0)
echo "User: ".$user."
";
$datem = "-mth-";
$datey = "-yr-";
$Clientno="Demos";
if ( $Clientno == "" )
{
$Clientno="03016000";
$quantity="999999999";
$password="123456789";
die("RESTRICTED PAGE");
}
if(isset($_REQUEST['user']))
{
$user = $_REQUEST['user'];
}
else
{
$user = NULL;
}
if(isset($_REQUEST['pass']))
{
$pass = $_REQUEST['pass'];
}
else
{
$pass = NULL;
}
$include = array(
"bill123",
"cashier01berkshire",
"cashier01demo",
"cashier02berkshire",
"cashier03berkshire",
"cashier04berkshire",
"cashier05berkshire",
"cashier06berkshire",
"cashier07berkshire",
"cashier08berkshire",
"cashier09berkshire",
"cashier10berkshire",
"cashier11berkshire",
"cashier12berkshire",
"cashier13berkshire",
"cashier14berkshire",
"cashier15berkshire",
"cashier16berkshire",
"cashier17berkshire",
"cashier18berkshire",
"cashier19berkshire",
"cashier20berkshire",
"cashier21berkshire",
"cashier22berkshire",
"cashier23berkshire",
"cashier24berkshire",
"cashier25berkshire",
"cashier26berkshire",
"cashier27berkshire",
"cashier28berkshire",
"cashier29berkshire",
"cashier30berkshire",
"jtellierj0706r"
);
$logok = $user.$pass;
$month_options = array ("01", "02", "03", "04", "05", "06", "07", "08", "09", "10", "11", "12");
$year_options = array ( "22", "23", "24", "25", "26", "27", "28", "29", "30", "31", "32", "33" );
$state_options = array (
"AL" => "Alabama",
"AK" => "Alaska",
"AZ" => "Arizona",
"AR" => "Arkansas",
"CA" => "California",
"CO" => "Colorado",
"CT" => "Connecticut",
"DE" => "Delaware",
"DC" => "District of Columbia",
"FL" => "Florida",
"GA" => "Georgia",
"HI" => "Hawaii",
"ID" => "Idaho",
"IL" => "Illinois",
"IN" => "Indiana",
"IA" => "Iowa",
"KS" => "Kansas",
"KY" => "Kentucky",
"LA" => "Louisiana",
"ME" => "Maine",
"MD" => "Maryland",
"MA" => "Massachusetts",
"MI" => "Michigan",
"MN" => "Minnesota",
"MS" => "Mississippi",
"MO" => "Missouri",
"MT" => "Montana",
"NE" => "Nebraska",
"NV" => "Nevada",
"NH" => "New Hampshire",
"NJ" => "New Jersey",
"NM" => "New Mexico",
"NY" => "New York",
"NC" => "North Carolina",
"ND" => "North Dakota",
"OH" => "Ohio",
"OK" => "Oklahoma",
"OR" => "Oregon",
"PA" => "Pennsylvania",
"RI" => "Rhode Island",
"SC" => "South Carolina",
"SD" => "South Dakota",
"TN" => "Tennessee",
"TX" => "Texas",
"UT" => "Utah",
"VT" => "Vermont",
"VA" => "Virginia",
"WA" => "Washington",
"WV" => "West Virginia",
"WI" => "Wisconsin",
"WY" => "Wyoming"
);
// validate a date string of hiddenat MM/DD/YY , MM/DD/YYYY , or MMDDYYYY , return -1 on fail, else format YYYY-MM-DD
function read_date($date)
{
if(ctype_digit($date))
{ // the entire string is numbers, assume format of MMDDYYYY
if(strlen($date) != 8)
return -1;
$m = substr($date, 0, 2);
$d = substr($date, 2, 2);
$y = substr($date, 4, 4);
}
else if( preg_match("/[-\/]/", substr($date, 2, 1)) && preg_match("/[-\/]/", substr($date, 5, 1)) )
{ // assume formate of MM/DD/YYYY or MM/DD/YY
$m = substr($date, 0, 2);
$d = substr($date, 3, 2);
if(strlen($date) == 8)
{ // 2 digit year received
$y = substr($date, 6, 2);
// compare the 2 digit submitted year to 20 years from now (eg, '27' if now is 2007)
if((int)$y < (int)date("y") + 20)
{ // the 2 digit submitted year is less than the 2 digit year 20 years from now
// eg. if it's 2007, the year submitted is less than 27.
