current community

your communities

more stack exchange communities

Stack Exchange
tour help
stack overflow careers
Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 1 down vote favorite

My program is using a JS XMLHTTP request to a PHP file with cURL code to retrieve the contents of another page. I'm calling a PHP file in order to avoid a cross-origin-request error by the browser. I need to send my PHP file a JS variable, psswd, so it can use it when executing a cURL request.

I'm using the following JavaScript code to get the contents of another page:

var psswd = "test";
var xmlhttp;
if (window.XMLHttpRequest){ xmlhttp = new XMLHttpRequest(); }
else{ xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); }
xmlhttp.open("POST", "parsefeed.php?psswd=" + psswd, false);
xmlhttp.send();

My cURL PHP script where i need to use this variable is: 

$options = array( 
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_FOLLOWLOCATION => true,
    CURLOPT_SSL_VERIFYHOST => false,
    CURLOPT_SSL_VERIFYPEER => false,
    CURLOPT_URL            => $url ,
    CURLOPT_SSLCERT        => $cert_file ,
    CURLOPT_SSLCERTPASSWD  => $< * VARIABLE GOES HERE * >,
);
curl_setopt_array($ch , $options); 
$output = curl_exec($ch);
echo $output;

I've tried using $_POST['psswd'] and checking if anything is even posted, but it doesn't seem to work. Any ideas how I can verify the variable is being passed?

share|improve this question
    
Use jQuery for crossbrowser compatible ajax calls. –  TiMESPLiNTER Jul 15 '14 at 13:55
    
Move your ?psswd=" + psswd to within of send - xmlhttp.send("psswd=" + psswd); –  eithedog Jul 15 '14 at 13:58

1 Answer 1

up vote 0 down vote accepted

For a valid POST request which is accessable through PHP you have to specify a header and pass your data in the .send() method:

xmlhttp.open("POST", "parsefeed.php", false);
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp.send("psswd=" + psswd);

But it would be a lot more secure and easier to use jQuerys ajax abilities instead.

share|improve this answer
    
Thanks, this worked! I tried looking at jQuery ajax but i couldn't find anything for sending an SSL certificate to access the website's content. Why would jQuery be more secure? Does this method not encrypt the information that is being sent? What's the difference. –  jdpena Jul 15 '14 at 15:04
    
Well do you want to send a cert file from the client with javascript (ajax) to the server? Why? –  TiMESPLiNTER Jul 16 '14 at 5:29
    
So my javascript asks a user for the password and just delegates it to my php script. My php scripts attempts to use the password with a certificate it already has to access a website that requires authentication. –  jdpena Jul 16 '14 at 13:13

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.