Learn VBA & Macros in 1 Week!

PHP - Protect A Php File From Being Called From Outside - Ddos Attack In Progress

Full Excel VBA Course - Beginner to Expert

Protect A Php File From Being Called From Outside - Ddos Attack In Progress	View Content

Hello All,

I am in desperate help here since my site was DDoS attacked by some one in turkey (Ips originate mostly from turkey, Germany, and some other Europe countries). I have installed the ddos deflation and most of the IPs are now blocked.

I have a php file in my server that I use to input data into my database and my streaming servers. This file is called connect.php and the hacker is basically created an automated script that repeatedly call the connect.php file from a botnet resulting in both apache and mysql dead. I use connect.php in the following way

http.open('get', "ajax/createchannel_1.php?channel=" + channelname + "&sitename=" + sitename + "&privateurl=" + privateurl + "&privateurlcheck=" + privateurlcheck);

How can i change the connect.php so that it only accept execution from my server/
Please your help is greatly appreciated.

Full Excel VBA Course - Beginner to Expert

Similar Tutorials

Moved: Track Progress Of File Download

How To Protect Php File

Passing Session Var To Called File

Get_headers() Returns Empty When Called From Another Php File :(

How To Prevent Direct Access To The File Called Via Ajax?

An Php File To Be Called Using Include And To Be Open In A Target Frame

Urgent I'm Under Attack

Sql Injection And Xss Attack On Checkbox

Moved: Spam Bot Attack

How To Incorporate Attack Speed With Php + Websockets

Cross-site Scripting Attack Help

Mob Attack Artificial Intelligence Server Side

Php Progress Bar

Progress Bar For Upload

Upload Progress Bar

Controlling Progress Meter/bar

Curl Show Progress ?

How To Make Progress Indicator

Get Progress To Work Based On Page On

Learn VBA & Macros for Excel in 1 Week!

Moved: Track Progress Of File Download

Similar Tutorials

This topic has been moved to Ajax Help.

http://www.phpfreaks.com/forums/index.php?topic=316351.0

How To Protect Php File

Similar Tutorials

hi phpfreaks,

How do I protect the php file that holds the my applications database details
any tips would be great

Protect A File

Similar Tutorials

In my javascript code i use ajax so i load a php file .. then on the success i have a function where i load a file there.. the thing is how can i secure it from direct access from the browser?

if i type the link of the file in the browser i can access it even tho it needs other files to run so it will return me errors.. how can i disable that?

Thanks.

EDIT: i have tried to put

if(!defined("MAIN")){
die('<tt>You cannot view this file directly!</tt>');
}

on the file i want to protect but then when i call the ajax on the success the file doesnt load on the page that i call it and shows the above die();

Passing Session Var To Called File

Similar Tutorials

Hi All,

I am using the uploadify script available at http://uploadify.com/

Now I can get the file uploads working fine with the script below:
Code: [Select]
<?php
session_start();
?>

<link href="/uploadify/uploadify.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/uploadify/jquery-1.3.2.min.js"></script>
<script type="text/javascript" src="/uploadify/swfobject.js"></script>
<script type="text/javascript" src="/uploadify/jquery.uploadify.v2.1.0.min.js"></script>

<input id="fileInput" name="fileInput" type="file" />
<script type="text/javascript">// <![CDATA[
$(document).ready(function() {
$('#fileInput').uploadify({
'uploader' : '/uploadify/uploadify.swf',
'script' : '/uploadify/uploadify.php',
'cancelImg' : '/uploadify/cancel.png',
'auto' : true,
'folder' : '<?php echo $_SESSION['filepath']."/downloads/"; ?>',
'multi' : true
});
});
// ]]></script>
The problem that I am having is that I also store the mysql connection details in session vars (they change depending on who logs in). I have tried a number of ways of "passing" these session vars to the uploadify.php file which does the grunt work of the uploading, but I can never seem to access them. I obviously dont want to pass them to the uploadify.php script through the js because that will show my credentials in the source code.

So, the question is, how can I access these session vars in the called file. I assume its a combination of session_write_end() and session_start() but I havent got the right combination yet.

Get_headers() Returns Empty When Called From Another Php File :(

Similar Tutorials

Hi everyone!

