IPN PROBLEMS
Posted: Sat Jun 25, 2011 8:05 pm
Hey,
At the moment I'm working on a code that allows users to submit 4 lottery numbers(costing a fee of 0.50).
The way it works is they choose there numbers in 4 text boxes (1-99) and click submit. That takes them to paypal where they will pay for there ticket and after it has been payed then the details are sent to the database, so far everything is working the database shows they have purchase the ticket. The only problem is i can't get it to show the lottery numbers they have chose, the lottery number fields just stay blank in the sql database.
Here is the form code.
Here is the payment code that takes them to paypal.
Here is the function code on which it is sent to the database
All my previous attempts at trying to get this to work have been removed from the above to codes. If anyone knows the problem please share!
~Thanks
At the moment I'm working on a code that allows users to submit 4 lottery numbers(costing a fee of 0.50).
The way it works is they choose there numbers in 4 text boxes (1-99) and click submit. That takes them to paypal where they will pay for there ticket and after it has been payed then the details are sent to the database, so far everything is working the database shows they have purchase the ticket. The only problem is i can't get it to show the lottery numbers they have chose, the lottery number fields just stay blank in the sql database.
Here is the form code.
Code: Select all
<center>
<form class="paypal" action="payments.php" method="post" id="paypal_form" target="_parent">
<input type="hidden" name="cmd" value="_xclick" />
<input type="hidden" name="no_note" value="1" />
<input type="hidden" name="lc" value="UK" />
<input type="hidden" name="currency_code" value="USD" />
<input type="hidden" name="bn" value="PP-BuyNowBF:btn_buynow_LG.gif:NonHostedGuest" />
<input type="hidden" name="first_name" value="Customer's First Name" />
<input type="hidden" name="last_name" value="Customer's Last Name" />
<input type="hidden" name="email" value="customer@example.com" />
<input type="hidden" name="item_number" value="123456" / >
<input type="text" size="1" maxlength="2" id=”lottery_numbers” name="lottery_numbers" value=""> <br /> <br />
<input type="text" size="1" maxlength="2" id=”lottery_numbers” name="lottery_numbers" value=""> <br /> <br />
<input type="text" size="1" maxlength="2" id=”lottery_numbert” name="lottery_numbert" value=""> <br /> <br />
<input type="text" size="1" maxlength="2" id=”lottery_numberl” name="lottery_numberl" value=""> <br /> <br />
<input type="submit" value="Submit Payment" />
</form>
</center>Code: Select all
<?php
// Database variables
$host = "XXXX"; //database location
$user = "XXXX"; //database username
$pass = "XXXX"; //database password
$db_name = "XXXX"; //database name
// PayPal settings
$paypal_email = 'XXXX';
$return_url = 'XXXX';
$cancel_url = XXXX';
$notify_url = 'XXXX';
$item_name = 'MapleLotto Ticket';
$item_amount = 0.50;
// Include Functions
include("functions.php");
//Database Connection
$link = mysql_connect($host, $user, $pass);
mysql_select_db($db_name);
// Check if paypal request or response
if (!isset($_POST["txn_id"]) && !isset($_POST["txn_type"])){
// Firstly Append paypal account to querystring
$querystring .= "?business=".urlencode($paypal_email)."&";
// Append amount& currency (£) to quersytring so it cannot be edited in html
//The item name and amount can be brought in dynamically by querying the $_POST['item_number'] variable.
$querystring .= "item_name=".urlencode($item_name)."&";
$querystring .= "amount=".urlencode($item_amount)."&";
//loop for posted values and append to querystring
foreach($_POST as $key => $value){
$value = urlencode(stripslashes($value));
$querystring .= "$key=$value&";
}
// Append paypal return addresses
$querystring .= "return=".urlencode(stripslashes($return_url))."&";
$querystring .= "cancel_return=".urlencode(stripslashes($cancel_url))."&";
$querystring .= "notify_url=".urlencode($notify_url);
// Append querystring with custom field
//$querystring .= "&custom=".USERID;
// Redirect to paypal IPN
header('location:http://www.paypal.com/cgi-bin/webscr'.$querystring);
exit();
}else{
// Response from Paypal
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$req .= "&$key=$value";
}
// assign posted variables to local variables
$data['item_name'] = $_POST['item_name'];
$data['item_number'] = $_POST['item_number'];
$data['payment_status'] = $_POST['payment_status'];
$data['payment_amount'] = $_POST['mc_gross'];
$data['payment_currency'] = $_POST['mc_currency'];
$data['txn_id'] = $_POST['txn_id'];
$data['receiver_email'] = $_POST['receiver_email'];
$data['payer_email'] = $_POST['payer_email'];
$data['custom'] = $_POST['custom'];
// post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
if (!$fp) {
// HTTP ERROR
} else {
mail('ash@evoluted.net', '0', '0');
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
// Validate payment (Check unique txnid & correct price)
$valid_txnid = check_txnid($data['txn_id']);
$valid_price = check_price($data['payment_amount'], $data['item_number']);
// PAYMENT VALIDATED & VERIFIED!
if($valid_txnid && $valid_price){
$orderid = updatePayments($data);
if($orderid){
// Payment has been made & successfully inserted into the Database
}else{
// Error inserting into DB
// E-mail admin or alert user
}
}else{
// Payment made but data has been changed
// E-mail admin or alert user
}
}else if (strcmp ($res, "INVALID") == 0) {
// PAYMENT INVALID & INVESTIGATE MANUALY!
// E-mail admin or alert user
}
}
fclose ($fp);
}
}
?>Here is the function code on which it is sent to the database
Code: Select all
<?php
// functions.php
function check_txnid($tnxid){
global $link;
return true;
$valid_txnid = true;
//get result set
$sql = mysql_query("SELECT * FROM `payments` WHERE txnid = '$tnxid'", $link);
if($row = mysql_fetch_array($sql)) {
$valid_txnid = false;
}
return $valid_txnid;
}
function check_price($price, $id){
$valid_price = false;
//you could use the below to check whether the correct price has been paid for the product
/*
$sql = mysql_query("SELECT amount FROM `products` WHERE id = '$id'");
if (mysql_numrows($sql) != 0) {
while ($row = mysql_fetch_array($sql)) {
$num = (float)$row['amount'];
if($num == $price){
$valid_price = true;
}
}
}
return $valid_price;
*/
return true;
}
function updatePayments($data){
global $link;
if(is_array($data)){
$sql = mysql_query("INSERT INTO `payments` (txnid, payment_amount, payment_status, itemid, createdtime) VALUES (
'".$data['txn_id']."' ,
'".$data['payment_amount']."' ,
'".$data['payment_status']."' ,
'".$data['item_number']."' ,
'".date("Y-m-d H:i:s")."'
)", $link);
return mysql_insert_id($link);
}
}
?>All my previous attempts at trying to get this to work have been removed from the above to codes. If anyone knows the problem please share!
~Thanks