Nutshell:
1) Form page submits (POST) to self to validate required fields. (OK)
2) Form fields are validated using regex (OK)
3) All fields clear, POST page and headers to external HTTPS URL (Headers only working now)
I have an app that requires server side form validation, then the validated form data needs to be posted to an external URL to which we have no access (salesforce.com). I can get the form data to post just fine, but the page itself does not post because the form action field is (and must remain) the form/processing page, not the external salesforce.com URL. Ideally the entire page must post (along with the form POST data) as if the form's action was originally the external URL AFTER the data has been validated.
Heres my code so far - works, but the page just posts to itself after handing off POST headers to $URL.
<?
function post_it($url)
{
$saveurl = $url;
$url = preg_replace("@https://@i", "", $url);
$host = substr($url, 0, strpos($url, "/"));
$uri = strstr($url, "/");
$reqbody = "";
foreach($_POST as $key=>$val) {
if (is_array($val)) {
if (!empty($reqbody)) $reqbody .= "&";
$reqbody .= $key . "=" . $val;
}
else {if (!empty($reqbody)) $reqbody .= "&"; $reqbody .= $key . "=" . urlencode($val);}
}
$reqlength = strlen($reqbody);
$reqheader = "POST $uri HTTP/1.0\r\n".
"Host: $host\r\n" . "User-Agent: PostIt\r\n".
"Content-Type: application/x-www-form-urlencoded\r\n".
"Content-Length: $reqlength\r\n\r\n".
"$reqbody\r\n";
header("Location: $saveurl");
$socket = fsockopen("ssl://" . $host, 443, $errno, $errstr);
if (!$socket) {$result["errno"] = $errno; $result["errstr"] = $errstr; return $result;}
fputs($socket, $reqheader);
while (!feof($socket)) {$result[] = fgets($socket, 4096);}
fclose($socket);
return $result;
}
$isvalidated = 1;
$emailerror = "";
$emailclass = "basictext1";
$emailpattern = '/^[[:alnum:]_\.\-]+@([[:alnum:]_\.\-]+\.)+[[:alpha:]]{2,4}$/';
$fullnamerror = "";
$fullnameclass = "basictext1";
$fullnamepattern= '/[a-zA-Z ]{1,}/';
$phoneerror = "";
$phoneclass = "basictext1";
$phonepattern = '/[\(.]?[2-9]\d\d[\).]?[ -]?[2-9]\d\d[-.]\d{4}/';
$phone = "";
if ($_POST['process'] == 1) {
if (preg_match($emailpattern, $_POST['email']) < 1) {
$emailerror = "Please enter a valid email address.";
$emailclass = "errortext";
$isvalidated = 0;
}else{
$email = $_POST['email'];
}
if (preg_match($fullnamepattern, $_POST['name']) < 1) {
$fullnameerror = "Please enter your name.";
$fullnameclass = "errortext";
$isvalidated = 0;
}else{
$name = $_POST['name'];
}
if (preg_match($phonepattern, $_POST['phone']) < 1) {
$phoneerror = "Please enter your phone number.";
$phoneclass = "errortext";
$isvalidated = 0;
}else{
$phone = $_POST['phone'];
}
if ($isvalidated == 1) {
$url = "https://www.externalsite.com/fakeformactiontarget.php";
post_it($url);
}
}
?>
<html>
<style>
.basictext1 {
font: Arial, Helvetica, sans-serif 12px;
}
.errortext {
font: Arial, Helvetica, sans-serif 12px bold;
color:#CC0000;
}
</style>
<body>
<form action="thispage.php" method="post">
<div>
<label for="name" class="<? print $fullnameclass; ?>">Name:</label>
<input name="name" type="text" class="textbox" id="name" value="<? print $name; ?>" />
<? if ($fullnameerror != "") {
print '
<span class="errortext">'.
$fullnameerror."</span>\n";
}
?>
</div>
<div>
<label for="email" class="<? print $emailclass; ?>">E-mail Address:</label>
<input name="email" type="text" id="email" value="<? print $email; ?>" />
<? if ($emailerror != "") {
print '
<span class="errortext">'.
$emailerror."</span>\n";
}
?>
</div>
<div>
<label for="phone" class="<? print $phoneclass; ?>">Phone Number:</label>
<input name="phone" type="text" id="phone" value="<? print $phone; ?>" />
<? if ($phoneerror != "") {
print '
<span class="errortext">'.
$phoneerror."</span>\n";
}
?>
</div>
<input type="hidden" name="process" value="1">
<input type="hidden" name="oid" value="xxx">
<input type="hidden" name="retURL" value="http://www.somesite.com/wheresalesforcesendsus.php">
<input name="Submit" type="submit" value="Submit" class="buttons" />
</form>
</body>
</html>