I've been working on a php script to replace links that contain a query with direct links to the files they would redirect to.
The script has to work with a large xml file, which might take a few minutes.
Because of the xml size the script will never finish. The php execution time limit prevents the script from finishing and can't be set to a higher value.

I rewrote my script, so it splits the xml file into multiple "chunk" files that will be processed later.
For each chunk, I call a second php script from within the first. So each xml chunk can be processed at the same time.
For example, for 20 xml chunks, the second php script will be launched 20 times per chunk.

To convert the queries , the second script uses get_headers($url, 1) on each link in the xml chunk, which then should return a direct link as $headers['Location'];
BUT, the header always returns empty.

For some reason I could get the headers when I used get_headers() from the first php script without calling the second ones that process the chunks...
I spend a lot of time trying to figure out what is going on, I included the files I'm using.
Can someone tell me what I'm doing wrong?

In this case I have to rewrite the xml with this script. Situation is not optimal, I'm running the chunk script because we're stuck with the execution time limit too.

Export filter: This loops over a xml file and splits it into chunks

<?php
//ini_set('max_execution_time', 10);

// ---- includes
if ( ! defined('ABSPATH') ) {
    require_once( dirname( __FILE__ ) . '/wp-load.php' );
}


// ---- end includes
// console
function vwaconsole($input) {
	$disabled = false;
	
	if ($disabled === false) {
		$a = print_r($input.'</br>');
		$a = $input;
		echo "<script>console.log( '--log--: " . $a . "' );</script>";
	}
}
//end console

// settings //
	$chunk_size = 20;
//


$home = constant( 'ABSPATH' );
$xml_path = $home."/wp-content/uploads/wpallimport/files/Bastiaansen.xml";
if (fopen($xml_path,"r") != true) {
	vwaconsole("xml file does not exist");
	exit();
}

$xml = new DOMDocument();
$xml->formatOutput = true;
$xml->preserveWhiteSpace = false;	
$xml->load($xml_path);

// Main program
// creates another file to be filled by sub scripts
if (!empty($xml)) {
	vwaconsole("Running main program");
	// backup xml first
	$date = "_".date("Y M D h i");
	$date = str_replace(' ', '_', $date);	
	

	$xpath = new DOMXpath($xml);
	$items = $xpath->query("//aanbiedingen//item"); 
	$loopcount = 0;
	$processedamount = 0;
	$islast = 0;
		
	vwaconsole('total items: '.$items->length);
	vwaconsole('chunk size: '.$chunk_size);
	echo'<br>';
	
	
	/* chunks processing: */ 
	$chunkxml = new DOMDocument();
	$chunkxml->formatOutput = true;
	$chunkxml->preserveWhiteSpace = false;		
	$counter = 0;
	$chunkroot = null;
	
	foreach($items as $item) {
		//vwaconsole('processing item');
		if ($chunkroot === null) {
			$chunkroot = $chunkxml->createElement('root');	
			$chunkxml->appendChild($chunkroot);
			//vwaconsole('created root');
		}
		
		if (($processedamount + $chunk_size) > $items->length) {
			//vwaconsole("last chunk in progress...");
			$islast = 1;				
		}	

		$chunkitem = $chunkxml->createElement($item->nodeName);
		$chunkroot->appendChild($chunkitem);
		//vwaconsole('appended child item to root');

		foreach($item->childNodes as $spec) {
			//vwaconsole('processing specs in item');

			$chunkspec = $chunkxml->createElement($spec->nodeName);
			$chunkitem->appendChild($chunkspec);

			$chunkspectext = $chunkxml->createTextNode($spec->nodeValue);
			$chunkspec->appendChild($chunkspectext);			
		}
		
		$counter++;
		$processedamount++;	
		
		if ($counter >= $chunk_size) {
			$chunkxml->save("wp-content/uploads/wpallimport/files/chunks_bast/bast_chunk_".$loopcount.".xml");
			vwaconsole("saved array chunk");
			
			$output = `php export_filter_chunk_processor.php $loopcount $islast `;
			vwaconsole($output);
			
			vwaconsole("creating new array chunk");
			$chunkxml = new DOMDocument();
			$chunkxml->formatOutput = true;
			$chunkxml->preserveWhiteSpace = false;	
		
