ianhaney
-
Posts
330 -
Joined
-
Last visited
-
Days Won
1
Everything posted by ianhaney
-
Yeah they are logged in when they make a purchase I have done it so far by doing the following joining the name and email column from the signup table and added it onto the payments table which now gives me their name and email address of who has paid
-
I agree, I do already have the info from when they sign up on the site but the email address they sign up on the site with could be different to their paypal email address
-
Hi This is my last little issue I have the following working in my site I am building and I would 2 extra fields if possibly received from PayPal, I think the script from the link below is using PayPal PDT http://www.codexworld.com/paypal-standard-payment-gateway-integration-php/ the extra info I need is the first and last name of the buyer I was just seeing if that is possible in PayPal PDT? I did look on Google before posting but can't see anything Thank you in advance
-
Hi Sorry been quiet, I have now sussed and sorted this issue
-
Sorry I'll try to explain it better I login in as userA in the candidate side then if I go to login page on employee side, it thinks I am already signed in to the employee side and has taken me to the employer profile page on employee side it thinks I am logged in as userA from when I logged into the candidate side, I have attached a couple of screenshots of me logged in on candidate profile side and employer profile side Hope that makes it easier to understand the issue I got
-
Hi So sorry, I hope this is the last issue I come across and need help I got one side for employers and one side for candidates and both sides were using memberID so what was happening was when I was logged in as a employer, it would log in as a candidate as well so thought that was because both were using memberID so left employers as memberID and changed candidates to userID thinking would solve it but has not so only other thing I can think of is because they are using sessions to store the memberID and userID in a session or could it be of the following line being in both employer and candidate php file script if(!$user->is_logged_in()){ header('Location: candidate-login.php'); } if(!$user->is_logged_in()){ header('Location: employer-login.php'); } or can I use the same $user used in both php files or would I need to change $user in candidate side so is different to the employer side
-
I got the memberID now stored in the payments table so ties up with the memberID of the user who is logged in think I got it, I tried directly accessing the page that I don't want users to access directly unless a payment has been made and it has redirected me to the login page to login or create a account so think I have sussed it
-
Ahh ok, my current code is not doing that So taking a guess I would need to join the employee table that has the memberID, that is done by sessions when in the employer-profile.php page so would need to do a join in the sql query and get the memberID in the session when it comes to accessing the page and matching it with the payment that they just made, is that right or am I miles off
-
Sorry, got it working now by using a script from the following link http://www.codexworld.com/paypal-standard-payment-gateway-integration-php/ it works with using PayPal PDT I just need to make the php page only accessible after payment has been received and if not been received to redirect to another page, within the db table is a column called payment_status and has a value of Completed once payment has been successful The issue I got is I can access the php page without paying but need to stop that Below is the script I have so far on success.php <?php ini_set('display_startup_errors',1); ini_set('display_errors',1); error_reporting(-1); $title = "PayPal Success - Security Site"; include ( 'includes/header.php' ); ?