jon4433

I'm wanting to manage the donations that I get from players and put them in a database automatically. I have the database setup. I was searching on Google yesterday evening for about an hour, for a PayPal IPN Script example. And all the ones that I found and tried, never worked. So I went with the script example that PayPal gives you. Now i've filled in the missing parts (I think), but i'm always getting 'Live-INVALID IPN' when I test it through the Paypal Sandbox. I have $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30); for the post back system thing (not too sure what it is). Now that sends me the Invalid IPN when I test it. But when i've used both - https://www.sandbox.paypal.com/cgi-bin/webscr and ssl:/www.sandbox.paypal.com/cgi-bin/webscr, it doesn't send an email at all. My concept for this script, is to allow the player to enter their username into the textbox on my donation page. Then the IPN script gets that variables, including my custom field. Then inserts it into the database. If anyone is familiar with PayPal IPN, or if anyone knows what is wrong. Could you please help me out? My code is below. <?php error_reporting(E_ALL ^ E_NOTICE); require("connect_to_mysql.php"); // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; $email = 'donate@dawncraftmc.com'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } // post back to PayPal system to validate $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30); // assign posted variables to local variables $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $payment_amount = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $payer_email = $_POST['payer_email']; $player_username = $_POST['custom']; if (!$fp) { // HTTP ERROR } else { // NO HTTP ERROR fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); if (strcmp ($res, "VERIFIED") == 0) { if($payment_status == 'Completed'){ $txn_id_check = mysql_query("SELECT txn_id FROM log WHERE txn_id = ".$txn_id.""); if(mysql_num_rows($txn_id_check) != 1){ if($receiver_email == $email){ if($paymount_amount == '2.50' && $payment_currency == 'GBP'){ $log_query = mysql_query("INSERT INTO log VALUES ('','".$txn_id."','".$payer_email."')"); } } } } // If 'VERIFIED', send an email of IPN variables and values to the // specified email address foreach ($_POST as $key => $value){ $emailtext .= $key . " = " .$value ."\n\n"; } mail($email, "Live-VERIFIED IPN", $req); } else if (strcmp ($res, "INVALID") == 0) { // If 'INVALID', send an email. TODO: Log for manual investigation. foreach ($_POST as $key => $value){ $emailtext .= $key . " = " .$value ."\n\n"; } mail($email, "Live-INVALID IPN", $req); } } fclose ($fp); } ?> When I receive an email from the script, it shows like this:

