我已经成功地设置了一个表单,需要用户的详细信息,然后,在提交时,在将详细信息添加到我的mySQL数据库之前采取paypal支付。
这是我的html:
<form id="paypal_form" class="paypal" action="payments.php" method="post" target="_blank">
Membership:
<input type="hidden" name="on0" value="Membership">
<select name="os0">
<option value="Level 1">Level 1 - £21.00 GBP</option>
<option value="Level 2">Level 2 - £25.00 GBP</option>
<option value="Level 3">Level 3 - £65.00 GBP</option>
</select>
<input type="text" name="title" value="" />
<input type="text" name="name" value="" />
<input type="text" name="surname" value="" />
<input type="text" name="address_1" value="" />
<input type="text" name="address_2" value="" />
<input type="text" name="address_3" value="" />
<input type="text" name="county" value="" />
<input type="text" name="postcode" value="" />
<input type="text" name="job_title" value="" />
<input type="text" name="organisation" value="" />
<input type="text" name="email" value="" data-type="email"/>
<input type="text" name="phone" value="" />
<input name="cmd" type="hidden" value="_xclick" />
<input name="no_note" type="hidden" value="1" />
<input name="lc" type="hidden" value="UK" />
<input name="currency_code" type="hidden" value="GBP" />
<input name="bn" type="hidden" value="PP-BuyNowBF:btn_buynow_LG.gif:NonHostedGuest" />
<input name="payer_email" type="hidden" value="customer@example.com" />
<input name="item_number" type="hidden" value="123456" />
<input type="submit" value="Submit Payment" class="button large orange" />
</form>
<?php
// Database variables
$host = "localhost"; //database location
$user = "user101"; //database username
$pass = "login"; //database password
$db_name = "db101"; //database name
// PayPal settings
$paypal_email = 'MY PAYPALL EMAIL';
$return_url = 'MY THANKS PAGE';
$cancel_url = 'MY CANCEL PAGE';
$notify_url = 'LINK TO PAYMENTS.PHP';
$item_name = 'Test Item';
$item_amount = 0.01;
// Include Functions
include("functions.php");
//Database Connection
$link = mysql_connect($host, $user, $pass);
mysql_select_db($db_name);
// Check if paypal request or response
if (!isset($_POST["txn_id"]) && !isset($_POST["txn_type"])) {
// Firstly Append paypal account to querystring
$querystring .= "?business=" . urlencode($paypal_email) . "&";
// Append amount& currency (£) to quersytring so it cannot be edited in html
//The item name and amount can be brought in dynamically by querying the $_POST['item_number'] variable.
$querystring .= "item_name=" . urlencode($item_name) . "&";
$querystring .= "amount=" . urlencode($item_amount) . "&";
//loop for posted values and append to querystring
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$querystring .= "$key=$value&";
}
// Append paypal return addresses
$querystring .= "return=" . urlencode(stripslashes($return_url)) . "&";
$querystring .= "cancel_return=" . urlencode(stripslashes($cancel_url)) . "&";
$querystring .= "notify_url=" . urlencode($notify_url);
// Append querystring with custom field
//$querystring .= "&custom=".USERID;
// Redirect to paypal IPN
header('location:https://www.paypal.com/cgi-bin/webscr' . $querystring);
exit();
} else {
// Response from Paypal
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$value = preg_replace('/(.*[^%^0^D])(%0A)(.*)/i', '${1}%0D%0A${3}', $value); // IPN fix
$req .= "&$key=$value";
}
// assign posted variables to local variables
$data['item_name'] = $_POST['item_name'];
$data['item_number'] = $_POST['item_number'];
$data['payment_status'] = $_POST['payment_status'];
$data['payment_amount'] = $_POST['mc_gross'];
$data['payment_currency'] = $_POST['mc_currency'];
$data['txn_id'] = $_POST['txn_id'];
$data['receiver_email'] = $_POST['receiver_email'];
$data['payer_email'] = $_POST['payer_email'];
$data['custom'] = $_POST['custom'];
// post back to PayPal system to validate
$header = "POST /cgi-bin/webscr HTTP/1.0'r'n";
$header .= "Content-Type: application/x-www-form-urlencoded'r'n";
$header .= "Content-Length: " . strlen($req) . "'r'n'r'n";
$fp = fsockopen('ssl://www.paypal.com', 443, $errno, $errstr, 30);
if (!$fp) {
// HTTP ERROR
} else {
fputs($fp, $header . $req);
while (!feof($fp)) {
$res = fgets($fp, 1024);
if (strcmp($res, "VERIFIED") == 0) {
// Used for debugging
//@mail("you@youremail.com", "PAYPAL DEBUGGING", "Verified Response<br />data = <pre>".print_r($post, true)."</pre>");
// Validate payment (Check unique txnid & correct price)
$valid_txnid = check_txnid($data['txn_id']);
$valid_price = check_price($data['payment_amount'], $data['item_number']);
// PAYMENT VALIDATED & VERIFIED!
if ($valid_txnid && $valid_price) {
$orderid = updatePayments($data);
if ($orderid) {
// Payment has been made & successfully inserted into the Database
} else {
// Error inserting into DB
// E-mail admin or alert user
}
} else {
// Payment made but data has been changed
// E-mail admin or alert user
}
} else if (strcmp($res, "INVALID") == 0) {
// PAYMENT INVALID & INVESTIGATE MANUALY!
// E-mail admin or alert user
// Used for debugging
//@mail("you@youremail.com", "PAYPAL DEBUGGING", "Invalid Response<br />data = <pre>".print_r($post, true)."</pre>");
}
}
fclose($fp);
}
}
?>
这是我的functions.php文件:
<?php
// functions.php
function check_txnid($tnxid)
{
global $link;
return true;
$valid_txnid = true;
//get result set
$sql = mysql_query("SELECT * FROM `payments` WHERE txnid = '$tnxid'", $link);
if ($row = mysql_fetch_array($sql)) {
$valid_txnid = false;
}
return $valid_txnid;
}
function check_price($price, $id)
{
$valid_price = false;
/*
you could use the below to check whether the correct price has been paid for the product
if so uncomment the below code
$sql = mysql_query("SELECT amount FROM `products` WHERE id = '$id'");
if (mysql_numrows($sql) != 0) {
while ($row = mysql_fetch_array($sql)) {
$num = (float)$row['amount'];
if($num == $price){
$valid_price = true;
}
}
}
return $valid_price;
*/
return true;
}
function updatePayments($data)
{
global $link;
if (is_array($data)) {
$sql = mysql_query("INSERT INTO `payments` (txnid, payment_amount, payment_status, itemid, createdtime) VALUES (
'" . $data['txn_id'] . "' ,
'" . $data['payment_amount'] . "' ,
'" . $data['payment_status'] . "' ,
'" . $data['item_number'] . "' ,
'" . date("Y-m-d H:i:s") . "'
)", $link);
return mysql_insert_id($link);
}
}
?>
下面是我的MySQL查询,它正确设置了我的数据库表:
CREATE TABLE IF NOT EXISTS `payments` (
`id` int(6) NOT NULL AUTO_INCREMENT,
`txnid` varchar(20) NOT NULL,
`payment_amount` decimal(7,2) NOT NULL,
`payment_status` varchar(25) NOT NULL,
`itemid` varchar(25) NOT NULL,
`createdtime` datetime NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
我很高兴它所有的工作方式和信息确实通过进入我的数据库成功付款后。我的问题然而,是如何我也发送额外的html表单字段,如姓名,姓氏,address_1,到mySQL数据库?
提前感谢您的帮助。
我想我需要编辑functions.php和payments.php文件,但我在mysql没有经验,不知道如何去做,而不打破迄今为止似乎工作的过程。
再次感谢!
需要做的第一件事是在mySQL表中创建额外的字段,因此我们将SQL查询更改为以下内容:
CREATE TABLE IF NOT EXISTS `payments` (
`id` int(6) NOT NULL AUTO_INCREMENT,
`txnid` varchar(20) NOT NULL,
`payment_amount` decimal(7,2) NOT NULL,
`payment_status` varchar(25) NOT NULL,
`itemid` varchar(25) NOT NULL,
`createdtime` datetime NOT NULL,
`customer_title` varchar(10) NOT NULL,
`customer_name` varchar (50) NOT NULL,
`customer_surname` varchar (50) NOT NULL,
`customer_address_1` varchar (50) NOT NULL,
`customer_address_2` varchar (50) NOT NULL,
`customer_address_3` varchar (50) NOT NULL,
`customer_county` varchar (50) NOT NULL,
`customer_postcode` varchar (10) NOT NULL,
`customer_job_title` varchar (50) NOT NULL,
`customer_organisation` varchar (50) NOT NULL,
`customer_email` varchar (150) NOT NULL,
`customer_phone` varchar (15) NOT NULL
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
然后我们需要更改payments.php的张贴变量部分来获取额外的变量。
// assign posted variables to local variables
$data['item_name'] = $_POST['item_name'];
$data['item_number'] = $_POST['item_number'];
$data['payment_status'] = $_POST['payment_status'];
$data['payment_amount'] = $_POST['mc_gross'];
$data['payment_currency'] = $_POST['mc_currency'];
$data['txn_id'] = $_POST['txn_id'];
$data['receiver_email'] = $_POST['receiver_email'];
$data['payer_email'] = $_POST['payer_email'];
$data['custom'] = $_POST['custom'];
$data['customer_title'] = $_POST['title'];
$data['customer_name'] = $_POST['name'];
$data['customer_surname'] = $_POST['surname'];
$data['customer_address_1'] = $_POST['address_1'];
$data['customer_address_2'] = $_POST['address_2'];
$data['customer_address_3'] = $_POST['address_3'];
$data['customer_county'] = $_POST['county'];
$data['customer_postcode'] = $_POST['postcode'];
$data['customer_job_title'] = $_POST['job_title'];
$data['customer_organisation'] = $_POST['organisation'];
$data['customer_email'] = $_POST['email'];
$data['customer_phone'] = $_POST['phone'];
最后一部分是修改functions.php
中的updatePayments函数 $sql = mysql_query("INSERT INTO `payments` (txnid, payment_amount, payment_status, itemid, createdtime, customer_title, customer_name, customer_surname, customer_address_1, customer_address_2, customer_address_3, customer_county, customer_postcode, customer_job_title, customer_organisation, customer_email, customer_phone) VALUES (
'" . $data['txn_id'] . "' ,
'" . $data['payment_amount'] . "' ,
'" . $data['payment_status'] . "' ,
'" . $data['item_number'] . "' ,
'" . date("Y-m-d H:i:s") . "' ,
'" . $data['customer_title'] . "' ,
'" . $data['customer_name'] . "' ,
'" . $data['customer_surname'] . "' ,
'" . $data['customer_address_1'] . "' ,
'" . $data['customer_address_2'] . "' ,
'" . $data['customer_address_3'] . "' ,
'" . $data['customer_county'] . "' ,
'" . $data['customer_postcode'] . "' ,
'" . $data['customer_job_title'] . "' ,
'" . $data['customer_organisation'] . "' ,
'" . $data['customer_email'] . "' ,
'" . $data['customer_phone'] . "'
)", $link);
return mysql_insert_id($link);
除非我搞砸了,否则它应该存储你的额外信息