PHP - Check If File Exists On Remote Server...not Using Http

Following on from a discussion in the IRC #help chat I wanted to open a discussion on the best method to upload an file to a remote server through a web service. It is a little more complex than that simple explanation so let me go into more detail.

You have the client accessing a website which is hosted on ServerA, through their computer which is the files origin. The web service is housed on ServerB and the remote upload target server is ServerC. I'm looking to upload the file through the web service on ServerB.

The purpose of this is to prevent ServerA from knowing the target location for the upload, ServerC. ServerA must be able to take the file from the computer, pass it to the web service on ServerB which streams it through to ServerC. The file shoul not be saved on any one of the hops through to ServerC, it should be streamed straight through.

Computer (file) ---> ServerA (Apache) ---> ServerB (Web Service) ---> ServerC (File target location)

If youn think this is possible, what is your best suggested method of uploading the file. Currently, I'm looking at using cURL and the SoapClient to access the web service and upload the file. I'm yet to research if this is possible and would like to know if anyone else has a better method/suggestion?

Regarding my job, I just need to connect ServerA with ServerB and stream the file somehow for the clients computer...

Hey guys I m developing a download system for my server that reads files from a third party server and enables MY USER to download it via my URL. What mechanisms should i use to manage this efficiently ???


file_get_contents();
fopen();


Or should I use some kind of buffer mechanism ??? Please do provide a code sample as I'm stuck here very badly.

Note: The file sizes may be >500MB

I have a php script on a server writing to an html file on a remote server. I'm using the following combination of fopen and fputs. The problem is that once out of maybe every 10 or 15 writes to the file, the file that is written is blank with nothing in it.

Has anyone here had experience with this before? The file is fixed the next time it writes to it. this code is within a loop that runs every 10 seconds.



Code: [Select]
// Allows overwriting of existing files on the remote FTP server
$stream_options = array('ftp' => array('overwrite' => true));

// Creates a stream context resource with the defined options
$stream_context = stream_context_create($stream_options);

// Opens the file for writing and truncates it to zero length
if ($fh = fopen($ftp_path, 'w',0, $stream_context))
{

if ( $change > 0   )
fputs($fh, "the contents of the html file is here");      //the case if change is positive

else
fputs($fh, "the contents of the html file is here");   //the case if change is negative

// Closes the file handle
fclose($fh);
}
else
{
die('Could not open file.');
}

A beginner question..

I have tried "isset" but it aint working.. I wonder what PHP function to use to check if a user actually put a file to be uploaded on the server. A validation  just in case a user just click the submit button w/out even choosing a file first.


I have this code but it aint working...

Code: [Select]
<?php
if(isset($_POST['submit']))
{

if(isset($_FILES['uploaded_file']))
{
echo "<span class=\"error_validation\">You haven't choose a logo to upload!<br></span>";
echo "<span class=\"error_validation\">Upload Logo Again? <a href=\"edit_logo.php\">Click Here</a><br></span>";
}
else
{

if($_FILES['uploaded_file']["type"] == "image/gif")
{


$target_path = "logo/";

$target_path = $target_path. basename('matzhee_logo.gif');



if(move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $target_path))
{
echo "<span class=\"error_validation\">The Logo has been successfully changed! Refresh the page to see the changed!<br></span>";
echo "<span class=\"error_validation\">Upload Logo Again? <a href=\"edit_logo.php\">Click Here</a><br></span>";
}
else
{
echo "<span class=\"error_validation\">There was an error uploading the logo. Pls. try again.<br></span>";
echo "<span class=\"error_validation\">Upload Logo Again? <a href=\"edit_logo.php\">Click Here</a><br></span>";
}

}
else
{
echo "<span class=\"error_validation\">Invalid file format. We are only accepting image file. Pls. try again.<br></span>";
echo "<span class=\"error_validation\">Upload Logo Again? <a href=\"edit_logo.php\">Click Here</a><br></span>";
}
}

