covareo Posted April 19, 2007 Share Posted April 19, 2007 Alright. I hope you guys can help me! I've asked this question on so many boards I am about to give up! I have an app that the client is requiring server side form validation on, then the validated form data needs to be posted to an external URL to which we have no access (salesforce.com). I can get the form data to post just fine, but the page itself does not post because the form action field is (and must remain) the form/processing page, not the external salesforce.com URL. Ideally the entire page must post (along with the form POST data) as if the form's action was originally the external URL AFTER the data has been validated. Heres my code so far - works, but the page just posts to itself after handing off POST headers to $URL. <? function post_it($url) { $saveurl = $url; $url = preg_replace("@^https://@i", "", $url); $host = substr($url, 0, strpos($url, "/")); $uri = strstr($url, "/"); $reqbody = ""; foreach($_POST as $key=>$val) { if (is_array($val)) { if (!empty($reqbody)) $reqbody .= "&"; $reqbody .= $key . "=" . $val; } else {if (!empty($reqbody)) $reqbody .= "&"; $reqbody .= $key . "=" . urlencode($val);} } $reqlength = strlen($reqbody); $reqheader = "POST $uri HTTP/1.0\r\n". "Host: $host\r\n" . "User-Agent: PostIt\r\n". "Content-Type: application/x-www-form-urlencoded\r\n". "Content-Length: $reqlength\r\n\r\n". "$reqbody\r\n"; header("Location: $saveurl"); $socket = fsockopen("ssl://" . $host, 443, $errno, $errstr); if (!$socket) {$result["errno"] = $errno; $result["errstr"] = $errstr; return $result;} fputs($socket, $reqheader); while (!feof($socket)) {$result[] = fgets($socket, 4096);} fclose($socket); return $result; } $isvalidated = 1; $emailerror = ""; $emailclass = "basictext1"; $emailpattern = '/^[[:alnum:]_\.\-]+@([[:alnum:]_\.\-]+\.)+[[:alpha:]]{2,4}$/'; $fullnamerror = ""; $fullnameclass = "basictext1"; $fullnamepattern= '/[a-zA-Z ]{1,}/'; $phoneerror = ""; $phoneclass = "basictext1"; $phonepattern = '/[\(.]?[2-9]\d\d[\).]?[ -]?[2-9]\d\d[-.]\d{4}/'; $phone = ""; if ($_POST['process'] == 1) { if (preg_match($emailpattern, $_POST['email']) < 1) { $emailerror = "Please enter a valid email address."; $emailclass = "errortext"; $isvalidated = 0; }else{ $email = $_POST['email']; } if (preg_match($fullnamepattern, $_POST['name']) < 1) { $fullnameerror = "Please enter your name."; $fullnameclass = "errortext"; $isvalidated = 0; }else{ $name = $_POST['name']; } if (preg_match($phonepattern, $_POST['phone']) < 1) { $phoneerror = "Please enter your phone number."; $phoneclass = "errortext"; $isvalidated = 0; }else{ $phone = $_POST['phone']; } if ($isvalidated == 1) { $url = "https://www.externalsite.com/fakeformactiontarget.php"; post_it($url); } } ?> <html> <style> .basictext1 { font: Arial, Helvetica, sans-serif 12px; } .errortext { font: Arial, Helvetica, sans-serif 12px bold; color:#CC0000; } </style> <body> <form action="thispage.php" method="post"> <div> <label for="name" class="<? print $fullnameclass; ?>">Name:</label> <input name="name" type="text" class="textbox" id="name" value="<? print $name; ?>" /> <? if ($fullnameerror != "") { print '<br /><span class="errortext">'. $fullnameerror."</span>\n"; } ?> </div> <div> <label for="email" class="<? print $emailclass; ?>">E-mail Address:</label> <input name="email" type="text" id="email" value="<? print $email; ?>" /> <? if ($emailerror != "") { print '<br /><span class="errortext">'. $emailerror."</span>\n"; } ?> </div> <div> <label for="phone" class="<? print $phoneclass; ?>">Phone Number:</label> <input name="phone" type="text" id="phone" value="<? print $phone; ?>" /> <? if ($phoneerror != "") { print '<br /><span class="errortext">'. $phoneerror."</span>\n"; } ?> </div> <input type="hidden" name="process" value="1"> <input type="hidden" name="oid" value="xxx"> <input type="hidden" name="retURL" value="http://www.somesite.com/wheresalesforcesendsus.php"> <input name="Submit" type="submit" value="Submit" class="buttons" /> </form> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/47792-s-side-form-validation-then-post-entire-page-not-just-headers-to-external-url/ Share on other sites More sharing options...
