Thanks to @Quixrick and @Wrikken for the very helpful pointers.
It turned out that the third-party needed an addition specific "submit" field posting with the other fields. Adding that in posted data fine.
Question
I have searched through previous posts, but cannot find an example of the same issue using a similar code approach.
I am submitting data via cURL to a remote URL, before sending the user to a 'thanks' confirmation page.
When I submit the form (full code below), the remote URL fields are not populated and every form field remains empty:
<?php
// Setup empty fields
$SubmitForm_first_name = $SubmitForm_last_name = $SubmitForm_job_title = "";
$SubmitForm_first_nameError = $SubmitForm_last_nameError = $SubmitForm_job_titleError = "";
// Validate Field Entry
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$valid = true; // Redirect if valid
if (empty($_POST["SubmitForm_first_name"]))
{$valid = false; $SubmitForm_first_nameError = "First name required";}
else
{$SubmitForm_first_name = htmlspecialchars($_POST["SubmitForm_first_name"]);}
if (empty($_POST["SubmitForm_last_name"]))
{$valid = false; $SubmitForm_last_nameError = "Surname required";}
else
{$SubmitForm_last_name = htmlspecialchars($_POST["SubmitForm_last_name"]);}
if (empty($_POST["SubmitForm_job_title"]))
{$valid = false; $SubmitForm_job_titleError = "Job title required";}
else
{$SubmitForm_job_title = htmlspecialchars($_POST["SubmitForm_job_title"]);}
// Start session
session_start();
// Register
session_register('SubmitForm_first_name');
session_register('SubmitForm_last_name');
session_register('SubmitForm_job_title');
// Populate
$_SESSION['SubmitForm_first_name'] = $SubmitForm_first_name;
$_SESSION['SubmitForm_last_name'] = $SubmitForm_last_name;
$_SESSION['SubmitForm_job_title'] = $SubmitForm_job_title;
// Redirect valid form to process
if($valid)
//set POST variables
{ $url = 'http://www.example.com/submit.php';
$fields = array(
'SubmitForm[first_name]' => urlencode($SubmitForm_first_name),
'SubmitForm[last_name]' => urlencode($SubmitForm_last_name),
'SubmitForm[job_title]' => urlencode($SubmitForm_job_title)
);
//url-ify the data for the POST
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string, '&');
//open connection
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields_string);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
// redirect to thank you page
header('Location: http://www.example.com/thanks.php');
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
</head>
<body>
<div>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" name="submit_data" method="POST" id="submit_data">
<fieldset>
<legend>Your Details</legend>
<p><label for="SubmitForm_first_name">First Name</label><input type="text" id="SubmitForm_first_name" size="20" maxlength="50" value="<?php echo $SubmitForm_first_name;?>" name="SubmitForm_first_name" /><br /><span class="error"> <?php echo $SubmitForm_first_nameError;?></span></p>
<p><label for="SubmitForm_last_name">Surname</label><input type="text" id="SubmitForm_last_name" size="20" maxlength="50" value="<?php echo $SubmitForm_last_name;?>" name="SubmitForm_last_name" /><br /><span class="error"> <?php echo $SubmitForm_last_nameError;?></span></p>
<p><label for="SubmitForm_job_title">Job Title</label><input type="text" id="SubmitForm_job_title" size="30" maxlength="30" value="<?php echo $SubmitForm_job_title;?>" name="SubmitForm_job_title" /><br /><span class="error"> <?php echo $SubmitForm_job_titleError;?></span></p>
</fieldset>
<input type="submit" value="Submit" />
</form>
</div>
</body>
</html>
However, if I do a direct HTTP post (code example below), every field populates correctly:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
</head>
<body>
<div>
<form action="http://www.example.com/submit.php" name="inputData" method="POST" id="inputData">
<fieldset>
<legend>Your Details</legend>
<p><label for="SubmitForm_first_name">First Name</label><input type="text" id="SubmitForm[first_name]" size="20" maxlength="50" value="<?php echo $SubmitForm_first_name;?>" name="SubmitForm[first_name]" /><br /><span class="error"> <?php echo $SubmitForm_first_nameError;?></span></p>
<p><label for="SubmitForm_last_name">Surname</label><input type="text" id="SubmitForm[last_name]" size="20" maxlength="50" value="<?php echo $SubmitForm_last_name;?>" name="SubmitForm[last_name]" /><br /><span class="error"> <?php echo $SubmitForm_last_nameError;?></span></p>
<p><label for="SubmitForm_job_title">Job Title</label><input type="text" id="SubmitForm[job_title]" size="30" maxlength="30" value="<?php echo $SubmitForm_job_title;?>" name="SubmitForm[job_title]" /><br /><span class="error"> <?php echo $SubmitForm_job_titleError;?></span></p>
</fieldset>
<input type="submit" value="Submit" />
</form>
</div>
</body>
</html>
The third-party URL is expecting the following fields:
"SubmitForm[first_name]", "SubmitForm[last_name]" and "SubmitForm[job_title]"
Please can anybody spot why the cURL example would result in empty fields on the remote form?
