key_funcs.php

1. <?php
2. function _BALANCE($user, $type, $mycur) {
3.     global $trans;
4.     global $_TXT;
5.     global $url;
6.     global $input;
7.     global $regexp;
8.     global $match;
9.     global $matches;
10.     global $site_url;
11.     if ($type == "all") {
12.         $finalRefunds = mysql_fetch_row(mysql_query("SELECT SUM(total) FROM xt_trans WHERE tr_by={$user} AND tr_to='8' AND status='rf' AND secondarystatus='refunded' AND currency='{$mycur}'"));
13.         $r1 = mysql_fetch_row(mysql_query("SELECT SUM(total) FROM xt_trans WHERE (status='f' OR status='p' OR status='h') AND (tr_to='{$user}' OR (tr_to='2' AND tr_by='{$user}')) AND currency='{$mycur}'"));
14.         $r1_2 = mysql_fetch_row(mysql_query("SELECT SUM(total) FROM xt_trans WHERE (status='f' OR status='p' OR status='h') AND tr_to='{$user}' AND (tr_by='8' OR tr_by='11') AND transfer_type != 'bal' AND currency='{$Var_936}'"));
15.         $r2 = mysql_fetch_row(mysql_query("SELECT SUM(total) FROM xt_trans WHERE (status='f' OR status='p' OR status='h' OR status='esc' OR status='o') AND transfer_type='bal' AND tr_by={$user} AND system_comment != 'curconverted' AND currency='{$mycur}'"));
16.         $r3 = mysql_fetch_row(mysql_query("SELECT SUM(fees) FROM xt_trans WHERE (status='f' OR status='prf' OR status='rf' OR status='p' OR status='h') AND (tr_to='{$user}' OR (tr_to='2' AND tr_by='{$user}')) AND currency='{$mycur}'"));
17.         $r4 = mysql_fetch_row(mysql_query("SELECT SUM(total) FROM xt_trans WHERE (status='f' OR status='i') AND (tr_to='3' AND tr_by='{$user}') AND currency='{$mycur}' AND secondarystatus != 'converted'"));
18.         $r5 = mysql_fetch_row(mysql_query("SELECT SUM(total),extended_comment FROM xt_trans WHERE (status='prf' OR status='rf') AND ((tr_by='11' OR tr_by='8') AND tr_to='{$user}') AND currency='{$mycur}' AND transfer_type='bal'"));
19.         $r6 = mysql_fetch_row(mysql_query("SELECT SUM(total) FROM xt_trans WHERE id='{$r5[1]}' AND (status='prf' OR status='rf') AND tr_by='{$user}' AND currency='{$mycur}' AND transfer_type='bal'"));
20.         $r7 = mysql_fetch_row(mysql_query("SELECT SUM(total),extended_comment FROM xt_trans WHERE (status='prf' OR status='rf') AND ((tr_to='11' OR tr_to='8') AND tr_by='{$Var_1992}') AND currency='{$mycur}'"));
21.         return $r1[0] - $r1_2[0] - $r2[0] - $r3[0] - $r4[0] - $r6[0] - $r7[0] - $finalRefunds[0];
22.     }
23.     if ($type == "reserve") {
24.         $resBalance = mysql_fetch_row(mysql_query("SELECT SUM(amount) FROM reserve_hold WHERE released='f' AND user={$user} AND currency='{$mycur}'"));
25.         return $resBalance[0];
26.     }
27.     if ($type == "available") {
28.         $resBalance = mysql_fetch_row(mysql_query("SELECT SUM(held_amount) FROM xt_reserves WHERE released='f' AND user={$user} AND currency='{$mycur}'"));
29.         $pendingRefunds = mysql_fetch_row(mysql_query("SELECT SUM(total) FROM xt_trans WHERE tr_by={$user} AND tr_to='11' AND status='prf' AND secondarystatus='refunded' AND currency=''"));
30.         return _BALANCE($user, all, $mycur) - $pendingRefunds[0] - $resBalance[0];
31.     }
32.     if ($type == "side") {
33.         $endDate = $trans->date;
34.         $optional = " AND pending=0";
35.         $r1 = mysql_fetch_row(mysql_query("SELECT SUM(total) FROM xt_trans WHERE (status='f' OR status='p' OR status='h') AND date <= '{$endDate}' AND (tr_to='{$user}' OR (tr_to='2' AND tr_by='{$user}')) AND currency='{$mycur}'"));
36.         $r2 = mysql_fetch_row(mysql_query("SELECT SUM(total) FROM xt_trans WHERE (status='f' OR status='p' OR status='h' OR status='esc') AND date <= '{$endDate}' AND transfer_type='bal' AND tr_by='{$user}' AND currency='{$mycur}'"));
37.         $r3 = mysql_fetch_row(mysql_query("SELECT SUM(fees) FROM xt_trans WHERE (status='f' OR status='p' OR status='h') AND date <= '{$endDate}' AND (tr_to='{$user}' OR (tr_to='2' AND tr_by='{$user}')) AND currency='{$mycur}'"));
38.         $r4 = mysql_fetch_row(mysql_query("SELECT SUM(total) FROM xt_trans WHERE (status='f' OR status='i') AND date <= '{$endDate}' AND ((tr_to='3' AND tr_by='{$user}')) AND currency='{$mycur}'"));
39.         return $r1[0] - $r2[0] - $r3[0] - $r4[0];
40.     }
41. }
42. function TR_MONEY($by, $to, $amount, $fee, $status, $chargetocurrency, $debug) {
43.     global $_TXT;
44.     global $sales_tax;
45.     global $send_i;
46.     global $send_r;
47.     global $referral_payout;
48.     global $affil_on;
49.     global $_POST;
50.     global $user;
51.     global $ccID;
52.     global $data;
53.     global $a_resheld;
54.     global $a_reshper;
55.     global $_SESSION;
56.     global $a_reshdays;
57.     global $isSubscription;
58.     global $myrow;
59.     global $_REQUEST;
60.     global $_trans_id;
61.     global $_SESSION;
62.     global $curtrans;
63.     global $newconvert;
64.     global $_CHARGE_TOTAL;
65.     global $tr_percent;
66.     global $tr_flat;
67.     global $key1;
68.     global $key2;
69.     global $origconvamount;
70.     global $_trans_key;
71.     $key1 = GENERATE_ID("ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789", "12");
72.     $origconvamount = _ADMIN_SHOW("xt_config_currency WHERE id='{$chargetocurrency}'", cur_convert);
73.     $trans = DB_ADD("xt_trans SET transnum='{$key1}', tr_by='{$by}',tr_to='{$to}',date=NOW(),total='{$amount}',cur_total='{$_REQUEST['cur_total']}',status='{$status}',currency='{$chargetocurrency}',fees='{$fee}',shipAddy='{$_REQUEST['ship_to']}',cart_item='{$_REQUEST['cart_item']}',payment_for='{$_REQUEST['payment_for']}',transfer_type='{$_REQUEST['funding']}',user_comment='" . addslashes($_REQUEST['memo']) . "',trtype_id='{$_REQUEST['fund_id']}',system_comment='{$_REQUEST['system_comment']}',extended_comment='{$_REQUEST['extended_comment']}',ccgwtransid='{$_REQUEST['ccgwtransid']}',origtransid='{$_REQUEST['origtransid']}',secondarystatus='{$_REQUEST['secondarystatus']}',origconvertion='{$origconvamount}',transrefid='{$_REQUEST['transrefid']}'", $debug);
74.     $trans = 1;
75.     $_trans_id = mysql_insert_id();
76.     $_trans_key = $key1;
77.     $_REQUEST['default_currency'] = _ADMIN_SHOW("xt_config_currency WHERE cur_default='t' AND cur_status='t' ORDER BY id ASC LIMIT 1", id);
78.     if ($_REQUEST['default_currency'] != $chargetocurrency) {
79.         $newconvert = _CONVERT_CURRENCY($amount, $chargetocurrency, $_REQUEST['default_currency']);
80.         if (_ADMIN_SHOW("xt_members WHERE id='{$to}'", account_type) == "per") {
81.             $tr_flat = _GET_TRFEE(per_flat, $_REQUEST['default_currency']);
82.             $tr_percent = _GET_TRFEE(per_percent, $_REQUEST['default_currency']);
83.         } else if (_ADMIN_SHOW("xt_members WHERE id='{$to}'", account_type) == "biz") {
84.             $tr_flat = _GET_TRFEE(bus_flat, $_REQUEST['default_currency']);
85.             $tr_percent = _GET_TRFEE();
86.         } else if (_ADMIN_SHOW("xt_members WHERE id='{$to}'", account_type) == "pre") {
87.             $tr_flat = _GET_TRFEE(pre_flat, $_REQUEST['default_currency']);
88.             $tr_percent = _GET_TRFEE();
89.         }
90.         $fee = TR_FEE($_CHARGE_TOTAL, $tr_percent, $tr_flat);
91.         $key2 = GENERATE_ID("ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789", "12");
92.         $origconvamount = _ADMIN_SHOW("xt_config_currency WHERE id='{$Var_4824['default_currency']}'", cur_convert);
93.         $trans = DB_ADD("xt_trans SET transnum='{$key2}', tr_by='{$by}',tr_to='{$to}',date=NOW(),total='{$_CHARGE_TOTAL}',cur_total='{$_REQUEST['cur_total']}',status='i',currency='{$_REQUEST['default_currency']}',fees='{$fee}',shipAddy='{$_REQUEST['ship_to']}',cart_item='{$_REQUEST['cart_item']}',payment_for='{$_REQUEST['payment_for']}',transfer_type='{$_REQUEST['funding']}',user_comment='" . addslashes($_REQUEST['memo']) . "',trtype_id='{$_REQUEST['fund_id']}',system_comment='{$_REQUEST['system_comment']}',extended_comment='{$_REQUEST['extended_comment']}',ccgwtransid='{$_REQUEST['ccgwtransid']}',origtransid='{$_trans_id}',secondarystatus='converted',origconvertion='{$origconvamount}',transrefid='{$_REQUEST['transrefid']}'", $debug);
94.     }
95.     return $_trans_id;
96. }
97. function CONVERT_MONEY($by, $to, $amount, $fee, $status, $chargetocurrency, $debug) {
98.     global $_TXT;
99.     global $sales_tax;
100.     global $send_i;
101.     global $send_r;
102.     global $referral_payout;
103.     global $affil_on;
104.     global $_POST;
105.     global $user;
106.     global $ccID;
107.     global $data;
108.     global $a_resheld;
109.     global $a_reshper;
110.     global $_SESSION;
111.     global $a_reshdays;
112.     global $isSubscription;
113.     global $myrow;
114.     global $_REQUEST;
115.     global $_trans_id;
116.     global $_SESSION;
117.     global $curtrans;
118.     global $newconvert;
119.     global $_CHARGE_TOTAL;
120.     global $tr_percent;
121.     global $tr_flat;
122.     global $key2;
123.     global $_convert_id;
124.     $key2 = GENERATE_ID("ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789", "12");
125.     $origconvamount = _ADMIN_SHOW("xt_config_currency WHERE id='{$chargetocurrency}'", cur_convert);
126.     $trans = DB_ADD($Tmp_69 . "xt_trans SET transnum='{$key2}',tr_by='{$by}',tr_to='{$to}',date=NOW(),total='{$amount}',cur_total='{$_REQUEST['conver_cur_total']}',status='{$status}',currency='{$chargetocurrency}',fees='{$fee}',shipAddy='{$_REQUEST['conver_ship_to']}',cart_item='{$_REQUEST['conver_cart_item']}',payment_for='{$_REQUEST['conver_payment_for']}',transfer_type='{$_REQUEST['conver_funding']}',user_comment='" . addslashes($_REQUEST['conver_memo']) . "',trtype_id='{$_REQUEST['conver_fund_id']}',system_comment='{$_REQUEST['conver_system_comment']}',extended_comment='{$_REQUEST['conver_extended_comment']}',ccgwtransid='{$_REQUEST['conver_ccgwtransid']}',origtransid='{$_REQUEST['conver_origtransid']}',secondarystatus='{$_REQUEST['conver_secondarystatus']}',origconvertion='{$origconvamount}',transrefid='{$_REQUEST['transrefid']}'", $debug);
127.     $trans = 1;
128.     $_convert_id = mysql_insert_id();
129.     return $_convert_id;
130. }
131. function hexBin($data) {
132.     $len = strlen($data);
133.     return pack("H" . $len, $data);
134. }
135. function _encryptLIC($theString) {
136.     global $_TXT;
137.     global $cckey;
138.     global $encrypted_string;
139.     global $cipher_alg;
140.     global $iv;