MadTechie Posted April 19, 2007 Share Posted April 19, 2007 erm.. what ? also use code tags.. your trying to post to another site that much i got.. whats the problem Quote Link to comment https://forums.phpfreaks.com/topic/47792-s-side-form-validation-then-post-entire-page-not-just-headers-to-external-url/#findComment-233540 Share on other sites More sharing options...
Glyde Posted April 19, 2007 Share Posted April 19, 2007 Don't put two \r\n's after Content-length, because I believe that's where the server stops parsing the information. Put one CRLF after Content-length, and two CRLF's after the body. Quote Link to comment https://forums.phpfreaks.com/topic/47792-s-side-form-validation-then-post-entire-page-not-just-headers-to-external-url/#findComment-233555 Share on other sites More sharing options...
covareo Posted April 20, 2007 Author Share Posted April 20, 2007 erm.. what ? also use code tags.. your trying to post to another site that much i got.. whats the problem The problem is that I can POST the form fields to an external URL, but not the page itself. The form action tag is 'self', but after validating I need the page to act as if the action were 'external url' not 'self'. Right now the headers make it to 'external url, but after that the browser window stays on 'self'. Sorry about the code tags <--newb Quote Link to comment https://forums.phpfreaks.com/topic/47792-s-side-form-validation-then-post-entire-page-not-just-headers-to-external-url/#findComment-233875 Share on other sites More sharing options...
covareo Posted April 20, 2007 Author Share Posted April 20, 2007 Don't put two \r\n's after Content-length, because I believe that's where the server stops parsing the information. Put one CRLF after Content-length, and two CRLF's after the body. I updated the page, but it didn't seem to change anything (headers looked the same in Tamper Data) and page stayed on itself after posting :/ Here's the thing - salesforce.com will autodirect submitters to different landing pages after submitting (based on what they filled in/requested) so I need to give them control of the browser window, but I also need to validate the data before submitting to them. So the form action can't be salesforce.com it has to be the form page itself (I've been told specifically NOT to use JS to validate.) <? function post_it($url) { $saveurl = $url; $url = preg_replace("@^https://@i", "", $url); $host = substr($url, 0, strpos($url, "/")); $uri = strstr($url, "/"); $reqbody = ""; foreach($_POST as $key=>$val) { if (is_array($val)) { if (!empty($reqbody)) $reqbody .= "&"; $reqbody .= $key . "=" . $val; } else {if (!empty($reqbody)) $reqbody .= "&"; $reqbody .= $key . "=" . urlencode($val);} } $reqlength = strlen($reqbody); $reqheader = "POST $uri HTTP/1.0\r\n". "Host: $host\r\n" . "User-Agent: PostIt\r\n". "Content-Type: application/x-www-form-urlencoded\r\n". "Content-Length: $reqlength\r\n". "$reqbody\r\n\r\n"; header("Location: $saveurl"); $socket = fsockopen("ssl://" . $host, 443, $errno, $errstr); if (!$socket) {$result["errno"] = $errno; $result["errstr"] = $errstr; return $result;} fputs($socket, $reqheader); while (!feof($socket)) {$result[] = fgets($socket, 4096);} fclose($socket); return $result; } $isvalidated = 1; $emailerror = ""; $emailclass = "basictext1"; $emailpattern = '/^[[:alnum:]_\.\-]+@([[:alnum:]_\.\-]+\.)+[[:alpha:]]{2,4}$/'; $fullnamerror = ""; $fullnameclass = "basictext1"; $fullnamepattern= '/[a-zA-Z ]{1,}/'; $phoneerror = ""; $phoneclass = "basictext1"; $phonepattern = '/[\(.]?[2-9]\d\d[\).]?[ -]?[2-9]\d\d[-.]