|
PHP - Curl - Check Db On Remote Server For Authentication? (code Included)
Hey All,
I will be marketing a simple php script shortly and would like to Obfuscate my code and have it check to see if the person is running the script on the proper domain, much like other Purchased Scripts, you have to buy licenses and some are limited to a Per Domain basis. Could I use cURL to run a script on another server (mine) that takes the URL it came from, and a variable "the auth key" and check if the person is using the script on the proper domain? If the domain and auth key don't match in the DB i would return a message saying invalid key or something, else continue to execute the script. <?php //authkey would be defined in config file $authkey = "769870afhljkzxf90436"; $curl_handle=curl_init(); curl_setopt($curl_handle,CURLOPT_URL,"http://example.com/page.php?authkey=$authkey"); curl_setopt($curl_handle,CURLOPT_CONNECTTIMEOUT,2); curl_setopt($curl_handle,CURLOPT_RETURNTRANSFER,1); $buffer = curl_exec($curl_handle); curl_close($curl_handle); if (empty($buffer)) { print "Sorry, AuthServ is performing maintenance.....<p>"; } else { print $buffer; } ?> Is there a smarter way to do this? I don't have an extra 300 bucks to use something like ioncube, just looking for a general proper direction on going about this as I am totally clueless. thanks Similar TutorialsI need to check (from a Debian server to a Mac CLIENT (not server) machine) to see if a file exists on the file system...not an http server. Here's what I've tried (based on reading at http://www.php.net/manual/en/function.ssh2-exec.php) Code: [Select] <?php function check_remote_files($username, $hostname, $remote_file) { $connection = ssh2_connect($hostname, 22, array('hostkey'=>'ssh-rsa')); if (ssh2_auth_pubkey_file($connection, $username, '/root/.ssh/id_rsa.pub', '/root/.ssh/id_rsa', '')) { echo "Public Key Authentication On Server #2 Successful\n"; } $url = "if ssh $hostname stat $remote_file \> /dev/null 2\>\&1"; $stream=ssh2_exec($connection,$url); stream_set_blocking( $stream, true ); $cmd=fread($stream,4096); fclose($stream); $stream=ssh2_exec($connection,"then"); stream_set_blocking( $stream, true ); $cmd=fread($stream,4096); fclose($stream); $stream=ssh2_exec($connection,"echo File exists"); stream_set_blocking( $stream, true ); $cmd=fread($stream,4096); fclose($stream); $stream=ssh2_exec($connection,"else"); stream_set_blocking( $stream, true ); $cmd=fread($stream,4096); fclose($stream); $stream=ssh2_exec($connection,"echo Not found"); stream_set_blocking( $stream, true ); $cmd=fread($stream,4096); fclose($stream); $stream=ssh2_exec($connection,"fi"); stream_set_blocking( $stream, true ); $cmd=fread($stream,4096); fclose($stream); } ?> NOTHING happens after the echo of Public Key Authentication On Server #2 Successful. I'm running this script from a bash shell. Any ideas what might be wrong? Thanks. Hi All - I'm trying to see if the below is possible using PHP. is it possible for php to allow a user to check if a port is open/listening on a remote server/PC, from their local machine. I've seen scripts on the web that talk about opening cmd.exe - this won't work as not all of my users will be on windows. Also saw fsock.. but the remote server is not serving http page(s). Also saw telnet, but again, some of my users may not have that windows feature enabled. Desired workflow: 1. user enters the server hostname/IP and a port 2. my php webapp will emulate checking if that hostname and port is open from the local user's computer.
