CURL

[DaZZleD]

I have a web application that needs to submit a form to a specified url.
since the form must also contain fields that are private and should not be seen by the user, I decided on using php_curls to accomplish this.

the info gets correctly posted to the page however the rest of the content from the page where the curl_exec is being executed also shows. plus the page where the data is submitted is displayed as if it is found on my server (meaning that the pictures don't show).

how do I make this simulate a simple form post to a specified URL?

--------------------------
"two wrongs don't make a right, but three lefts do" - the unknown sage

 

[sleipnir214]

faq434-2502 might be of help


Want the best answers? Ask the best questions!

TANSTAAFL!!

 

[DaZZleD]

the problem is that our post is more complicated.

we have to post some values to a site. that site redirects the info (after a brief verification) to another site over SSL where the user must fill in some data on a form. this form is then submitted back to the previous page where data is completed with extra info and then posted back to us.

in a schema it will be like
us -(a)-> site1 -(b)-> site2 (with a new form) -(c)-> site1 -(d)-> us

the problem is that the form from site 2 appears as if it is from our website (the relative links to the images are searched on our domain and so on). this is not such a serious issue. the biggest problem is that site1 accepts transaction c only from site2. but this doesn't happen because to site1, transaction c looks like it's initiated from our site....

here's the code

			$ch = curl_init();
			curl_setopt($ch, CURLOPT_URL,$submit_url);
			curl_setopt($ch, CURLOPT_VERBOSE, 0);
			curl_setopt($ch, CURLOPT_FAILONERROR, 1); 
			curl_setopt($ch, CURLOPT_HEADER, 0);
			curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
			curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
			curl_setopt($ch, CURLOPT_POSTFIELDS, $postvars);
			curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
			curl_setopt($ch, CURLOPT_POST, 1);
			curl_setopt($ch, CURLOPT_NOBODY, 0);
			
			// perform post
			$rr = curl_exec($ch);
			curl_close($ch);
			die($rr);

where $submit_url and $postvars are in the correct form.

any help is appreciated

--------------------------
"two wrongs don't make a right, but three lefts do" - the unknown sage

 

[sleipnir214]

I don't think I understand.

What is the mechanism by which all this data is shuffled around?


Want the best answers? Ask the best questions!

TANSTAAFL!!

 

[sarahknz]

I'm doing just this with no problems on a site. The images problem is that the links to the images are being given as relative links, so you either have to

* update the remote site (if you can) so that images are given as full links, domain and all
* host copies of the images in the appropriate location on your server

Now, as for the site only accepting transactions from the other site. What mechanism is it using to control this? If you know the method of the check then you can work with it.

However, I would talk to the site owner and get the rule changed to accommodate you - rather than try to get into IP spoofing or similar and risk accusations of hacking.

Sarah

http://sarah.pcpropertymanager.com

http://www.pcpropertymanager.com

http://www.propertyinvestor.info

 

[DaZZleD]

I have managed to accomplish this by also outputting the headers of the returned page as the headers of the page to display (not only the content). this way the images are show correctly and the post to the site1 (c) works fine - all this because now the page being displayed is from site1

thanks for all your posts!

--------------------------
"two wrongs don't make a right, but three lefts do" - the unknown sage