db->query("UPDATE OGP_DB_PREFIXbilling_orders
SET home_id='" . $db->realEscapeSingle($home_id) . "' WHERE order_id=".$db->realEscapeSingle($order_id));
}
//Update Cart Payment Status as 3(paid and installed)
$db->query("UPDATE OGP_DB_PREFIXbilling_carts
SET paid=3
WHERE cart_id=".$db->realEscapeSingle($cart_id));
// Set payment/creation date
$date = date('d M Y');
$db->query("UPDATE OGP_DB_PREFIXbilling_carts
SET date='" . $db->realEscapeSingle($date) . "'
WHERE cart_id=".$db->realEscapeSingle($cart_id));
$db->query( "UPDATE OGP_DB_PREFIXgame_mods SET max_players= ".$order['max_players']." WHERE home_id=".$db->realEscapeSingle($home_id));
//Refresh to Game Monitor.
$view->refresh("home.php?m=gamemanager&p=game_monitor");
}
}
?>

375
modules/billing/bak/create_servers.php.save
View file

@ -1,375 +0,0 @@
<?php
require_once("includes/lib_remote.php");
require_once("modules/config_games/server_config_parser.php");
function exec_ogp_module()
{
global $db,$view,$settings;
$user_id = $_SESSION['user_id'];
if (isset($_POST['cart_id'])) {
$cart_id = $_POST['cart_id'];
}
if(isset($_GET['cart_id'])){
$cart_id = $_GET['cart_id'];
}
$cart_paid = $db->resultQuery( "SELECT paid FROM OGP_DB_PREFIXbilling_carts WHERE cart_id=".$db->realEscapeSingle($cart_id) );
$isAdmin = $db->isAdmin( $_SESSION['user_id'] );
if ( $isAdmin ){
$orders = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart_id) );
} else {
$orders = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart_id)." AND user_id=".$db->realEscapeSingle($user_id) );
}
if( !empty($orders) and !empty($cart_paid) )
{
foreach($orders as $order)
{
$order_id = $order['order_id'];
$service_id = $order['service_id'];
$home_name = $order['home_name'];
$remote_control_password = $order['remote_control_password'];
$ftp_password = $order['ftp_password'];
$ip = $order['ip'];
$max_players = $order['max_players'];
$user_id = $order['user_id'];
$extended = $order['extended'] == "1" ? TRUE : FALSE;
//Query service info
$service = $db->resultQuery( "SELECT *
FROM OGP_DB_PREFIXbilling_services
WHERE service_id=".$db->realEscapeSingle($service_id) );
if( !empty( $service[0] ) )
{
$home_cfg_id = $service[0]['home_cfg_id'];
$mod_cfg_id = $service[0]['mod_cfg_id'];
//remote_server_id has been stored in IP_ID
//$remote_server_id = $service[0]['remote_server_id'];
$remote_server_id = $order['ip'];
$ftp = $service[0]['ftp'];
$install_method = $service[0]['install_method'];
$manual_url = $service[0]['manual_url'];
$access_rights = $service[0]['access_rights'];
}
else
return;
if($extended)
{
$home_id = $order['home_id'];
//Get The home info without mods in 1 array (Necesary for remote connection).
$home_info = $db->getGameHomeWithoutMods($home_id);
//Create the remote connection
$remote = new OGPRemoteLibrary($home_info['agent_ip'],$home_info['agent_port'],$home_info['encryption_key'],$home_info['timeout']);
//Reassign the server
$db->assignHomeTo( "user", $user_id, $home_id, $access_rights );
//Reenable the FTP account
if ($ftp == "enabled")
{
$remote->ftp_mgr("useradd", $home_info['home_id'], $home_info['ftp_password'], $home_info['home_path']);
$db->changeFtpStatus('enabled',$home_info['home_id']);
}
echo "<h4>Server Installed, Check your Email for Details</h4><br>";
//Panel Log
$db->logger( "RENEWED SERVER " . $home_id);
// SEND EMAIL
$settings = $db->getSettings();
$subject = "Gameserver Renewel at " . $settings['panel_name'];
$email = $db->resultQuery(" SELECT DISTINCT users_email
FROM ogp_users, ogp_billing_orders
WHERE ogp_users.user_id = $user_id")[0]["users_email"];
$message = "Your server, " . $home_name ." ID #". $home_id . " at " . $settings['panel_name'] . " has just been renewed.<br>
Thank You for your continued support.<br>
If you have any questions or requests, visit our website or contact us directly in our Discord Server.";
$mail = mymail($email, $subject, $message, $settings);
$rundate = date('d/M/y G:i',$now);
if (!$mail)
$db->logger( "Email FAILED - Server Renewed " . $home_id);
// END EMAIL
//WEBHOOK Discord=======================================================================================
$webhookurl = $settings['webhookurl'];
$msg = "The ". $home_name ." server ID #". $home_id . " has just been renewed.";
$json_data = array ('content'=>"$msg");
$make_json = json_encode($json_data);
$ch = curl_init( $webhookurl );
curl_setopt( $ch, CURLOPT_HTTPHEADER, array('Content-type: application/json'));
curl_setopt( $ch, CURLOPT_POST, 1);
curl_setopt( $ch, CURLOPT_POSTFIELDS, $make_json);
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt( $ch, CURLOPT_HEADER, 0);
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec( $ch );
//If you need to debug, or find out why you can't send message uncomment line below, and execute script.
//echo $response;
//end WEBHOOK Discord
}
else
{
//OPTIONS, change it at your choice;
$extra_params = "";//no extra params defined by default
$cpu_affinity = "NA";//Affinity to one core/thread of the cpu by number, use NA to disable it
$nice = "0";//Min priority=19 Max Priority=-19
//Add Game home to database
//HARD CODE TO /home/gameserver/
$rserver = $db->getRemoteServer($remote_server_id);
$game_path = "/home/gameserver/";
$home_id = $db->addGameHome( $remote_server_id, $user_id, $home_cfg_id, $game_path, $home_name, $remote_control_password, $ftp_password);
//Add IP:Port Pair to the Game Home
//need to get the IP_ID for this remote server.
$result = $db->resultQuery("SELECT ip_id FROM OGP_DB_PREFIXremote_server_ips WHERE remote_server_id=".$ip);
foreach ($result as $rs)
{
$ip_id = $rs['ip_id'];
}
$add_port = $db->addGameIpPort( $home_id, $ip_id, $db->getNextAvailablePort($ip_id,$home_cfg_id) );
//Assign the Game Mod to the Game Home
$mod_id = $db->addModToGameHome( $home_id, $mod_cfg_id );
$db->updateGameModParams( $max_players, $extra_params, $cpu_affinity, $nice, $home_id, $mod_cfg_id );
$db->assignHomeTo( "user", $user_id, $home_id, $access_rights );
//Get The home info without mods in 1 array (Necesary for remote connection).
$home_info = $db->getGameHomeWithoutMods($home_id);
//Create the remote connection
$remote = new OGPRemoteLibrary($home_info['agent_ip'],$home_info['agent_port'],$home_info['encryption_key'],$home_info['timeout']);
//Get Full home info in 1 array
$home_info = $db->getGameHome($home_id);
//Read the Game Config from the XML file
$server_xml = read_server_config(SERVER_CONFIG_LOCATION."/".$home_info['home_cfg_file']);
//Get Values from XML
$modkey = $home_info['mods'][$mod_id]['mod_key'];
$mod_xml = xml_get_mod($server_xml, $modkey);
$installer_name = $mod_xml->installer_name;
$mod_cfg_id = $home_info['mods'][$mod_id]['mod_cfg_id'];
//Get Preinstall commands from xml
$precmd = $server_xml->pre_install;
//Get Postinstall commands from xml
$postcmd = $server_xml->post_install;
//Enable FTP account in remote server
if ($ftp == "enabled")
{
$remote->ftp_mgr("useradd", $home_info['home_id'], $home_info['ftp_password'], $home_info['home_path']);
$db->changeFtpStatus('enabled',$home_info['home_id']);
}
//Install files for this service in the remote server
// -Steam
$exec_folder_path = clean_path($home_info['home_path'] . "/" . $server_xml->exe_location );
$exec_path = clean_path($exec_folder_path . "/" . $server_xml->server_exec_name );
if ($install_method == "steam")
{
if ( $server_xml->installer == "steamcmd" )
{
if( preg_match("/win32/", $server_xml->game_key) OR preg_match("/win64/", $server_xml->game_key) )
$cfg_os = "windows";
elseif( preg_match("/linux/", $server_xml->game_key) )
$cfg_os = "linux";
// Some games like L4D2 require anonymous login
if($mod_xml->installer_login){
$login = $mod_xml->installer_login;
$pass = '';
}else{
$login = $settings['steam_user'];
$pass = $settings['steam_pass'];
}
$modname = ( $installer_name == '90' and !preg_match("/(cstrike|valve)/", $modkey) ) ? $modkey : '';
$betaname = isset($mod_xml->betaname) ? $mod_xml->betaname : '';
$betapwd = isset($mod_xml->betapwd) ? $mod_xml->betapwd : '';
$arch = isset($mod_xml->steam_bitness) ? $mod_xml->steam_bitness : '';
$remote->steam_cmd( $home_id,$home_info['home_path'],$installer_name,$modname,
$betaname,$betapwd,$login,$pass,$settings['steam_guard'],
$exec_folder_path,$exec_path,$precmd,$postcmd,$cfg_os,'',$arch);
}
}
// -Rsync
elseif ($install_method == "rsync")
{
//Rsync Server
$url = "files.iaregamer.com";
//OS
if( preg_match("/win32/", $server_xml->game_key) OR preg_match("/win64/", $server_xml->game_key) )
$os = "windows";
elseif( preg_match("/linux/", $server_xml->game_key) )
$os = "linux";
//Rsync Game Name
//JUST SET RS_GNAME TO GAME xml NAME
$rs_gname = $server_xml->game_key;
//Starting Sync
$full_url = "$url/rsync_installer/$rs_gname/$os/";
$remote->start_rsync_install($home_id,$home_info['home_path'],"$full_url",$exec_folder_path,$exec_path,$precmd,$postcmd);
}
// -Manual
elseif ($install_method == "manual")
{
// Start File Download and uncompress
$filename = !empty($manual_url) ? substr($manual_url, -9) : "";
$remote->start_file_download($manual_url,$home_info['home_path'],$filename,"uncompress");
}
echo "<h4><br><p>".get_lang('starting_installations')."</p></h4><br>";
//PANEL LOG
$db->logger( "CREATED NEW SERVER " . $home_id);
// SEND EMAIL to new server only
if($order['finish_date'] == 0){
$settings = $db->getSettings();
$subject = "New Gameserver installed at " . $settings['panel_name'];
$email = $db->resultQuery(" SELECT DISTINCT users_email
FROM ogp_users, ogp_billing_orders
WHERE ogp_users.user_id = $user_id")[0]["users_email"];
$message = "Your server, " . $home_name ." ID #". $home_id . " at " . $settings['panel_name'] . " has just been created.<br>
Thank You for your continued support.<br>
If you have any questions or requests, visit our website or contact us directly in our Discord Server.
You can login to the Game Panel and click on Game Monitor to see your server. <br><br>
Thank you!<br> ";
$mail = mymail($email, $subject, $message, $settings);
$rundate = date('d/M/y G:i',$now);
if (!$mail)
$db->logger( "Email FAILED - Server Created " . $home_id);
//WEBHOOK Discord=======================================================================================
$webhookurl = $settings['webhookurl'];
$msg = "A new server, ". $home_name ." ID #". $home_id . ", has just been created.";
$json_data = array ('content'=>"$msg");
$make_json = json_encode($json_data);
$ch = curl_init( $webhookurl );
curl_setopt( $ch, CURLOPT_HTTPHEADER, array('Content-type: application/json'));
curl_setopt( $ch, CURLOPT_POST, 1);
curl_setopt( $ch, CURLOPT_POSTFIELDS, $make_json);
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt( $ch, CURLOPT_HEADER, 0);
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec( $ch );
//If you need to debug, or find out why you can't send message uncomment line below, and execute script.
//echo $response;
//end WEBHOOK Discord
}
// END EMAIL
}
// Set expiration date in ogp database
//End_date is when the invoice is printed.
//finish_date the server will be suspended
//in cron_shop the finish_date is used to delete the server
//several days after being suspended
if ($order['invoice_duration'] == "day")
{
if($order['finish_date'] == 0){
$finish_date = strtotime('+'.$order['qty'].' day');
$end_date = strtotime('- 2 day',$finish_date);
}
else{
//this is a renewel, start from end of previous order
$finish_date = strtotime('+'.$order['qty'].' day',$order['finish_date']);
$end_date = strtotime('- 6 hour', $finish_date);
}
}
elseif ($order['invoice_duration'] == "month")
{
// this is a new order
if($order['finish_date'] == 0){
$finish_date = strtotime('+'.$order['qty'].' month');
$end_date = strtotime('- 7 day',$finish_date);
}
else{
//this is a renewel, start from end of previous order
$finish_date = strtotime('+'.$order['qty'].' month',$order['finish_date']);
$end_date = strtotime('- 7 day',$finish_date);
}
}
elseif ($order['invoice_duration'] == "year")
{
// this is a new order
if($order['finish_date'] == 0){
$finish_date = strtotime('+'.$order['qty'].' year');
$end_date = strtotime('- 2 week',$finish_date);
}
else{
//this is a renewel, start from end of previous order
$finish_date = strtotime('+'.$order['qty'].' year',$order['finish_date']);
$end_date = strtotime('- 2 week',$finish_date);
}
}
// set order expire date
$db->query("UPDATE OGP_DB_PREFIXbilling_orders
SET end_date='" . $db->realEscapeSingle($end_date) . "'
WHERE order_id=".$db->realEscapeSingle($order_id));
$db->query("UPDATE OGP_DB_PREFIXbilling_orders
SET finish_date='" . $db->realEscapeSingle($finish_date) . "'
WHERE order_id=".$db->realEscapeSingle($order_id));
// Save home id created by this order
$db->query("UPDATE OGP_DB_PREFIXbilling_orders
SET home_id='" . $db->realEscapeSingle($home_id) . "' WHERE order_id=".$db->realEscapeSingle($order_id));
}
//Update Cart Payment Status as 3(paid and installed)
$db->query("UPDATE OGP_DB_PREFIXbilling_carts
SET paid=3
WHERE cart_id=".$db->realEscapeSingle($cart_id));
// Set payment/creation date
$date = date('d M Y');
$db->query("UPDATE OGP_DB_PREFIXbilling_carts
SET date='" . $db->realEscapeSingle($date) . "'
WHERE cart_id=".$db->realEscapeSingle($cart_id));
$db->query( "UPDATE OGP_DB_PREFIXgame_mods SET max_players= ".$order['max_players']." WHERE home_id=".$db->realEscapeSingle($home_id));
//Refresh to Game Monitor.
$view->refresh("home.php?m=gamemanager&p=game_monitor");
}
}
?>

