2013-12-12 83 views
0

我試圖使自動付款系統,其中用戶可以使用PerfectMoney充值他們的帳戶。他們的網站有SCI表格生成器,它生成此表格:PerfectMoney API集成(錯誤500)

<form action="https://perfectmoney.is/api/step1.asp" method="POST"> 
<input type="hidden" name="PAYEE_ACCOUNT" value="E1089920"> 
<input type="hidden" name="PAYEE_NAME" value="Test account"> 
<input type='hidden' name='PAYMENT_ID' value='<?=time() ?>'> 
<input type="text" name="PAYMENT_AMOUNT" value=""><BR> 
<input type="hidden" name="PAYMENT_UNITS" value="EUR"> 
<input type="hidden" name="STATUS_URL" value="http://dev.limited.rs/status.php"> 
<input type="hidden" name="PAYMENT_URL" value="http://dev.limited.rs/complete.php"> 
<input type="hidden" name="PAYMENT_URL_METHOD" value="POST"> 
<input type="hidden" name="NOPAYMENT_URL" value="http://dev.limited.rs/failed.php"> 
<input type="hidden" name="NOPAYMENT_URL_METHOD" value="POST"> 
<input type="hidden" name="SUGGESTED_MEMO" value=""> 
<input type="hidden" name="BAGGAGE_FIELDS" value="IDENT"><br> 
<input type="submit" name="PAYMENT_METHOD" value="Pay Now!" class="tabeladugme"><br><br> 
</form> 

將數據發送到PerfectMoney網站的常規表單。反過來,PerfectMoney將通過POST方法將數據發回給我兩次,一次是付款完成,另一次是用戶重定向到網站。當支付完成後,我乾脆把所有的數據,並存儲在數據庫中,只是這樣我就可以檢查它,當用戶回到網站,像這樣的:

<?php 
ob_start(); 
session_start(); 
require 'config.php'; 
if (!isset($_POST['PAYMENT_ID']) || !isset($_POST['PAYEE_ACCOUNT']) || !isset($_POST['PAYMENT_AMOUNT']) || !isset($_POST['PAYMENT_UNITS']) || !isset($_POST['PAYMENT_BATCH_NUM']) || !isset($_POST['PAYER_ACCOUNT']) || !isset($_POST['TIMESTAMPGMT'])) 
{ 
    header("location:uploadfunds.php"); 
    exit(); 
} 
if (isset($_POST['PAYMENT_ID']) || isset($_POST['PAYEE_ACCOUNT']) || isset($_POST['PAYMENT_AMOUNT']) || isset($_POST['PAYMENT_UNITS']) || isset($_POST['PAYMENT_BATCH_NUM']) || isset($_POST['PAYER_ACCOUNT']) || isset($_POST['TIMESTAMPGMT'])) 
{ 
$sum=$_POST['PAYMENT_AMOUNT']; 
$passphrase=strtoupper(md5("<passphrase here>")); 
$hash=$_POST['PAYMENT_ID'].':'.$_POST['PAYEE_ACCOUNT'].':'. 
     $_POST['PAYMENT_AMOUNT'].':'.$_POST['PAYMENT_UNITS'].':'. 
     $_POST['PAYMENT_BATCH_NUM'].':'. 
     $_POST['PAYER_ACCOUNT'].':'.$passphrase.':'. 
     $_POST['TIMESTAMPGMT']; 
$hash2=strtoupper(md5($hash)); 
$pending = "Pending"; 
$sqlcheck1 = "SELECT * FROM payments WHERE Hash = '$hash' AND Status = '$pending'"; 
$rescheck1 = mysql_query($sqlcheck1); 
if (mysql_num_rows($rescheck1) != 0) 
{ 
    if($hash2==$_POST['V2_HASH']) 
    { 
     echo "Hash2 = V2_HASH"; 
     $method = "Uploaded funds"; 
     $completed = "Completed"; 
     $today = date('Y-m-d'); 
     $type = "Perfect Money"; 
     $addfunds = "UPDATE balance SET Balance = Balance + '$sum' WHERE User = '$uploader'"; 
     $addhistory = "INSERT INTO bank (User,Amount,Method,Transdate,Type,Status) VALUES ('$me','$sum','$method','$today','$type','$status')"; 
     $updatepayment = "UPDATE payments SET Status = '$completed' WHERE Hash = '$hash' AND User = '$uploader'"; 
     mysql_query($addfunds); 
     mysql_query($addhistory); 
     mysql_query($updatepayment); 
     header("bank.php"); 
     exit(); 
    } 
    if($hash2!=$_POST['V2_HASH']) 
    { 
     echo "hash2 != V2_HASH"; 
     header("location:error.php?id=2"); 
     exit(); 
    } 
} 
?> 

因此,我從字面上比較數據我之前2秒鐘獲得了我現在得到的數據,它應該匹配並且它確實。在我編寫腳本10天后,它開始失敗,我得到了錯誤500.任何地方都沒有任何日誌來說明發生了什麼,並且從調試代碼開始,這一切似乎都奏效。

+1

請不要再使用'mysql_ *'函數。它們被棄用,容易被注射。有關更多信息,請參見http://www.php.net/manual/en/function.mysql-query.php。 – chill0r

+0

謝謝,但我真的只是想解決這個錯誤在這一點上..除非你認爲這是實際的問題,我寧願做一個工作代碼,很容易升級到pdo或mysqli稍後的道路=) –

回答

0

對,所以我找到了答案,儘管這是可恥的.. header("Location:bank.php");而不是header("bank.php");是的,我花了很長時間才發現這一點。生活就是這樣。