Skip to content
Advertisement

PHP Redirect with POST data

I did some research on this topic, and there are some experts who have said that it is not possible, so I would like to ask for an alternative solution.

My situation:

Page A: [checkout.php] Customer fills in their billing details.

Page B: [process.php] Generate an invoice number and store customer details in database.

Page C: [thirdparty.com] Third Payment Gateway (ONLY ACCEPT POST DATA).

Customer fills in their details and sets up their cart in Page A, then POSTs to Page B. Inside process.php, store the POSTed data inside the database and generate an invoice number. After that, POST the customer data and invoice number to thirdparty.com payment gateway. The problem is doing POST in page B. cURL is able to POST the data to Page C, but the problem is the page didn’t redirect to page C. The customer needs to fill in Credit Card details on Page C.

The third party payment gateway did give us the API sample, the sample is POST the invoice number together with customer detail. We don’t want the system to generate an excess of unwanted invoice numbers.

Is there any solution for this? Our current solution is for the customer to fill detail in Page A, then in Page B we create another page showing all the customer details there, where the user can click a CONFIRM button to POST to Page C.

Our goal is for customers to only have to click once.

Hope my question is clear 🙂

Advertisement

Answer

Generate a form on Page B with all the required data and action set to Page C and submit it with JavaScript on page load. Your data will be sent to Page C without much hassle to the user.

This is the only way to do it. A redirect is a 303 HTTP header that you can read up on http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html, but I’ll quote some of it:

The response to the request can be found under a different URI and SHOULD be retrieved using a GET method on that resource. This method exists primarily to allow the output of a POST-activated script to redirect the user agent to a selected resource. The new URI is not a substitute reference for the originally requested resource. The 303 response MUST NOT be cached, but the response to the second (redirected) request might be cacheable.

The only way to achieve what you’re doing is with a intermediate page that sends the user to Page C. Here’s a small/simple snippet on how you can achieve that:

<form id="myForm" action="Page_C.php" method="post">
<?php
    foreach ($_POST as $a => $b) {
        echo '<input type="hidden" name="'.htmlentities($a).'" value="'.htmlentities($b).'">';
    }
?>
</form>
<script type="text/javascript">
    document.getElementById('myForm').submit();
</script>

You should also have a simple “confirm” form inside a noscript tag to make sure users without Javascript will be able to use your service.

User contributions licensed under: CC BY-SA
9 People found this is helpful
Advertisement