Solved

submit form to a remote server

Posted on 2014-11-03
13
197 Views
Last Modified: 2014-12-22
Hi,

I have an html form:

http://www.site.com/us/events/techday2014/overview.html

that submits to a remote server php script.

http://www.site2.com/techday2014/toolbox.php

Some users complained that it takes forever for the form to process.  Looked into the log file, I got this kind of error, 302.  Is it cross-domain error?  How do I solve this?

Thank you very much.

Log file
199.106.103.54 - - [03/Nov/2014:13:31:54 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
199.106.103.58 - - [03/Nov/2014:13:44:01 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
199.106.103.52 - - [03/Nov/2014:15:05:09 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
207.140.43.21 - - [03/Nov/2014:15:52:10 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
199.106.103.58 - - [03/Nov/2014:15:53:59 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36"
207.140.43.22 - - [03/Nov/2014:16:00:37 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:08:20 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:09:57 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:11:23 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:13:18 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:14:34 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:19:14 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:24:08 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:32:52 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:34:55 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:38:28 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:40:27 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:41:41 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:42:36 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:50:43 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"

Open in new window

0
Comment
Question by:levbao
  • 4
  • 3
  • 3
13 Comments
 
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
0
 

Author Comment

by:levbao
Comment Utility
Hi Ray,

Thank you for your response.  Could it be a cross-domain issue on some browsers when I submit the form to a remote server?  People from the same company could submit the form and I got the record in the database, however some people could not submit the form.

Regards,
Bao
0
 
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
Without seeing the code in the action script, to see how it treats forms from foreign servers, we can't be sure.  But Cross-site request forgeries are one of the things that developers defend against.  Sometimes the defense is to sleep() for a while in order to reduce the effects of a DoS attack.  It may also be setting a cookie, and if the cookie is not returned, it may be altering its behavior.  Cookies are only settable for the domain in question; a cookie set by an action script will only be usable with the domain name of the action script.

What's the design strategy behind the current setup?  Any reason why you can't have the form and action script in the same domain?
0
 

Author Comment

by:levbao
Comment Utility
Hi Ray,

This form has been there for a while and I am taking over.  My understanding for the current setup is that the server that host the html form doesn't support php (it's controlled by our client) so we submit it to a remote server that supports php.

It's just a very simple form, after validating the form, document.my_form.submit();

<form name="my_form" action="http://www.site2.com/techday2014/toolbox.php" method="post">
<input type="hidden" name="app_data" value="1" />
<input type="hidden" name="LOC" id="LOC" />
.....
</form>

Open in new window


toolbox.php
#################################################################
<?php
session_start(); ob_start();
$SERVER = '...';
$USER = '...';
$PASSWORD = '...';
$DATABASE = '...';

function redirect($url, $type=301)
{
	if ($type == 301)
	{
		header("HTTP/1.1 301 Moved Permanently");
		header("Location: ".$url);
		echo 'This page has moved to <a href="'.$url.'">'.$url.'</a>';
		exit();
	}
}
$con = mysqli_connect($SERVER,$USER,$PASSWORD,$DATABASE);
if (!$con){die('Could not connect: '.mysqli_connect_error());}

function enterApplicant(){
        global $con, $_REQUEST;

        $breakout_sessions = 'N/A';
        $tshirt_size = 'N/A';
        
        if(!empty($_REQUEST['BREAKOUT_SESSIONS'])) {
            $breakout_sessions = implode(",", $_REQUEST['BREAKOUT_SESSIONS']);
        }
        if(strlen(trim($_REQUEST['TSHIRT_SIZE']))!=0) {
            $tshirt_size = $_REQUEST['TSHIRT_SIZE'];
        }
        $title = ($_REQUEST['TITLE']!='Other')? $_REQUEST['TITLE'] : $_REQUEST['TITLE_OTHER'];
        
	$QUERY = "INSERT INTO Applicants ";
	$QUERY .= "(first,last,title,department,email,breakout_sessions,code,tshirt_size) ";
	$QUERY .= "VALUES ";
	$QUERY .= "('".$_REQUEST['FIRST']."','".$_REQUEST['LAST']."','".$title."','".$_REQUEST['DEPARTMENT']."','".$_REQUEST['EMAIL']."','".$breakout_sessions."','".confirmation_code()."','".$tshirt_size."')";
	
	$Red = substr($_REQUEST['LOC'],0,-13).'thank-you.html'; 	//FOR PROD
	
	$q = mysqli_query($con, $QUERY);
	if ($q){

		mail('admin@site.com','noreply@site.com','Tech Day Registration',adminEmail()); 
		mail($_REQUEST['EMAIL'],'noreply@site.com','Tech Day Participant',ApplicantEmail());
		header('Location: ' . $Red);
	}
}
if (isset($_REQUEST['app_data'])){enterApplicant();}

Open in new window

###################################################################

Regards,
Bao

Ed. note: Code moved into Code snippet
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
This "header('Location: ' . $Red);" is the line that causes the 302 and it's done on purpose to send the user to another page.  It's not an error.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
I see the 301 redirects, but no 302 redirects in this code.  How are  you sure that this is the code that is getting executed?
0
 

Author Comment

by:levbao
Comment Utility
Hi Ray, yes, I am sure this code gets executed because I got it from <form action="http://www.site2.com/techday2014/toolbox.php">

Dave, after it inserts into db, it redirects user to thank-you.html which is back to the server that host the form.  

Like I said, not all users experience the same issue that they could not submit the form, it just takes forever.  So what could take the form forever to process for some users?

My initial thought was this could be a client side issue like different browsers behave differently when redirects to a remote server (like Dave said "header('Location: ' . $Red);" is the line that causes the 302).

Regards,
Bao
0
 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 500 total points
Comment Utility
The "header('Location: ' . $Red);" is what causes the 302.  That's what it is supposed to do.  More info here:

http://php.net/manual/en/function.header.php

http://en.wikipedia.org/wiki/HTTP_302
0
 

Author Comment

by:levbao
Comment Utility
Thanks Dave.  I am wondering if the line "header('Location: ' . $Red);" causes the issue, I should at least see the record in the database.  But for those users complained about the form, I don't see their records in the database.
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
The 'header' only causes the 302 listing in your log.  It has nothing to do with the database.  And $_REQUEST is an automatic 'global', you do not need to declare it.  

But you are doing something I never do and that is using the $_REQUEST variables directly in your SQL text.  There is probably an error in the SQL that is being generated.  It could be invalid or empty values in one or more of your $_REQUEST variables.  This is the format I use to process incoming $_REQUEST, $_POST, and $_GET data.  I never use it directly.  Note in the 'else' part of the statement, I am using 'substr' to limit the size of the data.  One of the most frequent problems with forms is people sending over size data to try to crash or break the forms.

if (!isset($_REQUEST['ordnum'])) $ordnum = ''; else {$ordnum = substr($_REQUEST['ordnum'],0,32);}

Open in new window

0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

A publishing tool, a Version Control System, or a Collaboration Platform! These can be some of the defining words for the two very famous web-hosting Git repositories: Bitbucket and Github. Git is widely used amongst the programmers and developers f…
This article demonstrates how to create a simple responsive confirmation dialog with Ok and Cancel buttons using HTML, CSS, jQuery and Promises
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will learn the benefit of using external CSS files and the relationship between class and ID selectors. Create your external css file by saving it as style.css then set up your style tags: (CODE) Reference the nav tag and set your prop…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now