Solved

ProTx/SagePay Form Payment - HTML Confirmation Message Field

Posted on 2009-07-09
6
427 Views
Last Modified: 2013-11-29
I have a website to order products. The form method of the ProTx/SagePay service means that we are sending in POST data in PHP to their servers. They allow custom confirmation emails which can include HTML code in the &emailMessage field. For some reason for a number of weeks the confirmations display out like this when emailed (Partiall output).
----------------------------------------------------------------------------------------
 Dear Usman,

Thank you for your order. Your payment has been processed successfully.
html>body>p>Congratulations on your purchase. Your order details are as follows:/p> p> b>Event Name:/b> testbr/> b>Venue:/b> Sheffield Arenabr/> b>Date:/b> 2009-11-04br/> b>Section:/b> Lower Next To Stagebr/> b>Block:/b> 119br/> b>Row:/b> First 25 Rowsbr/> b>Number of Tickets:/b> 1br/> b>Price:/b> £0.01br/> b>Delivery Charge:/b> £5.75br/> b>Total:/b> £5.76br/> /p> p>We will dispatch the tickets as soon as we receive them from our .....

-------------------------------------------------------------------------------------

Please can you view my code. The HTML is clean. I have tested this out manually on a mailto function whilst headers are set to HTML and it works fine.
		$strPost .= "&eMailMessage=<html><body>";

		$strPost .= "<p>Congratulations on your purchase. Your order details are as follows:</p>

					<p>

					<b>Event Name:</b> ".$ItemName."<br/>

					<b>Venue:</b> ".$venue."<br/>

					<b>Date:</b> ".$date."<br/>

					<b>Section:</b> ".$section."<br/>

					<b>Block:</b> ".$block."<br/>

					<b>Row:</b> ".$row."<br/>

					<b>Number of Tickets:</b> ".$qty."<br/>

					<b>Price:</b> &pound;".$price."<br/>

					<b>Delivery Charge:</b> &pound;".($TotPrice - ($price*$qty))."<br/>

					<b>Total:</b> &pound;".$TotPrice."<br/>

 					</p>	

					<p>We will dispatch the order as soon as we receive them from our suppliers. .</p>

					<p>Should you have any queries with regards to your order please call us on 0844 858 4764 or email us at sales@order.co.uk.</p>

					<p>Kind Regards</p>

					<p>Orders<br />

					<a href='http://www.order.co.uk' target='_blank' rel='nofollow'>www.order.co.uk</a></p>" ;

		$strPost .= "</body></html>";

Open in new window

0
Comment
Question by:namsu55
  • 3
  • 2
6 Comments
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 24820977
Obviously the code you have posted is not the culprit.
It must be an html cleaner like
http://www.sitepoint.com/blogs/2006/02/17/safehtml-cleaning-form-input/
that is removing all start tags, rendering the html safe from xss
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 24823554
OOI. Is the message you are receiving been tagged as HTML? If so, try right clicking and do a view source (Outlook) or view original (GMail), etc. Look at what was actually sent rather than seeing what the email client is showing you.

They can be quite different.

Can you show the code which does the communication?
0
 

Author Comment

by:namsu55
ID: 24825033
Cant show you the code which does the communication, the emailMessage field is passed to ProTX on transaction and they send the email.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 40

Expert Comment

by:RQuadling
ID: 24825667
Can you do a view source on the mail? Can you send me a mail (through PayTX)? RQuadling at e-e dot com.
0
 

Accepted Solution

by:
namsu55 earned 0 total points
ID: 24899425
It was just a mistake in the code, forgot to close a paragraph. Silly mistake.
0
 
LVL 40

Expert Comment

by:RQuadling
ID: 24903381
Did any of our comments help you find the missing </p>
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Learn about the eCommerce marketing trends for the year ahead.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now