thanks! Hi guys, I am making a bot which only scrapes the source code of the site AFTER logging into the site.The script to login is : Code: [Select] <?php $username="xxx"; $password="iwonttellyou"; $url="http://internet.com/login.php"; $cookie="cookie.txt"; $postdata = "name=".$username."&password=".$password; $ch = curl_init(); curl_setopt ($ch, CURLOPT_URL, $url); curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"); curl_setopt ($ch, CURLOPT_TIMEOUT, 60); curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 0); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie); curl_setopt ($ch, CURLOPT_REFERER, $url); curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata); curl_setopt ($ch, CURLOPT_POST, 1); $result = curl_exec ($ch); echo $result; ?> I can see different SESSION ID's in cookie.txt everytime i compile this code, which makes me believe its working.However what next? How should i go to that site again, already logged in and scrape the data ? Some suggestions would be nice. I am trying to get a php script on a remote server to execute on my server but im having problems getting it to work, and i am not sure if it is even feasible i have had a look on google but i cant find much information on it. This is what i have tried up to now I saved a php script as a txt file on y remote server. then used file_get_contents on my home server $curl_scraped_page = file_get_contents('http://www.remote_server.com/script.txt'); the content of the txt file was $sum = 1+1; then i tried to echo $sum on the home server but i did not work can anyone point me in the right direction or is what i am trying to do even feasible? Thanks in advanced The title may be a bit misleading, but essentially what I have is a custom CMS I built in PHP. What I want to do next is to build some sort of authentication to ensure my code was not copied and reused on another server. I need some way to communicate between my CMS and an external script to ensure that it is valid. I was thinking of putting a file on a domain. A simple function that accepts an url this function takes the url, searches the db, if it finds it, send back an result. My CMS obviously queries this function with the current url of the domain and if the url is in my db, the software works, otherwise it displays a message saying it was illegally copied. How do I build this interaction between the two? I could use AJAX, but i need something a bit more robust so that your average developer doesn't figure it out too easily. Hello all, I am trying to read a remote xml file on a file server which requires username and password. I can access the xml file fine through HTTP authentication like \\111.11.11.111\\pdrs\fileserver\FullText\12345\12345_CLEANUP.xml But when i try to read it with PHP, I recieved a warning message: "Warning: simplexml_load_file() [function.simplexml-load-file]: I/O warning : failed to load external entity" allow_url_fopen is ON This is part of my code. Code: [Select] $test=rawurldecode("http://username:password@\\\\111.11.11.111\\pdrs\\fileserver\\" . $number . "\\FullText\\" . $number . "_CLEANUP.xml"); echo $test; $xml_filename = simplexml_load_file(rawurldecode("($test)")); echo $xml_filename; print_r($xml_filename); Am I missing something here? Is there any other way to read/save/load a remote xml file which requires authentications? I am new to php so any help is appreciated! Thanks, Hi, iam working on a curl based authentication and iam sending a curl request to one of my pages, like this: <?php $ch = curl_init("http://localhost/test.php"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($curl, CURLOPT_USERPWD, 'myuser:mypwd'); // sending username and pwd. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_USERAGENT, 'Sample Code'); curl_setopt($curl, CURLINFO_HEADER_OUT, true); $output = curl_exec($ch); print_r(curl_getinfo($ch)); curl_close($ch); echo '<br><br>'; echo $output; ?> But in my test.php page, iam not able to get the username and password values, in $_SERVER array. What could be the problem? This isn't exactly an application design question, but rather a system design one.
I am about to install an Inventory Control System inside this store I work in.
The store itself also owns a Linode VPS running Centos 6.4 which hosts our website.
This new Inventory System will come built in with a Microsoft SQL Server, and supposedly it is a SQL Anywhere database, but I'm not too sure what that means.
I need to make this database publicly accessible, but only via the Linode VPS. Surely, setting restrictions is easy enough to address that issue. That isn't my question.
My first idea is to put this server into the DMZ, easy. But it doesn't exactly sound safe. So my next idea was to put a middleman server in the DMZ, this way the Linode can send queries to that middleman server and it will send that data to the SQL Server and back. This is very vaguely described I know, but I don't want to get too much into details, but rather, understand how I can create that middleman server, and what could Install onto it that would allow me to securely process queries?
My first thought was to install a webservice, that accepts an XML/JSON request and returns an XML/JSON response.
Then, I realized directly afterwards that I don't have any experience setting up a webservice like that.
