grilldor Posted February 24, 2008 Share Posted February 24, 2008 Hello all, im trying to create some kind of centralised control panel where i can log on to many of my online accounts. What i have right now is a php script that fills in a form and a javascript that submits it automaticaly. The forms action parameter is the form handler on the external website. This works, however, even though i secure all the passwords and whatnot, theres a big flaw where i need to decrypt the password for it to be written in the form and then submitted. If your quick enough, you can stop the page before the javascripts submit it and see the decrypted password in the sourcefile. What im looking for, is a php script that sends the HTTP POST request diectly to the form handler. Ive tried all kinds of stuff with curl but i cant get it working the way i intend it too. Can anyone help me creating this "fake" post request? Thanks!!! Link to comment https://forums.phpfreaks.com/topic/92742-faking-a-form-submit/ Share on other sites More sharing options...
Orio Posted February 24, 2008 Share Posted February 24, 2008 You can use CURL, like you mentioned. It's not too complicated. Example: <?php $url = "http://www.ExternalSite.com/handler.php"; $post_data = "name=".urlencode($_POST['name'])."&password=".urlencode($_POST['pass']); //etc $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); curl_exe($ch); ////NOTE- Add a a "c" after the exe here, because the board doesn't like this word curl_close ($ch); unset($ch); ?> Feel free to ask questions. Good Luck, Orio. Link to comment https://forums.phpfreaks.com/topic/92742-faking-a-form-submit/#findComment-475230 Share on other sites More sharing options...
grilldor Posted February 24, 2008 Author Share Posted February 24, 2008 thanks alot for you help! I had a script extremely similar to yours and never got any result... Anyway, I did get a result this time, however here is what it says : Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set Now this sucks... its a shared server so i cant tweak all the settings... any workaround? Link to comment https://forums.phpfreaks.com/topic/92742-faking-a-form-submit/#findComment-475378 Share on other sites More sharing options...
Orio Posted February 25, 2008 Share Posted February 25, 2008 Try deleting the followlocation option. This may cause the script not to work correctly - that depends on that external form processor you're are using. Give it a try. Orio. Link to comment https://forums.phpfreaks.com/topic/92742-faking-a-form-submit/#findComment-475849 Share on other sites More sharing options...
grilldor Posted February 27, 2008 Author Share Posted February 27, 2008 I tried taking out curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE); but the script does not appear to do anything. It probably sends the form, but the handler needs us to go to the page afterwards to work. Any way to bypass the error message? Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/projetl/public_html/poly_logger/curl.php on line 11 Link to comment https://forums.phpfreaks.com/topic/92742-faking-a-form-submit/#findComment-477653 Share on other sites More sharing options...
Orio Posted February 27, 2008 Share Posted February 27, 2008 Not really, unless you can cancel safe_mode. Orio. Link to comment https://forums.phpfreaks.com/topic/92742-faking-a-form-submit/#findComment-478016 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.