oskare100
-
Posts
69 -
Joined
-
Last visited
Never
Everything posted by oskare100
-
Hello, I've a file downloading script that hides the real location from the person who is trying to download the file. First I run this (don't know if it's right) to get the file_pack and the file_name of the file: [code=php:0]$result2 = mysql_query('select `file_name` , `file_pack` from '$file_tbl' where `file_id` = "'.$_GET['serve'].'"') or die( mysql_error() );[/code] Then I run this (don't know if it's right) to get the file_pack and file_name from the user permission table: [code=php:0]$result3 = mysql_query('select `file_name` , `file_pack` from '$user_tbl' where `username` = "'$_SESSION['username']'"') or die( mysql_error() );[/code] If one of the "file_name"s from the uuser permissions table matches the "file_name" from the requested file OR if one of the "file_pack"s from the user permissions table matches the "file_pack" of the current file then go ahead and continue with the script. If not, then die. I hope that you understand what I want to do with this and I really hope that you can help me.. IF YOU NEED IT, here is the database structure: [CODE]The user permission table where I will store which users has permission to download which files. CREATE TABLE `user_perm` ( `perm_id` int(11) NOT NULL auto_increment, `perm_user` varchar(50) NOT NULL default '', `file_pack` varchar(30) NOT NULL default '', `file_name` varchar(100) NOT NULL default '', `perm_date` varchar(30) NOT NULL default '', `perm_timestamp` varchar(30) NOT NULL default '', PRIMARY KEY (`perm_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ; The file table where I will store the files: CREATE TABLE `files` ( `file_id` int(11) NOT NULL auto_increment, `file_pack` varchar(50) NOT NULL default '', `file_pack_cat` varchar(50) NOT NULL default '', `file_cat` varchar(50) NOT NULL default '', `file_name` varchar(100) NOT NULL default '', `file_desc` text NOT NULL, `file_fullname` varchar(100) NOT NULL default '', `file_downloads` varchar(11) NOT NULL default '', `file_date` varchar(30) NOT NULL default '', `file_timestamp` varchar(30) NOT NULL default '', PRIMARY KEY (`file_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ; [/CODE] Thanks in advance, Best Regards Oskar R
-
Hello again, I now,after a lot of help, got it working with this script; [code=php:0]<?php $allowed = 1; include 'config.php'; include 'db_info.php'; $referrer = getenv('HTTP_REFERER'); if('' == $referrer) { $allowed = ($allowblank) ? 1 : 0; } else { $allowed = 0; foreach($alloweddomains as $domain) { if(substr($referrer, 0, strlen($domain)) == $domain) { $allowed = 1; break; } } } if(!$allowed) { if($logging) { $status = 'Denied'; include 'logit.php'; } exit(0); //quiet leech kill } if(!isset($_GET['serve']) || $_GET['serve'] != (string) (int) $_GET['serve'] || (int) $_GET['serve'] <= 0) { die('Parameter `serve` must be a positive integer.'); } $conn = mysql_connect("$sqlhost", "$sqlusername", "$sqlpassword") or die('Unable to connect to MSQL: '.mysql_error($conn)); mysql_select_db('main', $conn) or die('Unable to select database: '.mysql_error($conn)); $result = mysql_query('select `file_fullname` from '$file_tbl' where `file_id` = "'.$_GET['serve'].'"', $conn) or die("Unable to perform query: ".mysql_error($conn)); if(0 == mysql_num_rows($result)) { die('File not found.'); } $fileName = mysql_result($result, 0, 0) or die('Unable to retrieve result: '.mysql_error($conn)); $extension = (FALSE !== ($pos = strrpos($fileName, '.'))) ? substr($fileName, $pos + 1) : ''; // Content types block switch($extension) { case 'avi': $ct = 'video/avi'; break; case 'bmp': $ct = 'image/bmp'; break; case 'gif': $ct = 'image/gif'; break; case 'jpeg': case 'jpg': case 'jpe': $ct = 'image/jpeg'; break; case 'mov': $ct = 'video/quicktime'; break; case 'mpeg': case 'mpg': case 'mpe': $ct = 'video/mpeg'; break; case 'png': $ct = 'image/png'; break; case 'swf': $ct = 'application/x-shockwave-flash'; break; case 'wmv': $ct = 'video/x-ms-wmv'; break; case 'rar': case 'zip': $ct = 'application/octet-stream'; break; //END// default: $ct = 'application/octet-stream'; if($logging) { $status = 'Generic_Filetype'; include 'logit.php'; } } $handle = @fopen($path.$fileName, 'rb') or die('Unable to select file.'); if(!$handle) { die('Unable to transer file.'); } header('Cache-Control: '); //keeps ie happy header('Pragma: '); //keeps ie happy header('Content-Type: '.$ct); if('swf' != $extension) //flash plays, it isnt downloaded as an actual file. { header('Content-Disposition: attachment; filename="'.$fileName.'"'); } header('Content-Length: '.filesize($path.$fileName)); fpassthru($handle); if($logging) { $status = 'Granted'; include 'logit.php'; } ?>[/code] Now I've only one problem left with this part (hopefully) that I can't solve myself... Different users has permission to download different files. Here is the structure of the files table again; [CODE]CREATE TABLE `files` ( `file_id` int(11) NOT NULL auto_increment, `file_pack` varchar(50) NOT NULL default '', `file_pack_cat` varchar(50) NOT NULL default '', `file_cat` varchar(50) NOT NULL default '', `file_name` varchar(100) NOT NULL default '', `file_desc` text NOT NULL, `file_fullname` varchar(100) NOT NULL default '', `file_downloads` varchar(11) NOT NULL default '', `file_date` varchar(30) NOT NULL default '', `file_timestamp` varchar(30) NOT NULL default '', PRIMARY KEY (`file_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;[/CODE] And as you can see each file has a "file_name" and some of the files belongs to a "file_pack" with several files in it. I'm planning to store the files each user has permission to download in another seperate table with the name "user_perm", here is the structure of that table; [CODE]CREATE TABLE `user_perm` ( `perm_id` int(11) NOT NULL auto_increment, `perm_user` varchar(50) NOT NULL default '', `file_pack` varchar(30) NOT NULL default '', `file_name` varchar(100) NOT NULL default '', `perm_date` varchar(30) NOT NULL default '', `perm_timestamp` varchar(30) NOT NULL default '', PRIMARY KEY (`perm_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;[/CODE] So if a user tries to download one file with, for example, the ID 1 the script must check the "file_name" AND "file_pack" of that file. Then it must check in the "user_perm" and see if the user has permission to download either the "file_name" OR the "file_pack". In other words, it is enough if the user has permission to download the "file_pack" to which the file belongs to. I've at least started with this (but I don't know if it is right); [code=php:0]$result2 = mysql_query('select `file_name` , `file_pack` from '$file_tbl' where `file_id` = "'.