[PHP] Re: $_POST issues
On 12/01/2010 08:56 PM, Nadim Attari wrote: On 12/01/2010 06:50 PM, Bundhoo M Nadim wrote: Hello, Can someone explain me what this piece of code basically does ? ?php header(Expires: . gmdate(D, d M Y H:i:s, time() + (0*60)) . GMT); header(Pragma: no-cache); print REDIRECT=http://www.domaine.com/page.php?;; $param = http_build_query($_POST); print $param; exit(0); ? Well, the code is redirecting to some page with query string constructed using the $_POST data. My problem is not the redirection; but all I want is to get the data in $_POST If I just put only this piece of code: ?php var_dump($_POST); ? i get nothing. But the above codes is successfully redirecting me to page.php with a properly constructed query string - which means that $_POST was never empty. So why var_dump($_POST) is returning just array(0) { } ??? nadim attari alienworkers.com Hello all, Perhaps I am not being able to explain you my problem correctly (sorry my poor English) Here is the tests i'm doing: http://www.yulounge.com/_sbm/servlet/send_transaction.php And you can get the codes here: http://www.yulounge.com/_sbm/servlet/servlet.zip I've got these codes from them at SBM. I'm asking myself this question: Why can't I get the values of $_POST (response.php in the example) but the page is able to http_build_query() using the same $_POST ?? To demonstrate what I am trying to figure out, please try this one also: http://www.yulounge.com/_sbm/example2/send_transaction.php Codes: http://www.yulounge.com/_sbm/example2/var_dump.zip In this example2, only the page response.php has been changed. Thx in advance, Nadim Attari Alienworkers.com Sorry If you already done tests or downloaded example2. I made a mistake specifying the response and error urls. I've corrected it on the server. You can test / download example 2. nadim attari alienworkers.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: $_POST issues
On 12/01/2010 10:08 PM, Daniel P. Brown wrote: On Wed, Dec 1, 2010 at 12:15, Nadim Attarina...@alienworkers.com wrote: where does receipt.php gets the $_GET data ? Isn't it from response.php where the $_POST data are being http_build_query()'ed ?? $param = http_build_query($_POST);- According to cURL, it's never even hitting response.php to redirect. It's going straight to receipt.php with $_GET data. (THERE IS NO $_POST DATA.) Besides, you kept stating that the 'redirect' was working fine, which is technically incorrect: there's absolutely zero chance that works as you presented it. You can't just throw in some text to tell the browser to redirect to a page. You'd have to do a header(Location: ); call, a meta refresh, a JavaScript window.location() call or something similar. Thus that indicates that the text from response.php is interpreted as a direction by the processing gateway's API when it calls out to your server. Knowing this, I see the $_POST data expected here. This wasn't in question, as it's obviously building the query string. We now know that it feeds this data in plain text back to the remote server for further processing, which then directs the browser to receipt.php --- with $_GET data (id est - THERE IS NO $_POST DATA). Your browser is never hitting response.php. Only the remote server is doing that. If you want to get the data as sent by the remote server to your server in response.php, you'll either need to write that to a file like I did: file_put_contents('output.nadim.log',$param); Or you'll need to consult the processing gateway's API documentation to learn how to avoid requiring this seemingly unnecessary step. Thank you Daniel for this detailed post of yours. Really appreciated. Saving the $_POST data (in response.php) in a file will serve nothing. - And you said this was an unnecessary step from the payment gateway - All i need is the result of the transaction, which I'll get in receipt.php thr' $_GET. All I can say is that I do not have any control on the payment gateway (you may realise it has been badly implemented - if it is not too harsh to say like that) Another unnecessary step occurs in send_transaction.php - you have seen that once the XML data is sent to the payment gateway (well SBM asked me to send like that - i mean no declaration, just the tags), the gateway sends back paymentid and paymentpageurl and i have to redirect my browser to that page, concatenating the paymentid in the query string. --- this should have been done automatically by the payment gateway itself. Really baffling. I think I'll report this to my boss, who shall contact the client (YU Lounge). Now up to the client to decide whether they'll be doing business with SBM payment gateway solution or not. BTW, would you recommend someone to use this payment gateway ? What are your comments on such payment gateway implementation ? Anyway thanks again for your time and help Daniel. Best regards, Nadim Attari Alienworkers.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: $_POST issues
On Wed, Dec 1, 2010 at 16:32, Nadim Attari na...@alienworkers.com wrote: Thank you Daniel for this detailed post of yours. Really appreciated. Quite welcome. Saving the $_POST data (in response.php) in a file will serve nothing. - And you said this was an unnecessary step from the payment gateway - All i need is the result of the transaction, which I'll get in receipt.php thr' $_GET. All I can say is that I do not have any control on the payment gateway (you may realise it has been badly implemented - if it is not too harsh to say like that) Not too harsh at all. If anything, you're being too kind. ;-P Another unnecessary step occurs in send_transaction.php - you have seen that once the XML data is sent to the payment gateway (well SBM asked me to send like that - i mean no declaration, just the tags), the gateway sends back paymentid and paymentpageurl and i have to redirect my browser to that page, concatenating the paymentid in the query string. --- this should have been done automatically by the payment gateway itself. Really baffling. I agree. It seems as though it's a very clunky setup, unless there's a different way it's supposed to be done that their API docs explain. I think I'll report this to my boss, who shall contact the client (YU Lounge). Now up to the client to decide whether they'll be doing business with SBM payment gateway solution or not. BTW, would you recommend someone to use this payment gateway ? What are your comments on such payment gateway implementation ? I'd honestly never heard of this service until you submitted the original post in this thread. However, knowing what we've already ascertained in this short time, as well as other things I've noticed, I would highly advise against using the service. Three key issues I see are: (1) unnecessary processes and slow response times; (2) insecurities, including data disclosure and plain-text GET/POST calls; (3) poor data validation and error handling. If the client would permit the use of another service, I'd recommend researching some of the alternatives. Anyway thanks again for your time and help Daniel. My pleasure. -- /Daniel P. Brown Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting (866-) 725-4321 http://www.parasane.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php