id) { $query = "SELECT id FROM #__mssubscriptionpro_users WHERE LOWER(username) = '".strtolower($my->username)."' "; $database->setQuery($query); $user_id = $database->loadResult(); if (!$user_id) { $query = "SELECT * FROM #__users WHERE id = '".$my->id."' "; $database->setQuery($query); $database->loadObject($user); $query = "SELECT id FROM #__mssubscriptionpro_users WHERE LOWER(username) = '".strtolower($user->username)."' OR LOWER(email) = '".strtolower($user->username)."' "; $database->setQuery($query); $if_ins = $database->loadResult(); if (!$if_ins) { $query = "INSERT INTO `#__mssubscriptionpro_users` (`id`, `jid`, `site_id`, `name`, `username`, `email`, `password`, `usertype`, `block`, `sendEmail`, `gid`, `registerDate`, `lastvisitDate`, `activation`, `params`) VALUES ('', '', '1', '".$user->name."', '".$user->username."', '".$user->email."', '".$user->password."', '".$user->usertype."', '0', '".$user->sendEmail."', '".$user->gid."', NOW(), NOW(), '', '".$user->params."')"; $database->setQuery($query); $database->query(); } } } // try to init from cookie if (@$_COOKIE['mssprouserid']) { $query = "SELECT id FROM #__mssubscriptionpro_users WHERE MD5(id) = '".$_COOKIE['mssprouserid']."' "; $database->setQuery($query); $user_id = $database->loadResult(); if ($user_id) $mssprouser->load($user_id); } // try to init from $my if ($my->id) { $query = "SELECT id FROM #__mssubscriptionpro_users WHERE LOWER(username) = '".strtolower($my->username)."' "; $database->setQuery($query); $user_id = $database->loadResult(); if ($user_id) $mssprouser->load($user_id); } } function msspro_get_user($user_id) { global $database; $query = "SELECT * FROM #__mssubscriptionpro_users WHERE id='".$user_id."'"; $database->setQuery( $query ); $rows = $database->loadObjectList(); if (count($rows)) return $rows[0]; else return false; } function msspro_get_site($site_id) { global $database; $query = "SELECT * FROM #__mssubscriptionpro_sites WHERE id='".$site_id."'"; $database->setQuery( $query ); $rows = $database->loadObjectList(); return $rows[0]; } function msspro_get_subscription($sub_id) { global $database; $query = "SELECT * FROM #__mssubscriptionpro_subscriptions WHERE id='".$sub_id."'"; $database->setQuery( $query ); $rows = $database->loadObjectList(); return $rows[0]; } function msspro_check_sites_db() { global $database; $query = "SELECT id FROM #__mssubscriptionpro_sites WHERE published=1 AND directory=0"; $database->setQuery( $query ); $rows = $database->loadObjectList(); foreach ($rows as $row) { msspro_connect_site($row->id); msspro_connect_natural(); } } function msspro_get_dberror($site_id) { global $database; $query = "SELECT db_error FROM #__mssubscriptionpro_sites WHERE id='".$site_id."'"; $database->setQuery( $query ); $res = $database->loadResult(); return $res; } function msspro_connect_site($site_id) { global $database, $msspro_dberror_mail, $mosConfig_mailfrom, $mosConfig_absolute_path; $site = msspro_get_site($site_id); if (@mysql_connect($site->db_host, $site->db_user, $site->db_password) && @mysql_select_db($site->db_name)) { return true; } else { msspro_connect_natural(); if ($msspro_dberror_mail && !msspro_get_dberror($site_id)) { mosMail($mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_mailfrom, 'Remote database connection error', "Site URL: ".$site->url."\nThe site was unpublished for future subscriptions in Subscription Pro component."); $query = "UPDATE #__mssubscriptionpro_sites SET published=0, db_error=1 WHERE id='".$site_id."'"; $database->setQuery( $query ); $res = $database->query(); } return false; } } function msspro_connect_natural() { global $mosConfig_host, $mosConfig_user, $mosConfig_password, $mosConfig_db; $mlink = mysql_connect($mosConfig_host, $mosConfig_user, $mosConfig_password); mysql_select_db($mosConfig_db); } // users' routine function msspro_insert_user($site_id, $user_id, $block=1) { global $database, $mosConfig_absolute_path, $mosConfig_live_site, $msspro_auto_login; $site = msspro_get_site($site_id); $user = msspro_get_user($user_id); // directory if ($site->directory) { // create .htaccess if needed if (!@file_exists($mosConfig_absolute_path.$site->dir_path."/.htaccess")) { $file = 'AuthName "'.$site->auth_title.'"'.chr(13).chr(10); $file .= 'AuthType "Basic"'.chr(13).chr(10); $file .= 'AuthUserFile "' . $mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt"' . chr(13) . chr(10); $file .= 'require valid-user'.chr(13).chr(10); $ff = @fopen($mosConfig_absolute_path.$site->dir_path."