SitePoint Sponsor

User Tag List

Page 1 of 2 12 LastLast
Results 1 to 25 of 27
  1. #1
    SitePoint Evangelist hessodreamy's Avatar
    Join Date
    Apr 2005
    Location
    uk
    Posts
    528
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)

    POST redirect - is it, or is it not, possible?

    Yes the issue has been brought up before, but I wouldn't mind clarification on my particular circumstances.

    I have a page which submits a form via POST to an external page (paypal), which needs the data as POST. I would like to send the data to a script on my site, and from there onto paypal.

    Is it possible to do this using php (rather than javascript)? I can use CURL to submit a post request to paypal, but that doesn't redirect the user.

  2. #2
    Follow Me On Twitter: @djg gold trophysilver trophybronze trophy Dan Grossman's Avatar
    Join Date
    Aug 2000
    Location
    Philadephia, PA
    Posts
    20,578
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    No, but you don't need to POST data to send someone to a PayPal payment page. Constructing a URL with a query string and redirecting to that works just fine.

  3. #3
    SitePoint Evangelist hessodreamy's Avatar
    Join Date
    Apr 2005
    Location
    uk
    Posts
    528
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Ah yes, sorry for not being specific. I would have to use post to send custom shopping cart info through, wouldn't I?

  4. #4
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What you could do is create a page that says, please wait, redirecting and then construct a form with all the values in hidden elements which then automatically submits to the paypal url?

    Your page would receive the post, output the post into the form, then submit.

    hth


  5. #5
    SitePoint Evangelist hessodreamy's Avatar
    Join Date
    Apr 2005
    Location
    uk
    Posts
    528
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    I COULD, and if there's no better option then I just might. But I don't really like the javascript self submitting form option. It's too dependant on settings and too...transparent.
    Is there a way to do it behind the scenes?

  6. #6
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Unfortunately not. Using CURL you could post to the page but the user wouldn't see the response, i.e. posting to the checkout page.

    My original suggestion would work great. You can set a timeout of 1 second, or simply when the page loads and also put a submit button for those users that have javascript disabled.


  7. #7
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by hessodreamy View Post
    It's too dependant on settings and too...transparent.
    No more so than the the previous steps required to build the cart, with regards to settings, a simple 'Proceed to PayPal' (submit) button would suffice in the event of JS absence.
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  8. #8
    SitePoint Evangelist hessodreamy's Avatar
    Join Date
    Apr 2005
    Location
    uk
    Posts
    528
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Someone mentioned something about using stream context for this. I've got been able to find any decent info on this, but is it something that could work?

  9. #9
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Looking at the doc, it could work: http://php.net/manual/en/function.st...ext-create.php

    You would have to construct the headers though.


  10. #10
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    I don't think that would really suffice, as your site would then be acting as a gateway to Paypal which is, I believe, illegal (very easy to capture account details).

    I think your best option is to do it the conventional way - a hidden form with the paypal submit button.
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  11. #11
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    I don't see how using a stream context would do what you ask...

    As PayPal accepts query string data, whay about a proxy to intercept the POST data and forward as GET?
    PHP Code:
    <?php
    /*
        Do stuff with POST
    */
    header(
        
    sprintf(
            
    'Location: http://www.paypal.co.uk/process?%s',
            
    http_build_query($_POST)
        ),
        
    true,
        
    302
    );
    ?>
    Edit: Illegal? I don't think so Jake, it's data submitted to the OP by his users after all. No?
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  12. #12
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Arkinstall, I think using the context method simply outputs the response to the browser as if the OP had used the method I originally suggested.

    I still think my original suggestion is the best, but if the OP is insistant, then context streams could be the way.


  13. #13
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Looking at the documentation for the context stream, you can replace the current context with that of the request to paypal whilst also passing across the header information to construct a post. I think it could work?


  14. #14
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by gRoberts View Post
    Looking at the documentation for the context stream, you can replace the current context with that of the request to paypal whilst also passing across the header information to construct a post. I think it could work?
    Yes, but you couldn't send the user along too...
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  15. #15
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That doesn't matter? last time I used paypal, when sending a user to a checkout, it asks them to login.

    edit: lol should really read before posting....

    The context would be writen to the buffer so, as far as I am aware, it would be the same as if the user had been posted using a simple form?


