I know cURL is primarily for fetching data from remote sites. Should you use cURL to get data from local urls that use POST data?
For example, i have a page the displays a receipt. i use this to send html emails and also for the customer to view the receipt in their browser if their email client isn't displaying it correctly.
If POST cardholder data is present it will display the first name, last name, address, city, state, zip, phone, email, and method of payment in the receipt.
I use the file_get_contents() function to retrieve that web page and send the email. The problem: No POST data is present when doing that so if you're the one getting the receipt email, your billing information won't be on it. There's no way to prove that the receipt is actually yours.
I'm trying to comply with PCI standards so i'm trying to avoid storing cardholder data in sessions or a database table.