PHP - How To Integrate Active Directory In Php
Hi...
I am pretty new to ldap and active directory I am creating a site and want to use Active Directory users as the login to the site. This would be the best way to allow everyone to the site and keep the users and passwords up to date. How do you use PHP to talk with Active Directory to do this login? I have read things about LDAP. Do you have to have that? If so, how do you get that to work? and how to configure ldap and where to configure ldap is it server or in my local system. Please give me an idea how to configure n how to integrate active directory Similar TutorialsSorry if i posted this in the wrong place but i dident see anthing about Active Directory or Security Questions
But has anyone used Active Directory as their User Database? Has anyone even tryed braking Active Directory with injection attacks?
Notes that i have found so far:
Php Sends to CMD first so encode userdata in base64 as a transport layer
$rand is a random number to prevent users from useing Success: as a ligitimate user
You will need to clean up the many many spaces that powershell sends back as it is a concole
Special Charicters dont need to be escaped
I am using
Win 2008 RC2
Apache
PHP (of course)
Powershell
Active Directory
PHP Script
$psScriptPath = 'C:/Apache/PSScripts/' //Path outside Website Root $rand = mt_rand(mt_getrandmax(),mt_getrandmax()); //UTF-8 Standard only $username = utf8_decode($_POST["username"]); $password = utf8_decode($_POST["password"]); $base64_username = base64_encode($username); //Transport Layer Base64 $base64_password = base64_encode($password); //Transport Layer Base64 //The danger happens here as it is sent to powershell. $query = shell_exec('powershell.exe -ExecutionPolicy ByPass -command "' . $psScriptPath . '" < NUL -rand "' . $rand . '" < NUL -base64_username "' . $base64_username . '" < NUL -base64_password "' . $base64_password . '" < NUL');// Execute the PowerShell script, passing the parametersPowershell Script #*============================================================================= #* Script Name: adpwchange2014.ps1 #* Created: 2014-10-07 #* Author: #* Purpose: This is a simple script that queries AD users. #* Reference Website: http://theboywonder.co.uk/2012/07/29/executing-powershell-using-php-and-iis/ #* #*============================================================================= #*============================================================================= #* PARAMETER DECLARATION #*============================================================================= param( [string]$base64_username, [string]$base64_password, [string]$rand ) #*============================================================================= #* IMPORT LIBRARIES #*============================================================================= if ((Get-Module | where {$_.Name -match "ActiveDirectory"}) -eq $null){ #Loading module Write-Host "Loading module AcitveDirectory..." Import-Module ActiveDirectory }else{ write-output "Error: Please install ActiveDirectory Module" EXIT NUL Stop-Process -processname powershell* } #*============================================================================= #* PARAMETERS #*============================================================================= $username = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($base64_username)) $password = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($base64_password)) #*============================================================================= #* INITIALISE VARIABLES #*============================================================================= # Increase buffer width/height to avoid PowerShell from wrapping the text before # sending it back to PHP (this results in weird spaces). $pshost = Get-Host $pswindow = $pshost.ui.rawui $newsize = $pswindow.buffersize $newsize.height = 1000 $newsize.width = 300 $pswindow.buffersize = $newsize #*============================================================================= #* EXCEPTION HANDLER #*============================================================================= #*============================================================================= #* FUNCTION LISTINGS #*============================================================================= Function Test-ADAuthentication { Param($Auth_User, $Auth_Pass) Write-Output "Running Function Test-ADAuthenication" $domain = $env:USERDOMAIN Add-Type -AssemblyName System.DirectoryServices.AccountManagement $ct = [System.DirectoryServices.AccountManagement.ContextType]::Domain $pc = New-Object System.DirectoryServices.AccountManagement.PrincipalContext($ct, $domain) $pc.ValidateCredentials($Auth_User, $Auth_Pass).ToString() } #*============================================================================= #* SCRIPT BODY #*============================================================================= Write-Output $PSVersionTable Write-Output " " $authentication = Test-ADAuthentication "$username" "$password" if ($authentication -eq $TRUE) { Write-Output "Success:$rand Authentication" }elseif ($authentication -eq $FALSE) { Write-Output "Failed:$rand Authentication" }else { Write-Output "Error: EOS" EXIT NUL Stop-Process -processname powershell* } #*============================================================================= #* SCRIPT Exit #*============================================================================= Write-Output "End Of Script" EXIT NUL Stop-Process -processname powershell* I am new to PHP. I have been trying to do some research online for a few days and not getting very far. I feel like I know less now than I did before I started. Here's the story: I've set up a LAMP server that runs a Wiki and AppGini (http://www.bigprof.com/appgini/) - AppGini allows you to "Create web database applications instantly without writing any code" - The only downside we have with it, is it's got it's own set of user accounts. My team all logs in with the default admin account which isn't a big deal but we'd prefer to use LDAP to AD for reasons I won't get into right now. I emailed AppGini support and asked about LDAP integration. Their response was that it's "a little bit of work" and "You can modify the login authentication function to authenticate using LDAP ... please see the example code he http://code.activestate.com/recipes/101525-ldap-authentication/ (needs some modifications to work with AppGini)" I've googled around and found 2 dozen different LDAP PHP samples. I've gotten some of them to work. By work I mean they connect to my domain controller and say "success" I'm not actually logged into anything. So I'm looking for a little help from square one. I need to have a better understanding of how things are supposed to work so I know where I'm supposed to go with all of this. Where do I start? What do I do? What would YOU do? This is the current "index.php" that logs you into the site. Code: [Select] <?php error_reporting(E_ALL ^ E_NOTICE); $d=dirname(__FILE__); include("$d/defaultLang.php"); include("$d/language.php"); include("$d/incCommon.php"); $x->TableTitle=$Translation['homepage']; include("$d/header.php"); if($_GET['signOut']==1){ logOutMember(); } $tablesPerRow=2; $arrTables=getTableList(); ?> <div align="center"><table cellpadding="8"> <?php if($_GET['loginFailed']==1 || $_GET['signIn']==1){ ?> <tr><td colspan="2" align="center"> <?php if($_GET['loginFailed']){ ?> <div class="Error"><?php echo $Translation['login failed']; ?></div> <?php } ?> <form method="post" action="index.php"> <table border="0" cellspacing="1" cellpadding="4" align="center"> <tr> <td colspan="2" class="TableHeader"> <div class="TableTitle"><?php echo $Translation['sign in here']; ?></div> </td> </tr> <tr> <td align="right" class="TableHeader"> <?php echo $Translation['username']; ?> </td> <td align="left" class="TableBody"> <input type="text" name="username" value="" size="20" class="TextBox"> </td> </tr> <tr> <td align="right" class="TableHeader"> <?php echo $Translation['password']; ?