/.htaccess", 'w'); @fwrite($ff, $file); @fclose($ff); } $file = ''; // set new user $pass = msspro_plain_pass(16); $pass2 = msspro_crypt_apr_md5($pass); $file = $user->username.':'. $pass2 . chr(13) . chr(10); // write new .htpasswd $ff = @fopen($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt', 'a'); @fwrite($ff, $file, strlen($file)); @fclose($ff); @chmod($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt', 0644); // mail user msspro_notify_dir_password($site_id, $user_id, $pass); } // usuall site else { if ( msspro_connect_site($site_id) ) { // register new user if ($site->auth_action == 0) { // getting group info $query = "SELECT name FROM ".$site->db_prefix."core_acl_aro_groups WHERE group_id='".$site->group_id."' "; $res = @mysql_query($query); $group_name = @mysql_result($res,0,'name'); if ($group_name == '') { $group_name = 'Registered'; $site->group_id = 18; } $query = "INSERT INTO ".$site->db_prefix."users (name,username,email,password,usertype,block,sendemail,gid,registerdate,activation) VALUES ('".$user->name."', '".$user->username."','".$user->email."','".$user->password."','".$group_name."','".$block."',0,".$site->group_id.",NOW(),'')"; $res = @mysql_query($query); $userid = @mysql_insert_id(); $query = "INSERT INTO ".$site->db_prefix."core_acl_aro VALUES ('', 'users', '".$userid."', 0, '".$user->name."', 0)"; $res = @mysql_query($query); $aroid = @mysql_insert_id(); $query = "INSERT INTO ".$site->db_prefix."core_acl_groups_aro_map VALUES (".$site->group_id.", '', '".$aroid."')"; $res = @mysql_query($query); // CB routine if ($site->cb) { $query = "INSERT INTO ".$site->db_prefix."comprofiler (`id`, `user_id`, `firstname`, `middlename`, `lastname`, `hits`, `avatar`, `avatarapproved`, `approved`, `confirmed`, `lastupdatedate`, `banned`, `banneddate`, `bannedby`, `bannedreason`, `acceptedterms`) VALUES ('".$userid."', '".$userid."', '', '', '', 0, NULL, 1, 1, 1, NOW(), 0, NULL, NULL, NULL, 0)"; $res = @mysql_query($query); } } msspro_connect_natural(); // or change his group if ($site->auth_action == 1) { msspro_change_usergroup($site_id, $user_id, $site->group_id); } // autologin msspro_connect_natural(); if (ereg($mosConfig_live_site, $site->url) && $msspro_auto_login && $site->fee_type != 2) { msspro_auto_login(); } return true; } else return false; } // end usuall site } function msspro_delete_user($site_id, $user_id) { global $database, $mosConfig_absolute_path; $site = msspro_get_site($site_id); $user = msspro_get_user($user_id); if ($site->directory) { $file = ''; if (@file_exists($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt') && @filesize($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt')>0) { // get old .htpasswd $ff = @fopen($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt', 'r'); $file = @fread($ff, @filesize($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt')); @fclose($ff); // delete user $file = preg_replace('/(\[block.*\]('.$user->username.'))/','$2',$file); $file = preg_replace('/'.$user->username.'\:.*'. chr(13).chr(10) .'/','',$file); // write new .htpasswd $ff = @fopen($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt', 'w'); @fwrite($ff, $file, strlen($file)); @fclose($ff); // check if 0 after deleteing if (@filesize($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt') == 0) unlink($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt'); } } else { if ( msspro_connect_site($site_id) ) { // delete user if it was registration if ($site->auth_action == 0) { // delete from subs site $query = "SELECT id FROM ".$site->db_prefix."users WHERE username='".$user->username."'"; $res = @mysql_query($query); $far_userid = @mysql_result($res,0,'id'); $query = "DELETE FROM ".$site->db_prefix."users WHERE id='".$far_userid."'"; $res = @mysql_query($query); $query = "SELECT aro_id FROM ".$site->db_prefix."core_acl_aro WHERE value='".$far_userid."'"; $res = @mysql_query($query); $aro_id = @mysql_result($res,0,'aro_id'); $query = "DELETE FROM ".$site->db_prefix."core_acl_aro WHERE aro_id='".$aro_id."'"; $res = @mysql_query($query); $query = "DELETE FROM ".$site->db_prefix."core_acl_groups_aro_map WHERE aro_id='".$aro_id."'"; $res = @mysql_query($query); $query = "DELETE FROM ".$site->db_prefix."session WHERE userid='".$far_userid."'"; $res = @mysql_query($query); // CB routine if ($site->cb) { $query = "DELETE FROM ".$site->db_prefix."comprofiler WHERE userid='".$far_userid."'"; $res = @mysql_query($query); } } msspro_connect_natural(); // or change his group to final value if ($site->auth_action == 1) { msspro_change_usergroup($site_id, $user_id, $site->group_id2); } return true; } else return false; } } function msspro_block_user($site_id, $user_id, $block=1) { global $database, $mosConfig_absolute_path; $site = msspro_get_site($site_id); $user = msspro_get_user($user_id); if ($site->directory) { $file = ''; if (@file_exists($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt') && @filesize($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt')>0) { // get old .htpasswd $ff = @fopen($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt', 'r'); $file = @fread($ff, @filesize($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt')); @fclose($ff); // block user if ($block == 1) $file = preg_replace('/('.