I have this button:
<button name="pay">BUY FOR 0.50$</button>
when clicked it inserts a payment with $0 paid, the buyer IP and an account detail into DB:
$connect->query("INSERT INTO payments(ip,payed,acc,showed) VALUES('$ip','$payed', '$s', '$h')");
echo '
<form action="https://www.paypal.com/cgi-bin/webscr" id="formsend" method="post" target="_top">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value='.$paypal.'>
<input type="hidden" name="lc" value="US">
<input type="hidden" name="item_name" value="LOL ACC">
<input type="hidden" name="amount" value="0.50">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="custom" value="<?=$ip;?>">
<input type="hidden" name="button_subtype" value="services">
<input type="hidden" name="no_note" value="0">
<input type="hidden" name="bn" value="PP-BuyNowBF:btn_buynowCC_LG.gif:NonHostedGuest">
<input type="submit" name="sub" class="sub" />
</form>
';
?>
<script type="text/javascript">
document.getElementById('formsend').submit(); // SUBMIT FORM
</script>
After that it automatically clicks a new form to go to payment, if Paypal works fine. But then on the IPN the variable custom is not passing the IP address.
This is inside the IPN verified part:
require_once("config/config.php");
$connect = new mysqli($server['database']['host'],$server['database']['username'],$server['database']['password'],$server['database']['db']);
// PAYMENT VALIDATED & VERIFIED!
$ip = $_POST['custom'];
$check = $connect->query("SELECT * FROM payments WHERE ip='$ip' AND payed = 0");
if($check->num_rows){
$connect->query("UPDATE payments SET payed = 1 WHERE ip = '$ip'");
}
I also tried for it to insert a random string, but that doesn't seem to work either. What am I doing wrong?