217
modules/billing/bak/cron-shop.php
View file

@ -1,217 +0,0 @@
<?php
/*
*
* OGP - Open Game Panel
* Copyright (C) 2008 - 2017 The OGP Development Team
*
* http://www.opengamepanel.org/
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*/
chdir(realpath(dirname(__FILE__))); /* Change to the current file path */
chdir("../.."); /* Base path to ogp web files */
// Report all PHP errors
error_reporting(E_ALL);
// Path definitions
define("CONFIG_FILE","includes/config.inc.php");
//Requiere
require_once("includes/functions.php");
require_once("includes/helpers.php");
require_once("includes/html_functions.php");
require_once("modules/config_games/server_config_parser.php");
require_once("includes/lib_remote.php");
require_once CONFIG_FILE;
// Connect to the database server and select database.
$db = createDatabaseConnection($db_type, $db_host, $db_user, $db_pass, $db_name, $table_prefix);
$panel_settings = $db->getSettings();
if( isset($panel_settings['time_zone']) && $panel_settings['time_zone'] != "" )
date_default_timezone_set($panel_settings['time_zone']);
//these dates are configured in the Shop Settings page
$today=time();
$invoice_date = strtotime('+ 7 days'); //this many days until the finish_date
$suspend_date = $today; //suspend when overdue
//final date is 10th, we need to remove on 17th, so final date is > removal_date
$removal_date = strtotime('- 7 days'); //finish_date is passed 7 days ago
$rundate = date('d/M/y G:i',$today);
//THESE SERVERS HAVE REACHED THE DATE FOR INVOICE, FINISH_DATE - 7 (OR WHAT IS IN SETTINGS)
//SET STATUS -1 MEANING INVOICED
//LOOP THROUGH ALL SERVERS WITH STATUS = 1 (ACTIVE) -----------------------------------------------------------
$user_homes = $db->resultQuery( "SELECT *
FROM " . $table_prefix . "billing_orders
WHERE status > 0 AND finish_date <" . $invoice_date);
if (!is_array($user_homes))
{
}
else
{
foreach($user_homes as $user_home)
{
$user_id = $user_home['user_id'];
$home_id = $user_home['home_id'];
// Reset the STATUS -1 so cart.php will create an invoice
$db->query( "UPDATE " . $table_prefix . "billing_orders
SET status=-1
WHERE order_id=".$db->realEscapeSingle($user_home['order_id']));
// SEND EMAIL
$settings = $db->getSettings();
$subject = "You have an INVOICE at ". $panel_settings['panel_name'];
$email = $db->resultQuery(" SELECT DISTINCT users_email
FROM " . $table_prefix . "users, " . $table_prefix . "billing_orders
WHERE " . $table_prefix . "users.user_id = $user_id")[0]["users_email"];
$message = "Your server with ID ". $home_id . " will expire soon. Please log in and VIEW INVOICES on the Dashboard to renew your server.<br><br><br>~<br>Thanks!<br>";
$mail = mymail($email, $subject, $message, $settings);
//logger
$db->logger( "INVOICE created for server " . $home_id);
if (!$mail)
$db->logger( "Email FAILED - Server Invoiced " . $home_id);
// END EMAIL
}
}
//THESE ARE THE SERVERS THAT HAVE NOT BEEN PAID AND THE FINISH_DATE IS TODAY
//THESE SERVERS GET SUSPENDED
//LOOP THROUGH ALL ORDERS WITH STATUS 0 OR -1 (INACTIVE OR INVOICED)
$user_homes = $db->resultQuery( "SELECT *
FROM " . $table_prefix . "billing_orders
WHERE (status = -1 OR status = 0) AND finish_date < ".$today);
if (!is_array($user_homes))
{
}
else
{
foreach($user_homes as $user_home)
{
$user_id = $user_home['user_id'];
$home_id = $user_home['home_id'];
$home_info = $db->getGameHomeWithoutMods($home_id);
$server_info = $db->getRemoteServerById($home_info['remote_server_id']);
$remote = new OGPRemoteLibrary($server_info['agent_ip'], $server_info['agent_port'], $server_info['encryption_key'],$server_info['timeout']);
$ftp_login = isset($home_info['ftp_login']) ? $home_info['ftp_login'] : $home_id;
$remote->ftp_mgr("userdel", $ftp_login);
$db->changeFtpStatus('disabled',$home_id);
$server_xml = read_server_config(SERVER_CONFIG_LOCATION."/".$home_info['home_cfg_file']);
if(isset($server_xml->control_protocol_type))$control_type = $server_xml->control_protocol_type; else $control_type = "";
$addresses = $db->getHomeIpPorts($home_id);
foreach($addresses as $address)
{
$remote->remote_stop_server($home_id,$address['ip'],$address['port'],$server_xml->control_protocol,$home_info['control_password'],$control_type,$home_info['home_path']);
}
$db->unassignHomeFrom("user", $user_id, $home_id);
// Reset the invoice end date to -2
// User can still RENEW server
$db->query( "UPDATE " . $table_prefix . "billing_orders
SET status=-2
WHERE order_id=".$db->realEscapeSingle($user_home['order_id']));
//logger
$db->logger( "SUSPENDED server " . $home_id);
// SEND EMAIL
$settings = $db->getSettings();
$subject = "GameServer Suspended at ". $panel_settings['panel_name'];
$email = $db->resultQuery(" SELECT DISTINCT users_email
FROM " . $table_prefix . "users, " . $table_prefix . "billing_orders
WHERE " . $table_prefix . "users.user_id = $user_id")[0]["users_email"];
$message = "Your server with ID ". $home_id . " has expired and has been suspended. Please log in and VIEW INVOICES on the Dashboard to renew your server.<br>~<br>Thanks!<br>";
$mail = mymail($email, $subject, $message, $settings);
if (!$mail)
$db->logger( "Email FAILED - Server Suspended " . $home_id);
// END EMAIL
}
}
// end date = -2 (suspended) and its been suspended for $removal_date days
//set removed servers as -99
$user_homes = $db->resultQuery( "SELECT *
FROM " . $table_prefix . "billing_orders
WHERE status = -2 AND finish_date < ".$removal_date );
if (!is_array($user_homes))
{
}
else
{
foreach($user_homes as $user_home)
{
$user_id = $user_home['user_id'];
$home_id = $user_home['home_id'];
$home_info = $db->getGameHomeWithoutMods($home_id);
$server_info = $db->getRemoteServerById($home_info['remote_server_id']);
$remote = new OGPRemoteLibrary($server_info['agent_ip'], $server_info['agent_port'], $server_info['encryption_key'],$server_info['timeout']);
// Remove the game home from db
$db->deleteGameHome($home_id);
// Remove the game home files from remote server
$remote->remove_home($home_info['home_path']);
// Reset the invoice end date
$db->query( "UPDATE " . $table_prefix . "billing_orders
SET status=-3
WHERE order_id=".$db->realEscapeSingle($user_home['order_id']));
// Set order as not installed
$db->query( "UPDATE " . $table_prefix . "billing_orders
SET home_id=0
WHERE cart_id=".$db->realEscapeSingle($user_home['cart_id']));
//logger
$db->logger( "DELETED server " . $home_id);
// SEND EMAIL
$settings = $db->getSettings();
$settings = $db->getSettings();
$subject = "GameServer DELETED at ". $panel_settings['panel_name'];
$email = $db->resultQuery(" SELECT DISTINCT users_email
FROM " . $table_prefix . "users, " . $table_prefix . "billing_orders
WHERE " . $table_prefix . "users.user_id = $user_id")[0]["users_email"];
$message = "Your server with ID ". $home_id . " has been deleted<br><br>You did not renew the service and it was PERMANENTLY REMOVED today. If this was an error, if you contact us immediately we may be able to restore your server.<br>Thanks for being a customer and we hope we can provide a server for you again.<br><br>";
$mail = mymail($email, $subject, $message, $settings);
if (!$mail)
$db->logger( "Email FAILED - Server Deleted " . $home_id);
// END EMAIL
}
}
?>

116
modules/billing/bak/ipn.php
View file

@ -1,116 +0,0 @@
<?php
chdir("../../"); /* It just makes life easier */
/* Includes */
require_once("includes/helpers.php");
require_once("includes/config.inc.php");
require_once("includes/functions.php");
require_once("includes/lib_remote.php");
require_once("includes/lang.php");
require_once("modules/config_games/server_config_parser.php");
$db = createDatabaseConnection($db_type, $db_host, $db_user, $db_pass, $db_name, $table_prefix);
$settings = $db->getSettings();
$debug = $settings['debug'];
$paypal_email = $settings['paypal_email']; // your paypal email address
$cart_id = $_POST['item_number'];
$fpx = fopen('modules/billing/ipnlog.txt', 'w');
$header = "====================== CART ID " . $cart_id . " ========================\n";
fwrite($fpx, $header);
// STEP 1: read POST data
// Reading POSTed data directly from $_POST causes serialization issues with array data in the POST.
// Instead, read raw POST data from the input stream.
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
$keyval = explode ('=', $keyval);
if (count($keyval) == 2)
$myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the IPN message sent from PayPal and prepend 'cmd=_notify-validate'
$req = 'cmd=_notify-validate';
if (function_exists('get_magic_quotes_gpc')) {
$get_magic_quotes_exists = true;
}
foreach ($myPost as $key => $value) {
if ($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) {
$value = urlencode(stripslashes($value));
} else {
$value = urlencode($value);
}
$req .= "&$key=$value";
fwrite($fpx, "$key=$value\n");
}
// Step 2: POST IPN data back to PayPal to validate
if ( $settings['sandbox'] == 1) {
$ch = curl_init('https://ipnpb.sandbox.paypal.com/cgi-bin/webscr');
}else {
$ch = curl_init('https://ipnpb.paypal.com/cgi-bin/webscr');
}
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));
// In wamp-like environments that do not come bundled with root authority certificates,
// please download 'cacert.pem' from "https://curl.haxx.se/docs/caextract.html" and set
// the directory path of the certificate as shown below:
// curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem');
if ( !($res = curl_exec($ch)) ) {
// error_log("Got " . curl_error($ch) . " when processing IPN data");
curl_close($ch);
exit;
}
curl_close($ch);
// inspect IPN validation result and act accordingly
if (strcmp ($res, "VERIFIED") == 0) {
fwrite($fpx, "VERIFIED\n");
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$db->query("UPDATE OGP_DB_PREFIXbilling_carts
SET paid=1
WHERE cart_id=".$db->realEscapeSingle($cart_id));
fwrite($fpx, "IPN Processed\n");
// The IPN is verified, process it
} else if (strcmp ($res, "INVALID") == 0) {
// IPN invalid, log for manual investigation
echo "The response from IPN was: <b>" .$res ."</b>";
}
fclose($fpx);
// Reply with an empty 200 response to indicate to paypal the IPN was received correctly.
//header("HTTP/1.1 200 OK");
?>

1
modules/billing/bak/ipnlog.txt
View file

@ -1 +0,0 @@
====================== CART ID ========================

137
modules/billing/bak/module.php
View file

@ -1,137 +0,0 @@
<?php
/*
*
* OGP - Open Game Panel
* Copyright (C) 2008 - 2017 The OGP Development Team
*
* http://www.opengamepanel.org/
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*/
// Module general information
$module_title = "billing";
$module_version = "1";
$db_version = 4;
$module_required = FALSE;
$module_menus = array(
array( 'subpage' => 'shop', 'name'=>'Shop', 'group'=>'user,admin' ),
array( 'subpage' => 'orders', 'name'=>'Orders', 'group'=>'user,admin' ),
array( 'subpage' => 'services', 'name'=>'Services', 'group'=>'admin' ),
array( 'subpage' => 'shop_settings', 'name'=>'Shop Settings', 'group'=>'admin' ),
array( 'subpage' => 'coupons', 'name'=>'Coupons', 'group'=>'admin' )
);
$install_queries = array();
$install_queries[0] = array(
"DROP TABLE IF EXISTS `".OGP_DB_PREFIX."billing_services`;",
"CREATE TABLE IF NOT EXISTS `".OGP_DB_PREFIX."billing_services` (
`service_id` int(11) NOT NULL auto_increment,
`home_cfg_id` int(11) NOT NULL,
`mod_cfg_id` int(11) NOT NULL,
`service_name` varchar(255) NOT NULL,
`remote_server_id` varchar(255) NOT NULL,
`slot_max_qty` int(11) NOT NULL,
`slot_min_qty` int(11) NOT NULL,
`price_daily` float(15,4) NOT NULL,
`price_monthly` float(15,4) NOT NULL,
`price_year` float(15,4) NOT NULL,
`description` varchar(1000) NOT NULL,
`img_url` varchar(255) NOT NULL,
`ftp` varchar(255) NOT NULL,
`install_method` varchar(255) NOT NULL,
`manual_url` varchar(255) NOT NULL,
`access_rights` varchar(255) NOT NULL,
PRIMARY KEY (`service_id`)
) ENGINE=MyISAM DEFAULT CHARSET=UTF8;",
"DROP TABLE IF EXISTS `".OGP_DB_PREFIX."billing_orders`;",
"CREATE TABLE IF NOT EXISTS `".OGP_DB_PREFIX."billing_orders` (
`order_id` int(11) NOT NULL auto_increment,
`user_id` int(11) NOT NULL,
`service_id` int(11) NOT NULL,
`home_path` varchar(255) NOT NULL,
`home_name` varchar(255) NOT NULL,
`ip` varchar(255) NOT NULL,
`port` varchar(5) NOT NULL,
`qty` int(11) NOT NULL,
`invoice_duration` varchar(16) NOT NULL,
`max_players` int(11) NOT NULL,
`remote_control_password` varchar(10) NULL,
`ftp_password` varchar(10) NULL,
`subtotal` float(15,2) NOT NULL,
`rate` int(11) NOT NULL,
`total` float(15,2) NOT NULL,
`date` varchar(10) NULL,
PRIMARY KEY (`order_id`)
) ENGINE=MyISAM;"
);
$install_queries[1] = array(
"DROP TABLE IF EXISTS `".OGP_DB_PREFIX."billing_carts`;",
"CREATE TABLE IF NOT EXISTS `".OGP_DB_PREFIX."billing_carts` (
`cart_id` int(11) NOT NULL auto_increment,
`user_id` int(11) NOT NULL,
`paid` int(11) NULL,
PRIMARY KEY (`cart_id`)
) ENGINE=MyISAM DEFAULT CHARSET=UTF8;",
"DROP TABLE IF EXISTS `".OGP_DB_PREFIX."billing_orders`;",
"CREATE TABLE IF NOT EXISTS `".OGP_DB_PREFIX."billing_orders` (
`order_id` int(11) NOT NULL auto_increment,
`user_id` int(11) NOT NULL,
`service_id` int(11) NOT NULL,
`home_path` varchar(255) NOT NULL,
`home_name` varchar(255) NOT NULL,
`ip` varchar(255) NOT NULL,
`qty` int(11) NOT NULL,
`invoice_duration` varchar(16) NOT NULL,
`max_players` int(11) NOT NULL,
`price` float(15,2) NOT NULL,
`remote_control_password` varchar(10) NULL,
`ftp_password` varchar(10) NULL,
`paid` varchar(1) NULL,
`date` varchar(10) NULL,
`cart_id` int(11) NOT NULL,
PRIMARY KEY (`order_id`)
) ENGINE=MyISAM;"
);
$install_queries[2] = array(
"ALTER TABLE `".OGP_DB_PREFIX."billing_orders` DROP `date`;",
"ALTER TABLE `".OGP_DB_PREFIX."billing_orders` DROP `home_path`;",
"ALTER TABLE `".OGP_DB_PREFIX."billing_orders` DROP `paid`;",
"ALTER TABLE `".OGP_DB_PREFIX."billing_orders` ADD `home_id` varchar(255) NOT NULL DEFAULT '0';",
"ALTER TABLE `".OGP_DB_PREFIX."billing_orders` ADD `status` varchar(16) NOT NULL DEFAULT '0';",
"ALTER TABLE `".OGP_DB_PREFIX."billing_carts` ADD `date` varchar(16) NOT NULL DEFAULT '0';",
"ALTER TABLE `".OGP_DB_PREFIX."billing_carts` ADD `tax_amount` varchar(16) NOT NULL DEFAULT '0';",
"ALTER TABLE `".OGP_DB_PREFIX."billing_carts` ADD `currency` varchar(3) NOT NULL DEFAULT '0';"
);
$install_queries[3] = array(
"ALTER TABLE `".OGP_DB_PREFIX."billing_orders` ADD `finish_date` varchar(16) NOT NULL DEFAULT '0';"
);
$install_queries[4] = array(
"ALTER TABLE `".OGP_DB_PREFIX."billing_orders` ADD `extended` tinyint(1) NOT NULL;",
"ALTER TABLE `".OGP_DB_PREFIX."billing_services` ADD `enabled` int(11) NOT NULL;"
"ALTER TABLE `".OGP_DB_PREFIX."billing_carts` ADD `coupon_id` varchar(3) NOT NULL DEFAULT '0';"
"ALTER TABLE `".OGP_DB_PREFIX."billing_orders` ADD `coupon_id` varchar(3) NOT NULL DEFAULT '0';"
);
?>

20
modules/billing/bak/navigation.xml
View file

@ -1,20 +0,0 @@
<navigation>
<!-- User Side -->
<page key="shop" file="shop.php" access="user,admin" />
<page key="paid" file="paid.php" access="user,admin" />
<page key="cart" file="cart.php" access="user,admin" />
<page key="add_to_cart" file="add_to_cart.php" access="user,admin" />
<page key="paypal" file="paypal.php" access="user,admin" />
<!-- Admin Side -->
<page key="shop_settings" file="settings.php" access="admin" />
<page key="services" file="services.php" access="admin" />
<page key="coupons" file="coupons.php" access="admin" />
<!-- Billing -->
<page key="orders" file="orders.php" access="user,admin" />
<page key="paid" file="paid.php" access="user,admin" />
<page key="bill" file="bill.php" access="user,admin" />
<page key="create_servers" file="create_servers.php" access="user,admin" />
<!-- Guest-->
</navigation>

257
modules/billing/bak/orders.php
View file

@ -1,257 +0,0 @@
<?php
function exec_ogp_module()
{
error_reporting(E_ALL);
global $db,$settings;
if(isset($_POST['remove']))
{
$query_delete_order = $db->query("DELETE FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($_POST['cart_id']));
$query_delete_order = $db->query("DELETE FROM OGP_DB_PREFIXbilling_carts WHERE cart_id=".$db->realEscapeSingle($_POST['cart_id']));
}
if(isset($_POST['paid']))
{
$query_set_as_paid = $db->query("UPDATE OGP_DB_PREFIXbilling_carts
SET paid=1
WHERE cart_id=".$db->realEscapeSingle($_POST['cart_id']));
}
$status_array = array ( "not_paid" => 0,
"paid" => 1,
"procesing_payment" => 2,
"paid_and_installed" => 3
);
?>
<style>
h4 {
width:250px;
height:25px;
background:#f5f5f5;
border-top-style:solid;
border-top-color:#afafaf;
border-top-width:1px;
border-style: solid;
border-color: #CFCFCF;
border-width: 1px;
padding-top:8px;
text-align: center;
font-family:"Trebuchet MS";
}
</style>
<h2><?php print_lang("orders");?></h2>
<form method="post" action="?m=billing&p=shop">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<input type="submit" value="<?php print_lang("shop");?>">
</form>
<?php
$isAdmin = $db->isAdmin( $_SESSION['user_id'] );
$user_id = $_SESSION['user_id'];
//SHOW THE NUMBER OF SERVERS RENTED AND EXPECTED INCOME
if($isAdmin)
{
echo "<h1>Accounting</h1>";
$servercount = 0;
$income = 0;
$paidOrders = $db->resultQuery("SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE status > 0");
foreach($paidOrders as $inc)
{
$servercount = $servercount +1;
$income = $income + $inc['max_players'] * $inc['price'];
}
echo "Total Rented Gameservers: $servercount<br>";
echo "Total Income: $" . number_format( $income , 2 ) . "<br>";
}
foreach($status_array as $status => $paid_value)
if($isAdmin or $status == "paid_and_installed")
{
{
if ($isAdmin){
$carts = $db->resultQuery("SELECT * FROM OGP_DB_PREFIXbilling_carts WHERE paid =" . $db->realEscapeSingle($paid_value) ." order by cart_id DESC");
}else{
$carts = $db->resultQuery("SELECT * FROM OGP_DB_PREFIXbilling_carts WHERE paid=3 AND user_id = " . $user_id ." order by cart_id DESC");
}
if( $carts > 0 )
{
?>
<h2><?php print_lang($status);?></h2><?php
foreach($carts as $cart)
{
?>
<center>
<table style="width:100%;text-align:center;" class="center">
<tr>
<th style="width:25%"><?php print_lang("login");?></th>
<th><?php print_lang("cart_id");?></th>
<th><?php print_lang("order_id");?></th>
<th>slot price</th>
<th>Paid Date</th>
<?php
if($status == "paid_and_installed")
{?>
<th>Expiration dates</th>
<?php
}?>
</tr>
<?php
$orders = $db->resultQuery("SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart['cart_id'])." order by order_id DESC" );
$subtotal = 0;
foreach($orders as $order)
{
if($order['qty'] > 1)
$order['invoice_duration'] = $order['invoice_duration']."s";
?>
<tr class="tr">
<td><a href="?m=user_admin&p=edit_user&user_id=<?php echo $order['user_id'];?>" ><?php $user = $db->getUserById($order['user_id']); echo $user['users_login'];?></a></td>
<td><b class="success"><?php echo $order['cart_id'];?></b></td>
<td><b class="success"><?php echo $order['order_id'];?></b></td>
<td><?php echo "$".$order['price'].$cart['currency'];?></td>
<td><?php echo $cart['date'];?></td>
<?php
if($status == "paid_and_installed")
{
$today = time();
$order_status = "Unknown";
$order_status = $order['status'] > '0' ? "<b style='color:green;'>".get_lang('active')."</b>":$order_status;
$order_status = $order['status'] == '0' ? "<b style='color:yellow;'>".get_lang('unpaid')."</b>":$order_status;
$order_status = $order['status'] == '-1' ? "<b style='color:yellow;'>".get_lang('invoice_due')."</b>":$order_status;
$order_status = $order['status'] == '-2' ? "<b style='color:red;'>".get_lang('suspended')."</b>":$order_status;
$order_status = $order['status'] == '-3' ? "<b style='color:green;'>".get_lang('renewed')."</b>":$order_status;
$order_status = $order['status'] == '-99' ? "<b style='color:white;'>".get_lang('expired')."</b>":$order_status;
$finish_date = date('d/M/Y H:i',$order['finish_date']);
echo "<td>Status: <b>$order_status</b>";
echo "<br>Expiration: <b>$finish_date</b></td>";
}
?>
</tr>
<tr class="tr">
<td><?php echo $order['home_name']?></td>
<td><?php echo " [ ".$order['max_players']." ".get_lang('slots').", ".$order['qty']." ".get_lang($order['invoice_duration'])." ]";?>
</td></tr>
<?php
$max_players = $order['max_players'];
$qty = $order['qty'];
$price = $order['price'];
$subtotal += $order['price'] * $max_players * $qty;
}
?>
<tr>
<td>
<?php
if ($status == "not_paid")
{
?>
<form method="post" action="">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<input name="paid" type="submit" value="<?php print_lang("set_as_paid");?>">
</form>
<?php
}
elseif($status == "paid")
{
?>
<form method="post" action="home.php?m=billing&p=create_servers">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<?php
if($order['extended'] == "1")
{
?>
<input name="enable_server" type="submit" value="<?php print_lang("enable_server");?>">
<?php
}
else
{
?>
<input name="create_server" type="submit" value="<?php print_lang("create_server");?>">
<?php
}
?>
</form>
<?php
}
elseif($status == "procesing_payment")
{
?>
<form method="post" action="">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<input name="paid" type="submit" value="<?php print_lang("set_as_paid");?>">
</form>
<?php
}
elseif($status == "paid_and_installed")
{
?>
<form method="post" action="?m=billing&p=bill">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<input name="paid" type="submit" value="<?php print_lang("see_invoice");?>">
</form>
<?php
}
?>
</tr><tr>
<td>
<?php
echo get_lang('subtotal')." <b>$".number_format( $subtotal , 2 ). " " .$cart['currency']."</b></br>";
?>
</td>
<td>
<?php
//obter as informações de cupom usadas neste pedido
$coupon_savings = 0;
if($cart['coupon_id']>0) {
$result = $db->resultquery("SELECT * from OGP_DB_PREFIXbilling_coupons WHERE id = '". $cart['coupon_id'] . "'");
foreach($result as $coupon){
$coupon_savings = $subtotal * ($coupon['discount']/ 100);
echo "Sub-total c/discount <b>$" .number_format( ($subtotal - $coupon_savings) , 2 ).$cart['currency']."</b></br><td>";
echo "Coupon (".$coupon['code'].") <b>- $" .number_format( $coupon_savings , 2 ).$cart['currency']."</b></br>";
}
}
?>
</td>
<td>
<?php
if ($settings['tax_amount'] > 0){
echo get_lang('tax')."<b>(".$settings['tax_amount']."%) + $".number_format( $settings['tax_amount']/100*$subtotal, 2 ).$cart['currency']."</b></br>";
}
?>
</td>
<td>
<?php
//$total = $subtotal-$coupon_savings+($settings['tax_amount']/100*$subtotal);
$total = ($subtotal - $coupon_savings) * ($settings['tax_amount'] / 100 + 1);
echo get_lang('total')." <b>$".number_format( $total , 2 ). " " .$cart['currency']."</b>";
?>
</td>
<?php
if($status == "paid_and_installed")
{
?>
</tr>
<?php
}
?>
</tr>
</table>
</center>
<?php
}
}
}
}//end foreach
}
?>