141.     $cckey = "301778a94a97f1441c6fc56112e92000";
142.     $cipher_alg = MCRYPT_RIJNDAEL_256;
143.     $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher_alg, MCRYPT_MODE_ECB), MCRYPT_RAND);
144.     $encrypted_string = mcrypt_encrypt($cipher_alg, $cckey, $theString, MCRYPT_MODE_CBC, $iv);
145.     return bin2hex($iv) . bin2hex($encrypted_string);
146. }
147. function _decryptLIC($theString) {
148.     global $_TXT;
149.     global $cckey;
150.     global $encrypted_string;
151.     global $cipher_alg;
152.     global $iv;
153.     $cckey = "301778a94a97f1441c6fc56112e92000";
154.     if (strlen($theString) < 1) {
155.         return "<font color=red>Unable to decrypt string. [error: 0314]</font>";
156.     }
157.     $iv = substr($theString, 0, 64);
158.     $theStringwoiv = substr($theString, 64);
159.     $cipher_alg = MCRYPT_RIJNDAEL_256;
160.     $theStringBin = hexbin($theStringwoiv);
161.     return mcrypt_decrypt($cipher_alg, $cckey, $theStringBin, MCRYPT_MODE_CBC, hexbin($iv));
162. }
163. function _encryptPW($theString) {
164.     global $_TXT;
165.     global $cckey;
166.     global $encrypted_string;
167.     global $cipher_alg;
168.     global $iv;
169.     $cckey = "deiwlksdf5e485w1dsf2s58wlsdlkwoielsdflkweingf2859045lsfnlsdiw93p";
170.     $cipher_alg = MCRYPT_RIJNDAEL_256;
171.     $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher_alg, MCRYPT_MODE_ECB), MCRYPT_RAND);
172.     $encrypted_string = mcrypt_encrypt($cipher_alg, $cckey, $theString, MCRYPT_MODE_CBC, $iv);
173.     return bin2hex($iv) . bin2hex($encrypted_string);
174. }
175. function _decryptPW($theString) {
176.     global $_TXT;
177.     global $cckey;
178.     global $encrypted_string;
179.     global $cipher_alg;
180.     global $iv;
181.     $cckey = "deiwlksdf5e485w1dsf2s58wlsdlkwoielsdflkweingf2859045lsfnlsdiw93p";
182.     if (strlen($theString) < 1) {
183.         return "<font color=red>Unable to decrypt string. [error: 0311]</font>";
184.     }
185.     $iv = substr($theString, 0, 64);
186.     $theStringwoiv = substr($theString, 64);
187.     $cipher_alg = MCRYPT_RIJNDAEL_256;
188.     $theStringBin = hexbin($theStringwoiv);
189.     return mcrypt_decrypt($cipher_alg, $cckey, $theStringBin, MCRYPT_MODE_CBC, hexbin($iv));
190. }
191. function _encryptData($theString) {
192.     global $_TXT;
193.     global $cckey;
194.     global $encrypted_string;
195.     global $cipher_alg;
196.     global $iv;
197.     $cckey = "R13C7EN3UVFRWDG5T5EHMLFZ4FWO4JAVKD8QSVSMR9DOMUSGY8XLSDKVTGKW1VRK";
198.     $cipher_alg = MCRYPT_RIJNDAEL_256;
199.     $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher_alg, MCRYPT_MODE_ECB), MCRYPT_RAND);
200.     $encrypted_string = mcrypt_encrypt($cipher_alg, $cckey, $theString, MCRYPT_MODE_CBC, $iv);
201.     return bin2hex($iv) . bin2hex($encrypted_string);
202. }
203. function _decryptData($theString) {
204.     global $_TXT;
205.     global $cckey;
206.     global $encrypted_string;
207.     global $cipher_alg;
208.     global $iv;
209.     $cckey = "R13C7EN3UVFRWDG5T5EHMLFZ4FWO4JAVKD8QSVSMR9DOMUSGY8XLSDKVTGKW1VRK";
210.     if (strlen($theString) < 1) {
211.         return "<font color=red>Unable to decrypt string. [error: 0311]</font>";
212.     }
213.     $iv = substr();
214.     $theStringwoiv = substr($theString, 64);
215.     $cipher_alg = MCRYPT_RIJNDAEL_256;
216.     $theStringBin = hexbin($theStringwoiv);
217.     return mcrypt_decrypt($cipher_alg, $cckey, $theStringBin, MCRYPT_MODE_CBC, hexbin($iv));
218. }
219. function _bankEncrypt($theString) {
220.     global $_TXT;
221.     global $cckey;
222.     global $encrypted_string;
223.     global $cipher_alg;
224.     global $iv;
225.     $cckey = "mmvtd6ssnxe7bm08nvr7myzw461005nlh06l5o4ib8fcke0x1qucfkz9fq8eklqs";
226.     $cipher_alg = MCRYPT_RIJNDAEL_256;
227.     $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher_alg, MCRYPT_MODE_ECB), MCRYPT_RAND);
228.     $encrypted_string = mcrypt_encrypt($cipher_alg, $cckey, $theString, MCRYPT_MODE_CBC, $iv);
229.     return bin2hex($iv) . bin2hex($encrypted_string);
230. }
231. function _bankDecrypt($theString) {
232.     global $_TXT;
233.     global $cckey;
234.     global $encrypted_string;
235.     global $cipher_alg;
236.     global $iv;
237.     $cckey = "mmvtd6ssnxe7bm08nvr7myzw461005nlh06l5o4ib8fcke0x1qucfkz9fq8eklqs";
238.     if (strlen($theString) < 1) {
239.         return "<font color=red>Unable to decrypt string. [error: 0311]</font>";
240.     }
241.     $iv = substr($theString, 0, 64);
242.     $theStringwoiv = substr($theString, 64);
243.     $cipher_alg = MCRYPT_RIJNDAEL_256;
244.     $theStringBin = hexbin($theStringwoiv);
245.     return mcrypt_decrypt($cipher_alg, $cckey, $theStringBin, MCRYPT_MODE_CBC, hexbin($iv));
246. }
247. function _ccEncrypt($theString) {
248.     global $_TXT;
249.     global $cckey;
250.     global $encrypted_string;
251.     global $cipher_alg;
252.     global $iv;
253.     $cckey = "74655255d1c61fcb9db237785005807db5720c965d449214859c46579d636491";
254.     $cipher_alg = MCRYPT_RIJNDAEL_256;
255.     $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher_alg, MCRYPT_MODE_ECB), MCRYPT_RAND);
256.     $encrypted_string = mcrypt_encrypt($cipher_alg, $cckey, $theString, MCRYPT_MODE_CBC, $iv);
257.     return bin2hex($iv) . bin2hex($encrypted_string);
258. }
259. function _ccDecrypt($theString) {
260.     global $_TXT;
261.     global $cckey;
262.     global $encrypted_string;
263.     global $cipher_alg;
264.     global $iv;
265.     $cckey = "74655255d1c61fcb9db237785005807db5720c965d449214859c46579d636491";
266.     if (strlen($theString) < 1) {
267.         return "<font color=red>Unable to decrypt string. [error: 0211]</font>";
268.     }
269.     $iv = substr($theString, 0, 64);
270.     $theStringwoiv = substr($theString, 64);
271.     $cipher_alg = MCRYPT_RIJNDAEL_256;
272.     $theStringBin = hexbin($theStringwoiv);
273.     return mcrypt_decrypt($cipher_alg, $cckey, $theStringBin, MCRYPT_MODE_CBC, hexbin($iv));
274. }
275. function _formEncrypt($theString) {
276.     global $_TXT;
277.     global $cckey;
278.     global $encrypted_string;
279.     global $cipher_alg;
280.     global $iv;
281.     $cckey = "74655255d1c61fcb9db237785005807db5720c965d449214859c46579d636491";
282.     $iv = mcrypt_create_iv(mcrypt_get_iv_size($cipher_alg, MCRYPT_MODE_ECB), MCRYPT_RAND);
283.     $encrypted_string = mcrypt_encrypt($cipher_alg, $cckey, $theString, MCRYPT_MODE_CBC, $iv);
284.     return bin2hex($iv) . bin2hex($encrypted_string);
285. }
286. function _formDecrypt($theString) {
287.     global $_TXT;
288.     global $cckey;
289.     global $encrypted_string;
290.     global $cipher_alg;
291.     global $iv;
292.     $cckey = "74655255d1c61fcb9db237785005807db5720c965d449214859c46579d636491";
293.     if (strlen($theString) < 1) {
294.         return "<font color=red>Unable to decrypt string. [error: 0211]</font>";
295.     }
296.     $iv = substr($theString, 0, 64);
297.     $theStringwoiv = substr($theString, 64);
298.     $cipher_alg = MCRYPT_RIJNDAEL_256;
299.     $theStringBin = hexbin($theStringwoiv);
300.     return mcrypt_decrypt($cipher_alg, $cckey, $theStringBin, MCRYPT_MODE_CBC, hexbin($iv));
301. }
302. function _validateCC($cardnumber, $cardname, &$errornumber, &$errortext) {
303.     $cards = array(array("name" => "American Express", "length" => "15", "prefixes" => "34,37", "checkdigit" => true), array("name" => "Carte Blanche", "length" => "14", "prefixes" => "300,301,302,303,304,305,36,38", "checkdigit" => true), array("name" => "Diners Club", "length" => "14", "prefixes" => "300,301,302,303,304,305,36,38", "checkdigit" => true), array("name" => "Discover", "length" => "16", "prefixes" => "6011", "checkdigit" => true), array("name" => "Enroute", "length" => "15", "prefixes" => "2014,2149", "checkdigit" => true), array("name" => "JCB", "length" => "15,16", "prefixes" => "3,1800,2131", "checkdigit" => true), array("name" => "Maestro", "length" => "16", "prefixes" => "5020,6", "checkdigit" => true), array("name" => "MasterCard", "length" => "16", "prefixes" => "51,52,53,54,55", "checkdigit" => true), array("name" => "Solo", "length" => "16,18,19", "prefixes" => "6334, 6767", "checkdigit" => true), array("name" => "Switch", "length" => "16,18,19", "prefixes" => "4903,4905,4911,4936,564182,633110,6333,6759", "checkdigit" => true), array("name" => "Visa", "length" => "13,16", "prefixes" => "4", "checkdigit" => true), array("name" => "Visa Electron", "length" => "16", "prefixes" => "417500,4917,4913", "checkdigit" => true));
304.     $ccErrorNo = 0;
305.     $ccErrors[0] = "Unknown card type";
306.     $ccErrors[1] = "No card number provided";
307.     $ccErrors[2] = "Credit card number has invalid format";
308.     $ccErrors[3] = "Credit card number is invalid";
309.     $ccErrors[4] = "Credit card number is wrong length";
310.     $cardType = 0 - 1;
311.     $i = 0;
312.     while ($i < sizeof($cards)) {
313.         if (strtolower($cardname) == strtolower($cards[$i]['name'])) {
314.             $cardType = $i;
315.             break;
316.         }
317.         ++$i;
318.     }
319.     if ($cardType == 0 - 1) {
320.         $errornumber = 0;
321.         $Var_1800 = $ccErrors[$errornumber];
322.         return false;
323.     }
324.     if (strlen($cardnumber) == 0) {
325.         $errornumber = 1;
326.         $errortext = $ccErrors[$errornumber];
327.         return false;
328.     }
329.     $cardNo = str_replace(" ", "", $cardnumber);
330.     if (!eregi("^[0-9]{13,19}\$", $cardNo)) {
331.         $errornumber = 2;
332.         $errortext = $ccErrors[$errornumber];
333.         return false;
334.     }
335.     if ($cards[$cardType]['checkdigit']) {
336.         $checksum = 0;
337.         $mychar = "";
338.         $j = 1;
339.         $i = strlen($cardNo) - 1;
340.         while (0 <= $i) {
341.             $calc = $Var_3096 * $j;
342.             if (9 < $calc) {
343.                 $checksum = $checksum + 1;
344.                 $calc = $calc - 10;
345.             }
346.             $checksum = $checksum + $calc;
347.             if ($j == 1) {
348.                 $j = 2;
349.             } else {
350.                 $j = 1;
351.             }
352.             --$i;
353.         }
354.         if ($checksum % 10 != 0) {
355.             $errornumber = 3;
356.             $errortext = $ccErrors[$errornumber];