}
else
{
me_redirect_to("edit_logo.php");
}


?>

Anyone? thanks

This isn't exactly an application design question, but rather a system design one.   I am about to install an Inventory Control System inside this store I work in.   The store itself also owns a Linode VPS running Centos 6.4 which hosts our website.   This new Inventory System will come built in with a Microsoft SQL Server, and supposedly it is a SQL Anywhere database, but I'm not too sure what that means.     I need to make this database publicly accessible, but only via the Linode VPS.  Surely, setting restrictions is easy enough to address that issue.  That isn't my question.   My first idea is to put this server into the DMZ, easy.  But it doesn't exactly sound safe.  So my next idea was to put a middleman server in the DMZ, this way the Linode can send queries to that middleman server and it will send that data to the SQL Server and back.  This is very vaguely described I know, but I don't want to get too much into details, but rather, understand how I can create that middleman server, and what could Install onto it that would allow me to securely process queries?   My first thought was to install a webservice, that accepts an XML/JSON request and returns an XML/JSON response. Then, I realized directly afterwards that I don't have any experience setting up a webservice like that. What kind of options are there out there?
  Ultimately, my question is, should I just put the Server in the DMZ or should I create the middleman, and if so, can someone point me in the right direction as to getting a webservice set up?
Edited by Zane, 15 July 2014 - 11:28 PM.

I'm working with a registration/login system from a tutorial. It's got email validation to make sure it does not exist but I'm struggling to add the same to the username field:

Working code:

Code: [Select]
<?php

include ('database_connection.php');
if (isset($_POST['formsubmitted'])) {
    $error = array();//Declare An Array to store any error message  
    if (empty($_POST['name'])) {//if no name has been supplied 
        $error[] = 'Please Enter a name ';//add to array "error"
    } else {
        $name = $_POST['name'];//else assign it a variable
    }

    if (empty($_POST['e-mail'])) {
        $error[] = 'Please Enter your Email ';
    } else {


        if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/", $_POST['e-mail'])) {
           //regular expression for email validation
            $Email = $_POST['e-mail'];
        } else {
             $error[] = 'Your EMail Address is invalid  ';
        }


    }


    if (empty($_POST['Password'])) {
        $error[] = 'Please Enter Your Password ';
    } else {
        $Password = $_POST['Password'];
    }


    if (empty($error)) //send to Database if there's no error '

    { // If everything's OK...

        // Make sure the email address is available:
        $query_verify_email = "SELECT * FROM members  WHERE Email ='$Email'";
        $result_verify_email = mysqli_query($dbc, $query_verify_email);
        if (!$result_verify_email) {//if the Query Failed ,similar to if($result_verify_email==false)
            echo ' Database Error Occured ';
        }
    if (mysqli_num_rows($result_verify_email) == 0) { // IF no previous user is using this email .


            // Create a unique  activation code:
            $activation = md5(uniqid(rand(), true));


            $query_insert_user = "INSERT INTO `members` ( `Username`, `Email`, `Password`, `Activation`) VALUES ( '$name', '$Email', '$Password', '$activation')";


            $result_insert_user = mysqli_query($dbc, $query_insert_user);
            if (!$result_insert_user) {
                echo 'Query Failed ';
            }

            if (mysqli_affected_rows($dbc) == 1) { //If the Insert Query was successfull.


                // Send the email:
                $message = " To activate your account, please click on this link:\n\n";
                $message .= WEBSITE_URL . '/activate.php?email=' . urlencode($Email) . "&key=$activation";
                mail($Email, 'Registration Confirmation', $message, 'From: Admin@TheGameCo.Com');

                // Flush the buffered output.


                // Finish the page:
                echo '<div class="success">Thank you for
registering! A confirmation email
has been sent to '.$Email.' Please click on the Activation Link to Activate your account </div>';


            } else { // If it did not run OK.
                echo '<div class="errormsgbox">You could not be registered due to a system
error. We apologize for any
inconvenience.</div>';
            }

        } else { // The email address is not available.
            echo '<div class="errormsgbox" >That email
address has already been registered.
</div>';
        }

    } else {//If the "error" array contains error msg , display them
        
        

echo '<div class="errormsgbox"> <ol>';
        foreach ($error as $key => $values) {
            
            echo ' <li>'.$values.'</li>';


       
        }
        echo '</ol></div>';

    }
  
    mysqli_close($dbc);//Close the DB Connection

} // End of the main Submit conditional.



