curl-and-php
Re: Posting with an automatic hidden post
Date: Tue, 03 Feb 2009 23:23:54 -0800
think about when a human does this. He goes to the URL and the key is
generated for him and he never knows about it. He just fills in the
visible part of the form and press submit. Presumably the data is
posted back to the same URL that made the form? The script processing
for that URL has to be able to detect whether data are being posted or
not. If data are being posted it is going to process them (presumably
what you want) and maybe return a new form or maybe not but you dont
care because you already got it to process your data. If you are doing
an automatic script you don't need to output anything, just figure out
what you want to post back and post it along with the scraped key. If
you are creating something for a human you need to make a proxy form
with the data fields you want him to type but no key. Then he submits
that to your script and in your processing you forward it all with the
scraped key back to the third party site. You may or may not be
successful depends on how the key is checked on their end. I know this
works because I wrote hacks for linkpoint gateway by scraping javascript
keys out of an outer frame and using them.
Andrey Kuznetsov wrote:
> I too wouldn't mind an answer for this.
> Daniel Stenberg I believe you didn't understand what he was trying to say.
>
> The situation is, every new page, there is a new key.
> The way to get that key, is to use curl to go to that url, execute the
> handle to get the output data, scrape the key, then here is the
> problem, how do you submit POST command using postfield( to submit the
> key+data) to that same url without executing a new handle because you
> already executed the last handle. Therefor in order to submit a post,
> the page has to be reloaded using a new\same handle, so the page will
> be refreshed.
>
> I don't think curl can load the page, output it to a variable and then
> POST all using 1 execute command. Because you set the output variable
> when you execute, not before.
>
> 2009/2/3 Colleen R. Dick <platypus_at_proaxis.com>:
>
>> I am not sure what you are really trying to accomplish but it sounds like
>> you are scraping a key out of a 3rd party site. If all you want to do is
>> automatically post to the site then you would just post the key that it
>> generated for you, along with whatever data you want. You don't have to
>> return the result, it will all happen on the backend, server to server. if
>> the objective is to make that third party site do something. However that
>> key might be based on the session or hostname or something and it might be
>> put there precisely to deter automatic posting. It depends on what the
>> processing checks with the key. If you can explain a little better what
>> your goal is for this exercise and post your code maybe I can help more.
>> Pierre Danjou wrote:
>>
>>> Hi there,
>>>
>>> I guess this question has been asked many times on the internet, but I am
>>> looking for more than 2 weeks on the net and nothing!!!
>>>
>>> I want to post using curl and php.
>>> In the form, a hidden field is automatically and randomly generated.
>>> I easely load the form page, get the hidden key with a "reg expression" or
>>> "explode".
>>>
>>> Once I get this hidden key. How the hell can I post it without reloading
>>> the page. Indeed, if I post using CURL, it will reload the page and then the
>>> "hidden field" will change.
>>>
>>> I am looking for the answer for 2 weeks now. And it look that Curl is not
>>> able to do so.. Is it?
>>>
>>> Thanks for your help,
>>>
>>> Pierre
>>> ------------------------------------------------------------------------
>>>
>>> _______________________________________________
>>> http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
>>>
>>>
>> _______________________________________________
>> http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
>>
>>
>>
> _______________________________________________
> http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
>
>
>
_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
- text/x-vcard attachment: platypus.vcf