Sage Pay Success URI Crypt Length Problems
I have just looking at sage pay form integration and I came across a little problem with success part of the process.
This is how the sage pay flow works:
1. Server sends transaction details and user along to their server for payment.
2. Server authenticates payment and sends back the user to a page you specified in your crypt field in step 1.
3. At this point the payer should be at this point:
http://test.com/success.php?crypt=stringToBeDecrypted
In my case stringToBeDecrypted was 640 characters long and posed a little problem. In my case the string was showing as empty, yet when I ran the same URI on my test server it worked no problem. An investigation was necessary...
It turns out it is to do with Suhosin security patch that many LAMP installations come with and one of it's directives:
suhosin.get.max_value_length
To check your value, just run PHP info and look under your Suhosin section, the value you will probably see is 512 (as this is the default). You will need to change to a figure of at least 640 for your SagePay confirmation page to run. If you have root access to the system then follow the instructions here on how to change the values:
http://solidservers.ca/2008/06/suhosin-changing-configuration-values/
Otherwise contact the server administrators and ask them to change it on your behalf.
Firms
This is how the sage pay flow works:
1. Server sends transaction details and user along to their server for payment.
2. Server authenticates payment and sends back the user to a page you specified in your crypt field in step 1.
3. At this point the payer should be at this point:
http://test.com/success.php?crypt=stringToBeDecrypted
In my case stringToBeDecrypted was 640 characters long and posed a little problem. In my case the string was showing as empty, yet when I ran the same URI on my test server it worked no problem. An investigation was necessary...
It turns out it is to do with Suhosin security patch that many LAMP installations come with and one of it's directives:
suhosin.get.max_value_length
To check your value, just run PHP info and look under your Suhosin section, the value you will probably see is 512 (as this is the default). You will need to change to a figure of at least 640 for your SagePay confirmation page to run. If you have root access to the system then follow the instructions here on how to change the values:
http://solidservers.ca/2008/06/suhosin-changing-configuration-values/
Otherwise contact the server administrators and ask them to change it on your behalf.
Firms
posted by firmy007 at
11:31 AM
0 Comments