357.             return false;
358.         }
359.     }
360.     $prefix = split(",", $cards[$cardType]['prefixes']);
361.     $PrefixValid = false;
362.     $i = 0;
363.     while ($Var_4248 < sizeof($prefix)) {
364.         $exp = "^" . $prefix[$i];
365.         if (ereg($exp, $cardNo)) {
366.             $PrefixValid = true;
367.             break;
368.         }
369.         ++$i;
370.     }
371.     if (!$PrefixValid) {
372.         $errornumber = 3;
373.         $errortext = $ccErrors[$errornumber];
374.         return false;
375.     }
376.     $LengthValid = false;
377.     $lengths = split(",", $cards[$cardType]['length']);
378.     $j = 0;
379.     while ($j < sizeof($lengths)) {
380.         if (strlen($cardNo) == $lengths[$j]) {
381.             $LengthValid = true;
382.             break;
383.         }
384.         ++$j;
385.     }
386.     if (!$LengthValid) {
387.         $errornumber = 4;
388.         $errortext = $ccErrors[$errornumber];
389.         return false;
390.     }
391.     return true;
392. }
393. function _ifExists($do, $string) {
394.     global $_TXT;
395.     global $resultcc;
396.     global $myrow;
397.     global $data;
398.     if ($do == "cc") {
399.         $resultcc = mysql_query("SELECT * FROM xt_cc");
400.         do {
401.             if (!($myrow = mysql_fetch_array())) {
402.                 break;
403.             } else {
404.                 $myrow['ccNum'] = trim(_ccdecrypt($myrow['ccNum']));
405.             }
406.         }
407.         while (!($myrow['ccNum'] == $string));
408.         return 1;
409.     }
410.     if ($do == "bank") {
411.         $resultbank = mysql_query("SELECT * FROM xt_banks");
412.         do {
413.             if (!($mybank = mysql_fetch_array($resultbank))) {
414.                 break;
415.             } else {
416.                 $mybank['acct'] = trim(_bankdecrypt($mybank['acct']));
417.             }
418.         }
419.         while (!($mybank['acct'] == $string));
420.         return 1;
421.     }
422. }
423. function _showIndividuals($user, $what, $id, $option, $dec) {
424.     global $_TXT;
425.     global $cards;
426.     global $cards1;
427.     global $ccType;
428.     global $ccString;
429.     global $bank;
430.     global $bank1;
431.     global $bankString;
432.     if ($what == "card") {
433.         $cards1 = mysql_query("SELECT * FROM xt_cc WHERE user='{$user}' AND id='{$id}'");
434.         $cards = mysql_fetch_object($Var_720);
435.         if ($dec == "f") {
436.             $ccString = trim(_ccdecrypt($cards->ccNum));
437.         } else {
438.             $ccString = trim(_ccdecrypt($cards->ccNum));
439.             $ccString = substr($ccString, 0, 1) . XXXX . substr($ccString, 0 - 2, 2);
440.         }
441.         $ccType = $cards->ccType;
442.         if ($option) {
443.             return "{$ccType} {$ccString}";
444.         }
445.         return "{$ccString}";
446.     }
447.     if ($what == "bank") {
448.         $bank1 = mysql_query("SELECT * FROM xt_banks WHERE user='{$user}' AND id='{$id}'");
449.         $bank = mysql_fetch_object($bank1);
450.         if ($dec == "f") {
451.             $bankString = trim(_bankdecrypt($bank->acct));
452.         } else {
453.             $bankString = trim(_bankdecrypt($bank->acct));
454.             $bankString = substr($bankString, 0, 1) . XX . substr($bankString, 0 - 2, 2);
455.         }
456.         if ($option) {
457.             return "{$bank->bank_name} {$bankString}";
458.         }
459.         return "{$bankString}";
460.     }
461. }
462. function _showIndividuals_ADMIN($user, $what, $id, $option, $dec) {
463.     global $_TXT;
464.     global $cards;
465.     global $cards1;
466.     global $ccType;
467.     global $ccString;
468.     global $bank;
469.     global $bank1;
470.     global $bankString;
471.     if ($what == "card") {
472.         $cards1 = mysql_query("SELECT * FROM xt_cc WHERE id='{$id}'");
473.         $cards = mysql_fetch_object($cards1);
474.         if ($dec == "f") {
475.             $ccString = trim(_ccdecrypt($cards->ccNum));
476.         } else {
477.             $ccString = trim(_ccdecrypt($cards->ccNum));
478.             $ccString = substr($ccString, 0, 1) . XXXX . substr($ccString, 0 - 2, 2);
479.         }
480.         $ccType = $cards->ccType;
481.         if ($option) {
482.             return "{$ccType} {$ccString}";
483.         }
484.         return "{$ccString}";
485.     }
486.     if ($what == "bank") {
487.         $bank1 = mysql_query("SELECT * FROM xt_banks WHERE id='{$id}'");
488.         $bank = mysql_fetch_object($bank1);
489.         if ($dec == "f") {
490.             $bankString = trim(_bankdecrypt($bank->acct));
491.         } else {
492.             $bankString = trim(_bankdecrypt($bank->acct));
493.             $bankString = substr($bankString, 0, 1) . XX . substr($bankString, 0 - 2, 2);
494.         }
495.         if ($option) {
496.         }
497.         return "{$bankString}";
498.     }
499. }
500. function _GETMYID($t, $what) {
501.     global $_TXT;
502.     $show = mysql_fetch_object(mysql_query("SELECT * FROM xt_emails WHERE email='{$t}' LIMIT 1"));
503.     return $show->$what;
504. }
505. function _GETIDNAME($t, $what, $showemail) {
506.     global $_TXT;
507.     global $fname;
508.     global $lname;
509.     global $email;
510.     global $company;
511.     global $show;
512.     global $showemail;
513.     global $_ustatus;
514.     global $showemail;
515.     $show = mysql_fetch_object(mysql_query("SELECT * FROM xt_members WHERE id='{$t}' LIMIT 1"));
516.     if (_USERTATS($t) == "u") {
517.         $_ustatus = "{$_TXT['global_unverified']}";
518.     } else if (_USERTATS($t) == "v") {
519.         $_ustatus = "{$_TXT['global_verified']}";
520.     } else {
521.         $_ustatus = $_TXT['global_unregisterd'];
522.     }
523.     if ($show->account_type == "per") {
524.         $fname = _ADMIN_SHOW("xt_personal WHERE user='{$t}'", fname);
525.         $lname = _ADMIN_SHOW("xt_personal WHERE user='{$t}'", lname);
526.         if ($showemail) {
527.             $email = _ADMIN_SHOW("xt_members WHERE id='{$t}'", email);
528.             $showemail = "({$email})";
529.         }
530.         if ($what) {
531.             return "<a href='show.php?inc=member&mid=" . $show->user_unique . "" . $show->id . "' target=_blank>{$fname} {$lname}</a> {$_ustatus} " . _ACCOUNT_RATING() . " {$showemail}";
532.         }
533.         return "{$fname} {$lname} {$_ustatus} {$showemail}";
534.     }
535.     if ($show->account_type == "biz" || $show->account_type == "pre") {
536.         $company = _ADMIN_SHOW("xt_company WHERE user='{$t}'", company);
537.         if ($showemail) {
538.             $email = _ADMIN_SHOW("xt_company WHERE user='{$t}'", email);
539.             $showemail = "({$email})";
540.         }
541.         if ($what) {
542.             return "<a href='show.php?inc=member&mid=" . $show->user_unique . "" . $show->id . "' target=_blank>{$company}</a> {$_ustatus} " . _ACCOUNT_RATING($show->id) . " {$showemail}";
543.         }
544.         return "{$company} {$_ustatus} {$showemail}";
545.     }
546.     return "{$_REQUEST['showthisemail']} {$_ustatus}";
547. }
548. function TR_FEE($x, $y, $z) {
549.     global $_TXT;
550.     return round($x * $y / 100, 2) + $z;
551. }
552. function _ROUTE($routing, $what) {
553.     global $_TXT;
554.     $show = mysql_fetch_object(mysql_query("SELECT * FROM xt_fedrouting WHERE routing='{$routing}'"));
555.     return $show->$what;
556. }
557. function _POSTAL($postal, $what) {
558.     global $_TXT;
559.     $show = mysql_fetch_object(mysql_query("SELECT * FROM xt_countryzip WHERE postal='{$postal}'"));
560.     return $show->$what;
561. }
562. function _SHOWCOUNTRIES($what, $selected) {
563.     global $_TXT;
564.     global $countries;
565.     $countries1 = mysql_query("SELECT * FROM xt_countrylist WHERE status='{$what}' ORDER BY country ASC");
566.     while ($countries = mysql_fetch_object($countries1)) {
567.         echo "<option value=\"{$countries->country}\"";
568.         if ($selected == $countries->country) {
569.             echo " SELECTED";
570.         }
571.         echo ">{$countries->country}</option>";
572.     }
573. }
574. function _SHOWCALLINGCODES($what, $selected) {
575.     global $_TXT;
576.     global $countries;
577.     $countries1 = mysql_query("SELECT * FROM xt_countrylist WHERE status='{$what}' ORDER BY calling_code ASC");
578.     while ($countries = mysql_fetch_object($countries1)) {
579.         echo "<option value=\"{$countries->calling_code}\"";
580.         if ($Var_432 == $countries->country) {
581.             echo " SELECTED";
582.         }
583.         echo ">+{$countries->calling_code}</option>";
584.     }
585. }
586. function _incrementTries($type, $id) {
587.     global $_TXT;
588.     global $data;
589.     global $increment;
590.     if ($type == "bank") {
591.         $update1 = "UPDATE xt_banks SET tries=tries+ WHERE id='{$id}' LIMIT 1";
592.         DB_UPDATE("{$update1}", 0);
593.     }
594.     if ($type == "cc") {
595.         $update1 = "UPDATE xt_cc SET tries=tries+ WHERE id='{$id}' LIMIT 1";
596.         DB_UPDATE("{$update1}", 0);
597.     }
598. }
599. function _DISPLAY_CUR($cur, $type) {
600.     global $_TXT;
601.     global $currency_0;
602.     global $currency_1;
603.     global $_SESSION;
604.     $currency_0 = _ADMIN_SHOW("xt_config_currency WHERE id='{$cur}'", cur_symbol);
605.     $currency_1 = _ADMIN_SHOW("xt_config_currency WHERE id='{$cur}'", cur_code);
606.     if ($type) {
607.     }
608.     return $currency_0;
609. }
610. function _CREATE_SUBS($user, $duration, $freq, $freq_end, $_trans_id) {
611.     global $_TXT;
612.     global $freq_add;
613.     global $interval;
614.     global $key1;
615.     if ($duration == "d") {
616.         $interval = $freq * 1;
617.         $interval = "{$interval} DAY";
618.     }
619.     if ($duration == "w") {
620.         $interval = $freq * 7;
621.         $interval = "{$interval} DAY";
622.     }
623.     if ($duration == "m") {
624.         $interval = $freq * 30;
625.         $interval = "{$interval} DAY";
626.     }
627.     if ($duration == "y") {
628.         $when = $freq * 363;
629.         $interval = "{$interval} DAY";
630.     }
631.     $key1 = GENERATE_ID("ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789", "12");