58
modules/billing/bak/paid.php
View file

@ -1,58 +0,0 @@
<?php
function exec_ogp_module()
{
global $db,$view,$settings;
$loadpage = "?m=billing&p=paid";
$count = $_POST['count'] + 1;
$result = $db->resultquery("SELECT * from OGP_DB_PREFIXbilling_carts WHERE cart_id= '". $_POST['cart_id'] . "'");
foreach($result as $cartID){
$paid = $cartID['paid'];
}
echo "<h2>Processing your Payment Info ... </h2>";
if($settings['debug']==1){
echo "<br>";
echo $_POST['count'];
echo "<br>";
echo $_POST['cart_id'];
echo "<br>";
echo $_POST['payment_status'];
echo "<br>";
}
//check the DB and see if its been updated as paid
if($paid > 0){
$loadpage = "?m=billing&p=create_servers";
}
//waited too long .. go to orders page
if($count > 5){
$loadpage = "?m=billing&p=orders";
echo "<h2>There was a Problem, Please contact Support ... </h2>";
}
?>
<form name='paid' action='<?php echo $loadpage?>' method='post'>
<input type='hidden' name='cart_id' value='<?php echo $_POST["cart_id"]?>'>
<input type='hidden' name='payment_status' value='<?php echo $_POST["payment_status"] ?>'>
<input type='hidden' name='count' value='<?php echo $count?>'>
</form>
<script>
var auto_refresh = setInterval(
function()
{
submitform();
}, 5000);
function submitform()
{
document.paid.submit();
}
</script>
<?php
}
?>

119
modules/billing/bak/paypal.php
View file

@ -1,119 +0,0 @@
<?php
function exec_ogp_module()
{
global $db,$view;
$settings = $db->getSettings();
function curPageName()
{
return substr($_SERVER["SCRIPT_NAME"],strrpos($_SERVER["SCRIPT_NAME"],"/")+1);
}
if ( $settings['sandbox'] == 1) {
$paypal_url = "https://www.sandbox.paypal.com/cgi-bin/webscr";
$paypal_ipn_url = "https://ipnpb.sandbox.paypal.com/cgi-bin/webscr";
}
else {
$paypal_url = "https://www.paypal.com/cgi-bin/webscr";
$paypal_ipn_url = "https://ipnpb.paypal.com/cgi-bin/webscr";
}
$s = ( isset($_SERVER['HTTPS']) and get_true_boolean($_SERVER['HTTPS']) ) ? "s" : "";
$port = isset($_SERVER['SERVER_PORT']) & $_SERVER['SERVER_PORT'] != "80" ? ":".$_SERVER['SERVER_PORT'] : NULL ;
$this_script = 'http'.$s.'://'.$_SERVER['SERVER_NAME'].$port.$_SERVER['SCRIPT_NAME'];
$current_folder_url = str_replace( curPageName(), "", $this_script);
$cart_id = $_GET['cart_id'];
$debug = $settings['debug'];
if(!empty($cart_id))
{
$orders = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart_id));
//get couponID then discount for this cart
$result= $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_carts WHERE cart_id=".$db->realEscapeSingle($cart_id));
foreach ($result as $cartDB){
$coupon_id = $cartDB['id'];
}
$coupon_discount = 0;
$result = $db->resultQuery( "SELECT discount FROM ogp_billing_coupons WHERE id=".$db->realEscapeSingle($cartDB['coupon_id']));
foreach ($result as $couponDB){
$coupon_discount=$couponDB['discount'];
}
$coupon_discount = $coupon_discount / 100;
if( !empty( $orders ) )
{
$cart['price'] = 0;
foreach($orders as $order)
{
if( $order['qty'] > 1 )
$order['invoice_duration'] = $order['invoice_duration']."s";
$cart['price'] += ($order['price']*$order['max_players']*$order['qty']);
if( !isset( $cart['name'] ) )
$cart['name'] = $order['home_name']."(".$order['qty'].get_lang($order['invoice_duration']).",".$order['max_players'].get_lang('slots').")";
else
$cart['name'] .= ' + '.$order['home_name']."(".$order['qty'].get_lang($order['invoice_duration']).",".$order['max_players'].get_lang('slots').")";
}
//price minus coupon discount
$cart['price'] = $cart['price'] - $cart['price']*$coupon_discount;
$total = $cart['price']+($settings['tax_amount']/100*$cart['price']);
if ($total === 0)
{
$db->query("UPDATE " . $table_prefix . "billing_carts
SET paid=1
WHERE cart_id=".$db->realEscapeSingle($cart_id));
$view->refresh("home.php?m=billing&p=cart",0);
}
$total = number_format( $total , 2 );
}
}
// -- GENERATING THE PAYPAL ORDER BUTTON --
?>
<html><body <?php if ( $debug != 1) { ?>onload="form1.submit()"<?php } ?>>
<form name="form1" action="<?php echo $paypal_url ?>" method="post">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="<?php echo $settings['paypal_email']; ?>">
<input type="hidden" name="item_name" value="<?php echo $cart['name']; ?>">
<input type="hidden" name="item_number" value="<?php echo $cart_id; ?>">
<input type="hidden" name="invoice" value="<?php echo $cart_id; ?>">
<input type="hidden" name="amount" value="<?php echo $total; ?>">
<input type="hidden" name="return" value="<?php echo $current_folder_url.'modules/billing/bounce.php';?>">
<input type="hidden" name="cancel_return" value="<?php echo $this_script.'?m=billing&p=cart';?>">
<input type="hidden" name="notify_url" value="<?php echo $current_folder_url.'modules/billing/ipn.php';?>">
<input type="hidden" name="currency_code" value="<?php echo $settings['currency'];?>">
<input type="hidden" name="rm" value="2">
<?php
if ( $debug == 1) { ?>
<h3 align="center">Debug Mode<br>
Post Data being sent to Paypal</h3>
<?php
echo "<br>Sandbox Enabled = " .$settings['sandbox'];
echo "<br>Paypal Url = " .$paypal_url;
echo "<br>";
echo "<br>Paypal Email = ".$settings['paypal_email'];
echo "<br>Item Name = ".$cart['name'];
echo "<br>Item Number = ".$cart_id;
echo "<br>Invoice ID = ".$cart_id;
echo "<br>Amount = ".$total;
echo "<br>Return Url = ". $current_folder_url."modules/billing/bounce.php";
echo "<br>Cancel Url = ". $this_script."?m=billing&p=cart";
echo "<br>Notify Url = ". $current_folder_url."modules/billing/ipn.php";
echo "<br>Currency Code =". $settings['currency'];
echo "<br><br>";
echo "<input type='submit' value='Click To Proceed To Paypal'>";
}
echo "After payment, you must return to this site to CREATE YOUR SERVER<br>";
}
?>

355
modules/billing/bak/services.php
View file

@ -1,355 +0,0 @@
<?php
function exec_ogp_module()
{
global $db;
//Querying UPDATE a service FROM DB
if (isset($_POST['service']) AND isset($_POST['new_enabled']))
{
$new_remote_server_id = $db->realEscapeSingle($_POST['new_remote_server_id']);
$new_price_monthly = $db->realEscapeSingle($_POST['new_price_monthly']);
$new_out_of_stock = $db->realEscapeSingle($_POST['new_out_of_stock']);
$new_url = $db->realEscapeSingle($_POST['new_url']);
$new_enabled = $db->realEscapeSingle($_POST['new_enabled']);
$service = $db->realEscapeSingle($_POST['service']);
//Create UPDATE query
$qry_change_url = "UPDATE OGP_DB_PREFIXbilling_services
SET remote_server_id = '".$new_remote_server_id."',
price_monthly ='".$new_price_monthly."',
remote_server_id = '".$new_remote_server_id."',
out_of_stock = '".$new_out_of_stock."',
img_url ='".$new_url."',
enabled = '".$new_enabled."'
WHERE service_id=".$service;
$db->query($qry_change_url);
}
//Querying UPDATE enabled/disabled remote servers DB
if (isset($_POST['update_remote_servers']))
{
$result = $db->resultQuery("SELECT * FROM OGP_DB_PREFIXremote_servers");
foreach($result as $rs)
{
$server_enabled = 0;
//get the value from the checkbox
if(isset($_POST[$rs['remote_server_id']]))
{
$server_enabled = 1;
}
//update the table with current value
$query = "UPDATE OGP_DB_PREFIXremote_servers SET enabled = '".$server_enabled."' WHERE remote_server_id=".$rs['remote_server_id'];
$db->query($query);
}
}
//end ENABLE REMOTE SERVERS
//Querying INSERT new service INTO DB
if(isset($_POST['mod_cfg_id']) AND isset($_POST['remote_server_id']) AND isset($_POST['slot_max_qty']) AND isset($_POST['price_daily']) AND isset($_POST['price_monthly']) AND isset($_POST['price_year']))
{
//Sanitize the POST values
$home_cfg_id = $db->realEscapeSingle($_POST['home_cfg_id']);
$mod_cfg_id = $db->realEscapeSingle($_POST['mod_cfg_id']);
$service_name = $db->realEscapeSingle($_POST['service_name']);
foreach ($_POST['remote_server_id'] as $remote)
{
$remote_server_id = $remote_server_id . $remote . " ";
}
//echo $remote_servers_id;
//$remote_server_id = $remote_servers_id;
//$remote_server_id = $db->realEscapeSingle($_POST['remote_server_id']);
$slot_max_qty = $db->realEscapeSingle($_POST['slot_max_qty']);
$slot_min_qty = $db->realEscapeSingle($_POST['slot_min_qty']);
$price_daily = $db->realEscapeSingle($_POST['price_daily']);
$price_monthly = $db->realEscapeSingle($_POST['price_monthly']);
$price_year = $db->realEscapeSingle($_POST['price_year']);
$description = $db->realEscapeSingle($_POST['description']);
$img_url = $db->realEscapeSingle($_POST['img_url']);
$ftp = $db->realEscapeSingle($_POST['ftp']);
$install_method = $db->realEscapeSingle($_POST['install_method']);
$manual_url = $db->realEscapeSingle($_POST['manual_url']);
$access_rights = "";
$enabled = 1;
if(isset($_POST['allow_updates']))$access_rights .= $db->realEscapeSingle($_POST['allow_updates']);
if(isset($_POST['allow_file_management']))$access_rights .= $db->realEscapeSingle($_POST['allow_file_management']);
if(isset($_POST['allow_parameter_usage']))$access_rights .= $db->realEscapeSingle($_POST['allow_parameter_usage']);
if(isset($_POST['allow_extra_params']))$access_rights .= $db->realEscapeSingle($_POST['allow_extra_params']);
if(isset($_POST['allow_ftp_usage']))$access_rights .= $db->realEscapeSingle($_POST['allow_ftp_usage']);
if(isset($_POST['allow_custom_fields']))$access_rights .= $db->realEscapeSingle($_POST['allow_custom_fields']);
$qry_add_service = "INSERT INTO OGP_DB_PREFIXbilling_services(service_id, home_cfg_id, mod_cfg_id, service_name, remote_server_id, out_of_stock, slot_max_qty , slot_min_qty, price_daily, price_monthly, price_year, description, img_url, ftp, install_method, manual_url, access_rights,enabled) VALUES(NULL, '".$home_cfg_id."', '".$mod_cfg_id."', '".$service_name."', '".$remote_server_id."', 0,'".$slot_max_qty."', '".$slot_min_qty."', '".$price_daily."', '".$price_monthly."', '".$price_year."', '".$description."', '".$img_url."', '".$ftp."', '".$install_method."', '".$manual_url."', '".$access_rights."', '" . $enabled . "')";
$db->query($qry_add_service);
}
//Querying REMOVE service FROM DB
if (isset($_POST['service_id']))
{
$db->query( "DELETE FROM OGP_DB_PREFIXbilling_services WHERE service_id=" . $db->realEscapeSingle($_POST['service_id']) );
}
?>
<h2><?php print_lang('add_service');?></h2>
<form method="POST" action="">
<table class="center">
<!-- Part2 - Select MOD -->
<?php
if(isset($_POST['home_cfg_id']))
{
?>
<tr>
<td>
<select name="modcfgid">
<?php
$mod_qry = $db->resultQuery("SELECT DISTINCT mod_cfg_id, mod_name, game_name FROM OGP_DB_PREFIXconfig_mods NATURAL JOIN OGP_DB_PREFIXconfig_homes WHERE home_cfg_id=" . $db->realEscapeSingle($_POST['home_cfg_id']));
foreach($mod_qry as $array_mods)
{
if($array_mods['mod_name'] == "none")$array_mods['mod_name']=$array_mods['game_name'];
?>
<option value="<?php echo $array_mods['mod_cfg_id'];?>"><?php echo $array_mods['mod_name'];?></option>
<?php
}
?>
</select>
</td>
<input type="hidden" name="homecfgid" value="<?php echo $_POST['home_cfg_id'];?>"/>
<tr>
<?php
}
else if (isset($_POST['modcfgid']) AND isset($_POST['homecfgid']))
{
?>
</tr>
<tr>
<?php
$result3 = $db->resultQuery("SELECT DISTINCT remote_server_id, remote_server_name, agent_ip, ogp_user FROM OGP_DB_PREFIXremote_servers");
?>
<td><?php print_lang('remote_server');?></td>
<td>
<select name="remote_server_id[]" multiple size="5">
<?php
foreach($result3 as $row3)
{
?>
<option value="<?php echo $row3['remote_server_id']; ?>">(<?php echo $row3['remote_server_id']; ?>) - IP[<?php echo $row3['agent_ip']; ?>]</option>
<?php
}
?>
</select>
</td>
</tr>
<tr>
<?php
$mods = $db->resultQuery("SELECT DISTINCT mod_cfg_id, mod_name, game_name FROM OGP_DB_PREFIXconfig_mods NATURAL JOIN OGP_DB_PREFIXconfig_homes WHERE mod_cfg_id=" . $db->realEscapeSingle($_POST['modcfgid']));
foreach($mods as $mod)
{
?>
<td><?php print_lang('service_name');?></td>
<td><input name="service_name" type="text" size="61" value="<?php if($mod['mod_name']=="none")echo $mod['game_name']; else echo $mod['game_name']." - ".$mod['mod_name'];?>"/></td>
<input name="mod_cfg_id" type="hidden" value="<?php echo $mod['mod_cfg_id'];}?>"/>
<input name="home_cfg_id" type="hidden" value="<?php echo $_POST['homecfgid'];?>"/>
</tr>
<tr>
<td><?php print_lang('min_slot_qty');?></td>
<td><input name="slot_min_qty" type="text" size="8" value="16"/></td>
</tr>
<tr>
<td><?php print_lang('max_slot_qty');?></td>
<td><input name="slot_max_qty" type="text" size="8" value="64"/></td>
</tr>
<tr>
<td>Price Daily</td>
<td><input name="price_daily" type="text" size="8" value="0"/></td>
</tr>
<tr>
<td><?php print_lang('price_monthly');?></td>
<td><input name="price_monthly" type="text" size="8" value="0"/></td>
</tr>
<tr>
<td><?php print_lang('price_year');?></td>
<td><input name="price_year" type="text" size="8" value="0"/></td>
</tr>
<tr>
<td><?php print_lang('ftp_account');?></td>
<td>
<select name="ftp">
<option value="enabled"><?php print_lang('enabled');?></option>
<option value="disabled"><?php print_lang('disabled');?></option>
</td>
</tr>
<tr>
<td><?php print_lang('select_install_method');?></td>
<td>
<select name="install_method">
<option value="steam"><?php print_lang('steam');?></option>
<option value="rsync"><?php print_lang('rsync');?></option>
<option value="manual"><?php print_lang('manual_from_url');?></option>
</td>
</tr>
<tr>
<td><?php print_lang('url_for_manual_install');?></td>
<td><input name="manual_url" type="text" size="61"/></td>
</tr>
<tr>
<td><?php print_lang('description');?></td>
<td><textarea name='description' cols='45' rows='5'></textarea></td>
</tr>
<tr>
<td><?php print_lang('image_url');?></td>
<td><textarea name='img_url' cols='45' rows='1'>images/games/unknown.png</textarea></td>
</tr>
<tr>
<td><?php print_lang('access_rights');?></td>
<td>
<input name="allow_updates" type="checkbox" value="u" checked="checked"/><?php print_lang('allow_update');?><br>
<input name="allow_file_management" type="checkbox" value="f" checked="checked"/><?php print_lang('allow_file_management');?><br>
<input name="allow_parameter_usage" type="checkbox" value="p" checked="checked"/><?php print_lang('allow_parameter_usage');?><br>
<input name="allow_extra_params" type="checkbox" value="e" checked="checked"/><?php print_lang('allow_extra_parameters_usage');?><br>
<input name="allow_ftp_usage" type="checkbox" value="t" checked="checked"/><?php print_lang('allow_ftp_usage');?><br>
<input name="allow_custom_fields" type="checkbox" value="c" checked="checked"/><?php print_lang('allow_custom_fields');?>
</td>
</tr>
<tr>
<td></td>
<?php
}
else
{
?>
<!-- Part 1 - Select GAME -->
<tr>
<td><select name='home_cfg_id'>
<?php
global $db;
$games = $db->getGameCfgs();
foreach($games as $game)
{
echo "<option value='".$game['home_cfg_id']."'>".$game['game_name'];
if ( preg_match("/linux/", $game['game_key']) )
echo " (Linux) ";
if ( preg_match("/win/", $game['game_key']) )
echo " (Windows) ";
if ( preg_match("/64/", $game['game_key']) )
echo " (64bit) ";
echo "</option>";
}
?>
</select></td>
</tr>
<?php
}
?>
<td><input type="submit" value="<?php print_lang('add_service');?>"/></td>
</tr>
</form>
<!-- Show Services on DB -->
</table>
<br>
<h2>Enable/Disable Server Locations</h2>
<?php
//ENABLE OR DISABLE REMOTE SERVERS FOR GAMES
$result = $db->resultQuery("SELECT * FROM OGP_DB_PREFIXremote_servers");
echo "<form method='post' action=''>";
echo "<input type='hidden' name='update_remote_servers' value='update' />";
foreach($result as $rs)
{
$checked = 'checked';
if(!$rs['enabled'])
{
$checked = '';
}
echo "<div style='float:left; width:25%;'>";
echo $rs['remote_server_id'] ;
echo " <input type='checkbox' id='" . $rs['remote_server_id'] . "' name='" . $rs['remote_server_id'] ."' value='" .$rs['enabled'] . "' " . $checked . ">";
echo $rs['remote_server_name'];
echo "</div>";
}
echo "<br><input type='submit' value='Update Enabled Servers'>
</form>
<br><br>";
//end ENABLE REMOTE SERVERS
$services = $db->resultQuery("SELECT * FROM OGP_DB_PREFIXbilling_services ORDER BY service_name");
if ($services > 0)
{
?>
<h2><?php print_lang('current_services');?></h2>
<table class="center" style='text-align:center;'>
<tr>
<th><?php print_lang('id');?></th>
<th><?php print_lang('service_name');?></th>
<th><?php print_lang('remote_server');?></th>
<th><?php print_lang('unavailable');?></th>
<th><?php print_lang('price_monthly');?></th>
<th><?php print_lang('service_image_url');?></th>
<th>Enabled</th>
</tr>
<?php
foreach($services as $row)
{
?>
<tr class="tr<?php $i = 0; echo($i++%2);?>">
<td><b class="success" ><?php echo $row['service_id'];?></b></td>
<td><?php echo $row['service_name'];?></td>
<form method="post" action="">
<input name="service" type="hidden" value="<?php echo $row['service_id'];?>"/>
<td><input name="new_remote_server_id" type="text" value="<?php echo $row['remote_server_id'];?>"/></td>
<td><input name="new_out_of_stock" type="text" value="<?php echo $row['out_of_stock'];?>"/></td>
<td><input name="new_price_monthly" type="text" value="<?php echo $row['price_monthly'];?>" size="6"/></td>
<td><input name="new_url" type="text" value="<?php echo $row['img_url'];?>"/></td>
<td><input name="new_enabled" type="text" value="<?php echo $row['enabled'];?>"/></td>
<td><input type="submit" value="<?php print_lang('update_settings');?>"/></td>
</form>
</tr>
<?php
if(isset($_POST['new_enabled']))
{
$Enabled ='1';
}
else
{
$Enabled ='0';
}
?>
<?php
}
?>
</tr>
</table>
<table class="center">
<tr>
<tr>
<td>
<form action="" method="post">
<select name="service_id">
<?php
foreach($services as $service)
{
?>
<option value="<?php echo $service['service_id'];?>"><?php echo $service['service_name'];?></option>
<?php
}
?>
<input type="submit" value="<?php print_lang('remove_service');?>"/>
</form>
</td>
</tr>
</tr>
</table>
<?php
}
}
?>

