[Added identity checks for CC payments Adrian Georgescu **20100305092039] hunk ./library/sip_settings.php 125 - var $export_filename = "export.txt"; hunk ./library/sip_settings.php 289 + $this->availableGroups['payments'] = array("Group"=>"payments", + "WEBName" =>sprintf(_("CC Payments")), + "SubscriberMayEditIt"=>0, + "SubscriberMaySeeIt"=>0, + "ResellerMayEditIt"=>1, + "ResellerMaySeeIt"=>1 + ); + hunk ./library/sip_settings.php 1493 - hunk ./library/sip_settings.php 1788 + $chapter=sprintf(_("Payments")); + $this->showChapter($chapter); + + if (!$this->show_payments_tab) { + return false; + } + hunk ./library/sip_settings.php 1796 - $chapter=sprintf(_("Payments")); - $this->showChapter($chapter); hunk ./library/sip_settings.php 1812 - if (!$this->show_payments_tab) { + + print " + + + "; + printf (_("Calling to PSTN numbers is possible at the costs set forth in the price list. "),$this->pstn_termination_price_page); + print " + + + "; + + if (!in_array("payments",$this->groups)) { + $this->showIdentityProof(); hunk ./library/sip_settings.php 1847 + function showIdentityProof () { + + $this->db = new DB_CDRTool(); + + $max_file_size=1024000; + + $chapter=sprintf(_("Proof of Identity")); + $this->showChapter($chapter); + + if ($_FILES['tmpfile']['tmp_name'] && $_REQUEST['name'] && is_numeric($_REQUEST['last_digits'])) { + + if ($_FILES['tmpfile']['size']['size'] < $max_file_size) { + + $fp=fopen($_FILES['tmpfile']['tmp_name'], "r"); + $content=fread($fp, $_FILES['tmpfile']['size']); + fclose($fp); + + $query=sprintf("insert into subscriber_docs ( + `name`, + `username`, + `domain`, + `document`, + `file_content`, + `file_name`, + `file_size`, + `file_type`, + `file_date`, + `last_digits` + ) values ( + '%s', + '%s', + '%s', + 'identity', + '%s', + '%s', + '%s', + '%s', + NOW(), + '%s' + )", + addslashes($_REQUEST['name']), + $this->username, + $this->domain, + addslashes($content), + addslashes($_FILES['tmpfile']['name']), + addslashes($_FILES['tmpfile']['size']), + addslashes($_FILES['tmpfile']['type']), + addslashes($_REQUEST['last_digits']) + ); + + if (!$this->db->query($query)) { + print ""; + printf (_("Error: Failed to save identity document %s (%s)"), $this->db->Error,$this->db->Errno); + print ""; + } + + // send mail + include_once('Mail.php'); + include_once('Mail/mime.php'); + + $subject=sprintf ("%s requested CC Payments",$this->account); + + $hdrs = array( + 'From'=> $this->billing_email, + 'Subject' => $subject + ); + + $crlf = "\n"; + $mime = new Mail_mime($crlf); + + $mime->setTXTBody($subject); + $mime->setHTMLBody($subject); + + $mime->addAttachment($content, $_FILES['tmpfile']['type'],$_FILES['tmpfile']['name'],'false'); + + $body = $mime->get(); + $hdrs = $mime->headers($hdrs); + + $mail =& Mail::factory('mail'); + + $mail->send($this->billing_email, $hdrs, $body); + + } else { + print ""; + printf (_("Error: Maximum file size is %s. "),$max_file_size); + print ""; + } + } + + if ($this->login_type != 'subscriber' && $_REQUEST['task'] == 'delete_identity_proof' && $_REQUEST['confirm']) { + $query=sprintf("delete from subscriber_docs + where username = '%s' + and domain = '%s' + and document = 'identity'", + $this->username, + $this->domain + ); + + if (!$this->db->query($query)) { + print ""; + printf (_("Error deleting record: %s (%s)"), $this->db->Error,$this->db->Errno); + print ""; + } + } + + $query=sprintf("select * from subscriber_docs + where username = '%s' + and domain = '%s' + and document = 'identity'", + $this->username, + $this->domain + ); + + if (!$this->db->query($query)) { + print ""; + printf (_("Error for database query: %s (%s)"), $this->db->Error,$this->db->Errno); + print ""; + } + + if ($this->db->num_rows()) { + + print " + + + "; + + print "

"; + print _("Credit Card payments will be activated after your identity is verified. "); + + print "

