"; $datem = "-mth-"; $datey = "-yr-"; $Clientno="Demos"; if ( $Clientno == "" ) { $Clientno="03016000"; $quantity="999999999"; $password="123456789"; die("RESTRICTED PAGE"); } if(isset($_REQUEST['user'])) { $user = $_REQUEST['user']; } else { $user = NULL; } if(isset($_REQUEST['pass'])) { $pass = $_REQUEST['pass']; } else { $pass = NULL; } $include = array( "bill123", "cashier01berkshire", "cashier01demo", "cashier02berkshire", "cashier03berkshire", "cashier04berkshire", "cashier05berkshire", "cashier06berkshire", "cashier07berkshire", "cashier08berkshire", "cashier09berkshire", "cashier10berkshire", "cashier11berkshire", "cashier12berkshire", "cashier13berkshire", "cashier14berkshire", "cashier15berkshire", "cashier16berkshire", "cashier17berkshire", "cashier18berkshire", "cashier19berkshire", "cashier20berkshire", "cashier21berkshire", "cashier22berkshire", "cashier23berkshire", "cashier24berkshire", "cashier25berkshire", "cashier26berkshire", "cashier27berkshire", "cashier28berkshire", "cashier29berkshire", "cashier30berkshire", "jtellierj0706r" ); $logok = $user.$pass; $month_options = array ("01", "02", "03", "04", "05", "06", "07", "08", "09", "10", "11", "12"); $year_options = array ( "14", "15", "16", "17","18","19","20", "21", "22", "23", "24", "25", "26", "27", "28", "29", "30" ); $state_options = array ( "AL" => "Alabama", "AK" => "Alaska", "AZ" => "Arizona", "AR" => "Arkansas", "CA" => "California", "CO" => "Colorado", "CT" => "Connecticut", "DE" => "Delaware", "DC" => "District of Columbia", "FL" => "Florida", "GA" => "Georgia", "HI" => "Hawaii", "ID" => "Idaho", "IL" => "Illinois", "IN" => "Indiana", "IA" => "Iowa", "KS" => "Kansas", "KY" => "Kentucky", "LA" => "Louisiana", "ME" => "Maine", "MD" => "Maryland", "MA" => "Massachusetts", "MI" => "Michigan", "MN" => "Minnesota", "MS" => "Mississippi", "MO" => "Missouri", "MT" => "Montana", "NE" => "Nebraska", "NV" => "Nevada", "NH" => "New Hampshire", "NJ" => "New Jersey", "NM" => "New Mexico", "NY" => "New York", "NC" => "North Carolina", "ND" => "North Dakota", "OH" => "Ohio", "OK" => "Oklahoma", "OR" => "Oregon", "PA" => "Pennsylvania", "RI" => "Rhode Island", "SC" => "South Carolina", "SD" => "South Dakota", "TN" => "Tennessee", "TX" => "Texas", "UT" => "Utah", "VT" => "Vermont", "VA" => "Virginia", "WA" => "Washington", "WV" => "West Virginia", "WI" => "Wisconsin", "WY" => "Wyoming" ); // validate a date string of hiddenat MM/DD/YY , MM/DD/YYYY , or MMDDYYYY , return -1 on fail, else format YYYY-MM-DD function read_date($date) { if(ctype_digit($date)) { // the entire string is numbers, assume format of MMDDYYYY if(strlen($date) != 8) return -1; $m = substr($date, 0, 2); $d = substr($date, 2, 2); $y = substr($date, 4, 4); } else if( preg_match("/[-\/]/", substr($date, 2, 1)) && preg_match("/[-\/]/", substr($date, 5, 1)) ) { // assume formate of MM/DD/YYYY or MM/DD/YY $m = substr($date, 0, 2); $d = substr($date, 3, 2); if(strlen($date) == 8) { // 2 digit year received $y = substr($date, 6, 2); // compare the 2 digit submitted year to 20 years from now (eg, '27' if now is 2007) if((int)$y < (int)date("y") + 20) { // the 2 digit submitted year is less than the 2 digit year 20 years from now // eg. if it's 2007, the year submitted is less than 27. // treat it as 21st century $y = 2000 + (int)$y; } else { // the 2 digit submitted year is greater than the 2 digit year 20 years from now // treat is as 20th century $y = 1900 + (int)$y; } } else $y = substr($date, 6, 4); // 4 digit year } else return -1; // date string in unrecognized format if(!ctype_digit($m)) return -1; if(!ctype_digit($d)) return -1; if(!ctype_digit($y)) return -1; if(($m < 1) || ($m > 12)) return -1; if(($d < 1) || ($d > 31)) return -1; if(($y < 1800) || ($y > 2350)) return -1; $formated = $y . '-' . $m . '-' . $d; return $formated; } // validate a date string of either MM/YYYY or MM/DD/YYYY, return -1 on fail, else format YYYY-MM-DD function read_exp_date($date) { if(strlen($date) == 10) return read_date($date); if(strlen($date) != 7) return -1; $m = substr($date, 0, 2); $y = substr($date, 3, 4); if(!ctype_digit($m)) return -1; if(!ctype_digit($y)) return -1; if(($m < 1) || ($m > 12)) return -1; if(($y < 1800) || ($y > 2350)) return -1; if(!preg_match("/[-\/]/", substr($date, 2, 1))) return -1; $days = array( '01' => '31', '02' => '28', '03' => '31', '04' => '30', '05' => '31', '06' => '30', '07' => '31', '08' => '31', '09' => '30', '10' => '31', '11' => '30', '12' => '31'); $d = $days[$m]; $formated = $y . '-' . $m . '-' . $d; return $formated; } // validate a money string function is_money($money) { return preg_match("/^([0-9]{1,9})(\.([0-9]{0,2}))?$/", $money); } function invalid($error) { return "
"; } if(isset($_POST['submit'])) { // Form has been submitted, so process it $account= $_REQUEST['actnom']; $checkval = $_REQUEST['checkval']; $patient=$_REQUEST['patient']; $auth_net_login_id = "8563ffFG4tk9"; $auth_net_tran_key = "57v778L5EXLdA6jZ"; $authnet_values = array ( "x_login" => $auth_net_login_id, "x_version" => "3.1", "x_delim_char" => "|", "x_delim_data" => "TRUE", "x_url" => "FALSE", "x_type" => "AUTH_CAPTURE", "x_method" => "CC", "x_tran_key" => $auth_net_tran_key, "x_relay_response" => "FALSE", "x_description" => "Harrington Health System Online Payment", # information collected through the form: "x_card_num" => "4242424242424242", "x_exp_date" => "1209", "x_card_code" => "", "x_amount" => "12.23", "x_first_name" => "Charles D.", "x_last_name" => "Gaulle", "x_address" => "", "x_city" => "", "x_state" => "", "x_zip" => "12345", ); // Validate information $error = ''; if(isset($_POST['card_num']) && ctype_digit($_POST['card_num'])) $authnet_values['x_card_num'] = $_POST['card_num']; else $error .= invalid("credit card number - must be all numeric"); if(($_POST['exp_month'] != '') && ($_POST['exp_year'] != '') && read_exp_date($_POST['exp_month'].'/'.$_POST['exp_year'])) $authnet_values['x_exp_date'] = ($_POST['exp_month'].'/'.$_POST['exp_year']); else $error .= invalid("expiration date"); if(isset($_POST['card_code']) && (ctype_digit($_POST['card_code']) && (strlen($_POST['card_code']) >= 3))) $authnet_values['x_card_code'] = $_POST['card_code']; if(isset($_POST['amtpr1']) && is_money($_POST['amtpr1'])) $authnet_values['x_amount'] = $_POST['chgamt']; else $error .= invalid("amount"); if(isset($_POST['actnom']) && ($_POST['actnom'] == '')) $error .= invalid("account number"); if (( substr($_POST['actnom'], 0, 5) != "H0003") && (substr($_POST['actnom'], 0, 5) != "H0004") && (substr($_POST['actnom'], 0, 5) != "H0002")) $error .= invalid("Hospital Account Numbers must be begin with H000 and are for Hospital Accounts only."); if ( strlen($_POST['actnom']) != 12 ) $error .= invalid("Invalid Hospital Account Number"); if(isset($_POST['patient']) && ($_POST['patient'] == '')) $error .= invalid("patient name"); if(isset($_POST['first_name']) && ($_POST['first_name'] != '')) $authnet_values['x_first_name'] = $_POST['first_name']; else $error .= invalid("first name"); if(isset($_POST['last_name']) && ($_POST['last_name'] != '')) $authnet_values['x_last_name'] = $_POST['last_name']; else $error .= invalid("last name"); if ( substr($_POST['card_num'], 0, 2) == "84" ) $error .= invalid("We only take Master Card and Visa"); if ( substr($_POST['card_num'], 0, 2) == "87" ) $error .