Submitting Form Data without Form in PHP

dfatphpb

Hello,

I'm new to PHP but have created the basic code to submit via GET or POST data to a website which can also print the returned data to the webbrowser. The problem is the webbrowser doesn't know it should now be pointing to the remote site and graphic links/css/etc aren't accessible so the page returned (printed) doesn't look good. What do I need to do to make it actually work like a normal form/button so that the browser knows to use the new host location? I have a FreeBSD server with PHP 4.4 and curl is not available.

Here's the code I came up with from various sources to try and add items to a paypal cart (however it doesn't seem to work with paypal, but when trying other sites/tests, it works execpt for the answer i've asked here):

<?php

if (!function_exists('http_build_query')) {
function http_build_query($data, $prefix='', $sep='', $key='') {
    $ret = array();
    foreach ((array)$data as $k => $v) {
        if (is_int($k) && $prefix != null) $k = urlencode($prefix . $k);
        if (!empty($key)) $k = $key.'['.urlencode($k).']';

    if (is_array($v) || is_object($v))
        array_push($ret, http_build_query($v, '', $sep, $k));
    else    array_push($ret, $k.'='.urlencode($v));
}

if (empty($sep)) $sep = ini_get('arg_separator.output');
return implode($sep, $ret);
}}

//-------------------------------------------------------------------
// Funciton used to decode the header used for processing body
//
function decode_header ( $str )
{
    // split using optional leading CR
    $part = preg_split ( "/\r?\n/", $str, -1, PREG_SPLIT_NO_EMPTY );
    $out = array ();

for ( $h = 0; $h < sizeof ( $part ); $h++ ) {
  if ( $h != 0 ) {
    // find key vs value location
    $pos = strpos ( $part[$h], ':' );
	// get key name and remove any spaces
    $k = strtolower ( str_replace ( ' ', '', substr ( $part[$h], 0, $pos ) ) );
	// get value part of data
    $v = trim ( substr ( $part[$h], ( $pos + 1 ) ) );
  }
  else {
    // setup a special status key for the status
    $k = 'status';
    $v = explode ( ' ', $part[$h] );
    $v = $v[1];
  }

  // check if this key is to set a cookie
  if ( $k == 'set-cookie' ) {
    // set a cookie key
    $out['cookies'][] = $v;
  }
  else if ( $k == 'content-type' ) {
    // determine the content type of decoding by not including the ;
    if ( ( $cs = strpos ( $v, ';' ) ) !== false ) {
      $out[$k] = substr ( $v, 0, $cs );
    }
    else {
      $out[$k] = $v;
    }
  }
  else {
    // save value for key
    $out[$k] = $v;
  }
}
// return assoicated arrary of header items
return $out;
}

//-------------------------------------------------------------------
// Funciton used to decode the body based on the encoding 
//
//  $info is the header information obtained via decode_header
//
function decode_body ( $info, $str, $eol = "\r\n" )
{
  $tmp = $str;
  $add = strlen ( $eol );
  $str = '';
  if ( isset ( $info['transfer-encoding'] ) && $info['transfer-encoding'] == 'chunked' ) {
    // handle removing the chunked heading data
    do {
      $tmp = ltrim ( $tmp );
      $pos = strpos ( $tmp, $eol );
      $len = hexdec ( substr ( $tmp, 0, $pos ) );
      if ( isset ( $info['content-encoding'] ) )
      {
        $str .= gzinflate ( substr ( $tmp, ( $pos + $add + 10 ), $len ) );
      }
      else
      {
        $str .= substr ( $tmp, ( $pos + $add ), $len );
      }

  $tmp = substr ( $tmp, ( $len + $pos + $add ) );
  $check = trim ( $tmp );
} while ( ! empty ( $check ) );
  } else if ( isset ( $info['content-encoding'] ) ) {
    // decode the data
    $str = gzinflate ( substr ( $tmp, 10 ) );
  }
  else {
    // just use orginal string
    $str = $tmp;
  }
  return $str;
} 

//-------------------------------------------------------------------
// Funciton used to split the data obtained from remote server to
// its header and body sections.
//
function parsePage(&$page, &$hdr, &$body) 
{  

    $tmp = explode("\r\n\r\n", $page, 2);  

    $hdr = $tmp[0];  