I'm using a pagination script for the front of my statistics website, and now i'm trying to put it in my search page. The search feature works, it displays the found user's. But it also displays everyone else on the next page. I think it's gotta be one of the queries, but I can't seem to find it.... Can anybody help me out, please? <?php include 'db.php'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <link REL="SHORTCUT ICON" HREF="http://www.dawncraftmc.com/stats/favicon.ico"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link href="css/style.css" rel="stylesheet" type="text/css" /> <title>Dawncraft Stats</title> <style type="text/css"> body { background-color: #E9E9E9; background-image: url(images/stripe_8c8e7da1ce9e02b0e3ad46e2f2896ec2.png); } </style> </head> <body> <div class="top_holder"> <div class="top_inner"> <table width="100%" border="0" cellspacing="5"> <tr> <td width="73%"><a href="index.php"><img src="images/logo.png" width="150" height="40" /></a></td> <td width="27%"> <form action="search.php" method="POST"> <input type="text" size="15" name="searchterm" id="s" placeholder="Search..."/> <input type="submit" class="search_button" value=""/> </form> </td> </tr> </table> </div> </div> <div class="menu" align="center"> <a href="index.php"><img src="images/home.png" width="40" height="20" /></a> <a href="help.php"><img src="images/help.png" width="40" height="20" /></a> <a href="statistics.php"><img src="images/statistics.png" width="55" height="20" /></a> </div> <div class="search_content"> <br /> <br /> <table width="90%" border="0" align="center" cellspacing="0" class="main_table"> <?php echo "<tr bgcolor='#5C5C5C', align=\"center\"><td><font color='white'>Status</font></td><td><font color='white'>Username</font></td><td><font color='white'>First Seen</font></td><td><font color='white'>Last Seen</font></td></tr>"; $id = $name['id']; // How many adjacent pages should be shown on each side? $adjacents = 4; /* First get total number of rows in data table. If you have a WHERE clause in your query, make sure you mirror it here. */ $query = "SELECT COUNT(*) as num FROM players"; $total_pages = mysql_fetch_array(mysql_query($query)); $total_pages = $total_pages[num]; /* Setup vars for query. */ $targetpage = "search.php"; //your file name (the name of this file) $limit = 45; //how many items to show per page $page = $_GET['page']; if($page) $start = ($page - 1) * $limit; //first item to display on this page else $start = 0; //if no page var is given, set start to 0 $search = mysql_real_escape_string(trim($_POST['searchterm'])); $find_users = mysql_query("SELECT * FROM players WHERE username LIKE '%$search%' ORDER BY id LIMIT $start, $limit"); /* Setup page vars for display. */ if ($page == 0) $page = 1; //if no page var is given, default to 1. $prev = $page - 1; //previous page is page - 1 $next = $page + 1; //next page is page + 1 $lastpage = ceil($total_pages/$limit); //lastpage is = total pages / items per page, rounded up. $lpm1 = $lastpage - 1; //last page minus 1 /* Now we apply our rules and draw the pagination object. We're actually saving the code to a variable in case we want to draw it more than once. */ $pagination = ""; if($lastpage > 1) { $pagination .= "<div class=\"pagination\" align=\"center\">"; //previous button if ($page > 1) $pagination.= "<a href=\"$targetpage?page=$prev\">previous</a>"; else $pagination.= "<span class=\"disabled\">previous</span>"; //pages if ($lastpage < 7 + ($adjacents * 2)) //not enough pages to bother breaking it up { for ($counter = 1; $counter <= $lastpage; $counter++) { if ($counter == $page) $pagination.= "<span class=\"current\">$counter</span>"; else $pagination.= "<a href=\"$targetpage?page=$counter\">$counter</a>"; } } elseif($lastpage > 5 + ($adjacents * 2)) //enough pages to hide some { //close to beginning; only hide later pages if($page < 1 + ($adjacents * 2)) { for ($counter = 1; $counter < 4 + ($adjacents * 2); $counter++) { if ($counter == $page) $pagination.= "<span class=\"current\">$counter</span>"; else $pagination.= "<a href=\"$targetpage?page=$counter\">$counter</a>"; } $pagination.= "..."; $pagination.= "<a href=\"$targetpage?page=$lpm1\">$lpm1</a>"; $pagination.= "<a href=\"$targetpage?page=$lastpage\">$lastpage</a>"; } //in middle; hide some front and some back elseif($lastpage - ($adjacents * 2) > $page && $page > ($adjacents * 2)) { $pagination.= "<a href=\"$targetpage?page=1\">1</a>"; $pagination.= "<a href=\"$targetpage?page=2\">2</a>"; $pagination.= "..."; for ($counter = $page - $adjacents; $counter <= $page + $adjacents; $counter++) { if ($counter == $page) $pagination.= "<span class=\"current\">$counter</span>"; else $pagination.= "<a href=\"$targetpage?page=$counter\">$counter</a>"; } $pagination.= "..."; $pagination.= "<a href=\"$targetpage?page=$lpm1\">$lpm1</a>"; $pagination.= "<a href=\"$targetpage?page=$lastpage\">$lastpage</a>"; } //close to end; only hide early pages else { $pagination.= "<a href=\"$targetpage?page=1\">1</a>"; $pagination.= "<a href=\"$targetpage?page=2\">2</a>"; $pagination.= "..."; for ($counter = $lastpage - (2 + ($adjacents * 2)); $counter <= $lastpage; $counter++) { if ($counter == $page) $pagination.= "<span class=\"current\">$counter</span>"; else $pagination.= "<a href=\"$targetpage?page=$counter\">$counter</a>"; } } } //next button if ($page < $counter - 1) $pagination.= "<a href=\"$targetpage?page=$next\">next</a>"; else $pagination.= "<span class=\"disabled\">next</span>"; $pagination.= "</div>\n"; } while($row = mysql_fetch_assoc($find_users)){ if($row['isonline'] == 1){ echo "<tr bgcolor='#BFFFFF'><td bgcolor='#00FF00'><center>Online</center></td>"; }else{ echo "<tr bgcolor='#BFFFFF'><td bgcolor='#FF0000'><center>Offline</center></td>"; } echo "<td><center><a href='user.php?id=" . $row['id'] . "'>".$row['username']."</a></center></td>"; echo "<td><center>".date('d/m/Y H:i:s', ($row['firstseen'] / 1000))."</center></td>"; echo "<td><center>".date('d/m/Y H:i:s', ($row['lastseen'] / 1000))."</center></td></tr>"; } ?> </table> <?=$pagination?> </div> <div class="footer_holder" align="center"> <p><b>Dawncraft Stats (en) Version 1.0 (01/07/2012) - (c) 2012 www.dawncraftmc.com | Made By Dtoyee</b></p> </div> </body> </html>