?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Game Name - Home</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>

<div id="container">
<div id="header">
<?php include("includes/header.php"); ?>
</div>
<div id="nav">
<?php include("includes/nav.php"); ?>

</div>
<div id="content">
<form action="index.php" method="post" class="registration_form">
  <fieldset>
    <legend>Registration Form</legend>

    <p>Create A new Account<br />Already a member? <a href="login.php">Log in</a></p>
   
    <div class="elements">
      <label for="name">Username:</label>
      <input type="text" id="name" name="name" size="25" />
    </div>
    <div class="elements">
      <label for="e-mail">E-mail:</label>
      <input type="text" id="e-mail" name="e-mail" size="25" />
    </div>
    <div class="elements">
      <label for="Password">Password:</label>
      <input type="password" id="Password" name="Password" size="25" />
    </div>
    <div class="submit">
     <input type="hidden" name="formsubmitted" value="TRUE" />
      <input type="submit" value="Register" />
    </div>
  </fieldset>
</form>
</div>
<div id="footer">
<?php include("includes/footer.php"); ?>
</div>
</div>
</body>
</html>


I've tried adding this after the email verification:

Code: [Select]
// Make sure the user is available:
        $query_verify_user = "SELECT * FROM members  WHERE Username ='$name'";
        $result_verify_user = mysqli_query($dbc, $query_verify_user);
        if (!$result_verify_user) {
            echo ' Database Error Occured ';
        }
}
    if (mysqli_num_rows($result_verify_user) == 0) { // IF no previous user is using this user .
But that just returns me with:

It works to stop username/email duplication but now returns:

Query Failed You could not be registered due to a system error. We apologize for any inconvenience.

Not sure where I'm going wrong tbh.

hi, how can i check if a username exists? i tried this 

$usrsql = "SELECT * FROM $tbl_name WHERE username='$username' AND password='$password'";
        $usrres = mysql_query($usrsql);
        $usrcount = mysql_num_rows($usrres);

        if($usrres && mysql_num_rows($usrcount)>0) {

            die("Username is already taken!");
        } 

I am trying to compare an array containing required questions to an array holding survey responses.

When a user submits a survey, I take the $_POST array and write the values to a new array called $surveyResponseArray.

How can I determine if $surveyResponseArray exists?

 

 

Edited February 16 by SaranacLake

All,

In my registration script I am trying to check if an email address already exists (yawn I know), and I am stuck. The code highlighted in bold is where I want to check if the email exists (notice that form checking is done above that, including sorting out the email address that the user enters) and if it doesnt insert data into the table. Trouble is that on loading the page it simply states the 'already submitted' error before an email is even entered into the form:


Code: [Select]
         if(isset($_POST['name']) && !empty($_POST['name']) AND isset($_POST['email']) && !empty($_POST['email']) AND ($_POST['password']) && !empty($_POST['password'])){
        $name = mysql_escape_string($_POST['name']); // Turn our post into a local variable
        $email = mysql_escape_string($_POST['email']);
        $password = mysql_escape_string($_POST['email']);// Turn our post into a local variable
    }

$name = mysql_escape_string($_POST['name']);
$email = mysql_escape_string($_POST['email']);
$password = mysql_escape_string($_POST['password']);

if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)){
    // Return Error - Invalid Email
       $msg = 'The email you have entered is invalid, please try again.';
       
}else{
   // Return Success - Valid Email
$msg = 'Your account has been made, <br /> please verify it by clicking the activation link that has been sent to your email.';

}


    $hash = md5( rand(0,1000) ); // Generate random 32 character hash and assign it to a local variable.
    // Example output: f4552671f8909587cf485ea990207f3b

[b]$emailCheck = mysql_query("SELECT email FROM users WHERE email = '".$email."'");
if (mysql_num_rows($emailCheck) > 0) {
       echo "already submitted";
}

else
{[/b]

