|
|
Posted by cron on 10/08/05 09:08
Print out the form and on the body tag put some javascript to do the post
stuff
ex:
<body onLoad="formName.submit();">
<form style="display:none">
</form>
style="display:none", this will hide form from the user
----- Original Message -----
From: "Ragnar" <Ragnar_7@gmx.de>
To: <php-general@lists.php.net>
Sent: Friday, October 07, 2005 1:30 AM
Subject: [PHP] Re: How do I POST data with headers & make the browser
follow?
> Message-ID: <3B.35.54476.92125434@pb1.pair.com>
> To: php-general@lists.php.net
> Date: Thu, 06 Oct 2005 15:04:41 +0200
> From: Petr Smith <pesmail2003@seznam.cz>
> Subject: Re: How do I POST data with headers & make the browser follow?
>
>> I have to apologize if this issue has been discussed in detail before but
> I
>> couldn't find anything obvious so far.
>>
>> What I need/want to do is to :
>>
>> 1. Take POST data from a form (no problem)
>> 2. Do whatever i need to on the target page (no problem)
>> 3. Pass some other data on to a 3rd page as a POST
>> request.
>> 4. Get the browser to follow to said 3rd page.
>>
>>
>> All this is happening via SSL.
>>
>> So basically what i am trying to do is to "fake" whatever happens
>> at a normal POST request that is handled by the browser.
>>
>> Now point 4. in my example above is giving me a massive headache,
>> I have managed to pass data on to the 3rd page as POST quite comfortably
>> using cURL but the browser doesn't follow (ie. the URL in the address bar
>> remains unchanged).
>>
>> I did see that there is a FOLLOWLOCATION option you can set in cURL when
> you
>> do you request, and though "wicked, just what I needed" only to find out
>> that it's not working (probably because I understand what it does wrong).
>>
>> Pretty pretty please if anyone knows a solution for the above, let me
> know.
>>
>> Oh, and I'd also like to add that the information I am trying to get to
> the
>> 3rd page in the example is sensitive (Credit Card details etc.), so $_GET
>> and $_COOKIE are out of the question.
>
>>Hi,
>>
>>it seems you have no understanding how http protocol works.. I can't
>>learn you the whole thing, but I can give you some hints. Read something
>>about HTTP
>>(http://www.digital-web.com/articles/powering_the_web_with_http/),
>>install some network sniffer (ethereal, HttpWatch for IE - great tool
>>for beginners) and see what happens.
>>
>>- you cannot force browser to POST something somewhere with PHP. You
>>have to realize, that PHP is running on server, but the browser is the
>>client.
>>- you cannot use curl to do it. With curl it all happens on the server.
>>If you want to use curl, you have to use same technique used by "web
>>based anonymous proxy". Return all loaded data to client, rewrite urls
>>to your script, handle everything correctly until client closes browser.
>>Very complex stuff
>>- followlocation has nothing to do with browser. it only says to curl to
>>evaluate Location header and do auto-redirection
>>- sensitive information? GET, POST, COOKIE, everything could be
>>intercepted
>>- your only help is javascript. You can generate something like this to
>>client browser with php. But you couldn't hide sensitive information
>>this way.
>><body onload="document.forms.myform.submit()">
>><form name="myform" method="post">
>> <input type="hidden" name="..." value="...">
>></form>
>>- think about your problem and possible solutions again
>
>>Petr
>
> Hi Petr,
>
> thanks for the reply, first off i certainly didn't claim to be an expert
> on
> the HTTP, which is why i was asking the question I did.
> I do realise that PHP runs on the server and can't force the browser to do
> anything directly, I was merely wondering why header("Location:"); got the
> browser to follow and if there was a way for me to get the same behaiviour
> working when PHP was posting data.
>
> Anyway, I will look at my problem at hand again and will try something
> else.
>
> Thanks for the tips.
>
>
> --
> Highspeed-Freiheit. Bei GMX supergünstig, z.B. GMX DSL_Cityflat,
> DSL-Flatrate für nur 4,99 Euro/Monat* http://www.gmx.net/de/go/dsl
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
[Back to original message]
|