Jump to content

[SOLVED] Call external website with POST?


EchoFool

Recommended Posts

Hey guys,

 

I need help with what to do for this system i am trying to build. A user can vote for a website to my website listing by clicking a link to me heres an example link:

 

<a href="http://www.website.com/in.php?id=23&userid=5">Vote For Website </a>

 

 

Now when the user clicks this, they are taken to a page on my website which grabs the gets... the user then inputs a validation in a form and when submitted these GETs and convereted to POSTS.

 

Now at this point im trying to get my site to communicate back to the site the user came from to pass the POSTS to that website for them to use at their own needs...

 

The script i currently have is:

 

<?php
//GETS have now been converted to POST
$UserID = strtolower(mysql_real_escape_string(stripslashes($_POST['UserID'])));
$RecordID = strtolower(mysql_real_escape_string(stripslashes($_POST['RecordID'])));

$Get = mysql_query("SELECT Name FROM listings WHERE ID='$RecordID' AND Authorised='1'")
Or doe(mysql_error());
If(mysql_num_rows($Get)>0){
$row = mysql_fetch_assoc($Get);
$Name = ucwords($row['Name'];

$UPDATE = mysql_query("UPDATE listings SET VotesIn=VotesIn+1 WHERE ID='$RecordID' AND Authorised='1'")
Or die(mysql_error());


If(mysql_affected_rows()>0){
$Incentive = strtolower(mysql_real_escape_string(stripslashes($_POST['Incentive'])));

$Get = mysql_query("SELECT IncentiveUrl FROM listings WHERE ID='$RecordID' AND Authorised='1' AND Incentive='1'")
Or doe(mysql_error());

If(mysql_num_rows($Get)>0){

$row = mysql_fetch_assoc($Get);
include($row['IncentiveUrl']); // as an include the external website should be able to use the $_POST['UserID']

	}
?>

 

 

Just to add the include has a format of "http://www.website.com/subfolder/phpfile.php"

How ever i don't seem to be able to get the include to work nor do i think it is the most secure method... is there a better method to pass a variable accorss? If so what is the best safe way?

Link to comment
Share on other sites

u could use that library or u can make your own library with native php code fsockopen()

fsockopen()

 

you will have to craft your own packets that you sniff from your network..

 

but normally you wouldn't even have to do that since many people tried this and you will find many examples of using fsockopen() and POST METHOD

 

here is a simple one

 

<?php
// preconditions
$port = 80 | 443
$host = "www.example.com";
$method = "POST" | "GET";
$contenttype = "text/html" | "text/plain" | "text/xml" | ...;
$data = "<something>";

// script
if($port == 443)
      $sslhost = "ssl://".$host;
else
      $sslhost = $host;
$fp = fsockopen($sslhost, $port);
fputs($fp, "$method $path HTTP/1.1\r\n");
fputs($fp, "Host: $host\r\n");
fputs($fp, "Content-type: $contenttype\r\n");
fputs($fp, "Content-length: ".strlen($data)."\r\n");
fputs($fp, "Connection: close\r\n");
fputs($fp, "\r\n");
?>

 

but that just sends it you wouldn't know if it got threw if any errors occurred etc.. to know that you would have to add a recv buffer after send

 

<?php//colors
    while (!feof($fp)) {
        echo fgets($fp, 128);
    }
?>

Link to comment
Share on other sites

you can use cURL to pass the information back via post method.

Okay thank you, looks complicated, is this the safest method?

 

Yes, it's the best method.  It's not really complicated in most cases, although there are necessarily a lot of options.  A lot of that depends on what goes on with the foreign site.  For example, that site may push you a cookie, and require it to be functional or you'll never get the form you're looking for.  Curl has facilities for handling that type of situation.  In essence, it's a non-trivial exercise to simulate a browser that supports the POST method.  For this reason, Curl needs to have a lot of options, but you very probably won't need to use them.

Link to comment
Share on other sites

Well i got this:

 

<?php

$var = 'http://www.website.com/subfolder/php.php';  // this isnt a real site 
$UserID = 2;
$ch = curl_init($var);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, "UserID=".$UserID);
curl_exec ($ch);
curl_close ($ch);
?>

So i gave it a go (with a real site) but got this:

 

Fatal error: Call to undefined function curl_init()

 

Did i not put enough options in ? I got this bit of script on a website which was about sending _POSTs...

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.