Jump to content

If the information in the form is the same as in the db then show that row...


oskare100

Recommended Posts

Hello,
The users should be able to write in their transaction IDs and email addresses in a form. If there is a row that contains the transaction ID (txn_id) AND email address (payer_email) that the user wrote into the form then the script should view the account password and login located in the same row as the transaction ID and the email address.

Here is my database structure:
[CODE]CREATE TABLE `temp_users` (
  `invoice` int(10) unsigned NOT NULL auto_increment,
  `receiver_email` varchar(60) default NULL,
  `item_name` varchar(100) default NULL,
  `item_number` varchar(10) default NULL,
  `quantity` varchar(6) default NULL,
  `payment_status` varchar(10) default NULL,
  `pending_reason` varchar(10) default NULL,
  `payment_date` varchar(20) default NULL,
  `mc_gross` varchar(20) default NULL,
  `mc_fee` varchar(20) default NULL,
  `tax` varchar(20) default NULL,
  `mc_currency` char(3) default NULL,
  `txn_id` varchar(20) default NULL,
  `txn_id_refund` varchar(17) default NULL,
  `txn_type` varchar(10) default NULL,
  `first_name` varchar(30) default NULL,
  `last_name` varchar(40) default NULL,
  `address_street` varchar(50) default NULL,
  `address_city` varchar(30) default NULL,
  `address_state` varchar(30) default NULL,
  `address_zip` varchar(20) default NULL,
  `address_country` varchar(30) default NULL,
  `address_status` varchar(10) default NULL,
  `payer_email` varchar(60) default NULL,
  `payer_status` varchar(10) default NULL,
  `payment_type` varchar(10) default NULL,
  `notify_version` varchar(10) default NULL,
  `verify_sign` varchar(10) default NULL,
  `referrer_id` varchar(10) default NULL,
  `memo` varchar(255) default NULL,
  `for_auction` varchar(20) default NULL,
  `auction_buyer_id` varchar(64) default NULL,
  `auction_closing_date` varchar(20) default NULL,
  `auction_multi_item` varchar(20) default NULL,
  `account_username` varchar(100) default NULL,
  `account_password` varchar(20) default NULL,
  `account_email` varchar(100) default NULL,
  `account_group` varchar(20) default NULL,
  `date` varchar(20) default NULL,
  PRIMARY KEY  (`invoice`),
  KEY `txn_id` (`txn_id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=726857 ;[/CODE]

In other words, If I write in oskare200@oskar.com as email and 15468454f as transaction ID in the form and there is a row with the payer_email oskare200@oskar.com and the txn_id 15468454f it should view the account_username and the account_password in that row.

Here is what I've started with in the PHP script but I can't figure out how the rest..
[code=php:0]<?php
//Get information from the form
$txn_id = $_POST['txn_id'];
$item_number = $_POST['item_number'];
$payer_email = $_POST['payer_email'];

//Connect to MySQL
mysql_connect("localhost", "test", "test") or die(mysql_error());

//Select file system database
mysql_select_db("test") or die(mysql_error());

?>
[/code]

Thanks,
Oskar R
Link to comment
Share on other sites

You'll want to grab the user data from the html form using the $_POST or $_GET variables depending on your forms submit method (POST or GET, you define the method using the method attribute in the form tag).

Now you'll want to get the data from the fields by referencing the fields names in the appropriate variable, example: $_POST['field_name_here']
So if you have a form field called email you'll use this: $_POST['email']

Once you have grabbed the user input you can now use these in your SQL query, example:
[code]// make our user input safe for our query, very import:
$email = mysql_real_escape_string($_POST['email_field']);
$transID = mysql_real_escape_string($_POST['transaction_id_field']);

// Construct the MySQL Query so it selects ONLY the username and
// password for the account that the email and transID matches
$sql = "SELECT account_username, account_password FROM temp_users WHERE email='" . $email . "' AND txn_id='" . $transID . "'";

// Now we'll run the query we just constructed
$result = mysql_query($sql)[/code]

Now you check that there was a match by using mysql_num_rows in an if statement like so, if there was a match we'll show the account info. If there were no match we'll display an unsuccessful message:
[code]// Check that only ONE match was found.
if(mysql_num_rows($result) == 1)
{
    // a match was found!

    // Grab the password and username
    $row = mysql_fetch_assoc($query);

    $username = $row['account_username'];
    $password = $row['account_password'];

    // NOTE: I am using HEREDOC syntax here:
    echo <<<EOF
<h1>Match found!</h1>
<b>Username:</b> {$username}<br />
<b>Passwprd:</b> {$password}
EOF;
}
else
{
    // a match was not found.

    echo <<<EOF
<h1>No Match Found!</h1>
We could not fine any matches with the provided Transaction ID and email address. Please insure you have typed the information in correctly
EOF;
}[/code]

And thats all there is to it.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.