Ok so I have 3 files, coinbase.php, si.php (callback file), and profile.php.
Profile.php is what contains my CSS and HTML and the payment button. It also holds the custom parameter I need.
Si.php:
<?
require 'db.php';
$data = json_decode(file_get_contents('php://input'), TRUE);
$text = print_r($data,true);
file_put_contents('coinbase.php', $text);
$id = $data['order']['id'];
$status = $data['order']['status'];
$amount = $data['order']['total_btc']['cents'];
$user = $data['order']['custom'];
mysql_query("INSERT INTO `invoices`(`username`, `invoice_id`, `price_in_btc`) VALUES ('$user', '$id', '$amount')");
if($status == 'completed') {
mysql_query("UDPATE `users` SET `gigagold` = `gigagold` + '$amount' WHERE `username` = '$user'");
}
?>
And coinbase.php is the file that receives the decoded JSON data from the callback when a payment is made through the button. BUT, whenever something is in inserted into the DB all the values say NULL or are empty.
I don't see any problems with my code except I'm thinking my queries are in the wrong file?
Thanks.
Related
I have a jQuery which sends data on a button click using jQuery ajax() method, to a php page named 'follow_button'. The 'follow_button' page stores the data obtained from the jQuery, stores it in a variable, and then performs an insert to the database, along with the user id who clicked it. Now, the problem is, I need to extract the user_id of the user using the session variable. But under no circumstances, the page is able to extract the session variable. As a result of which the data sent is stored in the database, but the user_id is set to 0, since the session variable won't work. Here is the extract of the 'follow_button.php' page:
follow_button.php
<?php
session_start();
/* if(isset($_SESSION))
echo "1.session set<br>";
else
echo "1.session not set<br>"; */
include_once "includes/db.php";
include_once "includes/functions.php";
// include_once "includes/init.php";
// include_once "includes/insert_school_name.php";
/* if(isset($_SESSION))
echo "2.session set<br>";
else
echo "2.session not set<br>";
var_dump($_SESSION);
var_dump($_POST); */
$name = $_POST['name'];
$email = $_SESSION['email'];
$id = get_id($email);
insert_school($id, $name);
?>
Note: The functions get_id() and insert_school() are working fine. Also it needs to be mentioned that the page which contains the button, is a wordpress page.
On success, the jQuery script changes the text of the button from 'follow' to 'following'. On button click, the text changes i.e., the call returns a success status. But when I check the database, the $name variable is inserted with the correct value, but the $id variable is inserted with the a value of 0.
Also the session variable works for all pages even the wordpress page containing the button. It just doesn't work for this specific page 'follow_button.php'.
How do I resolve this issue?
Edit: Added get_id() and insert_school() functions
get_id():
function get_id($email) {
global $conn;
$sql = "SELECT id FROM member WHERE email = '$email'";
$result = $conn->query($sql);
$row = $result->fetch_assoc();
return $row["id"];
}
insert_school():
function insert_school($id, $name) {
global $conn;
$sql = "INSERT INTO user_schools (user_id, school_name)
VALUES ('$id', '$name')";
$conn->query($sql);
}
I was wondering how to construct the correct syntax for the if-else statement, or if there's something missing in my code.
<?php
include "../dbcon.php";
session_start();
ob_start();
$sql = mysqli_query($con,"SELECT * FROM clientdocuments WHERE docID = $_POST[docID]");
$rows = mysqli_fetch_array($sql, MYSQLI_ASSOC);
//IF CSS input value is filled
if(!empty($_POST)){
$output = '';
$message = '';
$docID = mysqli_real_escape_string($con, $_POST["docID"]);
$docSIG_Contract = mysqli_real_escape_string($con, $_POST["docSIG_Contract"]);
//I don't get what this "if(isset($_POST["docID"])){" purpose (Sorry very new to php)
if(isset($_POST["docID"])){
if (!empty($docID)) {
$query = "UPDATE clientdocuments(docID, docSIG_Contract) VALUES('$docID', '$docSIG_Contract');"; //UPDATE ONCE docID ALREADY EXIST ON THE DATABASE
} else {
$query = "INSERT INTO clientdocuments(docID, docSIG_Contract) VALUES('$docID', '$docSIG_Contract');"; //INSERT IF THE docID doesn't exist yet
}
$str = mysqli_query($con,$query);
if(!$str){
echo 'FAILED';
}
}else{
header('HTTP/1.1 500 Internal Server Booboo');
header('Content-Type: application/json; charset=UTF-8');
}
}
?>
remove this if statment: if (!empty($docID)) {
Make sure that u send with each post update the "docID" value
if(isset($_POST["docID"])) statement checks to see whether the input with the name docID has a value.
if(!empty($_POST)) I am not sure whether this will work, my guess is that you are trying to check whether the request method is POST (if the save button was clicked). For this I use
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
I would then check to see whether docID has a value ie
(isset($_POST["docID"])) OR (!empty($_POST["docID"]))
Difference between isset and !empty
What's the difference between 'isset()' and '!empty()' in PHP?
