0

I want to send Important data to another site with post request in php and concurrent redirect to this site If I use html <form> for this issue, user can stop process and change data

in curl and other methods redirect to url is impossible.

I found this snipped code :

header("POST $path HTTP/1.1\r\n" );
header("Host: $host\r\n" );
header("Content-type: application/x-www-form-urlencoded; charset=UTF-8\r\n" 
);
header("Content-length: " . strlen($data) . "\r\n" );
header("Connection: close\r\n\r\n" );
header($data);

But when run this code, give me file for save like force download and post header not send

I cant use html <form> for this actionو Because user can change value of form fields

Hope my question is clear

Thank you

user3754884
  • 87
  • 11
  • 1
    Looks like you misunderstood what `header()` does: it sends response to the browser (or whatever program did HTTP request your code responds too), it cannot send anything to other server. You need to make a post request using `curl` extension of `file_put_contents()`, and then you need to use `header()` to do redirect (actually order is not very important, will work either way). – alx Jun 18 '19 at 10:05
  • for bank gateway online payment request must data and post request both send to url in sametime – user3754884 Jun 18 '19 at 10:15
  • I'm absolutely sure that's not what gateway docs say. Could you link relevant section of their docs here, please? – alx Jun 18 '19 at 10:21
  • You say me with `curl` send data for first and then redirect to url by `header()` ? – user3754884 Jun 18 '19 at 10:24
  • Yes, that's why I say -- I mean I assume that's what gateway API wants from you. There are tons of curl code examples around, e.g.: https://davidwalsh.name/curl-post or https://stackoverflow.com/questions/2138527/php-curl-http-post-sample-code. But you should know there are other possible options, I know that some gateways want you to post data from web page by user directly to gateway, i.e. not from your PHP script, but from the page. To know for sure, I'd rather read docs. – alx Jun 18 '19 at 10:28
  • i write this code but bank gateway give me error for not give data : `$data = array( 'Amount' => $this->totalAmont, 'ResNum' => $this->resNum, 'MID' => $this->merchantID, 'RedirectURL' => $this->redirectURL ); $curlConfig = array( CURLOPT_URL => $this->action, CURLOPT_POST => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_POSTFIELDS => $data ); $ch = curl_init(); curl_setopt_array($ch, $curlConfig); $response = curl_exec($ch); header("Location: ".$this->action);` – user3754884 Jun 18 '19 at 10:53
  • There is nothing wrong with sending code -- tested it just now, POST request goes through as expected (unless gateway API requires some special headers). But you're doing POST request from your *server* to URL which is then used for redirecting *client browser*. I'm sure this is wrong. Please, read docs. Maybe link docs here, so other could read and interpret what they say. – alx Jun 18 '19 at 11:11
  • @alx **My question title :** I want post data and redirect to url like html `form` by php in server side for user can't change data before send to url – user3754884 Jun 18 '19 at 11:14
  • I honestly struggle to understand what you're trying to say. I'm asking you 3rd -- and final -- time to post link to docs here. I won't answer to anything else, sorry. – alx Jun 18 '19 at 11:19
  • My document not in english language – user3754884 Jun 18 '19 at 11:20
  • https://translate.google.com – alx Jun 18 '19 at 11:29
  • my document is pdf, your answer when correct if my gateway is like google captacha or facebook, for example first with curl give me token and then by token send url header, bud to this issue i want send data and redirect is both have a sametime execute, like get method link from A page to B page and use link in A page : B.php?data=foo – user3754884 Jun 18 '19 at 11:34
  • Is it "Saman Bank Online Banking"? Is your gateway URL https://sep.shaparak.ir/Payment.aspx? – alx Jun 18 '19 at 11:43
  • @alx Yes sep document in persian language – user3754884 Jun 18 '19 at 12:04
  • Yep, here it is: https://sepidan.net/sites/default/files/content/gateways/sepidan-sep-docs.pdf. And here is forum post that has great example of how exactly you should make your request: http://barnamenevis.org/showthread.php?494231-اتصال-به-وبسرویس-بانک-سامان -- as you can see, you prepare HTML code with form that is posted from browser, not from server. – alx Jun 18 '19 at 12:10
  • When user confirms transaction (using bank website), you'll get a POST request to *your* server to URL specified in `RedirectURL` -- it is your duty to provide real script at that address. That script can check if it has received real transaction notification from bank (i.e. not a fraud), and if amount matches expect. If it does not match, in that script you can refund the transaction and notify the user. If it matches, you can continue your operation -- providing product, download link, membership, or whatever it is you're working on. – alx Jun 18 '19 at 12:20
  • @alx Yes i have this code and use this, I wanted to use other methods instead of form in send request payment to server, like class or library to simulate html form in server side – user3754884 Jun 18 '19 at 12:27
  • in i use method :` public function sendParams() {$form = ""; $form .= ""; $form .= "
    action\" enctype=\"application/x-www-form-urlencoded\" >\n"; $form .= "totalAmont\" />\n"; $form .= "resNum\" />\n"; $form .= "merchantID\" />\n";`
     – user3754884 Jun 18 '19 at 12:29
  • I believe this is not possible because you have to redirect user to bank page where user will enter card number, or authenticate, etc., and bank might ask additional security questions (3d secure), and so on. Otherwise, with how you were going to do that, anyone could send money anywhere without any checks. That's not how gateway APIs work. – alx Jun 18 '19 at 12:29
  • $form .= "redirectURL\" />\n"; $form .= "mobile\" />\n"; $form .= ""; $form .= "

    "; $form .= "

     – user3754884 Jun 18 '19 at 12:29
  • `sendParams() ` this method use for make payment in bank side – user3754884 Jun 18 '19 at 12:32
  • in this method `sendParams()` user can change `Amount` field, is correct by this action payment not accept but user can change it and this is bad! – user3754884 Jun 18 '19 at 12:36
  • This is bad, but not very bad -- because this can be fixed. And you can check if amount was changed, and if it was, you can cancel transaction. Apparently that's how it works. – alx Jun 18 '19 at 12:44
  • @alx thank you, of course https://shop.irancell.ir/ simcart online charge section is better design and implemented for online payment – user3754884 Jun 18 '19 at 13:00

0 Answers0