0

Let me explain to you my situation:

As a member of an organization I have to be able to complete a form on site A and when I redirect the user to website B he should be able to login with the same credentials.

I have to mention that website B dose`t have any API or point of access.

So I have been thinking what if I create an identical form in site A and then open site B in a iframe and complete the same information into the inputs and then POST it.

Why I`m writing this its because I have been reading about same-origin-policy and this tells me that my solution won't work. I have also been reading through this page

What do you think? How would you tackle this?

Community
  • 1
  • 1
Daniel
  • 311
  • 3
  • 5
  • 16
  • 1
    Do the users know that you are creating them an account on a different site? (Let's not hope this is a 3rd party) – ʰᵈˑ Jul 29 '16 at 10:24
  • Yes everything its supposed to be transparent. Thing is to simplify the process. The organization is international and this system will allow us to create accounts on the international webpage from any local website. After they complete that form they will have to complete the same information on site B but just to login. – Daniel Jul 29 '16 at 10:26
  • If site b has its own login using php, you could simply copy that form. The user will fill in the form on page a and POSTS the form to page b – Jonas Wilms Jul 29 '16 at 10:27
  • 2
    There is absolutely no way to do this *sanely* on the backend by sharing an account database, or even simply copying the account data over...? Must you do this without any cooperation of system B?! – deceze Jul 29 '16 at 10:28
  • I think the best solution is to connect to the two databases (database A and database B) and dump there all details with one form, and without worry of cross origin policy in client (all this operations will be proccessed in server). The only thing you need is to stablish the database on B site to accept connections for outside (other than localhost). – Marcos Pérez Gude Jul 29 '16 at 10:33
  • Did you consider using a [Central Authentication Service](https://en.wikipedia.org/wiki/Central_Authentication_Service)? – Alfro Jul 29 '16 at 10:37
  • Maybe sending CURL request to the url of site B registration with data provided from site A would solve your problem? – rgwsk65 Jul 29 '16 at 10:38

1 Answers1

1

If you have no access to the database of site 2, you can use cURL in your code. After the person submits the form on site 1, you can use cURL to make a POST request on site 2 (like a form being submitted there) with the same data you already got.

Janno
  • 542
  • 4
  • 15