I've set up a suitelet that takes POST data, authenticates using a shared key and then creates a Vendor Return Authorisation based on the input. Essentially, the suitelet acts as a web service.
I've also set up a PHP script that uses cURL to POST the data to the suitelet, but for some reason I am getting the error "You are not allowed to navigate directly to this page."
The Suitelet is set up to run as administrator and to allow external access. All roles are selected as the audience in the deployment. The url being POSTed to is https://forms.netsuite.com/app/site/...g/scriptlet.nl and the contents of the POST contain the script, deploy, compid and h values. The execution log is empty.
Here is the relevant part of the php file:
I've also set up a PHP script that uses cURL to POST the data to the suitelet, but for some reason I am getting the error "You are not allowed to navigate directly to this page."
The Suitelet is set up to run as administrator and to allow external access. All roles are selected as the audience in the deployment. The url being POSTed to is https://forms.netsuite.com/app/site/...g/scriptlet.nl and the contents of the POST contain the script, deploy, compid and h values. The execution log is empty.
Here is the relevant part of the php file:
PHP Code:
function curl_post($url, array $post = NULL, array $options = array())
{
$defaults = array(
CURLOPT_POST => 1,
CURLOPT_HEADER => 0,
CURLOPT_URL => $url,
CURLOPT_FRESH_CONNECT => 1,
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_FORBID_REUSE => 1,
CURLOPT_TIMEOUT => 4,
CURLOPT_POSTFIELDS => http_build_query($post)
);
$ch = curl_init();
curl_setopt_array($ch, ($options + $defaults));
if( ! $result = curl_exec($ch))
{
trigger_error(curl_error($ch));
}
curl_close($ch);
return $result;
}
$url = 'https://forms.netsuite.com/app/site/hosting/scriptlet.nl';
if(isset($_POST['submit']))
{
$payload = '{items:[';
for($x = 0; $x <= $fldcount; $x++)
{
if(!empty($_POST['product' . $x]))
{
$payload .= "{code:\"" . $_POST['product' . $x] . ",qtymissing:" . $_POST['qtym' . $x] . ",qtydamaged:" . $_POST['qtyd' . $x] . ",note:" . $_POST['label' . $x] . "}";
if($x != $fldcount && !empty($_POST['product' . ($x + 1)]))
{
$payload .= ",";
}
}
}
$payload .= "]}";
$fields = array(
'script' => 15,
'deploy' => 1,
'compid' => 25476,
'h' => 'ba91648bbcc505325292',
'auth' => $psk,
'po' => $_POST['po'],
'lines' => $payload
);
$options = array(
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false, //Set to false for testing purposes.
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_CAINFO => getcwd() . "/cacerts/VeriSignClass3PublicPrimaryCertificationAuthority-G5.crt"
);
$nsResponse = curl_post($url, $fields, $options);
You might try setting a user agent header to mimic one of the common browsers
Try posting something to that url from a browser. I hadn't looked at it before but on review it looks like you just took an internal suitelet url and changed the host.
Use a different browser or log out of Netsuite for the test.
To use "forms.netsuite.com" you have to make the suitelet not require login and set the audience to everyone.
Use a different browser or log out of Netsuite for the test.
To use "forms.netsuite.com" you have to make the suitelet not require login and set the audience to everyone.
Figured it out - it was the most stupid possible thing, I had the deployment set to "Testing" and so when I tried to access it through the PHP script, I got that message because as far as NetSuite was concerned, I wasn't logged in.
Thanks for your help Brett, you got me thinking and put me on the right track.
Thanks for your help Brett, you got me thinking and put me on the right track.