使用 PHP 和 fsockopen 模拟 PayPal _xclick

发布于 2024-12-08 19:20:29 字数 1628 浏览 0 评论 0原文

我正在尝试使用 PHP 脚本将用户发送到已预先配置的 PayPal 页面。基本上,我试图摆脱中间页面,“请稍候,我将向您发送到 PayPal,等等”。

目前正在发生的事情是这样的: 1. 用户填写一个表单,该表单被 POST 到我的 process.php 页面 2. 我希望 process.php 构建 _xclick 字符串并直接发布到 PayPal 并在浏览器中显示(重定向?)页面。

这就是我当前正在做的事情,但是用户的网络浏览器没有重定向。我知道我可以回显一些 HTML 并让它工作,但我认为有一种方法可以获取数据,但我想让浏览器起作用还需要更多的东西?

//create array of requuired minimal data for a PayPal button
$post_data['amount']        = '123';
$post_data['item_name']     = 'widget';
$post_data['item_number']   = '123';
$post_data['quantity']  = '123';
$post_data['currency_code'] = 'USD';
$post_data['business']  = '[email protected]';
$post_data['no_shipping']   = '2';

//traverse array and prepare data for posting (key1=value1)  
foreach ( $post_data as $key => $value)
{  
    $post_items[] = $key . '=' . urlencode(stripslashes($value)); 
}  

//create the final string to be posted using implode()  
$post_string = implode ('&', $post_items);  

// Add command string
$post_string = '?cmd=_xclick&' . $post_string;

// Connect to PAYPAL
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);

//sending the data  
fputs($fp, "POST /cgi-bin/webscr HTTP/1.1\r\n");  
fputs($fp, "Host: www.paypal.com\r\n");  
fputs($fp, "Content-Type: application/x-www-form-urlencoded\r\n");  
fputs($fp, "Content-Length: ".strlen($post_string)."\r\n"); 
fputs($fp, "Connection: close\r\n");
fputs($fp, "\r\n");  
fputs($fp, $post_string);   

while (!feof($fp))
{
    echo fgets($fp, 1024);
}
fclose($fp);

I am trying to make a PHP script send the user to a PayPal page that has been pre-configured. Basically, I'm trying to get rid of the intermediate page, "Please wait while I send you to PayPal, blah".

Currenly this is what is happening:
1. User fills out a form which gets POST'd to my process.php page
2. I want process.php to build the _xclick string and post directly to PayPal and show (redirect?) the page in the brower.

This is what I'm currenly doing, but the user's web brower is not redirected. I know I can echo some HTML and get it to work, but I thought there was a way to get the data, but I guess getting the browser to act take something more?

//create array of requuired minimal data for a PayPal button
$post_data['amount']        = '123';
$post_data['item_name']     = 'widget';
$post_data['item_number']   = '123';
$post_data['quantity']  = '123';
$post_data['currency_code'] = 'USD';
$post_data['business']  = '[email protected]';
$post_data['no_shipping']   = '2';

//traverse array and prepare data for posting (key1=value1)  
foreach ( $post_data as $key => $value)
{  
    $post_items[] = $key . '=' . urlencode(stripslashes($value)); 
}  

//create the final string to be posted using implode()  
$post_string = implode ('&', $post_items);  

// Add command string
$post_string = '?cmd=_xclick&' . $post_string;

// Connect to PAYPAL
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);

//sending the data  
fputs($fp, "POST /cgi-bin/webscr HTTP/1.1\r\n");  
fputs($fp, "Host: www.paypal.com\r\n");  
fputs($fp, "Content-Type: application/x-www-form-urlencoded\r\n");  
fputs($fp, "Content-Length: ".strlen($post_string)."\r\n"); 
fputs($fp, "Connection: close\r\n");
fputs($fp, "\r\n");  
fputs($fp, $post_string);   

while (!feof($fp))
{
    echo fgets($fp, 1024);
}
fclose($fp);

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

子栖 2024-12-15 19:20:29

答案是,至少对于PayPal来说,这是不可能做到的。如果我先执行 POST,然后执行 GET,则浏览器 URL 不会更改,这会违反安全标准。简而言之,浏览器(用户)必须参与 POST 才能保持所有正确的外观。 PayPal 提供的 API 可以在幕后执行所有操作,并且不需要 HTML 表单,但这不适用于 _xclick

因此,您需要使用 JavaScript 并制作一个自动提交表单。像这样的东西:

<html>
<head>
<title>Proceeding to credit card site ...</title>
<body onload="document.paypal_form.submit();">
<h1>Proceeding to credit card site ...</<h1>
<form method="post" name="paypal_form" action="<?php echo $post_data['url']?>">
 <input type="hidden" name="cmd" value="<?php echo $post_data['cmd']?>" />
 <input type="hidden" name="business" value="<?php echo $post_data['business']?>" />
 <input type="hidden" name="currency_code" value="<?php echo $post_data['currency_code']?>" />
 <input type="hidden" name="amount" value="<?php echo $post_data['amount']?>" />
 <input type="hidden" name="item_name" value="<?php echo $post_data['item_name']?>" />
</form>
</body>   
</html>

The answer is that, at least with PayPal, this cannot be done. If I do a POST followed by a GET then the browser URL does not change and this breaks security standards. In short, the browser (user) must be involved in the POST to maintain all correct appearances. PayPal offers an API that can do everything behind the scenes and not require HTML FORMS, but this is not available with _xclick.

Thus you need to use JavaScript and make an auto submitting FORM. Something like:

<html>
<head>
<title>Proceeding to credit card site ...</title>
<body onload="document.paypal_form.submit();">
<h1>Proceeding to credit card site ...</<h1>
<form method="post" name="paypal_form" action="<?php echo $post_data['url']?>">
 <input type="hidden" name="cmd" value="<?php echo $post_data['cmd']?>" />
 <input type="hidden" name="business" value="<?php echo $post_data['business']?>" />
 <input type="hidden" name="currency_code" value="<?php echo $post_data['currency_code']?>" />
 <input type="hidden" name="amount" value="<?php echo $post_data['amount']?>" />
 <input type="hidden" name="item_name" value="<?php echo $post_data['item_name']?>" />
</form>
</body>   
</html>
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文