Member Avatar for filch

Hello, been a while since I have been here but I am working on something that has me stumped and I have not been able to solve it nor find an answer that does what I need to do.

I have a form that is usually sent to an external server (client tracking app) for processing. This external app then returns the user to a success or fail page back on the original server. Now, I am trying to add a Captcha, which needs to be verified before the data is sent to the external server. So the action of the form points to a secondary page (field validation is done using SPRY) which checks if the captcha matches and if not throws an error message and if it does, then I need to recapture the $_POST values and send them off to the external server app for processing. Once it is sent off, I want everything to go as if it came from the original form in the firat place. However, this is not the case. I have tried using Curl and straight PHP but with limited success. Using curl, I can get the connection done with success but nothing alse happens. The data is not processed, nor am I directed to the fail or success pages (remember the external server is responsible for this part). I have tried PHP and fsock_open but the output is directed back to the sending page and opens a duplicate page inside of the original page. Not what I want obviously. Here is the code for a few of my implementations:

CURL: with this code, when I submit the original form, it goes to the page with this code on it and simply sits there. If I echo out the $result is get a Resource #7 which means it is connecting because otherwise the result would be false. But the user is not redirected to the success page so I am not sure what I need to do here.

<?php
  require_once($_SERVER['DOCUMENT_ROOT'] . '/assets/includes/recaptchalib.php');
  $privatekey = "6Lec7rkSAAAAAAXp6jpt_Q7x7-IAJkQYYl9sPgm3";
  $resp = recaptcha_check_answer ($privatekey,
                                $_SERVER["REMOTE_ADDR"],
                                $_POST["recaptcha_challenge_field"],
                                $_POST["recaptcha_response_field"]);

  if (!$resp->is_valid) {
    // What happens when the CAPTCHA was entered incorrectly
    die ("The reCAPTCHA wasn't entered correctly. Go back and try it again. <br />" .
         "(reCAPTCHA said: " . $resp->error . ")");
  } else {
      unset($_POST['recaptcha_challenge_field']);
      unset($_POST['recaptcha_response_field']);
      $params = $_POST;
      foreach ( $params as $key => $value) {
    $post_items[] = $key . '=' . $value;
}
$post_string = implode ('&', $post_items);
    $curl_connection =
  curl_init('http://hbi.zuka.net/about/spit.php');
      //$url = 'https://hbi.ampeducator.com/ProspectWebForm';

      curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 30);
      curl_setopt($curl_connection, CURLOPT_USERAGENT,
    "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
      curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true);
      curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false);
      curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 1);
      curl_setopt($curl_connection, CURLOPT_POST, 1);
      curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $post_string);
      $result = curl_exec($curl_connection);
      print_r(curl_getinfo($curl_connection));
      echo curl_errno($curl_connection) . '-' .
      curl_error($curl_connection);
      //close the connection
      curl_close($curl_connection);

  } 
  ?>

PHP fsockopen: Here the page I think redirects to the external server but then a duplicate of the sending page shows up in the the same page for some reason.

<?php
  require_once($_SERVER['DOCUMENT_ROOT'] . '/assets/includes/recaptchalib.php');
  $privatekey = "6Lec7rkSAAAAAAXp6jpt_Q7x7-IAJkQYYl9sPgm3";
  $resp = recaptcha_check_answer ($privatekey,
                                $_SERVER["REMOTE_ADDR"],
                                $_POST["recaptcha_challenge_field"],
                                $_POST["recaptcha_response_field"]);

  if (!$resp->is_valid) {
    // What happens when the CAPTCHA was entered incorrectly
    die ("The reCAPTCHA wasn't entered correctly. Go back and try it again. <br />" .
         "(reCAPTCHA said: " . $resp->error . ")");
  } else {
      unset($_POST['recaptcha_challenge_field']);
      unset($_POST['recaptcha_response_field']);

       //create array of data to be posted
       $post_data['name'] = $_POST['name'];
       $post_data['email'] = $_POST['email'];
       $post_data['telephone1'] = $_POST['telephone1'];
       $post_data['telephone2'] = $_POST['telephone2'];
       $post_data['message'] = $_POST['message'];
       $post_data['heardThrough'] = $_POST['heardThrough'];
       $post_data['interestedProgram'] = $_POST['interestedProgram'];

       //traverse array and prepare data for posting (key1=value1)
       foreach ( $post_data as $key => $value) {
         $post_items[] = $key . '=' . $value;
       }

      //create the final string to be posted using implode()
      $post_string = implode ('&', $post_items);
      echo $post_string;

      //we also need to add a question mark at the beginning of the string
      $post_string = '?' . $post_string;

      //we are going to need the length of the data string
      $data_length = strlen($post_string);

      //let's open the connection
      $connection = fsockopen('hbi.ampeducator.com', 80);
      echo $connection;
      //sending the data
      fputs($connection, "POST  /ProspectWebForm  HTTP/1.1\r\n");
      fputs($connection, "Host:  hbi.ampeducator.com \r\n");
      fputs($connection, "Content-Type: application/x-www-form-urlencoded\r\n");
      fputs($connection, "Content-Length: $data_length\r\n");
      fputs($connection, "Connection: close\r\n\r\n");
      fputs($connection, $post_string);
      //closing the connection
      fclose($connection);

  } 
  ?>

So I need some help getting this functioning. So to reiterate: I need to submit a form which points to a secondary or proxy page which validates the Captcha. If the captcha is good then I need to send off the $_POST data to the external server which thenm redirects to a success or fail page back on the original server. Right now, I cannot get past the validation page.