> <?php include 'db-connect.php'; //Store transaction information from PayPal $item_number = $_GET['item_number']; $txn_id = $_GET['tx']; $payment_gross = $_GET['amt']; $currency_code = $_GET['cc']; $payment_status = $_GET['st']; //Get product price $productResult = $db->query("SELECT price FROM products WHERE id = ".$item_number); $productRow = $productResult->fetch_assoc(); $productPrice = $productRow['price']; if(!empty($txn_id) && $payment_gross == $productPrice){ //Insert tansaction data into the database $insert = $db->query("INSERT INTO payments(item_number,txn_id,payment_gross,currency_code,payment_status) VALUES('".$item_number."','".$txn_id."','".$payment_gross."','".$currency_code."','".$payment_status."')"); $last_insert_id = $db->insert_id; echo "<h1>Your payment has been successful.</h1>"; echo "<h1>Your Payment ID - <?php echo $last_insert_id; ?>.</h1>"; if ($payment_status == Completed) { header("Location: http://www.broadwaymediadesigns.co.uk/sites/security-site/payg-job-advert.php"); }else{ header("Location: http://www.broadwaymediadesigns.co.uk/sites/security-site/employer-profile.php"); } } ?> <?php include( 'includes/footer.php' ); ?>
-
Hi Sorry I am having another issue with the paypal ipn script now, for some reason it has stopped adding the data to the paypal db table, it was all working before and now just stopped working I am not getting any errors or nothing, below is the script I have <?php ini_set('display_startup_errors',1); ini_set('display_errors',1); error_reporting(-1); session_start(); include_once("paypal-config.php"); include_once("paypal.class.php"); $title = "Payment Success - Pay As You Go - Security Site"; $pgDesc=""; $pgKeywords=""; include ( 'includes/header.php' ); $paypalmode = ($PayPalMode=='sandbox') ? '.sandbox' : ''; if($_POST) //Post Data received from product list page. { //Mainly we need 4 variables from product page Item Name, Item Price, Item Number and Item Quantity. //Please Note : People can manipulate hidden field amounts in form, //In practical world you must fetch actual price from database using item id. Eg: //$ItemPrice = $mysqli->query("SELECT item_price FROM products WHERE id = Product_Number"); $ItemName = $_POST["ItemName"]; //Item Name $ItemPrice = $_POST["ItemPrice"]; //Item Price $ItemNumber = $_POST["ItemNumber"]; //Item Number $ItemDesc = $_POST["ItemDesc"]; //Item description $ItemTotalPrice = ($ItemPrice); //(Item Price x Quantity = Total) Get total amount of product; //Grand total including all tax, insurance, shipping cost and discount $GrandTotal = ($ItemTotalPrice); //Parameters for SetExpressCheckout, which will be sent to PayPal $padata = '&METHOD=SetExpressCheckout'. '&RETURNURL='.urlencode($PayPalReturnURL ). '&CANCELURL='.urlencode($PayPalCancelURL). '&PAYMENTREQUEST_0_PAYMENTACTION='.urlencode("SALE"). '&L_PAYMENTREQUEST_0_NAME0='.urlencode($ItemName). '&L_PAYMENTREQUEST_0_NUMBER0='.urlencode($ItemNumber). '&L_PAYMENTREQUEST_0_DESC0='.urlencode($ItemDesc). '&L_PAYMENTREQUEST_0_AMT0='.urlencode($ItemPrice). /* //Additional products (L_PAYMENTREQUEST_0_NAME0 becomes L_PAYMENTREQUEST_0_NAME1 and so on) '&L_PAYMENTREQUEST_0_NAME1='.urlencode($ItemName2). '&L_PAYMENTREQUEST_0_NUMBER1='.urlencode($ItemNumber2). '&L_PAYMENTREQUEST_0_DESC1='.urlencode($ItemDesc2). '&L_PAYMENTREQUEST_0_AMT1='.urlencode($ItemPrice2). '&L_PAYMENTREQUEST_0_QTY1='. urlencode($ItemQty2). */ /* //Override the buyer's shipping address stored on PayPal, The buyer cannot edit the overridden address. '&ADDROVERRIDE=1'. '&PAYMENTREQUEST_0_SHIPTONAME=J Smith'. '&PAYMENTREQUEST_0_SHIPTOSTREET=1 Main St'. '&PAYMENTREQUEST_0_SHIPTOCITY=San Jose'. '&PAYMENTREQUEST_0_SHIPTOSTATE=CA'. '&PAYMENTREQUEST_0_SHIPTOCOUNTRYCODE=US'. '&PAYMENTREQUEST_0_SHIPTOZIP=95131'. '&PAYMENTREQUEST_0_SHIPTOPHONENUM=408-967-4444'. */ '&NOSHIPPING=1'. //set 1 to hide buyer's shipping address, in-case products that do not require shipping '&PAYMENTREQUEST_0_ITEMAMT='.urlencode($ItemTotalPrice). '&PAYMENTREQUEST_0_AMT='.urlencode($GrandTotal). '&PAYMENTREQUEST_0_CURRENCYCODE='.urlencode($PayPalCurrencyCode). '&LOCALECODE=GB'. //PayPal