Custom validation of registration data HSNM administration backend general discussion

[Andrushka]

With custom validation, can you clarify what should the external procedure do if there are no errors in the registration data?

[HSNMSupport1]

Hi Andrushka,

For better explanation regarding Custom Validation of registration data, please read HSNM Administration Manual pages 138 and then 263.

Best Regards,

[Gerard]

Hi Andrushka,

For better explanation regarding Custom Validation of registration data, please read HSNM Administration Manual pages 138 and then 263.

Best Regards,

In the Administration Manual it seems to be missing some PHP code, it ends with the json_encode and it doesn't have the send back function/code to HSNM machine, could you please check it?

Thanks.

[HSNMSupport]

Hi Gerard,

there isn't any send back code. The example is complete.

There is the json_encode that provide the coded error for the GET request.

Best Regards.

[Gerard]

Hi Gerard,

there isn't any send back code. The example is complete.

There is the json_encode that provide the coded error for the GET request.

Best Regards.

Ok, now a I have something "working", by working I mean I receive the data, I check it but when I return it the hotspot (checked with tcpdum, I send back a packet containing the json object) it doesn't behave as intended, it doesn't matter if the ErrorCode is 0, 2, 10.... and also it doesn't matter if the ErrorMessage is "bla bla", "test".... it always returns "Check Registration Data. error." From what I understand if I return a ErrorCode = 0 it assumes the data is correct and the register process can continue, right?

Also from what I've saw the validation is between the end user and the WebServer which is storing the validation URL, shouldn't this validation be performed by the HSNM instance to the WebServer and the presented to the end user? I say this because with the current implementation I have to open the Web Server to any IP (any end user) whereas if the validation would be done by the HNSM machine the communication to the WebServer could be allowed only from the HSNM IP.

[HSNMSupport1]

Hi Gerard,

You don't have to check received data and you don't have to send back a packet containing the json object. Data are unchangeable and you only have to set the error code and description you desire. Then, once HSNM call your web server your json_encode will print the error code with the description or let user proceeding with the registration process if the error code is 0 (zero). About the validation process with your web server, you just have to set HSNM URL in the Access-Control-Allow-Origin parameter of his .htaccess file. In this way request will be accepted only from HSNM.

Best Regards,

[Gerard]

Hi Gerard,

You don't have to check received data and you don't have to send back a packet containing the json object. Data are unchangeable and you only have to set the error code and description you desire. Then, once HSNM call your web server your json_encode will print the error code with the description or let user proceeding with the registration process if the error code is 0 (zero). About the validation process with your web server, you just have to set HSNM URL in the Access-Control-Allow-Origin parameter of his .htaccess file. In this way request will be accepted only from HSNM.

Best Regards,

I don't get when you say I don't have to check the received data because this is the main goal of this feature.

Simplification of what I want to do:

Code: Select all

Receive data from HSNM using $_GET["field"] Check if this data is right by checking another database (this is my problem) If the data is right: $ErrorCode = 0; $ErrorMessage = ""; echo json_encode(array("error"=>$ErrorCode, "errormessage"=>$ErrorMessage)); If the data is wrong: $ErrorCode = 20; $ErrorMessage = " The data you entered in the field is not right ......."; echo json_encode(array("error"=>$ErrorCode, "errormessage"=>$ErrorMessage));

To test if this is working my php file looks like (I do not perform the DB validation):

Code: Select all

<?php set_time_limit(30); error_reporting(E_ERROR); session_write_close(); if (isset($_GET["state"])) {$state = trim($_GET["state"]);} if (strlen($state) > 5) { $ErrorCode = 2; $ErrorMessage = "To much lenght"; } else { $ErrorCode = 0; $ErrorMessage = ""; } echo json_encode(array("error"=>$ErrorCode, "errormessage"=>$ErrorMessage)); ?>

With this form:


I get this response:


When it should be:
"To much lenght"

If I enter an state with 5 or less characters I get the same error.

Is there something wrong with this code?

[HSNMSupport]

Hi Gerard,

sorry but I explained myself badly.
As you said checking data is the main goal of the function. So yes, you can check those data but you can't modify them.

Based on the example you posted in your previous post, did you actually receive the call to your function.
What do you see, in your browser inspector (F12 button), when you perform the registration attempt?

If you only get Check Registration Data. error. could also means that the request doesn't reach your web server.

Best Regards.

[Gerard]

Hi Gerard,

sorry but I explained myself badly.
As you said checking data is the main goal of the function. So yes, you can check those data but you can't modify them.

Based on the example you posted in your previous post, did you actually receive the call to your function.
What do you see, in your browser inspector (F12 button), when you perform the registration attempt?

If you only get Check Registration Data. error. could also means that the request doesn't reach your web server.

Best Regards.

Hi!
This is what I can see in the console:

Failed to load http://<my_ip>/my_script.php?lang=en&rechargeprocess=0&domain=DOMAIN&socialtype=&username=&mobileprefix=&mobilephone=&password=&lastname=LastName&firstname=Name&address=&zip=&city=&state=test123&country=ES&email=test%40test.com&phone=&fax=&yearofbirth=2000&taxcode=&gender=&companyname=&roomorsite=&acceptmkt=true&captcha=&contractconditions=true&acceptprivacypolicy=true&newsletter=false&rndm=57372: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://MY_DOMAIN.COM' is therefore not allowed access.

Could this be what you said previously?

[HSNMSupport]

Hi Gerard,

yes, it's exactly what I previously said. You have to solve this, allow http://MY_DOMAIN.COM in the "Access-Control-Allow-Origin" parameter, at your server side.

Best Regards.