php code help

[squirrelnuttz]

hello new member here, but im pulling my hair out with a php script.  2 parts of this script fail to work highlited in blue. the emailing of the users info fails, and the passing of the $email_user variable into the array call. this script recieves verification of paypal ipn and then creates user info in database, but fails to send out email containg the info and fails to creat the email account.  the email account creation works if  i statically assign the $email_user, and the payment failed email works on the bottom of the code. i know its got to be something simple im missing, but any help would be much appreciated

 

 

 

 

 

 

<?php

mysql_connect("localhost", "", "") or die(mysql_error());
mysql_select_db("") or die(mysql_error());
 
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
 
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
 
 
if (!$fp) {
// HTTP ERROR
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
 
// PAYMENT VALIDATED & VERIFIED!
 $email = $_POST['payer_email'];
 $password = mt_rand(1000000, 9999999);
 $tranid = md5(uniqid($password, true));
 
 mysql_query("INSERT INTO users (email, password, tranid) VALUES('". mysql_escape_string($email) ."', '".md5($password)."', '".$tranid."' ) ") or die(mysql_error());
$to      = $email;
$subject = 'Retrieval Information';
$message = '
 
Thank you for your purchase
 
Your Retrieval Account Information
-------------------------
Username: '.$email.'
Password: '.$password.'
Transactin Id: '.$tranid.'
-------------------------
             
You can now login at http://retrieve.something.com';
$headers = 'From:sales@.com' . "\r\n";
 
mail($to, $subject, $message, $headers);

include("./xmlapi.php");   //XMLAPI cpanel client class

// Default whm/cpanel account info

$ip = "";           // should be server IP address or 127.0.0.1 if local server
$account = "";        // cpanel user account name
$passwd ="";        // cpanel user password
$port =2083;                 //

$email_domain = ''; // email domain (usually same as cPanel domain)
$email_quota = 500; // default amount of space in megabytes  


/*************End of Setting***********************/

function getVar($name, $def = '') {
  if (isset($_REQUEST[$name]))
    return $_REQUEST[$name];
  else
    return $def;
}
// check if overrides passed
//$email_user = $tranid;
$email_user = mysql_query("SELECT id, FROM users WHERE tranid = '".$tranid."'");
/*if (!$result) {
    echo 'Could not run query: ' . mysql_error();
    exit;} */
$email_pass = $password;
$email_vpass = $password;
$email_domain = getVar('domain', $email_domain);
$email_quota = getVar('quota', $email_quota);
$dest_email = getVar('forward', '');

$msg = '';
if (!empty($email_user))
while(true) {


if ($email_pass !== $email_vpass){       //check password
$msg = "Email password does not match";
break;
}

$xmlapi = new xmlapi($ip);

$xmlapi->set_port($port);  //set port number. cpanel client class allow you to access WHM as well using WHM port.

$xmlapi->password_auth($account, $passwd);   // authorization with password. not as secure as hash.

// cpanel email addpop function Parameters
$call = array(domain=>$email_domain, email=>$email_user, password=>$email_pass, quota=>$email_quota);
// cpanel email fwdopt function Parameters
$call_f  = array(domain=>$email_domain, email=>$email_user, fwdopt=>"fwd", fwdemail=>$dest_email);
$xmlapi->set_debug(0);      //output to error file  set to 1 to see error_log.

// making call to cpanel api
$result = $xmlapi->api2_query($account, "Email", "addpop", $call );
$result_forward = $xmlapi->api2_query($account, "Email", "addforward", $call_f); //create a forward  
//for debugging purposes. uncomment to see output
//echo 'Result\n<pre>';
//print_r($result);
//echo '</pre>';

if ($result->data->result == 1){
$msg = $email_user.'@'.$email_domain.' account created';
 if ($result_forward->data->result == 1){
     $msg = $email_user.'@'.$email_domain.' forward to '.$dest_email;
     }
} else {
$msg = $result->data->reason;
  break;
}

break;
}
 }
 
else if (strcmp ($res, "INVALID") == 0) {

echo "invalid";

// PAYMENT INVALID & INVESTIGATE MANUALY!
 $to      = 'sales@.com';
$subject = 'Invalid Payment';
$message = '
 
Dear Administrator,
 
A payment has been made but is flagged as INVALID.
Please verify the payment manualy and contact the buyer.
 
Buyer Email: '.$email.'
';
$headers = 'From:sales@.com' . "\r\n";
 
mail($to, $subject, $message, $headers);
}
}
fclose ($fp);
}
?>

[mac_gyver]

1) for the user email, how do you know it doesn't work and what part of it doesn't work? your statement could mean anything from a php error at the mail() statement, to the values being missing in the message or the link not being a clickable link.

 

you should also be testing the value returned  from the mail() function call and logging your own error message if it is false (you should also have php set up to log all the php detected errors.)

 

2) for the $email_user variable,  your code is setting that from the result of a SELECT query statement. it will be a result resource if the query ran without any errors and a false value if the query failed due to an error, which since the query contains an sql syntax error, will currently always be a false value.

 

is the $email_user supposed to be the $email variable already present in the code or are you trying to retrieve something from the SELECT query? if you are trying to retrieve something from that SELECT query (that you don't already have present in the code), you will need to fetch the row that the query matched before you can reference the values in the php code.