Janice

I did the log and it was showing invalid. After making a few changes, it finally comes back valid. It was able to INSERT the information into the orders table but now it stopped doing that. As for the remove from the shopping cart, I followed the instructions in the final.php script in the coffee example but now i'm guessing I should but that mysql query in the ipn script. Here are the changes I made to the IPN script: <?php // Require the configuration before any PHP code: require ('includes/config.inc.php'); // Open the text file: // Change this path to make it accurate. // The text file must be writable by PHP! $file = fopen('ipn.txt', 'a'); // Write the POST data to the file: fwrite($file, "Received:\n"); fwrite($file, print_r($_POST, true)); fwrite($file, "\n"); // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; fwrite($file, $key.":".$value."\n"); } $fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30); if (!$fp) { // If we couldn't connect, send an email: trigger_error('Could not connect for the IPN!'); } else { // Send the request to PayPal: // post back to PayPal system to validate $header = "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; fputs ($fp, $header . $req); // Write the PayPal request to the text file: fwrite($file, "Sent:\n"); fwrite($file, "$header\n"); fwrite($file, "$req\n"); while (!feof($fp)) { $res = fgets ($fp, 1024); // Write the PayPal response to the text file: fwrite($file, "Received:\n"); fwrite($file, "$res\n"); if (strcmp ($res, "VERIFIED") == 0) { // assign posted variables to local variables if ( ($_POST['payment_status'] == 'Completed') && ($_POST['receiver_email'] == 'janice_1323380910_biz@live.com') && ($_POST['mc_currency'] == 'USD') && (!empty($_POST['txn_id'])) ) { require_once('../mysqli_connect.php'); $txn_id = $_POST['txn_id']; $q = "SELECT id FROM orders WHERE transaction_id='$txn_id'"; $r = mysqli_query($dbc,$q); if(mysqli_num_rows($r) ==0){//Add this transaction to the orders table: $txn_id = $_POST['txn_id']; $uid = $_POST['payer_email']; $status = $_POST['payment_status']; $amount = $_POST['mc_gross']; $shipping = $_POST['mc_handling']; $q = "INSERT INTO orders (user_id, transaction_id, payment_status,payment_amount,shipping) VALUES ('$uid','$txn_id','$status','$amount','$shipping')"; $r = mysqli_query($dbc,$q); if (mysqli_affected_rows($dbc) == 1) { } }else{//problem inserting the order! trigger_error('could not insert order'); // the order has already been stored }//the right value don't exist in $_POST! }elseif (strcmp ($res, "INVALID") == 0) { // log for manual investigation } } } // Inidicate the end of this transaction in the text file: fwrite($file, "--------------\n"); fclose ($file); fclose ($fp); } ?>

I made a site similar to the coffee store but I'm using paypal as the payment gateway. I followed the steps in the book making test sites, enabling IPN and so on. After a transaction is complete, I check the IPN history and it says "Sent". However the information is not inserting into the orders table and not deleting the shopping cart. I checked HTML Variables for paypal and it says custom variable " Pass-through variable for your own tracking purposes, which buyers do not see. Default – No variable is passed back to you." How can I get it to pass it back to me? Here is the ipn.php script <?php // Require the configuration before any PHP code: require ('includes/config.inc.php'); // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } // post back to PayPal system to validate $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30); // assign posted variables to local variables $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $payment_amount = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $payer_email = $_POST['payer_email']; $shipping = $_POST['mc_handling']; if (!$fp) { // HTTP ERROR } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); if (strcmp ($res, "VERIFIED") == 0) { // check the payment_status is Completed // check that txn_id has not been previously processed // check that receiver_email is your Primary PayPal email // check that payment_amount/payment_currency are correct // process payment //Check for transaction in the database $receiver_email = $_POST['receiver_email']; if($receiver_emial!='janice_1323380910_biz@live.com'){ $message = "receiver email is wrong Email=".$_POST['receiver_email'].'\n\n\n$req'; mail("janicepag23@yahoo.com","Receiver email is incoreect", $message,"From:janicepag23@yahoo.com"); exit(); } if ($_POST['payment_status']!