 
        // We have a match, activate the account
             mysql_query("INSERT INTO users (username, password, email, hash) VALUES(
    '". mysql_escape_string($name) ."',
    '". mysql_escape_string(md5($password)) ."',
    '". mysql_escape_string($email) ."',
    '". mysql_escape_string($hash) ."') ") or die(mysql_error());


Thanks in advance,


G

Hello,

I want to check when adding a new user, that if there are 2 records that has the same recruiter id, it's should give an error, if less, than it makes him complete the registration

Also check if the National ID number is not assigned to another user, so if there is a record that has it, it should give and error, if it's unavailable, it should let him complete the registration

here is my code

register.html

Code: [Select]
<html>
  <form action="post.php" method="post">
<table>
<tr><td>First Name: <input type="text" name="fname" /></td></tr>
<tr><td>Middle Name: <input type="text" name="mname" /></td></tr>
<tr><td>Last Name: <input type="text" name="lname" /></td></tr>
<tr><td>Mobile: <input type="text" name="mobile" /></td></tr>
<tr><td>Telephone: <input type="text" name="tel" /></td></tr>
<tr><td>Address: <input type="text" name="address" /></td></tr>
<tr><td>Job Title: <input type="text" name="job" /></td></tr>
<tr><td>Company: <input type="text" name="company" /></td></tr>
<tr><td>National ID Number: <input type="text" name="nid" /></td></tr>
<tr><td>Recruiter ID: <input type="text" name="recruiteris" /></td></tr>
<tr><td>Email: <input type="text" name="email" /></td></tr>
<tr><td>Password: <input type="password" name="password" /></td></tr>
<tr><td>Type: <input type="text" name="type" /></td></tr>

<tr><td><input type="submit" /></td></tr>

</table>
</form></html>


post.php

Code: [Select]
<?php

$sql="INSERT INTO users (id,fname, mname, lname, mobile, tel, address, job, company, nid, recruiteris, email, password, type)
VALUES
('','$_POST[fname]','$_POST[mname]','$_POST[lname]','$_POST[mobile]','$_POST[tel]','$_POST[address]','$_POST[job]','$_POST[company]','$_POST[nid]','$_POST[recruiteris]','$_POST[email]','$_POST[password]','$_POST[type]')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "1 record added";
echo "<br />";
echo "<a href='http://waw-eg.com/admin/register.html'>Add More Client? Click Here</a><br/>";  
echo "<a href='http://waw-eg.com/admin/Users.php'>View Users Click Here</a>";

mysql_close($con)
?>

What is the best/proper way to check if a supplied URL goes to an actual image?  My site will allow users to enter an image URL (like "http://example.com/images/monkey.jpg").  I will store the URL they enter in a MySQL database and then will call it up later and do some resizing to these images. 

But I don't want to try to do any resizing if the URL they supply doesn't actually go to an image, or if it's blank (i.e. the user didn't enter a URL yet). 

So basically, I will run a MySql query to pull back the contents of the column called "imageurl".  Let's say those contents are stored in a variable called $imageurl.  This is what I'm trying to accomplish....

Code: [Select]
if ($theimageurl does NOT contain a URL to an image OR is blank) {
// do this
} else {
//run my resizing code
}
I guess i could do this to check to see if it's blank, but not sure this is proper/most efficient way to check that part of the issue...

Code: [Select]
if (trim($theimageurl) == "")
But greater than the "is it blank" concern is that people may enter URLs that just to a regular website so whether it's at this point in my code (or for security, I should probably do it BEFORE inserting it into my database :/ ) so curious if there are any functions that check to see if it's an image URL or not.  I know of file_exists, but I'm pretty sure that's just checking to see if a file exists and doesn't check image URLs.

Any info/suggestions would be appreciated as always! 

And if there are any recommended functions to check/clean the user-entered URL BEFORE it's entered into the database, please share

Thanks!

I have no idea why it's doing it. I know I'm missing something, but everything looks right to me. When you submit the registration form it just does the error, and properties say its the process page, so this code below. Sorry posting it all, I'm just not sure period.

