Possible hacking attempt"); print("

This has been recorded and logged, have a nice day!

"); error_log("Breakin Attempt detected in: ".__FILE__." from {$_SERVER['REMOTE_ADDR']}"); exit(); } /* FIX */ include($config['include_dir']."paypal_ipn.class.php"); $p = new paypal_class; if ($config['merchant']['test']) { //...... Sandbox $paypal_url = "https://www.sandbox.paypal.com/us/cgi-bin/webscr"; } else $paypal_url = $config['merchant']['paypal_url']; $p->ipn_log_file = $config['merchant']['paypal_ipn_log']; $p->paypal_url = $paypal_url; if ($p->validate_ipn()) { if ($p->ipn_data['payment_status'] == 'Completed') { //...... Get the customer ID from the invoice ID list($customer_id,$uniq_id) = explode(".",$_POST['invoice']); $_SESSION['id'] = $customer_id; $Q="SELECT * FROM users WHERE id='{$_SESSION['id']}' LIMIT 1"; $_REQUEST['user'] = mysql_fetch_assoc(mysql_query($Q)); $_SESSION['email'] = $_REQUEST['user']['email']; //...... include/order.class.php $o = new OrderClass($customer_id,'',$config,'PAYPAL'); $i=1; while(isset($_POST['item_number'.$i])) { $_SESSION['prods'][$i]['id'] = $_POST['item_number'.$i]; $_SESSION['prods'][$i]['quantity'] = $_POST['quantity'.$i]; $i++; } foreach($_SESSION['prods'] as $prod) { $o->addItem($prod['id'],$prod['quantity']); } $o->postOrder(); // Yes, its supposed to be the uniq_id // Just one of those strange naming what-to-do's /*************************************************/ /* Loads up the plugin Billing Success */ /*************************************************/ includePlugin('','actions','success_purchase',$X); /*************************************************/ } else { /*************************************************/ /* Loads up the plugin Billing Failure */ /*************************************************/ includePlugin('','actions','fail_purchase',$X); /*************************************************/ } } else { $redirect_to=($config['secure']['url']); } ?>