pages to match the language on your website. '&LOGOIMG=http://www.broadwaymediadesigns.co.uk/sites/security-site/images/logo/logo.jpg'. //site logo '&CARTBORDERCOLOR=FFFFFF'. //border color of cart '&ALLOWNOTE=0'; ############# set session variable we need later for "DoExpressCheckoutPayment" ####### $_SESSION['ItemName'] = $ItemName; //Item Name $_SESSION['ItemPrice'] = $ItemPrice; //Item Price $_SESSION['ItemNumber'] = $ItemNumber; //Item Number $_SESSION['ItemDesc'] = $ItemDesc; //Item description $_SESSION['ItemTotalPrice'] = $ItemTotalPrice; //total amount of product; $_SESSION['GrandTotal'] = $GrandTotal; //We need to execute the "SetExpressCheckOut" method to obtain paypal token $paypal= new MyPayPal(); $httpParsedResponseAr = $paypal->PPHttpPost('SetExpressCheckout', $padata, $PayPalApiUsername, $PayPalApiPassword, $PayPalApiSignature, $PayPalMode); //Respond according to message we receive from Paypal if("SUCCESS" == strtoupper($httpParsedResponseAr["ACK"]) || "SUCCESSWITHWARNING" == strtoupper($httpParsedResponseAr["ACK"])) { //Redirect user to PayPal store with Token received. $paypalurl ='https://www'.$paypalmode.'.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token='.$httpParsedResponseAr["TOKEN"].''; header('Location: '.$paypalurl); }else{ //Show error message echo '<div style="color:red"><b>Error : </b>'.urldecode($httpParsedResponseAr["L_LONGMESSAGE0"]).'</div>'; echo '<pre>'; print_r($httpParsedResponseAr); echo '</pre>'; } } //Paypal redirects back to this page using ReturnURL, We should receive TOKEN and Payer ID if(isset($_GET["token"]) && isset($_GET["PayerID"])) { //we will be using these two variables to execute the "DoExpressCheckoutPayment" //Note: we haven't received any payment yet. $token = $_GET["token"]; $payer_id = $_GET["PayerID"]; //get session variables $ItemName = $_SESSION['ItemName']; //Item Name $ItemPrice = $_SESSION['ItemPrice'] ; //Item Price $ItemNumber = $_SESSION['ItemNumber']; //Item Number $ItemDesc = $_SESSION['ItemDesc']; //Item Number $ItemTotalPrice = $_SESSION['ItemTotalPrice']; //total amount of product; $GrandTotal = $_SESSION['GrandTotal']; $padata = '&TOKEN='.urlencode($token). '&PAYERID='.urlencode($payer_id). '&PAYMENTREQUEST_0_PAYMENTACTION='.urlencode("SALE"). //set item info here, otherwise we won't see product details later '&L_PAYMENTREQUEST_0_NAME0='.urlencode($ItemName). '&L_PAYMENTREQUEST_0_NUMBER0='.urlencode($ItemNumber). '&L_PAYMENTREQUEST_0_DESC0='.urlencode($ItemDesc). '&L_PAYMENTREQUEST_0_AMT0='.urlencode($ItemPrice). /* //Additional products (L_PAYMENTREQUEST_0_NAME0 becomes L_PAYMENTREQUEST_0_NAME1 and so on) '&L_PAYMENTREQUEST_0_NAME1='.urlencode($ItemName2). '&L_PAYMENTREQUEST_0_NUMBER1='.urlencode($ItemNumber2). '&L_PAYMENTREQUEST_0_DESC1=Description text'. '&L_PAYMENTREQUEST_0_AMT1='.urlencode($ItemPrice2). '&L_PAYMENTREQUEST_0_QTY1='. urlencode($ItemQty2). */ '&PAYMENTREQUEST_0_ITEMAMT='.urlencode($ItemTotalPrice). '&PAYMENTREQUEST_0_AMT='.urlencode($GrandTotal). '&PAYMENTREQUEST_0_CURRENCYCODE='.urlencode($PayPalCurrencyCode); //We need to execute the "DoExpressCheckoutPayment" at this point to Receive payment from user. $paypal= new MyPayPal(); $httpParsedResponseAr = $paypal->PPHttpPost('DoExpressCheckoutPayment', $padata, $PayPalApiUsername, $PayPalApiPassword, $PayPalApiSignature, $PayPalMode); //Check if everything went ok.. if("SUCCESS" == strtoupper($httpParsedResponseAr["ACK"]) || "SUCCESSWITHWARNING" == strtoupper($httpParsedResponseAr["ACK"])) { echo '<div id="column-whole">'; echo '<h2>Success</h2>'; echo '<br>'; echo '<p class="success-text">Your Transaction ID : '.urldecode($httpParsedResponseAr["PAYMENTINFO_0_TRANSACTIONID"]). '</p>'; /* //Sometimes Payment are kept pending even when transaction is complete. //hence we need to notify user about it and ask him manually approve the transiction */ if('Completed' == $httpParsedResponseAr["PAYMENTINFO_0_PAYMENTSTATUS"]) { echo '<br>'; echo '<div style="color:white">Payment Received! Your can now enter your information on the link below<br><br><a href="register">Register</a></div>'; } elseif('Pending' == $httpParsedResponseAr["PAYMENTINFO_0_PAYMENTSTATUS"]) { echo '<div style="color:white">Transaction Complete, but payment is still pending! '. 