$user->username.'\:.*'. chr(13).chr(10) .')/','[block'.msspro_plain_pass(5).']$1',$file); // unblock user else $file = preg_replace('/(\[block.*\]('.$user->username.'))/','$2',$file); // write new .htpasswd $ff = @fopen($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt', 'w'); @fwrite($ff, $file); @fclose($ff); } } else { if ( msspro_connect_site($site_id) ) { $query = "UPDATE ".$site->db_prefix."users SET block=".$block." WHERE username='".$user->username."'"; $res = @mysql_query($query); if ($block == 1) { $query = "DELETE FROM ".$site->db_prefix."session WHERE username='".$user->username."'"; $res = @mysql_query($query); } msspro_connect_natural(); return true; } else return false; } } function msspro_change_usergroup($site_id, $user_id, $group_id, $del_sub=0) { global $database; $site = msspro_get_site($site_id); $user = msspro_get_user($user_id); if (!$site->directory) { if ( msspro_connect_site($site_id) ) { $query = "SELECT id FROM ".$site->db_prefix."users WHERE username='".$user->username."'"; $res = @mysql_query($query); $far_userid = @mysql_result($res,0,'id'); // getting group info $query = "SELECT name FROM ".$site->db_prefix."core_acl_aro_groups WHERE group_id='".$group_id."' "; $res = @mysql_query($query); $group_name = @mysql_result($res,0,'name'); if ($group_name == '') { $group_name = 'Registered'; $group_id = 18; } $query = "UPDATE ".$site->db_prefix."users SET gid=".$group_id.", usertype='".$group_name."' WHERE username='".$user->username."'"; $res = @mysql_query($query); $query = "SELECT aro_id FROM ".$site->db_prefix."core_acl_aro WHERE value=".$far_userid; $res = @mysql_query($query); $aroid = @mysql_result($res,0,'aro_id'); $query = "UPDATE ".$site->db_prefix."core_acl_groups_aro_map SET group_id=".$group_id." WHERE aro_id=".$aroid; $res = @mysql_query($query); $query = "DELETE FROM ".$site->db_prefix."session WHERE userid=".$far_userid; $res = @mysql_query($query); msspro_connect_natural(); // delete subscription if leave user after finish if ($del_sub) { $query = "DELETE FROM #__mssubscriptionpro_subscriptions WHERE id='".$del_sub."' "; $database->setQuery( $query ); $res = $database->query(); } return true; } else return false; } } function msspro_user_exists($site_id, $user_id, $strict=0) { global $database, $mosConfig_absolute_path; $site = msspro_get_site($site_id); $user = msspro_get_user($user_id); if (!$user) {return false; exit();} if ($site->directory) { if (@file_exists($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt') && @filesize($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt')>0) { $ff = fopen($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt', 'r'); $file = fread($ff, filesize($mosConfig_absolute_path.'/components/com_mssubscriptionpro/'.$site_id.'.txt')); fclose($ff); // check for existance $users = explode(chr(13).chr(10), $file); $exist = false; foreach ($users as $row) { if ( preg_match('/^'.strtolower($user->username).'\:/', strtolower($row)) ) $exist = true; } return $exist; } else return false; } else { if ( msspro_connect_site($site_id) ) { if ($strict) $cond = 'AND'; else $cond = 'OR'; $query = "SELECT id FROM ".$site->db_prefix."users WHERE LOWER(username) = '".strtolower($user->username)."' ".$cond." LOWER(email) = '".strtolower($user->email)."'"; $res = @mysql_query($query); if ( $res && @mysql_num_rows($res)>0 ) { msspro_connect_natural(); return true; } else { msspro_connect_natural(); return false; } } else return false; } } function msspro_user_subscribed($site_id, $user_id) { global $database; $query = "SELECT id FROM #__mssubscriptionpro_subscriptions WHERE user_id='".$user_id."' AND site_id='".$site_id."' AND published=1 "; $database->setQuery( $query ); $subid = $database->loadResult(); if ($subid) return $subid; else return false; } // subscriptions routine function msspro_subscription_blocked($sub_id) { global $database; $query = "SELECT block FROM #__mssubscriptionpro_subscriptions WHERE id='".$sub_id."'"; $database->setQuery( $query ); $subid = $database->loadResult(); if ($subid) return $subid; else return false; } function msspro_subscription_paid($sub_id) { global $database; $query = "SELECT paid FROM #__mssubscriptionpro_subscriptions WHERE id='".$sub_id."'"; $database->setQuery( $query ); $subid = $database->loadResult(); if ($subid) return $subid; else return false; } function msspro_subscription_notified($sub_id) { global $database; $query = "SELECT notified FROM #__mssubscriptionpro_subscriptions WHERE id='".$sub_id."'"; $database->setQuery( $query ); $subid = $database->loadResult(); if ($subid) return $subid; else return false; } function msspro_register_free_sites( $params, $rows, $terms_str='' ) { global $database, $Itemid, $mssprouser; if ($mssprouser->id) { $sites_str = ''; foreach($rows as $row) { if ($row->fee_type != 2) { $sites_str .