MMsabry
asked on
Making this script robust
So I need this script as a middle page between my online processor and my web page scripts that are written in Coldfusion.
Since I have not experince, and am really pressured for time, I ask you guys to help.
this script works fine, but apparently to get the online processor to automatically send my users back to my site, they need (according to them) to pull this page and some how store it on their site, which in this case you can see that this code will generate problems, if the variables are not passed in. Here is exactly what they say,
"When you have URLs entered in for return and have it set to "Yes", if our server receives and error from yours, it will put Direct Return to "No" for that transaction, therefore removing the button. This is exactly what I am seeing on your account. I spoke with one of our developers just to be sure, and he explained to me that we were receiving a 500 error from your server and this is why it is happening. You can see that errors are generated immediately. Specifically it is with how your script handles the cart_order_id and index parameters. You should make your script as robust as possible, so that it can handle every scenario that a customer might generate because if your script makes an error that our server receives, you will experience exactly what is happening here today. "
<?php
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}& credit_car d_processe d={_POST[' credit_car d_processe d']}&total ={$_POST[' total']}") ;
?>
can you guys please help
Since I have not experince, and am really pressured for time, I ask you guys to help.
this script works fine, but apparently to get the online processor to automatically send my users back to my site, they need (according to them) to pull this page and some how store it on their site, which in this case you can see that this code will generate problems, if the variables are not passed in. Here is exactly what they say,
"When you have URLs entered in for return and have it set to "Yes", if our server receives and error from yours, it will put Direct Return to "No" for that transaction, therefore removing the button. This is exactly what I am seeing on your account. I spoke with one of our developers just to be sure, and he explained to me that we were receiving a 500 error from your server and this is why it is happening. You can see that errors are generated immediately. Specifically it is with how your script handles the cart_order_id and index parameters. You should make your script as robust as possible, so that it can handle every scenario that a customer might generate because if your script makes an error that our server receives, you will experience exactly what is happening here today. "
<?php
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}&
?>
can you guys please help
The only strange thing I see is:
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}& credit_car d_processe d={_POST[' credit_car d_processe d']}&total ={$_POST[' total']}") ;
might be
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}& credit_car d_processe d={$_POST[ 'credit_ca rd_process ed']}&tota l={$_POST[ 'total']}" );
But if that is not the problem you might describe the situation a little bit more in detail and with more code-snipset
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}&
might be
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}&
But if that is not the problem you might describe the situation a little bit more in detail and with more code-snipset
Does your script exists only of thart one line.
From which post-form is that URL for redirect called??
From which post-form is that URL for redirect called??
The notices come from undefined variables which means that the neccessary information is not posted to that php-script containig the header(...)
ASKER
Yes, guys I know that, I need to write something in PHP that will stop this code from generating errors if the variables are not passed in.
In coldfusion I would have made a loop over the submitted from variables (if form variables are passed) and then check each variable has a value
if everything is fine, the redirect to the second page occurs. If there is no form variables passed, then I would not do the loop and send the user to
a different page which displays an error message. the same if one of the variables is not passed in. My problem is that I do not know PHP at all,
I'm completely new to the web development, and only worked with coldfusion.
thanks
In coldfusion I would have made a loop over the submitted from variables (if form variables are passed) and then check each variable has a value
if everything is fine, the redirect to the second page occurs. If there is no form variables passed, then I would not do the loop and send the user to
a different page which displays an error message. the same if one of the variables is not passed in. My problem is that I do not know PHP at all,
I'm completely new to the web development, and only worked with coldfusion.
thanks
In that script you are accessing POST-parameters. Is that formdata realy posted or is the get-method of the form used.
to check for variables in PHP you can use:
<?php
$error = false;
if (empty($_POST['cart_order_ id'])) {
// missing order-id
$error = true;
}
if (!$error) {
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}& credit_car d_processe d={$_POST[ 'credit_ca rd_process ed']}&tota l={$_POST[ 'total']}" );
exit;
}
// show eeror-messages
Maybe the script works if you replace $_POST by $_REQUEST, which combines the Get, Post and Cookievariables into that one array. So you don't need to worry about where your variables come from.
Have a look at http://de.php.net/manual/en/tutorial.forms.php how to deal with forms in PHP
to check for variables in PHP you can use:
<?php
$error = false;
if (empty($_POST['cart_order_
// missing order-id
$error = true;
}
if (!$error) {
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}&
exit;
}
// show eeror-messages
Maybe the script works if you replace $_POST by $_REQUEST, which combines the Get, Post and Cookievariables into that one array. So you don't need to worry about where your variables come from.
Have a look at http://de.php.net/manual/en/tutorial.forms.php how to deal with forms in PHP
two options from my perspective
1) supress the errors OR 2) give them default values if they are empty
1 eg)
header("Location: https://mydomain.com/myfile.cfm?cart_order_id=".@$_POST['cart_order_id'] ."&credit_ card_proce ssed=".@$_ POST['cred it_card_pr ocessed']. "&total=". @$_POST['t otal'])
2 eg)
if (empty($_POST['cart_order_ id'])) $_POST['cart_order_id'] = "defaultvalue";
if (empty($_POST['credit_card _processed '])) $_POST['credit_card_proces sed'] = "defaultvalue";
if (empty($_POST['total'])) $_POST['total'] = "defaultvalue";
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}& credit_car d_processe d={$_POST[ 'credit_ca rd_process ed']}&tota l={$_POST[ 'total']}" );
1) supress the errors OR 2) give them default values if they are empty
1 eg)
header("Location: https://mydomain.com/myfile.cfm?cart_order_id=".@$_POST['cart_order_id']
2 eg)
if (empty($_POST['cart_order_
if (empty($_POST['credit_card
if (empty($_POST['total'])) $_POST['total'] = "defaultvalue";
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}&
just read
"In coldfusion I would have made a loop over the submitted from variables (if form variables are passed) and then check each variable has a value
if everything is fine"
in which case my first example above should be fine.
