frOblivion
Programmer
I need to Redirect to a page, but I need to send <FORM method=POST> data to the page I am redirecting to. Any help would be appreciated.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Sending POST data with .REDIRECT() 3
- Thread starter frOblivion
- Start date
- Status
-
2
- #2
hblackorby
Programmer
You can't send post data using Response.Redirect I'm pretty sure. You can send data via the QueryString and just put it in the URL you are redirecting to
response.redirect("default.asp?value=false"
And then on your other page, you could check for request.form("value" to check for posted data, and if it is blank, then to a request.querystring("value" to get it from the querystring.
value = request.form("value"
if isempty(value) then
value = request.querystring("value"
end if
That way you can get info from both ways.
Harold Blackorby
hblackorby@scoreinteractive.com
St. Louis, MO
response.redirect("default.asp?value=false"
And then on your other page, you could check for request.form("value"
to check for posted data, and if it is blank, then to a request.querystring("value" to get it from the querystring.value = request.form("value"
if isempty(value) then
value = request.querystring("value"
end if
That way you can get info from both ways.
Harold Blackorby
hblackorby@scoreinteractive.com
St. Louis, MO
-
1
- Thread starter
- #3
frOblivion
Programmer
Hmm I was afraid of that. I am trying to redirect to a credit card merchant server which only accepts its data through a form post. Basically the user gets a page from my server to enter their credit card info. When they click post my form is supposed to point to the credit card merchant.
Where my problem comes in is I need to bill people monthly for what they are posting. Which means I need to record their payment info to my database. The merchant server does not pass the info back out for security reasons. My plan was to have the form point to a script on my server, record the info I need, then somehow point to the merchants server with all of the POST data it needs.
I'm trying to avoid using another form after database submission to point to the merchants server. That form would have hidden fields holding not only their credit card number, but my login info to my cc merchant. Doesn't sound like the most secure solution to me.
Thanks for your reply, but I guess I need to start thinking of some way to trick this thing into working
Any other suggestions would be appreciated.
Where my problem comes in is I need to bill people monthly for what they are posting. Which means I need to record their payment info to my database. The merchant server does not pass the info back out for security reasons. My plan was to have the form point to a script on my server, record the info I need, then somehow point to the merchants server with all of the POST data it needs.
I'm trying to avoid using another form after database submission to point to the merchants server. That form would have hidden fields holding not only their credit card number, but my login info to my cc merchant. Doesn't sound like the most secure solution to me.
Thanks for your reply, but I guess I need to start thinking of some way to trick this thing into working
Any other suggestions would be appreciated.
hblackorby
Programmer
Try this,
Take the data from your query string etc and then put it into a form using response.write (although if you can hide the form someway, do so.
Then on the page use a little JavaScript to automatically submit the form:
<SCRIPT LANGUAGE="JavaScript">
function gogetit()
{
document.formname.submit();
}
</SCRIPT>
<BODY onLoad="gogetit();">
<FORM NAME=formname action="page.asp" method=post>
then for each of your values use ASP to write this out:
<INPUT TYPE="HIDDEN" NAME="valuename" value="valuevalue">
Be sure to put a submit button too. Some browsers get snippy when you try to submit a form without a submit button.
Your asp page will build the form, and the JavaScript will automatically submit it. Also you can use STYLE="visibility: hidden;" to make the button hidden.
I have used this trick to get around the post problem before. Sorry I didn't think of it in the last post.
Hope this helps. Harold Blackorby
hblackorby@scoreinteractive.com
St. Louis, MO
Take the data from your query string etc and then put it into a form using response.write (although if you can hide the form someway, do so.
Then on the page use a little JavaScript to automatically submit the form:
<SCRIPT LANGUAGE="JavaScript">
function gogetit()
{
document.formname.submit();
}
</SCRIPT>
<BODY onLoad="gogetit();">
<FORM NAME=formname action="page.asp" method=post>
then for each of your values use ASP to write this out:
<INPUT TYPE="HIDDEN" NAME="valuename" value="valuevalue">
Be sure to put a submit button too. Some browsers get snippy when you try to submit a form without a submit button.
