未定义的变量GET问题

时间:2015-01-07 13:48:50

标签: php encryption

我还是比较新的PHP,我正在努力帮助那些有PHP问题的人。但由于某些原因,我只是看不出我做错了什么。

我试图回应“$ params”并得到这个字符串:

clientid=30608&password=passphrase&oid=&chargetype=Auth¤cycode=826&total=

清楚地表明缺少“oid =”和“total =”记录,这是因为在代码中,下面代码中显示的oid和total部分被评论了out,这意味着它们没有与其他params一起被加密。

删除#后,我再次尝试,但是我收到了这个通知:

注意:未定义的变量:第232行的/home/public_html/payments.php中的GET_

注意:未定义的变量:第234行的/home/public_html/payments.php中的GET_

我理解它是$_GET(也在代码中)而不是$GET_但是错误仍然表明它是这样的。

非常感谢任何帮助

<?php require_once('mulgas1.php'); ?>
<?php session_start(); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$colname_InvoicePayments = "-1";
if (isset($_SESSION['recordadded'])) {
  $colname_InvoicePayments = (get_magic_quotes_gpc()) ? $_SESSION['recordadded'] : addslashes($_SESSION['recordadded']);
}
mysql_select_db($database_mulgas1, $mulgas1);
$query_InvoicePayments = sprintf("SELECT * FROM InvoicePayments WHERE IP_ID = %s", GetSQLValueString($colname_InvoicePayments, "int"));
$InvoicePayments = mysql_query($query_InvoicePayments, $mulgas1) or die(mysql_error());
$row_InvoicePayments = mysql_fetch_assoc($InvoicePayments);
$totalRows_InvoicePayments = mysql_num_rows($InvoicePayments);
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>MULGAS LIMITED - Competitive Prices on Boiler Service, Installation, Gas Safety Checks, PAT Testing - Contact Us For Details</title>
<meta name="description" content="MULGAS SERVICES - Established Corgi Registered Gas Engineers. Services include gas installation, service, repair, upgrades, boiler service and replacement. Gas oven and fire installation is another MULGAS service. MULGAS are approved to carry out gas and electrical landlord safety checks. Based in Woking and operating in Surrey and South West London." />
<meta name="keywords" content="mulgas, gas, service, installation, install, repair, upgrade, boiler, replacement, oven, cooker, fire, hot water, central heating, heating, safety, check, landlord, electrical, tenant, UK gas safety, gas safety and electrical checks, inspections, gaselec, gas-elec, british, UK, surrey, london, woking, guildford, engineer, engineers, carbon monoxide, CO, landlords, estate agents, letting agents, property management,solar heating, air source heat pumps, mulgas ltd, mulgas limited, gas boiler engineers, weybridge, west byfleet, camberley, farnham, farnborough, chertsey, addlestone, ashford, staines, bagshot, kingston, surbiton, epsom, esher, leatherhead, cobham, oxshott, chobham, virginia water, sunningdale, ascot, bracknell, gas safety checks, lgsc, cp12, pat, central heating repairs, systems, radiators, solar, renewable, underfloor heating, carbon monoxide, plumbing" />
<link rel="stylesheet" type="text/css" href="http://mulgas.co.uk/wp-content/themes/Mulgas/style.css" media="screen" />
<meta name="author" content="Graham Heels - www.morgan-gould.com" />
<meta name="revisit-after" content="1 week" />
<meta name="robots" content="all" />
<style type="text/css">









body,td,th {
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 12px;
    color: #28335F;
}



.style2 {
    font-size:25px;
}















-->
</style>
<script src="Scripts/AC_RunActiveContent.js" type="text/javascript"></script>
<script language="JavaScript1.2" type="text/javascript" src="Nav2/mm_css_menu.js"></script>
<script type="text/JavaScript">
<!--
function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}

function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}

function MM_nbGroup(event, grpName) { //v6.0
  var i,img,nbArr,args=MM_nbGroup.arguments;
  if (event == "init" && args.length > 2) {
    if ((img = MM_findObj(args[2])) != null && !img.MM_init) {
      img.MM_init = true; img.MM_up = args[3]; img.MM_dn = img.src;
      if ((nbArr = document[grpName]) == null) nbArr = document[grpName] = new Array();
      nbArr[nbArr.length] = img;
      for (i=4; i < args.length-1; i+=2) if ((img = MM_findObj(args[i])) != null) {
        if (!img.MM_up) img.MM_up = img.src;
        img.src = img.MM_dn = args[i+1];
        nbArr[nbArr.length] = img;
    } }
  } else if (event == "over") {
    document.MM_nbOver = nbArr = new Array();
    for (i=1; i < args.length-1; i+=3) if ((img = MM_findObj(args[i])) != null) {
      if (!img.MM_up) img.MM_up = img.src;
      img.src = (img.MM_dn && args[i+2]) ? args[i+2] : ((args[i+1])? args[i+1] : img.MM_up);
      nbArr[nbArr.length] = img;
    }
  } else if (event == "out" ) {
    for (i=0; i < document.MM_nbOver.length; i++) {
      img = document.MM_nbOver[i]; img.src = (img.MM_dn) ? img.MM_dn : img.MM_up; }
  } else if (event == "down") {
    nbArr = document[grpName];
    if (nbArr)
      for (i=0; i < nbArr.length; i++) { img=nbArr[i]; img.src = img.MM_up; img.MM_dn = 0; }
    document[grpName] = nbArr = new Array();
    for (i=2; i < args.length-1; i+=2) if ((img = MM_findObj(args[i])) != null) {
      if (!img.MM_up) img.MM_up = img.src;
      img.src = img.MM_dn = (args[i+1])? args[i+1] : img.MM_up;
      nbArr[nbArr.length] = img;
  } }
}
//-->
</script>
</head>

