23
23
// Write user id to paypal table, so the return script knows it's expecting this payment
24
mysql_query("INSERT INTO donation_paypal SET order_time = '".$order_time."', userid = '$userid', item_number=".$item_id.", order_amount = '".mysql_real_escape_string($amount)."'");
24
mysql_query("INSERT INTO donation_paypal SET order_time = '".$order_time."', userid = '$userid', item_number=".$item_id.", order_amount = '".boinc_real_escape_string($amount)."'");
26
26
$payment_id = mysql_insert_id();
28
28
$URL = "www.paypal.com/cgi-bin/webscr";
30
$fields = ("cmd=_xclick&lc=US&business=".PAYPAL_ADDRESS."&quantity=1&item_name=Donation&item_number=".$payment_id."_".$order_time."&amount=".$amount."&no_shipping=1&return=".URL_BASE."donated.php?st=Completed&rm=2&cancel_return=".URL_BASE."donated.php&no_note=1¤cy_code=".$currency."&bn=PP-BuyNowBF");
30
$fields = ("cmd=_xclick&lc=US&business=".PAYPAL_ADDRESS."&quantity=1&item_name=Donation&item_number=".$payment_id."_".$order_time."&amount=".$amount."&no_shipping=1&return=".URL_BASE."donated.php?st=Completed&rm=2&cancel_return=".URL_BASE."/donated.php&no_note=1¤cy_code=".$currency."&bn=PP-BuyNowBF");
32
32
header("Location: https://$URL?$fields");