Is This Possible With Php ? Skilled Php programmers, Guidance needed

[longtimeago 0]

Dear friends, recently i came across the basics of Php and i was thrilled by such wonderful Server-side HTML embedded scripting language. I guess for building a good dynamic website php rocks. Here i have a major query , and hope some one can help me out. In Php is the following method possible, if so can any one help me with the codes.Problem Statement : To get the value (from form text field ) from the user in one page, and when the user clicks submit, the same value is to be posted in the text field of anther page ( say a remote page to which i dont have privilege to edit the code ), and the submit button in the remote page is to be pressed ( after posting the value in the text field of the remote page ) and the post page of the remote page is to be show to the user.If you are confused with the above problem statement let me explain to you with a simple example.If i run a private who is look up search engine , and in my from when the user enters a website to find out in the whoislookup database , i wanted to get the URL which the user entered and post it into the text field of the original whoislookup page and click submit and the resut which the original whoislookup page shows, that has to be shown to the user. This is something like i am in the middle , the user enters his query to me i post it to the remote server and in turn connect the user and the remote server. Just the form text fields i wanted to get and pass to the remote page and connect the user.Can this be done using Php . Can some one help me with the codings ?? Thank you..

[sonesay 7]

I do not think what you require is possible with PHP since you do not have rights to generate any HTML on the remote servers page. Maybe with javascript? but I do not know for sure.Good Luck

[truefusion 3]

Let me see if i understand you correctly. When a user fills out a form and hits submit, you want to obtain the information they submitted and have PHP use that information to search through a database or run some kind of program on the server side to obtain whois information to be sent back to the user? If that is the case, depending on what method was use to submit the information, you would have to use either $_GET or $_POST to obtain the information. I'm not entirely sure how you would obtain the whois information, but you can try using the exec() or passthru() function.

If that is not the case, then i have misunderstood.

[Mordent 0]

Technically, this depends rather heavily on how the whois site you plan on using has been coded. On a basic level, let's assume that no JavaScript (and certainly no AJAX) is used (links included for useful reading should you want to have a look at browser-side scripting too), and that the site uses the "GET" method of finding out what URL has been entered for "whois"-ing. If this is the case, all you need to do is replace that URL with the one containing the website they submitted on your site instead. Some sites may achieve this using different methods, but essentially most use the same basic idea.

 

As an example, whois.net tells itself what site you're "whois"-ing by placing it in the URL like https://www.whois.net/whois/Xisto.com, so by using either GET or POST (whichever takes your fancy, although I suggest GET due to bookmarkability) you can use a combination of a form on your page with the clever and useful bit of PHP that is the "header()" function to redirect them to the whois page containing the information.

 

<?php	...*snip*...	/* assuming domain is stored in $whoisDomain, I'll leave this bit up to you */	header ( "location: https://www.whois.net/whois/&%2334; . $whoisDomain );	...*snip*...?>

If the whois site you're planning on using doesn't use GET (although a quick random selection of five resulted in all five using it) then it's a bit more complex, but certainly a fairly good learning exercise for PHP.

 

On a slight side note: I'm not entirely sure on people's policies with using their sites this way, but given that they tend to provide a fair amount of advertising on the results page I don't see them being too upset by you doing this. Generally it's better to ask the site owner's permission first, but few people bother these days. I doubt there would be an problem with permission, and in fact if you're lucky you might even get a bit of support from them to make the most of their site!

 

Hope all this helps!

Edited August 22, 2009 by Mordent (see edit history)

[longtimeago 0]

I searched about this in many places , still i could'nt find the right solution. my friend says there is a way for this and that is what hackers use for phishing , like they get username and password from the fake page and post it to the orginal page and click submit. Yeah thats the principle which i need for a simple work like searching the who is look up etc. May be if there are any hackers here they will be well versed with this method i guess, like getting form fields from one page and posting it to the other page and clicking submit.

[Mordent 0]

I searched about this in many places , still i could'nt find the right solution. my friend says there is a way for this and that is what hackers use for phishing , like they get username and password from the fake page and post it to the orginal page and click submit. Yeah thats the principle which i need for a simple work like searching the who is look up etc. May be if there are any hackers here they will be well versed with this method i guess, like getting form fields from one page and posting it to the other page and clicking submit.

So the suggestion I posted didn't work? If so, care to mention why not so I can perhaps help tweak the code? I can't really see any holes in it (in theory, of course, as practice often reveals a few gaping ones), and it should work pretty much exactly for what you need it for. Edited August 25, 2009 by Mordent (see edit history)

[longtimeago 0]

@ Mordent , thanks for your concern , but the thing is that i need this concept to be done for many things , just not at the places where GET or POST is used, in certain places the page after we click submit is gonna be encrypted . Thats why i explained it like how some hackers use for phishing attack, they just get the Text field user name and password and post it in the orginal page and they hit submit . That Concept , how it is done , i guess php can do that work.

[dolrich06 0]

You could try fsockopen() or file_get_contents().After the user enters the textfield and clicked submit,you could create a request to the other site using the variables enteredand use either of the two functions to get the results.Maybe im wrong.

[nooc9 0]

You have to build the appropriate request to send to the remote server. In some cases you have to first load the remote page
and get the cookies and/or hidden form elements that could have session based values and then include this information in your
own request.
If it is an ajax page you could try to analyse the communication with some browser plugin to see where it posts and what is
posted.

The cURL extension for PHP can handle encrypted connections.

Remember to read the remote sites Terms Of Service