Jump to content
Larry Ullman's Book Forums


  • Posts

  • Joined

  • Last visited

  • Days Won


DustyP last won the day on November 10 2012

DustyP had the most liked content!

DustyP's Achievements


Newbie (1/14)



  1. I haven't learned how to do subscription billing. I haven't even used Stripe live for single payment yet. But I like the idea. In fact, the storage company I'm doing this for manually charges customer's credit cards each month that they have on file (not digitally but in a real locked file).
  2. Thanks for the reply. I am making an online payment script for a storage rental company with 700+ units. Right now the estimate is that between two and four hundred renters will pay their monthly storage rent online. The way they do it is that whatever day of the month someone rents a unit, that day is their monthly due date. If they're five days late on making their payment a $10 late fee is added to their payment due amount. If one month late another $10 late fee is added and so on until they are four months past due and the account is closed and legal proceedings are put into action. When a renter logs in, my script checks to see when they last made a successful payment and then goes through a series of if - elseif clauses to determine their rent payment and late fees. I had the Stripe payment form in each elseif clause that went to the payment processor page. This didn't work, so I removed the Stripe payment forms from the elseif clauses and just put a "Pay Now" link using "r=$rentdue&l=$latefees" that sent the information to the payment processor page that now contained the Stripe payment form. Having the payment form on the same page as the processing magic fixed the problem and it's working in test mode at least. I still have to test for card errors and such but at least I'm making progress. Thanks again for all the help.
  3. My Stripe logs do not have anything listed. Both my form page and payment processor page are https. Here's my form: <form id='payment-form' action='https://www.mydomain.com/members/credit-pay.php' method='post'> <fieldset> <span class='help-block'>You can pay using: Mastercard, Visa, American Express, JCB, Discover, and Diners Club.</span> <div class='alert alert-info'><h4>JavaScript Required!</h4>For security purposes, JavaScript must be enabled on your computer or device in order to complete your order.</div> <legend>Pay with Credit or Debit Card</legend> <input name='latefees' type='hidden' value='$latefees'> <input name='total' type='hidden' value='$totalpayment'> <div class='form-group'> <label>Your Email</label> <input type='text' size='25' name='youremail' maxlength='65' placeholder='Email'> </div> <div class='form-group'> <label>Card Number</label> <input type='text' size='25' autocomplete='off' placeholder='Card Number'><br> <span class='help-bloc'>Enter the number without spaces or hyphens.</span> </div> <div class='form-group'> <label>CVC - (3-4 digit number on credit card)</label> <input type='text' size='4' autocomplete='off' placeholder='CVV' class='card-cvc input-mini'> </div> <div class='form-group'> <label>Expiration (MM / YYYY)</label> <input type='text' size='2' placeholder='MM' class='card-expiry-month input-mini'> <span> / </span> <input type='text' size='4' placeholder='YYYY' class='card-expiry-year input-mini'> </div> <div class='control-group'> <button type='submit' class='btn btn-success' id='submitBtn'>Submit Payment</button> </div> </fieldset> </form> My payment processor page: <?php include('includes/config.inc.php'); include('functionsbuy.php'); require(MYSQLGENES); if (!isset($_SESSION['rid'])) { header("Location: login.php"); exit(); } else { $page_title = "Rental Payment"; top($page_title); // Today's date with date() $now = date('Y-m-d'); $today = strtotime($now); $y = date('Y', $today); $m = date('n', $today); // month as 2 $mm = date('m', $today); // month as 02 $mmm = date('M', $today); // month as Feb $d = date('j', $today); // day as 3 $dd = date('d', $today); // day as 03 $thisdate = $d .