Tag Archives: php

cscart payment installment module addon

Posted on by
Reply

[ad]

If you are using proxypay as your payment gateway in cscart you can give you visitors/buyers option to pay in installments with this simple cscart module. to use this module/addon following changes in files needs to be done.

firstly in file : skins/currently-used-skin-name/customer/views/orders/components/payments/cc_outside.tpl

paste following code replacing all existing code

{* $Id: cc_outside.tpl 6645 2008-12-22 20:21:37Z zeke $ *}
{*dimarzio*}
{php}
$order_total=$this->_tpl_vars["cart"]["total"];
if($order_total<=99 )
{
 $this->assign('loop_times', 2);
}
else if($order_total>99 && $order_total<=199)
{
 $this->assign('loop_times', 3);
}
else if($order_total>199 && $order_total<=349)
{
 $this->assign('loop_times', 5);
}
else if($order_total>349 && $order_total<=499)
{
 $this->assign('loop_times', 7);
}
else if($order_total>499 && $order_total<=649)
{
 $this->assign('loop_times', 9);
}
else if($order_total>649 && $order_total<=799)
{
 $this->assign('loop_times', 11);
}
else if($order_total>800)
{
 $this->assign('loop_times', 13);
}
{/php}
<div>
 <label for="period">{$lang.no_of_installments}:</label>
 <span>*</span>
 <select id="period" name="no_of_installments">
 {section name="period" start="1" loop=$loop_times step="1"}
<option value="{if $smarty.section.period.index == 1}0{else}{$smarty.section.period.index}{/if}">
 {if $smarty.section.period.index == 1}
 1
 {else}
 {$smarty.section.period.index}
 {/if}
 </option>
 {/section}
 </select>
</div>
<script type="text/javascript" language="javascript 1.2">
//<![CDATA[
// Check payment info fields
 function fn_can_place_order()
 {$ldelim}
 return fn_check_agreement();
 {$rdelim}
//]]>
</script>

Secondly in file: payments/proxypay3.php paste following code over writing your existing code