$_GET['serve'].'"') or die( mysql_error() );[/code] Then I don't know how to check both of the things (both "file_name" and "file_pack"). AND I don't know where in the script I should add the lines. When the user login the username and password is stored in a session with this lines; [CODE]session_register("myusername"); session_register("mypassword"); [/CODE] Also, Should I change the database structure or should I change something else in the structure of the system I'mn trying to build (for example with the user permission system)? Thanks in advance, Best Regards Oskar R
-
Hello, 've a download script that "hides" the real address of files from the person who wants to download it. What I want to do is to make it use my database instead of the text file as it is using now. Here is the full script as it looked before I started editing it: [code=php:0]<?php $allowed = 0; include('config.php'); if($allowblank > 0) { if($_SERVER['HTTP_REFERER']=="") { $allowed = 1; }} $domains = count($alloweddomains); for($y=0;$y<$domains+1;$y++) { if((stristr($_SERVER['HTTP_REFERER'], $alloweddomains[$y]))) { $allowed = 1;} } if($allowed > 0) { $namenumberarray = file($webaddress."fileindex.txt"); $numberoffiles = count($namenumberarray); $filenames = array(); for($x=0;$x<$numberoffiles+1;$x++) { $temporary = explode(":",$namenumberarray[$x]); $tempname = explode("\n",$temporary[1]); $filenames[$temporary[0]] = $tempname[0]; } if(!isset($filenames[$_GET['serve']])) { if($logging > 0){ $status = "ReqNF"; include('logit.php'); } echo('That number wasnt found!'); exit; } $wantedfilename = $filenames[$_GET['serve']]; $extension = explode(".", $wantedfilename); $numberinarray = count($extension); $lcext = strtolower($extension[$numberinarray-1]); //BEGIN CONTENT TYPES BLOCK. ADD OR REMOVE FILE TYPES HERE, AS SHOWN // //DON'T EDIT THIS UNLESS YOU KNOW WHAT YOU ARE DOING!// //MOST COMMON FILE TYPES ARE ALREADY INCLUDED// switch($lcext) { case ($lcext == "swf"): $commonname="flash"; $ct = "Content-type: application/x-shockwave-flash"; break; case ($lcext == "wmv"): $commonname="wmv"; $ct = "Content-type: video/x-ms-wmv"; break; case ($lcext == "mov"): $commonname="quicktime movie"; $ct = "Content-type: video/quicktime"; break; case ($lcext == "avi"): $commonname="avi video"; $ct = "Content-type: video/avi"; break; case ($lcext == "rar"): $commonname="winrar"; $ct = "Content-type: application/octet-stream"; break; case ($lcext == "zip"): $commonname="zip"; $ct = "Content-type: application/octet-stream"; break; case ($lcext == "bmp"): $commonname="bitmap"; $ct = "Content-type: image/bmp"; break; case ($lcext == "gif"): $commonname="gif"; $ct = "Content-type: image/gif"; break; case ($lcext == "jpeg" || $lcext == "jpg" || $lcext == "jpe"): $commonname="jpeg"; $ct = "Content-type: image/jpeg"; break; case ($lcext == "mpeg" || $lcext == "mpg" || $lcext == "mpe"): $commonname="mpeg"; $ct = "Content-type: video/mpeg"; break; case ($lcext == "png"): $commonname="png"; $ct = "Content-type: image/png"; break; //END// default: $commonname="Generic Filetype"; $ct = "Content-type: application/octet-stream"; if($logging > 0){ $status = "Generic_Filetype"; include('logit.php'); } } $handle = fopen($webaddress.$wantedfilename, "rb"); header("Cache-Control: "); //keeps ie happy header("Pragma: "); //keeps ie happy header($ct); //content type as set above from explode(); if(!stristr($lcext, "swf")){//flash plays, it isnt downloaded as an actual file. header("Content-Disposition: attachment; filename=\"".$wantedfilename."\""); } header("Content-Length: ".filesize($path.$wantedfilename)); fpassthru($handle); if($logging > 0){ $status = "Granted"; include('logit.php'); } exit; } else { if($logging > 0){ $status = "Denied"; include('logit.php'); } exit; //quiet leech kill } ?>[/code] As you can see in the script I want the script to hide the real download location. So I can download the file with the ID 1 by visiting "/thescript.php?serve=1" and the file with the ID 2 by visiting "/thescript.php?serve=2". Here is the database structure; [CODE]CREATE TABLE `files` ( `file_id` int(11) NOT NULL auto_increment, `file_pack` varchar(50) NOT NULL default '', `file_pack_cat` varchar(50) NOT NULL default '', `file_cat` varchar(50) NOT NULL default '', `file_name` varchar(100) NOT NULL default '', `file_desc` text NOT NULL, `file_fullname` varchar(100) NOT NULL default '', `file_downloads` varchar(11) NOT NULL default '', `file_date` varchar(30) NOT NULL default '', `file_timestamp` varchar(30) NOT NULL default '', PRIMARY KEY (`file_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;[/CODE] Where file_fullname is the full name of the file I want to download, for example; text.zip and file_id is the ID of the file. The fileindex.txt contained the IDs and filenames like this instead: [CODE]1:example.zip 2:example2.zip 3:example3.zip[/CODE] I'm not that good at PHP coding so I can't see what needs to be changed to do what I want to do by just looking at the script... Thanks in advance, Best Regards Oskar R
-
Hello, I have a few fileds in my database where I want to save information about which IP addresses my members have when they login. In one table I've fields for the username, password, member group and so on. Then I've a few fields with the names login_ip_1, login_ip_2, login_ip_3, login_ip_4 and login_ip_5 where I want to save the IP numbers the member used when he/she loged in the four last times. So basicly what I need to do it that if let say a user log in with one IP the ip is saved in the login_ip_1 field. If then the user logs in again with another IP I want that one to be saved in login_ip_2 and so on until login_ip_5 and when login_ip_5 is filled I want it to send an email.. but that last part with the reporting shouldn't be a problem. Best Regards Oskar R
-