			$loopcount++;	
			$counter = 0;
			$chunkroot = null;
		}	
			
		if ($items->length === $processedamount) {
			$chunkxml->save("wp-content/uploads/wpallimport/files/chunks_bast/bast_chunk_".$loopcount.".xml");
			vwaconsole("finished saving last chunk");
		}	
		
	}	
	

	
	// merge  documents later..
	/*
	$newxml = new DOMDocument("1.0", "utf-8");
	$newxml->formatOutput = true;
	$newxml->preserveWhiteSpace = false;	
	$itemContainer = $newxml->createElement('aanbiedingen');
	
	
	$newxml->appendChild($itemContainer);
	//$newxml->save("wp-content/uploads/wpallimport/files/TEMP_Bastiaansen.xml");	
	*/
	
	vwaconsole("main ending");
	exit();
	
} else {
	//vwaconsole("xml is empty ?! exiting");
	exit();
}	


?>

Export chunk processor: The xml was split by the previous script. This one takes one of the chunks and calls get_headers() , sending a link containing a query multiple of this script run at same time. The queries are then picked up by the last php file.

<?php

//ini_set('max_execution_time', 10);

// console
function vwaconsole($input) {
	$disabled = false;
	
	if ($disabled === false) {
		$a = print_r($input.'</br>');
		$a = $input;
		echo "<script>console.log( '--log--: " . $a . "' );</script>";
	}
}
//end console


//echo'<br>';
print_r("called chunk processor > Chunk processor started. ");
//echo'<br>';

$loopcount=$argv[1];
$islast=$argv[2];

if ($loopcount === null || $islast === null) {
	print_r("CHUNK PROCESSOR ERROR > loop count is empty");
	exit();
} else {
	print_r("CHUNK PROCESSOR variables set. loop count: ".$loopcount." is last: ".$islast."<br>");
}	

if ( ! defined('BAST_ROOT_DIR') ) {
    define('BAST_ROOT_DIR', __DIR__);
}
$home = constant( 'BAST_ROOT_DIR' );

$xml_path = $home."/wp-content/uploads/wpallimport/files/chunks_bast/bast_chunk_".$loopcount.".xml";
if (fopen($xml_path,"r") != true) {
	print_r("chunk file was not found at path: ".$xml_path);
	exit();
}


$xmlChunk = new DOMDocument();
//$xmlChunk = new DOMDocument();
$xmlChunk->formatOutput = true;
$xmlChunk->preserveWhiteSpace = false;	
$xmlChunk->load($xml_path);


if (empty($xmlChunk)) {
	print_r("chunk data is empty, exiting");
	exit();
} else {
	print_r("got chunk data <br>");
}	

$xpath = new DOMXpath($xmlChunk);
$item = $xpath->query("//root//item"); 

//$items = $xmlChunk->getElementsByTagName('//root//item');
foreach ($item as $node) {
	echo'new item: <br>';
	foreach ($node->childNodes as $spec) {
		//vwaconsole("processing spec: ".$spec->nodeName);
		if (($spec->nodeName == 'itemlink')) {					
			$memValue = $spec->nodeValue;		
			
			//setting new url spec node
			$spec->nodeValue = processItemLink($memValue);

		// add new itemfoto nodes to xml 
		} elseif(($spec->nodeName == 'itemfoto1')) {
			$memValue = $spec->nodeValue;	
			$imgurls = array();
			
			$first = true;
			for ($i = 1; $i < 50; $i++) {
				if ($first === false) {
					$memValue = str_replace('bast_get_itemfoto_id='.strval($i-1), 'bast_get_itemfoto_id='.strval($i), $memValue);
				}	

				
				vwaconsole("trying to get a itemfoto with id: ".strval($i)." link: " .$memValue);
				$triedFotoUrl = processItemLink($memValue);
				vwaconsole("tried url: ".$triedFotoUrl);
				
				if($triedFotoUrl !== $memValue) {
					$imgurls[] = $triedFotoUrl;
				} else {
					vwaconsole("tried url and processed url are equal. end of loop. No new images left or error happened.");
					break;
				}	
				$first = false;	
			}	
			
			//remove the old single itemfoto from xml
			$spec->parentNode->removeChild($spec);
			
			// add sorted nodes from image array
			if (!empty($imgurls)) {	
				sort($imgurls, SORT_NATURAL);
				
				print_r('<br> after sort;');
				print_r($imgurls);
				print_r('<br>');
				

