HTTPSendForm (Function)

ONLINE HELP
WINDEV, WEBDEV AND WINDEV MOBILE

Version:

Home | Sign in | English

This content has been translated automatically. Click here to view the French version.

Help / WLanguage / WLanguage functions / Communication / HTTP functions

Security error in a secure transaction
Retrieval
Accessing a password-protected URL
Using a proxy
Authentication headers

WINDEV

WEBDEV

WINDEV Mobile

Others

See also

HTTPSendForm (Function)

In french: HTTPEnvoieFormulaire

Sends an HTTP form. This form was created by HTTPCreateForm.

Example

See additional examples

HTTPCreateForm("FORM")
HTTPAddParameter("FORM", "Price", "3400")
...
HTTPSendForm("FORM", "www.mysite.com")

// Example for sending a file
lIdForm = "TEST"
HTTPCreateForm(lIdForm)
HTTPAddFile(lIdForm, "file", "C:\temp\Certificate.pdf")
IF NOT HTTPSendForm(lIdForm, "http://test.myserver.net", httpPost, "AGENT") THEN
...
END

Syntax

Full syntax Hide the details

<Result> = HTTPSendForm(<Form name> , <URL to contact> [, <HTTP Method> [, <User agent> [, <Additional HTTP header> [, <Type of form> [, <Username> [, <Password>]]]]]])

<Result>: Boolean

True if the HTTP form was sent,
False if an error occurs. To get more details on the error, use ErrorInfo with the errMessage constant.

<Form name>: Character string

Name of HTTP form to send.

<URL to contact>: Character string

Address of server to contact (URL address).
This parameter can contain the port number for connecting to the server. The default value is 80 (corresponds to a server of Web pages). To specify a port number, use the format: "<Server URL>:<Port number>".
For example: http://www.pcsoft.fr:80.
Note: For a secure transaction, the URL must begin with the string "https://".

<HTTP Method>: Optional Integer constant

HTTP method used:
httpCopy COPY method
httpDelete DELETE method
httpGet GET method
httpHead HEAD method
httpPatch PATCH method
httpPost
(Default value) POST method
httpPut PUT method

<User agent>: Optional character string

Identifies the client. The "PC SOFT Framework" value is returned by default.
The content of the response may depend on the user agent. In this case, for more details, see the documentation of user agent.

<Additional HTTP header>: Optional character string

Additional HTTP header that will be added to the HTTP message. Warning: this chain must end with a carriage return (CR)..
Empty string ("") if no HTTP header must be added.

<Type of form>: Optional character string or optional constant

Type of form that will be sent to the server. This parameter corresponds to "Content-Type".
The default message type is: "application/x-www-form-urlencoded". This parameter can correspond to one of the following constants:
mimeTypeMultiPartForm The message type corresponds to: "multipart/form-data" (used in particular for file transfer).
mimeTypeSimpleForm
(Default value) The message type corresponds to: "application/x-www-form-urlencoded".

<Username>: Optional character string

Name used to access a page with a protected URL (empty string by default). This name is used to identify the user.

<Password>: Optional character string or secret string

Password associated with the username (empty string by default). Used to access a page with a protected URL. Warning The password is transmitted unencrypted over the Internet.
New in version 2025
Secret strings: If you use the secret string vault, the type of secret string used for this parameter must be "Ansi or Unicode string".
To learn more about secret strings and how to use the vault, see Secret string vault.

Syntax with the httpRequest type Hide the details

<Result> = HTTPSendForm(<Form name> , <HTTP request>)

<Result>: httpResponse variable

Name of the httpResponse variable containing the response from the request.

<Form name>: Character string

Name of HTTP form to send.

<HTTP request>: httpRequest variable

Name of the httpRequest variable containing the parameters required to send the form.

Asynchronous syntax that uses the httpRequest type Hide the details

HTTPSendForm(<Form name> , <HTTP request> , <WLanguage procedure>)

<Form name>: Character string

Name of HTTP form to send.

<HTTP request>: httpRequest variable

Name of the httpRequest variable containing the parameters required to send the form.

<WLanguage procedure>: Procedure name

Name of the WLanguage procedure called during the response from the HTTP server. This procedure has the following format:
PROCEDURE <Procedure name>(<Response> is httpResponse)
where <Response> is an httpResponse variable containing the response received from the HTTP server.

Remarks

Security error in a secure transaction

During a secure transaction, the sending of the form may fail due to security errors:

invalid certificate or certificate coming from an unknown company.
the site name specified in the certificate does not correspond to a server.
invalid or expired certificate date.
redirection to a non-secure server.

These errors are returned by ErrorInfo.

If one of these errors occurs, you can re-run the request while ignoring the errors.

Two methods can be used according to the syntax:

Syntax 1: variable HTTP.IgnoreErreur (see paragraph below).
Syntax 2: Use the IgnoreErreur property of variable httpRequest.

If the full syntax is used (syntax 1), all you have to do is use the HTTP.IgnoreError variable:

Error returned by ErrorInfo (with the errCode constant)	Value of HTTP.IgnoreError (these values can be combined)	Description

httpErrorInvalidCertificate Invalid certificate or certificate coming from an unknown company	httpIgnoreInvalidCertificate	The certificate is ignored.
httpErrorInvalidCertificateName The site name specified in the certificate does not correspond to a server	httpIgnoreInvalidCertificateName	The site name specified in the certificate is ignored.
httpErrorExpiredCertificate Invalid or expired certificate date	httpIgnoreExpiredCertificate	The certificate date is ignored
httpErrorRedirectToHTTP Redirection to a non-secure server	httpIgnoreRedirectToHTTP	The redirection to a non-secure server is allowed.
httpIgnoreRedirectToHTTPS Redirection to a secure server	httpIgnoreRedirectToHTTPS	The redirection to a secure server is allowed.

For example:

// Send a form on a secure server
ResStart = HTTPSendForm("FORM", "https://www.MyServer.com")
// If an error occurs
IF ResStart = False THEN
// According to the type of error
SWITCH ErrorInfo(errCode)
// Invalid certificate or coming from an unknown company
CASE httpErrorInvalidCertificate:
// Ignore the certificate?
IF YesNo("Caution, a security alert was detected!", ...
"The certificate is invalid.", ...
"Do you want to ignore this certificate?") = Yes THEN
HTTP.IgnoreError = httpIgnoreInvalidCertificate
// Send the form again while ignoring this error
HTTPSendForm("FORM", "https://www.MyServer.com")
END
// Invalid or expired certificate date
CASE httpErrorExpiredCertificate:
// Ignore the certificate date?
IF YesNo("Caution, a security alert was detected!", ...
"The certificate date is invalid or expired.", ...
"Do you want to ignore this date?") = Yes THEN
HTTP.IgnoreError = httpIgnoreExpiredCertificate
// Send the form again while ignoring this error
HTTPSendForm("FORM", "https://www.MyServer.com")
END
END
END

Retrieval

HTTPGetResult retrieves the result of the last HTTP form sent.

Accessing a password-protected URL

To access a password-protected URL, you can:

use the <Username> and <Password> parameters in HTTPSendForm.
specify the username and password in the <URL to contact> parameter.
For example:
<Result> = HTTPSendForm("http://<user>:<password>@<URL to contact>")

Using a proxy

To access the URL specified in HTTPSendForm via a proxy, use Proxy.

Authentication headers

The authentication headers are automatically generated in the following cases:

If HTTPSendForm uses the syntax with username and password.
If the server URL is password protected
If Proxy is used.

Business / UI classification: Business Logic

Component: wd300com.dll