3

I am trying to setup a simple trafic monitoring web application, using php, and struggling to fully understand on how Callbacks URL are actually working. Based on my understanding so far, I need to provide an Url link which will be inserted in landing page form. Once visitor click on the “Submit” button the form values will be posted (via POST) to the above link and monitored. After, the transaction completes user is re-directed back to the original page or any other page e.g. Thank you page. I suppose that page is the actual callback URL. Am I missing something in the above logic? Are there any php samples on how to achieve the above task? thanks.

Receive.php

<?php
  if( $_GET["name"] || $_GET["age"] )
  {
     // DO YOUR STUFF;

     header( 'Location: http://www.yoursite.com/LandingPage.html' ); 
     exit();
  }
?>

LandingPage.html

<html>
<body>
  <form action="http://www.mytrack.com/receive.php" method="GET">
        Name: <input type="text" name="name" />
        Age: <input type="text" name="age" />
        <input type="submit" />
  </form>
</body>
</html>
Jim
  • 2,760
  • 8
  • 42
  • 66

2 Answers2

1

That is correct. The callback URL will be called in case of a specific event. You should read the documentation of the tool making the callback.

As a workaround, you can log all $_POST and $_GET array entries into a textfile (fwrite) when callback URL is called to see what is passed exactly to your script.

Richard
  • 2,840
  • 3
  • 25
  • 37
1

A form doesn't necessarily POST the data. That would be the correct HTTP verb to use when saving data, but it's also possible to use GET with a form. This is defined with the method property on the form element:

<form method="post" action="I-handle-forms.php">
    <!-- inputs, buttons, whatnots -->
</form>

The method you use also affects how you access the data in PHP. GET data is available in $_GET while POST data is available in $_POST. You can also use $_REQUEST which contain both GET and POST data, as well as whatever cookies your site has sent.

Now as to your question about redirecting the user, you do that with header():

header("Location: http://example.com/thank-you.php");

But then again, it's not necessary per-se to redirect the user. It does make sense most of the time, but you could also just display your thank-yous on the page the form is submitted to.

Remember though that header() calls must always come before anything else is sent to the browser. Even if a notice escapes from a function call before header() the redirect wont work, so make sure to handle errors properly.

There's a nice comparison of the different verbs here. However a rule of the thumb is that GET should be used for fetching data, like performing a search, and POST should be used when saving data, like registration. GET parameters are sent in the URL, so saving data from a GET call can easily result in pointless database items.

So if I understood your situation correctly, in that users are submitting data to be saved, you should use POST. You could have a dedicated script form-processor.php or so to which the data is posted. Check that the data is valid, and save it to the database if it is. Then redirect the user to a thank-you page, or which ever page suits your use case. If the data is not valid, you could save the error messages to the user's session, redirect them back to the page with the form, and ask them to correct whatever mistakes were in the submitted data. If you're not using sessions, you could easily also pass the data along as GET parameters by appending them to the redirect url:

header("Location: http://example.com/form.php?error=Invalid+email");

Remember to pass your parameters through urlencode() first though.

Schlaus
  • 18,144
  • 10
  • 36
  • 64
  • I agree with you several marketing tools actually describing GET links not POST and providing custom parameters. I am aware of how header() works, this is why I am actually puzzled on which is the best way to implement the whole process. Would it be correct, based on your example set method ="get" action ="myurl/receive.php" and then on my receive.php update database and apply header() ? – Jim May 17 '15 at 06:40
  • @Jim I amended my answer per your comment, please take a look if it's more helpful now! – Schlaus May 17 '15 at 11:00
  • I really appreciate your answer. I am pretty sure that I know how the Post and Get works.. (if not then my attempt to build such application would be quite ridiculous :) ... The http://www.quora.com/What-is-a-Postback-URL explains on how the service should work as well as http://support.mobileapptracking.com/entries/22560357-Setting-Up-Postback-URLs. Based on that links I am not sure why the these services are still using GET instead of POST and if still my approach is correct based on those services description. – Jim May 17 '15 at 15:19
  • @Jim I'm sorry, I'm not sure I understand the question then. The links you provided indeed talk of using `GET`, which I'd guess is to make injecting data easier, since you can just put it into the URL, like in the Quora-example. What exactly is the problem you are having? – Schlaus May 17 '15 at 17:21