\d{4}/'; $phone = ""; if ($_POST['process'] == 1) { if (preg_match($emailpattern, $_POST['email']) < 1) { $emailerror = "Please enter a valid email address."; $emailclass = "errortext"; $isvalidated = 0; }else{ $email = $_POST['email']; } if (preg_match($fullnamepattern, $_POST['name']) < 1) { $fullnameerror = "Please enter your name."; $fullnameclass = "errortext"; $isvalidated = 0; }else{ $name = $_POST['name']; } if (preg_match($phonepattern, $_POST['phone']) < 1) { $phoneerror = "Please enter your phone number."; $phoneclass = "errortext"; $isvalidated = 0; }else{ $phone = $_POST['phone']; } if ($isvalidated == 1) { $url = "https://www.externalsite.com/fakeformactiontarget.php"; post_it($url); } } ?> <html> <style> .basictext1 { font: Arial, Helvetica, sans-serif 12px; } .errortext { font: Arial, Helvetica, sans-serif 12px bold; color:#CC0000; } </style> <body> <form action="thispage.php" method="post"> <div> <label for="name" class="<? print $fullnameclass; ?>">Name:</label> <input name="name" type="text" class="textbox" id="name" value="<? print $name; ?>" /> <? if ($fullnameerror != "") { print ' <span class="errortext">'. $fullnameerror."</span>\n"; } ?> </div> <div> <label for="email" class="<? print $emailclass; ?>">E-mail Address:</label> <input name="email" type="text" id="email" value="<? print $email; ?>" /> <? if ($emailerror != "") { print ' <span class="errortext">'. $emailerror."</span>\n"; } ?> </div> <div> <label for="phone" class="<? print $phoneclass; ?>">Phone Number:</label> <input name="phone" type="text" id="phone" value="<? print $phone; ?>" /> <? if ($phoneerror != "") { print ' <span class="errortext">'. $phoneerror."</span>\n"; } ?> </div> <input type="hidden" name="process" value="1"> <input type="hidden" name="oid" value="xxx"> <input type="hidden" name="retURL" value="http://www.somesite.com/wheresalesforcesendsus.php"> <input name="Submit" type="submit" value="Submit" class="buttons" /> </form> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/47792-s-side-form-validation-then-post-entire-page-not-just-headers-to-external-url/#findComment-233876 Share on other sites More sharing options...
neel_basu Posted April 20, 2007 Share Posted April 20, 2007 Do it in a tricky Way. First Store the submited inputs in Sessions by Page1.php and then just redirect to Page2.php And here Page2.php Just Retrives Sessions And do the Job. No need to get into complex coding. Quote Link to comment https://forums.phpfreaks.com/topic/47792-s-side-form-validation-then-post-entire-page-not-just-headers-to-external-url/#findComment-234188 Share on other sites More sharing options...
covareo Posted April 20, 2007 Author Share Posted April 20, 2007 Do it in a tricky Way. First Store the submited inputs in Sessions by Page1.php and then just redirect to Page2.php And here Page2.php Just Retrives Sessions And do the Job. No need to get into complex coding. Can't - I don't have any access to 'page2.php' at all - its an external URL I don't have access to. Quote Link to comment https://forums.phpfreaks.com/topic/47792-s-side-form-validation-then-post-entire-page-not-just-headers-to-external-url/#findComment-234235 Share on other sites More sharing options...
Glyde Posted April 21, 2007 Share Posted April 21, 2007 Your server will need to have OpenSSL installed in order to connect to an https server. Quote Link to comment https://forums.phpfreaks.com/topic/47792-s-side-form-validation-then-post-entire-page-not-just-headers-to-external-url/#findComment-234736 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.