$mmm . ", " . $y; $sessemail = $_SESSION['email']; // Set the Stripe key: // Uses STRIPE_PUBLIC_KEY from the config file. echo '<script type="text/javascript">Stripe.setPublishableKey("' . STRIPE_PUBLIC_KEY . '");</script>'; // Check for a form submission: if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Stores errors: $errors = array(); // Need a payment token: if (isset($_POST['stripeToken'])) { $token = $_POST['stripeToken']; // Check for a duplicate submission, just in case: // Uses sessions, you could use a cookie instead. if (isset($_SESSION['token']) && ($_SESSION['token'] == $token)) { $errors['token'] = 'You have apparently resubmitted the form. Please do not do that.'; } else { // New submission. $_SESSION['token'] = $token; } } else { $errors['token'] = 'The order cannot be processed. Please make sure you have JavaScript enabled and try again.'; } // Set the order amount: $total = stripslashes(trim($_POST['total'])); $total = escape_data(htmlspecialchars($total)); $total = $total * 100; $amount = $total; // in cents // Validate other form data! $latefees = stripslashes(trim($_POST['latefees'])); $latefees = escape_data(htmlspecialchars($latefees)); $name = $_SESSION['name']; $unit = $_SESSION['unit']; if (!empty($_POST['youremail'])) { if (preg_match('/^[[:alnum:]][a-z0-9_\.\-]*@[a-z0-9\.\-]+\.[a-z]{2,4}$/', stripslashes(trim($_POST['youremail'])))) { $youremail = escape_data($_POST['youremail']); } else { $youremail = FALSE; $errors['youremail'] = 'Please enter a valid email address.'; // echo "<p><span class='error'>ERROR!</span> Please enter a valid email address.</p>"; } } else { $youremail = FALSE; $errors['youremail'] = 'Please enter your email address.'; } // If no errors, process the order: if (empty($errors)) { // create the charge on Stripe's servers - this will charge the user's card try { // Include the Stripe library: require_once('includes/stripe/lib/Stripe.php'); $descrip = "Rental Payment on unit# ". $unit . ". Amount: " . $total . ". Paid on: " . $thisdate . ". Thank You!"; // set your secret key: remember to change this to your live secret key in production // see your keys here https://manage.stripe.com/account Stripe::setApiKey(STRIPE_PRIVATE_KEY); // Charge the order: $charge = Stripe_Charge::create(array( "amount" => $total, // amount in cents, again "currency" => "usd", "card" => $token, "description" => $descrip, "receipt_email" => $youremail ) ); // Check that it was paid: if ($charge->paid == true) { // Store the order in the database. // Send the email. // Celebrate! echo 'Thank you! Your payment has been recieved. A receipt has been emailed to the address you provided.'; $chargeid = $charge->id; $paymentbrand = $charge->card->brand; $paymenttype = $charge->card->funding; $paymentgross = $charge->amount; $status = "Paid"; $qin = "INSERT INTO payment_history (phid, rid, pay_date, pay_day, pay_month, pay_year, amount_paid, late_fees, pay_method, pay_brand, pay_type, pay_gross, checknum, status) VALUES ('', '".$_SESSION['rid']."', '".$_SESSION['unit']."', NOW(), '$d', '$mmm', '$y', '".$_SESSION['totalpayment']."', '".$_SESSION['latefees']."', '', '$paymentbrand', '$paymenttype', 'paymentgross', '', '$status')"; $rin = mysqli_query ($dbc, $qin) or trigger_error("Query: $qin\n<br>MySQL Error: " . mysqli_error($dbc)); if (mysqli_affected_rows($dbc) == 1) { mail("payments@mydomain.com", "Storage Payment Made", "Storage Payment Made.", "From: postmaster@mydomain.com"); } else { mail("admin@mydomain.com", "Payment table failed to update", "Payment table failed to update.", "From: postmaster@mydomain.com"); } // Clear the session: unset ($_SESSION['sessemail']); unset ($_SESSION['total']); unset ($_SESSION['latefees']); unset ($_SESSION['unit']); unset ($_SESSION['youremail']); footer(); exit(); } else { // Charge was not paid! echo '<div class="alert alert-error"><h4>Payment System Error!</h4>Your payment could NOT be processed (i.e., you have not been charged) because the payment system rejected the transaction. You can try again or use another credit or debit card.</div>'; } } catch (Stripe_CardError $e) { // Card was declined. $e_json = $e->getJsonBody(); $err = $e_json['error']; $errors['stripe'] = $err['message']; } catch (Stripe_ApiConnectionError $e) { // Network problem, perhaps try again. } catch (Stripe_InvalidRequestError $e) { // You screwed up in your programming. Shouldn't happen! } catch (Stripe_ApiError $e) { // Stripe's servers are down! } catch (Stripe_CardError $e) { // Something else that's not the customer's fault. } } // A user form submission error occurred, handled below. } // Form submission. // Show PHP errors, if they exist: if (isset($errors) && !empty($errors) && is_array($errors)) { echo '<div class="alert alert-error"><h4>Error!</h4>The following error(s) occurred:<ul>'; foreach ($errors as $e) { echo "<li>$e</li>"; } echo '</ul></div>'; } echo "<div id='payment-errors'></div>"; } footer(); ?> I have no doubt that it's a programming error on my part, but I've been looking at it for so long I can't see the mistake/problem. Is there anything that jumps out at you that would prevent this from working? Thanks.