137
modules/billing/bak/settings.php
View file

@ -1,137 +0,0 @@
<?php
function curPageName()
{
return substr($_SERVER["SCRIPT_NAME"],strrpos($_SERVER["SCRIPT_NAME"],"/")+1);
}
function exec_ogp_module()
{
require('includes/config.inc.php');
require_once('modules/settings/functions.php');
require_once('includes/form_table_class.php');
global $db,$view,$settings;
$currencies = Array (
'AUD' => 'Australian Dollar',
'BRL' => 'Brazilian Real',
'CAD' => 'Canadian Dollar',
'CZK' => 'Czech Koruna',
'DKK' => 'Danish Krone',
'EUR' => 'Euro',
'HKD' => 'Hong Kong Dollar',
'HUF' => 'Hungarian Forint',
'ILS' => 'Israeli New Sheqel',
'JPY' => 'Japanese Yen',
'MYR' => 'Malaysian Ringgit',
'MXN' => 'Mexican Peso',
'NOK' => 'Norwegian Krone',
'NZD' => 'New Zealand Dollar',
'PHP' => 'Philippine Peso',
'PLN' => 'Polish Zloty',
'GBP' => 'Pound Sterling',
'RUB' => 'Russian Ruble',
'SGD' => 'Singapore Dollar',
'SEK' => 'Swedish Krona',
'CHF' => 'Swiss Franc',
'TWD' => 'Taiwan New Dollar',
'THB' => 'Thai Baht',
'TRY' => 'Turkish Lira',
'USD' => 'U.S. Dollar'
);
asort($currencies);
$settings['paypal'] = isset($settings['paypal']) ? $settings['paypal'] : "1";
$settings['debug'] = isset($settings['debug']) ? $settings['debug'] : "1";
$settings['sandbox'] = isset($settings['sandbox']) ? $settings['sandbox'] : "1";
$settings['currency'] = isset($settings['currency']) ? $settings['currency'] : "EUR";
$settings['daily'] = isset($settings['daily']) ? $settings['daily'] : 1;
$settings['monthly'] = isset($settings['monthly']) ? $settings['monthly'] : 1;
$settings['annually'] = isset($settings['annually']) ? $settings['annually'] : 1;
$settings['tax_amount'] = isset($settings['tax_amount']) ? $settings['tax_amount'] : 7;
$settings['webhookurl'] = isset($settings['webhookurl']) ? $settings['webhookurl'] : "https://discordapp.com/api/webhooks";
$settings['checkbox'] = isset($settings['checkbox']) ? $settings['checkbox'] : "Terms and conditions";
$settings['TOSpopup'] = isset($settings['TOSpopup']) ? $settings['TOSpopup'] : "Accept the TOS";
$settings['display_free'] = isset($settings['display_free']) ? $settings['display_free'] : "1";
$settings['paypal_email'] = isset($settings['paypal_email']) ? $settings['paypal_email'] : "Business@E-mail";
function checked($value){
global $settings;
if( $settings[$value] == 1 )
return 'checked="checked"';
}
if(isset($_POST['currency']))
{
$currency = $_REQUEST['currency'];
}
if ( isset($_REQUEST['update_settings']) )
{
$settings = array(
"paypal" => $_REQUEST['paypal'],
"debug" => $_REQUEST['debug'],
"sandbox" => $_REQUEST['sandbox'],
"currency" => $currency,
"daily" => @$_REQUEST['daily'],
"monthly" => @$_REQUEST['monthly'],
"annually" => @$_REQUEST['annually'],
"tax_amount" => $_REQUEST['tax_amount'],
"webhookurl" => $_REQUEST['webhookurl'],
"checkbox" => $_REQUEST['checkbox'],
"TOSpopup" => $_REQUEST['TOSpopup'],
"display_free" =>$_REQUEST['display_free'],
"paypal_email" => $_REQUEST['paypal_email']);
$db->setSettings($settings);
print_success(get_lang('settings_updated'));
$view->refresh("?m=billing&p=shop_settings");
return;
}
$s = ( isset($_SERVER['HTTPS']) and get_true_boolean($_SERVER['HTTPS']) ) ? "s" : "";
$p = isset($_SERVER['SERVER_PORT']) & $_SERVER['SERVER_PORT'] != "80" ? ":".$_SERVER['SERVER_PORT'] : NULL ;
$this_script = 'http'.$s.'://'.$_SERVER['SERVER_NAME'].$p.$_SERVER['SCRIPT_NAME'];
$current_folder_url = str_replace( curPageName(), "", $this_script);
echo "<h2>".get_lang('shop_settings')."</h2>";
$ft = new FormTable();
?>
<form>
<tr>
<td></td>
</tr>
</form>
<?php
$ft->start_form("?m=billing&p=shop_settings");
$ft->start_table();
echo "<tr><td colspan='2' ><h3>".get_lang('payment_gateway')."</h4></td></tr>";
$ft->add_custom_field('paypal','<input type="checkbox" name="paypal" value="1" '.checked('paypal').'/>');
$ft->add_custom_field('debug','<input type="checkbox" name="debug" value="1" '.checked('debug').'/>');
$ft->add_custom_field('sandbox','<input type="checkbox" name="sandbox" value="1" '.checked('sandbox').'/>');
$ft->add_field('string','paypal_email',$settings['paypal_email'],35);
$ft->add_custom_field('currency',
create_drop_box_from_array($currencies,"currency",$settings['currency'],false));
echo "<tr><td colspan='2' ><h3>".get_lang('available_invoice_types')."</h4></td></tr>";
$ft->add_custom_field('daily','<input type="checkbox" name="daily" value="1" '.checked('daily').'/>');
$ft->add_custom_field('monthly','<input type="checkbox" name="monthly" value="1" '.checked('monthly').'/>');
$ft->add_custom_field('annually','<input type="checkbox" name="annually" value="1" '.checked('annually').'/>');
echo "<tr><td colspan='2' ><h3>Tax Amount</h4></td></tr>";
$ft->add_field('string','tax_amount',$settings['tax_amount'],2);
echo "<tr><td colspan='2' ><h3>Other Settings</h4></td></tr>";
$ft->add_field('string','webhookurl',$settings['webhookurl'],2);
$ft->add_field('string','checkbox',$settings['checkbox'],2);
$ft->add_field('string','TOSpopup',$settings['TOSpopup'],2);
$ft->add_custom_field('display_free','<input type="checkbox" name="display_free" value="1" '.checked('display_free').'/>');
$ft->end_table();
$ft->add_button("submit","update_settings",get_lang('update_settings'));
$ft->end_form();
}
?>

325
modules/billing/bak/shop.php
View file

@ -1,325 +0,0 @@
<?php
/*
*
* OGP - Open Game Panel
* Copyright (C) 2008 - 2017 The OGP Development Team
*
* http://www.opengamepanel.org/
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*/
function exec_ogp_module()
{
global $db, $view;
$settings = $db->getSettings();
if (isset($_POST['save']))
{
$new_description = str_replace("\\r\\n", "<br>", $_POST['description']);
$service = $_POST['service_id'];
$change_description = "UPDATE OGP_DB_PREFIXbilling_services
SET description ='".$db->realEscapeSingle($new_description)."'
WHERE service_id=".$db->realEscapeSingle($service);
$save = $db->query($change_description);
}
?>
<br>
<br>
<a href="?m=billing&p=cart"><img SRC="images/cart.png" BORDER="0" WIDTH=22 HEIGHT=20/><?php print_lang('your_cart');?></a><br>
<?PHP echo date('d-M-Y H:i a'); ?>
<!-- ------------------------------------------------------------------------------
THIS IS WHAT WE DISPLAY ON THE SHOP PAGE AT THE TOP
-->
<center><h5>We treat YOUR server like it was OUR server</h5></center>
<br>
</p>
<?php
// Shop Form
if(intval($_REQUEST['service_id']) !==0) $where_service_id = " WHERE enabled = 1 and service_id=".intval($_REQUEST['service_id']); else $where_service_id = " where enabled = 1";
$qry_services = "SELECT * FROM OGP_DB_PREFIXbilling_services".$where_service_id;
$services = $db->resultQuery($qry_services);
if (isset($_REQUEST['service_id']) && $services === false) {
$view->refresh('home.php?m=billing&p=shop');
return;
}
foreach ($services as $key => $row) {
$service_id[$key] = $row['service_id'];
$home_cfg_id[$key] = $row['home_cfg_id'];
$mod_cfg_id[$key] = $row['mod_cfg_id'];
$service_name[$key] = $row['service_name'];
$remote_server_id[$key] = $row['remote_server_id'];
$out_of_stock[$key] = $row['_out_of_stock'];
$slot_max_qty[$key] = $row['slot_max_qty'];
$slot_min_qty[$key] = $row['slot_min_qty'];
$price_daily[$key] = $row['price_daily'];
$price_monthly[$key] = $row['price_monthly'];
$price_year[$key] = $row['price_year'];
$description[$key] = $row['description'];
$img_url[$key] = $row['img_url'];
$ftp[$key] = $row['ftp'];
$install_method[$key] = $row['install_method'];
$manual_url[$key] = $row['manual_url'];
$access_rights[$key] = $row['access_rights'];
}
array_multisort($service_name,
$service_id,
$home_cfg_id,
$mod_cfg_id,
$remote_server_id,
$out_of_stock,
$slot_max_qty,
$slot_min_qty,
$price_daily,
$price_monthly,
$price_year,
$description,
$img_url,
$ftp,
$install_method,
$manual_url,
$access_rights, SORT_DESC, $services);
echo "<div>";
foreach($services as $row)
{
if(!isset($_REQUEST['service_id']))
{
?>
<div style="
float:left;
padding-top: 30px;
padding-right: 20px;
padding-bottom: 30px;
padding-left: 20px;">
<div style = "text-align: center;">
<img src="<?php echo $row['img_url'] ;?>" width=256 height=96 border=0 alt="cheap <?php echo $row['service_name'];?> Game Server">
<br>
<?php echo $row['service_name'];?>
<br>
<?php
if ($row['price_monthly'] == 0.0) {
echo "<span style='color:green'><b>FREE!</b></span>";
} else {
echo "<span style='color:grey'>Starting at $" . number_format(floatval($row['price_monthly']*$row['slot_min_qty']),2) ." each month<br> "
. number_format(floatval($row['price_monthly']),2) ." per player slot<br>".$row['slot_min_qty'] ." to " . $row['slot_max_qty'] . " players</span><br>
<a href='".$row['description']."' target='_blank'>More Info</a>";
}
?>
<br>
<form action="" method="POST">
<input name="service_id" type="hidden" value="<?php echo $row['service_id'];?>" />
<input name="order_server" type="submit" value="ORDER HERE">
</div>
</form>
</div>
</>
<div style="border-left:10px solid transparent;">
<?php
} else
{
?>
<div style="float:left; border: 4px solid transparent;border-bottom: 25px solid transparent;">
<img src="<?php echo $row['img_url'] ;?>" width=256 height=96 border=0 alt="cheap <?php echo $row['service_name'];?> server">
<center><b><?php echo $row['service_name']."</b>
<br>
</center>";
$isAdmin = $db->isAdmin($_SESSION['user_id'] );
if($isAdmin)
{
if(!isset($_POST['edit']))
{
echo "<p style='color:gray;width:280px;' >$row[description]<p>";
echo "<form action='' method='post'>".
"<input type='hidden' name='service_id' value='$row[service_id]' />".
"<input type='submit' name='edit' value='" . get_lang('edit') . "' />".
"</form>";
}
else
{
echo "<form action='' method='post'>".
"<textarea style='resize:none;width:280px;height:132px;' name='description' >".str_replace("<br>", "\r\n", $row['description'])."</textarea><br>".
"<input type='hidden' name='service_id' value='$row[service_id]' />".
"<input type='submit' name='save' value='" . get_lang('save') . "' />".
"</form>";
}
}
else
echo "<center><a href='". $row[description]."' target='_blank'>More Info</a><br></center>";
?>
</div>
<table style="width:420px;float:left;">
<form method="post" action="?m=billing&p=add_to_cart<?php if(isset($_POST['service_id'])) echo "&service_id=".$_POST['service_id'];?>">
<input type="hidden" name="remote_control_password" size="15" value="<?php echo genRandomString(10);?>">
<input type="hidden" name="ftp_password" size="15" value="<?php echo genRandomString(10);?>">
<tr>
<td align="right"><?php print_lang('service_name');?> </td>
<td align="left">
<input type="text" name="home_name" size="40" value="<?php echo $row['service_name'];?>">
</td>
<tr>
<td align="right">Location </td>
<td align="left">
<?php
//loop through multiple remote server ID stored in services 'remote_server_ip' as text
//change WHERE clause to IS IN clause
$rsiArray = explode(" ", $row['remote_server_id']);
$rsi = implode(",",$rsiArray);
//get the out of stock into an array and see if the rsID is in that array
$unavailable_Array = explode(" ", $row['out_of_stock']);
$available_server = false;
//loop through each of the assigned servers and see if its disabled
foreach($rsiArray as $rsi)
{
$query = "SELECT * FROM OGP_DB_PREFIXremote_servers WHERE remote_server_id = ".$rsi;
$result = $db->resultQuery($query);
foreach($result as $rs)
{
$rsID =$rs['remote_server_id'];
$rsNAME = $rs['remote_server_name'];
//echo "<option value='$rsID'>$rsNAME</option>";
// add disabled to lable and input if $rsID is in out_of_stock
$is_unavailable = "";
$service_text_color = "";
if (in_array($rsID,$unavailable_Array))
{
$is_unavailable = "disabled";
$service_text_color = "red";
}
if($rs['enabled']==0)
{
$is_unavailable = "disabled";
$service_text_color = "red";
}
if($is_unavailable == "")
{
$available_server = true;
}
//default radio button
// //<input type='radio' $is_unavailable name='ip_id' id='$rsID' value='$rsID' >
echo "<div>
<input type='radio' $is_unavailable name='ip_id' id='$rsID' value='$rsID' required>
<label for '$rsID' $is_unavailable ><span style='color:$service_text_color'>$rsNAME </span></label>
</div>";
}
}
?>
</td>
</tr>
<tr>
<td align="right"><?php print_lang('max_players');?> </td>
<td align="left">
<select name="max_players">
<?php
$players=$row['slot_min_qty'];
while($players<=$row['slot_max_qty'])
{
//echo "<option value='$players'>$players slots</option>";
//displays the price
echo "<option value='$players'>$players slots = $" . number_format(floatval($row['price_monthly'] * $players),2 ) . " per month</option>";
$players++;
}
?>
</select>
</td>
</tr>
<tr>
<td align="right"><?php print_lang('invoice_duration');?> </td>
<td align="left">
<select name="qty">
<?php
$qty=1;
while($qty<=12)
{
echo "<option value='$qty'>$qty months</option>";
$qty++;
}
?>
</select>
<input type="hidden" name="invoice_duration" value="month" />
</td>
</tr>
<tr>
<td align="left" colspan="2">
<input name="service_id" type="hidden" value="<?php echo $row['service_id'];?>"/>
<?php
if ($available_server)
{
?>
<input type="submit" name="add_to_cart" value="<?php print_lang('add_to_cart');?>"/>
<?php
}
?>
</form>
</td>
</tr>
<tr>
<td align="left" colspan="2">
<form action ="?m=billing&p=shop" method="POST">
<button><< <?php print_lang('back_to_list');?></button>
</form>
</td>
</tr>
</table>
<?php
}
}
?>
</div>
<div style="clear: both; text-align:center" id="read_more" >
<p style="color:yellow; text-align:center;">100% refund if you are not satisfied
</p>
Read our <a href="tos.php" target="_blank">Terms of Service</a> Here
</div>
<?php
}
?>