> </td> <td align="left" class="TableBody"> <input type="password" name="password" value="" size="20"class="TextBox"> </td> </tr> <tr> <td colspan="2" align="right" class="TableHeader"> <span style="margin: 0 20px;"><input type="checkbox" name="rememberMe" id="rememberMe" value="1"> <label for="rememberMe"><?php echo $Translation['remember me']; ?></label></span> <input type="submit" name="signIn" value="<?php echo $Translation['sign in']; ?>"> </td> </tr> <tr> <td colspan="2" align="left" class="TableHeader"> <?php echo $Translation['go to signup']; ?> <br /><br /> </td> </tr> <tr> <td colspan="2" align="left" class="TableHeader"> <?php echo $Translation['forgot password']; ?> <br /><br /> </td> </tr> <tr> <td colspan="2" align="left" class="TableHeader"> <?php echo $Translation['browse as guest']; ?> <br /><br /> </td> </tr> </table> </form> <script>document.getElementsByName('username')[0].focus();</script> </td></tr> <?php } ?> <?php if(!$_GET['signIn'] && !$_GET['loginFailed']){ if(is_array($arrTables)){ if(getLoggedAdmin()){ ?><tr><td colspan="<?php echo ($tablesPerRow*3-1); ?>" class="TableTitle" style="text-align: center;"><a href="admin/"><img src=table.gif border=0 align="top"></a> <a href="admin/" class="TableTitle" style="color: red;"><?php echo $Translation['admin area']; ?></a><br /><br /></td></tr><?php } $i=0; foreach($arrTables as $tn=>$tc){ $tChk=array_search($tn, array()); if($tChk!==false && $tChk!==null){ $searchFirst='?Filter_x=1'; }else{ $searchFirst=''; } if(!$i % $tablesPerRow){ echo '<tr>'; } ?><td valign="top"><a href=<?php echo $tn; ?>_view.php<?php echo $searchFirst; ?>><img src=<?php echo $tc[2];?> border=0></a></td><td valign="top" align="left"><a href=<?php echo $tn; ?>_view.php<?php echo $searchFirst; ?> class="TableTitle"><?php echo $tc[0]; ?></a><br /><?php echo $tc[1]; ?></td><?php if($i % $tablesPerRow == ($tablesPerRow - 1)){ echo '</tr>'; }else{ echo '<td width="50"> </td>'; } $i++; } }else{ ?><tr><td><div class="Error"><?php echo $Translation['no table access']; ?><script language="javaScript">setInterval("window.location='index.php?signOut=1'", 2000);</script></div></td></tr><?php } } ?> </table><br /><br /><div class="TableFooter"><b><a href=http://bigprof.com/appgini/>BigProf Software</a> - <?php echo $Translation['powered by']; ?> AppGini 4.61</b></div> </div> </html> Hi guys, I've been working on a script for a while now, and I'm sure it doesn't look great and all, and it's probably really messed up.. But right now I've finally got it working! There's only 1 thing I'd really like to add.. Searching through & listing of remote directories! The directories I'm trying to list have directory listings enabled, and I think it *should* be possible. I just have no clue how. Here's my current code in a beautiful mix of HTML and PHP: <? $border_size = "0"; function returner($what) { $what=explode("/",$what); $tps=count($what); $what=$what[$tps-1]; return $what; } $page_url= ""; $home_url=returner(__FILE__); if(isset($_GET['q'])) { $qtext=$_GET['q']; } else { $qtext=""; } function getdirsize($directory, $format=FALSE) { $size = 0; if(substr($directory,-1) == '/') { $directory = substr($directory,0,-1); } if(!file_exists($directory) || !is_dir($directory) || !is_readable($directory)) { return -1; } if($handle = opendir($directory)) { while(($file = readdir($handle)) !== false) { $path = $directory.'/'.$file; if($file != '.' && $file != '..') { if(is_file($path)) { $size += filesize($path); } elseif(is_dir($path)) { $handlesize = getdirsize($path); if($handlesize >= 0) { $size += $handlesize; } else { return -1; } } } } closedir($handle); } if($format == TRUE) { if($size / 1048576 > 1) { return round($size / 1048576, 1).' MB'; } elseif($size / 1024 > 1) { return round($size / 1024, 1).' KB'; } else { return round($size, 1).' bytes'; } } else { return $size; } } if(isset($_GET['type'])){ $type=$_GET['type']; } else { $type="new"; } $textures=0; $models=0; $avatars=0; $seqs=0; $sounds=0; foreach (glob("textures/*.jpg") as $texture){ $textures++; } foreach (glob("models/*.zip") as $model){ $models++; } foreach (glob("avatars/*.zip") as $avatar){ $avatars++; } foreach (glob("seqs/*.zip") as $seq){ $seqs++; } foreach (glob("sounds/*.zip") as $sound){ $sounds++; } ?> <!DOCTYPE html> <html> <head> <title>ObjectPath Search</title> <style type="text/css"> #wrapper { width: 850px; margin: 30px auto 30px auto; padding: 10px; } body { color:#C6C6C6; background:#1E1E1E; /* margin:0; padding:0; */ overflow-x:hidden; } #tabs { font: 85% "Trebuchet MS", sans-serif; } .left { float: left; } .right { float: right; } a:link, a:visited, a:active { color: #3DB015; text-decoration: none; } a:hover { color: #00E0FF; } h2 { color: #3DB015; padding-bottom: 0.2em; font-size: 110%; } ul#icon {margin: 0; padding: 0;} ul#icon li {margin: 1px; position: relative; padding: 1px 0; cursor: pointer; float: left; list-style: none;} ul#icon span.ui-icon {float: left; margin: 0 1px;} </style> <link type="text/css" href="http://objects.jk-hosting.com/search/css/black-tie/jquery-ui-1.8.2.custom.css" rel="stylesheet" /> <script type="text/javascript" src="http://objects.jk-hosting.com/search/js/jquery-1.4.2.min.js"></script> <script type="text/javascript" src="http://objects.jk-hosting.com/search/js/jquery-ui-1.8.2.custom.min.js"></script> <script type="text/javascript"> function formHandler(form){ var URL = document.form.site.options[document.form.site.selectedIndex].value; window.location.href = URL; }; $(function(){ // Tabs $('#tabs').tabs(); }); </script> </head> <body> <div id="wrapper"> <div id="tabs"> <!-- Tabs start --> <ul> <li><a href="#tab-search">Search</a></li> <li><a href="#tab-list">List Objects</a></li> <li><a href="#tab-info">OP info</a></li> </ul> <div id="tab-search"><!-- Searchtab start --> Please enter a string to search for, and choose a folder to search in. <br /><br /> <form name="Search"> <input type='hidden' value='search' name='type'> <input value='<? print $qtext; ?>' type='text' name='q'> <select name='map'> <option selected='selected' value='models'>Models</option> <option value='avatars'>Avatars</option> <option value='textures'>Textures</option> <option value='seqs'>Seqs</option> <option value='sounds'>Sounds</option></select> <input type='submit' value='Search'> </form> </div> <!-- Searchtab end --> <div id="tab-list"><!-- Listtab start --> Please pick a folder to browse. <br /><br /> <form name="form"> <select name="site" onChange="javascript:formHandler()"> <option value="#">Look in folder...</option> <option value="<? print $page_url; ?>?type=list&map=models">Models</option> <option value="<? print $page_url; ?>?type=list&map=avatars">Avatars</option> <option value="<? print $page_url; ?>?type=list&map=textures">Textures</option> <option value="<? print $page_url; ?>?type=list&map=seqs">Seqs</option> <option value="<? print $page_url; ?>?type=list&map=sounds">Sounds</option> </select> </form> </div> <!-- Listtab end --> <div id="tab-info"><!-- Info tab start --> The OP currently contains: <br /><br /> <table> <tr><td><b><? echo $models; ?></b></td> <td>Models</td></tr> <tr><td><b><? echo $avatars; ?></b></td> <td>Avatars</td></tr> <tr><td><b><? echo $textures; ?></b></td> <td>Textures</td></tr> <tr><td><b><? echo $seqs; ?></b></td> <td>Seqs</td></tr> <tr><td><b><? echo $sounds; ?></b></td> <td>Sounds</td></tr> </table> </div> <!-- Info tab end --> </div> <!-- Tabs end --> </div> <!-- Start PHP generated content --> <? if($type=="search" || $type=="list") { $M=$_GET['map']; if($type=="search") { $Q=$_GET['q']; $empty="Nothing found with <b>\"" . $Q . "\"</b> in it's name.<br />\nPlease make a more general search query, or try a different folder.\n\n"; } else { $Q=""; $empty='This folder is empty'; } if($M=="textures") { $ext="jpg"; } else { $ext="zip"; } $i=0; print "<hr>\n"; $endfile=array(); $endsize=array(); $endsize2=array(); foreach (glob($M."/*".$Q."*.".$ext) as $filename) { $filename = explode(".", $filename); $filename=$filename[0]; $filename = explode("/", $filename); $filename=$filename[1]; $i++; $endfile[$i]=$filename; if($ext=="jpg") { $endfile[$i]="<a name='".$endfile[$i]."' href='".$pageurl."?type=view&name=".$endfile[$i]."&folder=".$M."&from=".$type."&addon=".$Q."'>".$endfile[$i]."</a>"; } $endsize[$i]=$size; $endsize2[$i]=$size2; } if($i != 1) { print "<b>".