Jump to content

POST without a form - Possible

papaface

By papaface
in PHP Coding Help

 Share

Recommended Posts

papaface Advanced Member

papaface

Posted
Posted

Hello,

Here is the scenario:

 

I have a page at domain.com. On that page I have a link to a page (page.php) that contains a form. The form contains private information, that is automatically POSTed to anotherdomain.com when the page loads.

 

How can I still POST the data, but without anyone downloading the HTML from page.php and stealing the form values?

 

I believe cURL can't be used as the person still needs to be directed to anotherdomain.com, and I think cURL only does it as a background process?

Link to comment
Share on other sites
MadTechie Regular Member

MadTechie

Posted
Posted

the basic concept is this (note the //heres)

 

<?php
//FIELD HERE
$post_data = array(
"url" => "http://pn-network.net/sprites/tc_012_2.png",
"fileupload" => "http://pn-network.net/sprites/tc_012_2.png",
"MAX_FILE_SIZE" => "13145728",
"refer" => "",
"brand" => "",
);
$ch = curl_init();//OF COURSE
curl_setopt($ch, CURLOPT_URL, "http://www.imageshack.us/transload.php"); //HERE
curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
curl_setopt($ch, CURLOPT_POST, true); //HERE
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); //HERE
curl_exec($ch);//OF COURSE
curl_close($ch);//OF COURSE
?>

Link to comment
Share on other sites
papaface Advanced Member

papaface

Posted
  • Author
Posted

Thanks for that, but will that actually take a person to the page a form would normally be posted to?

the basic concept is this (note the //heres)

 

<?php
//FIELD HERE
$post_data = array(
"url" => "http://pn-network.net/sprites/tc_012_2.png",
"fileupload" => "http://pn-network.net/sprites/tc_012_2.png",
"MAX_FILE_SIZE" => "13145728",
"refer" => "",
"brand" => "",
);
$ch = curl_init();//OF COURSE
curl_setopt($ch, CURLOPT_URL, "http://www.imageshack.us/transload.php"); //HERE
curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
curl_setopt($ch, CURLOPT_POST, true); //HERE
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); //HERE
curl_exec($ch);//OF COURSE
curl_close($ch);//OF COURSE
?>

Link to comment
Share on other sites
sKunKbad Advanced Member

sKunKbad

Posted
Posted

I use an email processing script that as a side process uses curl to add people to an email list. This side process is independent of the email processing script, and once both tasks have been completed the main script redirects the user to either a thank you page, a thank you page with email list confirmation, or an error page.

 

This is the side process that uses curl:

<?php
if ($aCleanedValues['opt-in'] == 'Y'){
$prename = $_POST['realname'];
$nameRegex = "/^[A-Z\s\.,'-]+$/i";
$preemail = $_POST['email'];
$emailRegex = "/^(?:^[A-Z0-9._%-]+@[A-Z0-9.-]+\.(?:[A-Z]{2}|com|org|net|biz|info|name|aero|gov|mobi|tv|biz|info|jobs|museum)$)$/i";
if(preg_match($nameRegex,$prename) && preg_match($emailRegex,$preemail)) {
	$name = $prename;
	$email = $preemail;
	$url = "http://newsletters.somedomain.com/subscribe.aspx?Task=Join";
	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL,$url); // set url to post to
	curl_setopt($ch, CURLOPT_FAILONERROR, 1); //needed for some reason
	curl_setopt($ch, CURLOPT_TIMEOUT, 30); // times out after 31s
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //so you dont see the process, it just happens before the redirect
	curl_setopt($ch, CURLOPT_POST, 1); // set POST method
	curl_setopt($ch, CURLOPT_POSTFIELDS,  array('Name'=>"$name",
												'Email'=>"$email",
												'DeliveryFormat'=>'HTML',
												'Password'=>'RandomNumber',
												'NewsletterListID'=>'526',
												'JoinType'=>'Menu',
												'SID'=>'{abcEB2A7-0B0C-A50B-ckjkaddB114A}')); // add POST fields
	curl_exec($ch); // run the whole process
	curl_close($ch);
}
}
?>

Link to comment
Share on other sites
papaface Advanced Member

papaface

Posted
  • Author
Posted

It will return the data from that form..

 

so you could do this

 

$html= curl_exec($ch);
echo $html;

 

i think the big question is why your taking this route!

Always assume the worst!

I'm doing this to protect forms that contain confidential info. Why are you so suspicious !

 

I want the person to actually be taken to the place they'd be taken if they pressed the submit button in a form.

Echoing out the results isnt an option as they need to pay via paypal...

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.