PHP-SecureArea

FAQs

Frequently Asked Questions (FAQ) ....

This page contains answers to some of the most frequently asked questions by people looking to purchase PHP-SecureArea. This is also a good place to start for those who are having problems with installation.

Use this list to jump to the appropriate answer below:

Do I have to enter anything into the PayPal site to identify the IPN url?

Is PHP installed on my web server and what version do I have?

My pages show fatal errors.

Why do I keep getting error messages about headers already sent?

I keep getting error messages about session_start

I get an open_basedir error message

Do I have to create a new database?

How do I work out the full path to the secure area folders?

How do I backup my PHP-SecureArea site?

Do you host this product?

What knowledge and what facilities do I need?

Can I stop a user from logging in?

Should I user SSL?

What happens if a customer changes their PayPal email address ?

Why can't I edit the product item_name ?

Are there issues with re-installing the application ?

What do the mySQL error messages mean ?

Modification for GoDaddy Hosting

How do I change the language code for PayPal ?

I get a 500 Internal Server Error on my protected area

PHP 5.3 depreciated functions

The admin pages keeps on returning to the login screen

Setting a character set

Do I have to enter anything into the PayPal site to identify the IPN url?

You do not have to do any configurations on the PayPal site for your account to identify the IPN URL. This is because the IPN URL is part of the data sent to PayPal when the customer clicks on the buy now button.

Is PHP installed on my web server and what version do I have?

Make a new file on your web site called info.php, containing the following text, and call it from your browser:

<?PHP phpinfo() ?>

If nothing happens then you don't have PHP installed.

My pages show fatal errors.

If you see errors like:

Parse error: parse error, unexpected T_VARIABLE in e:\phpfiles\withinweb\phpsecurearea\config.php on line 13
Notice: Undefined variable: dbhost in e:\phpfiles\withinweb\phpsecurearea\admin\a_setup.php on line 154

then it's likely you have left out a semi-colon or ending quote from a line in config.php.

Another reason could be that you have opened config.php in a program like Word to edit it, and saved it as a HTML web page, instead of a proper text file.

Always edit config.php with a text editor such as notepad or an editor designed to edit web pages such as Dreamweaver.

Why do I keep getting error messages about headers already sent?

If you see errors like this:

Warning: Cannot add header information - headers already sent by (output started at /webfiles/phpsecurearea/config.php:87) in /webfiles/phpsecurearea/index.php on line 322

then you probably have blank lines or spaces after the final ?> in your config.php file. Sometimes text editors add these so you may have to try a different text editor to remove these spaces or blank lines.

I keep getting error messages about session_start

If you see errors like this:

Warning: session_start() [function.session-start]: open(/tmp\sess_d40f380d37d431fc1516e9a895ad9ce0, O_RDWR) failed: No such file or directory (2) in c:\webfiles\phpsecurearea\setup.php on line 123

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at c:\phpsecurearea\eseller\setup.php:1) in c:\webfiles\phpsecurearea\setup.php on line 123

These are all related to PHP failing to save "session" files on your hard disk (in a directory called /tmp). Usually the reason is that you don't have a folder called /tmp on your computer. This is often the case with Windows installations.

The solution is to set the PHP setting for this path to point to a real folder. You can do this in your php.ini file:

session.save_path = C:\temp

I have created a php file to test sessions. This is located in the admin folder at : http://www.yourservername.com/phpsecurearea/admin/a_session_test.php.

I get an open_basedir error message

Your hosting provider or server administrator may have restrictions on which directories can use 'includes'. To check this, log into the administration section of PHP-SecureArea and click on 'PHP info' link in the left hand side menu. This will display your site php info page. Find 'open_basedir' and check if the setting is something other than 'no value'. If it is something other than 'no value' then you might have to install PHP-SecureArea in the directory shown. Check with your hosting provider.

Do I have to create a new database?

You don't have to create a new database if you don't want to. You could install the tables in an existing database providing that the table names do not clash. You can set an optional prefix for table names during installation - this will stop table name clashes.

All of my tables are prefixed with sec_, so providing none of the existing tables have that prefix, there should be no problem.

How do I work out the full path to the secure area folders?

To get the full path, log in to the admin pages and click on the menu item 'PHP Info' and look for SCRIPT_FILENAME. That will give you the full file name of that file you are looking at. From that you should beable to work backwards to the root of your web site or to any other part of your site.

With many applications it is neccessary to find the full path name of a folder and then enter it into the admin area of the application. absolutepath.zip will help you do this. Download, unzip, and ftp to the location of the page / image / directory and then call the file in your browser - http://www.example.com/images/absolutepath.php

Click here to download the file absolutepath.zip

Note that the full path name of the folder is not the same as the http url of the folder directory - it will not work. The full path of the folder looks something like \myserver\www\public_html\eseller\files\

How do I backup my whole SecureArea site?

There are two things you need to make a copy of : the database with its data, the htpwassd files that have the login details. The SecureArea scripts themselves are less important, since you should have the original files and any others you have modified to change the look of your displays.

The database can be easily backed up using the in built back up / restore facility.

Do you host this product?

No, you purchase the application and install it onto your own web server.

What knowledge and what facilities do I need?

Your system must meet the requirements of :

  • PHP 5 or higher
  • Apache web server
  • mySQL database version 3.23 or higher
  • Linux or FreeBSD operating system (not Windows) on the web server
  • A Paypal Business or Premier account - sign up here.
  • Email functionality on the web server so that the PHP scripts can send out emails to customers.
  • If you are looking for a suitable host for you site, I would recommend the basic web hosting plan from LunarPages which has all the required features for this application.