That will prevent the notices generated if the POST indexes don't exists and will subsequently prevent the header cannot be modified error (cant modify it because of the outputed errors before the header).
You could also achieve the same thing doing the following, which will reduce the level of error checking in the script and thus not show the notices:
<?php
error_reporting(E_ALL ^ E_NOTICE);
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}& credit_car d_processe d={$_POST[ 'credit_ca rd_process ed']}&tota l={$_POST[ 'total']}" );
?>
"In coldfusion I would have made a loop over the submitted from variables (if form variables are passed) and then check each variable has a value
if everything is fine"
in which case my first example above should be fine.
That will prevent the notices generated if the POST indexes don't exists and will subsequently prevent the header cannot be modified error (cant modify it because of the outputed errors before the header).
You could also achieve the same thing doing the following, which will reduce the level of error checking in the script and thus not show the notices:
<?php
error_reporting(E_ALL ^ E_NOTICE);
header("Location: https://mydomain.com/myfile.cfm?cart_order_id={$_POST['cart_order_id']}&
?>
Why do you need PHP if you know CF?
What are you doing in PHP (or trying to do) that you can't do in CF?
What are you doing in PHP (or trying to do) that you can't do in CF?
ASKER
The problem is not in me, the problem is in the online credit card processor, something is wrong with their processor! It would not allow direct pass back of the variables to my site(the user is automatically sent back to my site with some variables). The frist thing they told me when I first contacted them for this problem was "it is probably bec. your script pages have the extension .cfm and our server might not recognize it as a script lang." so I came up with the idea to use a middle page to receive these vriables and send them to my page.
any way even after stoping the page from generating an error it still does not wrok, and here is what they say " Hello ,
Not all scripts support Direct Return. If it dosent work with your script, we
would recommend that you leave it set to off."
This is a company is called 2checkout.com, and we urgently need the online payment gatway, but since we are located outside the US, it is a lengthy process to setup full internet marchent account and do it fully, which I think we will definitly do next time, but for now we need either to fix this problem or find another company that would allow international accounts to be opened.
PS if you were wondering why I want the user to be sent back, they get their invoices this way!
any way even after stoping the page from generating an error it still does not wrok, and here is what they say " Hello ,
Not all scripts support Direct Return. If it dosent work with your script, we
would recommend that you leave it set to off."
This is a company is called 2checkout.com, and we urgently need the online payment gatway, but since we are located outside the US, it is a lengthy process to setup full internet marchent account and do it fully, which I think we will definitly do next time, but for now we need either to fix this problem or find another company that would allow international accounts to be opened.
PS if you were wondering why I want the user to be sent back, they get their invoices this way!
So.
The user fills in some forms (buys things, credit card details, etc).
You take these bits and pass them "send" them to 2checkout.com.
What method do you use?
An alternative handler COULD be ...
<?php
$sParams = 'FromHandler=True';
if (count($_POST) > 0)
{
foreach($_POST as $sKey => $sValue)
{
$sParams .= '&POST_' . urlencode($sKey) . '=' . urlencode($sValue);
}
}
if (count($_GET) > 0)
{
foreach($_GET as $sKey => $sValue)
{
$sParams .= '&GET_' . urlencode($sKey) . '=' . urlencode($sValue);
}
}
if (count($_COOKIE) > 0)
{
foreach($_COOKIE as $sKey => $sValue)
{
$sParams .= '&COOKIE_' . urlencode($sKey) . '=' . urlencode($sValue);
}
}
header('Location: https://mydomain.com/myfile.cfm?' . $sParams);
?>
This way, you will get all the POST, GET and COOKIE variables sent to you to pass to your CF page.
You can now deal with them in any way you like.
Richard.
The user fills in some forms (buys things, credit card details, etc).
You take these bits and pass them "send" them to 2checkout.com.
What method do you use?
An alternative handler COULD be ...
<?php
$sParams = 'FromHandler=True';
if (count($_POST) > 0)
{
foreach($_POST as $sKey => $sValue)
{
$sParams .= '&POST_' . urlencode($sKey) . '=' . urlencode($sValue);
}
}
if (count($_GET) > 0)
{
foreach($_GET as $sKey => $sValue)
{
$sParams .= '&GET_' . urlencode($sKey) . '=' . urlencode($sValue);
}
}
if (count($_COOKIE) > 0)
{
foreach($_COOKIE as $sKey => $sValue)
{
$sParams .= '&COOKIE_' . urlencode($sKey) . '=' . urlencode($sValue);
}
}
header('Location: https://mydomain.com/myfile.cfm?' . $sParams);
?>
This way, you will get all the POST, GET and COOKIE variables sent to you to pass to your CF page.
You can now deal with them in any way you like.
Richard.
If you don't want to pass the $sParams direct to your name page, then don't. Pass it to another CF script where you can work out what you want in an environment you are happier to work in.
Richard.
Richard.
"name"? "main".
ASKER
I will try your code, it might be the problem that I only use three out of many parameters they send, but one would generally think that should not be a problem for their script, we will see,
thanks
thanks
ASKER
I use post (recommended by 2checkout) to send my pramters to them.
But I'm not sure in which formate they do send them, but i think they
send them as hidden form fields using the post method too!
But I'm not sure in which formate they do send them, but i think they
send them as hidden form fields using the post method too!
The concept of "hidden" only applies to forms in a browser.
Once submitted, they are (normally) either GET or POST variables. This depends upon the form's method property.
