-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hi everyone!
It all started when i tried to transport '+' through baggage field and got always ' ' in my STATUS_URL script instead.. - -< copy+paste from earlier conversation with Jay Wherley >- Mati: the symbol '+' reaches my PAYMENT_URL script as '+', but STATUS_URL script gets a ' ' (space) instead, as if SCI had "translated" it. Jay: i think what happens is e-gold actually sends the "+" back to your end, but your end probably follows normal CGI conventions and translates that posted data over to a space. i think this one could be argued either way; i believe there might be some existing users depending on it working this way, but i'm not sure. maybe we can discuss it on the e-gold tech mailing list and see about switching to e-gold encoding spaces as "+" and +'s and other special characters as %XX hex characters when performing that form submit. Mati: it seems to me, that when baggage fields first arrive to e-gold system, they are url-decoded and and after successful payment submitted to merchant's STATUS_URL *without* url-encoding the form (in contrary to common browsers).. or am i mistaken? Jay: yes you are correct. Mati: i think it's a problem.. getting values like '+' and '%2B' thru SCI back to STATUS_URL script is not that easy (if possible at all?).. hasn't anyone else had the same problem? Jay: i'm not sure.... it may be that either people don't notice it or have worked around it. maybe what we can do is add a new input field something like "RFCCOMPLIANTENCODE" that you can set to get the better "re-encoded" data sent back to STATUS_URL. that would make it backward compatible with any existing users counting on the existing behaviour... - -< end copy+paste >- So, my question is - has anyone had any problems with e-gold SCI not url-encoding the form when submitting it to merchant's STATUS_URL? (try transporting values like '+' or '%2B' in baggage fields to find out). I'm using PHP, has anyone a workaround for this? Is anyone depending on this kind of behaviour? What do you think about switching e-gold to url-encoded STATUS_URL form submit.. or is introducing "RFCCOMPLIANTENCODE" to provide backward compatibility a better idea? Mati Malsub IceGold -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQA/AwUBPHzo+AR7RmlugUJKEQIpvQCeLIFs2CopU/WCBoEuZHTQ47M/Vw0AoPDA fmHawX/chBF9vlojfgqsALwJ =XOTZ -----END PGP SIGNATURE----- --- You are currently subscribed to e-gold-tech as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.