spinner0205 Posted November 13, 2010 Share Posted November 13, 2010 I need some helping with writing code for a web page that allows users to enter information in a PHP form along with proceeding to a PayPal payment page after entering the info. The information entered will be added to an SQL database, and only added after payment confirmation, then have those database entries expire after 1 month. This is what I have got so far, not sure if it is even correct. If it is, then I just need to added PayPal payment and SQL database expiration code. <html> <head> <title>Server Donation Page</title> </head> <body> <?php $hostname = "hostname"; $db_user = "dbuser"; $db_password = "dbpassword"; $database = "database"; $db_table = "table"; $db = mysql_connect($hostname, $db_user, $db_password); mysql_select_db($database,$db_table); if (isset($_REQUEST['Submit'])) { $sql = "INSERT INTO $db_table(id,user_email) values ('".mysql_real_escape_string(stripslashes($_REQUEST['id']))."','".mysql_real_escape_string(stripslashes($_REQUEST['user_email']))."')"; if($result = mysql_query($sql ,$db)) { echo '<h1>Thank you,</h1> your information has been entered into our database sucessfully.<br><br><img src=""'; } else { echo "ERROR: ".mysql_error(); } } else { ?> <h1>Server Donation Page</h1><hr> <form method="post" action=""> Steam ID (format STEAM_0:x:xxxxxxxx, go to <a href="http://www.steamidfinder.com">Steam ID Finder</a>):<br> <input type="text" name="id"> <br> Your Email: <br> <input type="text" name="user_email"> <br><br> <input type="hidden" name="authtype" value="steam" /> <input type="hidden" name="flags" value="o" /> <input type="hidden" name="immunity" value="0" /> <input type="hidden" name="identity" value="donator" /> <input type="submit" name="Submit" value="Submit"> </form> <?php } ?> </body> </html> Thanks in advance! Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted November 13, 2010 Share Posted November 13, 2010 Why are you applying stripslashes()? Is magic_quotes_gpc set to On in your php.ini file? Quote Link to comment Share on other sites More sharing options...
spinner0205 Posted November 14, 2010 Author Share Posted November 14, 2010 Lets just say I know close to NOTHING with php so I am more looking for some help with coding from the ground up. That was just a very basic php form from a tutorial, the other things I would like to do I cannot find anywhere. Quote Link to comment Share on other sites More sharing options...
revraz Posted November 14, 2010 Share Posted November 14, 2010 Give it a run and see what errors develop. Quote Link to comment Share on other sites More sharing options...
spinner0205 Posted November 14, 2010 Author Share Posted November 14, 2010 Works fine as a basic PHP form with some invisible fields, just doesn't connect to my database, because it is showing the "Thank you, you information..." message even before submitting anything. No errors or anything. Besides that, I just would like to know how to use it to submit only after a PayPal confirmation, and have it expire after 1 month. Quote Link to comment Share on other sites More sharing options...
revraz Posted November 15, 2010 Share Posted November 15, 2010 That is because you are running your SQL before you get to the form part. You should only enter data when Submit is sent. Quote Link to comment Share on other sites More sharing options...
TrueColors Posted November 15, 2010 Share Posted November 15, 2010 It's not perfect, but try this. <?php $hostname = "hostname"; $db_user = "dbuser"; $db_password = "dbpassword"; $database = "database"; $db_table = "table"; $db = mysql_connect($hostname, $db_user, $db_password); mysql_select_db($database,$db_table); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Server Donation Page</title> </head> <body> <?php if(isset($_POST['submit'])) { $id = mysql_real_escape_string(stripslashes($_POST['id'])); $user_email = mysql_real_escape_string(stripslashes($_POST['user_email'])); $result = mysql_query("INSERT INTO $db_table (id,user_email) values ('$id','$user_email')", $db); if($result == TRUE) { echo '<h1>Thank you,</h1> your information has been entered into our database sucessfully.<br><br><img src="" />'; } else { echo "ERROR: ".mysql_error(); } } else { ?> <h1>Server Donation Page</h1><hr> <form method="post" action=""> <table> <tr><td>Steam ID (format STEAM_0:x:xxxxxxxx, go to <a href="http://www.steamidfinder.com">Steam ID Finder</a>):</td></tr> <tr><td><input type="text" name="id"></td></tr> <tr><td>Your Email:</td></tr> <tr><td><input type="text" name="user_email"></td></tr> <tr><td> <input type="hidden" name="authtype" value="steam" /> <input type="hidden" name="flags" value="o" /> <input type="hidden" name="immunity" value="0" /> <input type="hidden" name="identity" value="donator" /> </td> </tr> <tr><td><input type="submit" name="submit" value="Submit"></td></tr> </table> </form> <?php } ?> </body> </html> Changed $_REQUEST to $_POST. Tidied it up and made some minor changes. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.