				$arlength = count($imgurls);
				for($x = 0; $x < $arlength; $x++) {
				
					$newItemFoto = $xml->createElement('itemfoto'.strval($x+1));
					$newItemFotoText = $xml->createTextNode($imgurls[$x]);
					$newItemFoto->appendChild($newItemFotoText);
					$node->appendChild($newItemFoto);
				}
				
				unset($imgurls);
			}			
		
		} 

	}
	echo'<br>';	
}	

//returns string url
//follow the query url from xml, return a direct link or returns input on failure. query is processed in Bastiaansen.php.

function processItemLink($url) {
	if (!empty($url)) {
		
		$headers = get_headers($url, 1);
		if(!empty($headers['Location'])) {
			vwaconsole('test returning header location: '.$headers['Location']);
			return $headers['Location'];
		} else {
			vwaconsole("header empty ?!?! can't convert query");
		}	
	}
	return $url;
}


$xmlChunk->save("wp-content/uploads/wpallimport/files/chunks_bast/bast_chunk_test_".$loopcount.".xml");






?>

When the chunk processor calls a query link with get_headers(), the query will be noticed by the next script, the query converter:

<?php
if ( ! defined('ABSPATH') ) {
    require_once( dirname( __FILE__ ) . '/wp-load.php' );
}

// ---- vars
$machineID = $_GET['bast_get_machine_id'];
$itemlink = $_GET['bast_get_itemlink'];
$itemfoto_id = $_GET['bast_get_itemfoto_id'];
if (!empty($itemlink)) {
	$request = 'bast_get_itemlink';
	$value = $itemlink;
} elseif (!empty($itemfoto_id)) {
	$request = 'bast_get_itemfoto_id';
	$value = $itemfoto_id;
} 
// ---- end vars

if (empty($machineID)) {
	echo 'please enter query ?bast_get_machine_id=(number) first';
	exit();
}
if (empty($request) || empty($value)) {
	echo 'Valid query request would be: bast_get_itemlink <br>';
	echo 'Valid query request would be: bast_get_itemfoto_id <br>';
	exit();	
}	

// register custom query options 
function sm_register_query_vars( $vars ) {
    // get the right custom field names
	$vars[] = $request;
	$vars[] = 'pa_'.$request;
    return $vars;
} 
add_filter( 'query_vars', 'sm_register_query_vars' );

//returns null or string url
function fetch($machineID,$request,$value) {
	$return = null;
	$args = array(
		'orderby' => 'meta_value_num',
		'meta_key' => 'bast_get_machine_id',
		'meta_type' => 'NUMERIC',
		'post_type' => 'product',
		'posts_per_page' => -1,
		'order' => 'ASC',
		'meta_query' => array(
			array(
				'key' => 'bast_get_machine_id',
				'type' => 'NUMERIC',
				'value' => $machineID,
				'compare' => 'EXISTS',
			)
		)
	);	

	$wp_query = new WP_Query($args);
	if ( $wp_query->have_posts() ) {
		while ( $wp_query->have_posts() ) { 
			$wp_query->the_post();
			apply_filters( 'the_content', 'filter_post_content' );
			echo 'found product " '.get_the_title().' " on machine ID '.$machineID.'<br>';
			echo 'requested: '.$request.'<br>';
			
			if ($request === 'bast_get_itemlink') {
				// product url
				$return = get_permalink(get_the_ID());
				break;
			} elseif ($request === 'bast_get_itemfoto_id') {
				
				// image attachment 
			    $attachments = get_posts(array(
					'post_type' => 'attachment',
					//'post_mime_type' => 'image',
					'posts_per_page' => -1,
					'post_parent' => get_the_ID()
					//'exclude'     => get_post_thumbnail_id()
				));
				// as the requested value should be 1, but the array starts at 0.. remove 1 from value
				if (!empty($attachments) && ($attachments != false) && !empty($attachments[$value-1]) && ($attachments[$value-1] != false) ) {
				
					$return = wp_get_attachment_image_src( $attachments[$value-1]->ID, 'full')[0];
					
					echo 'attachment found';
					
				} else {
					
					echo 'attachment empty...';	
				
