This page contains answers to some of the most frequently asked questions by people looking to purchase PHP-eSeller. This is also a good place to start for those who are having problems with installation.
Use this list to jump to the appropriate answer below:
Do I have to enter anything into my PayPal account to identify the IPN url?
Is PHP installed on my web server and what version do I have?
My pages show fatal errors.
Why do I keep getting error messages about headers already sent?
I keep getting error messages about session_start
I get an open_basedir error message
Can I Send email from a Windows server?
Do I have to create a new database?
How do I work out the full path to the digital files folder?
How do I protect my digital files?
Why do the mp3 preview clips not make any sound?
Things to check if the email with username / password does not come through
Can I integrate the application into a CMS?
How do I backup my eSeller site?
Is there a shop cart system?
Does the shop cart handle physical and digital items at the same time?
How do I use the template cache system?
Does it handle PayPal echecks which may take days to clear?
How do I change the items per page in the cart display?
What is force-download rather than a link?
What file types can be handled by the application?
Is there a maximum file size that can be downloaded?
Do you host this product?
What are the principles of the search system in the templates?
What knowledge and what facilities do I need?
Can I ban a user from logging in?
Do I need cookies enabled in the browser?
What do the admin emails mean?
What do the mySQL error messages mean?
How do I change the language code for PayPal?
PHP 5.3 depreciated functions
The admin pages keeps on returning to the login screen
How do I secure a Windows folder
Setting a character set
All you have to do on your PayPal account is to enable IPN and then put the PHP-eSeller confirm url into the PayPal IPN url. If this has already been set to a different url for use with another application, you do not have to modify it because the IPN url for PHP-eSeller is part of the data sent to PayPal when the customer clicks on the buy now button.
If you have set any IPN settings on your PayPal site, they will be overridden by the settings sent from eSeller.
Make a new file on your web site called info.php, containing the following text, and call it from your browser:
<?php phpinfo() ?>
If nothing happens then you don't have PHP installed.
If you see errors like:
Parse error: parse error, unexpected T_VARIABLE in
e:\phpfiles\withinweb\eSeller\config.php on line 13
Notice: Undefined variable: dbhost in e:\phpfiles\withinweb\eSeller\admin\a_setup.php on line 154
then it's likely you have left out a semi-colon or ending quote from a line in config.php.
Another reason could be that you have opened config.php in a program like Word to edit it, and saved it as a HTML web page, instead of a proper text file.
Always edit config.php with a text editor such as notepad or an editor designed to edit web pages such as Dreamweaver.
If you see errors like this:
Warning: Cannot add header information - headers already sent by (output started at /webfiles/eSeller/config.php:87) in /webfiles/eSeller/index.php on line 322
then you probably have blank lines or spaces after the final ?> in your config.php file. Sometimes text editors add these so you may have to try a different text editor to remove these spaces or blank lines.
If you see errors like this:
Warning: session_start() [function.session-start]: open(/tmp\sess_d40f380d37d431fc1516e9a895ad9ce0, O_RDWR) failed: No such file or directory (2) in c:\webfiles\eSeller\setup.php on line 123 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at c:\webfiles\eSeller\setup.php:1) in c:\webfiles\eSeller\setup.php on line 123
These are all related to PHP failing to save "session" files on your hard disk (in a directory called /tmp). Usually the reason is that you don't have a folder called /tmp on your computer. This is often the case with Windows installations.
The solution is to set the PHP setting for this path to point to a real folder. You can do this in your php.ini file:
session.save_path = C:\temp
I have created a php file to test sessions. This is located in the admin folder at :
Your hosting provider or server administrator may have restrictions on which directories can use 'includes'. To check this, log into the administration section of PHP-eSeller and click on 'PHP info' link in the left hand side menu. This will display your site php info page. Find 'open_basedir' and check if the setting is something other than 'no value'. If it is something other than 'no value' then you might have to install PHP-eSeller in the directory shown. Check with your hosting provider.
If a user is getting this error message on the screen when trying to download a file via the Download Link (i.e. after a sale), the open_basedir setting is preventing the PHP script from writing a temporary file that's needed for the download to happen. The solution is to have your server administrator or hosting provider change the open_basedir setting to 'no value'.
The best way to send email from a Windows server is to use smtp. The smtp settings are set the an admin screen of PHP-eSeller. Once set, all emails from the application will be sent using smtp.
You don't have to create a new database if you don't want to. You could install the tables in an existing database providing that the table names do not clash. When you install the application you can set an optional prefix for table names - this will stop table name clashes.