'You need to manually authorize this payment in your <a target="_new" href="http://www.paypal.com">Paypal Account</a></div>'; } echo '</div>'; // we can retrive transection details using either GetTransactionDetails or GetExpressCheckoutDetails // GetTransactionDetails requires a Transaction ID, and GetExpressCheckoutDetails requires Token returned by SetExpressCheckOut $padata = '&TOKEN='.urlencode($token); $paypal= new MyPayPal(); $httpParsedResponseAr = $paypal->PPHttpPost('GetExpressCheckoutDetails', $padata, $PayPalApiUsername, $PayPalApiPassword, $PayPalApiSignature, $PayPalMode); if("SUCCESS" == strtoupper($httpParsedResponseAr["ACK"]) || "SUCCESSWITHWARNING" == strtoupper($httpParsedResponseAr["ACK"])) { /*echo '<br /><b>Stuff to store in database :</b><br /><pre>';*/ #### SAVE BUYER INFORMATION IN DATABASE ### //see (http://www.sanwebe.com/2013/03/basic-php-mysqli-usage) for mysqli usage $buyerName = $httpParsedResponseAr["FIRSTNAME"].' '.$httpParsedResponseAr["LASTNAME"]; $buyerEmail = $httpParsedResponseAr["EMAIL"]; //Open a new connection to the MySQL server $mysqli = new mysqli('','','',''); //Output any connection error if ($mysqli->connect_error) { die('Error : ('. $mysqli->connect_errno .') '. $mysqli->connect_error); } $insert_row = $mysqli->query("INSERT INTO BuyerTable (BuyerName,BuyerEmail,TransactionID,ItemName,ItemNumber,ItemAmount) VALUES ('$buyerName','$buyerEmail','$TransactionID','$ItemName','$ItemNumber', '$ItemTotalPrice')"); $update_row = $mysqli->query("UPDATE BuyerTable SET paid = 1 WHERE buyerEmail = '$buyerEmail'"); if($insert_row){ //if($update_row){ /*$to = $_POST['BuyerEmail']; $subject = "Payment Confirmation"; $message = "Thank you for your payment to Security Site, please visit <a href='http://www.broadwaymediadesigns.co.uk/payg-job-advert.php'>Add Job Listing</a>"; $header = "From:noreply@broadwaymediadesigns.co.uk \r\n"; $retval = mail ($to,$subject,$message,$header); if( $retval == true ) { echo "Message sent successfully..."; } else { echo "Message could not be sent..."; }*/ header('Location: http://www.broadwaymediadesigns.co.uk/sites/security-site/payg-job-advert.php'); } //} /*if($insert_row){ print 'Success! ID of last inserted record is : ' .$mysqli->insert_id .'<br />'; }else{ die('Error : ('. $mysqli->errno .') '. $mysqli->error); }*/ /*echo '<pre>'; print_r($httpParsedResponseAr); echo '</pre>'; } else { echo '<div style="color:red"><b>GetTransactionDetails failed:</b>'.urldecode($httpParsedResponseAr["L_LONGMESSAGE0"]).'</div>'; echo '<pre>'; print_r($httpParsedResponseAr); echo '</pre>';*/ } }else{ echo '<div style="color:red"><b>Error : </b>'.urldecode($httpParsedResponseAr["L_LONGMESSAGE0"]).'</div>'; echo '<pre>'; print_r($httpParsedResponseAr); echo '</pre>'; } } include( 'includes/footer.php' ); ?> All I can think is that it is not connecting to the db
-
I now have the following script in the job advert php page and payment has been completed as has a 1 in the paid column in the db table but it still redirects to the profile page instead of staying on the job advert page below is the whole script from the job advert php page <?php ini_set('display_startup_errors',1); ini_set('display_errors',1); error_reporting(-1); // connect to the database include("connect-db.php"); $paid = ''; if($paid == 0) { header("Location: employer-profile.php"); } ?> <?php require('config-db-employers.php'); //if not logged in redirect to login page if(!$user->is_logged_in()){ header('Location: employer-login.php'); } ?