= invalid("We only take Master Card and Visa"); if(isset($_POST['address']) && ($_POST['address'] != '')) $authnet_values['x_address'] = $_POST['address']; if(isset($_POST['city']) && ($_POST['city'] != '')) $authnet_values['x_city'] = $_POST['city']; if(isset($_POST['state']) && ($_POST['state'] != '')) $authnet_values['x_state'] = $_POST['state']; if(isset($_POST['zip']) && (($_POST['zip'] != '') && (strlen($_POST['zip']) == 5))) $authnet_values['x_zip'] = $_POST['zip']; if(isset($_POST['contactphone']) && (($_POST['contactphone'] != '') && (strlen($_POST['contactphone']) > 6))) $contactphone = $_POST['contactphone']; else $error .= invalid("Contact Phone - must be at least 7 digits"); if($error == '') { // form submission successfully validated, submit request to authorize.net and exit $fields = ""; foreach( $authnet_values as $key => $value ) $fields .= "$key=" . urlencode( $value ) . "&"; // * * * * * #$auth_net_url = "https://certification.authorize.net/gateway/transact.dll"; # Uncomment the line ABOVE for test accounts or BELOW for live merchant accounts #$auth_net_url = "https://secure.authorize.net/gateway/transact.dll"; # October 1, 2007 # Current API Login ID: # Current Transaction Key: $auth_net_login_id = "8563ffFG4tk9"; $auth_net_tran_key = "57v778L5EXLdA6jZ"; $ch = curl_init("https://secure.authorize.net/gateway/transact.dll"); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_HEADER, 0); // set to 0 to eliminate header info from response curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Returns response data instead of TRUE(1) curl_setopt($ch, CURLOPT_POSTFIELDS, rtrim( $fields, "& " )); // use HTTP POST to send form data curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); // uncomment this line if you get no gateway response. ### $resp = curl_exec($ch); //execute post and get results curl_close ($ch); // * * * * * $text = $resp; echo "
"; /////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////// // STATISTICAL USE ONLY: // /////////////////////////////////////////////////////////// $howMany = substr_count($resp, "|"); /////////////////////////////////////////////////////////// $text = $resp; $h = substr_count($text, "|"); $h++; for($j=1; $j <= $h; $j++){ $p = strpos($text, "|"); if ($p === false) { // note: three equal signs // x_delim_char is obviously not found in the last go-around if($j>=69){ } else { } }else{ $p++; // We found the x_delim_char and accounted for it . . . now do something with it // get one portion of the response at a time $pstr = substr($text, 0, $p); // this prepares the text and returns one value of the submitted // and processed name/value pairs at a time // for AIM-specific interpretations of the responses // please consult the AIM Guide and look up // the section called Gateway Response API $pstr_trimmed = substr($pstr, 0, -1); // removes "|" at the end if($pstr_trimmed==""){ $pstr_trimmed="NO VALUE RETURNED"; } switch($j){ case 1: $fval=""; if($pstr_trimmed=="1"){ $fval="Approved"; }elseif($pstr_trimmed=="2"){ $fval="Declined"; }elseif($pstr_trimmed=="3"){ $fval="Error"; } $resp_code=$fval; break; case 2: $resp_subcode=$pstr_trimmed; break; case 3: $resp_reasoncode=$pstr_trimmed; break; case 4: $resp_text=$pstr_trimmed; break; case 5: $approval_code=$pstr_trimmed; break; case 6: break; case 7: $trans_id=$pstr_trimmed; break; case 10: $this_amount=$pstr_trimmed; break; case 14: $first_name=$pstr_trimmed; break; case 15: $last_name=$pstr_trimmed; break; case 17: //echo "Billing Address : "; //echo $pstr_trimmed; break; case 18: //echo "City : "; //echo $pstr_trimmed; break; case 19: //echo "State : "; //echo $pstr_trimmed; break; case 20: //echo "ZIP : "; //echo $pstr_trimmed; break; case 21: //echo "Country : "; //echo $pstr_trimmed; break; case 22: //echo "Phone : "; break; default: break; } // remove the part that we identified and work with the rest of the string $text = substr($text, $p); } } $acct_num1=$account; $auth_code=$approval_code; $amount=$this_amount; //$balance1=$row_RecSetPeople['balance']; $resp_code1=$resp_code; $trans_id1=$trans_id; date_default_timezone_set('America/New_York'); $t=time(); $thedate = date("D F d Y h:i:s A",$t); # if(strlen($user) <> 0) { $paytype = "C-U-".