Reply to Re: How do I POST data with headers & make the browser follow?

Your name:

Reply:


Posted by Petr Smith on 10/06/05 16:04

> I have to apologize if this issue has been discussed in detail before but I
> couldn't find anything obvious so far.
>
> What I need/want to do is to :
>
> 1. Take POST data from a form (no problem)
> 2. Do whatever i need to on the target page (no problem)
> 3. Pass some other data on to a 3rd page as a POST
> request.
> 4. Get the browser to follow to said 3rd page.
>
>
> All this is happening via SSL.
>
> So basically what i am trying to do is to "fake" whatever happens
> at a normal POST request that is handled by the browser.
>
> Now point 4. in my example above is giving me a massive headache,
> I have managed to pass data on to the 3rd page as POST quite comfortably
> using cURL but the browser doesn't follow (ie. the URL in the address bar
> remains unchanged).
>
> I did see that there is a FOLLOWLOCATION option you can set in cURL when you
> do you request, and though "wicked, just what I needed" only to find out
> that it's not working (probably because I understand what it does wrong).
>
> Pretty pretty please if anyone knows a solution for the above, let me know.
>
> Oh, and I'd also like to add that the information I am trying to get to the
> 3rd page in the example is sensitive (Credit Card details etc.), so $_GET
> and $_COOKIE are out of the question.

Hi,

it seems you have no understanding how http protocol works.. I can't
learn you the whole thing, but I can give you some hints. Read something
about HTTP
(http://www.digital-web.com/articles/powering_the_web_with_http/),
install some network sniffer (ethereal, HttpWatch for IE - great tool
for beginners) and see what happens.

- you cannot force browser to POST something somewhere with PHP. You
have to realize, that PHP is running on server, but the browser is the
client.
- you cannot use curl to do it. With curl it all happens on the server.
If you want to use curl, you have to use same technique used by "web
based anonymous proxy". Return all loaded data to client, rewrite urls
to your script, handle everything correctly until client closes browser.
Very complex stuff
- followlocation has nothing to do with browser. it only says to curl to
evaluate Location header and do auto-redirection
- sensitive information? GET, POST, COOKIE, everything could be intercepted
- your only help is javascript. You can generate something like this to
client browser with php. But you couldn't hide sensitive information
this way.
<body onload="document.forms.myform.submit()">
<form name="myform" method="post">
<input type="hidden" name="..." value="...">
</form>
- think about your problem and possible solutions again

Petr

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация