How to shortcut execute php script without filling out form?
am 11.10.2007 22:19:35 von worktechOk so there is a website that has two input boxes inside a POST form
that uses the action="rcon.php"
here is the code for the form
Ok so there is a website that has two input boxes inside a POST form
that uses the action="rcon.php"
here is the code for the form
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
worktech@gmail.com wrote:
> This is not my website I am dealing with, it is a public site that
> uses a form that has the code above. So why can't I just pass the
> data through the address bar? Is there some security in place that
> might prevent url passing of variables?
The problem arising from this is what could occur when someone bookmarks
or links to a URL with data in them. Every search engine that will find
the link will also execute the script and submit the data.
GET should always be used to _get_ data from a server, POST should always
be used to _modify_ data on a server and HEAD should always be used to
_retrieve headers_ from a server.
> If I can't do that, would writing a script that uses sockets be able
> to accomplish this somehow?
Sure it is. Read up on the HTTP specs. After all, your browser uses
sockets to send the data to the server.
> Or is it somehow not possible without
> using their html form
A HTML form simply describes what data the browser should allow a user to
submit.
- --
Brendan Gillatt
brendan {at} brendangillatt {dot} co {dot} uk
http://www.brendangillatt.co.uk
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBACD7433
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)
iD8DBQFHDpS3kA9dCbrNdDMRAtKaAKCkJj1Tf004ECPugEavPPSIHjTKaACg g/Zf
pJPbJQfMTE9tI2fYG07n3Zo=
=+3CE
-----END PGP SIGNATURE-----
worktech@gmail.com wrote:
> This is not my website I am dealing with, it is a public site that
> uses a form that has the code above. So why can't I just pass the
> data through the address bar? Is there some security in place that
> might prevent url passing of variables?
No, it's just coded in a way it doesn't react to the variables you pass
in the $_GET array, but only in the $_POST array.
There is a small work around, but it has nothing to do with PHP. At
least, not as you describe it.
> If I can't do that, would writing a script that uses sockets be able
> to accomplish this somehow? Or is it somehow not possible without
> using their html form
Woah, hold your horses !
You don't need to use sockets to do this. If you want to retrieve data
with your PHP server, then a little bit of cURL and it will all be over.
On the other hand, from what you've explained, I understood that it's
just *you*, client side who wants to get to a page that needs a form to
post a bit of information.
Create an html file with this code in it: