Hi
I am designing a registration program that is attempting to to the following. It all needs to happen inline from the same PHP file.
- Register a user into a "user" database
- Submit a form to a .cgi of a third party product using its API. This .cgi makes changes to a "product" database
- Access the new details in the "product" database and copy certain values back to the "user" database.
My problem is that I have designed a simple page that will automatically submit the form to the .cgi and it works when called directly. However, I want to execute this file from within my main PHP file and ensure that it has finished executing before continuing with the registration.
I have attempted to use lynx to execute the file however I need to pass values to the file and lynx seems to choke on the query string which appears like this
http://www.mainstreet.au.com/test/test.php3?username=testing&password=tesst&sitename=testing&email=test@test.com.au"a=4096
The important part of the main file is included below
if (!mysql_select_db($user, $db)) {
fncend("Error selecting database '$user':<BR><BR>" .
mysql_errno() . ": " . mysql_error() . "<BR>");
}
$result = mysql_query("SELECT uname FROM user WHERE uname = '$username'");
if (!mysql_fetch_array($result)) {
// first time -> the user should be added
//generate password
$password = password(7);
//run new script to add to product
$commandline = "lynx http://www.mainstreet.au.com/temp/test.php3?username=$username&password=$password&sitename=$sitename&email=$email"a=$quota";
// strip out possible nasty stuff and run
$commandline = chop(str_replace('\(','(',str_replace('\)',')',str_replace('\*','*',escapeshellcmd($commandline).' '))));
//$commandline = escapeshellcmd($commandline);
//echo $commandline;
Exec($commandline) or fncend("Error adding user '$username' to '$product' database.");
//query product for password, created, url etc
$sql="SELECT url, pword, created FROM user WHERE uname='$username'";
//echo $sql;
$query2 = mysql_query($sql); etc...