All of the tables are prefixed with ipn_, so providing none of the existing tables have that prefix, there should be no problem.
To get the full path, log in to the admin pages and click on the menu item 'PHP Info' and look for SCRIPT_FILENAME. That will give you the full file name of that file you are looking at. From that you should beable to work backwards to the root of your web site or to any other part of your site.
With many applications it is neccessary to find the full path name of a folder and then enter it into the admin area of the application. absolutepath.zip will help you do this. Download, unzip, and ftp to the location of the page / image / directory and then call the file in your browser - http://www.example.com/images/absolutepath.php
Note that the full path name of the folder is not the same as the http url of the folder directory - it will not work. The full path of the folder looks something like \myserver\www\public_html\eseller\files\
The best way to protect digital files is to place them outside the root of your web site. However, some hosts do not allow this, but you can protect your files by placing an .htaccess file into the folder. An example .htaccess file is located in the 'files' folder within the distribution zip.
This usually happens when you put the mp3 clips in the same folder as the digital files that you are going to sell. As the folder which contains the digital files is protected, the mp3 clips will not work. You need to place the mp3 clips in a different folder that is not protected and which can be publicly accessed from the internet.
When you have completed the set up of PHP-eSeller, here are a few pointers which you should check if emails are not being sent out after a purchase.
There should be no problem in placing 'buy now', 'add to cart', or 'view cart' buttons onto pages created by a CMS. This can be done by creating the buttons by hand as described in the buttons page and shopping cart page.
There are two things you need to make a copy of : the database with its data and the uploaded files. The PHP-eSeller scripts themselves are less important, since you should have the original files and any others you have modified to change the look of your displays.
The database can be easily backed up using the in built back up / restore facility in the SQL administration system on your hosting server.
Yes. There is a shopping cart system where clicking on 'Add to Cart' accumulates the selected items into a cart.
Yes. You may add a physical item and a digital item to the same cart and purchase them at the same time.
If someone purchases with an eCheck, you will receive an email saying that a purchase has been made, but at that point, as the check has not cleared, the customer will not get their login details. When the eCheck has cleared, the payment process continues and the customer will receive their login details.
To provide greater security, the files are downloaded by force-download which means that no matter what the file type, a save-as dialog box will be displayed to the user.
Normally, if you click on a link to a Microsoft Word document and you have Word installed on your computer, the document will open within the browser window. With force-download, the save as dialog box will be displayed allowing you to select a location for the file on your computer.
This method makes it clearer for the user who may not understand why a file is opening within the browser. It also means that the file itself can be placed outside the root of the web site and hence it can only be downloaded via the program and not by an href link.
I have tested the force download method on as many Operating Systems and Browser combinations as possible.
However, it is not really possible to do the tests on every combination, simply because I don't have access to every browser and every OS.
I have tested it in various combinations where available of IE, Opera, Chrome and FireFox on Windows. I have also tested it on Mac with FireFox and Safari which all work correctly.
On the web, there are descriptions which suggest that file types : BMP, DAT, GIF, HTML, JPG, PDF, TXT may not force-download correctly on early browsers - IE 4 and before but it is unlikely that you will come across those being used now.
You should have no trouble with mpeg, mp3, doc, xls, pdf etc which should all work OK, particularly on modern browsers and modern Operating Systems.
If you have any concerns about a file type, then use .zip which as far as I know always works.
I would suggest that all filenames are lower case and that there are NO spaces within the filename.
Also make sure that the file extensions are the correct extensions for that file type.
PHP puts a limit on the size of file that it can process so that poorly written scripts do not use up all the memory. This means that there is a maximum file size that can be downloaded which will be defined by the memory_limit attribute in the php.ini file.
This feature may not be on your server because it is only enabled when PHP has been compiled to include memory limit; the default value is 8Mbytes.
Different hosts set up their server in different ways. Some may have the default value, some a larger value and some no restriction at all. You will have to contact your host to find out the details if you think that it could be a problem.
When memory_limit is enabled on the server, if you attempt to download a file which is greater than the memory_limit, you will end up with a corrupt file.
If memory_limit is enabled and if you need to have files greater than the memory_limit, you can change the value in the php.ini file. However, you will probably not have access to this file if your server is hosted by a hosting company.
You can still overcome the problem by splitting up your files into a number of separate files. PHP-eSeller has the facility where you can define as many files against a product as you wish.
No, you purchase the application and install it onto your own web server.
Your system must meet the requirements of :
The application has been written to make it as easy to install as possible with minimum knowledge of PHP or MySQL. You need to be able to upload the files to your web server and to edit a configuration file with appropriate information.
You will also need to be able to integrate the store pages into your web site. If you intend to use the dynamically created button lists, it is helpful if you have a basic knowledge of PHP and HTML. Hand created buttons are very simple to place onto existing web pages.
If you wish to stop a user with a given email address from logging in, there is a function in file download/login.php which checks for banned email addresses.
Open up login.php with a text editor, go to the end of the file and modify the array as described in the page.
For the shopping cart to work correctly you do need cookies enabled in the browser. For single 'buy now' item purchases you do not need cookies enabled in the browser.
The application sends emails to the administrator for each transaction and most are self-explanatory. The following describes the less obvious ones :
IPN - VERIFIED but incorrect Receiver_email address, no action taken - usually means that you have multiple email addresses in your PayPal account and you need to enter the primary PayPal email address into the Global Set Up admin section of eSeller
IPN - Error : Txn_ID has been duplicated - means that a previous transaction in the saleshistory table has the same txn_id which is an error. Although this is an error, it can occasionally happen with correct transactions and appears to be caused by the web server being slow or the internet being slow so that PayPal sends out another IPN before it receives an acknowledgement from your web server. In those situations the application does not register it as another sell, but just sends out a warning email saying that it has detected a duplicate txn_ID.
The following is a list of some of the mySQL errors that can occur and which may help if you are having problems connecting to the database.
|Error message||Possible reasons|
|Warning: mysql_connect() [function.mysql-connect]: Access denied for user: 'USERNAME@localhost' (Using password: YES) in /usr/home/..../test.php on line 8||Your MySQL username/password is incorrect|
|Access denied for user: 'USERNAME@localhost' (Using password: YES)||Your MySQL username/password is incorrect|
|Warning: mysql_connect() [function.mysql-connect]: Unknown MySQL Server Host 'HOSTNAME' (1) in /usr/home/..../test.php on line 8||Your MySQL hostname is incorrect|
|Could not connect: Unknown MySQL Server Host 'HOSTNAME' (1)||Your MySQL hostname is incorrect|
|Warning: mysql_connect() [function.mysql-connect]: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) in /usr/home/...../test.php on line 8||Your MySQL hostname is incorrect or you do not have the MySQL service started|
|Could not connect: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)||Your MySQL hostname is incorrect or you do not have the MySQL service started|
|Warning: mysql_connect() [function.mysql-connect]: Can't connect to MySQL server on 'mysql.domain.com' (60) in /usr/home/..../test.php on line 8||Your MySQL hostname is incorrect or you do not have the MySQL service started|
|Could not connect: Can't connect to MySQL server on 'mysql.domain.com' (60)||Your MySQL hostname is incorrect or you do not have the MySQL service started|
The language code for the PayPal site is defined in the button using a hidden field.
So for English language use
<input type='hidden' name='lc' value='US' />
Possible values are France(FR), Spain (ES), Italy (IT), Germany (DE), China (CN), English (US).
The customer should then see the login page in the defined language.
To change the language code, go to the file ipnfunction.php open in a text editor and you should see the default language code of
<input type='hidden' name='lc' value='US' />
Change the value to what ever code you require and upload the file back to your server.
Version PHP 5.3 has a number of functions that are depreciated and earlier versions of PHPeSeller, PHPSecureArea and PHPKeyCodes will display warning messages identifying those depreciated functions when installed on PHP 5.3. It will still work as the functions are still there although they will be removed in PHP 6
To overcome this for earlier versions of the applications, in the error.php file just use
error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
This will stop the depreciated warning messages being displayed.
If you login to the admin pages and then click to go to a different page in the menu it returns to the login screen. This is becuase there is something wrong with your server session variables. The server stores the sessions and for some reason this is not being done correctly. You need to contact your hosting company to sort the problem out.
There is a test at :
Which will attempt to start the sessions. It will show a link that you click and should tell you if the session has been correctly started.
You cannot secure a folder on a windows computer using a htaccess file. However you can do it as follows :
To Secure the Folder, set the folder as an application using IIS manager.
Disable: Directory Browsing, Anonymous Access, and Application Root.
Then add to the folder a "web.config" file with the content:
<?xml version="1.0"?> <configuration> <system.web> <authorization> <deny users="?" /> </authorization> </system.web> </configuration>