As the title says... 2 of my login scripts seem to have broken over night. My login script to access the website, and my login script for the admin area. Now I kow that this script isn't the best, not secure at all! But it's just a simple and fast way that I did it. But this code doesn't direct me to the index.php in the admin folder, it reloads the same page, login.php. But when I type in admin.php in the URL bar, it says that i'm logged in with my username. Edit: So I got a few friends to test login in, and this is what happened. They managed to login. They then logged out, and then tried to log back in. Once they pressed the 'submit' button, it reloaded the login page and then didn't display anything on the page. And then they pressed the 'home' lnk and it took them back to the index with them logged in. Here is the login.php and index.php code. Login.php <?php session_start(); $_SESSION['username']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link href="css/style.css" rel="stylesheet" type="text/css" /> <title>JokeStomp Admin Login</title> <style type="text/css"> body,td,th { color: #FFF; font-family: Georgia, "Times New Roman", Times, serif; } body { background-color: #E0E0E0; } </style> </head> <body> <div id="admin_login"> <div style="background-color:#353535; height:40px;" align="center">Please Login To Continue</div> <div id="error"> <?php $username = trim($_POST['username']); $password = trim($_POST['password']); if ($username == "dtoyee" && $password == "testing123"){ header("location: index.php"); $_SESSION['username'] = $username; }else{ header("location: login.php"); } ?> </div> <div id="login" align="left"> <p><font color="#000000">Please enter your username and password to continue.</font></p> <form action='login.php' method='post'> Username: <input type='text' name='username' size="30"><br /> <br /> Password: <input type='password' name='password' size="30"><br /> <br /> <input type='submit' value='Login'> <br /> <br /> </form> </div> </div> </body> </html> Index.php <?php session_start(); $_SESSION['username']; $user = $_SESSION['username']; include '../connect_to_mysql.php'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link href="css/style.css" rel="stylesheet" type="text/css" /> <title>JokeStomp Beta | Admin</title> <style type="text/css"> body { background-color: #CCC; } </style> </head> <body> <?php if (!isset($_SESSION['username']) || empty($_SESSION['username'])) { header('location: login.php'); }else{ echo' <div><img src="images/jokestomppic.png" width="400" height="190" /></div> <div id="menu"> <ul> <li><a href="index.php" class="active">Home</a></li> <li><a href="includes/users.php">Users</a></li> <li><a href="includes/jokes.php">Jokes</a></li> <li><a href="news.php">News</a></li> <li><a href="../index.php">Website</a></li> </ul> </div> <div id="left_menu"> <div class="left_menu_box"> <div class="title">Home</div> <ul class="menu"> <li class="active"><a href="includes/users.php">Users</a></li> <li class="active"><a href="includes/jokes.php">Jokes</a></li> <li class="active"><a href="news.php">News</a></li> <li class="active"><a href="../index.php">Website</a></li> <li class="active"><a href="logout.php">Log Out</a></li> </ul> </div> </div> <div id="admin_content"> <table width="100%" border="1" class="table1"> <tr> <td> <?php $user_count = mysql_query("SELECT COUNT(id) FROM login"); $count = mysql_result($user_count, 0); echo $count, " users registered."; ?> </td> <td> <?php $joke_count = mysql_query("SELECT COUNT(id) FROM jokes"); $count = mysql_result($joke_count, 0); echo $count, " jokes posted."; ?> </td> </tr> <tr> <td>Hello <?php echo $user; //Seeing if the session works. ?></td> <td> </td> </tr> </table> </div>'; } ?> </body> </html> They are for the admin area. The code below is my main login script. Login.php <?php session_start(); $_SESSION['username']; include 'connect_to_mysql.php'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link href="css/style.css" rel="stylesheet" type="text/css" /> <title>JokeStomp Login</title> <style type="text/css"> body { background-size:100% 100%; background-attachment: fixed; background-repeat: repeat-x; background-position: left top; background-color: #999999; background-image: url(images/bg1_01.jpg); } </style> </head> <body> <div class="holder"> <div id="header"> <img src="images/jokestomppic.png" width="400" height="190" /> </div> <?php include 'includes/warning_template.php';?> <div class="menu"> <table width="50%" border="0" cellpadding="0px" cellspacing="4px" align="center"> <tr> <td><a href="index.php">Home</a></td> <td><a href="news.php">News</a></td> <td>Contact</td> </tr> </table> </div> <div class="content"> <div class="account" align="center"> <?php if (!isset($_SESSION['username']) || empty($_SESSION['username'])) { echo'<p><a href="register.php">Register</a></p>'; echo '<p><a href="login.php">Login</></a></p>'; }else{ echo "<p><a href='post_joke.php'>Post Joke</a></p>"; echo "<p><a href='account.php'>Account</a></p>"; echo "<p><a href='includes/logout.php'>Logout</a></p>"; } ?> <hr /> <?php $user_count = mysql_query("SELECT COUNT(id) FROM login"); $count = mysql_result($user_count, 0); echo $count, ' users registered.'; echo '<hr>'; $joke_count = mysql_query("SELECT COUNT(id) FROM jokes"); $joke = mysql_result($joke_count, 0); echo $joke, ' jokes in our database.'; ?> </div> <div class="joke"> <?php if (!isset($_SESSION['username']) || empty($_SESSION['username'])) { echo '<form action="login.php" method="post"> <table width="50%" border="0" align="center"> <tr> <td width="18%">Username</td> <td width="82%"><input type="text" name="username" size="40"/></td> </tr> <tr> <td>Password</td> <td><input type="password" name="password" size="40"/></td> </tr> <tr> <td> </td> <td align="center"><input type="submit" name="submit" value="Login"/></td> </tr> </table> </form> <br />'; }else{ header('location: index.php'); } ?> <div align="center"> <?php $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); if (empty($username) && (empty($password))){ echo "<font color=\"blue\">All fields are required!</font>"; }else{ if($username && $password) { $query = mysql_query("SELECT username,password FROM login WHERE username='$username' AND password='" . md5($password) . "'"); $numrows = mysql_num_rows($query); if($numrows == 1) { header("location: index.php"); $_SESSION['username'] = $username; }else{ echo "Details are invalid."; } } } ?> </div> </div> </div> </div> <?php include("includes/footer_template.php"); ?> </body> </html> They were both working fine yesterday. I haven't touched them since. Is there something wrong with it?

