problems with curl and asp redirect

synfield

I am trying to post the results of my php ldap script query to an asp page, using libcurl, instead of using javascript (not cross browser compliant), to automatically submit the results in a form back to my logon page to confirm authentication, and then redirect to secure page.

i.e.

//ldap results get placed into form vars
.......
etc.
//Close Connection
ldap_close($connect_id);

//Echo Results
if($result_list)
{
echo "<FORM NAME=\"Temp\" METHOD=\"POST\" ACTION=\"logon.asp\">";
echo "<INPUT Type=hidden name=\"result\" value=\"$result_list\">";
echo "<INPUT Type=hidden name=\"Pagename\" value=\"$Pagename\">";
echo "<INPUT Type=hidden name=\"User\" value=\"$Username\">";
echo "<INPUT Type=hidden name=\"Type\" value=\"$employeetype\">";
echo "<INPUT Type=hidden name=\"Name\" value=\"$cn\">";
echo "<INPUT Type=hidden name=\"Password\" value=\"$Password\">";
echo "</FORM>";
?>
<SCRIPT LANGUAGE=javascript runat=server>
<!--
document.Temp.submit()
</SCRIPT>
<?php
}
?>

Now have replaced javascript with curl

//ldap results get placed into form vars
.......
etc.

//Close Connection
ldap_close($connect_id);

//Echo Results
if($result_list)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$SERVER["HTTP_HOST"].dirname($SERVER["SCRIPT_NAME"]).'/logon.asp');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "result=".urlencode($result_list)
."&Type=".urlencode($employeetype)."&User=".urlencode($Username)
."&Name=".urlencode($cn)."&Password=".urlencode($Password)."&Pagename=".urlencode($Pagename));
curl_exec ($ch);
curl_close ($ch);
}

?>

Here is an excerpt of my logon.asp page

========================================
<%If len(Request.Form("Result")) <> 0 then
Session("Security") = true
Session("Department") = trim(Request.form("result"))
Session("User") = trim(Request.form("User"))
Session("Password") = trim(Request.form("Password"))
Session("Type") = trim(Request.form("Type"))
Session("Name") = trim(Request.form("Name"))
'Server.Transfer "/url_to_my_secure_script.asp"
response.redirect "/url_to_my_secure_script.asp"
end if

%>

The curl script works fine but when the redirect is executed I get a

Object Moved
This object may be found here

if i click on here i get "url_to_my_secure_script.asp" page but all the all session vars are lost.

If I use server.transfer "/url_to_my_secure_script.asp" then this works, however my session vars are lost if I do a form resubmit on the "url_to_my_secure_script.asp" page, which didn't happen on my old script.

Can anyone explain how I can avoid the "object moved" problem, or explain why this happens.

Is there a better solution?

Regards

Synfield

Weedpacket

Dunno if the session vars will persist (among the ASP pages) but setting the CURLOPT_FOLLOWLOCATION option should get it to accept and follow the redirect.

synfield

Thanks weedpacket, that did help and works well if posting to a php script then setting session vars and doing a header location to an authenticated script, because the php sessions are maintained.

However. as you predicted. in asp the session vars don't persist when doing a response.redirect after setting session vars from the posted vars via php curl script.