Getting a text only response to a GET or POST - php

I have a VB6 application which needs to send a HTTP request to a server in order to obtain some encrypted license information (50 or so bytes).
The request can be sent using either POST or GET methods, but the response is in HTML (presumably directed at a browser) and so it is difficult to search through all the HTML to find the values I need.
What is the best way to proceed?
The server script is in PHP.

Regardless of what language the server used, if the server response is an HTML including the license information, I'm afraid there are not many choices but fetching the response and extract the license bit.

Related

JAVA (jetty), PHP and jQuery Ajax return very big json JSON is not complete

I'm attempting to retrieve a very big list of Strings back from the server (~4500 String, each String is ~50 chars). my Application is running a Java back-end with REST API, an Apache connecting the client to the server from security manners with PHP code and client side call coming from a jQuery call.
If I put the URL in the browser is the the full output of the JSON, but when I call it from the script it only receive an array of 42 items.
I Check JSON is formatted well when return, and couldnt find anything that limit the respons size.
What can be the problem?
Thank you

How to send C++ data to PHP with post request and what is allowed to send?

Okay, so I got a game, that needs to send some stuff from C++ to a PHP page using a post request.
My questions are:
How can I send a post request?
What kind of data can I send over to PHP? (just strings and ints or also entire collections?)
How can I send a post request?
This is normally done using an HTTP library. I've not used one in C++ myself, but cURL is popular across platforms and has [C++ bindings][1] (although the documentation seems to be undergoing migration at the moment).
There is more information on the subject in this question.
What kind of data can I send over to PHP?
Pretty much any data you like - but it has to be a data format rather then a data structure. If you want to send a collection you would need to serialise it to some format. JSON is a popular one. Binary data can be encoded using base64.
If you do use JSON you could either then add a second layer of encoding to send it application/x-www-form-urlencoded and access the raw JSON via $_POST or you can make the JSON the whole body of the POST request and get the body of the post in PHP.
The fact that you say you're sending via POST request tells me that you're using a HTTP server to serve your PHP script. In which case, you want a library that allows you to send HTTP requests. A very popular choice is libcURL. What can you send? You can send anything that a HTTP request would allow you to send. So anything you like.
You can use JSON or SOAP for sending the data. When passing small amount of data JSON is preferred. More info on JSON/SOAP
To build HTTP request consider using libcurl and eventually its c++ wrapper curlpp
You can send whatever you want to php but don't forget that all the data comming from HTTP will be string for php.
PHP can cast to some type like int with intval() or (int) but binary data will be more complex to handle.
Consider using some standars like json and REST to build a robust communication.

Passing Information Between a Database through JSON

I need to display information from an SQL database which resides on a server, to a remote webworks mobile device. I am extremely new to passing information from a server so bear with me. My normal understanding is that I would have an HTML file that accesses a php script which then itself connects to the database and displays the information.
However, in webworks the HTML/Javascript files reside on the device and are separated from any php file so I need a method to communicate to get the data from the database. I have looked through JSON and read all the tutorials on w3schools and I understand the syntax but I don't understand how to use it. How could it connect to a database? My aim is to simply display the table entries on a mobile device app running HTML5 webworks. Again I am very new to this so any explanation would be very helpful.
Chances are, you should get a book. This is not something that can be explained in detail in a short answer on this site.
in summary however, you can either
1) send requests to your php script by submitting a form on an html page, which will load a new page filled with whatever PHP sends back. in this case you do not need to use JSON at all as PHP would be returning a full html page.
2) you can use AJAX. AJAX is a javascript method of sending requests to the server (PHP), and getting a response without ever loading a new page. you would use AJAX to send a request to the php page, the php page would access the database and send back a response, the javascript would then take the response and do whatever it needs with it. the response data is usually formatted in a JSON format, because PHP can easily create JSON, and javascript can easily decode JSON once it receives it as a response. to make using AJAX simpler, you may want to look in to using jQuery, a javascript library which can simplify the process.

