[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Field names?
Sender: Scott Klement <sk@xxxxxxxxxxxxxxxx>
>
> When posting to a web page do you assign values to the name= tag as opposed
> to an id= tag?
You mean the "name" and "id" attributes of an <INPUT> tag, correct?
The name of the variable that's submitted is what's found under "name".
Id is for associating with style sheets and a few other things, but not
for submitting forms.
> With my recent adventures in web access with the HTTP API's
> I'm now trying to do a login to an internal site that runs off of one of
> our NT servers. I can log in find from a browser but the message that I'm
> getting back is the HTML for the invalid employee number. Any thoughts
> would be appreciated.
[SNIP]
> eval data='emplnbr=12345&pass=xxxxx' + CRLF
> eval url='http://10.24.3.1/spede/SpMenu.asp'
> eval rc = http_url_post(url:
> %addr(data): %len(%trimr(data)):
> '/tmp/SPEDELogon.html')
Are you escaping the contents of the employee number and/or password
properly? Your example shows "12345" and "xxxxx" which do not need to be
escaped -- but I have a strange feeling that these aren't the actual
values that you're sending :)
Also, unless the CRLF characters are part of the password, you might want
to remove the "+ CRLF" from the end of "data."
If you're able to get things working with a web browser and not with
HTTPAPI, a great way to determine what's happening is to run a packet
sniffer on the PC that's got the web browser. You can then look at
exactly what the web browser is sending, and compare that with HTTPAPI.
Personally, I like Ethereal. It's a free, cross-platform, packet sniffer.
You can get your copy here:
http://www.ethereal.com/
To capture packets, you also need to install WinPCap. Instructions can be
found here:
ftp://mirror.sg.depaul.edu/pub/security/ethereal/win32/HEADER.html
Once you've got ethereal running, you do the following:
a) Start ethereal
b) Start capturing packets
c) use your web browser to do the post.
d) Stop capturing packets
e) Right-click one of the HTTP packets from your session and choose
"follow TCP stream"
There's no better tool for troubleshooting sockets programs than ethereal!
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubsribe from the list send mail
to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
-----------------------------------------------------------------------