Your asp page will build the form, and the JavaScript will automatically submit it. Also you can use STYLE="visibility: hidden;" to make the button hidden.
I have used this trick to get around the post problem before. Sorry I didn't think of it in the last post.
Hope this helps. Harold Blackorby
hblackorby@scoreinteractive.com
St. Louis, MO
- Thread starter
- #5
frOblivion
Programmer
Ahh that is what I was looking for. Thanks, I dropped you click to tipmaster rating.
Take it ez,
fr0blivion
Take it ez,
fr0blivion
hblackorby
Programmer
Sorry, I guess I didn't read your email closely enough to see that is NOT what you wanted to do, and you are right, it wouldn't be as secure that way. If someone got to that page, they could get your merchant info (really only if they stopped JavaScript in a browser, but it could happen if someone was trying to get it).
If you wanted to still try this method, try building a frame, and having the page that creates the form only show up in a one pixal high/wide frame (use the TARGET part of your original form tag). This way they user should not be able to see the frame at all (well, one pixal of it). You could also put an ASP session value that checks to make sure the page came from the right place so that someone couldn't just browse to the form page with JavaScript turned off and see it. If it came from the wrong place without the right session value set, then just send them somewhere else. Harold Blackorby
hblackorby@scoreinteractive.com
St. Louis, MO
If you wanted to still try this method, try building a frame, and having the page that creates the form only show up in a one pixal high/wide frame (use the TARGET part of your original form tag). This way they user should not be able to see the frame at all (well, one pixal of it). You could also put an ASP session value that checks to make sure the page came from the right place so that someone couldn't just browse to the form page with JavaScript turned off and see it. If it came from the wrong place without the right session value set, then just send them somewhere else. Harold Blackorby
hblackorby@scoreinteractive.com
St. Louis, MO
Guest_imported
New member
- Jan 1, 1970
- 0
- 0
- 0
I want a solution too, I don't want to have to post all the data back to the client just to have it resubmit it all again in FORM/POST format.
If only the Response.redirect could take the existing form collection and repost it to the new page.
surely it must be able to be done.
Hamish. (hamish.ahern@xtra.co.nz)
If only the Response.redirect could take the existing form collection and repost it to the new page.
surely it must be able to be done.
Hamish. (hamish.ahern@xtra.co.nz)
Try using a component such as ServerObjects.com’s AspHTTP3.5
This component allows you to use HTTP to Post information to a server. This should satisfy your need to Post to the credit card company and not send any secure information back to the browser.
This component allows you to use HTTP to Post information to a server. This should satisfy your need to Post to the credit card company and not send any secure information back to the browser.
Hi,
I know that in IIS 5 you can use a new Server object
method - Server.Execute("page_name", which transfers you
to page_name while still keeping Querystring and From
collections. Try using this, but again, it only should work
on IIS 5. I personally never used it, since I am only using IIS 4.
Hope it helps. B-) <Dmitriy>
dbrom@crosswinds.net
I know that in IIS 5 you can use a new Server object
method - Server.Execute("page_name"
, which transfers you to page_name while still keeping Querystring and From
collections. Try using this, but again, it only should work
on IIS 5. I personally never used it, since I am only using IIS 4.
Hope it helps. B-) <Dmitriy>
dbrom@crosswinds.net
Another thought...
There's also Server.Transfer("url". It differs from
Server.Execute("url". With Transfer, you do pretty much
the same thing as redirect. With Execute, however, you call
the other page, it executes on the other server, and then
you continue to run a script on your page. For instance,
you can write "Thanks for the payment" back to the client.
Both Transfer and Execute keep all the collection of
Request object, and Session variables as well.
Again, yopu need IIS 5 to use all that.
<Dmitriy>
dbrom@crosswinds.net
There's also Server.Transfer("url"
. It differs from Server.Execute("url"
. With Transfer, you do pretty much the same thing as redirect. With Execute, however, you call
the other page, it executes on the other server, and then
you continue to run a script on your page. For instance,
you can write "Thanks for the payment" back to the client.
Both Transfer and Execute keep all the collection of
Request object, and Session variables as well.
Again, yopu need IIS 5 to use all that.
<Dmitriy>
dbrom@crosswinds.net
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question