This page contains answers to some of the most frequently asked questions by people looking to purchase PHP-SecureArea. This is also a good place to start for those who are having problems with installation.
Use this list to jump to the appropriate answer below:
Do I have to enter anything into the PayPal site to identify the IPN url?
Is PHP installed on my web server and what version do I have?
My pages show fatal errors.
Why do I keep getting error messages about headers already sent?
I keep getting error messages about session_start
I get an open_basedir error message
Do I have to create a new database?
How do I work out the full path to the secure area folders?
How do I backup my PHP-SecureArea site?
Do you host this product?
What knowledge and what facilities do I need?
Can I stop a user from logging in?
Should I user SSL?
What happens if a customer changes their PayPal email address?
Why can't I edit the product item_name ?
Are there issues with re-installing the application?
What do the mySQL error messages mean?
How do I change the language code for PayPal?
I get a 500 Internal Server Error on my protected area
The admin pages keeps on returning to the login screen
Do I have to enter anything into the PayPal site to identify the IPN url?
You do not have to do any configurations on the PayPal site for your account to identify the IPN URL. This is because the IPN URL is part of the data sent to PayPal when the customer clicks on the buy now button.
Is PHP installed on my web server and what version do I have?
Make a new file on your web site called info.php, containing the following text, and call it from your browser:
<?PHP phpinfo() ?>
If nothing happens then you don't have PHP installed.
My pages show fatal errors.
If you see errors like:
Parse error: parse error, unexpected T_VARIABLE in
e:\
Notice: Undefined variable: dbhost in e:\
then it's likely you have left out a semi-colon or ending quote from a line in config.php.
Another reason could be that you have opened config.php in a program like Word to edit it, and saved it as a HTML web page, instead of a proper text file.
Always edit config.php with a text editor such as notepad or an editor designed to edit web pages such as Dreamweaver.
Why do I keep getting error messages about headers already sent?
If you see errors like this:
Warning: Cannot add header information - headers already
sent by (output started at /webfiles/
then you probably have blank lines or spaces after the final ?> in your config.php file. Sometimes text editors add these so you may have to try a different text editor to remove these spaces or blank lines.
I keep getting error messages about session_start
If you see errors like this:
Warning: session_start() [function.session-start]: open(/tmp\
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at c:\
These are all related to PHP failing to save "session" files on your hard disk (in a directory called /tmp). Usually the reason is that you don't have a folder called /tmp on your computer. This is often the case with Windows installations.
The solution is to set the PHP setting for this path to point to a real folder. You can do this in your php.ini file:
session.save_path = C:\temp
I have created a php file to test sessions. This is located in the admin folder at:
http://
I get an open_basedir error message
Your hosting provider or server administrator may have restrictions on which directories can use 'includes'. To check this, log into the administration section of PHP-SecureArea and click on 'PHP info' link in the left hand side menu. This will display your site php info page. Find 'open_basedir' and check if the setting is something other than 'no value'. If it is something other than 'no value' then you might have to install PHP-SecureArea in the directory shown. Check with your hosting provider.
Do I have to create a new database?
You don't have to create a new database if you don't want to. You could install the tables in an existing database providing that the table names do not clash. You can set an optional prefix for table names during installation - this will stop table name clashes.
All of my tables are prefixed with sec_, so providing none of the existing tables have that prefix, there should be no problem.
How do I work out the full path to the secure area folders?
To get the full path, log in to the admin pages and click on the menu item 'PHP Info' and look for SCRIPT_FILENAME. That will give you the full file name of that file you are looking at. From that you should beable to work backwards to the root of your web site or to any other part of your site.
With many applications it is neccessary to find the full path name of a folder and then enter it into the admin area of the
application. absolutepath.zip will help you do this. Download, unzip, and ftp to the location of the page / image / directory
and then call the file in your browser - http://
Click here to download the file absolutepath.zip
Note that the full path name of the folder is not the same as the http url of the folder directory - it will not work.
The full path of the folder looks something like \myserver\
How do I backup my whole SecureArea site?
There are two things you need to make a copy of : the database with its data, the htpwassd files that have the login details. The SecureArea scripts themselves are less important, since you should have the original files and any others you have modified to change the look of your displays.
The database can be easily backed up using the in built back up / restore facility.
Do you host this product?
No, you purchase the application and install it onto your own web server.
What knowledge and what facilities do I need?
Your system must meet the requirements of :
- PHP 7 and 8
- Apache web server or similar.
- An SSL certificate on your web server to use https for communications with PayPal.
- mySQL database version 3.23 or higher.
- Linux or FreeBSD operating system (not Windows) on the web server.
