How does one create/access a http://mydomain.com/.... call from a perl script?

I don't want my users to press a submit button with form protocol to create the action but based on some underlying script variable values, I want the perl script to execute the http:// action. How do I do this?

Is this you are looking for?

------------------
Complete Index of Web Master's Resources: http://www.cellwarp.com

Thanks, almost too simple! This is good -- now for the next question. My perl script needs to capture the return stream from the URL accessed.

For example, the application is to submit details of a credit card transaction to my credit card processing company -- I can do that with the URL example above. How do I capture the resulting stream of information into my perl script's variables -- that is the approval/denial codes which will be sent back from my URL submission (normally this would go to a browser window if I submitted a form from the browser). I want to capture the approval/denial data into variables and write it to a database (I can do the variable setup and db writing) -- I just don't know how to capture the returning data.

#!/usr/bin/perl
# URL to go:
$url = "http://www.cellwarp.com";
print "Location: $url?$in{'Name'}&$in{'CreditCard'}\n\n";
# Or This:
# print "Location: http://www.cellwarp.com\n\n";

You would do this: what Pasha said
but has the form input tacked on.

I'm not saying this to be a jerk, but because of security issues.

If you are not yet adept enough with perl to know something like print "Location: $url\n\n"; then you should NOT be writing a script that handles credit card transactions.

There are too many areas of concern, from encryption and security, to stability within the script, for you to attempt something like that at this stage of your programming.

I would really recommend you go with a commercial product, and have someone who does programming for a living modify it to meet your needs.

If someone was to invade your script, you could be looking at huge problems with customer's account numbers being compromised, etc. Who knows, they could wind up in potential lawsuits!

Again, I'm not saying this to be a jerk, or to insult you or your programming skills. I'm just making an observation of what your original question was, compared to what the application you are trying to do is, and trying to save you some headache.

--Mark

 
ARE YOU NUTS??

Why not just put up a web page that says "Hey, come here and view all kinds of credit card numbers, unencrypted. They're valid! Act now before everyone else runs their balance up" and lists all the numbers?

NEVER NEVER NEVER NEVER send unencrypted credit card numbers, or social security numbers etc over the net.

--mark

Ok Mark, let's not get too exicted. How about we just change the http:// to https:// then we will be sending credit cared info to a secure server using SSL which is pretty good security and which virtually all e-commerce sites use for credit card transactions except those using in SET technology which is even better. So now let's get back on topic here ... which is how to capture an incomming data stream send back from a secure server ...

probably something along the lines of:

my($incoming, @pairs, %FORM);
$incoming = $ENV{'QUERY_STRING'};
@pairs = split(/&/, $incoming);
foreach $pair (@pairs) {
my($name, $value) = split(/=/, $pair);
$value =~ tr/+/ /;
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
$FORM{$name} = $value;
}

The thrust of my question is on maintaining the data stream with the secure server in order to capture the returning values to variables within the script rather than the browser.

 
Last I checked, that's almost exactly what UltraBoard (discussion forum) does...

Dan

I don't think https: is going to do anything. It still would be providing an unencrypted number in a url.

The connection would be to a secure server, but the url would still be in plain text, hoping from relays til it got to the server.

If I'm wrong, please show me examples where this is done.

--mark

When using https the browser and the server first establishes an encryption method to use through a couple of steps and then communicate everything accross the line using that encryption method. What this means is that between your browser and the web server everything is encrypted. However, would still be a blunder to just throw someone's credit card number in the url to pass. It raises several security issuses. Firstly, the person will now have a big string saying "here's my credit card number!" saved in their browser cache, and in their location cache. Secondly someone could easily setup a filter between the web server and the CGI processor (Perl, C, etc).
This is why you don't see any respectable site setting up your account with:
www/submit.cgi?user=Bob&password=fido
You should probably figure out a way to encode the data being passed. Do some research on e-commerce sites and see what the best are using.
Don't make it easy for the people out there that want to take what you got

-- Gordon --

------------------
$blah='82:84:70:77';
print chr($_) foreach (split/:/,$blah);

Like I said...


------------------
$blah='82:84:70:77';
print chr($_) foreach (split/:/,$blah);

hehe. Um.. which server will this be running on? I would like to know so as to make sure to not post to it ;-)

------------------
Ryan Brown
fpsn.net, Inc.
rbrown@fpsn.net