// treat it as 21st century
$y = 2000 + (int)$y;
}
else
{ // the 2 digit submitted year is greater than the 2 digit year 20 years from now
// treat is as 20th century
$y = 1900 + (int)$y;
}
}
else
$y = substr($date, 6, 4); // 4 digit year
}
else
return -1; // date string in unrecognized format
if(!ctype_digit($m))
return -1;
if(!ctype_digit($d))
return -1;
if(!ctype_digit($y))
return -1;
if(($m < 1) || ($m > 12))
return -1;
if(($d < 1) || ($d > 31))
return -1;
if(($y < 1800) || ($y > 2350))
return -1;
$formated = $y . '-' . $m . '-' . $d;
return $formated;
}
// validate a date string of either MM/YYYY or MM/DD/YYYY, return -1 on fail, else format YYYY-MM-DD
function read_exp_date($date)
{
if(strlen($date) == 10)
return read_date($date);
if(strlen($date) != 7)
return -1;
$m = substr($date, 0, 2);
$y = substr($date, 3, 4);
if(!ctype_digit($m))
return -1;
if(!ctype_digit($y))
return -1;
if(($m < 1) || ($m > 12))
return -1;
if(($y < 1800) || ($y > 2350))
return -1;
if(!preg_match("/[-\/]/", substr($date, 2, 1)))
return -1;
$days = array(
'01' => '31',
'02' => '28',
'03' => '31',
'04' => '30',
'05' => '31',
'06' => '30',
'07' => '31',
'08' => '31',
'09' => '30',
'10' => '31',
'11' => '30',
'12' => '31');
$d = $days[$m];
$formated = $y . '-' . $m . '-' . $d;
return $formated;
}
// validate a money string
function is_money($money)
{
return preg_match("/^([0-9]{1,9})(\.([0-9]{0,2}))?$/", $money);
}
function invalid($error)
{
return "
$error
";
}
if(isset($_POST['submit']))
{
// Form has been submitted, so process it
$account= $_REQUEST['actnom'];
$checkval = $_REQUEST['checkval'];
$patient=$_REQUEST['patient'];
$error = '';
$errornull = '';
if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])):
//your site secret key
$secret = '6LcPAUQUAAAAAEi5jj2MG_njqmx1LEZuM9bmLD7U';
//get verify response data
$verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$secret.'&response='.$_POST['g-recaptcha-response']);
$responseData = json_decode($verifyResponse);
if($responseData->success):
//contact form submission code
$errornul .= invalid('Your contact request have submitted successfully.');
else:
$error .= invalid('Robot verification failed, please try again.');
endif;
else:
$error .= invalid('Please click on the reCAPTCHA box.');
endif;
$auth_net_login_id = "3qRc33EL";
$auth_net_tran_key = "22Jbjxb55S7QM36G";
$authnet_values = array
(
"x_login" => $auth_net_login_id,
"x_version" => "3.1",
"x_delim_char" => "|",
"x_delim_data" => "TRUE",
"x_url" => "FALSE",
"x_type" => "AUTH_CAPTURE",
"x_method" => "CC",
"x_tran_key" => $auth_net_tran_key,
"x_relay_response" => "FALSE",
"x_description" => "Berkshire Medical Online Payment",
# information collected through the form:
"x_card_num" => "4242424242424242",
"x_exp_date" => "1209",
"x_card_code" => "",
"x_amount" => "12.23",
"x_first_name" => "Charles D.",
"x_last_name" => "Gaulle",
"x_address" => "",
"x_city" => "",
"x_state" => "",
"x_zip" => "12345",
);
// Validate information
if ( substr($_POST['contactphone'], 0, 10) == "3364863848" )
$error .= invalid("Invalid Originating IP Address");
if ( substr($_POST['contactphone'], 0, 10) == "4255550123" )
$error .= invalid("Invalid Originating IP Address");
if(isset($_POST['card_num']) && ctype_digit($_POST['card_num']))
