473,412 Members | 2,306 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > reconstructing a post request and redirecting?

Join Bytes to post your question to a community of 473,412 software developers and data experts.

Reconstructing a POST request and redirecting?

I am working on a PHP 4 app that interacts with an external authorization
server. The external server does "third-party" authorization of users.
So I do the following:

1) Each of my PHP scripts has an include file (require_once) that checks to
see if the current user has recently been authorized.

2) If not, the user is "handed off" to the external server. I do this by
building the necessary URL for authorization and using refresh to perform
the redirection.

3) The external server authorizes the user by asking them to login.

4) The external server then redirects the user's browser back to a
predefined URL on my server.

I have created a MySQL database, indexed by user ID, that stores the current
URL request (to my server), the request type (GET/POST), and the GET & POST
arguments.

Before I hand the user off to the external server, I store all that
information in the database. This all works fine so far.

What I need to do now, in item 4 above, is look up the URL request info from
the database, reconstruct the GET/POST request, and redirect the user's
browser to that reconstructed destination.

All I need is some helpful code snippets to show me a clean way to
reconstruct POST requests; getting the headers right and such, and telling
the user's browser to execute/fetch that POST request. If it matters, I am
using the PEAR libraries for HTTP requests and I have no problem using
Javascript based solutions.

Does anybody have a code snippet that could save me some time here? Any
caveats or warnings?

Thanks.


Jul 24 '05 #1
2 3099
On Sun, 24 Jul 2005 17:16:15 -0400, "Robert Oschler"
<no************@nospam.com> wrote:
I am working on a PHP 4 app that interacts with an external authorization
server. The external server does "third-party" authorization of users.
So I do the following:

1) Each of my PHP scripts has an include file (require_once) that checks to
see if the current user has recently been authorized.

2) If not, the user is "handed off" to the external server. I do this by
building the necessary URL for authorization and using refresh to perform
the redirection.

3) The external server authorizes the user by asking them to login.

4) The external server then redirects the user's browser back to a
predefined URL on my server.

I have created a MySQL database, indexed by user ID, that stores the current
URL request (to my server), the request type (GET/POST), and the GET & POST
arguments.

Before I hand the user off to the external server, I store all that
information in the database. This all works fine so far.

What I need to do now, in item 4 above, is look up the URL request info from
the database, reconstruct the GET/POST request, and redirect the user's
browser to that reconstructed destination.

All I need is some helpful code snippets to show me a clean way to
reconstruct POST requests; getting the headers right and such, and telling
the user's browser to execute/fetch that POST request. If it matters, I am
using the PEAR libraries for HTTP requests and I have no problem using
Javascript based solutions.

Does anybody have a code snippet that could save me some time here? Any
caveats or warnings?


I do a similar thing for GET requests on an intranet at work, except I pass
the "return URL" to the authentication page - I've chickened out of POST
requests as it's reasonably safe to assume that nobody will be POSTing in from
an unauthenticated area into the authenticated area (at the moment anyway), and
the POST data may be too long to encode in a GET request.

You don't have that problem as you say you're storing it in a database -
that's a decent idea. Could also presumably do that in a session variable
reasonably safely as well.

If it's a GET request, then you can just reconstruct the URL and
header("Location: $absolute_url") to it. Main thing to watch out for is array
parameters (i.e. value[]=x;value[]=y or value[1]=x;value[3]=y) etc.

What sort of format are you using to store the data in the DB? Do you
basically end up with a copy of the full (possibly multi-dimensional) $_GET
array as it was before you went into the authentication section?

If it's POST then you can't redirect into it, but you can reproduce all the
form data using input type="hidden", fields and present a submit button to post
back to the correct location.