I would alter the code I sent to ...
<pre>
<?php
foreach(array($_GET, $_POST, $_COOKIE) as $aArray) { print_r($aArray); }
?>
</pre>
to see exactly what is being sent to you.
Richard.
Once submitted, they are (normally) either GET or POST variables. This depends upon the form's method property.
I would alter the code I sent to ...
<pre>
<?php
foreach(array($_GET, $_POST, $_COOKIE) as $aArray) { print_r($aArray); }
?>
</pre>
to see exactly what is being sent to you.
Richard.
I think we determined in the last question that the data was coming from a form using the POST method.
ASKER
ok, so this modification worked
<pre>
<?php
foreach(array($_GET, $_POST, $_COOKIE) as $aArray) { print_r($aArray); }
?>
</pre>
It did redirect back to my page, and i had only the second array displaying results, so I guess that is the post method.
now do you think your other script, the one that should actually work, will work?
<pre>
<?php
foreach(array($_GET, $_POST, $_COOKIE) as $aArray) { print_r($aArray); }
?>
</pre>
It did redirect back to my page, and i had only the second array displaying results, so I guess that is the post method.
now do you think your other script, the one that should actually work, will work?
ASKER
nope I put that code up there and it did not redirect! I really do not understand!
Back to my first script then and instead of the header() line , use ...
echo '<a href="https://mydomain.com/myfile.cfm?' . $sParams . '">$sParams</a>';
This SHOULD show a link to YOUR page.
You SHOULD be able to click it and it should work.
If not, then the page name is NOT right OR your page is rejecting the request. In which case what conditions need to be applied (sessions probably) to allow this page to accept requests?
echo '<a href="https://mydomain.com/myfile.cfm?' . $sParams . '">$sParams</a>';
This SHOULD show a link to YOUR page.
You SHOULD be able to click it and it should work.
If not, then the page name is NOT right OR your page is rejecting the request. In which case what conditions need to be applied (sessions probably) to allow this page to accept requests?
I would also add in ...
<?php
error_reporting(E_ALL);
...
?>
at the top so we can see ALL errors, warnings and notices. Just in case I've done something wrong.
Richard.
<?php
error_reporting(E_ALL);
...
?>
at the top so we can see ALL errors, warnings and notices. Just in case I've done something wrong.
Richard.
ASKER
Ok, may be I was not clear,
The company (2checkout) offers two possibilities after the user has paid,
1- he is provieded with a button which if he/she clicks they are sent back to my site (this works perfectly, even with the cfm pages)
2- direct return, where there is not button, but the user is automatically sent back to my site. This is what we need, the user should not be given the chance to forget to click the link.
Also regarding the errors, if there is anything wrong, one just does not leave the processor's page, so i can never see what error is generated, this is why I'm so frustrated.
so i am trying to get the direct pass back to work!
The company (2checkout) offers two possibilities after the user has paid,
1- he is provieded with a button which if he/she clicks they are sent back to my site (this works perfectly, even with the cfm pages)
2- direct return, where there is not button, but the user is automatically sent back to my site. This is what we need, the user should not be given the chance to forget to click the link.
Also regarding the errors, if there is anything wrong, one just does not leave the processor's page, so i can never see what error is generated, this is why I'm so frustrated.
so i am trying to get the direct pass back to work!
So. For a direct return you need to tell them where to go? (No pun intended).
They need to know the name of the page that is going to be sent to the user.
Now. The purpose of the link I made is to make sure that IF the direct return was working, the actual information sent by them would actually get to were it was needed.
I assume this is running on a test system!
If not, then how on earth can you test it!
The errors I am talking about are PHP errors.
It MAY be that they grab a page from you, wrap it up in their code and then supply this back to you.
Obviously, you cannot redirect in this page.
Can you provide a list of ALL the parameters you send to them. All form variables, all URL parameters, etc.
An example site would also be useful.
They need to know the name of the page that is going to be sent to the user.
Now. The purpose of the link I made is to make sure that IF the direct return was working, the actual information sent by them would actually get to were it was needed.
I assume this is running on a test system!
If not, then how on earth can you test it!
The errors I am talking about are PHP errors.
It MAY be that they grab a page from you, wrap it up in their code and then supply this back to you.
Obviously, you cannot redirect in this page.
Can you provide a list of ALL the parameters you send to them. All form variables, all URL parameters, etc.
An example site would also be useful.
a Direct return would just be
<?php
header("location: http://yoursite.com");
?>
however if this is happening on a server that is not in your control then how does the direct return work, i am presuming you have to set the value using the query string? so you would append something like &direct_return=yes
<?php
header("location: http://yoursite.com");
?>
however if this is happening on a server that is not in your control then how does the direct return work, i am presuming you have to set the value using the query string? so you would append something like &direct_return=yes
ASKER
Ok, on their processor, I just have to indicate URL to the page that should receive the parameters back from them.
the parameters I send are: sid=xxxxx&total=XXXXXXXXXX &cart_orde r_id=xxxx. I post them to the site.
I think that is the problem, that they do grab my page!
the parameters I send are: sid=xxxxx&total=XXXXXXXXXX
I think that is the problem, that they do grab my page!
ASKER
so the echo is workning fine
!
!
I have been trying to find out how their system works but couldn't find anything about the query string to handle the direct return, so far just a modification in the control panel: http://www.mals-e.com/support/2checkoutsetup1.htm
ASKER
But not the redirect, is it possible to include a cfm file in a php?
but in this case i have no idea how would i reference the variables in the script, but i will try that.
So my quesiton is,
is it possible to include a .cfm file in php? And if that is possible,
what would be the code?
thanks
but in this case i have no idea how would i reference the variables in the script, but i will try that.