If there is a value, $query would be the update statement
If there is no value $query would be the insert statement In this situation don't enter the DocID value (because then it would always be 0 which will also cause errors)
Hope that makes sense!
I have created a certain form for my website that includes a Textarea with formatted text option so that the user can bold, underline, italics but also insert bulleted points and ordered list or even changing the font type and size.
The problem is when the user opts to insert ordered list then click the submit button the information is stored in the server as [ol] enclosed in square brackets which is not appropriate especially when I want to display the information on the website so I was thinking maybe if the information could be stored as enclosed in HTML tags it will make it easier for displaying the information on the website whenever such information is called.
My question is how can I store the information in tags(<>) instead of the ones enclosed in square brackets[]?
here is the code that gets the data from the form I tried to use the htmlspecialchars function but it didn't work.
<?php
session_start();
include 'connect.php';
$servername = $_SERVER['PHP_SELF'];
$username = 'root';
$password = '';
$dbname = 'members';
$tablename = 'jobs';
if (isset($_SESSION['username'])){ $sessionuser =
$_SESSION['username'];}
else if (isset($_SESSION['company'])){$sessionuser =
$_SESSION['company'];}
if(isset($_POST['company_name'])){
$company_name = $_POST['company_name'];
}
else if(isset($_SESSION['company'])){ $company_name = $_POST['company'];
}
$company_website = $_POST['company_website'];
$job_requirement = htmlspecialchars($_POST['job_requirement']);
$location = $_POST['location'];
$job_title = $_POST['job_title'];
$application_email_url = $_POST['application_email_url'];
$application_deadline = $_POST['application_deadline'];
$category = $_POST['category'];
$job_type = $_POST['job_type'];
if($_SERVER['REQUEST_METHOD']){
$sql = "INSERT INTO $tablename (`Company_name`, `Company_website`,
`Job_requirement`, `Location`, `Job_title`, `Application_deadline`,
`Category`, `Job_type`, `username`,`application_email_url`)
VALUE('$company_name', '$company_website', '$job_requirement',
'$location', '$job_title', '$application_deadline', '$category',
'$job_type', '$sessionuser', '$application_email_url')";}
if($conn->query($sql)===TRUE){ print "your job has been posted";}
else{echo "error" .$conn->error;}
?>
Try using htmlspecialchars() on the string to put into the DB, and then, when pulling it back out, use htmlspecialchars_decode(). Might make a difference.
Updated - Code Formatting
I am trying to allow a user to submit a post. So far when a post is submitted it goes into the database with 'post' being empty. For some reason the text is not correctly going into the database but all the other information, such as id, date_added and added_by are correctly submitting. Also when submitting another post, it fails and I get the error, Could not create post. Here is the code:
<?php
if($_SERVER['REQUEST_METHOD'] == 'POST'){
require_once('connect.inc.php');
$post = $_POST['POST'];
$date_added = date("y-m-d");
$added_by = "testuser";
$sql = "INSERT INTO IDEAS VALUES ('', '$post', '$date_added', '$added_by')";
if(mysqli_query($conn, $sql)){
echo "created";
}else{
echo "Could not create post";
}
mysqli_close($conn);
}
?>
Also, this is being used for an android app, how can I fetch the current user that is logged to be assigned to the variable $added_by? Do I call my login.php file in the beginning and use the username variable?
I got the following piece of code in php:
I have a page called post.php which posts successfully all data using jquery. The data that it posts are: $comments_id, $reply and $the_session_user_id as you can see in my code and I can get them successfully. My problem is that my equation if($session_user_id == $the_session_user_id ) is not working. It is like it cannot get $the_session_user_id. How can this be possible, since next it pass it to the table using the mysql statement? If I delete the if($session_user_id == $the_session_user_id ) and not make this choice, it passes succesfully all data to table. Any idea why my if statement not working?
<?php
// $session_user_id is the user id of the session
// the following data posted from a page called post.php wich posts them using jquery succesfully
$comments_id = $_POST['data_comments_id'];
$reply = $_POST['data_reply'];
$the_session_user_id = $_POST['data_session_user_id'];
if(isset($reply) && !empty($reply)){
if($session_user_id == $the_session_user_id ){
mysql_query("INSERT INTO comments_reply VALUES ('', '$comments_id', '$reply', now(), '', '$the_session_user_id') ");
}else{
mysql_query("INSERT INTO comments_reply VALUES ('', '$comments_id', '$reply', now(), '1', '$the_session_user_id') ");
}
}
?>
It doesn't seems like $session_user_id isn't declared/assigned any value. $session_user_id will therefore be 'null'. You must first assign your $_SESSION['your_id_key'] to $session_user_id: $session_user_id = $_SESSION['your_id_key']
You can try to echo both values ($session_user_id and $the_session_user_id) before the if to see wich value they've got assigned:
echo $session_user_id;
echo $the_session_user_id;