				} 
				echo 'total amount of images found on this machine: '.count($attachments);
				break;	
			}		
			break;			
		}	
		/* Reset Post Data after loop */
		wp_reset_postdata();
	} else {
		echo 'query on machine ID '.$machineID.' found no product. Exit.';	
	}	
	
	return $return;	
}	

function filter_post_content( $content ) {
    // Check if we're inside the main loop in a single post page.
    if ( is_single() && in_the_loop() && is_main_query() ) {
        return $content;
    }
    return $content;
}

$finaldestination = fetch($machineID,$request,$value);
if (empty($finaldestination)) {
	exit();
}	

//echo 'destination set: '.$finaldestination.'<br>';
header("Location: ".$finaldestination, true, 302);


?>

How To Prevent Direct Access To The File Called Via Ajax?

Similar Tutorials

I use jQuery when adding messages. However, the file can be called directly. For example: includes/add_comment.php?id=2

So, I can make a form and call this file directly to add a message. ID is user id and form can be submited with HTML form wherever are located.

How to prevent direct access to the file when called through a Ajax?

An Php File To Be Called Using Include And To Be Open In A Target Frame

Similar Tutorials

Need Suggestion for my codes, I want msg1.php to be open in the frame bottomframe.

if($username=="" || $password=="")
   {
     echo "<form method=\"post\" action=\"msg1.php\" target=\"bottomframe\" >";
   }

Urgent I'm Under Attack

Similar Tutorials

Hello dear friends ,

I'm under attack huge attack from spam bots and i need your help

1) i've a form with input text and input submit
2) no way to add html cause using js banned any < or > ..ect
3) the spam attack now post html code but it stored into database after automatically < and > removed as i mention in (2) okay

add to your note i can't add captcha cuase my website for kids

Now please allow me to explain this idea and let me know if it ture or there is another way else more simple

1) i will add hidden input with value shows "IP Number Of Poster"

2) by that way i will know the IP of the spammer

3) i will use php and mysql to create database table and store the IPs of spamming i collect so that when that spammer hit my website again , will not be able to view input form.

What do you think ! is it right or bad solution or is there any any way

the bad idea is that spam is not sure human cause it is stupid and post something meaningless and not ture and fake urls like this

Code: [Select]
theuzgfnpbmi, [url=http://gdtuaemvkpif.com/]gdtuaemvkpif[/url], [link=http://rsxtnszcpceq.com/]rsxtnszcpceq[/link], http://awpfgwtvqkdm.com/" theuzgfnpbmi, [url=http://gdtuaemvkpif.com/]gdtuaemvkpif[/url], [link=http://rsxtnszcpceq.com/]rsxtnszcpceq[/link], http://awpfgwtvqkdm.com/"
please help if you have any suggestion or method how to stop such spammers

thank you so much

Sql Injection And Xss Attack On Checkbox

Similar Tutorials

Well, I just want to know, if I add mysql_real_escape_string and strip_tags to a checkbox, does this mean it is 100% protected from SQL injection and XSS attack? For example:

Code: [Select]
<input type=checkbox' name="checkbox"/>

$checkbox = mysql_real_escape_string(stip_tags($_POST['checkbox']));

Moved: Spam Bot Attack

Similar Tutorials

This topic has been moved to Miscellaneous.

http://www.phpfreaks.com/forums/index.php?topic=354848.0

How To Incorporate Attack Speed With Php + Websockets

Similar Tutorials

Since I got my websocket PHP server running nicely with my MYSQL, I can now have some fun Attack speed is very simple, but I need your help with the unixtimestamp. For example, There is a field name called "last_attack" and each time a user attacks a mob and a skill was performed; it will be updated with:

time();

Then I disable the attack button for 2 seconds client side, but I also check that value against time() serverside as well. Now let's say the user's attack speed is 1.30% I want to make that Attack Speed check, to check it dynamically. It should now check only if the attack was less than 1.7 seconds ago instead of 2 seconds. How do I split up the unixtimestamp to work with percents?
Edited by Monkuar, 03 December 2014 - 02:11 PM.

Cross-site Scripting Attack Help

Similar Tutorials

Hi I need to test for XSS attack and aim is to break my own site.

I am using strip_tags to strip all the HTML and tags.

Is there any way for successful XSS attack even if strip_tags is used.