="Completed"){ $message = "Incomplete transaction"; mail("janicepag23@yahoo.com","Incomplete transaction", $message,"From:janicepag23@yahoo.com"); exit(); } require_once('../mysqli_connect.php'); $txn_id = $_POST['txn_id']; $q = "SELECT id FROM orders WHERE transaction_id='$txn_id'"; $r = mysqli_query($dbc,$q); if(mysqli_num_rows($r) ==0){ //Add this transaction to the orders table: $uid = $_POST['custom']; $txn_id = $_POST['txn_id']; $payment_status = $_POST['payment_status']; $payment_amount = $_POST['mc_gross']; $shipping = $_POST['mc_handling']; $q = "INSERT INTO orders (user_id, transaction_id, payment_status,payment_amount,shipping) VALUES($uid,$txn_id,$payment_status,$amount,$shipping)"; $r = mysqli_query($dbc,$q); if(mysqli_affected_rows($dbc)==1){ } } }else{//problem inserting the order! trigger_error('could not insert order'); } }// the order has already been stored }//the right value don't exist in $_POST! }else if (strcmp ($res, "INVALID") == 0) { // log for manual investigation } } fclose ($fp); } ?> here is the cart.html script: <h1>Your Shopping Cart</h1><br /> <p>Please use this form to update your shopping cart. You may change the quantities or remove items.</p><br /> <script language="javascript" type="text/javascript"> function OnSubmitForm1() { document.formcart.action = "./cart.php" document.formcart.submit(); return true; } function OnSubmitForm2() { document.formcart.action = "https://www.sandbox.paypal.com/cgi-bin/webscr" document.formcart.submit(); return true; } </script> <form class="formcart" name="formcart" method="post"> <div id="table1"> <table border="0" cellspacing="8" cellpadding="6"> <tr> <th align="center">Item</th> <th align="center">Quantity</th> <th align="right">Price</th> <th align="right">Subtotal</th> <th align="center">Options</th> </tr> <?php $min=14.98; $total=0; $i= 1; echo' <input type="hidden" name="business" value="'.$paypal_id.'"> <input type="hidden" name="cmd" value="_cart"> <input type="hidden" name="upload" value="1"> <input type="hidden" name="custom" value="'.$uid.'"> <input type="hidden" name="rm" value="2"> <input type="hidden" name="cbt" value="Return to Fantastic Fudge"> <input type="hidden" name="no_shipping" value="1"> <input type="hidden" name="currency_code" value="USD"> <input type="hidden" name="cancel_return" value="http://yoursite.com/cancel.php"> <input type="hidden" name="return" value="http://www.palepinkgraphics.com/storescripts/fudge/final.php">'; while ($row=mysqli_fetch_array($r,MYSQLI_ASSOC)){ $price=$row['price']; $subtotal=$price*$row['quantity']; $fudge_name=$row['name']; $quantity=$row['quantity']; $x = $i++ ; echo' <input type="hidden" name="item_name_'.$x.'" value="'.$fudge_name.'"> <input type="hidden" name="amount_'.$x.'" value="'.$price.'"> <input type="hidden" name="quantity_'.$x.'" value="'.$quantity.'"> <tr> <td> '.$fudge_name.'</td> <td align="center"> <p class="quantity"><input type="text" name="quantity['.$row['sku'].']"value="'.$quantity.'"size="2" /></p></td> <td align="right"> $'.$price.'</td> <td align="right">$'.number_format($subtotal,2).'</td> <td align="right"><a href="./cart.php?sku='.$row['sku'].'&action=remove">Remove from Cart</a></td> </tr> '; if($row['stock']<$row['quantity']){ echo'<tr class="error"><td colspan="5" align="center">There are only'.$row['stock'].'left in stock of the '.$row['fudge_name'].'.Please update the quantity or remove the item entirely.</td></tr>'; } //Add the subtotal to the total: $total +=$subtotal; }//End of while loop. //Add the shipping: $shipping=get_shipping($total); $total += $shipping; echo'<tr> <td colspan="3" align="right"><strong>Shipping & Handling</strong></td> <td align="right">$'.$shipping.'</td> <td> </td> </tr> '; //Display the total: echo '<tr> <td colspan="3" align="right"><strong>Total</strong></td> <td align="right">$'.number_format($total,2).'</td> <td> </td> </tr><br /> <input type="hidden" name="handling_cart" value="'.$shipping.'"> '; ?> </table> <p align="center"><input type="submit" Value="Update Quantities" onClick="return OnSubmitForm1()" /> <input type="submit" Value="PayPal" onClick="return OnSubmitForm2()" /><br /> </form></p></div><br /> <p class="hometitle">Shipping is $5.00 for orders 1 Ib or under. Add $2.00 for every Ib over. Most orders shipped within 3 business days. Don't forget if you order 2 Ibs or more to include your FREE 1/2 Ib!!! A min order of 1/2lb required.</p><br /> <p>* Flavors are subject to change.</p> I have $uid = $_COOKIE['SESSION']; in the top of cart.php script. Thanks

I am using numbers only, I'm plan on using only U.S. zip codes.