= $row->id . ','; } } $sites_str .= $terms_str; if (substr($sites_str,strlen($sites_str)-1,1) == ',') $sites_str = substr($sites_str,0,strlen($sites_str)-1); if ($sites_str) { msspro_notify_sub($mssprouser->id, $sites_str, 0, 'Free registration'); msspro_notifyadmin_sub($mssprouser->id, $sites_str, 0, 'Free registration'); return msspro_register_subscriptions($mssprouser->id, $sites_str, 'Free registration'); } } } function msspro_register_subscriptions($user_id, $sites_str, $txn_id) { global $database, $mssprouser; $user = msspro_get_user($user_id); $return=''; $sites = array(); $sites_terms = array(); $sites_all = array(); $sites_all = explode(',',$sites_str); foreach ($sites_all as $site_all) { if (strpos($site_all,'(') === false) { $sites[] = $site_all; $sites_terms[$site_all] = 0; } else { $sites_terms[substr($site_all,0,strpos($site_all,'('))] = str_replace(')','',substr($site_all,strpos($site_all,'(')+1,10000)); } } for ($x=0; $xsetQuery( $query ); $rows = $database->loadObjectList(); if (count($rows) ) { // subscription exists - prolonging payment or after trial payment or in trial payment, first - we return usergroup $site2 = msspro_get_site($sites[$x]); msspro_change_usergroup($sites[$x], $user_id, $site2->group_id); msspro_re_subscribe($rows[0], $user_id, $sites[$x], $sites_terms[$sites[$x]], $txn_id); } else { // new subscription $return .= msspro_subscribe($user_id, $sites[$x], $sites_terms[$sites[$x]], $txn_id); } } return $return; } function msspro_subscribe($user_id, $site_id, $site_term, $txn_id) { $cur_site = msspro_get_site($site_id); $return=''; $my_now = date("Y-m-d H:i:s", mktime()); // paid fee_type if ($cur_site->fee_type == 2) { if ($cur_site->account_type == 1) { $s_id = msspro_insert_subscription($user_id, $site_id, 1, $my_now, 0, 0, $txn_id); msspro_block_subscription($site_id, $user_id, 0, $s_id); } if ($cur_site->account_type == 2) { $s_id = msspro_insert_subscription($user_id, $site_id, 1, $my_now, 1, 0, $txn_id); msspro_block_subscription($site_id, $user_id, 1, $s_id); } if ($cur_site->account_type == 3) { $s_id = msspro_insert_subscription($user_id, $site_id, 1, $my_now, 1, 0, $txn_id); msspro_block_subscription($site_id, $user_id, 1, $s_id); } if ($cur_site->account_type == 4) { $s_id = msspro_insert_subscription($user_id, $site_id, 1, $my_now, 0, 1, $txn_id); msspro_block_subscription($site_id, $user_id, 0, $s_id); } if ($cur_site->account_type == 5) { $s_id = msspro_insert_subscription($user_id, $site_id, 1, $my_now, 0, $site_term, $txn_id); msspro_block_subscription($site_id, $user_id, 0, $s_id); } } // trial anf free fee_type if ($cur_site->fee_type == 3 || $cur_site->fee_type == 1) { if ($cur_site->account_type == 1) { $s_id = msspro_insert_subscription($user_id, $site_id, 0, $my_now, 0, 0, $txn_id); msspro_block_subscription($site_id, $user_id, 0, $s_id); } if ($cur_site->account_type == 2) { $s_id = msspro_insert_subscription($user_id, $site_id, 0, $my_now, 0, 0, $txn_id); msspro_block_subscription($site_id, $user_id, 0, $s_id); } if ($cur_site->account_type == 3) { $s_id = msspro_insert_subscription($user_id, $site_id, 0, $my_now, 0, 0, $txn_id); msspro_block_subscription($site_id, $user_id, 0, $s_id); } if ($cur_site->account_type == 4) { $s_id = msspro_insert_subscription($user_id, $site_id, 0, $my_now, 0, 1, $txn_id); msspro_block_subscription($site_id, $user_id, 0, $s_id); } if ($cur_site->account_type == 5) { $s_id = msspro_insert_subscription($user_id, $site_id, 0, $my_now, 0, $site_term, $txn_id); msspro_block_subscription($site_id, $user_id, 0, $s_id); } $return .= '

You was sucessfully subscribed on '.$cur_site->name.' ('.$cur_site->url.')

'; } return $return; } function msspro_re_subscribe($row, $user_id, $site_id, $site_term, $txn_id) { global $database; $cur_site = msspro_get_site($site_id); $my_now = date("Y-m-d H:i:s", mktime()); // preventing re-subscribe on free and trial sites for free (resubscribe only paid sites and trial sites with finished trial) if ($cur_site->fee_type == 2 || ($cur_site->fee_type == 3 && $txn_id != 'Free registration') ) { if (!msspro_subscription_blocked($row->id)) { // prolonging prior to expiry if ($cur_site->account_type == 4 && $cur_site->prolong_prior == 1) { // increase perios for within the term $query = "UPDATE #__mssubscriptionpro_subscriptions SET access_days=access_days+1, notified=0, `txn_id`=CONCAT(txn_id,',".$txn_id."') WHERE id=".$row->id; $database->setQuery($query); $database->query($query); } if ($cur_site->account_type == 5 && $cur_site->prolong_prior == 1) { // increase user's specified term $query = "UPDATE #__mssubscriptionpro_subscriptions SET access_days=access_days+".$site_term.", notified=0, `txn_id`=CONCAT(txn_id,',".