Question

我有以下php代码

<?php

    $token_cipherText=$_POST['tokenex_cipherText'];
    $token=generateToken($tokenex_cipherText);  
    $merchantid="example";
    $Password="example1";
    $remoteIP='11.22.95.5';
    $customerReferenceNo = $_POST['customerReferenceNo'];
    $amount=$_POST['amount'];
    $currencyCode='356';

    $expiryMonth=$_POST['expiry_month'];
    $expiryYear=$_POST['expiry_year'];
    $securityCode=$_POST['cvv'];
    $cardHolderName=$_POST['name_on_card'];
    $cardType=$_POST['selectedRadioValue'];


       if($cardType=='radio1')
    {
        $cardType='CC';
    }
    if($cardType=='radio2')
    {
        $cardType='DB';
    }   


    $cardProvider=$_POST['ccType'];
    if($cardProvider=='visa_electron')
    {
        $cardProvider='visa';
    }
    if($cardProvider=='mastercard')
    {
        $cardProvider='mc';
    }
    if($cardProvider=='maestro')
    {
        $cardProvider='maest';
    }
    if($cardProvider=='sbi_maestro')
    {
        $cardProvider='sbime';
    }
    $cardProvider=strtoupper($cardProvider);

    $name=$cardHolderName;
    $mobileNo=$_POST['mobileNo'];
    $Email=$_POST['email'];
    $merchant_id=$_POST['merchant_id'];

    $sql=mysql_query("select * from card_token where token='$token'");
    $numrows=mysql_num_rows($sql);
    if($numrows==0)
    {
        $sql=mysql_query("insert into card_token value('','$token','$merchant_id',now())");
    }

    $sql=mysql_query("update payment_tools_transactions set token_id='$token', cardHolderName='$cardHolderName', cust_Email='$Email', mobileNo='$mobileNo', trans_type='$cardType', cardProvider='$cardProvider', trans_amount='$amount' where trans_refNo='$customerReferenceNo'");

    $checksum = $merchantid."|".$_POST['amount']."|".$customerReferenceNo;  
    $checksum = hash('sha256', $checksum);  
    $data='tokenNo='.$token.'&securityCode='.$securityCode.'&cardExpiryMonth='.$expiryMonth.'&cardExpiryYear='.$expiryYear.'&cardHolderName='.$cardHolderName.'&transactionAmount='.$amount.'&paymentMode='.$cardType.'&currencyCode='.$currencyCode.'&customerReferenceNo='.$customerReferenceNo.'&cardProvider='.$cardProvider.'&name='.$name.'&mobileNo='.$mobileNo.'&email='.$Email.'&password='.$Password.'&amount='.$_POST['amount'].'&remoteIP='.$remoteIP.'&checkSum='.$checksum;

    $encryption_key = "CE5D964";
    $desEncryptedData = encryptText_3des($data, $encryption_key);
    $desEncryptedData = urlencode($desEncryptedData); 

    $url='https://payment.paykml.com/PGCCDCToken/TokenPayment.jsp?merchantId='.$merchantid.'&data='.$desEncryptedData;    //URL for CC authentication   
    header("location:$url");

html表单会将一些值发布到此php中并执行上述代码并使用标题header("location:$url");将这些参数重定向到$url='https://payment.paykml.com/PGCCDCToken/TokenPayment.jsp?merchantId='.$merchantid.'&data='.$desEncryptedData;

但我面临的问题是，重定向网址的展示方式与https://payment.paykml.com/PGCCDCToken/TokenPayment.jsp?merchantId=example&data=**********

类似

自从IAM重定向到第三方付款处理网站后，不能使用会话。我不知道是否可以通过使用会话来隐藏参数。

我的问题是，有没有其他方式发布数据，这相当于http头重定向？这样数据不会通过网址发送？

我可以通过使用curl

来成功

//Copy paste all the code till here...
    $encryption_key = "CE5D964";
    $desEncryptedData = encryptText_3des($data, $encryption_key);
    $desEncryptedData = urlencode($desEncryptedData); 


    $url='https://payment.paykml.com/PGCCDCToken/TokenPayment.jsp?merchantId='.$merchantid.'&data='.$desEncryptedData; 
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
    //curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
    $auth = curl_exec($curl);
    if($auth)
    { 
    header("Location:success.php"); //Redirect to a success page after payment.
    exit;
    }

感谢@Shankar damodar和@Basid因为帮助我解决这个问题而感到高兴

Answer 1

利用cURL来完成此过程。

//Copy paste all the code till here...
    $encryption_key = "CE5D964";
    $desEncryptedData = encryptText_3des($data, $encryption_key);
    $desEncryptedData = urlencode($desEncryptedData); 


    $url='https://payment.paykml.com/PGCCDCToken/TokenPayment.jsp?merchantId='.$merchantid.'&data='.$desEncryptedData; 
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
    //curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
    $auth = curl_exec($curl);
    if($auth)
    { 
    header("Location:success.php"); //Redirect to a success page after payment.
    exit;
    }

Answer 2

尝试使用cURL通过POST发送。我相信以下代码将起作用。

//extract data from the post
extract($_POST);
$encryption_key = "CE5D964";
$desEncryptedData = encryptText_3des($data, $encryption_key);

//set POST variables
$url = 'http://domain.com/get-post.php';
$fields = array(
    'merchantId' => urlencode($merchantId),
    'data' => urlencode($desEncryptedData)
);

//url-ify the data for the POST
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string, '&');

//open connection
$ch = curl_init();

//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);

//execute post
$result = curl_exec($ch);

echo $result;
//close connection
curl_close($ch);

从我的PHP POST第三方支付网站的价值，而不使用标题重定向

2 个答案: