#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2004
    Posts
    2
    Rep Power
    0

    Exclamation Retrieving Values via URL/Link


    Dear Dev Shed,

    I am pretty stuck at this point and am still very new to ColdFusion. I would be deeply grateful if you could lend a hand.

    I need to retrieve the variables from this particular link that would be passed back to me via the "statusurl", upon completion of a transaction from a payment gateway, to update my database so that the user can move on to another stage.

    Without these values updated, everyone is stuck.

    The link/parameters passed back is:

    www.flickswitch.com/test/status.cfm?TM_RefNo=QW000016-11&TM_DebitAmt=25.00&TM_Status=YES&TM_ErrorMsg=&TM_PaymentType=2&TM_ApprovalCode=888888[/url]

    How can I retrieve the variables and its values if it was passed back to me via URL?

    I tried using the URL.TM_Status method and cfparam followed by cfset but of no use and I am not familiar with CFHTTP.

    No further information provided by the payment gateway, except this "The variables will be combined together with the statusurl provided through the "get" method".

    Does this mean I have to do a CFHTTP "get" to obtain the values and if so, how do I go about doing this?


    Please help.
  2. #2
  3. No Profile Picture
    Moderator

    Join Date
    Jun 2002
    Location
    Raleigh, NC
    Posts
    5,243
    Rep Power
    967
    If you call a ColdFusion page with this URL:

    www.flickswitch.com/test/status.cfm?TM_RefNo=QW000016-11&TM_DebitAmt=25.00&TM_Status=YES&TM_ErrorMsg=&TM_PaymentType=2&TM_ApprovalCode=888888

    These variables will be available to the page:

    • url.tm_refno
    • url.tm_debitamt
    • url.tm_status
    • url.tm_errormsg
    • url.tm_paymenttype
    • url.tm_approvalcode


    You can output one to test it like this:

    <cfoutput>#url.debitamt#</cfoutput>

    However, I gather from your variable names that you are passing some sort of money or transaction information in the URL. This is an extremely dangerous and bad idea if that data has any importance at all. If these values are used in a payment transaction or used in a database query, etc, then you had better be doing a lot of validation and confirmation. Values passed in url or form fields should always be regarded with the highest suspicion because it is so easy to modify them.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2004
    Posts
    2
    Rep Power
    0

    Thank you


    Hi Kiteless,

    Thank you for replying to this thread. I did try using this method mentioned but to no avail.

    Perhaps, I should check with the payment gateway as I noticed the page is not called upon at all.

    Hopefully, this will be resolved soon as time is really ticking on my side

    And yes, you are correct. It is for some payment transaction. Will definitely heed your advice on the preventive measures.
    Grateful for your time.

    This is a really, really cool site and I will definitely drop by very often.

    Once again, thanks!!

IMN logo majestic logo threadwatch logo seochat tools logo