$txn_id."') WHERE id=".$row->id; $database->setQuery($query); $database->query($query); } } else { // prolonging blocked subscriptions if ($cur_site->account_type == 1) { $s_id = msspro_update_subscription($user_id, $site_id, 1, $my_now, 0, 0, $txn_id); msspro_block_subscription($site_id, $user_id, 0, $s_id); } if ($cur_site->account_type == 2) { $s_id = msspro_update_subscription($user_id, $site_id, 1, $my_now, 1, 0, $txn_id); msspro_block_subscription($site_id, $user_id, 1, $s_id); } if ($cur_site->account_type == 3) { $s_id = msspro_update_subscription($user_id, $site_id, 1, $my_now, 1, 0, $txn_id); msspro_block_subscription($site_id, $user_id, 1, $s_id); } if ($cur_site->account_type == 4) { $s_id = msspro_update_subscription($user_id, $site_id, 1, $my_now, 0, 1, $txn_id); msspro_block_subscription($site_id, $user_id, 0, $s_id); } if ($cur_site->account_type == 5) { $s_id = msspro_update_subscription($user_id, $site_id, 1, $my_now, 0, $site_term, $txn_id); msspro_block_subscription($site_id, $user_id, 0, $s_id); } // set not notified flag $query = "UPDATE `#__mssubscriptionpro_subscriptions` SET `notified`= 0 WHERE id='".$row->id."' "; $database->setQuery( $query ); $res = $database->query(); } } } function msspro_insert_subscription($user_id, $site_id, $paid, $date, $block, $access_days, $txn_id, $published=1, $start_date = 'NOW()') { global $database; $query = "INSERT INTO `#__mssubscriptionpro_subscriptions` ( `id` , `user_id` , `site_id` , `paid` , `date` , `block` , `access_days` , `txn_id` , `checked_out` , `checked_out_time` , `date_first` , `published`) VALUES ('' , '".$user_id."', '".$site_id."', ".$paid.", '".$date."', '".$block."', '".$access_days."', '".$txn_id."', '0', '0000-00-00 00:00:00' , ".$start_date.", '".$published."' )"; $database->setQuery( $query ); $res = $database->query(); $sub_id = $database->insertid(); msspro_insert_user($site_id, $user_id, $block); return $sub_id; } function msspro_update_subscription($user_id, $site_id, $paid, $date, $block, $access_days, $txn_id) { global $database; $query = "UPDATE `#__mssubscriptionpro_subscriptions` SET `paid`= ".$paid.", `date`='".$date."' , `block`=".$block." , `access_days`=".$access_days." , `txn_id`=CONCAT(txn_id,',".$txn_id."') WHERE user_id='".$user_id."' AND site_id='".$site_id."' "; $database->setQuery( $query ); $res = $database->query(); $sub_id = $database->insertid(); return $sub_id; } function msspro_delete_subscription($sub_id) { global $database; $sub = msspro_get_subscription($sub_id); // notify if finished msspro_notify_after($sub->site_id, $sub->user_id); msspro_notifyadmin_after($sub->site_id, $sub->user_id); msspro_delete_user($sub->site_id, $sub->user_id); $query = "DELETE FROM `#__mssubscriptionpro_subscriptions` WHERE id='".$sub_id."' "; $database->setQuery( $query ); $res = $database->query(); } function msspro_block_subscription($site_id, $user_id, $block=1, $sub_id='') { global $database; if ($block == 0) $add = " , notified=0 "; else $add=''; if ($sub_id) $query = "UPDATE #__mssubscriptionpro_subscriptions SET block=".$block.$add." WHERE site_id='".$site_id."' AND user_id='".$user_id."' "; else $query = "UPDATE #__mssubscriptionpro_subscriptions SET block=".$block.$add." WHERE id='".$sub_id."' "; $database->setQuery( $query ); $res = $database->query(); msspro_block_user($site_id, $user_id, $block); $site = msspro_get_site($site_id); // notify if activated if (!$block && $site->notify_active) { msspro_notify_active($site_id, $user_id); msspro_notifyadmin_active($site_id, $user_id); } if (!$block) msspro_notifyadmin_active($site_id, $user_id); // notify if finished if ($block && $site->notify_after) { msspro_notify_after($site_id, $user_id); msspro_notifyadmin_after($site_id, $user_id); } if ($block) msspro_notifyadmin_after($site_id, $user_id); } // payments routine function msspro_payment_joined($user_id) { global $database; $query = "SELECT id FROM #__mssubscriptionpro_payments WHERE user_id=".$user_id." AND type='Join'"; $database->setQuery( $query ); $subid = $database->loadResult(); if ($subid) return $subid; else return false; } function msspro_insert_payment($txn_id, $payment_status, $payment_type, $proc_name, $payment_amount, $payment_currency, $tax_amount, $user_id, $sites) { global $database; $query = "INSERT INTO #__mssubscriptionpro_payments ( id , txn_id , processor , status , type, amount , cur_code , tax_amount , date , user_id , sites ) VALUES ('' , '".$txn_id."', '".$proc_name."', '".$payment_status."', '".$payment_type."', '".$payment_amount."', '".$payment_currency."', '".$tax_amount."', NOW(), '".$user_id."', '".