PHP中paypal处理的问题

我们有一个网站为我们建立了一个慈善捐款网站通过自由职业者，我们有一些问题的信息更新到数据库

自由职业者建立了这个网站，所有的细节都保存在数据库中一个名为tbl_temp_supporter的表中，然后一旦paypal付款通过，它就会将该行的所有数据移动到一个名为tbl_Ventiation_event的表中

这在90%的情况下有效，但在其他10%的情况下它不会移动数据

这是预付款页面的代码顶部。一旦这是提交它去贝宝

<?php session_start();
require_once("codelibrary/inc/variables.php");
require_once("codelibrary/inc/functions.php");
require_once("codelibrary/inc/create_a_random_password.php");
//validate_user();
//include(FCK_PATH."fckeditor.php");
@extract($_REQUEST);
if($submitform=='yes')
{
if($make!='aa')
{
$mk=$make;
}
else
{
$mk=$other;
}
if($_SESSION['sess_uid']=='')
{
$sql_res=mysql_query("select * from tbl_user where email='$email'");
$sql_res1=mysql_num_rows($sql_res);
if($sql_res1>0)
{
$ss=mysql_fetch_array($sql_res);
session_register("sess_uid");
session_register("sess_username");
session_register("sess_email");
session_register("sess_online_id");
$_SESSION['sess_uid']=$ss['id'];
$_SESSION['sess_email'] = $ss['email'];
}
else
{
mysql_query("insert into tbl_user set user_type=1,email='$email',title='$title',fname='$fname',lname='$lname',address='$address',country='$country',state='$state',city='$city',zipcode='$zipcode',status=1");
$myid=mysql_insert_id();
$password=createRandomPassword();
mysql_query("update tbl_user set password='$password' where id='$myid'");

$admin=mysql_fetch_assoc($sql_admin);
session_register("sess_uid");
session_register("sess_username");
session_register("sess_email");
session_register("sess_online_id");
$_SESSION['sess_uid']=$myid;
$_SESSION['sess_email'] = $email;
$sql_admin=mysql_query("select * from tbl_admin");
$admin=mysql_fetch_assoc($sql_admin);
$sql_admin=mysql_query("select * from tbl_admin");
$admin=mysql_fetch_assoc($sql_admin);
$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From: '.SITE_TITLE.'<mail@domain.com>' . "\r\n";
$subject = "Registration : domain.com";
$message2 = '<strong>Dear '.$fname.',</strong><br><br>You have created account successfully on '.SITE_TITLE.'. <br><br>';
$message2.="<br><br>Your Login Details:<br>Email: $email<br>Password: $password<br>        <br>Thanks<br>Team";
@mail($email, $subject, $message2, $headers);
}
}

mysql_query("insert into tbl_temp_supporter set supporter_id='$sid',event_id='$eid',make='$mk',like4='$like4',donation_date='$donation_date',message='$message',anonymous='$anonymous',giving='$giving',transaction='$transaction',email='$email',title='$title',fname='$fname',lname='$lname',address='$address',country='$country',state='$state',city='$city',zipcode='$zipcode',post_date=now(),period='$period',amount='$amount',user_id='".$_SESSION['sess_uid']."'");
$oid=mysql_insert_id();


?>
<script>
location.href="paypal_supporter.php?ord=<?php echo $oid;?>&amnt1=<?php echo $mk;?>";
</script>
<?php 
}
?>

---

我绝对不建议使用cookies而不是数据库，尤其是在支付处理方面。饼干很容易操作。好的，谢谢。有什么建议吗？有人有什么想法吗？
<?php session_start();
require_once("codelibrary/inc/variables.php");
require_once("codelibrary/inc/functions.php");
require_once('paypal.class.php');
@extract($_REQUEST);
$p = new paypal_class;             // initiate an instance of the class
$p->paypal_url = 'https://www.paypal.com/cgi-bin/webscr';     // paypal url
$sel=mysql_query("select * from tbl_admin");
$data=mysql_fetch_array($sel);  
$custom=$ord;
$total_price=$amnt1;
$oid=$p->ipn_data['custom'];
$this_script = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];

// if there is not action variable, set the default action of 'process'
if (empty($_GET['action'])) $_GET['action'] = 'process';  

switch ($_GET['action']) {

 case 'process':      // Process and order...

  $p->add_field('business', $data['paypal_email']);
  $p->add_field('return', $this_script.'?action=success');
  $p->add_field('cancel_return', $this_script.'?action=cancel');
  $p->add_field('notify_url', $this_script.'?action=ipn');
  $p->add_field('item_name', 'DOMAIN.com');
  $p->add_field('amount', $total_price);
  $p->add_field('custom',$custom);
  $p->submit_paypal_post(); // submit the fields to paypal
  //$p->dump_fields();      // for debugging, output a table of all the fields
  break;
 case 'success':      // Order was successful...

  //echo "<html><head><title>Success</title></head><body><h3>Thank you for your order.</h3>";
 // foreach ($_POST as $key => $value) { echo "$key: $value<br>"; }
 // echo "</body></html>";
  header("location:success_supporter.php");
  exit();

  break;

case 'cancel':       // Order was canceled...