What kind of options are there out there? Ultimately, my question is, should I just put the Server in the DMZ or should I create the middleman, and if so, can someone point me in the right direction as to getting a webservice set up? Edited by Zane, 15 July 2014 - 11:28 PM. I am setting up an API for my users, and the user sends post data via cURL. Is there a way I can see what site that the post data is coming from? would $_SERVER['REMOTE_HOST'] work? I am not using that to validate information. Hey guys i'm using the following code to POST data to the HTTPS url given below. But I m unable to perform a remote login and access the rest of the website. Can u find out the flaws in the code snippet and rectify it ? Or suggest a new code snippet. Also can anyone suggest how to open/read the contents of the login restricted pages on a successful login . $fullurl = "https://premium.rpnet.biz/login.php/"; $postFields="username=&password=&cookieval=on&login="; $username=""; $password=""; $ch = curl_init(); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_FAILONERROR, 0); curl_setopt($ch, CURLOPT_USERPWD, "$username:$password"); curl_setopt($ch, CURLOPT_POSTFIELDS,$postFields); curl_setopt($ch, CURLOPT_URL, $fullurl); curl_setopt($ch, CURLOPT_COOKIEFILE, "cookie.txt"); # The name of the file containing the cookie data. curl_setopt($ch, CURLOPT_COOKIEJAR, "cookie.txt"); $returned = curl_exec($ch); curl_close ($ch); var_dump($returned); --------------------------------------------------------------- Output: HTTP/1.1 200 OK Date: Fri, 05 Nov 2010 16:27:58 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=nthfd25gn6vpm89k18fpgamgc6; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 6336 Connection: close Content-Type: text/html; charset=UTF-8 ================================================ If I change the url to https://premium.rpnet.biz/usercp.php/ then the output is HTTP/1.1 302 Found Date: Fri, 05 Nov 2010 16:28:00 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.3.3 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Set-Cookie: lo[uname]=deleted; expires=Thu, 05-Nov-2009 16:27:59 GMT; path=/; domain=premium.rpnet.biz Set-Cookie: lo[pass]=deleted; expires=Thu, 05-Nov-2009 16:27:59 GMT; path=/; domain=premium.rpnet.biz Location: https://premium.rpnet.biz/login.php Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8 bool(true) Hi- I am new to php, trying to make a simple form that emails when submitted. It works fine on my own server, but when I try it on my work server I get: Warning: mail() [function.mail]: SMTP server response: 550 Authentication is required for relay in C:\inetpub\wwwroot\OMC\estimate3.php on line 159 here are the headers: $headers = "From: info@combatstocks.com\n"; $headers .= "X-Mailer: PHP4\n"; $headers .= "X-Priority: 3\n"; $headers .= "MIME-Version: 1.0\n"; $headers .= "Content-Type: multipart/alternative; boundary=\"==MIME_BOUNDRY_alt_main_message\"\n\n"; and the mail() function mail($to,$subject,$body,$headers); let me know if you need more code and ill happily supply it. thanks! Hi, I'm trying to auto login to a website(created by me ;-) ) using the curl. as I am new to this I don't know how to make this possible. following is the code I tried but this is not submitting the data in the other site. the 'usr_name' and 'password' the field names in the page "http://localhost/myproject/users/login". and I have given a print_r in that site and it is displaying Array ( [loginType] => L [step] => confirmation [usr_name] => dasd@hotmail.com [password] => test123 ) but not submitting the form. please help me.... this is the code i've tried..I got this from web... $login = "http://localhost/myproject/users/login"; $param="loginType=L&step=confirmation&usr_name=dasd@hotmail.com&password=test123"; $c = curl_init(); curl_setopt($c, CURLOPT_URL, $login); curl_setopt($c, CURLOPT_COOKIEJAR, "cookies.txt"); curl_setopt($c, CURLOPT_COOKIEFILE, "cookies.txt"); curl_setopt($c, CURLOPT_POST, 1); curl_setopt($c, CURLOPT_POSTFIELDS, $param); curl_setopt($c, CURLOPT_RETURNTRANSFER, 1); curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1); echo curl_exec($c); thanks in advance.... Hi dear community i want to run a Curl to get the contents of a remote web page into a PHP variable <?php // // The PHP curl module supports the received page to be returned in a variable // if told. // $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"http://www.myurl.com/"); curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); $result=curl_exec ($ch); curl_close ($ch); ?