Академический Документы
Профессиональный Документы
Культура Документы
Click Get Started under the Premier Title; you will be redirected to a signup form. Please fill in all necessary information. When your account has been created, login and move on to step 2.
Now on the next screen you will see that IPN is set to off; click Edit to change that.
At the start of this tutorial, I mentioned that you would need an online website. Why? Well we are going to ask PayPal to send us data when a payment is complete. PayPal cant reach local hosted websites unless you have all settings configured correctly. (This involves opening ports on your router). So, Ill enter the url to my validation script for example http://www.yourdomain.com/PayPal/ipn.php. PayPal will then post a notification to my server, at the URL Ive specified.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Nettuts.com | Purchase access to download area</title> <link rel="stylesheet" type="text/css" media="All" href="css/style.css" /> </head> <body> <div id="wrap"> <h3>Purchase Access</h3> <p>Please click the button below to receive login details for the download area. <br /> Already have an account? <a href="login.php">Login</a> here.</p> <!-- Paste your PayPal button code here (That you will get in the next step) --> </div> </body> </html>
body{ background: #2D2D2D; /* Set Website Background Color */ font: 11px 'Verdana'; /* Set Website Font Size & Font Type */ } #wrap{ margin: 0 auto; /* Center Our Content */ width: 500px; /* Set The Width For Our Content */ background: #FFF; /* Set Content Background Color */ padding: 10px; /* Set Padding For Content */ border: 1px solid #000; /* Add A Border Around The Content */ }
You may choose three types of buttons, Sell single items, Sell multiple items and, Subscription. Now in this tutorial we are going to create a single item. When someone purchases this single item, in this case access to a download area. Once the payment has been validated, an email will be sent with there details.
Lets enter some information for our purchase button; you may leave the rest as it is.
When you have finished filling in each section, generate the code. Copy this code to your clipboard, and then paste it insideindex.php where I added the comment in the html page. Please review step 3, if needed.
This should work perfectly. Users can click the button and complete their purchase.
1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39.
<?php mysql_connect("localhost", "user", "password") or die(mysql_error()); mysql_select_db("PayPal") or die(mysql_error()); // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&$key=$value"; } // post back to PayPal system to validate $header = "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30); if (!$fp) { // HTTP ERROR } else { fputs ($fp, $header . $req); while (!feof($fp)) { $res = fgets ($fp, 1024); if (strcmp ($res, "VERIFIED") == 0) { // PAYMENT VALIDATED & VERIFIED! } else if (strcmp ($res, "INVALID") == 0) { // PAYMENT INVALID & INVESTIGATE MANUALY! } } fclose ($fp); } ?>
Please fill in the correct credentials for your database so we can insert data in the next step. PayPal POSTS data to the url we specified. In this example we only need the email address from the buyer, so that we may send him his login information. This code above will read the data PayPal sends and return the info to PayPal. Ive added two comments where the code should come if its validated. Additionally, Ive also added a comment that specifies what should be done if its not validated.
Next, we must enter our table details; we need an ID with a primary key selection and it should auto increment; next an email and password field.
For those of you dont have the time to enter all of this information, below is a small MySQL Dump code to recreate the table. CREATE TABLE `users` ( `id` int(10) NOT NULL auto_increment, `email` varchar(50) NOT NULL, `password` varchar(32) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
1. 2. 3.
We must create one last variable which is the password that we will generate using php.
view plaincopy to clipboardprint?
1. 2. 3. 4.
As you can see, we used mt_rand to generate a random password in this case a numeric value between 1000 and 9999. Next, we need to insert this data into our database. To do so, well use the mysql insert query.
view plaincopy to clipboardprint?
1. 2. 3.
4. 5. 6.
$password = mt_rand(1000, 9999); mysql_query("INSERT INTO users (email, password) VALUES('". mysql_escape_string($email) ."', '".md5($password)."' ) ") or die(mys ql_error());
Here we tell our script to insert the email and the password into our database. Ive added a mysql_escape_string to ensure that mysql injection isnt possible. Ive also added the md5 function to our password so that it will be stored as a 32character hash. Now the account is created; lets move on to the next step.
1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23.