$sites."')"; $database->setQuery( $query ); $res = $database->query(); } // users notifications routine function msspro_notify_join($user_id, $payment_amount, $txn_id) { global $msspro_notify_join, $msspro_notify_join_from, $msspro_notify_join_subject, $msspro_notify_join_text, $mosConfig_fromname; if ($msspro_notify_join) { $user = msspro_get_user($user_id); $mes = str_replace('[username]', $user->username, $msspro_notify_join_text); $mes = str_replace('[amount]', $payment_amount, $mes); $mes = str_replace('[txn_id]', $txn_id, $mes); mosMail($msspro_notify_join_from, $mosConfig_fromname, $user->email, $msspro_notify_join_subject, $mes); } } function msspro_notify_sub($user_id, $sites, $payment_amount, $txn_id) { global $database, $msspro_notify_sub, $msspro_notify_sub_from, $msspro_notify_sub_subject, $msspro_notify_sub_text, $mosConfig_fromname; if ($msspro_notify_sub) { $user = msspro_get_user($user_id); $mes = str_replace('[username]', $user->username, $msspro_notify_sub_text); $mes = str_replace('[amount]', $payment_amount, $mes); $mes = str_replace('[txn_id]', $txn_id, $mes); $st = "\n"; $sites = preg_replace('/\(.*\)/','',$sites); $sites_ar = explode(',',$sites); $sites_ar = array_unique($sites_ar); foreach ($sites_ar as $site) { $site_data = msspro_get_site($site); $st .= $site_data->name . " (". $site_data->url . ")\n"; } $mes = str_replace('[sites]', $st, $mes); mosMail($msspro_notify_sub_from, $mosConfig_fromname, $user->email, $msspro_notify_sub_subject, $mes); } } function msspro_notify_dir_password($site_id, $user_id, $pass) { global $mosConfig_absolute_path, $msspro_notify_dir_from, $msspro_notify_dir_subject, $msspro_notify_dir_text, $mosConfig_fromname; require_once($mosConfig_absolute_path.'/components/com_mssubscriptionpro/mssubscriptionpro.config.php'); $user = msspro_get_user($user_id); $site = msspro_get_site($site_id); $mes = str_replace('[username]', $user->username, $msspro_notify_dir_text); $mes = str_replace('[sitename]', $site->name, $mes); $mes = str_replace('[siteurl]', $site->url, $mes); $mes = str_replace('[password]', $pass, $mes); mosMail($msspro_notify_dir_from, $mosConfig_fromname, $user->email, $msspro_notify_dir_subject, $mes); } function msspro_notify_active($site_id, $user_id) { global $mosConfig_absolute_path, $msspro_notify_active_from, $msspro_notify_active_subject, $msspro_notify_active_text, $mosConfig_fromname; require_once($mosConfig_absolute_path.'/components/com_mssubscriptionpro/mssubscriptionpro.config.php'); $user = msspro_get_user($user_id); $site = msspro_get_site($site_id); $mes = str_replace('[username]', $user->username, $msspro_notify_active_text); $mes = str_replace('[sitename]', $site->name, $mes); $mes = str_replace('[url]', $site->url, $mes); $mes = str_replace('[date]', date("Y-m-d H:i:s", mktime()), $mes); mosMail($msspro_notify_active_from, $mosConfig_fromname, $user->email, $msspro_notify_active_subject, $mes); } function msspro_notify_after($site_id, $user_id) { global $mosConfig_absolute_path, $msspro_notify_after_from, $msspro_notify_after_subject, $msspro_notify_after_text, $mosConfig_fromname; require_once($mosConfig_absolute_path.'/components/com_mssubscriptionpro/mssubscriptionpro.config.php'); $user = msspro_get_user($user_id); $site = msspro_get_site($site_id); $mes = str_replace('[username]', $user->username, $msspro_notify_after_text); $mes = str_replace('[sitename]', $site->name, $mes); $mes = str_replace('[url]', $site->url, $mes); $mes = str_replace('[date]', date("Y-m-d H:i:s", mktime()), $mes); mosMail($msspro_notify_after_from, $mosConfig_fromname, $user->email, $msspro_notify_after_subject, $mes); } function msspro_notify_before($site_id, $user_id, $stamp) { global $mosConfig_absolute_path, $database; global $msspro_notify_before_from, $msspro_notify_before_subject, $msspro_notify_before_text, $mosConfig_fromname; require_once($mosConfig_absolute_path.'/components/com_mssubscriptionpro/mssubscriptionpro.config.php'); $user = msspro_get_user($user_id); $site = msspro_get_site($site_id); $mes = str_replace('[username]', $user->username, $msspro_notify_before_text); $mes = str_replace('[sitename]', $site->name, $mes); $mes = str_replace('[url]', $site->url, $mes); $mes = str_replace('[date]', date("Y-m-d H:i:s", $stamp), $mes); mosMail($msspro_notify_before_from, $mosConfig_fromname, $user->email, $msspro_notify_before_subject, $mes); // set already notified flag $query = "UPDATE `#__mssubscriptionpro_subscriptions` SET `notified`= 1 WHERE user_id='".$user_id."' AND site_id='".