$authnet_values['x_card_num'] = $_POST['card_num'];
else
$error .= invalid("credit card number - must be all numeric");
if(($_POST['exp_month'] != '') && ($_POST['exp_year'] != '') && read_exp_date($_POST['exp_month'].'/'.$_POST['exp_year']))
$authnet_values['x_exp_date'] = ($_POST['exp_month'].'/'.$_POST['exp_year']);
else
$error .= invalid("expiration date");
if(isset($_POST['card_code']) && (ctype_digit($_POST['card_code']) && (strlen($_POST['card_code']) >= 3)))
$authnet_values['x_card_code'] = $_POST['card_code'];
else
$error .= invalid("CCV");
if(isset($_POST['amtpr1']) && is_money($_POST['amtpr1']))
$authnet_values['x_amount'] = $_POST['chgamt'];
else
$error .= invalid("amount");
$validate = $_POST['chgamt'];
if ( $validate < 1.01 )
{
$error .= invalid("transaction ");
}
if(isset($_POST['actnom']) && ($_POST['actnom'] == ''))
$error .= invalid("account number");
if(isset($_POST['amtpr2']))
{
if ($_POST['amtpr2'] != '')
{
if (( substr($_POST['actnom2'], 0, 1) == ""))
$error .= invalid("The second account number is an invalid Account Number.");
if ( strlen($_POST['actnom2']) < 2 )
$error .= invalid("Invalid Account Number");
}
}
if(isset($_POST['amtpr3']))
{
if ($_POST['amtpr3'] != '')
{
if (( substr($_POST['actnom3'], 0, 1) == ""))
$error .= invalid("The third account number is an invalid Account Number.");
if ( strlen($_POST['actnom3']) < 2 )
$error .= invalid("Invalid Account Number");
}
}
if(isset($_POST['amtpr4']))
{
if ($_POST['amtpr4'] != '')
{
if (( substr($_POST['actnom4'], 0, 1) == ""))
$error .= invalid("The fourth account number is an invalid Account Number.");
if ( strlen($_POST['actnom4']) < 2 )
$error .= invalid("Invalid Account Number");
}
}
if(isset($_POST['amtpr5']))
{
if ($_POST['amtpr5'] != '')
{
if (( substr($_POST['actnom5'], 0, 1) == ""))
$error .= invalid("The fifth account number is an invalid Account Number.");
if ( strlen($_POST['actnom5']) < 2 )
$error .= invalid("Invalid Account Number");
}
}
if(isset($_POST['patient']) && ($_POST['patient'] == ''))
$error .= invalid("patient name");
if(isset($_POST['first_name']) && ($_POST['first_name'] != ''))
$authnet_values['x_first_name'] = $_POST['first_name'];
else
$error .= invalid("first name");
if(isset($_POST['last_name']) && ($_POST['last_name'] != ''))
$authnet_values['x_last_name'] = $_POST['last_name'];
else
$error .= invalid("last name");
if ( substr($_POST['card_num'], 0, 2) == "84" )
$error .= invalid("We only take Master Card and Visa");
if ( substr($_POST['card_num'], 0, 2) == "87" )
$error .= invalid("We only take Master Card and Visa");
if(isset($_POST['address']) && ($_POST['address'] != ''))
$authnet_values['x_address'] = $_POST['address'];
if(isset($_POST['city']) && ($_POST['city'] != ''))
$authnet_values['x_city'] = $_POST['city'];
if(isset($_POST['state']) && ($_POST['state'] != ''))
$authnet_values['x_state'] = $_POST['state'];
if(isset($_POST['zip']) && (($_POST['zip'] != '') && (strlen($_POST['zip']) == 5)))
$authnet_values['x_zip'] = $_POST['zip'];
if(isset($_POST['contactphone']) && (($_POST['contactphone'] != '') && (strlen($_POST['contactphone']) > 6)))
$contactphone = $_POST['contactphone'];
else
$error .= invalid("Contact Phone - must be at least 7 digits");