So my quesiton is,
is it possible to include a .cfm file in php? And if that is possible,
what would be the code?
thanks
<?php
include('filename.cfm');
?>
include('filename.cfm');
?>
Ah!
Just because you can include a file, it will NOT get any parameters they send to you.
Also, the cfm file will NOT be parsed through the CF engine! So, you will get a lot of errors as PHP tries to understand the cfm file.
<?php
readfile('http://www.yoursite.com/page.cfm?params');
?>
May be what you want.
When your page is read, it will read the cfm page (along with any parameters you pass it) and then send that off to the caller.
Richard.
Just because you can include a file, it will NOT get any parameters they send to you.
Also, the cfm file will NOT be parsed through the CF engine! So, you will get a lot of errors as PHP tries to understand the cfm file.
<?php
readfile('http://www.yoursite.com/page.cfm?params');
?>
May be what you want.
When your page is read, it will read the cfm page (along with any parameters you pass it) and then send that off to the caller.
Richard.
ASKER
ok, here is the error when i try to use the readfile
Notice: readfile(): Unable to find the wrapper "https" - did you forget to enable it when you configured PHP? in d:\inetpub\mydomain\redire ct.php on line 28
Warning: readfile(https://...@mydomain.com&street_address=sr&city=Chemnitz&product_id=&ship_city=&cart_order_id=12345678&tcoid=cc3544eb5b8e3f1dcb9dd9f342cca6a9&country=Germany&order_number=1575763148&merchant_order_id=&cart_id=12345678&ship_state=&demo=Y&ship_street_address=&quantity=1&total=528.00&phone=+49-371-531-4807&credit_card_processed=Y&zip=99999&merchant_product_id=12345678&ship_name=&card_holder_name=Mohamed name-fname): failed to open stream: No such file or directory in d:\inetpub\mydomain\redire ct.php on line 28
Here is how I wrote line 28:
readfile('https://www648.ssldomain.com/mydomain/templates/invoice.cfm?' . $sParams);
Notice: readfile(): Unable to find the wrapper "https" - did you forget to enable it when you configured PHP? in d:\inetpub\mydomain\redire
Warning: readfile(https://...@mydomain.com&street_address=sr&city=Chemnitz&product_id=&ship_city=&cart_order_id=12345678&tcoid=cc3544eb5b8e3f1dcb9dd9f342cca6a9&country=Germany&order_number=1575763148&merchant_order_id=&cart_id=12345678&ship_state=&demo=Y&ship_street_address=&quantity=1&total=528.00&phone=+49-371-531-4807&credit_card_processed=Y&zip=99999&merchant_product_id=12345678&ship_name=&card_holder_name=Mohamed name-fname): failed to open stream: No such file or directory in d:\inetpub\mydomain\redire
Here is how I wrote line 28:
readfile('https://www648.ssldomain.com/mydomain/templates/invoice.cfm?' . $sParams);
Ah.
Can you create a file ...
<?php
phpinfo();
?>
Save this within the web doc path as info.php
and then launch it from your browser.
Look for openssl.
openssl
OpenSSL support enabled
OpenSSL Version OpenSSL 0.9.7c 30 Sep 2003
If you do not have this installed, then you will need to edit your PHP.INI file and add in the openssl extension and then restart the webserver.
Then re-run the info.php script and check to see if the OpenSSL is loaded.
Then retry the script with readfile.
If this does not work, then you could create a CFM page which did the same thing as the PHP script.
What EXCATLY happens if you tell the payment people that the page to go to is "https://www648.ssldomain.com/mydomain/templates/invoice.cfm"?
Do you get an error or does nothing happen?
Richard.
Can you create a file ...
<?php
phpinfo();
?>
Save this within the web doc path as info.php
and then launch it from your browser.
Look for openssl.
openssl
OpenSSL support enabled
OpenSSL Version OpenSSL 0.9.7c 30 Sep 2003
If you do not have this installed, then you will need to edit your PHP.INI file and add in the openssl extension and then restart the webserver.
Then re-run the info.php script and check to see if the OpenSSL is loaded.
Then retry the script with readfile.
If this does not work, then you could create a CFM page which did the same thing as the PHP script.
What EXCATLY happens if you tell the payment people that the page to go to is "https://www648.ssldomain.com/mydomain/templates/invoice.cfm"?
Do you get an error or does nothing happen?
Richard.
ASKER
nothing happens, for the cfm page
ASKER
well I cannot restart the server, that is not my server, this is on a shared hosting plane.
and no Openssl is not installed.
and no Openssl is not installed.
Ok.
What about sending it to an unsecured cfm page?
On this one, you do the same sort of thing as the secured one.
Is the issue https or cfm?
What about sending it to an unsecured cfm page?
On this one, you do the same sort of thing as the secured one.
Is the issue https or cfm?
ASKER
I have tried that already, but did not seem to work
I'm trying different things now so i will see where is the problem
since the 2checkout support is not helping at all
May be I just have to change the whole page from cfm to php, the problem is that I have no clue about php other than what ever you guys just wrote here!
I'm trying different things now so i will see where is the problem
since the 2checkout support is not helping at all
May be I just have to change the whole page from cfm to php, the problem is that I have no clue about php other than what ever you guys just wrote here!
And I have no idea of CF! But it can't be that hard!
What do you do in your CF page?
What do you do in your CF page?
ASKER
simple, I get some values from the session, and the values posted back to me from the processor.
Update an sql db, then display the whole thing out, where using a couple of ifs and some html I generate an invoice that looks readeable.
that is all
Update an sql db, then display the whole thing out, where using a couple of ifs and some html I generate an invoice that looks readeable.
that is all
ASKER
oh, and then I send an e-mail to me and the user
The only issue then is probably the session details.