$site_id."' "; $database->setQuery( $query ); $res = $database->query(); } // administrators notifications routine function msspro_notifyadmin_join($user_id, $payment_amount, $txn_id) { global $msspro_admin_emails, $msspro_notifyadmin_join, $msspro_notifyadmin_join_from, $msspro_notifyadmin_join_subject, $msspro_notifyadmin_join_text, $mosConfig_fromname; if ($msspro_notifyadmin_join) { if (!is_array($msspro_admin_emails)) $msspro_admin_emails = explode(',',$msspro_admin_emails); $user = msspro_get_user($user_id); $mes = str_replace('[username]', $user->username, $msspro_notifyadmin_join_text); $mes = str_replace('[amount]', $payment_amount, $mes); $mes = str_replace('[txn_id]', $txn_id, $mes); mosMail($msspro_notifyadmin_join_from, $mosConfig_fromname, $msspro_admin_emails, $msspro_notifyadmin_join_subject, $mes); } } function msspro_notifyadmin_sub($user_id, $sites, $payment_amount, $txn_id) { global $msspro_admin_emails, $database, $msspro_notifyadmin_sub, $msspro_notifyadmin_sub_from, $msspro_notifyadmin_sub_subject, $msspro_notifyadmin_sub_text, $mosConfig_fromname; if ($msspro_notifyadmin_sub) { if (!is_array($msspro_admin_emails)) $msspro_admin_emails = explode(',',$msspro_admin_emails); $user = msspro_get_user($user_id); $mes = str_replace('[username]', $user->username, $msspro_notifyadmin_sub_text); $mes = str_replace('[amount]', $payment_amount, $mes); $mes = str_replace('[txn_id]', $txn_id, $mes); $st = "\n"; $sites = preg_replace('/\(.*\)/','',$sites); $sites_ar = explode(',',$sites); $sites_ar = array_unique($sites_ar); foreach ($sites_ar as $site) { $site_data = msspro_get_site($site); $st .= $site_data->name . " (". $site_data->url . ")\n"; } $mes = str_replace('[sites]', $st, $mes); mosMail($msspro_notifyadmin_sub_from, $mosConfig_fromname, $msspro_admin_emails, $msspro_notifyadmin_sub_subject, $mes); } } function msspro_notifyadmin_dir_password($site_id, $user_id, $pass) { global $msspro_notifyadmin_dir, $msspro_admin_emails, $mosConfig_absolute_path, $msspro_notifyadmin_dir_from, $msspro_notifyadmin_dir_subject, $msspro_notifyadmin_dir_text, $mosConfig_fromname; require_once($mosConfig_absolute_path.'/components/com_mssubscriptionpro/mssubscriptionpro.config.php'); if ($msspro_notifyadmin_dir) { if (!is_array($msspro_admin_emails)) $msspro_admin_emails = explode(',',$msspro_admin_emails); $user = msspro_get_user($user_id); $site = msspro_get_site($site_id); $mes = str_replace('[username]', $user->username, $msspro_notifyadmin_dir_text); $mes = str_replace('[sitename]', $site->name, $mes); $mes = str_replace('[siteurl]', $site->url, $mes); $mes = str_replace('[password]', $pass, $mes); mosMail($msspro_notifyadmin_dir_from, $mosConfig_fromname, $msspro_admin_emails, $msspro_notifyadmin_dir_subject, $mes); } } function msspro_notifyadmin_active($site_id, $user_id) { global $msspro_notifyadmin_active, $msspro_admin_emails, $mosConfig_absolute_path, $msspro_notifyadmin_active_from, $msspro_notifyadmin_active_subject, $msspro_notifyadmin_active_text, $mosConfig_fromname; require_once($mosConfig_absolute_path.'/components/com_mssubscriptionpro/mssubscriptionpro.config.php'); if ($msspro_notifyadmin_active) { if (!is_array($msspro_admin_emails)) $msspro_admin_emails = explode(',',$msspro_admin_emails); $user = msspro_get_user($user_id); $site = msspro_get_site($site_id); $mes = str_replace('[username]', $user->username, $msspro_notifyadmin_active_text); $mes = str_replace('[sitename]', $site->name, $mes); $mes = str_replace('[url]', $site->url, $mes); $mes = str_replace('[date]', date("Y-m-d H:i:s", mktime()), $mes); mosMail($msspro_notifyadmin_active_from, $mosConfig_fromname, $msspro_admin_emails, $msspro_notifyadmin_active_subject, $mes); } } function msspro_notifyadmin_after($site_id, $user_id) { global $msspro_notifyadmin_after, $msspro_admin_emails, $mosConfig_absolute_path, $msspro_notifyadmin_after_from, $msspro_notifyadmin_after_subject, $msspro_notifyadmin_after_text, $mosConfig_fromname; require_once($mosConfig_absolute_path.'/components/com_mssubscriptionpro/mssubscriptionpro.config.php'); if ($msspro_notifyadmin_after) { if (!is_array($msspro_admin_emails)) $msspro_admin_emails = explode(',',$msspro_admin_emails); $user = msspro_get_user($user_id); $site = msspro_get_site($site_id); $mes = str_replace('[username]', $user->username, $msspro_notifyadmin_after_text); $mes = str_replace('[sitename]', $site->name, $mes); $mes = str_replace('[url]', $site->url, $mes); $mes = str_replace('[date]', date("Y-m-d H:i:s", mktime()), $mes); mosMail($msspro_notifyadmin_after_from, $mosConfig_fromname, $msspro_admin_emails, $msspro_notifyadmin_after_subject, $mes); } } // apache md5 passwords routine function msspro_plain_pass($count) { $pass_arr = 'abcdefghijkmopqrstuvwxyz0123456789'; $plain = ''; for ($i=0; $i<$count; $i++) { $plain .= $pass_arr[rand(0,33)]; } return $plain; } function msspro_crypt_apr_md5($plain, $salt = null) { if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { // win md5 securing if (is_null($salt)) { $salt = msspro_salt(8); } elseif (preg_match('/^\$apr1\$/', $salt)) { $salt = preg_replace('/^\$apr1\$([^$]+)\$.*/', '\\1', $salt); } else { $salt = substr($salt, 0,8); } $length = strlen($plain); $context = $plain . '$apr1$' . $salt; $binary = msspro_hexbin(md5($plain . $salt . $plain)); for ($i = $length; $i > 0; $i -= 16) { $context .