0

我正在创建一个网络支付表单。根据 pci,我无法存储信用卡号码,所以我使用第三方 api 来加密信用卡号码。根据第三方文档,我必须在我的 html 表单中添加他们的脚本<script type="text/javascript" src="./-client-2.1.2.js"></script>和也给表格一个独特的价值

<input id="txtEncryptionKey" name="txtEncryptionKey" class="_encryptionkey"
        type="hidden" value="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWpIQFjQQCPpaIlJKpeg
        irp5kLkzLB1AxHmnLk73D3TJbAGqr1QmlsWDBtMPMRpdzzUM7ZwX3kzhIuATV4Pe
        7RKp3nZlVmcrT0YCQXBrTwqZNh775z58GP2kZs+gVfNqBampJPzSB/hB62KkByhE
        Cn6grrRjiAVwJyZVEvs/********+aE16emtX12RgI5JdzdOiNyZEQteU6zRBRJE
        ocPWVxExaOpVVVJ5+UnW0LcalzA+lRGRTrQJ5JguAPiAOzRPTK/lYFFpCAl/F8wt
        oAVG1c8zO2NcQ0Pko+fmeidRFxJ/did2btV+9Mkze3mBphwFmvnxa35LF+Cs/XJH
        DwIDAQAB" />

并到我希望加密信用卡号的字段:

<input type="text" name="txtCreditCard" id="txtCreditCard" class="_data"

以及提交按钮

<input type="submit" name="btn_process" value="Submit" id="btn_process" class="_submit btn btn-success">

这是我的整个代码

 <html>   
    <head>
     <title>Test Page</title>
    <script type="text/javascript">

     </script>
    <script type="text/javascript" src="./-client-2.1.2.js"></script>
    </head>   
    <body>   
        <h2>Data Collection</h2><p>

    <form action="process.php" method="post">
    <input id="txtEncryptionKey" name="txtEncryptionKey" class="encryptionkey"
    type="hidden" value="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWpIQFjQQCPpaIlJKpeg
    irp5kLkzLB1AxHmnLk73D3TJbAGqr1QmlsWDBtMPMRpdzzUM7ZwX3kzhIuATV4Pe
    7RKp3nZlVmcrT0YCQXBrTwqZNh775z58GP2kZs+gVfNqBampJPzSB/hB62KkByhE
    Cn6grrRjiAVwJyZVEvs/2vrxaEpO+aE16emtX12RgI5JdzdOiNyZEQteU6zRBRJE
    ocPWVxExaOpVVVJ5+UnW0LcalzA+lRGRTrQJ5JguAPiAOzRPTK/lYFFpCAl/F8wt
    oAVG1c8zO2NcQ0Pko+fmeidRFxJ/did2btV+9Mkze3mBphwFmvnxa35LF+Cs/XJH
    DwIDAQAB" />
        Name: <input type="text" name="name"><br>
        Credit card number: <input type="text" name="credit" id="credit" class="_data"><br>
        <input type="submit" name="btn_process" value="Submit" id="btn_process" class="_submit btn btn-success">
    </form>

    </body>
    </html>

所以这里发生的是,一旦我点击提交,我的信用卡号就会被 javascript 获取,并在它自己的页面中转换为密文,它会返回一个独特的密文,如下所示

_cipherText=EIQ4H1Tmmxb0wvyfX9HvbSg0SH0ez1GyZSZjQ8OQqKOI8wtY%2B06uq9XlsDSQdmvRtZtCwJv%2FFbo6xxQ4ClPQZN06nO%2BB8Hw3PddPFLqGtViOMCpBif9Tv0LXPy4%2FQ2L%2F5crTjVQa6WdoJABTgFlOcJ8x%2Bs%2FSSmR5Hd7R9SznfpJQp64IQ6FP%2F2ASxpU14YswgDvTumYZ%2BPElbdKG5u71snNWoQNUClWFn4d8yk6%2BaJ%2FDUGWqotpxchhOFvHMePXsdE8%2F2mGlmz5iiOSH5LlvHptenQMtTvHjBuwdMo4rnutjJ%2FRqaR3sWcndZIWYmEZ7OfA%3D%3D