Do you know if the data you send to 2checkout always comes back?
What I mean is if you created a string containing all the data you want to pass to PHP (i.e. the session data), would they send it back to you in the request to the PHP page?
They should.
If you have (for example), a session variable, which they send back to you (so you think the user is the actual caller, not them), then this can be missued.
So.
In your cfm file, you need to build a string of all the data that exists in the session.
Obviously, things like resource handles are no good as they won't exist in PHP in the same way or at all.
I suppose the answer of what to include is dependent upon the requirement of the script that updates the DB and emails.
Anything that is grabbed from the session in the update db script will need to be converted into a string in the script that talks to 2checkout. The string is sent as the session variable.
Now.
When your new PHP page gets a call, it will examine the session string, decode it into variables and do the same work as the cfm page was.
So. Can you include the source of the CFM page that you are NOT getting any connection with?
Remove any passwords or security IDs please! For YOUR safety!!!!
Replace them with something like ...
__PASSWORD__
Richard.
Do you know if the data you send to 2checkout always comes back?
What I mean is if you created a string containing all the data you want to pass to PHP (i.e. the session data), would they send it back to you in the request to the PHP page?
They should.
If you have (for example), a session variable, which they send back to you (so you think the user is the actual caller, not them), then this can be missued.
So.
In your cfm file, you need to build a string of all the data that exists in the session.
Obviously, things like resource handles are no good as they won't exist in PHP in the same way or at all.
I suppose the answer of what to include is dependent upon the requirement of the script that updates the DB and emails.
Anything that is grabbed from the session in the update db script will need to be converted into a string in the script that talks to 2checkout. The string is sent as the session variable.
Now.
When your new PHP page gets a call, it will examine the session string, decode it into variables and do the same work as the cfm page was.
So. Can you include the source of the CFM page that you are NOT getting any connection with?
Remove any passwords or security IDs please! For YOUR safety!!!!
Replace them with something like ...
__PASSWORD__
Richard.
ASKER
Hi, so I figured out (as you said) that the problem was the "session" They do pull my page into their server, and thus if it depends on the session information, it will generate an error.
So to minimize the amount of reprogramming I have to do (since I'm running out of time) Here is the two things I am going to do,
First option (which is the easiest) is to use the "echo" instead of the "header" but I need to be able to formate this link, since at the moment it only appears at the top left corner, I need to make it a little bigger and in the middle of the page, I tried using html, but i guess i was doing it in a wrong way since it did not change anything.
second option is to still use the "echo" but with a "referesh" then I have a delay of about 3 sec. before it redirects to my page.
any help on these two issues would be great
thanks
So to minimize the amount of reprogramming I have to do (since I'm running out of time) Here is the two things I am going to do,
First option (which is the easiest) is to use the "echo" instead of the "header" but I need to be able to formate this link, since at the moment it only appears at the top left corner, I need to make it a little bigger and in the middle of the page, I tried using html, but i guess i was doing it in a wrong way since it did not change anything.
second option is to still use the "echo" but with a "referesh" then I have a delay of about 3 sec. before it redirects to my page.
any help on these two issues would be great
thanks
Do they send the session back to you?
If they do NOT send the session back to you (I think they have to as they need the session info to carry on working...).
The page with the print_r($_POST) bit, can you show me some output from this as I need to know the variable names they are using.
The page with the print_r($_POST) bit, can you show me some output from this as I need to know the variable names they are using.
ASKER
I am not sure that i understand, they send there own session back, but this is not what I'm using, since I pull some info from the db and add this information to the session while the user is loggedin. This is what was causing the problem, in the last page (which I was trying to get them to redirect to) I need some of this information. I have tried to send them all the session info that I have, but that did not work, Although they say that any variables I will pass to them they will pass back, i think they have put a cap on how much can be sent.
here are all the varibales they pass back. But I do not need all of that I only use "cart_order_ID, Credit_card_processed, and total" since I pull the rest of the info. from my db.
# order_number - 2Checkout.com order number
# card_holder_name - Card holder's name
# street_address - Card holder's address
# city - Card holder's city
# state - Card holder's state
# zip - Card holder's zip
# country - Card holder's country
# email - Card holder's email
# phone - Card holder's phone
# cart_order_id - Your cart ID number passed in.
# cart_id - Your cart ID number passed in.
# credit_card_processed - Y if successful, K if waiting for approval
# total - Total purchase amount.
# ship_name - Shipping information
# ship_street_address - Shipping information
# ship_city - Shipping information
# ship_state - Shipping information
# ship_zip - Shipping information
# ship_country - Shipping information
If possible can you indicate how can i formate the link in the php file, and also how to do this redirect with some time delay, in cf I would do it like thisk
<cfheader name="referesh" value="3; url=mytargetpage.cfm">
here are all the varibales they pass back. But I do not need all of that I only use "cart_order_ID, Credit_card_processed, and total" since I pull the rest of the info. from my db.
# order_number - 2Checkout.com order number
# card_holder_name - Card holder's name
# street_address - Card holder's address
# city - Card holder's city
# state - Card holder's state
# zip - Card holder's zip
# country - Card holder's country
# email - Card holder's email
# phone - Card holder's phone
# cart_order_id - Your cart ID number passed in.
# cart_id - Your cart ID number passed in.
# credit_card_processed - Y if successful, K if waiting for approval
# total - Total purchase amount.
# ship_name - Shipping information
# ship_street_address - Shipping information
# ship_city - Shipping information
# ship_state - Shipping information
# ship_zip - Shipping information
# ship_country - Shipping information
If possible can you indicate how can i formate the link in the php file, and also how to do this redirect with some time delay, in cf I would do it like thisk
<cfheader name="referesh" value="3; url=mytargetpage.cfm">
You can't just redirect WITHOUT also supplying the session id. The session is the glue that joins one page request to another.
