Retrieving Values via URL/Link

Dear Dev Shed,

I am pretty stuck at this point and am still very new to ColdFusion. I would be deeply grateful if you could lend a hand.

I need to retrieve the variables from this particular link that would be passed back to me via the "statusurl", upon completion of a transaction from a payment gateway, to update my database so that the user can move on to another stage.

Without these values updated, everyone is stuck.

The link/parameters passed back is:

www.flickswitch.com/test/status.cfm?TM_RefNo=QW000016-11&TM_DebitAmt=25.00&TM_Status=YES&TM_ErrorMsg=&TM_PaymentType=2&TM_ApprovalCode=888888[/url]

How can I retrieve the variables and its values if it was passed back to me via URL?

I tried using the URL.TM_Status method and cfparam followed by cfset but of no use and I am not familiar with CFHTTP.

No further information provided by the payment gateway, except this "The variables will be combined together with the statusurl provided through the "get" method".

Does this mean I have to do a CFHTTP "get" to obtain the values and if so, how do I go about doing this?


Please help.

If you call a ColdFusion page with this URL:

www.flickswitch.com/test/status.cfm?TM_RefNo=QW000016-11&TM_DebitAmt=25.00&TM_Status=YES&TM_ErrorMsg=&TM_PaymentType=2&TM_ApprovalCode=888888

These variables will be available to the page:

• url.tm_refno
• url.tm_debitamt
• url.tm_status
• url.tm_errormsg
• url.tm_paymenttype
• url.tm_approvalcode

You can output one to test it like this:

<cfoutput>#url.debitamt#</cfoutput>

However, I gather from your variable names that you are passing some sort of money or transaction information in the URL. This is an extremely dangerous and bad idea if that data has any importance at all. If these values are used in a payment transaction or used in a database query, etc, then you had better be doing a lot of validation and confirmation. Values passed in url or form fields should always be regarded with the highest suspicion because it is so easy to modify them.

Hi Kiteless,

Thank you for replying to this thread. I did try using this method mentioned but to no avail.

Perhaps, I should check with the payment gateway as I noticed the page is not called upon at all.

Hopefully, this will be resolved soon as time is really ticking on my side

And yes, you are correct. It is for some payment transaction. Will definitely heed your advice on the preventive measures.
Grateful for your time.

This is a really, really cool site and I will definitely drop by very often.

Once again, thanks!!