Page 2 of 2

Posted: Mon Nov 13, 2006 2:03 pm
by Proqrammer
I'm trying to make it happen this way:


http://www.server1.com/page1.php

Code: Select all

<?php
$MyArray = array('item1', 'item2', 'item3', 'item4', 'item5', 'item6');
?>

http://www.server2.com/page2.php

Code: Select all

include("http://www.server1.com/page1.php");
print_r($MyArray);
But when I browse http://www.server2.com/page2.php I don't see the results as I expect.

Posted: Mon Nov 13, 2006 2:07 pm
by Luke
Why don't you just POST the variables? (like everah said)

Posted: Mon Nov 13, 2006 2:09 pm
by RobertGonzalez
Proqrammer wrote:I'm trying to make it happen this way:


http://www.server1.com/page1.php

Code: Select all

<?php
$MyArray = array('item1', 'item2', 'item3', 'item4', 'item5', 'item6');
?>

http://www.server2.com/page2.php

Code: Select all

include("http://www.server1.com/page1.php");
print_r($MyArray);
But when I browse http://www.server2.com/page2.php I don't see the results as I expect.
There are a host of things that need to be set up to allow this sort of activity. None of them are preferred as this type of process is noticeably insecure.

Posted: Mon Nov 13, 2006 2:35 pm
by Proqrammer
The Ninja Space Goat wrote:Why don't you just POST the variables? (like everah said)
If I do that, it will actually be the visitors of the website who transfer data between these two servers.

I don't want them to be a part of this transformation, they may steal the data.

Posted: Mon Nov 13, 2006 2:42 pm
by Proqrammer
Everah wrote:
Proqrammer wrote:I'm trying to make it happen this way:


http://www.server1.com/page1.php

Code: Select all

<?php
$MyArray = array('item1', 'item2', 'item3', 'item4', 'item5', 'item6');
?>

http://www.server2.com/page2.php

Code: Select all

include("http://www.server1.com/page1.php");
print_r($MyArray);
But when I browse http://www.server2.com/page2.php I don't see the results as I expect.
There are a host of things that need to be set up to allow this sort of activity. None of them are preferred as this type of process is noticeably insecure.
That's true but I guess that's not a problem.
Now here are my two new questions:

1- What else should be set other than allow_url_fopen option in php.ini?

I don't have access to php.ini of a server, so I can't find the answer to my second question by myself.

2- I wanna make sure only http://www.server2.com/page2.php has access to the contents of $MyArray, so before I fill the array, I should check the identity of the referring entity. How can I know who is reffering to page1.php? Is there a function that returns the reffering page or something else that works here?

Posted: Mon Nov 13, 2006 2:43 pm
by Proqrammer
By the way, this is an awesome forum, I'm glad to be among you guys.

Posted: Mon Nov 13, 2006 3:01 pm
by RobertGonzalez
I will take #2 for $400 Alex...

You could try using $_SERVER['HTTP_REFERER'], however, not all systems return a referer header. This is totally unreliable and should not be used. That being said, there is no real way of knowing the authentic identity of the referring party without having some form of authenticated handshake between the two.

Posted: Mon Nov 13, 2006 6:38 pm
by m3mn0n
Try including the file with a GET variable right inside the include() function.

This sets up a sort of password type system, where if one was to include the file without the right GET variable/value, then it wouldn't work.

There is no way for an outside source to see this variable exchange or know the value/key combo, so this adds some security to the whole process.

eg.

Code: Select all

<?php

include ("http://www.mysite.com/highlysensitive/file.php?key=password");

?>

Posted: Mon Nov 13, 2006 6:54 pm
by Christopher
I would say the three common ways of passing data between server have been mentioned:

1. Client uses GET/POST to send data from page on one server to a page on the other server

2. Servers use something like cURL to send data from one server to the other server -- also ususally GET/POST

3. The servers share a common datasource such as a database server

Posted: Mon Nov 13, 2006 8:16 pm
by volka
You might also use something like WDDX or soap.