I am surprised that the details they send back does NOT include the session! VERY surprised!!
I would try the following php file as the direct return page.
<?php
$sParams = 'FromHandler=True';
$aSourceArrays = array('P' => $_POST, 'G' => $_GET, 'C' => $_COOKIE);
$aRequiredVars = array('cart_order_ID', 'Credit_card_processed', 'total');
foreach($aSourceArrays as $sSourceKey => $aSourceArray) // Examine each of the source arrays.
{
foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
{
if (in_array($sRequiredVar, $aSourceArray) // Does the variable exist in the source array?
{
$sParams .= '&' . $sSourceKey . '_' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$s RequiredVa r]); // Add it to the parameters for the next page with a key to show the source.
}
}
echo << END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="10; url=https://mydomain.com/myfile.cfm?{$sParams}">
</head>
<body>
Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://mydomain.com/myfile.cfm?{$sParams}">here</a> .
</body>
<html>
END_HTML;
?>
?>
Your CF page needs to look at the GET parameters and extract the required info. The fields could be ...
C_card_order_ID
P_cart_order_ID
G_cart_order_ID
C_Credit_card_processed
P_Credit_card_processed
G_Credit_card_processed
C_total
G_total
P_total
Richard.
I am surprised that the details they send back does NOT include the session! VERY surprised!!
I would try the following php file as the direct return page.
<?php
$sParams = 'FromHandler=True';
$aSourceArrays = array('P' => $_POST, 'G' => $_GET, 'C' => $_COOKIE);
$aRequiredVars = array('cart_order_ID', 'Credit_card_processed', 'total');
foreach($aSourceArrays as $sSourceKey => $aSourceArray) // Examine each of the source arrays.
{
foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
{
if (in_array($sRequiredVar, $aSourceArray) // Does the variable exist in the source array?
{
$sParams .= '&' . $sSourceKey . '_' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$s
}
}
echo << END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="10; url=https://mydomain.com/myfile.cfm?{$sParams}">
</head>
<body>
Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://mydomain.com/myfile.cfm?{$sParams}">here</a>
</body>
<html>
END_HTML;
?>
?>
Your CF page needs to look at the GET parameters and extract the required info. The fields could be ...
C_card_order_ID
P_cart_order_ID
G_cart_order_ID
C_Credit_card_processed
P_Credit_card_processed
G_Credit_card_processed
C_total
G_total
P_total
Richard.
ASKER
The above code gives an error:
Parse error: parse error, unexpected '{' in d:\inetpub\mydomain\redire ct.php on line 13
12: if (in_array($sRequiredVar, $aSourceArray) // Does the variable exist in the source array?
13: {
14: $sParams .= '&' . $sSourceKey . '_' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$s RequiredVa r]); // Add it to the parameters for the next page with a key to show the source.
15: }
Parse error: parse error, unexpected '{' in d:\inetpub\mydomain\redire
12: if (in_array($sRequiredVar, $aSourceArray) // Does the variable exist in the source array?
13: {
14: $sParams .= '&' . $sSourceKey . '_' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$s
15: }
Line 12 ...
if (in_array($sRequiredVar, $aSourceArray)) // Does the variable exist in the source array?
Missed a ) before the // comment .
if (in_array($sRequiredVar, $aSourceArray)) // Does the variable exist in the source array?
Missed a ) before the // comment .
ASKER
sorry another error,
Parse error: parse error, unexpected T_SL, expecting ',' or ';' in d:\inetpub\mydomain\redire ct.php on line 18
18: echo << END_HTML
19:<html>
20:<head>
21:<title>Thank you for your order - invoice follows.</title>
22:<meta http-equiv="Refresh" content="10; url=https://www648.ssldomain.com/maydomain/targetpage.cfm?{$sParams}">
23:</head>
24:<body>
25:Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://www648.ssldomain.com/maydomain/targetpage.cfm?{$sParams}">here</a> .
26:</body>
27:<html>
28:END_HTML;
29:?>
30:?>
I have also noticed that you ended your code with two "?>"
Parse error: parse error, unexpected T_SL, expecting ',' or ';' in d:\inetpub\mydomain\redire
18: echo << END_HTML
19:<html>
20:<head>
21:<title>Thank you for your order - invoice follows.</title>
22:<meta http-equiv="Refresh" content="10; url=https://www648.ssldomain.com/maydomain/targetpage.cfm?{$sParams}">
23:</head>
24:<body>
25:Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://www648.ssldomain.com/maydomain/targetpage.cfm?{$sParams}">here</a>
26:</body>
27:<html>
28:END_HTML;
29:?>
30:?>
I have also noticed that you ended your code with two "?>"
Eek. Only 1. And you would have thought I was a programmer!!!
Line 18
echo <<< END_HTML
Needs to be 3 <.
<<< is called heredoc in PHP.
Line 18
echo <<< END_HTML
Needs to be 3 <.
<<< is called heredoc in PHP.
ASKER
More errors, I'm sorry to bother you, but I cannot trouble shoot PHP code!
parse error, unexpected $end on line 34, that is the last line
echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="10; url=https://www648.ssldomain.com/mydomain/targetpage.cfm?{$sParams}">
</head>
<body>
Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://www648.ssldomain.com/mydomain/targetpage.cfm?{$sParams}">here</a> .
