2 files changed, 16 insertions, 8 deletions

diff --git a/src/frontend/generate_taler_contract.php b/src/frontend/generate_taler_contract.php
index c71542c8..ababa832 100644
--- a/src/frontend/generate_taler_contract.php
+++ b/src/frontend/generate_taler_contract.php
@@ -92,7 +92,7 @@ $now = new DateTime('now');
 
 // pack the JSON for the contract 
 // --- FIXME: exact format needs review!
-$json = json_encode (array ('amount' => array ('value' => $amount_value,
+$contract = array ('amount' => array ('value' => $amount_value,
 			                       'fraction' => $amount_fraction,
                                                'currency' => $currency),
 			    'max_fee' => array ('value' => 3,
@@ -111,6 +111,7 @@ $json = json_encode (array ('amount' => array ('value' => $amount_value,
 			              'delivery_location' => 'LNAME1')),
 			    'timestamp' => "/Date(" . $now->getTimestamp() . ")/",
 			    'pay_url' => "/taler/pay",
+			    'exec_url' => "http://example.com/exec-url",
 			    'expiry' => "/Date(" . $now->add(new DateInterval('P2W'))->getTimestamp() . ")/",
 			    'refund_deadline' => "/Date(" . $now->add(new DateInterval('P3M'))->getTimestamp() . ")/",
 			    'merchant' => array ('address' => 'LNAME2',
@@ -138,7 +139,8 @@ $json = json_encode (array ('amount' => array ('value' => $amount_value,
 						                     'state' => 'Test State',
 							             'region' => 'Test Region',
 								     'province' => 'Test Province',
-								     'ZIP code' => 4908))), JSON_PRETTY_PRINT);
+								     'ZIP code' => 4908)));
+$json = json_encode (array ('contract' => $contract), JSON_PRETTY_PRINT);
 if ($cli_debug && !$backend_test)
 {
   echo $json . "\n";
@@ -168,10 +170,11 @@ http_response_code ($status_code);
 if ($status_code != 200)
 {
   echo "Error while generating the contract";
+  echo $resp->body->toString ();
 }
 else
-{
-  // send the contract back to the wallet without touching it
+{ $got_json = json_decode ($resp->body->toString ());
+  $_SESSION['H_contract'] = $got_json->H_contract;
   echo $resp->body->toString ();
 }
 ?>
diff --git a/src/frontend/pay.php b/src/frontend/pay.php
index 0bd4e3bb..7f7a8bc9 100644
--- a/src/frontend/pay.php
+++ b/src/frontend/pay.php
@@ -41,8 +41,6 @@ if (isset($_GET['backend_test']) &&  $_GET['backend_test'] == 'no')
   $backend_test = false;
 }
 
-
-
 if (!isset($_SESSION['H_contract']))
 {
   echo "No session active.";
@@ -84,7 +82,13 @@ if ($cli_debug && !$backend_test)
 
 
 // Backend is relative to the shop site.
-$url = (new http\URL("http://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]))
+/**
+ * WARNING: the "shop site" is '"http://".$_SERVER["HTTP_HOST"]'
+ * So do not attach $_SERVER["HTTP_HOST"] before proxying requests
+ * to the backend
+ */
+//$url = (new http\URL("http://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]))
+$url = (new http\URL("http://".$_SERVER["HTTP_HOST"]))
   ->mod(array ("path" => "backend/pay"), http\Url::JOIN_PATH);
 
 $req = new http\Client\Request("POST",
@@ -118,7 +122,8 @@ else
 {
   $_SESSION['payment_ok'] = true;
   http_response_code (301);
-  $url = (new http\URL("http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"))
+  //$url = (new http\URL("http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"))
+  $url = (new http\URL("http://$_SERVER[HTTP_HOST]"))
     ->mod(array ("path" => "fulfillment.php"), http\Url::JOIN_PATH);
   header("Location: $url");
   die();