Hello, When I run this part of the script [code=php:0]mysql_query("INSERT INTO paypal_sales (viewed_online, viewed_online_by_ip) VALUES('$datenow', '$ip') where $txn_id = $txn_id ") or die(mysql_error());[/code] I get the error [CODE]You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'where 0UU67926P08484626 = 0UU67926P08484626' at line 1[/CODE] If I remove it the script works fine again.. What do you think can be the problem? Best Regards Oskar R
-
Hello, The users should be able to write in their transaction IDs and email addresses in a form. If there is a row that contains the transaction ID (txn_id) AND email address (payer_email) that the user wrote into the form then the script should view the account password and login located in the same row as the transaction ID and the email address. Here is my database structure: [CODE]CREATE TABLE `temp_users` ( `invoice` int(10) unsigned NOT NULL auto_increment, `receiver_email` varchar(60) default NULL, `item_name` varchar(100) default NULL, `item_number` varchar(10) default NULL, `quantity` varchar(6) default NULL, `payment_status` varchar(10) default NULL, `pending_reason` varchar(10) default NULL, `payment_date` varchar(20) default NULL, `mc_gross` varchar(20) default NULL, `mc_fee` varchar(20) default NULL, `tax` varchar(20) default NULL, `mc_currency` char(3) default NULL, `txn_id` varchar(20) default NULL, `txn_id_refund` varchar(17) default NULL, `txn_type` varchar(10) default NULL, `first_name` varchar(30) default NULL, `last_name` varchar(40) default NULL, `address_street` varchar(50) default NULL, `address_city` varchar(30) default NULL, `address_state` varchar(30) default NULL, `address_zip` varchar(20) default NULL, `address_country` varchar(30) default NULL, `address_status` varchar(10) default NULL, `payer_email` varchar(60) default NULL, `payer_status` varchar(10) default NULL, `payment_type` varchar(10) default NULL, `notify_version` varchar(10) default NULL, `verify_sign` varchar(10) default NULL, `referrer_id` varchar(10) default NULL, `memo` varchar(255) default NULL, `for_auction` varchar(20) default NULL, `auction_buyer_id` varchar(64) default NULL, `auction_closing_date` varchar(20) default NULL, `auction_multi_item` varchar(20) default NULL, `account_username` varchar(100) default NULL, `account_password` varchar(20) default NULL, `account_email` varchar(100) default NULL, `account_group` varchar(20) default NULL, `date` varchar(20) default NULL, PRIMARY KEY (`invoice`), KEY `txn_id` (`txn_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=726857 ;[/CODE] In other words, If I write in oskare200@oskar.com as email and 15468454f as transaction ID in the form and there is a row with the payer_email oskare200@oskar.com and the txn_id 15468454f it should view the account_username and the account_password in that row. Here is what I've started with in the PHP script but I can't figure out how the rest.. [code=php:0]<?php //Get information from the form $txn_id = $_POST['txn_id']; $item_number = $_POST['item_number']; $payer_email = $_POST['payer_email']; //Connect to MySQL mysql_connect("localhost", "test", "test") or die(mysql_error()); //Select file system database mysql_select_db("test") or die(mysql_error()); ?> [/code] Thanks, Oskar R
-
Hello, I didn't understand how to get that working, I'm not good at neither PHP nor SQL but I need to get this working somehow.. The other parts of the script are already done and working.. According to the person I spoke to I could use this to insert the data (this is the insert script I've used all the time): [code=php:0]<?php $receiver_email = "osakre2020@hotmail.com"; //Connect to MySQL mysql_connect("localhost", "test", "test") or die(mysql_error()); //Select file system database mysql_select_db("test") or die(mysql_error()); $v = time(); mysql_query("INSERT INTO temp_users (invoice, receiver_email, item_name, item_number, quantity, payment_status, pending_reason, payment_date, mc_gross, mc_fee, tax, mc_currency, txn_id, txn_type, first_name, last_name, address_street, address_city, address_state, address_zip, address_country, address_status, payer_email, payer_status, payment_type, notify_version, verify_sign, referrer_id, memo, for_auction, auction_buyer_id, auction_closing_date, auction_multi_item, account_username, account_password, `account_group`, account_email, date) VALUES('$invoice', '$receiver_email', '$item_name', '$item_number', '$quantity', '$payment_status', '$pending_reason', '$payment_date', '$mc_gross', '$mc_fee', '$tax', '$mc_currency', '$txn_id', '$txn_type', '$first_name', '$last_name', '$address_street', '$address_city', '$address_state', '$address_zip', '$address_country', '$address_status', '$payer_email', '$payer_status', '$payment_type', '$notify_version', '$verify_sign', '$referrer_id', '$memo', '$for_auction', '$auction_buyer_id', '$auction_closing_date', '$auction_multi_item', '$payer_email', '$password', '$group_id', '$payer_email', {$v}) ") or die(mysql_error()); ?>[/code] And then I could use this code to delete the row after a number of seconds... I wrote 10 seconds to be able to test the script: [code=php:0]<?php mysql_connect("localhost", "test", "test") or die(mysql_error()); mysql_select_db("test") or die(mysql_error()); $sql = mysql_query("SELECT * FROM temp_users"); $checkdate = mysql_fetch_array($sql); do{ $deleteday = $checkdate['date'] + 10; // 86400 is one day in seconds, 60*60*24 if(time() <= $deleteday) { $deleteSQL = "DELETE FROM temp_users WHERE invoice =" . $checkdate['invoice']; mysql_query($deleteSQL, "test") or die(mysql_error()); } }while($checkdate = mysql_fetch_array($sql)); ?