need help with a troublesome script

Evan_Morgan

it just doesnt seem to work

basically i have a randomizer script written in PHP (eg www.clixstar.com). I have it all set up properly apart from the IPN situation. For those who dont know IPN means Instant Payment Notification. It is offered by the online payment processers (paypal and stormpay in this case). A working IPN script should tell my database to add records, when someone has paid. I think it is just my paypal ipn that isnt working, bear in mind that it might be my paypal settings that are wrong and not the script but i doubt that 😃
Any help would be appreciated
Evan

BuzzLY

"Mr. Mechanic, I think there is something wrong with my car."

"Ok, sir, what seems to be the problem?"

"Well, it's making this strange sound every time I accelerate."

"Hmm... ok, well... let's take a look at it."

"Oh, it's not here... I left it at home. If you could just tell me how to fix it, I'll go home and fix it myself."

"How am I supposed to figure out the problem if I can't look at the car???"

Evan, people here are very willing to help... but you'll need to post your code that's causing the problems if you want them to help you fix it.

Evan_Morgan

well there isnt nessesarilly code causing problem but here goes (this is the paypal ipn script, think it might be wrong)

<?
require("config.php");
$dbh = mysql_connect ($conf[dbhost], $conf[dbuser], $conf[dbpass]) or die (mysql_error());
mysql_select_db ($conf[dbname]);

function o($post_in) {
return $_POST[$post_in];
}

function insert_log($sp_amount, $sp_trans, $sp_email) {
global $conf;
$sql = "INSERT INTO ".$conf[ipnlog]." (id, tran_id, payer_email, amount) ";
$sql .= "VALUES ('', '".$sp_trans."', '".$sp_email."', '".$sp_amount."')";
$result = mysql_query($sql) or die(mysql_error());
}

function insert_user($sp_name, $sp_email, $sp_amount) {
global $conf, $plst;
$sc_amount = $plst[$sp_amount];
$sp_name = str_replace($sp_email, "", $sp_name);
$sp_name = str_replace("(", "", $sp_name);
$sp_name = str_replace(")", "", $sp_name);
$sql = "INSERT INTO ".$conf[table]." (id, email, amount, name) ";
$sql .= "VALUES ('', '".$sp_email."', '".$sc_amount."', '".$sp_name."')";
$result = mysql_query($sql) or die(mysql_error());
}

$upgrade[2.00] = 1;
$upgrade[4.00] = 2;
$upgrade[8.00] = 4;
$upgrade[16.00] = 8;
$upgrade[32.00] = 16;
$upgrade[60.00] = 30;
$upgrade[100.00] = 50;
$upgrade[200.00] = 100;
$upgrade[400.00] = 200;
$upgrade[1000.00] = 500;

if($SERVER['REQUEST_METHOD'] != "POST") {
die("This was an illegal attempt to access the system. Your IP has been logged.");
} else {
$status = $POST[status];
if($status == "SUCCESS") {
if($POST[secret_code] != $conf[ipn_code]) {
die("This was an illegal attempt to access the system. Your IP has been logged.");
} else {
if($POST[transaction_ref] != "" && $POST[transaction_ref] == "upgrade") {
$sqw = "SELECT * FROM ".$conf[table]." WHERE email = '".$POST[payer_email]."' LIMIT 1";
$result = mysql_query($sqw) or die(mysql_error());
$out = mysql_fetch_array($result);
$sql = "UPDATE ".$conf[table]." SET amount = '".($out[amount]+$upgrade[$POST[amount]])."' WHERE email = '".$POST[payer_email]."' LIMIT 1 ";
$result = mysql_query($sql) or die(mysql_error());
insert_log($POST[amount], $POST[transaction_id], $POST[payer_email]);
} elseif($POST[transaction_ref] != "" && $POST[transaction_ref] == "new_acc") {
insert_log($POST[amount], $POST[transaction_id], $POST[payer_email]);
insert_user($POST[payer_name], $POST[payer_email], $POST[amount]);
}
}
} else {
insert_log($POST[amount], $POST[transaction_id], $POST[payer_email]."[".$_POST[status]."]");
}
}