php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #25349 PayFlow Pro requires explicit putenv()
Submitted: 2003-09-01 21:29 UTC Modified: 2003-09-01 21:50 UTC
From: kmsluder at optonline dot net Assigned:
Status: Not a bug Package: Verisign Payflow Pro related
PHP Version: 4.3.2 OS: Red Hat Linux 8/ 2.2 Kernel
Private report: No CVE-ID: None
 [2003-09-01 21:29 UTC] kmsluder at optonline dot net
Description:
------------
When using the PayFlow Pro extension on Linux (PHP compiled as Apache2 module), one must explicitly set the PFPRO_CERT_PATH environment variable using a putenv() call prior to calling pfpro_init(), else the extension will attempt to look in the certs/ subfolder of the working directory.  This occurs even if the PFPRO_CERT_PATH variable has been set by Apache via a SetEnv directive, or if the environment variable has been added through the shell.

This requires either placing certificates in the certs/ subfolder of where PHP scripts are stored (obviously not a good idea), or specifically adding PFPRO_ to the list of safe mode allowed environment variables.

Reproduce code:
---------------
<?php
// File name: /usr/local/apache/htdocs/test_pfpro.php

// Echo the value of PFPRO_CERT_PATH, just to prove its existence
echo 'The value of PFPRO_CERT_PATH is: ' . getenv('PFPRO_CERT_PATH');

// Removing this line will cause pfpro to look
// in /usr/local/apache/htdocs/certs for the certificate file
putenv('PFPRO_CERT_PATH=/usr/local/verisign/payflowpro/linux/certs');

// The rest of this code is taken from the documentation for pfpro_process()

pfpro_init();

$transaction = array('USER'    => 'mylogin',
                     'PWD'     => 'mypassword',
                     'PARTNER' => 'VeriSign',
                     'TRXTYPE' => 'S',
                     'TENDER'  => 'C',
                     'AMT'     => 1.50,
                     'ACCT'    => '4111111111111111',
                     'EXPDATE' => '0904'
                    );

$response = pfpro_process($transaction);

if (!$response) {
  die("Couldn't establish link to Verisign.\n");
}

echo "Verisign response code was ".$response['RESULT'];
echo ", which means: ".$response['RESPMSG']."\n";

pfpro_cleanup();
?>

Expected result:
----------------
The value of PFPRO_CERT_PATH is: /usr/local/verisign/payflowpro/linux/certs

Verisign response code was 0, which means: Approved

Actual result:
--------------
The value of PFPRO_CERT_PATH is: /usr/local/verisign/payflowpro/linux/certs

Verisign response code was -31, which means: Certficate chain did not validate; Local certificate not found

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-09-01 21:50 UTC] sniper@php.net
If your environment is set correctly prior to starting Apache2, it will work just fine. 

FYI: SetEnv in apache is NOT for setting these variables.

 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Mar 19 09:01:30 2024 UTC