>[/code] But it didn't work. Here is a dumb of my MySQL table and as you can see, the row is still there: [CODE]-- -- Struktur för tabell `temp_users` -- CREATE TABLE `temp_users` ( `invoice` int(10) unsigned NOT NULL auto_increment, `receiver_email` varchar(60) default NULL, `item_name` varchar(100) default NULL, `item_number` varchar(10) default NULL, `quantity` varchar(6) default NULL, `payment_status` varchar(10) default NULL, `pending_reason` varchar(10) default NULL, `payment_date` varchar(20) default NULL, `mc_gross` varchar(20) default NULL, `mc_fee` varchar(20) default NULL, `tax` varchar(20) default NULL, `mc_currency` char(3) default NULL, `txn_id` varchar(20) default NULL, `txn_id_refund` varchar(17) default NULL, `txn_type` varchar(10) default NULL, `first_name` varchar(30) default NULL, `last_name` varchar(40) default NULL, `address_street` varchar(50) default NULL, `address_city` varchar(30) default NULL, `address_state` varchar(30) default NULL, `address_zip` varchar(20) default NULL, `address_country` varchar(30) default NULL, `address_status` varchar(10) default NULL, `payer_email` varchar(60) default NULL, `payer_status` varchar(10) default NULL, `payment_type` varchar(10) default NULL, `notify_version` varchar(10) default NULL, `verify_sign` varchar(10) default NULL, `referrer_id` varchar(10) default NULL, `memo` varchar(255) default NULL, `for_auction` varchar(20) default NULL, `auction_buyer_id` varchar(64) default NULL, `auction_closing_date` varchar(20) default NULL, `auction_multi_item` varchar(20) default NULL, `account_username` varchar(100) default NULL, `account_password` varchar(20) default NULL, `account_email` varchar(100) default NULL, `account_group` varchar(20) default NULL, `date` varchar(20) default NULL, PRIMARY KEY (`invoice`), KEY `txn_id` (`txn_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=726856 ; -- -- Data i tabell `temp_users` -- INSERT INTO `temp_users` VALUES (726855, 'osakre2020@hotmail.com', '', '', '', '', '', '', '', '', '', '', '', NULL, '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '1163786812');[/CODE] I'e also tried a few other things also but I can't get it working.. So please, I need help.. Best Regards Oskar R
-
Hello, Is that seconds or days? How do I do it in seconds and days? And what do I write when I insert the date into the database? Best Regards Oskar R
-
Hello, That was a test, I wanted it to be removed if I runned the script after more than 3 second to see if the row was removed but it wasn't. Best Regards Oskar R
-
Hello, I've a Paypal IPN PHP script that creates an account in one table and then insert the transaction details into another table. Three days after the account has been created/the payment has been recieved and the details has been inserted into the database I need the users to be able to go to a page and view their username and password by typing in their email and the auction ID (which are in the database). I thought that I can create a new table where I insert the date, the username, the password and the auction ID when the account is created and then I can have a script that removes that row after three days (because the login and the transaction details are already saved in the other tables). In other words when the row has been deleted they can't get access to their passwords anymore by going to that page and typing in their username and password because the their email and auction ID aren't in that table anymore. Basicly I need to know at least how to make the delete script delete the rows after three days. I've asked for help on another forum but I can't get it to work, here is the codes I've (with help) done so far but it doesn work.. This is the PHP code that should add the date: [code=php:0]//Connect to MySQL mysql_connect("localhost", "test", "test") or die(mysql_error()); //Select file system database mysql_select_db("test") or die(mysql_error()); $v = time(); mysql_query("INSERT INTO temp_users (invoice, receiver_email, item_name, item_number, quantity, payment_status, pending_reason, payment_date, mc_gross, mc_fee, tax, mc_currency, txn_id, txn_type, first_name, last_name, address_street, address_city, address_state, address_zip, address_country, address_status, payer_email, payer_status, payment_type, notify_version, verify_sign, referrer_id, memo, for_auction, auction_buyer_id, auction_closing_date, auction_multi_item, account_username, account_password, `account_group`, account_email, date) VALUES('$invoice', '$receiver_email', '$item_name', '$item_number', '$quantity', '$payment_status', '$pending_reason', '$payment_date', '$mc_gross', '$mc_fee', '$tax', '$mc_currency', '$txn_id', '$txn_type', '$first_name', '$last_name', '$address_street', '$address_city', '$address_state', '$address_zip', '$address_country', '$address_status', '$payer_email', '$payer_status', '$payment_type', '$notify_version', '$verify_sign', '$referrer_id', '$memo', '$for_auction', '$auction_buyer_id', '$auction_closing_date', '$auction_multi_item', '$payer_email', '$password', '$group_id', '$payer_email', {$v}) ") or die(mysql_error());[/code] And it does add something like 1163786812 Then this script is supposed to remove the row ( I guess that that is "remove all rows with a date older than 3 seconds"): [code=php:0]//Connect to MySQL mysql_connect("localhost", "test", "test") or die(mysql_error()); //Select file system database mysql_select_db("test") or die(mysql_error()); $v = mktime(date("H"), date("i"), date("s") - 3, date("m"), date("d"), date("Y")); $sql = "delete from temp_users where date < {$v}"; [/code] But is doesn't. What do you think is wrong? Best Regards Oskar R
-
Hello, When I try to run this script I get the error message "You have an error in your SQL syntax near 'where payer_email = 'oskare100@test.com'' at line 1" : [code=php:0]$txn_id = "12345678910"; $payer_email = "oskare100@test.com"; //Connect to MySQL mysql_connect("localhost", "test", "30053005") or die(mysql_error()); //Select file system database mysql_select_db("test") or die(mysql_error()); $sql13 = "INSERT INTO paypal_sales (txn_id_refund) VALUES ('$txn_id') where payer_email = '$payer_email'"; $result13 = mysql_query($sql13) or die( mysql_error() );[/code] I can't figure out what SQL syntax error it's talking about.. Best Regards Oskar R
-
Hello, When I rund this part of the script: [code=php:0]$sql13 = "select account_username from paypal_sales where txn_id = '$txn_id'"; $result13 = mysql_query($sql13) or die( mysql_error() ); $del_account_username = mysql_result($result13); echo "Username: $del_account_username";[/code] I get the error: Warning: Wrong parameter count for mysql_result() in /home/httpd/vhosts/com/ What does that mean? There is a value for account_username in the table paypal_sales where the txn_id in the database is the same as the $txn_id variable in the script. Best Regards Oskar R
-
Want to check in the database if the txn_id has been used before
oskare100 replied to oskare100's topic in PHP Coding Help
Hello again, I really need help with this. Is there anything else I can post to make it easier for you to help? Best Regards Oskar R -
Want to check in the database if the txn_id has been used before
oskare100 replied to oskare100's topic in PHP Coding Help
Hello, OK, I got that working now in a seperate test script. Here is what I added to the main script: [code=php:0]//Check if the transaction already is in the database $sql = "select txn_id , payment_status from paypal_sales where txn_id = '$txn_id'"; $result = mysql_query($sql) or die( mysql_error() ); $row = mysql_fetch_array($result); if ($row['txn_id'] == '') { // It's a new order - continue echo "it's a new payment"; } if ($row['payment_status'] == 'pending') { // It's an old order that has been cleared - change status $sql2 = "update `paypal_sales` set `payment_status` = 'Completed' where txn_id = '$txn_id'"; $result2 = mysql_query($sql2) or die( mysql_error() ); echo "it's an old payment that has cleared"; } if ($payment_status == "Refunded"){ echo "payment status refunded"; if ($row['txn_id'] == "$txn_id") { // The payment is in the database but has been refunded. echo "the payment id is in the databse"; if ($row['payment_status'] == 'Completed') { // The payment has been completed and the account has been created. echo "the payment status is complete - delete the account"; $sql3 = "select account_username from paypal_sales where txn_id = '$txn_id'"; $result3 = mysql_query($sql3) or die( mysql_error() ); $del_account_username = mysql_result($result3); // Prepare to delete account $sql4 = "select username from dl_users where username = '$del_account_username'"; $result4 = mysql_query($sql4) or die( mysql_error() ); $row4 = mysql_fetch_array($result); $del_account_group_id = $row4['group']; $del_account_email = $row4['email']; $del_account_regKey = $row4['regKey']; $del_account_iplog = $row4['iplog']; // Delete account $sql5 = "DELETE FROM dl_users WHERE username = '$del_account_username'"; $result5 = mysql_query($sql5) or die( mysql_error() ); //Change payment status $sql5 = "update `paypal_sales` set `payment_status` = 'Refunded' where txn_id = '$txn_id'"; $result5 = mysql_query($sql5) or die( mysql_error() ); die; } if ($row['payment_status'] == 'Pending') { // The payment has been pending. //Change payment status $sql6 = "update `paypal_sales` set `payment_status` = 'Refunded' where txn_id = '$txn_id'"; $result6 = mysql_query($sql5) or die( mysql_error() ); echo "the payment status is pending, changed is to Refunded"; die; } } else { // The payment has been refunded but didn't exist in the database?? } }[/code] And now that part doesn't work at all + that it doesn't echo anything, nor my notes neither any error messages. This was added in the beginning of the script after it has connected to the database. What can be the problem? I've tried to change thing over and over but it still doesn't echo anything... Here is the "main" script so far: [code=php:0]<?php // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } //Post back to PayPal system to validate $header .= "POST /pp/index.php HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen ('www.belahost.com', 80, $errno, $errstr, 30); //Assign posted variables to local variables //Basic Information $business = $_POST['business']; $receiver_email = $_POST['receiver_email']; $receiver_id = $_POST['receiver_id']; $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $quantity= $_POST['quantity']; //Advanced and Custom Information $invoice = $_POST['invoice']; $custom = $_POST['custom']; $memo = $_POST['memo']; $tax = $_POST['tax']; $option_name1 = $_POST['option_name1']; $option_selection1 = $_POST['option_selection1']; $option_name2 = $_POST['option_name2']; $option_selection2 = $_POST['option_selection2']; //Shopping Cart Information $num_cart_items = $_POST['num_cart_items']; //Transaction Information $payment_status = $_POST['payment_status']; $pending_reason = $_POST['pending_reason']; $reason_code = $_POST['reason_code']; $txn_id = $_POST['txn_id']; $parent_txn_id = $_POST['parent_txn_id']; $txn_type = $_POST['txn_type']; $payment_type = $_POST['payment_type']; //Currency and Exchange Information $mc_gross = $_POST['mc_gross']; $mc_fee = $_POST['mc_fee']; $mc_currency = $_POST['mc_currency']; $settle_amount = $_POST['settle_amount']; $settle_currency = $_POST['settle_currency']; $exchange_rate = $_POST['exchange_rate']; $payment_gross = $_POST['payment_gross']; $payment_fee = $_POST['payment_fee']; //Auction Information $for_auction = $_POST['for_auction']; $auction_buyer_id = $_POST['auction_buyer_id']; $auction_closing_date= $_POST['auction_closing_date']; $auction_multi_item = $_POST['auction_multi_item']; //Buyer Information $first_name = $_POST['first_name']; $last_name = $_POST['last_name']; $payer_business_name = $_POST['payer_business_name']; $address_street = $_POST['address_street']; $address_city = $_POST['address_city']; $address_state = $_POST['address_state']; $address_zip= $_POST['address_zip']; $address_country = $_POST['address_country']; $address_status = $_POST['address_status']; $payer_email = $_POST['payer_email']; $payer_id = $_POST['payer_id']; $payer_status= $_POST['payer_status']; if (!$fp) { // HTTP ERROR } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); if (strcmp ($res, "VERIFIED") == 0) { // Check if the payment_status is Completed if ($payment_status == "Completed") { //Connect to MySQL mysql_connect("localhost", "test", "30053005") or die(mysql_error()); //Select file system database mysql_select_db("test") or die(mysql_error()); echo "connected to database"; //Check if the transaction already is in the database $sql = "select txn_id , payment_status from paypal_sales where txn_id = '$txn_id'"; $result = mysql_query($sql) or die( mysql_error() ); $row = mysql_fetch_array($result); if ($row['txn_id'] == '') { // It's a new order - continue echo "it's a new payment"; } if ($row['payment_status'] == 'pending') { // It's an old order that has been cleared - change status $sql2 = "update `paypal_sales` set `payment_status` = 'Completed' where txn_id = '$txn_id'"; $result2 = mysql_query($sql2) or die( mysql_error() ); echo "it's an old payment that has cleared"; } if ($payment_status == "Refunded"){ echo "payment status refunded"; if ($row['txn_id'] == "$txn_id") { // The payment is in the database but has been refunded. echo "the payment id is in the databse"; if ($row['payment_status'] == 'Completed') { // The payment has been completed and the account has been created. echo "the payment status is complete - delete the account"; $sql3 = "select account_username from paypal_sales where txn_id = '$txn_id'"; $result3 = mysql_query($sql3) or die( mysql_error() ); $del_account_username = mysql_result($result3); // Prepare to delete account $sql4 = "select username from dl_users where username = '$del_account_username'"; $result4 = mysql_query($sql4) or die( mysql_error() ); $row4 = mysql_fetch_array($result); $del_account_group_id = $row4['group']; $del_account_email = $row4['email']; $del_account_regKey = $row4['regKey']; $del_account_iplog = $row4['iplog']; // Delete account $sql5 = "DELETE FROM dl_users WHERE username = '$del_account_username'"; $result5 = mysql_query($sql5) or die( mysql_error() ); //Change payment status $sql5 = "update `paypal_sales` set `payment_status` = 'Refunded' where txn_id = '$txn_id'"; $result5 = mysql_query($sql5) or die( mysql_error() ); die; } if ($row['payment_status'] == 'Pending') { // The payment has been pending. //Change payment status $sql6 = "update `paypal_sales` set `payment_status` = 'Refunded' where txn_id = '$txn_id'"; $result6 = mysql_query($sql5) or die( mysql_error() ); echo "the payment status is pending, changed is to Refunded"; die; } } else { // The payment has been refunded but didn't exist in the database?? } } //generate the password function createRandomPassword() { $chars = "abcdefghijkmnopqrstuvwxyz023456789"; srand((double)microtime()*1000000); $i = 0; $pass = '' ; while ($i <= 7) { $num = rand() % 30; $tmp = substr($chars, $num, 1); $pass = $pass . $tmp; $i++; } return $pass; } $password = createRandomPassword(); $password_encrypt = md5("$password"); //Add group ID $group_id="4"; //Add user to the download system mysql_query("INSERT INTO dl_users (username, password, `group`, email) VALUES('$payer_email', '$password_encrypt', '$group_id', '$payer_email') ") or die(mysql_error()); //Add transaction and user details to the database if ($row['txn_id'] == '') { mysql_query("INSERT INTO paypal_sales (invoice, receiver_email, item_name, item_number, quantity, payment_status, pending_reason, payment_date, mc_gross, mc_fee, tax, mc_currency, txn_id, txn_type, first_name, last_name, address_street, address_city, address_state, address_zip, address_country, address_status, payer_email, payer_status, payment_type, notify_version, verify_sign, referrer_id, memo, for_auction, auction_buyer_id, auction_closing_date, auction_multi_item, account_username, account_password, `account_group`, account_email) VALUES('$invoice', '$receiver_email', '$item_name', '$item_number', '$quantity', '$payment_status', '$pending_reason', '$payment_date', '$mc_gross', '$mc_fee', '$tax', '$mc_currency', '$txn_id', '$txn_type', '$first_name', '$last_name', '$address_street', '$address_city', '$address_state', '$address_zip', '$address_country', '$address_status', '$payer_email', '$payer_status', '$payment_type', '$notify_version', '$verify_sign', '$referrer_id', '$memo', '$for_auction', '$auction_buyer_id', '$auction_closing_date', '$auction_multi_item', '$payer_email', '$password', '$group_id', '$payer_email') ") or die(mysql_error()); } //If it is an acution payment if ($for_auction == "true"){ //Send welcome message (auction payment) $to = $payer_email; $subject = ': delivery information'; $message = " Hello, Congratulations! You have won one of our auctions. You can now login to our download system and download the files. Download syst.... "; $headers = 'From: no-reply@test.com' . "\r\n" . 'Reply-To: test@gmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); unset($to, $subject, $message, $headers); // Send standard payment message to $to = $receiver_email; $subject = ': Auction payment account created...'; $message = " Account details: Username: $payer_email Password: $password .... "; $headers = 'From: no-reply@test.com' . "\r\n" . 'Reply-To: test@gmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); unset($to, $subject, $message, $headers); //Else it is a standard payment } else { //Send welcome message (standard payment) $to = $payer_email; $subject = ': delivery information'; $message = " Hello, Thank you for your purchase. You can now login to our download system and download the files. Download system .... "; $headers = 'From: no-reply@test.com' . "\r\n" . 'Reply-To: test@gmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); unset($to, $subject, $message, $headers); // Send standard payment message to $to = $receiver_email; $subject = ' Standard payment account created...'; $message = " Account details: Username: $payer_email Password: $password ... "; $headers = 'From: no-reply@test.com' . "\r\n" . 'Reply-To: test@gmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); unset($to, $subject, $message, $headers); } } else if ($payment_status == "Pending") { //Send pending message to buyer $to = $payer_email; $subject = ': Pending payment'; $message = " Hello, Your payment is pe.... "; $headers = 'From: no-reply@test.com' . "\r\n" . 'Reply-To: test@gmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); unset($to, $subject, $message, $headers); // Send pending message to $to = $receiver_email; $subject = ': Pending PayPal Transaction...'; $message = " Transaction details: Pending reason: $pending_reason Amount: $mc_gross $mc_currency ... "; $headers = 'From: no-reply@test.com' . "\r\n" . 'Reply-To: test@gmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); unset($to, $subject, $message, $headers); } else if (strcmp ($res, "INVALID") == 0) { // log for manual investigation // Send invalid message to buyer $to = $payer_email; $subject = ': An error has occurred'; $message = " Hello, An error occur.... "; $headers = 'From: no-reply@test.com' . "\r\n" . 'Reply-To: test@gmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); unset($to, $subject, $message, $headers); // Send invalid message to $to = $receiver_email; $subject = ': Invalid PayPal Transaction...'; $message = " Transaction details: An invalid transaction requires your attention "; $headers = 'From: no-reply@test.com' . "\r\n" . 'Reply-To: test@gmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); unset($to, $subject, $message, $headers); } } } fclose ($fp); } ?>[/code] Best Regards Oskar R -