</body>
<html>
END_HTML;
?>
<?php
error_reporting(E_ALL);
?>
parse error, unexpected $end on line 34, that is the last line
echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="10; url=https://www648.ssldomain.com/mydomain/targetpage.cfm?{$sParams}">
</head>
<body>
Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://www648.ssldomain.com/mydomain/targetpage.cfm?{$sParams}">here</a>
</body>
<html>
END_HTML;
?>
<?php
error_reporting(E_ALL);
?>
Grrr. I hate untested code!
Try this.
<?php
error_reporting(E_ALL);
$sParams = 'FromHandler=True';
$aSourceArrays = array('P' => $_POST, 'G' => $_GET, 'C' => $_COOKIE);
$aRequiredVars = array('cart_order_ID', 'Credit_card_processed', 'total');
foreach($aSourceArrays as $sSourceKey => $aSourceArray) // Examine each of the source arrays.
{
foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
{
if (in_array($sRequiredVar, $aSourceArray)) // Does the variable exist in the source array?
{
$sParams .= '&' . $sSourceKey . '_' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$s RequiredVa r]); // Add it to the parameters for the next page with a key to show the source.
}
}
}
echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="10; url=https://mydomain.com/myfile.cfm?{$sParams}">
</head>
<body>
Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://mydomain.com/myfile.cfm?{$sParams}">here</a> .
</body>
<html>
END_HTML;
?>
The HTML part you can do what you want with.
Richard.
Try this.
<?php
error_reporting(E_ALL);
$sParams = 'FromHandler=True';
$aSourceArrays = array('P' => $_POST, 'G' => $_GET, 'C' => $_COOKIE);
$aRequiredVars = array('cart_order_ID', 'Credit_card_processed', 'total');
foreach($aSourceArrays as $sSourceKey => $aSourceArray) // Examine each of the source arrays.
{
foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
{
if (in_array($sRequiredVar, $aSourceArray)) // Does the variable exist in the source array?
{
$sParams .= '&' . $sSourceKey . '_' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$s
}
}
}
echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="10; url=https://mydomain.com/myfile.cfm?{$sParams}">
</head>
<body>
Thank you for your order. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="https://mydomain.com/myfile.cfm?{$sParams}">here</a>
</body>
<html>
END_HTML;
?>
The HTML part you can do what you want with.
Richard.
ASKER
so, thank you very much
I had to change the coding (the part where it takes the posted variables from the processor and sends them to the target page) for some reason that did not work,
i tried many things, but still, i have changed the P_ thingy, but no results. So i switched it to the earlier verision that you posted yesterday, and that works fine.
May be I need to use urldecod, when I call the variables on my page, I don't know, i have to try that.
what do you think.
if that all does not work, can you modify your earlier code so that it only posted the three variables that i need, bec. now it also posts my seller id, which is something i do
not like to be disclosed to everyone
thanks
I had to change the coding (the part where it takes the posted variables from the processor and sends them to the target page) for some reason that did not work,
i tried many things, but still, i have changed the P_ thingy, but no results. So i switched it to the earlier verision that you posted yesterday, and that works fine.
May be I need to use urldecod, when I call the variables on my page, I don't know, i have to try that.
what do you think.
if that all does not work, can you modify your earlier code so that it only posted the three variables that i need, bec. now it also posts my seller id, which is something i do
not like to be disclosed to everyone
thanks
ASKER
i think the problem with the code you last posted is that it does not append the variables to the url, i only see "FromHandler=True"
and that is it
and that is it
Can you show me the code you have AND the output it generates.
You will need to do a view source to see this.
Richard.
You will need to do a view source to see this.
Richard.
Eek!
Sorry.
Change the line which is "in_array()..." to ...
if (isset($aSourceArray[$sReq uiredVar]) )
Sorry!!!!
Sorry.
Change the line which is "in_array()..." to ...
if (isset($aSourceArray[$sReq
Sorry!!!!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hi, it still does not work, it simply says that "Element CREDIT_CARD_PROCESSED is undefined in URL."
here is the code
<?php
error_reporting(E_ALL);
$sParams = 'FromHandler=True';
$aSourceArrays = array('P' => $_POST, 'G' => $_GET, 'C' => $_COOKIE);
$aRequiredVars = array('cart_order_ID', 'Credit_card_processed', 'total');
foreach($aSourceArrays as $sSourceKey => $aSourceArray) // Examine each of the source arrays.
{
foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
{
if (isset($sRequiredVar, $aSourceArray)) // Does the variable exist in the source array?
{
$sParams .= '&' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$s RequiredVa r]); // Add it to the parameters for the next page with a key to show the source.
}
}
}
echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="5; url=url?{$sParams}">
</head>
<body>
Thank you for your Registration. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="url?{$sParams}">here </a>.
</body>
<html>
END_HTML;
?>
here is the code
<?php
error_reporting(E_ALL);
$sParams = 'FromHandler=True';
$aSourceArrays = array('P' => $_POST, 'G' => $_GET, 'C' => $_COOKIE);
$aRequiredVars = array('cart_order_ID', 'Credit_card_processed', 'total');
foreach($aSourceArrays as $sSourceKey => $aSourceArray) // Examine each of the source arrays.
{
foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
{
if (isset($sRequiredVar, $aSourceArray)) // Does the variable exist in the source array?
{
$sParams .= '&' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$s
}
}
}
echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="5; url=url?{$sParams}">
</head>
<body>
Thank you for your Registration. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="url?{$sParams}">here
</body>
<html>
END_HTML;
?>
ASKER
sorry that was the wrong one
here is the one that I'm trying
<?php
error_reporting(E_ALL);
$sParams = 'FromHandler=True';
$aSourceArrays = array('P' => $_POST, 'G' => $_GET, 'C' => $_COOKIE);
$aRequiredVars = array('cart_order_ID', 'credit_card_processed', 'total');
foreach($aSourceArrays as $sSourceKey => $aSourceArray) // Examine each of the source arrays.
