Solved

Making this script robust

Posted on 2004-10-12
67
435 Views
Last Modified: 2013-12-13
So I need this script as a middle page between my online processor and my web page scripts that are written in Coldfusion.
Since I have not experince, and am really pressured for time, I ask you guys to help.
this script works fine, but apparently to get the online processor to automatically send my users back to my site, they need (according to them) to pull this page and some how store it on their site, which in this case you can see that this code will generate problems, if the variables are not passed in. Here is exactly what they say,

"When you have URLs entered in for return and have it set to "Yes", if our server receives and error from yours, it will put Direct Return to "No" for that transaction, therefore removing the button. This is exactly what I am seeing on your account. I spoke with one of our developers just to be sure, and he explained to me that we were receiving a 500 error from your server and this is why it is happening. You can see that errors are generated immediately. Specifically it is with how your script handles the cart_order_id and index parameters. You should make your script as robust as possible, so that it can handle every scenario that a customer might generate because if your script makes an error that our server receives, you will experience exactly what is happening here today. "
<?php
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}&credit_card_processed={_POST['credit_card_processed']}&total={$_POST['total']}");
?>

can you guys please help
0
Comment
Question by:MMsabry
  • 29
  • 28
  • 6
  • +1
67 Comments
 

Author Comment

by:MMsabry
ID: 12292026
here is the error message they were talking about

Notice: Undefined index: cart_order_id in d:\inetpub\mydomain\redirect.php on line 2

Notice: Undefined index: total in d:\inetpub\mydomain\redirect.php on line 2

Warning: Cannot modify header information - headers already sent by (output started at d:\inetpub\mydomainredirect.php:2) in d:\inetpub\mydomain\redirect.php on line 2
0
 
LVL 48

Expert Comment

by:hernst42
ID: 12292068
The only strange thing I see is:
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}&credit_card_processed={_POST['credit_card_processed']}&total={$_POST['total']}");
might be
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}&credit_card_processed={$_POST['credit_card_processed']}&total={$_POST['total']}");

But if that is not the problem you might describe the situation a little bit more in detail and with more code-snipset
0
 
LVL 48

Expert Comment

by:hernst42
ID: 12292074
Does your script exists only of thart one line.
From which post-form is that URL for redirect called??
0
 
LVL 48

Expert Comment

by:hernst42
ID: 12292090
The notices come from undefined variables which means that the neccessary information is not posted to that php-script containig the header(...)
0
 

Author Comment

by:MMsabry
ID: 12292244
Yes, guys I know that, I need to write something in PHP that will stop this code from generating errors if the variables are not passed in.

In coldfusion I would have made a loop over the submitted from variables (if form variables are passed) and then check each variable has a value
if everything is fine, the redirect to the second page occurs. If there is no form variables passed, then I would not do the loop and send the user to
a different page which displays an error message. the same if one of the variables is not passed in. My problem is that I do not know PHP at all,
I'm completely new to the web development, and only worked with coldfusion.
thanks
0
 
LVL 48

Expert Comment

by:hernst42
ID: 12292368
In that script you are accessing POST-parameters. Is that formdata realy posted or is the get-method of the form used.

to check for variables in PHP you can use:
<?php
$error = false;
if (empty($_POST['cart_order_id'])) {
    // missing order-id
    $error = true;
}


if (!$error) {
   header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}&credit_card_processed={$_POST['credit_card_processed']}&total={$_POST['total']}");
    exit;
}

// show eeror-messages

Maybe the script works if you replace $_POST by $_REQUEST, which combines the Get, Post and Cookievariables into that one array. So you don't need to worry about where your variables come from.

Have a look at http://de.php.net/manual/en/tutorial.forms.php how to deal with forms in PHP
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12293197
two options from my perspective

1) supress the errors OR 2) give them default values if they are empty

1 eg)

header("Location: https://mydomain.com/myfile.cfm?cart_order_id=".@$_POST['cart_order_id']."&credit_card_processed=".@$_POST['credit_card_processed']."&total=".@$_POST['total'])


2 eg)

if (empty($_POST['cart_order_id'])) $_POST['cart_order_id'] = "defaultvalue";
if (empty($_POST['credit_card_processed'])) $_POST['credit_card_processed'] = "defaultvalue";
if (empty($_POST['total'])) $_POST['total'] = "defaultvalue";
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}&credit_card_processed={$_POST['credit_card_processed']}&total={$_POST['total']}");
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12293222
just read

"In coldfusion I would have made a loop over the submitted from variables (if form variables are passed) and then check each variable has a value
if everything is fine"

in which case my first example above should be fine.

