Paypal IPN变量不添加和更新

时间:2013-04-21 09:57:12

标签: php mysql

我有一个Paypal IPN脚本,可以获取成功传输的事务数据并将其存储在mysql表中。但我想在我的网站中添加此交易的paypal金额与当前会员余额。

<?php
session_start();
if (!isset($_SESSION['Email'])) {
header('Location: mainerror.php');
}
$Email=$_SESSION['Email'];
  $connn = mysql_connect("localhost","******","*******");
if (!$connn)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("********", $connn);
        $result1 = mysql_query("SELECT * from members WHERE Email='$Email' ");
//Use the mysql_fetch_array function on the resource returned by the mysql_query
$row1 = mysql_fetch_assoc($result1);
$old = $row1['balance'];
// STEP 1: Read POST data

// reading posted data from directly from $_POST causes serialization 
// issues with array data in POST
// reading raw POST data from input stream instead. 
$raw_post_data = file_get_contents('php://input');
$raw_post_array = explode('&', $raw_post_data);
$myPost = array();
foreach ($raw_post_array as $keyval) {
  $keyval = explode ('=', $keyval);
  if (count($keyval) == 2)
     $myPost[$keyval[0]] = urldecode($keyval[1]);
}
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
if(function_exists('get_magic_quotes_gpc')) {
   $get_magic_quotes_exists = true;
} 
foreach ($myPost as $key => $value) {        
   if($get_magic_quotes_exists == true && get_magic_quotes_gpc() == 1) { 
        $value = urlencode(stripslashes($value)); 
   } else {
        $value = urlencode($value);
   }
   $req .= "&$key=$value";
}


// STEP 2: Post IPN data back to paypal to validate

$ch = curl_init('https://www.sandbox.paypal.com/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_FORBID_REUSE, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: Close'));

// In wamp like environments that do not come bundled with root authority certificates,
// please download 'cacert.pem' from "http://curl.haxx.se/docs/caextract.html" and set the directory path 
// of the certificate as shown below.
// curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem');
if( !($res = curl_exec($ch)) ) {
    // error_log("Got " . curl_error($ch) . " when processing IPN data");
    curl_close($ch);
    exit;
}
curl_close($ch);


// STEP 3: Inspect IPN validation result and act accordingly

if (strcmp ($res, "VERIFIED") == 0) {
    // check whether the payment_status is Completed
    // check that txn_id has not been previously processed
    // check that receiver_email is your Primary PayPal email
    // check that payment_amount/payment_currency are correct
    // process payment

    // assign posted variables to local variables
     $payment_currency = $_POST['mc_currency'];
    $txn_id = $_POST['txn_id'];
$address_zip = $_POST['address_zip'];
$address_country = $_POST['address_country_code'];
$payment_date = $_POST['payment_date'];
    $payer_email = $_POST['payer_email'];
    $first_name = $_POST['first_name'];
    $last_name = $_POST['last_name'];
    $item_name = $_POST['item_name'];
    $item_number = $_POST['item_number'];
    $payment_status = $_POST['payment_status'];
    $payment_amount = $_POST['mc_gross'];


$con=mysqli_connect("localhost","******","******","*******");

// Check connection
if (mysqli_connect_errno())
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }

mysqli_query($con,"INSERT INTO sales (item_name, item_number, payment_status, mc_gross, mc_currency, txn_id, payer_email, first_name, last_name, payment_date, address_zip, address_country)
VALUES ('$item_name', '$item_number', '$payment_status', '$payment_amount', '$payment_currency', '$txn_id', '$payer_email', '$first_name', '$last_name', '$payment_date', '$address_zip', '$address_country')");

$new = ($old + $payment_amount);
mysqli_query($con,"UPDATE members SET balance='$new'
WHERE Email='$payer_email'");
mysqli_close($con);

} else if (strcmp ($res, "INVALID") == 0) {
    // log for manual investigation
}
?>

我想使用$ payment_amount从交易中添加当前会员金额的旧金额。但我最终只在会员表中更新了$ payment_amount。

1 个答案:

答案 0 :(得分:1)

由于似乎$old变量在任何地方都没有定义,我会有不同的方法。插入查询后,我会从members表中获取旧金额,然后使用新的金额数据更新它,例如

$query = mysqli_query($con,"SELECT balance FROM members WHERE Email='$payer_email'");
if($row = mysqli_fetch_array($query))
{
    $sql = mysqli_query($con, "UPDATE members SET balance = '".$row['balance'] + $payment_amount."' WHERE Email = '$payer_email'");
}

因此代码看起来像那样

mysqli_query($con,"INSERT INTO sales (item_name, item_number, payment_status, mc_gross, mc_currency, txn_id, payer_email, first_name, last_name, payment_date, address_zip, address_country) VALUES ('$item_name', '$item_number', '$payment_status', '$payment_amount', '$payment_currency', '$txn_id', '$payer_email', '$first_name', '$last_name', '$payment_date', '$address_zip', '$address_country')");

$query = mysqli_query($con,"SELECT balance FROM members WHERE Email='$payer_email'");
if($row = mysqli_fetch_array($query))
{
    $sql = mysqli_query($con, "UPDATE members SET balance = '".$row['balance'] + $payment_amount."' WHERE Email = '$payer_email'");
}

mysqli_close($con);

} else if (strcmp ($res, "INVALID") == 0) {
    // log for manual investigation
}