No i'm not. Looking at that the page where it explains it all... Would it be easy to implement?

Hi, I have a joke website, which allows people to register and post jokes. Now everything is working fine, i'm pretty much ready to release it. But I have problem. I posted a joke earlier to test, and this is what it looked like before I posted it. 'After a 2 year study, the National Science Foundation announced the following results on the American Male's recreational preferences: 1. The sport of choice for unemployed or incarcerated people is: basketball 2. The sport of choice for maintenance level employees is: bowling. 3. The sport of choice for blue-collar workers is: football. 4. The sport of choice for supervisors is: baseball. 5. The sport of choice for middle management is: tennis. 6. The sport of choice for corporate officers is: golf. Conclusion: The higher you rise in the corporate structure, the smaller your balls become.' And this is what it looked like after I posted it. 'After a 2 year study, the National Science Foundation announced the following results on the American Male's recreational preferences: 1. The sport of choice for unemployed or incarcerated people is: basketball 2. The sport of choice for maintenance level employees is: bowling. 3. The sport of choice for blue-collar workers is: football. 4. The sport of choice for supervisors is: baseball. 5. The sport of choice for middle management is: tennis. 6. The sport of choice for corporate officers is: golf. Conclusion: The higher you rise in the corporate structure, the smaller your balls become.' I'm storing the jokes in a database. Is there a way to make it display how it was originally? Here is the code that puts the jokes into the database. Magic quotes are enabled on my webhosting. <?php function filter($value) { // Stripslashes if (get_magic_quotes_gpc()) { $value = stripslashes($value); } // Quote if not a number if (!is_numeric($value)) { $value = mysql_real_escape_string($value); } return trim($value); } if($_POST['submit']){ $username = filter($_SESSION['username']); $joke = filter($_POST['joke']); if(!empty($joke)){ $query = mysql_query("INSERT INTO jokes (username, joke) VALUES ('$username', '$joke')") or die(mysql_error()); echo "<font color=\"green\">Your joke has been posted!</font>"; }else{ echo "<font color=\"red\">You need to enter a joke!</font>"; } } ?> Any help would be much appreciated.

