strangedenial Posted October 31, 2016 Share Posted October 31, 2016 (edited) Hi all, I've been away from PHP and web developing for the last 7 years. Now I'm designing my own website for my own company. There will be a 'kind of' payment page. Which will get basic information from a form and redirect the user to a safe payment site. I've been dying to figure out what I am doing wrong for the past 3 hours. I've asked unlce google every possible question I can think of for the right answer, but, alas, all is left to ask it in a forum, and just sit and hope... I've got this code : <? setlocale( LC_TIME, 'ru_RU.UTF-8', 'russian' ); $thisDay = strftime("%B %Y"); $private_key = "*************************"; $public_key = "i************"; $amount = $_POST["amount"]; $comments = $_POST["comments"]; $results = array( 'version' => 3, 'action' => 'pay', 'public_key' => $public_key, 'amount' => "500", (this works) 'currency' => 'UAH', 'description' => "test", (this works) 'type' => 'buy', 'language' => 'ru' ); $data = base64_encode(json_encode($results)); $signiture = base64_encode( sha1( $private_key . $data . $private_key, 1 ) ); ?> which then uses this form to pass the data to the site : <form method="POST" accept-charset="utf-8" action="https://xxxxxxxxxxxxxxxxxxx" /> <input type="hidden" name="data" value="<? echo $data; ?>" /> <input type="hidden" name="signature" value="<? echo $signiture; ?>" /> <input type="text" name="clientNo" style="width:30px;" /> <input type="text" name="clientName" style="width:300px;" /> <input name="amount" type="text" style="width:50px; text-align:center;" /> <input type="text" name="comments" style="width:300px; text-align:center;" /> <input type="image" src="images/payment-01.png" name="btn_text" /> </form> </div> this works well but the array I use is just the data I entered myself. I have to get the Amount and Description But when I change the php code to this it just does not get the data from the form : <? setlocale( LC_TIME, 'ru_RU.UTF-8', 'russian' ); $thisDay = strftime("%B %Y"); $private_key = "*************************"; $public_key = "i************"; $amount = $_POST["amount"]; $comments = $_POST["comments"]; $results = array( 'version' => 3, 'action' => 'pay', 'public_key' => $public_key, 'amount' => $amount, (this does not work) 'currency' => 'UAH', 'description' => $comments, (this does not work) 'type' => 'buy', 'language' => 'ru' ); $data = base64_encode(json_encode($results)); $signiture = base64_encode( sha1( $private_key . $data . $private_key, 1 ) ); ?> I am pretty sure that it is so simple that I look stupid. But.. I can not resolve this problem on my own.. I tried this : <? setlocale( LC_TIME, 'ru_RU.UTF-8', 'russian' ); $thisDay = strftime("%B %Y"); $private_key = "*************************"; $public_key = "i************"; if (isset($_POST["amount"])) / (this does not work) { $amount = $_POST["amount"]; $comments = $_POST["comments"]; $results = array( 'version' => 3, 'action' => 'pay', 'public_key' => $public_key, 'amount' => $amount, (this does not work) 'currency' => 'UAH', 'description' => $comments, (this does not work) 'type' => 'buy', 'language' => 'ru' ); $data = base64_encode(json_encode($results)); $signiture = base64_encode( sha1( $private_key . $data . $private_key, 1 ) ); } ?> Not working... Please help! Thanks in advance !!! Edited October 31, 2016 by strangedenial Quote Link to comment Share on other sites More sharing options...
requinix Posted October 31, 2016 Share Posted October 31, 2016 Compare $data between the working and non-working versions to find out what the difference is. Quote Link to comment Share on other sites More sharing options...
strangedenial Posted October 31, 2016 Author Share Posted October 31, 2016 (edited) thanks for the quick reply! The working data contains the values as given "500" and "test" . The non working data return just null - empty Edited October 31, 2016 by strangedenial Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted October 31, 2016 Share Posted October 31, 2016 Open the network tab of your browser to see what is and what isn't being sent from your form page to the target script. There are definitely problems: The HTML syntax is screwed up, because you're using the self-closing notation on the opening form tag (i. e. <form />). This is not only nonsensical (you don't want to immediately close the form), it's actually invalid in and will send the browser into error recovery mode – which may or may not work out. I strongly recommend you get rid of those old XHTML mannerisms like self-closing tags, use plain old HTML and validate the markup before jumping to any PHP code. The Mozilla Developer Network also has a great HTML crash course. There's no validation or error handling of any kind. You just hope for the best. As you can see, that's a huge problem when there actually are errors. You need to add proper feedback for you and your users(!). You're using short PHP tags (i. e. <?) all over the place, which will be a problem in the future (they're turned off on many systems). The second point is particularly important: Don't assume that everything will always work out as expected. It won't. You need to validate every step so that you have a chance to detect and fix problems: <?php /* ---- the receiving script ---- */ // First validation step: Was the request even a POST request? Maybe somebody accidentally just opened the script. if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Second validation step: Did we receive all the expected parameters? $missing_params = []; $required_params = [ 'amount', 'comments', ]; foreach ($required_params as $param) { if (!isset($_POST[$param])) { $missing_params[] = $param; } } if ($missing_params) { echo 'Missing parameters: '.implode(', ', $missing_params); } // Add further validation if necessary (e. g. number parameters should in fact consist of digits) // *Now* you're ready to process the input } Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.