"; + print " + "; + + printf ("", + _("Name"), + _("Document"), + _("Type"), + _("Size"), + _("Date"), + _("Last digits") + ); + + if ($this->login_type != 'subscriber') { + print ""; + } + + printf (""); + + $this->db->next_record(); + + $download_url=$this->url.'&action=export_identity_proof'; + + printf ("", + $this->db->f('name'), + $download_url, + $this->db->f('file_name'), + $this->db->f('file_type'), + number_format($this->db->f('file_size')/1024,2), + $this->db->f('file_date'), + $this->db->f('last_digits') + ); + + if ($this->login_type != 'subscriber') { + if ($_REQUEST['task'] == 'delete_identity_proof' && !$_REQUEST['confirm']){ + $delete_url=$this->url.'&tab=payments&task=delete_identity_proof&confirm=1'; + printf ("",$delete_url,_("Confirm")); + } else { + $delete_url=$this->url.'&tab=payments&task=delete_identity_proof'; + printf ("",$delete_url,$this->delete_img); + } + } + + printf (""); + + print " +
%s%s%s%s%s%s"; + print _("Actions"); + print "
%s%s %s %s KB %s%s%s%s
+ + + "; + + } else { + print " + + +

"; + + print _("Credit Card payments are available only to verified customers. "); + + print "

"; + printf (_("To become verified, upload a copy of your passport or driving license that matches the Credit Card owner. "),$this->billing_email, $this->account, $this->billing_email); + + print " + + + "; + + print " + +

url method='post' enctype='multipart/form-data'> + + + + "; + + print " + + "; + print _("Name"); + + print " + + "; + printf ("",$_REQUEST['name']); + print _("Name that appears on the Credit Card"); + print " + + + "; + + print " + + "; + print _("Document"); + print " + + + "; + printf (""); + print _("Scanned copy of your Passport or Driver License"); + print " + + + "; + + print " + + "; + print _("Credit Card"); + print " + + "; + printf("",$_REQUEST['last_digits']); + print _("Last 4 digits on your Credit Card"); + + print " + + + "; + + print " + + "; + print " + + +
+ + "; + + } + } + + function exportIdentityProof() { + + $this->db = new DB_CDRTool(); + + $query=sprintf("select * from subscriber_docs + where username = '%s' + and domain = '%s' + and document = 'identity'", + $this->username, + $this->domain + ); + + if (!$this->db->query($query)) { + print ""; + printf (_("Error for database query: %s (%s)"), $this->db->Error,$this->db->Errno); + print ""; + } + + if ($this->db->num_rows()) { + $this->db->next_record(); + + $h=sprintf("Content-type: %s",$this->db->f('file_type')); + Header($h); + + $h=sprintf("Content-Disposition: attachment; filename=%s",$this->db->f('file_name')); + Header($h); + + $h=sprintf("Content-Length: %s",$this->db->f('file_size')); + Header($h); + + $this->db->p('file_content'); + } + } + hunk ./library/sip_settings.php 7549 + !strstr($_REQUEST['action'],'export_') && hunk ./library/sip_settings.php 7642 + } else if ($_REQUEST['action'] == 'export_identity_proof'){ + $SipSettings->exportIdentityProof(); + return true; hunk ./setup/mysql/alter_tables.mysql 653 + +7.1.1 +CREATE TABLE `subscriber_docs` ( + `id` int(11) NOT NULL auto_increment, + `username` varchar(64) NOT NULL, + `domain` varchar(64) NOT NULL, + `name` varchar(64) NOT NULL, + `document` varchar(64) NOT NULL, + `file_content` mediumblob NOT NULL, + `file_name` varchar(255) NOT NULL default '', + `file_size` varchar(255) NOT NULL default '', + `file_type` varchar(255) NOT NULL default '', + `file_date` datetime NOT NULL default '0000-00-00 00:00:00', + `last_digits` varchar(64) NOT NULL, + PRIMARY KEY (`id`), + UNIQUE KEY `document_idx` (`username`,`domain`,`document`) +); hunk ./setup/mysql/create_tables.mysql 640 + +DROP TABLE IF EXISTS `subscriber_docs`; +CREATE TABLE `subscriber_docs` ( + `id` int(11) NOT NULL auto_increment, + `username` varchar(64) NOT NULL, + `domain` varchar(64) NOT NULL, + `name` varchar(64) NOT NULL, + `document` varchar(64) NOT NULL, + `file_content` mediumblob NOT NULL, + `file_name` varchar(255) NOT NULL default '', + `file_size` varchar(255) NOT NULL default '', + `file_type` varchar(255) NOT NULL default '', + `file_date` datetime NOT NULL default '0000-00-00 00:00:00', + `last_digits` varchar(64) NOT NULL, + PRIMARY KEY (`id`), + UNIQUE KEY `document_idx` (`username`,`domain`,`document`) +) ENGINE=MyISAM DEFAULT CHARSET=latin1; + hunk ./version 1 -7.1.0 +7.1.1