> <?php /* Allows the user to both create new records and edit existing records */ // connect to the database include("connect-db.php"); // creates the new/edit record form // since this form is used multiple times in this file, I have made it a function that is easily reusable function renderForm($memberid = '', $ref = '', $role ='', $division ='', $location ='', $salary ='', $description ='', $datecreated ='', $dateupdated ='', $error = '', $id = '') { ?> <?php $title = "Add/Edit Job Advert - Security Site"; include ( 'includes/header.php' ); ?> <!--CONTENT--> <div id="container"> <div class="profile-left"> <?php if ($error != '') { echo "<div style='padding:4px; border:1px solid red; color:red'>" . $error . "</div>"; } ?> <form action="" method="post"> <div> <?php if ($id != '') { ?> <input type="hidden" name="id" value="<?php echo $id; ?>" /> <p>ID: <?php echo $id; ?></p> <?php } ?> <label>Ref: <input type="text" name="ref"value="<?php echo $ref; ?>"/> </label> <label>Role: <input type="text" name="role" value="<?php echo $role; ?>"/> </label> <label>Division: <input type="text" name="division" value="<?php echo $division; ?>"/> </label> <label>Location: <input type="text" name="location" value="<?php echo $location; ?>"/> </label> <label>Salary: <input type="text" name="salary" value="<?php echo $salary; ?>"/> </label> <label>Description:</label> <textarea name="description"><?php echo $role; ?></textarea> <input type="submit" name="submit" value="Add Job" class="button" /> </div> </form> <?php } $memberid = $_SESSION["memberID"]; // store the user id into session /* EDIT RECORD */ // if the 'id' variable is set in the URL, we know that we need to edit a record if (isset($_GET['id'])) { // if the form's submit button is clicked, we need to process the form if (isset($_POST['submit'])) { // make sure the 'id' in the URL is valid if (is_numeric($_POST['id'])) { // get variables from the URL/form $id = $_POST['id']; $ref = htmlentities($_POST['ref'], ENT_QUOTES); $role = htmlentities($_POST['role'], ENT_QUOTES); $division = htmlentities($_POST['division'], ENT_QUOTES); $location = htmlentities($_POST['location'], ENT_QUOTES); $salary = htmlentities($_POST['salary'], ENT_QUOTES); $description = htmlentities($_POST['description'], ENT_QUOTES); // check that firstname and lastname are both not empty if ($ref == '' || $role == '' || $division == '' || $location == '' || $salary == '' || $description == '') { // if they are empty, show an error message and display the form $error = 'ERROR: Please fill in all required fields!'; renderForm($ref, $role, $division, $location, $salary, $description, $error, $id); } else { // if everything is fine, update the record in the database if ($stmt = $mysqli->prepare("UPDATE jobs SET memberID = ?, ref = ?, role = ?, division = ?, location = ?, salary = ?, description = ?, datecreated = ?, dateupdated = ? WHERE id=?")) { $stmt->bind_param("issssssssi", $memberid, $ref, $role, $division, $location, $salary, $description, $datecreated, $dateupdated, $id); $stmt->execute(); $stmt->close(); } // show an error message if the query has an error else { echo "ERROR: could not prepare SQL statement."; } // redirect the user once the form is updated header("Location: employer-profile.php"); } } // if the 'id' variable is not valid, show an error message else { echo "Error!"; } } // if the form hasn't been submitted yet, get the info from the database and show the form else { // make sure the 'id' value is valid if (is_numeric($_GET['id']) && $_GET['id'] > 0) { // get 'id' from URL $id = $_GET['id']; // get the recod from the database if($stmt = $mysqli->prepare("SELECT * FROM jobs WHERE id=?")) { $stmt->bind_param("i", $id); $stmt->execute(); $stmt->bind_result($memberid, $id, $ref, $role, $division, $location, $salary, $description, $datecreated, $dateupdated); $stmt->fetch(); // show the form renderForm($memberid, $ref, $role, $division, $location, $salary, $description, $datecrated, $dateupdated, NULL, $id); $stmt->close(); } // show an error if the query has an error else { echo "Error: could not prepare SQL statement"; } } // if the 'id' value is not valid, redirect the user