632.     $freq_add = "xt_subs SET uniqueid='{$key1}', user='{$user}',trans_id='{$_trans_id}',duration='{$duration}',freq='{$freq}',start=NOW(),next=(NOW() + INTERVAL {$interval}),charge='0', end='{$freq_end}',status='t'";
633.     DB_ADD($freq_add, 0);
634. }
635. function _GETCBSTATUS($cb, $t, $what) {
636.     global $_TXT;
637.     $show = mysql_fetch_object(mysql_query("SELECT * FROM {$cb} WHERE id='{$t}' LIMIT 1"));
638.     return $show->$what;
639. }
640. function _showTransPage($start, $end) {
641.     global $data;
642.     global $trans1;
643.     global $trans;
644.     global $sentby;
645.     global $tr_status;
646.     global $tr_email;
647.     global $tr_balanceside;
648.     global $tr_ttotal;
649.     global $tr_gemail;
650.     global $user;
651.     global $_SESSION;
652.     global $memberlogo;
653.     global $logoid;
654.     global $_TXT;
655.     global $thiscurrency;
656.     global $thistrtype;
657.     $trans2 = "SELECT * \nFROM `xt_trans` \n(tr_by='{$data->id}' OR tr_to='{$data->id}') AND status != 'sms_p' AND secondarystatus != 'converted' AND 'date' LIKE '{$start} %:%:%' ORDER BY id ASC";
658.     if (!$start || !$end) {
659.         $trans1 = mysql_query($Tmp_47 . "SELECT * FROM xt_trans WHERE (tr_by='{$data->id}' OR tr_to='{$data->id}') AND status != 'sms_p' AND secondarystatus != 'converted' ORDER BY id DESC LIMIT 0,10");
660.         $count_trans = mysql_num_rows(mysql_query("SELECT * FROM xt_trans WHERE (tr_by='{$data->id}' OR tr_to='{$data->id}') AND status != 'sms_p' AND secondarystatus != 'converted' ORDER BY id DESC LIMIT 0,10"));
661.     } else {
662.         if (0 < $_REQUEST['currency']) {
663.             $thiscurrency = "AND currency='{$_REQUEST['currency']}'";
664.         }
665.         if (0 <= $_REQUEST['transtype']) {
666.             if ($_REQUEST['transtype'] == 1000) {
667.                 $thistrtype = "AND (tr_by > 1000 AND tr_to > 1000)";
668.             } else if ($_REQUEST['transtype'] == "0") {
669.                 $thistrtype = "AND (status='mreq' OR status='c' AND payment_for='mreq')";
670.             } else if ($_REQUEST['transtype'] == "1") {
671.                 $thistrtype = "AND tr_to='1'";
672.             } else if ($_REQUEST['transtype'] == "2") {
673.                 $thistrtype = "AND (tr_to='2' OR tr_by='2')";
674.             } else if ($_REQUEST['transtype'] == "3") {
675.                 $thistrtype = "AND (tr_to='3' OR tr_by='3')";
676.             } else if ($_REQUEST['transtype'] == "4") {
677.                 $thistrtype = "AND (tr_to='4' OR tr_by='4')";
678.             } else if ($_REQUEST['transtype'] == "5") {
679.                 $thistrtype = "AND tr_by='5'";
680.             } else if ($_REQUEST['transtype'] == "6") {
681.                 $thistrtype = "AND tr_by='6'";
682.             } else if ($_REQUEST['transtype'] == "7") {
683.                 $thistrtype = "AND (tr_to='7' OR tr_by='7')";
684.             } else if ($_REQUEST['transtype'] == "8") {
685.                 $thistrtype = "AND (tr_to='8' OR tr_by='8')";
686.             } else if ($_REQUEST['transtype'] == "9") {
687.                 $thistrtype = "AND (tr_to='9' OR tr_by='9')";
688.             } else if ($_REQUEST['transtype'] == "10") {
689.                 $thistrtype = "AND (tr_to='10' OR tr_by='10')";
690.             } else if ($_REQUEST['transtype'] == "11") {
691.                 $thistrtype = "AND (tr_to='11' OR tr_by='11')";
692.             } else if ($_REQUEST['transtype'] == "13") {
693.                 $thistrtype = "AND (tr_to='13' OR tr_by='13')";
694.             } else if ($_REQUEST['transtype'] == "14") {
695.                 $thistrtype = "AND tr_by='14'";
696.             } else if ($_REQUEST['transtype'] == "15") {
697.                 $thistrtype = "AND tr_by='15'";
698.             }
699.         }
700.         $trans1 = mysql_query("SELECT * FROM xt_trans WHERE (tr_by ='' OR tr_to ='{$data->id}') AND status != 'sms_p' AND secondarystatus != 'converted' AND date BETWEEN '{$start}' AND ('{$end}' + INTERVAL 1 DAY) {$thiscurrency} {$thistrtype} ORDER BY date DESC");
701.         $count_trans = mysql_num_rows(mysql_query("SELECT * FROM xt_trans WHERE (tr_by ='{$data->id}' OR tr_to ='{$data->id}') AND status != 'sms_p' AND secondarystatus != 'converted' AND date BETWEEN '{$start}' AND ('{$end}' + INTERVAL 1 DAY) {$thiscurrency} {$thistrtype} ORDER BY date DESC"));
702.     }
703.     $i = 1;
704.     while ($trans = mysql_fetch_object($trans1)) {
705.         if ($trans->tr_to == "2") {
706.             $trans->total = $trans->total;
707.             $sentby = $_TXT['global_to'];
708.         } else if ($trans->tr_to != $user || $trans->tr_to == "3") {
709.             $trans->total = 0 - $trans->total;
710.             $sentby = $_TXT['global_to'];
711.         } else {
712.             $sentby = $_TXT['global_from'];
713.         }
714.         $holds = mysql_fetch_object(mysql_query("SELECT * FROM xt_hold WHERE trans_id='{$trans->id}' LIMIT 0,1"));
715.         $mreqs = mysql_fetch_object(mysql_query("SELECT * FROM xt_moneyreqs WHERE trans_id='{$trans->id}' LIMIT 0,1"));
716.         $tr_status = "<a href=\"show.php?inc=emails-verify&y={$trans->extended_comment}&trans=" . $trans->transnum . "" . $trans->id . "\">{$Var_6000}</a>";
717.         if ($trans->status == "p" && 1 < strlen($trans->extended_comment) && $trans->tr_to == $user) {
718.             $tr_status = "<a href=\"show.php?inc=emails-verify&y={$trans->extended_comment}&trans=" . $trans->transnum . "" . $trans->id . "\">{$_TXT['transtb_accept']}</a>";
719.         } else if ($trans->status == "rf") {
720.             $tr_status = $_TXT['global_st_rf'];
721.         } else if ($trans->status == "esc") {
722.             $tr_status = $_TXT['global_st_esc'];
723.         } else if ($trans->status == "prf") {
724.             $tr_status = $_TXT['global_st_prf'];
725.         } else if ($trans->status == "c") {
726.             $tr_status = $_TXT['global_st_c'];
727.         } else if ($trans->status == "p" && $trans->tr_by == $user) {
728.             $tr_status = $_TXT['global_st_p'];
729.         } else if ($trans->status == "h" && $trans->tr_by == $Var_7776 || $trans->tr_to == "1") {
730.             $tr_status = $_TXT['global_st_h1'];
731.         } else if ($trans->status == "rv") {
732.             $tr_status = $_TXT['global_st_rv'];
733.         } else if ($trans->status == "f" && $trans->secondarystatus == "reversed") {
734.             $tr_status = $_TXT['global_st_rv'];
735.         } else if ($trans->status == "i") {
736.             $tr_status = $_TXT['global_st_i'];
737.         } else if ($trans->status == "f" && $trans->secondarystatus == "refunded") {
738.             $tr_status = $_TXT['global_st_rf'];
739.         } else if ($trans->status == "f" && $trans->secondarystatus == "pending_refunded") {
740.             $tr_status = $_TXT['global_st_prf'];
741.         } else if ($trans->status == "o" && $Tmp_382) {
742.             if ($trans->tr_by == $data->id) {
743.                 $tr_status = $_TXT['global_st_f'];
744.             } else {
745.                 if ($trans->tr_to == $data->id) {
746.                     $tr_status = $_TXT['global_st_ac'];
747.                 }
748.             }
749.         } else if ($trans->status == "f") {
750.             $Var_9696 = $_TXT['global_st_f'];
751.         } else if ($trans->status == "mreq" && $trans->tr_to == $user) {
752.             $tr_status = $_TXT['global_st_p'];
753.         } else if ($trans->status == "mreq" && $trans->tr_by == $user) {
754.             $tr_status = "<a href=\"show.php?inc=sendmoney-main&prcs={$data->user_unique}~{$data->id}&trans=" . $trans->transnum . "" . $trans->id . "&payreq=1\">{$_TXT['global_st_paynow']}</a>";
755.         }
756.         $tr_email = $trans->tr_to == $user ? $trans->tr_by : $trans->tr_to;
757.         $tr_balanceside = _MONEY_FORMAT(_balance($data->id, side, $_SESSION['cur']));
758.         $tr_ttotal = _MONEY_FORMAT($trans->total, 1);
759.         if ($trans->tr_to == "1") {
760.             $tr_gemail = $holds->email;
761.         } else {
762.             $tr_gemail = _GETACCOUNTNAME($tr_email);
763.             $tr_type = $_TXT['global_trt_transfer'];
764.         }
765.         if ($trans->tr_to == "2" || $trans->tr_by == "2") {
766.             $tr_gemail = $_TXT['global_2'];
767.             $tr_type = $_TXT['global_trt_addfunds'];
768.         } else if ($trans->tr_to == "3" || $trans->tr_by == "3") {
769.             $tr_gemail = $_TXT['global_3'];
770.             $tr_type = $_TXT['global_trt_ftr'];
771.         } else if ($trans->tr_to == "4" || $trans->tr_by == "4") {
772.             $tr_gemail = $_TXT['global_4'];
773.             $tr_type = $_TXT['global_2'];
774.         } else if ($trans->tr_by == "5") {
775.             $tr_gemail = $_TXT['global_5'];
776.             $tr_type = $_TXT['global_trt_mtr'];
777.         } else if ($trans->status == "mreq") {
778.             $tr_gemail = $_TXT['global_0'];
779.             $tr_type = $_TXT['global_trt_rtr'];
780.         } else if ($trans->status == "c" && $trans->payment_for == "mreq") {
781.             $tr_gemail = $_TXT['global_0'];
782.             $tr_type = $Var_13416['global_trt_rtr'];
783.         } else if ($trans->tr_by == "6") {
784.             $tr_gemail = $_TXT['global_6'];
785.             $tr_type = $_TXT['global_trt_mtr'];
786.         } else if ($trans->tr_by == "7" || $trans->tr_to == "7") {
787.             $tr_gemail = $_TXT['global_7'];
788.             $tr_type = $_TXT['global_trt_trr'];
789.         } else if ($trans->tr_by == "8" || $trans->tr_to == "8") {
790.             if ($trans->tr_by == "8") {
791.                 $tr_gemail = _GETACCOUNTNAME(_ADMIN_SHOW("xt_trans WHERE id='" . mysql_real_escape_string($trans->origtransid) . "'", tr_to));
792.             } else if ($trans->tr_to == "8") {
793.                 $tr_gemail = _GETACCOUNTNAME(_ADMIN_SHOW("xt_trans WHERE id='" . mysql_real_escape_string($trans->origtransid) . "'", tr_by));
794.             }
795.             $tr_type = $_TXT['global_trt_aref'];
796.         } else if ($trans->tr_by == "9" || $trans->tr_to == "9") {
797.             $tr_gemail = _GETACCOUNTNAME(_ADMIN_SHOW("xt_trans WHERE id='" . mysql_real_escape_string($trans->origtransid) . "'", tr_by));
798.             $tr_type = $_TXT['global_trt_fref'];
