views:

185

answers:

1

I have, I believe followed the set up instructions correctly for connecting paypal to my script.I have a game that is set up to let users buy credits. Right now I have to add the paypal info directly into the database. I get the transaction email, both me and the user confirming the purchase. But it will not show up in my database.Can someone help me please.

Thanks Jeff

+2  A: 
<?php
$host = 'host';
$user = 'user';
$password = 'pass';
$db = 'db';

$con = mysql_connect($host,$user,$password);
if (!$con)
  {
   die('Could not connect: ' . mysql_error());
  }

mysql_select_db($db, $con);

// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';

foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}

// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);

// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$requestid = $_POST['custom'];

if (!$fp) {
$file = fopen("./connection.php", "w");
$content = "<?php
echo 'Error no connection';
echo'" . now() . "';
?>";

fwrite ($file, $content);
fclose ($file);
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
$sql = "SELECT requestID FROM Requests WHERE txn_id='" . $txn_id . "'";
$chk = mysql_query($sql);
if ($payment_status=='Completed' && $receiver_email=='[email protected]' && mysql_num_rows($chk)==0){
$update = "UPDATE Requests SET payment='Completed' WHERE requestID='" . $requestid . "' && txn_id='" . $txn_id . "' WHERE requestID='" . $requestid . "'";

}
else {
$update = "UPDATE Requests SET payment='" . $payment_status . "' WHERE requestID='" . $requestid . "' && txn_id='" . $txn_id . "' WHERE requestID='" . $requestid . "'";
}
}

else if (strcmp ($res, "INVALID") == 0) {
$update = "UPDATE Requests SET payment='Invalid' WHERE requestID='" . $requestid . "' && txn_id='" . $txn_id . "' WHERE requestID='" . $requestid . "'";
}

mysql_query($update,$con);
}

fclose ($fp);
}

mysql_close($con);
?>
joe