sminnee
commented
11 years ago It would be good to have some kind of warning for an install that had an inappropriate suhosin setting. Perhaps payment can come bundled with an EnvironmentCheck?
Open stojg opened 11 years ago
sminnee
commented
11 years ago It would be good to have some kind of warning for an install that had an inappropriate suhosin setting. Perhaps payment can come bundled with an EnvironmentCheck?
DPSAdapter::processDPSHostedResponse() should somehow warn when $_REQUEST["result"] is not set.
This can happen on servers with suhosin and when the "result" get parameter is longer than 512 bytes, see suhosin.get.max_value_length configuration.
When a get param value is longer than that it will be removed from the $_REQUEST.
In a live server environment, this would can cause (depending on the server setup) a PHP notice, but still return a 200 OK response code to the DPS provider, that will then processes the transaction even though the script failed to process the transaction.