Looking for an expert PHP/MySQL programmer
Moderator: General Moderators
Looking for an expert PHP/MySQL programmer
We're having problems integrating a merchant payment gateway to our site; specifically, we lose our user's session when going from the unencrypted url to the ssl-url. The user is logged-out and is required to log-in again at the billing stage, which makes for a poor experience.
The bulk of our site was originally outsourced offshore, and the php code is not well remarked. There are roughly 100 pages to our site, but only about 8-10 related to billing, including the header which calls all the "includes" files.
An expert php coder may be able to identify the problem quickly.
Please inbox me with a quote and your credentials.
The bulk of our site was originally outsourced offshore, and the php code is not well remarked. There are roughly 100 pages to our site, but only about 8-10 related to billing, including the header which calls all the "includes" files.
An expert php coder may be able to identify the problem quickly.
Please inbox me with a quote and your credentials.
-
magicrobotmonkey
- Forum Regular
- Posts: 888
- Joined: Sun Mar 21, 2004 1:09 pm
- Location: Cambridge, MA
Perhaps I know what causing that problem. You can pm me or email @ weirdan@gmail.com
yup, its a cross url problem, I noticed it when i was makeing a shopping cart for a client about a year ago.
Assumeing you have user accounts, and user is loged in.
whoever you hire, all s/he needs to do is to get the user id, and a random string, insert both into mysql table, pass the string to payment gateway in successful/failure page urls, and when it gets back to one of the these pages, use the random string, check db to make sure that the user was indeed from this site, and log him/her back in.
thats about it, but make sure the random string is VERY random, better yet, encrypt the string aswell.
good luck
Assumeing you have user accounts, and user is loged in.
whoever you hire, all s/he needs to do is to get the user id, and a random string, insert both into mysql table, pass the string to payment gateway in successful/failure page urls, and when it gets back to one of the these pages, use the random string, check db to make sure that the user was indeed from this site, and log him/her back in.
thats about it, but make sure the random string is VERY random, better yet, encrypt the string aswell.
good luck