{
foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
{
if (isset($aSourceArray[$sReq uiredVar]) ) // Does the variable exist in the source array?
{
$sParams .= '&' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$s RequiredVa r]); // Add it to the parameters for the next page with a key to show the source.
}
}
}
echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="5; url=url?{$sParams}">
</head>
<body>
Thank you for your Registration. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="url?{$sParams}">here </a>.
</body>
<html>
END_HTML;
?>
here is the one that I'm trying
<?php
error_reporting(E_ALL);
$sParams = 'FromHandler=True';
$aSourceArrays = array('P' => $_POST, 'G' => $_GET, 'C' => $_COOKIE);
$aRequiredVars = array('cart_order_ID', 'credit_card_processed', 'total');
foreach($aSourceArrays as $sSourceKey => $aSourceArray) // Examine each of the source arrays.
{
foreach($aRequiredVars as $sRequiredVar) // Look for each of the required variables in the source array
{
if (isset($aSourceArray[$sReq
{
$sParams .= '&' . urlencode($sRequiredVar) . '=' . urlencode($aSourceArray[$s
}
}
}
echo <<< END_HTML
<html>
<head>
<title>Thank you for your order - invoice follows.</title>
<meta http-equiv="Refresh" content="5; url=url?{$sParams}">
</head>
<body>
Thank you for your Registration. Your invoice will be shown shortly. If you do not see your invoice, please click <a href="url?{$sParams}">here
</body>
<html>
END_HTML;
?>
Ok.
Alter the HTML bit so the "here" bit of the anchor is "here {$sParams}".
This will tell us what parameters are being sent and what values.
Richard.
Alter the HTML bit so the "here" bit of the anchor is "here {$sParams}".
This will tell us what parameters are being sent and what values.
Richard.
Are you sure that the CF page want's the parameters as part of the URL (i.e. it is looking for a GET method).
2Checkout are using POST to send you the data.
If so, then you will need to probably POST the data onto your page.
If so, try this PHP file.
<html>
<head>
<title>Auto forwarder to invoice</title>
</head>
<body>
<form name="Auto" method="POST" action="https://yoururl.cf">
<?php
$aRequiredVars = array('cart_order_ID', 'credit_card_processed', 'total');
foreach($aRequiredVars as $sVar)
{
if (isset($_POST[$sVar]))
{
echo '<input type="hidden" name="' . $sVar . '" value="' . $_POST[$sVar] . '">';
}
?>
</form>
<script language="JavaScript"><!--
document.Auto.submit();
//--></script>
</body>
</html>
2Checkout are using POST to send you the data.
If so, then you will need to probably POST the data onto your page.
If so, try this PHP file.
<html>
<head>
<title>Auto forwarder to invoice</title>
</head>
<body>
<form name="Auto" method="POST" action="https://yoururl.cf">
<?php
$aRequiredVars = array('cart_order_ID', 'credit_card_processed', 'total');
foreach($aRequiredVars as $sVar)
{
if (isset($_POST[$sVar]))
{
echo '<input type="hidden" name="' . $sVar . '" value="' . $_POST[$sVar] . '">';
}
?>
</form>
<script language="JavaScript"><!--
document.Auto.submit();
//--></script>
</body>
</html>
The JavaScript at the bottom may need to be ...
document.forms('Auto').sub mit();
Richard.
document.forms('Auto').sub
Richard.
What happens here is that when the direct return is called, 2checkout get a page which contains a hidden form and an autosubmit.
This is the returned to the user which then submits the form and gets the https:... output.
Richard.
This is the returned to the user which then submits the form and gets the https:... output.
Richard.
ASKER
That is alright, I think there was some spaces in the variables names, that some how caused a problem it all works fine now.
I just have to small questions on the side
first, do you recommend any sources for learning PHP, since It seems that one should learn this also to save the day!
sec. this javascript your gave me, can that be done in a way that it would display a page for about 5 sec. then do the autosubmit?
thanks once more
I just have to small questions on the side
first, do you recommend any sources for learning PHP, since It seems that one should learn this also to save the day!
sec. this javascript your gave me, can that be done in a way that it would display a page for about 5 sec. then do the autosubmit?
thanks once more
Try
<script language="JavaScript"><!--
function Tick()
{
document.Auto.submit();
}
setTimeout(Tick(), 5000);
//--></script>
Richard.
<script language="JavaScript"><!--
function Tick()
{
document.Auto.submit();
}
setTimeout(Tick(), 5000);
//--></script>
Richard.
Depending up on your programming experience, I'd get the Wrox PHP books and the PHP Online Manual.
Something that would help is a good grounding in OOP for PHP 5 and a server of your own to play with.
Richard.
Something that would help is a good grounding in OOP for PHP 5 and a server of your own to play with.
Richard.
ASKER
is there other variation to the auto submit script you showed, this one does nothing!
Hey! Look, I know my JS is a little rusty ...
<script language="JavaScript"><!--
function Tick()
{
document.Auto.submit();
}
setTimeout("Tick()", 5000);
//--></script>
The setTimeout function has 2 parameters. The first is a string which is the name of the function to run and then the delay.
Richard.
<script language="JavaScript"><!--
function Tick()
{
document.Auto.submit();
}
setTimeout("Tick()", 5000);
//--></script>
The setTimeout function has 2 parameters. The first is a string which is the name of the function to run and then the delay.
Richard.
ASKER
Notice: Undefined index: cart_order_id in d:\inetpub\mydomain\redire
Notice: Undefined index: total in d:\inetpub\mydomain\redire
Warning: Cannot modify header information - headers already sent by (output started at d:\inetpub\mydomainredirec