[PHP] Re: $_POST issues
On 12/01/2010 08:56 PM, Nadim Attari wrote:
On 12/01/2010 06:50 PM, Bundhoo M Nadim wrote:
Hello,
Can someone explain me what this piece of code basically does ?
?php
header(Expires: . gmdate(D, d M Y H:i:s, time() + (0*60)) . GMT);
header(Pragma: no-cache);
print REDIRECT=http://www.domaine.com/page.php?;;
$param = http_build_query($_POST);
print $param;
exit(0);
?
Well, the code is redirecting to some page with query string constructed
using the $_POST data.
My problem is not the redirection; but all I want is to get the data in
$_POST
If I just put only this piece of code:
?php
var_dump($_POST);
?
i get nothing. But the above codes is successfully redirecting me to
page.php with a properly constructed query string - which means that
$_POST was never empty. So why var_dump($_POST) is returning just
array(0) { } ???
nadim attari
alienworkers.com
Hello all,
Perhaps I am not being able to explain you my problem correctly (sorry
my poor English)
Here is the tests i'm doing:
http://www.yulounge.com/_sbm/servlet/send_transaction.php
And you can get the codes here:
http://www.yulounge.com/_sbm/servlet/servlet.zip
I've got these codes from them at SBM. I'm asking myself this question:
Why can't I get the values of $_POST (response.php in the example) but
the page is able to http_build_query() using the same $_POST ??
To demonstrate what I am trying to figure out, please try this one also:
http://www.yulounge.com/_sbm/example2/send_transaction.php
Codes: http://www.yulounge.com/_sbm/example2/var_dump.zip
In this example2, only the page response.php has been changed.
Thx in advance,
Nadim Attari
Alienworkers.com
Sorry If you already done tests or downloaded example2. I made a mistake
specifying the response and error urls. I've corrected it on the server.
You can test / download example 2.
nadim attari
alienworkers.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: $_POST issues
On 12/01/2010 10:08 PM, Daniel P. Brown wrote:
On Wed, Dec 1, 2010 at 12:15, Nadim Attarina...@alienworkers.com wrote:
where does receipt.php gets the $_GET data ? Isn't it from response.php
where the $_POST data are being http_build_query()'ed ??
$param = http_build_query($_POST);-
According to cURL, it's never even hitting response.php to
redirect. It's going straight to receipt.php with $_GET data. (THERE
IS NO $_POST DATA.)
Besides, you kept stating that the 'redirect' was working fine,
which is technically incorrect: there's absolutely zero chance that
works as you presented it. You can't just throw in some text to tell
the browser to redirect to a page. You'd have to do a
header(Location: ); call, a meta refresh, a JavaScript
window.location() call or something similar. Thus that indicates that
the text from response.php is interpreted as a direction by the
processing gateway's API when it calls out to your server.
Knowing this, I see the $_POST data expected here. This wasn't in
question, as it's obviously building the query string. We now know
that it feeds this data in plain text back to the remote server for
further processing, which then directs the browser to receipt.php ---
with $_GET data (id est - THERE IS NO $_POST DATA).
Your browser is never hitting response.php. Only the remote
server is doing that. If you want to get the data as sent by the
remote server to your server in response.php, you'll either need to
write that to a file like I did:
file_put_contents('output.nadim.log',$param);
Or you'll need to consult the processing gateway's API
documentation to learn how to avoid requiring this seemingly
unnecessary step.
Thank you Daniel for this detailed post of yours. Really appreciated.
Saving the $_POST data (in response.php) in a file will serve nothing. -
And you said this was an unnecessary step from the payment gateway - All
i need is the result of the transaction, which I'll get in receipt.php
thr' $_GET.
All I can say is that I do not have any control on the payment gateway
(you may realise it has been badly implemented - if it is not too harsh
to say like that)
Another unnecessary step occurs in send_transaction.php - you have seen
that once the XML data is sent to the payment gateway (well SBM asked me
to send like that - i mean no declaration, just the tags), the gateway
sends back paymentid and paymentpageurl and i have to redirect my
browser to that page, concatenating the paymentid in the query string.
--- this should have been done automatically by the payment gateway
itself. Really baffling.
I think I'll report this to my boss, who shall contact the client (YU
Lounge). Now up to the client to decide whether they'll be doing
business with SBM payment gateway solution or not.
BTW, would you recommend someone to use this payment gateway ? What are
your comments on such payment gateway implementation ?
Anyway thanks again for your time and help Daniel.
Best regards,
Nadim Attari
Alienworkers.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: $_POST issues
On Wed, Dec 1, 2010 at 16:32, Nadim Attari na...@alienworkers.com wrote: Thank you Daniel for this detailed post of yours. Really appreciated. Quite welcome. Saving the $_POST data (in response.php) in a file will serve nothing. - And you said this was an unnecessary step from the payment gateway - All i need is the result of the transaction, which I'll get in receipt.php thr' $_GET. All I can say is that I do not have any control on the payment gateway (you may realise it has been badly implemented - if it is not too harsh to say like that) Not too harsh at all. If anything, you're being too kind. ;-P Another unnecessary step occurs in send_transaction.php - you have seen that once the XML data is sent to the payment gateway (well SBM asked me to send like that - i mean no declaration, just the tags), the gateway sends back paymentid and paymentpageurl and i have to redirect my browser to that page, concatenating the paymentid in the query string. --- this should have been done automatically by the payment gateway itself. Really baffling. I agree. It seems as though it's a very clunky setup, unless there's a different way it's supposed to be done that their API docs explain. I think I'll report this to my boss, who shall contact the client (YU Lounge). Now up to the client to decide whether they'll be doing business with SBM payment gateway solution or not. BTW, would you recommend someone to use this payment gateway ? What are your comments on such payment gateway implementation ? I'd honestly never heard of this service until you submitted the original post in this thread. However, knowing what we've already ascertained in this short time, as well as other things I've noticed, I would highly advise against using the service. Three key issues I see are: (1) unnecessary processes and slow response times; (2) insecurities, including data disclosure and plain-text GET/POST calls; (3) poor data validation and error handling. If the client would permit the use of another service, I'd recommend researching some of the alternatives. Anyway thanks again for your time and help Daniel. My pleasure. -- /Daniel P. Brown Dedicated Servers, Cloud and Cloud Hybrid Solutions, VPS, Hosting (866-) 725-4321 http://www.parasane.net/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
