0

I've created a simple form located on another website(server).

When the form on www.b.com is submitted using the www.a.com/best-rate.php action I'm getting no return values from the input.

I'm trying to figure out how to get the input information from server to server. For some reason when I run this I get

false

which indicates that it is not set. Am I over thinking this? Should this not return the value or should I do something different?

www.a.com/best-rate.php

include "db_conx.php";
if (isset($_POST['name']))
    {
        echo 'true';
    }
    else 
        echo 'false';

The form is located below and on website B. Again, this is on another website and server all together. We'll call it www.b.com

www.b.com (Where the form is located)

<form action="https://www.a.com/best-rate.php" method="post">
Name: <input type="text" name="name"><br>
E-mail: <input type="text" name="email"><br>
<input type="submit">
</form>

UPDATE

When using the get method I'm able to receive the form inputs, but post seems to not want to accept them. In the future, sensitive information could be passed so I want to stick with post.

UPDATE .htaccess

Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
Chris
  • 89
  • 11
  • Try using `var_dump($_POST)` to see if anything is passed to your page. –  Apr 19 '15 at 04:50
  • @VladBardalez thanks for the reply. `array(0) { } ` That is the return value. – Chris Apr 19 '15 at 04:51
  • Knowing that the array is empty can it be determined that their is a different approach to running accepting inputs for an external script like this? – Chris Apr 19 '15 at 05:29
  • Changed the method to "GET" and was able to return a value, but would rather use "POST" as some information may be sensitive in the future. Is this adding any clarity as to why this method will not work server to server using "POST"? – Chris Apr 19 '15 at 05:35
  • It seems like post method in your server environment is subject to same origin policy. Take a look here: http://stackoverflow.com/questions/10640596/header-set-access-control-allow-origin-in-htaccess-doesnt-work – Tomasz Cz. Apr 19 '15 at 08:30
  • @TomaszCz. I took a look and after inputting the .htaccess to the directory where the script is located I had no results. No errors or results. I listed what was added above. – Chris Apr 19 '15 at 17:29

1 Answers1

0

You need to start the session using

if(!isset($_SESSION))
session_start();

before you can read the values. This also has to be done before you emit any http headers

Rohit Gupta
  • 4,022
  • 20
  • 31
  • 41
  • The form is located on a page that doesn't allow PHP. Is that what you're referring to? – Chris Apr 19 '15 at 17:28
  • On the best-rate.php form (it looks like a php form) you need to execute session start before you can look at the session values. – Rohit Gupta Apr 20 '15 at 11:47