That will prevent the notices generated if the POST indexes don't exists and will subsequently prevent the header cannot be modified error (cant modify it because of the outputed errors before the header).

You could also achieve the same thing doing the following, which will reduce the level of error checking in the script and thus not show the notices:

<?php
error_reporting(E_ALL ^ E_NOTICE);
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}&credit_card_processed={$_POST['credit_card_processed']}&total={$_POST['total']}");
?>
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12295310
Why do you need PHP if you know CF?

What are you doing in PHP (or trying to do) that you can't do in CF?

0
 

Author Comment

by:MMsabry
ID: 12295514
The problem is not in me, the problem is in the online credit card processor, something is wrong with their processor! It would not allow direct pass back of the variables to my site(the user is automatically sent back to my site with some variables). The frist thing they told me when I first contacted them for this problem was "it is probably bec. your script pages have the extension .cfm and our server might not recognize it as a script lang." so I came up with the idea to use a middle page to receive these vriables and send them to my page.
any way even after stoping the page from generating an error it still does not wrok, and here is what they say " Hello ,

Not all scripts support Direct Return. If it dosent work with your script, we
would recommend that you leave it set to off."

This is a company is called 2checkout.com, and we urgently need the online payment gatway, but since we are located outside the US, it is a lengthy process to setup full internet marchent account and do it fully, which I think we will definitly do next time, but for now we need either to fix this problem or find another company that would allow international accounts to be opened.

PS if you were wondering why I want the user to be sent back, they get their invoices this way!
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12295585
So.

The user fills in some forms (buys things, credit card details, etc).

You take these bits and pass them "send" them to 2checkout.com.

What method do you use?

An alternative handler COULD be ...


<?php

$sParams = 'FromHandler=True';

if (count($_POST) > 0)
 {
 foreach($_POST as $sKey => $sValue)
  {
  $sParams .= '&POST_' . urlencode($sKey) . '=' . urlencode($sValue);
  }
 }

if (count($_GET) > 0)
 {
 foreach($_GET as $sKey => $sValue)
  {
  $sParams .= '&GET_' . urlencode($sKey) . '=' . urlencode($sValue);
  }
 }

if (count($_COOKIE) > 0)
 {
 foreach($_COOKIE as $sKey => $sValue)
  {
  $sParams .= '&COOKIE_' . urlencode($sKey) . '=' . urlencode($sValue);
  }
 }

header('Location: https://mydomain.com/myfile.cfm?' . $sParams);
?>

This way, you will get all the POST, GET and COOKIE variables sent to you to pass to your CF page.

You can now deal with them in any way you like.

Richard.
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12295597
If you don't want to pass the $sParams direct to your name page, then don't. Pass it to another CF script where you can work out what you want in an environment you are happier to work in.

Richard.
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12295600
"name"? "main".
0
 

Author Comment

by:MMsabry
ID: 12295643
I will try your code,  it might be the problem that I only use three out of many parameters they send, but one would generally think that should not be a problem for their script, we will see,
thanks
0
 

Author Comment

by:MMsabry
ID: 12295662
I use post (recommended by 2checkout) to send my pramters to them.
But I'm not sure in which formate they do send them, but i think they
send them as hidden form fields using the post method too!
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12295711
The concept of "hidden" only applies to forms in a browser.

Once submitted, they are (normally) either GET or POST variables. This depends upon the form's method property.

I would alter the code I sent to ...

<pre>
<?php
foreach(array($_GET, $_POST, $_COOKIE) as $aArray) { print_r($aArray); }
?>
</pre>


to see exactly what is being sent to you.