Thank you for the replies, I will do what you said later!

For some reason, my query isn't display the newest joke that is submitted into my database, but is display every joke after the newest submitted one. I don't know why... Could anyone point it out for me, please? <?php session_start(); $_SESSION['username']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link href="css/style.css" rel="stylesheet" type="text/css" /> <title>JokeStomp</title> <style type="text/css"> body { background-image: url(images/stripe_aa0c4101186fcf8ef558be7fb7a866d8.png); } </style> </head> <body> <div class="holder"> <?php include("includes/header_template.php"); ?> <div class="menu"> <table width="50%" border="0" cellpadding="4"align="center"> <tr> <td><a href="index.php">Home</a></td> <td>News</td> <td>Contact</td> </tr> </table> </div> <div class="content"> <div class="account"> <?php if (!isset($_SESSION['username']) || empty($_SESSION['username'])) { echo "<p><a href='register.php'>Register</a></p>"; echo "<p><a href='login.php'>Login</a></p>"; }else{ echo "<p><a href='post_joke.php'>Post Joke</a></p>"; echo "<p>Account</p>"; echo "<p><a href='includes/logout.php'>Logout</a></p>"; } ?> </div> <div class="joke"> <?php require ("connect_to_mysql.php"); $sql_query = mysql_query("SELECT * FROM jokes ORDER BY id DESC"); $row = mysql_fetch_array($sql_query) or die(mysql_error()); while($row = mysql_fetch_array($sql_query)){ echo $row['username'] . '<br>' . $row['joke'] . '<br>' . '<br>'; } ?> </div> </div> <?php include("includes/footer_template.php"); ?> </div> </body> </html>

Okay, I figured it out. I changed '$_SESSION['username'];' to '$_SESSION['username'] = $username;' after they've successfully logged in.

It checks the users username and passwords that they entered when they registered. It checks their username and password that they have entered, which are stored in a variable, $username = $_POST['username']; and $password = $_POST['password']; (the mysql_real_escape_string() gives me errors for some reason). The script did work before, but for some reason it isn't working now...

My login script doesn't seem to be working. I think I might of changed something about 2 weeks ago, but can't remember what, nor can I what... Could anybody help me out, pelase? It would be much appreciated. <?php $username = $_POST['username']; $password = $_POST['password']; if (empty($username) && (empty($password))){ echo "<font color=\"blue\">All fields are required!</font>"; }else{ if($username && $password) { require("connect_to_mysql.php"); $query = mysql_query("SELECT * FROM login WHERE username='$username' AND password='" . md5($password) . "'"); $numrows = mysql_num_rows($query); if($numrows == 1) { header("location: index.php"); $_SESSION['username']; } } } ?> It doesn't check whether the username exists, yet.