现在使用 php 我需要将此密码存储到变量中并将其发送到 Web 服务

<!DOCTYPE html>
<html>
<body>

<?php
function writeMsg()
{
echo "Hello world!";
}

//creates a token.
function Tokenize()
{
// see details here http:/.turnapi.com/docs/1.0/rest-tokenize
$_id = "763994532109974";
$api_key = "0za2fOfdWU8575BnTH";
$encrypted_data = "acAx/CwWGCURIhwf7gIw36TFmXoGFrFa5l9hCgcGEW4/mVQAAzZuT4XRjktb7XR0sAthHTuSPYegNYUy7g1stP+ypfVBcH0hNiI72N22yy3WYp0VUfAKDp33HBgUVQwg0TWAenRSNbUwC0Qv49E5bubYo4YBnERWi4JNLJZPlEQUfjMovvWQsQdFHd7U79XJZnZQdW92CKFDrTX8bCS4/n0LDEEVBILJGBnjnvKOQjQarsX8OuU6/73qpy36f9Gz3+X6IRfRhVbINNV0Seii6qSXT03NyvbERDsU/CiOrZ1tY0RuiKh4rsvCfPYrX2h67ZZ7nzrz0DeV+BYyo0e06A=="; 
// CC data to tokenize..

$data = array(
    'ID' =>_id,
    'APIKey' => $api_key,
    'EncryptedData' => $encrypted_data,
    'TokenScheme' => 4 
);
//convert to JSON
$json = json_encode($data);

 echo "Step1 done... ";
 echo $json;

//curl config
$url = 'https://test-api..com:8081/TokenServices.svc/REST/TokenizeFromEncryptedValue';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
                                    'Content-Type: application/json', //we are using json in this example, you could use xml as well
                                    'Content-Length: '.strlen($json),
                                    'Accept: application/json')       //we are using json in this example, you could use xml as well
                                    );
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $json);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

//call web service
$result = curl_exec($ch);

//decode result
$jsonResult = json_decode($result, true);

//handle result
if ($jsonResult['Success'] == FALSE)
{
    echo "Error Message: ";
    echo $jsonResult['Error'];
}
else
{
    echo "your token is: ";
    echo $jsonResult['Token'];
}
}

//writeMsg();
Tokenize();
?>

</body>
</html>

看到这里$encrypted_data = "acAx/CwWGCURIhwf7gIw36TFmXoGFrFa5l9hCgcGEW4/mVQAAzZuT4XRjktb7XR0sAthHTuSPYegNYUy7g1stP+ypfVBcH0hNiI72N22yy3WYp0VUfAKDp33HBgUVQwg0TWAenRSNbUwC0Qv49E5bubYo4YBnERWi4JNLJZPlEQUfjMovvWQsQdFHd7U79XJZnZQdW92CKFDrTX8bCS4/n0LDEEVBILJGBnjnvKOQjQarsX8OuU6/73qpy36f9Gz3+X6IRfRhVbINNV0Seii6qSXT03NyvbERDsU/CiOrZ1tY0RuiKh4rsvCfPYrX2h67ZZ7nzrz0DeV+BYyo0e06A==" 我需要我按下提交按钮时使用的密文..我需要 php 中的语句将此密文检索到变量$encrypted_data中(到目前为止,我已经在那里给出了一个独立的数据)

在 php 部分也存在一些问题,其中一些有效负载正在使用 JSON 发送到 Web 服务,但我似乎没有得到响应(即作为来自 Web 服务的响应发送的令牌,我发送了我的 token_id,api 密钥和加密数据

有人可以帮助使这段代码正常工作吗?我实际上是 php 新手,我在他们的文档和在线步骤的帮助下完成了所有这些工作。请承担这个长问题,我是初学者,所以我必须完整地提出这个问题。

提前致谢

4

1 回答 1

0

如果 CURL 请求完全失败,您应该在curl_error($ch)中出现错误,或者如果它返回一个奇怪的结果,您可以获取有关使用curl_info($ch)发出的最后一个请求的信息,因此两者的某种组合应该可以帮助您工作找出可能发生错误的地方。

于 2013-11-12T10:55:13.873 回答