  4. I'm using Stripe (in test mode) and on my payment page I'm getting the error: On the payment page: // Need a payment token: if (isset($_POST['stripeToken'])) { $token = $_POST['stripeToken']; // Check for a duplicate submission, just in case: // Uses sessions, you could use a cookie instead. if (isset($_SESSION['token']) && ($_SESSION['token'] == $token)) { $errors['token'] = 'You have apparently resubmitted the form. Please do not do that.'; } else { // New submission. $_SESSION['token'] = $token; } } else { $errors['token'] = 'The order cannot be processed. Please make sure you have JavaScript enabled and try again.'; } My form is on another page and is sent to my payment page (what would be your buy.php page). I have buy.js set in the header of the payment page and I'm calling it on the form page as well. I have the Strip php library installed and correctly pointed to. My form page is regular http while my payment page is https. I have a SSL certificate. Javascript is not disabled. What would be the reason that the stripe token isn't being submitted or picked up? Thanks.
  5. Oops. Okay, I'm going to my room now. Thanks. Looking forward to reading the book - the whole book.
  6. I just received the book and I immediately turned to chapter 18 and I noticed that the escape_data function is no longer being used in the mysqli_connect file. That's disappointing. I noticed however, that much of the same proceedure for working through the POST variables includes pretty much everything the escape_data fucntion from the old book (PHP and MySQL for dynamic websites 2nd edition) used. I tried adding an escape data function to the mysqli_connect file but it threw an immediate error. Unexpected "{" (the first one). I guess this function is no longer good with php 5. function_escape_data($data) { if (ini_get('magic_quotes_gpc')) { $data = stripslashes($data); } global $dbc; $data = mysqli_real_escape_string($dbc, trim($data)); return $data; }
  7. Thanks, I just bought the book (PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)) on Amazon. Be here in a couple weeks.
  8. My question is kinda-sorta related to this book. I have it and I've used it so much that it is coming apart. But, my new web hosting servers are using Php 5 and MySQL 5 and I'm finding that some of the code I'm using isn't working right, when they did in Php 4 and MySQL 3, etc. Plus, when I go to PHP forums and ask a question I get chewed out for not using mysqli. In the back of this book in chapter 14 it uses mysqli, but there is no example of it being used in an update query. I know that I should be able to put 2 and 2 together and figure it out, but it works better for me to actually see it in action. Anyway, what book should I get next to learn mysqli in detail? I saw this: PHP 5 Advanced: Visual QuickPro Guide (2nd Edition) What do you think? I have other books (non Larry books) but I like Larry's coding style and would like to stuck with it. A finger point in the right direction would be great. Thanks
  9. I found the source of my problem... me. I use a functions page for my websites that contains the header, footer and other code for my members area pages. I call it into a page through an include. This allows me to make additional pages quickly & easily and it cuts down on the amount of code/html I have to put on a page other than that which is specific to that individual page. If works great, but in an effort to further minimze the information I put on my pages I put the require_once('includes/mysqlconnect.php'); on the functions page and appearantly this is what created my problem. When I removed the require_once from my functions page and put it back on the individual pages it worked fine. My functions page is located in the members directory root while the mysqlconnect.php is located in the "includes" folder within the members directory. On my pages I call the functions page in with include('functions.php'); and inside that include was the require_once include for the connect script. I'm guessing that inlcudes in an include isn't a good thing. Anyway, its working now. Sorry for the trouble and thanks for the response. Dusty
  10. In Chapter 13 the mysql_connect.php script. I have all the information on this script that is in the book and the script from the supporting website. I have it on the page at the top. I'm getting this error for each of my fields: This is line 37: The error page also has this: This is line 223: "mysql_close($dbc); // Close the database connection." My php version is 5.2.17 When I run phpinfo.php I see no listing for "mysql_real_escape_string", but "magic_quotes_gpc" is turned on. Thanks Dusty
  • Create New...