質問

I'm not sure if this was already asked in the forum but I was really having a hard time searching for answer. Is there an api way to submit a purchase on 2checkout using curl in php? cause currently what they are promoting is this sample:

<form action='https://www.2checkout.com/checkout/purchase' method='post'>
<input type='hidden' name='sid' value='1303908' />
<input type='hidden' name='mode' value='2CO' />
<input type='hidden' name='li_0_name' value='invoice123' />
<input type='hidden' name='li_0_price' value='25.99' />
<input type='hidden' name='card_holder_name' value='Checkout Shopper' />
<input type='hidden' name='street_address' value='123 Test Address' />
<input type='hidden' name='street_address2' value='Suite 200' />
<input type='hidden' name='city' value='Columbus' />
<input type='hidden' name='state' value='OH' />
<input type='hidden' name='zip' value='43228' />
<input type='hidden' name='country' value='USA' />
<input type='hidden' name='email' value='example@2co.com' />
<input type='hidden' name='phone' value='614-921-2450' />
<input name='submit' type='submit' value='Checkout' />
</form>

to which you'll use a javascript to submit or just simply click on the submit button to submit it but I don't want to use it cause this procedure might compromise the security of the site during the purchase or checkout process, I have already tried to create a curl code for this but it won't work

$curl = curl_init('https://www.2checkout.com/checkout/purchase');
        $data = array();
        curl_setopt($curl, CURLOPT_HTTPHEADER, array("Accept: application/json"));
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($curl, CURLOPT_USERAGENT, "2Checkout PHP/0.1.0");
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
$data['sid']='1303908';...
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
curl_exec($curl);
        curl_close($curl);

This is how I did it but it won't add the purchase over on 2checkout, is there somebody who was able to do this already? If it's not possible with curl encryption of data maybe enough but I'm not sure how to do it which I can also use a secret word or something. Please I really need some enlightenment right now any answers are welcome here :(((

Thanks in advance.

役に立ちましたか?

解決

I emailed 2checkout regarding this issue, and this was their response:

Unfortunately, due to the fact that the information is submitted through an HTML form, that does make it vulnerable to hackers. You could create the order from the Play Parameter set, where you would create the order in the 2Checkout vendor area, and just submit a product ID to us at the time of sale. that way, the hacker would not be able to alter the price.

Also, we do have some pre-built server side coding libraries that you can use to create an html form and automatically submit it to us with a call to the library. While it does still create an HTML form, there would be less chance for someone to alter it. The libraries are located here: https://www.2checkout.com/documentation/libraries if you want to take a look.

ライセンス: CC-BY-SA帰属
所属していません StackOverflow
scroll top