Allow users to copy and paste code into their own website - php

I've developed a web application in PHP and MySQL. One part of the system I've been putting on hold for a while now, is allowing my users to create a simple form inside my application, and once they're done, copy and paste some code which I generate into their existing remote websites (IE: Contact Form) where this form should appear.
When visitors to their site enter their data into that "contact form" or whatever they've created, it should save the info into my application database where the users will be able to access it. It must be unobtrusive.
Is there anyone who can give me a good starting point on how to achieve this?

Im a little confused on what youre asking. Are you asking if there is a way to automatically copy the generated form to the clipboard, or how you set the form up to allow it to post data back to your own server?
If its the former, Bradley above pretty much explained it. If its the latter, then there are a couple of ways that you can go about doing it.
If you want it to submit the form without actually redirecting back to your own site, then you need to submit the form via AJAX (read XMLHttpRequest, or the $.ajax() function if youre using jQuery). The only problem here is that it violates the same origin policy since youd be submitting from a different domain. To fix this, you need to setup your webserver to allow cross domain requests so that it'll actually work.

JavaScript cannot access the clipboard to save (copy) text to memory. A general way around this is to use an invisible flash movie and place it over an input button so that 'clicking' the button triggers the flash script, which can utilize the clipboard.
I've used ZeroClipBoard in the past to do this, and I believe some of the syntax highlighting plugins out there use it as well.
http://code.google.com/p/zeroclipboard/

Related

Read the $_POST off a webpage

Is there a way that I can read the $_POST of a website that I don't own? For example I want to auto fill someone else's form for my users when they go there, so I wanted to reverse engineer their post.
Or is there a way to auto fill a form on someone else's form?
EDIT:
Some people asked what my motives are. I'm working with a group that doesn't have the right to change a website but wants more registration, and I wanted to see if I could remake the form so it was auto-filled to make registration easier.
The short answer is NO, but, you can sniff the HTTP request.
See this question: can-ones-post-request-data-be-sniffed
Basically, if it's a simple form, you don't need to read the post data, you can simply create an identical form with the same action url and set the method to post. You can auto fill this form and send it to a different site.
You could use FireBug or simply the browsers developer tools and analyze the network tab.
You should find all relevant information in the header section.
Browsers are built NOT to allow interaction between different sources, for example an iframe of site1.com inside site2.com can't communicate with JS.
Being able to read $_POST related to another site would be a security disaster. To assist the user the browsers utilize "auto-fill". That's all you get.
If it's a limited amount of peer-sites you may however contact the respective owner of the site and ask them to add support for passing arguments to their login(?) or registration(?) form, for example:
theothersite.com/register.php?email=theEmailYouKnow
By generating this link on YOUR server you get the email to popup on the other site IF implemented by the maintainer of the other site.

Contact form - PHP script hosted externally

I've got so much useful information from other people's questions to help me develop my web building skills...
However I've been asked to set up a site using MagentoGo where I do not have access to the php actions etc and the default contact form has only 4 basic fields. If I generate my own customer form I can't get it to send any fields as there is no valid PHP to link to.
Can I host this script somewhere other than the parent site /xxx/xxx or can I dictate a that the URL to go to for actions.
The only other thing I can think of is perhaps embedding a contact form via another site?
This is mainly for data capture and to help customers with queries they have regarding the product.
Although it is best practice to host your own files onto the site, if this is all on the same server (or FTP user account), I don't see why this would not work.
In the past, I've used a form action with a full reference link, ie action="http://mysite.com/parse.php". The other solution would be to use cURL to send the information to the form parsing script and return the values, similar to how Paypal does it.
Since I'm not very familiar with cURL, I suggest reading up on it in the PHP.net manual.
there shouldn't be a problem with storing a script on another server, just create an HTML form within a CMS block or page in Magento and set the action attribute in your HTML form to the URL of the PHP script, e.g:
<form method="post" action="http://anotherserver.com/script.php">
unless i've misunderstood your question? if this isn't allowed because of some permissions within Magento Go then you could try just embedding a form as an iframe.

Inline Form PHP?

I'm designing an e-commerce site where I have no access to the server-side code at all. It's an off the shelf thing. Anyway, I despise forms with labels. They're the ugliest things on the planet.
I want form values which delete onfocus and reappear onblur etc. However, due to having no access to the PHP, I can't validate the form so it won't send when "Email Address" is typed in etc.
Is there any way around this without access to the PHP?
You can also do it with CSS+Javascript
Position the Label over the textBox in JS so that if JS is disabled, the label will be somewhere else and hide it onFocus.
This way your textBox are always empty by default.
You should also do form validation in JS.
If you really have no access to the server, javascript is pretty much your only answer. You could get really clever and have a proxy or something that intercepts traffic and re-writes the webpage, but that would require access to the network of anyone who will be using this site.
The javascript solution will require the client to take some action (i.e. a greasemonkey script they have to install).
If you want form values appear on onfocus event etc. it's ONLY possible throught javascript and has nothing to do with server side code.
If you want form validation, then this MUST be done on server side (PHP) and SHOULD be done in client side (javascript), for better user experience.
And what do you mean that you don't have access to source files? How can you modify even the client side then (other than for yourself)?

AJAX Some questions

So I am very new to this concept.
So why not go headfirst :) Some things I don't understand;
What happens if js is disabled?
If using mysql databases (ie; checking forms and such) why not just use php?
To confirm what others have said, disabling Javascript will also disable the AJAX call. After all, AJAX stands for "Asynchronous Javascript and XML".
To address why you can't just use PHP, there are some things that just can't be done without it. PHP is great to load the page with the initial information, but after the page is loaded, it actually requires the page to be reloaded to load something else. AJAX allows you to get around this hassle.
For your example of form validation, AJAX can be used to validate the information while the person is filling it out. Otherwise, you are required to reload the page each time someone fills out another field in the form.
Another example is from a project that I have worked on. The form required a zip code and would load the appropriate city and county based on the inputted zip. Using strict PHP, I would need the client to download the entire zip table embedded in the HTML/JS (which would add another 100k at least to the download).
Using AJAX, I can get around this. The user can input the zip code, which triggers an AJAX call that downloads the few rows that I need (this will be less than a few hundred bytes, for comparison).
[Edit:] Also, a tip because you said that you were new to AJAX. If your dealing with some form of authentication (logging in, etc.), remember to validate the user on the AJAX pages themselves. Otherwise, tricky users will be able to access sensitive information for your database.
Ajax just adds to the user experience and allows a web application to feel more like a desktop application to users. So they can delete a record and stay on the same page without reloading, you just let the record disappear.
And remember to validate on the server-side, even if you validate on client-side. Your weakest at your client-side as someone can easily just submit the values straight to your script so ALWAYS check on the server-side and do client-side if you would like to add some nice effects etc.
But you will always need to keep in mind that there are people out there who have javascript disable be it a security policy or just because their paranoid. So when you don't have JS enabled you javascript and AJAX requests won't work. So while developing you will need to make sure that if javascript is not their to do the operation that the form is submitted just like a normal HTTP form, this will allow all those paranoid people to also use your application :D.
OR you could always just deny access to those who don't have Javascript enabled but that's not very nice ... So if you want to check if they have javascript enabled checkout - http://www.w3schools.com/TAGS/tag_noscript.asp - for a example.
AJAX is a Javascript client based technology. If js is disable it simply doesn't work.
Php is a server based technology.
In Php you write pages that are dinamically built by the server. Once built they are sent as html to the client.
Using javascript (and Ajax) you can call the server just to request some datas (hint: look at JSON) or just a little html snippet which is plugged in the current page directly by the browser without requesting a full refresh from the server.
With js and AJAX you can achieve a very rich client experience without reloading a full page every time.
I believe nothing will happen if js is disabled. You need js to grab the data.
If you want to use mysql databases, you can use js to access a php script, which can then return any data gathered from a database, rather than doing it in the page.
AJAX is a way for Javascript (client side) to access PHP/ASP/Whatever serverside language you are using. This means, that if you have an PHP script for getting some data from your MySQL database, and want to run that script when the user clicks some random button, AJAX can do that (async)m and you wont have to reload you page to execute the PHP script.
If Javascript is diabled, AJAX won't work.

Auto populate form fields on external sites from local MySQL

Howdy folks, I am wanting to build a script or something to take a single row from my MySQL database and use that data to pre-populate form fields on one of multiple sites that aren't mine. What I'd like to do is to take information a user has entered on my site and when they click a link to one of the sites in my system it loads the external site with certain pre-mapped fields populated with the info they entered. But I can't seem to get my head around a way to do this, seeing as I can't add anything to these pages. Do you guys have any suggestions?
The flow you described is not possible due to cross-site scripting constraints. This post is relevant: Browser Automation and Cross Site Scripting
The closest thing I can think of is Greasemonkey, which would force the user to download the plugin from Mozilla, plus a new userscript from your website.
Another option would be reproducing the form on your own web server, and hoping the form action doesn't perform referrer checks.
i am not very sure but you can use wget and pass xml data...i.e you can build an xml string with the data you want to send across and then do a wget to the other site...hope this helps

Categories