Jump to content

how to send post data including variables without it being visible in code

rwcurry

By rwcurry
in PHP Coding Help

 Share

Recommended Posts

rwcurry Newbie

rwcurry

Posted
Posted

I have a web page where I want to redirect the user to a credit card processing site.  To do this I have the following code.

 


<form action="http://www.creditcardprocessor.com" method="POST">
<input type="hidden" name="ssl_logon" value="ausername">
<input type="hidden" name="ssl_password" value="apassword">
<input type="submit" value="Click Here to Register">
</form>

 

unfortunately this allows a user savvy enough to view the code in their browser to see what the logon and password values are.  How do I do this safely?

 

Thanks

waynew Advanced Member

waynew

Posted
Posted

If you want help, I suggest that you act a little less sassy with the people who reply to your thread. If this credit card processing website expects you to store passwords etc in plain text, you need to find a different company to do business with. They most likely have further documentation. I suggest checking their site out or even contacting them/using their support forums.

schilly Regular Member

schilly

Posted
Posted

If you want help, I suggest that you act a little less sassy with the people who reply to your thread. If this credit card processing website expects you to store passwords etc in plain text, you need to find a different company to do business with. They most likely have further documentation. I suggest checking their site out or even contacting them/using their support forums.

 

+1. For a credit card company to have something like that is unthinkable, hence my reply.

 

 

rwcurry Newbie

rwcurry

Posted
  • Author
Posted

+1. For a credit card company to have something like that is unthinkable, hence my reply.

 

I agree.  And actually there is a typo in the original example (should be https://)  however the question is, how is this done normally?  Preferably with some example.  So far no one has volunteered any solutions, and while I agree that help is voluntary, everything else is just noise.

 

thanks anyway.

 

 

schilly Regular Member

schilly

Posted
Posted

It's hard to say. Each credit card company has their own methods. It's usually by API calls or a form redirect but I would say you never would include your password in the form.

 

ie. PayPal use to just use username but I think they switched to some kind of user code now for Express Checkout and they have an API for calls from your own site. all use https and no where is there a visible password.

 

I would contact them directly, check their documentation or find a new payment merchant.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.