Saving html to text


#1

This is a little off topic, however, I am setting up a website with Pan 6 that will have a subscription model. I want potential subscribers to enter information on a secure HTML page, then save the entered text from that page to a tab (or comma) delimited text file in that same secure location for retrieval. If the service goes well, I will buy a SSL cert for my server and dump the info into a secure Panorama database.

Does anybody know how to save the fields in an HTML page to a text file?

Thank you.


#2

If you’re building a site with Panorama Enterprise, when the page is submitted the HTML form data is submitted via a variable named cgi Parameters that can be picked apart to save as text or easily merged into a database.

If you’re not using Enterprise, you’d need to have something like AppleScript watching the folder to activate Panorama when a new text file is saved. Using Panorama’s HTML parsing you can certainly import the text. See striphtmltags( for the best place to start.

But, you write as if the saved data is not in HTML, but rather that is saved as Tab-delimited text. In that case you’d simply import it.


#3

Thanks Jim, but I guess I wasn’t clear. I am using a shared SSL secure site on my host’s server. If I assign the submit button to a Panorama procedure, it is leaving their secured site and throwing a message that says “This transaction is not secure. Proceed with transaction?”. This is obviously not good. What I want to do is save a text file of the fields in the form in the host’s secure location that I can retrieve later and import to Panorama.

Sooooo, I need to convert the data entered into an HTML form to a text file on the host’s server without any help from Mac apps.

Jeff


#4

Data entered into an html form is being entered in the user’s browser. For the data to go to the host’s server, the submit button will have to send it there. It doesn’t get sent as html. It gets sent as a string like

FirstName=John&LastName=Doe&email=someone@somewhere.com&etc.

If your host offers some sort of service to collect these submissions, the question is, how do they format it, and where do they put it. Do they just leave it in its raw form, or do they pretty it up in some way.


#5

I am using a shared SSL secure site on my host’s server. If I assign the submit button to a Panorama procedure, it is leaving their secured site and throwing a message that says “This transaction is not secure. Proceed with transaction?”. This is obviously not good.

Nope, it’s not good, but there’s something wrong in your linking or SSL configuration then. I use Enterprise with numerous forms on secure sites and have no such issues. I’ve not set up the certificates so I can’t evaluate much there, but I can testify that it can work.

James Cook
Jim@JamesCook.biz

http://JamesCook.biz


#6

You’re on the wrong forum!!

Seriously, that depends on the capabilities of the host server you are using. There may or may not be a capability to do what you want, I would contact the hosting company and ask them if they have a solution, perhaps using PHP, Python, etc. But you definitely won’t be able to use Panorama procedures securely unless the server that Panorama is actually running on has an SSL certificate.

For a page to be secure, every element on the page has to come from a secure server, including images and any code (whether Panorama code or any other kind of code). You’re not allowed to mix in something from another, unsecured server.

Then again, SSL certificates aren’t the big deal that they used to be. They don’t even have to cost money any more, do a google search for “Let’s Encrypt”.


#7

I think there is still some miscommunication here. If I’m reading this correctly, the secure server that is hosting the forms is not a Mac. Enterprise is running on a Mac which does not have an SSL certificate.


#8

"Let’s Encrypt”

Looks cool, but my web server doesn’t control the domain. I have a free “shared” SSL my from host. I can certainly contact my host for info. I just thought some of the more web educated guys on this forum might know how to do it.


#9

It does control the domain that the Panorama code is running on. There are two domains involved in your application – the domain that has your static web content, and the domain that Panorama Server is running on.

A web page can contain elements from many different servers. For example, your HTML code could contain img tags that reference images on some external server. The images don’t have to come from the same server as the HTML code. But if you want the page to be secure, all elements must come from servers that are secured.

In your case, the CGI code is coming from a different server than your HTML text. The browser is correctly complaining that the communication with this second server is not secure. This is not a mistake or a technicality – the browser is using http to communicate with your server running Panorama, not https. The communication is entirely in the clear and subject to man-in-the-middle attacks. There is no shortcut, the only way to be secure is to set up SSL for every server the browser is communicating with.

Your host cannot share SSL with other servers, including your Panorama server. I’m not sure what they mean by “shared” SSL, but it definitely does not mean that the SSL certificate can apply to communication with other servers. It may mean that the SSL certificate is shared with other customers of this host. Ok, I just did some google-ing and that is basically what it means. So that is not going to be any help to you in this situation, you’ll need a separate SSL certificate for your server that is running Panorama Server.


#10

you’ll need a separate SSL certificate for your server that is running Panorama Server.

I get that, which is why I’m trying to set up a simple, temporary solution until I see if it’s worth going through the hassle.


#11

The problem is, there is no secure solution that doesn’t involve an SSL certificate for your server that is running Panorama Server.

In your HTML code, I’m sure the action tag in the form you are submitting is something like this:

action="http://www.jeffsserver.com/cgi-bin/Panorama.cgi?SomeDatabase~someprocedure

To be secure, that tag needs to be https:, not http:. But you can’t do that unless your server has an SSL certificate.

What’s happening now is that when the Submit button is pressed, the browser is sending a message to your server using http: protocol, which is an insecure protocol (in fact it has no security at all, it’s just plain text). The browser notices that an insecure protocol is used, and it complains. But even if it didn’t complain, the communication would still be insecure.

If it doesn’t matter that the communication is insecure, simply make the entire page use http:, then the browser won’t complain. But the user won’t see a lock indicating a secure connection.