$data = htmlspecialchars($data); // converts predefined chars and process the data and then returns. return $data; } ?> <?php if ($_POST && $amountError == "" && $currencyError == "") { require_once 'PassportPayments.php'; $appId = "37Z8ZDAZE8N"; $appSecret = "b2578c560673697eb49834b05a70aa1a"; $publicKey = "37XI8CVAQSK"; $endPoint = 'https://sandbox.passportpayments.com'; $pp = new PassportPayments($appId, $appSecret, $publicKey, $endPoint); $cardId = $_POST["cardId"]; $resp = $pp->captureByCardId($cardId, $params); if ($resp->status != 200) { echo "message: " . $resp->message . "<br>"; } else { header('Location: listOfTransactions.php?cdid=' . $cardId . '&cid=' . $customerId . ''); //no status exists-no error-success } } else { if ($_GET) { $cardId = $_GET["cardId"]; } else { $cardId = $_POST["cardId"]; } ?> <!DOCTYPE HTML>