799.         } else if ($trans->tr_by == "10" || $trans->tr_to == "10") {
800.             $tr_gemail = $_TXT['global_trt_refr'];
801.             $tr_type = $_TXT['global_trt_refc'];
802.         } else if ($trans->tr_by == "11" || $trans->tr_to == "11") {
803.             $tr_gemail = _GETACCOUNTNAME(_ADMIN_SHOW("xt_trans WHERE id='" . mysql_real_escape_string($trans->origtransid) . "'", tr_by));
804.             $tr_type = $_TXT['global_11'];
805.         } else if ($trans->tr_by == "13" || $trans->tr_to == "13") {
806.             $tr_gemail = $_TXT['global_13'];
807.             $tr_type = $_TXT['global_trt_transfer'];
808.         } else if ($trans->tr_by == "14") {
809.             $tr_gemail = $trans->extended_comment;
810.         } else if ($trans->tr_by == "15") {
811.             $tr_gemail = $_TXT['global_15'];
812.         }
813.         $discur = _display_cur($_SESSION['cur']);
814.         if ($Var_17040 % 2 == 0) {
815.             $color = "#FCFCFC";
816.         } else {
817.             $color = "#ffffff";
818.         }
819.         $thiscur = _display_cur($trans->currency, 1);
820.         echo "\n";
821.         echo "<s";
822.         echo "cript type=\"text/javascript\">\nvar stickyTip = new TipObj('stickyTip');\nwith (stickyTip)\n{\n template = '<table cellpadding=\"1\" cellspacing=\"0\" width=\"%2%\" border=\"0\" class=\"ttip\">' +\n  '<tr><td><table bgcolor=\"#FCFCFC\" cellpadding=\"4\" cellspacing=\"0\" width=\"100%\" border=\"0\">' +\n  '<tr><td align=\"center\" class=\"tipClass\">%3%</td></tr></table></td></tr></table>';\n\ntips.ab = new Array(5, 5, 200, '";
823.         echo $trans->id;
824.         echo "<br>Info');\n\n tipStick = 0.2;\n}\n</script>\n \n    <TR>\n     <TD WIDTH=\"41%\" VALIGN=TOP BGCOLOR=\"";
825.         echo $color;
826.         echo "\">\n      <P>\n";
827.         if ($Var_17400->tr_to == $data->id) {
828.             $logoid = $trans->tr_by;
829.         } else if ($trans->tr_by == $data->id) {
830.             $logoid = $trans->tr_to;
831.         }
832.         if (1000 < $logoid) {
833.             $memberlogo = DB_OBJECT("xt_members", "xt_members WHERE id='{$logoid}'", 0);
834.             if (!$memberlogo->profile_logo) {
835.                 echo " <img src='img/personal_logo_default.gif' id='logoholder' height='45' style='float:left;'>\n";
836.             } else {
837.                 echo "<img src='";
838.                 echo _ADMIN_SHOW(xt_config_page, "site_url");
839.                 echo _ADMIN_SHOW(xt_config_page, "upload_dir");
840.                 echo "/";
841.                 echo $memberlogo->profile_logo;
842.                 echo "' id='logoholder' height='45' style='float:left;'> \n";
843.             }
844.         }
845.         echo "\n";
846.         echo "<s";
847.         echo "pan style=\"margin-left:3px;\">";
848.         echo date("F d, Y", strtotime("{$trans->date}"));
849.         echo "</span><br>\n";
850.         echo "<s";
851.         echo "pan style=\"margin-left:3px;color:#9C9C9C;font-size:10px;\">";
852.         echo $tr_type;
853.         echo " ";
854.         echo $sentby;
855.         echo "</span><br>\n";
856.         echo "<s";
857.         echo "pan style=\"margin-left:3px;color:#9C9C9C;font-size:10px;\">";
858.         echo $tr_gemail;
859.         echo "</span></TD>\n     <TD WIDTH=\"21%\" VALIGN=TOP BGCOLOR=\"";
860.         echo $color;
861.         echo "\">\n      <P ALIGN=CENTER>\n       <a href=\"show.php?inc=transaction-details-main&trans=";
862.         echo $trans->transnum;
863.         echo $trans->id;
864.         echo "&prcs=";
865.         echo $data->user_unique;
866.         echo "~";
867.         echo $data->id;
868.         echo "\">";
869.         echo $tr_status;
870.         echo "</a></TD>\n     <TD WIDTH=\"22%\" VALIGN=TOP BGCOLOR=\"";
871.         echo $color;
872.         echo "\">\n      <P ALIGN=CENTER>\n       ";
873.         echo $tr_ttotal;
874.         echo "(";
875.         echo $thiscur;
876.         echo ")</TD>\n     <TD WIDTH=\"16%\" VALIGN=TOP BGCOLOR=\"";
877.         echo $color;
878.         echo "\">\n      <P ALIGN=RIGHT>\n       <a href=\"show.php?inc=transaction-details-main&trans=";
879.         echo $trans->transnum;
880.         echo $trans->id;
881.         echo "&prcs=";
882.         echo $data->user_unique;
883.         echo "~";
884.         echo $data->id;
885.         echo "\" onmouseover=\"docTips.newTip('inline', -5, 20, 300, '";
886.         echo $_TXT['global_trid'];
887.         echo " <b>";
888.         echo $trans->transnum;
889.         echo $trans->id;
890.         echo "</b><br> ";
891.         echo $_TXT['transtb_date'];
892.         echo " ";
893.         echo "<br> ";
894.         echo $_TXT['transtb_amount'];
895.         echo " ";
896.         echo $tr_ttotal;
897.         echo "(";
898.         echo $thiscur;
899.         echo ")<br>";
900.         echo $_TXT['transtb_status'];
901.         echo " ";
902.         echo $tr_status;
903.         echo "<br><br>";
904.         echo $_TXT['transtb_trclick'];
905.         echo "')\"\n  onmouseout=\"docTips.hide()\">";
906.         echo $_TXT['transtb_details'];
907.         echo "</a></TD>\n    </TR>\n\n\n\n";
908.         $i = 3 - $i;
909.         $num = $num + 1;
910.     }
911.     if (0 < $count_trans) {
912.         echo "<p>(<b>{$count_trans}</b>) {$_TXT['transtb_entriesfound']}</p>";
913.     } else {
914.         echo "<p>(<b>0</b>) {$_TXT['transtb_entriesfound']}</p>";
915.     }
916. }
917. function _RELEASEPENDING($id, $debug) {
918.     $qr1 = mysql_query("SELECT * FROM xt_trans WHERE id='{$id}'");
919.     while ($holds = mysql_fetch_object($qr1)) {
920.         $update = "UPDATE xt_trans SET status='f' WHERE id='{$id}' LIMIT 1";
921.         DB_UPDATE("{$update}", $debug);
922.     }
923. }
924. function _GET_TRFEE($row, $cur) {
925.     return _ADMIN_SHOW("xt_config_currency WHERE id='{$cur}'", $row);
926. }
927. function _COUNTME($what, $option) {
928.     global $data;
929.     global $count;
930.     if ($what == "mail") {
931.         if ($option) {
932.             $more = " AND status='{$option}'";
933.         }
934.         $count = mysql_fetch_row(mysql_query("SELECT COUNT(*) FROM xt_address WHERE user='{$data->id}'{$more}"));
935.         $count = $count[0];
936.         return $count;
937.     }
938.     if ($what == "card") {
939.         if ($option) {
940.             $more = " AND status='{$option}'";
941.         }
942.         $count = mysql_query($Var_840);
943.         $count = $count[0];
944.         return $count;
945.     }
946.     if ($what == "bank") {
947.         if ($option) {
948.             $more = " AND status='{$option}'";
949.         }
950.         $count = mysql_fetch_row(mysql_query("SELECT COUNT(*) FROM xt_banks WHERE user='{$data->id}'{$more}"));
951.         $count = $count[0];
952.         return $count;
953.     }
954.     if ($what == "phone") {
955.         if ($option) {
956.             $more = " AND status='{$option}'";
957.         }
958.         $count = mysql_fetch_row(mysql_query("SELECT COUNT(*) FROM xt_phones WHERE user='{$data->id}'{$more}"));
959.         $count = $count[0];
960.         return $count;
961.     }
962. }
963. function email_subject($tid, $lang) {
964.     global $id;
965.     global $key1;
966.     global $val1;
967.     global $data;
968.     global $sitename;
969.     global $siteurl;
970.     global $_REQUEST;
971.     global $_SESSION;
972.     global $_EMAILS;
973.     global $functions_full_path;
974.     require_once ("" . $functions_full_path . "/Files/EMAILS/{$lang}.emails.php");
975.     $_EMAILS[$tid] = str_replace("[site_title]", _ADMIN_SHOW(xt_config_page, site_title), $_EMAILS[$tid]);
976.     $_EMAILS[$tid] = str_replace("[site_url]", _ADMIN_SHOW(xt_config_page, site_url), $_EMAILS[$tid]);
977.     do {
978.         $val1 = each(@$_REQUEST);
979.         $val1 = $val1[1];
980.         $key1 = each(@$_REQUEST);
981.         $key1 = $key1[0];
982.         if (@each(@$_REQUEST)) {
983.             $_EMAILS[$tid] = str_replace("[{$key1}]", $_REQUEST["{$key1}"], $_EMAILS[$tid]);
984.         }
985.     }
986.     while (1);
987.     return $_EMAILS[$tid];
988. }
989. function email_body($tid, $lang) {
990.     global $id;
991.     global $key;
992.     global $val;
993.     global $data;
994.     global $sitename;
995.     global $siteurl;
996.     global $_REQUEST;
997.     global $_SESSION;
998.     global $_EMAILS;
999.     global $functions_full_path;
1000.     global $trialmessage;
1001.     global $lic_package;
1002.     global $expiredate;
1003.     global $lic_expires;
1004.     global $day;
1005.     global $month;
1006.     global $year;
1007.     global $hour;
1008.     global $days;
1009.     global $hours;
1010.     global $calculation;
1011.     global $header;
1012.     global $footer;
1013.     require_once ("" . $functions_full_path . "/Files/EMAILS/{$lang}.emails.php");
1014.     $_EMAILS[$tid] = str_replace("[site_title]", _ADMIN_SHOW(xt_config_page, site_title), $_EMAILS[$tid]);
1015.     $_EMAILS[$tid] = str_replace("[site_url]", _ADMIN_SHOW(xt_config_page, site_url), $_EMAILS[$tid]);
1016.     do {
1017.         $val1 = each(@$_REQUEST);
1018.         $val1 = $val1[1];
1019.         $key1 = each(@$_REQUEST);
1020.         $key1 = $key1[0];
1021.         if (@each(@$_REQUEST)) {
1022.             $_EMAILS[$tid] = str_replace("[{$key}]", $_REQUEST["{$key}"], $_EMAILS[$tid]);
1023.         }
1024.     }
1025.     while (1);
1026.     if ($lic_package == "trial") {
1027.         $expiredate = date("M d Y", strtotime("{$lic_expires}"));
1028.         $day = date("d", strtotime("{$lic_expires}"));
1029.         $month = date("m", strtotime("{$lic_expires}"));
1030.         $year = date("Y", strtotime("{$lic_expires}"));
1031.         $hour = date("H", strtotime("{$lic_expires}"));
1032.         $calculation = (mktime($hour, 0, 0, $month, $day, $year) - time(void)) / 3600;
1033.         $hours = (int)$hours;
1034.         $days = (int)($hours / 24);
1035.         $trialmessage = "Thank you for using LigayaSoftware.com's Paypal.com Clone trial software. If you would like to remove this footer, please contact our sales team at [email protected].\n\r\n\nYour trial copy will expire in {$days} day(s). ";
1036.         return "{$_EMAILS[$tid]} \r\n\r\n {$trialmessage}";
1037.     }
1038.     return "{$_EMAILS[$tid]}";
1039. }
1040. function SEND_MAIL($email, $subject, $body, $lang) {
1041.     global $id;
1042.     global $sitetitle;
1043.     global $siteurl;
1044.     global $data;
1045.     global $key1;
1046.     global $val1;
1047.     global $sitename;
1048.     global $siteurl;
1049.     global $_REQUEST;
1050.     global $_SESSION;
1051.     global $_EMAILS;
1052.     global $Name;
1053.     global $adminemail;
1054.     global $header;
1055.     global $xt_config_mail;
1056.     global $mail;
1057.     global $smtp;
1058.     global $mailerror;
1059.     global $emailhead;
1060.     global $emailfoot;
1061.     global $functions_full_path;
1062.     require_once ("" . $functions_full_path . "/Files/EMAILS/{$lang}.emails.php");
1063.     $sitetitle = _ADMIN_SHOW(xt_config_page, site_title);
1064.     $siteurl = _ADMIN_SHOW(xt_config_page, site_url);
1065.     $_EMAILS[$body] = str_replace("[site_title]", $sitetitle, $_EMAILS[$body]);
1066.     $_EMAILS[$body] = str_replace("[site_url]", $siteurl, $_EMAILS[$body]);
1067.     $_EMAILS[$subject] = str_replace("[site_title]", $sitetitle, $_EMAILS[$subject]);
1068.     $_EMAILS[$subject] = str_replace("[site_url]", $siteurl, $_EMAILS[$subject]);
1069.     $emailhead = $_EMAILS['email_header'];
1070.     $emailfoot = $_EMAILS['email_footer'];
1071.     $emailhead = str_replace("[user_email]", $data->email, $emailhead);
1072.     $emailhead = str_replace("[site_title]", $sitetitle, $emailhead);
1073.     $emailhead = str_replace("[site_url]", $siteurl, $emailhead);
1074.     $emailfoot = str_replace("[user_uniqueid]", $data->user_unique, $emailfoot);
1075.     $emailfoot = str_replace("[user_email]", $data->email, $emailfoot);
1076.     $emailfoot = str_replace("[site_title]", $sitetitle, $emailfoot);
1077.     $emailfoot = str_replace("[site_url]", $siteurl, $emailfoot);
1078.     do {
1079.         $val1 = each(@$_REQUEST);
1080.         $val1 = $val1[1];
1081.         $key1 = each(@$_REQUEST);
1082.         $key1 = $key1[0];
1083.         if (@each(@$_REQUEST)) {
1084.             $_EMAILS[$body] = str_replace("[{$key1}]", $_REQUEST["{$key1}"], $_EMAILS[$body]);
1085.             $_EMAILS[$subject] = str_replace("[{$key1}]", $_REQUEST["{$key1}"], $_EMAILS[$subject]);
1086.             $emailhead = str_replace("[{$key1}]", $_REQUEST["{$key1}"], $emailhead);
1087.             $emailfoot = str_replace("[{$key1}]", $_REQUEST[""], $emailfoot);
1088.         }
1089.     }
1090.     while (1);
1091.     $xt_config_mail = DB_OBJECT("xt_config_mail", "xt_config_mail", 0);
1092.     if ($xt_config_mail->usemailer == "smtp") {
1093.         chdir("{$xt_config_mail->smtppear_path}");
1094.         require_once ("Mail.php");
1095.         $headers = array("From" => "{$xt_config_mail->smtpmail_name} <{$xt_config_mail->smtpmail_email}>", "To" => $email, "Subject" => $_EMAILS[$subject]);
1096.         $smtp = array("host" => $xt_config_mail->smtp_host, "port" => $xt_config_mail->smtp_port, "auth" => true, "username" => $xt_config_mail->smtp_username, "password" => $xt_config_mail->smtp_password);
1097.         $mail = $smtp->send($email, $headers, "{$emailhead} {$_EMAILS[$body]} {$emailfoot}");
1098.         if ($_REQUEST['config'] == "mailers_test" && ($mail)) {
1099.             $mailerror = $mail->getMessage();
1100.         }
1101.     } else {
1102.         $header = "From: {$xt_config_mail->phpmail_name} <{$xt_config_mail->phpmail_email}>" . "\r\n" . "Reply-To: {$xt_config_mail->phpmail_name} <{$xt_config_mail->phpmail_email}>" . "\r\n" . "X-Mailer: PHP/" . phpversion();
1103.         mail($email, $_EMAILS[$subject], "{$emailhead} {$_EMAILS[$body]} {$emailfoot}", $header);
1104.     }
1105. }
1106. function prdate($date) {
1107.     return date("d M Y \\@H:i", strtotime($date));
1108. }
1109. function prsumm($summ, $design = 0) {
1110.     global $currency;
1111.     if ($design) {
1112.         return "<span class=" . (0 < $summ ? "plus>+{$currency}" : "minus>" . ($summ ? "-" : "") . $currency) . number_format(0 < $summ ? $summ : 0 - $summ, 2) . "</span>";
1113.     }
1114.     return $currency . number_format($summ, 2, ".", "");
1115. }
1116. function ROUND_IT($amt) {
1117.     ob_start();
1118.     printf("%6.2f", $amt);
1119.     $amount = ob_get_contents();
1120.     ob_end_clean();
1121.     $amount = str_replace(" ", "", $amount);
1122.     return $amount;
1123. }
1124. function _CONVERT_CURRENCY($amount, $sendcur, $mycur) {
1125.     global $data;
1126.     global $_SESSION;
1127.     global $_CONVERT_DEFAULT;
1128.     global $_CONVERT_LOCAL;
1129.     global $_CONVERT_TO;
1130.     global $_CUR;
1131.     global $_CUR1;
1132.     global $_EXC;
1133.     global $_CHARGE_TOTAL;
1134.     if (!isset($mycur)) {
1135.         $mycur = $data->my_currency;
1136.     }
1137.     $_CONVERT_DEFAULT = _ADMIN_SHOW("xt_config_currency WHERE id='{$mycur}' ORDER BY id ASC LIMIT 1", id);
1138.     $_CONVERT_LOCAL = _ADMIN_SHOW("xt_config_currency WHERE id='{$mycur}' ORDER BY id ASC LIMIT 1", cur_convert);
1139.     $_CONVERT_TO = _ADMIN_SHOW("xt_config_currency WHERE id='{$sendcur}' ORDER BY id ASC LIMIT 1", cur_convert);
1140.     $_CUR = _display_cur($_CONVERT_DEFAULT, "");
1141.     $Var_1176 = _display_cur($_CONVERT_DEFAULT, 1);
1142.     $_EXC = _MONEY_FORMAT(round($amount * $_CONVERT_TO / $_CONVERT_LOCAL, 2), "");
1143.     $_CHARGE_TOTAL = $_EXC;
1144.     return "{$_CUR}{$_EXC} {$_CUR1}";
1145. }
1146. function _ACCOUNT_REP($id) {
1147.     global $_TXT;
1148.     global $qr2;
1149.     global $numrows;
1150.     if (!($qr2 = mysql_query("SELECT distinct tr_by FROM xt_trans WHERE tr_to='{$id}' and tr_by > 1000 AND status='f'"))) {
1151.         exit(mysql_error());
1152.     }
1153.     $numrows = mysql_num_rows($qr2);
1154.     return $numrows;
1155. }
1156. function _GETACCOUNTNAME($id) {
1157.     global $usid;
1158.     global $fname;
1159.     global $lname;
1160.     if (_ADMIN_SHOW("xt_members WHERE id='{$id}'", "account_type") == "pre" || _ADMIN_SHOW("xt_members WHERE id='{$id}'", "account_type") == "biz") {
1161.         return ucfirst(_SHOWME($id, xt_company, company));
1162.     }
1163.     $fname = ucfirst(_SHOWME($id, xt_personal, fname));
1164.     $lname = ucfirst(_SHOWME($id, xt_personal, lname));
1165.     return "{$fname} {$lname}";
1166. }
1167. function tipsLanguage($all) {
1168.     global $doquery;
1169.     global $lang;
1170.     global $qr1;
1171.     global $lang_desc;
1172.     global $langname;
1173.     global $getfulladdress;
1174.     global $parseurlfunc;
1175.     if ($all) {
1176.         $doquery = "SELECT * FROM xt_languages ORDER BY lang_default ASC";
1177.     } else {
1178.         $doquery = "SELECT * FROM xt_languages WHERE lang_status='t'";
1179.     }
1180.     $langname = _ADMIN_SHOW("xt_languages WHERE lang_name='{$_SESSION['site_lang']}'", "lang_name");
1181.     $lang_desc = _ADMIN_SHOW("xt_languages WHERE lang_name='{$_SESSION['site_lang']}'", "lang_desc");
1182.     $qr1 = mysql_query("{$doquery}");
1183.     $getfulladdress = getFullAddress();
1184.     while ($lang = mysql_fetch_object($qr1)) {
1185.         $parseurlfunc = parse_url($getfulladdress, PHP_URL_QUERY);
1186.         if (empty($parseurlfunc) || !isset($parseurlfunc) || strlen($parseurlfunc) < 1) {
1187.             echo "<a href=\"{$getfulladdress}?site_lang={$lang->lang_name}&langfile=1\"><img src=\"FLAGS/{$lang->lang_name}.png\" alt=\"{$lang->lang_name}\" style=\"cursor: hand;\" border=0> {$lang->lang_desc}</a><br>";
1188.         } else {
1189.             echo "<a href=\"{$getfulladdress}&site_lang={$lang->lang_name}&langfile=1\"><img src=\"FLAGS/{$lang->lang_name}.png\" alt=\"{$lang->lang_name}\" style=\"cursor: hand;\" border=0> {$lang->lang_desc}</a><br>";
1190.         }
1191.     }
1192. }
1193. function showLanguages($all, $showstyle) {
1194.     global $doquery;
1195.     global $lang;
1196.     global $qr1;
1197.     global $lang_desc;
1198.     global $langname;
1199.     global $getfulladdress;
1200.     if ($all) {
1201.         $doquery = "SELECT * FROM xt_languages ORDER BY lang_default ASC";
1202.     } else {
1203.         $doquery = "SELECT * FROM xt_languages WHERE lang_status='t'";
1204.     }
1205.     $langname = _ADMIN_SHOW("xt_languages WHERE lang_name='{$_SESSION['site_lang']}'", "lang_name");
1206.     $lang_desc = _ADMIN_SHOW("xt_languages WHERE lang_name='{$_SESSION['site_lang']}'", "lang_desc");
1207.     if ($showstyle != "options") {
1208.         echo "<img src=\"FLAGS/{$langname}.png\" alt=\"{$lang_desc}\" style=\"cursor: hand;\" onmouseover=\"staticTip.show('showlanguages')\" onmouseout=\"staticTip.hide()\">";
1209.         $qr1 = mysql_query("{$doquery}");
1210.         echo "<div id=\"divlang\" style=\"display:none; position: absolute; right:320px; background-color: F2F5F6; width: 133px; border-width: 1px;border-style: solid;border-color: #d9d9d9; padding: 6px 6px 6px 6px; font-size: 11px;\">";
1211.         $getfulladdress = getFullAddress();
1212.         while ($lang = mysql_fetch_object($qr1)) {
1213.             echo "<a href=\"{$getfulladdress}&site_lang={$lang->lang_name}&langfile=1#{$getfulladdress}\"><img src=\"FLAGS/{$lang->lang_name}.png\" alt=\"{$lang->lang_name}\" style=\"cursor: hand;\" border=0> {$lang->lang_desc}</a><br>";
1214.         }
1215.         echo "<br><p style=\"float:right; cursor: hand;\" onclick=\"$('divlang').hide()\">(close)</p></div>";
1216.     } else {
1217.         $qr1 = mysql_query("{$doquery}");
1218.         while ($lang = mysql_fetch_object($qr1)) {
1219.             echo "<option vlaue=\"{$lang->lang_name}\">{$lang->lang_desc}</option>";
1220.         }
1221.     }
1222. }
1223. function getFullAddress() {
1224.     $protocol = $_SERVER['HTTPS'] == "on" ? "https" : "http";
1225.     return $protocol . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
1226. }
1227. function changeLanguage($id, $loadit) {
1228.     global $getfulladdress;
1229.     global $origurl;
1230.     global $data;
1231.     global $_LOADIT;
1232.     global $settimeout;
1233.     global $session_mins;
1234.     global $update_status;
1235.     global $disputeto;
1236.     $settimeout = $session_mins * 60 * 1000;
1237.     if ($loadit) {
1238.         if ($data->icon_check == "t") {
1239.             header("Location: show.php?inc=security-check-main&prcs={$data->user_unique}~{$data->id}");