$i."</b> items were found.\n<hr>\n"; } else { print "<b>".$i."</b> item was found.\n<hr>\n"; } echo("<table width='100%' border='" . $border_size . "' cellspacing='0' cellpadding='0' >\n"); if($i!=0) { for ($t = 1; $t < $i; $t++) { $thumbfile = $M."/".$endfile[$t].'.jpg'; if(file_exists($thumbfile)) { $thumbnail = "<a name='".$endfile[$t]."' href='".$page_url."?type=view&name=".$endfile[$t]."&folder=".$M."&from=".$type."&addon=".$Q."'><ul id='icon'><li class='ui-state-default ui-corner-all' title='".$endfile[$t]."'><span class='ui-icon ui-icon-image'></span></li></ul></a>"; } else { $thumbnail = ""; } if($t=="1") { echo("<tr><td width='10%'>Number</td><td width='3%'><ul id='icon'><li class='ui-state-default ui-corner-all' title='".$endfile[$t]."'><span class='ui-icon ui-icon-image'></span></li></ul></td><td width='60%'>Name</td></tr>\n"); } echo("<tr><td>" . $t . "</td><td>".$thumbnail."</td><td>" . $endfile[$t] . "</td></tr>\n"); flush(); } $thumbfile = $M."/".$endfile[$t].'.jpg'; if(file_exists($thumbfile)) { $thumbnail = "<a name='".$endfile[$t]."' href='".$page_url."?type=view&name=".$endfile[$t]."&folder=".$M."&from=".$type."&addon=".$Q."'><ul id='icon'><li class='ui-state-default ui-corner-all' title='".$endfile[$t]."'><span class='ui-icon ui-icon-image'></span></li></ul></a>"; } else { $thumbnail = ""; } echo("<tr><td>" . $t . "</td><td>".$thumbnail."</td><td>" . $endfile[$t] . "</td></tr>\n"); } print "</table>\n"; if($i=="0") { print $empty; } } elseif($type=="view") { $filename=$_GET['name']; $folder=$_GET['folder']; if($_GET['from']=="list"){ $addon="?type=list&map=".$folder."#".$filename; } if($_GET['from']=="search"){ $addon="?type=search&q=".$filename."&map=".$folder."#".$filename; } print"<center><a href='".$home_url."'>Home</a></center>"; print "<hr>\n<center><img src='".$folder."/".$filename.".jpg'></img></center>\n<hr>\n<br />\n<a href='".$page_url."".$addon."'>Previous Page</a>\n"; } $htmlshow=""; if($_GET['type']=="returnOPfile") { if(isset($_GET['split'])) { $splitter=$_GET['split']; } else { $splitter=" | "; } if(isset($_GET['html'])) { $htmlshow="<br />"; } foreach (glob("textures/*.jpg") as $texture){ if(isset($_GET['size'])) { $size=$splitter.filesize($texture); } $texture = explode("/", $texture); $texture=$texture[1]; print "textures".$splitter.$texture.$size."\n".$htmlshow; } foreach (glob("models/*.zip") as $model){ if(isset($_GET['size'])) { $size=$splitter.filesize($model); } $model = explode("/", $model); $model=$model[1]; print "models".$splitter.$model.$size."\n".$htmlshow; } foreach (glob("avatars/*.zip") as $avatar){ if(isset($_GET['size'])) { $size=$splitter.filesize($avatar); } $avatar = explode("/", $avatar); $avatar=$avatar[1]; print "avatars".$splitter.$avatar.$size."\n".$htmlshow; } foreach (glob("seqs/*.zip") as $seq){ if(isset($_GET['size'])) { $size=$splitter.filesize($seq); } $seq = explode("/", $seq); $seq=$seq[1]; print "seqs".$splitter.$seq.$size."\n".$htmlshow; } foreach (glob("sounds/*.zip") as $sound){ if(isset($_GET['size'])) { $size=$splitter.filesize($sound); } $sound = explode("/", $sound); $sound=$sound[1]; print "sounds".$splitter.$sound.$size."\n".$htmlshow; } } ?> <!-- End PHP generated content --> </body> </html> So right now my question to you PHP freaks is, can you please help me edit my script so I can search through a remote directory? *This* is one of the directories I wish to be able to search through & list.. Thanks in advance. Edit; It might help if you know what the site currently looks like. *Click* Hi, Can any help me out how to integrate skype with php? or poeple leave a message on my skype through php? Is there a PHP "API" that can connect to GoDaddy, list domains, change the dns and whois? Possibly add new domains? I highly doubt it, and if not, I'll start writing one. However, GoDaddy uses what must be the worst HTML code EVER. WHO THE @$%^ uses javascript FOR EVERY LINK. That is just plain unnecessary. And I have a feeling GoDaddy wouldn't like such an API, and would make any attempt to break it Thanks Hi there, This forum has been helpful to me so far. I'd like to thank you for your help. Now the question is, we will be using xe.com services for our shopping cart and prices. Based to the customer's location the currency must change. For example, if the customer is sitting in Europe, the currency for the product and the shopping cart will be displayed in Euros, similarly for the US customers it will be in USD. I would like to know how we can do this using xe.com and what steps are required. Any comments/feedbacks are always welcome! Thank you! Hi guy's, I'm trying to integrate a shopping cart, but my knowledge is lacking. I've tried allot, but mostly it resulted in displaying nothing or a bunch of errors. Here's where i'm at. Code: [Select] function getProducts() { //Function to display the products on the front end //Create the MYSQL db connection $db = new Connection(DB_HOST, DB_USER, DB_PASS, T4_DB_NAME); //Query the DB for all the products $result = $db->query('SELECT * FROM user_photos'); // for testing purposes //Set the items variable so that you can add to it in the loop below $items = ''; //Loop through the mysql results $id = $_GET['id']; $username = $_GET['username']; // NOTE: if i do a while here, it display's all pictures of every user and loops the pictures for 16 times. // If i do a if i can click the image, but the thumnail is not displaying and the title is that of the admin // and only one image is displayed, while a user has more pictures. while($row = mysql_fetch_assoc($result)) { $items .= ' <div class="product"> <h3>'.stripslashes($row['title']).'</h3> <div class="info"> <a href=/secure/users/'.$username .'/pics/'. stripslashes($row['reference']).'> <img src=/secure/users/'.$username .'/pics/thumbs/'. stripslashes($row['thumbnail']).'></a> <div class="price">€'.number_format($row['price'], 2).'</div> <a href="addToCart.php?ID='.$id.'">Add to cart</a> </div> </div> '; } echo $items; } See NOTE in code: // NOTE: if i do a while here, it display's all pictures of every user and loops the pictures for 16 times. // If i do a if i can click the image, but the thumnail is not displaying and the title is that of the admin // and only one image is displayed, while a user has more pictures. (id=1) while it should be 25. (title= that of the admin). (thumbnail not displaying) The username and path is correct, because when you click on the broken image it display's the bigger picture of the user who's logged in. Who is so kind to help me out here? Martijn Hi Im using a php theme script and I want to use jcart with this script. The thing is my theme scrip dosen't use echo. When I need to display something I have to use something like this $_PAGE = "<div id='jcart'>..." and if i use echo i recieve header error. i changed couple of thing and now i cant see cart but when i click add to cart button it says Item added but all cart is disappearing. you can see here could you help me please thanks. Code: [Select] <THEME Name={ShopNavDivEnd}> </ul> </div> <br /><br /><br /><br /> <VAR>_JCART</VAR> </div> </THEME> this is shop.php Code: [Select] $_JCART .= "<div id='jcart'>".$jcart->display_cart()."</div>"; i changed the jcart.php class to like this. I mean all echo to $_PAGE .= "..." Code: [Select] // Return specified number of tabs to improve readability of HTML output function tab($n) { $tabs = null; while ($n > 0) { $tabs .= "\t"; --$n; } return $tabs; } // If there's an error message wrap it in some HTML if ($errorMessage) { $errorMessage = "<p id='jcart-error'>$errorMessage</p>"; } // Display the cart header $_JCART .= tab(1) . "$errorMessage\n"; $_JCART .= tab(1) . "<form method='post' action='$checkout'>\n"; $_JCART .= tab(2) . "<fieldset>\n"; $_JCART .= tab(3) . "<input type='hidden' name='jcartToken' value='{$_SESSION['jcartToken']}' />\n"; $_JCART .= tab(3) . "<table border='1'>\n"; $_JCART .= tab(4) . "<thead>\n"; $_JCART .= tab(5) . "<tr>\n"; $_JCART .= tab(6) . "<th colspan='3'>\n"; $_JCART .= tab(7) . "<strong id='jcart-title'>{$config['text']['cartTitle']}</strong> ($this->itemCount $itemsText)\n"; $_JCART .= tab(6) . "</th>\n"; $_JCART .