Mob Attack Artificial Intelligence Server Side

Similar Tutorials

I have a javascript code that displays a monster hitting my character via client side only. It runs every 2 seconds via a setTimeout function. My problem is... A user could just disable javascript all together, or craft their own code to disable the monster attack function. I want to detect serverside if anything is being altered. If that makes sense. This is EXTREMELY hard for me to explain, I have no idea but my game is essentially turn based at this point. THE MONSTER ONLY DOES DMG if a player HITS IT. That way, I can safely, and change the values serverside with MYSQL. What I want is the monster to attack the player every 2 seconds or so (Which I have javascript code for already), but a user could just manipulate that code and then attack the mob and receive only that damage. I want it to be more of an action attack game, where the monster's attack automatically, but securely... If that makes sense, any idea? Would I have to implement some type of timing mechanism or something serverside? Or once the player spawned that mob..? Not sure. (You only have XX Seconds to kill!), but that doesn't really fix the problem.. TLDR: Autoattack mob system serverside.
Edited by Monkuar, 19 January 2015 - 10:53 AM.

Php Progress Bar

Similar Tutorials

Hey all,

Not sure if this is in the correct place (sorry if it is not)

But i have been looking for hours now for a simple progress bar system when uploading bigger files.
Im not even looking for good looking loading bar a simple percent would be good for me.

But every site i have looked at to get any help or ideas from the comments are "Does not work", "Error" and that sort of thing.
I have even tried many myself and can not get them to work. (at least 5-6)

Some even requires the you to install add on programs to your sever - this i can not do as i don't own it.

There must be a easy way to solve this problem?

Please help

Thank you.

Eli

Progress Bar For Upload

Similar Tutorials

I was wondering if there is a way to add an progress bar to this script that uploads files to a sql database

<!DOCTYPE html>
<head>
    <title>MySQL file upload</title>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
    <form action="add_file.php" method="post" enctype="multipart/form-data">
        <input type="file" name="uploaded_file"><br>
        <input type="submit" value="Upload file">
    </form>
    <p>
        <a href="list_files.php">See all files</a>
    </p>
<p>
<a href="search.php">Search Database</a>
</p>
</body>
</html>

If so, how would i go about doing that?

Upload Progress Bar

Similar Tutorials

Hello,
I've been trying to create a progress bar for the past 3 days, but I can't get it to work. I've got my own dedicated server with cPanel on it, using cPanel I installed the PECL extension. However, it doesn't respond to anything. The script I'm using is:
HTML code:
Code: [Select]
<form id="uploadform" enctype="multipart/form-data" method="post">
<input id="UPLOAD_IDENTIFIER" name="UPLOAD_IDENTIFIER" type="hidden" value="12345" />
<input id="ulfile" name="ulfile" type="file" />
<input type="submit" value="Upload" />
</form>To request the information I made another page with:
<?php print uploadprogress_get_info($_GET['id']); ?>

Nothing is returned however, no error, nothing... I'm totally lost!

Regards,

Controlling Progress Meter/bar

Similar Tutorials

Hi. how can I control a progress meter/bar to display errors when it failed to reach 100% or on getting to a point?

thanks

Curl Show Progress ?

Similar Tutorials

Hi there i'm using php&curl to fetch some data from another site, this sometimes takes up to 30 seconds but you don't actually see anything happen on the screen, i tried to implement the cURL progressbar but i didn't really get it to work, can someone help me out here ?

This is my code:
Code: [Select]
<?php
if(!empty($_SESSION[$session_prefix."user"]))
{
//Functions
function middlestring($string,$start,$stop){
$pos = strpos($string,$start)+strlen($start);
$retstr = substr($string,$pos);
$pos = strpos($retstr,$stop);
$retstr = substr($retstr,0,$pos);
return $retstr;
}

function curl_get($url, $head, $cook, $ssl){
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,$ssl);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,$ssl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, $head);

if($cook == 1) curl_setopt($ch, CURLOPT_COOKIE, $_SESSION["cookies"]);
return curl_exec($ch);
}

function curl_post($url, $datas, $cook, $ssl){
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $datas);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14");
if($cook == 1) curl_setopt($ch, CURLOPT_COOKIE, $_SESSION["cookies"]);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,$ssl);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,$ssl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);

return curl_exec($ch);
}

function getcookies($text, $startstr, $endstr){
$start = strpos($text, $startstr);
$end = strpos($text, $endstr);
$parts = split("Set-Cookie: ",substr($text, $start, $end-$start));
$cookies = '';
foreach ($parts as $co)
    {
    $cd = split(";",$co);
    if (!empty($cd[0]))
{
if(strpos($cd[0], "deleted"))
{}
else
$cookies .= $cd[0].';';
}
    }
return $cookies;
}