Richard.
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12295794
I think we determined in the last question that the data was coming from a form using the POST method.
0
 

Author Comment

by:MMsabry
ID: 12295801
ok, so this modification worked
<pre>
<?php
foreach(array($_GET, $_POST, $_COOKIE) as $aArray) { print_r($aArray); }
?>
</pre>

It did redirect back to my page, and i had only the second array displaying results, so I guess that is the post method.
now do you think your other script, the one that should actually work, will work?
0
 

Author Comment

by:MMsabry
ID: 12295843
nope I put that code up there and it did not redirect! I really do not understand!
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12295867
Back to my first script then and instead of the header() line , use ...

echo '<a href="https://mydomain.com/myfile.cfm?' . $sParams . '">$sParams</a>';

This SHOULD show a link to YOUR page.

You SHOULD be able to click it and it should work.

If not, then the page name is NOT right OR your page is rejecting the request. In which case what conditions need to be applied (sessions probably) to allow this page to accept requests?
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12295874
I would also add in ...

<?php
error_reporting(E_ALL);
...

?>

at the top so we can see ALL errors, warnings and notices. Just in case I've done something wrong.

Richard.
0
 

Author Comment

by:MMsabry
ID: 12295937
Ok, may be I was not clear,
The company (2checkout) offers two possibilities after the user has paid,
1- he is provieded with a button which if he/she clicks they are sent back to my site (this works perfectly, even with the cfm pages)
2- direct return, where there is not button, but the user is automatically sent back to my site. This is what we need, the user should not be given the chance to forget to click the link.

Also regarding the errors, if there is anything wrong, one just does not leave the processor's page, so i can never see what error is generated, this is why I'm so frustrated.

so i am trying to get the direct pass back to work!
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12295975
So. For a direct return you need to tell them where to go? (No pun intended).

They need to know the name of the page that is going to be sent to the user.

Now. The purpose of the link I made is to make sure that IF the direct return was working, the actual information sent by them would actually get to were it was needed.

I assume this is running on a test system!

If not, then how on earth can you test it!

The errors I am talking about are PHP errors.

It MAY be that they grab a page from you, wrap it up in their code and then supply this back to you.

Obviously, you cannot redirect in this page.

Can you provide a list of ALL the parameters you send to them. All form variables, all URL parameters, etc.

An example site would also be useful.

0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12295987
a Direct return would just be

<?php
header("location: http://yoursite.com");
?>

however if this is happening on a server that is not in your control then how does the direct return work, i am presuming you have to set the value using the query string? so you would append something like &direct_return=yes
0
 

Author Comment

by:MMsabry
ID: 12296109
Ok, on their processor, I just have to indicate URL to the page that should receive the parameters back from them.
the parameters I send are: sid=xxxxx&total=XXXXXXXXXX&cart_order_id=xxxx.  I post them to the site.
I think that is the problem, that they do grab my page!
0
 

Author Comment

by:MMsabry
ID: 12296159
so the echo is workning fine
!
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12296183
I have been trying to find out how their system works but couldn't find anything about the query string to handle the direct return, so far just a modification in the control panel: http://www.mals-e.com/support/2checkoutsetup1.htm
0
 

Author Comment

by:MMsabry
ID: 12296191
But not the redirect, is it possible to include a cfm file in a php?
but in this case i have no idea how would i reference the variables in the script, but i will try that.
So my quesiton is,
is it possible to include a .cfm file in php? And if that is possible,
what would be the code?
thanks
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12296203
<?php
include('filename.cfm');
?>
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12296245
Ah!

Just because you can include a file, it will NOT get any parameters they send to you.

Also, the cfm file will NOT be parsed through the CF engine! So, you will get a lot of errors as PHP tries to understand the cfm file.

<?php
readfile('http://www.yoursite.com/page.cfm?params');
?>

May be what you want.

When your page is read, it will read the cfm page (along with any parameters you pass it) and then send that off to the caller.

Richard.
0
 

Author Comment

by:MMsabry
ID: 12296351
ok, here is the error when i try to use the readfile

Notice: readfile(): Unable to find the wrapper "https" - did you forget to enable it when you configured PHP? in d:\inetpub\mydomain\redirect.php on line 28

Warning: readfile(https://...@mydomain.com&street_address=sr&city=Chemnitz&product_id=&ship_city=&cart_order_id=12345678&tcoid=cc3544eb5b8e3f1dcb9dd9f342cca6a9&country=Germany&order_number=1575763148&merchant_order_id=&cart_id=12345678&ship_state=&demo=Y&ship_street_address=&quantity=1&total=528.00&phone=+49-371-531-4807&credit_card_processed=Y&zip=99999&merchant_product_id=12345678&ship_name=&card_holder_name=Mohamed name-fname): failed to open stream: No such file or directory in d:\inetpub\mydomain\redirect.php on line 28

Here is how I wrote line 28:
readfile('https://www648.ssldomain.com/mydomain/templates/invoice.cfm?' . $sParams);
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12296457
Ah.