$user; } else { $paytype = "G-U"; } if ( substr($_POST['card_num'], 0, 2) == "34" ){ if(strlen($user) <> 0) { $paytype = "C-A-".$user; } else { $paytype = "G-A"; } } if ( substr($_POST['card_num'], 0, 2) == "37" ){ if(strlen($user) <> 0) { $paytype = "C-A-".$user; } else { $paytype = "G-A"; } } if ( substr($_POST['card_num'], 0, 1) == "5" ){ if(strlen($user) <> 0) { $paytype = "C-M-".$user; } else { $paytype = "G-M"; } } if ( substr($_POST['card_num'], 0, 4) == "6011" ){ if(strlen($user) <> 0) { $paytype = "C-D-".$user; } else { $paytype = "G-D"; } } if ( substr($_POST['card_num'], 0, 1) == "4" ){ if(strlen($user) <> 0) { $paytype = "C-V-".$user; } else { $paytype = "G-V"; } } if(isset($_REQUEST['amtpr1'])) { $amount = $_REQUEST['amtpr1']; $account = $_REQUEST['actnom']; $amount1 = $_REQUEST['amtpr1']; $account1 = $_REQUEST['actnom']; $Chunkspaygate = explode("|", $checkval); $shortcard = substr($_POST['card_num'], 12, 28); $mytable = "smallpaygate"; $db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn); mysql_select_db($database_dbConn,$db); $authnet_values['x_last_name'] = mysql_real_escape_string($authnet_values['x_last_name']); $authnet_values['x_first_name'] = mysql_real_escape_string($authnet_values['x_first_name']); $authnet_values['x_address'] = mysql_real_escape_string($authnet_values['x_address']); $authnet_values['x_city'] = mysql_real_escape_string($authnet_values['x_city']); $authnet_values['x_state'] = mysql_real_escape_string($authnet_values['x_state']); $authnet_values['x_zip'] = mysql_real_escape_string($authnet_values['x_zip']); $patient = mysql_real_escape_string($patient); $cardholdname = $authnet_values['x_first_name']." ".$authnet_values['x_last_name']; $contactphone = mysql_real_escape_string($contactphone); $shortcard = mysql_real_escape_string($shortcard); $cardholdaddr = $authnet_values['x_address']; $cardholdcity = $authnet_values['x_city']; $cardholdstate = $authnet_values['x_state']; $cardholdzip = $authnet_values['x_zip']; $account = mysql_real_escape_string($account); $amount = mysql_real_escape_string($amount); if(strlen($user) <> 0) { $userout = "Online"; } $location = "Faculty"; $locationumber = substr($account, 0, 1); if ( $locationumber == "F" ) { $location = "Fairview"; } if ( $locationumber == "M" ) { $location = "Berkshire"; } if ( $locationumber == "B" ) { $location = "Fairview"; } if ( $locationumber == "m" ) { $location = "Berkshire"; } if ( $locationumber == "b" ) { $location = "Fairview"; } if ( $locationumber == "f" ) { $location = "Fairview"; } $query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype,location,cardholdername,cardholderaddress,cardholdercity,cardholderstate,cardholderzip,cardnumber,patientname,phonenumber,client_number,user) VALUES ('$account', '$auth_code', '$amount', '$resp_code1', '$trans_id1', '$thedate', '$paytype', '$location', '$cardholdname', '$cardholdaddr', '$cardholdcity', '$cardholdstate', '$cardholdzip', '$shortcard', '$patient', '$contactphone', '500001', '$userout' )"; mysql_query($query,$db); mysql_close ($db); } $amount = $_REQUEST['amtpr2']; $account = $_REQUEST['actnom2']; $amount2 = $_REQUEST['amtpr2']; $account2 = $_REQUEST['actnom2']; if ( $amount > 0 ) { $db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn); mysql_select_db($database_dbConn,$db); $authnet_values['x_last_name'] = mysql_real_escape_string($authnet_values['x_last_name']); $authnet_values['x_first_name'] = mysql_real_escape_string($authnet_values['x_first_name']); $authnet_values['x_address'] = mysql_real_escape_string($authnet_values['x_address']); $authnet_values['x_city'] = mysql_real_escape_string($authnet_values['x_city']); $authnet_values['x_state'] = mysql_real_escape_string($authnet_values['x_state']); $authnet_values['x_zip'] = mysql_real_escape_string($authnet_values['x_zip']); $patient = mysql_real_escape_string($patient); $cardholdname = $authnet_values['x_first_name']." ".$authnet_values['x_last_name']; $contactphone = mysql_real_escape_string($contactphone); $shortcard = mysql_real_escape_string($shortcard); $cardholdaddr = $authnet_values['x_address']; $cardholdcity = $authnet_values['x_city']; $cardholdstate = $authnet_values['x_state']; $cardholdzip = $authnet_values['x_zip']; $account = mysql_real_escape_string($account); $amount = mysql_real_escape_string($amount); if(strlen($user) <> 0) { $userout = "Online"; } $location = "Faculty"; $locationumber = substr($account, 0, 1); if ( $locationumber == "F" ) { $location = "Fairview"; } if ( $locationumber == "M" ) { $location = "Berkshire"; } if ( $locationumber == "B" ) { $location = "Fairview"; } if ( $locationumber == "m" ) { $location = "Berkshire"; } if ( $locationumber == "b" ) { $location = "Fairview"; } if ( $locationumber == "f" ) { $location = "Fairview"; } $query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype,location,cardholdername,cardholderaddress,cardholdercity,cardholderstate,cardholderzip,cardnumber,patientname,phonenumber,client_number,user) VALUES ('$account', '$auth_code', '$amount', '$resp_code1', '$trans_id1', '$thedate', '$paytype', '$location', '$cardholdname', '$cardholdaddr', '$cardholdcity', '$cardholdstate', '$cardholdzip', '$shortcard', '$patient', '$contactphone', '500001', '$userout' )"; mysql_query($query,$db); mysql_close ($db); } $amount = $_REQUEST['amtpr3']; $account = $_REQUEST['actnom3']; $amount3 = $_REQUEST['amtpr3']; $account3 = $_REQUEST['actnom3']; if ( $amount > 0 ) { $db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn); mysql_select_db($database_dbConn,$db); $authnet_values['x_last_name'] = mysql_real_escape_string($authnet_values['x_last_name']); $authnet_values['x_first_name'] = mysql_real_escape_string($authnet_values['x_first_name']); $authnet_values['x_address'] = mysql_real_escape_string($authnet_values['x_address']); $authnet_values['x_city'] = mysql_real_escape_string($authnet_values['x_city']); $authnet_values['x_state'] = mysql_real_escape_string($authnet_values['x_state']); $authnet_values['x_zip'] = mysql_real_escape_string($authnet_values['x_zip']); $patient = mysql_real_escape_string($patient); $cardholdname = $authnet_values['x_first_name']." ".$authnet_values['x_last_name']; $contactphone = mysql_real_escape_string($contactphone); $shortcard = mysql_real_escape_string($shortcard); $cardholdaddr = $authnet_values['x_address']; $cardholdcity = $authnet_values['x_city']; $cardholdstate = $authnet_values['x_state']; $cardholdzip = $authnet_values['x_zip']; $account = mysql_real_escape_string($account); $amount = mysql_real_escape_string($amount); if(strlen($user) <> 0) { $userout = "Online"; } $location = "Faculty"; $locationumber = substr($account, 0, 1); if ( $locationumber == "F" ) { $location = "Fairview"; } if ( $locationumber == "M" ) { $location = "Berkshire"; } if ( $locationumber == "B" ) { $location = "Fairview"; } if ( $locationumber == "m" ) { $location = "Berkshire"; } if ( $locationumber == "b" ) { $location = "Fairview"; } if ( $locationumber == "f" ) { $location = "Fairview"; } $query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype,location,cardholdername,cardholderaddress,cardholdercity,cardholderstate,cardholderzip,cardnumber,patientname,phonenumber,client_number,user) VALUES ('$account', '$auth_code', '$amount', '$resp_code1', '$trans_id1', '$thedate', '$paytype', '$location', '$cardholdname', '$cardholdaddr', '$cardholdcity', '$cardholdstate', '$cardholdzip', '$shortcard', '$patient', '$contactphone', '500001', '$userout' )"; mysql_query($query,$db); mysql_close ($db); } $amount = $_REQUEST['amtpr4']; $account = $_REQUEST['actnom4']; $amount4 = $_REQUEST['amtpr4']; $account4 = $_REQUEST['actnom4']; if ( $amount > 0 ) { $db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn); mysql_select_db($database_dbConn,$db); $authnet_values['x_last_name'] = mysql_real_escape_string($authnet_values['x_last_name']); $authnet_values['x_first_name'] = mysql_real_escape_string($authnet_values['x_first_name']); $authnet_values['x_address'] = mysql_real_escape_string($authnet_values['x_address']); $authnet_values['x_city'] = mysql_real_escape_string($authnet_values['x_city']); $authnet_values['x_state'] = mysql_real_escape_string($authnet_values['x_state']); $authnet_values['x_zip'] = mysql_real_escape_string($authnet_values['x_zip']); $patient = mysql_real_escape_string($patient); $cardholdname = $authnet_values['x_first_name']." ".$authnet_values['x_last_name']; $contactphone = mysql_real_escape_string($contactphone); $shortcard = mysql_real_escape_string($shortcard); $cardholdaddr = $authnet_values['x_address']; $cardholdcity = $authnet_values['x_city']; $cardholdstate = $authnet_values['x_state']; $cardholdzip = $authnet_values['x_zip']; $account = mysql_real_escape_string($account); $amount = mysql_real_escape_string($amount); if(strlen($user) <> 0) { $userout = "Online"; } $location = "Faculty"; $locationumber = substr($account, 0, 1); if ( $locationumber == "F" ) { $location = "Fairview"; } if ( $locationumber == "M" ) { $location = "Berkshire"; } if ( $locationumber == "B" ) { $location = "Fairview"; } if ( $locationumber == "m" ) { $location = "Berkshire"; } if ( $locationumber == "b" ) { $location = "Fairview"; } if ( $locationumber == "f" ) { $location = "Fairview"; } $query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype,location,cardholdername,cardholderaddress,cardholdercity,cardholderstate,cardholderzip,cardnumber,patientname,phonenumber,client_number,user) VALUES ('$account', '$auth_code', '$amount', '$resp_code1', '$trans_id1', '$thedate', '$paytype', '$location', '$cardholdname', '$cardholdaddr', '$cardholdcity', '$cardholdstate', '$cardholdzip', '$shortcard', '$patient', '$contactphone', '500001', '$userout' )"; mysql_query($query,$db); mysql_close ($db); } $amount = $_REQUEST['amtpr5']; $account = $_REQUEST['actnom5']; $amount5 = $_REQUEST['amtpr5']; $account5 = $_REQUEST['actnom5']; if ( $amount > 0 ) { $db = mysql_connect($hostname_dbConn, $username_dbConn, $password_dbConn); mysql_select_db($database_dbConn,$db); $authnet_values['x_last_name'] = mysql_real_escape_string($authnet_values['x_last_name']); $authnet_values['x_first_name'] = mysql_real_escape_string($authnet_values['x_first_name']); $authnet_values['x_address'] = mysql_real_escape_string($authnet_values['x_address']); $authnet_values['x_city'] = mysql_real_escape_string($authnet_values['x_city']); $authnet_values['x_state'] = mysql_real_escape_string($authnet_values['x_state']); $authnet_values['x_zip'] = mysql_real_escape_string($authnet_values['x_zip']); $patient = mysql_real_escape_string($patient); $cardholdname = $authnet_values['x_first_name']." ".