?
Solved

submit form to a remote server

Posted on 2014-11-03
13
Medium Priority
?
231 Views
Last Modified: 2014-12-22
Hi,

I have an html form:

http://www.site.com/us/events/techday2014/overview.html

that submits to a remote server php script.

http://www.site2.com/techday2014/toolbox.php

Some users complained that it takes forever for the form to process.  Looked into the log file, I got this kind of error, 302.  Is it cross-domain error?  How do I solve this?

Thank you very much.

Log file
199.106.103.54 - - [03/Nov/2014:13:31:54 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
199.106.103.58 - - [03/Nov/2014:13:44:01 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
199.106.103.52 - - [03/Nov/2014:15:05:09 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
207.140.43.21 - - [03/Nov/2014:15:52:10 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
199.106.103.58 - - [03/Nov/2014:15:53:59 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36"
207.140.43.22 - - [03/Nov/2014:16:00:37 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:08:20 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:09:57 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:11:23 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:13:18 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:14:34 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:19:14 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:24:08 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:32:52 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:34:55 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:38:28 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:40:27 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:41:41 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:42:36 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:50:43 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"

Open in new window

0
Comment
Question by:levbao
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
13 Comments
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 40420620
0
 

Author Comment

by:levbao
ID: 40420633
Hi Ray,

Thank you for your response.  Could it be a cross-domain issue on some browsers when I submit the form to a remote server?  People from the same company could submit the form and I got the record in the database, however some people could not submit the form.

Regards,
Bao
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 40420658
Without seeing the code in the action script, to see how it treats forms from foreign servers, we can't be sure.  But Cross-site request forgeries are one of the things that developers defend against.  Sometimes the defense is to sleep() for a while in order to reduce the effects of a DoS attack.  It may also be setting a cookie, and if the cookie is not returned, it may be altering its behavior.  Cookies are only settable for the domain in question; a cookie set by an action script will only be usable with the domain name of the action script.

What's the design strategy behind the current setup?  Any reason why you can't have the form and action script in the same domain?
0
Learn how to optimize MySQL for your business need

With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf

 

Author Comment

by:levbao
ID: 40420749
Hi Ray,

This form has been there for a while and I am taking over.  My understanding for the current setup is that the server that host the html form doesn't support php (it's controlled by our client) so we submit it to a remote server that supports php.

It's just a very simple form, after validating the form, document.my_form.submit();

<form name="my_form" action="http://www.site2.com/techday2014/toolbox.php" method="post">
<input type="hidden" name="app_data" value="1" />
<input type="hidden" name="LOC" id="LOC" />
.....
</form>

Open in new window


toolbox.php
#################################################################
<?php
session_start(); ob_start();
$SERVER = '...';
$USER = '...';
$PASSWORD = '...';
$DATABASE = '...';

function redirect($url, $type=301)
{
	if ($type == 301)
	{
		header("HTTP/1.1 301 Moved Permanently");
		header("Location: ".$url);
		echo 'This page has moved to <a href="'.$url.'">'.$url.'</a>';
		exit();
	}
}
$con = mysqli_connect($SERVER,$USER,$PASSWORD,$DATABASE);
if (!$con){die('Could not connect: '.mysqli_connect_error());}

function enterApplicant(){
        global $con, $_REQUEST;

        $breakout_sessions = 'N/A';
        $tshirt_size = 'N/A';
        
        if(!empty($_REQUEST['BREAKOUT_SESSIONS'])) {
            $breakout_sessions = implode(",", $_REQUEST['BREAKOUT_SESSIONS']);
        }
        if(strlen(trim($_REQUEST['TSHIRT_SIZE']))!=0) {
            $tshirt_size = $_REQUEST['TSHIRT_SIZE'];
        }
        $title = ($_REQUEST['TITLE']!='Other')? $_REQUEST['TITLE'] : $_REQUEST['TITLE_OTHER'];
        
	$QUERY = "INSERT INTO Applicants ";
	$QUERY .= "(first,last,title,department,email,breakout_sessions,code,tshirt_size) ";
	$QUERY .= "VALUES ";
	$QUERY .= "('".$_REQUEST['FIRST']."','".$_REQUEST['LAST']."','".$title."','".$_REQUEST['DEPARTMENT']."','".$_REQUEST['EMAIL']."','".$breakout_sessions."','".confirmation_code()."','".$tshirt_size."')";
	
	$Red = substr($_REQUEST['LOC'],0,-13).'thank-you.html'; 	//FOR PROD
	
	$q = mysqli_query($con, $QUERY);
	if ($q){

		mail('admin@site.com','noreply@site.com','Tech Day Registration',adminEmail()); 
		mail($_REQUEST['EMAIL'],'noreply@site.com','Tech Day Participant',ApplicantEmail());
		header('Location: ' . $Red);
	}
}
if (isset($_REQUEST['app_data'])){enterApplicant();}

Open in new window

###################################################################

Regards,
Bao

Ed. note: Code moved into Code snippet
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 40420797
This "header('Location: ' . $Red);" is the line that causes the 302 and it's done on purpose to send the user to another page.  It's not an error.
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 40420816
I see the 301 redirects, but no 302 redirects in this code.  How are  you sure that this is the code that is getting executed?
0
 

Author Comment

by:levbao
ID: 40420867
Hi Ray, yes, I am sure this code gets executed because I got it from <form action="http://www.site2.com/techday2014/toolbox.php">

Dave, after it inserts into db, it redirects user to thank-you.html which is back to the server that host the form.  

Like I said, not all users experience the same issue that they could not submit the form, it just takes forever.  So what could take the form forever to process for some users?

My initial thought was this could be a client side issue like different browsers behave differently when redirects to a remote server (like Dave said "header('Location: ' . $Red);" is the line that causes the 302).

Regards,
Bao
0
 
LVL 84

Accepted Solution

by:
Dave Baldwin earned 2000 total points
ID: 40421058
The "header('Location: ' . $Red);" is what causes the 302.  That's what it is supposed to do.  More info here:

http://php.net/manual/en/function.header.php

http://en.wikipedia.org/wiki/HTTP_302
0
 

Author Comment

by:levbao
ID: 40422121
Thanks Dave.  I am wondering if the line "header('Location: ' . $Red);" causes the issue, I should at least see the record in the database.  But for those users complained about the form, I don't see their records in the database.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 40422186
The 'header' only causes the 302 listing in your log.  It has nothing to do with the database.  And $_REQUEST is an automatic 'global', you do not need to declare it.  

But you are doing something I never do and that is using the $_REQUEST variables directly in your SQL text.  There is probably an error in the SQL that is being generated.  It could be invalid or empty values in one or more of your $_REQUEST variables.  This is the format I use to process incoming $_REQUEST, $_POST, and $_GET data.  I never use it directly.  Note in the 'else' part of the statement, I am using 'substr' to limit the size of the data.  One of the most frequent problems with forms is people sending over size data to try to crash or break the forms.

if (!isset($_REQUEST['ordnum'])) $ordnum = ''; else {$ordnum = substr($_REQUEST['ordnum'],0,32);}

Open in new window

0

Featured Post

Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates how to create a simple responsive confirmation dialog with Ok and Cancel buttons using HTML, CSS, jQuery and Promises
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
The viewer will learn how to dynamically set the form action using jQuery.
Learn how to set-up custom confirmation messages to users who complete your Wufoo form. Include inputs from fields in your form, webpage redirects, and more with Wufoo’s confirmation options.
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question