$mail = $ukuser;
$pass = $ukpw;
$code = $_REQUEST["code"];
$wert = $_REQUEST["guthaben"];
$captcha = $_REQUEST["captcha"];

if(empty($captcha))
{
$text = curl_get('http://www.ukash.com/global/en/login.aspx', 1, 0, 1);
$_SESSION["viewstate"] = urlencode(middlestring($text, '__VIEWSTATE" value="', '" />'));
$text = curl_post('http://www.ukash.com/global/en/login.aspx', '__EVENTTARGET=ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginCentral_10%24loginButton&__EVENTARGUMENT=&__VIEWSTATE='.$_SESSION["viewstate"].'&sIFR_replacement_0=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginCentral_10%24txtEmail='.$mail.'&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginCentral_10%24txtPassword='.$pass.'&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginRegForm_11%24txtR1FirstName=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginRegForm_11%24txtR1LastName=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginRegForm_11%24txtR1Email=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginRegForm_11%24ddlDOBday=01&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginRegForm_11%24ddlDOBmonth=01&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpMainHolder%24loginRegForm_11%24ddlDOByear=1980&%23=%2Fservices%2FlocaleRedirector.aspx%3FnodeId%3D156095%26languageCode%3Den&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpSideHolder%24sideRegisterLogin_15%24txtR1FirstName=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpSideHolder%24sideRegisterLogin_15%24txtR1LastName=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpSideHolder%24sideRegisterLogin_15%24txtR1Email=&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpSideHolder%24sideRegisterLogin_15%24ddlDOBday=01&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpSideHolder%24sideRegisterLogin_15%24ddlDOBmonth=01&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24cpSideHolder%24sideRegisterLogin_15%24ddlDOByear=1980&ctl00%24ctl00%24ctl00%24ContentPlaceHolderDefault%24footerTellAFriend_23%24txtStFemail=&__SCROLLPOSITIONX=0&__SCROLLPOSITIONY=0', 0, 1);
$_SESSION["cookies"] = getcookies($text, 'Set-Cookie:', 'Cache-Control: ');
$text = curl_get('http://www.ukash.com/global/en/my-ukash.aspx', 1, 1, 1);
if(strpos($text, 'My Used Codes'))
{
$text = curl_get('https://direct.ukash.com/de/tools/combine/logic/step1.aspx?email=&culture=de&country=de&lang=de', 1, 1, 0);
$_SESSION["cookies"] .= 'ASP.NET_SessionId='.middlestring($text, 'Set-Cookie: ASP.NET_SessionId=', ' path=/; HttpOnly');
$_SESSION["event"] = urlencode(middlestring($text, 'EVENTVALIDATION" value="', '" />'));
$_SESSION["viewstate"] = urlencode(middlestring($text, 'VIEWSTATE" value="', '" />'));
$text = curl_get('https://direct.ukash.com/de/tools/combine/utils/PhishingImage.aspx', 0, 1, 0);
echo '<form action="" method="post">
  <table id="items">
  <tr><td>'.$uka1lng.'</td><td><input type="text" name="code"></td></tr>
  <tr><td>'.$uka2lng.'</td><td><input type="text" name="guthaben" value="20" readonly="readonly"></td></tr>
  <tr><td><img src="data:image/jpg;base64,'.base64_encode($text).'"></td><td><input type="text" name="captcha"></td></tr>
  <tr><td></td><td><input type="submit" value="'.$uka3lng.'"></td></tr>
  </table>
  </form><br>
  <font color="red">'.$uka4lng.'</font>'.$uka5lng.'<br>'.$uka6lng;
}
else
$ukerror = $uka7lng;
}
else
{
if($wert < 10)
$ukerror = $uka8lng;
else
{
$text = curl_post('https://direct.ukash.com/de/tools/combine/logic/step1.aspx', '__VIEWSTATE='.$_SESSION["viewstate"].'&__EVENTVALIDATION='.$_SESSION["event"].'&tbxVoucherNo1='.$code.'&tbxVoucherVal1='.$wert.'&tbxVoucherNo2='.$code.'&tbxVoucherVal2=0&tbxVoucherNo3=&tbxVoucherVal3=&tbxVoucherNo4=&tbxVoucherVal4=&tbxVoucherNo5=&tbxVoucherVal5=&tbxVoucherNo6=&tbxVoucherVal6=&tbxVoucherNo7=&tbxVoucherVal7=&tbxVoucherNo8=&tbxVoucherVal8=&tbxVoucherNo9=&tbxVoucherVal9=&tbxVoucherNo10=&tbxVoucherVal10=&tbxBaseCurrency=EUR&tbxVerContent='.$captcha.'&chkTerms=on&btnConsolidate=', 1, 0);
if(strpos($text, 'stimmt nicht mit dem Systemcode'))
$ukerror = $uka9lng;
else
{
$text = curl_get('https://direct.ukash.com/de/tools/combine/logic/step2.aspx?lang=de', 1, 1, 0);
$_SESSION["viewstate"] = urlencode(middlestring($text, 'VIEWSTATE" value="', '" />'));
$_SESSION["event"] = urlencode(middlestring($text, 'EVENTVALIDATION" value="', '" />'));
if(strpos($text, 'Ihre Ukash Referenznummer'))
{
$text = curl_post('https://direct.ukash.com/de/tools/combine/logic/step2.aspx?lang=de', '__VIEWSTATE='.$_SESSION["viewstate"].'&__EVENTVALIDATION='.$_SESSION["event"].'&btnProceed=', 1, 0);
$text = curl_get('https://direct.ukash.com/de/tools/combine/logic/Step4.aspx', 1, 1, 0);

