• Installing PHP-SecureArea

  • The following describes how to install PHP-SecureArea for the first time. The process is simple and should take just a few minutes.

  • Requirements

    • PHP 5 and above
    • Apache web server or similar
    • An SSL certificate on your web server to use https for communications with PayPal
    • mySQL database version 3.23 or higher
    • Linux or FreeBSD operating system (not Windows) on the web server
    • A Paypal Business or Premier account - sign up here.
    • Email functionality on the web server so that the PHP scripts can send out emails to customers.
    • If you are looking for a suitable host for you site, I would recommend the basic web hosting plan from SiteGround.com or Lunarpages.com which have the required features for this application.
  • Unzipping the files

    The files are supplied in .zip format. After unzipping the files you will have a folder called 'phpsecurearea' containing a number of files and folders. It is usual to copy the whole folder on to your web server in which case the site will be located at http://www.yoursitename.com/phpsecurearea/.

    If you do create a folder called 'phpsecurearea' on your web server, remember to use lower case as Linux is case sensitive.

  • Site structure

    Here is a quick summary of the 'phpsecurearea' folders :

     /admin - code to administer the application

     /classes - object classes used in the application

     /cron - a Cron job for controlling manually created users

     /customeradmin- customer login pages

     /functions - miscellaneous functions

     /images - graphics

     /ipn - PayPal ipn scripts

     /ipncommon - common ipn functions

     /logincustomer - example files for login to secure area

     /protected - an example folder for protecting and which contains the master .htaccess file.

     /htpasswd - an example folder where the password files will be created.

  • Creating a Database

    Create a mySQL database with cpanel tutorial (old style) Click here for a tutorial

    Create a mySQL database with cpanel tutorial (new style) Click here for a tutorial

    Create a mySQL database with GoDaddy hosting tutorial Click here for a tutorial

  • Create a database

    Create a new empty database with an appropriate name (e.g. phpseurearea).

    The above links provides some examples on how to create a database.

    If you are using a hosting company, then you will probably be given a control panel to access your databases system. For mySQL this is usually phpMyAdmin which allows you to administer the database via a web browser.

    Quite often hosting companies will prefix the name of the database with your login name. So when you enter phpsecureaarea, it becomes paul_phpsecurearea for example.

    You can install into an existing database if you wish. The table names are all prefixed by sec_. First check that there are no other tables in your database that start with sec_ to make sure that there are no name clashes.

  • Create a user for the database

    Create a user (e.g. secureuser ) that has access to that database and that database only.

    If you are using a hosting company, there will probably be an administration page which will allow you to create database users, define their permissions and add the user to your database.

    Quite often hosting companies will prefix the user name with your login name. So when you enter phpsecurearea, it becomes paul_phpsecurearea for example.

    In the first instance, you need to make sure that the user has permissions which include CREATE privileges because the first script that you run will be creating tables in the database. Normally you will select the All Privileges option for this.

  • Run the install.php page

    The install.php page should be accessible at :

    http://www.yoursitename.com/phpsecurearea/install.php

    When you display this in your web browser, it will ask for host name, database name, username, password and table prefix.

    Installation screen

    The above image shows the default display.

    The host name will usually be localhost, the database name will be whatever you have already created, usually phpsecurearea. Enter in a user name and password for a user who has table creation privileges.

    Note that the host name may not be localhost, you will need to check your hosting for that. Also, the username and the database name may have a prefix added by your host, again you will need to check your hosting for that.

    Click on 'Create' and the script will display a list, which should all be green to indicate success. Any failures will be indicated in red.

    If all are green, then all tables have been created.

  • Edit config.php

    The config.php file contains the database connection username / password for the application.

    Edit the config.php file with a text editor such as Notepad. Do not put any spaces, blank lines or other text after the last ?> symbol or before the first <?php symbol.

    You need to enter:

    database host name (usually localhost, but see your hosting documentation for this)
    database name
    database username
    database password

    Note that the database name, and database username may have been given a prefix by the host system.

  • Login

    To prove your installation is working, login in to the admin displays which can be found at http://wwww.yourservername.com/phpsecurearea/admin/
    Default username / password is:
    Username:  admin@somewhere.com
    Password:  password

  • Modifications to your PayPal account

    If you have not enabled IPN in your PayPal account, you do need to enable it so that your PayPal account sends back the IPN.

    • Log into your PayPal account and click on 'Profile' on the menu.
    • Click on 'My Selling Preferences'.
    • For 'Instant payment notifications' click on 'Update'.
    • Enable the IPN.

    In the url box, enter the confirm.php url which will be http://www.yoursitename.com/installation_folder/ipn/confirm.php. This url is not actually needed because PHP-SecureArea sends the url to PayPal anyway.

    If the url box is already being used, you do not have to change it because PHP-SecureArea sends the url to PayPal anyway.