1240.         }
1241.         if ($data->icon_check == "f" && 0 < strlen($data->sentry_lock)) {
1242.             header("Location: show.php?inc=sentry-main&prcs={$data->user_unique}~{$data->id}");
1243.         }
1244.         if ($data->icon_check == "f") {
1245.             if (_ADMIN_SHOW("xt_emails WHERE email='{$data->email}' AND status='u' LIMIT 1", id)) {
1246.                 header("Location: show.php?inc=emails-verify&y={$data->email}&prcs={$data->user_unique}~{$data->id}");
1247.             }
1248.             if ($data->user_status == "s") {
1249.                 header("Location: show.php?inc=suspended-main&prcs={$data->user_unique}~{$data->id}");
1250.             }
1251.         }
1252.         if ($_SESSION['checkoutuser_merch'] && $_SESSION['checkoutuser_ordercurrency'] && $_SESSION['checkoutuser_buttonstatus'] == 1 && !$_SESSION['usercheckout_hold']) {
1253.             $_LOADIT = "onload=\"goUrl('show.php?inc=checkout-user-main&prcs={$data->user_unique}~{$data->id}')\"";
1254.         } else {
1255.             $_LOADIT = "onload=\"showpage('{$loadit}','showing');setTimeout('showpage(\\'show.php?inc=xlogoff.main&al=1&id={$data->id}\\',\\'showing\\')',{$settimeout})\"";
1256.         }
1257.     }
1258.     $getfulladdress = getfulladdress();
1259.     if ($_REQUEST['langfile']) {
1260.         if ($_REQUEST['site_lang'] && _ADMIN_SHOW("xt_languages WHERE lang_name='{$_REQUEST['site_lang']}' AND lang_status='t'", lang_name)) {
1261.             $_SESSION['site_lang'] = $_REQUEST['site_lang'];
1262.             $getfulladdress = str_replace("site_lang={$_REQUEST['site_lang']}&langfile=1", "", $getfulladdress);
1263.             header("Location: {$getfulladdress}");
1264.         } else {
1265.             $_SESSION['site_lang'] = _ADMIN_SHOW("xt_languages WHERE lang_default='t'", lang_name);
1266.             header("Location: {$getfulladdress}");
1267.         }
1268.     }
1269.     if ($data->my_currency) {
1270.         $_SESSION['cur'] = $data->my_currency;
1271.     } else {
1272.         $_SESSION['cur'] = _ADMIN_SHOW("xt_config_currency WHERE cur_default='t' AND cur_status='t' ORDER BY id ASC LIMIT 1", id);
1273.         $update_cur = "UPDATE xt_members SET my_currency='{$_SESSION['cur']}' WHERE id='{$id}'";
1274.         DB_UPDATE("{$update_cur}", 0);
1275.     }
1276.     if ($Var_3672['logout']) {
1277.         unset($_SESSION['session_timeout']);
1278.         unset($_SESSION['suid']);
1279.     }
1280.     $disputeto = mysql_fetch_row(mysql_query("SELECT COUNT(*) FROM xt_disputes WHERE disputeto='{$data->id}' AND isoriginal='t' AND status='open'"));
1281.     $disputeto = $disputeto[0];
1282.     if (0 < $disputeto && $data->user_status == "a" && _ADMIN_SHOW(xt_config_page, dispute_autolimituser) == "t") {
1283.         echo "Updating....<img src='img/spacer.gif' height='1' width=\"1\" onload=\"goUrl('show.php?inc=startpage&prcs=";
1284.         echo $data->user_unique;
1285.         echo "~";
1286.         echo $data->id;
1287.         echo "')\">\n";
1288.         $update_status = "UPDATE xt_members SET user_status='l',limited_reason='dispute' WHERE id='{$data->id}'";
1289.         DB_UPDATE("{$update_status}", 0);
1290.     } else {
1291.         if ($disputeto < 1 && $data->user_status == "l" && $data->limited_reason == "dispute") {
1292.             echo "Updating....<img src='img/spacer.gif' height='1' width=\"1\" onload=\"goUrl('show.php?inc=startpage&prcs=";
1293.             echo $data->user_unique;
1294.             echo "~";
1295.             echo $data->id;
1296.             echo "')\">\n";
1297.             $update_status = "UPDATE xt_members SET user_status='a',limited_reason='' WHERE id='{$data->id}'";
1298.             DB_UPDATE("{$update_status}", 0);
1299.         }
1300.     }
1301. }
1302. function MYMERCHID() {
1303.     global $data;
1304.     return "" . $data->user_unique . "" . $data->id . "";
1305. }
1306. function MYTRANSID($unique, $id) {
1307.     global $data;
1308.     return "" . strtoupper($unique) . "" . $id . "";
1309. }
1310. function MYINVID($unique, $id) {
1311.     global $data;
1312.     return "" . strtoupper($unique) . "" . "" . "{$id}";
1313. }
1314. function MYMESSAGEID($unique, $id) {
1315.     global $data;
1316.     return "" . strtoupper($unique) . "" . "MD" . "{$id}";
1317. }
1318. function geo_location($ip, $maxid, $orig) {
1319.     global $query;
1320.     global $url;
1321.     global $host;
1322.     global $path;
1323.     global $timeout;
1324.     global $fp;
1325.     global $buf;
1326.     global $lines;
1327.     global $geo;
1328.     global $r;
1329.     global $add_r;
1330.     $query = "http://geoip3.maxmind.com/f?l=" . $maxid . "&i=" . $ip;
1331.     $url = parse_url($query);
1332.     $host = $url['host'];
1333.     $path = $url['path'] . "?" . $url['query'];
1334.     $timeout = 1;
1335.     if (!($fp = fsockopen($host, 80, $errno, $errstr, $timeout))) {
1336.         exit("Can not open connection to server.");
1337.     }
1338.     if ($fp) {
1339.         fputs($fp, "GET {$path} HTTP/1.0\nHost: " . $host . "\n\n");
1340.         while (!feof($fp)) {
1341.             $buf.= fgets($fp, 128);
1342.         }
1343.         $lines = split("\n", $buf);
1344.         $geo = $lines[count($lines) - 1];
1345.         fclose($fp);
1346.     }
1347.     $r = explode(",", $geo);
1348.     $insertme = "Country Code = {$r['0']}\nRegion Code = {$r['1']}\nCity = {$r['2']}\nPostal Code = {$r['3']}\nLatitude = {$r['4']}\nLongitude = {$r['5']}\nMetropolitan Code = {$r['6']}\nArea Code = {$r['7']}\nISP = {$r['8']}\nOrganization = {$r['9']}\nError code = {$r['10']}";
1349.     $add_r = "xt_geoip SET \n\t\tgeoip\t='" . addslashes($insertme) . "',\n\t\torig = '" . addslashes($orig) . "',\n\t\tgeotype= 'loc'";
1350.     DB_ADD("{$add_r}", 0);
1351. }
1352. function geo_bin($maxid, $ip, $orig, $city, $region, $postal, $country, $domain, $bin, $forwardedip, $custphone, $binname, $binphone, $reqtype, $emailmd5, $shipaddr) {
1353.     global $query;
1354.     global $url;
1355.     global $host;
1356.     global $path;
1357.     global $timeout;
1358.     global $fp;
1359.     global $buf;
1360.     global $lines;
1361.     global $geo;
1362.     global $r;
1363.     global $add_r;
1364.     global $siteurl;
1365.     require_once ("geoip/CreditCardFraudDetection.php");
1366.     $ccfs = $Var_1032;
1367.     $h['license_key'] = $maxid;
1368.     $h['i'] = $ip;
1369.     $h['city'] = $city;
1370.     $h['region'] = $region;
1371.     $h['postal'] = $postal;
1372.     $h['country'] = $country;
1373.     $h['domain'] = $domain;
1374.     $h['bin'] = $bin;
1375.     $h['forwardedIP'] = $forwardedip;
1376.     $h['custPhone'] = $custphone;
1377.     $h['binName'] = $binname;
1378.     $h['binPhone'] = $binphone;
1379.     $h['requested_type'] = $reqtype;
1380.     $h['emailMD5'] = $emailmd5;
1381.     $h['shipAddr'] = $shipaddr;
1382.     $h['txnID'] = $_REQUEST[''];
1383.     $h['sessionID'] = $_REQUEST[''];
1384.     $ccfs->timeout = 5;
1385.     $ccfs->input($h);
1386.     $ccfs->query();
1387.     $h = $ccfs->output();
1388.     $outputkeys = array_keys($h);
1389.     $numoutputkeys = count($h);
1390.     $i = 0;
1391.     while ($i < $numoutputkeys) {
1392.         $key = $outputkeys[$i];
1393.         $value = $h[$key];
1394.         $a = "{$value}";
1395.         $lines = split("\n", $a);
1396.         $data = $lines[count($lines) - 1];
1397.         $geo = explode(",", $data);
1398.         $arr[$key] = $value;
1399.         ++$i;
1400.     }
1401.     $insertme = "Distance = \nCountry Match = {$arr['countryMatch']}\nCountry Code = {$arr['countryCode']}\nFree Email = {$arr['freeMail']}\nAnonymous Proxy = {$arr['anonymousProxy']}\nFraud Score = {$arr['score']}\nBin Match = {$arr['binMatch']}\nBin Country = {$arr['binCountry']}\nError = {$arr['err']}\nProxy Score = {$arr['proxyScore']}\nSpam Score = {$arr['spamScore']}\nRegion = {$arr['ip_region']}\nCity = {$arr['ip_city']}\nLatitude = {$arr['ip_latitude']}\nLongitude = {$arr['ip_longitude']}\nBin Name = {$arr['binName']}\nISP = {$arr['ip_isp']}\nISP Org = {$arr['ip_org']}\nBin Name Match = {$arr['binNameMatch']}\nBin Phone Match = {$arr['binPhoneMatch']}\nBin Phone = {$arr['binPhone']}\nCustomer Phone Billing Location = {$arr['custPhoneInBillingLoc']}\nHigh Risk Country = {$arr['highRiskCountry']}\nCity Postal Match = {$arr['cityPostalMatch']}\nShipping City Postal Match = {$arr['shipCityPostalMatch']}\nIs Trans Proxy = {$arr['isTransProxy']}";
1402.     $add_r = "xt_geoip SET \n\t\tgeoip\t='" . addslashes($insertme) . "',\n\t\torig = '" . $Var_5760 . "',\n\t\tgeotype= 'bin'";
1403.     DB_ADD("{$add_r}", 0);
1404. }
1405. function greaterDate($start_date, $end_date) {
1406.     $start = strtotime($start_date);
1407.     $end = strtotime($end_date);
1408.     if (0 < $start - $end) {
1409.         return 1;
1410.     }
1411.     return 0;
1412. }
1413. function destroySessionGroup($group, $status, $error) {
1414.     do {
1415.         $sess_val = each(@$_SESSION);
1416.         $sess_val = $sess_val[1];
1417.         $sess_key = each(@$_SESSION);
1418.         $sess_key = $sess_key[0];
1419.         if (@each(@$_SESSION)) {
1420.         } else if (preg_match("/{$group}/", $sess_key, $matches)) {
1421.             unset($Var_408["{$sess_key}"]);
1422.         }
1423.     }
1424.     while (1);
1425.     if ($status) {
1426.         unset($_SESSION['status']);
1427.     }
1428.     if ($error) {
1429.         unset($_SESSION['error']);
1430.     }
1431. }
1432. function REFERRAL_TRANS($user, $refby, $amount, $type) {
1433.     global $xt_config_referrals;
1434.     global $referrer_sum;
1435.     global $max_payout;
1436.     global $refpayout;
1437.     global $currency;
1438.     $currency = _ADMIN_SHOW("xt_config_currency WHERE cur_default='t' AND cur_status='t' ORDER BY id ASC LIMIT 1", id);
1439.     $xt_config_referrals = DB_OBJECT("xt_config_referrals", "xt_config_referrals", 0);
1440.     if ($xt_config_referrals->reftype != "disabled" && $xt_config_referrals->qualify_amount <= $amount) {
1441.         $referrer_sum = mysql_fetch_row(mysql_query("SELECT SUM(total) FROM xt_trans WHERE tr_by = '15' AND tr_to = '{$refby}' AND currency='{$currency}' AND (status !='i' AND secondarystatus != 'converted')"));
1442.         $referrer_sum = $referrer_sum[0];
