Should I accept payments without a callback URL?

[PBmining]

When implementing a payment system, Blockchain.info uses callback URLs with their PHP examples.
I only understand its use of sending the user to a confirmation page after ordering.  I have read that it is for added security though too, but I don't see how. 
What if I chose not to use it?

[Benson Samuel]

When implementing a payment system, Blockchain.info uses callback URLs with their PHP examples.
I only understand its use of sending the user to a confirmation page after ordering.  I have read that it is for added security though too, but I don't see how.  
What if I chose not to use it?

If you choose not to, then blockchain.info will not send any message back to your webpage and you may not know when the payment has reached.
If you do not use callbacks, your user would be stuck on the payment confirmation page until someone manually agrees to move him forward.
The added security is that it verifies the payment before sending the customer forward.

[empoweoqwj]

When implementing a payment system, Blockchain.info uses callback URLs with their PHP examples.
I only understand its use of sending the user to a confirmation page after ordering.  I have read that it is for added security though too, but I don't see how.  
What if I chose not to use it?

If you choose not to, then blockchain.info will not send any message back to your webpage and you may not know when the payment has reached.
If you do not use callbacks, your user would be stuck on the payment confirmation page until someone manually agrees to move him forward.
The added security is that it verifies the payment before sending the customer forward.

So yes, the security is there and important.

[Rannasha]

You only show the code (btw, use code-tags for nicer formatting) for the page that reads invoices from the DB and displays the status. We can't tell why things aren't being added to the DB unless you show us the code that does the actual adding.

[empoweoqwj]

You only show the code (btw, use code-tags for nicer formatting) for the page that reads invoices from the DB and displays the status. We can't tell why things aren't being added to the DB unless you show us the code that does the actual adding.

Yeah, the horse has already bolted ... need to see the earlier code.

[Rannasha]

For debugging, you should make the script display all queries that are executed. You can then find the exact query it tries to run to insert data into the pending table and then use something like PHPMyAdmin or the mysql commandline client to run this query and get more detailed error messages.

In general it is a good idea to abstract away from calling mysql_query() directly (not to mention that it is deprecated and should be replaced by mysqli_query()).

Create a new function:

Code:

function do_query($query_string)
{
    // Comment or remove following line when not debugging
    echo "(DEBUG) " + $query_string + "<br>";

    $res = mysql_query($query_string);
    if (!$res)
    {
        // Do error-handling here. In development-code you can display the error.
        // In production-code you log the error server-side and show a generic error to the user.
        do_something()
    }

    return $res;
}