Re: Re: How do I POST data with headers & make the browser follow?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Print out the form and on the body tag put some javascript to do the post stuff

ex:
<body onLoad="formName.submit();">
<form style="display:none">
</form>

style="display:none", this will hide form from the user

----- Original Message ----- From: "Ragnar" <Ragnar_7@xxxxxx>
To: <php-general@xxxxxxxxxxxxx>
Sent: Friday, October 07, 2005 1:30 AM
Subject: Re: How do I POST data with headers & make the browser follow?


Message-ID: <3B.35.54476.92125434@xxxxxxxxxxxx>
To: php-general@xxxxxxxxxxxxx
Date: Thu, 06 Oct 2005 15:04:41 +0200
From: Petr Smith <pesmail2003@xxxxxxxxx>
Subject: Re: How do I POST data with headers & make the browser follow?

I have to apologize if this issue has been discussed in detail before but
I
couldn't find anything obvious so far.

What I need/want to do is to :

1. Take POST data from a form (no problem)
2. Do whatever i need to on the target page (no problem)
3. Pass some other data on to a 3rd page as a POST
   request.
4. Get the browser to follow to said 3rd page.


All this is happening via SSL.

So basically what i am trying to do is to "fake" whatever happens
at a normal POST request that is handled by the browser.

Now point 4. in my example above is giving me a massive headache,
I have managed to pass data on to the 3rd page as POST quite comfortably
using cURL but the browser doesn't follow (ie. the URL in the address bar
remains unchanged).

I did see that there is a FOLLOWLOCATION option you can set in cURL when
you
do you request, and though "wicked, just what I needed" only to find out
that it's not working (probably because I understand what it does wrong).

Pretty pretty please if anyone knows a solution for the above, let me
know.

Oh, and I'd also like to add that the information I am trying to get to
the
3rd page in the example is sensitive (Credit Card details etc.), so $_GET
and $_COOKIE are out of the question.

Hi,

it seems you have no understanding how http protocol works.. I can't
learn you the whole thing, but I can give you some hints. Read something
about HTTP
(http://www.digital-web.com/articles/powering_the_web_with_http/),
install some network sniffer (ethereal, HttpWatch for IE - great tool
for beginners) and see what happens.

- you cannot force browser to POST something somewhere with PHP. You
have to realize, that PHP is running on server, but the browser is the
client.
- you cannot use curl to do it. With curl it all happens on the server.
If you want to use curl, you have to use same technique used by "web
based anonymous proxy". Return all loaded data to client, rewrite urls
to your script, handle everything correctly until client closes browser.
Very complex stuff
- followlocation has nothing to do with browser. it only says to curl to
evaluate Location header and do auto-redirection
- sensitive information? GET, POST, COOKIE, everything could be
intercepted
- your only help is javascript. You can generate something like this to
client browser with php. But you couldn't hide sensitive information
this way.
<body onload="document.forms.myform.submit()">
<form name="myform" method="post">
<input type="hidden" name="..." value="...">
</form>
- think about your problem and possible solutions again

Petr

Hi Petr,

thanks for the reply, first off i certainly didn't claim to be an expert on
the HTTP, which is why i was asking the question I did.
I do realise that PHP runs on the server and can't force the browser to do
anything directly, I was merely wondering why header("Location:"); got the
browser to follow and if there was a way for me to get the same behaiviour
working when PHP was posting data.

Anyway, I will look at my problem at hand again and will try something else.

Thanks for the tips.


--
Highspeed-Freiheit. Bei GMX supergünstig, z.B. GMX DSL_Cityflat,
DSL-Flatrate für nur 4,99 Euro/Monat*  http://www.gmx.net/de/go/dsl

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux