I have to apologize if this issue has been discussed in detail before but I
couldn't find anything obvious so far.
What I need/want to do is to :
1. Take POST data from a form (no problem)
2. Do whatever i need to on the target page (no problem)
3. Pass some other data on to a 3rd page as a POST
request.
4. Get the browser to follow to said 3rd page.
All this is happening via SSL.
So basically what i am trying to do is to "fake" whatever happens
at a normal POST request that is handled by the browser.
Now point 4. in my example above is giving me a massive headache,
I have managed to pass data on to the 3rd page as POST quite comfortably
using cURL but the browser doesn't follow (ie. the URL in the address bar
remains unchanged).
I did see that there is a FOLLOWLOCATION option you can set in cURL when you
do you request, and though "wicked, just what I needed" only to find out
that it's not working (probably because I understand what it does wrong).
Pretty pretty please if anyone knows a solution for the above, let me know.
Oh, and I'd also like to add that the information I am trying to get to the
3rd page in the example is sensitive (Credit Card details etc.), so $_GET
and $_COOKIE are out of the question.
Hi,
it seems you have no understanding how http protocol works.. I can't
learn you the whole thing, but I can give you some hints. Read something
about HTTP
(http://www.digital-web.com/articles/powering_the_web_with_http/),
install some network sniffer (ethereal, HttpWatch for IE - great tool
for beginners) and see what happens.
- you cannot force browser to POST something somewhere with PHP. You
have to realize, that PHP is running on server, but the browser is the
client.
- you cannot use curl to do it. With curl it all happens on the server.
If you want to use curl, you have to use same technique used by "web
based anonymous proxy". Return all loaded data to client, rewrite urls
to your script, handle everything correctly until client closes browser.
Very complex stuff
- followlocation has nothing to do with browser. it only says to curl to
evaluate Location header and do auto-redirection
- sensitive information? GET, POST, COOKIE, everything could be intercepted
- your only help is javascript. You can generate something like this to
client browser with php. But you couldn't hide sensitive information
this way.
<body onload="document.forms.myform.submit()">
<form name="myform" method="post">
<input type="hidden" name="..." value="...">
</form>
- think about your problem and possible solutions again
Petr
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