= tab(5) . "</tr>". "\n"; $_JCART .= tab(4) . "</thead>\n"; // Display the cart footer $_JCART .= tab(4) . "<tfoot>\n"; $_JCART .= tab(5) . "<tr>\n"; $_JCART .= tab(6) . "<th colspan='3'>\n"; // If this is the checkout hide the cart checkout button if ($isCheckout !== true) { if ($config['button']['checkout']) { $inputType = "image"; $src = " src='{$config['button']['checkout']}' alt='{$config['text']['checkout']}' title='' "; } $_JCART .= tab(7) . "<input type='$inputType' $src id='jcart-checkout' name='jcartCheckout' class='jcart-button' value='{$config['text']['checkout']}' />\n"; } $_JCART .= tab(7) . "<span id='jcart-subtotal'>{$config['text']['subtotal']}: <strong>$currencySymbol" . number_format($this->subtotal, $priceFormat['decimals'], $priceFormat['dec_point'], $priceFormat['thousands_sep']) . "</strong></span>\n"; $_JCART .= tab(6) . "</th>\n"; $_JCART .= tab(5) . "</tr>\n"; $_JCART .= tab(4) . "</tfoot>\n"; $_JCART .= tab(4) . "<tbody>\n"; // If any items in the cart if($this->itemCount > 0) { // Display line items foreach($this->get_contents() as $item) { $_JCART .= tab(5) . "<tr>\n"; $_JCART .= tab(6) . "<td class='jcart-item-qty'>\n"; $_JCART .= tab(7) . "<input name='jcartItemId[]' type='hidden' value='{$item['id']}' />\n"; $_JCART .= tab(7) . "<input id='jcartItemQty-{$item['id']}' name='jcartItemQty[]' size='2' type='text' value='{$item['qty']}' />\n"; $_JCART .= tab(6) . "</td>\n"; $_JCART .= tab(6) . "<td class='jcart-item-name'>\n"; if ($item['url']) { $_PAGE .= tab(7) . "<a href='{$item['url']}'>{$item['name']}</a>\n"; } else { $_PAGE .= tab(7) . $item['name'] . "\n"; } $_JCART .= tab(7) . "<input name='jcartItemName[]' type='hidden' value='{$item['name']}' />\n"; $_JCART .= tab(6) . "</td>\n"; $_JCART .= tab(6) . "<td class='jcart-item-price'>\n"; $_JCART .= tab(7) . "<span>$currencySymbol" . number_format($item['subtotal'], $priceFormat['decimals'], $priceFormat['dec_point'], $priceFormat['thousands_sep']) . "</span><input name='jcartItemPrice[]' type='hidden' value='{$item['price']}' />\n"; $_JCART .= tab(7) . "<a class='jcart-remove' href='?jcartRemove={$item['id']}'>{$config['text']['removeLink']}</a>\n"; $_JCART .= tab(6) . "</td>\n"; $_JCART .= tab(5) . "</tr>\n"; } } // The cart is empty else { $_PAGE = tab(5) . "<tr><td id='jcart-empty' colspan='3'>{$config['text']['emptyMessage']}</td></tr>\n"; } $_JCART .= tab(4) . "</tbody>\n"; $_JCART .= tab(3) . "</table>\n\n"; $_JCART .= tab(3) . "<div id='jcart-buttons'>\n"; if ($config['button']['update']) { $inputType = "image"; $src = " src='{$config['button']['update']}' alt='{$config['text']['update']}' title='' "; } $_JCART .= tab(4) . "<input type='$inputType' $src name='jcartUpdateCart' value='{$config['text']['update']}' class='jcart-button' />\n"; if ($config['button']['empty']) { $inputType = "image"; $src = " src='{$config['button']['empty']}' alt='{$config['text']['emptyButton']}' title='' "; } $_JCART .= tab(4) . "<input type='$inputType' $src name='jcartEmpty' value='{$config['text']['emptyButton']}' class='jcart-button' />\n"; $_JCART .= tab(3) . "</div>\n"; // If this is the checkout display the PayPal checkout button if ($isCheckout === true) { // Hidden input allows us to determine if we're on the checkout page // We normally check against request uri but ajax update sets value to relay.php $_JCART .= tab(3) . "<input type='hidden' id='jcart-is-checkout' name='jcartIsCheckout' value='true' />\n"; // PayPal checkout button if ($config['button']['checkout']) { $inputType = "image"; $src = " src='{$config['button']['checkout']}' alt='{$config['text']['checkoutPaypal']}' title='' "; } if($this->itemCount <= 0) { $disablePaypalCheckout = " disabled='disabled'"; } $_JCART .= tab(3) . "<input type='$inputType' $src id='jcart-paypal-checkout' name='jcartPaypalCheckout' value='{$config['text']['checkoutPaypal']}' $disablePaypalCheckout />\n"; } $_JCART .= tab(2) . "</fieldset>\n"; $_JCART .= tab(1) . "</form>\n\n"; $_JCART .= tab(1) . "<div id='jcart-tooltip'></div>\n"; return $_JCART; } } and this is my theme script Code: [Select] <?php class Theme { var $META = array(); var $JS = array(); var $BodyOn = array(); var $CSS = array(); var $TITLE = ""; var $Charset = "UTF-8"; var $Headers = ''; var $Body = array(); var $Vars = array(); var $ThemeList = array(); var $ThemeDir = ''; var $CacheDir = ''; var $ThemeName = ''; var $FirstTAG = ''; var $FirstPosition = 999999; var $ClassUpdated = 0; var $CompressOutput = true; var $MatchTAG = array( // Find And Replace 'FE' => array( 'Find' => '<FE Array={([^}]+)}>', 'Replace' => "if ( count( \$\\1 ) )\r\n<!TabCount!>{\r\n<!TabCount!>\tforeach ( \$\\1 as \$_KEY => \$_VALUE )\r\n<!TabCount!>\t{\r\n" ), '/FE' => array( 'Find' => '<\/FE>', 'Replace' => "\t}\r\n<!TabCount!>}\r\n" ), 'FF' => array( 'Find' => '<FF Array={([^}]+)}>', 'Replace' => "if ( count( \$\\1 ) )\r\n<!TabCount!>{\r\n<!TabCount!>\tforeach ( \$\\1 as \$_KFY => \$_VALUF )\r\n<!TabCount!>\t{\r\n" ), '/FF' => array( 'Find' => '<\/FF>', 'Replace' => "\t}\r\n<!TabCount!>}\r\n" ), 'IF' => array( 'Find' => '<IF State={([^}]+)}>', 'Replace' => "if ( \\1 )\r\n<!TabCount!>{\r\n" ), '/IF' => array( 'Find' => '<\/IF>', 'Replace' => "}\r\n" ), 'ELIF' => array( 'Find' => '<ELIF State={([^}]+)}>', 'Replace' => "else if ( \\1 )\r\n<!TabCount!>{\r\n" ), '/ELIF' => array( 'Find' => '<\/ELIF>', 'Replace' => "}\r\n" ), 'ELSE' => array( 'Find' => '<ELSE>', 'Replace' => "else\r\n<!TabCount!>{\r\n" ), '/ELSE' => array( 'Find' => '<\/ELSE>', 'Replace' => "}\r\n" ), 'VAR' => array( 'Find' => '<VAR>([^<]+)<\/VAR>', 'Replace' => "\$\\1" ), 'BIT' => array( 'Find' => '<BIT>([a-z0-9_]+)(\(([^<]*)\)|)<\/BIT>', 'Replace' => "t_\\1(\\3)" ), 'DEF' => array( 'Find' => '<DEF>([^<]+)<\/DEF>', 'Replace' => "\\1" ), 'PHP' => array( 'Find' => '<PHP>([^<]+);?<\/PHP>', 'Replace' => "\\1" ), 'THEME' => array( 'Find' => '<THEME Name={([^}]+)}\s*?(Vars?={([^}]+)})?>(.+)<\/THEME>' ), ); var $PredefinedGlobals = array( '_HTML', '_KEY', '_KFY', '_VALUE', '_VALUF', '_GET', '_POST', '_SESSION', '_COOKIE' ); /* * Base Functions * * <FE Array={Dizi}> ... </FE> * <IF State={$a == '4'}> ... </IF> * <ELIF State={$a == '4'}> ... </ELIF> * <ELSE> ... </ELSE> * <VAR> ... </VAR> * <BIT> ... </BIT> * * @param String $ThemeName * @return void */ function Theme() { global $CFG; $this->Charset = $CFG['Theme']['Charset']; $this->META = $CFG['Theme']['Meta']; $this->TITLE = $CFG['Title']; $this->ClassUpdated = filemtime( CLS_DIR . "theme.class.php" ); } /** * * @access public * @return void */ function setTHEME( $ThemeName ) { if ( !is_dir( THM_DIR . $ThemeName ) ) return false; $this->ThemeName = $ThemeName; $this->ThemeDir = THM_DIR . $ThemeName . '/Html/'; $this->CacheDir = CCH_DIR . 'Themes/' . $ThemeName . '/'; $this->initTHEME(); } /** * * @access public * @return void */ function initTHEME() { define( 'IMG_DIR', "http://" . SITE . "/Themes/" . $this->ThemeName . "/Image/" ); $this->loadTheme( "index" ); } function loadTheme( $FileName ) { $FileName = ucfirst( strtolower( $FileName ) ); // Theme HTML Exists ? if ( !file_exists( $this->ThemeDir . $FileName . ".tpl" ) ) { global $CFG; if ( $this->ThemeName != $CFG['Theme']['DefaultTheme'] ) { $_SESSION['ThemeName'] = $CFG['Theme']['DefaultTheme']; header( "Location: ?" ); die( 'falan filan' ); } else die( "Theme File Not Found: " . $FileName . ".tpl" ); } $this->ThemeList = array(); // Theme Cache Exists ? And Newer than the Theme HTML ? if ( file_exists( $this->CacheDir . $FileName . ".tpl.php" ) AND ( filemtime( $this->CacheDir . $FileName . ".tpl.php" ) > max( $this->ClassUpdated, filemtime( $this->ThemeDir . $FileName . ".tpl" ) ) ) ) $this->createFunctions( $FileName ); else $this->cacheTheme( $FileName ); } /** * * @access public * @return void */ function loadCSS( $CssFile ) { if ( eregi( 'http', $CssFile ) ) $this->CSS[] = $CssFile; else { global $_RWBASE; $FileName = THM_DIR . $this->ThemeName . '/Style/' . $CssFile; if ( file_exists( $FileName ) AND is_readable( $FileName ) ) $this->CSS[$CssFile] = $_RWBASE . $FileName; } } /** * * @access public * @return void */ function loadJS( $JsFile, $Code = false ) { if ( !$Code ) { if ( eregi( 'http', $JsFile ) ) $this->JS[] = '<script type="text/javascript" src="' . $JsFile . '"></script>'; else { global $_RWBASE; $FileName = BASE_DIR . 'Sources/JavaScript/' . $JsFile; if ( file_exists( $FileName ) AND is_readable( $FileName ) ) $this->JS[$JsFile] = '<script type="text/javascript" src="' . $_RWBASE . $FileName . '"></script>'; } } else $this->JS[$Code] = '<script type="text/javascript">' . $JsFile . '</script>'; } function addJS( $JsFile, $Code = false ) { $this->loadJS( $JsFile, $Code ); } /** * * @access public * @return void */ function bodyOn( $Type, $Code ) { $this->BodyOn[strtolower( $Type )][] = $Code; } /** * * @access public * @return void */ function writePage( $FinalFunction = "t_Page" ) { foreach ( $this->BodyOn as $key => $value ) { $this->loadJS( 'function bodyOn' . $key . '() {' . implode( $value ) . '}; onAttacher("' . $key . '",bodyOn' . $key . ');', 'on' . $key ); } $header = array( "<title>" . $this->TITLE . "</title>" ); foreach ( $this->META as $value ) $header[] = $value; foreach ( $this->JS as $value ) $header[] = $value; foreach ( $this->CSS as $value ) $header[] = '<style type="text/css" media="all">@import url(' . $value . ');</style>'; $this->Headers = implode( $header ); header( 'Content-Type: text/html; charset=' . $this->Charset ); echo $FinalFunction(); } function createFunctions( $FileName = '' ) { include_once( $this->CacheDir . $FileName . ".tpl.php" ); } function cacheTheme( $FileName ) { $FileContent = rFile( $this->ThemeDir . $FileName . ".tpl" ); if ( $this->CompressOutput ) $FileContent = $this->compressHTML( $FileContent ); $this->parseThemes( $FileContent ); wFile( $this->CacheDir . $FileName . ".tpl.php", "<" . "? \r\n" . $this->createThemeFunctions() . "\r\n?" . ">", 0777 ); $this->createFunctions( $FileName ); } function compressHTML( $Content ) { $Content = preg_replace( "/[\s]{2,}/", " ", $Content ); $Content = preg_replace( "/> </", "><", $Content ); return $Content; } function parseThemes( $Content ) { $Results = $this->findExactTAGs( $Content, "THEME" ); foreach ( $Results as $Value ) { preg_match( "/^" . $this->MatchTAG['THEME']['Find'] . "$/is", trim( $Value ), $Match ); $Vars = array(); if ( trim( $Match[3] ) != '' ) { $tVars = explode( ',', $Match[3] ); foreach ( $tVars as $vValue ) { if ( preg_match( '/^\$?([a-z0-9_]+)=?(.*)$/i', trim( $vValue ), $vMatch ) ) $Vars[$vMatch[1]] = "$" . $vMatch[1] . ( trim( $vMatch[2] ) != "" ? "=" . $vMatch[2] : "" ); } } $this->ThemeList[$Match[1]] = array( 'Code' => $Match[4], 'Vars' => $Vars ); } return true; } function findExactTAGs( $Content, $TAGName ) { $Results = array(); $CurrPos = 0; $Found = false; $Level = 0; // --------------------- $StartTAG = "<" . $TAGName; $EndTAG = "</" . $TAGName . ">"; $Repeat = substr_count( $Content, $StartTAG ); if ( substr_count( $Content, $EndTAG ) != $Repeat ) die( "Template ERROR: <$TAGName> sayısı ile </$TAGName> sayısı eşit değil!" ); // ----------------------------------- for( $i = 0; $i < $Repeat; $i++ ) { $Found = false; $Level = 0; $ContentStart = strpos( $Content, $StartTAG, $CurrPos ); $CurrPos = $ContentStart + strlen( $StartTAG ); while ( $Found == false ) { if ( $Level == 0 ) { $PosS = strpos( $Content, $StartTAG, $CurrPos ); $PosE = strpos( $Content, $EndTAG, $CurrPos ); if ( $PosS < $PosE AND $PosS !== false ) $Level++; else $Found = true; if ( $Found ) $ContentEnd = $PosE; $CurrPos = min( ( $PosS === false ? 999999 : $PosS ), ( $PosE === false ? 999999 : $PosE ) ) + 1; } else if ( $Level > 0 ) { $PosS = strpos( $Content, $StartTAG, $CurrPos ); $PosE = strpos( $Content, $EndTAG, $CurrPos ); if ( $PosS < $PosE AND $PosS !== false ) $Level++; else $Level--; $CurrPos = min( ( $PosS === false ? 999999 : $PosS ), ( $PosE === false ? 999999 : $PosE ) ) + 1; } } $Results[] = trim( substr( $Content, $ContentStart, $ContentEnd - $ContentStart + strlen( $EndTAG ) ) ); } // for return $Results; } function createThemeFunctions() { $FunctionList = array(); foreach ( $this->ThemeList as $Name => $ThemeData ) { $FunctionVars = $ThemeData['Vars']; $Content = $ThemeData['Code']; $FunctionCode = ''; $FunctionGlobals = array(); $this->TabCount = 1; $HtmlOpen = true; while ( ( $StartPoint = $this->getFirstTAG( $Content ) ) !== false ) { if ( $StartPoint == 0 ) { if ( !preg_match( '/^' . $this->MatchTAG[$this->FirstTAG]['Find'] . '/i', $Content, $Match ) ) die( 'Template Tag Error: ' . $this->FirstTAG ); if ( $this->FirstTAG == "THEME" ) { $SubThemes = $this->findExactTAGs( $Match[0], "THEME" ); foreach ( $SubThemes as $SubValue ) { preg_match( "/^" . $this->MatchTAG['THEME']['Find'] . "$/i", $SubValue, $SubMatch ); $SubVars = array(); if ( trim( $SubMatch[3] ) != '' ) { $tVars = explode( ',', $SubMatch[3] ); foreach ( $tVars as $vValue ) { if ( preg_match( '/^\$?([a-z0-9_]+)=?(.*)$/i', trim( $vValue ), $vMatch ) ) $SubVars[$vMatch[1]] = "$" . $vMatch[1] . ( trim( $vMatch[2] ) != "" ? "=" . $vMatch[2] : "" ); } } $this->ThemeList[$SubMatch[1]] = array( 'Code' => $SubMatch[4], 'Vars' => $SubVars ); $Content = str_replace( $SubMatch[0], '<BIT>' . $SubMatch[1] . ( count( $SubVars ) ? "(" . implode( ',', $SubVars ) . ")" : "" ) . '</BIT>', $Content ); } } else { if ( in_array( $this->FirstTAG, array( '/FE', '/FF', '/IF', '/ELIF', '/ELSE' ) ) ) $this->TabCount--; if ( in_array( $this->FirstTAG, array( '/FE', '/FF' ) ) ) $this->TabCount--; $Content = substr( $Content, strlen( $Match[0] ), strlen( $Content ) - strlen( $Match[0] ) ); if ( in_array( $this->FirstTAG, array( 'VAR', 'BIT', 'DEF', 'PHP' ) ) ) { if ( $HtmlOpen ) $FunctionCode .= " . "; else $FunctionCode .= $this->addTab() . "\$_HTML .= "; $HtmlOpen = true; } else { if ( $HtmlOpen ) $FunctionCode .= ";\r\n"; $FunctionCode .= $this->addTab(); $HtmlOpen = false; } $FunctionCode .= preg_replace( '/^' . $this->MatchTAG[$this->FirstTAG]['Find'] . '$/i', str_replace( '<!TabCount!>', $this->addTab(), $this->MatchTAG[$this->FirstTAG]['Replace'] ), $Match[0] ); if ( in_array( $this->FirstTAG, array( 'FE', 'FF', 'IF', 'ELIF', 'ELSE' ) ) ) $this->TabCount++; if ( in_array( $this->FirstTAG, array( 'FE', 'FF' ) ) ) $this->TabCount++; if ( in_array( $this->FirstTAG, array( 'IF', 'ELIF', 'PHP' ) ) ) $FunctionGlobals[] = $Match[1]; if ( in_array( $this->FirstTAG, array( 'FE', 'FF', 'VAR' ) ) ) $FunctionGlobals[] = "$" . $Match[1]; } } else { if ( trim( $HtmlCode = substr( $Content, 0, $StartPoint ) ) != "" ) { if ( $HtmlOpen ) $FunctionCode .= " . "; else $FunctionCode .= $this->addTab() . "\$_HTML .= "; $HtmlOpen = true; $FunctionCode .= "'" . str_replace( "'", "\'", $HtmlCode ) . "'"; $Content = substr( $Content, strlen( $HtmlCode ), strlen( $Content ) - strlen( $HtmlCode ) ); } else $Content = ltrim( $Content ); } } if ( trim( $Content ) != '' ) { if ( $HtmlOpen ) $FunctionCode .= " . "; else $FunctionCode .= $this->addTab() . "\$_HTML .= "; $HtmlOpen = true; $FunctionCode .= "'" . str_replace( "'", "\'", $Content ) . "'"; } if ( $HtmlOpen ) $FunctionCode .= ";\r\n"; $Function = "function t_" . $Name . "(" . implode( ',', $FunctionVars ) . ")\r\n{\r\n"; $Function .= $this->setGlobals( $FunctionGlobals, $FunctionVars ); if ( substr( $FunctionCode, 0, 3 ) == " . " ) { $Function .= "\t\$_HTML = "; $Function .= substr( $FunctionCode, 3, strlen( $FunctionCode )-3 ) ; } else { $Function .= "\t\$_HTML = ''"; $Function .= $FunctionCode ; } $Function .= "\treturn \$_HTML;\r\n"; $Function .= "}\r\n"; $FunctionList[] = $Function; } return implode( "\r\n", $FunctionList ); } function getFirstTAG( $Content, $Offset = 0 ) { $FirstPosition = 999999; foreach ( $this->MatchTAG as $TagName => $TagArray ) { if ( ( $Position = strpos( $Content, "<" . $TagName, $Offset ) ) !== false ) { if ( $Position < $FirstPosition ) { $FirstPosition = $Position; $this->FirstTAG = $TagName; } } } if ( $FirstPosition < 999999 ) return $FirstPosition; else return false; } function addTab() { return str_repeat( "\t", $this->TabCount ); } function setGlobals( $GlobalArray, $VarsArray = array() ) { $Globals = array(); foreach ( $GlobalArray as $Global ) { preg_match( '/\$([a-z0-9_]+)/i', $Global, $Match ); if ( !isset( $Globals[$Match[1]] ) AND !in_array( $Match[1], $this->PredefinedGlobals ) AND !isset( $VarsArray[$Match[1]] ) ) $Globals[$Match[1]] = '$' . $Match[1]; } if ( count( $Globals ) ) return "\tglobal " . implode( ', ', $Globals ) . ";\r\n"; else return ""; } } ?> i have made an delete files script which works for only one directory but not sub directory so i want to delete files of same extention from directory and subdirectory. My current code is Code: [Select] <? $dir = 'hmm/'; function scanr($dir){ $arr = glob($dir.'/*.jpg'); foreach($arr as $vv){ //check if $vv is a file if(is_file($vv)){ //if file, get the filename $vx=explode('/',$vv); $file=$vx[count($vx)-1]; // if no extension delete the file unlink($vv); // print the deletion message echo $vv." deleted!<br>";}else{ // if $vv is a dir then scan it again for files scanr($vv); }} } scanr($dir); ?> This topic has been moved to Other Libraries and Frameworks. http://www.phpfreaks.com/forums/index.php?topic=347050.0 Hello! I have sim card, how can we integrate it with server and use web interface to send sms and other requests, all handled via PHP?? Just an idea will be appreciated. thanks watsmyname Happy New Year, folks! I am having an issue that's been dragging my life for quite some time. I am creating a website for my church maranatha.tv The site's Menu and Content are pulled from a MySQL database I created. As far as this goes, everything is fine; content is pulled from my database with no issues. My problem is as follow: I am including an online bible, which is a third party script I downloaded. This scripts comes with its own database, which I have installed for use in my web server. I used Include() to include the index.php file of the online bible script, from its folder. I just don't know if this the right way to do it. Of course, this script has its own folder and a set of files which makes up the entire bible script. I use an if condition so that when the user clicks on the menu button BIBLE, the script's index.php file is included instead of text from my database. This way of adding the third party script is rendering some unwanted results such as layout distortion (which I don't care at this point), broken links (main issue), and links (although broken) are sent to new pages, instead of staying within my site's CONTENT page template. I need to find a way to make my script more modular so everything renders as intended. Here's my content function: Code: [Select] function content(){ // DETERMINE which page ID to USE in our query below ******************** if (!isset($_GET['jesusid'])) { $pageid = '1'; } else { $pageid = preg_replace('#[^0-9]#i', '', $_GET['jesusid']);} // filter everything but numbers for security) //preg_replace($pattern, $replacement, $string);//preg_replace() Function structure // Query the body section for the proper page $query = mysql_query ("SELECT body_text,title,linklabel, author FROM content WHERE id = '$pageid' LIMIT 1 ") or die (mysql_error()); while ($row = mysql_fetch_array($query)) { echo ucwords($row['title']).' por '; echo '<b>'.$row['author']. '</b><br>'; echo ucwords($row['body_text']); //Add Bible Script if (ucwords($row['title'])=='Biblia') //use row title -- UPPERCASED word { include ('bible/__WINDOWS/search.php'); } } } ?> Just click on the BIBLE button, and then on any link within that page and you will see what I mean. I am still learning PHP and I don't have any background integrating third party scripts to an existing PHP website. I hope someone can help me. Thanks in advance for your assistance. I am using Payeezy Payment Gateway, how to integrate with my PHP page, actually the payment gateway for my customer form, i done with form using PHP, how can i integrate Payeezy Payment Gateway with my PHP form. This topic has been moved to Application Frameworks. http://www.phpfreaks.com/forums/index.php?topic=317468.0 This topic has been moved to PHP Applications. http://www.phpfreaks.com/forums/index.php?topic=348359.0 Hi guys, i found simple php script which allow all visitors of my web site to create free email address thru my webmail service (like yahoo,hotmail,gmail,etc) and it works great, but in last month stupid bots created lots of funny user accounts and sending SPAM emails Signup script is one file (signup.php) doing all the stuff i need (registration form,lost passwords form,etc). Now i want to put captcha code into signup.php to have captcha image cheking to prevent bots from creating more user accounts ... i`m not a php programer but i know how to change some things, but not all Signup scripts is free, so i will post it here that you can help me with this (it does not have my mysql and other information,because of security issue) - i will be happy if some of you guys put all the code i need for captcha to work with signup.php script Here is the signup.php script: Code: [Select] <?php // HMailServer New user signup Script Configuration $dbhost = "localhost"; // host of the MySQL database $dbuser = "root"; // Database username $dbpassword = ""; // Your database password $dbname = "hmail"; // the name of the database that has the hmailserver tables $webmailurl = "http://www.yurdomainname.com/webmail/login.php"; // The url to login in the webbased mail system $quota = "50"; // The mailbox free space if (strlen($_POST["pas1"]) <= 4 && IsSet($_POST["pas1"])) { $error .= "<centeR>Error: Your password must be longer than 4 characters</center>"; } else if ($_POST["pas1"] == "12345" && IsSet($_POST["pas1"])) { $error .= "<centeR>Error: Too simple password</center>"; } // Get the action if (IsSet($_POST["action"])) { $action = $_POST["action"]; } else { $action = $_GET["action"]; } // A function to check addresses, probably i will have to use it later. function normalmail($visitormail) { if(!$visitormail == "" && (!strstr($visitormail,"@") || !strstr($visitormail,"."))) { return FALSE; } else { return TRUE; } } // If there is no action, open the page for a new registration if (!IsSet($action)) { // Load the domain names and their ids into a variable $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_domains WHERE domainactive = '1' ", $db); $domains = "<select name=\"domain\">"; while ($row = mysql_fetch_array($result)) { $domainid = $row['domainid']; $domainname = $row['domainname']; $domains .= "\n<option value=\"$domainid\">$domainname</option>"; } $domains .= "\n</select>"; mysql_close(); echo " <center><b>Open a new E-Mail Account</b> <p> (*) fields are reguired.<br> <form action=\"\" name=\"registration\" method=\"post\"> <table border=\"0\"> <tr> <td>* Username: <td><input type=\"text\" name=\"username\">@<td>$domains<tr> <td>* First name: <td><input type=\"text\" name=\"firstname\"><td><tr> <td>* Last name: <td><input type=\"text\" name=\"lastname\"><td><tr> <td>* Password: <td><input type=\"password\" name=\"pas1\"><Td><tr> <td>* Password again: <td><input type=\"password\" name=\"pas2\"><Td><tr> <td>Old email Address: <td><input type=\"text\" name=\"oldmail\"><td>(in case you forgot your password)<tr> <td>* Secret question: <td><input type=\"text\" name=\"squestion\"><td><tr> <td>* Secret answe <td><input type=\"text\" name=\"sanswere\"><td><tr> <td><td> <input type=\"hidden\" name=\"action\" value=\"register\"> <input type=\"Submit\" value=\"Signup\"><td><tr></td></tr></table></table> "; } else if ($action == "register") { // Load the variables from the posting $domainid = $_POST["domain"]; $username = $_POST["username"]; $pas1 = $_POST["pas1"]; $pas2 = $_POST["pas2"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; $squestion = $_POST["squestion"]; $sanswere = $_POST["sanswere"]; $oldmail = $_POST["oldmail"]; // Do all the checks if ($oldmail != NULL && normalmail($oldmail) == FALSE) { $error .= "Error: Please enter a valid email address\n<br>"; } if ($squestion == NULL) { $error .= "Error: You have to enter your secret question\n<br>"; } if ($sanswere == NULL) { $error .= "Error: You have to enter your secret aswere\n<br>"; } if ($username == NULL) { $error .= "Error: You have to enter your desired username\n<br>"; } if ($domainid == NULL) { $error .= "Error: You have to choose a domain\n<Br>"; } if ($pas1 == NULL) { $error .= "Error: You have to enter your password\n<Br>"; } if ($pas1 != $pas2) { $error .