Want to check in the database if the txn_id has been used before
oskare100 replied to oskare100's topic in PHP Coding Help
Hello, OK, I got that working now in a seperate test script. Here is what I added to the main script: [code=php:0]//Check if the transaction already is in the database $sql = "select txn_id , payment_status from paypal_sales where txn_id = '$txn_id'"; $result = mysql_query($sql) or die( mysql_error() ); $row = mysql_fetch_array($result); if ($row['txn_id'] == '') { // It's a new order - continue echo "it's a new payment"; } if ($row['payment_status'] == 'pending') { // It's an old order that has been cleared - change status $sql2 = "update `paypal_sales` set `payment_status` = 'Completed' where txn_id = '$txn_id'"; $result2 = mysql_query($sql2) or die( mysql_error() ); echo "it's an old payment that has cleared"; } if ($payment_status == "Refunded"){ echo "payment status refunded"; if ($row['txn_id'] == "$txn_id") { // The payment is in the database but has been refunded. echo "the payment id is in the databse"; if ($row['payment_status'] == 'Completed') { // The payment has been completed and the account has been created. echo "the payment status is complete - delete the account"; $sql3 = "select account_username from paypal_sales where txn_id = '$txn_id'"; $result3 = mysql_query($sql3) or die( mysql_error() ); $del_account_username = mysql_result($result3); // Prepare to delete account $sql4 = "select username from dl_users where username = '$del_account_username'"; $result4 = mysql_query($sql4) or die( mysql_error() ); $row4 = mysql_fetch_array($result); $del_account_group_id = $row4['group']; $del_account_email = $row4['email']; $del_account_regKey = $row4['regKey']; $del_account_iplog = $row4['iplog']; // Delete account $sql5 = "DELETE FROM dl_users WHERE username = '$del_account_username'"; $result5 = mysql_query($sql5) or die( mysql_error() ); //Change payment status $sql5 = "update `paypal_sales` set `payment_status` = 'Refunded' where txn_id = '$txn_id'"; $result5 = mysql_query($sql5) or die( mysql_error() ); die; } if ($row['payment_status'] == 'Pending') { // The payment has been pending. //Change payment status $sql6 = "update `paypal_sales` set `payment_status` = 'Refunded' where txn_id = '$txn_id'"; $result6 = mysql_query($sql5) or die( mysql_error() ); echo "the payment status is pending, changed is to Refunded"; die; } } else { // The payment has been refunded but didn't exist in the database?? } }[/code] And now that part doesn't work at all + that it doesn't echo anything, nor my notes neither any error messages. This was added in the beginning of the script after it has connected to the database. What can be the problem? I've tried to change thing over and over but it still doesn't echo anything... Best Regards Oskar R -
Want to check in the database if the txn_id has been used before
oskare100 replied to oskare100's topic in PHP Coding Help
Hello again, After a tip I changed the code to: [code=php:0]<?php $txn_id = "12345678910"; //Connect to MySQL mysql_connect("localhost", "test", "30053005") or die(mysql_error()); mysql_select_db("test") or die(mysql_error()); $sql = "SELECT txn_id,payment_status FROM paypal_sales WHERE txd_id = '$txn_id'"; $result = mysql_query($sql) or die( mysql_error() ); $row = mysql_fetch_array($result); if ($row['txn_id'] == '') { echo "the txnid does not exist"; } else { if ($row['payment_status'] == 'pending') { echo "the txnid does exist but is pending"; } } ?>[/code] And now I get the error "Unknown column 'txd_id' in 'where clause'". so, what is a column then? In myphpadmin is say "field". Here is the structure of my paypal_sales table: [CODE]-- -- Table structure for table `paypal_sales` -- CREATE TABLE `paypal_sales` ( `invoice` int(10) unsigned NOT NULL auto_increment, `receiver_email` varchar(60) default NULL, `item_name` varchar(100) default NULL, `item_number` varchar(10) default NULL, `quantity` varchar(6) default NULL, `payment_status` varchar(10) default NULL, `pending_reason` varchar(10) default NULL, `payment_date` varchar(20) default NULL, `mc_gross` varchar(20) default NULL, `mc_fee` varchar(20) default NULL, `tax` varchar(20) default NULL, `mc_currency` char(3) default NULL, `txn_id` varchar(20) default NULL, `txn_type` varchar(10) default NULL, `first_name` varchar(30) default NULL, `last_name` varchar(40) default NULL, `address_street` varchar(50) default NULL, `address_city` varchar(30) default NULL, `address_state` varchar(30) default NULL, `address_zip` varchar(20) default NULL, `address_country` varchar(30) default NULL, `address_status` varchar(10) default NULL, `payer_email` varchar(60) default NULL, `payer_status` varchar(10) default NULL, `payment_type` varchar(10) default NULL, `notify_version` varchar(10) default NULL, `verify_sign` varchar(10) default NULL, `referrer_id` varchar(10) default NULL, `memo` varchar(255) default NULL, `for_auction` varchar(20) default NULL, `auction_buyer_id` varchar(64) default NULL, `auction_closing_date` varchar(20) default NULL, `auction_multi_item` varchar(20) default NULL, `account_username` varchar(100) default NULL, `account_password` varchar(20) default NULL, `account_email` varchar(100) default NULL, `account_group` varchar(20) default NULL, PRIMARY KEY (`invoice`) ) TYPE=MyISAM AUTO_INCREMENT=2 ;[/CODE] So what should I do to make it do what I want (as in the first post)? I mean if field and column is not the same thing. Because the field txn_id surely exist and that's where I want the script to select from and see if the txn_id is already in use and if it is in use, if the payment status is pending. Best Regards Oskar R -
Want to check in the database if the txn_id has been used before
oskare100 replied to oskare100's topic in PHP Coding Help