<?php
/******************************************************************************
*                                                                             *
*     Copyright (c) 2009 Simbirsk Technologies LTD. All rights reserved.      *
*                                                                             *
*******************************************************************************
*                                                                             *
* CS-Cart  is  commercial  software,  only  users  who have purchased a valid *
* license through  http://www.cs-cart.com/  and  accept  to the terms of this *
* License Agreement can install this product.                                 *
*                                                                             *
*******************************************************************************
* THIS  CS-CART  SHOP END-USER LICENSE AGREEMENT IS A LEGAL AGREEMENT BETWEEN *
* YOU  AND  YOUR  COMPANY (COLLECTIVELY, "YOU") AND SIMBIRSK TECHNOLOGIES LTD *
* (HEREINAFTER  REFERRED  TO   AS  "THE AUTHOR")  FOR  THE  SOFTWARE  PRODUCT *
* IDENTIFIED  ABOVE,  WHICH  INCLUDES  COMPUTER   SOFTWARE  AND  MAY  INCLUDE *
* ASSOCIATED   MEDIA,   PRINTED  M ATERIALS,   AND   "ONLINE"  OR  ELECTRONIC *
* DOCUMENTATION  (COLLECTIVELY,  THE  "SOFTWARE").  BY  USING  THE  SOFTWARE, *
* YOU  SIGNIFY YOUR AGREEMENT TO ALL TERMS, CONDITIONS, AND NOTICES CONTAINED *
* OR  REFERENCED  HEREIN.  IF  YOU  ARE NOT  WILLING  TO  BE  BOUND  BY  THIS *
* AGREEMENT, DO NOT INSTALL OR USE THE SOFTWARE.                              *
*                                                                             *
* PLEASE   READ  THE   FULL  TEXT  OF  SOFTWARE  LICENSE   AGREEMENT  IN  THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION. THE AGREEMENT TEXT IS *
* ALSO AVAILABLE AT THE FOLLOWING URL: http://www.cs-cart.com/license.html    *
******************************************************************************/
//
// $Id: proxypay3.php 6785 2009-01-16 13:22:37Z zeke $
//
if ( !defined('IN_CSCART') ) { die('Access denied'); }
$totals_100 = array('EUR', 'USD', 'GBP', 'CHF', 'NLG', 'DEM', 'FRF', 'ATS');
if (defined('PAYMENT_NOTIFICATION')) {
 if ($mode == 'notify') {
 if ($action == 'ok') {
 $__status = db_get_field("SELECT status FROM ?:orders WHERE order_id = ?i", $_REQUEST['order_id']);
 $pp_response = array();
 $pp_response['order_status'] = $__status;
 $pp_response['reason_text'] = fn_get_lang_var('order_id') . '-' . $_REQUEST['order_id'];
 if (fn_check_payment_script('proxypay3.php', $_REQUEST['order_id'])) {
 fn_finish_payment($_REQUEST['order_id'], $pp_response, false);
 }
 fn_order_placement_routines($_REQUEST['order_id']);
 } elseif ($action == 'nok') {
 if (empty($_REQUEST['order_id'])) {
 fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('connection_error'));
 fn_redirect("$index_script?dispatch=checkout.checkout");
 } else {
 $pp_response = array(
 'order_status' => 'D',
 'reason_text' => 'Error in data validation',
 );
 fn_finish_payment($_REQUEST['order_id'], $pp_response, false);
 fn_order_placement_routines($_REQUEST['order_id']);
 }
 }
 }
} else {
 $languages = array('EN', 'GR');
 if (!in_array(CART_LANGUAGE, $languages)) {
 $lang = 'EN';
 } else {
 $lang = CART_LANGUAGE;
 }
 if (in_array($processor_data['params']['currency'], $totals_100)) {
 $total_cost = $order_info['total'];
 } else {
 $total_cost = $order_info['total'] * 100;
 }
echo <<<EOT
<body onLoad="document.process.submit();">
<form method="POST" action="https://{$processor_data['params']['url']}" name="process">
<input type="hidden" name="APACScommand" value="NewPayment">
<input type="hidden" name="merchantID" value="{$processor_data['params']['merchantid']}">
<input type="hidden" name="amount" value="{$total_cost}">
<input type="hidden" name="merchantRef" value="{$order_id}">
<input type="hidden" name="merchantDesc" value="{$processor_data['params']['details']}">
<input type="hidden" name="currency" value="{$processor_data['params']['currency']}">
<input type="hidden" name="lang" value="{$lang}">
<input type="hidden" name="CustomerEmail" value="{$order_info['email']}">
<input type="hidden" name="period" value="{$_REQUEST['no_of_installments']}">
EOT;
$msg = fn_get_lang_var('text_cc_processor_connection');
$msg = str_replace('[processor]', 'Eurobank', $msg);
echo <<<EOT
 </form>
 <br>
 <div align="center">{$msg}</div>
 </body>
</html>
EOT;
}
exit;
?>

[ad]

That’s all. This should do it.

Share

print all smarty variables in a tpl file using php code in tpl file

Posted on by
Reply

[ad]

You can use following code to pint all smarty variables accessible within a smarty file by using following php code in tpl file

{php}
print_r($this->_tpl_vars);
$this->_tpl_vars[‘title’]=’aaaa’;
{/php}

[ad]

Share

Practical Date/Time examples with PHP and MySQL

Posted on by
Reply

In this article Mauricio shows us some examples of how to use the date/time features with MySQL and PHP including the UNIX timestamp and the PHP date_diff() function.Some time ago working with dates and times was a pain for me. In several of my projects I had to calculate a person’s age based on their birth date. I created a members area that allowed the administrators to set the maximum amount of time users can have a password before they must change it and remind each one how many days left before the change. I also had to create time-bomb accounts that worked for several days after its creation and then became useless.

Digging into the PHP and MySQL documentation I found and then worked with several functions that made my life easier. Now I want to share some code tips that allow better manipulation of the time and date in your projects and everyday needs.

The UNIX timestamp is the number of seconds elapsed since January 1, 1970 at 00:00:00. I use the timestamp mostly, it’s better for doing arithmetical operations as it is just a number.

