Well im currently coding up a paypal payment system to go with a user system for a site, and when someone goes through paypal, paypal pushes info to this script. Problem is, the script does not log anything to MySQL, and I can't figure out why. Anyone here want to see what may be wrong?
<?php
mysql_connect("localhost", "****", "****") or die(mysql_error());
mysql_select_db("****") or die(mysql_error());
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value)
{
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$txn_id = $_POST['txn_id'];
$payer_email = $_POST['payer_email'];
$name = $_POST['first_name'] . " " . $_POST['last_name'];
$address_street = $_POST['address_street'];
$address_zip = $_POST['address_zip'];
$address_city = $_POST['address_city'];
$contact_phone = $_POST['contact_phone'];
$email = $_POST['payer_email'];
//timezone set
date_default_timezone_set('America/Chicago');
//acc start date
$aaa = time();
//acc end date
$bbb = strtotime("+30 day");
//set acctype
if ($payment_amount == "35.00")
{
$acctype = "1";
} elseif ($payment_amount == "45.00")
{
$acctype = "2";
} else
{
}
if (!$fp)
{
// HTTP ERROR
} else
{
fputs($fp, $header . $req);
while (!feof($fp))
{
$res = fgets($fp, 1024);
if (strcmp($res, "VERIFIED") == 0)
{
//generate random acc id
$randnum = rand(10000, 99999);
$randtest = mysql_query("select id from users where id = '$randnum'");
if (mysql_num_rows($randtest) != 0)
{
$rand = $randnum + 1;
} else
{
$rand = $randnum;
}
//create acc
$md5pass = md5($address_city);
$acctest = mysql_query("select * from users where email = '$email'");
if (mysql_num_rows($acctest) != 0)
{
$cmdqaz = "select * from users where email = '$email'";
$cmmdqaz = mysql_query($cmdqaz);
$readqaz = mysql_fetch_array($cmmdqaz);
$oldtime = $readqaz['date_expire'];
$doubleday = strtotime("+30 day", $oldtime);
$s = "UPDATE users SET date_expire = '$doubleday' where email = '$email'";
mysql_query($s);
} else
{
mysql_query("INSERT INTO users SET id = '$rand', realname = '$name', acc_type = '$acctype', username = '$email', password = '$md5pass', normal_password = '$address_city', email = '$email', address = '$address_street', zip_code = '$address_zip', number = '$contact_phone', date_registered = '$aaa', date_expire = '$bbb'") or die(mysql_error());
}
//log payment
mysql_query("INSERT INTO payments (email, item_name, payment_status, txn_id, payment_ammount) VALUES('" . mysql_escape_string($email) . "', '" . $item_name . "', '" . $payment_status . "', '" . $txn_id . "', '" . $payment_amount . "' ) ") or die(mysql_error());
} else
if (strcmp($res, "INVALID") == 0)
{
// log for manual investigation
}
}
fclose($fp);
}
?>