how to send form information through ext. url NOT mail() using php

[detox]

Hi,

I need to send form data through this url using post method

form action="https://www.testdomain.com/servlet/servlet.WebToWeb?encoding=UTF-8"

method="POST except the action url needs to be changed to "mailer.php"

 

I have a captcha script where the form action is sent to a file called "mailer.php"

 

which sends the form data to an email address.

 

I would like to modify this script to be able to send the form data to "mailer.php"

and feed the collected form data from a users input to the URL above.

 

I have attached a file where I replaced the mail() with location:header but I have a feeling I am making this involved than it should be.

Any help appreciated.

Edited November 20, 2013 by detox

[digibucc]

php curl

 

here's a little function i wrote for simple queries, adapted for you:

// Functions
function docurl($data, $posturl) {
  $ch = curl_init($posturl);
  curl_setopt_array($ch, array(CURLOPT_POST           => 1,
                               CURLOPT_POSTFIELDS     => $data,
                               CURLOPT_FOLLOWLOCATION => 1,
                               CURLOPT_HEADER         => 0,
                               CURLOPT_RETURNTRANSFER => 1,));

  $Rec_Data = curl_exec($ch);

  return $Rec_Data;
} 
$result = docurl('?field1=a&field2=b', 'https://www.salesforce.com/servlet/servlet.WebToLead?encoding=UTF-8');

with this, you will get the html of the resulting page into the $result variable. you can echo/print/dump that to just print the page, or you can parse the data for the specific info you want. good luck.

Edited November 20, 2013 by digibucc

[detox]

Hi, is Curl part of native php?

 

Also I am not sure that you looked at the file I uploaded. I have about 10 form fields. Is this supposed to loop to then last variable

then submit the form through the action url (https://www.salesforce.com/servlet/servlet.WebToLead?encoding=UTF-8)? I do not need to echo or print it.

[dalecosp]

Hi, is Curl part of native php?

Um ... sort of.

 

http://php.net/manual/en/curl.installation.php

 

Most installations of PHP have cURL enabled by the administrator when PHP is installed, but YMMV.

 

Comments inline.

 

//You have the data already; now let's feed it to cURL.
$my_post_array = array(
$first_name,
$last_name,
$phone,
$from,
$subject,
$company,
$city,
$state,
$zip,
$machine,
$message,
$ocode
);

//initialize a cURL handler ($ch) using your URL ($urlcode)
$ch = curl_init($urlcode);

//set cURL options
curl_setopt_array($ch, array(
CURLOPT_POST => 1,
CURLOPT_POSTFIELDS => $my_post_array,
CURLOPT_FOLLOWLOCATION => 1,
CURLOPT_HEADER => 0,
CURLOPT_RETURNTRANSFER => 1,
)
);

//perform the POST action. You can use $the_results to see what the page said in response to your POST,
//since the cURL options "RETURNTRANSFER" was set true.
$the_results = curl_exec($ch);

 

HTH,

[detox]

Hi, I don't see where you made use of/defined $urlcode in the above example

also confused about what you said:

"page said in response to your POST" usually when something is posted, you don't need to see anything, Just curious.

 what exactly would the page say? the looped data maybe?

I also don't see what part of that code opens the posted url link like the person that posted the first example of Curl

$result = docurl('?field1=a&field2=b', 'https://www.salesforce.com/servlet/servlet.WebToLead?encoding=UTF-8');

[dalecosp]

Hi, I don't see where you made use of/defined $urlcode in the above example

Well, that's a tad funny, since I got it from your attachment above

 

also confused about what you said:

"page said in response to your POST" usually when something is posted, you don't need to see anything, Just curious.

I typically write a page so that when something is POSTed, it says, "your submission was accepted", "thanks for the info", "would you like to do another", "here are some pictures of cats", etc. It's kind of a programming rule; you take an action, the computer gives some indication of the result (unless it's a UNIX CLI program ...)

 

what exactly would the page say? the looped data maybe?

I don't know the answer to that in this case; I would ask the author of "servlet.WebToWeb", whoever that may be ... someone @ salesforce, perhaps.

 

I also don't see what part of that code opens the posted url link like the person that posted the first example of Curl

That would be "curl_exec":

 

$the_results = curl_exec($ch);

It executes the cURL process based on the CURLOPTS that were set, and since RETURNTRANSFER is true, any output from the script that handles the POST (as you note, there might not be any), will be placed into the variable "$the_results".

Edited November 22, 2013 by dalecosp

[detox]

mailerBeta1.txt

Would you be so kind to check this file and tell me if it's correct or if I am missing something?
I will then test it in a live sales environment.
notice I did not use
$the_results = curl_exec($ch);
 
Thanks!

[dalecosp]

If you want the form/data to be posted to the URL ($urlcode), you have to call curl_exec.

[detox]

I don't know how to call/execute  curl_exec.   at the end of my script. The browser needs to go to the RetUrl after the code is executed.

[objnoob]

You can keep it simple and avoid using cURL. Just do this....

$postVars = array(
      'first_name' => stripslashes($_REQUEST['first_name'])
    , 'last_name' => stripslashes($_REQUEST['last_name'])
              
            ####  make sure you add them all  ####
);
$strQuery = http_build_query($postVars);
header('Location: https://www.testdomain.com/servlet/servlet.WebToWeb?encoding=UTF-8&' . $strQuery);

If you want to get fancy and keep your user at your site and don't redirect them to testdomain.com, you'll need to use cURL...

In this case the user/browser doesn't need to go the URL.  The server already went to the URL using cURL and get's a response.

 

You must use CURLOPT_RETURNTRANSFER in order for the curl_exec to return the response.

