Sending POST via Curl - Location

Hello, I am using curl to send some POST data to VeriSign so I can process transactions. The thing is, when I run the script, the location in the browser window never changes form my domain to verisign's domain. When I try to enter a test credit card number, verisign's back-end appends a bunch of things to the URL. The URL still contains my domain though so the request fails giving a "Page Not Found" error.

Here is the code I am using. In case you are wondering where these variables are coming from, this code is buried in a class designed to get data and send it to VeriSign.

function CurlPost()
      {
        if(!($curl = curl_init()))
        {
          print("Unable to initialize Curl resource!");
          exit();
        }
        
        // configure the POST to VeriSign's server
        curl_setopt($curl, CURLOPT_URL,
              'https://payments.verisign.com/payflowlink');
        curl_setopt($curl, CURLOPT_POST, TRUE);
        
        // build the string containing all the POST information
        $post_fields = 'LOGIN=' . $this->login .
                                 '&PARTNER=' . $this->partner .
                                 '&AMOUNT=' . $this->orderTotal .
                                 '&TYPE=' . $this->type .
                                 '&NAME=' . $this->name;
               
        curl_setopt($curl, CURLOPT_POSTFIELDS, $post_fields);
        curl_exec($curl);
       }

The URL in my address bar never changes from www.mydomain.com/myscript.php to https://payments.verisign.com/payflowlink as I think it should. This seems to be causing a problem. Not only does VeriSign's form on this page function incorrectly from the screwy URL, but the layout and display of the page (they are using imbedded CSS styles) does not display correctly either.

Help? :)
TallidarAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

iamanindianCommented:
If you want your user to leave your site & move to https://payments.verisign.com/payflowlink, then what is the significance of using Curl? You could have simply used JavaScript to post a form from your site to https://payments.verisign.com/payflowlink  & that would have solved all issues. Isn't it?

Javascript alternative approach:
-----------------------------------------------------------------------
Create a HTML form with all the fields (with proper name) that Verisign wants to receive. Populate the form fields using PHP  & once page is sucessfully loaded & all field populated, call the javascript function submit() to submit this to Verisign.
-----------------------------------------------------------------------

CUrl should also work. But, it appears that Verisogn page tried reading query string & as your URL remained static at "www.mydomain.com/myscript.php", Verisign couldn't read that. Please check with Verisign support (or their integration documents), ideally this shouldn't be the case. Secure transactions don't rely on query string...but the POST fields. So, most likely:
Either you are missing some variables/fields which are required by Verisign
or
Verisgn has some security restriction which is not allowing the POST from "www.mydomain.com/myscript.php"

Regards
WC

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
TallidarAuthor Commented:
The Verisign page supports both POST and GET, but I want to use POST as I do not like having all the information visible as part of the URL. It DOES get all the information I pass it via cURL, but the problem is this...

When you make a form and post it, it seems to both send the information and redirect the broser to the page specified in the "action" part of your <form>. When I use cURL to accomplish essensially the same thing, the PAGE is displayed, but the address in the browser's location bar never changes from that of my site. This is preventing VeriSign's forms from working since they use a query string in the URL.

You see, there is a form on my site that people enter some of their information into. I need to capture that information and put it into my MySQL database, and THEN pass the same information to the VeriSign page for further processing. Can you think of a more intelligent way to accomplish this? Perhaps I am making things more difficult than they should be.
iamanindianCommented:
See..I completely understand your points...but as I have not worked with Verisign before...if you could share some details...like what kind of query string Verisign is asking for (or uses)...it will help me understand situation better.
Javascript form submission works. But...the code remains visible to user (View Source). Curl works...but URL remains unchanged...
Let us see some more details...perhaps something will come up.

Regards
WC
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

TallidarAuthor Commented:
Here is what the site tacks on to the end of the URL when you click the "continue" button on the first page you get to.

SophiaServlet%3BVPSSESSION=CJ7l6JL2K2MSRL58mzlhzpvkLGbnlrTlRbRhWrJRMsG63zKQffZj!-846326680!1007481782?pagecontext=none&FORM_FILE=vps/pfl/entryForm.f00df

Of course when this is added to the URL that has not changed since the user has been on my site, they get a Page Not Found error. Does this help you understand at all?
TallidarAuthor Commented:
I am just worried that with javascript, some people will have it turned off and the form will not work.
iamanindianCommented:
Hmnnn....thanks for sharing the information. I will try & go through Verisign site for some more clarification. Let us see if we can get to something more feasable than Javascript.

Regards
WC
TallidarAuthor Commented:
Hey Iamanindian,

Have you come up with anything yet? I was thinking of having a form that points to the same page it is on. That page puts the information in the databse and then builds a "Please make sure your information is correct" review. When they say "Yes, it's correct," it posts the information normally to the VeriSign site using hidden fields. It is not what I want. I hate having to press like 50 buttons to get something done, but if I can't come up with anything else, I'll have to go this way :(

Let me know if you come up with anything else Iamanindian.

Thanks.
iamanindianCommented:
Sorry friend...I really couldn't manage time.
I understand your point...perhaps you could avoid the click by automating the submission using at the end of the page (just before closing body tag)
------------------------------------------------------
<script language="JavaScript">
document.formname.submit()
</script>
------------------------------------------------------
Wish...I could provide a better solution. :(

WC
TallidarAuthor Commented:
Thanks for giving it a go. Since what you said IS a solution I will give you the points. I think I will go for a more manual two step process. It is not perfect, but it will work without too much trouble.

Take care.
iamanindianCommented:
I will be in touch...will try to work something out (as soon as I get to manage some free hours).
Best wishes to you. You too take care & al the best once again.

Regards
WC
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.