= "Error: Your passwords does not match\n<Br>"; } if ($firstname == NULL) { $error .= "Error: You have to enter your first name\n<Br>"; } if ($lastname == NULL) { $error .= "Error: You have to enter your last name\n<Br>"; } //Check if the user exists for that domain $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_domains WHERE domainid = '$domainid' ", $db); $result = @mysql_fetch_array($result); $address = $username . "@" . $result['domainname']; $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$address' ", $db); $result = @mysql_fetch_array($result); if ($result['accountid'] != "") { $error .= "Error: The E-Mail address $address is already registered, please coose another username or domain\n<Br>"; mysql_close(); } if (IsSet($error)) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; } else { // Insert the new user infos into the database $passwd = md5($pas1); $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $query = "INSERT INTO hm_accounts (accountaddress, accountdomainid, accountadminlevel, accountpassword, accountactive, accountisad, accountmaxsize, accountpwencryption, accountvacationmessageon, accountoldaddress, accountfirstname, accountlastname, accountsecretque, accountsecretans) VALUES ('$address','$domainid','0','$passwd','1','0','$quota','2','0','$oldmail','$firstname','$lastname','$squestion','$sanswere')"; mysql_query($query) or die("Error: Can not query to the database"); mysql_close(); echo "<center><B>Completed!</b> <br><br> You have created an email account with us! you can use the E-Mail services eather by pop3/imap or by using the webmail system. <p>Please <A href=\"$webmailurl\">Login</a> to read or to send emails <p>Thank you $firstname $lastname for joining us"; } } else if ($action == "install") { $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); mysql_query("ALTER TABLE `hm_accounts` ADD `accountoldaddress` VARCHAR(50) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accountfirstname` VARCHAR(50) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accountlastname` VARCHAR(50) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accountsecretque` VARCHAR(120) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accountsecretans` VARCHAR(120) NOT NULL"); mysql_query("ALTER TABLE `hm_accounts` ADD `accounttmpverify` VARCHAR(120) NOT NULL"); mysql_close(); Echo "The script is istalled successfuly"; } // If the user forgot his password, this is the page to recover it. else if ($action == "forgotpass") { echo "<Center><b>Welcome to the password recovery page</b> <br><br> This page will help you to recover your lost password, if you had filled the oldmail at the registration time You will be able to recover it by using the oldmail method, else you will have to use the secret question method"; echo "<br><br><center> <table border=1 cellspacing=0 cellpadding=0> <tr><td><center>Old Email Method<tr><td> <form name=\"forgot\" action=\"\" method=\"post\"> <table border=0><tr><td> Old email<td><input type=\"text\" name=\"oldemail\"><tr> <td>Your email with us in form of (username@domain.tld) <td><input type=\"text\" name=\"current\"><tr> <input type=\"hidden\" name=\"action\" value=\"fpassoldemail\"> <td><td><input type=\"submit\" value=\"Send me Recovery code\"></tr></td> </form></td></tr></table></table> <center><p> <table border=1 cellspacing=0 cellpadding=0> <tr><td><center>Secret Question Method<tr><td> <form name=\"forgot\" action=\"\" method=\"post\"> <table border=0> <tr><td>Frist name<td><input type=\"text\" name=\"firstname\"><tr> <tr><td>Last name<td><input type=\"text\" name=\"lastname\"><tr> <td>Your email with us in form of (username@domain.tld) <td><input type=\"text\" name=\"current\"><tr> <input type=\"hidden\" name=\"action\" value=\"fpassgetquestion\"> <td><td><input type=\"submit\" value=\"Submit\"></tr></td> </form></td></tr></table></table></center>"; } // if the user submited data for the secret question method, // load the variables, and do the checks else if ($action == "fpassgetquestion") { $username = $_POST["current"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; if (normalmail($username) == FALSE) { $error .= "Error: Please enter a valid ID in form of email address\n<br>"; } if ($username == NULL) { $error .= "Error: You have to enter your current ID (in form of username@domain.ltd)\n<br>"; } if ($firstname == NULL) { $error .= "Error: You have to enter your first name\n<Br>"; } if ($lastname == NULL) { $error .= "Error: You have to enter your last name\n<Br>"; } if (IsSet($error)) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; //else do the rest of the checks } else { $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); $questi = $result['accountsecretque']; echo "<center><b>Please answere your secret question: $questi </b>"; echo "<p><form name=\"forgot\" action=\"\" method=\"post\"> <table border=0> <input type=\"hidden\" value=\"$firstname\" name=\"firstname\"> <input type=\"hidden\" value=\"$lastname\" name=\"lastname\"> <input type=\"hidden\" value=\"$questi\" name=\"squestion\"> <input type=\"hidden\" value=\"$username\" name=\"current\"> <td>Answe <td><input type=\"text\" name=\"sanswere\"><tr> <input type=\"hidden\" name=\"action\" value=\"fpassquestion\"> <td><td><input type=\"submit\" value=\"Submit\"></tr></td> </form></td></tr></table></table></center>"; } } else if ($action == "fpassquestion") { $username = $_POST["current"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; $squestion = $_POST["squestion"]; $sanswere = $_POST["sanswere"]; // Do all the checks if (normalmail($username) == FALSE) { $error .= "Error: Please enter a valid ID in form of email address\n<br>"; } if ($squestion == NULL) { $error .= "Error: You have to enter your secret question\n<br>"; } if ($sanswere == NULL) { $error .= "Error: You have to enter your secret aswere\n<br>"; } if ($username == NULL) { $error .= "Error: You have to enter your current ID (in form of username@domain.ltd)\n<br>"; } if ($firstname == NULL) { $error .= "Error: You have to enter your first name\n<Br>"; } if ($lastname == NULL) { $error .= "Error: You have to enter your last name\n<Br>"; } // If there was error, stop if (IsSet($error)) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; //else do the rest of the checks } else { $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); // check if the information does match with the stored data if ( $result['accountlastname'] == NULL || $result['accountfirstname'] == NULL || $result['accountsecretque'] == NULL || $result['accountsecretans'] == NULL) { die("Error: Cant find infos in database for $username"); mysql_close(); } if (strtolower($result['accountlastname']) == strtolower($lastname) && strtolower($result['accountfirstname']) == strtolower($firstname) && strtolower($result['accountsecretque']) == strtolower($squestion) && strtolower($result['accountsecretans']) == strtolower($sanswere)) { echo "<b><center>Your info does match, please enter a new password for $username bellow</b>"; echo "<p><br><center> <table><tr><td> <center>Change password for $username<tr><Td> <center><table> <form name=\"forgot\" action=\"\" method=\"post\"> <tr><Td>Enter new password<td><input type=\"password\" name=\"pas1\"><Tr> <Td>Verify password<td><input type=\"password\" name=\"pas2\"><Tr> <input type=\"hidden\" value=\"$firstname\" name=\"firstname\"> <input type=\"hidden\" value=\"$lastname\" name=\"lastname\"> <input type=\"hidden\" value=\"$squestion\" name=\"squestion\"> <input type=\"hidden\" value=\"$sanswere\" name=\"sanswere\"> <input type=\"hidden\" value=\"$username\" name=\"current\"> <input type=\"hidden\" value=\"forgpassquepro\" name=\"action\"> <Td><td><input type=\"submit\" value=\"Change it\"></Tr></table></table></form></center>"; } else { echo "<b><center>Your info does NOT match</b><p> Your data does not match with the stored informations of $username, please enter the exact info"; } } } else if ($action == "forgpassquepro") { $username = $_POST["current"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; $squestion = $_POST["squestion"]; $sanswere = $_POST["sanswere"]; $newpassword = $_POST["pas1"]; $newpassword = md5($newpassword); if (normalmail($username) == FALSE) { die("Error"); } $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); // check if the information does match with the stored data if ( $result['accountlastname'] == NULL || $result['accountfirstname'] == NULL || $result['accountsecretque'] == NULL || $result['accountsecretans'] == NULL) { die("Error: Cant find infos in database for $username"); mysql_close(); } if ($_POST["pas1"] != $_POST["pas2"]) { $error = "<center><B>Your passwords does not match, please submit the form again</b></centeR>"; } if ($error != NULL) { echo $error; } else { if (strtolower($result['accountlastname']) == strtolower($lastname) && strtolower($result['accountfirstname']) == strtolower($firstname) && strtolower($result['accountsecretque']) == strtolower($squestion) && strtolower($result['accountsecretans']) == strtolower($sanswere)) { $accountid = $result['accountid']; //ok change the password $query = "UPDATE hm_accounts SET accountpassword = '$newpassword' WHERE accountid = '$accountid'"; mysql_query($query); echo "<center><b>Ok Your password has changed, sign in now with your new password, and your ID $username</b></center>"; mysql_close(); } } } // forgot password, old email method. else if ($action == "fpassoldemail") { $username = $_POST["current"]; $oldmail = $_POST["oldemail"]; // Do all the checks if (normalmail($username) == FALSE) { $error .= "Error: Please enter a valid ID in form of email address\n<br>"; } if (normalmail($oldmail) == FALSE) { $error .= "Error: Please enter a valid email address\n<br>"; } $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username'", $db); $result = @mysql_fetch_array($result); $accountid = $result['accountid']; if ($result['accountoldaddress'] == NULL) { $error .= "Error: Missing infos in the database for $username <Br>"; } if ($result['accountoldaddress'] != $oldmail) { $error .= "Error: The address $oldmail does not match with the old address of $username <Br>"; } if ($error != NULL) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; mysql_close(); } else { // in that case somehow we have to generate a random code for($x=0;$x<10;$x++) { $y = rand(0,61); $z .= $y + (($y<10) ? 48 : (($y<20) ? 21 : 10)); } $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $query = "UPDATE hm_accounts SET accounttmpverify = '$z' WHERE accountid = '$accountid'"; mysql_query($query); mysql_close(); $body = " The user account $username has this email associated with it. A Web user from " . $_SERVER['REMOTE_ADDR'] . " has just requested a Confirmation Code to change the password. Your Confirmation Code is: $z With this code you can now assign a new password at http://" . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'] . "?action=fpassconfirm&addr=$username&code=$z If you cant click in the link, copy paste the URL into your browser. If you didn't asked for this, don't worry. Just delete this Email."; $body = wordwrap($body, 70); $subject = "Lost password: confirmation code"; $headers=""; $headers = 'From: ' . $username; if (mail($oldmail, $subject, $body, $headers)) { echo "<b>Message successfully sent!</b> <p>Please read the email in your old address $oldmail to get the verification code and reset your password <p>Your IP address is loged for security reasons."; } else { echo "<b>Message delivery failed!</b>"; } } } else if ($action == "fpassconfirm") { $code = $_POST["code"]; $username = $_POST["addr"]; if (!IsSet($code)) { $code = $_GET["code"]; } if (!IsSet($username)) { $username = $_GET["addr"]; } $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); if ($username == NULL || normalmail($username) == FALSE) { $error .= "Error: Please enter your E-mail address in the correct form<Br>"; } if ($code == NULL) { $error .= "Error: Please enter the confirmation code<br>"; } if ($result['accounttmpverify'] != $code) { $error .= "Error: You entered an invalid confirmation code. <Br>"; } if ($error != NULL) { echo "<Center>Oops, There was some errors, please submit the form again<br>"; echo $error; echo "<br><br> <form name=\"forgot\" action=\"\" method=\"post\"> <center> <table><tr> <Td>E-Mail address<td><input name=\"addr\" type=\"text\"> <tr><td>Code<td><input name=\"code\" type=\"text\"><tr> <input type=\"hidden\" value=\"fpassconfirm\" name=\"action\"> <td><td><input type=\"submit\" value=\"Submit\"></tr> </td></table></table></form></centeR> "; mysql_close(); } else { echo "<b><center>Confirmation code is valid, Please enter your new password bellow</b>"; echo "<p><br> <center><table><tr><Td> Change password for $username<tr><Td> <table><tr> <form name=\"forgot\" action=\"\" method=\"post\"> <Td>Enter new password<td><input type=\"password\" name=\"pas1\"> <Tr><Td>Verify password<td><input type=\"password\" name=\"pas2\"><Tr> <input type=\"hidden\" value=\"$code\" name=\"code\"> <input type=\"hidden\" value=\"$username\" name=\"addr\"> <input type=\"hidden\" value=\"forgpasscodepro\" name=\"action\"> <Td><td><input type=\"submit\" value=\"Change it\"></Tr></table></table></form>"; mysql_close(); } } // ok lets check the code again, and change the password. else if ($action = "forgpasscodepro") { $code = $_POST["code"]; $username = $_POST["addr"]; $newpassword = $_POST["pas1"]; $newpassword = md5($newpassword); $db = mysql_connect($dbhost, $dbuser, $dbpassword); mysql_select_db($dbname); $result = mysql_query("SELECT * FROM hm_accounts WHERE accountaddress = '$username' ", $db); $result = @mysql_fetch_array($result); $accountid = $result['accountid']; if ($username == NULL || normalmail($username) == FALSE) { $error .= "Error: Please enter your E-mail address in the correct form<Br>"; } if ($code == NULL) { $error .= "Error: Please enter the confirmation code<br>"; } if ($result['accounttmpverify'] != $code) { $error .= "Error: You entered an invalid confirmation code. <Br>"; } if ($_POST["pas1"] != $_POST["pas2"]) { $error .= "Error: Passwords does not match. <Br>"; } if ($error != NULL) { echo $error; } else { $query = "UPDATE hm_accounts SET accountpassword = '$newpassword' WHERE accountid = '$accountid'"; mysql_query($query); echo "<b>Your password has changed!</B><br><br> now you can sign in with your new password and your ID $username"; mysql_close(); } } echo "<center><p><em><font size=\"2\">Powered by <a target=\"hmail\" href=\"http://www.hmailserver.com\">HMailServer</a> @ All rights reserved</em></font></centeR>"; ?> Tnx I'm trying to echo the directory and sub directory only. I am not looking to show the files contained - only folders. Can you help me integrate this code :
<form method="post" action="submit.php"> <input type="checkbox" class="required" /> Click to check <br /> <input disabled="disabled" type='submit' id="submitBtn" value="Submit"> </form>In to this Contact Form code, please? <form action="../page.php?page=1" method="post" name="contact_us" onSubmit="return capCheck(this);"> <table cellpadding="5" width="100%"> <tr> <td width="10" class="required_field">*</td> <td width="80">Your Name</td> <td><input type="text" name="name" maxlength="40" style="width:400px;/></td> </tr> <tr> <td class="required_field">*</td> <td>Email Address</td> <td><input type="text" name="email" maxlength="40" style="width:400px;/></td> </tr> <tr> <td></td> <td>Comments:</td> <td><textarea name="comments" style="width: 400px; height: 250px;"></textarea></td> </tr> </table> </form Hello guys, before I start I'm a relativity new user of PHP so this really could be something extremely simple, I just can't seem to find it, Basically on my website i have php login script, when you're logged on every page you visit checks a file called auth.php, This will tell create a session called, "$SESSION" Inventive i know... That will tell the browser if the user is logged in or not, so it can decide whether or not to create a Login button, or a Log out button, Here's the code i have so far. if ( $SESSION == '' ) { echo "<a href='logout.php" ."Log out"; } else { echo "<a href='login-form.php" ."Log in"; } Now, I believe i'm on the right lines? But i'm not fully sure how to basically in English say, If that session is working or exists, Then do this, if not, do this. I mention again, I'm very new to PHP so any help would be very appreciated! |