Parse data from my own HTML page onto a third party PHP page

Question

I am taking part in a beauty competition, and I require that I be nominated.

The nomination form requires my details, and my nominators details.

My nominators may have a problem switching between my email containing my details and the nomination form, and may discourage them from filling the form in the first place.

The solution I came up with is to create an HTML page (which I have 100% control on), and it contains my pre-filled details already, so that the nominators do not get confused filling up my details, all I have to do is ask them for their own details.

Now I want my HTML form to parse the details onto an another website (the competition organiser's website) and have the form automatically filled in, and all the nominators have to do is click submit on the competition's website. I have absolute no control on the competition's website so that I cannot add or change any programming code.

How can I parse the data from my own HTML page (100% under my control) onto a third party PHP page?

Any examples of coding are appreciated.

Thank you xx

Answer 1

The form they are using is submitting the form data to a mailing script which is secured by checking the referer (at least). You could use something like cURL in PHP to spoof the referer like this (not tested):

function get_web_page( $url,$curl_data ) 
{ 
    $options = array( 
        CURLOPT_RETURNTRANSFER => true,         // return web page 
        CURLOPT_HEADER         => false,        // don't return headers 
        CURLOPT_FOLLOWLOCATION => true,         // follow redirects 
        CURLOPT_ENCODING       => "",           // handle all encodings 
        CURLOPT_USERAGENT      => "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)",     // who am i 
        CURLOPT_CONNECTTIMEOUT => 120,          // timeout on connect 
        CURLOPT_TIMEOUT        => 120,          // timeout on response 
        CURLOPT_MAXREDIRS      => 10,           // stop after 10 redirects 
        CURLOPT_POST           => 1,            // i am sending post data 
        CURLOPT_POSTFIELDS     => $curl_data,    // this are my post vars 
        CURLOPT_SSL_VERIFYHOST => 0,            // don't verify ssl 
        CURLOPT_SSL_VERIFYPEER => false,        // 
        CURLOPT_REFERER        => "http://http://fashionawards.com.mt/nominationform.php",
        CURLOPT_VERBOSE        => 1                // 
    ); 

    $ch      = curl_init($url); 
    curl_setopt_array($ch,$options); 
    $content = curl_exec($ch); 
    $err     = curl_errno($ch); 
    $errmsg  = curl_error($ch) ; 
    $header  = curl_getinfo($ch); 
    curl_close($ch); 

    $header['errno']   = $err; 
    $header['errmsg']  = $errmsg; 
    $header['content'] = $content; 
    return $header; 
} 

$curl_data = "nameandsurname_nominator=XXXX&id_nominator=XXX.....etc...."; 
$url = "http://www.logix.com.mt/cgi-bin/FormMail.pl"; 
$response = get_web_page($url,$curl_data); 

print '<pre>'; 
print_r($response); 
print '</pre>'; 

In the line where it says $curl_data = "nameandsurname_nominator=XXXX&id_nominator=XXX.....etc...."; you can set the post variables according to their names in the original form.

Thus you could make your own form to submit to their mailing script & have some of the field populated with what you need...

BEWARE: You may easily get disqualified or run into legal troubles for using such techniques! The recipient may very easily notice that the form has been compromised!

Answer 2

The same origin policy makes this impossible unless the competition organiser were to grant you permission using CORS (in which case you could load their site in a frame and modify it using JavaScript to manipulate its DOM … in supporting browsers).