Code: [Select]
<?php
require('connect.php');

//check all the posted info
function getInfo() {
$error = array();
$fname = validateFirstname($_POST['fname']);
$lname = validateLastname($_POST['lname']);
$uname = validateUsername($_POST['uname']);
$email = validateEmail($_POST['email']);
$password = validatePass($_POST['password1'], $_POST['password2']);
$phone = validatePhone($_POST['phone']);

//check for errors
error();
}
function validateFirstname($str) {
//This allows just alpha characters and must be at least 2 characters.
if (preg_match('/^[a-zA-Z0-9]{2,}$/',$str)) {
return  preg_match('/^[a-zA-Z0-9]{2,}$/',$str);
} else {
$error[] = 'Please enter a valid first name!';
}

}
function validateLastname($str) {
//This allows just alpha characters and must be at least 2 characters.
if (preg_match('/^[a-zA-Z0-9]{2,}$/',$str)) {
return  mysql_real_escape_string($str);
} else {
$error[] = 'Please enter a valid last name!';
} 

}
function validateUsername($str) {
//connect to database
$link = mysql_connect($db_host, $db_user, $db_pass); 
if (!$link) {
     die('Could not connect: ' . mysql_error());
}

mysql_select_db($db_name);
//pull usernames to make sure new is unique
$sql = "SELECT username FROM users WHERE username = '".$str."'";
if ($sql == "") {
//This allows just alphanumeric characters and must be 4 - 15 characters.
if (preg_match('/^[a-zA-Z0-9]{4,15}$/',$str)) {
return mysql_real_escape_string($str); 
} else {
$error[] = 'Please enter a valid user name!';
}
} else {
$error[] = 'This user name is already registered!';
}
}
function validateEmail($str) {
//connect to database
$link = mysql_connect($db_host, $db_user, $db_pass); 
if (!$link) {
     die('Could not connect: ' . mysql_error());
}

mysql_select_db($db_name);
//pull usernames to make sure new is unique
$sql = "SELECT email FROM users WHERE email = '".$str."'";
if ($sql == "") {
if (preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\._-]+)+$/",$str)) {
     return mysql_real_escape_string($str); 
}else{
$error[] = 'Please enter a valid email!';   
}
} else {
$error[] = 'This email is already registered!';
}
}
function validatePass($str, $str2) {
//This allows just alphanumeric characters and must be 6-15 characters.
if ($str == $str2) {
if (preg_match('/^[a-zA-Z0-9]{6,15}$/',$str)) {
return md5(mysql_real_escape_string($str)); 
} else {
$error[] = 'Please enter a valid password!';
}
} else {
$error[] = 'Passwords do not match!';
}
}
function validatePhone($str) {
//This allows just alpha characters and must be at least 2 characters.
if (preg_match('/^[0-9]{0,11}$/',$str)) {
return  mysql_real_escape_string($str);
} else {
$error[] = 'Please enter a valid phone number!';
} 

}
function error() {
if ($error[] == '') {
addInfo();
} else {
echo "<a href='javascript: history.go(-1)'><-- Go Back</a><br>";
echo $error[];
}
}
function addInfo() {
//setcookie("site_user", $Name, time() + 31536000, "/"); 
//setcookie("site_pass", $Password, time() + 31536000, "/"); 

//Connect to database from here
$link = mysql_connect($db_host, $db_user, $db_pass); 
if (!$link) {
     die('Could not connect: ' . mysql_error());
}
//activation link
$a = md5(uniqid(rand(), true));
//select the database | Change the name of database from here
mysql_select_db($db_name);
$sql="INSERT INTO users (firstname,lastname,email,username,password,phone,active,ip,rank,acctcreated) VALUES ('$fname','$lname','$uname',$email','$lastpass','$phone',$a','$ip','$rank',NOW())";
}

// Send the email:
$message = " To activate your account, please click on this link:\n\n";
$message .= WEBSITE_URL . '/activate.php?email=' . urlencode($Email) . "&key=$activation";
mail($Email, 'Registration Confirmation', $message, 'From:'.EMAIL);