Many thanks
<?php
// Setup empty fields
$SubmitForm_first_name = $SubmitForm_last_name = $SubmitForm_job_title = "";
$SubmitForm_first_nameError = $SubmitForm_last_nameError = $SubmitForm_job_titleError = "";
// Validate Field Entry
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$valid = true; // Redirect if valid
if (empty($_POST["SubmitForm_first_name"]))
{$valid = false; $SubmitForm_first_nameError = "First name required";}
else
{$SubmitForm_first_name = htmlspecialchars($_POST["SubmitForm_first_name"]);}
if (empty($_POST["SubmitForm_last_name"]))
{$valid = false; $SubmitForm_last_nameError = "Surname required";}
else
{$SubmitForm_last_name = htmlspecialchars($_POST["SubmitForm_last_name"]);}
if (empty($_POST["SubmitForm_job_title"]))
{$valid = false; $SubmitForm_job_titleError = "Job title required";}
else
{$SubmitForm_job_title = htmlspecialchars($_POST["SubmitForm_job_title"]);}
// Start session
session_start();
// Register
session_register('SubmitForm_first_name');
session_register('SubmitForm_last_name');
session_register('SubmitForm_job_title');
// Populate
$_SESSION['SubmitForm_first_name'] = $SubmitForm_first_name;
$_SESSION['SubmitForm_last_name'] = $SubmitForm_last_name;
$_SESSION['SubmitForm_job_title'] = $SubmitForm_job_title;
// Redirect valid form to process
if($valid)
//set POST variables
{ $url = 'http://www.example.com/submit.php';
$fields = array(
'SubmitForm[first_name]' => $SubmitForm_first_name,
'SubmitForm[last_name]' => $SubmitForm_last_name,
'SubmitForm[job_title]' => $SubmitForm_job_title
);
//open connection
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL, $url);
curl_setopt($ch,CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS, $fields);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
// redirect to thank you page
header('Location: http://www.example.com/thanks.php');
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
</head>
<body>
<div>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" name="submit_data" method="POST" id="submit_data">
<fieldset>
<legend>Your Details</legend>
<p><label for="SubmitForm_first_name">First Name</label><input type="text" id="SubmitForm_first_name" size="20" maxlength="50" value="<?php echo $SubmitForm_first_name;?>" name="SubmitForm_first_name" /><br /><span class="error"> <?php echo $SubmitForm_first_nameError;?></span></p>
<p><label for="SubmitForm_last_name">Surname</label><input type="text" id="SubmitForm_last_name" size="20" maxlength="50" value="<?php echo $SubmitForm_last_name;?>" name="SubmitForm_last_name" /><br /><span class="error"> <?php echo $SubmitForm_last_nameError;?></span></p>
<p><label for="SubmitForm_job_title">Job Title</label><input type="text" id="SubmitForm_job_title" size="30" maxlength="30" value="<?php echo $SubmitForm_job_title;?>" name="SubmitForm_job_title" /><br /><span class="error"> <?php echo $SubmitForm_job_titleError;?></span></p>
</fieldset>
<input type="submit" value="Submit" />
</form>
</div>
</body>
</html>
Solution 2
Thanks to @Quixrick and @Wrikken for the very helpful pointers.
It turned out that the third-party needed an addition specific "submit" field posting with the other fields. Adding that in posted data fine.
OTHER TIPS
When I ran your code, I got a notice Notice: Undefined variable: fields_string
. I doubt this has anything to do with it - the script ran just fine.
For some reason, rtrim
does not seem to be chopping off that last &
if I print out the string. This also doesn't seem to make a difference for me. Again, the script ran just fine.
rtrim($fields_string, '&');
print $fields_string;
// OUTPUTS:
// SubmitForm[first_name]=XXXXX&SubmitForm[last_name]=YYYYY&SubmitForm[job_title]=Rock+Star&
The script cURL calls just does a dump of $_POST and everything comes through just fine.
Array
(
[SubmitForm] => Array
(
[first_name] => XXXXX
[last_name] => YYYYY
[job_title] => Rock Star
)
)
So maybe try doing a dump of $_POST
on your destination script and see if you get the same thing. If not, then I suspect it's an error with cURL. Try adding in some error checking to your cURL request.
$result = curl_exec($ch);
if(curl_errno($ch)) {
print 'CURL Error: '.curl_error($ch);
}
See if that gives you an error of some sort. A common problem is to be connecting to an https
URL and it can't verify the SSL certificate.