尝试获取将用户添加到数据库的脚本。但是在加载脚本之后会出现一个空白页面。有谁看到我做错了什么?我在pay pal沙盒中测试它。我已经尝试了一个表单的数据库代码,它的工作原理。我希望至少有一些错误,所以我可以弄清楚我做错了什么。
<?php
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-synch';
$tx_token = $_GET['tx'];
$auth_token = "<your identity token>";
$req .= "&tx=$tx_token&at=$auth_token";
// post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Host: http://www.sandbox.paypal.com\r\n";
// $header .= "Host: http://www.paypal.com\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
// url for paypal sandbox
$fp = fsockopen ('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
// url for payal
// $fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
// If possible, securely post back to paypal using HTTPS
// Your PHP server will need to be SSL enabled
// $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
if (!$fp) {
// HTTP ERROR
} else {
fputs ($fp, $header . $req);
// read the body data
$res = '';
$headerdone = false;
while (!feof($fp)) {
$line = fgets ($fp, 1024);
if (strcmp($line, "\r\n") == 0) {
// read the header
$headerdone = true;
}
else if ($headerdone) {
// header has been read. now read the contents
$res .= $line;
}
}
// parse the data
$lines = explode("\n", $res);
$keyarray = array();
if (strcmp ($lines[0], "SUCCESS") == 0) {
for ($i=1; $i<count($lines);$i++){
list($key,$val) = explode("=", $lines[$i]);
$keyarray[urldecode($key)] = urldecode($val);
}
// PAYMENT VALIDATED & VERIFIED!
echo"Verified!";
// include mysql connection information
include 'mysql_info.php';
// connect to mysql
$conn = mysqli_connect(DBHOST,DBUSER,DBPASS,DBNAME);
// Check if the connection failed
if( !$conn ) {
die('Failed to connect '.mysqli_connect_error());
// Hash the password to prevent knowing what it is
// we use the username as a salt so we can recreate the hash on login
// using strtolower on the user name so only the password is case sensitive
$email = $_POST['payer_email'];
$username = $_POST['os0'];
$pass = hash('sha256',strtolower($_POST['username']).$_POST['os1']);
// prepare data for database
$username = mysqli_real_escape_string($conn,$_POST['username']);
$email = mysqli_real_escape_string($conn,$_POST['email']);
// Create the insert query, using real_escape_string to prevent SQL Injection
$query = sprintf("INSERT INTO `users` (`username`,`email`,`password`) VALUES ('%s','%s','%s')",
$username, $email, $pass);
// Attempt insert the new user
if( mysqli_query($conn,$query) ) {
die('You have successfully registered as '.$_POST['username'].'<br /><a href="/login.php">Click here</a> to log in.');
} else {
// Insert failed, set error message
$errors[] = 'Error adding user to database, MySQL said:<br>
('.mysqli_errno($conn).') '.mysqli_error($conn).'</span>';
}
}
}
else if (strcmp ($lines[0], "FAIL") == 0) {
// log for manual investigation
echo "Fail!";
}
}
fclose ($fp);
?>