Solved

submit form to a remote server

Posted on 2014-11-03
13
207 Views
Last Modified: 2014-12-22
Hi,

I have an html form:

http://www.site.com/us/events/techday2014/overview.html

that submits to a remote server php script.

http://www.site2.com/techday2014/toolbox.php

Some users complained that it takes forever for the form to process.  Looked into the log file, I got this kind of error, 302.  Is it cross-domain error?  How do I solve this?

Thank you very much.

Log file
199.106.103.54 - - [03/Nov/2014:13:31:54 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
199.106.103.58 - - [03/Nov/2014:13:44:01 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
199.106.103.52 - - [03/Nov/2014:15:05:09 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
207.140.43.21 - - [03/Nov/2014:15:52:10 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
199.106.103.58 - - [03/Nov/2014:15:53:59 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36"
207.140.43.22 - - [03/Nov/2014:16:00:37 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:08:20 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:09:57 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:11:23 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:13:18 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:14:34 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:19:14 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:24:08 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:32:52 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:34:55 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:38:28 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:40:27 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:41:41 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:42:36 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"
207.140.43.22 - - [03/Nov/2014:16:50:43 -0500] "POST /techday2014/toolbox.php HTTP/1.1" 302 - "http://www.site.com/us/events/techday2014/overview.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3; .NET4.0C; .NET4.0E; MS-RTC LM 8)"

Open in new window

0
Comment
Question by:levbao
  • 4
  • 3
  • 3
13 Comments
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 40420620
0
 

Author Comment

by:levbao
ID: 40420633
Hi Ray,

Thank you for your response.  Could it be a cross-domain issue on some browsers when I submit the form to a remote server?  People from the same company could submit the form and I got the record in the database, however some people could not submit the form.

Regards,
Bao
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 40420658
Without seeing the code in the action script, to see how it treats forms from foreign servers, we can't be sure.  But Cross-site request forgeries are one of the things that developers defend against.  Sometimes the defense is to sleep() for a while in order to reduce the effects of a DoS attack.  It may also be setting a cookie, and if the cookie is not returned, it may be altering its behavior.  Cookies are only settable for the domain in question; a cookie set by an action script will only be usable with the domain name of the action script.

What's the design strategy behind the current setup?  Any reason why you can't have the form and action script in the same domain?
0
Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

 

Author Comment

by:levbao
ID: 40420749
Hi Ray,

This form has been there for a while and I am taking over.  My understanding for the current setup is that the server that host the html form doesn't support php (it's controlled by our client) so we submit it to a remote server that supports php.

It's just a very simple form, after validating the form, document.my_form.submit();

<form name="my_form" action="http://www.site2.com/techday2014/toolbox.php" method="post">
<input type="hidden" name="app_data" value="1" />
<input type="hidden" name="LOC" id="LOC" />
.....
</form>

Open in new window


toolbox.php
#################################################################
<?php
session_start(); ob_start();
$SERVER = '...';
$USER = '...';
$PASSWORD = '...';
$DATABASE = '...';

function redirect($url, $type=301)
{
	if ($type == 301)
	{
		header("HTTP/1.1 301 Moved Permanently");
		header("Location: ".$url);
		echo 'This page has moved to <a href="'.$url.'">'.$url.'</a>';
		exit();
	}
}
$con = mysqli_connect($SERVER,$USER,$PASSWORD,$DATABASE);
if (!$con){die('Could not connect: '.mysqli_connect_error());}

function enterApplicant(){
        global $con, $_REQUEST;

        $breakout_sessions = 'N/A';
        $tshirt_size = 'N/A';
        
        if(!empty($_REQUEST['BREAKOUT_SESSIONS'])) {
            $breakout_sessions = implode(",", $_REQUEST['BREAKOUT_SESSIONS']);
        }
        if(strlen(trim($_REQUEST['TSHIRT_SIZE']))!=0) {
            $tshirt_size = $_REQUEST['TSHIRT_SIZE'];
        }
        $title = ($_REQUEST['TITLE']!='Other')? $_REQUEST['TITLE'] : $_REQUEST['TITLE_OTHER'];
        
	$QUERY = "INSERT INTO Applicants ";
	$QUERY .= "(first,last,title,department,email,breakout_sessions,code,tshirt_size) ";
	$QUERY .= "VALUES ";
	$QUERY .= "('".$_REQUEST['FIRST']."','".$_REQUEST['LAST']."','".$title."','".$_REQUEST['DEPARTMENT']."','".$_REQUEST['EMAIL']."','".$breakout_sessions."','".confirmation_code()."','".$tshirt_size."')";
	
	$Red = substr($_REQUEST['LOC'],0,-13).'thank-you.html'; 	//FOR PROD
	
	$q = mysqli_query($con, $QUERY);
	if ($q){

		mail('admin@site.com','noreply@site.com','Tech Day Registration',adminEmail()); 
		mail($_REQUEST['EMAIL'],'noreply@site.com','Tech Day Participant',ApplicantEmail());
		header('Location: ' . $Red);
	}
}
if (isset($_REQUEST['app_data'])){enterApplicant();}

Open in new window

###################################################################

Regards,
Bao

Ed. note: Code moved into Code snippet
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40420797
This "header('Location: ' . $Red);" is the line that causes the 302 and it's done on purpose to send the user to another page.  It's not an error.
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 40420816
I see the 301 redirects, but no 302 redirects in this code.  How are  you sure that this is the code that is getting executed?
0
 

Author Comment

by:levbao
ID: 40420867
Hi Ray, yes, I am sure this code gets executed because I got it from <form action="http://www.site2.com/techday2014/toolbox.php">

Dave, after it inserts into db, it redirects user to thank-you.html which is back to the server that host the form.  

Like I said, not all users experience the same issue that they could not submit the form, it just takes forever.  So what could take the form forever to process for some users?

My initial thought was this could be a client side issue like different browsers behave differently when redirects to a remote server (like Dave said "header('Location: ' . $Red);" is the line that causes the 302).

Regards,
Bao
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 40421058
The "header('Location: ' . $Red);" is what causes the 302.  That's what it is supposed to do.  More info here:

http://php.net/manual/en/function.header.php

http://en.wikipedia.org/wiki/HTTP_302
0
 

Author Comment

by:levbao
ID: 40422121
Thanks Dave.  I am wondering if the line "header('Location: ' . $Red);" causes the issue, I should at least see the record in the database.  But for those users complained about the form, I don't see their records in the database.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 40422186
The 'header' only causes the 302 listing in your log.  It has nothing to do with the database.  And $_REQUEST is an automatic 'global', you do not need to declare it.  

But you are doing something I never do and that is using the $_REQUEST variables directly in your SQL text.  There is probably an error in the SQL that is being generated.  It could be invalid or empty values in one or more of your $_REQUEST variables.  This is the format I use to process incoming $_REQUEST, $_POST, and $_GET data.  I never use it directly.  Note in the 'else' part of the statement, I am using 'substr' to limit the size of the data.  One of the most frequent problems with forms is people sending over size data to try to crash or break the forms.

if (!isset($_REQUEST['ordnum'])) $ordnum = ''; else {$ordnum = substr($_REQUEST['ordnum'],0,32);}

Open in new window

0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo‚Ķ
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now