I would like to display a form (one field and a captcha) on a page at domain A. The form is located on a page at domain B.
I don’t want to load the entire page at domain B as all the other content surrounding the form is unnecessary.
What options have I got to achieve this?
For the record: I have permission to load the form on my site, but do not have access to the server of domain B.
Of course! Not only that but I was connecting to the page locally as “file:///” as opposed to via “localhost”, hence why I had the php code displaying everytime!
Now that curl is working, I can see my first problem. The source page uses relative links which means that when ‘submit’ is pressed on the form, a 404 error is displayed. Can this be sorted with the DOM parser?
Easiest option would be an iframe: HTML iframe tag, or an HTML frame: [url=http://www.w3.org/TR/WD-frames-970331]Implementing HTML Frames.
Can you copy the form HTML and paste that into your webpage?
If you want JUST the form, not the surrounding stuff on the same page, that’s a bit trickier.
What you’ll have to do is load the page in some way (with fopen() if they have the option set on server B, or with a call to cURL). You’ll then have to use an DOM parser to find the form and it’s content, yank it out, then display it in your page.
If the form is static, it may be easier to just copy and paste the HTML from the public page and paste it into your site. 9 times out of 10 that’ll still work (as long as there aren’t any time-sensitive security things or login stuff in it).
Thank you for the prompt replies. To add to my original post, the form is dynamic as it has a captcha box and processing on server B based on what is input into the field. There is also a <script> in the <head> of the page which will need to be loaded.
An easier way would be to load the entire page and hide all the unnecessary content with CSS, but as far as I know this is impossible with content on a separate domain? Can jquery be used in any way for this?
samanime, any chance you could go into a bit more detail or know of any existing code that I could use to achieve what you have described?
I was kind of afraid of that. =p
The simplest method would be to use an iframe. That’s the only EASY way to get a dynamic form on your page. However, if there is extra stuff around it, you’ll need to process the page on the server instead.
The first step would be to use cURL (PHP: cURL - Manual) to pull the page onto your server in a string.
After that, you need to use a DOM parser. There are a couple choices. This is a decent one: PHP Simple HTML DOM Parser You have to use that to find the ID of the form and pull it out of the rest. Then you can take what you pulled out and output it on your page.
Am I incorrect in thinking that there could be security issues with using DOM? Something about modern browsers preventing from it being used as it could be used to hoax sites?
I have also just had a closer look at the page on domain B and the script which I thought had to be included does not. So it’s purely the form and captcha.
If it’s just the form and captcha, depending how the captcha is created, you may be able to copy and paste.
There aren’t any substantial security risks with doing it that way, so nothing going to stop them. If it’s on the client site in a web page, there isn’t much that can be done (I can take any HTML form on the web and run it, most will work). Now there may be some server site checks (such as checking which domain it came from), but as long as the server isn’t restricted based on that (which it usually isn’t), it’ll work.
One thing you should know, though, is when they submit the form they will be taken to site B, away from your site, so you should pop it up in a separate window or something.
I have just been experimenting with copying/pasting the form. But your last point is true when the captcha is entered incorrectly or the form is submitted. This is a pain!
I’ll look at CURL some more, but it’s a little over my head tbh :(. Thanks for your replies though bud!
The cURL can be overwhelming, but you can do it simply with:
$url = 'url to page';
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
And assuming all is well, $response should contain all the HTML from the URL you put in. You’ll need to make sure you have cURL installed on your server (if you do a phpinfo() on a page and see anything about cURL, it’s there).
It’s possible to do it with a simple fopen() as well, but that depends on some settings on server B, which you have no control over, so cURL is the safer option.
cURL is installed and shows up in phpinfo. However, the output HTML shows the following and not the content of the specified URL. Have I missed something?
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<?php
$url = 'http://www.site.com';
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
?>
</body>
</html>
With that, you’ll need to echo the $response to see it.
Remember that it will have EVERYTHING in the page (including the DOCTYPE, html, head, and body tags). But getting it is the first step.
The next step would be to use a DOM parser to pull out the form and output just that part.
It can. You’ll have to find the action attribute of the form you get and change the action to be an absolute path.
I figured I could use a <base href=“”> line at the top of the document instead. Now onto figuring out how DOM works :).