private void ResubmitZinc(string oldid)
{
string sql = "Select * from Orders where id = '" + BMS.PurifySQL(oldid, 20) + "'";
DataTable oldOrder = gData.GetDataTable2(sql);
if (oldOrder.Rows.Count < 1)
{
return;
}
sql = "Select * from products where id='" + BMS.PurifySQL(oldOrder.Rows[0]["productid"].ToString(), 40) + "'";
DataTable dtProd = gData.GetDataTable2(sql);
if (dtProd.Rows.Count < 1)
{
return;
}
ZincOps.zinc_address zTo = ZincOps.GetDeliveryAddress(oldOrder.Rows[0]["addressbookid"].ToString());
string sProductGuid = oldOrder.Rows[0]["productid"].ToNonNullString();
string sProductID = dtProd.Rows[0]["product_id"].ToNonNullString();
string sOrderID = Guid.NewGuid().ToString();
double nMaxPrice = 25;
DACResult r = ZincOps.Zinc_CreateOrder(zTo, nMaxPrice, sProductID, sOrderID);
if (r.sError != "")
{
MsgBox("Buying Error", "Sorry, the purchase Failed. Exception: " + r.sError + ". You have not been charged. ", this);
}
else
{
double dPriceUSD = GetDouble(dtProd.Rows[0]["price"]) / 100;
string sNotes = "Store purchase: " + dtProd.Rows[0]["Title"] + ", Item: "
+ dtProd.Rows[0]["product_id"] + ", Amount: $" + DoFormat(dPriceUSD);
double nPriceBBP = GetDouble(oldOrder.Rows[0]["bbpprice"]);
string sStatus = "PROCESSING";
string sql1 = "Insert into Orders (id, retailer, productid, addressbookid, status, added, updated, notes, zincid, userid, bbpprice) values ('"
+ sOrderID + "','AMAZON','"
+ BMS.PurifySQL(sProductGuid, 256) + "','"
+ BMS.PurifySQL(oldOrder.Rows[0]["addressbookid"].ToString(), 100) + "','"
+ sStatus + "',getdate(),getdate(),null,'" + r.sResult
+ "','" + gUser(this).UserId.ToString() + "','" + nPriceBBP.ToString() + "')";
gData.Exec(sql1);
}
}
protected void btnBuy_Click(object sender, EventArgs e)
{
string sID = Request.QueryString["buyid"].ToNonNullString();
string sql = "Select * from Products Where id='" + BMS.PurifySQL(sID, 200) + "' and deleted=0";
DataTable dt = gData.GetDataTable2(sql);
if (dt.Rows.Count < 1)
{
MsgBox("Error", "Item no longer available.", this);
}
double dPriceUSD = GetDouble(dt.Rows[0]["Price"].ToString()) / 100;
double nSaleAmount = GetDouble(GetBMSConfigurationKeyValue("amazonsale"));
double nPriceBBP = GetBBPAmountDouble(dPriceUSD, nSaleAmount);
if (dPriceUSD < 1)
{
MsgBox("Error", "This items price is not correct. ", this);
}
if (gUser(this).LoggedIn == false)
{
MsgBox("Log In Error", "Sorry, you must be logged in first.", this);
return;
}
if (gUser(this).TwoFactorAuthorized == false || gUser(this).Require2FA != 1)
{
MsgBox("Two Factor Not Enabled", "Sorry, you cannot spend unless you enable two factor authorization. Please go to the Account Edit page to enable 2FA. ", this);
return;
}
// Amazon Promotion $5
double nUnlockAmazon = gData.GetScalarDoubleFromObject("Users", "UnlockAmazon", gUser(this).UserId);
double nMax = GetBBPAmountDouble(5);
double nBal = DataOps.GetUserBalance(gUser(this).UserId.ToString());
if (nUnlockAmazon == 1 && (nPriceBBP <= nMax || nBal + nMax >= nPriceBBP))
{
string sql2 = "Update Users set unlockamazon=2 where id = '" + gUser(this).UserId.ToString() + "'";
gData.Exec(sql2);
// End of promotion
if (nPriceBBP < nMax)
{
nMax = nPriceBBP;
}
string sNarr = "Promotional Store Credit";
DataOps.AdjBalance(nMax + 100, gUser(this).UserId.ToString(), sNarr);
Log("Giving away promotional store credit to " + gUser(this).EmailAddress);
}
if (nBal == 0 || nBal < 1 || nPriceBBP > nBal || nPriceBBP > 20000000)
{
MsgBox("Insufficient Funds", "Sorry, the amount requested exceeds your balance.", this);
return;
}
// Buy then adjust
string deliveryid = ddDeliveryAddress.SelectedValue;
ZincOps.zinc_address zTo = ZincOps.GetDeliveryAddress(deliveryid);
string sProductID = dt.Rows[0]["product_id"].ToNonNullString();
if (sProductID == "")
{
MsgBox("Error", "Unable to find item.", this);
}
string sOrderID = Guid.NewGuid().ToString();
double nMaxPrice = Math.Round(dPriceUSD + 5, 0);
DACResult r = ZincOps.Zinc_CreateOrder(zTo, nMaxPrice, sProductID, sOrderID);
if (r.sError != "")
{
MsgBox("Buying Error", "Sorry, the purchase Failed. Exception: " + r.sError + ". You have not been charged. ", this);
}
else
{
string sNotes = "Store purchase: " + dt.Rows[0]["Title"] + ", Item: " + dt.Rows[0]["product_id"] + ", Amount: $" + DoFormat(dPriceUSD);
DataOps.AdjBalance(-1 * nPriceBBP, gUser(this).UserId.ToString(), sNotes);
string sStatus = "PROCESSING";
string sql1 = "Insert into Orders (id, retailer, productid, addressbookid, status, added, updated, notes, zincid, userid, bbpprice) values ('"
+ sOrderID + "','AMAZON','"
+ BMS.PurifySQL(sID, 256) + "','"
+ BMS.PurifySQL(ddDeliveryAddress.SelectedValue.ToString(), 100) + "','"
+ sStatus + "',getdate(),getdate(),null,'" + r.sResult + "','" + gUser(this).UserId.ToString() + "','" + nPriceBBP.ToString() + "')";
gData.Exec(sql1);
MsgBox("Success", "You have successfully purchased the item [" + dt.Rows[0]["Title"]
+ "]. To track this order, simply navigate to <a href='MyOrders'>My Orders</a>. Thank you for shopping with BiblePay. ", this);
}
}