PHP 在本地文件上模拟 POST 数据
我知道 cURL 主要用于从远程站点获取数据。您是否应该使用 cURL 从使用 POST 数据的本地 url 获取数据?
例如,我有一个显示收据的页面。我用它来发送 html 电子邮件,并且如果客户的电子邮件客户端未正确显示收据,也可以让客户在浏览器中查看收据。
如果存在 POST 持卡人数据,它将在收据中显示名字、姓氏、地址、城市、州、邮政编码、电话、电子邮件和付款方式。
我使用 file_get_contents() 函数来检索该网页并发送电子邮件。问题:执行此操作时不存在 POST 数据,因此如果您是收到收据电子邮件的人,则您的账单信息不会出现在其中。无法证明收据确实是您的。
我试图遵守 PCI 标准,因此我试图避免将持卡人数据存储在会话或数据库表中。
I know cURL is primarily for fetching data from remote sites. Should you use cURL to get data from local urls that use POST data?
For example, i have a page the displays a receipt. i use this to send html emails and also for the customer to view the receipt in their browser if their email client isn't displaying it correctly.
If POST cardholder data is present it will display the first name, last name, address, city, state, zip, phone, email, and method of payment in the receipt.
I use the file_get_contents() function to retrieve that web page and send the email. The problem: No POST data is present when doing that so if you're the one getting the receipt email, your billing information won't be on it. There's no way to prove that the receipt is actually yours.
I'm trying to comply with PCI standards so i'm trying to avoid storing cardholder data in sessions or a database table.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您是否可以在提取该文件的脚本中使用 include 或 require 来代替使用 file_get_contents() ?然后在此之前,您可以手动设置 $_POST 变量,并且包含的文件将触发电子邮件并包含用户数据。
Instead of using file_get_contents() could you not just use include or require in the script where you're pulling in that file? Then prior to that you could manually set the $_POST vars and the included file would fire the email and include the user data.