    $body = $tmp[1];  

} 

//-------------------------------------------------------------------
/* sendToHost - send data to remote host
 * ~~~~~~~~~~ * Params:
 *   $host      - Just the hostname.  No http:// or 
                  /path/to/file.html portions
 *   $port      - port to use (typically 80 or 443)				  

 *   $method    - get or post, case-insensitive
 *   $path      - The /path/to/file.html part
 *   $data      - The query string, without initial question mark
 *   $useragent - If true, 'MSIE' will be sent as 
                  the User-Agent (optional)
 *
 * Examples:
 *   sendToHost('www.google.com',,'get','/search','q=php_imlib');
 *   sendToHost('www.example.com',,'post','/some_script.cgi',
 *              'param=First+Param&second=Second+param');
 */
function sendToHost($host,$port=80,$method,$path,$data,$useragent=0)
{
    // Supply a default method of GET if the one passed was empty
    if (empty($method)) {
        $method = 'GET';
    }
	// convert method to upper case
    $method = strtoupper($method);
	// open port
	if ($port==443) {
      $fp = fsockopen("ssl://".$host, $port); 
	}
	else {
      $fp = fsockopen($host, $port);
	}
	// setup path to include variables for GET method
	if ($method == 'GET') {
        $path .= '?' . $data;
    }
	// send the http header information
    fputs($fp, "$method $path HTTP/1.1\r\n");
    fputs($fp, "Host: $host\r\n");
    fputs($fp,"Content-type: application/x-www-form-urlencoded\r\n");
	if ($method=='POST') {
      fputs($fp, "Content-length: " . strlen($data) . "\r\n");
	}
    if ($useragent) {
        fputs($fp, "User-Agent: MSIE\r\n");
    }
    fputs($fp, "Connection: close\r\n\r\n");
	// send the post variables 
    if ($method == 'POST') {
      fputs($fp, $data);
    }
    // get response from server
    while (!feof($fp)) {
      $buf .= fgets($fp,128);
    }
	// close connection
    fclose($fp);

	// separate header from body
	parsePage($buf, $hdr, $body);
	// setup array with decoded header/body
	$arr['hdrraw']=$hdr;
	$arr['hdrarr']=decode_header($hdr);
	$arr['body']=decode_body($arr['hdrarr'], $body);
	// return header and body in array
    return $arr;
}

//-------------------------------------------------------------------
// main processing
//
  $host='www.paypal.com';
  $path='/cgi-bin/webscr';
  $product=array('cmd'=>'_cart',
                 'upload'=>'1',
                 'business'=>'yourpaypalemail@yourcompany.com',
				 'currency_code'=>'USD',
				 'image'=>'https://www.paypal.com/en_US/i/btn/btn_cart_LG.gif',
                 'item_name_1'=>'Test Product',
				 'item_number_1'=>'testprod',
				 'amount_1'=>'12.95',
				 'quantity_1'=>'2');


	$pagedata=sendToHost($host, 80, 'post', $path, http_build_query($product), $useragent=0);
    header($pagedata['hdrraw']);
 	print($pagedata['body']);	
	//header("Location: https://".$host.$path)
?>

MOD EDIT: [PHP][/PHP] bbcode tags added due to large amount of code - please use these tags in the future when posting PHP code!

dfatphpb

One thing is that you can't output multiple headers using the header() function at one time. Instead use:

//----------------------------------------------------------------------
// output header using mutiple lies
//
function output_header ( $str )
{
	// split using optional leading CR
	$part = preg_split ( "/\r?\n/", $str, -1, PREG_SPLIT_NO_EMPTY );
	for ( $h = 0; $h < sizeof ( $part ); $h++ ) {
	  if ($h>0) {
		if (strpos($part[$h], "Transfer-Encoding:")===false) {
    	  header($part[$h]);
	      //printf($part[$h]."<br>");
		}
	  }
	}
}

I skipped the status trying to find out why the print of the body wouldn't work when sending headers, turned out it was the Transfer-Encoding so just skipped it.

So I take it there is no way to tell the browser to assume using another domain (Content-Location: http://www.otherdomain.com doesn't work either). If I use Location: it just transfers overs and looses the other header (if there were any set cookies it's done for my site and not the remote site).