Hi guys
I have this script which i have been working on for days now. What I need it to do is when the IPN comes back from paypal the script takes the payers email address, queries one table then when it matches the email address updates the group_id for that member to 9. The email address is unique field. So far I have
<?php
session_start();
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
$ip = $_SERVER['REMOTE_ADDR'];
$amt = 0.01;
$url=$_SERVER['REQUEST_URI'];
if(strstr($url,'2diWrwJlDa')){
$amt=0.01;
}
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = strtolower($_POST['payment_status']);
$payment_amount = $_POST['mc_gross'];
$sub_status = $_POST['txn_type'];
$sub_amount = $_POST['mc_amount3'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$business = $_POST['business'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
/* ------- Feel free to add any variables above ------
------- that you wish to retrieve from PayPal ----- */
if (!$fp) {
unable();
} else {
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
$payment_status = strtolower($payment_status);
$sub_status = strtolower($sub_status);
$verifyNum=0;
if((strstr($payment_status,"comp"))||(strstr($sub_status,"signup"))||(strstr($sub_status,"payment"))){$verifyNum++;}
else if(strstr($sub_status,"cancel")){fclose ($fp);exit;}
else{$reason1 = "Payment/Subscription Status Not Complete.";}
$receiver="xxxx@hotmail.com";
if((strstr($receiver,$receiver_email))||($business=="xxxx@hotmail.com")){$verifyNum++;}
else{$reason2 = "Payment Receiver Email not correct.";}
if((($payment_amount == $amt)||($sub_amount == $amt)) && (strtolower($payment_currency) == "gbp")){$verifyNum++;}
else{
if(strtolower($payment_currency) != "gbp"){$cur=strtoupper('gbp');$reason3 = "Currency is set at $payment_currency and not $cur";}
else{$reason3 = "Payment amount has been tampered with.";}
}
// IF ERRORS FOUND
if(($verifyNum < 3)&&($ip != "216.113.188.202")){
$headrs = "From: Payment Error Report <xxxx@hotmail.com>\n";
$headrs .= "Content-type: text/plain;\r\n";
$sendToMe = "xxxx@hotmail.com";
$errSub = "Instant IPN Payment Error Reporting\n";
$errMessage = "
There has been an Error with the following Payment >>>
Transaction ID: $txn_id
Reciever Email: $receiver_email
Payee Email: $payer_email
Logged IP: $ip
Reasons:
$reason1
$reason2
$reason3
Please investigate.
Instant IPN Generator Payment Error Reporting.";
mail($sendToMe,$errSub,$errMessage,$headrs);
isError($ip);
exit;
}
else if($verifyNum == 3){
/* -----------------------------
If you'd like to add the PayPal information to
a database or email your buyer, you can add any
code here between the two headers:
BEGIN EDITABLE AREA ---------- */
mysql_connect("localhost", "xxxxx", "xxxxx")or die("cannot connect");
mysql_select_db("xxxxxx")or die("cannot select DB");
$sql = "UPDATE qls3_users SET
group_id = '9',
WHERE email = '$payer_email'";
$result = mysql_query($sql);
if(!mysql_query($update)) {
$error=mysql_error();
echo $error;
}
/* END EDITABLE AREA ------------ */
header("location:undefined");
exit;
}
else {
unable();
}
}
else if (strcmp ($res, "INVALID") == 0) {
$headrs = "From: xxxx Payment Error <xxxxx@hotmail.com>\n";
$headrs .= "Content-type: text/plain;\r\n";
$sendToMe = "xxxxxx@hotmail.com";
$errSub = " IPN Payment Error Reporting\n";
$errMessage = "
There has been an Error with the following Payment >>>
Logged IP: $ip
Reasons:
Payment came back as INVALID. Possible direct view or attempt at Fraud.
Please investigate.
Payment Error Reporting.";
mail($sendToMe,$errSub,$errMessage,$headrs);
isError($ip);
}
}
fclose ($fp);
}
function isError($ip){
echo "<p>Sorry, there was an error with your payment.</p>";
if($ip){
echo "<p>Your IP address of $ip has been logged for further investigation.</p>";
}
echo "<p>If you have purchased this product and are seeing this error, please contact us at<br><a href=\"mailto:xxxxx@hotmail.com\" style=\"color:#AA0000;\">xxxxx@hotmail.com</a> and quote your PayPal Transaction ID.<br><br>Thank You,<br>bet fair.<br><a href=\"http://www.xxxxx.com\" style=\"color:#AA0000;\">http://www.xxxxxx.com</a></p>";
}
function unable(){
?>
<head>
<title>http://www.xxxxx.com Payment Error</title>
</head>
<body>
<div style="text-align:center;">
<div style="margin:10px auto 10px auto;width:600px;background:#F0F0F0;padding:20px;text-align:left;border:solid 3px #FF0000;font-family:arial;font-size:13px;">
<p>We are very sorry, there seems to be some difficulty processing your Payment.</p>
<p>This may be an error related to our Web Site communicating with PayPal's Web Site. We are very sorry for the inconvenience. Your payment may have been received regardless of this error.</p>
<p>Please log into your PayPal account and verify whether or not this transaction has been completed. If so, please contact us at <a href="mailto:xxxx@hotmail.com" style="color:#AA0000;">xxxxxx@hotmail.com</a>. Please quote the Transaction ID in your correspondence.</p>
<p>If your PayPal account shows no indication of this transaction having been completed, feel free to try purchasing again on our <a href="http://www.xxxxx.com" style="color:#AA0000;">Web Site</a>. If, inadvertently, you are double charged through this course of action, we will refund one of your purchases immediately.</p>
<p>Once again, we are sorry for your inconvenience.</p>
<p>Kind Regards,<br>
bet fair<br>
http://www.xxxxx.com</p>
</div>
</div>
</body>
<?
}
?>
<?php
function sql_error($function,$mysql_err) {
/*
This script can send an email and/or make an entry in a log file
There are two variables below - one for an email address and one for a log file
Set both vraiables to the values you want to use
If you do not want either an email or log entry, comment out the respective line
For example, if you do not want an email sent, put a // in front of the $emailAddress line - same for the $logFile line
*/
$logFile = $_SERVER['DOCUMENT_ROOT'].'/mysql.log'; // full path to your log file - you should create an empty starter file if you use logging
$emailAddress = "xxxxx@hotmail.com"; // set to your email address
putenv('TZ=EST5EDT'); // eastern time
// modify the above values to fit your environment
echo "<center><br><hr>
Oops . . . looks like our database is having technical problems.
<br><br>
Please come back later . . . hopefully we can get things up and running again soon.
<hr>";
if (isset($logFile)) {
$logData = "Error: $function - $mysql_err"."||".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']."||".$_SERVER['REMOTE_ADDR']."||".date('Y-m-d H:i:s')."\r\n";
@file_put_contents($logFile,$logData,FILE_APPEND|LOCK_EX);
}
if (isset($emailAddress)) {
$error_time = (date(" F d h:ia"));
$message .= "There has been a MySQL error.\n\n";
$message .= "Error: $function - $mysql_err\n\n";
$message .= "Server time of the error: $error_time\n\n";
mail($emailAddress,"MySQL error",$message,"From: Website <>");
}
die();
}
?>
As my IPN script however this is not updating the database and also in the error log i can see
PHP Warning: Cannot modify header information - headers already sent by (output started at /home/xxxx/public_html/pay.php:115) in /home/xxxx/public_html/pay.php on line 123
Any help would be greatfully appreciated. Im going out of my head with this now.