- A Paypal Business or Premier account - sign up here.
- Customers require a validated PayPal account and credit card to be able to set up subscriptions.
- Email functionality on the web server so that the PHP scripts can send out emails to customers.
- If you are looking for a suitable host for you site, I would recommend. the basic web hosting plan from SiteGround.com or Lunarpages.com which have the required features for this application.
The application has been written to make it as easy to install as possible with minimum knowledge of PHP or mySQL. You need to be able to upload the files to your web server and to edit a configuration file with appropriate information.
You will also need to be able to integrate the subscription buttons into your web site.
Can I stop a user from logging in?
If you wish to stop a user with a given email address from logging in, you can do that in the 'manage users' display in the admin section.
Should I use SSL?
If you wish to use SSL to further protect your customer login section and the protected areas then you can.
Using SSL means that the username / passwords that are sent to the web server, and the web pages that are viewed by customers are all encrypted.
You have to make the judgment yourself as to how important security is depending on the type of content that you are protecting. In many situations SSL is probably not really needed. However, if you are particularly concerned about security and have the technical ability to use SSL, then use it.
What happens if a customer changes their PayPal email address?
If someone purchases a recurring subscription and then changes their email address in PayPal, the application will still operate as normal. IPNs sent by PayPal use the email address that was in operation when that subscription was started. The customer will have to continue to log in to the secure area using their original email address. However, notification emails sent by PayPal will use the new Primary email address.
Why can't I edit the product item_name?
You can change the 'item name' of an existing secure area but it is better not to change the 'item number'. The reason is that the IPN from PayPal will use the original item number and so when the subscription is finished PHPSecureArea will not be able to process the secure area properly.
Are there issues with re-installing the application?
If you have to install the application in a different location on your server, you will have problems with existing subscribers because the posting url that the PayPal IPN uses will be the original url.
What do the mySQL error messages mean?
The following is a list of some of the mySQL errors that can occur and which may help if you are having problems connecting to the database.
-
Warning: mysql_connect() [function.mysql-
connect]: Access denied for user: 'USERNAME@localhost' (Using password: YES) in /usr/ home/ ..../ test.php on line 8 Your MySQL username/password is incorrect
-
Access denied for user: 'USERNAME@localhost' (Using password:
YES)
Your MySQL username/password is incorrect
-
Warning: mysql_connect() [function.mysql-
connect]: Unknown MySQL Server Host 'HOSTNAME' (1) in /usr/ home/ ..../ test.php on line 8 Your MySQL hostname is incorrect
-
Could not connect: Unknown MySQL Server Host 'HOSTNAME'
(1)
Your MySQL hostname is incorrect
-
Warning: mysql_connect() [function.mysql-
connect]: Can't connect to local MySQL server through socket '/tmp/ mysql.sock' (2) in /usr/ home/ ...../ test.php on line 8 Your MySQL hostname is incorrect or you do not have the MySQL service started
-
Could not connect: Can't connect to local MySQL server through
socket '/tmp/mysql.sock' (2)
Your MySQL hostname is incorrect or you do not have the MySQL service started
-
Warning: mysql_connect() [function.mysql-
connect]: Can't connect to MySQL server on 'mysql.domain.com' (60) in /usr/ home/ ..../ test.php on line 8 Your MySQL hostname is incorrect or you do not have the MySQL service started
-
Could not connect: Can't connect to MySQL server on
'mysql.domain.com' (60)
Your MySQL hostname is incorrect or you do not have the MySQL service started
How do I change the language code for PayPal?
The language code for the PayPal site is defined in the button using a hidden field.
So for English language use
<input type='hidden' name='lc' value='US' />
Possible values are France(FR), Spain (ES), Italy (IT), Germany (DE), China (CN), English (US).
The customer should then see the login page in the defined language.
To change the language code, go to the file ipnfunction.php open in a text editor and you should see the default language code of
<input type='hidden' name='lc' value='US' />
Change the value to what ever code you require and upload the file back to your server.
I get a 500 Internal Server Error on my protected area
This sometimes happens on some servers and appears to be to do with the way it handles the .htaccess file.
In the htaccess file in the root of the protected area, delete the line:
AuthGroupFile /dev/null
Make sure that you use a text editor like notepad or Dreamweaver and not Word.
The admin pages keeps on returning to the login screen
If you login to the admin pages and then click to go to a different page in the menu it returns to the login screen. This is becuase there is something wrong with your server session variables. The server stores the sessions and for some reason this is not being done correctly. You need to contact your hosting company to sort the problem out.
There is a test at :
http://
Which will attempt to start the sessions. It will show a link that you click and should tell you if the session has been correctly started.