For me it’s easier to add or subtract thousands of seconds than doing the same with a date string. I’m going to use both timestamps and date strings although prefer the first.

Printing the current timestamp is as simple as . This function alone doesn’t do much, the result is a number with more than nine figures, almost unreadable for the average user including me. I’m not going to enter into details about this topic as it has been covered in previous articles. Let’s go to the examples…

Calculating days, hours and seconds

PHP lacks date operation functions, but it provides the tools to do what we want to do. Say we want to know how many days, hours and seconds exist between two given dates, following is the function:


// The parameters of this function are the dates to be compared.
// The first should be prior to the second. The dates are in
// the form of: 1978-04-26 02:00:00.
// They also can come from a web form using the global $_POST['start']
// and $_POST['end'] variables.
function date_diff($str_start, $str_end)
{

$str_start = strtotime($str_start); // The start date becomes a timestamp
$str_end = strtotime($str_end); // The end date becomes a timestamp

$nseconds = $str_end – $str_start; // Number of seconds between the two dates
$ndays = round($nseconds / 86400); // One day has 86400 seconds
$nseconds = $nseconds % 86400; // The remainder from the operation
$nhours = round($nseconds / 3600); // One hour has 3600 seconds
$nseconds = $nseconds % 3600;
$nminutes = round($nseconds / 60); // One minute has 60 seconds, duh!
$nseconds = $nseconds % 60;

echo $ndays.” days, “.$nhours.” hours, “.$nminutes.” minutes, “.$nseconds.”
echo “seconds
“;

}

// Test the function with several values
date_diff(“1978-04-26″, “2003-01-01″);
date_diff(“1984-10-24 15:32:25″, “2003-01-01″);
date_diff(“2001-10-28 17:32:25″, “2003-01-01 12:00:18″);

?>

We could implement more options such as date validation etc., but I will add that in future articles.
This function does not need a lot of explanation, just multiplication and division. Now, let’s seeanother example.

Using the date_diff() function that we’ve just created it’s very easy to calculate your exact age by how many years, days, hours, minutes and seconds since you were born:


// Calculating my exact age
$str_birthday = “1978-04-26″; // My Birth Day
$str_today = date(“Y-m-d H:i:s”); // The exact time
date_diff($str_birthday, $str_today);

?>

As you see I’m using the same function but changing the parameters a little. First $str_birthday is a fixed string, in this example my birthday.

You can, for example, ask the user through a form and then call the function like this:

The trick here is the date() function. With its given parameters prints the exact date of today in the format YYYY-MM-DD hh:mm:ss.

The code returns:
9024 days, 17 hours, 29 minutes, 57 seconds

How many days until…?

Again, using the same function that we created at the beginning and changing the parameters appropriately we can calculate how many days until a given date. There is a problem though; the UNIX timestamp only works for dates between January 1st, 1970 and December 31st, 2037. Dates outside that range will give an unpredictable result.

Now, hoping that we’ll come up with a solution for this in the next thirty years let’s do the math:


$str_future_date = “2028-04-26″; // I’ll be fifty this day!
date_diff(date(“Y-m-d H:i:s”), $str_future_date);

?>

At this point you should be familiar with the function, just tweaking the parametersa little. In this case the first parameter is the exact date of today and the second is the future date that we want to know how many days until.{mospagebreak title=Dates with MySQL&toc=1} MySQL has several great date and time functions that are very useful when you are working with dates. These functions are worth another article which I’ll be writing after this one.

Meanwhile I’ll show the ones that I think are the more useful and interesting.

Also, forcing MySQL to do the date operations by itself saves a lot of time, a lot of code and increases the performance of your application.

Personally, every time that I need to do some date calculations involving dates contained in a database I take a look at MySQL documentation to see which function can help me and let it do the job for me.

In all the following examples the dates can be taken from the database itself, your code or user input.

Anyway, if you are working with databases it’s obvious that at least one of the dates came from there.

Take care when using these functions as most of them work only on MySQL 3.22 and later. If you have doubts refer to the documentation.

