Solved

Where to add affiliate code to paypal payment code

Posted on 2009-07-11
6
382 Views
Last Modified: 2013-12-13
Hola!

I have a query re my paypal processing code. I used to use simple buttons to push the info to paypal, paypal the returned the info to ipn.php which was a cURL script posting to two seperate ipn's, the payment system and the affiliate system.

All the affiliate system needs is to track is this
<input type="hidden" name="custom" value="<?PHP echo $_SERVER['REMOTE_ADDR']; ?>">

this tracks the affiliate url the client was sent from, i.e. www.mysite.com/23453

I dont want to delve into the realms of the affilaite software as its way too complex, suffice to say all it needs is the variable above posting to it via ipn.

The problem I have is that I no longer use a standard button, I use a final payment page which calls upon 2 config files containing what would generally be a button and the posts it to paypal.

I don't know where to include the <input type="hidden" name="custom" value="<?PHP echo $_SERVER['REMOTE_ADDR']; ?>">

I've attached the code, I;m sure its something easy but I;m a little lost.

AddPickFinal is the final payment page where the code commences
Process is the next page the user is sent to which collects configinc and globslconfig and the autoredirects to paypal
process.txt
globalconfiginc.txt
configinc.txt
final.txt
0
Comment
Question by:mlynch1985
  • 2
6 Comments
 
LVL 108

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 24834376
For future reference, please post code in the code snippets instead of in files - it makes it MUCH easier to see and understand the code, plus the line numbers are consistent and available.  

Also, you might want to hire a knowledgeable developer ASAP to clean up this code.  Upon reading "final.txt" it is obvious that your data base could easily be destroyed if a hacker wanted to put phony values into the URL get string.  There are serious timebombs in these scripts (I note that some of it dates from 2004) and the Community of Evil has learned a lot about how to attack PHP scripts since then.  Forewarned is forearmed.

On line 100 of "final.txt" there is a form that posts to action="/process.php" with this:
<input type="hidden" name="custom" value="<?PHP echo $_SERVER['REMOTE_ADDR']; ?>">

On line 48 of "configinc.txt" there is this:
$paypal[custom]="$_POST[custom]";

After the "include" statement at line 19 of "process.txt", the variable $paypal["custom"] is loaded with the value of whatever was present in $_SERVER["REMOTE_ADDR"] from "final.txt"

Line 26 of "globalconfiginc.txt" contains this:
$array_name[custom]=$_POST['custom'];

Line 223 of "globalconfiginc.txt" contains this:
<input type="hidden" name="custom" value="<?=$paypal[custom_field]?>">

Since "custom_field" is not the same variable as "custom" it would appear that you need to change line 223 to use a value of $paypal["custom"].

You can use var_dump() to print out the contents of variables.  For example,

var_dump($paypal);

... will show you what is in that array.

HTH, and best of luck with your project, ~Ray
0
 

Author Comment

by:mlynch1985
ID: 24834490
Hi Ray,

Many thanks for your input. It think I need to hire a developer as there are about 3 things I need doing and none of which I seem to be able to sort myself!

Cheers,

Matt
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 24834546
Hi, Matt.  Having an expert is usually a good plan!  Reminds me of the old joke about the engineer who pushed a button and charged the client $1,000.  When asked for an itemized bill, he replied:

Pushing button: $1.
Knowing which button to push: $999.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

SASS allows you to treat your CSS code in a more OOP way. Let's have a look on how you can structure your code in order for it to be easily maintained and reused.
JavaScript has plenty of pieces of code people often just copy/paste from somewhere but never quite fully understand. Self-Executing functions are just one good example that I'll try to demystify here.
The purpose of this video is to demonstrate how to update a WordPress Site’s version. WordPress releases new versions of its software frequently and it is important to update frequently in order to keep your site secure, and to get new WordPress…
The purpose of this video is to demonstrate how to set up an RSS Feed on a WordPress Website. This will be demonstrated using a Windows 8 PC. Feedburner will be used for this demonstration. Go to your WordPress login page. This will look like the…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now