I finally finished the checkout.php page. when I test it and put incorrect information it displays again just like the book says on page 282. But when i put in correct information, the zip code tells me to 'Please enter your zip code'.It's only the zip code, the rest of the form accepts the information. I'm having a hard time trying to figure out way. here is the checkout.php code <?php //Include the configuration file: require('fudge/includes/config.php'); //Check for the user's cart ID, available in the URL: if($_SERVER['REQUEST_METHOD']=='GET'){ if(isset($_GET['session'])){ $uid=$_GET['session']; //Use the cart ID as the session ID, and beging the session: session_id($uid); session_start(); //If no session value was present in the URL(for a GET request), redirect the user: }else{ $location='fudge/cart.php'; header("Location:$location"); exit(); } //If the request method isn't GET, start the session and retrieve the session ID: }else{//POST request. session_start(); $uid=session_id(); } //Include the database connection and create an array for validation errors: require_once('../mysqli_connect.php'); $shipping_errors=array(); //if there's a chance that Magic Quotes may be enable on your server, you'll also need to apply stripslashes() prior to validation: if(get_magic_quotes_gpc()){ $_POST['first_name']=stripslashes($_POST['first_name']); //repeat for other variables that could be affected. } //If the form was submitted, validate the first and last names: if($_SERVER['REQUEST_METHOD']=='POST'){ if(preg_match('/^[A-Z\'.-]{2,20}$/i',$_POST['first_name'])){ $fn=addslashes($_POST['first_name']); }else{ $shipping_errors['first_name']='Please enter your first name!'; } if(preg_match('/^[A-Z\'.-]{2,40}$/i',$_POST['last_name'])){ $ln=addslashes($_POST['last_name']); }else{ $shipping_errors['last_name']='Please enter your last name!'; } //Validate the street addresses: if(preg_match('/^[A-Z0-9 \',.#-]{2,80}$/i',$_POST['address1'])){ $a1=addslashes($_POST['address1']); }else{ $shipping_errors['address1']='Please enter your street address!'; } if(empty($_POST['address2'])){ $a2=NULL; }elseif (preg_match ('/^[A-Z0-9\',.#-]{2,80}$/i',$_POST['address2'])){ $a2=addslashes($_POST['address2']); }else{ $shipping_errors['address2']='Please enter your street address!'; } //Validate the city: if(preg_match('/^[A-Z\'.-]{2,60}$/i',$_POST['city'])){ $c=addslashes($_POST['city']); }else{ $shipping_errors['city']='Please enter your city!'; } //Validate the state: if(preg_match('/^[A-Z]{2}$/',$_POST['state'])){ $s=$_POST['state']; }else{ $shipping_errors['state']='Please enter your state!'; } //Validate the zip code: if(preg_match('/^(\d{5}$)|(^\d{5}-\d{4})$/',$_POST['zip'])){ $z=$_POST['zip']; }else{ $shipping_errors['zip']='Please enter your zip code!'; } //Validate the phone number: $phone=str_replace(array('','-','(',')'),'',$_POST['phone']); if(preg_match('/^[0-9]{10}$/',$phone)){ $p=$phone; }else{ $shipping_errors['phone']='Please enter your phone number!'; } //Validate the email address: if(filter_var($_POST['email'],FILTER_VALIDATE_EMAIL)){ $e=$_POST['email']; $_SESSION['email']=$_POST['email']; }else{ $shipping_errors['email']='Please enter a valid email address!'; } //Store the data in the session if the shipping information matches the billing: if(isset($_POST['use'])&&($_POST['use']=='Y')){ $_SESSION['shipping_for_billing']=true; $_SESSION['cc_first_name']=$_POST['first_name']; $_SESSION['cc_last_name']=$_POST['last_name']; $_SESSION['cc_address']=$_POST['address1'].''