1443.         $referrer_sum = _MONEY_FORMAT($referrer_sum);
1444.         if ($xt_config_referrals->reftype == "single" && $referrer_sum <= 0) {
1445.             $_REQUEST['extended_comment'] = "{$type}";
1446.             $_REQUEST['payment_for'] = "Referral";
1447.             $_REQUEST['funding'] = bal;
1448.             $_REQUEST['memo'] = $_SESSION['tmp_sending_memo'];
1449.             $_REQUEST['fund_id'] = $_SESSION['fund_id'];
1450.             $_REQUEST['cur_total'] = "{$refpayout};{$currency}";
1451.             tr_money(15, $refby, $xt_config_referrals->payout_amount, $fee, f, $currency, 0);
1452.         } else {
1453.             if ($xt_config_referrals->reftype != "single" && $referrer_sum < $xt_config_referrals->cap_amount) {
1454.                 if ($xt_config_referrals->reftype == "percent") {
1455.                     $refpayout = tr_fee($amount, $xt_config_referrals->payout_amount, "0.00");
1456.                 } else {
1457.                     $refpayout = $xt_config_referrals->payout_amount;
1458.                 }
1459.                 $max_payout = $xt_config_referrals->cap_amount - $referrer_sum;
1460.                 if ($max_payout < $refpayout) {
1461.                     $refpayout = $max_payout;
1462.                 }
1463.                 $_REQUEST['extended_comment'] = "{$type}";
1464.                 $_REQUEST['payment_for'] = "Referral";
1465.                 $_REQUEST['funding'] = bal;
1466.                 $_REQUEST['memo'] = $_SESSION['tmp_sending_memo'];
1467.                 $_REQUEST['fund_id'] = $_SESSION['fund_id'];
1468.                 $_REQUEST['cur_total'] = "{$refpayout};{$currency}";
1469.                 tr_money(15, $refby, $refpayout, $fee, f, $currency, 0);
1470.             }
1471.         }
1472.     }
1473. }
1474. function _ACCOUNT_RATING($user) {
1475.     global $member;
1476.     global $feedback;
1477.     global $countrows;
1478.     global $counttotal;
1479.     $counttotal = mysql_fetch_row(mysql_query("SELECT SUM(rating) FROM xt_feedbacks WHERE feedto='{$user}' AND replyto < 1"));
1480.     $counttotal = $counttotal[0];
1481.     $countrows = mysql_fetch_row(mysql_query("SELECT COUNT(*) FROM xt_feedbacks WHERE feedto='{$user}' AND replyto < 1"));
1482.     $countrows = $countrows[0];
1483.     $countrows = $countrows * 10;
1484.     return "<span style='cursor:pointer;' onmouseover=\"docTips.newTip('inline', -5, 20, 300, 'This number represents this member\\'s feedback ratings in percentage by other members of the community.')\" onmouseout=\"docTips.hide()\">[<u>" . round($counttotal / $countrows * 100, 1) . "%</u>]</span>";
1485. }
1486. if ($_REQUEST['showerrorsonthispage']) {
1487.     ini_set("display_errors", 1);
1488.     ini_set("log_errors", 1);
1489.     error_reporting(E_ALL);
1490. }
1491. $lic_decrypted = _decryptLIC(_ADMIN_SHOW(xt_config_page, "site_addr"));
1492. $lic_maxusers = explode("::", $lic_decrypted);
1493. $lic_maxusers = $lic_maxusers[13];
1494. $lic_expires = explode("::", $lic_decrypted);
1495. $lic_expires = $lic_expires[12];
1496. $lic_invoicer = explode("::", $lic_decrypted);
1497. $lic_invoicer = $lic_invoicer[11];
1498. $lic_geoip = explode("::", $lic_decrypted);
1499. $lic_geoip = $lic_geoip[10];
1500. $lic_multiadmin = explode("::", $lic_decrypted);
1501. $lic_multiadmin = $lic_multiadmin[9];
1502. $lic_multicur = explode("::", $lic_decrypted);
1503. $lic_multicur = $lic_multicur[8];
1504. $lic_multilang = explode("::", $lic_decrypted);
1505. $lic_multilang = $lic_multilang[7];
1506. $lic_api = explode("::", $lic_decrypted);
1507. $lic_api = $lic_api[6];
1508. $lic_subs = explode("::", $lic_decrypted);
1509. $lic_subs = $lic_subs[5];
1510. $lic_icheckout = explode("::", $lic_decrypted);
1511. $lic_icheckout = $lic_icheckout[4];
1512. $lic_vterm = explode("::", $lic_decrypted);
1513. $lic_vterm = $lic_vterm[3];
1514. $lic_mobile = explode("::", $lic_decrypted);
1515. $lic_mobile = $lic_mobile[2];
1516. $lic_package = explode("::", $lic_decrypted);
1517. $lic_package = $lic_package[1];
1518. $lic_domain = trim($lic_domain);
1519. $lic_package = strtolower(trim($lic_package));
1520. $lic_mobile = trim($lic_mobile);
1521. $lic_vterm = trim($lic_vterm);
1522. $lic_icheckout = trim($lic_icheckout);
1523. $lic_subs = trim($lic_subs);
1524. $lic_api = trim($lic_api);
1525. $lic_multilang = trim($lic_multilang);
1526. $lic_multicur = trim($lic_multicur);
1527. $lic_multiadmin = trim($lic_multiadmin);
1528. $lic_geoip = trim($lic_geoip);
1529. $lic_invoicer = trim($lic_invoicer);
1530. $lic_expires = ini_set($lic_expires);
1531. $lic_maxusers = trim($lic_maxusers);
1532. $today = date("Y-m-d H:i:s");
1533. if (greaterDate($today, $lic_expires)) {
1534.     header("Location: license.php?i=expired&reg={$file_find}");
1535. }
1536. if (preg_match("/{$lic_domain}/i", $file_find)) {
1537.     $site_url = _ADMIN_SHOW(xt_config_page, "site_url");
1538.     function table_exists($tableName) {
1539.         $show = mysql_fetch_object(mysql_query("SELECT * FROM {$tableName}"));
1540.         if ($show) {
1541.             return 1;
1542.         }
1543.     }
1544.     $numbersofmobilesms = mysql_num_rows(mysql_query("SELECT * FROM xt_sms_confirm"));
1545.     if ($lic_mobile == "683513" && (0 < $numbersofmobilesms || file_exists("Subs/inc_mobile-main.php") || file_exists("Subs/inc_sms-jobs.php"))) {
1546.         $error_mobile = "Mobile Tools<br>";
1547.         $allowedFiles_light = 1;
1548.     } else {
1549.         $showlic_mobile = 1;
1550.     }
1551.     if ($lic_vterm == "899793" && (file_exists("Subs/inc_seller_virtual-terminal-main.php") || file_exists("Subs/inc_seller_virtual-terminal-main-confirm.php") || file_exists("Subs/inc_xupdater.merchants.terminal.php"))) {
1552.         $error_terminal = "Virtual Terminal<br>";
1553.         $allowedFiles_light = 1;
1554.     }
1555.     $numbersoficheckout = mysql_num_rows(mysql_query("SELECT * FROM xt_icheckout"));
1556.     if ($lic_icheckout == "811358" && (0 < $numbersoficheckout || file_exists("Subs/inc_xupdater.checkout-cc.php") || file_exists("Subs/inc_checkout-cc-main.php") || file_exists("Subs/inc_checkout-cc-main-table.php") || file_exists("Subs/inc_checkout-cc-main-final.php") || file_exists("Subs/inc_checkout-cc-main-confirm.php"))) {
1557.         $error_icheckout = "Instant Checkout<br>";
1558.         $allowedFiles_light = 1;
1559.     }
1560.     $numbersofexsubs = mysql_num_rows(mysql_query("SELECT * FROM xt_subs"));
1561.     if ($lic_subs == "1328435" && (0 < $numbersofexsubs || file_exists("Subs/inc_job_recurring.php"))) {
1562.         $error_subs = "Subscription Payments<br>";
1563.         $allowedFiles_light = 1;
1564.     } else {
1565.         $showlic_subs = 1;
1566.     }
1567.     if ($lic_api == "5781263" && file_exists("Subs/inc_api.php")) {
1568.         $error_api = "Seller API<br>";
1569.         $allowedFiles_light = 1;
1570.     }
1571.     $numbersoflanuages = mysql_num_rows(mysql_query("SELECT * FROM xt_languages"));
1572.     if ($lic_multilang == "6745341" && 1 < $numbersoflanuages) {
1573.         $error_multilang = "Multi-Language<br>";
1574.         $allowedFiles_light = 1;
1575.     }
1576.     $numbersofcur = mysql_num_rows(mysql_query("SELECT * FROM xt_config_currency"));
1577.     if ($lic_multicur == "9896611" && 1 < $numbersofcur) {
1578.         $error_multicur = "Multi-Currency<br>";
1579.         $allowedFiles_light = 1;
1580.     }
1581.     $numbersofadmin = mysql_num_rows(mysql_query("SELECT * FROM xt_admins"));
1582.     if ($lic_multiadmin == "45068405" && 1 < $numbersofadmin) {
1583.         $error_multiadmin = "Multi-Admins<br>";
1584.         $allowedFiles_light = 1;
1585.     }
1586.     $numbersofgeoip = mysql_num_rows(mysql_query("SELECT * FROM xt_geoip"));
1587.     if ($lic_geoip == "3453463333" && (file_exists("Subs/inc_geo_bin.php") || file_exists("Subs/inc_geo_location.php") || 0 < $numbersofgeoip)) {
1588.         $error_geoip = "GeoIP<br>";
1589.         $allowedFiles_light = 1;
1590.     }
1591.     if ($lic_invoicer == "2858168712" && (file_exists("Subs/inc_myinvoices.php") || file_exists("Subs/inc_invoice.php") || file_exists("Subs/inc_myinvoices-table.php") || file_exists("Subs/inc_invoice-main-final.php") || file_exists("Subs/inc_invoice-main-confirm.php") || file_exists("Subs/inc_xupdater.invoices.php"))) {
1592.         $allowedFiles_light = 1;
1593.     }
1594.     $thisfilename = $_SERVER['SCRIPT_NAME'];
1595.     $breakfilename = explode("/", $thisfilename);
1596.     $currentexecutefile = $breakfilename[count($breakfilename) - 1];
1597.     $total_users_active = mysql_fetch_row(mysql_query("SELECT COUNT(*) FROM xt_members WHERE user_status = 'a'"));
1598.     $total_users_active = $total_users_active[0];
1599.     if ($currentexecutefile == "show.php" && $lic_maxusers < $total_users_active && 0 < $lic_maxusers) {
1600.         $error_maxusers = "You Have Reached Your Maximum Users Allowed For This Package ({$lic_maxusers})<br>";
1601.         $allowedFiles_light = 1;
1602.     }
1603.     if ($allowedFiles_light == 1) {
1604.         echo "<div style=\"position: relative; left: 1%; background-color: #d4d4d4; padding: 13px; border: 4px solid red; color:#990000; font-size:18px; font-family:\"Times New Roman\", Times, serif;\">";
1605.         echo "Your current license does not allow you to run or install files associated with the following modules;<p><p style=\"color:#0099CC; font-size:18px; font-family:\"Times New Roman\", Times, serif;\">";
1606.         echo "{$error_terminal} {$error_mobile} {$error_icheckout} {$error_api} {$error_subs} {$error_multicur} {$error_multilang} {$error_multiadmin} {$error_geoip} {$error_invoicer} {$error_maxusers}";
1607.         echo "</p></div>";
1608.     }
1609. } else {
1610.     $sited_url = _ADMIN_SHOW(xt_config_page, "site_url");
1611.     $sited_url = str_replace("http://", "", $sited_url);
1612.     $sited_url = str_replace("https://", "", $sited_url);
1613.     header("Location: license.php?reg={$file_find}");
1614. }
1615. if ($_REQUEST['licenseupdateitem'] == "96031c44836e15e9a7745hd5ttdgw3434534wtert") {
1616.     $licenseupdateitem_licid = trim($_REQUEST['licenseupdateitem_licid']);
1617.     $updatedb = "UPDATE xt_config_page SET site_addr='{$licenseupdateitem_licid}' LIMIT 1";
1618.     DB_UPDATE("{$updatedb}", 0);
1619.     echo "updated";
1620. }
1621. ?>