$newukash = middlestring($text, 'span id="lblVoucherDetailValue"', '</table>');
$newukash = middlestring($newukash, '<tr><td>', '</td></tr>');
$newukash = split('</td><td>', $newukash);

$newcode = $newukash[0];
$ukguthaben = $newukash[2];

$user = mysql_fetch_array(mysql_query('SELECT * FROM users WHERE username="'.$_SESSION[$session_prefix."user"].'"'));
$geld = floor($user["guthaben"] + $ukguthaben);
mysql_query('UPDATE users SET guthaben="'.$geld.'" WHERE username="'.$_SESSION[$session_prefix."user"].'"');
mysql_query('INSERT into ukash (user, code1, code2, value) VALUES ("'.$_SESSION[$session_prefix."user"].'", '.$newcode.', 0, '.$ukguthaben.')');

echo floor($ukguthaben).' '.$guthaben.$uka10lng;

}
else
$ukerror = $uka11lng;
}
}
}
echo $ukerror;
}
else
echo'<font color="red">'.$uka12lng.'</font>';

?>

How To Make Progress Indicator

Similar Tutorials

Get Progress To Work Based On Page On

Similar Tutorials

We are trying to get progress bar to place active class on the current page it one based on variable being set on page called "page", also the page is written into the <body class="page"> tag, once it is loading the page. It is not working as we need can anyone, help us with script below to set progress bar to do prev and next????? So variable is:

 
var page = "refundstep1";

Body Class tage looks like:

<body class="refunStep 1 main-layout">

Progress bar is:

<div class="tabContent progress-bar hidden-phone">
                
                  <div class="step active">
                    <h2>Step 1: Enter your Pin</h2>
                  </div>
                
                  <div class="step inactive">
                    <h2>Step 2: Tell us your address</h2>
                  </div>
                
                  <div class="step inactive">
                    <h2>Step 3: Confirm Your Details</h2>
                  </div>
                
</div>

Code to actual set the other list next as class="inactive", list passed or compelted as class="active done", Current page as class="active"

var progressClass = $('.progress-bar div.step');
$(progressClass).addClass(function(index, activeClass) {
    var activeClass = 'done';
var activePage = 'active';
alert(page);
var currentPage = page;
var pageClass = $('body').hasClass(page);
console.log(pageClass);
    if(pageClass === true) {
 progressClass.addClass(activePage);
 progressClass.prevAll().addClass(activeClass);
 //To select all next elements of `.progressClass` element:
     progressClass.nextAll().addClass(nopageClass);
    }
    return nopageClass;
  });