.$_POST['address2']; $_SESSION['cc_city']=$_POST['city']; $_SESSION['cc_state']=$_POST['state']; $_SESSION['cc_zip']=$_POST['zip']; } //if no errors occurred, add the user to the database: if(empty($shipping_errors)){ $r=mysqli_query($dbc, "CALL add_customer('$e','$fn','$ln','$a1','$a2','$c','$s',$z,$p,@cid)"); //If the procedure worked, retrieve the customer ID: if($r){ $r=mysqli_query($dbc,'SELECT @cid'); if(mysqli_num_rows($r)==1){ list($_SESSION['customer_id'])=mysqli_fetch_array($r); //redirect the customer to the billing page: $location='https://'.BASE_URL.'billing.php'; header("Location:$location"); exit(); //If there was a problem,indicate an error: } } trigger_error('Your order could not be processed due to a system error. We apologize for the inconvenience.'); //Complete the $shipping_errors and request method conditionals: }//Errors occurred IF. }//End of REQUEST_METHOD IF. //Include the header file: $page_title='Fudge-Checkout-Your Shipping Information'; include('fudge/includes/checkout_header.html'); //Retrieve the shopping cart contents: $r=mysqli_query($dbc,"SELECT CONCAT('F', sf.id)AS sku, c.quantity, f.fudge_name, s.size, sf.price, sf.stock FROM carts AS c INNER JOIN specific_fudge AS sf ON sf.id=c.product_id INNER JOIN size AS s ON s.id=sf.size_id INNER JOIN fudge AS f ON sf.fudge_id=f.id WHERE c.user_session_id='$uid'"); //Complete the script: if(mysqli_num_rows($r)>0){ include('fudge/views/checkout.html'); }else{//Empty cart! include('fudge/views/emptycart.html'); } //include the footer and finish the page: include('includes/footer.html'); ?> Thanks

You guys where right. I was having trouble setting $fid but I finally got it to work. Thanks for helping me.

Its just a number to see if it works.

Well I made a small change just to see if it works. I do get that one item but when i use $_GET['id'] it doesn't work and can't find out why. ----I changed---- if(isset($_GET['id'])&& is_numeric($_GET['id']) ){ $fid = (int) $_GET['id']; } ----to---- $id = 2;

Hi everyone, I'm having trouble figuring out this error on my own. On page 210, I'm trying to make a similar browse.php script. I made the stored procedure like in the book except I don't have a category section. When I run the script I keep getting a "Undefined variable". Here is the code. <?php #Browse_fudge.php require('includes/config.php'); //This page displays the available Fudge //Set the config file: if(isset($_GET['id'])&& is_numeric($_GET['id']) ){ $fid = (int) $_GET['id']; } //Require the database connection require_once('../mysqli_connect.php'); //Set the page title and include the HTML header: $page_title='Fudge'; include('includes/header.html'); //Get fudge's query: $r=mysqli_query($dbc,"CALL select_fudge('$fid')"); if(mysqli_num_rows($r)>=1) { include('./views/list_fudge.html'); }else{ include('./views/noproducts.html'); } include('includes/footer.html'); ?> ------Here is the error I get.