Google Checkout reports error to user but not admin - sandbox

I'm using the following to generate a Google Checkout:
echo '<form method="POST"
action="https://sandbox.google.com/checkout/api/checkout/v2/checkoutForm/Merchant/'.$id.'"
accept-charset="utf-8">';
while ($row = mysql_fetch_array($result)) {
echo '<input type="hidden" name="item_name_1" value="'.$row['name'].'"/>';
echo '<input type="hidden" name="item_description_1" value="Your chossen Subscription"/>';
echo '<input type="hidden" name="item_price_1" value="'.$row['price'].'"/>';
echo '<input type="hidden" name="item_currency_1" value="GBP"/>';
echo '<input type="hidden" name="item_quantity_1" value="1"/>';
echo '<input type="hidden" name="item_merchant_id_1" value="1"/>';
}
echo '<input type="hidden" name="_charset_"/>';
// Button code -->
echo '<input type="image"
name="Google Checkout"
alt="Fast checkout through Google"
src="http://sandbox.google.com/checkout/buttons/checkout.gif?merchant_id='.$id.'&w=180&h=46&style=white&variant=text&loc=en_US"
height="46"
width="180" />';
echo '</form>';
Which I think is correct and is sending users to the sandbox checkout. However Google gives this message:
Oops!
We were unable to process your request.
Time when the error happened: 2010-07-27T13:16:42 (UTC) (48c5e4fef7fe8)
But I'm not seeing anything in the integration console. I have checked and confirmed the correct merchant id for the sandbox account.
Does anyone have experience of this? Have I missed something?

Related

How to print the third instance of an attribute using Cheerio JS

There is 3 instances of 'authenticity_token' in this html:
<form class="edit_checkout" action="/942252/checkouts/624527ae778897e534d917b52af2eb28" accept-charset="UTF-8" method="post"><input type="hidden" name="_method" value="patch" /><input type="hidden" name="authenticity_token" value="5vK3h2ocwaKm0hZ+AH3HAtnffe9l7hQHIMDfrMPusFhxtSV6IbLBfWOnBboOBysF7NyDPQ7GNxdfcWUPOk5WSQ==" />
<form class="edit_checkout" action="/942252/checkouts/624527ae778897e534d917b52af2eb28" accept-charset="UTF-8" method="post"><input type="hidden" name="_method" value="patch" /><input type="hidden" name="authenticity_token" value="Fkw7j/Wv0Xxhna1aWNh8FsZhNnXz4zu0vFuTV0q9WJ6BC6lyvgHRo6Tovp5WopAR82LIp5jLGKTD6in0sx2+jw==" />
<form class="edit_checkout" data-payment-form="" action="/942252/checkouts/624527ae778897e534d917b52af2eb28" accept-charset="UTF-8" method="post"><input type="hidden" name="_method" value="patch" /><input type="hidden" name="authenticity_token" value="Bs1PNacx4rK5TJcl+VDO+RXnR69DixOH+osJ/yxuQQeRit3I7J/ibXw5hOH3KiL+IOS5fSijMJeFOrNc1c6nFg==" />
The actual token (the value I want) is the value attribute and in this case I want the 3rd instance of 'authenticity_token'.
All 3 instances start with <form class="edit_checkout" but the third is followed by data-payment-form="" instead of action="/ . so I know the one I want is the one that includes data-payment-form
I tried using this code in Cheerio:
$('form.edit_checkout input['name="authenticity_token"']')
But that returns the first auth token on the first line and I need the auth token on the third line.
Thanks!

How about:
let input = $('[name="authenticity_token"]')[2]
Then to get the value:
let value = $(input).attr('value')