The UNIX timestamp revisited

Programmers seem to like the UNIX timestamp very much because you can see it anywhere you go. In the case of MySQL you can use it like this:

SELECT UNIX_TIMESTAMP();

This will return the current timestamp.

mysql> SELECT UNIX_TIMESTAMP(’1978-04-26 02:12:59′);
+—————————————+
| UNIX_TIMESTAMP(’1978-04-26 02:12:59′) |
+—————————————+
| 262422779 |
+—————————————+

mysql> SELECT UNIX_TIMESTAMP(’1978-04-26′);
+——————————+
| UNIX_TIMESTAMP(’1978-04-26′) |
+——————————+
| 262414800 |
+——————————+

This will print the timestamp of the given date.

Be careful when creating the structure and definitions for this kind of table. MySQL returns the UNIX timestamp as an unsigned integer, so keep this in mind when creating your database.

Now, imagine you have a database with a column that contains a UNIX timestamp, you can also convert it to a ‘human-readable’ date using MySQL like this:

mysql> SELECT FROM_UNIXTIME(’262422779′);
+—————————-+
| FROM_UNIXTIME(’262422779′) |
+—————————-+
| 1978-04-26 02:12:59 |
+—————————-+

With this value it’s just a matter of two lines of code and to use the function date_diff() that I created before:

// Working with mysql
$ndbconn = mysql_connect(“localhost”, “user”, “password”);
mysql_select_db(“mydb”);

// The query
$squery = “SELECT FROM_UNIXTIME(’262422779′), NOW()”;
$nresult = mysql_query($squery);
$s_given_date = mysql_result($nresult, 0, 0);
$s_curr_date = mysql_result($nresult, 0, 1);

// Free the result
mysql_free_result($nresult);

// Disconnected
mysql_close($ndbconn);

// The date difference
date_diff($s_given_date, $s_curr_date);

In this example I used MySQL to obtain the dates and then I calculated the time elapsed between both using my – now ‘famous’ – date_diff() function.

The UNIX timestamp can be any you have in your database, I selected the timestamp 262422779 that is exactly my ‘birth time’ and stored it in the $s_given_date variable.

Then I selected the current time with the NOW() function and stored it in the $s_curr_date variable. The rest is old news, I already explained how the function works.

Suppose that you have a members only area, each user has a password but you want the user to change his or her password every two weeks.

The first thing you have to do is add a new column to your users table; this column will store the timestamp of the exact date when the user changed his or her password.

Remember, again, that the timestamp is an unsigned integer, so keep this in mind when creating the table.

The code for this approach should look like this:


$ndbconn = mysql_connect(“localhost”, “user”, “password”);
mysql_select_db(“mysql”);

$n_start_date = 1062521254; // Timestamp for 2003-09-02 11:47:34 taken from your DB

// The query adds fourteen days to the given date
$squery = “SELECT DATE_ADD(FROM_UNIXTIME($n_start_date), INTERVAL 14 DAY)”;
$nresult = mysql_query($squery);
$s_new_date = mysql_result($nresult, 0, 0);

// Free the result
mysql_free_result($nresult);

// Disconnected
mysql_close($ndbconn);
echo “Your password will expire on $s_new_date”;

?>

The main function here is DATE_ADD(), this MySQL function perfectly adds any number of seconds, minutes, hours, days or years to a specific date.

In this example we used it to calculate the exact time fourteen days after the selected date. You can use this function with no risk, it even takes care of leap years.
For example:

mysql> SELECT DATE_ADD(’2004-02-28 23:50:00′, INTERVAL 10 MINUTE); #2004 is a leap year
+—————————————————–+
| DATE_ADD(’2004-02-28 23:50:00′, INTERVAL 10 MINUTE) |
+—————————————————–+
| 2004-02-29 00:00:00 |
+—————————————————–+

Subtraction is done with the DATE_SUB() function in the same way:

mysql> SELECT DATE_SUB(’2004-03-01′, INTERVAL 1 DAY);
+—————————————-+
| DATE_SUB(’2004-03-01′, INTERVAL 1 DAY) |
+—————————————-+
| 2004-02-29 |
+—————————————-+

And don’t worry about December 31st and January 1st transition:

mysql> SELECT DATE_SUB(’2004-01-01′, INTERVAL 1 DAY);
+—————————————-+
| DATE_SUB(’2004-01-01′, INTERVAL 1 DAY) |
+—————————————-+
| 2003-12-31 |
+—————————————-+

My conclusion is there really is no conclusion, date and time are extremely important in real-world applications, for example, calculating the age of a person or calculating how many days left for a loan to expire or a bill to be due.

