This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
From: "Ian Wilkinson" <ian@4site.co.uk>
Subject: Pretending to be a <form>
Newsgroups: comp.infosystems.www.authoring.cgi
Date: 28 Jan 2000 01:29:13 -0800
Hi, I'll try to be brief :)
Apologies if this topic has already been dealt with recently - I have only
been lurking for a couple of days (but long enough to be wary of trolls
bearing 'gifts').
This is what I'm trying to do - all within one Perl script.
1 accept input from an HTML form # order form
2 process and store the form data # updates order database
3 POST the form data onto another
third party script via SSL # which then accepts CC details
[This third party script is outwith my control and will NOT accept GETs]
1 and 2 present me with no problems but for 3, I want to avoid using hidden
fields in *another* HTHL form in order to POST the data to the third party
script - I want my script to process the data and pass it along the chain,
all in one smooth operation. My intention here is to present the user with
only one submit button, rather than two.
I have looked into redirection with 'print "Location: URL\n\n"', etc but
can't quite figure out how to incorporate the query string as POSTed data -
is it just a matter of outputting the appropriate Header information please?
If so, what?
I probably misunderstand server redirection completely, because I have been
trying to do something like this from 'nph-script1.cgi':
print "Content-type: text/plain" , "\n";
print "Status: 301 Moved Permanently" , "\n\n";
print "POST: /cgi-bin/script2.cgi HTTP/1.0" , "\n";
print "Content-type: application/x-www-form-urlencoded" , "\n";
print "Content-length: 66" , "\n\n";
print "user=billygoat&appearance=gruff&poster=troll&disappearance=welcome";
All helpful suggestions gratefully accepted!
===
From: mbudash@wcws.com (Michael Budash)
Subject: Re: Pretending to be a <form>
Newsgroups: comp.infosystems.www.authoring.cgi
Date: 28 Jan 2000 08:24:06 -0800
"Ian Wilkinson" <ian@4site.co.uk> wrote:
: Hi, I'll try to be brief :)
:
: Apologies if this topic has already been dealt with recently - I have only
: been lurking for a couple of days (but long enough to be wary of trolls
: bearing 'gifts').
:
: This is what I'm trying to do - all within one Perl script.
:
: 1 accept input from an HTML form # order form
: 2 process and store the form data # updates order database
: 3 POST the form data onto another
: third party script via SSL # which then accepts CC details
:
: [This third party script is outwith my control and will NOT accept GETs]
:
: 1 and 2 present me with no problems but for 3, I want to avoid using hidden
: fields in *another* HTHL form in order to POST the data to the third party
: script - I want my script to process the data and pass it along the chain,
: all in one smooth operation. My intention here is to present the user with
: only one submit button, rather than two.
:
: I have looked into redirection with 'print "Location: URL\n\n"', etc but
: can't quite figure out how to incorporate the query string as POSTed data -
: is it just a matter of outputting the appropriate Header information please?
: If so, what?
:
: I probably misunderstand server redirection completely, because I have been
: trying to do something like this from 'nph-script1.cgi':
:
: print "Content-type: text/plain" , "\n";
: print "Status: 301 Moved Permanently" , "\n\n";
: print "POST: /cgi-bin/script2.cgi HTTP/1.0" , "\n";
: print "Content-type: application/x-www-form-urlencoded" , "\n";
: print "Content-length: 66" , "\n\n";
: print "user=billygoat&appearance=gruff&poster=troll&disappearance=welcome";
:
: All helpful suggestions gratefully accepted!
you can use LWP to do an SSL POST as long as the proper modules are
installed. so you have control of the server? i.e., can you install
modules if needed?
===
From: Purl Gurl <no-email@purlgurl.net>
Subject: Re: Pretending to be a <form>
Newsgroups: comp.infosystems.www.authoring.cgi
Date: 28 Jan 2000 11:21:16 -0800
Ian Wilkinson wrote:
: Hi, I'll try to be brief :)
As I will be despite your walking in and
instantly leveling a personal insult
at me. This is socially unacceptable
and indicative of a hateful person.
: print "Content-type: text/plain" , "\n";
: print "Status: 301 Moved Permanently" , "\n\n";
: print "POST: /cgi-bin/script2.cgi HTTP/1.0" , "\n";
: print "Content-type: application/x-www-form-urlencoded" , "\n";
: print "Content-length: 66" , "\n\n";
: print "user=billygoat&appearance=gruff&poster=troll&disappearance=welcome";
Your code has problems. Two serious errors and
quite a bit of efficiency problems.
print "Content-type: text/plain\n\n";
print "Status: 301 Moved Permanently\n
POST: /cgi-bin/script2.cgi HTTP/1.0\n
Content-type: application/x-www-form-urlencoded\n\n
Content-length: 66\n\n
user=billygoat&appearance=gruff&poster=troll&disappearance=welcome\n";
Only reason for keeping this initial print content type
on a line of its own is to make it visually easier
to see for error checking. It is such a critical
inclusion it is a good practice to make it 'jump out'
at you as a reminder you haven't forgotten to include it.