Hello, Thanks, I think it helped, I've now done like this: [code=php:0]<?php $txn_id = "12345678910"; //Connect to MySQL mysql_connect("localhost", "test", "test") or die(mysql_error()); mysql_select_db("test") or die(mysql_error()); $result = mysql_query("SELECT txn_id,payment_status FROM paypal_sales WHERE txd_id = '$txn_id'"); $row = mysql_fetch_array($result); if ($row['txn_id'] == '') { //the txn_id doesn't exist } else { if ($row['payment_status'] == 'pending') { //the txn_id does exist but is pending } } ?>[/code] And when I run that script I get this error: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/httpd/vhosts/com/httpdocs/row.php on line 9 What can be the problem? I've tried to change things and so on but nothing helped (I'm not that good at PHP). Best Regards Oskar R -
Hello, When Paypal runs my IPN script I save all transaction details in a table in a database. The payment_status can be pending (if echeck and so on) or completed. I store the payment_status in the the table among with all other transaction details. Each transaction has an uniqe txn_id, I do also save the txn_id in the table. When I payment arrives as completed I first want to check if it is a new payment that has arrived with a new txn_id or if it is an old pending payment with transaction details and a txn_id that is already in the table that has been cleared and completed. It could also be an txn_id (transaction) that my script already has created an account for so if the payment_status in my table is "completed" for that txn_id I want it to do something else (send me an email or log it). I don't know how advanced that it but I'm stuck and I can't figure out how to do that so please, I need some help : ( Here is what I did come up with: $result = mysql_query("SELECT txn_id FROM paypal_sales"); But then I don't know how to find if that txn_id has been used or if the payment_status is completed or pending. Best Regards Oskar R
-
Hello, OK, thanks, that solved that problem but now I get "Parse error: parse error in /home/httpd/vhosts/com/httpdocs/paypal7.php on line 211" but I don't have a line 211, my last line is 210 (?>). Earlier someone told me to change some { and ( and that solved another pharase error... Maybe there is something else with the ( and the { just that I can't find it? The code now: [code=php:0]<?php // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } //Post back to PayPal system to validate $header .= "POST /pp/index.php HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen ('www.belahost.com', 80, $errno, $errstr, 30); //Assign posted variables to local variables //Basic Information $business = $_POST['business']; $receiver_email = $_POST['receiver_email']; $receiver_id = $_POST['receiver_id']; $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $quantity= $_POST['quantity']; //Advanced and Custom Information $invoice = $_POST['invoice']; $custom = $_POST['custom']; $memo = $_POST['memo']; $tax = $_POST['tax']; $option_name1 = $_POST['option_name1']; $option_selection1 = $_POST['option_selection1']; $option_name2 = $_POST['option_name2']; $option_selection2 = $_POST['option_selection2']; //Shopping Cart Information $num_cart_items = $_POST['num_cart_items']; //Transaction Information $payment_status = $_POST['payment_status']; $pending_reason = $_POST['pending_reason']; $reason_code = $_POST['reason_code']; $txn_id = $_POST['txn_id']; $parent_txn_id = $_POST['parent_txn_id']; $txn_type = $_POST['txn_type']; $payment_type = $_POST['payment_type']; //Currency and Exchange Information $mc_gross = $_POST['mc_gross']; $mc_fee = $_POST['mc_fee']; $mc_currency = $_POST['mc_currency']; $settle_amount = $_POST['settle_amount']; $settle_currency = $_POST['settle_currency']; $exchange_rate = $_POST['exchange_rate']; $payment_gross = $_POST['payment_gross']; $payment_fee = $_POST['payment_fee']; //Auction Information $for_auction = $_POST['for_auction']; $auction_buyer_id = $_POST['auction_buyer_id']; $auction_closing_date= $_POST['auction_closing_date']; $auction_multi_item = $_POST['auction_multi_item']; //Buyer Information $first_name = $_POST['first_name']; $last_name = $_POST['last_name']; $payer_business_name = $_POST['payer_business_name']; $address_street = $_POST['address_street']; $address_city = $_POST['address_city']; $address_state = $_POST['address_state']; $address_zip= $_POST['address_zip']; $address_country = $_POST['address_country']; $address_status = $_POST['address_status']; $payer_email = $_POST['payer_email']; $payer_id = $_POST['payer_id']; $payer_status= $_POST['payer_status']; if (!$fp) { // HTTP ERROR } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); if (strcmp ($res, "VERIFIED") == 0) { // Check if the payment_status is Completed if ($payment_status == "Completed") { //Connect to MySQL mysql_connect("localhost", "test", "test") or die(mysql_error()); //Select file system database mysql_select_db("test") or die(mysql_error()); //generate the password function createRandomPassword() { $chars = "abcdefghijkmnopqrstuvwxyz023456789"; srand((double)microtime()*1000000); $i = 0; $pass = '' ; while ($i <= 7) { $num = rand() % 30; $tmp = substr($chars, $num, 1); $pass = $pass . $tmp; $i++; } return $pass; } $password = createRandomPassword(); $password_encrypt = md5("$password"); //Add group ID $group_id="4"; //Add user to the download system mysql_query("INSERT INTO dl_users (username, password, `group`, email) VALUES('$payer_email', '$password_encrypt', '$group_id', '$payer_email') ") or die(mysql_error()); //Add transaction details to the database //If it is an acution payment if ($for_auction == "true"){ //Send welcome message (auction payment) $to = $payer_email; $subject = ' delivery information'; $message = " Hello, Congratulations! You have won auction .... Best Regards "; $headers = 'From: no-reply@test.com' . "\r\n" . 'Reply-To: test@gmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); unset($to, $subject, $message, $headers); //Else it is a standard payment } else { //Send welcome message (standard payment) $to = $payer_email; $subject = ' delivery information'; $message = " Hello, Thank you for your purchase. .... Best Regards "; $headers = 'From: no-reply@test.com' . "\r\n" . 'Reply-To: test@gmail.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail($to, $subject, $message, $headers); unset($to, $subject, $message, $headers); } } else if (strcmp ($res, "INVALID") == 0) { // log for manual investigation } } fclose ($fp); } ?>[/code] Best Regards Oskar R