Beefy Boxes and Bandwidth Generously Provided by pair Networks
Come for the quick hacks, stay for the epiphanies.
 
PerlMonks  

Send user to a different server

by Michalis (Pilgrim)
on Jul 27, 2004 at 12:20 UTC ( [id://377708]=perlquestion: print w/replies, xml ) Need Help??

Michalis has asked for the wisdom of the Perl Monks concerning the following question:

Hi all,
I have an application that takes some data from the user via a html POST form.
Depending on the contents, the data should be processed and then the user should be presented a new page (again, a POST form with some more data), or a different form on a different (secure) server should be submitted with the data from the first form, and the user should be able to continue using the site on the secure server.

I have no problem doing the first, or even doing the second for a GET form, but I cannot do it on a POST form.
I tried to create a LWP::UserAgent and then do a request on that, to a POST form, but I get the output of the form on the non-secure server, which is definitely NOT what I want.

Any good ideas anyone?
Sorry for my bad english, and thanks in advance
-- Michalis

Replies are listed 'Best First'.
Re: Send user to a different server
by davorg (Chancellor) on Jul 27, 2004 at 12:31 UTC

    I think we'll need to see some of your code.

    --
    <http://www.dave.org.uk>

    "The first rule of Perl club is you do not talk about Perl club."
    -- Chip Salzenberg

      Gladly, but what part. Here is the thing I tried:
      if (param('paymethod') == 1) { my $ua = LWP::UserAgent->new(agent => 'InterZone client'); $ua->redirect(1); my $resp = $ua->request( POST 'https://secure.server.gr/cgi-bin/mepayment.sc', Content_Type => 'application/x-www-form-urlencoded', Content => [ 'paymethod' => param('paymethod'), 'tr_id' => param('tr_id'), 'price' => param('price'), 'totalseats' => param('totalseats'), 'agree' => param('agree'), 'double' => param('double') ]); if (!$resp->is_success) { errorandout($Message[27], $lang."/out.html"); mail_inform('adm','site','Error',"Error".self_url(-full=>1,-query=>0 +)."\n"); exit; } else { That's what I'm looking for } }
      -- Michalis
Re: Send user to a different server
by wfsp (Abbot) on Jul 27, 2004 at 16:00 UTC
    Use the secure server to collect sensitive information, e.g. credit card details.

    This is how Worldpay operates. Your form submits fields to a script on there server which, after processing the cc details, calls a callback script on your server with all the fields on the original form passed back.

    If the secure server doesn't always need to be called/used this could be handled by jscript in the original form.

    There are other ways to do this but the first point above is, I believe, the key.

      Well, obviously I want to send the user to the secure web server in order to collect sensitive information (e.g. credit card details). The problem is not "when to use secure server", it's rather "how to redirect to a secure server with a simultaneous form post".
      Thanks though for the answer
      -- Michalis
Re: Send user to a different server
by dfaure (Chaplain) on Jul 28, 2004 at 09:55 UTC

    You may need to reference explicitely the extra modules required to handle https encryption (aka: Net::SSL,...).

    Anyway, Google gave me this sample, which could help you.

    ____
    HTH, Dominique
    My two favorites:
    If the only tool you have is a hammer, you will see every problem as a nail. --Abraham Maslow
    Bien faire, et le faire savoir...

      I have no problem doing the POST, the problem is, as someone else correctly said, that the data is sent back to me and I present it (and collect new data) through the NON-secure server, which is a problem.
      Thanks for the help though.
      -- Michalis

        AFAI Understand your pb, I may schematize it like:

        +----------------+ | Client Browser | +----------------+ |^ ^ |^ || / || [A] || / || [C*] || / || v| /(B2) v| +----------+ +-----------+ | HTTP Svr | | HTTPS Svr | +----------+ +-----------+ (B1) \ ^ (C1) v _ / / \ |\_/| | | \_/

        Where:

        • A: POST/OK action(request)/responses(status) exchanges required to validate form datas.
        • B: (1) storage of form datas and (2) HTTP 30(2|3) response reply when data are validated to redirect client to secured server (without forgetting passing a kind of index to stored datas).
        • C: GET/POST/OK action(request)/responses(status) exchanges around secure datas. GET (required, see below) would retrieve previously stored datas.

        You may report to this (Redirection of a POST transaction to another URL as POST) for more details about requirements.

        Caution: I've not tested this stuff, but you could merely post your perl solution to CUFP ;)

        ____
        HTH, Dominique
        My two favorites:
        If the only tool you have is a hammer, you will see every problem as a nail. --Abraham Maslow
        Bien faire, et le faire savoir...

Re: Send user to a different server
by Jaap (Curate) on Jul 27, 2004 at 13:59 UTC
    Well you can print a Location header to the client, and put the variables you get from the POST into the URL as a GET method.

    Example:
    ... my $cgi = new CGI; my $param_value_from_post = $cgi->param('foo'); print "Location: https://secureserver.com/script.pl?foo=$param_value_f +rom_post\n\n";
    This is insecure but the POSTed data has (probably) already been sent over the internet unencrypted.
      Well, that's exactly what I'm trying to avoid.
      As I said in the first message, I know how to do a GET request, a POST is the one that troubles me.
      -- Michalis
        It's easy to do a post, but then the data is sent back to you from the secure server to the insecure server. Do you then want to send it to the client?

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://377708]
Approved by Corion
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others imbibing at the Monastery: (6)
As of 2024-04-23 08:29 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found