I would question your format in your line beginning with POST
as I would question your content length variable format. Look
into technical details on these formats. You may find something
of value for what you are trying to do, perhaps a better way:
http://server.cs.panam.edu/~meng/unix-home/tmpdir/
HTTP 1.0 is ok in almost all cases, but not all cases.
Might want to play with HTTP 1.1 and see if this helps.
You will discover a better approach and a more effective
approach to this by visiting this page and learning. If you
put out sincere effort to truly learn, you will find a more
effective answer which allows greater control with ease:
http://www.apache.org/docs/mod/core.html#errordocument
Too bad. I have such a nice gift horse for people.
However, your use of immediate personal insults
indicates you are more of a horse crap kinda boy.
Purl Gurl
"Say Troas, maybe we should have Helen look in this gift horse's mouth."
===
From: "Ian Wilkinson" <ian@4site.co.uk>
Subject: Re: Pretending to be a <form>
Newsgroups: comp.infosystems.www.authoring.cgi
Date: 28 Jan 2000 11:47:05 -0800
On 28 Jan 2000, Michael Budash wrote:
: you can use LWP to do an SSL POST as long as the proper modules are
: installed. so you have control of the server? i.e., can you install
^ - d?
: modules if needed?
I'll get back to you on that after checking with my ISP, but thanks for the
clue! I develop offline under Win98/Xitami web server and ActivePerl 522,
so I'll need to spend a few weeks (months?) teaching myself about modules
before asking any more naive question here. Thanks again...
===
From: Uri Guttman <uri@sysarch.com>
Subject: Re: Pretending to be a <form>
Newsgroups: comp.infosystems.www.authoring.cgi
Date: 28 Jan 2000 12:00:42 -0800
:>>>> "PG" == Purl Gurl <no-email@purlgurl.net> writes:
PG> As I will be despite your walking in and
PG> instantly leveling a personal insult
PG> at me. This is socially unacceptable
PG> and indicative of a hateful person.
such as you are.
PG> Your code has problems. Two serious errors and
PG> quite a bit of efficiency problems.
efficiency issues? purlmoron can't even program her way out of a closet
and is worrying about minor efficiency issues.
PG> print "Content-type: text/plain\n\n";
PG> print "Status: 301 Moved Permanently\n
PG> POST: /cgi-bin/script2.cgi HTTP/1.0\n
PG> Content-type: application/x-www-form-urlencoded\n\n
PG> Content-length: 66\n\n
PG> user=billygoat&appearance=gruff&poster=troll&disappearance=welcome\n";
hmm. wonder if she realizes that there are embedded newlines in that
text as well and multiple \n in the wrong places. so it will look like
this when executed:
Content-type: text/plain
Status: 301 Moved Permanently
POST: /cgi-bin/script2.cgi HTTP/1.0
Content-type: application/x-www-form-urlencoded
Content-length: 66
doesn't look like nice header stuff to me. wonder where she will upload
and test that load of crap.
PG> Too bad. I have such a nice gift horse for people.
PG> However, your use of immediate personal insults
PG> indicates you are more of a horse crap kinda boy.
and your rectum occupied by your cranium.
===
From: "Alan J. Flavell" <flavell@mail.cern.ch>
Subject: Re: Pretending to be a <form>
Newsgroups: comp.infosystems.www.authoring.cgi
Date: 28 Jan 2000 12:42:17 -0800
On 28 Jan 2000, Ian Wilkinson wrote:
: This is what I'm trying to do - all within one Perl script.
:
: 1 accept input from an HTML form # order form
: 2 process and store the form data # updates order database
: 3 POST the form data onto another
: third party script via SSL # which then accepts CC details
Many of the questions about posting to another server are most
expeditiously addressed by "proxying" the request in the first server,
using the server's own native features (mod_rewrite's proxying option
in Apache, for example) - but unfortunately this doesn't seem to be
such a case.
: print "Content-type: text/plain" , "\n";
: print "Status: 301 Moved Permanently" , "\n\n";
: print "POST: /cgi-bin/script2.cgi HTTP/1.0" , "\n";
: print "Content-type: application/x-www-form-urlencoded" , "\n";
: print "Content-length: 66" , "\n\n";
: print "user=billygoat&appearance=gruff&poster=troll&disappearance=welcome";
I'm afraid this plan is misconceived. You can't return a new
transaction ("POST") as an HTTP response, if that's what you were
trying to achieve. A status 30x response needs a Location: header to
tell it where to go, anyhow; but issuing any kind of redirection in
response to a POST is problematical, and even if you could get around
the problems with that, it doesn't seem to be heading towards what you
wanted to do.
I don't mean to be rude, but what are you using as your CGI tutorial?
This seems so far from being something that would have come out of a
working recipe that I can't help worrying how you came by it. This
might be a good moment to mention the WebTechniques articles as a good
source. http://www.stonehenge.com/merlyn/WebTechniques/
If you really do need to do what you specified, then I'd say you
are going to have to get right down to it in the first server, and
create your POST transaction behind the scenes - in Perl you'd
naturally do this with LWP (lan-www-perl).
http://www.stonehenge.com/merlyn/WebTechniques/col38.html looks
to be just what you're looking for, no?
But I have to tell you frankly that if I knew this was going on behind
the scenes, I would not be inclined to trust my CC details to it.
have fun (but not with my CC, please!)
===