This is a huge topic that I’ve always been interested in. I said there’s no conclusion because I’ll be posting more articles about this topic with more robust and useful applications. Thanks for your time, I hope you enjoyed it.

Share

HTML:Iframe-inf wordpress Infection

Posted on by
Reply

Here is an article that really helped me getting my server back up and running.

HTML:Iframe-inf wordpress Infection

If your blog has been infected by the HTML:Iframe-inf  infection according to avast here are two scripts that can help you.

FirstWhat is the HTML:Iframe infection?– Its just a line of text that is inserted at the end of every index.php and/or index.htm in your website. Nothing to freak out about but you want to fix it. And Its probably due to wordpress not being secure.

Anyways, here is what you do : This is something you run on the commmand line – See the video below for an idea.

You will need to find infected files first.

find / -type f | xargs grep -l ‘<iframe’  2>/dev/null or you could print out a list of files possibly comprimised. by typing find / -type f | xargs grep -l ‘<iframe’  2>/dev/null >infectedFileslist.txt

The first step is figuring out what is going on with your virus infection.

If you know the time frame of when the virus ran then you could narrow the list of infected files even more by tweaking the find command.

Lets say you know it infected your website about 5 days ago.

Then you would modify the find command to search all files modified less than 10 days ago.

find / -type f -mtime -10 | xargs grep -l ‘<iframe’  2>/dev/null >infectedFileslist.txt

More info on the find command here

http://content.hccfl.edu/pollock/Unix/FindCmd.htm my short version find . -mtime +5 -mtime -10 # find files modifed between 5 and 10 days ago Ok so now you have a list of infected files … This is VERY HELPFUL as you are halfway there to cleaning up your server.

Remove infected text

find / -type f -mtime -10 | xargs grep -l ‘<iframe’| xargs perl -pi -e ‘s/^.*\<iframe.*$/ /g’ Here is an explanation of what the script does line by line so you can adjust per your situation. find / -type f -mtime -10 – looks all files that were modified in the last 10 days ( you adjust as needed) xargs grep -l ‘<iframe’ – of that list of files modified recently look for a line that says <iframe xargs perl -pi -e ‘s/^.*\<iframe.*$/ /g’ – search and replace that line with a blank space Understanding this last line – perl -pi -e is important — http://www.linux.org/lessons/short/perlpie/perl_pie.html You want to be sure that you know whats going on there because this is where the search and the replace happens – Check out this article — http://www.linux.org/lessons/short/perlpie/perl_pie.html You can modify the script line by line to

Here is a video explaining this:

My Contribution:

You can also use this linux command to find files that were changed in last 10 days

find /directory-path-to-search-files-from/ -type f -mtime -10 > infectedFileslist.txt
find . -name "*.js" > /home/star/public_html/infectedJSlist.txt
grep command: Recursively Search All Files For A String
cd /path/to/dir
 grep -r "word" .
 grep -r "string" .
 Ignore case distinctions:
 grep -ri "word" .
To display print only the filenames with GNU grep, enter:
 grep -r -l "foo" .
 You can also specify directory name:
 grep -r -l "foo" /path/to/dir/*.c
find command: Recursively Search All Files For A String
find command is recommend because of speed and ability to deal with filenames that contain spaces.
 cd /path/to/dir
 find . -type f -exec grep -l "word" {} +
 find . -type f -exec grep -l "seting" {} +
 find . -type f -exec grep -l "foo" {} +
 Older UNIX version should use xargs to speed up things:
 find /path/to/dir -type f | xargs grep -l "foo"
 It is good idea to pass -print0 option to find command that it can deal with filenames that contain spaces or other metacharacters:
 find /path/to/dir -type f -print0 | xargs -0 grep -l "foo"
 
I found this command to be really helpful if you are not certain if its an iframe attack or not.
Share