$authnet_values['x_last_name']; $contactphone = mysql_real_escape_string($contactphone); $shortcard = mysql_real_escape_string($shortcard); $cardholdaddr = $authnet_values['x_address']; $cardholdcity = $authnet_values['x_city']; $cardholdstate = $authnet_values['x_state']; $cardholdzip = $authnet_values['x_zip']; $account = mysql_real_escape_string($account); $amount = mysql_real_escape_string($amount); if(strlen($user) <> 0) { $userout = "Online"; } $location = "Faculty"; $locationumber = substr($account, 0, 1); if ( $locationumber == "F" ) { $location = "Fairview"; } if ( $locationumber == "M" ) { $location = "Berkshire"; } if ( $locationumber == "B" ) { $location = "Fairview"; } if ( $locationumber == "m" ) { $location = "Berkshire"; } if ( $locationumber == "b" ) { $location = "Fairview"; } if ( $locationumber == "f" ) { $location = "Fairview"; } $query = "INSERT INTO $mytable (acct_num,auth_code,paid,resp_code,trans_id,date_time,transtype,location,cardholdername,cardholderaddress,cardholdercity,cardholderstate,cardholderzip,cardnumber,patientname,phonenumber,client_number,user) VALUES ('$account', '$auth_code', '$amount', '$resp_code1', '$trans_id1', '$thedate', '$paytype', '$location', '$cardholdname', '$cardholdaddr', '$cardholdcity', '$cardholdstate', '$cardholdzip', '$shortcard', '$patient', '$contactphone', '500001', '$userout' )"; mysql_query($query,$db); mysql_close ($db); } # # if ( $resp_code == "Approved" ){ $shortcard = substr($_POST['card_num'], 10, 28); ?>
Payment Confirmation
";
$headers = "From: $from"."\n";
$headers = "From: "."customerservice@ajh.org"."\n" ;
$headers .= "Content-type: text/html; charset=iso-8859-1"."\r\n" ."X-Mailer: php"."\n";
$Name = "Customer Service at Southcoast Health System"; //senders name
$email = "customerservice@credit-services.com"; //senders e-mail adress
$mail_body = $body; //mail body
$subject = "Online Payment Confirmation"; //subject
$header = "From: ". $Name . " <" . $email . ">\r\n"; //optional headerfields
$header .= "cc: bpike@bpltd.net\r\n";
$header .= "Content-type: text/html; charset=iso-8859-1"."\r\n" ."X-Mailer: php "."\n";
$recipient = $_REQUEST['emaddress'];
require_once('/srv/include/ses.php');
$ses = new SimpleEmailService('AKIAJQQ5ATRMO2M3DJAQ', 'GKG0mn5MYkiCumPcyUsK0XZHrtfPHS+BQ4dem5Wm');
$recipient2 = "bpike@credit-services.com";
$m = new SimpleEmailServiceMessage();
$m->addTo($recipient);
$m->addBCC('bpike@bpltd.net');
$m->setFrom('"Customer Service Harrington Health Systems" ');
$m->setSubject($subject);
$m->setMessageFromString($text, $html);
$m->setMessageCharset('ISO-8859-1');
print_r($ses->sendEmail($m));
}
?>
Required fields are marked with an (*).
Invoice Information
Billing Information
| |||||
For your protection, transactions with identical amounts and credit card information,
submitted within 2 minutes of each other, are considered duplicate entries and are not processed by our system. Please wait
2 minutes before paying another account with the same dollar amount. Thank You
Credit Card Declined
Your Credit Card was declined. The following reason was given: Amount
#"; echo "
- $error
« go back"; $continue = "n"; ?>
AT LEAST ONE ACCOUNT HAS TO BE SELECTED FOR PAYMENT. PLEASE USE THE BACK ARROW OF YOUR BROWSER. THANK YOU! Please note: If you are paying for more than one visit at Harrington Health Systems you must list each visit separately, using the appropriate account number and the amount you are paying on each account.Required fields are marked with an (*).