I have a paypal IPN script that I got pre-generated, and I know that there is a lot of useless stuff in it such as: Subscription and the auction feature, but I don't need them. The problem that I have, is that I don't fully understand it. I configured what I needed to last night with the same but older script, and it worked once, but then didn't work afterwards.... I also don't understand the sending the email part. When I used paypal sandbox yesterday, when the script worked, it sent me a email saying 'Verified', but also included the data that the script used to insert into the database.... I know that it is commented, but I just don't understand parts of it. The way that people are going to be sending payments, are through a paypal button which I have on my index.php page. They have a textfield where they have to enter their Minecraft username, and the script will then send me their username, payment etc etc. I understand inserting into the database, but I don't understand how the script verifies that the person has actually payed. I'll post the script below, staring out my database details. Could anyone possibly help me? Thank you in advance if anyone is able to help me. <?php // Revision Notes // 11/04/11 - changed post back url from https://www.paypal.com/cgi-bin/webscr to https://ipnpb.paypal.com/cgi-bin/webscr // For more info see below: // https://www.x.com/content/bulletin-ip-address-expansion-paypal-services // "ACTION REQUIRED: if you are using IPN (Instant Payment Notification) for Order Management and your IPN listener script is behind a firewall that uses ACL (Access Control List) rules which restrict outbound traffic to a limited number of IP addresses, then you may need to do one of the following: // To continue posting back to https://www.paypal.com to perform IPN validation you will need to update your firewall ACL to allow outbound access to *any* IP address for the servers that host your IPN script // OR Alternatively, you will need to modify your IPN script to post back IPNs to the newly created URL https://ipnpb.paypal.com using HTTPS (port 443) and update firewall ACL rules to allow outbound access to the ipnpb.paypal.com IP ranges (see end of message)." ///////////////////////////////////////////////// /////////////Begin Script below.///////////////// ///////////////////////////////////////////////// // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } // post back to PayPal system to validate $header = "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; // If testing on Sandbox use: //$fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30); $fp = fsockopen ('ssl://ipnpb.paypal.com', 443, $errno, $errstr, 30); // assign posted variables to local variables $item_name = $_POST['item_name']; $business = $_POST['business']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $mc_gross = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $receiver_id = $_POST['receiver_id']; $quantity = $_POST['quantity']; $num_cart_items = $_POST['num_cart_items']; $payment_date = $_POST['payment_date']; $first_name = $_POST['first_name']; $last_name = $_POST['last_name']; $payment_type = $_POST['payment_type']; $payment_status = $_POST['payment_status']; $payment_gross = $_POST['payment_gross']; $payment_fee = $_POST['payment_fee']; $settle_amount = $_POST['settle_amount']; $memo = $_POST['memo']; $payer_email = $_POST['payer_email']; $txn_type = $_POST['txn_type']; $payer_status = $_POST['payer_status']; $address_street = $_POST['address_street']; $address_city = $_POST['address_city']; $address_state = $_POST['address_state']; $address_zip = $_POST['address_zip']; $address_country = $_POST['address_country']; $address_status = $_POST['address_status']; $item_number = $_POST['item_number']; $tax = $_POST['tax']; $option_name1 = $_POST['option_name1']; $option_selection1 = $_POST['option_selection1']; $option_name2 = $_POST['option_name2']; $option_selection2 = $_POST['option_selection2']; $for_auction = $_POST['for_auction']; $invoice = $_POST['invoice']; $custom = $_POST['custom']; $notify_version = $_POST['notify_version']; $verify_sign = $_POST['verify_sign']; $payer_business_name = $_POST['payer_business_name']; $payer_id =$_POST['payer_id']; $mc_currency = $_POST['mc_currency']; $mc_fee = $_POST['mc_fee']; $exchange_rate = $_POST['exchange_rate']; $settle_currency = $_POST['settle_currency']; $parent_txn_id = $_POST['parent_txn_id']; $pending_reason = $_POST['pending_reason']; $reason_code = $_POST['reason_code']; // subscription specific vars $subscr_id = $_POST['subscr_id']; $subscr_date = $_POST['subscr_date']; $subscr_effective = $_POST['subscr_effective']; $period1 = $_POST['period1']; $period2 = $_POST['period2']; $period3 = $_POST['period3']; $amount1 = $_POST['amount1']; $amount2 = $_POST['amount2']; $amount3 = $_POST['amount3']; $mc_amount1 = $_POST['mc_amount1']; $mc_amount2 = $_POST['mc_amount2']; $mc_amount3 = $_POST['mcamount3']; $recurring = $_POST['recurring']; $reattempt = $_POST['reattempt']; $retry_at = $_POST['retry_at']; $recur_times = $_POST['recur_times']; $username = $_POST['username']; $password = $_POST['password']; //auction specific vars $for_auction = $_POST['for_auction']; $auction_closing_date = $_POST['auction_closing_date']; $auction_multi_item = $_POST['auction_multi_item']; $auction_buyer_id = $_POST['auction_buyer_id']; //DB connect creds and email $notify_email = "****"; //email address to which debug emails are sent to $DB_Server = "****"; //your MySQL Server $DB_Username = "****"; //your MySQL User Name $DB_Password = "****"; //your MySQL Password $DB_DBName = "****"; //your MySQL Database Name if (!$fp) { // HTTP ERROR } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); if (strcmp ($res, "VERIFIED") == 0) { //create MySQL connection $Connect = @mysql_connect($DB_Server, $DB_Username, $DB_Password) or die("Couldn't connect to MySQL:<br>" . mysql_error() . "<br>" . mysql_errno()); //select database $Db = @mysql_select_db($DB_DBName, $Connect) or die("Couldn't select database:<br>" . mysql_error(). "<br>" . mysql_errno()); $fecha = date("m")."