---------- An error occurred in script 'C:\xampp\htdocs\htdocs\fudge\browse_fudge.php' on line 22: Undefined variable: fid Array ( [0] => Array ( [file] => C:\xampp\htdocs\htdocs\fudge\browse_fudge.php [line] => 22 [function] => my_error_handler [args] => Array ( [0] => 8 [1] => Undefined variable: fid [2] => C:\xampp\htdocs\htdocs\fudge\browse_fudge.php [3] => 22 [4] => Array ( [GLOBALS] => Array *RECURSION* [_POST] => Array ( ) [_GET] => Array ( ) [_COOKIE] => Array ( ) [_FILES] => Array ( ) [live] => [contact_email] => ******** [dbc] => mysqli Object ( [affected_rows] => 0 [client_info] => mysqlnd 5.0.7-dev - 091210 - $Revision: 304625 $ [client_version] => 50007 [connect_errno] => 0 [connect_error] => [errno] => 0 [error] => [field_count] => 0 [host_info] => localhost via TCP/IP [info] => [insert_id] => 0 [server_info] => 5.5.8 [server_version] => 50508 [sqlstate] => 00000 [protocol_version] => 10 [thread_id] => 580 [warning_count] => 0 ) [page_title] => Fudge ) ) ) ) An error occurred in script 'C:\xampp\htdocs\htdocs\fudge\browse_fudge.php' on line 28: include(./views/noproducts.html) [function.include]: failed to open stream: No such file or directory Array ( [0] => Array ( [file] => C:\xampp\htdocs\htdocs\fudge\browse_fudge.php [line] => 28 [function] => my_error_handler [args] => Array ( [0] => 2 [1] => include(./views/noproducts.html) [function.include]: failed to open stream: No such file or directory [2] => C:\xampp\htdocs\htdocs\fudge\browse_fudge.php [3] => 28 [4] => Array ( [GLOBALS] => Array *RECURSION* [_POST] => Array ( ) [_GET] => Array ( ) [_COOKIE] => Array ( ) [_FILES] => Array ( ) [live] => [contact_email] => janicepag23@yahoo.com [dbc] => mysqli Object ( [affected_rows] => 0 [client_info] => mysqlnd 5.0.7-dev - 091210 - $Revision: 304625 $ [client_version] => 50007 [connect_errno] => 0 [connect_error] => [errno] => 0 [error] => [field_count] => 6 [host_info] => localhost via TCP/IP [info] => [insert_id] => 0 [server_info] => 5.5.8 [server_version] => 50508 [sqlstate] => 00000 [protocol_version] => 10 [thread_id] => 580 [warning_count] => 0 ) [page_title] => Fudge [r] => mysqli_result Object ( [current_field] => 0 [field_count] => 6 [lengths] => [num_rows] => 0 [type] => 0 ) ) ) ) [1] => Array ( [file] => C:\xampp\htdocs\htdocs\fudge\browse_fudge.php [line] => 28 [function] => include ) ) An error occurred in script 'C:\xampp\htdocs\htdocs\fudge\browse_fudge.php' on line 28: include() [function.include]: Failed opening './views/noproducts.html' for inclusion (include_path='.;C:\xampp\php\PEAR') Array ( [0] => Array ( [file] => C:\xampp\htdocs\htdocs\fudge\browse_fudge.php [line] => 28 [function] => my_error_handler [args] => Array ( [0] => 2 [1] => include() [function.include]: Failed opening './views/noproducts.html' for inclusion (include_path='.;C:\xampp\php\PEAR') [2] => C:\xampp\htdocs\htdocs\fudge\browse_fudge.php [3] => 28 [4] => Array ( [GLOBALS] => Array *RECURSION* [_POST] => Array ( ) [_GET] => Array ( ) [_COOKIE] => Array ( ) [_FILES] => Array ( ) [live] => [contact_email] => ********* [dbc] => mysqli Object ( [affected_rows] => 0 [client_info] => mysqlnd 5.0.7-dev - 091210 - $Revision: 304625 $ [client_version] => 50007 [connect_errno] => 0 [connect_error] => [errno] => 0 [error] => [field_count] => 6 [host_info] => localhost via TCP/IP [info] => [insert_id] => 0 [server_info] => 5.5.8 [server_version] => 50508 [sqlstate] => 00000 [protocol_version] => 10 [thread_id] => 580 [warning_count] => 0 ) [page_title] => Fudge [r] => mysqli_result Object ( [current_field] => 0 [field_count] => 6 [lengths] => [num_rows] => 0 [type] => 0 ) ) ) ) [1] => Array ( [file] => C:\xampp\htdocs\htdocs\fudge\browse_fudge.php [line] => 28 [function] => include ) ) Thanks Janice