Can you create a file ...

<?php
phpinfo();
?>

Save this within the web doc path as info.php

and then launch it from your browser.

Look for openssl.

openssl
OpenSSL support  enabled  
OpenSSL Version  OpenSSL 0.9.7c 30 Sep 2003  


If you do not have this installed, then you will need to edit your PHP.INI file and add in the openssl extension and then restart the webserver.

Then re-run the info.php script and check to see if the OpenSSL is loaded.

Then retry the script with readfile.

If this does not work, then you could create a CFM page which did the same thing as the PHP script.

What EXCATLY happens if you tell the payment people that the page to go to is "https://www648.ssldomain.com/mydomain/templates/invoice.cfm"?

Do you get an error or does nothing happen?

Richard.
0
 

Author Comment

by:MMsabry
ID: 12296533
nothing happens, for the cfm page
0
Easy Project Management (No User Manual Required)

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:MMsabry
ID: 12296581
well I cannot restart the server, that is not my server, this is on a shared hosting plane.
and no Openssl is not installed.
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12296616
Ok.

What about sending it to an unsecured cfm page?

On this one, you do the same sort of thing as the secured one.

Is the issue https or cfm?
0
 

Author Comment

by:MMsabry
ID: 12296646
I have tried that already, but did not seem to work
I'm trying different things now so i will see where is the problem
since the 2checkout support is not helping at all
 May be I just have to change the whole page from cfm to php, the problem is that I have no clue about php other than what ever you guys just wrote here!
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12296667
And I have no idea of CF! But it can't be that hard!

What do you do in your CF page?
0
 

Author Comment

by:MMsabry
ID: 12296742
simple, I get some values from the session, and the values posted back to me from the processor.
Update an sql db, then display the whole thing out, where using a couple of ifs and some html I generate an invoice that looks readeable.
that is all
0
 

Author Comment

by:MMsabry
ID: 12296746
oh, and then I send an e-mail to me and the user
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12296798
The only issue then is probably the session details.

Do you know if the data you send to 2checkout always comes back?

What I mean is if you created a string containing all the data you want to pass to PHP (i.e. the session data), would they send it back to you in the request to the PHP page?

They should.

If you have (for example), a session variable, which they send back to you (so you think the user is the actual caller, not them), then this can be missued.

So.

In your cfm file, you need to build a string of all the data that exists in the session.

Obviously, things like resource handles are no good as they won't exist in PHP in the same way or at all.

I suppose the answer of what to include is dependent upon the requirement of the script that updates the DB and emails.

Anything that is grabbed from the session in the update db script will need to be converted into a string in the script that talks to 2checkout. The string is sent as the session variable.

Now.

When your new PHP page gets a call, it will examine the session string, decode it into variables and do the same work as the cfm page was.

So. Can you include the source of the CFM page that you are NOT getting any connection with?

Remove any passwords or security IDs please! For YOUR safety!!!!

Replace them with something like ...

__PASSWORD__

Richard.
0
 

Author Comment

by:MMsabry
ID: 12305727
Hi, so I figured out (as you said) that the problem was the "session" They do pull my page into their server, and thus if it depends on the session information, it will generate an error.
So to minimize the amount of reprogramming I have to do (since I'm running out of time) Here is the two things I am going to do,
First option (which is the easiest) is to use the "echo" instead of the "header" but I need to be able to formate this link, since at the moment it only appears at the top left corner, I need to make it a little bigger and in the middle of the page, I tried using html, but i guess i was doing it in a wrong way since it did not change anything.
second option is to still use the "echo" but with a "referesh" then I have a delay of about 3 sec. before it redirects to my page.

any help on these two issues would be great
thanks
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12305849
Do they send the session back to you?
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12305866
If they do NOT send the session back to you (I think they have to as they need the session info to carry on working...).