> I declare this variable:($ch) Well - can i work with this variable - eg. to parse this with a parser!? look forward to hear from you $result=curl_exec ($ch); gretings Hi all, I am new here and I really thank God that I found this forum! I have read the materials here on working with cURL on javascript-form-submission pages. However, I can't to get my script to work. Can anybody here please help me out or drop me a hint on where to correct my script? ==Situation== My company utilizes http://www.myfax.com/free/ to send our company faxes. My task is to write a code that would submit files for faxes electronically. Note: The site also requires e-mail confirmation but I haven't get to that stage yet. I have run tests on submitting fax requests both by code and manually through the site, and have confirmed that the code doesn't work on the submission level because I managed to receive confirmation e-mails for manual submissions. Also, I tried my script with different staff email addresses because I figured out that it blocks only the same e-mail address from sending more than 2 faxes a day. Code: (php) [Select] <?php //target page url $strPage_url = 'www.myfax.com/free/'; //create array of data to be posted $arrPost_data = array ( 'ctl00$MainSection$tbRecipientName' => 'I am recipient', //max length = 50 'ctl00$MainSection$tbRecipientCompany' => 'I am recipient company', //max length = 50 'ctl00$MainSection$tbRecipientFaxNumber' => '+1 (206) 202-8273', //recipient fax 'ctl00$MainSection$ddlRecipientCountry' => html_entity_decode ('{"c":{"i":"2","n":"United States","t":"1","s":"US"},"m":{"i":"1","v":"+1 (###) ###-####","d":"","f":"","c":"","r":""}}'), 'ctl00$MainSection$tbSenderName' => 'I am sender', //max length = 50 'ctl00$MainSection$tbSenderCompany' => 'I am sender company', //max length = 50 'ctl00$MainSection$tbSenderEmailAddress' => 'abc@example.com', //email 'ctl00$MainSection$nbAntiSpam$nbAntiSpam_NoBotExtender_ClientState' => '-150', //number drawn from inspecting the packages sent by manual form submission 'ctl00$MainSection$fileUpload' => '@/files/file.pdf', //file 'ctl00$MainSection$tbMessage' => 'hello world', //message '__EVENTTARGET' => '', '__EVENTARGUMENT' => '', '__VIEWSTATEENCRYPTED' => '' ); //visit the page and get cookies $curl_connection = curl_init ($strPage_url); curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 0); curl_setopt($curl_connection, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"); curl_setopt($curl_connection, CURLOPT_REFERER, "http://www.myfax.com/free/"); curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 1); curl_setopt ($curl_connection, CURLOPT_COOKIEJAR, 'CURLCOOKIE'); $strGet_page_contents = curl_exec ($curl_connection); curl_close ($curl_connection); //get page to retrieve view state and event validation if ( preg_match ( '/"__VIEWSTATE"[\s]+?value="([\s\S]+?)"/' , $strGet_page_contents , $arrView_state ) ) { $strView_state = $arrView_state[1]; $arrPost_data['__VIEWSTATE'] = $strView_state; } if ( preg_match ( '/"__EVENTVALIDATION"[\s]+?value="([\s\S]+?)"/' , $strGet_page_contents , $arrEvent_validation ) ) { $strEvent_validation = $arrEvent_validation[1]; $arrPost_data['__EVENTVALIDATION'] = $strEvent_validation; } if ( preg_match ( '/id="ctl00_MainSection_nbAntiSpam_nbAntiSpam_NoBotExtender_ClientState" value="([\s\S]+?)"/' , $strGet_page_contents , $arrAnti_spam ) ) { $strAnti_spam = $arrAnti_spam[1]; $arrPost_data['ctl00$MainSection$nbAntiSpam$nbAntiSpam_NoBotExtender_ClientState'] = $strAnti_spam; } //traverse array and prepare data for posting (key1=value1) foreach ( $arrPost_data as $key => $value) { $arrPost_items[] = $key . '=' . $value; } //create the final string to be posted using implode() $strPost_string = implode ('&', $arrPost_items); //create cURL connection $curl_connection = curl_init($strPage_url); //set options curl_setopt ($curl_connection, CURLOPT_POST, 1); curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 0); curl_setopt($curl_connection, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"); curl_setopt($curl_connection, CURLOPT_REFERER, "http://www.myfax.com/free/"); curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 1); //set cookie curl_setopt ($curl_connection, CURLOPT_COOKIEFILE, 'CURLCOOKIE'); unlink ( 'CURLCOOKIE' ); curl_setopt($curl_connection, CURLOPT_COOKIE, session_name() . '=' . session_id()); //set header $arrHeaders = array ( 'Content-Type' => 'application/x-www-form-urlencoded; charset=utf-8' ); curl_setopt($curl_connection, CURLOPT_HTTPHEADER, $arrHeaders ); //set data to be posted curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $strPost_string); //perform our request $strResult = curl_exec($curl_connection); //show information regarding the request - for debugging echo "<pre>"; print_r(curl_getinfo($curl_connection)); echo curl_errno($curl_connection) . '-' . curl_error($curl_connection); echo "<hr>"; var_dump ($arrPost_items); echo "</pre>"; //close the connection curl_close($curl_connection); ?> I have this XML... Code: [Select] $xml = '<?xml version="1.0" encoding="utf-8"?