Some html tags are missing when i write to a file using python requests

I am trying to login to a website using requests.The website requies token for its login.
so decided to parse the html and write it to a file.txt But the file.txt is missing the token tag.
HTML code:
<form id="pw_form" class="exception_password" action="/409514769/password" method="post" data-xsrf-protection="enabled">
<input type="password" id="password" class="exception_password-input iris_input" name="password" placeholder="Enter password" autocomplete="off" data-validators="required">
<input type="hidden" name="is_review" value="">
<input type="hidden" name="is_file_transfer" value="">
<input type="submit" value="Submit" class="iris_btn iris_btn--primary">
<input type="hidden" name="token" value="4dc82c1a780e11667650f856da9b1d9fd31b176b.e7mu8nmqrb.1587446534"></form>
PYTHON code:
from requests import Session
with Session() as s:
site = s.get("https://vimeo.com/409")
with open('page.txt','w') as out:
out.write(site.text)
This is what the file writes:
<form id="pw_form" class="exception_password" action="/409514769/password" method="post">
<input type="password" id="password" class="exception_password-input iris_input" name="password" placeholder="Enter password" class="password iris_form_text" autocomplete="off" data-validators="required">
<input type="hidden" name="is_review" value="">
<input type="hidden" name="is_file_transfer" value="">
<input type="submit" value="Submit" class="iris_btn iris_btn--primary">
</form>
What is happening here?

Website don't allow request from bot.
One possible solution to this problem is to add headers while making the request.

Get more than one GET argument on ESP8266 Asynch Webserver

I would like to build a tiny webserver application for my ESP8266.
If i send the GET request from my browser to the ESP8266 Server, i can only receive one argument.
Here is the code for my sending procedure:
<form method="get" action="/get">
<fieldset>
<legend>Select Pumps</legend>
<input type="checkbox" name="message" value="1">Pump 1<br>
<input type="checkbox" name="message" value="2">Pump 2<br>
<input type="checkbox" name="message" value="3">Pump 3<br>
<input type="checkbox" name="message" value="4">Pump 4<br>
<input type="checkbox" name="message" value="5">Pump 5<br>
<input type="checkbox" name="message" value="6">Pump 6<br>
<input type="checkbox" name="message" value="7">Pump 7<br>
<input type="checkbox" name="message" value="8">Pump 8<br>
<br>
<input type="submit" value="Start waterring!" />
</fieldset>
When the form has been sent, the server should give me back all arguments of the get request but it returns only the first argument
Hello, GET: 3
/get?message=3&message=4
Here is the actual code for processing the request:
// Send a GET request to <IP>/get?message=<message>
server.on("/get", HTTP_GET, [] (AsyncWebServerRequest *request) {
String message;
if (request->hasParam(PARAM_MESSAGE)) {
message = request->getParam(PARAM_MESSAGE)->value();
} else {
message = "No message sent";
}
request->send(200, "text/plain", "Hello, GET: " + message);
});
I'm quite a newbie in programming webservers on microcontrollers and would appreciate any help :)

If you are using this: https://github.com/me-no-dev/ESPAsyncWebServer#request-variables there is actually solution there. You don't have to use names but you can validate them if that's required. Check section: GET, POST and FILE parameters.
int params = request->params();
for(int i=0;i<params;i++){
AsyncWebParameter* p = request->getParam(i);
...
}

Pay pal form post Modify payment amount while submitting

I have a used Paypal Html form post for my eCommerce site.
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post" target='_new' id='paypalForm'>
<input name="currency_code" type="hidden" value="<?php echo "EUR"; ?>" />
<input name="shipping" type="hidden" value="<?php echo "00.00"; ?>" />
<input name="tax" type="hidden" value="00.20" />
<input name="return" type="hidden" value="<?php echo "http://www.web.com/login.php"; ?>" />
<input name="cancel_return" type="hidden" value="<?php echo "http://www.web.com/cancel.php"; ?>" />
<input name="notify_url" type="hidden" value="<?php echo "http://www.web.com/ipn.php"; ?>" />
<input name="cmd" type="hidden" value="_xclick" />
<input name="business" type="hidden" value="<?php echo "XXXXXXXXXXX"; ?>" />
<input name="item_name" type="hidden" value="camp" />
<input name="no_note" type="hidden" value="1" />
<input name="lc" type="hidden" value="EN" />
<input name="bn" type="hidden" value="PP-BuyNowBF" />
<input name="amount" type="hidden" value="100" />
</form>
And the Javascript
var form = $("form");
form.submit();
I have found that by triggering a form submit function in console, I am able to update the amount that is passed to the Paypal payment process. So, Anyone can do the same right. Is there a secure way to do the payment process using form post in Paypal

