0

当我使用 API 创建 Drupal 表单并根据需要构建表单时,Braintree 返回身份验证异常。当我采用相同的渲染 HTML 并将其输出到页面上时(跳过 api),它就可以工作了。我不知道为什么!

下面是不起作用的代码。

function my_module_menu() {
  $items['user/payment/add'] = array(
    'title' => t('Add Card'),
    'type' => MENU_LOCAL_TASK,
    'page callback' => 'drupal_get_form',
    'page arguments' => array('my_module_add_form'),
    'access arguments' => array('access content'),
    'weight' => 2,
  );
}

function my_module_add_form() {

  global $user;

  require_once 'sites/all/libraries/braintree/lib/Braintree.php';

  Braintree_Configuration::environment('sandbox');
  Braintree_Configuration::merchantId('xxx');
  Braintree_Configuration::publicKey('xxx');
  Braintree_Configuration::privateKey('xxx');

  $customer = Braintree_Customer::find($user->uid);

  $trData = Braintree_TransparentRedirect::updateCustomerData(
    array(
      'redirectUrl' => 'http://www.xxx.com/user/payment',
      'customerId' => $user->uid
    )
  );

  $form['#action'] = url(Braintree_TransparentRedirect::url(), array('external' => true));
  $form['customer[first_name]'] = array(
    '#type' => 'textfield',
    '#title' => t('First Name'),
  );
  $form['customer[last_name]'] = array(
    '#type' => 'textfield',
    '#title' => t('Last Name'),
);
  $form['tr_data'] = array(
    '#type' => 'hidden',
    '#value' => htmlentities($trData),
  );
  $form['submit'] = array(
    '#type' => 'submit', 
    '#value' => t('Save')
  );

  return $form;
}

相反,如果我采用该确切的 HTML 输出并使用 normal_menu_item 和与上述相同的凭据来执行此操作...

function my_module_menu() {
  $items['user/payment/add'] = array(
    'title' => t('Add Card'),
    'type' => MENU_NORMAL_ITEM,
    'page callback' => 'my_module_add_page',
    'access arguments' => array('access content'),
    'weight' => 2,
  );
}


function my_module_add_page() {

  global $user;

  require_once 'sites/all/libraries/braintree/lib/Braintree.php';

  Braintree_Configuration::environment('sandbox');
  Braintree_Configuration::merchantId('xxx');
  Braintree_Configuration::publicKey('xxx');
  Braintree_Configuration::privateKey('xxx');

  $customer = Braintree_Customer::find($user->uid);

  $trData = Braintree_TransparentRedirect::updateCustomerData(
    array(
      'redirectUrl' => 'http://www.xxx.com/user/payment',
      'customerId' => $user->uid
    )
  );

    $output="

    <form accept-charset='UTF-8' id='tqcustom-billing' method='post' action='".Braintree_TransparentRedirect::url()."'>
    <div>
      <div class='form-item form-type-textfield form-item-customer-first-name'>
        <label for='edit-customer-first-name'>First Name </label>
        <input type='text' class='form-text' maxlength='128' size='60' value='' name='customer[first_name]' id='edit-customer-first-name'>
      </div>
      <div class='form-item form-type-textfield form-item-customer-last-name'>
        <label for='edit-customer-last-name'>Last Name </label>
        <input type='text' class='form-text' maxlength='128' size='60' value='' name='customer[last_name]' id='edit-customer-last-name'>
      </div>
      <input type='hidden' value='".$trData."' name='tr_data'>
      <input type='submit' class='form-submit' value='Save' name='op' id='edit-submit'>
    </div>
  </form>
  ";
  return $output;
}

它返回正常,状态码为 200。有关 drupal_get_form 或 drupal_render 的某些内容会杀死 Braintree 验证表单帖子所需的环境。这到底是什么原因造成的?两种方式的浏览器 HTML 输出 100% 完全相同,但第一种方式不会进行身份验证。

请向我询问详细信息,我会提供它们 - 迫切希望弄清楚这一点。

4

1 回答 1

1

在您的第一个示例中,您在显示表单之前传递了Braintree_TransparentRedirect::updateCustomerDatathrough的输出。htmlentities这将导致 & 符号显示为 & 代替 &。由于 tr_data 字段是使用您的 API 密钥签名的,因此它必须与从Braintree_TransparentRedirect::updateCustomerData.

免责声明:我为 Braintree 工作

于 2012-11-25T15:48:06.743 回答