2
我有一個輸入詳細信息後提交的表單。 提交後,它會將數據發送到一個PHP文件,該文件具有針對我的服務提供商的API調用。將來自API調用的返回值保存到現有的數據庫中
首先,我保存本地數據庫中的所有詳細信息,以及從以前的表單傳遞的代理和時間戳的名稱。 保存數據後,我將所有相關數據發送到使用其API提供的服務。我使用curl來發布數據。
如果一切順利,我得到如下回應
HTTP/1.1 100 Continue HTTP/1.1 200 OK Server: nginx/1.8.0 Date: Fri, 19 Aug 2016 16:38:16 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Headers: Authorization, Content-Type Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST {"success":true,"message":"1 row successfully inserted","warnings":[],"data":{"TRANSACTIONID":"SS_100526","STATUS":"Accepted, Verifying Funds"}}
現在,而不是這種長篇大論的消息,我想只顯示一行 - 「
數據提交成功。此次銷售的交易ID爲: SS_100526
「在同一頁面上而不是新的空白窗口。 此外,我希望將返回的事務ID保存在調用API之前保存銷售詳細信息的同一本地表中。
我試圖使用各種JSON選項,也用它作爲一個字符串來解析,但似乎無法讓它工作。 任何想法如何正確顯示返回響應並將返回的事務ID保存在我現有的數據庫中?
這裏是我目前正在使用與評論
<?php
\t ob_start();
\t session_start();
\t require_once '../dbconnect.php';// to connect to the database on my server
\t
\t if(!isset($_SESSION['user'])) {
\t \t header("Location: ../index.php"); //fetching session details
\t \t exit;
\t }
\t // select loggedin users detail
\t $res=mysql_query("SELECT * FROM users WHERE userId=".$_SESSION['user']);
\t $userRow=mysql_fetch_array($res);
\t $userid=$userRow['userEmail'];
\t $usernam=$userRow['userName'];
\t $timestamp = date('Y-m-d G:i:s');
$apikey = 'xxxxxxxxxxxxxxx'; // Your API Key
$apiEndPoint = 'https://portalDev.example.com'; // URL for API
$link = mysqli_connect("localhost", "root", "", "demodata");
// Check connection
if($link === false){
die("ERROR: Could not connect. " . mysqli_connect_error());
}
//collecting the user details to save in the database
\t $source = 'client1';
$last_name= mysqli_real_escape_string($link, $_POST['last_name']);//'Doe',
$first_name= mysqli_real_escape_string($link, $_POST['first_name']);//'John',
$address= mysqli_real_escape_string($link, $_POST['address']);//'123 Broadway',
$city= mysqli_real_escape_string($link, $_POST['city']);//'New York',
$state= mysqli_real_escape_string($link, $_POST['state']);//'NY',
$zip= mysqli_real_escape_string($link, $_POST['zip']);//'10016',
$amount= mysqli_real_escape_string($link, $_POST['amount']);//'5.99',
$testmode = 0; // In test mode, you must use 1.
\t $agentName = $usernam;
\t $userMail = $userid;
\t $saletimestamp = $timestamp;
// attempt insert query execution
$sql = "INSERT INTO users (source, last_name, first_name, address, city, state, zip, amount, testmode, agentName, userMail, saletimestamp) VALUES ('$source', '$last_name', '$first_name', '$address', '$city', '$state', '$zip','$amount', '$testmode', '$agentName','$userMail','$saletimestamp')";
if(mysqli_query($link, $sql)){
echo "Records added successfully.";
\t //header('Location: http://localhost/login/bsdev/success.html');
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
// close connection
mysqli_close($link);
//collate data for sending to the service provider in the format they have shared with us.
$postFields = array(
'SOURCE'=> 'client1',
'LASTNAME'=> urlencode($_POST['last_name']),//'Doe',
'FIRSTNAME'=> urlencode($_POST['first_name']),//'John',
'ADDRESS'=> urlencode($_POST['address']),//'123 Broadway',
'CITY'=> urlencode($_POST['city']),//'New York',
'STATE'=> urlencode($_POST['state']),//'NY',
'ZIPCODE'=> urlencode($_POST['zip']),//'10016',
'AMOUNT'=> urlencode($_POST['amount']),//'5.99',
'TESTMODE' => 1 // In test mode, you must use 1.
);
$process = curl_init($apiEndPoint . "/api/v1/transaction");
curl_setopt($process, CURLOPT_HEADER, 1);
curl_setopt($process, CURLOPT_USERPWD, $apikey . ":" . $apikey); // Basic Authentication using your API key
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POST, 1);
curl_setopt($process, CURLOPT_POSTFIELDS, $postFields);
curl_setopt($process, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($process, CURLOPT_SSL_VERIFYPEER, FALSE);
$response = (string)curl_exec($process);
echo $response;
//This is the response we get after curl_exec:
//Records added successfully.HTTP/1.1 100 Continue HTTP/1.1 200 OK Server: nginx/1.8.0 Date: Fri, 19 Aug 2016 13:58:57 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Headers: Authorization, Content-Type Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST {"success":true,"message":"1 row successfully inserted","warnings":[],"data":{"TRANSACTIONID":"SS_100526","STATUS":"Accepted, Verifying Funds"}}
curl_close($process);
?>
感謝您對尼科的及時響應。您關於SQL注入的建議非常有價值。這是我的第一個PHP代碼,所以所有的幫助表示讚賞:) 但我仍然堅持這一點。 在進行API調用時,我不知道事務標識。一旦我發送了所有字段的電話,它就會返回一個返回碼。如果通話成功,則發送一個事務ID,否則會給出錯誤。我可以傳遞什麼樣的數組以獲取返回信息,以便可以使用不同的位進行分析,如狀態,事務ID,錯誤代碼等。 – Ridge87701
我已更新我的答案:) –