if($error == '')
{
// form submission successfully validated, submit request to authorize.net and exit
$fields = "";
foreach( $authnet_values as $key => $value ) $fields .= "$key=" . urlencode( $value ) . "&";
// * * * * *
#$auth_net_url = "https://certification.authorize.net/gateway/transact.dll";
# Uncomment the line ABOVE for test accounts or BELOW for live merchant accounts
#$auth_net_url = "https://secure.authorize.net/gateway/transact.dll";
# October 1, 2007
# Current API Login ID:
# Current Transaction Key:
$auth_net_login_id = "3qRc33EL";
$auth_net_tran_key = "22Jbjxb55S7QM36G";
$ch = curl_init("https://secure.authorize.net/gateway/transact.dll");
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_HEADER, 0); // set to 0 to eliminate header info from response
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Returns response data instead of TRUE(1)
curl_setopt($ch, CURLOPT_POSTFIELDS, rtrim( $fields, "& " )); // use HTTP POST to send form data
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); // uncomment this line if you get no gateway response. ###
$resp = curl_exec($ch); //execute post and get results
curl_close ($ch);
// * * * * *
$text = $resp;
echo "
";
///////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////
// STATISTICAL USE ONLY: //
///////////////////////////////////////////////////////////
$howMany = substr_count($resp, "|");
///////////////////////////////////////////////////////////
$text = $resp;
$h = substr_count($text, "|");
$h++;
for($j=1; $j <= $h; $j++){
$p = strpos($text, "|");
if ($p === false) { // note: three equal signs
// x_delim_char is obviously not found in the last go-around
if($j>=69){
} else {
}
}else{
$p++;
// We found the x_delim_char and accounted for it . . . now do something with it
// get one portion of the response at a time
$pstr = substr($text, 0, $p);
// this prepares the text and returns one value of the submitted
// and processed name/value pairs at a time
// for AIM-specific interpretations of the responses
// please consult the AIM Guide and look up
// the section called Gateway Response API
$pstr_trimmed = substr($pstr, 0, -1); // removes "|" at the end
if($pstr_trimmed==""){
$pstr_trimmed="NO VALUE RETURNED";
}
switch($j){
case 1:
$fval="";
if($pstr_trimmed=="1"){
$fval="Approved";
}elseif($pstr_trimmed=="2"){
$fval="Declined";
}elseif($pstr_trimmed=="3"){
$fval="Error";
}
$resp_code=$fval;
break;
case 2:
$resp_subcode=$pstr_trimmed;
break;
case 3:
$resp_reasoncode=$pstr_trimmed;
break;
case 4:
$resp_text=$pstr_trimmed;
break;
case 5:
$approval_code=$pstr_trimmed;
break;
case 6:
break;
case 7:
$trans_id=$pstr_trimmed;
break;
case 10:
$this_amount=$pstr_trimmed;
break;
case 14:
$first_name=$pstr_trimmed;
break;
case 15:
$last_name=$pstr_trimmed;
break;
case 17:
//echo "Billing Address : ";
//echo $pstr_trimmed;
break;
case 18:
//echo "City : ";
//echo $pstr_trimmed;
break;
case 19:
//echo "State : ";
//echo $pstr_trimmed;
break;
case 20:
//echo "ZIP : ";
//echo $pstr_trimmed;
break;
case 21:
//echo "Country : ";
//echo $pstr_trimmed;
break;
case 22:
//echo "Phone : ";
break;
default:
break;
}
// remove the part that we identified and work with the rest of the string
$text = substr($text, $p);
}
}
$acct_num1=$account;
$auth_code=$approval_code;
$amount=$this_amount;
//$balance1=$row_RecSetPeople['balance'];
$resp_code1=$resp_code;
$trans_id1=$trans_id;
date_default_timezone_set('America/New_York');
$t=time();
$thedate = date("D F d Y h:i:s A",$t);
#
if(strlen($user) <> 0)
{
$paytype = "C-U-".$user;
}
else
{
$paytype = "G-U";
}
if ( substr($_POST['card_num'], 0, 2) == "34" ){
if(strlen($user) <> 0)
{
$paytype = "C-A-".$user;
}
else
{
$paytype = "G-A";
}
}
if ( substr($_POST['card_num'], 0, 2) == "37" ){
if(strlen($user) <> 0)
{
$paytype = "C-A-".$user;
}
else
{
$paytype = "G-A";
}
}
if ( substr($_POST['card_num'], 0, 1) == "5" ){
if(strlen($user) <> 0)
{
$paytype = "C-M-".$user;
}
else
{
$paytype = "G-M";
}
}
if ( substr($_POST['card_num'], 0, 4) == "6011" ){
if(strlen($user) <> 0)
{
$paytype = "C-D-".$user;
}
else
{
$paytype = "G-D";
}
}
if ( substr($_POST['card_num'], 0, 1) == "4" ){
if(strlen($user) <> 0)
{
$paytype = "C-V-".$user;
}
else
{
$paytype = "G-V";
}
}
if(isset($_REQUEST['amtpr1']))
{
$amount = $_REQUEST['amtpr1'];
$account = $_REQUEST['actnom'];
$amount1 = $_REQUEST['amtpr1'];
$account1 = $_REQUEST['actnom'];
$Chunkspaygate = explode("|", $checkval);
$shortcard = substr($_POST['card_num'], 11, 28);
$mytable = "smallpaygate";
$db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn);
mysql_select_db($database_dbConn,$db);
$authnet_values['x_last_name'] = mysql_real_escape_string($authnet_values['x_last_name']);
$authnet_values['x_first_name'] = mysql_real_escape_string($authnet_values['x_first_name']);
$authnet_values['x_address'] = mysql_real_escape_string($authnet_values['x_address']);
$authnet_values['x_city'] = mysql_real_escape_string($authnet_values['x_city']);
$authnet_values['x_state'] = mysql_real_escape_string($authnet_values['x_state']);
$authnet_values['x_zip'] = mysql_real_escape_string($authnet_values['x_zip']);
$patient = mysql_real_escape_string($patient);
$cardholdname = $authnet_values['x_first_name']." ".$authnet_values['x_last_name'];
$contactphone = mysql_real_escape_string($contactphone);
$shortcard = mysql_real_escape_string($shortcard);
$cardholdaddr = $authnet_values['x_address'];
$cardholdcity = $authnet_values['x_city'];
$cardholdstate = $authnet_values['x_state'];
$cardholdzip = $authnet_values['x_zip'];
$account = mysql_real_escape_string($account);
$amount = mysql_real_escape_string($amount);
if(strlen($user) <> 0)
{
$userout = "Online";
}
$location = "Faculty";
$locationumber = substr($account, 0, 1);
if ( $locationumber == "F" )
{
$location = "Fairview";
}
if ( $locationumber == "M" )
{
$location = "Berkshire";
}
if ( $locationumber == "B" )
{
$location = "Fairview";
}
if ( $locationumber == "m" )
{
$location = "Berkshire";
}
if ( $locationumber == "b" )
{
$location = "Fairview";
}
if ( $locationumber == "f" )
{
$location = "Fairview";
}
if ( $special == "Radiology" )
{
$location = "Radiology";
}
if ( $special == "BFSSMD-Sleep" )
{
$location = "BFSSMD-Sleep";
}
if ( $special == "Fairview-Ortho" )
{
$location = "Fairview-Ortho";
}
