我的网站提供服务,只有在创建帐户后才会授予访问权限,这只有在付款完成后才会发生。
我遇到的问题是我的mySQL语句如下。我知道语句本身没有任何“破坏性”错误,因为如果我设置$usr_name = 'bob'而不是会话变量(这是我需要的),它会被添加到数据库中而没有任何问题使用完全相同的mySQL查询。当我尝试将变量设置为下面的会话变量时,会出现问题。当我这样做时,一个空行被添加到数据库中。
您会认为会话变量不包含任何内容,这对我的问题是一个逻辑解释,但是,下面的代码中的echo从会话变量获取其值会打印出应有的所有内容,因此会话变量设置正确。
我还想补充一点,代码在大多数情况下都是正确编写的,并且在付款完成时可以获得最内部的if语句。
另外,尝试在我的查询中添加或die(mysql_error()),并且没有打印错误。
如果有人可以建议我尝试解决这个问题,我真的很感激。
<?php
session_start();
//Create mysql connect variable
$conn = mysql_connect('myhostedresource.com', 'user', 'password');
//kill connection if error occurs
if(!$conn){
die('Error: Unable to connect.' . '<br>' . mysql_error());
}
//connect to mysql database
mysql_select_db("stevenash", $conn);
// PHP 4.1
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$usr_email = mysql_real_escape_string($_SESSION['email']);
$usr_compname = mysql_real_escape_string($_SESSION['compname']);
$usr_city = mysql_real_escape_string($_SESSION['city']);
$usr_state = mysql_real_escape_string($_SESSION['state']);
$usr_phone = mysql_real_escape_string($_SESSION['phone']);
$usr_password = mysql_real_escape_string($_SESSION['password']);
$usr_first = mysql_real_escape_string($_SESSION['first']);
$usr_last = mysql_real_escape_string($_SESSION['last']);
$_SESSION['email'];
if (!$fp) {
// HTTP ERROR
}else{
fputs ($fp, $header . $req);
while (!feof($fp)) {
$res = fgets ($fp, 1024);
if (strcmp ($res, "VERIFIED") == 0) {
// check the payment_status is Completed
if($payment_status == 'Completed'){
$txn_id_check = mysql_query("SELECT txn_id FROM log WHERE txn_id='$txn_id'");
//add user to database
if(mysql_num_rows($txn_id_check) != 1){ //payment has not been processed yet
//continue processing
if($receiver_email=='matthayzon89@gmail.com'){
if($payment_amount=='1.00' && $payment_currency=='USD'){
//add transaction id to db
mysql_query("INSERT INTO log (`log_id`, `txn_id`, `email`) VALUES('','$txn_id','$payer_email')", $conn);
$myString = "INSERT users (`email`, `compname`, `city`, `state`, `phone`, `password`, `first`, `last`)
VALUES('".$usr_email."','".$usr_compname."','".$usr_city."','".$usr_state."','".$usr_phone."','".$usr_password."','".$usr_first."','".$usr_last."')";
echo $myString;
mysql_query($myString,$conn);
}
}
}
}
// check that txn_id has not been previously processed
// check that receiver_email is your Primary PayPal email
// check that payment_amount/payment_currency are correct
// process payment
}
else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
}
}
fclose ($fp);
}
?>
答案 0 :(得分:0)
我相信第二个查询中的id是AUTO_INCREMENT。每当AUTO_INCREMENT字段存在时,请不要在查询中使用它们。您也将其设置为'',这是不正确的。
您的查询应。
mysql_query("
INSERT INTO users
(`email`, `compname`, `city`, `state`, `phone`, `password`, `first`, `last`)
VALUES(
'$usr_email','$usr_compname','$usr_city','$usr_state',$usr_phone,
'$usr_password','$usr_first','hello')",$conn);
$usr_phone也不应引用,因为电话号码是整数值......
答案 1 :(得分:0)
mysql_query("INSERT INTO log (log_id, txn_id, email) VALUES('','$txn_id','$payer_email')", $conn);
mysql_query("INSERT INTO users (`id`, `email`, `compname`, `city`, `state`, `phone`, `password`, `first`, `last`)
VALUES('', '$usr_email','$usr_compname','$usr_city','$usr_state','$usr_phone','$usr_password','$usr_first','hello')",$conn);
在运行SQL之前尝试打印出来,看看它在做什么:
$logSql = "INSERT INTO log (log_id, txn_id, email) VALUES('','$txn_id','$payer_email')";
echo $logSql;
// mysql_query($logSql, $conn);
$insertSql = "INSERT INTO users (`id`, `email`, `compname`, `city`, `state`, `phone`, `password`, `first`, `last`)
VALUES('', '$usr_email','$usr_compname','$usr_city','$usr_state','$usr_phone','$usr_password','$usr_first','hello')";
echo $insertSql;
// mysql_query($insertSql, $conn);
找出问题所在并继续向后工作(添加echo语句),直至找到问题的根源。