All help is greatly appreciated.

Dave

  • 3 Contributors
  • 9 Replies
  • 230 Views
  • 6 Days Discussion Span
  • Latest Post Latest Post by diafol

Recommended Answers

All 9 Replies

Member Avatar for diafol

I'd use curl - probably. In your captcha checking page:

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.example.com/somepath");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, true);

$senddata = array(
    'secretsource' => 'form106473829',
    'data1' => $someData1,
    'data2' => $someData2
);

curl_setopt($ch, CURLOPT_POSTFIELDS, $senddata);
$output = curl_exec($ch);
curl_close($ch);

The $someData vars are from your $_POST vars. You can test the $output to decide what message to display. I'd send a form identifier (secretsource) so that the remote site knows it's a valid request/post and knows what data to return - it could simply be true/false. The secretsource is a little simple and not very secure. I'd have a little think about this if you are using this remote page to change DB records etc - especially if it's visible / not protected.

Member Avatar for LastMitch

@filch

But the user is not redirected to the success page so I am not sure what I need to do here.

In the past month you're like the 3rd person that is having problem with that.

I assume you got this from google.

https://developers.google.com/recaptcha/docs/php

Read this and try using this example:

http://www.the-art-of-web.com/php/captcha/#.UMo_BG_AeSo

or this

http://vidiame.com/php/how-to-implement-recaptcha-with-your-php-project

I learn and test with reCAPTCHA like 6 months ago. I think I will play around with it again to see why everyone is having this issue.

Member Avatar for filch

I have no problem getting the Captcha to show up. What I am looking for is help with the form handler. I would like to be able to process the test if the captcha matches in the same page and then be ab;le to set the action to point to my external server. That is what I am struggling with. That is why I was trying to use curl.

Member Avatar for diafol

Thought that's what I gave you.

PSEUDOCODE

if captcha match then
    do diafol's code above
else
    tell the guy he got it wrong
end if
Member Avatar for filch

I have no problem getting the Captcha to show up. What I am looking for is help with the form handler. I would like to be able to process the test if the captcha matches in the same page and then be ab;le to set the action to point to my external server. That is what I am struggling with. That is why I was trying to use curl.

Member Avatar for filch

You did and thank you. I already had arrived at what you suggested so I get that OK. My current problem is that when I call this page, nothing seems to happen. What I expect to happen is that the $_POST data is sent to my external server and that server, depending on is the submission as successful or not, sends the user back to either a success or fail page back on the original server. This is not happening and that is what I am trying to solve.

Sorry if I was not clear enough. Below is my current code:

extract($_POST);

        //set POST variables
        $url = 'https://external.domain.com.php/ProspectWebForm';
$fields = array(
            'name' => urlencode($name),
            'email' => urlencode($email),
            'telephone1' => urlencode($telephone1),
            'telephone2' => urlencode($telephone1),
            'message' => urlencode($message),
            'heardThrough' => urlencode($heardThrough),
            'interestedProgram' => urlencode($interestedProgram)
        );

//url-ify the data for the POST
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string, '&');
echo $fields_string;

//open connection
$ch = curl_init();

//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);

//execute post
$result = curl_exec($ch);

//close connection
curl_close($ch);

Dave

Member Avatar for diafol

OK

$result = curl_exec($ch);

This will hold the key to what should happen next. Let us assume that your 'external server' accepts post info from curl and processes it. You should make it return just a simple value - e.g. 0 or 1. So $result = 0 or 1.

if($result == 1){
    //do something
}else{
    //do something else
}
Member Avatar for filch

So you are saying that with Curl, I have to do further processing depending on what result the external server returns? The problem I have with that is that the external app is supposed to be responsible for redirecting to the success or fail page, after it is successful or unsuccessful in entering the submission into their database. It does not seem to be doing that but ideally, that is what I want to happen. I wonder if it is something to do with the way the &_POST values are formatted but when I examine the values, they look fine.

Dave

Member Avatar for diafol

So you are saying that with Curl, I have to do further processing depending on what result the external server returns?

I assume so. What's your external server sending back?
You probably don't want redirects on your ext. server, just a return value. Sorry, but it's been a while since I read over this post.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.