// Flush the buffered output.
// Finish the page:
echo '<div class="success">Thank you for registering! A confirmation email has been sent to ' . $Email .' Please click on the Activation Link to Activate your account </div>';


?>

The Error Message:

Warning: include(): http:// wrapper is disabled in the server configuration by allow_url_include=0 in C:\xampp\htdocs\ubergallery\multiple_image_upload\multiupload.php on line 27

Warning: include(http://localhost/ubergallery/multiple_image_upload/upload.php): failed to open stream: no suitable wrapper could be found in C:\xampp\htdocs\ubergallery\multiple_image_upload\multiupload.php on line 27

Warning: include(): Failed opening 'http://localhost/ubergallery/multiple_image_upload/upload.php' for inclusion (include_path='.;C:\xampp\php\PEAR') in C:\xampp\htdocs\ubergallery\multiple_image_upload\multiupload.php on line 27

I am getting this error message.   Including a stylesheet or a jquery file with the absolute path does work out, with this I was looking to include a PHP script with the absolute path.   Here is the code:

<!DOCTYPE html>
<html>
    <head>
		<title>Upload Multiple Images Using jquery and PHP</title>
		<!-------Including jQuery from google------>
        <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
        <script src="script.js"></script>
		
		<!-------Including CSS File------>
        <link rel="stylesheet" type="text/css" href="style.css">
    <body>
        <div id="maindiv">

            <div id="formdiv">
                <h2>Multiple Image Upload Form</h2>
                <form enctype="multipart/form-data" action="" method="post">
                    First Field is Compulsory. Only JPEG,PNG,JPG Type Image Uploaded. Image Size Should Be Less Than 100KB.
                    <hr/>
                    <div id="filediv"><input name="file[]" type="file" id="file"/></div><br/>
           
                    <input type="button" id="add_more" class="upload" value="Add More Files"/>
                    <input type="submit" value="Upload File" name="submit" id="upload" class="upload"/>
                </form>
                <br/>
                <br/>
				<!-------Including PHP Script here------>
                <?php include("http://localhost/ubergallery/multiple_image_upload/upload.php"); ?>
            </div>
           
		   <!-- Right side div -->
            <div id="formget"><a href=http://www.formget.com/app><img src="formget.jpg" alt="Online Form Builder"/></a>
            </div>
        </div>
    </body>
</html>

I was looking to include "upload.php" with the absolute path.   Any suggestions what to do here?

I'm getting the error below when I run my script on my remote server.  I'm providing a relative path to this file and it works on my local server (XAMPP).  I've researched it a bit and I think it has to do with how I indicate the path to the file on the remote server.  I don't know what to do about it, however.  I hope someone can help me.  The file is in the indicated directory on the remote server and there are no permissions issues that I am aware of.  The mystery phrase is:

include_path='.:/opt/cpanel/ea-php73/root/usr/share/pear'

 

--Kenoli

Warning: require(bootstrap/start.php): failed to open stream: No such file or directory in /home4/ournight/public_html/tio-new/__classes/pi_admin.php on line 3
Warning: require(bootstrap/start.php): failed to open stream: No such file or directory in /home4/ournight/public_html/tio-new/__classes/pi_admin.php on line 3
Fatal error: require(): Failed opening required 'bootstrap/start.php' (include_path='.:/opt/cpanel/ea-php73/root/usr/share/pear') in /home4/ournight/public_html/tio-new/__classes/pi_admin.php on line 3

 

I've been looking for a function or a couple of functions which will allow me to get the Certificate Expiration date for a given website. I've tried openSSL, but their functions only seem to work on the current server, which is useless to me because my server doesn't allow SSL or certificates. I just want the certificate of an external website, e.g. www.gna.org has a certificate (signed by themselves, but a certificate nonetheless).
I've also tried cURL, since that allows you to access a remote server, but that will just check their certificate - it doesn't offer any functionality for e.g. checking when it will expire.

This seems like a simple enough question, but I haven't found anything about it anywhere, so I'm asking here.

Thanks a bunch in advance,
-IsmAvatar