Ok so I'm sure a lot of people have already asked this, yet I have not seen any real clear answers. I need to capture a variable that I already have a value for....here is my example:
<?php
$data_p = mysql_query("SELECT * FROM `dreams`") or die(mysql_error());
while($info = mysql_fetch_array( $data_p )) {
<table>
<tr>
<td><?php echo $info['first']; ?> <?php echo $info['last']; ?></td>
<td><?php echo $info['city']; ?> <?php echo $info['state']; ?></td>
<td><?php echo $info['dream']; ?></td>
<td>$<?php echo $info['donation_goal']; ?></td>
<td>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="2HGLK2WGELUNG">
****************<input type="hidden" name="dream_id" value="<?php echo $info['dream_id']; ?>">
<input type="image" src="images/donatebutton.png" id="donate" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
</td>
</tr>
</table
}
This shows as this:
http://www.dreamsurreal.com/images/example.jpg
The line with all of the ** in it is where I'm having trouble.
I created the button in paypal.com but I added the * line in myself.
I need this variable to be passed to paypal so that I when my database is updated through ipn.php. Here is the MYSQL update area for ipn.php:
// add this order to a table of completed orders
$payer_email = mysql_real_escape_string($_POST['payer_email']);
$mc_gross = mysql_real_escape_string($_POST['mc_gross']);
$dream_id = $_POST['dream_id'];
$sql = "INSERT INTO orders VALUES
(NULL, '$txn_id', '$payer_email', '$mc_gross', '$dream_id')";
But for some reason even though I added the $dream_id = $_POST['dream_id'] and also added $dream_id into the INSERT part of the mysql insert, it doesn't insert the actual variable, it just makes it 0.
I hope I made this clear enough for everyone, could I please get a bit of help on how to make this work properly.
Got it working everyone....ok so here is how its done:
Here is our button script without the added variable....
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="2HGLK2WGELUNG">
<input type="image" src="images/donatebutton.png" id="donate" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
Add this line into our form....
<input type="hidden" name="item_number" value="<?php echo $MY_VARIABLE; ?>">
Replace the $MY_VARIABLE with your own variable.
Our new code for our button will look like
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="2HGLK2WGELUNG">
<input type="hidden" name="item_number" value="<?php echo $MY_VARIABLE; ?>">
<input type="image" src="images/donatebutton.png" id="donate" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
After that, in your ipn.php change this area
// add this order to a table of completed orders
$payer_email = mysql_real_escape_string($_POST['payer_email']);
$mc_gross = mysql_real_escape_string($_POST['mc_gross']);
$sql = "INSERT INTO orders VALUES
(NULL, '$txn_id', '$payer_email', '$mc_gross')";
Add these into it (I'm using an integer so I'm just making sure its the right type)
$MY_VARIABLE = (int)$_POST['item_number'];
and
$sql = "INSERT INTO orders VALUES
(NULL, '$txn_id', '$payer_email', '$mc_gross', '$MY_VARIABLE')";
After all of our fixes, this entire area should look like this:
// add this order to a table of completed orders
$payer_email = mysql_real_escape_string($_POST['payer_email']);
$mc_gross = mysql_real_escape_string($_POST['mc_gross']);
$dream_id = (int)$_POST['item_number'];
$sql = "INSERT INTO orders VALUES
(NULL, '$txn_id', '$payer_email', '$mc_gross', '$dream_id')";
I hope this all helps, thank you for your time.
Change
$dream_id = $_POST['dream_id'];
to
$dream_id = (int)$_POST['dream_id'];
If you look closely (and if I remember correctly) there's a dot at the end of PayPal's custom value field. Typecasting the variable to an integer fixes this problem as well as protect against SQL injection. You can read more on typecasting in PHP here.