I want to make a portal where my users can login to multiple external services. I have PHP form on my own website and when my users enter the data in this form, I want it to be transferred to an external website (which I do not own or control), use the data to fill in the login form there and then redirect the user to the members-area of the external website (that I do not own or control). When I google this I get mixed results and also the answers on StackOverflow regarding this subject are a bit confusing. Is this, or is this not possible?
I reminds me of the principle of phishing, where one of my accounts was once hacked. I never noticed a thing, entered my credentials on the fake website and got transferred to the members area of the real website, that means it’s actually possible right?
Thanks!
Sander
You can
$_POSTit to any site you want. However, once the data is received, it’s out of your control.Regarding the last paragraph in your question, what you’re describing is a phishing site. The attacker owns the site and has full control over it. It’s made to look like a normal site, tricking the user to enter the user credentials.