Can't get query string parameter value

Question

I have integrated sage pay with my wordpress site. I am currently running sagepay in simulator mode.

After successful payment sagepay redirects to the success page of my site. The redirect url is like this.

mysite.com/?page_id=632&[email protected] string.

when i am trying to get query string parameter on my success page by $_REQUEST or $_GET i can only get page_id.

But I can't get 'crypt' parameter.

I have also tried var_dump($_REQUEST). It also gives only page_id but not crypt parameter.

I wan't to retrieve 'crypt' parameter from query string.

Note: Its working on localhost properly. I got both parameters. But when i uploaded my site on live server, i can get only page_id, but not 'crypt' parameter .

Any Ideas?

Update: my querystring given by Sage pay is like this:

mysite.com/?page_id=632&crypt=@758D2CD31D4B6C192BB70DC99A9F9E1EEAD181E280A3B617E73ACD3E893992E5B9A8A823C3E3B5BE7AF4CEA53C3D12C5C39ECE6F203A2ED76B82711C2E84CFBA1D2574B80F1A53EE4C1D49C60570839F1B1AD4EE83C3D208B943EA9E5F88F94AA3D9F9C2E58F8C7A476787EF8DD438CF8A102AD0D154864291DC02FB8626C177CC02C18F102300AFA0F390841B1C841A2B5A90DB9B1741A46D7AC4C0CA11E90D3C230D5FB6767FAE638A31714FD2C432CB3854162AE49F2C88761C5BAFB92E9ACE354425D9D9801705B088580B9BE113C1319B41893BFC0A2B190F10E8FB5D6EEA779E725D129EE483C631373930BD0F6E6747CD7D79F7AD726D11CB17547D00015CA5793F6E322B8FA0354EAE2DF83A2BD460AB718AC205346EE3E39418B3FBF181B82DB8BC19448F6AC6F48121129F48F2F557F265C5B6A65B23B3FFA516182C7ECA416B6BD9C04E7693744F6133EB4E1989245073FE835D3BA19A8B1EE101

but its works fine on localhost

Answer 1

Answer

It seems that you are running the Suhosin Security Patch. This patch limits your $_GET parameter to a maximum of 512 bytes.

In order to get around this, you will need to add a value to your php.ini.

suhosin.get.max_value_length = LIMIT_HERE

Reference

Source: http://www.php.net/manual/en/reserved.variables.get.php#101469

Please note that PHP setups with the suhosin patch installed will have a default limit of 512 characters for get parameters. Although bad practice, most browsers (including IE) supports URLs up to around 2000 characters, while Apache has a default of 8000.

To add support for long parameters with suhosin, add suhosin.get.max_value_length = <limit> in php.ini

UPDATE 1

As you do not have access to your php.ini, you will need to change the value in either an .htacess file (if you are using Apache), or alternatively, you may be able to do it using the built in PHP function ini_set().

.htacess method:

php_value suhosin.get.max_value_length 8000

ini_set method:

ini_set('suhosin.get.max_value_length', '8000');

However, it is likely (but not certain) that your PHP installation will not allow modification of the Suhosin variables on a per directory basis. In order to fix this, you must request this to be placed into your php.ini, otherwise there is nothing you can do.

suhosin.perdir = "p"

Answer 2

I think your production environment have configured filters in php.ini for $_REQUEST, check the filter section of your php.ini, more info: http://www.php.net/manual/en/filter.configuration.php

If you don't want to change this configuration on your production environment, you can access the value using filter_input, more info: http://www.php.net/manual/en/function.filter-input.php