/".date("d")."/".date("Y"); $fecha = date("Y").date("m").date("d"); //check if transaction ID has been processed before $checkquery = "select txnid from paypal_payment_info where txnid='".$txn_id."'"; $sihay = mysql_query($checkquery) or die("Duplicate txn id check query failed:<br>" . mysql_error() . "<br>" . mysql_errno()); $nm = mysql_num_rows($sihay); if ($nm == 0){ //execute query if ($txn_type == "cart"){ $strQuery = "insert into paypal_payment_info(paymentstatus,buyer_email,firstname,lastname,street,city,state,zipcode,country,mc_gross,mc_fee,memo,paymenttype,paymentdate,txnid,pendingreason,reasoncode,tax,datecreation) values ('".$payment_status."','".$payer_email."','".$first_name."','".$last_name."','".$address_street."','".$address_city."','".$address_state."','".$address_zip."','".$address_country."','".$mc_gross."','".$mc_fee."','".$memo."','".$payment_type."','".$payment_date."','".$txn_id."','".$pending_reason."','".$reason_code."','".$tax."','".$fecha."')"; $result = mysql_query($strQuery) or die("Cart - paypal_payment_info, Query failed:<br>" . mysql_error() . "<br>" . mysql_errno()); for ($i = 1; $i <= $num_cart_items; $i++) { $itemname = "item_name".$i; $itemnumber = "item_number".$i; $on0 = "option_name1_".$i; $os0 = "option_selection1_".$i; $on1 = "option_name2_".$i; $os1 = "option_selection2_".$i; $quantity = "quantity".$i; $struery = "insert into paypal_cart_info(txnid,itemnumber,itemname,os0,on0,os1,on1,quantity,invoice,custom) values ('".$txn_id."','".$_POST[$itemnumber]."','".$_POST[$itemname]."','".$_POST[$on0]."','".$_POST[$os0]."','".$_POST[$on1]."','".$_POST[$os1]."','".$_POST[$quantity]."','".$invoice."','".$custom."')"; $result = mysql_query($struery) or die("Cart - paypal_cart_info, Query failed:<br>" . mysql_error() . "<br>" . mysql_errno()); } } else{ $strQuery = "insert into paypal_payment_info(paymentstatus,buyer_email,firstname,lastname,street,city,state,zipcode,country,mc_gross,mc_fee,itemnumber,itemname,os0,on0,os1,on1,quantity,memo,paymenttype,paymentdate,txnid,pendingreason,reasoncode,tax,datecreation) values ('".$payment_status."','".$payer_email."','".$first_name."','".$last_name."','".$address_street."','".$address_city."','".$address_state."','".$address_zip."','".$address_country."','".$mc_gross."','".$mc_fee."','".$item_number."','".$item_name."','".$option_name1."','".$option_selection1."','".$option_name2."','".$option_selection2."','".$quantity."','".$memo."','".$payment_type."','".$payment_date."','".$txn_id."','".$pending_reason."','".$reason_code."','".$tax."','".$fecha."')"; $result = mysql_query("insert into paypal_payment_info(paymentstatus,buyer_email,firstname,lastname,street,city,state,zipcode,country,mc_gross,mc_fee,itemnumber,itemname,os0,on0,os1,on1,quantity,memo,paymenttype,paymentdate,txnid,pendingreason,reasoncode,tax,datecreation) values ('".$payment_status."','".$payer_email."','".$first_name."','".$last_name."','".$address_street."','".$address_city."','".$address_state."','".$address_zip."','".$address_country."','".$mc_gross."','".$mc_fee."','".$item_number."','".$item_name."','".$option_name1."','".$option_selection1."','".$option_name2."','".$option_selection2."','".$quantity."','".$memo."','".$payment_type."','".$payment_date."','".$txn_id."','".$pending_reason."','".$reason_code."','".$tax."','".$fecha."')") or die("Default - paypal_payment_info, Query failed:<br>" . mysql_error() . "<br>" . mysql_errno()); } // send an email in any case echo "Verified"; mail($notify_email, "VERIFIED IPN", "$res\n $req\n $strQuery\n $struery\n $strQuery2"); } else { // send an email mail($notify_email, "VERIFIED DUPLICATED TRANSACTION", "$res\n $req \n $strQuery\n $struery\n $strQuery2"); } //subscription handling branch if ( $txn_type == "subscr_signup" || $txn_type == "subscr_payment" ) { // insert subscriber payment info into paypal_payment_info table $strQuery = "insert into paypal_payment_info(paymentstatus,buyer_email,firstname,lastname,street,city,state,zipcode,country,mc_gross,mc_fee,memo,paymenttype,paymentdate,txnid,pendingreason,reasoncode,tax,datecreation) values ('".$payment_status."','".$payer_email."','".$first_name."','".$last_name."','".$address_street."','".$address_city."','".$address_state."','".$address_zip."','".$address_country."','".$mc_gross."','".$mc_fee."','".$memo."','".$payment_type."','".$payment_date."','".$txn_id."','".$pending_reason."','".$reason_code."','".$tax."','".$fecha."')"; $result = mysql_query($strQuery) or die("Subscription - paypal_payment_info, Query failed:<br>" . mysql_error() . "<br>" . mysql_errno()); // insert subscriber info into paypal_subscription_info table $strQuery2 = "insert into paypal_subscription_info(subscr_id , sub_event, subscr_date ,subscr_effective,period1,period2, period3, amount1 ,amount2 ,amount3, mc_amount1, mc_amount2, mc_amount3, recurring, reattempt,retry_at, recur_times, username ,password, payment_txn_id, subscriber_emailaddress, datecreation) values ('".$subscr_id."', '".$txn_type."','".$subscr_date."','".$subscr_effective."','".$period1."','".$period2."','".$period3."','".$amount1."','".$amount2."','".$amount3."','".$mc_amount1."','".$mc_amount2."','".$mc_amount3."','".$recurring."','".$reattempt."','".$retry_at."','".$recur_times."','".$username."','".$password."', '".$txn_id."','".$payer_email."','".$fecha."')"; $result = mysql_query($strQuery2) or die("Subscription - paypal_subscription_info, Query failed:<br>" . mysql_error() . "<br>" . mysql_errno()); mail($notify_email, "VERIFIED IPN", "$res\n $req\n $strQuery\n $struery\n $strQuery2"); } } // if the IPN POST was 'INVALID'...do this else if (strcmp ($res, "INVALID") == 0) { // log for manual investigation mail($notify_email, "INVALID IPN", "$res\n $req"); } } fclose ($fp); } ?>