66
modules/billing/bak/test-email.php
View file

@ -1,66 +0,0 @@
<?php
/*
*
* OGP - Open Game Panel
* Copyright (C) 2008 - 2017 The OGP Development Team
*
* http://www.opengamepanel.org/
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*/
chdir(realpath(dirname(__FILE__))); /* Change to the current file path */
chdir("../.."); /* Base path to ogp web files */
// Report all PHP errors
error_reporting(E_ALL);
// Path definitions
define("CONFIG_FILE","includes/config.inc.php");
//Requiere
require_once("includes/functions.php");
require_once("includes/helpers.php");
require_once("includes/html_functions.php");
require_once("modules/config_games/server_config_parser.php");
require_once("includes/lib_remote.php");
require_once CONFIG_FILE;
// Connect to the database server and select database.
$db = createDatabaseConnection($db_type, $db_host, $db_user, $db_pass, $db_name, $table_prefix);
$panel_settings = $db->getSettings();
if( isset($panel_settings['time_zone']) && $panel_settings['time_zone'] != "" )
date_default_timezone_set($panel_settings['time_zone']);
//these dates are configured in the Shop Settings page
$today=time();
$invoice_date = strtotime('+ 7 days'); //this many days until the finish_date
$suspend_date = $today; //suspend when overdue
$removal_date = strtotime('+ 7 days'); //finish_date is passed 7 days ago
$rundate = date('d/M/y G:i',$today);
//THESE SERVERS HAVE REACHED THE DATE FOR INVOICE, FINISH_DATE - 7 (OR WHAT IS IN SETTINGS)
//SET STATUS -1 MEANING INVOICED
//LOOP THROUGH ALL SERVERS WITH STATUS = 1 (ACTIVE) -----------------------------------------------------------
$settings = $db->getSettings();
$subject = "Test Email";
$emailto = "iaretechnician@gmail.com";
$message = "WooHoo<br><br><br>Email Works<br>Thanks!<br>";
$mail = mymail($emailto, $subject, $message, $settings);
// END EMAIL

177
modules/billing/bill.php
View file

@ -1,177 +0,0 @@
<?php
function exec_ogp_module()
{
//Include database connection details
require('includes/config.inc.php');
global $db,$view,$settings;
if(isset($_GET['type']) && $_GET['type'] == 'cleared')
{
echo '<body onload="window.print()" >';
$view->setCharset(get_lang('lang_charset'));
}
$user_id = $_SESSION['user_id'];
$cart_id = $_POST['cart_id'];
$cart_id = $db->realEscapeSingle($cart_id);
$isAdmin = $db->isAdmin( $_SESSION['user_id'] );
if ( $isAdmin )
$orders = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart_id) );
else
$orders = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart_id)." AND user_id=".$db->realEscapeSingle($user_id) );
$cart = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_carts WHERE cart_id=".$db->realEscapeSingle($cart_id) );
$tempdate = date_create( $cart[0]['date']);
$paid_date = date_format($tempdate,"d M Y H:m");
if( !empty($orders) )
{
?>
<br><br>
<table width="772" height="438" border="0" style="color:#000000" bgcolor="#FFFFFF">
<tr bgcolor="#000000">
<td colspan="7" align="center" style="color:white">
<p style="font-size:18pt"><b><?php print_lang("invoice");?></b></p>
</td>
</tr>
<tr>
<td align="left" >Paid: <?php echo $paid_date; ?></td>
</tr>
<tr>
<td width="150" height="21" align="left"><b><?php echo "<b>Xp Game Host</b><br/>
3400 Laurel Rd<br/>
Brunswick, OH 44212 "; ?></td>
<td colspan="4" rowspan="3">&nbsp;</td>
<td align="center" colspan="2" rowspan="3" ><img src="images/xplogo.png"></td>
</tr>
<tr>
<td width="150" height="21" align="left">Email: <?php echo "<b>".$settings['panel_email_address']."</b>"; ?></td>
</tr>
<tr>
<td height="23" colspan="7">&nbsp;</td>
</tr>
<tr>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong><?php print_lang("order");?></strong></div></td>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong>Server ID</strong></div></td>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong><?php print_lang("item");?></strong></div></td>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong><?php print_lang("invoice_duration");?></strong></div></td>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong><?php print_lang("slot_cost");?></strong></div></td>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong><?php print_lang("slot_quantity");?></strong></div></td>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="center"><strong><?php print_lang("order_price");?></strong></div></td>
<hr/></tr>
<?php
$subtotal = 0;
foreach($orders as $order)
{
$order_id = $order['order_id'];
$user_id = $order['user_id'];
$service_id = $order['service_id'];
$home_name = $order['home_name']." - ".$order_id;
$ip = $order['ip'];
$max_players = $order['max_players'];
$qty = $order['qty'];
$invoice_duration = $order['invoice_duration'];
$price = $order['price'];
$subtotal= $price * $max_players * $qty;
$subtotal2 += $order['price'] * $max_players * $qty;
$qry_service = "SELECT DISTINCT price_daily, price_monthly, price_year FROM ".$table_prefix."billing_services WHERE service_id=".$db->realEscapeSingle($service_id);
$result_service = $db->resultQuery($qry_service);
$row_service = $result_service[0];
//Calculating Costs
if ($invoice_duration == "day")
{
$price_slot=$row_service['price_daily'];
}
elseif ($invoice_duration == "month")
{
$price_slot=$row_service['price_monthly'];
}
elseif ($invoice_duration == "year")
{
$price_slot=$row_service['price_year']*12;
}
$duration = $invoice_duration > 1 ? $invoice_duration."s":$invoice_duration;
?>
<tr>
<td align="center" height="23"><?php echo $order_id; ?></td>
<td align="center" height="23"><?php echo $order['home_id']; ?></td>
<td align="center" height="23"><?php echo $order['home_name']; ?></td>
<td align="center"><?php echo $qty." ".get_lang($duration); ?></td>
<td align="center"><?php echo "$" . number_format(floatval(round(($price_slot),2 )),2)." ".$settings['currency']."/".get_lang($invoice_duration); ?></td>
<td align="center"><?php echo $max_players; ?></td>
<td align="center"><?php echo "$" . number_format(floatval(round(($subtotal),2 )),2)." ".$settings['currency']; ?></td>
</tr><?php
}
$coupon_savings = 0;
if($cart[0]['coupon_id']>0) {
$result = $db->resultquery("SELECT discount from OGP_DB_PREFIXbilling_coupons WHERE id = '". $cart[0]['coupon_id'] . "'");
foreach($result as $coupon){
$coupon_savings = $subtotal2 * ($coupon['discount'] / 100);
}
}
//$subtotal2 += $order['price'] * $max_players * $qty;
//$total = $subtotal2+($cart[0]['tax_amount']/100*$subtotal2);
$total = ($subtotal2 - $coupon_savings) * ($cart[0]['tax_amount'] / 100 + 1);
?>
<tr>
<td height="24" colspan="5">&nbsp;</td>
</tr>
<tr>
<td colspan="3" rowspan="5">&nbsp;</td>
<td height="23" style="border: 2px solid #000000"><div align="right"><strong><?php print_lang("subtotal");?> : </strong></div></td>
<td style="border: 2px solid #000000"><?php echo "$" . number_format(floatval(round(($subtotal2),2 )),2) . " ".$settings['currency']; ?></td>
</tr>
<?php
if($cart[0]['coupon_id']>0) {
echo '
<tr>
<td height="23" style="border: 2px solid #000000"><div align="right"><strong>Discount : </strong></div></td>
<td style="border: 2px solid #000000">'. "$" . number_format(floatval(round((($subtotal2-$coupon_savings)-$subtotal2),2 )),2) . " ".$settings['currency'] .'</td>
</tr>';
}
?>
<tr>
<td height="23" style="border: 2px solid #000000"><div align="right"><strong><?php print_lang("tax");?> : </strong></div></td>
<td style="border: 2px solid #000000"><?php echo $cart[0]['tax_amount']."%"; ?></td>
</tr>
<tr>
<td height="23" style="border: 2px solid #000000" bgcolor="#222222"><div align="right"><strong><?php print_lang("total");?> : </strong></div></td>
<td style="border: 2px solid #000000" bgcolor="#222222"><?php echo "$" . number_format(floatval(round(($total),2 )),2) ." ".$settings['currency']; ?></td>
</tr>
<tr>
<td height="23" style="border: 2px solid #000000"><div align="right"><strong></strong></div></td>
<td style="border: 2px solid #000000"></td>
</tr>
</table>
<br><br>
<form method='post' action='?m=billing&p=bill&type=cleared' >
<input type="hidden" name="cart_id" value="<?php echo $_POST['cart_id'];?>">
<input type="submit" value="<?php print_lang('print_invoice') ?>" />
</form>
<form method='post' action='?m=billing&p=<?php
$isAdmin = $db->isAdmin($_SESSION['user_id']);
if ($isAdmin)
{
echo 'orders';
}
else
{
echo 'cart';
}
echo "'><input type='submit' value='";
print_lang('back');
?>'/>
</form>
<br><br><?php
}
}
?>

41
modules/billing/bounce.php
View file

@ -1,41 +0,0 @@
<?php
$url = "https://";
// Append the host(domain name, ip) to the URL.
$url.= $_SERVER['HTTP_HOST'];
// foreach($_POST as $key => $val) {
// echo 'Field name : ' . $key . ' Value :' .$val .'<br>';
// }
if (($_POST['payment_status']=="Completed")){
echo "<title>Success</title><h4>Thank you for your order. <br> ... </h4><br>";
echo "Processing your payment Information ..";
$bounce_to = $url."/home.php?m=billing&p=paid";
} else {
echo "<title>Uh OH</title><h4>There was a problem, Please contact Support<br> ... </h4><br>";
$bounce_to = $url."/home.php?m=billing&p=paid";
//we can setup a "failed page" to redirect to. My sandbox payments are not marked completed for some reason
}
?>
<form name='paid' action='<?php echo $bounce_to?>' method='post'>
<input type='hidden' name='cart_id' value='<?php echo $_POST["item_number"]?>'>
<input type='hidden' name='payment_status' value='<?php echo $_POST["payment_status"] ?>'>
</form>
<script>
var auto_refresh = setInterval(
function()
{
submitform();
}, 2000);
function submitform()
{
document.paid.submit();
}
</script>

