【发布时间】:2015-07-25 04:56:48
【问题描述】:
我对 PHP 编码还是很陌生,虽然我做了一些研究(大量研究),但我似乎看不出我的查询语句存在问题。似乎有很多方法可以编写查询,我有点迷失在这里。请注意,我可能没有最好的 php 编码技术。我也尝试了 Msqli 准备/执行语法,但什么也没发生,我收到错误消息,甚至没有输入我的 if 语句来检查修改的行数,所以我可能会坚持执行的当前语法并记录我的 SuccessDB.log 和 FailDB.log。至少我知道它会尝试这样做。
在我的应用程序中,我有一个 Paypal IPN 侦听器页面。 Paypal 发送请求后,我可以处理它,但只能处理一半。有一次,我验证了所有 IPN 变量都正常并且付款已完成并验证,我需要更新我数据库中的发票表。这是失败的最终处理更新。
我已经连续两天尝试各种代码/查询,现在我不知所措。帮助将不胜感激。
有问题的 UPDATE 语句(摘自整个代码):
$sql2 = "UPDATE payment_invoice SET p_user_name='$full_name', p_user_address='$address_and_state', p_user_postalcode='$address_zip', p_user_country='$address_country', p_datetime='$dateConverted', p_payment_completed='$p_payment_completed', p_user_email='$payer_email', p_paypal_txn_id='$txn_id' WHERE p_unique_invoice_id='$item_number'";
if ($conn->query($sql2) === TRUE) {
error_log(date('[Y-m-d H:i e] ') ."\r\n". "RECORDS UPDATED", 3, "./SuccessDB.log");
} else {
error_log(date('[Y-m-d H:i e] ') ."\r\n". "FAILED UPDATE", 3, "./FailDB.log");
}
$conn->close();
宇宙的所有细节(完整/部分代码):
<?php
$host="localhost"; // Host name
$username="myusername"; // Mysql username
$password="mypass"; // Mysql password
$db_name="mydbname"; // Database name
$conn = null;
//Connect to server and select database.
$conn = new mysqli($host, $username, $password, $db_name);
if ($conn->connect_errno) {
error_log($conn->connect_errno, 3, "error_log.txt");
}
//**ADD CURL CODE HERE**
//CURL code to catch paypal IPN request and Code to post validate back to paypal
//I will skip this lenghty code, as the problem doesn't occur here
$tokens = explode("\r\n\r\n", trim($res));
$res = trim(end($tokens));
if (strcmp ($res, "VERIFIED") == 0) {
//Initialize variables/Post variables
$payment_status = $_POST['payment_status'];
$transactionOK = false;
$p_total_amount = 0;
$p_payment_completed = 0;
$receiver_email = $_POST['receiver_email'];
$txn_id = $_POST['txn_id'];
if ($_POST['mc_gross'] != NULL){
$payment_amount = floatval ($_POST['mc_gross']);
}
else{
$payment_amount = floatval ($_POST['mc_gross1']);
}
$item_number = $_POST['item_number'];
$payment_currency = $_POST['mc_currency'];
$reason_code = $_POST['reason_code'];
$pending_reason = $_POST['pending_reason'];
$payment_type = $_POST['payment_type'];
$payer_id = $_POST['payer_id'];
$payer_status = $_POST['payer_status'];
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$full_name = $first_name." ".$last_name;
$address_zip = $_POST['address_zip'];
$address_country = $_POST['address_country'];
$address_state = $_POST['address_state'];
$address_street = $_POST['address_street'];
$address_and_state = $address_street.", ".$address_state;
$payer_email = $_POST['payer_email'];
//Represent the unique random ID we created on click of buy button
$item_number = $_POST['item_number'];
date_default_timezone_set('PST');
$payment_date = $_POST['payment_date'];
$dateTime = strtotime($payment_date);
$dateConverted = date('Y-m-d H:i:s', $dateTime);
$query = null;
$query_update = null;
$statement = null;
$statement_update = null;
$p_paypal_txn_id = "";
$res = null;
$results_update = null;
$nrows = null;
//Check to see if payment amount is higher than regular price of item
//We do this to detect if a user/hacker tried to tamper with page variables and try to buy
if($payment_amount > "21.95"){
//Check to see if payment is Completed, if payment type is instant and if currency is Canadian dollar
if($payment_status == "Completed" && $payment_type == "instant" && $payment_currency == "CAD"){
//THIS STATEMENT WORKS, THE CODE ENTERS THE ELSE STATEMENT AS INTENDED
//Check to see if the transaction ID has already been processed in my database
$sql = "SELECT * FROM payment_invoice WHERE p_paypal_txn_id=$txn_id";
if ($conn->query($sql) === TRUE) {
error_log(date('[Y-m-d H:i e] ') ."\r\n". "TNX EXIST", 3, "./TnxAlreadyExist.log");
}
} else {
try{
$p_payment_completed = 1;
//This is the problematic statement
$sql2 = "UPDATE payment_invoice SET p_user_name='$full_name', p_user_address='$address_and_state', p_user_postalcode='$address_zip', p_user_country='$address_country', p_datetime='$dateConverted', p_payment_completed='$p_payment_completed', p_user_email='$payer_email', p_paypal_txn_id='$txn_id' WHERE p_unique_invoice_id='$item_number'";
if ($conn->query($sql2) === TRUE) {
error_log(date('[Y-m-d H:i e] ') ."\r\n". "RECORDS UPDATED", 3, "./SuccessDB.log");
} else {
error_log(date('[Y-m-d H:i e] ') ."\r\n". "FAILED UPDATE", 3, "./FailDB.log");
}
$conn->close();
}
catch(Exception $e){
error_log(date('[Y-m-d H:i e] ') ."\r\n". "FAILED UPDATE".$e->getMessage(), 3, "./FailDBMSG.log");
}
}
$conn->close();
}
}
}
else if (strcmp ($res, "INVALID") == 0) {
// log for manual investigation
// Add business logic here which deals with invalid IPN messages
if(DEBUG == true) {
error_log(date('[Y-m-d H:i e] '). "Invalid IPN: $req" . PHP_EOL, 3, LOG_FILE);
}
}
?>
数据库详情:
p_user_name = varchar(800) / string
p_user_address = varchar(4000) / string (I know it's a lot of chars..)
p_user_postalcode = varchar(50) / string
p_user_country = varchar(500) / string
p_datetime = datetime
p_payment_completed = tinyint / boolean 1/0
p_unique_invoice_id = varchar(25) / string
p_user_email = varchar(100) / string
p_paypal_txn_id = varchar(50) / string
【问题讨论】:
-
你是在数据库中得到你的错误行,还是成功的?您是否尝试过回显 SQL 并将其直接输入到数据库中以查看它是否有效?
$conn->error()报告什么? -
哦,男孩,甚至没有想过 $conn->error().. 多么笨拙,会尽快回复你。睡得不多,所以,你知道的
-
好吧..那倒是怎么说呢..尴尬。首先,在我做了所有这些不同的尝试之后,我忘记了一个变量,我试图在其中将日期/字符串解析为日期时间,并将一个甚至不再存在的变量作为参数。如果你问我,那就太愚蠢了。其次,我急于尽快获得预期结果,我忘记考虑浏览器/服务器缓存,这可能需要一些时间来处理我在帖子中添加的代码,而它现在似乎已经完全正常运行了..
-
我们都做过类似的事情——没有什么好尴尬的!
-
在这种情况下,我猜万岁,但上帝让我感觉很笨拙。男孩,我真的需要睡觉吗?但是感谢您抽出时间来帮助我
标签: php mysql paypal paypal-ipn