Redirect with an HTTP Post instead of a simple link, using PHP_问答_开发者

Redirect with an HTTP Post instead of a simple link, using PHP

开发者 https://www.devze.com 2023-02-25 09:35 出处：网络

I have one website, of a magazine publisher, and this site has a standard hyperlink to another site that hosts the elec开发者_开发问答tronic version of the magazine. The emagazine hosting site has it's owm, per publication, authentication scheme, per user per mag. In order to avoid magazine subscribers having to sign on to both sites, the parties have agreed on a kind of handshaking.

When redirecting to the magazine host site, I must post a small HTML form with a few values. My first obstacle is that the magazine publisher site is CMS driven, so I can't really just surround one button with inputs and disguise it as a POST redirect.

My cleanest solution so far to create a new, non public, little PHP that the originals magazine site will link to. This PHP will render a small HTML form that will immediately post instelf to the magazine hosting site, so when the magazine reader arrives as the magazine hosting site he is already auththenticate

This probably needs to be done on the server side using cURL (or file_get_contents with a $context parameter) or on the client side using a $.post. I don't think you're going to convince most browsers to submit a POST request just because a server header told it to - it'd be awful for security. (For example: Amazon could simply tell your browser to click the "Buy It Now" button if you were on the page of a $10,000 TV.)

PHP example

<?php
$opts = array(
  'http'=>array(
    'method'=>"POST"
    )
  );

$context = stream_context_create($opts);

$response = file_get_contents("<your url>", 0, $context);

JS Example

params = { 'test1': 'value' };

$.post('<your url>', params, function(response)
{
    // handle response
});

You can do this with a header redirect on the page but it won't be the same as a form submission, so the page its posting to will need to be able to accept GET style form submissions, but you should be able to do this with code like the following:

<?php
$val1 = mysql_escape_string($_POST["val1"]);
$val2 = mysql_escape_string($_POST["val2"]);

//Authenticate Locally here and then...

$val1 = urlencode($val1);
$val2 = urlencode($val2);
header("Location: http://www.emagazine.com/forminput.php?val1=$val1&val2=$val2");

Keep in mind if you print anything to the browser, the php header redirect will fail, this needs to be the first thing to hit the browser.