#25349 [Opn->Bgs]: PayFlow Pro requires explicit putenv()

Tue, 02 Sep 2003 02:51:07 +0000 

 ID:               25349
 Updated by:       [EMAIL PROTECTED]
 Reported By:      kmsluder at optonline dot net
-Status:           Open
+Status:           Bogus
 Bug Type:         Verisign Payflow Pro related
 Operating System: Red Hat Linux 8/ 2.2 Kernel
 PHP Version:      4.3.2
 New Comment:

If your environment is set correctly prior to starting Apache2, it will
work just fine. 

FYI: SetEnv in apache is NOT for setting these variables.



Previous Comments:
------------------------------------------------------------------------

[2003-09-01 21:29:13] kmsluder at optonline dot net

Description:
------------
When using the PayFlow Pro extension on Linux (PHP compiled as Apache2
module), one must explicitly set the PFPRO_CERT_PATH environment
variable using a putenv() call prior to calling pfpro_init(), else the
extension will attempt to look in the certs/ subfolder of the working
directory.  This occurs even if the PFPRO_CERT_PATH variable has been
set by Apache via a SetEnv directive, or if the environment variable
has been added through the shell.

This requires either placing certificates in the certs/ subfolder of
where PHP scripts are stored (obviously not a good idea), or
specifically adding PFPRO_ to the list of safe mode allowed environment
variables.

Reproduce code:
---------------
<?php
// File name: /usr/local/apache/htdocs/test_pfpro.php

// Echo the value of PFPRO_CERT_PATH, just to prove its existence
echo 'The value of PFPRO_CERT_PATH is: ' . getenv('PFPRO_CERT_PATH');

// Removing this line will cause pfpro to look
// in /usr/local/apache/htdocs/certs for the certificate file
putenv('PFPRO_CERT_PATH=/usr/local/verisign/payflowpro/linux/certs');

// The rest of this code is taken from the documentation for
pfpro_process()

pfpro_init();

$transaction = array('USER'    => 'mylogin',
                     'PWD'     => 'mypassword',
                     'PARTNER' => 'VeriSign',
                     'TRXTYPE' => 'S',
                     'TENDER'  => 'C',
                     'AMT'     => 1.50,
                     'ACCT'    => '4111111111111111',
                     'EXPDATE' => '0904'
                    );

$response = pfpro_process($transaction);

if (!$response) {
  die("Couldn't establish link to Verisign.\n");
}

echo "Verisign response code was ".$response['RESULT'];
echo ", which means: ".$response['RESPMSG']."\n";

pfpro_cleanup();
?>

Expected result:
----------------
The value of PFPRO_CERT_PATH is:
/usr/local/verisign/payflowpro/linux/certs

Verisign response code was 0, which means: Approved

Actual result:
--------------
The value of PFPRO_CERT_PATH is:
/usr/local/verisign/payflowpro/linux/certs

Verisign response code was -31, which means: Certficate chain did not
validate; Local certificate not found


------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=25349&edit=1

Reply via email to