  16. #16
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by gRoberts View Post
    That doesn't matter? last time I used paypal, when sending a user to a checkout, it asks them to login.
    Indeed it will, but you now have no data attached to the user, so how will PayPal know what they intend to buy?
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  17. #17
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by SilverBulletUK View Post
    Illegal? I don't think so Jake, it's data submitted to the OP by his users after all. No?
    When a user is redirected to paypal, they are given a login screen - the original site isn't given any access to these login details, they are just informed if the payment was successful. That's the major benefit of using paypal.

    If your server is acting as a proxy between the user and paypal, you intercept the login and therefore have access to the user's details.
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  18. #18
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by arkinstall View Post
    When a user is redirected to paypal, they are given a login screen - the original site isn't given any access to these login details, they are just informed if the payment was successful. That's the major benefit of using paypal.

    If your server is acting as a proxy between the user and paypal, you intercept the login and therefore have access to the user's details.
    From what I understood, the OP merely wants to capture form data prior to sending it on to PayPal. Possibly a cart? Maybe to log uncompleted baskets?

    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  19. #19
    SitePoint Evangelist hessodreamy's Avatar
    Join Date
    Apr 2005
    Location
    uk
    Posts
    528
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    From what I understood, the OP merely wants to capture form data prior to sending it on to PayPal. Possibly a cart? Maybe to log uncompleted baskets?
    Yup. That's right. It's not that I'm insistent on not using the javascript method. It just seems that there should be something better in this day and age. And I don't like being beaten! . But if there isn't, there isn't. I'll look some more into whether paypal will take the data as GET. I assumed there would be too much. Otherwise I'll go with the javascript thingy.

  20. #20
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    From what I understood, the OP merely wants to capture form data prior to sending it on to PayPal.
    Yeah - but then the user needs to interact with paypal.

    The only way for the user to interact with paypal without the OP's site acting as a proxy would be for the browser to send the form, not PHP.

    The simple solution would be to send 'checkout' to a PHP file on the OP's site, which then returns an intermediate page, with a hidden form (after the necessary processing on the PHP side) and a button to continue to paypal - maybe JS could simulate the pressing of that button in the browser for a better experience for those with JS enabled.
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  21. #21
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    lol the context stream would contain the necessary key/value post arguments that would normally get sent across when someone uses a form.

    context stream emulates the user making the question directly by replacing the original request context with a new one.

    I could be wrong, but it's worth reading the documentation.


  22. #22
    Twitter: @AnthonySterling silver trophy AnthonySterling's Avatar
    Join Date
    Apr 2008
    Location
    North-East, UK.
    Posts
    6,111
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by arkinstall View Post
    Yeah - but then the user needs to interact with paypal.

    The only way for the user to interact with paypal without the OP's site acting as a proxy would be for the browser to send the form, not PHP.

    The simple solution would be to send 'checkout' to a PHP file on the OP's site, which then returns an intermediate page, with a hidden form (after the necessary processing on the PHP side) and a button to continue to paypal - maybe JS could simulate the pressing of that button in the browser for a better experience for those with JS enabled.
    He he, welcome to the beginning of the thread Jake.
    @AnthonySterling: I'm a PHP developer, a consultant for oopnorth.com and the organiser of @phpne, a PHP User Group covering the North-East of England.

  23. #23
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by gRoberts View Post
    context stream emulates the user making the question directly by replacing the original request context with a new one.
    Its just like using file_get_contents - PHP is making the request, not the user.
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  24. #24
    SitePoint Wizard bronze trophy
    Join Date
    Jul 2008
    Posts
    5,757
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    By the time you're ready to show the user the paypal button, you should have had the opportunity to capture all the data you need already. The page which displays the button can take a snapshot of the current cart+data and save it to a pending transactions table, and generate a transaction id, which gets embedded into the form to be sent to paypal(so that when you later verify the order is paid for, you know which transaction the payment corresponds to).

    It would be wise to show a summary of the snapshot that specific form will be paying for on the same page as the paypal button, because users can do quite a bit of back and forth changing thier mind. They may even try to edit the cart on your site after initiating the checkout process on paypals website.

  25. #25
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,875
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    It is really easy to set up a page that captures whatever data you want from your purchaser and then passes the part of it that paypal requires in the querystring. There is no requirement to use POST to call Paypal.

    You do need to pass something TO Paypal that identifies the information you have already captured so as to match the purchase back to the rest of the data. I usually do that by generating the invoice number for the transaction and passing it to paypal rather than allowing Paypal to generate one - that way both parts of the transaction have the same invoice number. The IPN script can then use the invoice number to look up the rest of the info to mark it as paid. I generally drop any transactions still pending 10 days later (so as to allow for echeck payments which can take several days).
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •