php curl - sending form data to external website_问答_开发者

php curl - sending form data to external website

开发者 https://www.devze.com 2023-01-07 00:52 出处：网络

I have a login form set up on my domain (eg: www.example.com/login). When the user enters their login information, I need those details to be passed through a login form on an external website and th

相关专题：curl php

I have a login form set up on my domain (eg: www.example.com/login).

When the user enters their login information, I need those details to be passed through a login form on an external website and the user directed to the application that they are logging into.

So to add the user steps to this: 1. User enters login information on www.example.com/login 2. User is directed to and has access to application on www.external.com/application without having to re-enter login details at www.external.com/login

The problem is, I'm not sure how to go about doing this. I found some references to cURL which from what I could gather is the best approach to take.开发者_如何学C

Any help with this would be appreciated .. I'm a PHP novice! Also ... the application on the external website is ASP.NET (I'm not sure if this has any factor on getting this to work).

Thanks for your help, Mark.

Depending on how your application works, what could work is have your login form on example.com/login point to external.com/application

so your form tag would look like this:

<form action="external.com/application" method="post">

Now your external.com/application will have to be setup to accept the data from the login form. When the form is submitted the browser should direct itself to external.com/application.

This is a possible approach :

On www.example.com/login, do a classic login form which is submitted on itself
On www.example.com/login, when a $_POST is detected :
- check that the credentials are good
- if yes, store within a table in you db server an hash dedicated to this user (by hashing his id/user/etc... whatever you wish)
- redirect to www.external.com/login?hash=the_generated_hash
On www.example.com/verifyHash.php:
- create a simple php file that take a hash in $_GET and echo "true" if this hash exists in your db
on www.external.com/login
- check that a hash is passed in $_GET
- if yes, do a simple $result = file_get_contents("www.example.com/verifyHash.php?hash=$_GET["hash"]");
- if the result is true then you can assume that the user has valid credentials.

Of course, you can optimize this whole thing by passing a user id along your hash, by implementing some security when your asking remotly verifyHash, etc...