I'd like some help in taking data input from a user, using that input to complete a form on a different site and then collecting the results that the site outputs. Would it be possible to do this via PHP? If it helps/ additional info, the target site is in JSP.
The site in question is a result site for my university. It's done in JSP and there's no sort of API through which I can fetch the data. I'd like to be able to take user input ( unique student ID etc) , submit that to the result website, and fetch the results onto my own to do some calculations. Would it be possible to do this?
Any help would be appreciated.
well technically you can. if you create an http post request to that site you can send data to that site but the response will be the html code of the page. but as a security most of the sites usually protects their sites from such actions so they put a token inside their forms so that they can be able to know whether the form data is coming from their site or was submitted by external source.
you can try to send post HTTP using curl
here is a sample tutorial
https://davidwalsh.name/curl-post
It is not possible if the external site does not have APIs to provide the data. Normally cross-origin HTTP request would be disallowed for a web application. Read more about CORS Here.
Related
I am creating a form handling service that will allow users to copy and paste a form action and the service will store the data in a database and redirect to confirmation page on the users website.
What I'm trying to achieve:
I would like to include some analytics on the form such as, time taken to complete each field, form views, form activation etc. I'm guessing this would need some javascript also pasted on the users page that would link to an external script (on my site). But my question is, how would this work in practice?
I can't use ajax as it would be on different domains and I also want as little code as possible to be copy and pasted by the user.
My question is not what specific code I need to use here, rather what approach do I take?
I'm thinking it will be similar to the google analytics snippet that they provide for tracking but im not 100% sure on how that works.
For cross-site requests, there is always the option of using script injection, as used with JSONP. For example, you could use jQuery.getJSON to pass some data as GET parameters to another site. Of course, only being able to do GET requests is a disadvantage. If you want/need to perform post requests, you could wrap your initial request in a web service, which basically converts GET parameters to POST parameters and forwards your request; YQL could do that for example.
I am supposed to capture data from a form and send the data to a url on a different server.For eg:-I have a form on a page at the url http://www.form.com/register.php.
I capture all the data from this form and for some reason need this data to be processed on a page on another server at http://www.thereceivingpage.com/process.php.
As of now I am using headers to redirect with the parameters in the query string something like this:-Header(Location:http://www.thereceivingpage.com/process.php?name=alice&address=a1&address2=a2) but I need to send a larger amount of data which wont happen as GET request. Can anyone suggest a better way where in I can post data rather than the data in the query string ...thanks
Use cURL. If you have to redirect to the site, it gets a bit trickier but you can still do it. You can get the cookie and redirect information back from the site and then do a GET redirect using header.
Can you not update the action to simply post directly to that form? Otherwise, you might want to look into something like curl: http://ca.php.net/manual/en/function.curl-exec.php
You'll pretty much re-use the header redirect syntax with the parameters but instead you'll tell it to be a post.
redirect to a page on a different server and post parameters to it
thanks to internet standards, that's impossible.
if it's third-party site, let user to interact with it directly. do not interfere between them, it smells
If you want to develop secure applications then you should be aware that http://www.thereceivingpage.com/process.php is vulnerable to Cross-site Request Forgery (CSRF), meaning that anyone, from any site, can post form data to process.php.
process.php should be checking for a token (which www.thereceivingpage.com transmitted to the user as part of the form) and should be rejecting form submissions that don't contain the token to prevent submissions coming from anywhere but www.thereceivingpage.com and thus protecting your users from being manipulated into making requests they didn't want to.
In addition to your concern about the size of the GET requests you cause the client to make when redirecting, it's also not a good practice to turn POST requests into GET requests.
The best solution is to completely rethink the notion of delivering a form from one site to be submitted to a different site.
You can manually set headers and send request or you can use curl
see this
http://www.askapache.com/htaccess/sending-post-form-data-with-php-curl.html
I'm looking at a domain registration site that looks like it uses jquery to process users data inputed and to register domains.
What I was wondering is if it's possible for users to be able to fill in data on a form on my website and then when the user is ready to complete payment, be taken to the actually domain registration site where all the data they typed in on my site will be posted to the domain reg site.
So basically, the users fills in a load of info on my site, AND attempts to check for domain availability on my site. Once the users has found the domain they want, they will be redirected over to the actual domain reg site where all their info will be posted.
Now I know if the domain reg site used PHP to process all the stuff, it wouldn't be a problem. But they don't use PHP.
Do you guys reckon this could be possible?
I'm not sure this would be possible in any amount of time that would make it worth it to you. Without knowing any of their back-end code, it's going to be extraordinarily difficult. Edit: I should add that I did look through some of their jQuery code and it looks as though they're using ajax .post() to submit data. Where this data goes and what responses are expected is anyone's guess, though...
That said... there are quite a few domain registrars that offer real APIs to let you do what you want... or even let you go one step further and offer the ability to register domains directly through your website. Sometimes you can set your own price, as well.
Here are links to some of these APIs:
Namecheap: http://developer.namecheap.com/docs/
GoDaddy: http://www.godaddy.com/reseller/domain-reseller-api.aspx
eNom: http://www.enom.com/resellers/Interfaceinfo.asp
I'd personally recommend NameCheap, but for the purposes of your question, any of these should do.
I can't make any promises but say you used jquery ajax to pull in the form the would have to fill out. Said form would then be on your client side so in theory I think you could use their input ids to fill out the form using javascript/jquery. All this would technically be client side. To bad that other site does not have an api for purchases.
Do you have control over the domain registration site? There are many ways you can send the user's input over to that site, but of course it has to be looking for this posted data and know how to handle it. PHP is not necessary to handle the data that is passed in. For example, if you send your info to the domain registration site via a form GET method, the info will become part of the URL, which can be accessed and parsed via javascripts window.location property.
Howdy folks, I am wanting to build a script or something to take a single row from my MySQL database and use that data to pre-populate form fields on one of multiple sites that aren't mine. What I'd like to do is to take information a user has entered on my site and when they click a link to one of the sites in my system it loads the external site with certain pre-mapped fields populated with the info they entered. But I can't seem to get my head around a way to do this, seeing as I can't add anything to these pages. Do you guys have any suggestions?
The flow you described is not possible due to cross-site scripting constraints. This post is relevant: Browser Automation and Cross Site Scripting
The closest thing I can think of is Greasemonkey, which would force the user to download the plugin from Mozilla, plus a new userscript from your website.
Another option would be reproducing the form on your own web server, and hoping the form action doesn't perform referrer checks.
i am not very sure but you can use wget and pass xml data...i.e you can build an xml string with the data you want to send across and then do a wget to the other site...hope this helps
Is this possible?
I want to have a PHP login form on my website. When the user enters a username and password and clicks submit, they should be directed to a remote website logged in (therefore skipping the login form on the remote site).
As mentioned in the title, the remote site is built using ASP.NET.
I've tried to search for a solution this but really not finding anything so some help and advice would be welcome.
Thanks, Mark.
I've had the same situation where I needed to post a remote form. If I remember correctly,I did the following:
create http handler (I used Zend_Http for this).
first fetch the page via GET.
search response for all form elements and their values.
set those values in the http handler.
set your own values (such as username/password).
execute POST
asp.net apps create forms that are a bit ugly. They use a lot of hidden values in their forms (at least in my situation). There is a change you need to enable cookies.
Hope this helps.
Do you own the remote site ?
If no, the only solution is to submit the remote form with curl, by posting via POST/GET the right parameters. You have to check the html source of the remote form to know what parameters you have to pass.
Nethertheless, this solution will be broken as soon as the remote website will implement some CRSF protection on their forms.
Have you tried to post directly to the ASP.NET form from your php script?