The page with the print_r($_POST) bit, can you show me some output from this as I need to know the variable names they are using.
0
 

Author Comment

by:MMsabry
ID: 12305902
I am not sure that i understand, they send there own session back, but this is not what I'm using, since I pull some info from the db and add this information to the session while the user is loggedin. This is what was causing the problem, in the last page (which I was trying to get them to redirect to) I need some of this information. I have tried to send them all the session info that I have, but that did not work, Although they say that any variables I will pass to them they will pass back, i think they have put a cap on how much can be sent.
here are all the varibales they pass back. But I do not need all of that I only use "cart_order_ID, Credit_card_processed, and total" since I pull the rest of the info. from my db.
#  order_number - 2Checkout.com order number
# card_holder_name - Card holder's name
# street_address - Card holder's address
# city - Card holder's city
# state - Card holder's state
# zip - Card holder's zip
# country - Card holder's country
# email - Card holder's email
# phone - Card holder's phone
# cart_order_id - Your cart ID number passed in.
# cart_id - Your cart ID number passed in.
# credit_card_processed - Y if successful, K if waiting for approval
# total - Total purchase amount.
# ship_name - Shipping information
# ship_street_address - Shipping information
# ship_city - Shipping information
# ship_state - Shipping information
# ship_zip - Shipping information
# ship_country - Shipping information


If possible can you indicate how can i formate the link in the php file, and also how to do this redirect with some time delay, in cf I would do it like thisk
<cfheader name="referesh" value="3; url=mytargetpage.cfm">
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12306028
You can't just redirect WITHOUT also supplying the session id. The session is the glue that joins one page request to another.

I am surprised that the details they send back does NOT include the session! VERY surprised!!

I would try the following php file as the direct return page.

<?php

$sParams = 'FromHandler=True';

$aSourceArrays = array('P' => $_POST, 'G' => $_GET, 'C' => $_COOKIE);
$aRequiredVars = array('cart_order_ID', 'Credit_card_processed', 'total');

foreach($aSourceArrays as $sSourceKey => $aSourceArray) // Examine each of the source arrays.
 {
 foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
  {
  if (in_array($sRequiredVar, $aSourceArray) // Does the variable exist in the source array?
   {
   $sParams .= '&' . $sSourceKey . '_' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$sRequiredVar]); // Add it to the parameters for the next page with a key to show the source.
  }
 }

echo << END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="10; url=https://mydomain.com/myfile.cfm?{$sParams}">
</head>
<body>
Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://mydomain.com/myfile.cfm?{$sParams}">here</a>.
</body>
<html>
END_HTML;
?>
?>

Your CF page needs to look at the GET parameters and extract the required info. The fields could be ...

C_card_order_ID
P_cart_order_ID
G_cart_order_ID
C_Credit_card_processed
P_Credit_card_processed
G_Credit_card_processed
C_total
G_total
P_total

Richard.
0
 

Author Comment

by:MMsabry
ID: 12306137
The above code gives an error:
Parse error: parse error, unexpected '{' in d:\inetpub\mydomain\redirect.php on line 13

12: if (in_array($sRequiredVar, $aSourceArray) // Does the variable exist in the source array?
13:   {
14:   $sParams .= '&' . $sSourceKey . '_' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$sRequiredVar]); // Add it to the parameters for the next page with a key to show the source.
15:  }
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12306169
Line 12 ...

if (in_array($sRequiredVar, $aSourceArray)) // Does the variable exist in the source array?


Missed a ) before the // comment .
0
 

Author Comment

by:MMsabry
ID: 12306228
sorry another error,
Parse error: parse error, unexpected T_SL, expecting ',' or ';' in d:\inetpub\mydomain\redirect.php on line 18
18: echo << END_HTML
19:<html>
20:<head>
21:<title>Thank you for your order - invoice follows.</title>
22:<meta http-equiv="Refresh" content="10; url=https://www648.ssldomain.com/maydomain/targetpage.cfm?{$sParams}">
23:</head>
24:<body>
25:Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://www648.ssldomain.com/maydomain/targetpage.cfm?{$sParams}">here</a>.
26:</body>
27:<html>
28:END_HTML;
29:?>
30:?>

I have also noticed that you ended your code with two "?>"
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12306250
Eek. Only 1. And you would have thought I was a programmer!!!

