I am trying to make a PHP script send the user to a PayPal page that has been pre-configured. Basically, I'm trying to get rid of the intermediate page, "Please wait while I send you to PayPal, blah".
Currenly this is what is happening: 1. User fills out a form which gets POST'd to my process.php page 2. I want process.php to build the _xclick string and post directly to PayPal and show (redirect?) the page in the brower.
This is what I'm currenly doing, but the user's web brower is not redirected. I know I can echo some HTML and get it to work, but I thought there was a way to get the data, but I guess getting the browser to act take something more?
//create array of requuired minimal data for a PayPal button
$post_data['amount'] = '123';
$post_data['item_name'] = 'widget';
$post_data['item_number'] = '123';
$post_data['quantity'] = '123';
$post_data['currency_code'] = 'USD';
$post_data['business'] = 'widgetsRUS@na.com';
$post_data['no_shipping'] = '2';
//traverse array and prepare data for posting (key1=value1)
foreach ( $post_data as $key => $value)
{
$post_items[] = $key . '=' . urlencode(stripslashes($value));
}
//create the final string to be posted using implode()
$post_string = implode ('&', $post_items);
// Add command string
$post_string = '?cmd=_xclick&' . $post_string;
// Connect to PAYPAL
$fp = fsockopen ('ssl://www.paypal.com', 443, $errno, $errstr, 30);
//sending the data
fputs($fp, "POST /cgi-bin/webscr HTTP/1.1\r\n");
fputs($fp, "Host: www.paypal.com\r\n");
fputs($fp, "Content-Type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-Length: ".strlen($post_string)."\r\n");
fputs($fp, "Connection: close\r\n");
fputs($fp, "\r\n");
fputs($fp, $post_string);
while (!feof($fp))
{
echo fgets($fp, 1024);
}
fclose($fp);
The answer is that, at least with PayPal, this cannot be done. If I do a POST followed by a GET then the browser URL does not change and this breaks security standards. In short, the browser (user) must be involved in the POST to maintain all correct appearances. PayPal offers an API that can do everything behind the scenes and not require HTML FORMS, but this is not available with _xclick.
Thus you need to use JavaScript and make an auto submitting FORM. Something like:
<html>
<head>
<title>Proceeding to credit card site ...</title>
<body onload="document.paypal_form.submit();">
<h1>Proceeding to credit card site ...</<h1>
<form method="post" name="paypal_form" action="<?php echo $post_data['url']?>">
<input type="hidden" name="cmd" value="<?php echo $post_data['cmd']?>" />
<input type="hidden" name="business" value="<?php echo $post_data['business']?>" />
<input type="hidden" name="currency_code" value="<?php echo $post_data['currency_code']?>" />
<input type="hidden" name="amount" value="<?php echo $post_data['amount']?>" />
<input type="hidden" name="item_name" value="<?php echo $post_data['item_name']?>" />
</form>
</body>
</html>