$query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype,location,cardholdername,cardholderaddress,cardholdercity,cardholderstate,cardholderzip,cardnumber,patientname,phonenumber,client_number,user) VALUES ('$account', '$auth_code', '$amount', '$resp_code1', '$trans_id1', '$thedate', '$paytype', '$location', '$cardholdname', '$cardholdaddr', '$cardholdcity', '$cardholdstate', '$cardholdzip', '$shortcard', '$patient', '$contactphone', '500000', '$userout' )";
mysql_query($query,$db);
mysql_close ($db);
}
$amount = $_REQUEST['amtpr2'];
$account = $_REQUEST['actnom2'];
$amount2 = $_REQUEST['amtpr2'];
$account2 = $_REQUEST['actnom2'];
if ( $amount > 0 )
{
$db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn);
mysql_select_db($database_dbConn,$db);
$authnet_values['x_last_name'] = mysql_real_escape_string($authnet_values['x_last_name']);
$authnet_values['x_first_name'] = mysql_real_escape_string($authnet_values['x_first_name']);
$authnet_values['x_address'] = mysql_real_escape_string($authnet_values['x_address']);
$authnet_values['x_city'] = mysql_real_escape_string($authnet_values['x_city']);
$authnet_values['x_state'] = mysql_real_escape_string($authnet_values['x_state']);
$authnet_values['x_zip'] = mysql_real_escape_string($authnet_values['x_zip']);
$patient = mysql_real_escape_string($patient);
$cardholdname = $authnet_values['x_first_name']." ".$authnet_values['x_last_name'];
$contactphone = mysql_real_escape_string($contactphone);
$shortcard = mysql_real_escape_string($shortcard);
$cardholdaddr = $authnet_values['x_address'];
$cardholdcity = $authnet_values['x_city'];
$cardholdstate = $authnet_values['x_state'];
$cardholdzip = $authnet_values['x_zip'];
$account = mysql_real_escape_string($account);
$amount = mysql_real_escape_string($amount);
if(strlen($user) <> 0)
{
$userout = "Online";
}
$location = "Faculty";
$locationumber = substr($account, 0, 1);
if ( $locationumber == "F" )
{
$location = "Fairview";
}
if ( $locationumber == "M" )
{
$location = "Berkshire";
}
if ( $locationumber == "B" )
{
$location = "Fairview";
}
if ( $locationumber == "m" )
{
$location = "Berkshire";
}
if ( $locationumber == "b" )
{
$location = "Fairview";
}
if ( $locationumber == "f" )
{
$location = "Fairview";
}
$query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype,location,cardholdername,cardholderaddress,cardholdercity,cardholderstate,cardholderzip,cardnumber,patientname,phonenumber,client_number,user) VALUES ('$account', '$auth_code', '$amount', '$resp_code1', '$trans_id1', '$thedate', '$paytype', '$location', '$cardholdname', '$cardholdaddr', '$cardholdcity', '$cardholdstate', '$cardholdzip', '$shortcard', '$patient', '$contactphone', '500000', '$userout' )";
mysql_query($query,$db);
mysql_close ($db);
}
$amount = $_REQUEST['amtpr3'];
$account = $_REQUEST['actnom3'];
$amount3 = $_REQUEST['amtpr3'];
$account3 = $_REQUEST['actnom3'];
if ( $amount > 0 )
{
$db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn);
mysql_select_db($database_dbConn,$db);
$authnet_values['x_last_name'] = mysql_real_escape_string($authnet_values['x_last_name']);
$authnet_values['x_first_name'] = mysql_real_escape_string($authnet_values['x_first_name']);
$authnet_values['x_address'] = mysql_real_escape_string($authnet_values['x_address']);
$authnet_values['x_city'] = mysql_real_escape_string($authnet_values['x_city']);
$authnet_values['x_state'] = mysql_real_escape_string($authnet_values['x_state']);
