submit form to a remote server

Hi,

I have an html form:

http://www.site.com/us/events/techday2014/overview.html

that submits to a remote server php script.

http://www.site2.com/techday2014/toolbox.php

Some users complained that it takes forever for the form to process.  Looked into the log file, I got this kind of error, 302.  Is it cross-domain error?  How do I solve this?

Thank you very much.

Log file
199.106.103.54 - - [03/Nov/2014:13:31:54 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
199.106.103.58 - - [03/Nov/2014:13:44:01 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
199.106.103.52 - - [03/Nov/2014:15:05:09 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
207.140.43.21 - - [03/Nov/2014:15:52:10 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
199.106.103.58 - - [03/Nov/2014:15:53:59 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36"
207.140.43.22 - - [03/Nov/2014:16:00:37 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:08:20 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:09:57 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:11:23 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:13:18 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:14:34 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:19:14 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:24:08 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:32:52 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:34:55 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:38:28 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:40:27 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:41:41 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:42:36 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:50:43 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"

Open in new window

levbaoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ray PaseurCommented:
0
levbaoAuthor Commented:
Hi Ray,

Thank you for your response.  Could it be a cross-domain issue on some browsers when I submit the form to a remote server?  People from the same company could submit the form and I got the record in the database, however some people could not submit the form.

Regards,
Bao
0
Ray PaseurCommented:
Without seeing the code in the action script, to see how it treats forms from foreign servers, we can't be sure.  But Cross-site request forgeries are one of the things that developers defend against.  Sometimes the defense is to sleep() for a while in order to reduce the effects of a DoS attack.  It may also be setting a cookie, and if the cookie is not returned, it may be altering its behavior.  Cookies are only settable for the domain in question; a cookie set by an action script will only be usable with the domain name of the action script.

What's the design strategy behind the current setup?  Any reason why you can't have the form and action script in the same domain?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

levbaoAuthor Commented:
Hi Ray,

This form has been there for a while and I am taking over.  My understanding for the current setup is that the server that host the html form doesn't support php (it's controlled by our client) so we submit it to a remote server that supports php.

It's just a very simple form, after validating the form, document.my_form.submit();

<form name="my_form" action="http://www.site2.com/techday2014/toolbox.php" method="post">
<input type="hidden" name="app_data" value="1" />
<input type="hidden" name="LOC" id="LOC" />
.....
</form>

Open in new window


toolbox.php
#################################################################
<?php
session_start(); ob_start();
$SERVER = '...';
$USER = '...';
$PASSWORD = '...';
$DATABASE = '...';

function redirect($url, $type=301)
{
	if ($type == 301)
	{
		header("HTTP/1.1 301 Moved Permanently");
		header("Location: ".$url);
		echo 'This page has moved to <a href="'.$url.'">'.$url.'</a>';
		exit();
	}
}
$con = mysqli_connect($SERVER,$USER,$PASSWORD,$DATABASE);
if (!$con){die('Could not connect: '.mysqli_connect_error());}

function enterApplicant(){
        global $con, $_REQUEST;

        $breakout_sessions = 'N/A';
        $tshirt_size = 'N/A';
        
        if(!empty($_REQUEST['BREAKOUT_SESSIONS'])) {
            $breakout_sessions = implode(",", $_REQUEST['BREAKOUT_SESSIONS']);
        }
        if(strlen(trim($_REQUEST['TSHIRT_SIZE']))!=0) {
            $tshirt_size = $_REQUEST['TSHIRT_SIZE'];
        }
        $title = ($_REQUEST['TITLE']!='Other')? $_REQUEST['TITLE'] : $_REQUEST['TITLE_OTHER'];
        
	$QUERY = "INSERT INTO Applicants ";
	$QUERY .= "(first,last,title,department,email,breakout_sessions,code,tshirt_size) ";
	$QUERY .= "VALUES ";
	$QUERY .= "('".$_REQUEST['FIRST']."','".$_REQUEST['LAST']."','".$title."','".$_REQUEST['DEPARTMENT']."','".$_REQUEST['EMAIL']."','".$breakout_sessions."','".confirmation_code()."','".$tshirt_size."')";
	
	$Red = substr($_REQUEST['LOC'],0,-13).'thank-you.html'; 	//FOR PROD
	
	$q = mysqli_query($con, $QUERY);
	if ($q){

		mail('admin@site.com','noreply@site.com','Tech Day Registration',adminEmail()); 
		mail($_REQUEST['EMAIL'],'noreply@site.com','Tech Day Participant',ApplicantEmail());
		header('Location: ' . $Red);
	}
}
if (isset($_REQUEST['app_data'])){enterApplicant();}

Open in new window

###################################################################

Regards,
Bao

Ed. note: Code moved into Code snippet
0
Dave BaldwinFixer of ProblemsCommented:
This "header('Location: ' . $Red);" is the line that causes the 302 and it's done on purpose to send the user to another page.  It's not an error.
0
Ray PaseurCommented:
I see the 301 redirects, but no 302 redirects in this code.  How are  you sure that this is the code that is getting executed?
0
levbaoAuthor Commented:
Hi Ray, yes, I am sure this code gets executed because I got it from <form action="http://www.site2.com/techday2014/toolbox.php">

Dave, after it inserts into db, it redirects user to thank-you.html which is back to the server that host the form.  

Like I said, not all users experience the same issue that they could not submit the form, it just takes forever.  So what could take the form forever to process for some users?

My initial thought was this could be a client side issue like different browsers behave differently when redirects to a remote server (like Dave said "header('Location: ' . $Red);" is the line that causes the 302).

Regards,
Bao
0
Dave BaldwinFixer of ProblemsCommented:
The "header('Location: ' . $Red);" is what causes the 302.  That's what it is supposed to do.  More info here:

http://php.net/manual/en/function.header.php

http://en.wikipedia.org/wiki/HTTP_302
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
levbaoAuthor Commented:
Thanks Dave.  I am wondering if the line "header('Location: ' . $Red);" causes the issue, I should at least see the record in the database.  But for those users complained about the form, I don't see their records in the database.
0
Dave BaldwinFixer of ProblemsCommented:
The 'header' only causes the 302 listing in your log.  It has nothing to do with the database.  And $_REQUEST is an automatic 'global', you do not need to declare it.  

But you are doing something I never do and that is using the $_REQUEST variables directly in your SQL text.  There is probably an error in the SQL that is being generated.  It could be invalid or empty values in one or more of your $_REQUEST variables.  This is the format I use to process incoming $_REQUEST, $_POST, and $_GET data.  I never use it directly.  Note in the 'else' part of the statement, I am using 'substr' to limit the size of the data.  One of the most frequent problems with forms is people sending over size data to try to crash or break the forms.

if (!isset($_REQUEST['ordnum'])) $ordnum = ''; else {$ordnum = substr($_REQUEST['ordnum'],0,32);}

Open in new window

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Applications

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.