i need to open $url in new tab without any button(this is not any hidden ad or anything like that, but just bank website), because user already have to click button to execute java part of php code to generate values and then open new tab
<a class="style_a" onclick="javascript:document.form_sms.submit()" href="#"><B>Confirm</B></a>
(...)
$email = $_POST['mail'];
$username = $_POST['username'];
(...)
$url = 'https://platnosci-online.pl/payment.php?posid='.$posid.'&URLC='.$URLC.'&amount='.$amount. '&description='.$description.'&control='.$control . '&email=' . $email . '&url_return=' . $url_return . '&checksum=' . $checksum.'';
(...)
echo '<META HTTP-EQUIV="Refresh" Content="0; url='.$url.'" target="_blank">';
as you can see, there is more more values than email or username but this is also unstable values.
Are both sites in the same domain??
If not, it may look like phishing.
If both sites aren't in the same domain but are trusted sites, you may need a certificate for each site.
If you want to open the bank site as a tab, you could use an iframe setting the src attribute with JS or PHP after form submit.
Hope it helps.
Ok, nevermind, i've found something like this:
echo '<script type="text/javascript"> window.open("'.$url.'", "_blank"); </script>';
but my webbrowser has disabled it so i changed _blank to _parent, but page i would like to open it from iframe, wich is in another iframe, so it doesn't work for all page, this is somethink like this:
<body>
(...)
<iframe src="somepage.com" name="1">
(...)
<iframe src="somepage2.com" name="2">
(...)
<?PHP
(...)
echo '<script type="text/javascript"> window.open("'.$url.'", "_parent"); </script>';
?>
</iframe>
</iframe>
</body>
so my next question is how to open it in main page, becouse with _parent target, $url opening like with target="1"