How to shortcut execute php script without filling out form?

How to shortcut execute php script without filling out form?

am 11.10.2007 22:19:35 von worktech

Ok so there is a website that has two input boxes inside a POST form
that uses the action="rcon.php"


here is the code for the form





checked>

What I want to do is to be able to execute this script without having
to fill out the form every time. My ideal thought was to make a
shortcut to the URL http://whateversite.com/rcon.php?addr=someaddress&rcon=somer con&announceflag=1
and that way everytime i click the shortcut, it executes the script,
and passes it static data that I put in the shortcut, therefor I don't
have to fill out a form every time and click submit.

This is not my website I am dealing with, it is a public site that
uses a form that has the code above. So why can't I just pass the
data through the address bar? Is there some security in place that
might prevent url passing of variables?

If I can't do that, would writing a script that uses sockets be able
to accomplish this somehow? Or is it somehow not possible without
using their html form

Re: How to shortcut execute php script without filling out form?

am 11.10.2007 23:25:11 von Brendan Gillatt

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

worktech@gmail.com wrote:
> This is not my website I am dealing with, it is a public site that
> uses a form that has the code above. So why can't I just pass the
> data through the address bar? Is there some security in place that
> might prevent url passing of variables?

The problem arising from this is what could occur when someone bookmarks
or links to a URL with data in them. Every search engine that will find
the link will also execute the script and submit the data.

GET should always be used to _get_ data from a server, POST should always
be used to _modify_ data on a server and HEAD should always be used to
_retrieve headers_ from a server.

> If I can't do that, would writing a script that uses sockets be able
> to accomplish this somehow?

Sure it is. Read up on the HTTP specs. After all, your browser uses
sockets to send the data to the server.

> Or is it somehow not possible without
> using their html form

A HTML form simply describes what data the browser should allow a user to
submit.


- --
Brendan Gillatt
brendan {at} brendangillatt {dot} co {dot} uk
http://www.brendangillatt.co.uk
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBACD7433
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (MingW32)

iD8DBQFHDpS3kA9dCbrNdDMRAtKaAKCkJj1Tf004ECPugEavPPSIHjTKaACg g/Zf
pJPbJQfMTE9tI2fYG07n3Zo=
=+3CE
-----END PGP SIGNATURE-----

Re: How to shortcut execute php script without filling out form?

am 12.10.2007 19:42:40 von crashanddie+usenet

worktech@gmail.com wrote:

> This is not my website I am dealing with, it is a public site that
> uses a form that has the code above. So why can't I just pass the
> data through the address bar? Is there some security in place that
> might prevent url passing of variables?

No, it's just coded in a way it doesn't react to the variables you pass
in the $_GET array, but only in the $_POST array.

There is a small work around, but it has nothing to do with PHP. At
least, not as you describe it.

> If I can't do that, would writing a script that uses sockets be able
> to accomplish this somehow? Or is it somehow not possible without
> using their html form

Woah, hold your horses !

You don't need to use sockets to do this. If you want to retrieve data
with your PHP server, then a little bit of cURL and it will all be over.

On the other hand, from what you've explained, I understood that it's
just *you*, client side who wants to get to a page that needs a form to
post a bit of information.

Create an html file with this code in it:






action="http://whateversite.com/rcon.php">







(You will need to replace 3 values: the address of the server, and the
values of "addr" and "rcon")

When you load this page, it will automagically submit the form to the
server, and should get you where you want.

Of course, this only works if there are no cookies involved (in which
case you will have to identify against the server before executing this
page, within the same browser).

If I misread your post, please correct me.

HTH,

S.