Json vs Standard Post

I have developed a free shopping cart plug-in for small websites, I am currently using name=value&name=value to submit items to the basket.
The process is html form -> jQuery serialize -> AJAX post -> php,
I have read that JSON is a more secure way to pass this data. I was hoping some kind person could explain to me why this is or point me to any web resources on the subject.
JSON posted with XHR is no more (or less) secure than any other request.
They all must be handled appropriately.
There's no difference between AJAX POST or any other POST. It's all the same.
HTTP is a simple protocol, whether JavaScript sends headers or a custom built script - it doesn't matter to the underlying server since all it sees is plain text that it interprets.
There's no "more" security if you use AJAX or regular POST-ing, anyone can send any sort of data to the target script so you need to handle it properly.
It's not related to security at all.
JSON is just a different way to transmit the data - instead of posting a querystring-like string you send a string that is valid JSON.
By default in AJAX, data is posted in xml format using some protocol. while parsing data from xml format, we will get all node values in string format. Hence data type of the value submitted/received is not known. If required we need to typecast the data.
where as in JSON format data types has been persisted till some extent.
POSTing JSON data requires that certain types of headers be sent back and forth between the client and server. For instance, the client needs to send content type, the server needs to respond with allow-options for content type and access origin. POSTed JSON doesn't come through the PHP $_POST variable, rather it is carried in $HTTP_RAW_POST_DATA.
Without the proper headers, a browser kills the response and its data, preventing the page from looking at or processing anything. Or at least, it's supposed to.
Is generally more "secure" for preventing cross site scripting problems, but the data and calls are still subject to hacking the posted data and headers and such.

How is http post method implemented?

I know want to know what happens behind the scene of a HTTP post method.
i.e browser sends a HTTP post request to a server side script in PHP (eg).
How does PHP's $_POST variable get the values from the client.
Could someone explain in details or point to a guide.
The HTTP protocol(*) specifies how the browser should send the request.
HTTP basically consists of a set of headers in plain text, separated by line feeds, followed by the data being transmitted. Inside the HTTP request, POST data is actually formatted pretty much the same as GET data; it's just in a different part of the HTTP headers.
You can use tools like Firebug or Fiddler to see exactly how the headers and data are formatted for incoming and outgoing HTTP requests. It's actually all quite simple to read, so you should be able to work it out just by looking.
Once it gets to the server, the PHP interpreter is responsible for translating the raw HTTP request data into its standard $_GET, $_POST, etc variables. This is something that PHP does for you.
Other languages (eg Perl) do not have this functionality built in, so a Perl programmer would have to have code in their program to parse the incoming request data into useful variables. Fortunately, even Perl has a standard library which can be included that does the job, so even Perl programmers don't generally have to write the code themselves any more.
The way PHP, and any other language, does it is simply string manipulation. As I said, the HTTP data is plain text and is received in simple string format, so it's just a case of breaking it down by splitting it on question mark and equal sign characters.
As PHP does it all behind the scenes, you probably don't need to worry about the exact mechanisms it uses, but the PHP source code is available if you really want to find out.
I said it's all in plain text. HTTPS, of course, is encrypted. However by the time PHP gets hold of it, the Apache server has already done the decryption, so as far as PHP is concerned it's still plain text.
(*) Before anyone pulls me up on it, yes, I know that saying "HTTP protocol" is a redundancy, like "ATM machine" or "PIN number".
The browser encodes the data according to the content-type of the form, then transmits it as the body of a POST request. PHP then picks it up and populates $_POST with the names and values (performing special handling when the name includes the characters [ and ] or .).
I'd suggest to get a capturing proxy (e.g. Fiddler) or a network capture tool (e.g. Wireshark) and watch your own browsing traffic for a while; it will give you a nice view of the issue.
Other than that, POST is rather similar to GET, except that the data is sent in the body of the request instead of the URL, and there are two ways to encode them (multipart-form-data in addition to the urlencode that's shared with GET)
Well, let's ilustrate step by step, starting with a page containing a [form action="foo.php" method="post"]
Once you click submit (or hit enter), browser will trigger an event named "submit". This event can be catched internally for processing with javascript/dom, and this is what most sites do for validation or Ajax routines.
If routines does not stop the flow with a return false, browser continues to process the post request (this process is the same as making a post with XMLHttpRequest Object).
Browser will check first method, action and content encoding, then parse inputs values to know the size of data it will send, and encode it.
Finally it send something like this (raw values):
POST /foo.php HTTP/1.1
Host: example.org
Content-Type: application/x-www-form-urlencoded
Content-Length: 7
foo=bar
This is a POST request. But note that it can send content-length and send variables in chunks. Browser and server know this can happen (this is the POST method purpose). When a server receives a POST request, it keeps listening to the browser until the content received match the informed content length.
Now the other side. Server receives the request, listen the content, parse it (foo = bar; xxx = baz), and make it available on its environment for that specific request, thus you can catch it with PHP or Python, or Java...
That's it. Ah note you can pass both GET and POST variables in the same request!
Using a [form action="foo.php?someVar=123&anotherVar=TRUE" method="post"]
Will make the browser send the request as
POST /foo.php?someVar=123&anotherVar=TRUE HTTP/1.1
Host: example.org
Content-Type: application/x-www-form-urlencoded
Content-Length: 7
foo=bar
And server when parsing this request will make the following variables available:
GET[someVar] = 123
GET[anotherVar] = TRUE
POST[foo] = bar

Categories