872
modules/billing/cart.php
View file

@ -1,428 +1,504 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Shopping Cart - GameServers.World</title>
</head>
<body>
<?php <?php
function saveOrderToDb($user_id,$service_id,$home_name,$ip,$max_players,$qty,$invoice_duration,$price,$remote_control_password,$ftp_password,$cart_id,$home_id = "0",$status,$finish_date,$extended = "0"){ ini_set('display_errors', 1);
global $db; ini_set('display_startup_errors', 1);
if(isset($_SESSION['coupon_id'])){ error_reporting(E_ALL);
$coupon_id = $_SESSION['coupon_id'];
} else { // Require login
$coupon_id = 0; require_once(__DIR__ . '/includes/login_required.php');
}
$fields['user_id'] = $user_id; // Include database configuration
$fields['service_id'] = $service_id; require_once(__DIR__ . '/includes/config.inc.php');
$fields['home_name'] = $home_name; require_once(__DIR__ . '/includes/log.php');
$fields['ip'] = $ip;
$fields['max_players'] = $max_players; // Create database connection
$fields['qty'] = $qty; $db = mysqli_connect($db_host, $db_user, $db_pass, $db_name);
$fields['invoice_duration'] = $invoice_duration; if (!$db) {
$fields['price'] = $price; die("Connection failed: " . mysqli_connect_error());
$fields['remote_control_password'] = $remote_control_password; }
$fields['ftp_password'] = $ftp_password;
$fields['cart_id'] = $cart_id; // Handler: allow admin quick-create OR user claim for free items
$fields['home_id'] = $home_id; if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST['create_free_for'])) {
$fields['status'] = $status; if (session_status() === PHP_SESSION_NONE) session_start();
$fields['finish_date'] = $finish_date; $actor_id = intval($_SESSION['website_user_id'] ?? $_SESSION['user_id'] ?? 0);
$fields['extended'] = $extended; $actor_role = strtolower($_SESSION['website_user_role'] ?? '');
$fields['coupon_id'] = $coupon_id; $is_admin = ($actor_role === 'admin');
return $db->resultInsertId( 'billing_orders', $fields );
// Fallback: if session role not present, try to resolve from DB using actor_id or website_username
if (!$is_admin) {
if ($actor_id > 0) {
$ar = mysqli_query($db, "SELECT users_role FROM ogp_users WHERE user_id = " . intval($actor_id) . " LIMIT 1");
if ($ar && mysqli_num_rows($ar) === 1) {
$arr = mysqli_fetch_assoc($ar);
if (strtolower((string)($arr['users_role'] ?? '')) === 'admin') {
$is_admin = true;
$_SESSION['website_user_role'] = 'admin';
}
}
} elseif (isset($_SESSION['website_username']) && !empty($_SESSION['website_username'])) {
$safe_un = mysqli_real_escape_string($db, $_SESSION['website_username']);
$ar = mysqli_query($db, "SELECT user_id, users_role FROM ogp_users WHERE users_login = '$safe_un' LIMIT 1");
if ($ar && mysqli_num_rows($ar) === 1) {
$arr = mysqli_fetch_assoc($ar);
if (strtolower((string)($arr['users_role'] ?? '')) === 'admin') {
$is_admin = true;
$_SESSION['website_user_role'] = 'admin';
$_SESSION['website_user_id'] = intval($arr['user_id'] ?? 0);
}
}
}
}
$orderId = (int)$_POST['create_free_for'];
if ($orderId > 0) {
// load order to verify ownership/price
$stmt = $db->prepare("SELECT user_id, price, status, qty, invoice_duration FROM ogp_billing_orders WHERE order_id = ? LIMIT 1");
if ($stmt) {
$stmt->bind_param('i', $orderId);
$stmt->execute();
$stmt->bind_result($owner_id, $order_price, $prev_status, $order_qty, $order_invoice_duration);
$found = $stmt->fetch();
$stmt->close();
} else {
$found = false;
}
$audit_file = __DIR__ . '/logs/free_create_audit.log';
if ($found) {
$allowed = false;
$reason = '';
// Admin may force-create paid records for testing
if ($is_admin) {
$allowed = true;
$reason = 'admin_create';
}
// Owner may claim a free order if the price is zero
elseif ($actor_id > 0 && $actor_id === intval($owner_id) && floatval($order_price) == 0.0) {
$allowed = true;
$reason = 'user_claim_free';
}
if ($allowed) {
// Compute finish_date: months based on invoice_duration and qty
$months = 0;
$q = intval($order_qty ?? 0);
$invdur = strtolower(trim($order_invoice_duration ?? ''));
if (strpos($invdur, 'year') !== false) {
$months = $q * 12;
} else {
// default to months for anything else (month, monthly, etc.)
$months = $q;
}
$finish_date = null;
if ($months > 0) {
$dt = new DateTime('now');
$dt->modify('+' . intval($months) . ' months');
$finish_date = $dt->format('Y-m-d H:i:s');
} else {
// if no months specified, set to now
$finish_date = date('Y-m-d H:i:s');
}
// Check if finish_date column exists
$finish_col_exists = false;
$col_check = mysqli_query($db, "SHOW COLUMNS FROM ogp_billing_orders LIKE 'finish_date'");
if ($col_check && mysqli_num_rows($col_check) > 0) $finish_col_exists = true;
// Perform update and log results. Use prepared statements when available and fallback to direct query on error.
$updated_rows = 0;
if ($finish_col_exists) {
$upd = $db->prepare("UPDATE ogp_billing_orders SET status = 'paid', finish_date = ? WHERE order_id = ? LIMIT 1");
if ($upd) {
$upd->bind_param('si', $finish_date, $orderId);
$ok = $upd->execute();
if (!$ok) site_log_warn('free_create_update_failed_prepare', ['error'=>$db->error, 'sql'=>'UPDATE with finish_date', 'order'=>$orderId]);
$updated_rows = $upd->affected_rows;
$upd->close();
} else {
// fallback
$safe_fd = mysqli_real_escape_string($db, $finish_date);
$q = "UPDATE ogp_billing_orders SET status = 'paid', finish_date = '$safe_fd' WHERE order_id = " . intval($orderId) . " LIMIT 1";
$resq = mysqli_query($db, $q);
if (!$resq) site_log_warn('free_create_update_failed_query', ['error'=>mysqli_error($db), 'sql'=>$q]);
else $updated_rows = mysqli_affected_rows($db);
}
} else {
$upd = $db->prepare("UPDATE ogp_billing_orders SET status = 'paid' WHERE order_id = ? LIMIT 1");
if ($upd) {
$upd->bind_param('i', $orderId);
$ok = $upd->execute();
if (!$ok) site_log_warn('free_create_update_failed_prepare', ['error'=>$db->error, 'sql'=>'UPDATE status only', 'order'=>$orderId]);
$updated_rows = $upd->affected_rows;
$upd->close();
} else {
$q = "UPDATE ogp_billing_orders SET status = 'paid' WHERE order_id = " . intval($orderId) . " LIMIT 1";
$resq = mysqli_query($db, $q);
if (!$resq) site_log_warn('free_create_update_failed_query', ['error'=>mysqli_error($db), 'sql'=>$q]);
else $updated_rows = mysqli_affected_rows($db);
}
}
// write audit log (include finish_date if set)
site_log_info('free_create', ['actor'=>$actor_id, 'role'=>$actor_role, 'action'=>$reason, 'order'=>$orderId, 'owner'=>$owner_id, 'price'=>$order_price, 'prev_status'=>$prev_status, 'finish_date'=>$finish_date ?? '', 'updated_rows'=>$updated_rows]);
// write a simulated webhook file (same behavior as previous admin flow)
$dataDir = (isset($SITE_DATA_DIR) && $SITE_DATA_DIR) ? $SITE_DATA_DIR : realpath(__DIR__ . '/') . DIRECTORY_SEPARATOR . 'data';
@mkdir($dataDir, 0775, true);
$rec = [
'event_type' => 'PAYMENT.CAPTURE.COMPLETED',
'status' => 'PAID',
'amount' => floatval($order_price),
'currency' => 'USD',
'payer' => $_SESSION['website_user_email'] ?? ($_SESSION['website_username'] ?? ''),
'invoice' => 'FREE-' . $orderId . '-' . time(),
// process_payment_record matches numeric custom values to order_id; use numeric order id here to ensure matching
'custom' => (string)$orderId,
'resource_id' => 'FREE-' . bin2hex(random_bytes(6)),
'items' => [],
'ts' => date('c'),
];
$fname = $dataDir . DIRECTORY_SEPARATOR . $rec['invoice'] . '.json';
file_put_contents($fname, json_encode($rec, JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES));
// If available, process the payment record immediately so webhooks logic runs during creation
$ps = __DIR__ . '/payment_success.php';
if (is_file($ps)) {
try {
require_once($ps);
if (function_exists('process_payment_record')) {
process_payment_record($rec);
}
} catch (Exception $e) {
error_log('[cart create_free] process_payment_record failed: ' . $e->getMessage());
}
}
header('Location: return.php?invoice=' . urlencode($rec['invoice']));
exit;
} else {
// unauthorized attempt - log and continue
site_log_warn('unauthorized_free_create', ['actor'=>$actor_id, 'role'=>$actor_role, 'order'=>$orderId, 'owner'=>$owner_id, 'price'=>$order_price]);
}
}
}
}
// Include top bar and menu
include(__DIR__ . '/includes/top.php');
include(__DIR__ . '/includes/menu.php');
// Use session user_id where available
// Use session user_id where available; if not present but website_username exists, try to resolve it from DB
$user_id = intval($_SESSION['website_user_id'] ?? $_SESSION['user_id'] ?? 0);
if ($user_id <= 0 && isset($_SESSION['website_username']) && !empty($_SESSION['website_username'])) {
// try to resolve username to user_id in DB and persist into session
$safe_uname = mysqli_real_escape_string($db, $_SESSION['website_username']);
$qr = mysqli_query($db, "SELECT user_id FROM ogp_users WHERE users_login = '$safe_uname' LIMIT 1");
if ($qr && mysqli_num_rows($qr) === 1) {
$rr = mysqli_fetch_assoc($qr);
$user_id = intval($rr['user_id'] ?? 0);
if ($user_id > 0) {
$_SESSION['website_user_id'] = $user_id;
site_log_info('cart_resolved_user_id', ['username'=>$_SESSION['website_username'],'user_id'=>$user_id]);
// Resolve and persist the user's role to avoid extra DB lookups later
$role_q = mysqli_query($db, "SELECT users_role FROM ogp_users WHERE user_id = " . intval($user_id) . " LIMIT 1");
if ($role_q && mysqli_num_rows($role_q) === 1) {
$role_r = mysqli_fetch_assoc($role_q);
$_SESSION['website_user_role'] = $role_r['users_role'] ?? '';
}
}
} else {
site_log_warn('cart_resolve_user_failed', ['username'=>$_SESSION['website_username']]);
}
}
if ($user_id <= 0) {
echo "<center><h4>Please login to view your cart</h4></center>";
mysqli_close($db);
echo "</body></html>";
return;
}
// Determine admin status for UI: prefer session role, otherwise check DB
$is_admin = false;
if (isset($_SESSION['website_user_role']) && !empty($_SESSION['website_user_role'])) {
$is_admin = (strtolower($_SESSION['website_user_role']) === 'admin');
} elseif ($user_id > 0) {
$rr = mysqli_query($db, "SELECT users_role FROM ogp_users WHERE user_id = " . intval($user_id) . " LIMIT 1");
if ($rr && mysqli_num_rows($rr) === 1) {
$rrow = mysqli_fetch_assoc($rr);
$is_admin = (strtolower((string)($rrow['users_role'] ?? '')) === 'admin');
}
} }
function assignOrdersToCart($user_id,$tax_amount,$currency,$coupon_id){ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['delete_single'])) {
global $db; $order_id = intval($_POST['delete_single']);
$fields['user_id'] = $user_id; if ($order_id > 0) {
$fields['paid'] = '0'; // First, check if the status is 'renew'
$fields['tax_amount'] = $tax_amount; $stmt = $db->prepare("SELECT status FROM ogp_billing_orders WHERE order_id = ? AND user_id = ?");
$fields['currency'] = $currency; $stmt->bind_param("ii", $order_id, $user_id);
//discount coupon $stmt->execute();
if (!isset($coupon_id)) $coupon_id = "0"; $stmt->bind_result($status);
$fields['coupon_id'] = $coupon_id; if ($stmt->fetch() && strtolower($status) === 'renew') {
$check_expired = $db->resultquery("SELECT id from OGP_DB_PREFIXbilling_coupons WHERE id = $fields[coupon_id] AND count > 0 AND expires >= NOW()"); $stmt->close();
if ($check_expired <= 0) $fields['coupon_id'] = 0; // Set status to 'expired' if currently 'renew'
return $db->resultInsertId( 'billing_carts', $fields ); $update = $db->prepare("UPDATE ogp_billing_orders SET status = 'expired' WHERE order_id = ? AND user_id = ?");
$update->bind_param("ii", $order_id, $user_id);
$update->execute();
$update->close();
} else {
$stmt->close();
// Otherwise, delete the order
$delete = $db->prepare("DELETE FROM ogp_billing_orders WHERE order_id = ? AND user_id = ?");
$delete->bind_param("ii", $order_id, $user_id);
$delete->execute();
$delete->close();
}
}
} }
function exec_ogp_module() if ($db){
{ $carts = $db->query("SELECT * FROM ogp_billing_orders AS cart
error_reporting(E_ALL); WHERE (status = 'in-cart' OR status = 'renew') AND user_id = " . $user_id . " ORDER BY order_id ASC");
global $db,$view,$settings;
$discounted_price = 0;
$user_id = $_SESSION['user_id'];
if( isset( $_POST["buy"] ) or isset( $_POST["pay_paypal"] ) )
{
$cart_id = $_POST['cart_id'];
echo '<meta http-equiv="refresh" content="0;url=home.php?m=billing&p=create_servers&cart_id='.$cart_id.'" >';
}
if( isset( $_POST["extend"] ) or isset( $_POST["extend_and_pay_paypal"] ))
{
}
if(isset($_POST['remove']))
{
}
?>
<style>
h4 {
width:250px;
height:25px;
background:#f5f5f5;
border-top-style:solid;
border-top-color:#afafaf;
border-top-width:1px;
border-style: solid;
border-color: #CFCFCF;
border-width: 1px;
padding-top:8px;
text-align: center;
font-family:"Trebuchet MS";
}
</style>
<h2>Cart</h2>
<!--
SHOW ALL THE INVOICES FOR USER
<form method="post" action="?m=billing&p=orders">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<input type="submit" value="All Orders">
</form>
-->
<?php
if( isset($_SESSION['CART']) and !empty($_SESSION['CART']) )
{
$carts[0] = $_SESSION['CART'];
}
$user_carts = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_carts WHERE user_id=".$db->realEscapeSingle($user_id) ." order by cart_id desc" );
if( $user_carts >=1 )
{
// SELECT WHAT KIND OF OLD INVOICES TO DISPLAY. WE NEED A BUTTON? }
foreach ( $user_carts as $user_cart )
{
$cart_id = $user_cart['cart_id'];
$carts[$cart_id] = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_carts AS cart JOIN ?>
OGP_DB_PREFIXbilling_orders AS orders
ON orders.cart_id=cart.cart_id <div class="site-panel">
WHERE orders.status IN (0, -1 , -2) AND (cart.cart_id=".$db->realEscapeSingle($cart_id). ") order by order_id asc"); <h2 class="site-panel-title">Your Cart</h2>
}
} <!--
This is our cart form just for display and deletion. There is a different form below that has the paypal button and fills in all the hidden fields
if( empty( $carts ) ) -->
{
print_failure( get_lang('there_are_no_orders_in_cart') ); <table class="cart-table">
?> <thead>
<a href="?m=billing&p=shop"><?php print_lang('back'); ?></a> <tr>
<?php <th class="table-compact text-center"></th>
return; <th>Server ID</th>
} <th>Game Name</th>
foreach ( $carts as $orders ) <th>Location</th>
{ <th>Max Players</th>
if( !empty( $orders ) ) <th>Price per Player</th>
{ <th>Months</th>
?> <th>Total</th>
<center> </tr>
<table style="width:95%;text-align:left;" class="center"> </thead>
<tr> <tbody>
<hr /> <?php
$grandTotal = 0; // Initialize grand total variable
if (isset($carts) && $carts instanceof mysqli_result && $carts->num_rows > 0) {
while ($row = $carts->fetch_assoc()) {
?>
<tr data-cart-id="<?php echo htmlspecialchars($row['order_id']); ?>">
<td>
<form method="post" action="" class="inline-form">
<button type="submit" name="delete_single" value="<?php echo htmlspecialchars($row['order_id']); ?>" class="btn-square text-danger">

</button>
</form>
</td>
<td><?php echo htmlspecialchars($row['home_id']); ?></td>
<td><?php echo htmlspecialchars($row['home_name']); ?></td>
<td><?php echo htmlspecialchars($row['ip']); ?></td>
<td><?php echo htmlspecialchars($row['max_players']); ?></td>
<td>$<?php echo number_format($row['price'], 2); ?></td>
<td><?php echo htmlspecialchars($row['qty']); ?></td>
<?php $rowtotal = $row['price'] * $row['qty'] * $row['max_players'];?>
<?php
// Use the previously resolved $is_admin (computed once above)
$is_free = ((float)$row['price'] == 0.0);
?>
<?php if ($is_admin || $is_free): ?>
<td>
<form method="post" action="" class="inline-form">
<input type="hidden" name="create_free_for" value="<?php echo (int)$row['order_id']; ?>">
<button type="submit" class="btn-primary"><?php echo $is_admin ? 'Create (Free)' : 'Claim (Free)'; ?></button>
</form>
<?php if ($is_admin): ?>
<div style="font-size:11px;color:#666;margin-top:4px;">Admin: force-create a paid record for testing.</div>
<?php endif; ?>
</td>
<?php else: ?>
<td>&nbsp;</td>
<?php endif; ?>
<?php $grandTotal += $rowtotal; // Add to grand total ?>
<td>$<?php echo number_format($rowtotal, 2); ?></td>
<th> </tr>
<?php print_lang("order_desc");?></th> <?php
<th>
<?php print_lang("price");?>
</th>
<?php
if(isset($orders[0]['paid']) and $orders[0]['paid'] == 3)
{
?>
<th>
<?php print_lang('expiration_date');?>
</th>
<th>Status
</th>
<?php
}
?>
<th>
</th>
</tr>
<?php
$subtotal = 0;
$total_orders = count($orders);
$order_counter = 0;
foreach($orders as $order)
{
$order_counter++;
if ( $order['qty'] > 1 )
$order['invoice_duration'] = $order['invoice_duration']."s";
$subtotal += ($order['price']* $order['max_players'] * $order['qty']);
?>
<tr class="tr">
<td>
<?php
$rserver = $db->getRemoteServer($order['ip']);
if($order['home_id'] == 0)
{
echo "Order# ".$order['order_id'] . " <b>".$order['home_name']."</b>";
//**************************************************
?>
<form method="post" action="home.php?m=billing&p=create_servers" >
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<input name="buy" type="submit" value="Create Server" ><br>
</form>
<?php
//*************************************************
}
else{
echo "Order# ".$order['order_id'] . " <b>".$order['home_name']."</b> Server ID ".$order['home_id'] ;
}
?>
</td>
<td>
<?php
echo "$" . number_format( $order['price'], 2 ). " " .$order['currency'] . " per slot<br>"
. $order['max_players'] . " Slots<br>"
. $order['qty'] . " " . $order['invoice_duration'] ;
?>
</td>
<?php
if($order['paid'] == 0 and ($order['extended'] == 0))
{
?>
<td align="center">
<form method="post" action="">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<input type="hidden" name="order_id" value="<?php echo @$order['order_id'];?>">
</form>
<?php if ($total_orders == $order_counter) {
?>
<!--checkbox -->
<form method="post" action="" >
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<?php
//check number of orders they have had or if user is an admin (to be able to create server)
$isAdmin = $db->isAdmin( $_SESSION['user_id'] );
$server_price = number_format( $order['price'], 2 );
if(isset($settings['display_free'])) {
$display_free = $settings['display_free'];
}else {
$display_free = false;
}
if($isAdmin)
//if($display_free)
{
if($isAdmin)
{
//echo '<input name="buy" type="submit" value="Create Server" ><br>';
}
}
?>
</form>
<?php } ?>
</td><?php
} }
// Add total row
if($order['paid'] == 3) ?>
{ <tr class="cart-total-row">
$today=time(); <td colspan="7" class="cart-total-label">
$formated_finish_date = date('d/M/Y H:i A',$order['finish_date']); Cart Total:
</td>
//status has a date for invoice <td class="cart-total-value">
if($order['status'] > 0) $<?php echo number_format($grandTotal, 2); ?>
{ </td>
$status = "<b style='color:green;'>Active</b>" ; </tr>
} <?php
} else {
// Display a message if no cart items are found
?>
<tr>
//status is -1, invoice has been created <td colspan="7" class="text-center muted">No items in your cart.</td>
elseif($order['status'] == -1) </tr>
{ <?php
$status = "<b style='color:yellow;'>Invoice Due</b>"; }
} ?>
//invoice was not paid, server is expired and suspended </tbody>
elseif($order['status'] == -2) </table>
{
$status = "<b style='color:red;'>Suspended</b>";
}
//display the expiration date and invoice button.
if($order['status'] > 0){$warning_status = "<b style='color:green;'>". $formated_finish_date ."</b>";}
if($order['status'] == -1){$warning_status ="<b style='color:yellow;'>". $formated_finish_date ."</b>";}
if($order['status'] == -2){$warning_status ="<b style='color:red;'>". $formated_finish_date ."</b>" ;}
?>
<td>
<?php echo "$warning_status";?>
</td>
<td>
<?php echo "$status";
?> <?php
</td> // These must already exist earlier in your cart page:
<?php // $grandTotal (number) e.g., 24.49
} // $invoice (array) e.g., [['serverID'=>'srv123','amount'=>9.99], ['serverID'=>'srv999','amount'=>14.50]]
if( isset( $order['status'] ) and $order['status'] == "0" or $order['status'] == "-1" or $order['status'] == "-2")
{
?>
<td></td></tr><tr><td>
// --- Sanity + normalization ---
</td><?php if (!isset($grandTotal) || !is_numeric($grandTotal)) {
} $grandTotal = 0.00;
?>
</tr><?php
}
?>
</table>
<table style="width:95%;text-align:left;" class="center">
<tr>
<td>Amount</td>
<td>
<?php
echo "$" . number_format( $subtotal , 2 ). " " .$order['currency'];?>
</td>
</tr>
<tr>
<td><b><?php echo $coupon_name;?></b></td>
<td>
<?php
//APPLY COUPON CODE HERE
$coupon_discount_amt = $subtotal * ($coupon_discount / 100);
echo "-$" . number_format($coupon_discount_amt,2);
?></td><td>
<table><tr>
<form method="post" action="">
<td class="child">
<input type="text" name="coupon_code"size="5" value="<?php echo $coupon_code ?>"></input>
</td>
<td>
<!--<input type="submit" name="Apply Code" value="Apply Code"></input>-->
</td>
</tr></table>
</form>
</td>
</tr>
<tr>
<td>Discounted Subtotal</td>
<td><?php $subtotal = $subtotal-$coupon_discount_amt;echo "$" . number_format( $subtotal , 2 ). " " .$order['currency'];?></td>
</tr>
<tr>
<td>
Tax Amount</td>
<td>
<?php echo "$" . number_format($order['tax_amount']/100 * $subtotal,2);?>
</td>
</tr>
<tr>
<td>
<?php print_lang("total");?>
</td>
<td>
<?php
$total = $subtotal+($order['tax_amount']/100*$subtotal);
echo "$" . number_format( $total , 2 ). " " .$order['currency'];
?>
</td>
<td>
<?php
if($order['paid'] == 1)
{
?>
<form method="post" action="home.php?m=billing&p=create_servers">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<?php
if($order['extended'] == "1")
{
?>
<input name="enable_server" type="submit" value="<?php print_lang("enable_server");?>">
<?php
}
else
{
?>
<!-- <input name="create_server" type="submit" value="<?php print_lang("create_server");?>">-->
<?php
}
?>
</form>
<?php
}
elseif($order['paid'] == 2)
{
echo get_lang_f("payment_is_pending_of_approval");
}
elseif($order['paid'] == 3)
{
?>
<form method="post" action="?m=billing&p=bill">
<input type="hidden" name="cart_id" value="<?php echo $order['cart_id'];?>">
<input name="paid" type="submit" value="<?php print_lang("see_invoice");?>">
</form>
<?php
}
else
{
}
?>
</form>
</td>
</tr>
</table>
</center>
<?php
}
}
?>
<a href="?m=billing&p=shop"><?php print_lang('back'); ?></a>
<?php
} }
if (!isset($invoice) || !is_array($invoice)) {
$invoice = [];
}
$currency = 'USD';
$amount = number_format((float)$grandTotal, 2, '.', '');
$lineItems = [];
// Build PayPal-friendly items array (name, unit_amount, quantity, sku)
foreach ($invoice as $i) {
$sid = isset($i['serverID']) ? (string)$i['serverID'] : 'unknown';
$amt = isset($i['amount']) && is_numeric($i['amount']) ? number_format((float)$i['amount'], 2, '.', '') : '0.00';
$lineItems[] = [
'name' => "Server $sid",
'quantity' => '1',
'unit_amount' => ['currency_code' => $currency, 'value' => $amt],
'sku' => $sid
];
}
// Single overall invoice id for the order
$invoiceId = 'INV-' . date('Ymd-His') . '-' . bin2hex(random_bytes(3));
// A short custom reference derived from your line items (<= 127 chars for PayPal)
$customHash = substr(strtoupper(sha1(json_encode($invoice))), 0, 16);
$customId = "INVREF-$customHash";
// Text on the PayPal side
$description = 'Game server order (' . count($lineItems) . ' item' . (count($lineItems)===1?'': 's') . ')';
// URLs
$siteBase = 'https://panel.iaregamer.com';
$returnUrl = $siteBase . '/_website/return.php?invoice=' . urlencode($invoiceId);
$cancelUrl = $siteBase . '/_website/return.php?invoice=' . urlencode($invoiceId) . '&cancel=1';
// API base (relative)
$apiBase = '/_website/api';
?> ?>
<!-- PayPal JS SDK (Sandbox). Use LIVE client-id when going live. -->
<script src="https://www.paypal.com/sdk/js?client-id=AfvY_C2zA_hTHxHq7TIhtOeub4xBdySYrt_Hjj3d_WYQwjWI9NfOAVOTeResx2rgZ_nP5tOoxQSAHw8c&currency=USD&intent=capture"></script>
<div id="paypal-button-container"></div>
<div id="pp-status" class="mt-12" style="font:14px system-ui, -apple-system, Segoe UI, Roboto, Arial, sans-serif;"></div>
<script>
(function(){
const statusEl = document.getElementById('pp-status');
// Values from PHP
const amount = "<?= $amount ?>";
const currency = "<?= $currency ?>";
const invoice_id = "<?= $invoiceId ?>";
const custom_id = "<?= $customId ?>";
const description = "<?= htmlspecialchars($description, ENT_QUOTES) ?>";
const return_url = "<?= $returnUrl ?>";
const cancel_url = "<?= $cancelUrl ?>";
// Line items (serverID + per-item amount) for your records and webhook correlation
const line_invoices = <?php echo json_encode($invoice, JSON_UNESCAPED_SLASHES); ?>;
// PayPal "items" for purchase_units (shows on PayPal + returns in webhook under purchase_units)
const items = <?php echo json_encode($lineItems, JSON_UNESCAPED_SLASHES); ?>;
function setStatus(msg){ if(statusEl) statusEl.textContent = msg; }
paypal.Buttons({
createOrder: function() {
setStatus('Creating order…');
return fetch("<?= $apiBase ?>/create_order.php", {
method: "POST",
headers: {"Content-Type":"application/json"},
body: JSON.stringify({
amount, currency, invoice_id, custom_id, description,
return_url, cancel_url,
// The next two are for your server to include:
items, // PayPal purchase_units[0].items
line_invoices // your raw cart detail, persisted in your DB if you choose
})
})
.then(res => res.json())
.then(data => {
if (!data.id) { throw new Error(data.error || 'No order id'); }
setStatus('Order created.');
return data.id;
});
},
onApprove: function(data) {
setStatus('Capturing payment…');
return fetch("<?= $apiBase ?>/capture_order.php", {
method: "POST",
headers: {"Content-Type":"application/json"},
body: JSON.stringify({ order_id: data.orderID })
})
.then(res => res.json())
.then(capture => {
if (capture.status === 'COMPLETED') {
// go to your return page; webhook will fill data/<invoice_id>.json
window.location.href = return_url;
} else {
setStatus('Capture status: ' + capture.status);
}
})
.catch(err => setStatus('Error: ' + err.message));
},
onCancel: function() {
window.location.href = cancel_url;
},
onError: function(err){
setStatus('PayPal error: ' + (err && err.message ? err.message : err));
}
}).render('#paypal-button-container');
})();
</script>
</div>
<?php
// Close database connection
mysqli_close($db);
?>
<?php include(__DIR__ . '/includes/footer.php'); ?>
</body>
</html>