back to the view.php page else { header("Location: employer-profile.php"); } } } /* NEW RECORD */ // if the 'id' variable is not set in the URL, we must be creating a new record else { // if the form's submit button is clicked, we need to process the form if (isset($_POST['submit'])) { // get the form data $ref = htmlentities($_POST['ref'], ENT_QUOTES); $role = htmlentities($_POST['role'], ENT_QUOTES); $division = htmlentities($_POST['division'], ENT_QUOTES); $location = htmlentities($_POST['location'], ENT_QUOTES); $salary = htmlentities($_POST['salary'], ENT_QUOTES); $description = htmlentities($_POST['description'], ENT_QUOTES); // check that firstname and lastname are both not empty if ($ref == '' || $role == '' || $division == '' || $location == '' || $salary == '' || $description == '') { // if they are empty, show an error message and display the form $error = 'ERROR: Please fill in all required fields!'; renderForm($ref, $role, $division, $location, $salary, $description, $error); } else { $datecreated = date ('Y-m-d H:i:s'); // insert the new record into the database if ($stmt = $mysqli->prepare("INSERT jobs (memberID, ref, role, division, location, salary, description, datecreated) VALUES (?, ?, ?, ?, ?, ?, ?, ?)")) { $stmt->bind_param("ssssssss", $memberid, $ref, $role, $division, $location, $salary, $description, $datecreated); $stmt->execute(); $stmt->close(); } // show an error if the query has an error else { echo "ERROR: Could not prepare SQL statement."; } // redirec the user header("Location: employer-profile.php"); } } // if the form hasn't been submitted yet, show the form else { renderForm(); } } // close the mysqli connection $mysqli->close(); ?> <?php echo "<div class='home-content'>"; echo "<center><div style='float: left;'><a href='employer-logout.php'>Log Out</a></div></center>"; echo "</div>"; echo "<br><br>"; ?> </div> <div class="profile-right"> </div> </div> <!--CONTENT--> <?php include( 'includes/footer.php' ); ?>
-
Sorry yeah is related to that one but think I sussed that issue on the forum post below as it is updating in the db table http://forums.phpfreaks.com/topic/300074-paypal-payment-access-page-issue/?do=findComment&comment=1528883
-
Sorry will remember to say either page or script It does seem simple but I can't work it out
-
Hmm think I have got it wrong somehow it don't seem to go to the job advert page, it redirects to the profile page instead, it don't seem to be checking the script, below is what I have at the top of my php job advert page <?php ini_set('display_startup_errors',1); ini_set('display_errors',1); error_reporting(-1); // connect to the database include("connect-db.php"); if($paid == 0) { header("Location: employer-profile.php"); } ?>
-
Thank you for the reply, appreciate it I was thinking if it would be something like the following <?php if($paid == 1) { header: (stay on page); } else { header: (redirect to another page); ?> Knowing me I am prob way off
-
Hi Sorry I have been trying to work this one out for a while, in a php page, I want to be able to have the php page check if a db table column has a value of 1 in the paid column and if it has to stay on the same php page and if it has a 0 to redirect to another php page Is that possible? Thank you in advance Ian
-
Sorry I been playing around with it more and modified the UPDATE query some more and it updates to 1 so think I sussed it if someone can confirm it is correct or if is a batter way etc UPDATE BuyerTable SET paid = 1 WHERE buyerEmail = '$buyerEmail'
-
Sorry made a slight adjustment in the UPDATE query to the following UPDATE BuyerTable SET paid = '1' WHERE TransactionID = '$TransactionID' but it is not updating the paid column
-