// PAYMENT VALIDATED & VERIFIED! $email = $_POST['payer_email']; $password = mt_rand(1000, 9999); mysql_query("INSERT INTO users (email, password) VALUES('". mysql_escape_string($email) ."', '".md5($password)."' ) ") or die(mys ql_error()); $to = $email; $subject = 'Download Area | Login Credentials'; $message = ' Thank you for your purchase Your account information ------------------------Email: '.$email.' Password: '.$password.' ------------------------You can now login at http://yourdomain.com/PayPal/'; $headers = 'From:noreply@yourdomain.com' . "\r\n"; mail($to, $subject, $message, $headers);
Lets break this email function down. We use the variable $email to get the users email address and assign it to the $to variable. The variable $subject is the title/subject that you will see in your email program. After this, we have our message, which will contain a thank you note as well as the account information. The $email and $password variables in the message will change to the correct information once the email has been sent. We also have set a custom header. When the user receives the email, the from address will display as noreply@yourdomain.com.
1. 2. 3. 4. 5. 6. 7. 8.
// PAYMENT INVALID & INVESTIGATE MANUALY! $to = 'invalid@yourdomain.com'; $subject = 'Download Area | Invalid Payment'; $message = ' Dear Administrator,
A payment has been made but is flagged as INVALID. Please verify the payment manualy and contact the buyer. Buyer Email: '.$email.' '; $headers = 'From:noreply@yourdomain.com' . "\r\n"; mail($to, $subject, $message, $headers);
This code is nearly the same as above, only we made some changes to the receiver, subject and message.
1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Nettuts.com | Login</title> <link rel="stylesheet" type="text/css" media="All" href="css/style.css" /> </head> <body> <div id="wrap"> <h3>Login</h3> <p>Please enter your login credentials to get access to the download area</p> <form method="post" action="" > <fieldset> <label for="email">Email:</label><input type="text" name="email" value="" /> <label for="password">Password:</label><input type="text" name="password" value="" /> <input type="submit" value="Login" /> </fieldset> </form> </div> </body> </html>
Add to style.css
view plaincopy to clipboardprint?
1. 2. 3. 4. 5. 6. 7. 8. 9. 10.
label{ display: block; /* Make sure the label is on a single line */ margin: 3px; /* Create some distance away from the input fields */ } input{ padding: 3px; /* Give the text some more space */ border: 1px solid gray; /* Add a border around the input fields */ margin: 3px; /* Create some distance away from the labels */ }
Now that weve made our form, we need to check if the login credentials are correct. I made a few changes to login.php so we can get started:
view plaincopy to clipboardprint?
1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Nettuts.com | Login</title> <link rel="stylesheet" type="text/css" media="All" href="css/style.css" /> </head> <body> <div id="wrap"> <?php mysql_connect("localhost", "paypalUser", "test123") or die(mysql_error()); mysql_select_db("PayPal") or die(mysql_error()); if(isset($_POST['email']) && isset($_POST['password'])){ // Verify }else{ ?> <h3>Login</h3> <p>Please enter your login credentials to get access to the download area</p> <form method="post" action="" > <fieldset> <label for="email">Email:</label><input type="text" name="email" value="" /> <label for="password">Password:</label><input type="text" name="password" value="" /> <input type="submit" value="Login" /> </fieldset> </form> <?php } ?> </div> </body>
39. </html>
The code above will check if email and password are both posted. If true, we can verify the credentials. If not, we return a error. The next code we are going to write will be placed below // Verify. First we need to turn the post variables into local variables.
view plaincopy to clipboardprint?
1. 2.
Ive added an escape function to prevent mysql injection and have transformed the posted password into a md5 hash. Because we did this in our database, we must also hash the users password to compare the two values correctly. Now its time to verify the data.
view plaincopy to clipboardprint?
1. 2. 3. 4.
$email = mysql_escape_string($_POST['email']); $password = md5($_POST['password']); $gUser = mysql_query("SELECT * FROM users WHERE email='".$email."' AND password='".$password."' LIMIT 1") or die(mysql_err or()); $verify = mysql_num_rows($gUser);
5. 6. 7. if($verify > 0){ 8. echo '<h3>Login Complete</h3> 9. <p>Click here to download our program</p>'; 10. }else{ 11. echo '<h3>Login Failed</h3> 12. <p>Sorry your login credentials are incorrect.'; 13. }
As you can see, we are running a mysql query, and are selecting all the data from our user table but only the row where the users email address matches the one from the database. mysql_num_rows checks if a match has been found: 1 = true; 0 = false.
Thats All!
And thats the end of this tutorial. I hope you enjoyed it, and feel free to leave a comment with your thoughts. Have any
tips that might help? Subscribe to the NETTUTS RSS Feed for more daily web development tuts and articles.