= substr($binary, 0, ($i > 16 ? 16 : $i)); } for ( $i = $length; $i > 0; $i >>= 1) { $context .= ($i & 1) ? chr(0) : $plain[0]; } $binary = msspro_hexbin(md5($context)); for($i = 0; $i < 1000; $i++) { $new = ($i & 1) ? $plain : substr($binary, 0,16); if ($i % 3) { $new .= $salt; } if ($i % 7) { $new .= $plain; } $new .= ($i & 1) ? substr($binary, 0,16) : $plain; $binary = msspro_hexbin(md5($new)); } $p = array(); for ($i = 0; $i < 5; $i++) { $k = $i + 6; $j = $i + 12; if ($j == 16) { $j = 5; } $p[] = msspro_to64( (ord($binary[$i]) << 16) | (ord($binary[$k]) << 8) | (ord($binary[$j])), 5 ); } return '$apr1$' . $salt . '$' . implode($p) . msspro_to64(ord($binary[11]), 3); } else { // linux crypt securing return crypt($plain, CRYPT_STD_DES); } } function msspro_salt($length = 2) { $file_passwd_64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; $salt = ''; $length = (int) $length; $length < 2 && $length = 2; for($i = 0; $i < $length; $i++) { $salt .= $file_passwd_64[rand(0, 63)]; } return $salt; } function msspro_hexbin($hex) { $rs = ''; $ln = strlen($hex); for($i = 0; $i < $ln; $i += 2) { $rs .= chr(hexdec($hex{$i} . $hex{$i+1})); } return $rs; } function msspro_to64($value, $count) { $file_passwd_64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; $result = ''; while(--$count) { $result .= $file_passwd_64[$value & 0x3f]; $value >>= 6; } return $result; } function msspro_check_prices($user_id, $payment_amount, $sites_str) { global $database; // getting $sites and $sites_terms $sites = array(); $sites_terms = array(); $sites_all = array(); $sites_all = explode(',',$sites_str); foreach ($sites_all as $site_all) { if (strpos($site_all,'(') === false) { $sites[] = $site_all; $sites_terms[$site_all] = 0; } else { $sites_terms[substr($site_all,0,strpos($site_all,'('))] = str_replace(')','',substr($site_all,strpos($site_all,'(')+1,10000)); } } // getting sites info $sites_mysql_str = implode(',', $sites); $sites_mysql_str = preg_replace('/(.*)\,$/', '$1', $sites_mysql_str); $query = "SELECT * FROM #__mssubscriptionpro_sites WHERE id IN(".$sites_mysql_str.")"; $database->setQuery($query); $rows = $database->loadObjectList(); $sub_total = 0; foreach ($rows as $row) { // getting days number for account_type=5 $row_user_days = $sites_terms[$row->id]; // select init_price if possible if ( !msspro_user_subscribed($row->id, $user_id) && $row->prolong == 1 && $row->account_type > 3 && $row->after_finish == 1 ) { $row->price = $row->init_price; } if ( msspro_subscription_blocked(msspro_user_subscribed($row->id, $user_id)) && !msspro_subscription_paid(msspro_user_subscribed($row->id, $user_id)) && $row->prolong == 1 && $row->account_type > 3 && $row->after_finish==1 && $row->fee_type == 3) { $row->price = $row->init_price; } // check user_days if ($row_user_days < $row->access_days_min || $row_user_days > $row->access_days_max) $row_user_days = $row->access_days_min; // adding sub_total // check for only paid and trial after paid if ($row->fee_type == 2 || ( $row->fee_type == 3 && msspro_subscription_blocked(msspro_user_subscribed($row->id, $user_id)) ) ) { if ($row->account_type != 5) $sub_total += $row->price; else $sub_total += $row->price * $row_user_days; } } if ($payment_amount == $sub_total) return true; else return false; } function msspro_auto_login() { global $database, $acl, $_VERSION, $mainframe, $phpbbdb, $session, $msspro_auto_login_redirect, $mssprouser; $query = "SELECT id FROM #__users WHERE username='".$mssprouser->username."' AND email='".$mssprouser->email."' "; $database->setQuery( $query ); $userid = $database->loadResult(); $query = "SELECT id, name, username, password, usertype, block, gid FROM #__users WHERE id=".$userid; $database->setQuery( $query ); $database->loadObject( $row ); if (is_object($row)) { $grp = $acl->getAroGroup( $row->id ); $row->gid = 1; if ($acl->is_group_child_of( $grp->name, 'Registered', 'ARO' ) || $acl->is_group_child_of( $grp->name, 'Public Backend', 'ARO' )) { $row->gid = 2; } $row->usertype = $grp->name; $session =& $mainframe->_session; $session->guest = 0; $session->username = $row->username; $session->userid = intval( $row->id ); $session->usertype = $row->usertype; $session->gid = intval( $row->gid ); $session->update(); if ( $_VERSION->SITE ) { $query = "DELETE FROM #__session WHERE session_id != '$session->session_id' AND username = '$row->username' AND userid = $row->id AND gid = $row->gid AND guest = 0"; $database->setQuery( $query ); $database->query(); } $currentDate = date("Y-m-d\TH:i:s"); $query = "UPDATE #__users SET lastvisitDate = '$currentDate' WHERE id = $session->userid"; $database->setQuery($query); if (!$database->query()) { die($database->stderr(true)); } mosCache::cleanCache(); } } ?> Father's Time - Product Pricing