<?
include "./auth.inc.php";
include "./mysql.inc.php";


print count($PaymentID);
print "\n";
for ($i=1;$i<=count($PaymentID);$i++){
 print "$PaymentID[$i]: $Status[$i] ";

 $cresult='';


 #check for concurrency
 $csql = "SELECT Credit FROM Invoices WHERE PaymentID = $PaymentID[$i]";
 $cres = mysql_query($csql);
	print mysql_error();
 #print $csql;
 if (mysql_num_rows($cres))	
 	$cresult = mysql_result($cres,0);

 if ($cresult){

	$sql="SELECT FirstName, LastName, ContactEmail, Invoices.CustomerID AS ID,
	PaymentAmount, ResellerCommission,AgentCommission,
	ResellerPayment,ResellerOriginal, Purchase 
	FROM Invoices, MasterAccounts
	WHERE MasterAccounts.CustomerID=Invoices.CustomerID
	AND PaymentID=$PaymentID[$i]";

	$result=mysql_query($sql);
	if (mysql_error())
		print mysql_error()." $sql";
	$row=mysql_fetch_array($result);

	$paysql = "SELECT * FROM Invoices WHERE PaymentID=$PaymentID[$i]";

	switch ($Status[$i]){
		case 10:
			print "Paid! Removing from debtors list.";	
			$payres = mysql_query($paysql);
			if (mysql_num_rows($payres)){
			 $p=mysql_fetch_array($payres);			

			 # insert into real payments table.

			$pusql = "UPDATE Payments SET
				CustomerID='$p[CustomerID]', PaymentType='$p[PaymentType]', PaymentAmount='$p[PaymentAmount]', PaymentDate=now(),
                                RecallPhone='$p[RecallPhone]', Purchase='$p[Purchase]', RecallName='$p[RecallName]', ResellerOriginal='$p[ResellerOriginal]',
                                ResellerPayment='$p[ResellerPayment]', ResellerUser='$p[ResellerUser]',
				identifier='$p[identifier]/$PHP_AUTH_USER',ResellerCommission='$p[ResellerCommission]',
                                AgentCommission='$p[AgentCommission]', GST='$p[GST]', RequestDate='$p[PaymentDate]'
				WHERE PaymentID=$p[PaymentID]";
	


			  mysql_query($pusql);
			  #print $pusql;
			  if (mysql_error()){
				print $pusql;
				print mysql_error();
			  }

			  #remove from visible list.
			  $dsql = "UPDATE Invoices SET Credit=0 WHERE PaymentID=$PaymentID[$i]";
			  mysql_query($dsql);
			  if (mysql_error()){
				print "<B>$dsql ".mysql_error();			
			  }else{
				$cost = number_format($p[GST]+$p[PaymentAmount],2);
				$message ="Your payment of \$$cost for $p[Purchase] has now been processed.\n";
				$message.="Please visit http://members.adam.com.au/listpayments.php to view or print a receipt.\n\n";
				$message.="Regards,\nAdam Internet Accounts";
				#if ($row[ContactEmail]){
				  #mail($row[ContactEmail],"Payment Processed",$message);
				  #print "Message sent to $row[ContactEmail].\n";
				#}
			  }
			}else{
				print "Error. $PaymentID[$i] does not exist.";
			}

			break;
		case -1:
			print "Cancel.";
			if (0){
				#$dsql = "DELETE FROM PendingPayments WHERE PaymentID=$p[PaymentID]";	
				#mysql_query($dsql);
			}
 					
			print "<BR>Invoice Cancelled. Please Edit <A
			HREF=\"edit.php?ID=$row[ID]\">$row[FirstName] $row[LastName]. </A> to
			manually remove the purchase of: <B>$row[Purchase]</B>.";

			break;
		case 1:
			print "Still Pending.";
			# update anyway, in case we're changing a declined 
			# back to pending

			$psql="UPDATE Invoices SET credit=1 WHERE PaymentID=$PaymentID[$i]";
			mysql_query($psql);

			break;
		case 2:
			print "Payment Declined";
			$psql="UPDATE Invoices SET credit=2 WHERE PaymentID=$PaymentID[$i]";
			mysql_query($psql);
	
			break;
		default:
			#wtf;
			print "Unknown.";
			break;
	}

	
	print "<BR>";

 }else{
	print "<B>Payment Already Paid. Possible Concurrency Problem</B>";
 }	
}
?>