Cannot access variables in URL on https-site?
Moderator: General Moderators
Cannot access variables in URL on https-site?
Hey there,
I just registered so if I am asking in the wrong place please tell me so and I'll delete and repost the question.
Here goes:
I am having problems accessing the variables written in the URL of a site hosted on a secure server (https) - when i upload the same file to a normal server there is no problem and it reads all variables with $_GET, but from the https site i cant get them.
Does anybody know anything about this?
Do I need to use another method to access url-variables on a https?
Thanks in advance!
I just registered so if I am asking in the wrong place please tell me so and I'll delete and repost the question.
Here goes:
I am having problems accessing the variables written in the URL of a site hosted on a secure server (https) - when i upload the same file to a normal server there is no problem and it reads all variables with $_GET, but from the https site i cant get them.
Does anybody know anything about this?
Do I need to use another method to access url-variables on a https?
Thanks in advance!
please tryon the https server.
Code: Select all
<?php
foreach( array('_GET', '_POST', '_REQUEST', '_SERVER') as $v ) {
echo '<pre>', $v, ': ';
print_r($$v);
echo "</pre>\n";
}volka,
then the returned url looks kinda like this (i deleted some of the variables, but you get the idea):
https://pay.scannet.dk/xxx/shop/result. ... ostnr=8000
and your little script returns:
then the returned url looks kinda like this (i deleted some of the variables, but you get the idea):
https://pay.scannet.dk/xxx/shop/result. ... ostnr=8000
and your little script returns:
_GET: Array
(
)
_POST: Array
(
)
_REQUEST: Array
(
)
_SERVER: Array
(
[DOCUMENT_ROOT] => /domains/www.xxx.dk/www
[HTTP_ACCEPT] => */*
[HTTP_CONNECTION] => Keep-Alive
[HTTP_HOST] => http://www.xxx.dk
[HTTP_USER_AGENT] => Wget/1.8.1
[PATH] => /bin:/usr/bin:/usr/local/bin
[REMOTE_ADDR] => 195.xx.xxx.84
[REMOTE_PORT] => 41438
[SCRIPT_FILENAME] => /domains/www.xxx.dk/www/shop/result.php
[SERVER_ADDR] => 195.xx.xxx.10
[SERVER_ADMIN] => root@xxx.dk
[SERVER_NAME] => http://www.xxx.dk
[SERVER_PORT] => 80
[SERVER_SIGNATURE] =>
[SERVER_SOFTWARE] => Apache/1.3.33 (Debian GNU/Linux) mod_ssl/2.8.22 OpenSSL/0.9.7e PHP/5.2.1-0.dotdeb.1 with Suhosin-Patch
[GATEWAY_INTERFACE] => CGI/1.1
[SERVER_PROTOCOL] => HTTP/1.0
[REQUEST_METHOD] => GET
[QUERY_STRING] =>
[REQUEST_URI] => /shop/result.php
[SCRIPT_NAME] => /shop/result.php
[PATH_TRANSLATED] => /domains/www.xxx.dk/www/shop/result.php
[PHP_SELF] => /shop/result.php
[REQUEST_TIME] => 1184929108
[argv] => Array
(
)
[argc] => 0
)
the ...returned url... I'm not sure I'm missing something. To be on the safe side: this
Can you POST data to that script, e.g. via <form method="POST", and access these parameters ( print_r($_POST); ) ?
calls your script and in this script (result.php) you cannot access the GET parameters ordrenr, prisumoms etc. ?
Can you POST data to that script, e.g. via <form method="POST", and access these parameters ( print_r($_POST); ) ?
yes exactly - i cannot access the $prisumoms and other variables in the url -
and no, unfortunately i cant do a POST instead, since this site (and the url) is generated by the "credit card payment module" that my webhost is offering. So the secure server is theirs and i simply do a POST with all the variables and they evaluate the creditcardinfo and then return the evaluation and alle the other variables (like price, addresses and other buyer info) with a GET to this result.php --
my problem is simply that I cant access the variables in the url - i find it very strage and the only thing i can think of that it could be is that it is a https. But i dont know anything about https-sites, and i dont know if it is standard there that they dont allow you to access the variables that are sent via GET.
(and that would make no sense, since that is exactly the way they sends them, so i am pretty confuzzled)
and no, unfortunately i cant do a POST instead, since this site (and the url) is generated by the "credit card payment module" that my webhost is offering. So the secure server is theirs and i simply do a POST with all the variables and they evaluate the creditcardinfo and then return the evaluation and alle the other variables (like price, addresses and other buyer info) with a GET to this result.php --
my problem is simply that I cant access the variables in the url - i find it very strage and the only thing i can think of that it could be is that it is a https. But i dont know anything about https-sites, and i dont know if it is standard there that they dont allow you to access the variables that are sent via GET.
(and that would make no sense, since that is exactly the way they sends them, so i am pretty confuzzled)
When i test the result.php on a secure and a non secure server with that little snippet of code you gave me there is one difference (aside form the fact that the secure server doesnt get any variables):
FROM NORMAL SERVER:
I wrote my hosting company again - they are replying so slowly and always some kind of dodging answer, as if they have no clue what php is...
FROM NORMAL SERVER:
FROM SECURE SERVER:[HTTP_ACCEPT] => text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
[HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.7
[HTTP_ACCEPT_ENCODING] => gzip,deflate
[HTTP_ACCEPT_LANGUAGE] => da,en-us;q=0.7,en;q=0.3
[HTTP_CONNECTION] => keep-alive
[HTTP_HOST] => http://www.xxx.dk
[HTTP_KEEP_ALIVE] => 300
[HTTP_USER_AGENT] => Mozilla/5.0 (Windows; U; Windows NT 5.1; da; rv:1.8.1.5) Gecko/20070713 Firefox/2.0.0.5
I dont know what those mean, but it seems like there are at least some differences on th server settings between the two servers...[HTTP_ACCEPT] => */*
[HTTP_CONNECTION] => Keep-Alive
[HTTP_HOST] => http://www.xxx.dk
[HTTP_USER_AGENT] => Wget/1.8.1
I wrote my hosting company again - they are replying so slowly and always some kind of dodging answer, as if they have no clue what php is...
Those are parameters/headers sent by the client. Instead of wget you might want to tryLJ79 wrote:I dont know what those mean, but it seems like there are at least some differences on th server settings between the two servers...
Code: Select all
<form method="post" action="https://pay.scannet.dk/xxx/shop/result.php">
<div>
<input type="hidden" name="ordrenr" value="14" />
<input type="hidden" name="prisumoms" value="75.00" />
<input type="hidden" name="kontrol" value="222" />
<input type="hidden" name="valuta" value="208" />
<input type="hidden" name="postnr" value="8000" />
<input type="submit" />
</div>
</form>Funny! I just noticed you are sitting in Berlin - so am I 
*opens window and screams "Volka" to check if we're neighbours*
--
Okay, I tried POSTing again from a form - just like you suggest - but still the [HTTP_USER_AGENT] gives "Wget/1.8.1" -
and the script doesnt recieve the variables... (I dont know what "wget" is).
Thanks a lot for your effort.
*opens window and screams "Volka" to check if we're neighbours*
--
Okay, I tried POSTing again from a form - just like you suggest - but still the [HTTP_USER_AGENT] gives "Wget/1.8.1" -
and the script doesnt recieve the variables... (I dont know what "wget" is).
Thanks a lot for your effort.