The application has been written to make it as easy to install as possible with minimum knowledge of PHP or mySQL. You need to be able to upload the files to your web server and to edit a configuration file with appropriate information.

You will also need to be able to integrate the subscription buttons into your web site.

Can I stop a user from logging in?

If you wish to stop a user with a given email address from logging in, you can do that in the 'manage users' display in the admin section.

Should I use SSL?

If you wish to use SSL to further protect your customer login section and the protected areas then you can.

Using SSL means that the username / passwords that are sent to the web server, and the web pages that are viewed by customers are all encrypted.

You have to make the judgment yourself as to how important security is depending on the type of content that you are protecting. In many situations SSL is probably not really needed. However, if you are particularly concerned about security and have the technical ability to use SSL, then use it.

What happens if a customer changes their PayPal email address ?

If someone purchases a recurring subscription and then changes their email address in PayPal, the application will still operate as normal. IPNs sent by PayPal use the email address that was in operation when that subscription was started. The customer will have to continue to log in to the secure area using their original email address. However, notification emails sent by PayPal will use the new Primary email address.

Why can't I edit the product item_name ?

You can change the 'item name' of an existing secure area but it is better not to change the 'item number'. The reason is that the IPN from PayPal will use the original item number and so when the subscription is finished PHPSecureArea will not be able to process the secure area properly.

Are there issues with re-installing the application ?

If you have to install the application in a different location on your server, you will have problems with existing subscribers because the posting url that the PayPal IPN uses will be the original url.

What do the mySQL error messages mean ?

The following is a list of some of the mySQL errors that can occur and which may help if you are having problems connecting to the database.

Error message   Possible reasons
Warning: mysql_connect() [function.mysql-connect]: Access denied for user: 'USERNAME@localhost' (Using password: YES) in /usr/home/..../test.php on line 8   Your MySQL username/password is incorrect
     
Access denied for user: 'USERNAME@localhost' (Using password: YES)   Your MySQL username/password is incorrect
     
Warning: mysql_connect() [function.mysql-connect]: Unknown MySQL Server Host 'HOSTNAME' (1) in /usr/home/..../test.php on line 8   Your MySQL hostname is incorrect
     
Could not connect: Unknown MySQL Server Host 'HOSTNAME' (1)   Your MySQL hostname is incorrect
     
Warning: mysql_connect() [function.mysql-connect]: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) in /usr/home/...../test.php on line 8   Your MySQL hostname is incorrect or you do not have the MySQL service started
     
Could not connect: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)   Your MySQL hostname is incorrect or you do not have the MySQL service started
     
Warning: mysql_connect() [function.mysql-connect]: Can't connect to MySQL server on 'mysql.domain.com' (60) in /usr/home/..../test.php on line 8   Your MySQL hostname is incorrect or you do not have the MySQL service started
     
Could not connect: Can't connect to MySQL server on 'mysql.domain.com' (60)   Your MySQL hostname is incorrect or you do not have the MySQL service started

Modification for GoDaddy Hosting

GoDaddy servers require a slight modification to the script because of their security system. In the folder 'ipncommon', remove the existing file 'com_ipnfunctions.php' and change the file name 'com_ipnfunctions_godaddy.php' to 'com_ipnfunctions.php'

How do I change the language code for PayPal ?

The language code for the PayPal site is defined in the button using a hidden field.

So for English language use

<input type='hidden' name='lc' value='US' />

Possible values are France(FR), Spain (ES), Italy (IT), Germany (DE), China (CN), English (US).

The customer should then see the login page in the defined language.

To change the language code, go to the file ipnfunction.php open in a text editor and you should see the default language code of

<input type='hidden' name='lc' value='US' />

Change the value to what ever code you require and upload the file back to your server.

I get a 500 Internal Server Error on my protected area

This sometimes happens on some servers and appears to be to do with the way it handles the .htaccess file.

In the htaccess file in the root of the protected area, delete the line :

AuthGroupFile /dev/null

Make sure that you use a text editor like notepad or Dreamweaver and not Word.


PHP 5.3 depreciated functions

Version PHP 5.3 has a number of functions that are depreciated and earlier versions of PHPeSeller, PHPSecureArea and PHPKeyCodes will display warning messages identifying those depreciated functions when installed on PHP 5.3. It will still work as the functions are still there although they will be removed in PHP 6

To overcome this for earlier versions of the applications, in the error.php file just use

error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);

This will stop the depreciated warning messages being displayed.

The admin pages keeps on returning to the login screen

If you login to the admin pages and then click to go to a different page in the menu it returns to the login screen. This is becuase there is something wrong with your server session variables. The server stores the sessions and for some reason this is not being done correctly. You need to contact your hosting company to sort the problem out.

There is a test at :

http://www.yourservername.com/eseller/admin/a_session_test.php

Which will attempt to start the sessions. It will show a link that you click and should tell you if the session has been correctly started.

Setting a character set

If you are using extended characters in your text you may find that they display as small blocks or as question marks on the page. To overcome this you could add the following to the connect() function in the clsdatalayer.php file in the /classes/ folder.

mysql_set_charset("utf8", $link);

However. this function is only available for version PHP 5.2.3 and above.

Find out more

Pricing :
PHP-SecureArea costs $65 U.S. Dollars. Click here to go to the purchase page for further details.

Demo : To view an on-line demo illustrating the admin pages, click here.
You may also buy a 3-days subscription for $0.01 to a test area to see how the system works.

Enquiries : If you have any questions about the product, go to the contacts page by clicking here.