>' . '<LeadImportDatagram>'. '<CompanyKey>' . $companyKey . '</CompanyKey>' . '<NotificationEmailTo>garysaldutti@gmail.com</NotificationEmailTo>' . '<LeadInfo>'; '<City>Osweeego</City>'; '</LeadInfo>' . '</LeadImportDatagram>'; and I need to use PHP to submit that XML to a remote server at a address in this format (http://XX.XXX.XXX.XXX/xml/importlead.asp) so that the remote server can process the info. Can anyone out there tell me how to do that? It seems like I have to use cURL and I've tried multiple times but keep getting "bad request" errors. SIDE NOTE: Is my syntax wrong? Someone else helped me write that $xml variable, but it seems weird to me that some lines end with periods and some end with semicolons. I've been looking for a function or a couple of functions which will allow me to get the Certificate Expiration date for a given website. I've tried openSSL, but their functions only seem to work on the current server, which is useless to me because my server doesn't allow SSL or certificates. I just want the certificate of an external website, e.g. www.gna.org has a certificate (signed by themselves, but a certificate nonetheless). I've also tried cURL, since that allows you to access a remote server, but that will just check their certificate - it doesn't offer any functionality for e.g. checking when it will expire. This seems like a simple enough question, but I haven't found anything about it anywhere, so I'm asking here. Thanks a bunch in advance, -IsmAvatar Hi, My program works on WAMP (PHP Version 5.5.12) running on my machine. However, the same program will not run on remote server (PHP Version 5.4.32). Basically, I'm trying to insert values obtained from a form into a database. I've checked and rechecked the table I'm inserting into and I can't find anything wrong with it. The trouble is it's hard to debug a PHP program. Unlike, say, C++ which requires a compiler, you can trace the program line by line to look for errors. That's not possible with PHP and makes it so much harder to look for faults. The relevant functions used to send data to database are shown below. insert() is returning false every time and I can't understand why! I wonder if anyone can suggest where things might be going wrong. I would be very grateful.
public function insert($table, $fields = array())
{ if(count($fields)) //true if $fields holds data
{ $keys = array_keys($fields);
$values = ''; //to put inside query
$x = 1;
foreach($fields as $field)
{ $values .= '?';
if($x < count($fields))
{ $values .= ', ';
}
$x++;
}
$sql = "INSERT INTO {$table} (`".implode('`, `', $keys) . "`) VALUES({$values})";
if(!$this->query($sql, $fields)->error())
{ return true;
}
}
return false;
}
public function query($sql, $darams = array())
{
$this->_error = false; //reset error
if($this->_query = $this->_pdo->prepare($sql))
{ $x = 1;
if(count($darams))
{ foreach($darams as $param)
{ $this->_query->bindValue($x, $param);
$x++;
}
}
if($this->_query->execute())
{ $this->_results = $this->_query->fetchAll(PDO::FETCH_OBJ);
$this->_count = $this->_query->rowCount();
}
else //an error has occured in SQL query
{ $this->_error = true;
}
}
return $this;
}
public function error()
{ return $this->_error;
}
public function count()
{ return $this->_count;
}
What's the proper way to check if a file exists on a remote server? I know file_exists() works for you local files. I think i need to use something like the following. BUT if the file is not found PHP throws a warning. I know i can put a '@' before fopen() but that just masks the error. Code: [Select] <?php if(fopen("http://www.othersite.com/imageXYZ.jpg", "r")) { echo "File exists."; } else { echo "File does not exist."; } ?> I'm getting the error below when I run my script on my remote server. I'm providing a relative path to this file and it works on my local server (XAMPP). I've researched it a bit and I think it has to do with how I indicate the path to the file on the remote server. I don't know what to do about it, however. I hope someone can help me. The file is in the indicated directory on the remote server and there are no permissions issues that I am aware of. The mystery phrase is: include_path='.:/opt/cpanel/ea-php73/root/usr/share/pear'
--Kenoli Warning: require(bootstrap/start.php): failed to open stream: No such file or directory in /home4/ournight/public_html/tio-new/__classes/pi_admin.php on line 3 Warning: require(bootstrap/start.php): failed to open stream: No such file or directory in /home4/ournight/public_html/tio-new/__classes/pi_admin.php on line 3 Fatal error: require(): Failed opening required 'bootstrap/start.php' (include_path='.:/opt/cpanel/ea-php73/root/usr/share/pear') in /home4/ournight/public_html/tio-new/__classes/pi_admin.php on line 3
|
|||||||