Yes, instead of using plain text button (like the one used in your example), use hosted button.
When you use hosted button all the information is store on PayPal side. You just need to pass hosted button id in form.
See if the following link helps:
https://developer.paypal.com/docs/classic/paypal-payments-standard/integration-guide/buy_now_step_1/

How do you use a signed policy from google-cloud/storage to upload data?

ref:
https://cloud.google.com/nodejs/docs/reference/storage/1.5.x/File#getSignedPolicy
I am trying to upload files to my bucket using signed policies. Using the example from the documentation I get a response from my bucket object for 3 items.
"policyString": "{\"expiration\":\"2019-10-18\",\"conditions\":[[\"eq\",\"$key\",\"image.jpg\"],{\"bucket\":\"my-bucket\"},[\"eq\",\"$Content-Type\",\"image/jpeg\"],[\"content-length-range\",0,1024]]}",
"policyBase64": "[some-long-string]",
"policySignature": "[some-long-string]"
In the documentation it also shows you how to upload objects using curl.
ref:
https://cloud.google.com/storage/docs/object-basics#upload-object-json
How do you assemble what I get back as a signed policy and the upload api
https://www.googleapis.com/upload/storage/v1/b/[BUCKET_NAME]/o?uploadType=media&name=[OBJECT_NAME]
to upload a file to my bucket using axios? Is there other headers to attach?
Here is what I did to take a stab at it but I'm not sure.
const options = {
headers: {
'Authorization': ?
'Content-Type': file.type
}
}
axios.put(concatenatedPolicySignatureUrl, file, options)
.then(response => {
console.log('success!');
}

Signed policy strings only work with the XML API, which means POSTs to https://storage.googleapis.com/bucket/object (and not www.googleapis.com/upload).
For more on exactly how to generate and use the policy, see https://cloud.google.com/storage/docs/xml-api/post-object#policydocument
An example of setting up an HTTP form that would allow a user to upload an object using a policy string is below, although you could also trigger an equivalent POST request via JavaScript:
<form action="http://travel-maps.storage.googleapis.com" method="post" enctype="multipart/form-data">
<input type="text" name="key" value="">
<input type="hidden" name="bucket" value="travel-maps">
<input type="hidden" name="Content-Type" value="image/jpeg">
<input type="hidden" name="GoogleAccessId" value="1234567890123#developer.gserviceaccount.com">
<input type="hidden" name="acl" value="bucket-owner-read">
<input type="hidden" name="success_action_redirect" value="http://www.example.com/success_notification.html">
<input type="hidden" name="policy" value="eyJleHBpcmF0aW9uIjogIjIwMTAtMDYtMTZUMTE6MTE6MTFaIiwNCiAiY29uZGl0aW9ucyI6IFsNCiAgWyJzdGFydHMtd2l0aCIsICJrZXkiLCAiIiBdLA0KICB7ImFjbCI6ICJidWNrZXQtb3duZXItcmVhZCIgfSwNCiAgeyJidWNrZXQiOiAidHJhdmVsLW1hcHMifSwNCiAgeyJzdWNjZXNzX2FjdGlvbl9yZWRpcmVjdCI6ICJodHRwOi8vd3d3LmV4YW1wbGUuY29tL3N1Y2Nlc3Nfbm90aWZpY2F0aW9uLmh0bWwiIH0sDQogIFsiZXEiLCAiQ29udGVudC1UeXBlIiwgImltYWdlL2pwZWciIF0sDQogIFsiY29udGVudC1sZW5ndGgtcmFuZ2UiLCAwLCAxMDAwMDAwXQ0KICBdDQp9">
<input type="hidden" name="signature" value="BSAMPLEaASAMPLE6SAMPLE+SAMPPLEqSAMPLEPSAMPLE+SAMPLEgSAMPLEzCPlgWREeF7oPGowkeKk7J4WApzkzxERdOQmAdrvshKSzUHg8Jqp1lw9tbiJfE2ExdOOIoJVmGLoDeAGnfzCd4fTsWcLbal9sFpqXsQI8IQi1493mw=">
<input name="file" type="file">
<input type="submit" value="Upload">
</form>

Resources