Embeded Web Page Leaves My Site When Links Are Clicked

[azpaul]

Good Morning Forum,

 

I write my own PHP when I need specific tasks done.  It has been quite a while and since I have had the need to write anything so I am rusty as can be.

 

I am needing some guidance and help and hope that I can acomplish what I am setting out to do with 2 hurdles I am trying to over come.

 

I am trying to embed a trivia game web page that takes a 5 digit code that logs you into a current game. The site uses multiple logins and a database to retrieve and store data once logged in.  A game session can have up to 1000 users and it does not matter what device is used as long as it has internet and a browser.  I am successful in pulling their index.php file into mine with all pictuteres, links and format in tact.

 

I have tried using JavaScript and iFrames but there is an issue with the cross domains and the permissions or security of some sort do not get passed properly using these two methods even though they keep the embeded site within my page. 

 

I have the company's permission to embed their main page into mine, actually it was their suggestion.  The whole idea is to make it look like my site using their login and server with my information so the end users do not know the real source of the site where there are links on how to purchase from them on the pages used.

 

Issues I have observed are with the JavaScript and iFrames are:

When logged, in the server loses connection with the remote device and even though the game can be played, it does not up date the server.

When logging out, the server keeps the connection active and even though the device logs out, the server app shows the client still logged in.

When a wrong code is entered, the error message does not show up on the device trying to log in.

Now this all goes away and the app works great running on their domain directly. 

 

 

I am also under the impression that I can manipulate certain elements with in the raw data.  I am hoping that I can manipulate their contact us link to redirect to my contact information.  But I believe this all has to stay within my site to pull that data.

 

What I have accomplished is being able to load their main index.php into a basic page on my site with this code. I found it on another search earlier and it worked out of the chute.  I do not quite understand curl.

<?
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.theirsite.com");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$result = curl_exec($ch);
curl_close($ch);
$result = preg_replace("#(<\s*a\s+[^>]*href\s*=\s*[\"'])(?!http)([^\"'>]+)([\"'>]+)#",'$1http://theirsite.com/$2$3', $result);
echo $result
?>

I used a more simple PHP code as well but this also worked and it was the last I code snippet I tried. 

 

Once the page loads it is on my site in my domain.  Once I enter the 5 digit code to join the game, it takes me from my site to theirsite.com and stays there.

 

How do I keep it all embeded in my site? 

 

I have been researching this for about 8 hours now and this is as far as I have reached.  Any help would be appreciated.  I think PHP is the way to go with this.

 

Thanks.  I look forward to the your responses.

 

Regards,

Paul

[Muddy_Funster]

Hmm....smells like a breach of just about every game sites end user agreament / terms of use on the net.  I'll need some evidence that you are infact allowed to create a site of this nature (in writing and from the actual host of the actual game) before I even think about helping you achieve it - although there may be other less scupulous people on here that could assist without that.

[azpaul]

Seriously? 

 

It is a login page to access game content with a code generated by the server?  Check your PM for a copy of the email.

[Muddy_Funster]

Yeah, seriously.  My statement was not intended to acuse you of directly and intentionaly trying to missuse somone elses content, only to draw awareness to the fact that in 99.9% of the times people try to do this sort of thing they are in fact doing so in contrivention to the original hosts conditions. The fact of the matter is, if charges are pressed against someone who does this kind of thing against a hosts usage agreament, and there is evidence that can tie other people to the fact that they aided and abettet that person....you get the idea.

 

I have checked the PM and am convinced that this is an instance of colaberative acceptance from both parties involved. 

 

The issue you are experiancing is this - cURL loads the content of the page into a variable, allows for some manipulation of the page data (case in point : your application of the preg_replace) and then lets you display the returned result on your page as though that's where the content came from.  Unfortunately it's not a "tunnel" to the sites content, just a preloading of the remote page data which you can then load into your own page.  This meens that any and all relative linking done within the presented document (ie. css files attached and loaded through something like [<link rel=stylesheet" type="text/css" href="/css/dispTemp/main.css" />] or [<img title="" alt="image1" src = "/images/pageContent/image1.png" />] is no longer valid - unless you happen to load the cURL script within a clone of the original sites file structure.  That's what your preg_replace() fixes, it changes any relaitve addressing to absoloute url addressing, alowing the css and images to load properly, however, it doesn't stop there, all anchors will also be changed to point to http://theirsite.com/ This is why all the links still send people back to the original remote site when they are clicked.  To fix this you will either need to alter the preg_replace so that it ignores anchor tags (and then find something that will re-write the links seporately), or change it out for a DOMdocument parser that you can then change the attributes on specific elements as needed.

 

Unfortunately I know the theory, but have never tried the practice - not an area I have ever been involved in. However others here are more than a little bit good at these kinds of things.