On a web site I'm using, the php credit script succeeds when, upon a return from paypal, purchased credits are added to the users account. However, the return location is a success page that has a "click here to return to the home page" link. If a user stays on that success page and refreshes the page, the amount of credits purchased keeps adding that amount to the users account, upon every refresh (without paying for those extras credits). Rather than find someone to modify the script, I thought one solution might be to add something so that the page never appears and somehow the "click here to return to the home page" link automatically re-directs the successful purchaser to the home page, so he doesn't have the chance to refresh the success page. Is this a sound solution? Can you suggest what might be nedded to accomplish this? Or suggest a better solution?
Add the following line (remember that headers must be sent before any other output) header("Location: http://location.us"); PHP:
When the payment details are sent back from paypal, there's usually something like an order number or even the paypal transaction number, assuming you store something unique in your database about the transaction, then you should add a check " if (order_exists) {statement or } else { add the credits } something like this: $order_exists = mysql_query("SELECT order_number FROM table WHERE order_number='$number';") or die(mysql_error()); if(mysql_num_rows($order_exists) == 1) { echo "Credits already added, thank you for shopping"; } else { // your add (insert) credits code goes here } PHP: