Page 1 of 2

http request

Posted: Tue Apr 29, 2008 1:36 am
by cybernet
i want to create a user for a program
but for that i need the script to make a http request in the background without the user seeing the address or domain

and when the user is looking at the page source in browser i don't want to see the address

is it possible :?:

thank you :drunk:

Re: http request

Posted: Tue Apr 29, 2008 4:07 am
by Kieran Huggins
short answer: You're going about this the wrong way.

long answer: you could find a way of making it really hard for people to figure out the address and what you're doing, but you should definitely think about your business req's some more.

Re: http request

Posted: Tue Apr 29, 2008 4:58 am
by cybernet
Kieran Huggins wrote:short answer: You're going about this the wrong way.

long answer: you could find a way of making it really hard for people to figure out the address and what you're doing, but you should definitely think about your business req's some more.
can you give me an advice :?: :cry:

later edit:
i want to be more precisely
i want the php to access in the background a page
with the addres

Code: Select all

http://domain.88/add_user?id=<?php " .$cfun_id. "?>&password=<? ".$password."?>

i think i write the code good 8O

Re: http request

Posted: Tue Apr 29, 2008 5:24 am
by Kieran Huggins
We'd be able to give you better advice with more info about what you're trying to do, exactly.

Case example?

Re: http request

Posted: Tue Apr 29, 2008 5:45 am
by cybernet
so
first of all i'm very hard to explicate because i don't speak english very well
i have a page
register.html

Code: Select all

<form action="register.php" method="post"> 
 
<form>
 
Type you CFun! ID:<br /> 
 
<input type="text" name="cfun_id">
 
<br>
 
Your Name: <br />
 
 
<input type="text" name="name"><br />
Choose a password please:<br />
<input type="password" name="pass_word"><br />
 
 
<input type="submit" />
 
</form>
register.php

Code: Select all

$cfun_id= $_POST['cfun_id'];
 
$name = $_POST['name'];
$pass_word = $_POST['pass_word'];
in the code of register.php is missing the http request
something like

Code: Select all

http://example.com/plugins/user_reg_del ... &username=<? " .$cfun_id."?>&password=<? ".pass_word."?>&name=<? ".name."?>
and if i mentioned this, the answer of the request has 6 answers

Code: Select all

IllegalArgumentException
UserNotFoundException
UserAlreadyExistsException
RequestNotAuthorised
UserServiceDisabled
ok

if get response like UserAlreadyExistsException on register page i want to show up
THIS USERNAME IS ALREADY REGISTERED
if get response like ok on register page i want to show up
Have Fun on cyberfun now you are registered

later edit:
and i can't make a mysql_query because the password has a hash that can't be implemented in php

Re: http request

Posted: Tue Apr 29, 2008 11:45 am
by Kieran Huggins
the second <form> tag is likely causing you some problems

Re: http request

Posted: Tue Apr 29, 2008 2:28 pm
by cybernet
Kieran Huggins wrote:the second <form> tag is likely causing you some problems
i just give an exemple
do you help me or not
or just watching at hot the cool is the font i write it ?? :dubious:

Re: http request

Posted: Wed Apr 30, 2008 11:09 am
by cybernet
guess not :cry:

Re: http request

Posted: Wed Apr 30, 2008 1:21 pm
by Kieran Huggins
:dubious:

Re: http request

Posted: Wed Apr 30, 2008 1:55 pm
by Christopher
If you want to make additional requests in the background -- use the cURL library, or for PHP4 use the Snoopy class.

Re: http request

Posted: Wed Apr 30, 2008 3:54 pm
by cybernet
Kieran Huggins wrote::dubious:
what is suppose to mean ?

Re: http request

Posted: Fri May 02, 2008 1:45 pm
by RobertGonzalez
@cybernet I think we might be having a hard time understanding your English. I apologize for this.

Can you explain again what exactly you are trying to do and why it requires a background request that your user cannot see in order to do what you want?

Re: http request

Posted: Fri May 02, 2008 2:10 pm
by cybernet
now i can do the background request with cURL from php
Everah wrote:@cybernet I think we might be having a hard time understanding your English. I apologize for this.

Can you explain again what exactly you are trying to do and why it requires a background request that your user cannot see in order to do what you want?
the reason is because it's a security breech, the url contains a password and if you have that password
anyone can add and delete users
when php access that url he (php) will get a reponse
like: ok ,userAlreadyExists, etc.


how can i make php when he will get response like UserAleardyExists
php should execute
echo " Please choose another username ";
and if get answer like ok
php should execute
echo " Now you are registered , Have Fun On CyBerFun ";

Re: http request

Posted: Fri May 02, 2008 2:13 pm
by RobertGonzalez
Password should never be sent by GET. cURL allows sending POST data rather easily so that is how I would suggest you POST information.

My bigger question is why does this need to happen in the background? Why can this not happen like all other sign up/registration pages that handle this all per page request?

Re: http request

Posted: Fri May 02, 2008 2:26 pm
by cybernet
cybernet wrote:and i can't make a mysql_query because the password has a hash that can't be implemented in php
got a better idea :|

because i don't now another solution :banghead: :banghead: :?