<body onload="MM_preloadImages('Nav2/Mulgas_Nav2_r1_c1_f2.png','Nav2/Mulgas_Nav2_r1_c1_f4.png','Nav2/Mulgas_Nav2_r1_c3_f3.png','Nav2/Mulgas_Nav2_r1_c3_f2.png','Nav2/Mulgas_Nav2_r1_c3_f4.png','Nav2/Mulgas_Nav2_r1_c4_f3.png','Nav2/Mulgas_Nav2_r1_c4_f2.png','Nav2/Mulgas_Nav2_r1_c4_f4.png','Nav2/Mulgas_Nav2_r1_c6_f3.png','Nav2/Mulgas_Nav2_r1_c6_f2.png','Nav2/Mulgas_Nav2_r1_c6_f4.png','Nav2/Mulgas_Nav2_r1_c8_f3.png','Nav2/Mulgas_Nav2_r1_c8_f2.png','Nav2/Mulgas_Nav2_r1_c8_f4.png','Nav2/Mulgas_Nav2_r1_c1.png','Nav2/Mulgas_Nav2_r1_c1_f3.png','Nav3/Mulgas_Nav2_r1_c1_f3.png','Nav3/Mulgas_Nav2_r1_c1_f2.png','Nav3/Mulgas_Nav2_r1_c1_f4.png','Nav3/Mulgas_Nav2_r1_c3_f3.png','Nav3/Mulgas_Nav2_r1_c3_f2.png','Nav3/Mulgas_Nav2_r1_c3_f4.png','Nav3/Mulgas_Nav2_r1_c4_f3.png','Nav3/Mulgas_Nav2_r1_c4_f2.png','Nav3/Mulgas_Nav2_r1_c4_f4.png','Nav3/Mulgas_Nav2_r1_c6_f3.png','Nav3/Mulgas_Nav2_r1_c6_f2.png','Nav3/Mulgas_Nav2_r1_c6_f4.png','Nav3/Mulgas_Nav2_r1_c8_f3.png','Nav3/Mulgas_Nav2_r1_c8_f2.png','Nav3/Mulgas_Nav2_r1_c8_f4.png','Nav3/Mulgas_Nav2_r1_c10_f3.png','Nav3/Mulgas_Nav2_r1_c10_f2.png','Nav3/Mulgas_Nav2_r1_c10_f4.png','Nav3/Mulgas_Nav2_r1_c12_f3.png','Nav3/Mulgas_Nav2_r1_c12_f2.png','Nav3/Mulgas_Nav2_r1_c12_f4.png','Nav3/Mulgas_Nav2_r1_c14_f3.png','Nav3/Mulgas_Nav2_r1_c14_f2.png','Nav3/Mulgas_Nav2_r1_c14_f4.png','Nav3/Mulgas_Nav2_r1_c16_f3.png','Nav3/Mulgas_Nav2_r1_c16_f2.png','Nav3/Mulgas_Nav2_r1_c16_f4.png')"><div id="main-content">

    <div id="main-content-page">

        <div id="main-content-inside-page">
        <a href="http://www.mulgas.co.uk"><img src="http://mulgas.co.uk/wp-content/themes/Mulgas/images/logo-pay.png" /></a>
<div id="design">








  <div id="MainText1">
    <table width="100%" bgcolor="#fff">
      <tr>
        <td width="5%">&nbsp;</td>
        <td width="73%">&nbsp;</td>
        <td width="22%">&nbsp;</td>
      </tr>
      <tr>
        <td>&nbsp;</td>
        <td><span class="style2">Paying Your Invoice With A Debit Or Credit Card</span></td>
        <td>&nbsp;</td>
      </tr>
      <tr>
        <td>&nbsp;</td>
        <td><?php # echo "record added =>" . $_SESSION['recordadded'] . "<=   " ;?></td>
        <td>&nbsp;</td>
      </tr>
      <tr>
        <td height="502">&nbsp;</td>
        <td>     
        <?php

#the following function performs a HTTP Post and returns the whole response
function pullpage( $host, $usepath, $postdata = "" ) {

# open socket to filehandle(epdq encryption cgi)
$fp = fsockopen('ssl://'. $host, 443, &$errno, &$errstr, 60);

#check that the socket has been opened successfully
 if( !$fp ) {
    print "$errstr ($errno)<br>\n";
 }
 else {

