I am trying to send data to an external API, the problem is that when I open the console in chrome or inspect any element, it shows the hidden
form values that are the API keys, so try this with Curl
:
<?php
$ch = curl_init('https://apiurl.com/');
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, "ApiKey=$ak&merchantId=$mi&accountId=$ac");
curl_setopt($ch,CURLOPT_RETURNTRANSFER,false);
$respuesta = curl_exec ($ch);
curl_close ($ch);
?>
Now, I have 3 questions:
- I understand that this function is done automatically, so how do I do it with a
<input type="submit">
or a<button>
? - Is it safe to send data this way?
- What other way to send this data do you suggest?
What you would do is execute the curl in a file that you call when pressing the button, either type submit and work as when you submit a form, or by executing an ajax in the onclick or onsubmit event. It depends on whether you want to keep the user in the current file or take him to the destination file where you execute it, that will be marked by the logic of your project.
It is a safe method and a good way to send the data to the api.
Example: you associate a function to the clickable element and send it to
AJAX
the file where you do the curl, so that it only runs on click. The apikey is in that file, so it's not visible to the user.If you receive results from the API that you want to display, you can collect them in the
success
delAJAX
.