375
modules/billing/create_servers.php.save
View file

@ -1,375 +0,0 @@
<?php
require_once("includes/lib_remote.php");
require_once("modules/config_games/server_config_parser.php");
function exec_ogp_module()
{
global $db,$view,$settings;
$user_id = $_SESSION['user_id'];
if (isset($_POST['cart_id'])) {
$cart_id = $_POST['cart_id'];
}
if(isset($_GET['cart_id'])){
$cart_id = $_GET['cart_id'];
}
$cart_paid = $db->resultQuery( "SELECT paid FROM OGP_DB_PREFIXbilling_carts WHERE cart_id=".$db->realEscapeSingle($cart_id) );
$isAdmin = $db->isAdmin( $_SESSION['user_id'] );
if ( $isAdmin ){
$orders = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart_id) );
} else {
$orders = $db->resultQuery( "SELECT * FROM OGP_DB_PREFIXbilling_orders WHERE cart_id=".$db->realEscapeSingle($cart_id)." AND user_id=".$db->realEscapeSingle($user_id) );
}
if( !empty($orders) and !empty($cart_paid) )
{
foreach($orders as $order)
{
$order_id = $order['order_id'];
$service_id = $order['service_id'];
$home_name = $order['home_name'];
$remote_control_password = $order['remote_control_password'];
$ftp_password = $order['ftp_password'];
$ip = $order['ip'];
$max_players = $order['max_players'];
$user_id = $order['user_id'];
$extended = $order['extended'] == "1" ? TRUE : FALSE;
//Query service info
$service = $db->resultQuery( "SELECT *
FROM OGP_DB_PREFIXbilling_services
WHERE service_id=".$db->realEscapeSingle($service_id) );
if( !empty( $service[0] ) )
{
$home_cfg_id = $service[0]['home_cfg_id'];
$mod_cfg_id = $service[0]['mod_cfg_id'];
//remote_server_id has been stored in IP_ID
//$remote_server_id = $service[0]['remote_server_id'];
$remote_server_id = $order['ip'];
$ftp = $service[0]['ftp'];
$install_method = $service[0]['install_method'];
$manual_url = $service[0]['manual_url'];
$access_rights = $service[0]['access_rights'];
}
else
return;
if($extended)
{
$home_id = $order['home_id'];
//Get The home info without mods in 1 array (Necesary for remote connection).
$home_info = $db->getGameHomeWithoutMods($home_id);
//Create the remote connection
$remote = new OGPRemoteLibrary($home_info['agent_ip'],$home_info['agent_port'],$home_info['encryption_key'],$home_info['timeout']);
//Reassign the server
$db->assignHomeTo( "user", $user_id, $home_id, $access_rights );
//Reenable the FTP account
if ($ftp == "enabled")
{
$remote->ftp_mgr("useradd", $home_info['home_id'], $home_info['ftp_password'], $home_info['home_path']);
$db->changeFtpStatus('enabled',$home_info['home_id']);
}
echo "<h4>Server Installed, Check your Email for Details</h4><br>";
//Panel Log
$db->logger( "RENEWED SERVER " . $home_id);
// SEND EMAIL
$settings = $db->getSettings();
$subject = "Gameserver Renewel at " . $settings['panel_name'];
$email = $db->resultQuery(" SELECT DISTINCT users_email
FROM ogp_users, ogp_billing_orders
WHERE ogp_users.user_id = $user_id")[0]["users_email"];
$message = "Your server, " . $home_name ." ID #". $home_id . " at " . $settings['panel_name'] . " has just been renewed.<br>
Thank You for your continued support.<br>
If you have any questions or requests, visit our website or contact us directly in our Discord Server.";
$mail = mymail($email, $subject, $message, $settings);
$rundate = date('d/M/y G:i',$now);
if (!$mail)
$db->logger( "Email FAILED - Server Renewed " . $home_id);
// END EMAIL
//WEBHOOK Discord=======================================================================================
$webhookurl = $settings['webhookurl'];
$msg = "The ". $home_name ." server ID #". $home_id . " has just been renewed.";
$json_data = array ('content'=>"$msg");
$make_json = json_encode($json_data);
$ch = curl_init( $webhookurl );
curl_setopt( $ch, CURLOPT_HTTPHEADER, array('Content-type: application/json'));
curl_setopt( $ch, CURLOPT_POST, 1);
curl_setopt( $ch, CURLOPT_POSTFIELDS, $make_json);
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt( $ch, CURLOPT_HEADER, 0);
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec( $ch );
//If you need to debug, or find out why you can't send message uncomment line below, and execute script.
//echo $response;
//end WEBHOOK Discord
}
else
{
//OPTIONS, change it at your choice;
$extra_params = "";//no extra params defined by default
$cpu_affinity = "NA";//Affinity to one core/thread of the cpu by number, use NA to disable it
$nice = "0";//Min priority=19 Max Priority=-19
//Add Game home to database
//HARD CODE TO /home/gameserver/
$rserver = $db->getRemoteServer($remote_server_id);
$game_path = "/home/gameserver/";
$home_id = $db->addGameHome( $remote_server_id, $user_id, $home_cfg_id, $game_path, $home_name, $remote_control_password, $ftp_password);
//Add IP:Port Pair to the Game Home
//need to get the IP_ID for this remote server.
$result = $db->resultQuery("SELECT ip_id FROM OGP_DB_PREFIXremote_server_ips WHERE remote_server_id=".$ip);
foreach ($result as $rs)
{
$ip_id = $rs['ip_id'];
}
$add_port = $db->addGameIpPort( $home_id, $ip_id, $db->getNextAvailablePort($ip_id,$home_cfg_id) );
//Assign the Game Mod to the Game Home
$mod_id = $db->addModToGameHome( $home_id, $mod_cfg_id );
$db->updateGameModParams( $max_players, $extra_params, $cpu_affinity, $nice, $home_id, $mod_cfg_id );
$db->assignHomeTo( "user", $user_id, $home_id, $access_rights );
//Get The home info without mods in 1 array (Necesary for remote connection).
$home_info = $db->getGameHomeWithoutMods($home_id);
//Create the remote connection
$remote = new OGPRemoteLibrary($home_info['agent_ip'],$home_info['agent_port'],$home_info['encryption_key'],$home_info['timeout']);
//Get Full home info in 1 array
$home_info = $db->getGameHome($home_id);
//Read the Game Config from the XML file
$server_xml = read_server_config(SERVER_CONFIG_LOCATION."/".$home_info['home_cfg_file']);
//Get Values from XML
$modkey = $home_info['mods'][$mod_id]['mod_key'];
$mod_xml = xml_get_mod($server_xml, $modkey);
$installer_name = $mod_xml->installer_name;
$mod_cfg_id = $home_info['mods'][$mod_id]['mod_cfg_id'];
//Get Preinstall commands from xml
$precmd = $server_xml->pre_install;
//Get Postinstall commands from xml
$postcmd = $server_xml->post_install;
//Enable FTP account in remote server
if ($ftp == "enabled")
{
$remote->ftp_mgr("useradd", $home_info['home_id'], $home_info['ftp_password'], $home_info['home_path']);
$db->changeFtpStatus('enabled',$home_info['home_id']);
}
//Install files for this service in the remote server
// -Steam
$exec_folder_path = clean_path($home_info['home_path'] . "/" . $server_xml->exe_location );
$exec_path = clean_path($exec_folder_path . "/" . $server_xml->server_exec_name );
if ($install_method == "steam")
{
if ( $server_xml->installer == "steamcmd" )
{
if( preg_match("/win32/", $server_xml->game_key) OR preg_match("/win64/", $server_xml->game_key) )
$cfg_os = "windows";
elseif( preg_match("/linux/", $server_xml->game_key) )
$cfg_os = "linux";
// Some games like L4D2 require anonymous login
if($mod_xml->installer_login){
$login = $mod_xml->installer_login;
$pass = '';
}else{
$login = $settings['steam_user'];
$pass = $settings['steam_pass'];
}
$modname = ( $installer_name == '90' and !preg_match("/(cstrike|valve)/", $modkey) ) ? $modkey : '';
$betaname = isset($mod_xml->betaname) ? $mod_xml->betaname : '';
$betapwd = isset($mod_xml->betapwd) ? $mod_xml->betapwd : '';
$arch = isset($mod_xml->steam_bitness) ? $mod_xml->steam_bitness : '';
$remote->steam_cmd( $home_id,$home_info['home_path'],$installer_name,$modname,
$betaname,$betapwd,$login,$pass,$settings['steam_guard'],
$exec_folder_path,$exec_path,$precmd,$postcmd,$cfg_os,'',$arch);
}
}
// -Rsync
elseif ($install_method == "rsync")
{
//Rsync Server
$url = "files.iaregamer.com";
//OS
if( preg_match("/win32/", $server_xml->game_key) OR preg_match("/win64/", $server_xml->game_key) )
$os = "windows";
elseif( preg_match("/linux/", $server_xml->game_key) )
$os = "linux";
//Rsync Game Name
//JUST SET RS_GNAME TO GAME xml NAME
$rs_gname = $server_xml->game_key;
//Starting Sync
$full_url = "$url/rsync_installer/$rs_gname/$os/";
$remote->start_rsync_install($home_id,$home_info['home_path'],"$full_url",$exec_folder_path,$exec_path,$precmd,$postcmd);
}
// -Manual
elseif ($install_method == "manual")
{
// Start File Download and uncompress
$filename = !empty($manual_url) ? substr($manual_url, -9) : "";
$remote->start_file_download($manual_url,$home_info['home_path'],$filename,"uncompress");
}
echo "<h4><br><p>".get_lang('starting_installations')."</p></h4><br>";
//PANEL LOG
$db->logger( "CREATED NEW SERVER " . $home_id);
// SEND EMAIL to new server only
if($order['finish_date'] == 0){
$settings = $db->getSettings();
$subject = "New Gameserver installed at " . $settings['panel_name'];
$email = $db->resultQuery(" SELECT DISTINCT users_email
FROM ogp_users, ogp_billing_orders
WHERE ogp_users.user_id = $user_id")[0]["users_email"];
$message = "Your server, " . $home_name ." ID #". $home_id . " at " . $settings['panel_name'] . " has just been created.<br>
Thank You for your continued support.<br>
If you have any questions or requests, visit our website or contact us directly in our Discord Server.
You can login to the Game Panel and click on Game Monitor to see your server. <br><br>
Thank you!<br> ";
$mail = mymail($email, $subject, $message, $settings);
$rundate = date('d/M/y G:i',$now);
if (!$mail)
$db->logger( "Email FAILED - Server Created " . $home_id);
//WEBHOOK Discord=======================================================================================
$webhookurl = $settings['webhookurl'];
$msg = "A new server, ". $home_name ." ID #". $home_id . ", has just been created.";
$json_data = array ('content'=>"$msg");
$make_json = json_encode($json_data);
$ch = curl_init( $webhookurl );
curl_setopt( $ch, CURLOPT_HTTPHEADER, array('Content-type: application/json'));
curl_setopt( $ch, CURLOPT_POST, 1);
curl_setopt( $ch, CURLOPT_POSTFIELDS, $make_json);
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt( $ch, CURLOPT_HEADER, 0);
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec( $ch );
//If you need to debug, or find out why you can't send message uncomment line below, and execute script.
//echo $response;
//end WEBHOOK Discord
}
// END EMAIL
}
// Set expiration date in ogp database
//End_date is when the invoice is printed.
//finish_date the server will be suspended
//in cron_shop the finish_date is used to delete the server
//several days after being suspended
if ($order['invoice_duration'] == "day")
{
if($order['finish_date'] == 0){
$finish_date = strtotime('+'.$order['qty'].' day');
$end_date = strtotime('- 2 day',$finish_date);
}
else{
//this is a renewel, start from end of previous order
$finish_date = strtotime('+'.$order['qty'].' day',$order['finish_date']);
$end_date = strtotime('- 6 hour', $finish_date);
}
}
elseif ($order['invoice_duration'] == "month")
{
// this is a new order
if($order['finish_date'] == 0){
$finish_date = strtotime('+'.$order['qty'].' month');
$end_date = strtotime('- 7 day',$finish_date);
}
else{
//this is a renewel, start from end of previous order
$finish_date = strtotime('+'.$order['qty'].' month',$order['finish_date']);
$end_date = strtotime('- 7 day',$finish_date);
}
}
elseif ($order['invoice_duration'] == "year")
{
// this is a new order
if($order['finish_date'] == 0){
$finish_date = strtotime('+'.$order['qty'].' year');
$end_date = strtotime('- 2 week',$finish_date);
}
else{
//this is a renewel, start from end of previous order
$finish_date = strtotime('+'.$order['qty'].' year',$order['finish_date']);
$end_date = strtotime('- 2 week',$finish_date);
}
}
// set order expire date
$db->query("UPDATE OGP_DB_PREFIXbilling_orders
SET end_date='" . $db->realEscapeSingle($end_date) . "'
WHERE order_id=".$db->realEscapeSingle($order_id));
$db->query("UPDATE OGP_DB_PREFIXbilling_orders
SET finish_date='" . $db->realEscapeSingle($finish_date) . "'
WHERE order_id=".$db->realEscapeSingle($order_id));
// Save home id created by this order
$db->query("UPDATE OGP_DB_PREFIXbilling_orders
SET home_id='" . $db->realEscapeSingle($home_id) . "' WHERE order_id=".$db->realEscapeSingle($order_id));
}
//Update Cart Payment Status as 3(paid and installed)
$db->query("UPDATE OGP_DB_PREFIXbilling_carts
SET paid=3
WHERE cart_id=".$db->realEscapeSingle($cart_id));
// Set payment/creation date
$date = date('d M Y');
$db->query("UPDATE OGP_DB_PREFIXbilling_carts
SET date='" . $db->realEscapeSingle($date) . "'
WHERE cart_id=".$db->realEscapeSingle($cart_id));
$db->query( "UPDATE OGP_DB_PREFIXgame_mods SET max_players= ".$order['max_players']." WHERE home_id=".$db->realEscapeSingle($home_id));
//Refresh to Game Monitor.
$view->refresh("home.php?m=gamemanager&p=game_monitor");
}
}
?>