    #write the data to the encryption cgi
    fputs( $fp, "POST $usepath HTTP/1.0\n");
    $strlength = strlen( $postdata );
    fputs( $fp, "Content-type: application/x-www-form-urlencoded\n" );
    fputs( $fp, "Content-length: ".$strlength."\n\n" );
    fputs( $fp, $postdata."\n\n" );

    #clear the response data
   $output = "";


    #read the response from the remote cgi 
    #while content exists, keep retrieving document in 1K chunks
    while( !feof( $fp ) ) {
        $output .= fgets( $fp, 1024);
    }

    #close the socket connection
    fclose( $fp);
 }

#return the response
 return $output;
}

#define the remote cgi in readiness to call pullpage function 
$server="secure2.epdq.co.uk";
$url="/cgi-bin/CcxBarclaysEpdqEncTool.e";

#the following parameters have been obtained earlier in the merchant's webstore
#clientid, passphrase, oid, currencycode, total
$clientid = "30608";
$passphrase = "passphrase";
$oid = $_GET['InvoiceNo'];
$currencycode = "826";
$total = $_GET['AmountDue'];

$params="clientid=30608";
$params.="&password=passphrase";
$params.="&oid=" . $row_InvoicePayments['IP_Invoice_Number']; 
$params.="&chargetype=Auth";
$params.="&currencycode=826";
$params.="&total=" . $row_InvoicePayments['IP_Amount_Due'];

#$params="clientid=$clientid";
#$params.="&password=$passphrase";
#$params.="&oid=$oid";
#$params.="&chargetype=Auth";
#$params.="&currencycode=$currencycode";
#$params.="&total=$total";

#perform the HTTP Post
$response = pullpage( $server,$url,$params );

#split the response into separate lines
$response_lines=explode("\n",$response);

#for each line in the response check for the presence of the string 'epdqdata'
#this line contains the encrypted string
$strEPDQ = '';
$response_line_count=count($response_lines);
for ($i=0;$i<$response_line_count;$i++){
    if (preg_match('/epdqdata/',$response_lines[$i])){
        $strEPDQ=$response_lines[$i];
    }
}
?>
          <p align="left">Thank you for entering your invoice details and agreeing to the Terms and Conditions. 
          <p align="left">By pressing the Complete Payment button below you will be taken to the ePDQ payment page.          
          <p align="left">Once you have succesfully processed a payment through Barclaycard's ePDQ system you will return to <br />
            the Mulgas web site. 
          <p align="left">Mulgas Limited are a limited company based in the UK.           
          <blockquote>
            <p align="left">Company Registration Number : <strong>6240616 </strong></p>
            <p align="left">VAT Number : 
              <strong>GB 733 7166 30            </strong>
            </p>
          </blockquote>
          <FORM action="https://secure2.epdq.co.uk/cgi-bin/CcxBarclaysEpdq.e" method="POST">
            <div align="left"><?php print $strEPDQ; ?>
              <INPUT type="hidden" name="returnurl" value="http://www.mulgas.co.uk/completed_payment.php">
              <INPUT type="hidden" name="merchantdisplayname" value="Mulgas Services">
              <INPUT TYPE="submit" VALUE="Complete Payment">
            </div>
          </FORM>
        </p>
        <div align="center"><img src="images/CC_Warning_1.gif" width="400" height="230" /></div>
        <p>&nbsp;</p></td>
        <td align="right"><img src="images/Prices_Panel_right_200w_500h_1.gif" width="200" height="500" hspace="10" border="0" usemap="#Map3" /></td>
      </tr>
      <tr>
        <td>&nbsp;</td>
        <td>&nbsp;</td>
        <td>&nbsp;</td>
      </tr>
    </table>
  </div>
    <div id="bottomSectionNotIndex"><img src="images/Bottom_Narrow_Footer_970w_20h_1.gif" border="0" usemap="#Map2" />
<map name="Map2" id="Map2">
  <area shape="rect" coords="7,1,271,17" href="mailto:service@mulgas.co.uk" />
</map></div>
</div>


<map name="Map3" id="Map3"><area shape="rect" coords="3,6,195,492" href="second opinion.html" />
</map></div>
        <!-- #main-content-inside-page -->

    </div>
    <!-- #main-content-page -->

</div>
<!-- #main-content --></body>
</html>
<?php
mysql_free_result($InvoicePayments);
?>

1 个答案:

答案 0 :(得分:1)

更改

$oid = $_GET['InvoiceNo'];
$currencycode = "826";
$total = $_GET['AmountDue'];


$oid = (isset($_GET['InvoiceNo']) ? $_GET['InvoiceNo'] : null );
$currencycode = "826";
$total = (isset($_GET['AmountDue']) ? $_GET['AmountDue'] : null );

基本思想是您正在搜索的参数,未声明。 在你使用之前,你应该总是检查是否存在可怜的

相关问题
最新问题