Line 18

echo <<< END_HTML

Needs to be 3 <.

<<<  is called heredoc in PHP.
0
 

Author Comment

by:MMsabry
ID: 12306318
More errors, I'm sorry to bother you, but I cannot trouble shoot PHP code!
parse error, unexpected $end on line 34, that is the last line
echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="10; url=https://www648.ssldomain.com/mydomain/targetpage.cfm?{$sParams}">
</head>
<body>
Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://www648.ssldomain.com/mydomain/targetpage.cfm?{$sParams}">here</a>.
</body>
<html>
END_HTML;
?>

<?php
error_reporting(E_ALL);
?>
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12306395
Grrr. I hate untested code!

Try this.

<?php
error_reporting(E_ALL);

$sParams = 'FromHandler=True';

$aSourceArrays = array('P' => $_POST, 'G' => $_GET, 'C' => $_COOKIE);
$aRequiredVars = array('cart_order_ID', 'Credit_card_processed', 'total');

foreach($aSourceArrays as $sSourceKey => $aSourceArray) // Examine each of the source arrays.
      {
      foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
            {
            if (in_array($sRequiredVar, $aSourceArray)) // Does the variable exist in the source array?
                  {
                  $sParams .= '&' . $sSourceKey . '_' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$sRequiredVar]); // Add it to the parameters for the next page with a key to show the source.
                  }
            }
      }

echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="10; url=https://mydomain.com/myfile.cfm?{$sParams}">
</head>
<body>
Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://mydomain.com/myfile.cfm?{$sParams}">here</a>.
</body>
<html>
END_HTML;
?>

The HTML part you can do what you want with.

Richard.
0
 

Author Comment

by:MMsabry
ID: 12307009
so, thank you very much
I had to change the coding (the part where it takes the posted variables from the processor and sends them to the target page) for some reason that did not work,
i tried many things, but still, i have changed the P_ thingy, but no results. So i switched it to the earlier verision that you posted yesterday, and that works fine.
May be I need to use urldecod, when I call the variables on my page, I don't know, i have to try that.
what do you think.

if that all does not work, can you modify your earlier code so that it only posted the three variables that i need, bec. now it also posts my seller id, which is something i do
not like to be disclosed to everyone
thanks
0
 

Author Comment

by:MMsabry
ID: 12307038
i think the problem with the code you last posted is that it does not append the variables to the url, i only see "FromHandler=True"
and that is it
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12307187
Can you show me the code you have AND the output it generates.

You will need to do a view source to see this.

Richard.
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12307258
Eek!

Sorry.

Change the line which is "in_array()..." to ...

if (isset($aSourceArray[$sRequiredVar]))


Sorry!!!!

0
 
LVL 40

Accepted Solution

by:
RQuadling earned 500 total points
ID: 12307289
I would STRONGLY recommend urlencode(). This makes sure that nothing untoward gets passed to you by mistake.

You will need to have a CF function the equivalent of urldecode() to work out the correct value.

If not, then this is the simplest version you could use ...

<?php
error_reporting(E_ALL);

$sParams = 'FromHandler=True';

$aRequiredVars = array('cart_order_ID', 'Credit_card_processed', 'total');

foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
      {
      if (isset($_POST[$sRequiredVar])) // Have we received it?
            {
            $sParams .= '&' . $sRequiredVar . '=' . $_POST[$sRequiredVar]; // Add it to the parameters for the next page with a key to show the source.
            }
      }

echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="10; url=https://mydomain.com/myfile.cfm?{$sParams}">
</head>
<body>
Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://mydomain.com/myfile.cfm?{$sParams}">here</a>.
</body>
<html>
END_HTML;
?>
0
 

Author Comment

by:MMsabry
ID: 12307578
hi, it still does not work, it simply says that "Element CREDIT_CARD_PROCESSED is undefined in URL."
here is the code
<?php
error_reporting(E_ALL);

$sParams = 'FromHandler=True';

