Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

ProTx/SagePay Form Payment - HTML Confirmation Message Field

Posted on 2009-07-09
6
Medium Priority
?
452 Views
Last Modified: 2013-11-29
I have a website to order products. The form method of the ProTx/SagePay service means that we are sending in POST data in PHP to their servers. They allow custom confirmation emails which can include HTML code in the &emailMessage field. For some reason for a number of weeks the confirmations display out like this when emailed (Partiall output).
----------------------------------------------------------------------------------------
 Dear Usman,

Thank you for your order. Your payment has been processed successfully.
html>body>p>Congratulations on your purchase. Your order details are as follows:/p> p> b>Event Name:/b> testbr/> b>Venue:/b> Sheffield Arenabr/> b>Date:/b> 2009-11-04br/> b>Section:/b> Lower Next To Stagebr/> b>Block:/b> 119br/> b>Row:/b> First 25 Rowsbr/> b>Number of Tickets:/b> 1br/> b>Price:/b> £0.01br/> b>Delivery Charge:/b> £5.75br/> b>Total:/b> £5.76br/> /p> p>We will dispatch the tickets as soon as we receive them from our .....

-------------------------------------------------------------------------------------

Please can you view my code. The HTML is clean. I have tested this out manually on a mailto function whilst headers are set to HTML and it works fine.
		$strPost .= "&eMailMessage=<html><body>";
		$strPost .= "<p>Congratulations on your purchase. Your order details are as follows:</p>
					<p>
					<b>Event Name:</b> ".$ItemName."<br/>
					<b>Venue:</b> ".$venue."<br/>
					<b>Date:</b> ".$date."<br/>
					<b>Section:</b> ".$section."<br/>
					<b>Block:</b> ".$block."<br/>
					<b>Row:</b> ".$row."<br/>
					<b>Number of Tickets:</b> ".$qty."<br/>
					<b>Price:</b> &pound;".$price."<br/>
					<b>Delivery Charge:</b> &pound;".($TotPrice - ($price*$qty))."<br/>
					<b>Total:</b> &pound;".$TotPrice."<br/>
 					</p>	
					<p>We will dispatch the order as soon as we receive them from our suppliers. .</p>
					<p>Should you have any queries with regards to your order please call us on 0844 858 4764 or email us at sales@order.co.uk.</p>
					<p>Kind Regards</p>
					<p>Orders<br />
					<a href='http://www.order.co.uk' target='_blank' rel='nofollow'>www.order.co.uk</a></p>" ;
		$strPost .= "</body></html>";

Open in new window

0
Comment
Question by:namsu55
  • 3
  • 2
6 Comments
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 24820977
Obviously the code you have posted is not the culprit.
It must be an html cleaner like
http://www.sitepoint.com/blogs/2006/02/17/safehtml-cleaning-form-input/
that is removing all start tags, rendering the html safe from xss
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 24823554
OOI. Is the message you are receiving been tagged as HTML? If so, try right clicking and do a view source (Outlook) or view original (GMail), etc. Look at what was actually sent rather than seeing what the email client is showing you.

They can be quite different.

Can you show the code which does the communication?
0
 

Author Comment

by:namsu55
ID: 24825033
Cant show you the code which does the communication, the emailMessage field is passed to ProTX on transaction and they send the email.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 40

Expert Comment

by:Richard Quadling
ID: 24825667
Can you do a view source on the mail? Can you send me a mail (through PayTX)? RQuadling at e-e dot com.
0
 

Accepted Solution

by:
namsu55 earned 0 total points
ID: 24899425
It was just a mistake in the code, forgot to close a paragraph. Silly mistake.
0
 
LVL 40

Expert Comment

by:Richard Quadling
ID: 24903381
Did any of our comments help you find the missing </p>
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Do online retailers and e-commerce sites even need to bother with the season? Is it lucrative to update and prepare your site for Black Friday and Cyber Monday shoppers? We'll find out now.
The viewer will receive an overview of the basics of CSS showing inline styles. In the head tags set up your style tags: (CODE) Reference the nav tag and set your properties.: (CODE) Set the reference for the UL element and styles for it to ensu…
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…
Suggested Courses

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question