Under the newly posted comment, it shows '. Delete .' and when I click on it, it just refreshes the page. I haven't learned about the mysql_real_escape_String yet monkuar.

I have a Javascript script which gets your local time. Not sure how to do it in php. But this might help. http://php.net/manual/en/function.getdate.php

This is what I have in my delete.php. <?php $connect = mysql_connect("****","****","****") or die("Could not connect to database."); mysql_select_db("****") or die ("Could not find database!"); $deleteid = $_GET['id']; mysql_query("DELETE FROM comments WHERE id='$deleteid'"); header("location: chat.php"); ?> And this is my chatbox code with the 'Delete' option. (Just changed a few things from the last time that I posted it.) <?php $connect = mysql_connect("****","****","****") or die("Could not connect to database."); mysql_select_db("****") or die ("Could not find database!"); $query2 = "SELECT * FROM comments ORDER BY id DESC"; $id=$rows['id']; $name=$_POST['name']; $comment=$_POST['comment']; $dellink="<a href=\"delete.php?id=" . $id . "\"> Delete </a>"; $result=mysql_query($query2); while($row=mysql_fetch_array($result)){ //list the comments echo $row['name'] . "<br>" . $row['comment']."<br /> . $dellink .<br><hr>"; } ?>

@Muddy_Funster I've never thought about a reset button...That could be an option! @jesirose That's what I tried to say. Deleteing an existing comment. Sorry. I tried having a 'Delete' link beneath the comment. A existing or newly posted comment. Which would go to my delete.php, which I thought would delete the comment from both the screen and database. @MSUK1 I think I know what you mean. I'll have a go at that later on. Thank you for the help