217
modules/billing/cron-shop.php.bak
View file

@ -1,217 +0,0 @@
<?php
/*
*
* OGP - Open Game Panel
* Copyright (C) 2008 - 2017 The OGP Development Team
*
* http://www.opengamepanel.org/
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*/
chdir(realpath(dirname(__FILE__))); /* Change to the current file path */
chdir("../.."); /* Base path to ogp web files */
// Report all PHP errors
error_reporting(E_ALL);
// Path definitions
define("CONFIG_FILE","includes/config.inc.php");
//Requiere
require_once("includes/functions.php");
require_once("includes/helpers.php");
require_once("includes/html_functions.php");
require_once("modules/config_games/server_config_parser.php");
require_once("includes/lib_remote.php");
require_once CONFIG_FILE;
// Connect to the database server and select database.
$db = createDatabaseConnection($db_type, $db_host, $db_user, $db_pass, $db_name, $table_prefix);
$panel_settings = $db->getSettings();
if( isset($panel_settings['time_zone']) && $panel_settings['time_zone'] != "" )
date_default_timezone_set($panel_settings['time_zone']);
//these dates are configured in the Shop Settings page
$today=time();
$invoice_date = strtotime('+ 7 days'); //this many days until the finish_date
$suspend_date = $today; //suspend when overdue
//final date is 10th, we need to remove on 17th, so final date is > removal_date
$removal_date = strtotime('- 7 days'); //finish_date is passed 7 days ago
$rundate = date('d/M/y G:i',$today);
//THESE SERVERS HAVE REACHED THE DATE FOR INVOICE, FINISH_DATE - 7 (OR WHAT IS IN SETTINGS)
//SET STATUS -1 MEANING INVOICED
//LOOP THROUGH ALL SERVERS WITH STATUS = 1 (ACTIVE) -----------------------------------------------------------
$user_homes = $db->resultQuery( "SELECT *
FROM " . $table_prefix . "billing_orders
WHERE status > 0 AND finish_date <" . $invoice_date);
if (!is_array($user_homes))
{
}
else
{
foreach($user_homes as $user_home)
{
$user_id = $user_home['user_id'];
$home_id = $user_home['home_id'];
// Reset the STATUS -1 so cart.php will create an invoice
$db->query( "UPDATE " . $table_prefix . "billing_orders
SET status=-1
WHERE order_id=".$db->realEscapeSingle($user_home['order_id']));
// SEND EMAIL
$settings = $db->getSettings();
$subject = "You have an INVOICE at ". $panel_settings['panel_name'];
$email = $db->resultQuery(" SELECT DISTINCT users_email
FROM " . $table_prefix . "users, " . $table_prefix . "billing_orders
WHERE " . $table_prefix . "users.user_id = $user_id")[0]["users_email"];
$message = "Your server with ID ". $home_id . " will expire soon. Please log in and VIEW INVOICES on the Dashboard to renew your server.<br><br><br>~<br>Thanks!<br>";
$mail = mymail($email, $subject, $message, $settings);
//logger
$db->logger( "INVOICE created for server " . $home_id);
if (!$mail)
$db->logger( "Email FAILED - Server Invoiced " . $home_id);
// END EMAIL
}
}
//THESE ARE THE SERVERS THAT HAVE NOT BEEN PAID AND THE FINISH_DATE IS TODAY
//THESE SERVERS GET SUSPENDED
//LOOP THROUGH ALL ORDERS WITH STATUS 0 OR -1 (INACTIVE OR INVOICED)
$user_homes = $db->resultQuery( "SELECT *
FROM " . $table_prefix . "billing_orders
WHERE (status = -1 OR status = 0) AND finish_date < ".$today);
if (!is_array($user_homes))
{
}
else
{
foreach($user_homes as $user_home)
{
$user_id = $user_home['user_id'];
$home_id = $user_home['home_id'];
$home_info = $db->getGameHomeWithoutMods($home_id);
$server_info = $db->getRemoteServerById($home_info['remote_server_id']);
$remote = new OGPRemoteLibrary($server_info['agent_ip'], $server_info['agent_port'], $server_info['encryption_key'],$server_info['timeout']);
$ftp_login = isset($home_info['ftp_login']) ? $home_info['ftp_login'] : $home_id;
$remote->ftp_mgr("userdel", $ftp_login);
$db->changeFtpStatus('disabled',$home_id);
$server_xml = read_server_config(SERVER_CONFIG_LOCATION."/".$home_info['home_cfg_file']);
if(isset($server_xml->control_protocol_type))$control_type = $server_xml->control_protocol_type; else $control_type = "";
$addresses = $db->getHomeIpPorts($home_id);
foreach($addresses as $address)
{
$remote->remote_stop_server($home_id,$address['ip'],$address['port'],$server_xml->control_protocol,$home_info['control_password'],$control_type,$home_info['home_path']);
}
$db->unassignHomeFrom("user", $user_id, $home_id);
// Reset the invoice end date to -2
// User can still RENEW server
$db->query( "UPDATE " . $table_prefix . "billing_orders
SET status=-2
WHERE order_id=".$db->realEscapeSingle($user_home['order_id']));
//logger
$db->logger( "SUSPENDED server " . $home_id);
// SEND EMAIL
$settings = $db->getSettings();
$subject = "GameServer Suspended at ". $panel_settings['panel_name'];
$email = $db->resultQuery(" SELECT DISTINCT users_email
FROM " . $table_prefix . "users, " . $table_prefix . "billing_orders
WHERE " . $table_prefix . "users.user_id = $user_id")[0]["users_email"];
$message = "Your server with ID ". $home_id . " has expired and has been suspended. Please log in and VIEW INVOICES on the Dashboard to renew your server.<br>~<br>Thanks!<br>";
$mail = mymail($email, $subject, $message, $settings);
if (!$mail)
$db->logger( "Email FAILED - Server Suspended " . $home_id);
// END EMAIL
}
}
// end date = -2 (suspended) and its been suspended for $removal_date days
//set removed servers as -99
$user_homes = $db->resultQuery( "SELECT *
FROM " . $table_prefix . "billing_orders
WHERE status = -2 AND finish_date < ".$removal_date );
if (!is_array($user_homes))
{
}
else
{
foreach($user_homes as $user_home)
{
$user_id = $user_home['user_id'];
$home_id = $user_home['home_id'];
$home_info = $db->getGameHomeWithoutMods($home_id);
$server_info = $db->getRemoteServerById($home_info['remote_server_id']);
$remote = new OGPRemoteLibrary($server_info['agent_ip'], $server_info['agent_port'], $server_info['encryption_key'],$server_info['timeout']);
// Remove the game home from db
$db->deleteGameHome($home_id);
// Remove the game home files from remote server
$remote->remove_home($home_info['home_path']);
// Reset the invoice end date
$db->query( "UPDATE " . $table_prefix . "billing_orders
SET status=-3
WHERE order_id=".$db->realEscapeSingle($user_home['order_id']));
// Set order as not installed
$db->query( "UPDATE " . $table_prefix . "billing_orders
SET home_id=0
WHERE cart_id=".$db->realEscapeSingle($user_home['cart_id']));
//logger
$db->logger( "DELETED server " . $home_id);
// SEND EMAIL
$settings = $db->getSettings();
$settings = $db->getSettings();
$subject = "GameServer DELETED at ". $panel_settings['panel_name'];
$email = $db->resultQuery(" SELECT DISTINCT users_email
FROM " . $table_prefix . "users, " . $table_prefix . "billing_orders
WHERE " . $table_prefix . "users.user_id = $user_id")[0]["users_email"];
$message = "Your server with ID ". $home_id . " has been deleted<br><br>You did not renew the service and it was PERMANENTLY REMOVED today. If this was an error, if you contact us immediately we may be able to restore your server.<br>Thanks for being a customer and we hope we can provide a server for you again.<br><br>";
$mail = mymail($email, $subject, $message, $settings);
if (!$mail)
$db->logger( "Email FAILED - Server Deleted " . $home_id);
// END EMAIL
}
}
?>

12
_website/css/header.css → modules/billing/css/header.css
View file

@ -3,15 +3,17 @@
.gsw-top .gsw-site-name{font-weight:700;font-size:1.1rem;color:#333} .gsw-top .gsw-site-name{font-weight:700;font-size:1.1rem;color:#333}
@media(max-width:480px){.gsw-top{padding:10px}.gsw-top img{height:32px}.gsw-top .gsw-site-name{font-size:1rem}} @media(max-width:480px){.gsw-top{padding:10px}.gsw-top img{height:32px}.gsw-top .gsw-site-name{font-size:1rem}}
.gsw-header{display:flex;justify-content:space-between;align-items:center;padding:16px 24px;background:rgba(102, 126, 234, 0.95);backdrop-filter:blur(10px);margin-bottom:20px;box-shadow:0 2px 4px rgba(0,0,0,0.1);} .gsw-header{display:flex;justify-content:space-between;align-items:center;padding:12px 20px;background:#0b3b6f;backdrop-filter:blur(6px);margin-bottom:18px;box-shadow:0 2px 6px rgba(0,0,0,0.18);}
.gsw-header-left{font-weight:700;font-size:1.2rem;color:#fff;} .gsw-header-left{display:flex;align-items:center;font-weight:700;font-size:1.1rem;color:#fff;}
.gsw-logo{height:36px;width:auto;margin-right:10px;display:block}
.gsw-logo-link{display:flex;align-items:center;gap:8px;color:#fff;text-decoration:none}
.gsw-header-left a{color:#fff;text-decoration:none;} .gsw-header-left a{color:#fff;text-decoration:none;}
.gsw-header-nav{display:flex;gap:20px;align-items:center;} .gsw-header-nav{display:flex;gap:18px;align-items:center;}
.gsw-nav-link{color:#fff;text-decoration:none;font-size:0.95rem;transition:opacity 0.2s;} .gsw-nav-link{color:#fff;text-decoration:none;font-size:0.95rem;transition:opacity 0.2s;}
.gsw-nav-link:hover{opacity:0.8;text-decoration:underline;} .gsw-nav-link:hover{opacity:0.85;text-decoration:underline;}
.gsw-header-right{display:flex;gap:12px;align-items:center;} .gsw-header-right{display:flex;gap:12px;align-items:center;}
.gsw-user-info{color:#fff;font-size:0.95rem;} .gsw-user-info{color:#fff;font-size:0.95rem;}
.gsw-header-btn{padding:8px 16px;background:#fff;color:#667eea;border-radius:6px;text-decoration:none;font-weight:600;transition:transform 0.2s;} .gsw-header-btn{padding:8px 16px;background:#fff;color:#0b3b6f;border-radius:6px;text-decoration:none;font-weight:600;transition:transform 0.2s;}
.gsw-header-btn:hover{transform:translateY(-2px);} .gsw-header-btn:hover{transform:translateY(-2px);}
@media(max-width:768px){ @media(max-width:768px){
.gsw-header{flex-direction:column;gap:12px;} .gsw-header{flex-direction:column;gap:12px;}

0
_website/data/FREE-548-1761171178.json → modules/billing/data/FREE-548-1761171178.json
View file

12
modules/billing/data/FREE-549-1761246925.json Normal file
View file

@ -0,0 +1,12 @@
{
"event_type": "PAYMENT.CAPTURE.COMPLETED",
"status": "PAID",
"amount": 0.1,
"currency": "USD",
"payer": "iaretechnician@gmail.com",
"invoice": "FREE-549-1761246925",
"custom": "admin_free_create_order_549",
"resource_id": "FREE-8cc6dfaaba1b",
"items": [],
"ts": "2025-10-23T21:15:25+02:00"
}

0
_website/data/INV-20250825-170438-e37518.json → modules/billing/data/INV-20250825-170438-e37518.json
View file

0
_website/data/INV-20250825-174311-0a7993.json → modules/billing/data/INV-20250825-174311-0a7993.json
View file

0
_website/data/NO-INVOICE.json → modules/billing/data/NO-INVOICE.json
View file

10
modules/billing/data/SIMULATED-WEBHOOK-20251022-101500.json Normal file
View file

@ -0,0 +1,10 @@
{
"event_type": "PAYMENT.CAPTURE.COMPLETED",
"status": "PAID",
"amount": "9.99",
"currency": "USD",
"invoice": "INV-20251022-101500-TEST",
"resource_id": "SIMULATED12345",
"ts": "2025-10-22T10:15:00-04:00",
"note": "Simulated webhook write for testing"
}

0
_website/data/webhook.log → modules/billing/data/webhook.log
View file

72
modules/billing/diag_remote.php Normal file
View file

@ -0,0 +1,72 @@
<?php
// Remote diagnostic helper for GameServers.World (_website)
// Upload this file to the remote server and open it in the browser to collect environment info.
header('Content-Type: text/plain; charset=utf-8');
echo "GSP _website remote diagnostic\n";
echo "Date: " . date('c') . "\n\n";
// PHP info summary
echo "PHP Version: " . PHP_VERSION . "\n";
echo "Loaded extensions: " . implode(', ', get_loaded_extensions()) . "\n\n";
// Session settings
echo "Session save path: " . (ini_get('session.save_path') ?: '(not set)') . "\n";
echo "Session cookie params: " . json_encode(session_get_cookie_params()) . "\n";
echo "Session status (before start): " . session_status() . "\n";
// Try to start a named session used by _website
session_name('gameservers_website');
@session_start();
echo "Session status (after start): " . session_status() . "\n";
echo "Session id: " . session_id() . "\n";
echo "Session variables: \n" . print_r($_SESSION, true) . "\n";
// Check config file readability
$cfg = __DIR__ . '/includes/config.inc.php';
echo "Config file: " . $cfg . " exists=" . (file_exists($cfg) ? 'yes' : 'no') . " readable=" . (is_readable($cfg) ? 'yes' : 'no') . "\n";
if (file_exists($cfg)) {
echo "Config contents (first 200 chars):\n" . substr(file_get_contents($cfg),0,200) . "\n";
}
// Attempt DB connection using site config (if readable)
if (file_exists($cfg)) require_once($cfg);
echo "Trying DB connection...\n";
$ok = false;
if (isset($db_host)) {
$db = @mysqli_connect($db_host, $db_user, $db_pass, $db_name);
if ($db) {
echo "DB connect: OK (host=$db_host db=$db_name)\n";
$ok = true;
// run a small query
$q = @mysqli_query($db, "SELECT COUNT(*) AS cnt FROM information_schema.tables WHERE table_schema = '".mysqli_real_escape_string($db,$db_name)."'");
if ($q) {
$r = mysqli_fetch_assoc($q);
echo "Tables in DB: " . ($r['cnt'] ?? 'unknown') . "\n";
}
mysqli_close($db);
} else {
echo "DB connect: FAILED (mysqli_connect_error: " . mysqli_connect_error() . ")\n";
}
} else {
echo "DB config not available to attempt connection.\n";
}
// Check data and logs directories
$data = realpath(__DIR__ . '/..') . DIRECTORY_SEPARATOR . 'data';
$logs = __DIR__ . DIRECTORY_SEPARATOR . 'logs';
echo "Site data dir: $data exists=" . (is_dir($data)?'yes':'no') . " writable=" . (is_writable($data)?'yes':'no') . "\n";
echo "Site logs dir: $logs exists=" . (is_dir($logs)?'yes':'no') . " writable=" . (is_writable($logs)?'yes':'no') . "\n";
// Try creating test files
if (is_dir($logs) && is_writable($logs)) {
$fn = $logs . DIRECTORY_SEPARATOR . date('Y-m-d') . '.diag.txt';
$w = @file_put_contents($fn, "diag " . date('c') . "\n", FILE_APPEND);
echo "Wrote diag file to $fn result=" . ($w ? 'ok' : 'fail') . "\n";
}
echo "\nSuggested next checks:\n";
echo " - Confirm PHP can write session files to session.save_path and that cookies are sent to browser (use browser devtools).\n";
echo " - Ensure the site path is served under the expected /_website/ path and that session cookie domain/path match the served path.\n";
echo " - If sessions aren't persistent across requests, check webserver user permissions and session.save_path.\n";
?>

0
_website/docs/docs.php → modules/billing/docs/docs.php
View file

0
_website/docs/games/7-days-to-die.md → modules/billing/docs/games/7-days-to-die.md
View file

0
_website/docs/games/Parsedown.php → modules/billing/docs/games/Parsedown.php
View file

0
_website/docs/games/_TEMPLATE.MD → modules/billing/docs/games/_TEMPLATE.MD
View file

0
_website/docs/games/abiotic-factor.md → modules/billing/docs/games/abiotic-factor.md
View file

0
_website/docs/games/action-half-life.md → modules/billing/docs/games/action-half-life.md
View file

0
_website/docs/games/action-source.md → modules/billing/docs/games/action-source.md
View file

0
_website/docs/games/aliens-vs-predator.md → modules/billing/docs/games/aliens-vs-predator.md
View file

0
_website/docs/games/all_hostable_games_union.csv → modules/billing/docs/games/all_hostable_games_union.csv
View file

0
_website/docs/games/aloft.md → modules/billing/docs/games/aloft.md
View file

0
_website/docs/games/american-truck-simulator.md → modules/billing/docs/games/american-truck-simulator.md
View file

0
_website/docs/games/ark-survival-ascended.md → modules/billing/docs/games/ark-survival-ascended.md
View file

0
_website/docs/games/ark-survival-evolved.md → modules/billing/docs/games/ark-survival-evolved.md
View file

0
_website/docs/games/arma-2-combined-operations.md → modules/billing/docs/games/arma-2-combined-operations.md
View file

0
_website/docs/games/arma-2-operation-arrowhead.md → modules/billing/docs/games/arma-2-operation-arrowhead.md
View file

0
_website/docs/games/arma-2.md → modules/billing/docs/games/arma-2.md
View file

0
_website/docs/games/arma-3.md → modules/billing/docs/games/arma-3.md
View file

0
_website/docs/games/arma-reforger.md → modules/billing/docs/games/arma-reforger.md
View file

0
_website/docs/games/assetto-corsa-competizione.md → modules/billing/docs/games/assetto-corsa-competizione.md
View file

0
_website/docs/games/assetto-corsa.md → modules/billing/docs/games/assetto-corsa.md
View file

0
_website/docs/games/astroneer.md → modules/billing/docs/games/astroneer.md
View file

0
_website/docs/games/atlas.md → modules/billing/docs/games/atlas.md
View file

0
_website/docs/games/avorion.md → modules/billing/docs/games/avorion.md
View file

0
_website/docs/games/ballistic-overkill.md → modules/billing/docs/games/ballistic-overkill.md
View file

0
_website/docs/games/barotrauma.md → modules/billing/docs/games/barotrauma.md
View file

0
_website/docs/games/base-defense.md → modules/billing/docs/games/base-defense.md
View file

0
_website/docs/games/battalion-legacy.md → modules/billing/docs/games/battalion-legacy.md
View file

0
_website/docs/games/battlefield-1942.md → modules/billing/docs/games/battlefield-1942.md
View file

Some files were not shown because too many files have changed in this diff Show more