$aSourceArrays = array('P' => $_POST, 'G' => $_GET, 'C' => $_COOKIE);
$aRequiredVars = array('cart_order_ID', 'Credit_card_processed', 'total');

foreach($aSourceArrays as $sSourceKey => $aSourceArray) // Examine each of the source arrays.
     {
     foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
          {
          if (isset($sRequiredVar, $aSourceArray)) // Does the variable exist in the source array?
               {
               $sParams .= '&' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$sRequiredVar]); // Add it to the parameters for the next page with a key to show the source.
               }
          }
     }
echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="5; url=url?{$sParams}">
</head>
<body>
Thank you for your Registration. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="url?{$sParams}">here</a>.
</body>
<html>
END_HTML;
?>
0
 

Author Comment

by:MMsabry
ID: 12307585
sorry that was the wrong one
here is the one that I'm trying
<?php
error_reporting(E_ALL);

$sParams = 'FromHandler=True';

$aSourceArrays = array('P' => $_POST, 'G' => $_GET, 'C' => $_COOKIE);
$aRequiredVars = array('cart_order_ID', 'credit_card_processed', 'total');

foreach($aSourceArrays as $sSourceKey => $aSourceArray) // Examine each of the source arrays.
     {
     foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
          {
          if (isset($aSourceArray[$sRequiredVar])) // Does the variable exist in the source array?
               {
               $sParams .= '&' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$sRequiredVar]); // Add it to the parameters for the next page with a key to show the source.
               }
          }
     }

echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="5; url=url?{$sParams}">
</head>
<body>
Thank you for your Registration. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="url?{$sParams}">here</a>.
</body>
<html>
END_HTML;
?>
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12307671
Ok.

Alter the HTML bit so the "here" bit of the anchor is "here {$sParams}".

This will tell us what parameters are being sent and what values.

Richard.
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12307757
Are you sure that the CF page want's the parameters as part of the URL (i.e. it is looking for a GET method).

2Checkout are using POST to send you the data.

If so, then you will need to probably POST the data onto your page.

If so, try this PHP file.

<html>
<head>
<title>Auto forwarder to invoice</title>
</head>
<body>
<form name="Auto" method="POST" action="https://yoururl.cf">
<?php

$aRequiredVars = array('cart_order_ID', 'credit_card_processed', 'total');

foreach($aRequiredVars as $sVar)
      {
      if (isset($_POST[$sVar]))
            {
            echo '<input type="hidden" name="' . $sVar . '" value="' . $_POST[$sVar] . '">';
      }

?>
</form>
<script language="JavaScript"><!--
document.Auto.submit();
//--></script>
</body>
</html>
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12307770
The JavaScript at the bottom may need to be ...

document.forms('Auto').submit();

Richard.
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12307778
What happens here is that when the direct return is called, 2checkout get a page which contains a hidden form and an autosubmit.

This is the returned to the user which then submits the form and gets the https:... output.

Richard.
0
 

Author Comment

by:MMsabry
ID: 12307935
That is alright, I think there was some spaces in the variables names, that some how caused a problem it all works fine now.
I just have to small questions on the side
first, do you recommend any sources for learning PHP, since It seems that one should learn this also to save the day!
sec. this javascript your gave me, can that be done in a way that it would display a page for about 5 sec. then do the autosubmit?
thanks once more
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12307993
Try

<script language="JavaScript"><!--
function Tick()
      {
      document.Auto.submit();
      }

setTimeout(Tick(), 5000);
//--></script>


Richard.
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12308039
Depending up on your programming experience, I'd get the Wrox PHP books and the PHP Online Manual.

Something that would help is a good grounding in OOP for PHP 5 and a server of your own to play with.

Richard.
0
 

Author Comment

by:MMsabry
ID: 12308421
is there other variation to the auto submit script you showed, this one does nothing!
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 12308593
Hey! Look, I know my JS is a little rusty ...

<script language="JavaScript"><!--
function Tick()
     {
     document.Auto.submit();
     }

setTimeout("Tick()", 5000);
//--></script>

The setTimeout function has 2 parameters. The first is a string which is the name of the function to run and then the delay.

Richard.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

This article will explain how to display the first page of your Microsoft Word documents (e.g. .doc, .docx, etc...) as images in a web page programatically. I have scoured the web on a way to do this unsuccessfully. The goal is to produce something …
Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now