Help! IP Address Validation

[ziltech]

Hello everyone,

 

I have a problem which I hope somebody will be able to help me with. Here goes.

 

I am setting up a website for a car dealership and one of the functions of the application is to be able to perform a car registration plate search.  The search will return every detail about that particular car, make - model - engine size etc.

 

I have opened an account with CarWebUK who run a database containing this data but am having some trouble integrating it with my site.

 

On my website I will have a form which contains one field for sending the registration number, along with various hidden fields which contain my account username - password etc.   The result is an XML file containing details about the car.

 

The problem is that the service is restricted only to respond from my SERVER IP address.  So when a client submits the form request from their PC obviously the system is not going to allow the information because it's going to appear to have come from their CLIENT IP not the SERVER.

 

If you visit the following URL you will see the resultant XML file produced from their system however you won't see car information but you will see that the 'ErrorDescription' tag says 'No more available user accounts', this is because the website wasn't requested from 217.64.112.76 (my SERVER IP).

 

https://www.carwebuk.com/CarweBVRRB2Bproxy/carwebvrrwebservice.asmx/strB2BGetVehicleByVRM?strUserName=Ziltech&strPassword=658625&strClientRef=&strClientDescription=&strKey1=lc51ghj9&strVRM=y313ldk&strVersion=0.16.2

 

The registration number variable in the above URL is 'strVRM', I have put in my registration number - y313ldk (this must contain no spaces).

 

Is there a way that this can be fixed, IE. by changing client headers to 217.64.112.76 or is it possible to create the following chain?

 

Client Loads Website - Submits Form To My Server - Server Sends Request To CarWebUK - CarWebUK Sends XML File - XML File is display on Client.

 

I appreciate this is going to either be really easy or something that is just not possible.  All help would be greatly appreciated as I've been scratching my head over this one.

 

(by the way, CarWebUK won't change the IP address allowed, nor will they just allow any IP to use the service - that's whats making this so hard).

 

Best Regards,

 

Rob Foster.

[paul2463]

because PHP is  Server based and not client based, any PHP that is run ( and makes a request) will be made from your server not the client machine - I believe - however if that is the case then this could be the scenario

 

1.  client fills in the form to make the request( no need to have hidden fields these can be appended at the next stage)

2.  form is POSTED to another "request" PHP page which makes the request to carwebuk with the appended hidden data ( no one sees it)

3.  the request.php takes in the returned XML file

4.  generates the html page and sends the data back to the client who made the request.

 

Hope that helps

 

[ziltech]

Thanks for your quick reply.

 

You're right, thats what I thought the process should be.

 

The user submits the car registration number ('strVRM' field) to a php file on my server - lets say 'getdetails.php', this file then requests / generates the results.

 

How would you recommed that 'getdetails.php' requests the XML file, would it be a function?

 

Sorry if thats an obvious question, im not a professional PHP developer.

[taith]

cURL(), file_get_contents(), http://ca.php.net/manual/en/ref.xml.php

[ziltech]

I'm going to gave to look into cURL, it seems to be exactly what I need but I have no idea where to start at the moment.

 

CarWebUK have given me this sample access script in SOAP? The parts in blue are the parts that need to be changed (my account details etc.)

 

Does anyone have any idea how this would work or be called (inc file extensions) for that matter, any relation to PHP at all??

 

 

POST /CarweBVRRB2Bproxy/carwebvrrwebservice.asmx HTTP/1.1

Host: www.carwebuk.com

Content-Type: text/xml; charset=utf-8

Content-Length: length

SOAPAction: "http://ws.carwebuk.com/strB2BGetVehicleByVRM"

 

<?xml version="1.0" encoding="utf-8"?>

<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">

  <soap:Body>

    <strB2BGetVehicleByVRM xmlns="http://ws.carwebuk.com">

      <strUserName>string</strUserName>

      <strPassword>string</strPassword>

      <strClientRef>string</strClientRef>

      <strClientDescription>string</strClientDescription>

      <strKey1>string</strKey1>

      <strVRM>string</strVRM>

      <strVersion>string</strVersion>

    </strB2BGetVehicleByVRM>

  </soap:Body>

</soap:Envelope>

 

HTTP/1.1 200 OK

Content-Type: text/xml; charset=utf-8

Content-Length: length

 

<?xml version="1.0" encoding="utf-8"?>

<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">

  <soap:Body>

    <strB2BGetVehicleByVRMResponse xmlns="http://ws.carwebuk.com">

      <strB2BGetVehicleByVRMResult>xml</strB2BGetVehicleByVRMResult>

    </strB2BGetVehicleByVRMResponse>

  </soap:Body>

</soap:Envelope>

 

 

Thanks,

 

Rob.