0
votes

I have a bunch of data being sent to the paypal gateway through hidden input fields. However, I would like to parse the data from the form into my database WHILE the user is sent to the PayPal payment system. I have the following PHP blocks to echo out the PayPal button, but am having trouble including a "type='submit'" input field to parse the form data. Once a user clicks the PAyPal button, the form data is not being sent to my database. How can I go about sending the form data to my database once the user clicks the PayPal button?

<?php 
//////////////////////////////////////////////////////////////////////////////
//       Section 5 (render the cart for the user to view on the page)       //
//////////////////////////////////////////////////////////////////////////////
$cartOutput = "";
$cartTotal = "";
$pp_checkout_btn = '';
$product_id_array = '';
if (!isset($_SESSION["cart_array"]) || count($_SESSION["cart_array"]) < 1){
	$cartOutput = "<h2 align='center'>Your shopping cart is empty</h2>";
} else{
	//Start PayPal Checkout Button
	$pp_checkout_btn .= '<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
	<input type="hidden" name="cmd" value="_cart">
	<input type="hidden" name="upload" value="1">
	<input type="hidden" name="business" value="[email protected]">';
	//Start the For Each loop
	$i = 0;
	foreach($_SESSION["cart_array"] as $each_item){
		$item_id = $each_item['item_id'];
		$sql = mysql_query("SELECT * FROM products WHERE id='$item_id' LIMIT 1");
		while ($row = mysql_fetch_array($sql)){
			$product_name = $row["product_name"];
			$price = $row["price"];
			$details = $row["details"];
		}
		$pricetotal = $price * $each_item['quantity'];
		$cartTotal = $pricetotal + $cartTotal;

		setlocale(LC_MONETARY, "en_US");
		$pricetotal = money_format("%10.2n", $pricetotal);
		//Dynamic Checkout Btn assembly
		$x = $i + 1;
		$pp_checkout_btn .= '<input type="hidden" name="item_name_' . $x . '" value="' . $product_name . '">
		<input type="hidden" name="amount_' . $x . '" value="' . $price . '">
		<input type="hidden" name="quantity_' . $x . '" value="' . $each_item['quantity'] . '"> ';
		//Create the product array variable
		$product_id_array .= "$item_id-".$each_item['quantity'].",";
		//Dynamic table row assembly
		$cartOutput .= '<tr style="border-top: none">';
		$cartOutput .= '<td><img src="inventory_images/' . $item_id . '.jpg" alt="' . $product_name . '" width="52" height="40"/><br /><a href="product.php?id=' . $item_id . '">' . $product_name . '</a></td>';
		$cartOutput .= '</tr>';
		$i++;
	}
	setlocale(LC_MONETARY, "en_US");
	$cartTotal = money_format("%10.2n", $cartTotal);
	$cartTotal = "<div style='font-size:18px; margin-top:12px; color: black' align='right'><strong>Cart Total : ".$cartTotal." USD </strong></div>";
	//Finish the Paypal Checkout Btn
	$pp_checkout_btn .= '<input type="hidden" name="custom" value="' . $product_id_array . '">
	<input type="hidden" name="notify_url" value="https://www.hyperesale.com/storescripts/paypalipn.php">
	<input type="hidden" name="return" value="https://www.hyperesale.com/checkout_complete.php">
	<input type="hidden" name="rm" value="2">
	<input type="hidden" name="cbt" value="Return to The Store">
	<input type="hidden" name="cancel_return" value="https://www.hyperesale.com/home/index.php">
	<input type="hidden" name="lc" value="US">
	<input type="hidden" name="currency_code" value="USD">
	<input type="image" src="https://www.paypalobjects.com/webstatic/en_US/i/buttons/checkout-logo-large.png" name="submit" alt="Make payments with PayPal - its fast, free and secure!" width="280vw" height="60vh">
	</form>
	';
}
?>
<?php
// Parse the form data and add inventory item to the system
if(isset($_POST['fName'])){

        $id = mysql_real_escape_string($_POST['id']);
    $fName = mysql_real_escape_string($_POST['fName']);
    $lName = mysql_real_escape_string($_POST['lName']);
    $address = mysql_real_escape_string($_POST['address']);
    $city = mysql_real_escape_string($_POST['city']);
    $state = mysql_real_escape_string($_POST['state']);
    $zipCode = mysql_real_escape_string($_POST['zipCode']);
    $pNumber = mysql_real_escape_string($_POST['pNumber']);
    $SHIPPINGfName = mysql_real_escape_string($_POST['SHIPPINGfName']);
    $SHIPPINGlName = mysql_real_escape_string($_POST['SHIPPINGlName']);
    $SHIPPINGaddress = mysql_real_escape_string($_POST['SHIPPINGaddress']);
    $SHIPPINGcity = mysql_real_escape_string($_POST['SHIPPINGcity']);
    $SHIPPINGstate = mysql_real_escape_string($_POST['SHIPPINGstate']);
    $SHIPPINGzipCode = mysql_real_escape_string($_POST['SHIPPINGzipCode']);
    $SHIPPINGpNumber = mysql_real_escape_string($_POST['SHIPPINGpNumber']);
    $cardType = mysql_real_escape_string($_POST['cardType']);
    $cardName = mysql_real_escape_string($_POST['cardName']);
    $cardNumber = mysql_real_escape_string($_POST['cardNumber']);
    $expireDate = mysql_real_escape_string($_POST['expireDate']);
    $securityCode = mysql_real_escape_string($_POST['securityCode']);
    $email = mysql_real_escape_string($_POST['email']);

    //Add this product into the database now
    $sql = mysql_query("INSERT INTO checkoutInfo (id, fName, lName, address, city, state, zipCode, pNumber, SHIPPINGfName, SHIPPINGlName, SHIPPINGaddress, SHIPPINGcity, SHIPPINGstate, SHIPPINGzipCode, SHIPPINGpNumber, cardType, cardName, cardNumber, expireDate, securityCode, email)
        VALUES('$id','$fName','$lName','$address','$city','$state','$zipCode','$pNumber','$SHIPPINGfName','$SHIPPINGlName','$SHIPPINGaddress','$SHIPPINGcity','$SHIPPINGstate','$SHIPPINGzipCode','$SHIPPINGpNumber','$cardType','$cardName','$cardNumber','$expireDate','$securityCode','$email'") or die (mysql_error());
    $pid = mysql_insert_id();
}
?>
1

1 Answers

0
votes

I'm not sure what's going on in your code since you don't show where $_POST['cardNumber'] etc are coming from. But anway, you can't POST to the paypal server and to your server at the same time to update your DB. You can do something like:

1) POST to a script on your server where you verify the data and update your database, and output a page that contains the form above and submit the form on load, something like onload="javascript:document.myform.submit()"

2) Do some AJAX thing to POST to your server when user clicks a button, and then submit the form.

Let me know if that makes sense.