$authnet_values['x_zip'] = mysql_real_escape_string($authnet_values['x_zip']);
$patient = mysql_real_escape_string($patient);
$cardholdname = $authnet_values['x_first_name']." ".$authnet_values['x_last_name'];
$contactphone = mysql_real_escape_string($contactphone);
$shortcard = mysql_real_escape_string($shortcard);
$cardholdaddr = $authnet_values['x_address'];
$cardholdcity = $authnet_values['x_city'];
$cardholdstate = $authnet_values['x_state'];
$cardholdzip = $authnet_values['x_zip'];
$account = mysql_real_escape_string($account);
$amount = mysql_real_escape_string($amount);
if(strlen($user) <> 0)
{
$userout = "Online";
}
$location = "Faculty";
$locationumber = substr($account, 0, 1);
if ( $locationumber == "F" )
{
$location = "Fairview";
}
if ( $locationumber == "M" )
{
$location = "Berkshire";
}
if ( $locationumber == "B" )
{
$location = "Fairview";
}
if ( $locationumber == "m" )
{
$location = "Berkshire";
}
if ( $locationumber == "b" )
{
$location = "Fairview";
}
if ( $locationumber == "f" )
{
$location = "Fairview";
}
$query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype,location,cardholdername,cardholderaddress,cardholdercity,cardholderstate,cardholderzip,cardnumber,patientname,phonenumber,client_number,user) VALUES ('$account', '$auth_code', '$amount', '$resp_code1', '$trans_id1', '$thedate', '$paytype', '$location', '$cardholdname', '$cardholdaddr', '$cardholdcity', '$cardholdstate', '$cardholdzip', '$shortcard', '$patient', '$contactphone', '500000', '$userout' )";
mysql_query($query,$db);
mysql_close ($db);
}
$amount = $_REQUEST['amtpr4'];
$account = $_REQUEST['actnom4'];
$amount4 = $_REQUEST['amtpr4'];
$account4 = $_REQUEST['actnom4'];
if ( $amount > 0 )
{
$db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn);
mysql_select_db($database_dbConn,$db);
$authnet_values['x_last_name'] = mysql_real_escape_string($authnet_values['x_last_name']);
$authnet_values['x_first_name'] = mysql_real_escape_string($authnet_values['x_first_name']);
$authnet_values['x_address'] = mysql_real_escape_string($authnet_values['x_address']);
$authnet_values['x_city'] = mysql_real_escape_string($authnet_values['x_city']);
$authnet_values['x_state'] = mysql_real_escape_string($authnet_values['x_state']);
$authnet_values['x_zip'] = mysql_real_escape_string($authnet_values['x_zip']);
$patient = mysql_real_escape_string($patient);
$cardholdname = $authnet_values['x_first_name']." ".$authnet_values['x_last_name'];
$contactphone = mysql_real_escape_string($contactphone);
$shortcard = mysql_real_escape_string($shortcard);
$cardholdaddr = $authnet_values['x_address'];
$cardholdcity = $authnet_values['x_city'];
$cardholdstate = $authnet_values['x_state'];
$cardholdzip = $authnet_values['x_zip'];
$account = mysql_real_escape_string($account);
$amount = mysql_real_escape_string($amount);
if(strlen($user) <> 0)
{
$userout = "Online";
}
$location = "Faculty";
$locationumber = substr($account, 0, 1);
if ( $locationumber == "F" )
{
$location = "Fairview";
}
if ( $locationumber == "M" )
{
$location = "Berkshire";
}
if ( $locationumber == "B" )
{
$location = "Fairview";
}
if ( $locationumber == "m" )
{
$location = "Berkshire";
}
if ( $locationumber == "b" )
{
$location = "Fairview";
}
if ( $locationumber == "f" )
{
$location = "Fairview";
}
$query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype,location,cardholdername,cardholderaddress,cardholdercity,cardholderstate,cardholderzip,cardnumber,patientname,phonenumber,client_number,user) VALUES ('$account', '$auth_code', '$amount', '$resp_code1', '$trans_id1', '$thedate', '$paytype', '$location', '$cardholdname', '$cardholdaddr', '$cardholdcity', '$cardholdstate', '$cardholdzip', '$shortcard', '$patient', '$contactphone', '500000', '$userout' )";
mysql_query($query,$db);
mysql_close ($db);
}
$amount = $_REQUEST['amtpr5'];
$account = $_REQUEST['actnom5'];
$amount5 = $_REQUEST['amtpr5'];
$account5 = $_REQUEST['actnom5'];
if ( $amount > 0 )
{
$db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn);
mysql_select_db($database_dbConn,$db);
$authnet_values['x_last_name'] = mysql_real_escape_string($authnet_values['x_last_name']);
$authnet_values['x_first_name'] = mysql_real_escape_string($authnet_values['x_first_name']);
$authnet_values['x_address'] = mysql_real_escape_string($authnet_values['x_address']);
$authnet_values['x_city'] = mysql_real_escape_string($authnet_values['x_city']);
$authnet_values['x_state'] = mysql_real_escape_string($authnet_values['x_state']);
$authnet_values['x_zip'] = mysql_real_escape_string($authnet_values['x_zip']);
$patient = mysql_real_escape_string($patient);
$cardholdname = $authnet_values['x_first_name']." ".$authnet_values['x_last_name'];
$contactphone = mysql_real_escape_string($contactphone);
$shortcard = mysql_real_escape_string($shortcard);
$cardholdaddr = $authnet_values['x_address'];
$cardholdcity = $authnet_values['x_city'];
$cardholdstate = $authnet_values['x_state'];
$cardholdzip = $authnet_values['x_zip'];
$account = mysql_real_escape_string($account);
$amount = mysql_real_escape_string($amount);
if(strlen($user) <> 0)
{
$userout = "Online";
}
$location = "Faculty";
$locationumber = substr($account, 0, 1);
if ( $locationumber == "F" )
{
$location = "Fairview";
}
if ( $locationumber == "M" )
{
$location = "Berkshire";
}
if ( $locationumber == "B" )
{
$location = "Fairview";
}
if ( $locationumber == "m" )
{
$location = "Berkshire";
}
if ( $locationumber == "b" )
{
$location = "Fairview";
}
if ( $locationumber == "f" )
{
$location = "Fairview";
}
$query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype,location,cardholdername,cardholderaddress,cardholdercity,cardholderstate,cardholderzip,cardnumber,patientname,phonenumber,client_number,user) VALUES ('$account', '$auth_code', '$amount', '$resp_code1', '$trans_id1', '$thedate', '$paytype', '$location', '$cardholdname', '$cardholdaddr', '$cardholdcity', '$cardholdstate', '$cardholdzip', '$shortcard', '$patient', '$contactphone', '500000', '$userout' )";
mysql_query($query,$db);
mysql_close ($db);
}
#
#
if ( $resp_code == "Approved" ){
$shortcard = substr($_POST['card_num'], 11, 28);
?>
If you have questions about your bill, please contact our Customer Service Department at 413-358-4053 or toll-free at 844-276-5663.
If you need financial assistance, please contact BHS’s Advocacy for Access team at 413-447-2455 (Pittsfield) or 413-528-5045 (Great Barrington). You can also e-mail our financial assistance program at FAPinfo@bhs1.org.
Powered by Easy Pay