Think I figured a way round it but unsure how to code it in BuyerTable I have added a paid and complete column so when the payment is made via PayPal the paid column gets updated to a 1 for Yes, I have set it to default of 0 for No and then when they submit the job advert the complete column gets updated to a 1, again I have set that to a default of 0 it's the coding where I am getting stuck, I am completing the payment and takes me to the return url but the paid column is not being updated to a 1 below is the coding I have from my process.php file that does the PayPal API that adds the transaction to the db $insert_row = $mysqli->query("INSERT INTO BuyerTable (BuyerName,BuyerEmail,TransactionID,ItemName,ItemNumber,ItemAmount) VALUES ('$buyerName','$buyerEmail','$TransactionID','$ItemName','$ItemNumber', '$ItemTotalPrice')"); $update_row = $mysqli->query("UPDATE BuyerTable SET paid = 'Y' WHERE TransactionID = '$TransactionID'");
-
This is the script I am using that works apart from the return url issue where they can access the return url again without paying so need a way of checking if the user has paid or not http://www.sanwebe.com/2012/07/paypal-expresscheckout-with-php
-
Hi I have created a site that when users are logged in, they click a link which takes them to PayPal to pay and then returned to a form page to fill out a job advert, it all works perfect apart from one little issue I have after they submitted the job advert form and is added to the db, they close the page after logging out and then open that page again, they can add another job advert again without paying so was seeing if there is any coding that checks if they have not paid and it redirects them to a error page if they not paid and try accessing the job advert form page Hope that makes sense Thank you in advance Ian
-
Hi Sorry I have sussed this now but need to remove or edit my original post as contains my db info, I forgot to remove the info before posting, can th admin or moderator edit it for me please, sorry
-
Think I found out the issue just unsure how to solve it It is thinking the password is entered incorrectly so is loading the login page again, below is the code causing the issue if($hash != $userData['password']) // Incorrect password. So, redirect to login_form again. { header('Location: recruiter-login.php'); }else{ // Redirect to home page after successful login. header('Location: recruiter-profile.php?id=$id'); } I found out cause I changed the line header('Location: recruiter-login.php'); to header('Location: index.php'); The lines above that checks the password part is below $userData = mysqli_fetch_array($result, MYSQL_ASSOC); $hash = hash('sha256', $userData['salt'] . hash('sha256', $password) ); I know the password is correct as I wrote it down just after typing it in the signup form
-
Hi I have built a sign up form which works perfect and a login form that works perfect but if I try to add the id number into the url using php, it makes the login form load the same page and not redirect to the profile page, below is the code I have on the login form processing page <?php ob_start(); session_start(); $username = $_POST['username']; $password = $_POST['password']; $_SESSION['username'] = $username; $conn = mysqli_connect('localhost', '********', '*******', '*******'); $id=$_GET['id']; $username = mysqli_real_escape_string($conn, $username); $query = "SELECT password, salt FROM recruiters WHERE username = '$username' AND id=$id;"; $result = mysqli_query($conn, $query); if(mysqli_num_rows($result) == 0) // User not found. So, redirect to login_form again. { header('Location: recruiter-login.php'); } $userData = mysqli_fetch_array($result, MYSQL_ASSOC); $hash = hash('sha256', $userData['salt'] . hash('sha256', $password) ); if($hash != $userData['password']) // Incorrect password. So, redirect to login_form again. { header('Location: recruiter-login.php'); }else{ // Redirect to home page after successful login. header('Location: recruiter-profile.php?id=$id'); } ?> I put error reporting in and is not displaying any errors so is one good thing If I take out AND id=$id from the sql query, the login works and logs me in Hope someone can help Thank you in advance Ian
-
Sorry got it all sussed and working perfect now