You must use CURLOPT_POST option, and you must provide the CURLOPT_POSTFIELDS

 

Once you call curl_exec, you echo the response from the cURL request to the user's browser all while keeping their browser pointing to your site's URL.

$response = curl_exec($ch);
echo $response;

Second, you need to make sure your post fields array is proper.....

You need to identify the variable name the requested URL is expecting when providing values.

$postVars = array(
     'first_name' => stripslashes($_REQUEST['first_name'])
     'last_name' => stripslashes($_REQUEST['last_name'])
);

[detox]

I don't mean to seem like an un-conceptionalist and I appreciate your help and patience. But

I am not 100% what you mean by:

1.) requested URL is expecting

and you say:

 

2.) ####  make sure you add them all  ####

what if I don't?

 

3.) $response = curl_exec($ch); echo $response; - does echo initiate the transfer to the ext Url? why do I need to echo the response?

or at this point could I just echo Thank you for filling out the form or does echo $response need to be there?

 

3.) If I use Curl and I want the response page to remain at the original domain, would I just echo a thank you gesture from the script above or

should it be a separate webpage?

 

4.) Thank you for providing the non-Curl Version. That made sense to me right away. I would like to use Curl as I never used it before.

Is either way better to hide from form filling bots?

[objnoob]

I don't mean to seem like an un-conceptionalist and I appreciate your help and patience. But

I am not 100% what you mean by:

1.) requested URL is expecting

and you say:

 

       You're making a request to third party form processing script. You must send it the info it needs to process the data successfully.

 

2.) ####  make sure you add them all  ####

what if I don't?

 

       You wont send all of the data to the third party script. It will most likely say: Email Required if expects an email address and you didn't send one one.

 

3.) $response = curl_exec($ch); echo $response; - does echo initiate the transfer to the ext Url? why do I need to echo the response?

or at this point could I just echo Thank you for filling out the form or does echo $response need to be there?

 

        Yes, curl_exec will send a request to the third party script, and your user wouldn't even know that's happening.  

        No, you don't have to echo the response from the request. You can echo anything you want.

        Should AT LEAST go through the response to make sure the third party response doesn't contain an error (ex:  email required because you didn't send an email address with your request and it was expecting one)

 

3.) If I use Curl and I want the response page to remain at the original domain, would I just echo a thank you gesture from the script above or

should it be a separate webpage?

 

         You can just  echo "Thank you!" However, I would first make sure the request I sent to the third party script didn't come back with an error!

         Since you're the one calling the third party script, you should know how it works and what the hell it might respond.

 

4.) Thank you for providing the non-Curl Version. That made sense to me right away. I would like to use Curl as I never used it before.

Is either way better to hide from form filling bots?

 

         Nope.  That's why you're using a captcha.

         If the third party script is has a captcha, then you're screwed.  Essentially, your a request using cURL is a bot in action.

[detox]

The previous web guy was using the third party reponse Url in the actual form page. So I wanted to hide it in a separate script and call it using php or curl

instead of using the typical form action="httt://www.urletc.com" on the form page, hoping this will be a bit more secure. I have a few other things I may want to try also. Cheers! I will apply it and respond with update. Thanks all!

[objnoob]

Yes, cURL is the way to go since you want to obscure the location of the third party script!

You're most welcome!  cURL is a great tool to add to your toolbox.

[detox]

Hello, I think I have put the script together correctly and cURL is enabled on the server but I am getting this error.

Warning cannot modify header information - headers already sent by (output started at blah blah blah mailer600.php:1)

in blah blah blah()

 

I attached both files, the form page and the mailer script in hopes that you can but as you will see, there is no space there.

 

I  tried eliminating white space, I  tried saving the mailer600 page in UTF

and have played around with the meta encoding tags in the form file and tried taking off the ?encoding=UTF-8 off of the post url in mailer600.php without any luck.

 

 

 

 

mailer600.php

contact.php

errorHeader.txt

[dalecosp]

Why are you calling curl_exec() twice?  You only should need the 2nd one, with the output assigned to $the_results.  Most likely, the first curl_exec() is returning output, as instructed, and that's causing the setcookie() to fail.

[detox]

I tried what you said, look at this file. still the same.

tried-this.txt

[detox]

edit: that's what I thought you said anyways.

[detox]

The cookie is working fine. I am still getting the header error "headers already sent by (output started at blah blah blah mailer600.php:1)

in blah blah blah() I feel I am pretty close, just need a little help to wrap this up. Thanks!

[dalecosp]

The "blah blah blah()" is pretty important, as it should be telling you which line the failing call is on.  I'm still not convinced it's not the setcookie() --- but you've not shown the code lately...

[detox]

It is line one, I have included the files in post #15.

I know this because, if the cookie fails the captcha would not validate. Thanks again.

[dalecosp]

In post #15, you have two curl_execs.  So the code now is exactly the same as in post #15, with the exception of having the first curl_exec() call removed?

If that's true, I see no problem with the code itself, as far as I can tell.  What editor are you using?  Does it save with a Byte Order Mark, by any chance?

[dalecosp]

Sorry, I spoke too soon.

 

This is wrong, by all standards:

 

echo $the_results;setcookie('tntcon','');

 

And this would cause exactly the error you've made reference to.

[detox]

It seems you're are implying that the set cookie thing is in the wrong place. But I cannot think of a reason why it needs to be specifically placed high or low in the script.

I have read a number of times from different sources that you want the content sent after the headers are sent, but never read only after the cookies are sent.

so I am confused at this point. Happy T-day!

[objnoob]

Cookies go in the headers.