$foto_id){
// $foto_id is guranteed to be an int!
$Q = mysql_query('SELECT can, strecke_id, size_arc_w, size_arc_h, sort FROM foto WHERE foto_id='.$foto_id);
$FOTO = mysql_fetch_assoc($Q);
mysql_free_result($Q);
// check if there an entry
if(!$FOTO){
var_dump('no foto db entry', $foto_id, $FOTO, mysql_error());
unset($_SESSION['WARENKORB'][$k]);
continue;
}
// check if buyable
$can = explode(',', $FOTO['can']);
if(false === array_search('buy', $can)){
var_dump('not buyable', $foto_id);
unset($_SESSION['WARENKORB'][$k]);
continue;
}
// get "strecke" info: buy_source
$Q = mysql_query('SELECT strecke_id, titel, buy_source, event_id, search_event FROM strecke WHERE strecke_id='.$FOTO['strecke_id']);
$STRECKE = mysql_fetch_assoc($Q);
mysql_free_result($Q);
// check if there an entry
if(!$STRECKE){
var_dump('no strecke db entry', $foto_id);
unset($_SESSION['WARENKORB'][$k]);
continue;
}
// extraxt params
$params = json_decode($STRECKE['buy_source'], true);
if(!isset($params[$_SESSION['CLIENT']]['paypal'])){
var_dump('no paypal params', $foto_id);
unset($_SESSION['WARENKORB'][$k]);
continue;
}
$params = $params[$_SESSION['CLIENT']]['paypal'];
if(!array_alloc_equal($_SESSION['PARAMS'], $params)){
var_dump('different paypal params', $foto_id);
unset($_SESSION['WARENKORB'][$k]);
continue;
}
if($_SESSION['KARTE']){
$params = $params['karte'];
}
// add to sum (and remember it)
if(isset($params['preis'])){
$p = $params['preis'];
}else if(isset($params['staffelung'])){
$p = $params['staffelung'][$staffel];
if($staffel+1 < count($params['staffelung'])){
$staffel++;
}
}else{
var_dump('no paypal preis/staffelung', $foto_id);
unset($_SESSION['WARENKORB'][$k]);
continue;
}
$tot_amount += $p;
$FOTOS[] = array(
'event_id' => $STRECKE['event_id'],
'event_titel' => $STRECKE['search_event'],
'strecke_id' => $FOTO['strecke_id'],
'strecke_titel' => $STRECKE['titel'],
'sort' => $FOTO['sort'],
'foto_id' => $foto_id,
'amount' => $p,
'size_arc_w' => $FOTO['size_arc_w'],
'size_arc_h' => $FOTO['size_arc_h'],
'size_arc' => round(filesize($f='../foto/'.substr($foto_id, -2).'/'.substr($foto_id, -4, 2).'/'.$foto_id.'/upload.jpeg') / 1000),
);
//var_dump($params);
}
$tot_tax = round(100*$tot_amount - 100*$tot_amount/1.19) / 100;
$INFO = array(
'client' => $_SESSION['CLIENT'],
'amount' => $tot_amount,
'tax' => $tot_tax,
);
if($_SESSION['KARTE']){
if(isset($_REQUEST['karte_nummer'])){
$_REQUEST['karte_nummer'] = trim($_REQUEST['karte_nummer']);
}else{
$_REQUEST['karte_nummer'] = '';
}
if(isset($_REQUEST['karte_name'])){
$_REQUEST['karte_name'] = trim($_REQUEST['karte_name']);
}else{
$_REQUEST['karte_name'] = '';
}
$INFO['karte_name'] = $_REQUEST['karte_name'];
$INFO['karte_nummer'] = $_REQUEST['karte_nummer'];
}
if($tot_amount == 0){
$INFO['valid_until'] = time() + 60*60;
}
$ERRORS = array();
if(isset($_REQUEST['next'])){
// fotos
if(count($FOTOS) == 0){
$ERRORS[] = 'Es sind keine Fotos ausgewählt';
}
// KARTE: name & nummer
if($_SESSION['KARTE']){
$Q = mysql_query('SELECT id FROM paypal_nwkarte WHERE name=\''.mysql_real_escape_string($_REQUEST['karte_name']).'\' AND nummer=\''.mysql_real_escape_string(ltrim($_REQUEST['karte_nummer'], '0')).'\'');
list($id) = mysql_fetch_row($Q);
mysql_free_result($Q);
if(!$id){
$ERRORS[] = 'Der Name und die Kundennummer passen nicht zueinander.
Bitte rufen Sie uns an unter: 0521 / 555 888';
}
}
// AGB
if(!isset($_REQUEST['agb'])){
$ERRORS[] = 'Die AGB müssen akzeptiert werden';
}
if(count($ERRORS) > 0){
unset($_REQUEST['next']);
}
}
// id erstellen!!
if(isset($_REQUEST['next'])){
do{
$id = substr(md5('pictools-paypal-bridge-id-generator:'.time().':'.mt_rand()), 0, 16);
}while(! mysql_query('INSERT INTO paypal_download (unique_id,datetime,ip,info,foto) VALUES (\''.$id.'\', \''.gmdate('Y-m-d H:i:s').'\', \''.mysql_real_escape_string($_SERVER['REMOTE_ADDR']).'\', \''.mysql_real_escape_string(json_encode($INFO)).'\', \''.mysql_real_escape_string(json_encode($FOTOS)).'\')'));
$Q = mysql_query('SELECT nummer FROM paypal_download WHERE unique_id=\''.$id.'\'');
list($nummer) = mysql_fetch_row($Q);
mysql_free_result($Q);
}
head($_SESSION['CLIENT']);
if(isset($_REQUEST['next'])){
echo '
'; echo ''; echo ' | '; echo ''; if(TEST){ echo ' | Kann nicht abgeschlossen werden wegen testsystem!'; } echo ' |