--
Andy Hassall / <an**@andyh.co.uk> / <http://www.andyh.co.uk>
<http://www.andyhsoftware.co.uk/space> Space: disk usage analysis tool
Jul 25 '05 #2

"Andy Hassall" <an**@andyh.co.uk> wrote in message
news:p5********************************@4ax.com...
On Sun, 24 Jul 2005 17:16:15 -0400, "Robert Oschler"
<no************@nospam.com> wrote:

I do a similar thing for GET requests on an intranet at work, except I pass the "return URL" to the authentication page - I've chickened out of POST
requests as it's reasonably safe to assume that nobody will be POSTing in from an unauthenticated area into the authenticated area (at the moment anyway), and the POST data may be too long to encode in a GET request.

You don't have that problem as you say you're storing it in a database -
that's a decent idea. Could also presumably do that in a session variable
reasonably safely as well.

If it's a GET request, then you can just reconstruct the URL and
header("Location: $absolute_url") to it. Main thing to watch out for is array parameters (i.e. value[]=x;value[]=y or value[1]=x;value[3]=y) etc.

What sort of format are you using to store the data in the DB? Do you
basically end up with a copy of the full (possibly multi-dimensional) $_GET array as it was before you went into the authentication section?

If it's POST then you can't redirect into it, but you can reproduce all the form data using input type="hidden", fields and present a submit button to post back to the correct location.

--
Andy Hassall / <an**@andyh.co.uk> / <http://www.andyh.co.uk>
<http://www.andyhsoftware.co.uk/space> Space: disk usage analysis tool


Andy,

You basically answered my question when you told me that you can't redirect
a POST. I'll have to modify my POST target scripts to look for a URL
argument that tells them to pull the POST data from the database instead of
the $_POST array. Not too hard.

Thanks.
Jul 26 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

10
Passing HTTP POST information to another script - How?
by: Dave Smithz | last post by:
Hi there, I have a situation where I want to have multiple submit buttons on the same form and therefore want to use a redirection php script that checks the value associated with the submit...
PHP
6
Problem using 'Post' with Integrated Windows Authentication
by: Pete Mahoney | last post by:
I am trying to 'POST' values from a form in a ASP file that has anonymous access permissions. I can retrieve the form values when I redirect to this page from another page which has also has...
ASP / Active Server Pages
4
"Reconstructing" (Calling the constructor again)
by: Jerry Krinock | last post by:
I've written the following demo to help me understand a problem I'm having in a larger program. The "main" function constructs a Foo object, and then later "reconstructs" it by calling the...
C / C++
7
[Q] Using the POST Method with HTML Anchor Tags
by: Eric | last post by:
I am certain the answer will be 'NO', but I wanted to ask anyway just incase I have missed something. Everyone knows that one pass data to a page in an anchor tag by using the GET Method: <a...
HTML / CSS
2
Post to another server
by: DJ | last post by:
Hi, I've got following problem - after clicking button on my page I have to redirect user to another website using the post method. While redirecting I have to send some values to that website...
ASP.NET
1
Redirect results in lost soap envelope. Changes method from POST to GET
by: pmasclark | last post by:
Hello, I created a web site, site A, that redirects to another web site, site B, where a simple web service is hosted. The code to call the web service is simple. oWS.AllowAutoRedirect = True...
.NET Framework
1
post request and redirect
by: joshtichauer | last post by:
Hey, Is there a way to make a javascript post request to MyPage.aspx, set a variable on MyPage.aspx, then do a javascript redirect to MyPage.aspx and still sustain the value of the variable posted...
Javascript
5
POST variables with a form
by: Gav | last post by:
I'm wanting to send POST data to a script, but without it being sent via the action of a form being posted - in other words I want to re-direct to a page but have the POST data filled in for the...
PHP
0
Problem accessing/redirecting URL protected by digest authentication
by: embeddedbob | last post by:
Hi there, I appreciate any help on the following issue. I can't seem to find any other similar topic. (CS4, ActionScript 3.0, Flash 10) I have a SWF embedded within a page that is protected by...
Flash / Actionscript
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!