  // The order was canceled before being completed.

  echo "<html><head><title>Canceled</title></head><body><h3>The order was canceled.</h3>";
  echo "</body></html>";

  break;

  case 'ipn':          // Paypal is calling page for IPN validation...

  if ($p->validate_ipn()) {

     // For this example, we'll just email ourselves ALL the data.
     $subject = 'Instant Payment Notification - Recieved Payment';
     $to = 'mail@domain.com';    //  your email
     $body =  "An instant payment notification was successfully recieved\n";
     $body .= "from ".$p->ipn_data['payer_email']." on ".date('m/d/Y');
     $body .= " at ".date('g:i A')."\n\nDetails:\n";

     foreach ($p->ipn_data as $key => $value) { $body .= "\n$key: $value"; }
     @mail($to, $subject, $body);
      $oid=$p->ipn_data['custom'];
     if($oid){
$sql=mysql_query("select * from tbl_temp_supporter where id='$oid'");
    $line=mysql_fetch_array($sql);
    mysql_query("insert into tbl_donation_event set make='".$line['make']."',like4='".$line['like4']."',donation_date='".$line['donation_date']."',message='".$line['message']."',anonymous='".$line['anonymous']."',giving='".$line['giving']."',transaction='".$line['transaction']."',email='".$line['email']."',title='".$line['title']."',fname='".$line['fname']."',lname='".$line['lname']."',address='".$line['address']."',country='".$line['country']."',state='".$line['state']."',city='".$line['city']."',zipcode='".$line['zipcode']."',post_date='".$line['post_date']."',period='".$line['period']."',amount='".$line['amount']."',supporter_id='".$line['supporter_id']."',event_id='".$line['event_id']."',status=1,user_id='".$line['user_id']."'");
    $myid=mysql_insert_id();
    $dn=mysql_query("select * from tbl_donation_event where id='$myid'");
    $fdn=mysql_fetch_array($dn);
    $et=mysql_query("select * from tbl_supporter where id='".$fdn['supporter_id']."'");
    $fet=mysql_fetch_array($et);
    $us=mysql_query("select * from tbl_user where id='".$fet['user_id']."'");
    $fus=mysql_fetch_array($us);
    $sql_admin=mysql_query("select * from tbl_admin");
    $admin=mysql_fetch_assoc($sql_admin);
    $headers  = 'MIME-Version: 1.0' . "\r\n";
    $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
    $headers .= 'From: DOMAIN <mail@domain.com>' . "\r\n";
    $subject = "Payment : donaub.com";
    $message = '<html>
<head>
<title>TITLEe</title></head><body>
<table width="100%" style="background:#F0F8FF;"><tr><td>&nbsp;</td></tr><tr><td><table width="80%" style="margin-left:auto; margin-right:auto;"><tr><td width="100%" style="background:#FFF; border:medium #03C solid;"><img src="http://www.domain.com/logo.gif"/>
    <p style="margin-left:10px; margin-right:10px;"><strong>Dear Admin,</strong></p>
<p style="margin-left:10px; margin-right:10px;">A new payment of <strong>$'.$fdn['make'].'</strong> for <strong>'.$fus['fname'].' '.$fus['lname'].' </strong>has been  has been recieved from <strong>'.$fdn['fname'].'&nbsp;'.$fdn['lname'].' testing '.$p->ipn_data['payer_email'].'</strong></p>
    <p style="margin-left:10px; margin-right:10px;">Email:&nbsp;<strong>'.$fdn['email'].'</strong></p>
    <p style="margin-left:10px; margin-right:10px;">They left the following message:<br><strong>'.$fdn['message'].'</strong></p>
    <p style="margin-left:10px; margin-right:10px;">Please copy the following link into your browser to view the donation receipt.</p> 
    <p style="margin-left:10px; margin-right:10px;">&nbsp;</p>
    <p style="margin-left:10px; margin-right:10px;">www.raiseforcause.com/edonation_detail.php?did='.$fdn['id'].'</p>
    <p>&nbsp;</p></td></tr><tr>
      <td><table width="100%"><tr><td><img src="http://www.domain.com/twitter.png" /><img src="http://www.domain.com/facebook.png" /></td><td><a style="text-decoration:none; color:#F60; text-align:center;" href="http://www.domain.com.au"> Built by</a></td></tr></table></td></table></tr></table></td></tr><tr><td>&nbsp;</td></tr></table>
</body>
</html>';

    $email=$admin['email'];
    @mail($email, $subject, $message, $headers);

$headers1  = 'MIME-Version: 1.0' . "\r\n";
    $headers1 .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
    $headers1 .= 'From: '.SITE_TITLE.'<mail@domain.com>' . "\r\n";
    $subject1 = "Payment : domain.com";
    $message1 = '<strong>&nbsp;Dear '.$fus['fname'].',</strong><br>You have received a new donation of <strong>$'.$fdn['make'].'</strong> from <strong>'.$fdn['fname'].'&nbsp;'.$fdn['lname'].'.</strong><br>
    <br>Email:&nbsp;<strong>'.$fdn['email'].'</strong>
    <br> They left the following message is:<br><strong>'.$fdn['message'].'</strong><br><br>
    Keep up the good work!';
    $message1.="<br><br>Thanks<br>Team";
    $emails=$fus['email'];
    @mail($emails, $subject1, $message1, $headers1);


        $headers2  = 'MIME-Version: 1.0' . "\r\n";
    $headers2 .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
    $headers2 .= 'From: '.SITE_TITLE.'<mail@domain.com>' . "\r\n";
    $subject2 = "Thank you for your donation";
    $message2 = '<strong>Dear '.$fdn['fname'].'&nbsp;'.$fdn['lname'].',</strong><br>Your payment was a success. <br><br>Thank you for supporting the.<br><br>Please copy the following link into your browser to view your donation receipt. <BR><BR>www.domain.com/edonation_detail.php?did='.$fdn['id'].'';
    $message2.="<br><br>Team";
    $email2=$fdn['email'];
    @mail($email2, $subject2, $message2, $headers2);


      }

  }
  break;
 }     

?>