cancel
Showing results for 
Search instead for 
Did you mean: 

(DPM, PHP) Secure Actions on Transaction Approval

I'm using Direct Post method with the PHP sdk, and once the transaction is approved I need to insert the client's data into a database. 

 

The client's data is stored in $_SESSION variables, but I can't access these in the relay_response.php page. I can't handle the database insertion in the receipt file because people could just spoof the URL.

 

Anybody know of a way to transfer data to the relay_response page or to make sure the order was actually approved after relay_response? Thanks.

1 REPLY 1

 

Hi,

 

I would suggest using merchant-defined fields to include the information you are putting in the session variable. MDF are used to submit additional information with your transaction as long as you are not collecting personally identifying information. If you wish to double check the results of your transactions, you can do so by using a getTransactionDetailsRequest API.

 

Thanks,

Joy

Joy
Administrator Administrator
Administrator